The OnEvents function should check that a PackageCreated contains the same products as the order. If not, it should change them.

The test case uses static data and setup_module() instead of a fixture. It also doesn't delete the DynamoDB item afterward.

Events like PackageCreated, DeliveryCompleted, etc. should trigger an OrderModified event.

Right now, developers are responsible to make sure that they deploy stacks in the right order in the development environment. With this, it would automatically detect dependencies and deploy as needed.

Could you please create a Windows version for building the project?

Ticket to track the creation of a CloudWatch dashboard for the delivery service.

Add GitHub workflows that will automatically perform unit tests and lint against commits to master and pull requests.

Ticket to track the creation of a CloudWatch dashboard for the frontend-api service.

The on_package_created function does not have any integration tests at the moment.

Ticket to track the creation of a CloudWatch dashboard for the products service.

Add CloudWatch alarms for the orders service.

Ticket to track the creation of a CloudWatch dashboard for the users service.

Create the payment service, which should be able to:

• verify payment tokens.
• associate the orderId and paymentToken on OrderCreated events.
• update the payment total on OrderModified events.
• process the payment on DeliveryCompleted events.
• cancel the pre-authorization on PackagingFailed and DeliveryFailed events.

This will create a service called "payment-3p", acting as a 3rd party payment service.

Add CloudWatch alarms for the payment service.

There are many functions that gets repeated in all Lambda functions. It'd be good to have a helpers.py file that gets injected in every Lambda function to prevent duplicating code.

Ticket to track the creation of a CloudWatch dashboard for the warehouse service.

Right now, there is an issue to DLQ permissions which prevent service stacks with DLQs to deploy properly.

Error message from ecommerce-dev-product stack, TableUpdateFunctionDynamoDB resource:

The provided execution role does not have permissions to call SendMessage on SQS (Service: AWSLambda; Status Code: 400; Error Code: InvalidParameterValueException; Request ID: XXX)

Ticket to track the creation of a CloudWatch dashboard for the platform service.

Unit tests should cover a certain percentage of the Lambda function codes. This should be checked when running tools/toolbox {service} tests-unit.

Ticket to track the creation of a CloudWatch dashboard for the payment service.

Some services have tables that trigger a Lambda functions upon change. It would be good to capture failed events to a dead letter queue.

• delivery: EventBridge
• orders: DynamoDB
• products: DynamoDB
• warehouse: EventBridge
• warehouse: DynamoDB

Ticket to track the creation of a CloudWatch dashboard for the orders service.

Right now, each service artifacts gets packaged centrally when using the pipeline. This would add a new function (or change some existing behaviour) to make this within the realm of the Makefile.

Now that end-to-end tests are implemented, we need to update the docs/testing.md section and go more in-depth into each type of test.

Add monitoring dashboards for the following services:

• frontend-api
• delivery
• delivery-pricing
• orders
• payment
• payment-3p
• pipeline
• platform
• products
• users
• warehouse

Right now, parameters have to be injected using parameter overrides. During the build phase, tools/toolbox should create parameter files for various environments (dev, tests, staging, prod).

Right now, deployment roles have full access.

With cfn-lint, we can add custom rules to verify permissions.

As EventBridge supports fine-grained permissions on the source type and detail type, we could enforce that messages come from the right source using.

The payment-3p service uses CDK, and run cdk synth as part of its build process. However, cdk synth in GitHub actions results in the following error:

ENOENT: no such file or directory, open '/home/runner/.aws/credentials'

The security command should be able to perform security analysis on a service, namely:

• Check for vulnerabilities in dependencies
• Check for vulnerabilities in function code
• Check for overly permissive IAM policies
• Check for infringement on rules, such as allowing to contact another service
• Check for infringement on EventBridge rules, such as creating a rule that listens to source outside what is authorized for that service

When running make all-payment-3p, the service fails to deploy properly as the typescript isn't transpiled. This is due to a missing typescript binary in my development environment. The build process shouldn't have dependencies on the local environment.

The metadata.yaml file contains the service name. This can be used as a parameter to inject in the CloudFormation template.

The service metadata information would contain things such as:

• Permissions: which services are authorized to access resources from that service
• Dependencies: which services are needed for this service to work propely.

This would add support for the following deployment options:

• deploy all dependencies of specific service(s) (e.g. based on changes since a given commit)
• deploy to a new environment based on branch, run integration tests, then tear down that branch.

Add CloudWatch alarms for the frontend service.

Right now, lint only runs on OpenAPI documents, CloudFormation templates and Lambda source code. It should also run on test files.

Common cases:

• Fixture API Gateway event
• DynamoDB requests
• Lambda requests

Right now, the system supports unit and integration tests. This would add support for end-to-end tests.

However, end-to-end tests span multiple services and therefore might not be stored in a service folder.

Add a linting functionality in tools/toolbox that could:

• Analyze CloudFormation templates
• Analyze Lambda function code
• Analyze OpenAPI documents

Add CloudWatch alarms for the platform service.

Proposed change

This would add flags through CloudFormation parameters and conditions to allow enabling/disabling some resources and features based on the environment or user preferences. For example, enabling/disabling the listener SQS stack, CloudWatch dashboards, etc.

Right now, several stacks rely on an IsProd condition to check if prod features should be enabled.

With the proposed change, the environments.yaml file would add more parameters specific to these features. There would also be a new file (features.yaml) that would be masked in .gitignore where users could manually disable features that could incur costs. This file would override values from environments.yaml.

Right now, many features in CloudWatch have a fixed cost per resource per month, which could create an unpleasant surprise.

However, as this relies on CloudFormation parameters, which have a limit of 60 parameters per template, it's important to keep the number of feature flags low.

Example

For example, if we have a feature to enable monitoring features and we decide to use it only for production the environments.yaml file would look like this:

dev:
  parameters:
    LogLevel: DEBUG
    RetentionInDays: "7"

# ...

prod:
  parameters:
    LogLevel: INFO
    RetentionInDays: "30"
    MonitoringEnabled: false
  flags:
    can-test: false
    # This would probably be made redundant
    # is-prod: true

A CloudFormation template would include this (if they have monitoring features beyond the baseline):

Parameters:
  Environment:
    Type: String
    Default: dev
    Description: Environment name
  #...
  MonitoringEnabled:
    Type: String
    Default: false
    Description: Enable advanced monitoring features
  #...

Conditions:
  HasMonitoring: !Equals [!Ref MonitoringEnabled, true]

#...
Resources:
  #...
  Dashboard:
    Type: AWS::CloudWatch::Dashboard
    Condition: HasMonitoring
    Properties:
      #...

The features file would look like this:

features:
  MonitoringEnabled: false

This change adds a new field to orders named "status", which is already part of the Order schema, and a new field called "history" containing the changes for the order over time.

The "status" field could have the following values:

• NEW
• PACKAGED
• PACKAGING_FAILED
• DELIVERY_FAILED
• FULFILLED

This should add the following capabilities:

• New orders should have a status field with the value "NEW".
• Changing the status to PACKAGED following a PackageCreated event from the warehouse service.
• Changing the status to FULFILLED following a DeliveryCompleted event from the delivery service.
• Changing the status to PACKAGING_FAILED following a PackagingFailed event from the warehouse service.
• Changing the status to DELIVERY_FAILED following a DeliveryFailed event from the delivery service.

Right now, ecom.helpers provider helpers for both API Gateway integration and EventBridge. It would be nice to have ecom.apigateway with API Gateway helpers and ecom.eventbridge for EventBridge helpers.

Ticket to track the creation of a CloudWatch dashboard for the payment-3p service.

Add a CI/CD pipeline that can deploy each service.

The pipeline should be able to:

• perform linting
• build the service
• run unit tests
• deploy to tests
• run integration tests in tests
• deploy to staging
• run end-to-end tests in staging
• run security tests in staging
• deploy to prod

The staging and prod environments should be different AWS accounts. Therefore, the CI/CD pipeline should be able to deploy across accounts.

Ticket to track the creation of a CloudWatch dashboard for the delivery-pricing service.

Right now, there are no API path to cancel a payment request. However, the payment service should contact the payment-3p service to cancel a payment request if the fulfilment of an order failed.

• payment-3p: add cancelPayment API
• payment: send a request to cancel the payment in the OnFailed function

This feature would make deployment of services that are not dependent on each other parallel rather than in series, thus speeding up deployment of a development environment.

Proposed change

This change would prevent building resources that are already built and thus lower the iteration time for development changes.

On the first make build for a given service, it will create a .checksum file in the build folder. This file will be a checksum of all the relevant files for the build command. There could be multiple checksum files for different build operations (e.g. CloudFormation, OpenAPI, Python code, etc.).

On subsequent runs, this would check the checksum file(s) and compare them to the checksums of the existing files. If there are no differences, this will skip the build step and consider it as successful.

Risks

If files outside of the service folder are changed (e.g. files in shared/src/ecom/), this could create discrepancies between the development environments and what would be built in the CI/CD pipeline. This could be overcome with the detection of changes within shared libraries.