Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CU_86byp4xw2: Add ability to register Reprocessor UI with core #306

Closed
wants to merge 2 commits into from
Closed

CU_86byp4xw2: Add ability to register Reprocessor UI with core #306

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
af4a58e
Adds reprocess config files
ItsMurumba May 22, 2024
3712680
Cleanup Reprocess package
ItsMurumba May 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 42 additions & 0 deletions reprocess-mediator/docker-compose.config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
version: '3.9'

services:
# container for executing config import scripts for creating the OpenHIM channels used by the Mediator
reprocess-config-importer:
image: node:erbium-alpine
networks:
openhim:
default:
environment:
OPENHIM_API_USERNAME: ${OPENHIM_USERNAME}
OPENHIM_API_PASSWORD: ${OPENHIM_PASSWORD}
# Reject unauthorised is only needed if the OpenHIM's SSL is not setup
NODE_TLS_REJECT_UNAUTHORIZED: 0
command: sh -c "node openhimConfig.js"
configs:
- source: reprocess-openhimConfig.js
target: /openhimConfig.js
- source: reprocess-ui-app.json
target: /reprocess-ui-app.json
deploy:
replicas: 1
restart_policy:
condition: none

configs:
reprocess-openhimConfig.js:
file: ./openhimConfig.js
name: reprocess-openhimConfig.js-${reprocess_openhimConfig_js_DIGEST:?err}
labels:
name: reprocess-mediator
reprocess-ui-app.json:
file: ./reprocess-ui-app.json
name: reprocess-ui-app.json-${reprocess_ui_json_DIGEST:?err}
labels:
name: reprocess-mediator

networks:
openhim:
name: openhim_public
external: true
default:
72 changes: 72 additions & 0 deletions reprocess-mediator/openhimConfig.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
const fs = require("fs");
const https = require("https");
const path = require("path");

("use strict");

const OPENHIM_CORE_SERVICE_NAME = "openhim-core";
const OPENHIM_MEDIATOR_API_PORT = 8080;
const OPENHIM_API_PASSWORD = process.env.OPENHIM_API_PASSWORD || "instant101";
const OPENHIM_API_USERNAME =
process.env.OPENHIM_API_USERNAME || "[email protected]";
Comment on lines +9 to +11
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tip

Codebase Verification

Default credentials are used in production environment settings.

Please ensure that these default credentials are not used in production environments.

Analysis chain

Storing sensitive information like API credentials in environment variables is a good practice. However, ensure that default credentials are not used in production environments.

Scripts Executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for the usage of default credentials in production environment settings.

# Test: Search for environment variable settings in deployment scripts. Expect: No default credentials in production.
rg --type yaml 'OPENHIM_API_PASSWORD|OPENHIM_API_USERNAME' --files-with-matches | xargs cat

Length of output: 8067


const authHeader = Buffer.from(
`${OPENHIM_API_USERNAME}:${OPENHIM_API_PASSWORD}`
).toString("base64");
function makeRequest(options, data) {
const req = https.request(options, (res) => {
if (res.statusCode == 401) {
throw new Error(`Incorrect OpenHIM API credentials`);
}

if (![201, 200].includes(res.statusCode)) {
throw new Error(`Failed to import OpenHIM config: ${res.statusCode}`);
}

console.log("Successfully Imported OpenHIM Config");
});

req.on("error", (error) => {
throw new Error(`Failed to import OpenHIM config: ${error}`);
});

req.write(data);
req.end();
}
Comment on lines +16 to +35
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The makeRequest function correctly handles different HTTP status codes and throws errors accordingly. However, consider adding more detailed logging for successful and unsuccessful requests to aid in debugging and monitoring.

+ console.log(`Request made with status code: ${res.statusCode}`);
Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation.

Suggested change
function makeRequest(options, data) {
const req = https.request(options, (res) => {
if (res.statusCode == 401) {
throw new Error(`Incorrect OpenHIM API credentials`);
}
if (![201, 200].includes(res.statusCode)) {
throw new Error(`Failed to import OpenHIM config: ${res.statusCode}`);
}
console.log("Successfully Imported OpenHIM Config");
});
req.on("error", (error) => {
throw new Error(`Failed to import OpenHIM config: ${error}`);
});
req.write(data);
req.end();
}
function makeRequest(options, data) {
const req = https.request(options, (res) => {
console.log(`Request made with status code: ${res.statusCode}`);
if (res.statusCode == 401) {
throw new Error(`Incorrect OpenHIM API credentials`);
}
if (![201, 200].includes(res.statusCode)) {
throw new Error(`Failed to import OpenHIM config: ${res.statusCode}`);
}
console.log("Successfully Imported OpenHIM Config");
});
req.on("error", (error) => {
throw new Error(`Failed to import OpenHIM config: ${error}`);
});
req.write(data);
req.end();
}


const appJsonData = JSON.parse(
fs.readFileSync(path.resolve(__dirname, "reprocess-ui-app.json"))
);
const appData = JSON.stringify(appJsonData);

const options = {
protocol: "https:",
hostname: OPENHIM_CORE_SERVICE_NAME,
port: OPENHIM_MEDIATOR_API_PORT,
headers: {
"Content-Type": "application/json",
Authorization: `Basic ${authHeader}`,
},
};

const appReqOptions = {
...options,
path: "/apps",
method: "POST",
headers: {
...options.headers,
"Content-Length": appData.length,
},
};

const importMapRebuildOptions = {
...options,
path: "/apps",
method: "GET",
headers: {
...options.headers,
},
};

makeRequest(appReqOptions, appData);
makeRequest(importMapRebuildOptions, "");
Comment on lines +71 to +72
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tip

Codebase Verification

The context around the makeRequest calls in reprocess-mediator/openhimConfig.js does not show any explicit data validation before the function is called. This could potentially lead to issues if the data being sent is not properly validated.

  • Ensure that the data (appData and the empty string) being passed to makeRequest is validated before the function call.
Analysis chain

Ensure that the makeRequest function is called with the correct parameters and that the data being sent is properly validated before sending.

Scripts Executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the data being sent in makeRequest calls.

# Test: Search for the function calls and check data validation. Expect: Proper validation before sending.
ast-grep --lang javascript --pattern $'makeRequest($_, $_) { $$$ }'

Length of output: 518

Script:

#!/bin/bash
# Locate the definition of the makeRequest function to understand its parameters and usage.
ast-grep --lang javascript --pattern 'function makeRequest($_, $_) { $$$ }'

# Find all calls to the makeRequest function and check if the data being sent is validated.
rg 'makeRequest\('

Length of output: 5265

Script:

#!/bin/bash
# Extract and inspect the context around the makeRequest calls to verify data validation.

# Extract 5 lines before and after each makeRequest call for context.
rg -A 5 -B 5 'makeRequest\(' reprocess-mediator/openhimConfig.js

Length of output: 545

12 changes: 12 additions & 0 deletions reprocess-mediator/reprocess-ui-app.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
{
"name": "Reprocess",
"description": "Reprocess microfrontends app",
"category": "HIE Configuration",
"type": "esmodule",
"url": "http://localhost:3030/jembi-reprocessor-mediator-microfrontend.js",
"showInPortal": true,
"showInSideBar": false,
"access_roles": ["admin"],
"icon": "https://fonts.gstatic.com/s/i/materialicons/apps/v12/24px.svg"
}

1 change: 1 addition & 0 deletions reprocess-mediator/swarm.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ function initialize_package() {
log error "Failed to deploy package"
exit 1
}
docker::deploy_config_importer $STACK "$COMPOSE_FILE_PATH/docker-compose.config.yml" "reprocess-config-importer" "reprocess-mediator"
}

function destroy_package() {
Expand Down
Loading