Replace all Ballerine features with open-source Temporal equivalents#12
Open
devin-ai-integration[bot] wants to merge 16 commits intomainfrom
Open
Replace all Ballerine features with open-source Temporal equivalents#12devin-ai-integration[bot] wants to merge 16 commits intomainfrom
devin-ai-integration[bot] wants to merge 16 commits intomainfrom
Conversation
Co-Authored-By: Patrick Munis <pmunis@gmail.com>
- activities_next_5.py: Replace 37 TODOs with production-ready Temporal workflow activities (QR payments, offline sync, 2FA, recurring payments, commission tracking, etc.) - agent-performance/main.py: Implement uptime calculation, float utilization, percentile ranking, and peer comparison queries - ml_monitoring.py: Implement AUC-PR calculation for ML model evaluation - generate_all_routers.py: Replace TODO with real database query execution - user-service/main.go: Implement email/phone verification, password reset, resend verification with Redis token storage and messaging integration - agent-hierarchy/main.go: Implement audit trail logging for agent suspension - kafka_consumer.py: Implement Kafka message processing with proper error handling - example_service_with_auth.py: Implement Keycloak token validation Co-Authored-By: Patrick Munis <pmunis@gmail.com>
…lders, enforce env vars - Remove all hardcoded secrets/credentials across services - Enforce required env vars (JWT_SECRET, ILP_SECRET, ENCRYPTION_KEY, etc.) - Replace signature_placeholder with HMAC-SHA256 signing - Replace demo/hardcoded users with env-var-loaded user stores - Implement MFA setup/verify handlers in security-service - Implement message signing in POS management server - Replace mock exchange rate provider with fallback provider - Implement all 39 workflow activity stubs - Implement all 17 video KYC orchestrator stubs - Wire up TigerBeetle resilient client with conditional import - Replace mock Keycloak token with real API call - Remove hardcoded docker-compose passwords (use env var substitution) Co-Authored-By: Patrick Munis <pmunis@gmail.com>
…-backed endpoints, AML screening API - agent_onboarding_service.py: Fix import typo (create_database_url -> create_engine), replace mock OCR with real OCR service call + fallback, replace mock KYC with real provider HTTP call + retry, replace mock KYB with real Ballerine workflow call + retry, require DATABASE_URL env var, restrict CORS origins - agent_onboarding_service_enhanced.py: Implement all 8 placeholder endpoints with real DB queries (list docs/verifications/reviews, approve/reject/suspend/reactivate, assign reviewer, search with filters, statistics with aggregations), require DATABASE_URL env var, restrict CORS origins - kyc_kyb_service.py: Replace pattern-matching AML screening with external sanctions/PEP API calls with retry, expand high-risk countries list - kyc_encryption.py: Require KYC_MASTER_KEY env var (fail hard instead of ephemeral key), add DB persistence for audit trail entries - agent_service.go: Implement 15 stub methods with real DB queries (transaction/commission/customer/compliance metrics, performance scoring, ranking, achievements, recommendations, bulk operations, CSV/XLSX export, admin check, new agent/approval processing) Co-Authored-By: Patrick Munis <pmunis@gmail.com>
… engine - Telco integration: Replace skeleton with real VTPass API integration, retry logic, commission tracking, transaction verification/requery, data plans endpoint - Biller integration: Multi-provider support (Baxi primary, VTpass fallback), 13 electricity providers, cable TV (DSTV/GOtv/Startimes), government bills, agent commission, retry with exponential backoff - Fee schedule engine: Configurable per-merchant/per-provider fee tiers with percentage caps, flat fees, tiered volume-based fees, batch calculation endpoint - Settlement service: Wire fee schedule engine into deduction calculations Co-Authored-By: Patrick Munis <pmunis@gmail.com>
…le management Co-Authored-By: Patrick Munis <pmunis@gmail.com>
…biometric capture Co-Authored-By: Patrick Munis <pmunis@gmail.com>
- Replace single OCR service call with parallel PaddleOCR + VLM + Docling pipeline - Add _run_paddleocr(), _run_vlm(), _run_docling() async engine functions - Aggregate results using confidence-weighted selection across all engines - Replace DeepSeekOCRClient with PaddleOCRClient in ocr_service.py - Add VLMClient for semantic document understanding - Update OCREngine enum: PADDLEOCR, VLM, DOCLING, TESSERACT, AUTO - Frontend: add processing pipeline visualization with live stage indicators - Show per-document PaddleOCR/VLM/Docling progress and confidence bars - Update submission success screen to reference new pipeline Co-Authored-By: Patrick Munis <pmunis@gmail.com>
…t backend Co-Authored-By: Patrick Munis <pmunis@gmail.com>
Co-Authored-By: Patrick Munis <pmunis@gmail.com>
- Create centralized ApiClient with env-based config, retry logic, auth token management - Replace weak DJB2 hash with HMAC-SHA256 in TransactionSigning - Replace weak DJB2 hash with SubtleCrypto SHA-256 in DeviceBinding - Implement real RASP Frida/debugger detection (not stubs) - Replace base64 compression with real DEFLATE in PerformanceManager - Make certificate pinning hashes configurable via env vars - Wire CertificatePinning.fetch() into ApiClient for all API calls - Fix USSD manager to use real native module bridge with system dialer fallback - Fix PWA broken platform checks (hardcoded 'web' string comparisons) - Replace all hardcoded API URLs with centralized ApiClient - Applied consistently across native-enhanced, hybrid, and PWA variants Co-Authored-By: Patrick Munis <pmunis@gmail.com>
- Created router.py for 51 Python services that had endpoints but no router - Updated main.py SERVICE_MODULES from 83 to 134 services - Restored 20 missing vite.config.js files from original archive - All services now wired into unified gateway Co-Authored-By: Patrick Munis <pmunis@gmail.com>
…astAPI routers, Nigerian states, mobile flow, env vars Gap 1: Replace simulated NIN verification with real NIMC API calls (3 retries, exponential backoff, checksum validation) Gap 2: Replace simulated BVN/biometric verification with real NIBSS/biometric service calls Gap 3: Wire 4 disconnected KYC services together via delegation endpoints Gap 4: Add FastAPI router for kyc-kyb-service (continuous monitoring, case management, corporate monitoring, QA) Gap 5: Replace simulated ComplyAdvantage/OFAC screening with real API calls + CAC corporate data fetch Gap 6: Wire Management PWA KYCManagement to real kycApi (remove mockApplications) Gap 7: Add all 36+1 Nigerian states to Customer Portal KYCVerification dropdown Gap 8: Implement full mobile KYC verification flow (5-step: info, identity, documents, review, complete) Gap 9: Replace hardcoded localhost URLs in Video KYC with env vars (FACE_DETECTION_URL, LIVENESS_DETECTION_URL, VIDEO_STORAGE_URL, BIOMETRIC_MATCHING_URL) Co-Authored-By: Patrick Munis <pmunis@gmail.com>
…vars, frontend wiring Fix 1: Rewrite kyb-verification/main.py - replace broken storage[] refs with HTTP delegation to 3 upstream services Fix 2: Add deep_kyb HTTP endpoints to kyc-kyb-service/router.py (verify, status, bank-statement, evidence, owners, directors, complete, paths) Fix 4: Replace keyword-based screening with real OFAC/UN/EU API calls + retry + fallback in kyb_screening_services.py Fix 5: Replace BVN/NIN/PEP/sanctions stubs with real NIBSS/NIMC/screening API calls in deep_kyb.py Fix 6: Replace useBallerine.js Math.random() mock with real HTTP calls to /kyb/verify Fix 8: Wire Go KEDA service to real DB queries (duplicate check, proper status flow) Fix 9: Add __init__.py for kyb-verification package Fix 10: Replace hardcoded DB credentials in both Go services with required env vars Fix 11: Implement Kafka REST, Temporal HTTP, TigerBeetle HTTP calls in deep_kyb.py Fix 12: Add KYB verification endpoints + uploadKYBDocuments to frontend api.js Co-Authored-By: Patrick Munis <pmunis@gmail.com>
- Replace all Ballerine API calls with Temporal workflow orchestration - Rename ballerine-integration service to workflow-integration - Rename ballerine_kyb_integration.py to workflow_kyb_integration.py - Create useKYBVerification.js hook replacing useBallerine.js - Update CustomerOnboarding.jsx imports to use new hook - Update OnboardingFlow.jsx API calls (api.ballerine -> api.kyb) - Update frontend text references (Ballerine -> Temporal) - Replace BALLERINE_API_URL env var with TEMPORAL_API_URL in K8s - Convert ballerine-deployment.yaml to Temporal server deployment - Update all documentation references (catalog, reports, JSON configs) - Remove unused useEffect import (lint fix) Co-Authored-By: Patrick Munis <pmunis@gmail.com>
Author
Original prompt from Patrick |
Author
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
There was a problem hiding this comment.
Trivy found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.
- Wrap PWAInstallPrompt, PWAStatusIndicator, OfflineBanner in ErrorBoundary - Add try-catch guards to usePWA hooks for browser API access - Remove unused React default import (React 19 automatic JSX runtime) - Dashboard now renders correctly without crashing Co-Authored-By: Patrick Munis <pmunis@gmail.com>
4 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Replace all Ballerine features with open-source Temporal equivalents
Summary
Removes the proprietary Ballerine dependency across the entire platform (23+ files) and replaces it with open-source Temporal workflow orchestration.
Key changes:
BALLERINE_API_URL,BALLERINE_API_KEY,BALLERINE_WORKFLOW_ID) replaced with Temporal workflow client callsballerine-integration/→workflow-integration/,ballerine_kyb_integration.py→workflow_kyb_integration.pyuseKYBVerification.jshook replacesuseBallerine.js;CustomerOnboarding.jsximports updated;api.ballerine.verifyAgent()→api.kyb.verifyAgent()BALLERINE_API_URLenv var →TEMPORAL_API_URL;ballerine-deployment.yamlconverted to Temporal server deployment (imagetemporalio/server:1.24.2, ports 7233/8080)Review & Testing Checklist for Human
infrastructure/security/ballerine/ballerine-deployment.yamlwas bulk sed-replaced from Ballerine to Temporal config. The directory path still saysballerine/but content references Temporal. Verify the Temporal server image, ports (7233 gRPC / 8080 web), namespace, and config map names are correct for your cluster. This was NOT tested against a real k8s cluster.useBallerine.jsremoval — Confirm the oldfrontend/web-app/src/components/customer-management/useBallerine.jsis no longer imported anywhere and is effectively dead code (it was notgit rm'd in this PR, only a newuseKYBVerification.jswas added alongside it).workflow-integration/internal consistency — The files inbackend/python-services/workflow-integration/were renamed fromballerine-integrationbut verify the internal Python class names, function signatures, and docstrings are fully updated (sed replacement may have missed camelCase or partial matches).api.kyb.verifyAgent()resolves correctly and theuseKYBVerificationhook's fetch toKYB_API_URL/kyb/verifyworks against the actual backend endpoint.ballerine(case-insensitive) in any non-tracked files (logs, build artifacts, .env files) to ensure no hardcoded URLs or API keys remain.Test Plan
ballerine-deployment.yamlto a test k8s cluster and verify Temporal server starts successfullyworkflow-integrationservice health check returns 200 OKNotes