Skip to content

Latest commit

 

History

History
105 lines (67 loc) · 3.64 KB

README.md

File metadata and controls

105 lines (67 loc) · 3.64 KB

central-settlements

Git Commit Git Releases Docker pulls CircleCI

The Central Settlements service is part of the Mojaloop project and deployment.

The central settlements service exposes Settlement API to manage the settlements between FSPs and the Central Hub. The service manages Settlement Windows and Settlements Event Triggers and provides information about FSPs accounts and settlements.

Contents:

Deployment

TBA

Configuration

Currently the only configuration, necessary is kept here

Environmental variables

Currently all is set into the config.

API

The Markdown version of API is available here The actual Swagger API documentation can be found here

Logging

Logs are sent to standard output by default.

Tests

Includes unit tests at the moment. Functional and integration are outstanding.

Running the tests:

npm run test:all

Tests include code coverage via istanbul. See the test/ folder for testing scripts.

Running integration tests (narrow)

npm run test:int:narrow

Running Integration Tests interactively

If you want to run integration tests in a repetitive manner, you can startup the test containers using docker-compose, login to running central-settlement container like so:

npm run docker:build && npm run docker:up

#first time only (in a new shell):
docker exec -it cs_central-ledger sh
npm run migrate

#in a new shell
docker exec -it cs_central-settlement sh
npm run test:int

Auditing Dependencies

We use audit-ci along with npm audit to check dependencies for node vulnerabilities, and keep track of resolved dependencies with an audit-ci.jsonc file.

To start a new resolution process, run:

npm run audit:fix

You can then check to see if the CI will pass based on the current dependencies with:

npm run audit:check

The audit-ci.jsonc contains any audit-exceptions that cannot be fixed to ensure that CircleCI will build correctly.

Container Scans

As part of our CI/CD process, we use anchore-cli to scan our built docker container for vulnerabilities upon release.

If you find your release builds are failing, refer to the container scanning in our shared Mojaloop CI config repo. There is a good chance you simply need to update the mojaloop-policy-generator.js file and re-run the circleci workflow.

For more information on anchore and anchore-cli, refer to: