feat: Phase 1 P1 — Dockerfile, AGNTCY alignment docs, Node.js SDK
Three remaining Phase 1 P1 deliverables: 1. Dockerfile — multi-stage build (builder + production), node:18-alpine, non-root USER node, .dockerignore excluding secrets and dev artifacts 2. AGNTCY alignment docs (docs/agntcy/) — README and alignment.md mapping all 6 AGNTCY domains to AgentIdP features with Phase 2/3 pending items noted 3. Node.js SDK (@sentryagent/idp-sdk) — TypeScript strict, zero any, native fetch (Node 18+), TokenManager with 60s auto-refresh, service clients for all 14 endpoints (agents, credentials, tokens, audit), AgentIdPError typed error hierarchy, full README All three changes tracked under openspec/changes/ with tasks marked complete. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
SentryAgent.ai Developer
13
openspec/changes/dockerfile/design.md
Normal file
13
openspec/changes/dockerfile/design.md
Normal file
@@ -0,0 +1,13 @@
|
||||
## Context
|
||||
Node.js 18+, TypeScript compiled to `dist/`. Production image must be minimal, non-root, and use the compiled output only.
|
||||
|
||||
## Decisions
|
||||
- Multi-stage build: `builder` stage compiles TypeScript; `production` stage copies `dist/` only
|
||||
- Base image: `node:18-alpine` — minimal footprint
|
||||
- Non-root user: `node` user (built into node alpine image)
|
||||
- No dev dependencies in production image — only `npm ci --omit=dev`
|
||||
- Health check: `wget` on `localhost:3000/health` — but no `/health` endpoint exists yet, so omit health check from Dockerfile; it is set in docker-compose.yml via pg_isready/redis-cli patterns
|
||||
- `.dockerignore` excludes: `node_modules`, `dist`, `coverage`, `tests`, `.env`, `*.pem`, `vj_notes`, `.cto-workspace`, `.claude`
|
||||
|
||||
## Open Questions
|
||||
*(none)*
|
||||
Reference in New Issue
Block a user