initial commit of docker desktop extension

[danleyb2]

Summary by CodeRabbit

• New Feature: Introduced a Docker Desktop extension for the Plate Recognizer Installer, featuring a React frontend and Python backend.
• New Feature: Added a /verify-token endpoint in the Flask application for token verification.
• Chore: Set up initial project structure with Dockerfile, Makefile, and ESLint configuration.
• Documentation: Provided instructions for local development, building, and deploying the extension.
• Chore: Configured .gitignore to exclude unnecessary files from version control.

[github-actions]

Risk Level 3 - /home/runner/work/deep-license-plate-recognition/deep-license-plate-recognition/docker/dd-extension/ui/src/components/Stream.tsx

Similar to the Snapshot component, the handleSubmit function in the Stream component constructs a Docker command without sanitizing user input, which could lead to command injection vulnerabilities.

---

Risk Level 3 - /home/runner/work/deep-license-plate-recognition/deep-license-plate-recognition/docker/dd-extension/ui/src/components/Snapshot.tsx

The handleSubmit function contains a hardcoded URL, which could be extracted as a constant or environment variable. Also, the Docker command construction does not escape user input, which could lead to command injection if not properly sanitized.

---

Risk Level 4 - /home/runner/work/deep-license-plate-recognition/deep-license-plate-recognition/docker/dd-extension/backend/utils.py

The verify_token function falls back to HTTP if an SSL error occurs, which could lead to security issues. It's recommended to handle SSL errors differently and avoid downgrading to an insecure protocol. Additionally, the exception handling for URLError should be more specific to the error codes and provide a clear message for each case.

---

🔒🐛🚨

---

Powered by Code Review GPT

[Pefington]

This works, good stuff.

• Some of the URLs need updating (marked).
• For snapshot, we need two dropdowns, one for country, one for architecture (commented).

More globally, I see a lot of small issues with the TSX code, would you mind adding eslint and fixing the errors?
I think it would make the code cleaner and more maintainable:

• cd ..../ui
• npm init @eslint/config@latest
  • check syntax and find problems
  • js modules
  • react
  • yes for typescript
  • node
  • yes to install
• Install the VSCode eslint extension.

The generated config should look like this:

import globals from "globals";
import pluginJs from "@eslint/js";
import tseslint from "typescript-eslint";
import pluginReact from "eslint-plugin-react";

export default [
  {files: ["**/*.{js,mjs,cjs,ts,jsx,tsx}"]},
  {languageOptions: { globals: globals.browser }},
  pluginJs.configs.recommended,
  ...tseslint.configs.recommended,
  pluginReact.configs.flat.recommended,
];

Don't hesitate to ping me if you need!

[danleyb2]

@Pefington added eslint however some the lint errors such as @typescript-eslint/no-explicit-any are unresolved

[Pefington]

@Pefington added eslint however some the lint errors such as @typescript-eslint/no-explicit-any are unresolved

Thank you, I'll check in the morning.
Could you see if you can resolve some of the security issues the bot is mentioning, I'll have a look at it too.

[danleyb2]

@Pefington This bot is autodated and got recently replaced with coderabbit. Let's ignore it. I'll try run coderabbit

[github-actions]

CodeRabbit

## Walkthrough

This initial commit introduces a Docker Desktop extension featuring a React frontend and a Python backend. It includes configuration files, a Dockerfile for multi-stage builds, a Makefile for managing the extension lifecycle, and essential application code for both frontend and backend components.

## Changes

| Files                                      | Summary                                                                                                                                                                                                 |
|--------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `.gitignore`, `.vscode/settings.json`      | Adds ignore rules for build artifacts and configures VSCode settings for Makefile behavior.                                                                                                             |
| `Dockerfile`, `Makefile`, `README.md`      | Introduces Dockerfile for building the extension, a Makefile for managing tasks, and documentation for setup and usage.                                                                                 |
| `backend/main.py`, `backend/utils.py`      | Implements a Flask app with token verification logic and utility functions for API requests.                                                                                                            |
| `backend/requirements.txt`, `backend/wsgi.py` | Specifies Python dependencies and sets up WSGI entry point for the backend application.                                                                                                                 |
| `ui/eslint.config.js`, `ui/index.html`     | Configures ESLint for the UI and provides an HTML template for the React app.                                                                                                                           |
| `ui/src/App.tsx`, `ui/src/components/Loader.tsx` | Introduces React components for the main application interface and a loader component.                                                                                                                  |

> In Docker's realm, a new tale unfolds,  
> With Node and Python, brave and bold.  
> A frontend dances in React's embrace,  
> While Flask ensures the backend's grace.  
> Together they sail on Docker's stream,  
> A coder's dream, a rabbit's gleam. 🐇🚀

---

Uplevel your code reviews with CodeRabbit Pro

CodeRabbit Pro

If you like this project, please support us by purchasing the Pro version. The Pro version has advanced context, superior noise reduction and several proprietary improvements compared to the open source version. Moreover, CodeRabbit Pro is free for open source projects.

[github-actions]

CodeRabbit

Commits

Files that changed from the base of the PR and between 48e3faf and e6cb426 commits.

Files selected (22)

• docker/dd-extension/.gitignore (1)
• docker/dd-extension/.vscode/settings.json (1)
• docker/dd-extension/Dockerfile (1)
• docker/dd-extension/Makefile (1)
• docker/dd-extension/README.md (1)
• docker/dd-extension/backend/main.py (1)
• docker/dd-extension/backend/requirements.txt (1)
• docker/dd-extension/backend/utils.py (1)
• docker/dd-extension/backend/wsgi.py (1)
• docker/dd-extension/ui/eslint.config.js (1)
• docker/dd-extension/ui/index.html (1)
• docker/dd-extension/ui/src/App.tsx (1)
• docker/dd-extension/ui/src/components/Loader.tsx (1)
• docker/dd-extension/ui/src/components/ShowCommand.tsx (1)
• docker/dd-extension/ui/src/components/Snapshot.tsx (1)
• docker/dd-extension/ui/src/components/Stream.tsx (1)
• docker/dd-extension/ui/src/components/Uninstall.tsx (1)
• docker/dd-extension/ui/src/components/Update.tsx (1)
• docker/dd-extension/ui/src/helpers.ts (1)
• docker/dd-extension/ui/src/hooks/useDockerDesktopClient.ts (1)
• docker/dd-extension/ui/src/main.tsx (1)
• docker/dd-extension/ui/vite.config.ts (1)

Files ignored due to filter (7)

• docker/dd-extension/docker-compose.yaml
• docker/dd-extension/logo.svg
• docker/dd-extension/metadata.json
• docker/dd-extension/ui/package-lock.json
• docker/dd-extension/ui/package.json
• docker/dd-extension/ui/tsconfig.json
• docker/dd-extension/ui/tsconfig.node.json

Files skipped from review due to trivial changes (4)

• docker/dd-extension/.gitignore
• docker/dd-extension/backend/wsgi.py
• docker/dd-extension/ui/src/components/Snapshot.tsx (diff too large)
• docker/dd-extension/ui/src/components/Stream.tsx (diff too large)

Review comments generated (23)

• Review: 13
• LGTM: 10

---

Tips

Chat with CodeRabbit Bot (@coderabbitai)

• Reply on review comments left by this bot to ask follow-up questions. A review comment is a comment on a diff or a file.
• Invite the bot into a review comment chain by tagging @coderabbitai in a reply.

Code suggestions

• The bot may make code suggestions, but please review them carefully before committing since the line number ranges may be misaligned.
• You can edit the comment made by the bot and manually tweak the suggestion if it is slightly off.

Pausing incremental reviews

• Add @coderabbitai: ignore anywhere in the PR description to pause further reviews from the bot.

[Pefington]

@danleyb2 Thank you, the changes are good, everything works.
I'll let you decide if you want to implement coderabbit's unresolved suggestions.
I think they are valid, but it's mostly nit.

[danleyb2]

@Pefington I'll resolve a number then merge