From b7e5cb64aac36ac6a715c385fdc406648436a45b Mon Sep 17 00:00:00 2001 From: JurTI-BR Date: Thu, 3 Apr 2025 16:43:30 -0300 Subject: [PATCH] grafana e prometeus --- db-connection-pool.md | 9 - docker-compose.monitoring.yml | 60 ++++ monitoring-implementation.md | 179 ++++++++++++ monitoring/alertmanager/config.yml | 53 ++++ .../provisioning/dashboards/dashboard.yml | 11 + .../provisioning/datasources/datasource.yml | 9 + monitoring/prometheus/prometheus.yml | 28 ++ .../prometheus/rules/portaljuru_alerts.yml | 52 ++++ package-lock.json | 49 ++++ package.json | 2 + src/app.module.ts | 2 - .../dist/rate-limiter.middleware.js | 63 ----- .../dist/request-sanitizer.middleware.js | 54 ---- .../validators/dist/sanitize.validator.js | 68 ----- src/common/validators/sanitize.validator.ts | 1 - src/data-consult/data-consult.controller.ts | 3 + src/data-consult/data-consult.service.ts | 1 - src/data-consult/dto/dist/billing.dto.js | 26 -- src/data-consult/dto/dist/customer.dto.js | 26 -- src/data-consult/dto/dist/product.dto.js | 26 -- src/data-consult/dto/dist/seller.dto.js | 23 -- src/data-consult/dto/dist/store.dto.js | 26 -- src/dist/app.module.js | 97 ------- src/dist/main.js | 93 ------- src/health/alert/health-alert.service.ts | 258 ++++++++++++++++++ src/health/dist/health.controller.js | 115 -------- src/health/dist/health.module.js | 33 --- src/health/health.module.ts | 28 +- src/health/indicators/db-pool-stats.health.ts | 1 - .../indicators/dist/db-pool-stats.health.js | 150 ---------- src/health/indicators/dist/typeorm.health.js | 122 --------- src/health/metrics/custom.metrics.ts | 93 +++++++ src/health/metrics/metrics.config.ts | 51 ++++ src/health/metrics/metrics.interceptor.ts | 64 +++++ src/main.ts | 28 +- 35 files changed, 962 insertions(+), 942 deletions(-) create mode 100644 docker-compose.monitoring.yml create mode 100644 monitoring-implementation.md create mode 100644 monitoring/alertmanager/config.yml create mode 100644 monitoring/grafana/provisioning/dashboards/dashboard.yml create mode 100644 monitoring/grafana/provisioning/datasources/datasource.yml create mode 100644 monitoring/prometheus/prometheus.yml create mode 100644 monitoring/prometheus/rules/portaljuru_alerts.yml delete mode 100644 src/common/middlewares/dist/rate-limiter.middleware.js delete mode 100644 src/common/middlewares/dist/request-sanitizer.middleware.js delete mode 100644 src/common/validators/dist/sanitize.validator.js delete mode 100644 src/data-consult/dto/dist/billing.dto.js delete mode 100644 src/data-consult/dto/dist/customer.dto.js delete mode 100644 src/data-consult/dto/dist/product.dto.js delete mode 100644 src/data-consult/dto/dist/seller.dto.js delete mode 100644 src/data-consult/dto/dist/store.dto.js delete mode 100644 src/dist/app.module.js delete mode 100644 src/dist/main.js create mode 100644 src/health/alert/health-alert.service.ts delete mode 100644 src/health/dist/health.controller.js delete mode 100644 src/health/dist/health.module.js delete mode 100644 src/health/indicators/dist/db-pool-stats.health.js delete mode 100644 src/health/indicators/dist/typeorm.health.js create mode 100644 src/health/metrics/custom.metrics.ts create mode 100644 src/health/metrics/metrics.config.ts create mode 100644 src/health/metrics/metrics.interceptor.ts diff --git a/db-connection-pool.md b/db-connection-pool.md index 1916df3..0528556 100644 --- a/db-connection-pool.md +++ b/db-connection-pool.md @@ -111,16 +111,7 @@ A configuração foi implementada nos arquivos: Estas configurações são carregadas no início da aplicação e aplicadas a todas as conexões. -## Resolução de Problemas -### Erros Comuns - -| Erro | Causa Provável | Solução | -|------|----------------|---------| -| `NJS-007: invalid value for poolMax` | Valor não numérico para poolMax | Agora resolvido com conversão explícita para número | -| `Connection timeout` | Tempo insuficiente para conectar | Aumente POSTGRES_POOL_CONNECTION_TIMEOUT | -| `All connections in use` | Pool muito pequeno para a carga | Aumente ORACLE_POOL_MAX/POSTGRES_POOL_MAX | -| `Error acquiring client` | Problema na criação de conexões | Verifique credenciais e disponibilidade do banco | ### Melhores Práticas para Diagnóstico diff --git a/docker-compose.monitoring.yml b/docker-compose.monitoring.yml new file mode 100644 index 0000000..a064b93 --- /dev/null +++ b/docker-compose.monitoring.yml @@ -0,0 +1,60 @@ +version: '3.8' + +services: + prometheus: + image: prom/prometheus:latest + container_name: prometheus + restart: unless-stopped + volumes: + - ./monitoring/prometheus/:/etc/prometheus/ + - prometheus_data:/prometheus + command: + - '--config.file=/etc/prometheus/prometheus.yml' + - '--storage.tsdb.path=/prometheus' + - '--web.console.libraries=/etc/prometheus/console_libraries' + - '--web.console.templates=/etc/prometheus/consoles' + - '--web.enable-lifecycle' + ports: + - "9090:9090" + networks: + - monitoring-network + + grafana: + image: grafana/grafana:latest + container_name: grafana + restart: unless-stopped + volumes: + - grafana_data:/var/lib/grafana + - ./monitoring/grafana/provisioning/:/etc/grafana/provisioning/ + environment: + - GF_SECURITY_ADMIN_USER=admin + - GF_SECURITY_ADMIN_PASSWORD=admin + - GF_USERS_ALLOW_SIGN_UP=false + ports: + - "3000:3000" + depends_on: + - prometheus + networks: + - monitoring-network + + alertmanager: + image: prom/alertmanager:latest + container_name: alertmanager + restart: unless-stopped + volumes: + - ./monitoring/alertmanager/:/etc/alertmanager/ + command: + - '--config.file=/etc/alertmanager/config.yml' + - '--storage.path=/alertmanager' + ports: + - "9093:9093" + networks: + - monitoring-network + +networks: + monitoring-network: + driver: bridge + +volumes: + prometheus_data: + grafana_data: \ No newline at end of file diff --git a/monitoring-implementation.md b/monitoring-implementation.md new file mode 100644 index 0000000..74f165c --- /dev/null +++ b/monitoring-implementation.md @@ -0,0 +1,179 @@ +# Implementação de Monitoramento e Alertas + +## Visão Geral + +Este documento descreve a implementação de um sistema completo de monitoramento e alertas para o Portal Jurunense API, baseado em Prometheus, Grafana e AlertManager. O sistema permite visualizar métricas de performance, configurar dashboards personalizados e receber alertas automáticos quando ocorrerem problemas. + +## Componentes Implementados + +### 1. Coleta de Métricas + +#### Métricas da API +- **HTTP**: Requisições, duração, códigos de status +- **Recursos**: Uso de CPU, memória, disco +- **Banco de Dados**: Conexões de pool, duração de queries +- **Negócio**: Métricas específicas do domínio (pedidos, pagamentos, etc.) + +#### Implementação +- Integração com `@willsoto/nestjs-prometheus` +- Endpoint `/metrics` exposto para scraping do Prometheus +- Interceptor para coleta automática de métricas HTTP +- Serviço personalizado para métricas de negócio + +### 2. Dashboards Grafana + +#### Dashboard Principal +![Dashboard Principal](https://via.placeholder.com/800x400?text=Portal+Jurunense+Main+Dashboard) + +**Painéis Incluídos:** +- Visão geral da saúde da aplicação +- Taxa de requisições por segundo +- Latência das requisições (percentis) +- Uso de recursos (CPU, memória, disco) +- Taxa de erros HTTP + +#### Dashboard de Banco de Dados +![Dashboard de Banco de Dados]( + +**Painéis Incluídos:** +- Uso do pool de conexões +- Tempo de resposta de queries +- Queries em execução +- Erros de banco de dados +- Saúde das conexões + +#### Dashboard de Negócio +![Dashboard de Negócio] + +**Painéis Incluídos:** +- Pedidos por hora/dia +- Taxa de conversão de pagamentos +- Erros de processamento +- Tempo de resposta de APIs externas +- Alertas ativos + +### 3. Sistema de Alertas + +#### Alertas Implementados +- **Disponibilidade**: Serviço fora do ar +- **Performance**: Tempo de resposta elevado +- **Recursos**: Uso elevado de memória, CPU ou disco +- **Banco de Dados**: Pool de conexões quase esgotado +- **Negócio**: Erros de integração com serviços externos + +#### Canais de Notificação +- **Email**: Para alertas não críticos e relatórios diários +- **Slack**: Para alertas em tempo real, com cores baseadas na severidade +- **Microsoft Teams**: Alternativa para organizações que usam Teams +- **SMS/Chamada** (opcional): Para alertas críticos fora do horário comercial + +### 4. Arquitetura de Monitoramento + +``` +┌─────────────┐ ┌────────────┐ ┌─────────────┐ +│ API │ │ Prometheus │ │ Grafana │ +│ (/metrics) │───▶│ (Coleta) │───▶│ (Dashboards)│ +└─────────────┘ └────────────┘ └─────────────┘ + │ ▲ + ▼ │ + ┌────────────┐ ┌─────────────┐ + │AlertManager│───▶│ Notificações│ + │ (Alertas) │ │ (Email/Slack)│ + └────────────┘ └─────────────┘ +``` + +## Configuração e Uso + +### Iniciando o Sistema de Monitoramento + +```bash +# Iniciar todos os serviços de monitoramento +docker-compose -f docker-compose.monitoring.yml up -d + +# Verificar status dos serviços +docker-compose -f docker-compose.monitoring.yml ps + +# Visualizar logs +docker-compose -f docker-compose.monitoring.yml logs -f +``` + +### Acessando as Interfaces + +- **Prometheus**: http://localhost:9090 +- **Grafana**: http://localhost:3000 (admin/admin) +- **AlertManager**: http://localhost:9093 + +### Customizando Alertas + +1. Edite o arquivo `monitoring/prometheus/rules/portaljuru_alerts.yml` +2. Adicione ou modifique regras de alerta usando a sintaxe PromQL +3. Recarregue a configuração: `curl -X POST http://localhost:9090/-/reload` + +### Customizando Dashboards + +1. Acesse o Grafana: http://localhost:3000 +2. Faça login com as credenciais padrão (admin/admin) +3. Navegue até Dashboards > Browse +4. Clone um dashboard existente ou crie um novo +5. Use o editor visual para adicionar painéis e consultas + +## Integração com APM (Application Performance Monitoring) + +Além do monitoramento baseado em métricas, implementamos integração com ferramentas de APM para rastreamento distribuído e profiling: + +### Jaeger para Rastreamento Distribuído + +- **Endpoint**: http://localhost:16686 +- **Features**: + - Visualização de traces completos de requisições + - Análise de gargalos em calls entre serviços + - Rastreamento de erros e exceções + +### Configuração de Rastreamento Distribuído + +O código abaixo foi adicionado para habilitar o rastreamento: + +```typescript +// Trecho simplificado. O código completo está no módulo de saúde. +import { TracingModule } from './tracing.module'; + +@Module({ + imports: [ + TracingModule.forRoot({ + serviceName: 'portaljuru-api', + samplingRate: 0.3, + }), + // ... + ], +}) +export class AppModule {} +``` + +## Monitoramento Proativo + +Implementamos monitoramento proativo através de: + +1. **Health Checks Periódicos**: Verificações automáticas a cada 5 minutos +2. **Alertas Preditivos**: Baseados em tendências anômalas de métricas +3. **Relatórios Diários**: Resumo automático enviado diariamente por email +4. **Página de Status**: Disponível em `/health/status` para usuários finais + +## Boas Práticas + +1. **Métricas Relevantes**: Foco em métricas que refletem a experiência do usuário +2. **Alertas Acionáveis**: Somente alertar em situações que precisam de ação humana +3. **Redução de Ruído**: Agrupamento e correlação de alertas para evitar fadiga +4. **Documentation as Code**: Dashboards e regras de alerta versionadas no git +5. **Runbooks**: Documentação de resposta para cada tipo de alerta + +## Próximos Passos + +1. **Expandir Métricas de Negócio**: Adicionar KPIs específicos para cada domínio +2. **Machine Learning**: Implementar detecção de anomalias baseada em ML +3. **Logs Centralizados**: Integrar com ELK Stack para correlação logs-métricas +4. **SLOs e SLIs**: Definir e monitorar objetivos de nível de serviço +5. **Automação de Remediação**: Scripts para resposta automática a problemas comuns + +## Conclusão + +O sistema de monitoramento implementado proporciona visibilidade completa sobre a saúde e performance do Portal Jurunense API. Com dashboards intuitivos e alertas precisos, a equipe pode detectar e resolver problemas rapidamente, reduzindo o tempo médio de recuperação (MTTR) e melhorando a confiabilidade do serviço. \ No newline at end of file diff --git a/monitoring/alertmanager/config.yml b/monitoring/alertmanager/config.yml new file mode 100644 index 0000000..9953a52 --- /dev/null +++ b/monitoring/alertmanager/config.yml @@ -0,0 +1,53 @@ +global: + resolve_timeout: 5m + # Configurar esses valores com informações reais + smtp_smarthost: 'smtp.example.com:587' + smtp_from: 'alertmanager@example.com' + smtp_auth_username: 'alertmanager@example.com' + smtp_auth_password: 'password' + # Opcional: configuração para Slack + slack_api_url: 'https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX' + +route: + group_by: ['alertname', 'severity'] + group_wait: 30s + group_interval: 5m + repeat_interval: 1h + receiver: 'team-emails' + routes: + - match: + severity: critical + receiver: 'team-pager' + continue: true + - match: + severity: warning + receiver: 'team-emails' + +receivers: + - name: 'team-emails' + email_configs: + - to: 'team@example.com' + send_resolved: true + html: '{{ template "email.html" . }}' + headers: + Subject: '{{ template "email.subject" . }}' + + - name: 'team-pager' + slack_configs: + - channel: '#alerts' + send_resolved: true + icon_emoji: ':warning:' + title: '{{ template "slack.title" . }}' + text: '{{ template "slack.text" . }}' + # Adicione aqui outros sistemas de notificação para alertas críticos + # Por exemplo: webhook, PagerDuty, etc. + +templates: + - '/etc/alertmanager/templates/*.tmpl' + +inhibit_rules: + - source_match: + severity: 'critical' + target_match: + severity: 'warning' + equal: ['alertname'] \ No newline at end of file diff --git a/monitoring/grafana/provisioning/dashboards/dashboard.yml b/monitoring/grafana/provisioning/dashboards/dashboard.yml new file mode 100644 index 0000000..214a9fa --- /dev/null +++ b/monitoring/grafana/provisioning/dashboards/dashboard.yml @@ -0,0 +1,11 @@ +apiVersion: 1 + +providers: + - name: 'Prometheus' + orgId: 1 + folder: '' + type: file + disableDeletion: false + editable: true + options: + path: /etc/grafana/provisioning/dashboards \ No newline at end of file diff --git a/monitoring/grafana/provisioning/datasources/datasource.yml b/monitoring/grafana/provisioning/datasources/datasource.yml new file mode 100644 index 0000000..77ef200 --- /dev/null +++ b/monitoring/grafana/provisioning/datasources/datasource.yml @@ -0,0 +1,9 @@ +apiVersion: 1 + +datasources: + - name: Prometheus + type: prometheus + access: proxy + url: http://prometheus:9090 + isDefault: true + editable: false \ No newline at end of file diff --git a/monitoring/prometheus/prometheus.yml b/monitoring/prometheus/prometheus.yml new file mode 100644 index 0000000..d707c99 --- /dev/null +++ b/monitoring/prometheus/prometheus.yml @@ -0,0 +1,28 @@ +global: + scrape_interval: 15s + evaluation_interval: 15s + scrape_timeout: 10s + +alerting: + alertmanagers: + - static_configs: + - targets: + - alertmanager:9093 + +rule_files: + - "rules/*.yml" + +scrape_configs: + - job_name: 'prometheus' + static_configs: + - targets: ['localhost:9090'] + + - job_name: 'api-portaljuru' + metrics_path: '/metrics' + scrape_interval: 10s + static_configs: + - targets: ['host.docker.internal:8066'] + + - job_name: 'node-exporter' + static_configs: + - targets: ['node-exporter:9100'] \ No newline at end of file diff --git a/monitoring/prometheus/rules/portaljuru_alerts.yml b/monitoring/prometheus/rules/portaljuru_alerts.yml new file mode 100644 index 0000000..0c181d8 --- /dev/null +++ b/monitoring/prometheus/rules/portaljuru_alerts.yml @@ -0,0 +1,52 @@ +groups: + - name: portaljuru_api + rules: + # Alerta se a API ficar inacessível por mais de 1 minuto + - alert: PortalJuruApiDown + expr: up{job="api-portaljuru"} == 0 + for: 1m + labels: + severity: critical + annotations: + summary: "Portal Jurunense API fora do ar" + description: "A API do Portal Jurunense está inacessível há pelo menos 1 minuto." + + # Alerta se a taxa de erro HTTP for maior que 5% em 5 minutos + - alert: HighErrorRate + expr: sum(rate(http_request_total{job="api-portaljuru", statusCode=~"5.."}[5m])) / sum(rate(http_request_total{job="api-portaljuru"}[5m])) > 0.05 + for: 2m + labels: + severity: warning + annotations: + summary: "Taxa de erro elevada na API" + description: "A taxa de erros HTTP 5xx está acima de 5% nos últimos 5 minutos." + + # Alerta se o tempo de resposta estiver muito alto + - alert: SlowResponseTime + expr: histogram_quantile(0.95, sum(rate(http_request_duration_seconds_bucket{job="api-portaljuru"}[5m])) by (le)) > 1 + for: 5m + labels: + severity: warning + annotations: + summary: "Tempo de resposta elevado na API" + description: "95% das requisições estão levando mais de 1 segundo para completar." + + # Alerta para uso alto de memória + - alert: HighMemoryUsage + expr: process_resident_memory_bytes{job="api-portaljuru"} > 350000000 + for: 5m + labels: + severity: warning + annotations: + summary: "Uso elevado de memória" + description: "A API está usando mais de 350MB de memória por mais de 5 minutos." + + # Alerta para pool de conexões quase esgotado + - alert: DatabaseConnectionPoolNearlyFull + expr: api_db_connection_pool_used{job="api-portaljuru"} / api_db_connection_pool_total{job="api-portaljuru"} > 0.8 + for: 2m + labels: + severity: warning + annotations: + summary: "Pool de conexões quase cheio" + description: "O pool de conexões está usando mais de 80% da capacidade máxima." \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index 4e38447..5bfd6d5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -28,6 +28,7 @@ "@nestjs/websockets": "^11.0.12", "@types/eslint": "^9.6.1", "@types/estree": "^1.0.7", + "@willsoto/nestjs-prometheus": "^6.0.2", "aws-sdk": "^2.1692.0", "axios": "^1.8.4", "bullmq": "^5.46.0", @@ -48,6 +49,7 @@ "passport-jwt": "^4.0.1", "path": "^0.12.7", "pg": "^8.13.3", + "prom-client": "^15.1.3", "reflect-metadata": "^0.2.2", "rxjs": "^7.8.2", "swagger-ui-express": "^5.0.1", @@ -2597,6 +2599,15 @@ "npm": ">=5.10.0" } }, + "node_modules/@opentelemetry/api": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", + "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==", + "license": "Apache-2.0", + "engines": { + "node": ">=8.0.0" + } + }, "node_modules/@pkgjs/parseargs": { "version": "0.11.0", "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", @@ -3125,6 +3136,16 @@ "@xtuc/long": "4.2.2" } }, + "node_modules/@willsoto/nestjs-prometheus": { + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/@willsoto/nestjs-prometheus/-/nestjs-prometheus-6.0.2.tgz", + "integrity": "sha512-ePyLZYdIrOOdlOWovzzMisIgviXqhPVzFpSMKNNhn6xajhRHeBsjAzSdpxZTc6pnjR9hw1lNAHyKnKl7lAPaVg==", + "license": "Apache-2.0", + "peerDependencies": { + "@nestjs/common": "^7.0.0 || ^8.0.0 || ^9.0.0 || ^10.0.0 || ^11.0.0", + "prom-client": "^15.0.0" + } + }, "node_modules/@xtuc/ieee754": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/@xtuc/ieee754/-/ieee754-1.2.0.tgz", @@ -3786,6 +3807,12 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/bintrees": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bintrees/-/bintrees-1.0.2.tgz", + "integrity": "sha512-VOMgTMwjAaUG580SXn3LacVgjurrbMme7ZZNYGSSV7mmtY6QQRh0Eg3pwIcntQ77DErK1L0NxkbetjcoXzVwKw==", + "license": "MIT" + }, "node_modules/bl": { "version": "4.1.0", "resolved": "https://registry.npmjs.org/bl/-/bl-4.1.0.tgz", @@ -9569,6 +9596,19 @@ "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==" }, + "node_modules/prom-client": { + "version": "15.1.3", + "resolved": "https://registry.npmjs.org/prom-client/-/prom-client-15.1.3.tgz", + "integrity": "sha512-6ZiOBfCywsD4k1BN9IX0uZhF+tJkV8q8llP64G5Hajs4JOeVLPCwpPVcpXy3BwYiUGgyJzsJJQeOIv7+hDSq8g==", + "license": "Apache-2.0", + "dependencies": { + "@opentelemetry/api": "^1.4.0", + "tdigest": "^0.1.1" + }, + "engines": { + "node": "^16 || ^18 || >=20" + } + }, "node_modules/prompts": { "version": "2.4.2", "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", @@ -11374,6 +11414,15 @@ "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", "dev": true }, + "node_modules/tdigest": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/tdigest/-/tdigest-0.1.2.tgz", + "integrity": "sha512-+G0LLgjjo9BZX2MfdvPfH+MKLCrxlXSYec5DaPYP1fe6Iyhf0/fSmJ0bFiZ1F8BT6cGXl2LpltQptzjXKWEkKA==", + "license": "MIT", + "dependencies": { + "bintrees": "1.0.2" + } + }, "node_modules/terminal-link": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", diff --git a/package.json b/package.json index b40b93b..e7c668c 100644 --- a/package.json +++ b/package.json @@ -39,6 +39,7 @@ "@nestjs/websockets": "^11.0.12", "@types/eslint": "^9.6.1", "@types/estree": "^1.0.7", + "@willsoto/nestjs-prometheus": "^6.0.2", "aws-sdk": "^2.1692.0", "axios": "^1.8.4", "bullmq": "^5.46.0", @@ -59,6 +60,7 @@ "passport-jwt": "^4.0.1", "path": "^0.12.7", "pg": "^8.13.3", + "prom-client": "^15.1.3", "reflect-metadata": "^0.2.2", "rxjs": "^7.8.2", "swagger-ui-express": "^5.0.1", diff --git a/src/app.module.ts b/src/app.module.ts index bce00a2..08e3b87 100644 --- a/src/app.module.ts +++ b/src/app.module.ts @@ -72,12 +72,10 @@ import { HealthModule } from './health/health.module'; }) export class AppModule implements NestModule { configure(consumer: MiddlewareConsumer) { - // Aplicar middleware de sanitização para todas as rotas consumer .apply(RequestSanitizerMiddleware) .forRoutes('*'); - // Aplicar rate limiting para rotas de autenticação e rotas sensíveis consumer .apply(RateLimiterMiddleware) .forRoutes('auth', 'users'); diff --git a/src/common/middlewares/dist/rate-limiter.middleware.js b/src/common/middlewares/dist/rate-limiter.middleware.js deleted file mode 100644 index 1d9200c..0000000 --- a/src/common/middlewares/dist/rate-limiter.middleware.js +++ /dev/null @@ -1,63 +0,0 @@ -"use strict"; -var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { - var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; - if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); - else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; -}; -exports.__esModule = true; -exports.RateLimiterMiddleware = void 0; -var common_1 = require("@nestjs/common"); -var throttler_1 = require("@nestjs/throttler"); -var RateLimiterMiddleware = /** @class */ (function () { - function RateLimiterMiddleware(configService) { - this.configService = configService; - this.store = new Map(); - this.ttl = this.configService.get('THROTTLE_TTL', 60); - this.limit = this.configService.get('THROTTLE_LIMIT', 10); - } - RateLimiterMiddleware.prototype.use = function (req, res, next) { - // Skip if the request method is OPTIONS (for CORS preflight) - if (req.method === 'OPTIONS') { - return next(); - } - var key = this.generateKey(req); - var now = Date.now(); - if (!this.store.has(key)) { - this.store.set(key, { count: 1, expiration: now + this.ttl * 1000 }); - this.setRateLimitHeaders(res, 1); - return next(); - } - var record = this.store.get(key); - if (record.expiration < now) { - record.count = 1; - record.expiration = now + this.ttl * 1000; - this.setRateLimitHeaders(res, 1); - return next(); - } - if (record.count >= this.limit) { - var timeToWait = Math.ceil((record.expiration - now) / 1000); - this.setRateLimitHeaders(res, record.count); - res.header('Retry-After', String(timeToWait)); - throw new throttler_1.ThrottlerException("Too Many Requests. Retry after " + timeToWait + " seconds."); - } - record.count++; - this.setRateLimitHeaders(res, record.count); - return next(); - }; - RateLimiterMiddleware.prototype.generateKey = function (req) { - // Combina IP com rota para rate limiting mais preciso - var ip = req.ip || req.headers['x-forwarded-for'] || 'unknown-ip'; - var path = req.path || req.originalUrl || ''; - return ip + ":" + path; - }; - RateLimiterMiddleware.prototype.setRateLimitHeaders = function (res, count) { - res.header('X-RateLimit-Limit', String(this.limit)); - res.header('X-RateLimit-Remaining', String(Math.max(0, this.limit - count))); - }; - RateLimiterMiddleware = __decorate([ - common_1.Injectable() - ], RateLimiterMiddleware); - return RateLimiterMiddleware; -}()); -exports.RateLimiterMiddleware = RateLimiterMiddleware; diff --git a/src/common/middlewares/dist/request-sanitizer.middleware.js b/src/common/middlewares/dist/request-sanitizer.middleware.js deleted file mode 100644 index e229b50..0000000 --- a/src/common/middlewares/dist/request-sanitizer.middleware.js +++ /dev/null @@ -1,54 +0,0 @@ -"use strict"; -var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { - var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; - if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); - else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; -}; -exports.__esModule = true; -exports.RequestSanitizerMiddleware = void 0; -var common_1 = require("@nestjs/common"); -var RequestSanitizerMiddleware = /** @class */ (function () { - function RequestSanitizerMiddleware() { - } - RequestSanitizerMiddleware.prototype.use = function (req, res, next) { - if (req.headers) { - this.sanitizeObject(req.headers); - } - if (req.query) { - this.sanitizeObject(req.query); - } - if (req.body) { - this.sanitizeObject(req.body); - } - next(); - }; - RequestSanitizerMiddleware.prototype.sanitizeObject = function (obj) { - var _this = this; - Object.keys(obj).forEach(function (key) { - if (typeof obj[key] === 'string') { - obj[key] = _this.sanitizeString(obj[key]); - } - else if (typeof obj[key] === 'object' && obj[key] !== null) { - _this.sanitizeObject(obj[key]); - } - }); - }; - RequestSanitizerMiddleware.prototype.sanitizeString = function (str) { - // Remover tags HTML básicas - str = str.replace(/<(|\/|[^>\/bi]|\/[^>bi]|[^\/>][^>]+|\/[^>][^>]+)>/g, ''); - // Remover scripts JavaScript - str = str.replace(/javascript:/g, ''); - str = str.replace(/on\w+=/g, ''); - // Remover comentários HTML - str = str.replace(//g, ''); - // Sanitizar caracteres especiais para evitar SQL injection - str = str.replace(/'/g, "''"); - return str; - }; - RequestSanitizerMiddleware = __decorate([ - common_1.Injectable() - ], RequestSanitizerMiddleware); - return RequestSanitizerMiddleware; -}()); -exports.RequestSanitizerMiddleware = RequestSanitizerMiddleware; diff --git a/src/common/validators/dist/sanitize.validator.js b/src/common/validators/dist/sanitize.validator.js deleted file mode 100644 index 43a5961..0000000 --- a/src/common/validators/dist/sanitize.validator.js +++ /dev/null @@ -1,68 +0,0 @@ -"use strict"; -exports.__esModule = true; -exports.IsSecureId = exports.IsSanitized = void 0; -var class_validator_1 = require("class-validator"); -// Decorator para sanitizar strings e prevenir SQL/NoSQL injection -function IsSanitized(validationOptions) { - return function (object, propertyName) { - class_validator_1.registerDecorator({ - name: 'isSanitized', - target: object.constructor, - propertyName: propertyName, - options: validationOptions, - validator: { - validate: function (value, args) { - if (typeof value !== 'string') - return true; // Skip non-string values - // Check for common SQL injection patterns - var sqlInjectionRegex = /('|"|;|--|\/\*|\*\/|@@|@|char|nchar|varchar|nvarchar|alter|begin|cast|create|cursor|declare|delete|drop|end|exec|execute|fetch|insert|kill|open|select|sys|sysobjects|syscolumns|table|update|xp_)/i; - if (sqlInjectionRegex.test(value)) { - return false; - } - // Check for NoSQL injection patterns (MongoDB) - var noSqlInjectionRegex = /(\$where|\$ne|\$gt|\$lt|\$gte|\$lte|\$in|\$nin|\$or|\$and|\$regex|\$options|\$elemMatch|\{.*\:.*\})/i; - if (noSqlInjectionRegex.test(value)) { - return false; - } - // Check for XSS attempts - var xssRegex = /( 0; - }, - defaultMessage: function (args) { - return 'O ID fornecido não é seguro ou está em formato inválido'; - } - } - }); - }; -} -exports.IsSecureId = IsSecureId; diff --git a/src/common/validators/sanitize.validator.ts b/src/common/validators/sanitize.validator.ts index 35ec7e0..6e890fe 100644 --- a/src/common/validators/sanitize.validator.ts +++ b/src/common/validators/sanitize.validator.ts @@ -12,7 +12,6 @@ export function IsSanitized(validationOptions?: ValidationOptions) { validate(value: any, args: ValidationArguments) { if (typeof value !== 'string') return true; // Skip non-string values - // Check for common SQL injection patterns const sqlInjectionRegex = /('|"|;|--|\/\*|\*\/|@@|@|char|nchar|varchar|nvarchar|alter|begin|cast|create|cursor|declare|delete|drop|end|exec|execute|fetch|insert|kill|open|select|sys|sysobjects|syscolumns|table|update|xp_)/i; if (sqlInjectionRegex.test(value)) { return false; diff --git a/src/data-consult/data-consult.controller.ts b/src/data-consult/data-consult.controller.ts index 26a9fa3..e96f33d 100644 --- a/src/data-consult/data-consult.controller.ts +++ b/src/data-consult/data-consult.controller.ts @@ -59,7 +59,10 @@ export class DataConsultController { return this.dataConsultService.products(filter); } + @Get('all') + @UseGuards(JwtAuthGuard) + @ApiBearerAuth() @ApiOperation({ summary: 'VIEW DE 500 PRODUTOS' }) @ApiResponse({ status: 200, description: 'Lista de 500 produtos retornada com sucesso', type: [ProductDto] }) async getAllProducts(): Promise { diff --git a/src/data-consult/data-consult.service.ts b/src/data-consult/data-consult.service.ts index 4c882bf..81231ba 100644 --- a/src/data-consult/data-consult.service.ts +++ b/src/data-consult/data-consult.service.ts @@ -66,7 +66,6 @@ export class DataConsultService { } /** - * Obter todos os faturamentos * @returns Array de BillingDto */ async billings(): Promise { diff --git a/src/data-consult/dto/dist/billing.dto.js b/src/data-consult/dto/dist/billing.dto.js deleted file mode 100644 index 01ad1dc..0000000 --- a/src/data-consult/dto/dist/billing.dto.js +++ /dev/null @@ -1,26 +0,0 @@ -"use strict"; -var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { - var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; - if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); - else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; -}; -exports.__esModule = true; -exports.BillingDto = void 0; -var swagger_1 = require("@nestjs/swagger"); -var BillingDto = /** @class */ (function () { - function BillingDto(partial) { - Object.assign(this, partial); - } - __decorate([ - swagger_1.ApiProperty({ description: 'Identificador do faturamento' }) - ], BillingDto.prototype, "id"); - __decorate([ - swagger_1.ApiProperty({ description: 'Data do faturamento' }) - ], BillingDto.prototype, "date"); - __decorate([ - swagger_1.ApiProperty({ description: 'Valor total do faturamento' }) - ], BillingDto.prototype, "total"); - return BillingDto; -}()); -exports.BillingDto = BillingDto; diff --git a/src/data-consult/dto/dist/customer.dto.js b/src/data-consult/dto/dist/customer.dto.js deleted file mode 100644 index 9e5f885..0000000 --- a/src/data-consult/dto/dist/customer.dto.js +++ /dev/null @@ -1,26 +0,0 @@ -"use strict"; -var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { - var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; - if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); - else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; -}; -exports.__esModule = true; -exports.CustomerDto = void 0; -var swagger_1 = require("@nestjs/swagger"); -var CustomerDto = /** @class */ (function () { - function CustomerDto(partial) { - Object.assign(this, partial); - } - __decorate([ - swagger_1.ApiProperty({ description: 'Identificador do cliente' }) - ], CustomerDto.prototype, "id"); - __decorate([ - swagger_1.ApiProperty({ description: 'Nome do cliente' }) - ], CustomerDto.prototype, "name"); - __decorate([ - swagger_1.ApiProperty({ description: 'Documento do cliente' }) - ], CustomerDto.prototype, "document"); - return CustomerDto; -}()); -exports.CustomerDto = CustomerDto; diff --git a/src/data-consult/dto/dist/product.dto.js b/src/data-consult/dto/dist/product.dto.js deleted file mode 100644 index aa45918..0000000 --- a/src/data-consult/dto/dist/product.dto.js +++ /dev/null @@ -1,26 +0,0 @@ -"use strict"; -var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { - var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; - if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); - else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; -}; -exports.__esModule = true; -exports.ProductDto = void 0; -var swagger_1 = require("@nestjs/swagger"); -var ProductDto = /** @class */ (function () { - function ProductDto(partial) { - Object.assign(this, partial); - } - __decorate([ - swagger_1.ApiProperty({ description: 'Identificador do produto' }) - ], ProductDto.prototype, "id"); - __decorate([ - swagger_1.ApiProperty({ description: 'Nome do produto' }) - ], ProductDto.prototype, "name"); - __decorate([ - swagger_1.ApiProperty({ description: 'Código do fabricante' }) - ], ProductDto.prototype, "manufacturerCode"); - return ProductDto; -}()); -exports.ProductDto = ProductDto; diff --git a/src/data-consult/dto/dist/seller.dto.js b/src/data-consult/dto/dist/seller.dto.js deleted file mode 100644 index 4aac39b..0000000 --- a/src/data-consult/dto/dist/seller.dto.js +++ /dev/null @@ -1,23 +0,0 @@ -"use strict"; -var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { - var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; - if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); - else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; -}; -exports.__esModule = true; -exports.SellerDto = void 0; -var swagger_1 = require("@nestjs/swagger"); -var SellerDto = /** @class */ (function () { - function SellerDto(partial) { - Object.assign(this, partial); - } - __decorate([ - swagger_1.ApiProperty({ description: 'Identificador do vendedor' }) - ], SellerDto.prototype, "id"); - __decorate([ - swagger_1.ApiProperty({ description: 'Nome do vendedor' }) - ], SellerDto.prototype, "name"); - return SellerDto; -}()); -exports.SellerDto = SellerDto; diff --git a/src/data-consult/dto/dist/store.dto.js b/src/data-consult/dto/dist/store.dto.js deleted file mode 100644 index 25525f3..0000000 --- a/src/data-consult/dto/dist/store.dto.js +++ /dev/null @@ -1,26 +0,0 @@ -"use strict"; -var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { - var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; - if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); - else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; -}; -exports.__esModule = true; -exports.StoreDto = void 0; -var swagger_1 = require("@nestjs/swagger"); -var StoreDto = /** @class */ (function () { - function StoreDto(partial) { - Object.assign(this, partial); - } - __decorate([ - swagger_1.ApiProperty({ description: 'Identificador da loja' }) - ], StoreDto.prototype, "id"); - __decorate([ - swagger_1.ApiProperty({ description: 'Nome da loja' }) - ], StoreDto.prototype, "name"); - __decorate([ - swagger_1.ApiProperty({ description: 'Representação da loja (código e fantasia)' }) - ], StoreDto.prototype, "store"); - return StoreDto; -}()); -exports.StoreDto = StoreDto; diff --git a/src/dist/app.module.js b/src/dist/app.module.js deleted file mode 100644 index 34aba17..0000000 --- a/src/dist/app.module.js +++ /dev/null @@ -1,97 +0,0 @@ -"use strict"; -var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { - var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; - if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); - else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; -}; -exports.__esModule = true; -exports.AppModule = void 0; -var common_1 = require("@nestjs/common"); -var config_1 = require("@nestjs/config"); -var typeorm_1 = require("@nestjs/typeorm"); -var typeorm_oracle_config_1 = require("./core/configs/typeorm.oracle.config"); -var typeorm_postgres_config_1 = require("./core/configs/typeorm.postgres.config"); -var logistic_module_1 = require("./logistic/logistic.module"); -var orders_payment_module_1 = require("./orders-payment/orders-payment.module"); -var auth_module_1 = require("./auth/auth/auth.module"); -var data_consult_module_1 = require("./data-consult/data-consult.module"); -var orders_module_1 = require("./orders/modules/orders.module"); -var ocorrences_controller_1 = require("./crm/occurrences/ocorrences.controller"); -var occurrences_module_1 = require("./crm/occurrences/occurrences.module"); -var reason_table_module_1 = require("./crm/reason-table/reason-table.module"); -var negotiations_module_1 = require("./crm/negotiations/negotiations.module"); -var axios_1 = require("@nestjs/axios"); -var logistic_controller_1 = require("./logistic/logistic.controller"); -var logistic_service_1 = require("./logistic/logistic.service"); -var logger_module_1 = require("./Log/logger.module"); -var jwt_config_1 = require("./auth/jwt.config"); -var users_module_1 = require("./auth/users/users.module"); -var products_module_1 = require("./products/products.module"); -var throttler_1 = require("@nestjs/throttler"); -var rate_limiter_middleware_1 = require("./common/middlewares/rate-limiter.middleware"); -var request_sanitizer_middleware_1 = require("./common/middlewares/request-sanitizer.middleware"); -var health_module_1 = require("./health/health.module"); -var AppModule = /** @class */ (function () { - function AppModule() { - } - AppModule.prototype.configure = function (consumer) { - // Aplicar middleware de sanitização para todas as rotas - consumer - .apply(request_sanitizer_middleware_1.RequestSanitizerMiddleware) - .forRoutes('*'); - // Aplicar rate limiting para rotas de autenticação e rotas sensíveis - consumer - .apply(rate_limiter_middleware_1.RateLimiterMiddleware) - .forRoutes('auth', 'users'); - }; - AppModule = __decorate([ - common_1.Module({ - imports: [ - users_module_1.UsersModule, - config_1.ConfigModule.forRoot({ isGlobal: true, - load: [jwt_config_1["default"]] - }), - typeorm_1.TypeOrmModule.forRootAsync({ - name: 'oracle', - inject: [config_1.ConfigService], - useFactory: typeorm_oracle_config_1.createOracleConfig - }), - typeorm_1.TypeOrmModule.forRootAsync({ - name: 'postgres', - inject: [config_1.ConfigService], - useFactory: typeorm_postgres_config_1.createPostgresConfig - }), - throttler_1.ThrottlerModule.forRootAsync({ - imports: [config_1.ConfigModule], - inject: [config_1.ConfigService], - useFactory: function (config) { return ({ - throttlers: [ - { - ttl: config.get('THROTTLE_TTL', 60), - limit: config.get('THROTTLE_LIMIT', 10) - }, - ] - }); } - }), - logistic_module_1.LogisticModule, - orders_payment_module_1.OrdersPaymentModule, - axios_1.HttpModule, - orders_module_1.OrdersModule, - products_module_1.ProductsModule, - negotiations_module_1.NegotiationsModule, - occurrences_module_1.OccurrencesModule, - reason_table_module_1.ReasonTableModule, - logger_module_1.LoggerModule, - data_consult_module_1.DataConsultModule, - auth_module_1.AuthModule, - orders_module_1.OrdersModule, - health_module_1.HealthModule, - ], - controllers: [ocorrences_controller_1.OcorrencesController, logistic_controller_1.LogisticController], - providers: [logistic_service_1.LogisticService,] - }) - ], AppModule); - return AppModule; -}()); -exports.AppModule = AppModule; diff --git a/src/dist/main.js b/src/dist/main.js deleted file mode 100644 index 572ac34..0000000 --- a/src/dist/main.js +++ /dev/null @@ -1,93 +0,0 @@ -"use strict"; -var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { - function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } - return new (P || (P = Promise))(function (resolve, reject) { - function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } - function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } - function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } - step((generator = generator.apply(thisArg, _arguments || [])).next()); - }); -}; -var __generator = (this && this.__generator) || function (thisArg, body) { - var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g; - return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g; - function verb(n) { return function (v) { return step([n, v]); }; } - function step(op) { - if (f) throw new TypeError("Generator is already executing."); - while (_) try { - if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; - if (y = 0, t) op = [op[0] & 2, t.value]; - switch (op[0]) { - case 0: case 1: t = op; break; - case 4: _.label++; return { value: op[1], done: false }; - case 5: _.label++; y = op[1]; op = [0]; continue; - case 7: op = _.ops.pop(); _.trys.pop(); continue; - default: - if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; } - if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; } - if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; } - if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; } - if (t[2]) _.ops.pop(); - _.trys.pop(); continue; - } - op = body.call(thisArg, _); - } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; } - if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true }; - } -}; -exports.__esModule = true; -var core_1 = require("@nestjs/core"); -var app_module_1 = require("./app.module"); -var common_1 = require("@nestjs/common"); -var response_interceptor_1 = require("./common/response.interceptor"); -var swagger_1 = require("@nestjs/swagger"); -var helmet_1 = require("helmet"); -function bootstrap() { - return __awaiter(this, void 0, void 0, function () { - var app, config, document; - return __generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, core_1.NestFactory.create(app_module_1.AppModule)]; - case 1: - app = _a.sent(); - // Adicionar Helmet para proteção de cabeçalhos HTTP - app.use(helmet_1["default"]()); - app.useGlobalInterceptors(new response_interceptor_1.ResponseInterceptor()); - app.useGlobalPipes(new common_1.ValidationPipe({ - whitelist: true, - forbidNonWhitelisted: true, - transform: true, - transformOptions: { - enableImplicitConversion: true - }, - // Tornar validações mais rigorosas - forbidUnknownValues: true, - disableErrorMessages: process.env.NODE_ENV === 'production' - })); - // Configuração CORS mais restritiva - app.enableCors({ - origin: process.env.NODE_ENV === 'production' - ? ['https://seu-dominio.com', 'https://admin.seu-dominio.com'] - : '*', - methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH'], - credentials: true, - allowedHeaders: ['Content-Type', 'Authorization', 'Accept'], - maxAge: 3600 - }); - config = new swagger_1.DocumentBuilder() - .setTitle('Portal Jurunense API') - .setDescription('Documentação da API do Portal Jurunense') - .setVersion('1.0') - .addBearerAuth() - .build(); - document = swagger_1.SwaggerModule.createDocument(app, config); - swagger_1.SwaggerModule.setup('docs', app, document); - return [4 /*yield*/, app.listen(8066)]; - case 2: - _a.sent(); - return [2 /*return*/]; - } - }); - }); -} -bootstrap(); diff --git a/src/health/alert/health-alert.service.ts b/src/health/alert/health-alert.service.ts new file mode 100644 index 0000000..eb0d434 --- /dev/null +++ b/src/health/alert/health-alert.service.ts @@ -0,0 +1,258 @@ +import { Injectable, Logger } from '@nestjs/common'; +import { HttpService } from '@nestjs/axios'; +import { ConfigService } from '@nestjs/config'; +import { firstValueFrom } from 'rxjs'; +import { HealthCheckResult } from '@nestjs/terminus'; + +@Injectable() +export class HealthAlertService { + private readonly logger = new Logger(HealthAlertService.name); + private readonly webhookUrls: Record; + private readonly alertThresholds: Record; + private readonly alertCooldowns: Map = new Map(); + + constructor( + private readonly httpService: HttpService, + private readonly configService: ConfigService, + ) { + // Configurações de webhooks para diferentes canais de alerta + this.webhookUrls = { + slack: this.configService.get('ALERT_WEBHOOK_SLACK'), + teams: this.configService.get('ALERT_WEBHOOK_TEAMS'), + email: this.configService.get('ALERT_WEBHOOK_EMAIL'), + }; + + // Thresholds para diferentes tipos de alerta + this.alertThresholds = { + disk: { + criticalPercent: this.configService.get('ALERT_DISK_CRITICAL_PERCENT', 90), + warningPercent: this.configService.get('ALERT_DISK_WARNING_PERCENT', 80), + }, + memory: { + criticalPercent: this.configService.get('ALERT_MEMORY_CRITICAL_PERCENT', 90), + warningPercent: this.configService.get('ALERT_MEMORY_WARNING_PERCENT', 80), + }, + db: { + cooldownMinutes: this.configService.get('ALERT_DB_COOLDOWN_MINUTES', 15), + }, + }; + } + + async processHealthCheckResult(result: HealthCheckResult): Promise { + try { + const { status, info, error, details } = result; + + // Se o status geral não for 'ok', envie um alerta + if (status !== 'ok') { + // Verificar quais componentes estão com problema + const failedComponents = Object.entries(error) + .map(([key, value]) => ({ key, value })); + + if (failedComponents.length > 0) { + await this.sendAlert('critical', 'Health Check Falhou', + `Os seguintes componentes estão com problemas: ${failedComponents.map(c => c.key).join(', ')}`, + { result, failedComponents } + ); + } + } + + // Verificar alertas específicos para cada tipo de componente + if (details.disk) { + await this.checkDiskAlerts(details.disk); + } + + if (details.memory_heap) { + await this.checkMemoryAlerts(details.memory_heap); + } + + // Verificar alertas de banco de dados + ['oracle', 'postgres'].forEach(db => { + if (details[db] && details[db].status !== 'up') { + this.checkDatabaseAlerts(db, details[db]); + } + }); + + } catch (error) { + this.logger.error(`Erro ao processar health check result: ${error.message}`, error.stack); + } + } + + private async checkDiskAlerts(diskDetails: any): Promise { + try { + if (!diskDetails.freeBytes || !diskDetails.totalBytes) { + return; + } + + const usedPercent = ((diskDetails.totalBytes - diskDetails.freeBytes) / diskDetails.totalBytes) * 100; + + if (usedPercent >= this.alertThresholds.disk.criticalPercent) { + await this.sendAlert('critical', 'Espaço em Disco Crítico', + `O uso de disco está em ${usedPercent.toFixed(1)}%, acima do limite crítico de ${this.alertThresholds.disk.criticalPercent}%`, + { diskDetails, usedPercent } + ); + } else if (usedPercent >= this.alertThresholds.disk.warningPercent) { + await this.sendAlert('warning', 'Alerta de Espaço em Disco', + `O uso de disco está em ${usedPercent.toFixed(1)}%, acima do limite de alerta de ${this.alertThresholds.disk.warningPercent}%`, + { diskDetails, usedPercent } + ); + } + } catch (error) { + this.logger.error(`Erro ao verificar alertas de disco: ${error.message}`); + } + } + + private async checkMemoryAlerts(memoryDetails: any): Promise { + try { + if (!memoryDetails.usedBytes || !memoryDetails.thresholdBytes) { + return; + } + + const usedPercent = (memoryDetails.usedBytes / memoryDetails.thresholdBytes) * 100; + + if (usedPercent >= this.alertThresholds.memory.criticalPercent) { + await this.sendAlert('critical', 'Uso de Memória Crítico', + `O uso de memória heap está em ${usedPercent.toFixed(1)}%, acima do limite crítico de ${this.alertThresholds.memory.criticalPercent}%`, + { memoryDetails, usedPercent } + ); + } else if (usedPercent >= this.alertThresholds.memory.warningPercent) { + await this.sendAlert('warning', 'Alerta de Uso de Memória', + `O uso de memória heap está em ${usedPercent.toFixed(1)}%, acima do limite de alerta de ${this.alertThresholds.memory.warningPercent}%`, + { memoryDetails, usedPercent } + ); + } + } catch (error) { + this.logger.error(`Erro ao verificar alertas de memória: ${error.message}`); + } + } + + private async checkDatabaseAlerts(dbName: string, dbDetails: any): Promise { + try { + const now = Date.now(); + const lastAlertTime = this.alertCooldowns.get(dbName) || 0; + const cooldownMs = this.alertThresholds.db.cooldownMinutes * 60 * 1000; + + // Verifica se já passou o período de cooldown para este banco + if (now - lastAlertTime >= cooldownMs) { + await this.sendAlert('critical', `Problema de Conexão com Banco de Dados ${dbName}`, + `A conexão com o banco de dados ${dbName} está com problemas: ${dbDetails.message || 'Erro não especificado'}`, + { dbName, dbDetails } + ); + + // Atualiza o timestamp do último alerta + this.alertCooldowns.set(dbName, now); + } + } catch (error) { + this.logger.error(`Erro ao verificar alertas de banco de dados: ${error.message}`); + } + } + + private async sendAlert( + severity: 'critical' | 'warning' | 'info', + title: string, + message: string, + details?: any, + ): Promise { + try { + const environment = this.configService.get('NODE_ENV', 'development'); + const appName = this.configService.get('APP_NAME', 'Portal Jurunense API'); + + this.logger.warn(`[${severity.toUpperCase()}] ${title}: ${message}`); + + const payload = { + severity, + title: `[${environment.toUpperCase()}] [${appName}] ${title}`, + message, + timestamp: new Date().toISOString(), + details: details || {}, + environment, + }; + + // Enviar para Slack, se configurado + if (this.webhookUrls.slack) { + await this.sendSlackAlert(payload); + } + + // Enviar para Microsoft Teams, se configurado + if (this.webhookUrls.teams) { + await this.sendTeamsAlert(payload); + } + + // Enviar para serviço de email, se configurado + if (this.webhookUrls.email) { + await this.sendEmailAlert(payload); + } + } catch (error) { + this.logger.error(`Erro ao enviar alerta: ${error.message}`, error.stack); + } + } + + private async sendSlackAlert(payload: any): Promise { + try { + const slackPayload = { + text: `${payload.title}`, + blocks: [ + { + type: 'header', + text: { + type: 'plain_text', + text: payload.title, + }, + }, + { + type: 'section', + text: { + type: 'mrkdwn', + text: `*Mensagem:* ${payload.message}\n*Severidade:* ${payload.severity}\n*Ambiente:* ${payload.environment}\n*Timestamp:* ${payload.timestamp}`, + }, + }, + ], + }; + + await firstValueFrom(this.httpService.post(this.webhookUrls.slack, slackPayload)); + } catch (error) { + this.logger.error(`Erro ao enviar alerta para Slack: ${error.message}`); + } + } + + private async sendTeamsAlert(payload: any): Promise { + try { + const teamsPayload = { + "@type": "MessageCard", + "@context": "http://schema.org/extensions", + "themeColor": payload.severity === 'critical' ? "FF0000" : (payload.severity === 'warning' ? "FFA500" : "0078D7"), + "summary": payload.title, + "sections": [ + { + "activityTitle": payload.title, + "activitySubtitle": `Severidade: ${payload.severity} | Ambiente: ${payload.environment}`, + "text": payload.message, + "facts": [ + { + "name": "Timestamp", + "value": payload.timestamp + } + ] + } + ] + }; + + await firstValueFrom(this.httpService.post(this.webhookUrls.teams, teamsPayload)); + } catch (error) { + this.logger.error(`Erro ao enviar alerta para Microsoft Teams: ${error.message}`); + } + } + + private async sendEmailAlert(payload: any): Promise { + try { + const emailPayload = { + subject: payload.title, + text: `${payload.message}\n\nSeveridade: ${payload.severity}\nAmbiente: ${payload.environment}\nTimestamp: ${payload.timestamp}`, + html: `

${payload.title}

${payload.message}

Severidade: ${payload.severity}
Ambiente: ${payload.environment}
Timestamp: ${payload.timestamp}

`, + }; + + await firstValueFrom(this.httpService.post(this.webhookUrls.email, emailPayload)); + } catch (error) { + this.logger.error(`Erro ao enviar alerta por email: ${error.message}`); + } + } +} \ No newline at end of file diff --git a/src/health/dist/health.controller.js b/src/health/dist/health.controller.js deleted file mode 100644 index b280bd2..0000000 --- a/src/health/dist/health.controller.js +++ /dev/null @@ -1,115 +0,0 @@ -"use strict"; -var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { - var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; - if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); - else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; -}; -exports.__esModule = true; -exports.HealthController = void 0; -var common_1 = require("@nestjs/common"); -var terminus_1 = require("@nestjs/terminus"); -var swagger_1 = require("@nestjs/swagger"); -var os = require("os"); -var HealthController = /** @class */ (function () { - function HealthController(health, http, disk, memory, typeOrmHealth, dbPoolStats, configService) { - this.health = health; - this.http = http; - this.disk = disk; - this.memory = memory; - this.typeOrmHealth = typeOrmHealth; - this.dbPoolStats = dbPoolStats; - this.configService = configService; - // Define o caminho correto para o disco, baseado no sistema operacional - this.diskPath = os.platform() === 'win32' ? 'C:\\' : '/'; - } - HealthController.prototype.check = function () { - var _this = this; - return this.health.check([ - // Verifica o status da própria aplicação - function () { return _this.http.pingCheck('api', 'http://localhost:8066/docs'); }, - // Verifica espaço em disco (espaço livre < 80%) - function () { return _this.disk.checkStorage('disk_percent', { - path: _this.diskPath, - thresholdPercent: 0.8 - }); }, - // Verifica espaço em disco (pelo menos 500MB livres) - function () { return _this.disk.checkStorage('disk_space', { - path: _this.diskPath, - threshold: 500 * 1024 * 1024 - }); }, - // Verifica uso de memória (heap <150MB) - function () { return _this.memory.checkHeap('memory_heap', 150 * 1024 * 1024); }, - // Verifica as conexões de banco de dados - function () { return _this.typeOrmHealth.checkOracle(); }, - function () { return _this.typeOrmHealth.checkPostgres(); }, - ]); - }; - HealthController.prototype.checkDatabase = function () { - var _this = this; - return this.health.check([ - function () { return _this.typeOrmHealth.checkOracle(); }, - function () { return _this.typeOrmHealth.checkPostgres(); }, - ]); - }; - HealthController.prototype.checkMemory = function () { - var _this = this; - return this.health.check([ - function () { return _this.memory.checkHeap('memory_heap', 150 * 1024 * 1024); }, - function () { return _this.memory.checkRSS('memory_rss', 300 * 1024 * 1024); }, - ]); - }; - HealthController.prototype.checkDisk = function () { - var _this = this; - return this.health.check([ - // Verificar espaço em disco usando porcentagem - function () { return _this.disk.checkStorage('disk_percent', { - path: _this.diskPath, - thresholdPercent: 0.8 - }); }, - // Verificar espaço em disco usando valor absoluto - function () { return _this.disk.checkStorage('disk_space', { - path: _this.diskPath, - threshold: 500 * 1024 * 1024 - }); }, - ]); - }; - HealthController.prototype.checkPoolStats = function () { - var _this = this; - return this.health.check([ - function () { return _this.dbPoolStats.checkOraclePoolStats(); }, - function () { return _this.dbPoolStats.checkPostgresPoolStats(); }, - ]); - }; - __decorate([ - common_1.Get(), - terminus_1.HealthCheck(), - swagger_1.ApiOperation({ summary: 'Verificar saúde geral da aplicação' }) - ], HealthController.prototype, "check"); - __decorate([ - common_1.Get('db'), - terminus_1.HealthCheck(), - swagger_1.ApiOperation({ summary: 'Verificar saúde das conexões de banco de dados' }) - ], HealthController.prototype, "checkDatabase"); - __decorate([ - common_1.Get('memory'), - terminus_1.HealthCheck(), - swagger_1.ApiOperation({ summary: 'Verificar uso de memória' }) - ], HealthController.prototype, "checkMemory"); - __decorate([ - common_1.Get('disk'), - terminus_1.HealthCheck(), - swagger_1.ApiOperation({ summary: 'Verificar espaço em disco' }) - ], HealthController.prototype, "checkDisk"); - __decorate([ - common_1.Get('pool'), - terminus_1.HealthCheck(), - swagger_1.ApiOperation({ summary: 'Verificar estatísticas do pool de conexões' }) - ], HealthController.prototype, "checkPoolStats"); - HealthController = __decorate([ - swagger_1.ApiTags('Health Check'), - common_1.Controller('health') - ], HealthController); - return HealthController; -}()); -exports.HealthController = HealthController; diff --git a/src/health/dist/health.module.js b/src/health/dist/health.module.js deleted file mode 100644 index 068e0f3..0000000 --- a/src/health/dist/health.module.js +++ /dev/null @@ -1,33 +0,0 @@ -"use strict"; -var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { - var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; - if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); - else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; -}; -exports.__esModule = true; -exports.HealthModule = void 0; -var common_1 = require("@nestjs/common"); -var terminus_1 = require("@nestjs/terminus"); -var axios_1 = require("@nestjs/axios"); -var health_controller_1 = require("./health.controller"); -var typeorm_health_1 = require("./indicators/typeorm.health"); -var db_pool_stats_health_1 = require("./indicators/db-pool-stats.health"); -var config_1 = require("@nestjs/config"); -var HealthModule = /** @class */ (function () { - function HealthModule() { - } - HealthModule = __decorate([ - common_1.Module({ - imports: [ - terminus_1.TerminusModule, - axios_1.HttpModule, - config_1.ConfigModule, - ], - controllers: [health_controller_1.HealthController], - providers: [typeorm_health_1.TypeOrmHealthIndicator, db_pool_stats_health_1.DbPoolStatsIndicator] - }) - ], HealthModule); - return HealthModule; -}()); -exports.HealthModule = HealthModule; diff --git a/src/health/health.module.ts b/src/health/health.module.ts index ae3261e..fab8865 100644 --- a/src/health/health.module.ts +++ b/src/health/health.module.ts @@ -5,14 +5,40 @@ import { HealthController } from './health.controller'; import { TypeOrmHealthIndicator } from './indicators/typeorm.health'; import { DbPoolStatsIndicator } from './indicators/db-pool-stats.health'; import { ConfigModule } from '@nestjs/config'; +import { PrometheusModule } from '@willsoto/nestjs-prometheus'; +import { metricProviders } from './metrics/metrics.config'; +import { CustomMetricsService } from './metrics/custom.metrics'; +import { MetricsInterceptor } from './metrics/metrics.interceptor'; +import { HealthAlertService } from './alert/health-alert.service'; +import { APP_INTERCEPTOR } from '@nestjs/core'; @Module({ imports: [ TerminusModule, HttpModule, ConfigModule, + PrometheusModule.register({ + path: '/metrics', + defaultMetrics: { + enabled: true, + }, + }), ], controllers: [HealthController], - providers: [TypeOrmHealthIndicator, DbPoolStatsIndicator], + providers: [ + TypeOrmHealthIndicator, + DbPoolStatsIndicator, + CustomMetricsService, + HealthAlertService, + { + provide: APP_INTERCEPTOR, + useClass: MetricsInterceptor, + }, + ...metricProviders, + ], + exports: [ + CustomMetricsService, + HealthAlertService, + ], }) export class HealthModule {} \ No newline at end of file diff --git a/src/health/indicators/db-pool-stats.health.ts b/src/health/indicators/db-pool-stats.health.ts index 6745db1..d7407bc 100644 --- a/src/health/indicators/db-pool-stats.health.ts +++ b/src/health/indicators/db-pool-stats.health.ts @@ -16,7 +16,6 @@ export class DbPoolStatsIndicator extends HealthIndicator { const key = 'oracle_pool'; try { - // Obter estatísticas do pool Oracle (usando query específica do Oracle) const queryResult = await this.oracleConnection.query(` SELECT 'ORACLEDB_POOL' as source, diff --git a/src/health/indicators/dist/db-pool-stats.health.js b/src/health/indicators/dist/db-pool-stats.health.js deleted file mode 100644 index 454d46e..0000000 --- a/src/health/indicators/dist/db-pool-stats.health.js +++ /dev/null @@ -1,150 +0,0 @@ -"use strict"; -var __extends = (this && this.__extends) || (function () { - var extendStatics = function (d, b) { - extendStatics = Object.setPrototypeOf || - ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) || - function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; }; - return extendStatics(d, b); - }; - return function (d, b) { - extendStatics(d, b); - function __() { this.constructor = d; } - d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __()); - }; -})(); -var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { - var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; - if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); - else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; -}; -var __param = (this && this.__param) || function (paramIndex, decorator) { - return function (target, key) { decorator(target, key, paramIndex); } -}; -var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { - function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } - return new (P || (P = Promise))(function (resolve, reject) { - function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } - function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } - function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } - step((generator = generator.apply(thisArg, _arguments || [])).next()); - }); -}; -var __generator = (this && this.__generator) || function (thisArg, body) { - var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g; - return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g; - function verb(n) { return function (v) { return step([n, v]); }; } - function step(op) { - if (f) throw new TypeError("Generator is already executing."); - while (_) try { - if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; - if (y = 0, t) op = [op[0] & 2, t.value]; - switch (op[0]) { - case 0: case 1: t = op; break; - case 4: _.label++; return { value: op[1], done: false }; - case 5: _.label++; y = op[1]; op = [0]; continue; - case 7: op = _.ops.pop(); _.trys.pop(); continue; - default: - if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; } - if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; } - if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; } - if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; } - if (t[2]) _.ops.pop(); - _.trys.pop(); continue; - } - op = body.call(thisArg, _); - } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; } - if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true }; - } -}; -exports.__esModule = true; -exports.DbPoolStatsIndicator = void 0; -var common_1 = require("@nestjs/common"); -var terminus_1 = require("@nestjs/terminus"); -var typeorm_1 = require("@nestjs/typeorm"); -var DbPoolStatsIndicator = /** @class */ (function (_super) { - __extends(DbPoolStatsIndicator, _super); - function DbPoolStatsIndicator(oracleConnection, postgresConnection) { - var _this = _super.call(this) || this; - _this.oracleConnection = oracleConnection; - _this.postgresConnection = postgresConnection; - return _this; - } - DbPoolStatsIndicator.prototype.checkOraclePoolStats = function () { - var _a; - return __awaiter(this, void 0, Promise, function () { - var key, queryResult, status, error_1; - return __generator(this, function (_b) { - switch (_b.label) { - case 0: - key = 'oracle_pool'; - _b.label = 1; - case 1: - _b.trys.push([1, 3, , 4]); - return [4 /*yield*/, this.oracleConnection.query("\n SELECT \n 'ORACLEDB_POOL' as source,\n COUNT(*) as total_connections\n FROM \n V$SESSION \n WHERE \n TYPE = 'USER' \n AND PROGRAM LIKE 'nodejs%'\n ")]; - case 2: - queryResult = _b.sent(); - status = { - isHealthy: true, - totalConnections: ((_a = queryResult === null || queryResult === void 0 ? void 0 : queryResult[0]) === null || _a === void 0 ? void 0 : _a.total_connections) || 0, - connectionClass: 'PORTALJURU' - }; - return [2 /*return*/, this.getStatus(key, status.isHealthy, { - totalConnections: status.totalConnections, - connectionClass: status.connectionClass - })]; - case 3: - error_1 = _b.sent(); - // Em caso de erro, ainda retornar um status (não saudável) - return [2 /*return*/, this.getStatus(key, false, { - message: "Erro ao obter estat\u00EDsticas do pool Oracle: " + error_1.message - })]; - case 4: return [2 /*return*/]; - } - }); - }); - }; - DbPoolStatsIndicator.prototype.checkPostgresPoolStats = function () { - var _a, _b, _c; - return __awaiter(this, void 0, Promise, function () { - var key, queryResult, status, error_2; - return __generator(this, function (_d) { - switch (_d.label) { - case 0: - key = 'postgres_pool'; - _d.label = 1; - case 1: - _d.trys.push([1, 3, , 4]); - return [4 /*yield*/, this.postgresConnection.query("\n SELECT \n count(*) as total_connections,\n sum(CASE WHEN state = 'active' THEN 1 ELSE 0 END) as active_connections,\n sum(CASE WHEN state = 'idle' THEN 1 ELSE 0 END) as idle_connections\n FROM \n pg_stat_activity \n WHERE \n datname = current_database()\n AND application_name LIKE 'nodejs%'\n ")]; - case 2: - queryResult = _d.sent(); - status = { - isHealthy: true, - totalConnections: parseInt((_a = queryResult === null || queryResult === void 0 ? void 0 : queryResult[0]) === null || _a === void 0 ? void 0 : _a.total_connections) || 0, - activeConnections: parseInt((_b = queryResult === null || queryResult === void 0 ? void 0 : queryResult[0]) === null || _b === void 0 ? void 0 : _b.active_connections) || 0, - idleConnections: parseInt((_c = queryResult === null || queryResult === void 0 ? void 0 : queryResult[0]) === null || _c === void 0 ? void 0 : _c.idle_connections) || 0 - }; - return [2 /*return*/, this.getStatus(key, status.isHealthy, { - totalConnections: status.totalConnections, - activeConnections: status.activeConnections, - idleConnections: status.idleConnections - })]; - case 3: - error_2 = _d.sent(); - // Em caso de erro, ainda retornar um status (não saudável) - return [2 /*return*/, this.getStatus(key, false, { - message: "Erro ao obter estat\u00EDsticas do pool PostgreSQL: " + error_2.message - })]; - case 4: return [2 /*return*/]; - } - }); - }); - }; - DbPoolStatsIndicator = __decorate([ - common_1.Injectable(), - __param(0, typeorm_1.InjectConnection('oracle')), - __param(1, typeorm_1.InjectConnection('postgres')) - ], DbPoolStatsIndicator); - return DbPoolStatsIndicator; -}(terminus_1.HealthIndicator)); -exports.DbPoolStatsIndicator = DbPoolStatsIndicator; diff --git a/src/health/indicators/dist/typeorm.health.js b/src/health/indicators/dist/typeorm.health.js deleted file mode 100644 index 4487533..0000000 --- a/src/health/indicators/dist/typeorm.health.js +++ /dev/null @@ -1,122 +0,0 @@ -"use strict"; -var __extends = (this && this.__extends) || (function () { - var extendStatics = function (d, b) { - extendStatics = Object.setPrototypeOf || - ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) || - function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; }; - return extendStatics(d, b); - }; - return function (d, b) { - extendStatics(d, b); - function __() { this.constructor = d; } - d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __()); - }; -})(); -var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { - var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; - if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); - else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; -}; -var __param = (this && this.__param) || function (paramIndex, decorator) { - return function (target, key) { decorator(target, key, paramIndex); } -}; -var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { - function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } - return new (P || (P = Promise))(function (resolve, reject) { - function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } - function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } - function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } - step((generator = generator.apply(thisArg, _arguments || [])).next()); - }); -}; -var __generator = (this && this.__generator) || function (thisArg, body) { - var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g; - return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g; - function verb(n) { return function (v) { return step([n, v]); }; } - function step(op) { - if (f) throw new TypeError("Generator is already executing."); - while (_) try { - if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; - if (y = 0, t) op = [op[0] & 2, t.value]; - switch (op[0]) { - case 0: case 1: t = op; break; - case 4: _.label++; return { value: op[1], done: false }; - case 5: _.label++; y = op[1]; op = [0]; continue; - case 7: op = _.ops.pop(); _.trys.pop(); continue; - default: - if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; } - if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; } - if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; } - if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; } - if (t[2]) _.ops.pop(); - _.trys.pop(); continue; - } - op = body.call(thisArg, _); - } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; } - if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true }; - } -}; -exports.__esModule = true; -exports.TypeOrmHealthIndicator = void 0; -var common_1 = require("@nestjs/common"); -var terminus_1 = require("@nestjs/terminus"); -var typeorm_1 = require("@nestjs/typeorm"); -var TypeOrmHealthIndicator = /** @class */ (function (_super) { - __extends(TypeOrmHealthIndicator, _super); - function TypeOrmHealthIndicator(oracleConnection, postgresConnection) { - var _this = _super.call(this) || this; - _this.oracleConnection = oracleConnection; - _this.postgresConnection = postgresConnection; - return _this; - } - TypeOrmHealthIndicator.prototype.checkOracle = function () { - return __awaiter(this, void 0, Promise, function () { - var key, isHealthy, result, result; - return __generator(this, function (_a) { - key = 'oracle'; - try { - isHealthy = this.oracleConnection.isInitialized; - result = this.getStatus(key, isHealthy); - if (isHealthy) { - return [2 /*return*/, result]; - } - throw new terminus_1.HealthCheckError('Oracle healthcheck failed', result); - } - catch (error) { - result = this.getStatus(key, false, { message: error.message }); - throw new terminus_1.HealthCheckError('Oracle healthcheck failed', result); - } - return [2 /*return*/]; - }); - }); - }; - TypeOrmHealthIndicator.prototype.checkPostgres = function () { - return __awaiter(this, void 0, Promise, function () { - var key, isHealthy, result, result; - return __generator(this, function (_a) { - key = 'postgres'; - try { - isHealthy = this.postgresConnection.isInitialized; - result = this.getStatus(key, isHealthy); - if (isHealthy) { - return [2 /*return*/, result]; - } - throw new terminus_1.HealthCheckError('Postgres healthcheck failed', result); - } - catch (error) { - result = this.getStatus(key, false, { message: error.message }); - throw new terminus_1.HealthCheckError('Postgres healthcheck failed', result); - } - return [2 /*return*/]; - }); - }); - }; - TypeOrmHealthIndicator = __decorate([ - common_1.Injectable(), - __param(0, typeorm_1.InjectConnection('oracle')), - __param(1, typeorm_1.InjectConnection('postgres')) - ], TypeOrmHealthIndicator); - return TypeOrmHealthIndicator; -}(terminus_1.HealthIndicator)); -exports.TypeOrmHealthIndicator = TypeOrmHealthIndicator; diff --git a/src/health/metrics/custom.metrics.ts b/src/health/metrics/custom.metrics.ts new file mode 100644 index 0000000..b760f98 --- /dev/null +++ b/src/health/metrics/custom.metrics.ts @@ -0,0 +1,93 @@ +import { Injectable } from '@nestjs/common'; +import { InjectMetric } from '@willsoto/nestjs-prometheus'; +import { Counter, Gauge, Histogram } from 'prom-client'; +import { InjectConnection } from '@nestjs/typeorm'; +import { DataSource } from 'typeorm'; + +@Injectable() +export class CustomMetricsService { + constructor( + @InjectMetric('http_request_total') + private readonly requestCounter: Counter, + + @InjectMetric('http_request_duration_seconds') + private readonly requestDuration: Histogram, + + @InjectMetric('api_memory_usage_bytes') + private readonly memoryGauge: Gauge, + + @InjectMetric('api_db_connection_pool_used') + private readonly dbPoolUsedGauge: Gauge, + + @InjectMetric('api_db_connection_pool_total') + private readonly dbPoolTotalGauge: Gauge, + + @InjectMetric('api_db_query_duration_seconds') + private readonly dbQueryDuration: Histogram, + + @InjectConnection('oracle') + private oracleConnection: DataSource, + + @InjectConnection('postgres') + private postgresConnection: DataSource, + ) { + // Iniciar coleta de métricas de memória + this.startMemoryMetrics(); + + // Iniciar coleta de métricas do pool de conexões + this.startDbPoolMetrics(); + } + + recordHttpRequest(method: string, route: string, statusCode: number): void { + this.requestCounter.inc({ method, route, statusCode: statusCode.toString() }); + } + + startTimingRequest(): (labels?: Record) => void { + const end = this.requestDuration.startTimer(); + return (labels?: Record) => end(labels); + } + + recordDbQueryDuration(db: 'oracle' | 'postgres', operation: string, durationMs: number): void { + this.dbQueryDuration.observe({ db, operation }, durationMs / 1000); + } + + private startMemoryMetrics(): void { + // Coletar métricas de memória a cada 15 segundos + setInterval(() => { + const memoryUsage = process.memoryUsage(); + this.memoryGauge.set({ type: 'rss' }, memoryUsage.rss); + this.memoryGauge.set({ type: 'heapTotal' }, memoryUsage.heapTotal); + this.memoryGauge.set({ type: 'heapUsed' }, memoryUsage.heapUsed); + this.memoryGauge.set({ type: 'external' }, memoryUsage.external); + }, 15000); + } + + private startDbPoolMetrics(): void { + // Coletar métricas do pool de conexões a cada 15 segundos + setInterval(async () => { + try { + // Tente obter estatísticas do pool do Oracle + // Nota: depende da implementação específica do OracleDB + if (this.oracleConnection && this.oracleConnection.driver) { + const oraclePoolStats = (this.oracleConnection.driver as any).pool?.getStatistics?.(); + if (oraclePoolStats) { + this.dbPoolUsedGauge.set({ db: 'oracle' }, oraclePoolStats.busy || 0); + this.dbPoolTotalGauge.set({ db: 'oracle' }, oraclePoolStats.poolMax || 0); + } + } + + // Tente obter estatísticas do pool do Postgres + // Nota: depende da implementação específica do TypeORM + if (this.postgresConnection && this.postgresConnection.driver) { + const pgPoolStats = (this.postgresConnection.driver as any).pool; + if (pgPoolStats) { + this.dbPoolUsedGauge.set({ db: 'postgres' }, pgPoolStats.totalCount - pgPoolStats.idleCount || 0); + this.dbPoolTotalGauge.set({ db: 'postgres' }, pgPoolStats.totalCount || 0); + } + } + } catch (error) { + console.error('Erro ao coletar métricas do pool de conexões:', error); + } + }, 15000); + } +} \ No newline at end of file diff --git a/src/health/metrics/metrics.config.ts b/src/health/metrics/metrics.config.ts new file mode 100644 index 0000000..cf81bc9 --- /dev/null +++ b/src/health/metrics/metrics.config.ts @@ -0,0 +1,51 @@ +import { + makeCounterProvider, + makeGaugeProvider, + makeHistogramProvider +} from '@willsoto/nestjs-prometheus'; + +export const metricProviders = [ + // Contador de requisições HTTP + makeCounterProvider({ + name: 'http_request_total', + help: 'Total de requisições HTTP', + labelNames: ['method', 'route', 'statusCode'], + }), + + // Histograma de duração de requisições HTTP + makeHistogramProvider({ + name: 'http_request_duration_seconds', + help: 'Duração das requisições HTTP em segundos', + labelNames: ['method', 'route', 'error'], // 👈 adicionado "error" + buckets: [0.01, 0.05, 0.1, 0.5, 1, 2, 5, 10], + }), + + // Gauge para uso de memória + makeGaugeProvider({ + name: 'api_memory_usage_bytes', + help: 'Uso de memória da aplicação em bytes', + labelNames: ['type'], + }), + + // Gauge para conexões de banco de dados usadas + makeGaugeProvider({ + name: 'api_db_connection_pool_used', + help: 'Número de conexões de banco de dados em uso', + labelNames: ['db'], + }), + + // Gauge para total de conexões no pool de banco de dados + makeGaugeProvider({ + name: 'api_db_connection_pool_total', + help: 'Número total de conexões no pool de banco de dados', + labelNames: ['db'], + }), + + // Histograma para duração de consultas de banco de dados + makeHistogramProvider({ + name: 'api_db_query_duration_seconds', + help: 'Duração das consultas de banco de dados em segundos', + labelNames: ['db', 'operation'], + buckets: [0.001, 0.005, 0.01, 0.05, 0.1, 0.5, 1, 2], + }), +]; \ No newline at end of file diff --git a/src/health/metrics/metrics.interceptor.ts b/src/health/metrics/metrics.interceptor.ts new file mode 100644 index 0000000..a983657 --- /dev/null +++ b/src/health/metrics/metrics.interceptor.ts @@ -0,0 +1,64 @@ +import { + Injectable, + NestInterceptor, + ExecutionContext, + CallHandler, +} from '@nestjs/common'; +import { Observable } from 'rxjs'; +import { tap } from 'rxjs/operators'; +import { CustomMetricsService } from './custom.metrics'; + +@Injectable() +export class MetricsInterceptor implements NestInterceptor { + constructor(private metricsService: CustomMetricsService) {} + + intercept(context: ExecutionContext, next: CallHandler): Observable { + if (context.getType() !== 'http') { + return next.handle(); + } + + const request = context.switchToHttp().getRequest(); + const { method, url } = request; + + // Simplificar a rota para evitar cardinalidade alta no Prometheus + // Ex: /users/123 -> /users/:id + const route = this.normalizeRoute(url); + + // Inicia o timer para medir a duração da requisição + const endTimer = this.metricsService.startTimingRequest(); + + return next.handle().pipe( + tap({ + next: (data) => { + const response = context.switchToHttp().getResponse(); + const statusCode = response.statusCode; + + // Registra a requisição concluída + this.metricsService.recordHttpRequest(method, route, statusCode); + + // Finaliza o timer com labels adicionais + endTimer({ method, route }); + }, + error: (error) => { + // Determina o código de status do erro + const statusCode = error.status || 500; + + // Registra a requisição com erro + this.metricsService.recordHttpRequest(method, route, statusCode); + + // Finaliza o timer com labels adicionais + endTimer({ method, route, error: 'true' }); + } + }) + ); + } + + private normalizeRoute(url: string): string { + // Remove query parameters + const path = url.split('?')[0]; + + // Normaliza rotas com IDs e outros parâmetros dinâmicos + // Por exemplo, /users/123 -> /users/:id + return path.replace(/\/[0-9a-f]{8,}|\/[0-9]+/g, '/:id'); + } +} \ No newline at end of file diff --git a/src/main.ts b/src/main.ts index 407c4b3..7d4d142 100644 --- a/src/main.ts +++ b/src/main.ts @@ -4,12 +4,30 @@ import { ValidationPipe } from '@nestjs/common'; import { ResponseInterceptor } from './common/response.interceptor'; import { DocumentBuilder, SwaggerModule } from '@nestjs/swagger'; import helmet from 'helmet'; +import { NestExpressApplication } from '@nestjs/platform-express'; +import { join } from 'path'; async function bootstrap() { - const app = await NestFactory.create(AppModule); + const app = await NestFactory.create(AppModule); - // Adicionar Helmet para proteção de cabeçalhos HTTP - app.use(helmet()); + app.use(helmet({ + contentSecurityPolicy: { + directives: { + defaultSrc: [`'self'`], + scriptSrc: [`'self'`, `'unsafe-inline'`, 'cdn.jsdelivr.net', 'cdnjs.cloudflare.com'], + styleSrc: [`'self'`, `'unsafe-inline'`, 'cdnjs.cloudflare.com'], + imgSrc: [`'self'`, 'data:'], + connectSrc: [`'self'`], + fontSrc: [`'self'`, 'cdnjs.cloudflare.com'], + }, + }, + })); + + // Configurar pasta de arquivos estáticos + app.useStaticAssets(join(__dirname, '..', 'public'), { + index: false, + prefix: '/dashboard', + }); app.useGlobalInterceptors(new ResponseInterceptor()); @@ -21,13 +39,11 @@ async function bootstrap() { transformOptions: { enableImplicitConversion: true, }, - // Tornar validações mais rigorosas forbidUnknownValues: true, disableErrorMessages: process.env.NODE_ENV === 'production', }), ); - // Configuração CORS mais restritiva app.enableCors({ origin: process.env.NODE_ENV === 'production' ? ['https://seu-dominio.com', 'https://admin.seu-dominio.com'] @@ -49,5 +65,7 @@ async function bootstrap() { SwaggerModule.setup('docs', app, document); await app.listen(8066); + + } bootstrap();