Merge branch 'main' of github.com:juspay/hyperswitch

.dockerignore

@@ -261,7 +261,3 @@ result*
 
 # node_modules
 node_modules/
-
-**/connector_auth.toml
-**/sample_auth.toml
-**/auth.toml

.github/CODEOWNERS

@@ -23,6 +23,17 @@ postman/ @juspay/hyperswitch-framework
 Cargo.toml @juspay/hyperswitch-framework
 Cargo.lock @juspay/hyperswitch-framework
 
+crates/api_models/src/events/ @juspay/hyperswitch-analytics
+crates/api_models/src/events.rs @juspay/hyperswitch-analytics
+crates/api_models/src/analytics/ @juspay/hyperswitch-analytics
+crates/api_models/src/analytics.rs @juspay/hyperswitch-analytics
+crates/router/src/analytics.rs @juspay/hyperswitch-analytics
+crates/router/src/events/ @juspay/hyperswitch-analytics
+crates/router/src/events.rs @juspay/hyperswitch-analytics
+crates/common_utils/src/events/ @juspay/hyperswitch-analytics
+crates/common_utils/src/events.rs @juspay/hyperswitch-analytics
+crates/analytics/ @juspay/hyperswitch-analytics
+
 connector-template/ @juspay/hyperswitch-connector
 crates/router/src/connector/ @juspay/hyperswitch-connector
 crates/router/tests/connectors/ @juspay/hyperswitch-connector

.github/workflows/connector-ui-sanity-tests.yml

@@ -84,22 +84,31 @@ jobs:
         if: ${{ (github.event_name == 'pull_request') && (github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name) }}
         uses: actions/checkout@v4
 
-      - name: Decrypt connector auth file
+      - name: Download Encrypted TOML from S3 and Decrypt
         if: ${{ (github.event_name == 'pull_request') && (github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name) }}
         env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.CONNECTOR_CREDS_AWS_ACCESS_KEY_ID }}
+          AWS_REGION: ${{ secrets.CONNECTOR_CREDS_AWS_REGION }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.CONNECTOR_CREDS_AWS_SECRET_ACCESS_KEY }}
           CONNECTOR_AUTH_PASSPHRASE: ${{ secrets.CONNECTOR_AUTH_PASSPHRASE }}
+          CONNECTOR_CREDS_S3_BUCKET_URI: ${{ secrets.CONNECTOR_CREDS_S3_BUCKET_URI}}
+          DESTINATION_FILE_NAME: "connector_auth.toml.gpg"
+          S3_SOURCE_FILE_NAME: "cf05a6ab-525e-4888-98b3-3b4a443b87c0.toml.gpg"
         shell: bash
-        run: ./scripts/decrypt_connector_auth.sh
+        run: |
+          mkdir -p ${HOME}/target/secrets ${HOME}/target/test
+          aws s3 cp "${CONNECTOR_CREDS_S3_BUCKET_URI}/${S3_SOURCE_FILE_NAME}" "${HOME}/target/secrets/${DESTINATION_FILE_NAME}"
+          gpg --quiet --batch --yes --decrypt --passphrase="${CONNECTOR_AUTH_PASSPHRASE}" --output "${HOME}/target/test/connector_auth.toml" "${HOME}/target/secrets/${DESTINATION_FILE_NAME}"
 
       - name: Set connector auth file path in env
         if: ${{ (github.event_name == 'pull_request') && (github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name) }}
         shell: bash
-        run: echo "CONNECTOR_AUTH_FILE_PATH=$HOME/target/test/connector_auth.toml" >> $GITHUB_ENV
+        run: echo "CONNECTOR_AUTH_FILE_PATH=${HOME}/target/test/connector_auth.toml" >> $GITHUB_ENV
 
       - name: Set connector tests file path in env
         if: ${{ (github.event_name == 'pull_request') && (github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name) }}
         shell: bash
-        run: echo "CONNECTOR_TESTS_FILE_PATH=$HOME/target/test/connector_tests.json" >> $GITHUB_ENV
+        run: echo "CONNECTOR_TESTS_FILE_PATH=${HOME}/target/test/connector_tests.json" >> $GITHUB_ENV
 
       - name: Set ignore_browser_profile usage in env
         if: ${{ (github.event_name == 'pull_request') && (github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name) }}
@@ -154,9 +163,9 @@ jobs:
           failed_connectors=()
 
           for i in $(echo "$INPUT" | tr "," "\n"); do
-              echo $i
+              echo "${i}"
               if ! cargo test --package test_utils --test connectors -- "${i}_ui::" --test-threads=1; then
-                  failed_connectors+=("$i")
+                  failed_connectors+=("${i}")
               fi
           done
 

.github/workflows/postman-collection-runner.yml

@@ -52,27 +52,37 @@ jobs:
       - name: Repository checkout
         uses: actions/checkout@v4
 
-      - name: Decrypt connector auth file
+      - name: Download Encrypted TOML from S3 and Decrypt
         if: ${{ ((github.event_name == 'pull_request') && (github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name)) || (github.event_name == 'merge_group')}}
         env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.CONNECTOR_CREDS_AWS_ACCESS_KEY_ID }}
+          AWS_REGION: ${{ secrets.CONNECTOR_CREDS_AWS_REGION }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.CONNECTOR_CREDS_AWS_SECRET_ACCESS_KEY }}
           CONNECTOR_AUTH_PASSPHRASE: ${{ secrets.CONNECTOR_AUTH_PASSPHRASE }}
+          CONNECTOR_CREDS_S3_BUCKET_URI: ${{ secrets.CONNECTOR_CREDS_S3_BUCKET_URI}}
+          DESTINATION_FILE_NAME: "connector_auth.toml.gpg"
+          S3_SOURCE_FILE_NAME: "cf05a6ab-525e-4888-98b3-3b4a443b87c0.toml.gpg"
         shell: bash
-        run: ./scripts/decrypt_connector_auth.sh
+        run: |
+          mkdir -p ${HOME}/target/secrets ${HOME}/target/test
+
+          aws s3 cp "${CONNECTOR_CREDS_S3_BUCKET_URI}/${S3_SOURCE_FILE_NAME}" "${HOME}/target/secrets/${DESTINATION_FILE_NAME}"
+          gpg --quiet --batch --yes --decrypt --passphrase="${CONNECTOR_AUTH_PASSPHRASE}" --output "${HOME}/target/test/connector_auth.toml" "${HOME}/target/secrets/${DESTINATION_FILE_NAME}"
 
       - name: Set paths in env
         if: ${{ ((github.event_name == 'pull_request') && (github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name)) || (github.event_name == 'merge_group')}}
         id: config_path
         shell: bash
         run: |
-          echo "CONNECTOR_AUTH_FILE_PATH=$HOME/target/test/connector_auth.toml" >> $GITHUB_ENV
+          echo "CONNECTOR_AUTH_FILE_PATH=${HOME}/target/test/connector_auth.toml" >> $GITHUB_ENV
 
       - name: Fetch keys
         if: ${{ ((github.event_name == 'pull_request') && (github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name)) || (github.event_name == 'merge_group')}}
         env:
           TOML_PATH: "./config/development.toml"
         run: |
-          LOCAL_ADMIN_API_KEY=$(yq '.secrets.admin_api_key' $TOML_PATH)
-          echo "ADMIN_API_KEY=$LOCAL_ADMIN_API_KEY" >> $GITHUB_ENV
+          LOCAL_ADMIN_API_KEY=$(yq '.secrets.admin_api_key' ${TOML_PATH})
+          echo "ADMIN_API_KEY=${LOCAL_ADMIN_API_KEY}" >> $GITHUB_ENV
 
       - name: Install Rust
         if: ${{ ((github.event_name == 'pull_request') && (github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name)) || (github.event_name == 'merge_group')}}
@@ -118,7 +128,7 @@ jobs:
           while ! nc -z localhost 8080; do
             if [ $COUNT -gt 12 ]; then # Wait for up to 2 minutes (12 * 10 seconds)
               echo "Server did not start within a reasonable time. Exiting."
-              kill $SERVER_PID
+              kill ${SERVER_PID}
               exit 1
             else
               COUNT=$((COUNT+1))
@@ -141,10 +151,10 @@ jobs:
           export PATH=${NEWMAN_PATH}:${PATH}
           failed_connectors=()
 
-          for i in $(echo "$CONNECTORS" | tr "," "\n"); do
-            echo $i
-            if ! cargo run --bin test_utils -- --connector-name="$i" --base-url="$BASE_URL" --admin-api-key="$ADMIN_API_KEY"; then
-              failed_connectors+=("$i")
+          for i in $(echo "${CONNECTORS}" | tr "," "\n"); do
+            echo "${i}"
+            if ! cargo run --bin test_utils -- --connector-name="${i}" --base-url="${BASE_URL}" --admin-api-key="${ADMIN_API_KEY}"; then
+              failed_connectors+=("${i}")
             fi
           done
 

.github/workflows/release-nightly-version-reusable.yml

@@ -3,11 +3,8 @@ name: Create a nightly tag
 on:
   workflow_call:
     secrets:
-      app_id:
-        description: App ID for the GitHub app
-        required: true
-      app_private_key:
-        description: Private key for the GitHub app
+      token:
+        description: GitHub token for authenticating with GitHub
         required: true
     outputs:
       tag:
@@ -31,23 +28,17 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Generate GitHub app token
-        id: generate_app_token
-        uses: actions/create-github-app-token@v1
-        with:
-          app-id: ${{ secrets.app_id }}
-          private-key: ${{ secrets.app_private_key }}
-
       - name: Checkout repository
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+          token: ${{ secrets.token }}
 
       - name: Check if the workflow is run on an allowed branch
         shell: bash
         run: |
-          if [[ "${{github.ref}}" != "refs/heads/${ALLOWED_BRANCH_NAME}" ]]; then
-            echo "::error::This workflow is expected to be run from the '${ALLOWED_BRANCH_NAME}' branch. Current branch: '${{github.ref}}'"
+          if [[ "${{ github.ref }}" != "refs/heads/${ALLOWED_BRANCH_NAME}" ]]; then
+            echo "::error::This workflow is expected to be run from the '${ALLOWED_BRANCH_NAME}' branch. Current branch: '${{ github.ref }}'"
             exit 1
           fi
 
@@ -139,62 +130,22 @@ jobs:
             }' CHANGELOG.md
           rm release-notes.md
 
-        # We make use of GitHub API calls to commit and tag the changelog instead of the simpler
-        # `git commit`, `git tag` and `git push` commands to have signed commits and tags
-      - name: Commit generated changelog and create tag
+      - name: Set git configuration
+        shell: bash
+        run: |
+          git config --local user.name 'github-actions'
+          git config --local user.email '41898282+github-actions[bot]@users.noreply.github.com'
+
+      - name: Commit, tag and push generated changelog
         shell: bash
-        env:
-          GH_TOKEN: ${{ steps.generate_app_token.outputs.token }}
         run: |
-          HEAD_COMMIT="$(git rev-parse 'HEAD^{commit}')"
-
-          # Create a tree based on the HEAD commit of the current branch and updated changelog file
-          TREE_SHA="$(
-            gh api \
-              --method POST \
-              --header 'Accept: application/vnd.github+json' \
-              --header 'X-GitHub-Api-Version: 2022-11-28' \
-              '/repos/{owner}/{repo}/git/trees' \
-              --raw-field base_tree="${HEAD_COMMIT}" \
-              --raw-field 'tree[][path]=CHANGELOG.md' \
-              --raw-field 'tree[][mode]=100644' \
-              --raw-field 'tree[][type]=blob' \
-              --field 'tree[][content][email protected]' \
-              --jq '.sha'
-          )"
-
-          # Create a commit to point to the above created tree
-          NEW_COMMIT_SHA="$(
-            gh api \
-              --method POST \
-              --header 'Accept: application/vnd.github+json' \
-              --header 'X-GitHub-Api-Version: 2022-11-28' \
-              '/repos/{owner}/{repo}/git/commits' \
-              --raw-field "message=chore(version): ${NEXT_TAG}" \
-              --raw-field "parents[]=${HEAD_COMMIT}" \
-              --raw-field "tree=${TREE_SHA}" \
-              --jq '.sha'
-          )"
-
-          # Update the current branch to point to the above created commit
-          # We disable forced update so that the workflow will fail if the branch has been updated since the workflow started
-          # (for example, new commits were pushed to the branch after the workflow execution started).
-          gh api \
-            --method PATCH \
-            --header 'Accept: application/vnd.github+json' \
-            --header 'X-GitHub-Api-Version: 2022-11-28' \
-            "/repos/{owner}/{repo}/git/refs/heads/${ALLOWED_BRANCH_NAME}" \
-            --raw-field "sha=${NEW_COMMIT_SHA}" \
-            --field 'force=false'
-
-          # Create a lightweight tag to point to the above created commit
-          gh api \
-            --method POST \
-            --header 'Accept: application/vnd.github+json' \
-            --header 'X-GitHub-Api-Version: 2022-11-28' \
-            '/repos/{owner}/{repo}/git/refs' \
-            --raw-field "ref=refs/tags/${NEXT_TAG}" \
-            --raw-field "sha=${NEW_COMMIT_SHA}"
+          git add CHANGELOG.md
+          git commit --message "chore(version): ${NEXT_TAG}"
+
+          git tag "${NEXT_TAG}" HEAD
+
+          git push origin "${ALLOWED_BRANCH_NAME}"
+          git push origin "${NEXT_TAG}"
 
       - name: Set job outputs
         shell: bash

.github/workflows/release-nightly-version.yml

@@ -27,23 +27,17 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Generate GitHub app token
-        id: generate_app_token
-        uses: actions/create-github-app-token@v1
-        with:
-          app-id: ${{ secrets.HYPERSWITCH_BOT_APP_ID }}
-          private-key: ${{ secrets.HYPERSWITCH_BOT_APP_PRIVATE_KEY }}
-
       - name: Checkout repository
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+          token: ${{ secrets.AUTO_RELEASE_PAT }}
 
       - name: Check if the workflow is run on an allowed branch
         shell: bash
         run: |
-          if [[ "${{github.ref}}" != "refs/heads/${ALLOWED_BRANCH_NAME}" ]]; then
-            echo "::error::This workflow is expected to be run from the '${ALLOWED_BRANCH_NAME}' branch. Current branch: '${{github.ref}}'"
+          if [[ "${{ github.ref }}" != "refs/heads/${ALLOWED_BRANCH_NAME}" ]]; then
+            echo "::error::This workflow is expected to be run from the '${ALLOWED_BRANCH_NAME}' branch. Current branch: '${{ github.ref }}'"
             exit 1
           fi
 
@@ -80,72 +74,26 @@ jobs:
             echo "Postman collection files have no modifications"
           fi
 
-      - name: Commit updated Postman collections if modified
+      - name: Set git configuration
         shell: bash
-        env:
-          GH_TOKEN: ${{ steps.generate_app_token.outputs.token }}
         if: ${{ env.POSTMAN_COLLECTION_FILES_UPDATED == 'true' }}
         run: |
-          # Obtain current HEAD commit SHA and use that as base tree SHA for creating a new tree
-          HEAD_COMMIT="$(git rev-parse 'HEAD^{commit}')"
-          UPDATED_TREE_SHA="${HEAD_COMMIT}"
-
-          # Obtain the flags to be passed to the GitHub CLI.
-          # Each line contains the flags to be used corresponding to the file.
-          lines="$(
-            git ls-files \
-              --format '--raw-field tree[][path]=%(path) --raw-field tree[][mode]=%(objectmode) --raw-field tree[][type]=%(objecttype) --field tree[][content]=@%(path)' \
-              postman/collection-json
-          )"
-
-          # Create a tree based on the HEAD commit of the current branch, using the contents of the updated Postman collections directory
-          while IFS= read -r line; do
-            # Split each line by space to obtain the flags passed to the GitHub CLI as an array
-            IFS=' ' read -ra flags <<< "${line}"
-
-            # Create a tree by updating each collection JSON file.
-            # The SHA of the created tree is used as the base tree SHA for updating the next collection file.
-            UPDATED_TREE_SHA="$(
-              gh api \
-                --method POST \
-                --header 'Accept: application/vnd.github+json' \
-                --header 'X-GitHub-Api-Version: 2022-11-28' \
-                '/repos/{owner}/{repo}/git/trees' \
-                --raw-field base_tree="${UPDATED_TREE_SHA}" \
-                "${flags[@]}" \
-                --jq '.sha'
-            )"
-          done <<< "${lines}"
-
-          # Create a commit to point to the tree with all updated collections
-          NEW_COMMIT_SHA="$(
-            gh api \
-              --method POST \
-              --header 'Accept: application/vnd.github+json' \
-              --header 'X-GitHub-Api-Version: 2022-11-28' \
-              '/repos/{owner}/{repo}/git/commits' \
-              --raw-field "message=chore(postman): update Postman collection files" \
-              --raw-field "parents[]=${HEAD_COMMIT}" \
-              --raw-field "tree=${UPDATED_TREE_SHA}" \
-              --jq '.sha'
-          )"
-
-          # Update the current branch to point to the above created commit.
-          # We disable forced update so that the workflow will fail if the branch has been updated since the workflow started
-          # (for example, new commits were pushed to the branch after the workflow execution started).
-          gh api \
-            --method PATCH \
-            --header 'Accept: application/vnd.github+json' \
-            --header 'X-GitHub-Api-Version: 2022-11-28' \
-            "/repos/{owner}/{repo}/git/refs/heads/${ALLOWED_BRANCH_NAME}" \
-            --raw-field "sha=${NEW_COMMIT_SHA}" \
-            --field 'force=false'
+          git config --local user.name 'github-actions'
+          git config --local user.email '41898282+github-actions[bot]@users.noreply.github.com'
+
+      - name: Commit and push updated Postman collections if modified
+        shell: bash
+        if: ${{ env.POSTMAN_COLLECTION_FILES_UPDATED == 'true' }}
+        run: |
+          git add postman
+          git commit --message 'chore(postman): update Postman collection files'
+
+          git push origin "${ALLOWED_BRANCH_NAME}"
 
   create-nightly-tag:
     name: Create a nightly tag
     uses: ./.github/workflows/release-nightly-version-reusable.yml
     needs:
       - update-postman-collections
     secrets:
-      app_id: ${{ secrets.HYPERSWITCH_BOT_APP_ID }}
-      app_private_key: ${{ secrets.HYPERSWITCH_BOT_APP_PRIVATE_KEY }}
+      token: ${{ secrets.AUTO_RELEASE_PAT }}