@mojaloop/ml-testing-toolkit-client-lib 0.0.3 → 0.0.4

package/.circleci/config.yml

@@ -10,6 +10,7 @@ orbs:
   slack: circleci/slack@4.9.3 # Ref: https://github.com/mojaloop/ci-config/tree/master/slack-templates
   pr-tools: mojaloop/pr-tools@0.1.10 # Ref: https://github.com/mojaloop/ci-config/
   gh: circleci/github-cli@2.1.0
+  anchore: anchore/anchore-engine@1.9.0
 
 ##
 # defaults
@@ -213,6 +214,94 @@ jobs:
           path: /tmp/license-scanner/results
           prefix: licenses
 
+  build:
+    executor: default-machine
+    steps:
+      - checkout
+      - run:
+          name: Build Docker $CIRCLE_TAG image
+          command: |
+            echo "Building Docker image: $CIRCLE_TAG"
+            docker build -t $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG .
+      - run:
+          name: Save docker image to workspace
+          command: docker save -o /tmp/docker-image.tar $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
+      - persist_to_workspace:
+          root: /tmp
+          paths:
+            - ./docker-image.tar
+
+  image-scan:
+    executor: anchore/anchore_engine
+    steps:
+      - setup_remote_docker
+      - checkout
+      - run:
+          name: Setup Slack config
+          command: |
+            echo "export SLACK_PROJECT_NAME=${CIRCLE_PROJECT_REPONAME}" >> $BASH_ENV
+            echo "export SLACK_RELEASE_TYPE='GitHub Release'" >> $BASH_ENV
+            echo "export SLACK_RELEASE_TAG='${RELEASE_TAG} on ${CIRCLE_BRANCH} branch'" >> $BASH_ENV
+            echo "export SLACK_BUILD_ID=${CIRCLE_BUILD_NUM}" >> $BASH_ENV
+            echo "export SLACK_CI_URL=${CIRCLE_BUILD_URL}" >> $BASH_ENV
+            echo "export SLACK_CUSTOM_MSG='Anchore Image Scan failed for: \`${DOCKER_ORG}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_TAG}\`'" >> $BASH_ENV
+      - run:
+          name: Install docker dependencies for anchore
+          command: |
+            apk add --update py-pip docker python3-dev libffi-dev openssl-dev gcc libc-dev make jq npm
+      - run:
+          name: Install general dependencies
+          command: |
+            apk --no-cache add git
+            apk --no-cache add ca-certificates
+            apk --no-cache add curl
+            apk --no-cache add openssh-client
+            apk add --no-cache -t build-dependencies make gcc g++ python3 libtool autoconf automake
+            npm config set unsafe-perm true
+            npm install -g node-gyp
+      - run:
+          name: Install AWS CLI dependencies
+          command: *defaults_awsCliDependencies
+      - attach_workspace:
+          at: /tmp
+      - run:
+          name: Load the pre-built docker image from workspace
+          command: docker load -i /tmp/docker-image.tar
+      - run:
+          name: Download the mojaloop/ci-config repo
+          command: |
+            git clone https://github.com/mojaloop/ci-config /tmp/ci-config
+            # Generate the mojaloop anchore-policy
+            cd /tmp/ci-config/container-scanning && ./mojaloop-policy-generator.js /tmp/mojaloop-policy.json
+      - run:
+          name: Pull base image locally
+          command: |
+            docker pull node:16.15.0-alpine
+      # Analyze the base and derived image
+      # Note: It seems images are scanned in parallel, so preloading the base image result doesn't give us any real performance gain
+      - anchore/analyze_local_image:
+          # Force the older version, version 0.7.0 was just published, and is broken
+          anchore_version: v0.6.1
+          image_name: "docker.io/node:16.15.0-alpine $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
+          policy_failure: false
+          timeout: '500'
+          # Note: if the generated policy is invalid, this will fallback to the default policy, which we don't want!
+          policy_bundle_file_path: /tmp/mojaloop-policy.json
+      - run:
+          name: Upload Anchore reports to s3
+          command: |
+            aws s3 cp anchore-reports ${AWS_S3_DIR_ANCHORE_REPORTS}/${CIRCLE_PROJECT_REPONAME}/ --recursive
+            aws s3 rm ${AWS_S3_DIR_ANCHORE_REPORTS}/latest/ --recursive --exclude "*" --include "${CIRCLE_PROJECT_REPONAME}*"
+            aws s3 cp anchore-reports ${AWS_S3_DIR_ANCHORE_REPORTS}/latest/ --recursive
+      - run:
+          name: Evaluate failures
+          command: /tmp/ci-config/container-scanning/anchore-result-diff.js anchore-reports/node_16.15.0-alpine-policy.json anchore-reports/${CIRCLE_PROJECT_REPONAME}*-policy.json
+      - store_artifacts:
+          path: anchore-reports
+      - slack/notify:
+          event: fail
+          template: SLACK_TEMP_RELEASE_FAILURE
+
   release:
     executor: default-docker
     steps:
@@ -285,6 +374,64 @@ jobs:
           event: fail
           template: SLACK_TEMP_RELEASE_FAILURE
 
+  publish-docker:
+    executor: default-machine
+    steps:
+      - checkout
+      - run:
+          name: Setup for LATEST release
+          command: |
+            echo "export RELEASE_TAG=$RELEASE_TAG_PROD" >> $BASH_ENV
+            echo "RELEASE_TAG=$RELEASE_TAG_PROD"
+
+            PACKAGE_VERSION=$(cat package-lock.json | jq -r .version)
+            echo "export PACKAGE_VERSION=${PACKAGE_VERSION}" >> $BASH_ENV
+            echo "PACKAGE_VERSION=${PACKAGE_VERSION}"
+      - run:
+          name: Setup Slack config
+          command: |
+            echo "export SLACK_PROJECT_NAME=${CIRCLE_PROJECT_REPONAME}" >> $BASH_ENV
+            echo "export SLACK_RELEASE_TYPE='Docker Release'" >> $BASH_ENV
+            echo "export SLACK_RELEASE_TAG=v${CIRCLE_TAG:1}" >> $BASH_ENV
+            echo "export SLACK_BUILD_ID=${CIRCLE_BUILD_NUM}" >> $BASH_ENV
+            echo "export SLACK_CI_URL=${CIRCLE_BUILD_URL}" >> $BASH_ENV
+      - attach_workspace:
+          at: /tmp
+      - run:
+          name: Load the pre-built docker image from workspace
+          command: | 
+            docker load -i /tmp/docker-image.tar
+      - run:
+          name: Login to Docker Hub
+          command: docker login -u $DOCKER_USER -p $DOCKER_PASS
+      - run:
+          name: Re-tag pre built image
+          command: |
+            docker tag $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
+      - run:
+          name: Publish Docker image $CIRCLE_TAG & Latest tag to Docker Hub
+          command: |
+            echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
+            docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
+            echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG"
+            docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
+      - run:
+          name: Set Image Digest
+          command: |
+            IMAGE_DIGEST=$(docker inspect $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:v${CIRCLE_TAG:1} | jq '.[0].RepoDigests | .[]')
+            echo "IMAGE_DIGEST=${IMAGE_DIGEST}"
+            echo "export IMAGE_DIGEST=${IMAGE_DIGEST}" >> $BASH_ENV
+      - run:
+          name: Update Slack config
+          command: |
+            echo "export SLACK_RELEASE_URL='https://hub.docker.com/layers/${CIRCLE_PROJECT_REPONAME}/${DOCKER_ORG}/${CIRCLE_PROJECT_REPONAME}/v${CIRCLE_TAG:1}/images/${IMAGE_DIGEST}?context=explore'" | sed -r "s/${DOCKER_ORG}\/${CIRCLE_PROJECT_REPONAME}@sha256:/sha256-/g" >> $BASH_ENV
+      - slack/notify:
+          event: pass
+          template: SLACK_TEMP_RELEASE_SUCCESS
+      - slack/notify:
+          event: fail
+          template: SLACK_TEMP_RELEASE_FAILURE
+
   publish:
     executor: default-docker
     steps:
@@ -445,6 +592,32 @@ workflows:
               ignore:
                 - /feature*/
                 - /bugfix*/
+      - build:
+          context: org-global
+          requires:
+            - setup
+            # - test-dependencies
+            - test-lint
+            - test-unit
+            - test-coverage
+            - vulnerability-check
+            - audit-licenses
+          filters:
+            tags:
+              only: /v[0-9]+(\.[0-9]+)*(\-snapshot(\.[0-9]+)?)?(\-hotfix(\.[0-9]+)?)?(\-perf(\.[0-9]+)?)?/
+            branches:
+              ignore:
+                - /.*/
+      - image-scan:
+          context: org-global
+          requires:
+            - build
+          filters:
+            tags:
+              only: /v[0-9]+(\.[0-9]+)*(\-snapshot(\.[0-9]+)?)?(\-hotfix(\.[0-9]+)?)?(\-perf(\.[0-9]+)?)?/
+            branches:
+              ignore:
+                - /.*/
       # New commits to master release automatically
       - release:
           context: org-global
@@ -470,6 +643,22 @@ workflows:
               only:
                 - master
                 - /release\/v.*/
+      - publish-docker:
+          context: org-global
+          requires:
+            - pr-tools/pr-title-check
+            - test-lint
+            - test-unit
+            - test-coverage
+            - vulnerability-check
+            - audit-licenses
+            - image-scan
+          filters:
+            tags:
+              only: /v[0-9]+(\.[0-9]+)*/
+            branches:
+              ignore:
+                - /.*/
       - publish:
           context: org-global
           requires:

package/.ncurc.js

@@ -0,0 +1,10 @@
+module.exports = {
+  // Add a TODO comment indicating the reason for each rejected dependency upgrade added to this list, and what should be done to resolve it (i.e. handle it through a story, etc).
+  reject: [
+    // TODO: Upgrading ws is causing incompatibility issues with old versions of ws servers. Need to investigate the cause.
+    "ws",
+    // TODO: Upgrading socket.io-client is causing incompatibility issues with old versions of socket.io servers. Need to investigate the cause.
+    "socket.io-client",
+    "@types/socket.io"
+  ]
+}

package/CHANGELOG.md

@@ -2,6 +2,8 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [0.0.4](https://github.com/mojaloop/ml-testing-toolkit-client-lib/compare/v0.0.3...v0.0.4) (2022-06-06)
+
 ### [0.0.3](https://github.com/mojaloop/ml-testing-toolkit-client-lib/compare/v0.0.2...v0.0.3) (2022-05-31)
 
 ### 0.0.2 (2022-05-31)

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@mojaloop/ml-testing-toolkit-client-lib",
   "description": "Testing Toolkit Client Library",
-  "version": "0.0.3",
+  "version": "0.0.4",
   "license": "Apache-2.0",
   "author": "Vijaya Kumar Guthi, ModusBox Inc. ",
   "contributors": [
@@ -38,7 +38,6 @@
     "start": "node src/index.js",
     "standard": "standard",
     "standard:fix": "standard --fix",
-    "dev": "nodemon src/index.js",
     "test": "npm run test:unit",
     "test:unit": "jest --testMatch '**/test/unit/**/*.test.js'",
     "test:int": "jest --reporters=default --reporters=jest-junit --testMatch '**/test/integration/**/*.test.js'",
@@ -62,59 +61,42 @@
     "snapshot": "npx standard-version --no-verify --skip.changelog --prerelease snapshot --releaseCommitMessageFormat 'chore(snapshot): {{currentTag}}'"
   },
   "dependencies": {
-    "@mojaloop/central-services-logger": "^10.6.2",
+    "@mojaloop/central-services-logger": "^11.0.1",
     "@mojaloop/ml-testing-toolkit-shared-lib": "^12.2.0",
-    "@mojaloop/sdk-standard-components": "10.2.0",
-    "@slack/webhook": "^6.0.0",
-    "@types/socket.io": "^2.1.4",
-    "adm-zip": "^0.4.14",
+    "@mojaloop/sdk-standard-components": "17.0.3",
+    "@slack/webhook": "^6.1.0",
     "atob": "2.1.2",
-    "aws-sdk": "^2.1009.0",
-    "axios": "^0.21.4",
-    "blipp": "4.0.1",
-    "cli-table3": "0.6.0",
-    "commander": "4.0.0",
-    "docdash": "1.1.1",
-    "dotenv": "^8.6.0",
+    "aws-sdk": "^2.1148.0",
+    "axios": "^0.27.2",
+    "cli-table3": "0.6.2",
+    "commander": "9.3.0",
+    "dotenv": "^16.0.1",
     "fs": "0.0.1-security",
-    "js-yaml": "^3.13.1",
-    "lodash": "^4.17.19",
+    "lodash": "^4.17.21",
     "mv": "^2.1.1",
     "node-dir": "0.1.17",
     "node-strings": "^1.0.2",
-    "npm-run-all": "4.1.5",
-    "parse-strings-in-object": "1.2.0",
+    "parse-strings-in-object": "1.4.0",
     "path": "^0.12.7",
     "rc": "1.2.8",
     "request": "^2.88.2",
     "request-promise-native": "1.0.8",
-    "selectn": "^1.1.2",
-    "socket.io": "^2.3.0",
     "socket.io-client": "^2.3.0",
-    "uuid": "8.1.0",
-    "uuid4": "1.1.4",
     "ws": "^7.5.5"
   },
   "devDependencies": {
-    "@types/jest": "24.0.22",
-    "eslint": "^8.0.1",
-    "eslint-plugin-import": "^2.25.2",
-    "get-port": "5.0.0",
-    "jest": "^27.3.0",
-    "jest-junit": "^13.0.0",
+    "eslint": "^8.17.0",
+    "eslint-plugin-import": "^2.26.0",
+    "jest": "^28.1.0",
+    "jest-junit": "^13.2.0",
     "jsdoc": "^3.6.10",
-    "nodemon": "^2.0.13",
     "npm-audit-resolver": "3.0.0-7",
-    "npm-check-updates": "11.3.0",
-    "nyc": "^15.0.0",
-    "parse-strings-in-object": "1.2.0",
+    "npm-check-updates": "13.1.1",
+    "nyc": "^15.1.0",
+    "parse-strings-in-object": "1.4.0",
     "pre-commit": "1.2.2",
-    "proxyquire": "2.1.3",
-    "sinon": "7.5.0",
-    "standard": "^16.0.4",
-    "supertest": "^4.0.2",
-    "swagmock": "1.0.0",
-    "tap-xunit": "2.4.1",
+    "sinon": "14.0.0",
+    "standard": "^17.0.0",
     "standard-version": "^9.5.0"
   },
   "generator-swaggerize": {