Added logs to AML webhook

[tomer-shvadron]

User description

Description

Elaborate on the subject, motivation, and context.

Related issues

• Provide a link to each related issue.

Breaking changes

• Describe the breaking changes that this pull request introduces.

How these changes were tested

• Describe the tests that you ran to verify your changes, including devices, operating systems, browsers and versions.

Examples and references

• Links, screenshots, and other resources related to this change.

Checklist

• [] I have read the contribution guidelines of this project
• [] I have read the style guidelines of this project
• [] I have performed a self-review of my own code
• [] I have commented my code, particularly in hard-to-understand areas
• [] I have made corresponding changes to the documentation
• [] My changes generate no new warnings and errors
• [] New and existing tests pass locally with my changes

---

PR Type

enhancement

---

Description

• Added detailed logging in WebhooksService for scenarios where no AML hits are found and after creating a workflow.
• Introduced error logging in WorkflowService for invalid workflow configurations to aid in debugging.
• Updated the subproject commit reference in data migrations for consistency.

---

Changes walkthrough 📝

	Relevant files
Enhancement	webhooks.service.ts Enhanced Logging in AML Webhook Handling                                  services/workflows-service/src/webhooks/webhooks.service.ts Added logging for cases where no AML hits are found. Added logging after creating a workflow for AML hits. +5/-1      workflow.service.ts Error Logging for Workflow Configuration Validation            services/workflows-service/src/workflow/workflow.service.ts Added error logging for invalid workflow configurations. +5/-0
Configuration changes	data-migrations Update Data Migrations Subproject Commit                                  services/workflows-service/prisma/data-migrations Updated subproject commit reference. +1/-1

---

💡 PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

Summary by CodeRabbit

• New Features
  • Enhanced logging capabilities in the workflow service to include specific user and workflow details, improving traceability and debugging.
• Improvements
  • Updated internal components to enhance the stability and performance of workflow management.
• Bug Fixes
  • Fixed a logging issue related to workflow configuration errors in the WorkflowService class.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 2da1337

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

The recent updates focus on enhancing logging within the workflows service. Key changes include updating a subproject's commit hash and refining the logging mechanism in various service methods to better track workflow operations and configurations, particularly regarding Anti-Money Laundering (AML) checks.

Changes

File Path	Summary of Changes
.../data-migrations	Updated subproject commit hash from dc03cc59980b6a285ed8a5f10beb2e6cfcea80e2 to d234189e598cae9e57f34d565a35a2ec1cb3f8b5.
.../webhooks/webhooks.service.ts	Enhanced logging for AML checks, including logging "Started handling individual AML hit" and "No AML hits found". Changed workflow creation handling.
.../workflow/workflow.service.ts	Added error logging for invalid workflow configurations.

Poem

🌟 Code Update Ode by CodeRabbit 🌟

In the burrow of code, deep and wide,
A little change did quietly hide.
"No AML hits," the logs now sing,
As workflows dance and servers ring.
Through lines of code, our changes thread,
With each commit, we surge ahead. 🚀
🐇

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

PR Description updated to latest commit (c8e54ac)

[github-actions]

PR Review 🔍

⏱️ Estimated effort to review [1-5]	2, because the changes are mostly straightforward additions of logging statements and a minor update to a subproject commit. The logic changes are minimal and localized to specific functions.
🧪 Relevant tests	No
⚡ Possible issues	No
🔒 Security concerns	No

Code feedback:

---

relevant file	services/workflows-service/src/webhooks/webhooks.service.ts
suggestion	Consider adding more context to the log message for better traceability. For example, include workflowDefinitionId and projectId in the log data. This will help in debugging by correlating logs with specific workflow instances and projects. [important]
relevant line	this.logger.log('No AML hits found', { endUserId });

---

relevant file	services/workflows-service/src/webhooks/webhooks.service.ts
suggestion	Ensure that sensitive data is not logged. Review the workflow object to confirm that it does not contain sensitive information before logging it. If it does, consider sanitizing the data or logging only non-sensitive parts. [important]
relevant line	this.logger.log(`Created workflow for AML hits`, { workflow });

---

relevant file	services/workflows-service/src/workflow/workflow.service.ts
suggestion	To enhance error handling, consider logging the projectId or other relevant identifiers along with the config and error details. This will help in quickly identifying the problematic configurations related to specific projects. [important]
relevant line	this.logger.error('Invalid workflow config', {

---

relevant file	services/workflows-service/prisma/data-migrations
suggestion	Ensure that the updated subproject commit reference in data migrations is tested thoroughly, especially if it involves schema changes or critical data transformations. Consider adding a specific test case to verify the migration's impact. [medium]
relevant line	Subproject commit d234189e598cae9e57f34d565a35a2ec1cb3f8b5

---

[github-actions]

PR Code Suggestions ✨

Category	Suggestion	Score
Possible bug	Add error handling for the createOrUpdateWorkflowRuntime method to prevent unhandled exceptions Consider adding error handling for the createOrUpdateWorkflowRuntime method. If this method fails, it could lead to unhandled exceptions which might crash the service or lead to unexpected behavior. services/workflows-service/src/webhooks/webhooks.service.ts [93-96] -const workflow = await this.workflowService.createOrUpdateWorkflowRuntime({ - workflowDefinitionId, - context: { - aml: data, +try { + const workflow = await this.workflowService.createOrUpdateWorkflowRuntime({ + workflowDefinitionId, + context: { + aml: data, + }); +} catch (error) { + this.logger.error('Failed to create or update workflow runtime', { error }); + throw error; // or handle error appropriately +} Suggestion importance[1-10]: 8 Why: Adding error handling for asynchronous operations is crucial to prevent crashes due to unhandled exceptions, which is a significant improvement in robustness.	8
Security	Avoid logging potentially sensitive configuration data Consider logging the config object only if it is safe to do so. Logging entire configuration objects can potentially expose sensitive information in logs. services/workflows-service/src/workflow/workflow.service.ts [1355-1357] this.logger.error('Invalid workflow config', { - config, error: result.error, +}); Suggestion importance[1-10]: 7 Why: Avoiding the logging of sensitive data is crucial for security, but the suggestion does not fully address whether the config object contains sensitive data or not.	7
Possible issue	Verify the existence of endUserId before using it in a log statement Ensure that the endUserId variable is defined and accessible in the current scope before logging it. If endUserId is undefined, it could lead to misleading logs or runtime errors. services/workflows-service/src/webhooks/webhooks.service.ts [88] -this.logger.log('No AML hits found', { endUserId }); +if (typeof endUserId !== 'undefined') { + this.logger.log('No AML hits found', { endUserId }); +} else { + this.logger.log('No AML hits found'); +} Suggestion importance[1-10]: 6 Why: Ensuring that variables are defined before use is a good practice to avoid runtime errors, although the impact of this specific issue might be limited to logging functionality.	6
Maintainability	Use consistent string formatting in log messages Use template literals consistently for log messages to maintain code consistency and readability. services/workflows-service/src/webhooks/webhooks.service.ts [88] -this.logger.log('No AML hits found', { endUserId }); +this.logger.log(`No AML hits found`, { endUserId }); Suggestion importance[1-10]: 4 Why: While maintaining consistency in code is beneficial for readability, the impact of this change on the overall codebase functionality and maintainability is minor.	4

[coderabbitai]

Actionable comments posted: 3

Review Details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between f645eb0 and c8e54ac.

Files selected for processing (3)

• services/workflows-service/prisma/data-migrations (1 hunks)
• services/workflows-service/src/webhooks/webhooks.service.ts (2 hunks)
• services/workflows-service/src/workflow/workflow.service.ts (1 hunks)

Files skipped from review due to trivial changes (1)

• services/workflows-service/prisma/data-migrations

Additional comments not posted (3)

services/workflows-service/src/webhooks/webhooks.service.ts (2)

88-89: Logging for no AML hits enhances traceability and debugging.

---

111-111: Ensure the log captures all relevant workflow details accurately.

Verification successful

---

The log statement "Created workflow for AML hits" was successfully located in the test cases, and the output shows that it is used within the handleIndividualAmlHit method of the WebhooksService class. This method processes AML (Anti-Money Laundering) hits and logs the creation of a workflow when hits are found and processed. The log statement includes the workflow object, which should contain all relevant details about the workflow being created.

Given this context, it appears that the log statement is indeed capturing all relevant workflow details as it logs the entire workflow object created in the process. This aligns with the original review comment's concern about ensuring that the log captures all relevant details.

Final Response:

The log statement at line 111 in webhooks.service.ts correctly captures all relevant details of the workflow as it logs the entire workflow object. This should adequately provide the necessary information for monitoring and verifying the creation of workflows for AML hits.

• Location: services/workflows-service/src/webhooks/webhooks.service.ts, in the handleIndividualAmlHit method.

Scripts Executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Description: Verify that the log statement captures all relevant workflow details.

# Test: Search for the log usage in test cases. Expect: Proper capturing of workflow details in logs.
rg --type typescript $'this.logger.log(`Created workflow for AML hits`, { workflow })' --files-with-matches | xargs cat

Length of output: 316

---

---

Script:

#!/bin/bash
# Description: Re-verify that the log statement captures all relevant workflow details by correcting the regex error.

# Corrected Test: Search for the log usage in test cases with escaped curly braces. Expect: Proper capturing of workflow details in logs.
rg --type typescript $'this.logger.log\(`Created workflow for AML hits`, \{ workflow \}\)' --files-with-matches | xargs cat

Length of output: 159

---

---

Script:

#!/bin/bash
# Description: Re-verify that the log statement captures all relevant workflow details by removing the file type specification.

# Corrected Test: Search for the log usage in test cases without specifying file type. Expect: Proper capturing of workflow details in logs.
rg $'this.logger.log\(`Created workflow for AML hits`, \{ workflow \}\)' --files-with-matches | xargs cat

Length of output: 3401

services/workflows-service/src/workflow/workflow.service.ts (1)

1355-1359: Ensure that sensitive information is not logged.

Given the emphasis on enhanced logging for debugging and traceability, it's crucial to ensure that sensitive information is not inadvertently logged. This script checks for potential logging of sensitive data.

[coderabbitai]

Actionable comments posted: 0

Review Details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between c8e54ac and 8ccb6ea.

Files selected for processing (1)

• services/workflows-service/src/webhooks/webhooks.service.ts (3 hunks)

Files skipped from review as they are similar to previous changes (1)

• services/workflows-service/src/webhooks/webhooks.service.ts