feat(payments-gateway): DOMA-12604 create miniapp

[vovaaxeapolla]

Summary by CodeRabbit

• New Features

  • Added support for a payments gateway service across build, deploy, and test flows.

• Chores

  • Integrated the payments gateway into CI/CD with conditional test gating and a dedicated test job.
  • Added the payments gateway as a repository submodule and introduced its image/build configuration.
  • Added CI environment mapping for the payments gateway deployment step.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

Adds a payments-gateway service: registers it as a git submodule, updates werf to build a payments_gateway image, extends CI detect-changes and adds a gated payments-gateway test job, and adds WERF_SET_CI_PAYMENTS_GATEWAY_URL to deploy workflows.

Changes

Cohort / File(s)	Summary
Deployment env updates ​.github/workflows/deploy_development.yaml, ​.github/workflows/deploy_production.yaml	Adds WERF_SET_CI_PAYMENTS_GATEWAY_URL: "global.ci_payments_gateway_url=payments-gateway.d.doma.ai" to the Converge step env blocks.
CI workflow: payments-gateway ​.github/workflows/nodejs.condo.ci.yml	Adds payments-gateway to detect-changes outputs and path filters (apps/payments-gateway/**, apps/condo/domains/acquiring/**); introduces run-payments-gateway-tests job mirroring existing service test jobs (registry login, Postgres/Redis setup, app preparation, start/wait, run tests).
Git submodule registration .gitmodules	Adds submodule entry apps/payments-gateway → [email protected]:open-condo-software/condo-payments-gateway.git.
Submodule pointers .helm, apps/payments-gateway	Updates .helm subproject pointer and records a commit reference for the apps/payments-gateway submodule.
Werf build manifest werf.yaml	Adds payments_gateway image block (replacing prior accruals_gateway block), configuring git stageDependencies, build shell steps for @app/payments-gateway, and docker envs consistent with other images.

Sequence Diagram(s)

sequenceDiagram
  participant Detect as detect-changes
  participant CI as GitHub Actions
  participant Registry as Container Registry
  participant DB as Postgres/Redis
  participant App as payments-gateway
  participant Tests as Test runner

  rect rgb(233,245,233)
    Detect->>CI: emit outputs (payments-gateway changed)
    CI->>CI: if payments-gateway output == 'true'
    CI->>Registry: docker login / pull base images
    CI->>DB: start Postgres & Redis services
    CI->>App: prepare, build, and start payments-gateway
    CI->>App: wait for readiness
    CI->>Tests: run tests against payments-gateway
    Tests-->>CI: test results
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Verify detect-changes path filters and outputs are correct.
• Confirm new test job secrets/env and service startup ordering.
• Ensure submodule URL/path and referenced commit exist and are intended.
• Validate werf.yaml image name, build commands, and excluded paths.

Possibly related PRs

• test(condo): DOMA-11447 add integration tests in external-api #6268 — Adds detect-changes outputs and conditional service test jobs to the same CI workflow (similar gating pattern).
• chore(condo): Update werf.yaml and CI config to include news-telegram applications #6083 — Makes parallel CI and werf.yaml changes (new image build blocks and WERF_SET_CI_* mappings).
• hotfix(infra): DOMA-11149 added billing self service global ci urls #6305 — Adds a similar WERF_SET_CI_* env var to deploy workflows (analogous deploy change).

Suggested labels

✋🙂 Review please

Suggested reviewers

• abshnko
• toplenboren
• dkoviazin

Poem

🐰 I stitched a submodule, hopped through CI,
I told werf to build what payments need,
Tests wake only when their files change,
Env var set, the pipeline hums,
A carrot-toast for smooth deploy speed.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat(payments-gateway): DOMA-12604 create miniapp' accurately describes the primary change—adding a new payments-gateway miniapp with corresponding CI/CD, configuration, and workflow integrations.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/payments-gateway/create-miniapp

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 141520a and 7b23425.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (7)

• .github/workflows/deploy_development.yaml (1 hunks)
• .github/workflows/deploy_production.yaml (1 hunks)
• .github/workflows/nodejs.condo.ci.yml (3 hunks)
• .gitmodules (1 hunks)
• .helm (1 hunks)
• apps/payments-gateway (1 hunks)
• werf.yaml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (5)

• .helm
• .gitmodules
• apps/payments-gateway
• .github/workflows/deploy_production.yaml
• .github/workflows/deploy_development.yaml

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-06-06T08:38:31.213Z

Learnt from: tolmachev21
Repo: open-condo-software/condo PR: 6268
File: .github/workflows/nodejs.condo.ci.yml:557-559
Timestamp: 2025-06-06T08:38:31.213Z
Learning: In the external-api test job in .github/workflows/nodejs.condo.ci.yml, the external-api workspace does not need to be explicitly prepared with `node bin/prepare.js -f` unlike other workspaces like meter-importer, dev-portal-api, etc.

Applied to files:

• .github/workflows/nodejs.condo.ci.yml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: Build open-source part (ubuntu-22.04, 22.x, 3.13)
• GitHub Check: Build open-source part (ubuntu-22.04, 22.x, 3.13)
• GitHub Check: Lint source code (22.x)
• GitHub Check: Check dependencies integrity (22.x)
• GitHub Check: Semgrep vulnerabilities check
• GitHub Check: Build Docker Image
• GitHub Check: Semgrep vulnerabilities check
• GitHub Check: Check dependencies integrity (22.x)
• GitHub Check: Lint source code (22.x)

🔇 Additional comments (5)

.github/workflows/nodejs.condo.ci.yml (4)

141-141: ✓ Detect-changes output correctly added.

The payments-gateway output is properly positioned and formatted in the detect-changes job outputs section.

---

192-194: ✓ Path filter correctly configured.

The payments-gateway change detection includes both the app-specific path and the shared acquiring domain, consistent with how accruals-gateway and pos-integration are configured.

---

618-628: Minor: Inconsistent action version pinning.

Line 628 uses a pinned SHA (@5e57cd118135c172c3672efd75eb46360885c0ef) for docker/login-action, whereas most other test jobs use @v3. While accruals-gateway (line 732) follows the same pattern, this creates inconsistency with the rest of the CI workflow. Verify if this pinning is intentional (e.g., for reproducibility/stability of gateway tests).

---

618-668: ✓ Review comment verification confirmed – no issues found.

The payments-gateway app is properly declared as a workspace (under apps/* pattern in package.json) and the prepare.js script dynamically discovers all apps via getAllActualApps(). The workflow command node bin/prepare.js -f condo payments-gateway is valid and correctly filters to prepare both the condo and payments-gateway applications. The job structure and configuration are sound.

werf.yaml (1)

1236-1277: ✓ Workspace configuration verified successfully.

The @app/payments-gateway workspace is properly registered. The package.json uses glob patterns ("apps/*" and "packages/*") for workspaces, and the apps/payments-gateway directory exists and is automatically included in the workspace configuration.

Tip

📝 Customizable high-level summaries are now available in beta!

You can now customize how CodeRabbit generates the high-level summary in your pull requests — including its content, structure, tone, and formatting.

• Provide your own instructions using the high_level_summary_instructions setting.
• Format the summary however you like (bullet lists, tables, multi-section layouts, contributor stats, etc.).
• Use high_level_summary_in_walkthrough to move the summary from the description to the walkthrough section.

Example instruction:

"Divide the high-level summary into five sections:

1. 📝 Description — Summarize the main change in 50–60 words, explaining what was done.
2. 📓 References — List relevant issues, discussions, documentation, or related PRs.
3. 📦 Dependencies & Requirements — Mention any new/updated dependencies, environment variable changes, or configuration updates.
4. 📊 Contributor Summary — Include a Markdown table showing contributions:
   | Contributor | Lines Added | Lines Removed | Files Changed |
5. ✔️ Additional Notes — Add any extra reviewer context.
   Keep each section concise (under 200 words) and use bullet or numbered lists for clarity."

Note: This feature is currently in beta for Pro-tier users, and pricing will be announced later.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Point payments gateway URL to production host

In deploy_production.yaml the production deployment exports WERF_SET_CI_PAYMENTS_GATEWAY_URL as payments-gateway.d.doma.ai, which is the development domain pattern, while every other production URL in this job uses the .doma.ai host. When the production workflow runs, it will bake a dev gateway URL into the release values, causing production pods to call the development payments gateway.

Useful? React with 👍 / 👎.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/nodejs.condo.ci.yml (1)

618-668: Payments-gateway test job properly configured with minor version inconsistency.

The new run-payments-gateway-tests job follows the standard test job template with all necessary steps (login, DB setup, app preparation, migration checks, tests). The job structure and logic are sound.

However, line 628 uses docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef (pinned SHA), which matches the accruals-gateway job (line 732) but diverges from most other test jobs like pos-integration (line 680) that use @v3. Consider standardizing the action version across all test jobs for consistency and maintainability.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b1b4b9f and 52f8b18.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (7)

• .github/workflows/deploy_development.yaml (1 hunks)
• .github/workflows/deploy_production.yaml (1 hunks)
• .github/workflows/nodejs.condo.ci.yml (3 hunks)
• .gitmodules (1 hunks)
• .helm (1 hunks)
• apps/payments-gateway (1 hunks)
• werf.yaml (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-06-06T08:38:31.213Z

Learnt from: tolmachev21
Repo: open-condo-software/condo PR: 6268
File: .github/workflows/nodejs.condo.ci.yml:557-559
Timestamp: 2025-06-06T08:38:31.213Z
Learning: In the external-api test job in .github/workflows/nodejs.condo.ci.yml, the external-api workspace does not need to be explicitly prepared with `node bin/prepare.js -f` unlike other workspaces like meter-importer, dev-portal-api, etc.

Applied to files:

• .github/workflows/nodejs.condo.ci.yml

📚 Learning: 2025-07-18T09:11:21.889Z

Learnt from: YEgorLu
Repo: open-condo-software/condo PR: 6410
File: .github/workflows/deploy_development.yaml:68-68
Timestamp: 2025-07-18T09:11:21.889Z
Learning: In the open-condo-software/condo repository, Helm templates are stored externally (not in the repository's .helm/ directory which is empty). The WERF_SET_CI_* environment variables in .github/workflows/deploy_development.yaml are used by Werf to pass configuration values to external Helm templates during deployment.

Applied to files:

• .github/workflows/deploy_production.yaml
• .github/workflows/deploy_development.yaml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Build Docker Image

🔇 Additional comments (8)

apps/payments-gateway (1)

1-1: Submodule configuration verified and properly integrated.

All verification checks pass:

• ✓ .gitmodules is correctly configured with the payments-gateway submodule
• ✓ werf.yaml includes proper build steps for the payments-gateway service (lines 1237, 1270-1271)
• ✓ Commit hash is valid and accessible (supported by recent feature commits)
• ✓ No merge conflicts detected
• ✓ Infrastructure changes are properly aligned with the submodule addition

The submodule is correctly added as a new entry to the repository's build system.

.github/workflows/deploy_development.yaml (1)

78-78: Add payments-gateway URL configuration — approval pending verification.

The new environment variable follows the established pattern for service URL configuration and integrates smoothly into the existing Werf deployment setup. The naming convention, URL format, and logical placement are all consistent with the other WERF_SET_CI_* variables.

Before merge, please confirm:

1. Production parity: Does .github/workflows/deploy_production.yaml contain a corresponding change with the same variable name (adjusted with the production environment's domain if applicable)?
2. Helm template support: Are the external Helm templates configured to accept and use the global.ci_payments_gateway_url variable during deployment?
3. Service accessibility: Is the payments-gateway service accessible at payments-gateway.d.doma.ai in the development environment?

Based on learnings, WERF_SET_CI_* variables are passed to external Helm templates, so template support is critical for this configuration to be applied correctly.

.helm (1)

1-1: Verify submodule commit and alignment with PR objectives.

The submodule pointer has been updated to a new commit. Confirm that:

1. The new commit hash (7fc9cad8546e99a7280ff7742be9df11d167cdfa) exists in the .helm submodule repository
2. The commit contains changes that align with the PR objectives for payments-gateway integration (e.g., helm chart updates for the new service)
3. The update is synchronized with related changes in .gitmodules, werf.yaml, CI/CD workflows, and the apps/payments-gateway submodule pointer

.gitmodules (1)

79-81: Submodule entry correctly configured.

The payments-gateway submodule registration follows the established pattern and is syntactically correct.

.github/workflows/deploy_production.yaml (1)

85-85: Verify production URL subdomain configuration for payments-gateway.

The environment variable uses payments-gateway.d.doma.ai (with .d. subdomain), whereas accruals-gateway uses accruals-gateway.doma.ai (line 83). Confirm whether the .d. subdomain is intentional for this service in production or if it should match the accruals-gateway pattern for consistency.

werf.yaml (1)

1236-1277: Werf image configuration properly integrated.

The payments_gateway image block is correctly structured, mirroring the established pattern (consistent with accruals_gateway). All required sections are present and properly configured for the Node.js monorepo build system.

.github/workflows/nodejs.condo.ci.yml (2)

141-141: Output entry correctly added to detect-changes job.

The payments-gateway output follows the established naming and format convention.

---

192-194: Path filter configuration aligns with architectural intent.

The payments-gateway path filter correctly includes apps/payments-gateway/** and apps/condo/domains/acquiring/**, mirroring the accruals-gateway filter. This is appropriate given both services handle acquiring/payment-related functionality.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud