feat!: fx and interscheme implementation

.circleci/config.yml

@@ -281,19 +281,6 @@ jobs:
       - run:
           name: Create dir for test results
           command: mkdir -p ./test/results
-#      - run:
-#          name: Build and start the docker containers
-#          command: |
-#            ## This is not needed as we are only doing narrow-integration tests.
-#            # docker-compose build
-#            ## Lets pull only the Services needed for the Integration Test
-#            docker-compose pull mysql kafka init-kafka
-#            ## Lets startup only the Services needed for the Integration Test
-#            docker-compose up -d mysql kafka init-kafka
-#              ## Check straight away to see if any containers have exited
-#            docker-compose ps
-#              ## wait for services to be up and running
-#            npm run wait-4-docker
       - run:
           name: Prepare test environment
           command: |
@@ -305,13 +292,6 @@ jobs:
           command: |
             npm rebuild
             npm run test:int
-#          environment:
-#            ENDPOINT_URL: http://localhost:4545/notification
-#      - store_artifacts:
-#          path: ./test/results
-#          destination: test
-#      - store_test_results:
-#          path: ./test/results
 
   vulnerability-check:
     executor: default-docker
@@ -452,14 +432,14 @@ jobs:
       - run:
           name: Pull base image locally
           command: |
-            echo "Pulling docker image: node:$NVMRC_VERSION-alpine"
-            docker pull node:$NVMRC_VERSION-alpine
+            echo "Pulling docker image: node:$NVMRC_VERSION-alpine3.19"
+            docker pull node:$NVMRC_VERSION-alpine3.19
       ## Analyze the base and derived image
       ## Note: It seems images are scanned in parallel, so preloading the base image result doesn't give us any real performance gain
       - anchore/analyze_local_image:
           # Force the older version, version 0.7.0 was just published, and is broken
           anchore_version: v0.6.1
-          image_name: "docker.io/node:${NVMRC_VERSION}-alpine ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local"
+          image_name: "docker.io/node:$NVMRC_VERSION-alpine3.19 ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local"
           policy_failure: false
           timeout: '500'
           # Note: if the generated policy is invalid, this will fallback to the default policy, which we don't want!
@@ -472,7 +452,7 @@ jobs:
             aws s3 cp anchore-reports ${AWS_S3_DIR_ANCHORE_REPORTS}/latest/ --recursive
       - run:
           name: Evaluate failures
-          command: /tmp/ci-config/container-scanning/anchore-result-diff.js anchore-reports/node_${NVMRC_VERSION}-alpine-policy.json anchore-reports/${CIRCLE_PROJECT_REPONAME}*-policy.json
+          command: /tmp/ci-config/container-scanning/anchore-result-diff.js anchore-reports/node_${NVMRC_VERSION}-alpine3.19-policy.json anchore-reports/${CIRCLE_PROJECT_REPONAME}*-policy.json
       - store_artifacts:
           path: anchore-reports
       - slack/notify:
@@ -584,7 +564,7 @@ jobs:
           at: /tmp
       - run:
           name: Load the pre-built docker image from workspace
-          command: | 
+          command: |
             docker load -i /tmp/docker-image.tar
       - run:
           name: Login to Docker Hub
@@ -737,7 +717,8 @@ workflows:
             - setup
           filters:
             tags:
-              only: /.*/
+              ignore:
+                - /v[0-9]+(\.[0-9]+)*\-snapshot+((\.[0-9]+)?)/
             branches:
               ignore:
                 - /feature*/
@@ -792,7 +773,7 @@ workflows:
             - setup
             - test-lint
             - test-unit
-            - test-coverage
+            # - test-coverage
             # - test-integration
             # - test-functional
             - vulnerability-check
@@ -831,7 +812,7 @@ workflows:
             - test-lint
             - test-unit
             - test-coverage
-            # - test-integration
+            - test-integration
             # - test-functional
             - vulnerability-check
             - audit-licenses
@@ -858,11 +839,10 @@ workflows:
             - test-lint
             - test-unit
             - test-coverage
-            # - test-integration
+            - test-integration
             # - test-functional
             - vulnerability-check
             - audit-licenses
-            # - test-integration
             - license-scan
             - image-scan
           filters:
@@ -878,11 +858,10 @@ workflows:
             - test-lint
             - test-unit
             - test-coverage
-            # - test-integration
+            - test-integration
             # - test-functional
             - vulnerability-check
             - audit-licenses
-            # - test-integration
             - license-scan
             - image-scan
           filters:

.eslintrc.json

@@ -1,6 +1,5 @@
 {
   "extends": "standard",
-  "plugins": ["jest"],
   "parserOptions": {
     "ecmaVersion": 13
   },

.ncurc.yaml

@@ -1,6 +1,4 @@
 ## Add a comment indicating the reason for each rejected dependency upgrade added to this list, and what should be done to resolve it (i.e. handle it through a story, etc).
 reject: [
-  "json-rules-engine",
-  "eslint",
-  "@mojaloop/sdk-standard-components" # Version 17.4.0 introduced the bug: this.logger.isDebugEnabled is not a function
+  "json-rules-engine"
 ]

.nvmrc

@@ -1 +1 @@
-18.20.3
+18.20.3

Dockerfile

@@ -11,20 +11,20 @@ ARG NODE_VERSION=lts-alpine
 #
 
 # Build Image
-FROM node:${NODE_VERSION} as builder
+FROM node:${NODE_VERSION} AS builder
 USER root
 
 WORKDIR /opt/app
 
 RUN apk --no-cache add git
-RUN apk add --no-cache -t build-dependencies make gcc g++ python3 libtool openssl-dev autoconf automake bash \
+RUN apk add --no-cache -t build-dependencies make gcc g++ py3-setuptools python3 libtool openssl-dev autoconf automake bash \
     && cd $(npm root -g)/npm
 
 COPY package.json package-lock.json* /opt/app/
 
 RUN npm ci
-
 RUN apk del build-dependencies
+RUN npm prune --omit=dev
 
 COPY src /opt/app/src
 COPY config /opt/app/config
@@ -43,7 +43,6 @@ RUN adduser -D app-user
 USER app-user
 
 COPY --chown=app-user --from=builder /opt/app .
-RUN npm prune --production
 
 EXPOSE 3002
 CMD ["npm", "start"]

README.md

@@ -30,6 +30,8 @@ Both the Payer and Payee FSP should calculate their part of the quote to be able
 
 > [Quoting Service Sequence diagram](diagrams/quotingServiceSequences.puml)
 
+> [FX Quotes Sequence diagram](diagrams/fx-quotes.puml)
+
 ## Running Locally
 
 Please follow the instruction in [Onboarding Document](onboarding.md) to setup and run the service locally.

audit-ci.jsonc

@@ -4,6 +4,11 @@
   // Only use one of ["low": true, "moderate": true, "high": true, "critical": true]
   "moderate": true,
   "allowlist": [
-    "GHSA-qgmg-gppg-76g5" //https://github.com/advisories/GHSA-qgmg-gppg-76g5 Mock data generator for swagger api, not a security concern at this time.
+    "GHSA-qgmg-gppg-76g5",  // https://github.com/advisories/GHSA-qgmg-gppg-76g5 Mock data generator for swagger api, not a security concern at this time.
+    "GHSA-c429-5p7v-vgjp",  // https://github.com/advisories/GHSA-c429-5p7v-vgjp
+    "GHSA-8hc4-vh64-cxmj",  // https://github.com/advisories/GHSA-8hc4-vh64-cxmj
+    "GHSA-952p-6rrq-rcjv",  // https://github.com/advisories/GHSA-952p-6rrq-rcjv
+    "GHSA-pppg-cpfq-h7wr",  // https://github.com/advisories/GHSA-pppg-cpfq-h7wr Patch not released yet
+    "GHSA-3xgq-45jj-v275"   // https://github.com/advisories/GHSA-3xgq-45jj-v275
   ]
-}
+}