Containerize service + unauthenticated /api/health endpoint #9

Closed
opened 2026-06-12 20:27:17 +00:00 by james · 0 comments
Owner

Scope

  • Multi-stage Dockerfile (build stage + runtime stage on a slim Node image).
  • Runtime stage runs as a non-root user.
  • Applies pending migrations on startup.
  • GET /api/health returns 200 with a small JSON payload (status, version, DB connectivity). No auth required. This is the only unauthenticated endpoint.
  • compose.yaml examples for the SQLite case and the Postgres case.

Acceptance criteria

  • docker build succeeds on a clean checkout.
  • docker run against either SQLite (file volume) or Postgres (env URL) brings the service up.
  • curl http://localhost:3000/api/health returns 200 from an unauthenticated client.
  • Any other endpoint returns 401 for an unauthenticated client (verify once #10 lands; placeholder route is fine here).
  • Both compose examples come up clean.

Part of epic #1. Depends on #7, #8.

## Scope - Multi-stage `Dockerfile` (build stage + runtime stage on a slim Node image). - Runtime stage runs as a non-root user. - Applies pending migrations on startup. - `GET /api/health` returns 200 with a small JSON payload (`status`, `version`, DB connectivity). **No auth required.** This is the only unauthenticated endpoint. - `compose.yaml` examples for the SQLite case and the Postgres case. ## Acceptance criteria - [ ] `docker build` succeeds on a clean checkout. - [ ] `docker run` against either SQLite (file volume) or Postgres (env URL) brings the service up. - [ ] `curl http://localhost:3000/api/health` returns 200 from an unauthenticated client. - [ ] Any other endpoint returns 401 for an unauthenticated client (verify once #10 lands; placeholder route is fine here). - [ ] Both compose examples come up clean. Part of epic #1. Depends on #7, #8.
james closed this issue 2026-06-13 13:44:17 +00:00
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
james/carol#9
No description provided.