cvs-svc-defects

Introduction

The cvs-defects microservice contains some reference data to be used for CVS services and mobile application for DVSA.

Dependencies

The project runs on node >18.x with typescript and serverless framework. For further details about project dependencies, please refer to the package.json file. nvm is used to managed node versions and configuration explicitly done per project using an .npmrc file.

Prerequisites

Please install and run the following securiy programs as part of your development process:

• git-secrets After installing, do a one-time set up with git secrets --register-aws. Run with git secrets --scan.

• repo-security-scanner

These will be run as part of your projects hooks so you don't accidentally introduce any new security vulnerabilities.

Architecture

Data is used is made available to VTA for searching a vehicle. Please refer to the the docs for the API specification and samples of postman requests.

End to end design

All in one view

Defect microservice

More information about technical designs can be found under the Defects Microservice section.

Getting started

Set up your nodejs environment running nvm use and once the dependencies are installed using npm i, you can run the scripts from package.json to build your project. This code repository uses serverless framework to mock AWS capabilities for local development. You will also require to install dynamodb serverless to run your project with by running the following command npm run tools-setup in your preferred shell. Once dynamoDB is installed, you will need a local serverless profile to be created so that you can start developping locally. The profiles are stored under ~/.aws/credentials.

# ~/.aws/credentials

# Please not only serverless is used to develop locally, not deployment of services are done with this framework
# It might look like this
[default]
aws_access_key_id=<yourDummyAccesskey>
aws_secret_access_key=<yourDummySecret>

Please refer to the local development section to configure your project locally.

Environmental variables

• The BRANCH environment variable indicates in which environment is this application running. Use BRANCH=local for local development. This variable is required when starting the application or running tests.

Scripts

The following scripts are available, however you can refer to the package.json to see the details:

• installing dependencies: npm install
• local development by starting the service: npm start
• building the project: npm run build
• unit tests: npm t
• integration tests: npm run test-i

DynamoDB and seeding

You won't need to change the configuration. However, if you want the database to be populated with mock data on start, in your serverless.yml file, you need to set seed to true. You can find this setting under custom > dynamodb > start.

If you choose to run the DynamoDB instance separately, you can send the seed command with the following command:

sls dynamodb seed --seed=defects

Under custom > dynamodb > seed you can define new seed operations with the following config:

custom:
  dynamodb:
    seed:
      [SEED NAME HERE]:
        sources:
          - table: [TABLE TO SEED]
            sources: [./path/to/resource.json]

Developing locally

Default DynamoDB configuration for seeding the data:

- migrate: true
  seed: true
  noStart: false

Debugging

The following environmental variables can be given to your serverless scripts to trace and debug your service:

AWS_XRAY_CONTEXT_MISSING = LOG_ERROR
SLS_DEBUG = *
BRANCH = local

Testing

Jest is used for unit testing. Please refer to the Jest documentation for further details.

Unit test

In order to test, you need to run the following:

npm run test # unit tests

Integration test

In order to test, you need to run the following, with the service running locally:

npm run test-i # for integration tests

End to end

• Automation test repository
• Java
• Serenity Cucumber with Junit

Infrastructure

We follow a gitflow approach for development. For the CI/CD and automation please refer to the following pages for further details:

• Development process
• Pipeline

Contributing

Please familiarise yourself with commitlint and conventional commits conventions as a hook is in place to enforce standards.

Hooks and code standards

The projects has multiple hooks configured using husky which will execute the following scripts: security-checks, audit, tslint, prepush. The codebase uses typescript clean code standards as well as sonarqube for static analysis.

SonarQube is available locally, please follow the instructions below if you wish to run the service locally (brew is the preferred approach).

Static code analysis

Brew (recommended):

• Install sonarqube using brew
• Change sonar.host.url to point to localhost, by default, sonar runs on http://localhost:9000
• run the sonar server sonar start, then perform your analysis npm run sonar-scanner

Manual:

• Download sonarqube
• Add sonar-scanner in environment variables in your profile file add the line: export PATH=<PATH_TO_SONAR_SCANNER>/sonar-scanner-3.3.0.1492-macosx/bin:$PATH
• Start the SonarQube server: cd <PATH_TO_SONARQUBE_SERVER>/bin/macosx-universal-64 ./sonar.sh start
• In the microservice folder run the command: npm run sonar-scanner