Customer Management API Flashcards
What is the lib directory?
deprecated external libs code
What is the src directory?
deprecated domain logic
How many different processes are run inside the application container? What are their purposes?
supervisor: the process manager
consul: to get environment vars
nginx: web server process
php-fpm: manager of php in multi processes
vault-lease-updater: secrets management
What Cassandra is used for?
Cassandra is a NoSql database management from Apache. Is used in the FavouriteRestaurantRepository now and it stores its related data
What PHP and Laravel version are?
PHP 7.3, Laravel 6
How many endpoints exist in the API?
11 api endpoints:
POST /api/v1/authentication/country/{country}
GET /api/v1/authentication/iv-verify
GET /api/v1/authentication/email
POST /api/v1/authentication/social-login/apple
POST /api/v1/authentication/social-login/google
GET /api/v1/customer/checkout-info
GET /api/v1/customer/{customerId}
GET /api/v1/customer/{customerId}/favourite/restaurants
POST /api/v1/customer/{customerId}/favourite/restaurants
POST /api/v1/customer/{customerId}/favourite/restaurant/{restaurantId}
DELETE /api/v1/customer/{customerId}/favourite/restaurant/{restaurantId}
What authentication methods are available for the different endpoints?
JWT, IV, Email, Social Login
Call any endpoint. Look at the logs. What log messages are always present? How does it work? What is requestId in log messages?
There are 3 logs that are always present. An application log informing the request data, an nginx log, then a response log informing the resulted response.
The requestId is used to let log auditing quickly
What test suites are available? How to run all the tests? How to run one single test?
There are 3 testsuites Functional, Integration, Unit.
You run all the tests running the command ‘phpunit’.
You run only one test running the command with ‘phpunit –filter methodName ClassName path/to/file.php’
Where is the Dockerfile for the service? What stages are defined there? Describe shortly them all.
The Dockerfile is in the docker/app folder
There are five stages on it:
A stage to install SO libraries and packages and its configurations A stage to install composer packages A stage to build the production image A stage to run the code coverage A stage to build the development image
What is used as a base docker image for the service?
docker.takeaway.com/service:latest
What stages available in the Gitlab pipeline for the project? Describe shortly them all.
prepare: build base image and push to registry
build: build feature and staging image and push to registry
review: deploy in marathon to review
test: run tests and coverage
syntax: run sonarqube
What is feature-branch deployment?
Is when the development on the source code is made in separated/encapsulated branches. Only merge to master when is ready for production
Describe the process of how the configuration is being injected in the service at the bootstrap moment.
When the consul container is bootstrapping the /consul/sbin/consul-setup.sh file is executed. This command starts the consul client agent and stores the data from the /consul/seed directory through HTTP requests
What happened when the configuration has been changed in Vault or Consul K/V? How is it being injected without service shut down?
As soon as the configuration has changed the process called ‘vault-lease-updater’ will update the vars accordingly. Since there is a command to “re-cache” the cache in the vault.template there is no need to restart the application.
What Consul K/V paths are used by Customer Management API?
payment-api/takeawaypay/payment-settings
takeaway/country-info
customer-management/site-settings
customer-management/google-sign-in-client-ids.
How to know all the paths that are used by a service?
You can know the paths used seeing the environment variables used in the vault.template file.
What Vault paths are used by Customer Management API?
/database/creds/customer-management-api-rw
/database/creds/customer-management-api-ro
/secret/customer-management-api/jwt-secret-asymmetrical
/secret/customer-management-api/auth-users
/secret/customer-management-api/cassandra
What configuration is injected from Vault in Customer Management API?
Credentials like to the users that will use basic-auth and the DB credentials
How database grants are applied and managed by local Vault?
They are applied by the sql script in the file thuis-ro and thuis-rw as configured when enabling the database engine in vault. Then the process lease-update.rd renew the credentials for the database.
Which are the tables used?
….
Why are the use for the consul paths?
…
Which are the domain logic for the endpoints?
…
