ballerine-io · MatanYadaev · Dec 15, 2024 · Dec 15, 2024 · Dec 15, 2024
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
diff --git a/services/workflows-service/.env.example b/services/workflows-service/.env.example
@@ -35,4 +35,4 @@ WEB_UI_SDK_URL=http://localhost:5202
 #HASHING_KEY_SECRET="$2b$10$FovZTB91/QQ4Yu28nvL8e."
 NOTION_API_KEY=secret
 HASHING_KEY_SECRET_BASE64=JDJiJDEwJFRYNjhmQi5JMlRCWHN0aGowakFHSi4=
-SECRETS_MANAGER_PROVIDER=in-memory
+SECRETS_MANAGER_PROVIDER=in-memory
diff --git a/services/workflows-service/Dockerfile b/services/workflows-service/Dockerfile
@@ -39,8 +39,9 @@ COPY --from=dev /app/scripts ./scripts
 COPY --from=dev /app/src ./src
 COPY --from=dev /app/tsconfig.build.json ./tsconfig.build.json
 COPY --from=dev /app/tsconfig.json ./tsconfig.json
+COPY --from=dev /app/entrypoint.sh ./entrypoint.sh
 
 EXPOSE 3000
 
-CMD [ "dumb-init", "npm", "run", "prod" ]
+ENTRYPOINT ["/app/entrypoint.sh"]
 
diff --git a/services/workflows-service/entrypoint.sh b/services/workflows-service/entrypoint.sh
@@ -0,0 +1,68 @@
+#!/usr/bin/env bash
+
+infra_file="/tmp/infra.json"
+
+## Get cloudProvider details
+function get_cloud_provider() {
+  release_details=$(uname -r || echo "")
+  if [[ $release_details == *"amzn"* ]]; then
+    cloud_provider="amazon"
+  elif [[ $release_details == *"azure"* ]]; then
+    cloud_provider="azure"
+  elif [[ $release_details == *"cloud"* ]]; then
+    cloud_provider="gcp"
+  elif [[ $release_details == *"generic"* ]]; then
+    cloud_provider="digitalocean"
+  elif [[ $release_details == *"ecs"* ]]; then
+    cloud_provider="alibaba"
+  elif [[ -n "${DYNO:-}" ]]; then
+    cloud_provider="heroku"
+  else
+    cloud_provider="others(including local)"
+  fi
+}
+
+## Get deployment tool details
+function get_tool() {
+  if [[ -z "${KUBERNETES_SERVICE_HOST:-}" ]]; then
+    dep_tool="likely docker"
+  else
+    dep_tool="kubernetes"
+  fi
+}
+
+## Check hostname
+function get_hostname() {
+  if [[ -f /etc/hostname ]]; then
+    hostname="$(cat /etc/hostname)"
+  else
+    hostname="$(hostname || echo "unknown")"
+  fi
+}
+
+## Get current Time
+function get_current_time() {
+  currentTime="$(date -u -Iseconds || echo "unknown")"
+}
+
+## Check if it's an ECS Fargate deployment
+function check_for_fargate() {
+  if [[ $cloud_provider == "amazon" && $dep_tool == "likely docker" ]]; then
+    dep_tool="ecs-fargate"
+  fi
+}
+
+## Main Block
+get_cloud_provider || true
+get_tool || true
+get_hostname || true
+check_for_fargate || true
+get_current_time || true
+
+infra_json='{"cloudProvider":"'"${cloud_provider}"'","tool":"'"${dep_tool}"'","hostname":"'"${hostname}"'","currentTime":"'"${currentTime}"'"}'
+echo "${infra_json}"
+
+echo "${infra_json}" > "${infra_file}"
+
+exec dumb-init npm run prod
+
diff --git a/services/workflows-service/package.json b/services/workflows-service/package.json
@@ -70,6 +70,7 @@
     "@sentry/integrations": "^7.52.1",
     "@sentry/node": "^7.52.1",
     "@sinclair/typebox": "0.32.15",
+    "@supabase/supabase-js": "^2.43.1",
     "@t3-oss/env-core": "^0.6.1",
     "ajv": "^8.12.0",
     "ajv-formats": "^2.1.1",

diff --git a/services/workflows-service/prisma/data-migrations b/services/workflows-service/prisma/data-migrations
diff --git a/services/workflows-service/src/app.module.ts b/services/workflows-service/src/app.module.ts
@@ -11,6 +11,7 @@ import { ServeStaticOptionsService } from './serve-static-options.service';
 import { EndUserModule } from './end-user/end-user.module';
 import { BusinessModule } from './business/business.module';
 import { StorageModule } from './storage/storage.module';
+import { SupabaseModule } from './supabase/supabase.module';
 import { MulterModule } from '@nestjs/platform-express';
 import { EventEmitterModule } from '@nestjs/event-emitter';
 import { FilterModule } from '@/filter/filter.module';
@@ -74,6 +75,7 @@ export const validate = async (config: Record<string, unknown>) => {
 
   return result.data;
 };
+
 @Module({
   controllers: [SwaggerController],
   imports: [
@@ -109,6 +111,7 @@ export const validate = async (config: Record<string, unknown>) => {
     AuthModule,
     HealthModule,
     PrismaModule,
+    SupabaseModule,
     ConfigModule.forRoot({
       validate,
       isGlobal: true,

diff --git a/services/workflows-service/src/auth/local/local-auth.guard.ts b/services/workflows-service/src/auth/local/local-auth.guard.ts
@@ -1,14 +1,24 @@
+import { CanActivate, Injectable, ExecutionContext } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
-import { ExecutionContext } from '@nestjs/common';
-import type { Request } from 'express';
+import { SupabaseService } from '../../supabase/supabase.service';
 
-export class LocalAuthGuard extends AuthGuard('local') {
-  async canActivate(context: ExecutionContext) {
-    const result = await super.canActivate(context);
-    const request = context.switchToHttp().getRequest<Request>();
+@Injectable()
+export class LocalAuthGuard extends AuthGuard('local') implements CanActivate {
+  constructor(private readonly supabaseService: SupabaseService) {
+    super();
+  }
+
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const result = super.canActivate(context) as boolean;
+    const request = context.switchToHttp().getRequest();
+
+    if (result && request.user) {
+      const fullUrl = request.protocol + '://' + request.get('host') + request.originalUrl;
+      void this.supabaseService.logSignIn(fullUrl);
+    }
 
     await super.logIn(request);
 
-    return result as boolean;
+    return result;
   }
 }
diff --git a/services/workflows-service/src/case-management/controllers/case-management.controller.ts b/services/workflows-service/src/case-management/controllers/case-management.controller.ts
@@ -21,12 +21,11 @@ import {
 } from '@nestjs/common';
 import { ApiExcludeController, ApiForbiddenResponse, ApiOkResponse } from '@nestjs/swagger';
 import { EndUserService } from '@/end-user/end-user.service';
-import { StateTag, TStateTag } from '@ballerine/common';
+import { StateTag, TStateTag, EndUserAmlHitsSchema } from '@ballerine/common';
 import { AlertService } from '@/alert/alert.service';
 import { ZodValidationPipe } from '@/common/pipes/zod.pipe';
 import { ListIndividualsProfilesSchema } from '@/case-management/dtos/list-individuals-profiles.dto';
 import { z } from 'zod';
-import { EndUserAmlHitsSchema } from '@ballerine/common';
 import { Business, EndUsersOnBusinesses } from '@prisma/client';
 
 @Controller('case-management')

diff --git a/services/workflows-service/src/env.ts b/services/workflows-service/src/env.ts
@@ -95,6 +95,26 @@ export const serverEnvSchema = {
   IN_MEMORIES_SECRET_ACQUIRER_ID: z.string().optional(),
   IN_MEMORIES_SECRET_PRIVATE_KEY: z.string().optional(),
   IN_MEMORIES_SECRET_CONSUMER_KEY: z.string().optional(),
+  SUPABASE_TELEMETRY_ENABLED: z
+    .enum(['true', 'false', ''])
+    .default('true')
+    .nullable()
+    .optional()
+    .transform(value => value === 'true' || value === null)
+    .describe('Enable or disable telemetry'),
+  TELEMETRY_SUPABASE_URL: z
+    .string()
+    .url()
+    .optional()
+    .default('https://lrwqumfbfgajpfnupayx.supabase.co')
+    .describe('Supabase URL for telemetry'),
+  TELEMETRY_SUPABASE_API_KEY: z
+    .string()
+    .optional()
+    .default(
+      'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Imxyd3F1bWZiZmdhanBmbnVwYXl4Iiwicm9sZSI6ImFub24iLCJpYXQiOjE3MTUyNTU3NDMsImV4cCI6MjAzMDgzMTc0M30.EJWCMJhnBvG9_BQWw6wy3dT0GrwR3S41w2Z92R80BVI',
+    )
+    .describe('Supabase API key for telemetry'),
 };
 
 if (!process.env['ENVIRONMENT_NAME'] || process.env['ENVIRONMENT_NAME'] === 'local') {

diff --git a/services/workflows-service/src/filter/filter.controller.external.ts b/services/workflows-service/src/filter/filter.controller.external.ts
@@ -17,7 +17,6 @@ import { isRecordNotFoundError } from '@/prisma/prisma.util';
 import { ProjectScopeService } from '@/project/project-scope.service';
 import type { InputJsonValue, TProjectId, TProjectIds } from '@/types';
 import { CurrentProject } from '@/common/decorators/current-project.decorator';
-import { UseCustomerAuthGuard } from '@/common/decorators/use-customer-auth-guard.decorator';
 
 @swagger.ApiBearerAuth()
 @swagger.ApiTags('Filters')

diff --git a/services/workflows-service/src/main.ts b/services/workflows-service/src/main.ts
@@ -1,5 +1,4 @@
 import '@total-typescript/ts-reset';
-
 import passport from 'passport';
 import dayjs from 'dayjs';
 import cookieSession from 'cookie-session';

diff --git a/services/workflows-service/src/supabase/mock-supabase.service.ts b/services/workflows-service/src/supabase/mock-supabase.service.ts
@@ -0,0 +1,15 @@
+import { Injectable, Logger } from '@nestjs/common';
+import { ISupabaseService } from './types';
+
+@Injectable()
+export class MockSupabaseService implements ISupabaseService {
+  private readonly logger = new Logger(MockSupabaseService.name);
+
+  async logSignIn(url: string): Promise<void> {
+    this.logger.debug(`Mock log: Sign-in recorded for URL: ${url}`);
+  }
+
+  async logInfraData(infradata: JSON): Promise<void> {
+    this.logger.debug(`Mock log: ${infradata} Infra data logged`);
+  }
+}
diff --git a/services/workflows-service/src/supabase/supabase.module.ts b/services/workflows-service/src/supabase/supabase.module.ts
@@ -0,0 +1,10 @@
+import { Module } from '@nestjs/common';
+import { SupabaseService } from './supabase.service';
+import { SentryModule } from '@/sentry/sentry.module';
+
+@Module({
+  providers: [SupabaseService],
+  exports: [SupabaseService],
+  imports: [SentryModule],
+})
+export class SupabaseModule {}