bink/zephyrus
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
No description
This repository has been archived on 2026-04-20. You can view files and clone it, but you cannot make any changes to its state, such as pushing and creating new issues, pull requests or comments.
320 commits 1 branch 20 tags 567 KiB
  • Python 98.2%
  • Shell 1%
  • Dockerfile 0.8%
Find a file
Exact
dependabot[bot] a9ae35384f
Some checks failed
ci / tests (push) Failing after 6m25s
Details
ci / release_staging (push) Has been skipped
Details
Bump gunicorn from 21.2.0 to 22.0.0 (#23) 
Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 21.2.0 to 22.0.0.
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](https://github.com/benoitc/gunicorn/compare/21.2.0...22.0.0)

---
updated-dependencies:
- dependency-name: gunicorn
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-17 09:11:59 +01:00
.github/workflows feat: migrate from pipenv to poetry 2024-02-27 11:57:52 +00:00
app feat: migrate from pipenv to poetry 2024-02-27 11:57:52 +00:00
scripts feat: migrate from pipenv to poetry 2024-02-27 11:57:52 +00:00
.dockerignore feat: migrate from pipenv to poetry 2024-02-27 11:57:52 +00:00
.env.example Updated readmes 2021-09-30 14:01:55 +01:00
.gitignore feat: migrate from pipenv to poetry 2024-02-27 11:57:52 +00:00
AMEX.md Updated readmes 2021-09-30 14:01:55 +01:00
CODEOWNERS Update CODEOWNERS 2021-07-21 11:58:40 +00:00
docker-compose.yml update-settings-and-readme 2018-06-29 11:00:50 +00:00
Dockerfile feat: migrate from pipenv to poetry 2024-02-27 11:57:52 +00:00
gunicorn_logger.py Fixed tracing 2021-10-01 12:10:29 +01:00
MASTERCARD.md More readme and tweaks 2021-10-01 09:11:54 +00:00
poetry.lock Bump gunicorn from 21.2.0 to 22.0.0 (#23) 2024-04-17 09:11:59 +01:00
pyproject.toml Bump gunicorn from 21.2.0 to 22.0.0 (#23) 2024-04-17 09:11:59 +01:00
README.md feat: migrate from pipenv to poetry 2024-02-27 11:57:52 +00:00
settings.py feat: migrate from pipenv to poetry 2024-02-27 11:57:52 +00:00
VISA.md Updated readmes 2021-09-30 14:01:55 +01:00
wsgi.py More readme and tweaks 2021-10-01 09:11:54 +00:00

README.md

Zephyrus

TODO all the badges

Microservice to process auth transactions.

Prerequisites

Dependencies

The following is a list of the important dependencies used in the project. You do not need to install these manually. See project setup for installation instructions.

  • Falcon - Falcon Python web framework.
  • Sentry SDK - Client for the Sentry error reporting platform. Includes Flask integration.
  • RabbitMQ - AMQP Message broker.
  • Azure KeyVault Secrets - Azure KeyVault secrets library.
  • AzureCLI - Used to magically have credentials to the Dev Azure KeyVault.
  • OpenTracing - Enables request level tracing

Project Setup

Poetry is used for managing project dependencies and execution.

Virtual Environment

To create a virtualenv and install required software packages:

poetry install

Project configuration is done through environment variables. A convenient way to set these is in a .env file in the project root. This file will be sourced by Poetry when poetry run and poetry shell are used. See settings.py for configuration options that can be set in this file.

To make a .env file from the provided example:

cp .env.example .env

The provided example is sufficient as a basic configuration, but modification may be required for specific use-cases.

The .env file contains connection parameters for RabbitMQ used in the project; The default connection parameters assume a local instance of these services listening on ports 55672 (RabbitMQ)

To quickly create docker containers for the required services:

scripts/services

Development API Server

The falcon development server is used for running the project locally. This should be replaced with a WSGI-compatible server for deployment to a live environment.

To run the Falcon development server:

scripts/api
  • VISA request info - link
  • AMEX request info - link
  • MasterCard request info - link

Run the following to generate mastercard certs:

scripts/send_transaction gen-cert

Send random transactions:

scripts/send_transaction visa
scripts/send_transaction mastercard
scripts/send_transaction amex

Unit Tests

Testing is done with pytest.

To execute a full test run:

scripts/test

Inspecting RabbitMQ

http://localhost:55673/
User: guest
Password: guest

This will bring up the RabbitMQ management interface which you can see queued transactions in.

Deployment

There is a Dockerfile provided in the project root. Build an image from this to get a deployment-ready version of the project.

  • Install on azure the Mastercard Signing certificate (required to use auth transaction messages from mastercard)

    • A signing certificate in pem format should be uploaded to the defined location

    • The default for dev-media container is "zephyrus/certificates/mc_pem_cert".

    The signing certificate and a master key is used by MasterCard to create the certificate contained in each signed XML message from them. We require only the signing certificate to verify the certificate and signature in each message.

    A valid signing certificate should look like this:

-----BEGIN CERTIFICATE-----
MIIDXjCCAkagAwIBAgIUDDz0uGn7QhAyTBcB+xVSg53i4AswDQYJKoZIhvcNAQEL
BQAwXDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1TYW4gRnJh
bmNpc2NvMRMwEQYDVQQKDApNeSBDb21wYW55MRMwEQYDVQQDDApteXNpdGUuY29t
MB4XDTE4MDcwMzA5NDMwMVoXDTE4MDcwNTA5NDMwMVowXDELMAkGA1UEBhMCVVMx
CzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMRMwEQYDVQQKDApN
eSBDb21wYW55MRMwEQYDVQQDDApteXNpdGUuY29tMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAxzZ3rQq5mOD8vRAEVDPMIsRHREZXi71eHmC41LKCqa2Q
BuzKzwlsPAK/hBTDhBiPnN3pByICsBb+jgyEBO5SEJ7MQHgbqxVk0HUHaUnDZibo
8uovXXzhiiicg5VHcEuBYgoCDn15kuIX129DOsitdk/5RNP5pGuRpgzPN1cUyhpN
g8kLQBpz4OIeUOwXmfbps0i6IGdx0rcrXv6KVHivXaoCm4tXnyhY+j7P3XudEKr1
W7uvXFV3fPL5xJbCxbujALGeby/HG3yIAs9QqNJcapFuH50ndSWZ5yi/KiqON2DI
YSLeA9rmKgOET0Ld2dwTjCvisENYzStQXa+akgoTXwIDAQABoxgwFjAUBgNVHREE
DTALgglsb2NhbGhvc3QwDQYJKoZIhvcNAQELBQADggEBAEQoIMs7L4pUj2pyWk4r
f5FWUjB2wtKZL2/bK7/JQBeokWDUoVh7XJ7B00fEmrPyQ0Z9JuOZxdo++uOEm763
2HdsSWoedHmtOOMa6tcmnVSFfFi4zUQz3GlumxZ7GhzJz7jybRDqG/wg3/HHLRYa
gbdPqv0kzFPHmNcyYeUsbB/ugKZvvC0fFT28Cvf40z4c0cpoz88FXQALmkCcS/1w
+/PiDb223vfbzGblnhMSuCSJNaKJ4ucuJAbDEVJbhfkU0CbHC0RhHKCZ3MD4auHQ
Lpap25Wk9tNe6KWqgggrxscUjV1ArCxgoZmXPj3ndLZwDeKMgiPz6p+h2spTYhPa
Iaw=
-----END CERTIFICATE-----

Environment Variables

  • VAULT_URL
    • String value, URL to Hashicorp Vault
  • VAULT_TOKEN
    • String value, Access token for Hashicorp Vault. Obtained from Kubernetes secrets.