EXPERIMENTAL vNext Security Bounded Context Mono Repository

The security bc is responsible for authorization and authentication of the internal and external services and identity management

It implements the following usecases :

• BC User / Operator Authentication
• BC Authorization Model
• BC Bootstrapping
• Role / Privilege association

See the Reference Architecture documentation security section for context on this vNext implementation guidelines.

• security-bc
  • Contents
  • Packages
  • Running Locally
  • Configuration
  • Logging
  • Tests
  • Auditing Dependencies
  • CI/CD
  • Documentation

The Security BC consists of the following packages;

authentication-svc Authentication Service. README

authorization-svc Authorization Service. README

builtin-identity-svc Builtin Identity Service. README

client-lib Client library types. README

public-types-lib Security BC Public Types. README

Please follow the instruction in Onboarding Document to setup and run the service locally.

See the README.md file on each services for more Environment Variable Configuration options.

Logs are sent to standard output by default.

npm run test:unit

npm run test:integration

Requires integration tests pre-requisites

npm run test

After running the unit and/or integration tests:

npm run posttest

You can then consult the html report in:

coverage/lcov-report/index.html

We use npm audit to check dependencies for node vulnerabilities.

To start a new resolution process, run:

npm run audit:fix

You can check to see if the CI will pass based on the current dependencies with:

npm run audit:check

Make sure these pass before committing any code

npm run pre_commit_check

As part of our CI/CD process, we use CircleCI. The CircleCI workflow automates the process of publishing changed packages to the npm registry and building Docker images for select packages before publishing them to DockerHub. It also handles versioning, tagging commits, and pushing changes back to the repository.

The process includes five phases.

1. Setup : This phase initializes the environment, loads common functions, and retrieves commits and git change history since the last successful CI build.

2. Detecting Changed Package.

3. Publishing Changed Packages to NPM.

4. Building Docker Images and Publishing to DockerHub.

5. Pushing Commits to Git.

All code is automatically linted, built, and unit tested by CircleCI pipelines, where unit test results are kept for all runs. All libraries are automatically published to npm.js, and all Docker images are published to Docker Hub.

The following documentation provides insight into the Settlements Bounded Context.

• MIRO Board - https://miro.com/app/board/o9J_lJyA1TA=/
• Reference Architecture - https://mojaloop.github.io/reference-architecture-doc/boundedContexts/security/
• Work Sessions - https://docs.google.com/document/d/1Nm6B_tSR1mOM0LEzxZ9uQnGwXkruBeYB2slgYK1Kflo/edit#heading=h.6w64vxvw6er4