bal 2027 fix build image ee include sentry

.github/workflows/publish-workflows-service.yml

@@ -143,18 +143,20 @@ jobs:
           tags: ${{ steps.docker_meta.outputs.tags }}
           build-args: |
             "RELEASE=${{ steps.bump-version.outputs.tag }}"
-
-      # - name: Scan Docker Image
-      #   uses: aquasecurity/trivy-action@master
-      #   with:
-      #     cache-dir:
-      #     image-ref: ${{ steps.docker-version.outputs.full_image }}
-      #     format: 'table'
-      #     ignore-unfixed: true
-      #     exit-code: 1
-      #     trivyignores: ./.trivyignore
-      #     vuln-type: 'os,library'
-      #     severity: 'CRITICAL'
+            "SHORT_SHA=${{ steps.version.outputs.sha_short }}"
+
+      - name: Scan Docker Image
+        uses: aquasecurity/trivy-action@master
+        continue-on-error: true
+        with:
+          cache-dir:
+          image-ref: ${{ steps.docker-version.outputs.full_image }}
+          format: 'table'
+          ignore-unfixed: true
+          exit-code: 1
+          trivyignores: ./.trivyignore
+          vuln-type: 'os,library'
+          severity: 'CRITICAL'
 
   update-helm-chart:
     needs: build-and-push-image
@@ -175,11 +177,22 @@ jobs:
           ref: iamops/blue-green
           fetch-depth: 1
           sparse-checkout: |
-            kubernetes/helm/wf-service/${{ github.ref_name }}-custom-values.yaml
-            kubernetes/helm/wf-service/dev-custom-values.yaml
-          sparse-checkout-cone-mode: false
-
+            kubernetes/helm/wf-service
+          sparse-checkout-cone-mode: true
+      - name: Check if values yaml file exists 
+        id: update_helm_check
+        shell: bash
+        run: |
+          if [ -f "kubernetes/helm/wf-service/${{ github.ref_name }}-custom-values.yaml" ]; then
+            echo "file_name=${{ github.ref_name }}-custom-values.yaml" >> "$GITHUB_OUTPUT"
+          elif [ "${{ github.event.inputs.deploy_to_dev }}" == "true" ]; then
+            echo "file_name=dev-custom-values.yaml" >> "$GITHUB_OUTPUT"
+          else
+            echo "skip_helm=true" >> "$GITHUB_OUTPUT"
+          fi
+
       - name: Update workdlow-service image version in the HelmChart
+        if: ${{ steps.update_helm_check.outputs.skip_helm != 'true' }}
         uses: fjogeleit/yaml-update-action@main
         with:
           repository: ballerine-io/cloud-infra-config
@@ -189,31 +202,31 @@ jobs:
           token: ${{ secrets.GIT_TOKEN }}
           changes: |
             {
-              "kubernetes/helm/wf-service/${{ github.ref_name }}-custom-values.yaml": {
+              "kubernetes/helm/wf-service/${{steps.update_helm_check.outputs.file_name}}": {
                 "image.tag": "${{ needs.build-and-push-image.outputs.docker_tag }}"
               }
             }
 
-      - name: Deploy from branch - Update dev env in the HelmChart
-        continue-on-error: true
-        if: ${{ failure() && github.event.inputs.deploy_to_dev == 'true' }}
-        uses: fjogeleit/yaml-update-action@main
-        with:
-          repository: ballerine-io/cloud-infra-config
-          branch: iamops/blue-green
-          commitChange: true
-          message: 'Update wf-service image Version to sha-${{ needs.build-and-push-image.outputs.sha_short }} - (Commit hash: ${{ github.sha }}, commit message: ${{ github.event.head_commit.message }})'
-          token: ${{ secrets.GIT_TOKEN }}
-          changes: |
-            {
-              "kubernetes/helm/wf-service/dev-custom-values.yaml": {
-                "image.tag": "${{ needs.build-and-push-image.outputs.docker_tag }}"
-              }
-            }
+      # - name: Deploy from branch - Update dev env in the HelmChart
+      #   continue-on-error: true
+      #   if: ${{ failure() && github.event.inputs.deploy_to_dev == 'true' }}
+      #   uses: fjogeleit/yaml-update-action@main
+      #   with:
+      #     repository: ballerine-io/cloud-infra-config
+      #     branch: iamops/blue-green
+      #     commitChange: true
+      #     message: 'Update wf-service image Version to sha-${{ needs.build-and-push-image.outputs.sha_short }} - (Commit hash: ${{ github.sha }}, commit message: ${{ github.event.head_commit.message }})'
+      #     token: ${{ secrets.GIT_TOKEN }}
+      #     changes: |
+      #       {
+      #         "kubernetes/helm/wf-service/dev-custom-values.yaml": {
+      #           "image.tag": "${{ needs.build-and-push-image.outputs.docker_tag }}"
+      #         }
+      #       }
 
   release:
     runs-on: ubuntu-latest
-    if: startsWith(github.ref, 'refs/heads/prod') || startsWith(github.ref, 'refs/heads/dev') || startsWith(github.ref, 'refs/heads/sb')
+    if: startsWith(github.ref, 'refs/heads/prod') || startsWith(github.ref, 'refs/heads/dev') || startsWith(github.ref, 'refs/heads/sb') || github.event.inputs.deploy_to_dev == 'true'
     needs: build-and-push-image
     env:
       GH_TOKEN: ${{ github.token }}
@@ -222,11 +235,16 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Release
-        run: gh release create ${{ needs.build-and-push-image.outputs.version }} --notes-start-tag ${{ needs.build-and-push-image.outputs.bumped_tag }}
-
+        run: |
+          if [ "${{ github.event.inputs.deploy_to_dev }}" == "true" ]; then
+            suffix="-dev-${{ needs.build-and-push-image.outputs.sha_short }}"
+          else
+            suffix=""
+          fi
+          gh release create ${{ needs.build-and-push-image.outputs.version }}${suffix} --notes-start-tag ${{ needs.build-and-push-image.outputs.bumped_tag }}
+
   sentry:
     runs-on: ubuntu-latest
-    # needs: [build-and-push-image]  # Uncomment this line if you want to create a release in sentry
     needs: [build-and-push-image, release]
     env:
       GH_TOKEN: ${{ github.token }}
@@ -260,9 +278,39 @@ jobs:
           SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
           SENTRY_PROJECT: ${{ secrets.WF_SENTRY_PROJECT }}
 
+  check_if_data_migration_needed:
+    runs-on: ubuntu-latest
+    outputs:
+      should_build: ${{ steps.check-branch-existance.outputs.should_build }} # short sha of the commit
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+          submodules: 'recursive'
+          token: ${{ secrets.SUBMODULES_TOKEN }}
+
+      - name: Check if branch exists
+        id: check-branch-existance
+        run: |
+          cd services/workflows-service/prisma/data-migrations
+
+          is_exists=$(git ls-remote --exit-code --heads -t --ref -q origin "${{ github.ref_name }}" | wc -l)
+
+          # Check if the branch exists by counting the number of results
+          if [ $is_exists -eq 0  ]; then
+            echo "Branch '${{ github.ref_name }}' does not exist."
+            echo "should_build=false" >> $GITHUB_OUTPUT
+          else
+            echo "should_build=true" >> $GITHUB_OUTPUT
+          fi
+          exit 0
+
   build-and-push-ee-image:
     runs-on: ubuntu-latest
-    needs: build-and-push-image
+    needs: [build-and-push-image, check_if_data_migration_needed]
+    if: ${{ needs.check_if_data_migration_needed.outputs.should_build == 'true' }}
+
     permissions:
       contents: read
       packages: write
@@ -286,6 +334,7 @@ jobs:
             ${{ runner.os }}-docker-
 
       - name: Fetch submodule branch
+        id: fetch-submodule
         run: |
           cd services/workflows-service/prisma/data-migrations
           git fetch --no-tags --depth=1 origin +refs/heads/dev:refs/remotes/origin/${{ github.ref_name }}
@@ -328,4 +377,6 @@ jobs:
           cache-from: type=local,src=/tmp/.buildx-cache
           tags: ${{ steps.eemeta.outputs.tags }}
           build-args: |
-            BASE_IMAGE=${{needs.build-and-push-image.outputs.docker_full_image}}
+            "BASE_IMAGE=${{needs.build-and-push-image.outputs.docker_full_image}}"
+            "RELEASE=${{ needs.build-and-push-image.outputs.bumped_tag }}"
+            "SHORT_SHA=${{ needs.build-and-push-image.outputs.sha_short }}"

services/workflows-service/Dockerfile

@@ -6,7 +6,9 @@ RUN apt-get install dumb-init
 WORKDIR /app
 
 ARG RELEASE
-ENV RELEASE ${RELEASE:-unknown}
+ENV RELEASE=${RELEASE:-unknown}
+ARG SHORT_SHA
+ENV SHORT_SHA=${SHORT_SHA}
 
 COPY ./package.json .
 
@@ -21,6 +23,11 @@ CMD [ "dumb-init", "npm", "run", "dev", "--host" ]
 
 FROM node:18.17.1-bullseye-slim as prod
 
+ARG RELEASE
+ENV RELEASE=${RELEASE:-unknown}
+ARG SHORT_SHA
+ENV SHORT_SHA=${SHORT_SHA}
+
 WORKDIR /app
 
 COPY --from=dev /usr/bin/dumb-init /usr/bin/dumb-init

services/workflows-service/src/common/utils/request-response/request.ts

@@ -27,5 +27,6 @@ export const getReqMetadataObj = (req: Request<unknown>) => {
     url: req.originalUrl,
     method: req.method,
     headers: cleanHeaders,
+    body: req.body,
   };
 };

services/workflows-service/src/errors.ts

@@ -57,12 +57,10 @@ export class ValidationError extends common.BadRequestException {
       },
       'Validation error',
     );
-
-    this.errors = errors;
   }
 
   getErrors() {
-    return this.errors;
+    return (this.getResponse() as ValidationError).errors;
   }
 
   static fromAjvError(error: Array<ErrorObject<string, Record<string, any>, unknown>>) {

services/workflows-service/src/sentry/sentry.module.ts

@@ -21,6 +21,7 @@ export class SentryModule implements OnModuleInit, OnModuleDestroy {
   _envName: string;
   _sentryDsn: string | undefined;
   _releaseName: string | undefined;
+  _dist: string | undefined;
 
   constructor(
     protected readonly configService: ConfigService,
@@ -30,6 +31,7 @@ export class SentryModule implements OnModuleInit, OnModuleDestroy {
     this._envName =
       this.configService.get('ENVIRONMENT_NAME') || this.configService.get('NODE_ENV', 'local');
     this._releaseName = this.configService.get('RELEASE');
+    this._dist = this.configService.get('SHORT_SHA');
   }
 
   onModuleInit() {
@@ -40,6 +42,7 @@ export class SentryModule implements OnModuleInit, OnModuleDestroy {
       dsn: this._sentryDsn,
       environment: this._envName,
       release: this._releaseName,
+      dist: this._dist,
       enableTracing: true,
       sampleRate: 1.0,
       normalizeDepth: 15,