Fix POS integration gaps: real payment gateway calls, DB-backed token vault, env-based config

.env.example

@@ -0,0 +1,85 @@
+# Agent Banking Platform - Environment Variables
+# Generated from codebase analysis
+# Total variables: 54
+
+# ============================================================================
+# DATABASE
+# ============================================================================
+CONNECTIVITY_DATABASE_PATH=
+DATABASE_URL=http://localhost:8000
+EDGE_DATABASE_PATH=
+HARDWARE_DATABASE_PATH=
+POWER_DATABASE_PATH=
+RESILIENCE_DATABASE_PATH=
+
+# ============================================================================
+# REDIS
+# ============================================================================
+REDIS_ADDR=
+REDIS_PASSWORD=your-redis-password-here
+REDIS_URL=http://localhost:8000
+
+# ============================================================================
+# TIGERBEETLE
+# ============================================================================
+TIGERBEETLE_API_URL=http://localhost:8000
+TIGERBEETLE_CORE_URL=http://localhost:8000
+
+# ============================================================================
+# API_KEYS
+# ============================================================================
+API_KEY=your-api-key-here
+MINIO_SECRET_KEY=your-minio-secret-key-here
+NIBSS_API_KEY=your-nibss-api-key-here
+NIBSS_SECRET_KEY=your-nibss-secret-key-here
+
+# ============================================================================
+# SERVICE_URLS
+# ============================================================================
+AGENT_SERVICE_URL=http://localhost:8000
+MAIN_SERVER_URL=http://localhost:8000
+MANAGEMENT_SERVER_URL=http://localhost:8000
+MINIO_ENDPOINT=http://localhost:8000
+NIBSS_API_URL=http://localhost:8000
+PROMETHEUS_URL=http://localhost:8000
+SERVICE_URL_8080=http://localhost:8000
+SERVICE_URL_8090=http://localhost:8000
+SERVICE_URL_9003=http://localhost:8000
+
+# ============================================================================
+# JWT
+# ============================================================================
+WHATSAPP_ACCESS_TOKEN=
+WHATSAPP_WEBHOOK_VERIFY_TOKEN=
+
+# ============================================================================
+# OTHER
+# ============================================================================
+CA_CERT_PATH=
+CA_KEY_PATH=your-ca-key-path-here
+CERT_DIR=
+CONFIG_PATH=
+CONNECTIVITY_MONITOR_INTERVAL=
+CPU_LIMIT=
+GIN_MODE=
+HARDWARE_MONITOR_INTERVAL=
+HOSTNAME=
+MINIO_ACCESS_KEY=your-minio-access-key-here
+MINIO_USE_SSL=
+POD_NAME=
+PORT=
+POWER_MONITOR_INTERVAL=
+RESILIENCE_BACKUP_PATH=
+RESILIENCE_MONITOR_INTERVAL=
+SERVICE_CERT_PATH=
+SERVICE_KEY_PATH=your-service-key-path-here
+SERVICE_NAME=
+TERMINAL_ID=
+VAULT_ADDR=
+VAULT_ENABLED=false
+VAULT_PKI_PATH=
+VAULT_ROLE=
+VIDEO_ENCRYPTION_KEY=your-video-encryption-key-here
+WHATSAPP_BUSINESS_ACCOUNT_ID=
+WHATSAPP_PHONE_NUMBER_ID=
+WHATSAPP_WEBHOOK_SECRET=your-whatsapp-webhook-secret-here

.github/workflows/ci-cd.yml

@@ -0,0 +1,202 @@
+name: CI/CD Pipeline
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main, develop ]
+
+env:
+  PYTHON_VERSION: "3.11"
+  GO_VERSION: "1.21"
+  NODE_VERSION: "20"
+
+jobs:
+  # Unit Tests
+  unit-tests:
+    name: Unit Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+
+      - name: Install dependencies
+        run: |
+          pip install -r tests/requirements-test.txt
+
+      - name: Run unit tests
+        run: |
+          cd tests
+          pytest unit/ -v -m unit --cov=../backend --cov-report=xml
+
+      - name: Upload coverage
+        uses: codecov/codecov-action@v3
+        with:
+          file: ./tests/coverage.xml
+          flags: unittests
+
+  # Integration Tests
+  integration-tests:
+    name: Integration Tests
+    runs-on: ubuntu-latest
+
+    services:
+      redis:
+        image: redis:7-alpine
+        ports:
+          - 6379:6379
+
+      postgres:
+        image: postgres:15-alpine
+        env:
+          POSTGRES_PASSWORD: postgres
+        ports:
+          - 5432:5432
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+
+      - name: Install dependencies
+        run: |
+          pip install -r tests/requirements-test.txt
+
+      - name: Run integration tests
+        run: |
+          cd tests
+          pytest integration/ -v -m integration
+        env:
+          REDIS_URL: redis://localhost:6379
+          DATABASE_URL: postgresql://postgres:postgres@localhost:5432/test
+
+  # E2E Tests
+  e2e-tests:
+    name: End-to-End Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+
+      - name: Install dependencies
+        run: |
+          pip install -r tests/requirements-test.txt
+
+      - name: Run E2E tests
+        run: |
+          cd tests
+          pytest e2e/ -v -m e2e --maxfail=3
+
+  # Performance Tests
+  performance-tests:
+    name: Performance Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+
+      - name: Install dependencies
+        run: |
+          pip install -r tests/requirements-test.txt
+
+      - name: Run performance tests
+        run: |
+          cd tests
+          pytest performance/ -v -m performance --benchmark-only
+
+  # Code Quality
+  code-quality:
+    name: Code Quality
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+
+      - name: Install linting tools
+        run: |
+          pip install pylint black isort mypy flake8
+
+      - name: Run Black
+        run: black --check backend/
+
+      - name: Run isort
+        run: isort --check-only backend/
+
+      - name: Run flake8
+        run: flake8 backend/ --max-line-length=120
+
+      - name: Run pylint
+        run: pylint backend/ --fail-under=8.0
+
+  # Security Scan
+  security-scan:
+    name: Security Scan
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          scan-ref: '.'
+          format: 'sarif'
+          output: 'trivy-results.sarif'
+
+      - name: Upload Trivy results
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: 'trivy-results.sarif'
+
+  # Build and Deploy
+  build-deploy:
+    name: Build and Deploy
+    needs: [unit-tests, integration-tests, e2e-tests, code-quality]
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/main'
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Build and push Docker images
+        run: |
+          docker-compose build
+          docker-compose push
+
+      - name: Deploy to production
+        run: |
+          echo "Deploying to production..."
+          # Add deployment commands here