Developement-Practice
diff --git a/‎.github/workflows/ci-cd.yml‎
Lines changed: 131 additions & 0 deletions b/‎.github/workflows/ci-cd.yml‎
Lines changed: 131 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎Dockerfile‎
Lines changed: 26 additions & 0 deletions b/‎Dockerfile‎
Lines changed: 26 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 187 additions & 0 deletions b/‎README.md‎
Lines changed: 187 additions & 0 deletions
diff --git a/‎config/db.js‎
Lines changed: 9 additions & 0 deletions b/‎config/db.js‎
Lines changed: 9 additions & 0 deletions
@@ -0,0 +1,131 @@
+name: CI/CD Pipeline
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  lint:
+    name: Lint Code
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '18'
+          cache: 'npm'
+      
+      - name: Install dependencies
+        run: npm ci
+      
+      - name: Run ESLint
+        run: npx eslint . --ext .js
+  
+  test:
+    name: Run Tests
+    runs-on: ubuntu-latest
+    needs: lint
+    services:
+      postgres:
+        image: postgres:14
+        env:
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_USER: postgres
+          POSTGRES_DB: claim_db_test
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+    
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '18'
+          cache: 'npm'
+      
+      - name: Install dependencies
+        run: npm ci
+      
+      - name: Run tests
+        run: npm test
+        env:
+          NODE_ENV: test
+          DB_HOST: localhost
+          DB_USER: postgres
+          DB_PASSWORD: postgres
+          DB_NAME: claim_db_test
+          JWT_SECRET: test_secret_key
+  
+  security-scan:
+    name: Security Scan
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '18'
+          cache: 'npm'
+      
+      - name: Install dependencies
+        run: npm ci
+      
+      - name: Run npm audit
+        run: npm audit --audit-level=high
+  
+  build-and-publish:
+    name: Build and Publish Docker Image
+    runs-on: ubuntu-latest
+    needs: [test, security-scan]
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      
+      - name: Login to DockerHub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: true
+          tags: |
+            yourusername/claim-api:latest
+            yourusername/claim-api:${{ github.sha }}
+          cache-from: type=registry,ref=yourusername/claim-api:latest
+          cache-to: type=inline
+  
+  deploy:
+    name: Deploy to Production
+    runs-on: ubuntu-latest
+    needs: build-and-publish
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    steps:
+      - name: Deploy to Production
+        run: echo "Deploy to production - This step would use a deployment tool or script"
+        # In a real setup, you would use a deployment tool like:
+        # - AWS CLI for ECS/EKS
+        # - kubectl for Kubernetes
+        # - SSH into server and deploy with Docker Compose 
@@ -0,0 +1 @@
+.env
@@ -0,0 +1,26 @@
+FROM node:18-alpine
+
+# Create app directory
+WORKDIR /usr/src/app
+
+# Install app dependencies
+# A wildcard is used to ensure both package.json AND package-lock.json are copied
+COPY package*.json ./
+
+# Install dependencies
+RUN npm ci --only=production
+
+# Bundle app source
+COPY . .
+
+# Create volume for logs
+VOLUME [ "/usr/src/app/logs" ]
+
+# Expose the port the app runs on
+EXPOSE 5000
+
+# Set environment variable
+ENV NODE_ENV=production
+
+# Command to run the application
+CMD ["node", "index.js"] 
@@ -0,0 +1,187 @@
+# Claim Processing API
+
+A RESTful API for processing healthcare claims, built with Node.js, Express.js, and PostgreSQL. This API features comprehensive monitoring, logging, and alerting mechanisms.
+
+## Features
+
+- **Claim Processing**: Submit and retrieve healthcare claims
+- **JWT Authentication**: Secure API endpoints
+- **Robust Logging**: Structured logs for debugging and auditing
+- **Metrics Monitoring**: Prometheus integration for real-time system metrics
+- **Visualization**: Grafana dashboards for monitoring system health
+- **Docker Support**: Containerized application and database
+- **Rate Limiting**: Protection against API abuse
+- **Security Headers**: Enhanced API security
+
+## Tech Stack
+
+- **Backend**: Node.js, Express.js
+- **Database**: PostgreSQL
+- **Authentication**: JWT
+- **Logging**: Winston
+- **Monitoring**: Prometheus, Grafana
+- **Containerization**: Docker, Docker Compose
+
+## Setup Instructions
+
+### Prerequisites
+
+- Node.js (v14 or higher)
+- Docker and Docker Compose (for containerized setup)
+- PostgreSQL (if running locally)
+
+### Environment Variables
+
+Create a `.env` file in the root directory with the following variables:
+
+```
+DB_NAME=claim_db
+DB_USER=postgres
+DB_PASSWORD=postgres
+DB_HOST=localhost
+JWT_SECRET=your_secret_key
+PORT=5000
+NODE_ENV=development
+```
+
+### Local Development
+
+1. Install dependencies:
+   ```
+   npm install
+   ```
+
+2. Start PostgreSQL database (if not using Docker)
+
+3. Run the application:
+   ```
+   npm run dev
+   ```
+
+### Docker Setup
+
+1. Build and start the containers:
+   ```
+   docker-compose up -d
+   ```
+
+2. The API will be available at `http://localhost:5000`
+3. Prometheus will be available at `http://localhost:9090`
+4. Grafana will be available at `http://localhost:3000`
+
+## API Documentation
+
+### Authentication
+
+All endpoints require a valid JWT token in the Authorization header:
+
+```
+Authorization: Bearer <your-token>
+```
+
+### Endpoints
+
+#### Submit a Claim
+
+```
+POST /claims
+```
+
+Request body:
+```json
+{
+  "payer": "Insurance Company",
+  "amount": 500.00,
+  "procedure_codes": ["P1", "P2"]
+}
+```
+
+#### Get Claim Details
+
+```
+GET /claims/:id
+```
+
+Returns the claim details for the specified ID.
+
+#### Check Claim Status
+
+```
+GET /claims/status/:id
+```
+
+Returns the current status of the claim.
+
+## Monitoring and Logging
+
+### Logs
+
+Logs are stored in the `logs` directory with the following files:
+
+- `combined.log`: All logs
+- `error.log`: Error logs only
+- `access.log`: HTTP request logs
+- `exceptions.log`: Uncaught exceptions
+- `rejections.log`: Unhandled promise rejections
+
+### Metrics
+
+Metrics are exposed at the `/metrics` endpoint in Prometheus format.
+
+Key metrics include:
+
+- HTTP request duration
+- Claim processing duration
+- Database query performance
+- System metrics (CPU, memory)
+- Request counts and error rates
+
+### Alerting
+
+Prometheus can be configured with alerting rules to notify about system issues:
+
+- High error rates
+- Slow response times
+- System resource constraints
+
+## Log Storage Strategies
+
+Several strategies can be used for log storage:
+
+1. **Local File System**: Simple but not scalable
+   - Pros: Easy to set up, good for development
+   - Cons: Limited storage, not suitable for distributed systems
+
+2. **Centralized Logging Service**: (ELK Stack or similar)
+   - Pros: Searchable, supports high volumes, visualization
+   - Cons: Requires additional infrastructure, more complex
+
+3. **Cloud-based Logging**: (AWS CloudWatch, GCP Logging)
+   - Pros: Managed service, scalable, integrated with cloud services
+   - Cons: Vendor lock-in, potential costs
+
+4. **Log Aggregation Tools**: (Fluentd, Logstash)
+   - Pros: Flexible, supports multiple destinations
+   - Cons: Requires configuration and maintenance
+
+The recommended approach is to use Elastic Stack (Elasticsearch, Logstash, Kibana) for production environments, which offers powerful search capabilities and visualization tools for log analysis.
+
+## CI/CD Pipeline
+
+The repository includes a GitHub Actions workflow for CI/CD:
+
+- Runs linting and tests
+- Builds Docker image
+- Publishes image to container registry
+- Deploys to target environment
+
+Pipeline stages:
+1. **Build**: Compile code and create artifacts
+2. **Test**: Run unit and integration tests
+3. **Scan**: Security and vulnerability scanning
+4. **Package**: Build container images
+5. **Deploy**: Push to target environment
+
+## License
+
+[MIT License](LICENSE) 
@@ -0,0 +1,9 @@
+const { Sequelize } = require('sequelize');
+require('dotenv').config();
+
+const sequelize = new Sequelize(process.env.DB_NAME, process.env.DB_USER, process.env.DB_PASSWORD, {
+  host: process.env.DB_HOST,
+  dialect: 'postgres',
+});
+
+module.exports = sequelize;