feat(mojaloop/#2092): upgrade nodeJS version for core services (#501)

feat(mojaloop/#2092): upgrade nodeJS version for core services - mojaloop/project#2092
- standardised CI scripts
- fixed lint issues
- updated .nvmrc to latest LTS version
- added standard CI scripts/config to package.json: release, snapshot, standard-version, etc
- updated gitignore to include test/results and IGNORE patterns
- updated README with standard auto-release information
- Fixed imports
- Cleaned up Package.json
- updated links in CHANGELOG to correctly point to project repo
- Removed "secrets" (i.e. JWS Signing Keys) as we don't want anybody to accidentally use a "test" key. Rather have an error thrown and for people to explicitly configure their own keys. This does mean that I had to add a "dummy" (with no meaningful body) key file that is empty for unit tests to pass, and will have no impact on the docker image of the service (i.e. it will fail if JWS is enabled, and no Key is injected/configured).

Notes:
- npm-audit-resolver v3.0.0-7 is a candidate release to resolve compatibility with npm v7+ as described in naugtur/npm-audit-resolver#34. This will need to be addressed going forward as `npm run audit:resolve` (i.e. `resolve-audit`) is currently not functioning. As a work-around, we need to manually run the following command `npm audit fix`. The `npm run audit:check` (i.e. `check-audit`) still works as expected.
- 'get-port' dependency version is fixed to v5.1.1, this is because v9+ only supports ESM loaders and not CJS. This will need to be addressed in a future story.
- Helm chart mountPaths need to be updated from `/opt/ml-api-adapter` to `/opt/app` as follows:
    ```YAML
        volumeMounts:
        - mountPath: /opt/app/config
          name: <deployment-name>
        - mountPath: /opt/app/secrets <-- only required for the notification service
          name: jws-signing-key
    ```

BREAKING CHANGE: Major version bump for node v16 LTS support, re-structuring of project directories to align to core Mojaloop repositories and docker image now uses `/opt/app` instead of `/opt/ml-api-adapter` which will impact config/secret mounts.

.ncurc.js

@@ -0,0 +1,7 @@
+module.exports = {
+  // Add a TODO comment indicating the reason for each rejected dependency upgrade added to this list, and what should be done to resolve it (i.e. handle it through a story, etc).
+  reject: [
+    // TODO: v6+ (ref: https://github.com/sindresorhus/get-port/releases/tag/v6.0.0) is an ESM library and thus not compatible with CommonJS. Future story needed to resolve.
+    "get-port"
+  ]
+}

.nvmrc

@@ -1 +1 @@
-12.16.0
+16.15.0

CHANGELOG.md

@@ -47,7 +47,7 @@ All notable changes to this project will be documented in this file. See [standa
 
 ### Features
 
-* **mojaloop/#2704:** core-services support for non-breaking backward api compatibility ([#496](https://github.com/mojaloop/ml-api-adapter/issues/496)) ([5928511](https://github.com/mojaloop/ml-api-adapter/commit/5928511dcb9780d8c9751bc22322e1f0331ef6e3)), closes [mojaloop/#2704](https://github.com/mojaloop/ml-api-adapter/issues/2704) [mojaloop/#2704](https://github.com/mojaloop/ml-api-adapter/issues/2704)
+* **mojaloop/#2704:** core-services support for non-breaking backward api compatibility ([#496](https://github.com/mojaloop/ml-api-adapter/issues/496)) ([5928511](https://github.com/mojaloop/ml-api-adapter/commit/5928511dcb9780d8c9751bc22322e1f0331ef6e3)), closes [mojaloop/#2704](https://github.com/mojaloop/project/issues/\2704)
 
 ## [12.3.0](https://github.com/mojaloop/ml-api-adapter/compare/v12.2.0...v12.3.0) (2022-02-25)
 
@@ -68,7 +68,7 @@ All notable changes to this project will be documented in this file. See [standa
 
 ### Features
 
-* **mojaloop/#2608:** injected resource versions config for outbound requests ([#490](https://github.com/mojaloop/ml-api-adapter/issues/490)) ([d46a05b](https://github.com/mojaloop/ml-api-adapter/commit/d46a05ba3d0573ad84beaca60667b1aa1d4b0445)), closes [mojaloop/#2608](https://github.com/mojaloop/ml-api-adapter/issues/2608)
+* **mojaloop/#2608:** injected resource versions config for outbound requests ([#490](https://github.com/mojaloop/ml-api-adapter/issues/490)) ([d46a05b](https://github.com/mojaloop/ml-api-adapter/commit/d46a05ba3d0573ad84beaca60667b1aa1d4b0445)), closes [mojaloop/#2608](https://github.com/mojaloop/project/issues/\2608)
 
 ## [12.0.0](https://github.com/mojaloop/ml-api-adapter/compare/v11.2.0...v12.0.0) (2021-11-11)
 
@@ -80,4 +80,4 @@ All notable changes to this project will be documented in this file. See [standa
 ### Bug Fixes
 
 * **#2557:** error notification to payer fsp, header for source having  wrong value ([#488](https://github.com/mojaloop/ml-api-adapter/issues/488)) ([42f079f](https://github.com/mojaloop/ml-api-adapter/commit/42f079f10ab30588b9403c5fcfca5f26364701a3)), closes [#2557](https://github.com/mojaloop/ml-api-adapter/issues/2557)
-* **mojaloop/#2536:** fspiop api version negotiation not handled by transfers service ([#487](https://github.com/mojaloop/ml-api-adapter/issues/487)) ([c4d6b45](https://github.com/mojaloop/ml-api-adapter/commit/c4d6b45605606f06cde0a4cbeb76a9470c76c23b)), closes [mojaloop/#2536](https://github.com/mojaloop/ml-api-adapter/issues/2536) [mojaloop/#2536](https://github.com/mojaloop/ml-api-adapter/issues/2536)
+* **mojaloop/#2536:** fspiop api version negotiation not handled by transfers service ([#487](https://github.com/mojaloop/ml-api-adapter/issues/487)) ([c4d6b45](https://github.com/mojaloop/ml-api-adapter/commit/c4d6b45605606f06cde0a4cbeb76a9470c76c23b)), closes [mojaloop/#2536](https://github.com/mojaloop/project/issues/\2536)

Dockerfile

@@ -1,35 +1,35 @@
-FROM node:12.16.1-alpine as builder
+FROM node:16.15.0-alpine as builder
 USER root
 
-WORKDIR /opt/ml-api-adapter
+WORKDIR /opt/app
 
 RUN apk --no-cache add git
-RUN apk add --no-cache -t build-dependencies make gcc g++ python libtool libressl-dev openssl-dev autoconf automake \
+RUN apk add --no-cache -t build-dependencies make gcc g++ python3 libtool libressl-dev openssl-dev autoconf automake \
     && cd $(npm root -g)/npm \
     && npm config set unsafe-perm true \
     && npm install -g node-gyp
 
-COPY package.json package-lock.json* /opt/ml-api-adapter/
+COPY package.json package-lock.json* /opt/app/
 
-RUN npm install
+RUN npm ci
 
-COPY src /opt/ml-api-adapter/src
-COPY config /opt/ml-api-adapter/config
-COPY secrets /opt/ml-api-adapter/secrets
+COPY src /opt/app/src
+COPY config /opt/app/config
 
-FROM node:12.16.0-alpine
+FROM node:16.15.0-alpine
 
-WORKDIR /opt/ml-api-adapter
+WORKDIR /opt/app
 # Create empty log file & link stdout to the application log file
 RUN mkdir ./logs && touch ./logs/combined.log
 RUN ln -sf /dev/stdout ./logs/combined.log
 
 # Create a non-root user: ml-user
-RUN adduser -D ml-user 
-USER ml-user
+RUN adduser -D app-user
+USER app-user
 
-COPY --chown=ml-user --from=builder /opt/ml-api-adapter .
+COPY --chown=app-user --from=builder /opt/app .
 RUN npm prune --production
 
 EXPOSE 3000
-CMD ["node", "src/api/index.js"]
+
+CMD ["npm", "start"]

README.md

@@ -13,26 +13,28 @@ The ml api adapter is a series of services that facilitate clearing and settleme
 
 The following documentation represents the services, APIs and endpoints responsible for various ledger functions.
 
-
-## Contents:
+## Contents
 
 - [ml-api-adapter](#ml-api-adapter)
-  - [Contents:](#contents)
+  - [Contents](#contents)
   - [Deployment](#deployment)
-      - [Mac users and standard Python:](#mac-users-and-standard-python)
+    - [Mac users and standard Python](#mac-users-and-standard-python)
   - [Configuration](#configuration)
     - [Environment variables](#environment-variables)
   - [API](#api)
   - [Logging](#logging)
   - [Tests](#tests)
+    - [Unit Tests](#unit-tests)
+    - [Integration Tests](#integration-tests)
   - [Auditing Dependencies](#auditing-dependencies)
   - [Container Scans](#container-scans)
 
 ## Deployment
 
 See the [Onboarding guide](Onboarding.md) for running the service locally.
 
-#### Mac users and standard Python:
+### Mac users and standard Python
+
 There is a need to have proper version of python 3, elsewhere `npm install` command will fail. By default, on your Mac, you have python 2.7.* installed, you need to have fresh 3.* version.
 
 ```bash
@@ -47,21 +49,19 @@ For `~/.zshrc`
 echo 'export PATH="/usr/local/opt/python/libexec/bin:$PATH"' >> ~/.zshrc 
 ```
 
-
 ## Configuration
 
 ### Environment variables
+
 The ml api adapter has many options that can be configured through environment variables.
 
 | Environment variable | Description | Example values |
 | -------------------- | ----------- | ------ |
 
-
 ## API
 
 For endpoint documentation, see the [API documentation](API.md).
 
-
 ## Logging
 
 Logs are sent to standard output by default.
@@ -95,11 +95,13 @@ npm run test:int
 We use `npm-audit-resolver` along with `npm audit` to check dependencies for node vulnerabilities, and keep track of resolved dependencies with an `audit-resolve.json` file.
 
 To start a new resolution process, run:
+
 ```bash
 npm run audit:resolve
 ```
 
 You can then check to see if the CI will pass based on the current dependencies with:
+
 ```bash
 npm run audit:check
 ```
@@ -113,6 +115,6 @@ As part of our CI/CD process, we use anchore-cli to scan our built docker contai
 If you find your release builds are failing, refer to the [container scanning](https://github.com/mojaloop/ci-config#container-scanning) in our shared Mojaloop CI config repo. There is a good chance you simply need to update the `mojaloop-policy-generator.js` file and re-run the circleci workflow.
 
 For more information on anchore and anchore-cli, refer to:
+
 - [Anchore CLI](https://github.com/anchore/anchore-cli)
 - [Circle Orb Registry](https://circleci.com/orbs/registry/orb/anchore/anchore-engine)
-