This repository contains the backend microservices for the Knowledge Garden application. The backend is built using a microservice architecture with service discovery via Consul and event-driven communication via Kafka.
The project consists of four main microservices:
- API Gateway: Entry point for all client requests, handles authentication and routes requests to appropriate services
- Authentication Service: Manages user authentication, registration, and authorization
- Resources Service: Handles file uploads, storage, and management with S3 integration
- Search Service: Provides search functionality across knowledge resources using Elasticsearch
Before you begin, ensure you have the following installed:
- Node.js (v16+)
- npm (v8+)
- PostgreSQL (v14+)
- MongoDB (v5+)
- Elasticsearch (v8+)
- Consul (v1.14+)
- Kafka (v3.3+) & ZooKeeper (v3.8+)
- S3-compatible storage (MinIO or AWS S3)
- TypeScript (v4.5+) for Resources Service
- CPU: 2+ cores recommended for development, 4+ cores for production
- Memory: Minimum 8GB RAM (16GB recommended for production)
- Storage: 20GB+ free disk space
- Network: Stable internet connection for service communication
| Dependency | Version | Purpose |
|---|---|---|
| Node.js | v16+ | Runtime environment |
| TypeScript | v4.5+ | For strongly-typed services |
| PostgreSQL | v14+ | User data storage |
| MongoDB | v5+ | Document storage |
| Elasticsearch | v8+ | Search engine |
| Consul | v1.14+ | Service discovery |
| Kafka | v3.3+ | Event messaging |
| ZooKeeper | v3.8+ | Kafka coordination |
| S3 Storage | - | File storage |
Each service requires specific environment variables to be set:
NODE_ENV=development
LOG_LEVEL=debug
CONSUL_HOST=localhost
CONSUL_PORT=8500
CONSUL_DC=dc1
KAFKA_BROKERS=localhost:9092
KAFKA_CLIENT_ID=knowledge-garden
KAFKA_GROUP_ID_PREFIX=kgGATEWAY_PORT=5000
JWT_SECRET=your-jwt-secret
API_TIMEOUT_MS=10000
RATE_LIMIT_WINDOW_MS=900000
RATE_LIMIT_MAX_REQUESTS=100PORT=5001
JWT_SECRET=your-jwt-secret
JWT_EXPIRES_IN=1h
PGHOST=localhost
PGPORT=5432
PGDATABASE=kg_auth
PGUSER=postgres
PGPASSWORD=yourpassword
BCRYPT_SALT_ROUNDS=10PORT=3000
KAFKA_BROKER=localhost:9092
AWS_ACCESS_KEY_ID=your-access-key
AWS_SECRET_ACCESS_KEY=your-secret-key
AWS_REGION=us-east-1
S3_BUCKET_NAME=knowledge-garden-resources
S3_ENDPOINT=http://localhost:9000
MONGODB_URI=mongodb://localhost:27017/knowledge_garden
SERVICE_NAME=resource-service
JWT_SECRET=your-jwt-secretPORT=5002
ELASTICSEARCH_NODE=http://localhost:9200
ELASTICSEARCH_USERNAME=elastic
ELASTICSEARCH_PASSWORD=yourpassword
MONGODB_URI=mongodb://localhost:27017/kg_documents
INDEX_BATCH_SIZE=100Consul is used for service discovery and must be running before starting the services.
macOS (using Homebrew):
brew install consul
consul agent -devLinux:
# Download Consul
wget https://releases.hashicorp.com/consul/1.14.4/consul_1.14.4_linux_amd64.zip
unzip consul_1.14.4_linux_amd64.zip
sudo mv consul /usr/local/bin/
# Start Consul in development mode
consul agent -devVerify Consul is running by accessing the UI at: http://localhost:8500/ui/
Kafka is used for event-driven communication between services.
# Start ZooKeeper and Kafka using Docker Compose
docker-compose up -d zookeeper kafka
# Verify Kafka is running
docker-compose logs kafka | grep "started"macOS (using Homebrew):
brew install kafka
brew services start zookeeper
brew services start kafkaLinux:
# Download and extract Kafka
wget https://downloads.apache.org/kafka/3.3.1/kafka_2.13-3.3.1.tgz
tar -xzf kafka_2.13-3.3.1.tgz
cd kafka_2.13-3.3.1
# Start ZooKeeper
bin/zookeeper-server-start.sh -daemon config/zookeeper.properties
# Start Kafka
bin/kafka-server-start.sh -daemon config/server.properties
# Verify Kafka is running
bin/kafka-topics.sh --bootstrap-server localhost:9092 --listYou can use MinIO for local development or AWS S3 for production:
# Start MinIO using Docker
docker run -p 9000:9000 -p 9001:9001 --name minio \
-v ~/minio/data:/data \
-e "MINIO_ROOT_USER=minioadmin" \
-e "MINIO_ROOT_PASSWORD=minioadmin" \
quay.io/minio/minio server /data --console-address ":9001"
# Create a bucket for resources
mc alias set myminio http://localhost:9000 minioadmin minioadmin
mc mb myminio/knowledge-garden-resourcesFor production, create an S3 bucket and IAM user with appropriate permissions.
Copy the example .env file for each service:
# Create environment files for each service
cp .env.example api-gateway/.env
cp .env.example authentication/.env
cp .env.example resources/.env
cp .env.example search/.envEdit each service's .env file to configure:
- Database connection strings
- Service ports
- JWT secret
- S3 credentials and endpoint
- Elasticsearch connection
- Consul settings
- Kafka settings
Install dependencies for each service:
# Install dependencies for API Gateway
cd api-gateway && npm install
# Install dependencies for Authentication Service
cd ../authentication && npm install
# Install dependencies for Resources Service
cd ../resources && npm install
# Install dependencies for Search Service
cd ../search && npm installStart each service in separate terminal windows:
# Terminal 1 - Start API Gateway
cd api-gateway && npm run dev
# Terminal 2 - Start Authentication Service
cd ../authentication && npm run dev
# Terminal 3 - Start Resources Service
cd ../resources && npm run dev
# Terminal 4 - Start Search Service
cd ../search && npm run devThe Resources Service handles file uploads, downloads, and metadata management. It integrates with:
- S3 Storage: For storing uploaded files
- MongoDB: For storing file metadata and enabling search
- Kafka: For publishing events when resources are created, updated, or deleted
- Service Discovery: For registration and discovery via Consul
- Secure file uploads with configurable size limits
- File metadata management with MongoDB
- Access control based on user roles and resource ownership
- Integration with search indexing through Kafka events
- Support for various file types with proper MIME type handling
POST /api/resources # Upload a new resource
GET /api/resources/:id # Get resource metadata by ID
GET /api/resources # List resources with filtering and pagination
GET /api/resources/download/:id # Download a resource file
PUT /api/resources/:id # Update resource metadata
DELETE /api/resources/:id # Delete a resource
GET /api/resources/user/:userId # Get resources by owner ID
This section outlines the comprehensive testing strategy for the Knowledge Garden backend services.
Each service contains unit tests that verify individual components in isolation:
# Run unit tests across all services
npm run test:unit
# Run tests for a specific service
cd api-gateway && npm test
cd ../authentication && npm test
cd ../resources && npm test
cd ../search && npm testUnit tests cover:
- Controllers
- Services
- Models
- Middleware
- Utility functions
- Minimum 80% line coverage
- Minimum 70% branch coverage
- All critical paths must have tests
Integration tests verify that different components work together correctly:
# Run integration tests
npm run test:integrationIntegration tests cover:
- Database operations
- Service interactions
- Authentication flows
- Search indexing and querying
- Kafka event handling
- Must use a separate test database
- Should clean up all test data after completion
- Should verify all microservice interactions
E2E tests verify the entire application flow from API requests to database operations:
# Run E2E tests
npm run test:e2eE2E tests cover:
- Complete user journeys
- API request/response cycles
- Authentication flows
- Document operations
- Search functionality
- Tests should run against isolated test services
- Tests should verify API responses meet specifications
- Should test error conditions and edge cases
Performance tests evaluate system behavior under load:
# Run performance tests
npm run test:performance# Test API Gateway health endpoint (1000 requests, 50 concurrent)
ab -n 1000 -c 50 http://localhost:5000/health
# Test authenticated endpoint (100 requests, 10 concurrent)
ab -n 100 -c 10 -H "Authorization: Bearer $TOKEN" http://localhost:5000/api/auth/profile
# Test search service (500 requests, 20 concurrent)
ab -n 500 -c 20 "http://localhost:5000/api/search?q=test"The repository includes JMeter test plans for more advanced performance testing:
# Run JMeter tests
jmeter -n -t performance/test-plans/api-gateway-load-test.jmx -l results.jtl -e -o report- API Gateway: Must handle 100 requests/second with <500ms response time
- Authentication Service: Must handle 50 logins/second with <1s response time
- Search Service: Must handle 20 search queries/second with <2s response time
To test the service discovery functionality:
# Start multiple instances of the search service
cd search
PORT=5003 npm run dev
PORT=5004 npm run dev
# Verify instances in Consul
curl http://localhost:8500/v1/catalog/service/search-service
# Test load balancing
for i in {1..20}; do curl -s "http://localhost:5000/api/search/health" | jq '.instance_id'; doneTest Kafka event production and consumption:
# Create test document to trigger indexing events
curl -X POST http://localhost:5000/api/search/documents \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d '{
"title": "Kafka Test Document",
"content": "Testing Kafka events for document indexing",
"is_public": true
}'
# Upload a resource file to trigger resource events
curl -X POST http://localhost:5000/api/resources \
-H "Authorization: Bearer $TOKEN" \
-F "resource=@test.pdf" \
-F "title=Kafka Test Resource" \
-F "resourceType=document"
# Verify document was indexed asynchronously (may take a moment)
curl -X GET "http://localhost:5000/api/search?q=kafka+test" \
-H "Authorization: Bearer $TOKEN"
# View Kafka topics and messages
kafkacat -b localhost:9092 -L
kafkacat -b localhost:9092 -t document.created -C -eSecurity tests verify that the system is protected against common vulnerabilities:
# Run security tests
npm run test:securitySecurity tests cover:
- Authentication bypass attempts
- Authorization checks
- Input validation
- SQL injection protection
- NoSQL injection protection
- JWT security
# Run OWASP ZAP scan against API endpoints
docker run -v $(pwd)/security-reports:/zap/wrk/:rw -t owasp/zap2docker-stable \
zap-baseline.py -t http://host.docker.internal:5000 -g gen.conf -r security-report.htmlThe repository includes GitHub Actions workflows for CI/CD:
- Pull Request Workflow: Runs unit and integration tests
- Main Branch Workflow: Runs all tests including E2E and security tests
- Release Workflow: Runs all tests and performance tests
# Check if Consul is running
curl http://localhost:8500/v1/status/leader
# Check registered services
curl http://localhost:8500/v1/catalog/services
# Deregister problematic service
curl -X PUT http://localhost:8500/v1/agent/service/deregister/service-id# Check if topics exist
kafkacat -b localhost:9092 -L | grep document
# Manually create required topics if missing
kafka-topics --bootstrap-server localhost:9092 --create --topic document.created --partitions 3 --replication-factor 1
# Check consumer groups
kafka-consumer-groups --bootstrap-server localhost:9092 --list# Check PostgreSQL connection
pg_isready -h localhost -p 5432
# Check MongoDB connection
mongo --eval "db.runCommand({ping:1})"
# Check Elasticsearch connection
curl -X GET "localhost:9200/_cat/health"To enable detailed debug logging:
# Set environment variable
export LOG_LEVEL=debug
# Restart the services with debug logging
cd api-gateway && npm run dev:debug# API Gateway health (includes downstream services)
curl http://localhost:5000/health
# Authentication service health
curl http://localhost:5001/health
# Resources service health
curl http://localhost:3000/health
# Search service health
curl http://localhost:5002/healthThe system exposes Prometheus metrics at the /metrics endpoint:
# Get API Gateway metrics
curl http://localhost:5000/metrics
# Get authentication service metrics
curl http://localhost:5001/metrics
# Get search service metrics
curl http://localhost:5002/metricsFor production deployments, the following stack is recommended:
- Elasticsearch, Logstash, Kibana (ELK) for log aggregation
- Prometheus and Grafana for metrics visualization
For detailed API documentation, refer to the Swagger documentation available at:
http://localhost:5000/api-docs
- Ensure all tests pass before submitting a pull request
- Update the documentation to reflect any changes
- Include unit tests for new features or bug fixes
- Maintain minimum code coverage requirements
- Follow code style guidelines
- ESLint configuration is included in the repository
- Prettier is used for code formatting
- All code must pass linting checks before merge
This project is licensed under the MIT License - see the LICENSE.md file for details.
