Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ministryofjustice/bichard7-next-audit-logging
Additional services for the Bichard 7 application running in AWS
https://github.com/ministryofjustice/bichard7-next-audit-logging
Last synced: about 2 months ago
JSON representation
Additional services for the Bichard 7 application running in AWS
- Host: GitHub
- URL: https://github.com/ministryofjustice/bichard7-next-audit-logging
- Owner: ministryofjustice
- License: mit
- Created: 2021-02-15T14:41:01.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-07-29T08:38:37.000Z (about 2 months ago)
- Last Synced: 2024-07-29T11:49:31.127Z (about 2 months ago)
- Language: TypeScript
- Size: 22.7 MB
- Stars: 2
- Watchers: 8
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Bichard7 Next: Audit Logging
A collection of components that are hosted within AWS that form parts of the new Bichard7 architecture.
![Bichard7 Audit Logging](/docs/infrastructure.png?raw=true "Infrastructure")
Other diagrams:
- [Incoming message handler](/src/incoming-message-handler)
- [Event handler](/src/event-handler)## Components
This repository contains multiple distinct components that together form the audit logging service within Bichard7. Each component is wrapped up in a separate node package.
- [**Audit Log API** (`audit-log-api`)](src/audit-log-api/) - API exposing Audit Log records and attached events
- [**Incoming Message Handler** (`incoming-message-handler`)](src/incoming-message-handler/) - AWS Step Functions and Lambdas for intercepting and processing messages coming into the Bichard system
- [**Event Handler** (`src/event-handler`)](src/event-handler/) - A component that handles messages received from queues and translates them into Audit Log events.Lambdas:
- [**Message Receiver** (`src/message-receiver`)](src/message-receiver/) - Receives messages from subscribed queues, embellishes with the source and format, and forwards onto the [Event Handler](event-handler/) Step Function.
- [**Transfer Messages** (`src/transfer-messages`)](src/transfer-messages) - Transfers incoming messages from the external incoming messages S3 bucket to the internal one.
- [**Archive User Logs** (`src/archive-user-logs`)](src/archive-user-logs/) - Subscribe to logs output by the User Service and the Store Event Lambda which match a subscription filter and then store them in s3 cold storage.
- [**Add Archival Events** (`src/add-archival-events`)](src/add-archival-events) - Records in the audit log when error records have been archived in the postgres database.
Code shared between multiple components:
- [**Shared code** (`shared`)](src/shared/) - Library of code that is common to multiple components.
- [**Shared types** (`shared-types`)](src/shared-types/) - Library of typescript type/interface definitions that are used in multiple components.
- [**Shared testing** (`shared-testing`)](src/shared-testing/) - Library of shared code that is used for testing multiple components.## Quick start
The majority of code in this repository is written in Typescript. In order to ensure you're using the right version of Node and npm, you should:
1. Install [`nvm`](https://github.com/nvm-sh/nvm)
2. In the root of this repository, run:```shell
nvm install
nvm use
```This will use the version specified in the [`.nvmrc`](.nvmrc) file.
We use `pg-native` library to access PostgreSQL. You need to install the following before installing node packages:
```shell
brew install postgresql
brew install libpq
```You can then use the npm commands to get started:
```shell
# Running the services for local development# Spin up mq and postgres
npm run hook:before:offline:start:init# Install dynamo and start the API
npm run start api# If you want to destory mq and postgres containers
npm run destory```
Where applicable, each component has tests that are run by Jest. To run these, simply run `npm test` from within the relevant project folder. Projects may also have different test scripts that you can run with the following commands:
- Run all tests - `npm test`
- Unit tests - `npm run test:unit`
- Integration tests - `npm run test:integration`
- Component-level end-to-end tests - `npm run test:e2e`
- UI tests - `npm run test:ui`
- Continuous Integration test run (run by the CI pipeline) - `npm run test:ci`All of these approaches will execute tests in a watch mode, which will allow you to make changes to the underlying tests or codebase and then save the files to automatically trigger another test run.
> Note: Before running integration or end-to-end tests, you need to make sure you have rebuilt any changes using `npm run build` in the respective project folder.
## A note on running the docker container locally
Nginx is doing ssl termination and requires a certificate and key pair to be in the `/certs` path.
In order to run this locally you can generate a self-signed certificate and key using [this method](https://linuxize.com/post/creating-a-self-signed-ssl-certificate/) and then mount
this as a volume in your containerie `docker run --rm -v /path/to/your/certificates:/certs -p 80:80 -p 443:443 -e API_URL=xxx audit-logging-portal:latest`
## Summarising an audit log record
Sometimes if we receive requests for information about how a message was handled it's useful to be able to export an audit log record in a format that can be shared. You can use the `summarise-record.ts` script for this:
```
aws-vault exec qsolution-production -- npx ts-node -T ./scripts/utils/summarise-record.ts
```