npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@mojaloop/event-sdk

v14.1.1

Published

Shared code for Event Logging

Downloads

3,082

Readme

event-sdk

EXPERIMENTAL Event SDK for Clients & Server implementations

Git Commit Git Releases Npm Version NPM Vulnerabilities CircleCI

Mojaloop Event SDK provides a simple API to log different kind of messages ( trace, log, error, audit ) and publish them to a central logging infrastructure.

The API is defined by the EventRecorder interface and the EventMessage type. This library provides the following recorder implementations by default:

| Recorder | Behaviour | | - | - | | DefaultLoggerRecorder | Logs events to console | | DefaultSidecarRecorder | Logs events to sidecar synchronously | | DefaultSidecarRecorderAsync | Logs events to sidecar asynchronously |

The logging behaviour can be modified as defined in the interfaces EventPreProcessor and EventPostProcessor which allow to use an EventRecorder that processes EventMessages before sending them and its response, respectively.

Installation

npm install @mojaloop/event-sdk

Configuration

Edit the file in ./config/default.json to configure the logger, or set the following Environment variables:

| Environment variable | Description | Default | Available Values | | --- | --- | --- | --- | | EVENT_SDK_ASYNC_OVERRIDE_EVENTS | A comma-separated list of events that should return immediately instead of waiting for the promises to resolve in the recorder.record() function. | '' | Any combination of: log,audit,trace | |EVENT_SDK_LOG_FILTER | Comma delimited List of <eventType>:<eventAction> key pairs that will be logged to the host console, as well as sent to the sidecar. Note *:* wildcard entry will print all logs, and if this field is empty then no logs will be printed. See Current Supported Events | audit:*, log:info, log:error, log:warning | audit:*, log:info, log:error | |EVENT_SDK_LOG_METADATA_ONLY | This flag will only print the metadata portion of the event message, and exclude the content to minimise log verbosity. | false | true, false | | EVENT_SDK_SERVER_HOST | The hostname for the gRPC server to bind to. | localhost | Any valid hostname | | EVENT_SDK_SERVER_PORT | The port for the gRPC server to listen on. | 50055 | Any valid port value | | EVENT_SDK_SIDECAR_DISABLED | Enables or disables the logging to event sidecar. | true | true, false | | ~~EVENT_SDK_SIDECAR_WITH_LOGGER~~ | DEPRECATED BY EVENT_SDK_LOG_FILTER - If true, the events will be logged to the host console, as well as sent to the sidecar. Only applicable if the event sidecar is enabled. | false | true, false | | EVENT_SDK_VENDOR_PREFIX | Prefix for vendor specific tracestate handler. For more information refer here | acmevendor | Any string | | EVENT_SDK_TRACESTATE_HEADER_ENABLED | If enabled, the tracestate value is kept updated with every child and is inserted into the span tags. Otherwise, the tracestate is only updated if injectContextToHttpRequest is called and the tracestate is included into the request headers. | false | true, false | | EVENT_SDK_TRACEID_PER_VENDOR | If enabled, when vendor of the parent span is different from the vendor set by EVENT_SDK_VENDOR_PREFIX the traceId will be new and the parent traceId will be stored as a tag: corelationTraceId . Otherwise, the traceId is persisted. | false | true, false | | EVENT_LOGGER_KAFKA | When configured, events will be sent by default directly to Kafka. Should contain configuration for 3 Kafka producers in PRODUCER.EVENT.LOG, PRODUCER.EVENT.TRACE and PRODUCER.EVENT.AUDIT | undefined | undefined, {PRODUCER:...} | | EVENT_LOG | Controls processing of log events. When undefined the default processing is used. | undefined | undefined, sidecar, kafka, console, off | | EVENT_TRACE | Controls processing of trace events. When undefined the default processing is used.| undefined | undefined, sidecar, kafka, console, off | | EVENT_AUDIT | Controls processing of audit events. When undefined the default processing is used.| undefined | undefined, sidecar, kafka, console, off |

Tracestate format and methods

Note: Tags in the tracestate are supported from version v9.4.1. Since v9.5.2 tracestate is base64 encoded string. To be able to use the tracestate correctly accross all services, they should have same version of event-sdk and central-services-shared librarires.

Format

Tracestate header can be used to preserve vendor specific information across various connected systems in multivendor setup. The format is according to the w3c specifications. Tracestate header example value: acmevendor=eyJzcGFuSWQiOiI2Njg2Nzk1MDBiMGUzYzQwIiwgInRyYW5zZmVyX3R4X21zOjE1OTA0MDc0NjUifQ==, where the vendor is acmevendor and the value is base64 encoded key value pair as spanId key is set automatically. When decoded: {"spanId":"668679500b0e3c40", "transfer_tx_ms:1590407465"}

Methods to access the tracestate are:

  • setTracestateTags - sets user tags into the tracestate
  • getTracestates - Returns the tracestates object per vendor, as configured vendor tracestate is decoded key value pair with tags
  • getTracestateTags - Returns the tracestate tags for the configured vendor as key value pairs

Current Supported Events

| eventType | eventAction | Description | | --- | --- | --- | | audit | default | Default audit action. Used when no action has been specified | | audit | start | Used to create start audit event | | audit | ingress | Used to create ingress audit event | | audit | egress | Used to create egress audit event | | audit | finish | Used to create finish audit event | | log | info | Info log level | | log | debug | Debug log level | | log | error | Error log level | | log | verbose | Verbose log level | | log | warning | Warning log level | | log | performance | Performance log level | | span | trace | Used to create trace event. These events sent with span.finish() method and are used for traceability |

Usage

Instrumented services should be part of a configuration which includes the event sidecar and event-streaming-processor. Detailed architecture overview can be found here

Examples of usage of the SDK can be found in the src/examples directory of this repo: Javascript example and TypeScript example.

Auditing Dependencies

We use audit-ci along with npm audit to check dependencies for node vulnerabilities, and keep track of resolved dependencies with an audit-ci.jsonc file.

To start a new resolution process, run:

npm run audit:fix

You can then check to see if the CI will pass based on the current dependencies with:

npm run audit:check

The audit-ci.jsonc contains any audit-exceptions that cannot be fixed to ensure that CircleCI will build correctly.

Automated Releases

As part of our CI/CD process, we use a combination of CircleCI, standard-version npm package and github-release CircleCI orb to automatically trigger our releases and image builds. This process essentially mimics a manual tag and release.

On a merge to main, CircleCI is configured to use the mojaloopci github account to push the latest generated CHANGELOG and package version number.

Once those changes are pushed, CircleCI will pull the updated main, tag and push a release triggering another subsequent build that also publishes a docker image.

Potential problems

  • There is a case where the merge to main workflow will resolve successfully, triggering a release. Then that tagged release workflow subsequently failing due to the image scan, audit check, vulnerability check or other "live" checks.

    This will leave main without an associated published build. Fixes that require a new merge will essentially cause a skip in version number or require a clean up of the main branch to the commit before the CHANGELOG and bump.

    This may be resolved by relying solely on the previous checks of the merge to main workflow to assume that our tagged release is of sound quality. We are still mulling over this solution since catching bugs/vulnerabilities/etc earlier is a boon.

  • It is unknown if a race condition might occur with multiple merges with main in quick succession, but this is a suspected edge case.