{"id":22713932,"url":"https://github.com/rsachdeva/illuminatingdeposits-grpc","last_synced_at":"2026-04-11T09:37:53.959Z","repository":{"id":57559198,"uuid":"321415425","full_name":"rsachdeva/illuminatingdeposits-grpc","owner":"rsachdeva","description":"Docker and Kubernetes usage in the context of gRPC; MongoDB ; MongoDB Replication; Ingress; Kafka Pub/Sub, TLS requests with Sanity test Client; JWT generation for authentication;JWT Authentication for Interest Calculations; Interest Calculation With Tests/ Coverage and Observability","archived":false,"fork":false,"pushed_at":"2021-10-22T21:34:28.000Z","size":744,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-10-08T12:02:37.690Z","etag":null,"topics":["docker","docker-compose","dockertest","golang","grpc","helm","ingress-nginx","jwt-token","kafka","kubernetes","mongodb","mongodb-replication","observability","protobuf","protocol-buffers","test-coverage","tls"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rsachdeva.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-12-14T16:59:10.000Z","updated_at":"2024-09-17T17:56:20.000Z","dependencies_parsed_at":"2022-08-28T10:20:22.156Z","dependency_job_id":null,"html_url":"https://github.com/rsachdeva/illuminatingdeposits-grpc","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/rsachdeva/illuminatingdeposits-grpc","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rsachdeva%2Filluminatingdeposits-grpc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rsachdeva%2Filluminatingdeposits-grpc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rsachdeva%2Filluminatingdeposits-grpc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rsachdeva%2Filluminatingdeposits-grpc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rsachdeva","download_url":"https://codeload.github.com/rsachdeva/illuminatingdeposits-grpc/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rsachdeva%2Filluminatingdeposits-grpc/sbom","scorecard":{"id":786833,"data":{"date":"2025-08-11","repo":{"name":"github.com/rsachdeva/illuminatingdeposits-grpc","commit":"3bcc97c1e0f3faefb1130f92efe75eef858ed39f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.6,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: containerImage not pinned by hash: build/Dockerfile.dbindexes:3","Warn: containerImage not pinned by hash: build/Dockerfile.dbindexes:11: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: build/Dockerfile.grpc.server:1","Warn: containerImage not pinned by hash: build/Dockerfile.grpc.server:9: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: build/Dockerfile.openssl:1: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Info:   0 out of   5 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":0,"reason":"23 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2020-0017 / GHSA-w73w-5m7g-f7qc","Warn: Project is vulnerable to: GHSA-77vh-xpmg-72qh","Warn: Project is vulnerable to: GO-2022-0835 / GHSA-gp4j-w3vj-7299","Warn: Project is vulnerable to: GO-2021-0085 / GHSA-fgv8-vj5c-2ppq","Warn: Project is vulnerable to: GO-2021-0087 / GHSA-fh74-hm69-rqjw","Warn: Project is vulnerable to: GO-2022-0396 / GHSA-g54h-m393-cpwq","Warn: Project is vulnerable to: GO-2022-0914 / GHSA-c3xm-pvg7-gh7r","Warn: Project is vulnerable to: GHSA-v95c-p5hm-xq8f","Warn: Project is vulnerable to: GO-2022-0452 / GHSA-f3fp-gc8g-vw66","Warn: Project is vulnerable to: GO-2023-1683 / GHSA-g2j6-57v7-gm8c","Warn: Project is vulnerable to: GO-2023-1682 / GHSA-m8cg-xc2p-r3fc","Warn: Project is vulnerable to: GO-2024-3110 / GHSA-jfvp-7x6p-h2pv","Warn: Project is vulnerable to: GO-2021-0112 / GHSA-f6mq-5m25-4r72","Warn: Project is vulnerable to: GO-2021-0227 / GHSA-3vm4-22fp-5rfm","Warn: Project is vulnerable to: GO-2022-0968 / GHSA-gwc9-m7rh-j2ww","Warn: Project is vulnerable to: GO-2021-0356 / GHSA-8c26-wmh5-6g9v","Warn: Project is vulnerable to: GO-2024-2961","Warn: Project is vulnerable to: GO-2023-2402 / GHSA-45x7-px36-x8w8","Warn: Project is vulnerable to: GO-2024-3321 / GHSA-v778-237x-gjrc","Warn: Project is vulnerable to: GO-2025-3487 / GHSA-hcg3-q754-cr77","Warn: Project is vulnerable to: GO-2025-3488 / GHSA-6v2p-p543-phr9","Warn: Project is vulnerable to: GO-2023-2153 / GHSA-m425-mq94-257g / GHSA-qppj-fm5r-hxr3","Warn: Project is vulnerable to: GO-2024-2611 / GHSA-8r3f-844c-mc37"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T06:19:06.742Z","repository_id":57559198,"created_at":"2025-08-23T06:19:06.743Z","updated_at":"2025-08-23T06:19:06.743Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":281222838,"owners_count":26464032,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-27T02:00:05.855Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","docker-compose","dockertest","golang","grpc","helm","ingress-nginx","jwt-token","kafka","kubernetes","mongodb","mongodb-replication","observability","protobuf","protocol-buffers","test-coverage","tls"],"created_at":"2024-12-10T14:10:10.981Z","updated_at":"2025-10-27T06:06:34.169Z","avatar_url":"https://github.com/rsachdeva.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Illuminating Deposits - gRPC\n\n###### All commands should be executed from the root directory (illuminatingdeposits-grpc) of the project\n(Development is WIP)\n\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"./logo.png\" alt=\"Illuminating Deposits Project Logo\" title=\"Illuminating Deposits Project Logo\" /\u003e\n\u003c/p\u003e\n\n# Features include:\n- Golang (Go) gRPC Service Methods with protobuf for Messages\n- TLS for all requests\n- Integration and Unit tests; run in parallel using dockertest for faster feedback (more in progress)\n- Coverage Result for key packages\n- MongoDB health check service\n- User Management service with MongoDB for user creation\n- JWT generation for Authentication \n- JWT Authentication for Interest Calculations\n- 30daysInterest for a deposit is called Delta\n- Delta is for \n     - each deposit \n     - each bank with all deposits\n     - all banks!\n- Concurrency support for computing Banks Delta included for I/O processing\n- Sanity test client included each deployment settings\n  With this Sanity test client, you will be able to:\n  - get status of Mongo DB\n  - add a new user\n  - edit json file that is read to make input request to gRPC service\n  - JWT generation for Authentication\n  - JWT Authentication for Interest Delta Calculations for each deposit; each bank with all deposits and all banks\n    Quickly confirms Sanity check for set up with Kubernetes/Docker.\n    There are also separate Integration and Unit tests.\n- Dockering and using it for both Docker Compose and Kubernetes\n- Docker compose deployment for development\n- Kubernetes Deployment with Ingress; Helm; Mongodb internal replication setup\n- Running from Editor/IDE directly included\n- Log Based Message Broker using Kafka for Each Interest Calculation Event with Docker Compose and Kubernetes \n- Tracing enabled using Zipkin for Observability\n\n#### gRPC pre setup  (in case desired to generate already included protobuf code)\nThis should not be needed when deploying; it is there for reference to how protobuf\nand related code was generated.\n\n```\nbrew install protobuf\n``` \nEnable module mode (or just execute next command from any directory outside of project having go.mod)\nReference: [QuickStart](https://grpc.io/docs/languages/go/quickstart/)\n```shell\nbrew install protobuf\nprotoc --version  # Ensure compiler version is 3+\n# install Go plugins for the protocol compiler protoc\n# before go 1.16\nexport GO111MODULE=on  \ngo get google.golang.org/protobuf/cmd/protoc-gen-go google.golang.org/grpc/cmd/protoc-gen-go-grpc \n# for go 1.16\ngo install google.golang.org/protobuf/cmd/protoc-gen-go@v1.25.0 \ngo install google.golang.org/grpc/cmd/protoc-gen-go-grpc@latest\n```\n\nNow go to this project root directory and run following scripts for generating protobuf related code for the services:\n```shell\nsh ./generateinterestcalservice.sh\nsh ./generatemongodbhealthservice.sh\nsh ./generateusermgmtservice.sh \n```\n\n# Docker Compose Deployment\n\n### TLS files\n```shell\nexport DEPOSITS_GRPC_SERVICE_ADDRESS=localhost\ndocker build -t tlscert:v0.1 -f ./build/Dockerfile.openssl ./conf/tls \u0026\u0026 \\\ndocker run --env DEPOSITS_GRPC_SERVICE_ADDRESS=$DEPOSITS_GRPC_SERVICE_ADDRESS -v $PWD/conf/tls:/tls tlscert:v0.1\n```\n\n### Start mongodb and tracing service\n```shell\nexport COMPOSE_IGNORE_ORPHANS=True \u0026\u0026 \\\ndocker-compose -f ./deploy/compose/docker-compose.external-db-trace-only.yml up\n```\n\n### Start message broker log streaming service\n```shell\nexport COMPOSE_IGNORE_ORPHANS=True \u0026\u0026 \\\ndocker-compose -f ./deploy/compose/docker-compose.kafka.yml up\n```\n\n### Then set up mongodb indexes\n```shell\nexport COMPOSE_IGNORE_ORPHANS=True \u0026\u0026 \\\ndocker-compose -f ./deploy/compose/docker-compose.dbindexes.yml up --build\n````\n\n### To start all services without TLS:\nMake sure DEPOSITS_GRPC_SERVICE_TLS=false in docker-compose.grpc.server.yml\n### To start all services with TLS - this is the way to go in gRPC:\nMake sure DEPOSITS_GRPC_SERVICE_TLS=true in docker-compose.grpc.server.yml\nInterestCal service only supports TLS in gRPC as it carries access token.\nThis means users want to transmit security\ninformation (e.g., OAuth2 token) which requires secure connection.Otherwise will see error as:\nthe credentials require transport level security (use grpc.WithTransportCredentials() to set).\n### And then execute:\n```shell\nexport COMPOSE_IGNORE_ORPHANS=True \u0026\u0026 \\\ndocker-compose -f ./deploy/compose/docker-compose.grpc.server.yml up --build\n```\n\n### Logs of running services (in a separate terminal):\n```shell\ndocker-compose -f ./deploy/compose/docker-compose.grpc.server.yml logs -f --tail 1  \n``` \n### Sanity test Client - gRPC Services Endpoints Invoked Externally:\nThe server side DEPOSITS_GRPC_SERVICE_TLS should be consistent and set for client also.\nUncomment any request function if not desired.\n\n```shell\nexport GODEBUG=x509ignoreCN=0\nexport DEPOSITS_GRPC_SERVICE_TLS=true\nexport DEPOSITS_GRPC_SERVICE_ADDRESS=localhost\ngo run ./cmd/sanitytestclient\n```\n\n### Server Tracing\nAccess [zipkin](https://zipkin.io/) service at [http://localhost:9411/zipkin/](http://localhost:9411/zipkin/)\n\n### Shutdown\n```shell\ndocker-compose -f ./deploy/compose/docker-compose.external-db-only.yml down\ndocker-compose -f ./deploy/compose/docker-compose.grpc.server.yml down\n```\n# Runing from Editor/IDE\n\n### TLS files -same as in Docker compose\n```shell\nexport DEPOSITS_GRPC_SERVICE_ADDRESS=localhost\ndocker build -t tlscert:v0.1 -f ./build/Dockerfile.openssl ./conf/tls \u0026\u0026 \\\ndocker run --env DEPOSITS_GRPC_SERVICE_ADDRESS=$DEPOSITS_GRPC_SERVICE_ADDRESS -v $PWD/conf/tls:/tls tlscert:v0.1\n```\n### Start DB:\n```shell\nexport COMPOSE_IGNORE_ORPHANS=True \u0026\u0026 \\\ndocker-compose -f ./deploy/compose/docker-compose.external-db-trace-only.yml up\n```\nAnd then run following (./tools/dbindexescli is actually needed only once):\n```shell\nexport DEPOSITS_GRPC_SERVICE_TLS=true\nexport DEPOSITS_GRPC_DB_HOST=127.0.0.1\nexport DEPOSITS_TRACE_URL=http://localhost:9411/api/v2/spans\ngo run ./tools/dbindexescli\ngo run ./cmd/server\n```\n\n### Sanity test Client - gRPC Services Endpoints Invoked Externally:\nThe server side DEPOSITS_GRPC_SERVICE_TLS should be consistent and set for client also.\nUncomment any request function if not desired.\n\n```shell\nexport GODEBUG=x509ignoreCN=0\nexport DEPOSITS_GRPC_SERVICE_TLS=true\nexport DEPOSITS_GRPC_SERVICE_ADDRESS=localhost\ngo run ./cmd/sanitytestclient\n```\n### Server Tracing\nAccess [zipkin](https://zipkin.io/) service at [http://localhost:9411/zipkin/](http://localhost:9411/zipkin/)\n\n# Kubernetes Deployment\n(for Better control; For Local Setup tested with Docker Desktop latest version with Kubernetes Enabled)\n\n### TLS files\n```shell\nexport DEPOSITS_GRPC_SERVICE_ADDRESS=grpcserversvc.127.0.0.1.nip.io\ndocker build -t tlscert:v0.1 -f ./build/Dockerfile.openssl ./conf/tls \u0026\u0026 \\\ndocker run --env DEPOSITS_GRPC_SERVICE_ADDRESS=$DEPOSITS_GRPC_SERVICE_ADDRESS -v $PWD/conf/tls:/tls tlscert:v0.1\n```\nAs a side note, For any troubleshooting, To see openssl version being used in Docker:\n```shell\ndocker build -t tlscert:v0.1 -f ./build/Dockerfile.openssl ./conf/tls \u0026\u0026 \\\ndocker run -ti -v $PWD/conf/tls:/tls tlscert:v0.1 sh\n```\nYou get a prompt\n/tls\nCheck version using command:\n```shell\nopenssl version\n```\n\n### Installing Ingress controller\nUsing helm to install nginx ingress controller\n```shell\nbrew install helm\nhelm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx\nhelm repo update\nhelm repo list\n```\nand then use\n```shell\nhelm install ingress-nginx -f ./deploy/kubernetes/nginx-ingress-controller/helm-values.yaml ingress-nginx/ingress-nginx\n```\nto install ingress controller\nTo see logs for nginx ingress controller:\n```shell\nkubectl logs -l app.kubernetes.io/name=ingress-nginx -f\n```\n\n### Installing Kafka\nUsing helm to install kafka\n```shell\nbrew install helm\nhelm repo add bitnami https://charts.bitnami.com/bitnami\nhelm repo update\nhelm repo list\n```\nand then use\n```shell\nhelm install kafka -f ./deploy/kubernetes/kafka/helm-values.yaml bitnami/kafka\n```\nto install ingress controller\nTo see logs for kafka:\n```shell\nkubectl logs pod/kafka-grpc-0 -f\n```\n\nThis installation message also allows to test installation of kafka quickly:\n(kafka-console-producer.sh and kafka-console-consumer.sh can be run inside the kafka-grpc-client pod created below)\n```shell\nKafka can be accessed by consumers via port 9092 on the following DNS name from within your cluster:\n\n    kafka-grpc.default.svc.cluster.local\n\nEach Kafka broker can be accessed by producers via port 9092 on the following DNS name(s) from within your cluster:\n\n    kafka-grpc-0.kafka-grpc-headless.default.svc.cluster.local:9092\n\nTo create a pod that you can use as a Kafka client run the following commands:\n\n    kubectl run kafka-grpc-client --restart='Never' --image docker.io/bitnami/kafka:2.8.1-debian-10-r0 --namespace default --command -- sleep infinity\n    kubectl exec --tty -i kafka-grpc-client --namespace default -- bash\n\n    PRODUCER:\n        kafka-console-producer.sh \\\n\n            --broker-list kafka-grpc-0.kafka-grpc-headless.default.svc.cluster.local:9092 \\\n            --topic test\n\n    CONSUMER:\n        kafka-console-consumer.sh \\\n\n            --bootstrap-server kafka-grpc.default.svc.cluster.local:9092 \\\n            --topic test \\\n            --from-beginning\n```\n\n### Make docker images and Push Images to Docker Hub\n\n```shell\ndocker rmi rsachdeva/illuminatingdeposits.grpc.server:v1.6.0\ndocker rmi rsachdeva/illuminatingdeposits.dbindexes:v1.6.0\n\ndocker build -t rsachdeva/illuminatingdeposits.grpc.server:v1.6.0 -f ./build/Dockerfile.grpc.server .  \ndocker build -t rsachdeva/illuminatingdeposits.dbindexes:v1.6.0 -f ./build/Dockerfile.dbindexes .  \n\ndocker push rsachdeva/illuminatingdeposits.grpc.server:v1.6.0\ndocker push rsachdeva/illuminatingdeposits.dbindexes:v1.6.0\n```\nThe v1.6.0 should match to version being used in Kubernetes resources (grpc-server.yaml; dbindexes.yaml).\n\n### Quick deploy for all Kubernetes resources ( more Detailed Kubernetes set up - Step by Step is below; Above kubernetes steps are common)\nTLS File set up should have been installed using steps above along with installing using help ingress-nginx and kafka\n\nMongoDB set up with internal replication has to be done once unless persistent volumes are deleted or\nnumber of replicas are changed:\n```shell\nkubectl apply -f deploy/kubernetes/mongodb/.\n```\nOnce all mongo pods are running, we have to do this once: ( unless we change replication pods)\n\n#### Mongodb internal replication setup\nInside the mongo-0 pod we open a mongo shell:\n```shell\nkubectl exec -it mongo-0 -- mongo\n```\nThen inside shell:\n```shell\nrs.initiate({\n      _id: \"rs0\",\n      members: [\n         { _id: 0, host : \"mongo-0.mongo.default.svc.cluster.local:27017\" },\n         {_id: 1, host: \"mongo-1.mongo.default.svc.cluster.local:27017\"},\n         {_id: 2, host: \"mongo-2.mongo.default.svc.cluster.local:27017\"}\n      ]\n   }\n)\n#  wait till you get 1 primary\nrs.status()\n```\nAllows connecting MongoDB UI using NodePort at 30010 from outside cluster locally to view data.\nWe only need to set secrets once after tls files have been generated; This is using dry run:\n```shell\n# only so secret can be applied with all resources as once; easier to delete with all resources\nkubectl delete secret illuminatingdeposits-grpc-secret-tls\nkubectl create --dry-run=client secret tls illuminatingdeposits-grpc-secret-tls --key conf/tls/serverkeyto.pem --cert conf/tls/servercrtto.pem -o yaml \u003e ./deploy/kubernetes/tls-secret-ingress.yaml\n```\nNow lets depoly the grpc application related resources:\n```shell\n# in case docker image not built -- refer 'Make docker images and Push Images to Docker Hub' above\nkubectl apply -f deploy/kubernetes/.\n```\nIf status for ```kubectl get pod -l job-name=dbindexes | grep \"Completed\"```\nshows completed for dbindexes pod, optionally can be deleted:\n```shell\nkubectl delete -f deploy/kubernetes/dbindexes.yaml\n```\nAnd see logs using\n```kubectl logs -l app=grpcserversvc -f```\n\n### Sanity test Client - gRPC Services Endpoints Invoked Externally:\nThe server side DEPOSITS_GRPC_SERVICE_TLS should be consistent and set for client also.\nUncomment any request function if not desired.\nAs stated before, All commands should be executed from the root directory (illuminatingdeposits-grpc) of the project\n```shell\nexport GODEBUG=x509ignoreCN=0\nexport DEPOSITS_GRPC_SERVICE_TLS=true\nexport DEPOSITS_GRPC_SERVICE_ADDRESS=grpcserversvc.127.0.0.1.nip.io\ngo run ./cmd/sanitytestclient\n```\n\n### Server Tracing\nAccess [zipkin](https://zipkin.io/) service at [http://zipkin.127.0.0.1.nip.io](http://zipkin.127.0.0.1.nip.io)\n\n### Detailed Kubernetes set up - Step by Step\nSee 'Quick deploy for all Kubernetes resources' above. If any issues, you can follow detailed steps.\nTLS File set up and Ingress controller should have been installed using steps above.\n##### Start mongodb service\n\n```shell\nkubectl apply -f deploy/kubernetes/mongodb/mongodb.yaml\n```\nSee above 'Mongodb internal replication setup' in Quick deploy.\n\n#### Then Migrate and set up dbindexes data manually for more control initially:\nFirst should see in logs\ndatabase system is ready to accept connections\n```kubectl logs pod/mongodb-deposits-0```\nAnd then execute migration/dbindexes data for manual control when getting started:\n```shell\nkubectl apply -f deploy/kubernetes/dbindexes.yaml\n```\nAnd if status for ```kubectl get pod -l job-name=dbindexes | grep \"Completed\"```\nshows completed for dbindexes pod, optionally can be deleted:\n```shell\nkubectl delete -f deploy/kubernetes/dbindexes.yaml\n```\nTo connect external tool with mongodb to see database internals use port 30010\n\n#### Set up secret\n\n```shell\nkubectl delete secret illuminatingdeposits-grpc-secret-tls\nkubectl create --dry-run=client secret tls illuminatingdeposits-grpc-secret-tls --key conf/tls/serverkeyto.pem --cert conf/tls/servercrtto.pem -o yaml \u003e ./deploy/kubernetes/tls-secret-ingress.yaml\nkubectl apply -f deploy/kubernetes/tls-secret-ingress.yaml\n```\n\n#### Illuminating deposists gRPC server in Kubernetes!\n```shell\nkubectl apply -f deploy/kubernetes/grpc-server.yaml\n```\nAnd see logs using\n```shell\nkubectl logs -l app=grpcserversvc -f\n```\n  \n### Remove all resources / Shutdown\n\n```shell\nkubectl delete -f ./deploy/kubernetes/.\nkubectl delete -f ./deploy/kubernetes/mongodb/.\nhelm uninstall ingress-nginx\nhelm uninstall kafka\n```\nThis does not remove prestient volume.\nIn case you are sure, you don't want to keep data only then\n```shell\nkubectl get pvc\nkubectl delete pvc -l app=mongo \n```\n# Running Integration/Unit tests\nTests are designed to run in parallel with its own test server and docker based mongodb using dockertest.\nTo run all tests with coverages reports for focussed packages:\nRun following only once as tests use this image; so faster:\n```shell\ndocker pull mongo:4.4.2-bionic \n``` \nAnd then run the following with coverages for key packages concerned:\n```shell\nexport GODEBUG=x509ignoreCN=0 \ngo test -v -count=1 -covermode=count -coverpkg=./userauthn,./usermgmt,./mongodbhealth,./interestcal -coverprofile cover.out ./... \u0026\u0026 go tool cover -func cover.out\ngo test -v -count=1 -covermode=count -coverpkg=./userauthn,./usermgmt,./mongodbhealth,./interestcal -coverprofile cover.out ./... \u0026\u0026 go tool cover -html cover.out\n```\nCoverage Result for key packages: \n**total:\t(statements)\t92.5%**  \n\u003cp align=\"center\"\u003e\n\u003cimg src=\"./coverageresults.png\" alt=\"Illuminating Deposits gRPC Test Coverage\" title=\"lluminating Deposits gRPC Test Coverage\" /\u003e\n\u003c/p\u003e\n\nThe -v is for Verbose output: log all tests as they are run. Search \"FAIL:\" in parallel test output here to see reason for failure\nin case any test fails.\nJust to run all easily with verbose ouput:\n```shell\ngo test -v ./... \n```\nThe -count=1 is mainly to not use caching and can be added as follows if needed for\nany go test command:\n```shell \ngo test -v -count=1 ./...\n```\nFor running single test for debugging purpose:\n```shell\ngo test -v -count=1 ./mongodbhealth -run TestServiceServer_HealthOk\n```\nSee Editor specifcs to see Covered Parts in the Editor.\n#### Test Docker containers for Mongodb\nDocker containers are mostly auto removed. This is done by passing true to testserver.InitGRPCServerBuffConn(ctx, t, false)\nin your test.\nIf you want to examine mongodb data for a particular test, you can temporarily\nset allowPurge as false in testserver.InitGRPCServerBuffConn(ctx, t, false) for your test.\nThen after running specific failed test connect to mongo db in the docker container using any db ui.\nAs an example, if you want coverage on a specific package and run a single test in a package with verbose output:\n```shell \ngo test -v -count=1 -covermode=count -coverpkg=./usermgmt -coverprofile cover.out -run=TestServiceServer_CreateUser ./usermgmt/... \u0026\u0026 go tool cover -func cover.out\n```\nAny docker containers still running after tests should be manually removed:\n```shell \ndocker ps\ndocker stop $(docker ps -qa)\ndocker rm -f $(docker ps -qa)\n```\nAnd if mongodb not connecting for tests: (reference: https://www.xspdf.com/help/52284027.html)\n```shell \ndocker volume rm $(docker volume ls -qf dangling=true)\n```\n\n# Troubleshooting\nIf for any reason no connection is happening from client to server or client hangs or server start up issues:\nRun \n```\nps aux | grep \"go run\" \n```\nor\n```\nps aux | grep \"go_build\" \n```\nto confirm is something else is already running.\nMake sure to follow above TLS set up according to Kubernetes deployment, Docker compose deployment or Running from Editor.\nMake sure to follow Ingress controller installation for Kubernetes deployment.\nOtherwise you will get error as:\n```\ntransport: Error while dialing dial tcp\n```\n\n# Version\nv1.6.0","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frsachdeva%2Filluminatingdeposits-grpc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frsachdeva%2Filluminatingdeposits-grpc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frsachdeva%2Filluminatingdeposits-grpc/lists"}