Skip to content

Commit

Permalink
fix(mojaloop/#2652): update sagas to handle rbac error messages (#35)
Browse files Browse the repository at this point in the history 
* fix(mojaloop/#2652): update rbac error messages

* chore: int fix

* chore: fix

* chore: test

* chore: test

* chore: dump

* chore: wait

* chore: wait

* chore: diff

* chore: increase timeout

* chore(snapshot): 0.0.7-snapshot.0
  • Loading branch information
@kleyow
kleyow authored Apr 6, 2023
1 parent 758decd commit 49dc485
Show file tree
Hide file tree
Showing 5 changed files with 139 additions and 28 deletions.
90 changes: 88 additions & 2 deletions .circleci/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ executors:
default-docker:
working_directory: /home/circleci/project
docker:
- image: node:12.16.1-alpine
- image: node:14.18.1-alpine

default-machine:
machine:
Expand Down Expand Up @@ -248,6 +248,58 @@ jobs:
webhook: "$SLACK_WEBHOOK_ANNOUNCEMENT_CI_CD"
failure_message: 'Publishing docker image failed for: \`"${DOCKER_ORG}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_TAG}"\`'

publish-snapshot:
executor: default-machine
steps:
- checkout
- run:
name: Setup for SNAPSHOT release
command: |
echo "export RELEASE_TAG=$RELEASE_TAG_SNAPSHOT" >> $BASH_ENV
echo "RELEASE_TAG=$RELEASE_TAG_SNAPSHOT"
PACKAGE_VERSION=$(cat package-lock.json | jq -r .version)
echo "export PACKAGE_VERSION=${PACKAGE_VERSION}" >> $BASH_ENV
echo "PACKAGE_VERSION=${PACKAGE_VERSION}"
- run:
name: Setup Slack config
command: |
echo "export SLACK_PROJECT_NAME=${CIRCLE_PROJECT_REPONAME}" >> $BASH_ENV
echo "export SLACK_RELEASE_TYPE='Docker Release'" >> $BASH_ENV
echo "export SLACK_RELEASE_TAG=v${CIRCLE_TAG:1}" >> $BASH_ENV
echo "export SLACK_BUILD_ID=${CIRCLE_BUILD_NUM}" >> $BASH_ENV
echo "export SLACK_CI_URL=${CIRCLE_BUILD_URL}" >> $BASH_ENV
- attach_workspace:
at: /tmp
- run:
name: Load the pre-built docker image from workspace
command: |
docker load -i /tmp/docker-image.tar
- run:
name: Login to Docker Hub
command: docker login -u $DOCKER_USER -p $DOCKER_PASS
- run:
name: Re-tag pre built image
command: |
docker tag $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
- run:
name: Publish Docker image $CIRCLE_TAG & Latest tag to Docker Hub
command: |
echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG"
docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
- run:
name: Set Image Digest
command: |
IMAGE_DIGEST=$(docker inspect $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:v${CIRCLE_TAG:1} | jq '.[0].RepoDigests | .[]')
echo "IMAGE_DIGEST=${IMAGE_DIGEST}"
echo "export IMAGE_DIGEST=${IMAGE_DIGEST}" >> $BASH_ENV
- slack/status:
fail_only: true
webhook: "$SLACK_WEBHOOK_ANNOUNCEMENT_CI_CD"
failure_message: 'Publishing docker image failed for: \`"${DOCKER_ORG}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_TAG}"\`'

#license-scan:
# executor: default-machine
# steps:
Expand Down Expand Up @@ -332,12 +384,20 @@ workflows:
filters:
tags:
only: /.*/
branches:
ignore:
- /feature*/
- /bugfix*/

- setup:
context: org-global
filters:
tags:
only: /.*/
branches:
ignore:
- /feature*/
- /bugfix*/

- test-unit:
context: org-global
Expand All @@ -346,6 +406,10 @@ workflows:
filters:
tags:
only: /.*/
branches:
ignore:
- /feature*/
- /bugfix*/

#- audit-licenses:
# context: org-global
Expand All @@ -366,6 +430,10 @@ workflows:
filters:
tags:
only: /.*/
branches:
ignore:
- /feature*/
- /bugfix*/

#- license-scan:
# context: org-global
Expand Down Expand Up @@ -402,6 +470,7 @@ workflows:
branches:
only:
- master
- /release\/v.*/

- github-release:
context: org-global
Expand All @@ -411,6 +480,7 @@ workflows:
branches:
only:
- master
- /release\/v.*/

# New Tags are built and deployed as docker artifacts
- publish:
Expand All @@ -424,7 +494,23 @@ workflows:
#- license-scan
filters:
tags:
only: /.*/
only: /v[0-9]+(\.[0-9]+)*/
branches:
ignore:
- /.*/

- publish-snapshot:
context: org-global
requires:
- build-local
- test-unit
#- audit-licenses
- linting-check
#- image-scan
#- license-scan
filters:
tags:
only: /v[0-9]+(\.[0-9]+)*\-snapshot+((\.[0-9]+)?)/
branches:
ignore:
- /.*/
46 changes: 23 additions & 23 deletions .github/workflows/integration-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,25 +33,30 @@ jobs:
run: nix-env -if integration_test/default.nix

- name: Start cluster
run: |-
# - --k3s-server-arg args according to
# https://k3d.io/faq/faq/#solved-nodes-fail-to-start-or-get-stuck-in-notready-state-with-log-nf_conntrack_max-permission-denied
# - We deploy our own for increased portability across k8s distributions
k3d cluster create \
--no-lb \
--no-rollback \
--k3s-server-arg "--kube-proxy-arg=conntrack-max-per-core=0" \
--k3s-agent-arg "--kube-proxy-arg=conntrack-max-per-core=0" \
--k3s-server-arg "--disable=traefik" \
--k3s-server-arg "--disable=metrics-server" \
--k3s-server-arg "--disable-cloud-controller" \
--kubeconfig-update-default \
--kubeconfig-switch-context \
--image=rancher/k3s:v1.17.9-k3s1 \
int-test
run: minikube start --driver=docker --kubernetes-version=v1.21.5

# - name: Start cluster
# run: |-
# # - --k3s-server-arg args according to
# # https://k3d.io/faq/faq/#solved-nodes-fail-to-start-or-get-stuck-in-notready-state-with-log-nf_conntrack_max-permission-denied
# # - We deploy our own for increased portability across k8s distributions
# k3d cluster create \
# --wait \
# --no-lb \
# --no-rollback \
# --k3s-server-arg "--kube-proxy-arg=conntrack-max-per-core=0" \
# --k3s-agent-arg "--kube-proxy-arg=conntrack-max-per-core=0" \
# --k3s-server-arg "--disable=traefik" \
# --k3s-server-arg "--disable=metrics-server" \
# --k3s-server-arg "--disable-cloud-controller" \
# --kubeconfig-update-default \
# --kubeconfig-switch-context \
# --image=rancher/k3s:v1.17.9-k3s1 \
# int-test

- name: Deploy
run: skaffold run -p integration-test
run: |-
skaffold run -p integration-test
- name: Wait for kube api server to process and create all resources
# This is because the wait step that follows this one does this:
Expand All @@ -66,7 +71,7 @@ jobs:
- name: Wait for deployment readiness
# Skaffold is supposed to do this, but for whatever reason, does not. At the time of writing,
# investigating this was not a priority.
run: timeout 900 kubectl wait --for=condition=Ready pod --all --timeout=900s
run: timeout 1500 kubectl wait --for=condition=Ready pod --all --timeout=1200s

- name: Port-forward the portal frontend ingress
run: kubectl port-forward -n ingress-nginx --address 0.0.0.0 svc/ingress-nginx-controller 3000:80 &
Expand Down Expand Up @@ -111,8 +116,3 @@ jobs:
if: ${{ always() }}
run: |-
kubectl get secrets -o json | jq -r '.items[] | { name: .metadata.name, data: .data | map_values(@base64d) }'
# - name: Setup tmate session
# if: ${{ failure() }}
# uses: mxschmitt/action-tmate@v3
# timeout-minutes: 10
1 change: 1 addition & 0 deletions .nvmrc
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
14.18.1
3 changes: 2 additions & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@mojaloop/reporting-hub-bop-positions-ui",
"version": "0.0.6",
"version": "0.0.7-snapshot.0",
"description": "",
"main": "index.js",
"scripts": {
Expand All @@ -12,6 +12,7 @@
"lint-staged": "lint-staged",
"lint-style": "stylelint --syntax=scss 'src/**/*.scss'",
"release": "standard-version --releaseCommitMessageFormat 'chore(release): {{currentTag}} [skip ci]'",
"snapshot": "npx standard-version --no-verify --skip.changelog --prerelease snapshot --releaseCommitMessageFormat 'chore(snapshot): {{currentTag}}'",
"prepare": "husky install",
"prettier": "prettier --write 'src/**/*.{ts,tsx,js,scss,css,json}' 'webpack.*.js'",
"version": "node -pe \"require('./package.json').version\"",
Expand Down
27 changes: 25 additions & 2 deletions src/App/FinancialPositions/sagas.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -181,7 +181,13 @@ function* updateFinancialPositionsParticipant() {
};
// @ts-ignore
const response = yield call(api.participantLimits.update, args);
assert(response.status !== 401, 'Unable to update Net Debit Cap - user not authorized');
if (response.status === 403) {
if (response.data?.error?.message) {
throw new Error(
`Unable to update Net Debit Cap - ${JSON.stringify(response.data?.error?.message)}`,
);
}
}
assert(response.status === 200, 'Unable to update Net Debit Cap');
break;
}
Expand All @@ -202,7 +208,15 @@ function* updateFinancialPositionsParticipant() {
};
// @ts-ignore
const response = yield call(api.fundsIn.create, args);

if (response.status === 403) {
if (response.data?.error?.message) {
throw new Error(
`Unable to update Financial Position Balance - ${JSON.stringify(
response.data?.error?.message,
)}`,
);
}
}
assert(response.status === 202, 'Unable to update Financial Position Balance');
yield call(checkAccountFundUpdate, account, position.dfsp.name);
break;
Expand Down Expand Up @@ -235,6 +249,15 @@ function* updateFinancialPositionsParticipant() {
);
// @ts-ignore
const response = yield call(api.fundsOut.create, args);
if (response.status === 403) {
if (response.data?.error?.message) {
throw new Error(
`Unable to update Financial Position Balance - ${JSON.stringify(
response.data?.error?.message,
)}`,
);
}
}
assert(response.status === 202, 'Unable to update Financial Position Balance');
yield call(checkAccountFundUpdate, account, position.dfsp.name);
break;
Expand Down

0 comments on commit 49dc485

Please sign in to comment.