From 5e6b06244a1d768a9fde8e367401e84cf8410a94 Mon Sep 17 00:00:00 2001 From: Matthew Bain <66839492+rocketstack-matt@users.noreply.github.com> Date: Mon, 14 Oct 2024 16:14:45 +0100 Subject: [PATCH 1/2] Update TraderX sample and publish to S3 (#471) * Update TraderX sample and publish to S3 * Change Action name as we're publishing more than drafts --- .github/workflows/s3-sync.yml | 7 +++++-- .../flow-sla-control-requirement.json | 2 +- ...-update-account-control-configuration.json | 4 ++-- .../add-update-account.json | 4 ++-- .../bootstrapping-position-blotter.json | 2 +- .../load-list-of-accounts.json | 2 +- ...it-trade-ticket-control-configuration.json | 4 ++-- .../submit-trade-ticket.json | 20 ++++++++++--------- ...rade-processing-control-configuration.json | 4 ++-- .../trade-processing-new-trade.json | 20 ++++++++++--------- .../trade-processing-update-trade.json | 20 ++++++++++--------- calm/samples/traderx/traderx.json | 2 +- calm/samples/traderx/traderx.yaml | 2 +- 13 files changed, 51 insertions(+), 42 deletions(-) diff --git a/.github/workflows/s3-sync.yml b/.github/workflows/s3-sync.yml index 2ac95c53..87e8ad72 100644 --- a/.github/workflows/s3-sync.yml +++ b/.github/workflows/s3-sync.yml @@ -1,4 +1,4 @@ -name: Sync Drafts to S3 +name: Sync CALM to S3 on: workflow_dispatch: {} @@ -7,6 +7,7 @@ on: - main paths: - 'calm/draft/**' + - 'calm/samples/**' jobs: sync-to-s3: @@ -15,7 +16,6 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 - - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -25,3 +25,6 @@ jobs: - name: Sync calm/draft folder to S3 run: | aws s3 sync calm/draft s3://${{ vars.AWS_S3_BUCKET }}/draft --delete + - name: Sync calm/samples folder to S3 + run: | + aws s3 sync calm/samples s3://${{ vars.AWS_S3_BUCKET }}/samples --delete diff --git a/calm/samples/traderx/controls/flow-sla-control-requirement.json b/calm/samples/traderx/controls/flow-sla-control-requirement.json index 6106d0e0..ea1d899f 100644 --- a/calm/samples/traderx/controls/flow-sla-control-requirement.json +++ b/calm/samples/traderx/controls/flow-sla-control-requirement.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "https://calm.finos.org/traderx/controls/flow-sla-control-requirement.json", + "$id": "https://calm.finos.org/samples/traderx/controls/flow-sla-control-requirement.json", "title": "Flow SLA Control", "type": "object", "allOf": [ diff --git a/calm/samples/traderx/flows/add-update-account/add-update-account-control-configuration.json b/calm/samples/traderx/flows/add-update-account/add-update-account-control-configuration.json index 3c081a15..aedc5891 100644 --- a/calm/samples/traderx/flows/add-update-account/add-update-account-control-configuration.json +++ b/calm/samples/traderx/flows/add-update-account/add-update-account-control-configuration.json @@ -1,6 +1,6 @@ { - "$schema": "https://calm.finos.org/traderx/controls/flow-sla-control-requirement.json", - "$id": "https://calm.finos.org/traderx/flows/add-update-account/add-update-account-control-configuration.json", + "$schema": "https://calm.finos.org/samples/traderx/controls/flow-sla-control-requirement.json", + "$id": "https://calm.finos.org/samples/traderx/flows/add-update-account/add-update-account-control-configuration.json", "control-id": "flow-sla-001", "name": "Flow SLA Control for Add or Update Account", "description": "Ensure that the Add or Update Account flow meets the defined Service Level Agreement (SLA).", diff --git a/calm/samples/traderx/flows/add-update-account/add-update-account.json b/calm/samples/traderx/flows/add-update-account/add-update-account.json index f2feb59b..9f79221e 100644 --- a/calm/samples/traderx/flows/add-update-account/add-update-account.json +++ b/calm/samples/traderx/flows/add-update-account/add-update-account.json @@ -27,8 +27,8 @@ "description": "Control requirement for flow SLA", "requirements": [ { - "control-requirement": "https://calm.finos.org/traderx/controls/flow-sla-control-requirement.json", - "control-config": "https://calm.finos.org/traderx/flows/add-update-account/add-update-account-control-configuration.json" + "control-requirement-url": "https://calm.finos.org/samples/traderx/controls/flow-sla-control-requirement.json", + "control-config": "https://calm.finos.org/samples/traderx/flows/add-update-account/add-update-account-control-configuration.json" } ] } diff --git a/calm/samples/traderx/flows/bootstrapping-position-blotter/bootstrapping-position-blotter.json b/calm/samples/traderx/flows/bootstrapping-position-blotter/bootstrapping-position-blotter.json index 0c37a7a3..c4c0c08d 100644 --- a/calm/samples/traderx/flows/bootstrapping-position-blotter/bootstrapping-position-blotter.json +++ b/calm/samples/traderx/flows/bootstrapping-position-blotter/bootstrapping-position-blotter.json @@ -1,6 +1,6 @@ { "$schema": "https://calm.finos.org/draft/2024-10/meta/flow.json", - "$id": "https://calm.finos.org/traderx/flows/load-positions.json", + "$id": "https://calm.finos.org/samples/traderx/flows/load-positions.json", "unique-id": "flow-load-positions", "name": "Load Positions", "description": "Flow for loading positions for a specific account and subscribing to updates.", diff --git a/calm/samples/traderx/flows/load-list-of-accounts/load-list-of-accounts.json b/calm/samples/traderx/flows/load-list-of-accounts/load-list-of-accounts.json index 877a2bcc..adf78168 100644 --- a/calm/samples/traderx/flows/load-list-of-accounts/load-list-of-accounts.json +++ b/calm/samples/traderx/flows/load-list-of-accounts/load-list-of-accounts.json @@ -1,6 +1,6 @@ { "$schema": "https://calm.finos.org/draft/2024-10/meta/flow.json", - "$id": "https://calm.finos.org/traderx/flows/load-list-of-accounts.json", + "$id": "https://calm.finos.org/samples/traderx/flows/load-list-of-accounts.json", "unique-id": "flow-load-list-of-accounts", "name": "Load List of Accounts", "description": "Flow for loading a list of accounts from the database to populate the GUI drop-down for user account selection.", diff --git a/calm/samples/traderx/flows/submit-trade-ticket/submit-trade-ticket-control-configuration.json b/calm/samples/traderx/flows/submit-trade-ticket/submit-trade-ticket-control-configuration.json index 60dedf27..d9f6fe20 100644 --- a/calm/samples/traderx/flows/submit-trade-ticket/submit-trade-ticket-control-configuration.json +++ b/calm/samples/traderx/flows/submit-trade-ticket/submit-trade-ticket-control-configuration.json @@ -1,6 +1,6 @@ { - "$schema": "https://calm.finos.org/traderx/controls/flow-sla-control-requirement.json", - "$id": "https://calm.finos.org/traderx/flows/submit-trade-ticket/submit-trade-ticket-control-configuration.json", + "$schema": "https://calm.finos.org/samples/traderx/controls/flow-sla-control-requirement.json", + "$id": "https://calm.finos.org/samples/traderx/flows/submit-trade-ticket/submit-trade-ticket-control-configuration.json", "control-id": "flow-sla-001", "name": "Flow SLA Control for Trade Ticket Submission", "description": "Ensure that Trade Ticket Submission flow meets the defined Service Level Agreement (SLA).", diff --git a/calm/samples/traderx/flows/submit-trade-ticket/submit-trade-ticket.json b/calm/samples/traderx/flows/submit-trade-ticket/submit-trade-ticket.json index c81c49c8..f7813c1b 100644 --- a/calm/samples/traderx/flows/submit-trade-ticket/submit-trade-ticket.json +++ b/calm/samples/traderx/flows/submit-trade-ticket/submit-trade-ticket.json @@ -1,6 +1,6 @@ { "$schema": "https://calm.finos.org/draft/2024-10/meta/flow.json", - "$id": "https://calm.finos.org/traderx/flows/submit-trade-ticket/submit-trade-ticket.json", + "$id": "https://calm.finos.org/samples/traderx/flows/submit-trade-ticket/submit-trade-ticket.json", "unique-id": "flow-submit-trade-ticket", "name": "Submitting a Trade Ticket", "description": "Flow for submitting a trade ticket and validating the trade, account, and publishing a new trade event.", @@ -43,13 +43,15 @@ "direction": "destination-to-source" } ], - "submit-trade-ticket-sla": { - "description": "Control requirement for flow SLA", - "requirements": [ - { - "control-requirement": "https://calm.finos.org/traderx/controls/flow-sla-control-requirement.json", - "control-config": "https://calm.finos.org/traderx/flows/submit-trade-ticket/submit-trade-ticket-control-configuration.json" - } - ] + "controls": { + "submit-trade-ticket-sla": { + "description": "Control requirement for flow SLA", + "requirements": [ + { + "control-requirement-url": "https://calm.finos.org/samples/traderx/controls/flow-sla-control-requirement.json", + "control-config": "https://calm.finos.org/samples/traderx/flows/submit-trade-ticket/submit-trade-ticket-control-configuration.json" + } + ] + } } } diff --git a/calm/samples/traderx/flows/trade-processing/trade-processing-control-configuration.json b/calm/samples/traderx/flows/trade-processing/trade-processing-control-configuration.json index b6703fe1..a7ebc915 100644 --- a/calm/samples/traderx/flows/trade-processing/trade-processing-control-configuration.json +++ b/calm/samples/traderx/flows/trade-processing/trade-processing-control-configuration.json @@ -1,6 +1,6 @@ { - "$schema": "https://calm.finos.org/traderx/controls/flow-sla-control-requirement.json", - "$id": "https://calm.finos.org/traderx/flows/trade-processing/trade-processing-control-configuration.json", + "$schema": "https://calm.finos.org/samples/traderx/controls/flow-sla-control-requirement.json", + "$id": "https://calm.finos.org/samples/traderx/flows/trade-processing/trade-processing-control-configuration.json", "control-id": "flow-sla-001", "name": "Flow SLA Control for Trade Processing", "description": "Ensure that Trade Processing flows meet the defined Service Level Agreement (SLA).", diff --git a/calm/samples/traderx/flows/trade-processing/trade-processing-new-trade.json b/calm/samples/traderx/flows/trade-processing/trade-processing-new-trade.json index 60dc99fd..7fd4eb31 100644 --- a/calm/samples/traderx/flows/trade-processing/trade-processing-new-trade.json +++ b/calm/samples/traderx/flows/trade-processing/trade-processing-new-trade.json @@ -1,6 +1,6 @@ { "$schema": "https://calm.finos.org/draft/2024-10/meta/flow.json", - "$id": "https://calm.finos.org/traderx/flows/trade-processing.json", + "$id": "https://calm.finos.org/samples/traderx/flows/trade-processing.json", "unique-id": "flow-trade-processing", "name": "Trade Processing - New Trade", "description": "The process flow for handling new trade events", @@ -39,14 +39,16 @@ "direction": "destination-to-source" } ], - "trade-processing-sla": { - "description": "Control requirement for flow SLA", - "requirements": [ - { - "control-requirement": "https://calm.finos.org/traderx/controls/flow-sla-control-requirement.json", - "control-config": "https://calm.finos.org/traderx/flows/trade-processing/trade-processing-control-configuration.json" - } - ] + "controls": { + "trade-processing-sla": { + "description": "Control requirement for flow SLA", + "requirements": [ + { + "control-requirement-url": "https://calm.finos.org/samples/traderx/controls/flow-sla-control-requirement.json", + "control-config": "https://calm.finos.org/samples/traderx/flows/trade-processing/trade-processing-control-configuration.json" + } + ] + } } } diff --git a/calm/samples/traderx/flows/trade-processing/trade-processing-update-trade.json b/calm/samples/traderx/flows/trade-processing/trade-processing-update-trade.json index fa13a2b4..de5f1eee 100644 --- a/calm/samples/traderx/flows/trade-processing/trade-processing-update-trade.json +++ b/calm/samples/traderx/flows/trade-processing/trade-processing-update-trade.json @@ -1,6 +1,6 @@ { "$schema": "https://calm.finos.org/draft/2024-10/meta/flow.json", - "$id": "https://calm.finos.org/traderx/flows/trade-processing.json", + "$id": "https://calm.finos.org/samples/traderx/flows/trade-processing.json", "unique-id": "flow-trade-processing", "name": "Trade Processing - New Trade", "description": "The process flow for handling update trade events", @@ -39,13 +39,15 @@ "direction": "destination-to-source" } ], - "trade-processing-sla": { - "description": "Control requirement for flow SLA", - "requirements": [ - { - "control-requirement": "https://calm.finos.org/traderx/controls/flow-sla-control-requirement.json", - "control-config": "https://calm.finos.org/traderx/flows/trade-processing/trade-processing-control-configuration.json" - } - ] + "controls": { + "trade-processing-sla": { + "description": "Control requirement for flow SLA", + "requirements": [ + { + "control-requirement-url": "https://calm.finos.org/samples/traderx/controls/flow-sla-control-requirement.json", + "control-config": "https://calm.finos.org/samples/traderx/flows/trade-processing/trade-processing-control-configuration.json" + } + ] + } } } diff --git a/calm/samples/traderx/traderx.json b/calm/samples/traderx/traderx.json index e0e4f752..482a5d05 100644 --- a/calm/samples/traderx/traderx.json +++ b/calm/samples/traderx/traderx.json @@ -1,5 +1,5 @@ { - "$schema": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/draft/2024-04/meta/calm.json", + "$schema": "https://calm.finos.org/draft/2024-10/meta/calm.json", "nodes": [ { "unique-id": "traderx-system", diff --git a/calm/samples/traderx/traderx.yaml b/calm/samples/traderx/traderx.yaml index 754d3679..7880903e 100644 --- a/calm/samples/traderx/traderx.yaml +++ b/calm/samples/traderx/traderx.yaml @@ -1,4 +1,4 @@ -$schema: https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/draft/2024-03/meta/calm.json +$schema: https://calm.finos.org/draft/2024-10/meta/calm.json nodes: - unique-id: traderx-system node-type: system From 8dc4300d35ae57f50f5c6e75a4e0cd6010d7d1f9 Mon Sep 17 00:00:00 2001 From: Matthew Bain <66839492+rocketstack-matt@users.noreply.github.com> Date: Mon, 14 Oct 2024 16:37:32 +0100 Subject: [PATCH 2/2] Resolve https://nvd.nist.gov/vuln/detail/CVE-2024-21534 (#470) --- cli/package-lock.json | 40 ++++++++++++++++++++++++++-------------- cli/package.json | 2 ++ 2 files changed, 28 insertions(+), 14 deletions(-) diff --git a/cli/package-lock.json b/cli/package-lock.json index 8c9faaa4..e2857174 100644 --- a/cli/package-lock.json +++ b/cli/package-lock.json @@ -16,6 +16,7 @@ "graphviz-cli": "^2.0.0", "js-yaml": "^4.1.0", "json-pointer": "^0.6.2", + "jsonpath-plus": "^10.0.0", "junit-report-builder": "^5.0.0", "lodash": "^4.17.21", "mkdirp": "^3.0.1", @@ -1341,6 +1342,18 @@ "@jridgewell/sourcemap-codec": "^1.4.14" } }, + "node_modules/@jsep-plugin/assignment": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/@jsep-plugin/assignment/-/assignment-1.2.1.tgz", + "integrity": "sha512-gaHqbubTi29aZpVbBlECRpmdia+L5/lh2BwtIJTmtxdbecEyyX/ejAOg7eQDGNvGOUmPY7Z2Yxdy9ioyH/VJeA==", + "license": "MIT", + "engines": { + "node": ">= 10.16.0" + }, + "peerDependencies": { + "jsep": "^0.4.0||^1.0.0" + } + }, "node_modules/@jsep-plugin/regex": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/@jsep-plugin/regex/-/regex-1.0.3.tgz", @@ -6793,12 +6806,21 @@ } }, "node_modules/jsonpath-plus": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-7.1.0.tgz", - "integrity": "sha512-gTaNRsPWO/K2KY6MrqaUFClF9kmuM6MFH5Dhg1VYDODgFbByw1yb7xu3hrViE/sz+dGOeMWgCzwUwQtAnCTE9g==", + "version": "10.0.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-10.0.0.tgz", + "integrity": "sha512-v7j76HGp/ibKlXYeZ7UrfCLSNDaBWuJMA0GaMjA4sZJtCtY89qgPyToDDcl2zdeHh4B5q/B3g2pQdW76fOg/dA==", "license": "MIT", + "dependencies": { + "@jsep-plugin/assignment": "^1.2.1", + "@jsep-plugin/regex": "^1.0.3", + "jsep": "^1.3.9" + }, + "bin": { + "jsonpath": "bin/jsonpath-cli.js", + "jsonpath-plus": "bin/jsonpath-cli.js" + }, "engines": { - "node": ">=12.0.0" + "node": ">=18.0.0" } }, "node_modules/jsonpointer": { @@ -7151,16 +7173,6 @@ "lodash.topath": "^4.5.2" } }, - "node_modules/nimma/node_modules/jsonpath-plus": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-6.0.1.tgz", - "integrity": "sha512-EvGovdvau6FyLexFH2OeXfIITlgIbgZoAZe3usiySeaIDm5QS+A10DKNpaPBBqqRSZr2HN6HVNXxtwUAr2apEw==", - "license": "MIT", - "optional": true, - "engines": { - "node": ">=10.0.0" - } - }, "node_modules/node-fetch": { "version": "2.7.0", "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", diff --git a/cli/package.json b/cli/package.json index 929fa292..94f919e9 100644 --- a/cli/package.json +++ b/cli/package.json @@ -30,6 +30,7 @@ "commander": "^12.0.0", "graphviz-cli": "^2.0.0", "js-yaml": "^4.1.0", + "jsonpath-plus": "^10.0.0", "json-pointer": "^0.6.2", "junit-report-builder": "^5.0.0", "lodash": "^4.17.21", @@ -59,6 +60,7 @@ "typescript": "^5.4.3" }, "overrides": { + "jsonpath-plus": "^10.0.0", "path-to-regexp": "3.3.0", "rollup": "4.24.0" }