test first commit

README.md

@@ -0,0 +1,158 @@
+# Inventory Backend Service
+
+Minimal Node.js/Express backend for inventory management. Focus: **DevOps/CI-CD demo**, not application complexity.
+
+## Features (Minimal by Design)
+- 4 API endpoints: GET/POST items, health check, readiness check
+- MySQL database with single table (4 fields)
+- Input validation
+- CORS and security headers
+- Non-root Docker container
+
+## Tech Stack
+- Node.js 20
+- Express 4
+- MySQL 8.0
+- mysql2 (prepared statements for SQL injection protection)
+- helmet (security headers)
+- express-validator
+
+## Local Development
+
+### Prerequisites
+- Node.js 20+
+- MySQL 8.0 running locally or via Docker
+
+### Quick Start
+```bash
+# 1. Start MySQL
+docker run -d \
+  --name mysql-local \
+  -e MYSQL_ROOT_PASSWORD=rootpass \
+  -e MYSQL_DATABASE=inventory \
+  -p 3306:3306 \
+  mysql:8.0
+
+# 2. Install dependencies
+npm install
+
+# 3. Create .env file
+cp .env.example .env
+
+# 4. Start server
+npm start
+# Or with hot-reload:
+npm run dev
+```
+
+### Testing
+```bash
+# Run tests
+npm test
+
+# Run linter
+npm run lint
+```
+
+### API Endpoints
+
+#### Health Check (Liveness)
+```bash
+curl http://localhost:3000/health
+# Response: {"status": "ok"}
+```
+
+#### Readiness Check
+```bash
+curl http://localhost:3000/ready
+# Response: {"status": "ready", "database": "connected"}
+```
+
+#### Get All Items
+```bash
+curl http://localhost:3000/api/items
+# Response: [{"id":1,"name":"Laptop","quantity":10,"price":"999.99"},...]
+```
+
+#### Create Item
+```bash
+curl -X POST http://localhost:3000/api/items \
+  -H "Content-Type: application/json" \
+  -d '{"name":"Monitor","quantity":15,"price":299.99}'
+# Response: {"id":4,"name":"Monitor","quantity":15,"price":299.99,"message":"Item created successfully"}
+```
+
+## Docker Build
+
+```bash
+# Build image
+docker build -t backend-service:latest .
+
+# Run container
+docker run -d \
+  -p 3000:3000 \
+  -e DB_HOST=host.docker.internal \
+  -e DB_PASSWORD=rootpass \
+  backend-service:latest
+```
+
+## CI/CD Pipeline
+
+Gitea Actions workflow:
+1. Checkout → Install → Lint → Test
+2. SonarQube scan + quality gate
+3. Build multi-stage Docker image
+4. Push to Gitea registry with tags: `{branch}-{sha}`, `{branch}`, `latest`
+5. Update k8s-manifests repo
+
+## Database Schema
+
+```sql
+CREATE TABLE items (
+    id INT AUTO_INCREMENT PRIMARY KEY,
+    name VARCHAR(255) NOT NULL,
+    quantity INT NOT NULL DEFAULT 0,
+    price DECIMAL(10, 2) NOT NULL
+);
+```
+
+**That's it!** No timestamps, no foreign keys, no complexity. Focus on CI/CD.
+
+## Environment Variables
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| PORT | 3000 | Server port |
+| DB_HOST | localhost | MySQL host |
+| DB_PORT | 3306 | MySQL port |
+| DB_USER | root | MySQL user |
+| DB_PASSWORD | rootpass | MySQL password |
+| DB_NAME | inventory | Database name |
+
+## Security
+
+- ✓ Non-root Docker user (nodejs:1001)
+- ✓ Helmet.js security headers
+- ✓ SQL injection protection (prepared statements)
+- ✓ Input validation (express-validator)
+- ✓ CORS configured
+- ✓ Multi-stage Docker build (no dev dependencies in prod)
+
+## Project Structure
+
+```
+backend-service/
+├── src/
+│   ├── server.js      # Main Express app (~100 lines, all routes inline)
+│   ├── db.js          # MySQL connection pool
+│   └── init.sql       # Database schema
+├── tests/
+│   └── server.test.js # Basic API tests
+├── .gitea/workflows/
+│   └── ci.yaml        # CI/CD pipeline
+├── Dockerfile         # Multi-stage build
+├── package.json
+└── README.md
+```
+
+**Total: ~10 files** - intentionally minimal!