The latest articles on DEV Community by ibraheembello (@ibraheembello). https://dev.to/ibraheembello https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1140237%2Fe6a5feb4-6383-4b6c-9e47-b781c76a7d75.jpg https://dev.to/ibraheembello en ibraheembello Sun, 26 Apr 2026 02:05:12 +0000 https://dev.to/ibraheembello/building-a-real-time-anomaly-detection-engine-for-a-self-hosted-nextcloud-hng-stage-3-59km https://dev.to/ibraheembello/building-a-real-time-anomaly-detection-engine-for-a-self-hosted-nextcloud-hng-stage-3-59km <blockquote> <p><strong>TL;DR</strong> - I built a Python daemon that watches every HTTP request hitting an Nginx reverse proxy, learns what normal traffic looks like in real time, and automatically bans IPs that misbehave by inserting iptables rules at the kernel level. It alerts to Slack and ships its live metrics on a public dashboard. This post explains every piece in beginner-friendly terms.</p> </blockquote> <p><strong>Live demo:</strong> <a href="http://cloud-ng-anomaly.duckdns.org" rel="noopener noreferrer">http://cloud-ng-anomaly.duckdns.org</a><br> <strong>Source code:</strong> <a href="https://github.com/ibraheembello/hng-stage3-anomaly-detector" rel="noopener noreferrer">https://github.com/ibraheembello/hng-stage3-anomaly-detector</a></p> <h2> What the project does and why it matters </h2> <p>Imagine you run a public website, let's say, a self-hosted Google-Drive-style cloud storage. Random people visit it all day. Most are real users. Some are bots. A few are attackers trying to flood your server with fake requests until it falls over. That last category is called a <strong>DDoS</strong> attack - Distributed Denial of Service.</p> <p>The traditional way to deal with this is reactive: when something breaks, an engineer wakes up at 3 a.m., diagnoses the issue, and manually blocks the offender. That's slow and painful.</p> <p>The better way is <strong>proactive detection</strong>: watch the traffic continuously, learn what "normal" looks like, and automatically block the abnormal stuff <em>before</em> it brings the site down.</p> <p>That's what this project does - for a Nextcloud cluster running behind Nginx.</p> <p>It builds <strong>its own definition of "normal"</strong> from the last 30 minutes of real traffic, not a hardcoded number. It works whether you get 2 requests per second at 3 a.m. or 200 at peak. And when an attacker sends a burst, the detector reacts within a couple of seconds - adds a kernel-level firewall rule, pings me on Slack, and shows the ban on a dashboard.</p> <h2> The architecture in one picture </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftpnop3hei47fsg51bspp.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftpnop3hei47fsg51bspp.png" alt="arch" width="800" height="557"></a></p> <p>Four moving parts:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Component</th> <th>What it does</th> </tr> </thead> <tbody> <tr> <td><strong>Nginx</strong></td> <td>The doorman. Every request hits Nginx first; Nginx forwards it to Nextcloud. Crucially, it also writes a JSON line per request into a log file.</td> </tr> <tr> <td><strong>Nextcloud</strong></td> <td>The actual application. Doesn't know any of this is happening.</td> </tr> <tr> <td><strong>The detector daemon</strong></td> <td>A Python program that reads the log file as it grows. The brain of the operation.</td> </tr> <tr> <td><strong>iptables</strong></td> <td>The Linux kernel's firewall. The detector tells it <em>"drop every packet from this IP on ports 80 and 443"</em> and the kernel does the rest.</td> </tr> </tbody> </table></div> <p>Everything runs in Docker containers, orchestrated by Docker Compose, on one Ubuntu VPS.</p> <h2> Step 1 - How the sliding window works </h2> <p>This is the heart of the detector. Skip to step 2 if data structures bore you, but trust me - this part is <strong>clever and simple</strong>.</p> <p>A "rate" is a question: <em>"how many requests has this IP made in the last 60 seconds?"</em> If you naively count requests per minute by tallying them in 60-second buckets, you get the wrong answer when traffic falls right between two buckets - and an attacker can exploit that gap.</p> <p>A <strong>sliding window</strong> answers the same question, but the 60-second period <strong>slides forward continuously</strong> with the clock. So at 12:00:30, "the last 60 seconds" means 11:59:30 to 12:00:30. At 12:00:31, it means 11:59:31 to 12:00:31. Always exactly the past 60 seconds, never a fixed bucket.</p> <p>How do you implement that without re-counting every time? Use a <strong>deque</strong> - a "double-ended queue".<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">collections</span> <span class="kn">import</span> <span class="n">deque</span> <span class="c1"># Per-IP and global windows: each one stores timestamps of recent requests </span><span class="n">window</span> <span class="o">=</span> <span class="nf">deque</span><span class="p">()</span> <span class="n">WINDOW_SECONDS</span> <span class="o">=</span> <span class="mi">60</span> <span class="k">def</span> <span class="nf">record</span><span class="p">(</span><span class="n">now</span><span class="p">:</span> <span class="nb">float</span><span class="p">):</span> <span class="c1"># 1. Drop everything older than 60s from the front </span> <span class="k">while</span> <span class="n">window</span> <span class="ow">and</span> <span class="n">window</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="o">&lt;=</span> <span class="n">now</span> <span class="o">-</span> <span class="n">WINDOW_SECONDS</span><span class="p">:</span> <span class="n">window</span><span class="p">.</span><span class="nf">popleft</span><span class="p">()</span> <span class="c1"># 2. Append the new request to the back </span> <span class="n">window</span><span class="p">.</span><span class="nf">append</span><span class="p">(</span><span class="n">now</span><span class="p">)</span> <span class="k">def</span> <span class="nf">current_rate</span><span class="p">()</span> <span class="o">-&gt;</span> <span class="nb">float</span><span class="p">:</span> <span class="k">return</span> <span class="nf">len</span><span class="p">(</span><span class="n">window</span><span class="p">)</span> <span class="o">/</span> <span class="n">WINDOW_SECONDS</span> </code></pre> </div> <p>That's it. <strong>Two operations per request</strong>: pop old entries off the front (O(1)), append the new one to the back (O(1)). The current rate is just <code>len(window) / 60</code>.</p> <p>The detector keeps <strong>one such window per source IP</strong> and <strong>one global window</strong> across all traffic.</p> <blockquote> <p>⚠️ The Stage 3 brief explicitly forbids "faking the sliding window with a per-minute counter." This deque pattern is the cheapest way to satisfy that requirement honestly.</p> </blockquote> <h2> Step 2 - How the baseline learns from traffic </h2> <p>The detector now knows the <em>current</em> request rate. But it has no idea whether 5 requests per second is a lot or a little for <em>this</em> site. To answer that, it needs a <strong>baseline</strong> - a model of normal traffic.</p> <p>The baseline keeps a <strong>30-minute history of per-second request counts</strong>. Every second, the count of requests in that second is appended to a rolling list. The list is bounded so anything older than 30 minutes is automatically forgotten.</p> <p>Every 60 seconds, the baseline thread does this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">mean</span> <span class="o">=</span> <span class="n">statistics</span><span class="p">.</span><span class="nf">fmean</span><span class="p">(</span><span class="n">per_second_counts</span><span class="p">)</span> <span class="n">stddev</span> <span class="o">=</span> <span class="n">statistics</span><span class="p">.</span><span class="nf">stdev</span><span class="p">(</span><span class="n">per_second_counts</span><span class="p">)</span> </code></pre> </div> <p>That gives us two numbers describing the baseline:</p> <ul> <li> <strong>mean</strong> - on average, how many requests does this site get per second?</li> <li> <strong>stddev</strong> ("standard deviation") - how much does that number bounce around?</li> </ul> <h3> Per-hour-of-day slots </h3> <p>Here's a subtle wrinkle: traffic at 3 a.m. is naturally lower than at 3 p.m. If you used one universal baseline, the detector would think 3 p.m. traffic was an attack just because it's higher than the all-day average. Or it would miss a real attack at 3 a.m. because it's still below the all-day average.</p> <p>The fix: keep <strong>24 separate slots, one per hour of day</strong>. Once the slot for the current hour has at least 5 minutes of data, use <em>that</em> slot instead of the global rolling baseline. So 3 a.m. traffic is judged against other 3 a.m. traffic, and 3 p.m. against 3 p.m.</p> <h3> Floors </h3> <p>If traffic is genuinely zero for a while, mean and stddev both crash toward zero. The very next request would then have an infinite z-score (you can't divide by zero) and trigger a false alarm. Two cheap "floor" values prevent this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">mean_floor</span><span class="pi">:</span> <span class="m">1.0</span> <span class="na">stddev_floor</span><span class="pi">:</span> <span class="m">0.5</span> </code></pre> </div> <p>The mean is never allowed below 1.0; the stddev never below 0.5. Boring, but necessary.</p> <h2> Step 3 - How detection makes a decision </h2> <p>For every request that comes in, the detector asks <strong>two simultaneous questions</strong>:</p> <ol> <li><p><strong>Is this rate too many sigmas above the mean?</strong><br> The "z-score" answers that: <code>z = (rate - mean) / stddev</code>.<br> If <code>z &gt; 3.0</code>, the rate is more than three standard deviations away from normal - which statistically happens in about 0.3% of normal traffic. Almost certainly an anomaly.</p></li> <li><p><strong>Is this rate flat-out higher than 5× the mean?</strong><br> This is a hard ceiling that catches steady, sustained floods even when stddev is wide. If the mean is 2 req/s, anything above 10 req/s is suspicious <em>regardless</em> of statistics.</p></li> </ol> <p>If either fires, the IP (or the global stream) is <strong>anomalous</strong>. Whichever fires first wins.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">z</span> <span class="o">=</span> <span class="p">(</span><span class="n">rate</span> <span class="o">-</span> <span class="n">mean</span><span class="p">)</span> <span class="o">/</span> <span class="nf">max</span><span class="p">(</span><span class="n">stddev</span><span class="p">,</span> <span class="mf">1e-9</span><span class="p">)</span> <span class="k">if</span> <span class="n">z</span> <span class="o">&gt;</span> <span class="mf">3.0</span> <span class="ow">or</span> <span class="n">rate</span> <span class="o">&gt;</span> <span class="n">mean</span> <span class="o">*</span> <span class="mf">5.0</span><span class="p">:</span> <span class="k">return</span> <span class="sh">"</span><span class="s">anomaly!</span><span class="sh">"</span> </code></pre> </div> <p>There's one more wrinkle: an <strong>error surge</strong>. If an IP's 4xx/5xx response rate is at least <strong>3×</strong> the baseline error rate, the detector tightens <em>that IP's</em> thresholds (multiplies them by 0.7). The intuition: an IP generating mostly errors is probing or scanning, and we want to ban it sooner.</p> <h2> Step 4 - How iptables is used to block an IP </h2> <p>Once the detector decides an IP is bad, the question is: <em>how do you actually block it?</em></p> <p>Linux kernels include a packet-filtering subsystem called <strong>netfilter</strong>. The user-space tool to talk to it is <strong><code>iptables</code></strong>. When you run<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">sudo </span>iptables <span class="nt">-I</span> INPUT <span class="nt">-p</span> tcp <span class="nt">-s</span> 1.2.3.4 <span class="nt">--dport</span> 80 <span class="nt">-j</span> DROP </code></pre> </div> <p>…the kernel installs a rule that says: <em>"any TCP packet coming in on port 80 from 1.2.3.4 - drop it silently."</em> The packet never even reaches Nginx. It's the lowest-level, fastest way to block traffic.</p> <p>The blocker module shells out to <code>iptables</code> directly:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">subprocess</span><span class="p">.</span><span class="nf">run</span><span class="p">([</span><span class="sh">"</span><span class="s">iptables</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">-I</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">INPUT</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">-p</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">tcp</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">-s</span><span class="sh">"</span><span class="p">,</span> <span class="n">ip</span><span class="p">,</span> <span class="sh">"</span><span class="s">--dport</span><span class="sh">"</span><span class="p">,</span> <span class="nf">str</span><span class="p">(</span><span class="n">port</span><span class="p">),</span> <span class="sh">"</span><span class="s">-j</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">DROP</span><span class="sh">"</span><span class="p">],</span> <span class="n">check</span><span class="o">=</span><span class="bp">True</span><span class="p">)</span> </code></pre> </div> <p>I scope the rule to <strong>TCP ports 80 and 443 only</strong>, not the whole IP. Why? So that when an admin's workstation accidentally trips the detector, the admin doesn't lose SSH at the same time. (Yes, I learned this the painful way.)</p> <p>The ban isn't permanent - it's tiered:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">schedule_seconds</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">600</span><span class="pi">,</span> <span class="nv">1800</span><span class="pi">,</span> <span class="nv">7200</span><span class="pi">]</span> <span class="c1"># 10 min, 30 min, 2 h</span> </code></pre> </div> <p>The first ban lasts 10 minutes. If the same IP misbehaves again later, the <em>second</em> ban lasts 30 minutes. The third lasts 2 hours. The fourth is permanent. This <strong>back-off</strong> pattern keeps you from permanently banning a real user who had one bad minute, but punishes repeat offenders harder each time.</p> <p>A small "unbanner" thread polls every 5 seconds for expired bans, removes the corresponding iptables rule, and pings Slack: <em>"unbanned 1.2.3.4 (ban #1)"</em>.</p> <h2> Putting it all together </h2> <p>Here's a real audit log line generated during testing:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>[2026-04-26T00:31:22Z] BAN 102.88.55.19 | z-score 3.03 &gt; 3.00 | rate=2.52 | baseline=1.00 | duration=600s [2026-04-26T00:41:27Z] UNBAN 102.88.55.19 | … | duration=released | reason=scheduled-release </code></pre> </div> <p>I sent a burst of 400 HTTP requests from my home IP. The detector took ~30 seconds to process them, computed <code>z-score = 3.03</code>, banned my IP for 10 minutes, and notified Slack. Exactly 600 seconds later, the unbanner removed the rule and notified Slack again. Meanwhile, the dashboard was updating every 3 seconds, the baseline was learning from the burst (its stddev climbed to 6.6 and decayed back over the next 30 minutes), and a synthetic multi-IP attack later that hour fired the <strong>global</strong> detection path with <code>rate 11.28 &gt; mean 2.26 × 5.00</code>.</p> <p>Everything I described above ran without me intervening once.</p> <h2> What I would change next time </h2> <ul> <li> <strong>Production WSGI</strong> - Flask's built-in dev server runs the dashboard. For a real deployment I'd put it behind gunicorn.</li> <li> <strong>TLS</strong> - I left HTTP-only because the brief didn't mandate it; in real life I'd terminate TLS at Nginx via certbot.</li> <li> <strong>Persistence of the baseline</strong> - currently the baseline restarts cold on a daemon restart. Snapshotting the recent history to disk would let it warm up faster.</li> <li> <strong>Adaptive backoff</strong> - the schedule is static. A repeat-offender weighting that takes the <em>gap</em> between offences into account would feel more humane.</li> </ul> <p>But those are polish. The core mechanism - sliding windows + rolling baseline + z-score + iptables - works.</p> <h2> Try it yourself </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>git clone https://github.com/ibraheembello/hng-stage3-anomaly-detector.git <span class="nb">cd </span>hng-stage3-anomaly-detector <span class="nb">cp</span> .env.example _private/.env <span class="nv">$EDITOR</span> _private/.env docker compose <span class="nt">--env-file</span> _private/.env up <span class="nt">-d</span> <span class="nt">--build</span> </code></pre> </div> <p>The README has a full from-scratch runbook, including how to install Docker on a fresh Ubuntu 24.04 box, how to point a free DuckDNS domain at the EC2 IP, and how to set up the Slack webhook.</p> <p>If you build something on top of this, ping me - I'd love to see what you change.</p> devops security python docker ibraheembello Wed, 12 Nov 2025 04:29:41 +0000 https://dev.to/ibraheembello/deploying-nestjs-microservices-to-azure-container-apps-1jh4 https://dev.to/ibraheembello/deploying-nestjs-microservices-to-azure-container-apps-1jh4 <h2> Introduction </h2> <p>After spending countless hours (and a few late nights) deploying a distributed notification system to Azure, I wanted to share my complete journey - including all the challenges, solutions, and lessons learned. This isn't just a tutorial; it's a real-world deployment story with all the gotchas you'll actually encounter.</p> <p><strong>What we'll cover:</strong></p> <ul> <li>🏗️ Setting up a microservices architecture with NestJS and Prisma</li> <li>🐳 Building production-ready Docker images</li> <li>☁️ Deploying to Azure Container Apps</li> <li>🐛 Troubleshooting common deployment issues</li> <li>✅ Testing and monitoring live services</li> </ul> <p><strong>Live Demo:</strong></p> <ul> <li>🔗 <a href="https://user-service-app.blacksky-6bcbe9ee.uksouth.azurecontainerapps.io/api/docs" rel="noopener noreferrer">User Service API Docs</a> </li> <li>🔗 <a href="https://template-service-app.blacksky-6bcbe9ee.uksouth.azurecontainerapps.io/api/docs" rel="noopener noreferrer">Template Service API Docs</a> </li> </ul> <h2> 📊 The Architecture </h2> <p>We're building a distributed notification system with the following components:</p> <h3> Services </h3> <ol> <li> <strong>User Service</strong> - Handles user authentication, authorization, and profile management</li> <li> <strong>Template Service</strong> - Manages notification templates with variable substitution</li> <li><em>(Coming soon: Notification Service, Worker Service, Analytics Service)</em></li> </ol> <h3> Tech Stack </h3> <ul> <li> <strong>Backend:</strong> NestJS (Node.js 20)</li> <li> <strong>ORM:</strong> Prisma 5.22</li> <li> <strong>Database:</strong> PostgreSQL 15 (Azure Flexible Server)</li> <li> <strong>Container Platform:</strong> Azure Container Apps</li> <li> <strong>Container Registry:</strong> Azure Container Registry</li> <li> <strong>Region:</strong> UK South (London)</li> </ul> <h3> Why Azure Container Apps? </h3> <p>Azure Container Apps hit the sweet spot for microservices:</p> <ul> <li>✅ <strong>Fully managed</strong> - No Kubernetes complexity</li> <li>✅ <strong>Auto-scaling</strong> - Scale to zero or scale out based on load</li> <li>✅ <strong>Built-in HTTPS</strong> - Automatic SSL certificates</li> <li>✅ <strong>Simple deployments</strong> - Deploy from container registries</li> <li>✅ <strong>Cost-effective</strong> - Pay only for what you use</li> </ul> <h2> 🏗️ Project Structure </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>distributed-notification-system/ ├── services/ │ ├── user-service/ │ │ ├── src/ │ │ ├── prisma/ │ │ │ └── schema.prisma │ │ ├── Dockerfile │ │ ├── package.json │ │ └── .env │ └── template-service/ │ ├── src/ │ ├── prisma/ │ │ └── schema.prisma │ ├── Dockerfile │ ├── package.json │ └── .env └── infrastructure/ └── azure/ </code></pre> </div> <h2> 🚦 Step 1: Building the Services </h2> <h3> User Service - Key Features </h3> <p><strong>Authentication &amp; Authorization:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/auth/auth.service.ts</span> <span class="p">@</span><span class="nd">Injectable</span><span class="p">()</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">AuthService</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span> <span class="k">private</span> <span class="nx">prisma</span><span class="p">:</span> <span class="nx">PrismaService</span><span class="p">,</span> <span class="k">private</span> <span class="nx">jwtService</span><span class="p">:</span> <span class="nx">JwtService</span><span class="p">,</span> <span class="p">)</span> <span class="p">{}</span> <span class="k">async</span> <span class="nf">register</span><span class="p">(</span><span class="nx">dto</span><span class="p">:</span> <span class="nx">RegisterDto</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">hashedPassword</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">bcrypt</span><span class="p">.</span><span class="nf">hash</span><span class="p">(</span><span class="nx">dto</span><span class="p">.</span><span class="nx">password</span><span class="p">,</span> <span class="mi">10</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">prisma</span><span class="p">.</span><span class="nx">user</span><span class="p">.</span><span class="nf">create</span><span class="p">({</span> <span class="na">data</span><span class="p">:</span> <span class="p">{</span> <span class="na">email</span><span class="p">:</span> <span class="nx">dto</span><span class="p">.</span><span class="nx">email</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="nx">hashedPassword</span><span class="p">,</span> <span class="na">first_name</span><span class="p">:</span> <span class="nx">dto</span><span class="p">.</span><span class="nx">first_name</span><span class="p">,</span> <span class="na">last_name</span><span class="p">:</span> <span class="nx">dto</span><span class="p">.</span><span class="nx">last_name</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">tokens</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nf">generateTokens</span><span class="p">(</span><span class="nx">user</span><span class="p">);</span> <span class="k">return</span> <span class="p">{</span> <span class="nx">user</span><span class="p">,</span> <span class="p">...</span><span class="nx">tokens</span> <span class="p">};</span> <span class="p">}</span> <span class="k">async</span> <span class="nf">login</span><span class="p">(</span><span class="nx">dto</span><span class="p">:</span> <span class="nx">LoginDto</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">prisma</span><span class="p">.</span><span class="nx">user</span><span class="p">.</span><span class="nf">findUnique</span><span class="p">({</span> <span class="na">where</span><span class="p">:</span> <span class="p">{</span> <span class="na">email</span><span class="p">:</span> <span class="nx">dto</span><span class="p">.</span><span class="nx">email</span> <span class="p">},</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">user</span> <span class="o">||</span> <span class="o">!</span><span class="p">(</span><span class="k">await</span> <span class="nx">bcrypt</span><span class="p">.</span><span class="nf">compare</span><span class="p">(</span><span class="nx">dto</span><span class="p">.</span><span class="nx">password</span><span class="p">,</span> <span class="nx">user</span><span class="p">.</span><span class="nx">password</span><span class="p">)))</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">UnauthorizedException</span><span class="p">(</span><span class="dl">'</span><span class="s1">Invalid credentials</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="k">return</span> <span class="k">this</span><span class="p">.</span><span class="nf">generateTokens</span><span class="p">(</span><span class="nx">user</span><span class="p">);</span> <span class="p">}</span> <span class="k">private</span> <span class="k">async</span> <span class="nf">generateTokens</span><span class="p">(</span><span class="nx">user</span><span class="p">:</span> <span class="nx">User</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">payload</span> <span class="o">=</span> <span class="p">{</span> <span class="na">sub</span><span class="p">:</span> <span class="nx">user</span><span class="p">.</span><span class="nx">id</span><span class="p">,</span> <span class="na">email</span><span class="p">:</span> <span class="nx">user</span><span class="p">.</span><span class="nx">email</span> <span class="p">};</span> <span class="k">return</span> <span class="p">{</span> <span class="na">access_token</span><span class="p">:</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">jwtService</span><span class="p">.</span><span class="nf">signAsync</span><span class="p">(</span><span class="nx">payload</span><span class="p">,</span> <span class="p">{</span> <span class="na">expiresIn</span><span class="p">:</span> <span class="dl">'</span><span class="s1">15m</span><span class="dl">'</span><span class="p">,</span> <span class="p">}),</span> <span class="na">refresh_token</span><span class="p">:</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">jwtService</span><span class="p">.</span><span class="nf">signAsync</span><span class="p">(</span><span class="nx">payload</span><span class="p">,</span> <span class="p">{</span> <span class="na">expiresIn</span><span class="p">:</span> <span class="dl">'</span><span class="s1">7d</span><span class="dl">'</span><span class="p">,</span> <span class="p">}),</span> <span class="p">};</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Prisma Schema:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// prisma/schema.prisma generator client { provider = "prisma-client-js" } datasource db { provider = "postgresql" url = env("DATABASE_URL") } model User { id String @id @default(uuid()) email String @unique password String first_name String last_name String is_active Boolean @default(true) created_at DateTime @default(now()) updated_at DateTime @updatedAt preferences UserPreference? push_tokens PushToken[] @@map("users") } model UserPreference { id String @id @default(uuid()) user_id String @unique user User @relation(fields: [user_id], references: [id], onDelete: Cascade) email_enabled Boolean @default(true) sms_enabled Boolean @default(false) push_enabled Boolean @default(true) timezone String @default("UTC") language String @default("en") created_at DateTime @default(now()) updated_at DateTime @updatedAt @@map("user_preferences") } </code></pre> </div> <h3> Template Service - Key Features </h3> <p><strong>Template Rendering with Variables:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/templates/templates.service.ts</span> <span class="p">@</span><span class="nd">Injectable</span><span class="p">()</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">TemplatesService</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span><span class="k">private</span> <span class="nx">prisma</span><span class="p">:</span> <span class="nx">PrismaService</span><span class="p">)</span> <span class="p">{}</span> <span class="k">async</span> <span class="nf">renderTemplate</span><span class="p">(</span><span class="nx">id</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">variables</span><span class="p">:</span> <span class="nb">Record</span><span class="o">&lt;</span><span class="kr">string</span><span class="p">,</span> <span class="kr">any</span><span class="o">&gt;</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">template</span> <span class="o">=</span> <span class="k">await</span> <span class="k">this</span><span class="p">.</span><span class="nx">prisma</span><span class="p">.</span><span class="nx">template</span><span class="p">.</span><span class="nf">findUnique</span><span class="p">({</span> <span class="na">where</span><span class="p">:</span> <span class="p">{</span> <span class="nx">id</span> <span class="p">},</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">template</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">NotFoundException</span><span class="p">(</span><span class="dl">'</span><span class="s1">Template not found</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// Simple variable substitution</span> <span class="kd">let</span> <span class="nx">renderedSubject</span> <span class="o">=</span> <span class="nx">template</span><span class="p">.</span><span class="nx">subject</span><span class="p">;</span> <span class="kd">let</span> <span class="nx">renderedBody</span> <span class="o">=</span> <span class="nx">template</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="nb">Object</span><span class="p">.</span><span class="nf">keys</span><span class="p">(</span><span class="nx">variables</span><span class="p">).</span><span class="nf">forEach</span><span class="p">((</span><span class="nx">key</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">regex</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">RegExp</span><span class="p">(</span><span class="s2">`{{</span><span class="se">\\</span><span class="s2">s*</span><span class="p">${</span><span class="nx">key</span><span class="p">}</span><span class="se">\\</span><span class="s2">s*}}`</span><span class="p">,</span> <span class="dl">'</span><span class="s1">g</span><span class="dl">'</span><span class="p">);</span> <span class="nx">renderedSubject</span> <span class="o">=</span> <span class="nx">renderedSubject</span><span class="p">.</span><span class="nf">replace</span><span class="p">(</span><span class="nx">regex</span><span class="p">,</span> <span class="nx">variables</span><span class="p">[</span><span class="nx">key</span><span class="p">]);</span> <span class="nx">renderedBody</span> <span class="o">=</span> <span class="nx">renderedBody</span><span class="p">.</span><span class="nf">replace</span><span class="p">(</span><span class="nx">regex</span><span class="p">,</span> <span class="nx">variables</span><span class="p">[</span><span class="nx">key</span><span class="p">]);</span> <span class="p">});</span> <span class="k">return</span> <span class="p">{</span> <span class="na">subject</span><span class="p">:</span> <span class="nx">renderedSubject</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="nx">renderedBody</span><span class="p">,</span> <span class="na">template_id</span><span class="p">:</span> <span class="nx">template</span><span class="p">.</span><span class="nx">id</span><span class="p">,</span> <span class="na">template_name</span><span class="p">:</span> <span class="nx">template</span><span class="p">.</span><span class="nx">name</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Usage Example:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Create a template</span> <span class="nx">POST</span> <span class="o">/</span><span class="nx">api</span><span class="o">/</span><span class="nx">v1</span><span class="o">/</span><span class="nx">templates</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">name</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">welcome-email</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">type</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">subject</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Welcome {{user_name}}!</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">body</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Hello {{user_name}}, thanks for joining {{app_name}}!</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">language</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">en</span><span class="dl">"</span> <span class="p">}</span> <span class="c1">// Render with variables</span> <span class="nx">POST</span> <span class="o">/</span><span class="nx">api</span><span class="o">/</span><span class="nx">v1</span><span class="o">/</span><span class="nx">templates</span><span class="o">/</span><span class="p">:</span><span class="nx">id</span><span class="o">/</span><span class="nx">render</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">variables</span><span class="dl">"</span><span class="p">:</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">user_name</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">John Doe</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">app_name</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">NotificationApp</span><span class="dl">"</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">// Result:</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">subject</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Welcome John Doe!</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">body</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Hello John Doe, thanks for joining NotificationApp!</span><span class="dl">"</span> <span class="p">}</span> </code></pre> </div> <h2> 🐳 Step 2: Dockerizing the Services </h2> <h3> The Challenge: Alpine Linux vs Debian </h3> <p><strong>First Attempt (Failed):</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight docker"><code><span class="c"># ❌ This DOESN'T work with Prisma!</span> <span class="k">FROM</span><span class="w"> </span><span class="s">node:20-alpine</span><span class="w"> </span><span class="k">AS</span><span class="w"> </span><span class="s">builder</span> <span class="k">WORKDIR</span><span class="s"> /app</span> <span class="k">COPY</span><span class="s"> package*.json ./</span> <span class="k">RUN </span>npm ci <span class="k">COPY</span><span class="s"> . .</span> <span class="k">RUN </span>npx prisma generate <span class="k">RUN </span>npm run build <span class="k">FROM</span><span class="s"> node:20-alpine</span> <span class="k">WORKDIR</span><span class="s"> /app</span> <span class="k">COPY</span><span class="s"> --from=builder /app/node_modules ./node_modules</span> <span class="k">COPY</span><span class="s"> --from=builder /app/dist ./dist</span> <span class="k">CMD</span><span class="s"> ["node", "dist/main.js"]</span> </code></pre> </div> <p><strong>The Error:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>PrismaClientInitializationError: Unable to require(`libquery_engine-linux-musl.so.node`) Error loading shared library libssl.so.1.1: No such file or directory </code></pre> </div> <p><strong>The Problem:</strong> </p> <ul> <li>Alpine Linux uses musl instead of glibc</li> <li>Latest Alpine (3.22) removed <code>openssl1.1-compat</code> package</li> <li>Prisma's query engine needs OpenSSL 1.1 or 3.x</li> </ul> <p><strong>The Solution: Use Debian Slim</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight docker"><code><span class="c"># ✅ This works perfectly!</span> <span class="k">FROM</span><span class="w"> </span><span class="s">node:20-slim</span><span class="w"> </span><span class="k">AS</span><span class="w"> </span><span class="s">builder</span> <span class="c"># Install OpenSSL and other dependencies</span> <span class="k">RUN </span>apt-get update <span class="nt">-y</span> <span class="o">&amp;&amp;</span> <span class="se">\ </span> apt-get <span class="nb">install</span> <span class="nt">-y</span> openssl ca-certificates <span class="o">&amp;&amp;</span> <span class="se">\ </span> <span class="nb">rm</span> <span class="nt">-rf</span> /var/lib/apt/lists/<span class="k">*</span> <span class="k">WORKDIR</span><span class="s"> /app</span> <span class="k">COPY</span><span class="s"> package*.json ./</span> <span class="k">COPY</span><span class="s"> prisma ./prisma/</span> <span class="k">RUN </span>npm ci <span class="k">COPY</span><span class="s"> . .</span> <span class="k">RUN </span>npx prisma generate <span class="k">RUN </span>npm run build <span class="c"># Production stage</span> <span class="k">FROM</span><span class="s"> node:20-slim</span> <span class="k">RUN </span>apt-get update <span class="nt">-y</span> <span class="o">&amp;&amp;</span> <span class="se">\ </span> apt-get <span class="nb">install</span> <span class="nt">-y</span> openssl ca-certificates <span class="o">&amp;&amp;</span> <span class="se">\ </span> <span class="nb">rm</span> <span class="nt">-rf</span> /var/lib/apt/lists/<span class="k">*</span> <span class="k">WORKDIR</span><span class="s"> /app</span> <span class="k">COPY</span><span class="s"> --from=builder /app/node_modules ./node_modules</span> <span class="k">COPY</span><span class="s"> --from=builder /app/dist ./dist</span> <span class="k">COPY</span><span class="s"> --from=builder /app/prisma ./prisma</span> <span class="k">COPY</span><span class="s"> --from=builder /app/package*.json ./</span> <span class="k">EXPOSE</span><span class="s"> 3001</span> <span class="k">CMD</span><span class="s"> ["node", "dist/main.js"]</span> </code></pre> </div> <p><strong>Why Debian Slim?</strong></p> <ul> <li>✅ OpenSSL 3.x included by default</li> <li>✅ Compatible with Prisma</li> <li>✅ Still relatively small (~200MB vs Alpine's ~50MB)</li> <li>✅ Most stable for production</li> </ul> <h2> ☁️ Step 3: Azure Infrastructure Setup </h2> <h3> Creating Azure Resources </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="c"># Variables</span> <span class="nv">RESOURCE_GROUP</span><span class="o">=</span><span class="s2">"notification-system-rg"</span> <span class="nv">LOCATION</span><span class="o">=</span><span class="s2">"uksouth"</span> <span class="nv">ACR_NAME</span><span class="o">=</span><span class="s2">"notificationsystemacr"</span> <span class="nv">ENV_NAME</span><span class="o">=</span><span class="s2">"notification-env"</span> <span class="c"># 1. Create Resource Group</span> az group create <span class="se">\</span> <span class="nt">--name</span> <span class="nv">$RESOURCE_GROUP</span> <span class="se">\</span> <span class="nt">--location</span> <span class="nv">$LOCATION</span> <span class="c"># 2. Create Azure Container Registry</span> az acr create <span class="se">\</span> <span class="nt">--resource-group</span> <span class="nv">$RESOURCE_GROUP</span> <span class="se">\</span> <span class="nt">--name</span> <span class="nv">$ACR_NAME</span> <span class="se">\</span> <span class="nt">--sku</span> Basic <span class="se">\</span> <span class="nt">--location</span> <span class="nv">$LOCATION</span> <span class="se">\</span> <span class="nt">--admin-enabled</span> <span class="nb">true</span> <span class="c"># 3. Create PostgreSQL for User Service</span> az postgres flexible-server create <span class="se">\</span> <span class="nt">--name</span> user-service-db <span class="se">\</span> <span class="nt">--resource-group</span> <span class="nv">$RESOURCE_GROUP</span> <span class="se">\</span> <span class="nt">--location</span> <span class="nv">$LOCATION</span> <span class="se">\</span> <span class="nt">--admin-user</span> dbadmin <span class="se">\</span> <span class="nt">--admin-password</span> <span class="s2">"YourSecurePassword123"</span> <span class="se">\</span> <span class="nt">--sku-name</span> Standard_B1ms <span class="se">\</span> <span class="nt">--tier</span> Burstable <span class="se">\</span> <span class="nt">--version</span> 15 <span class="se">\</span> <span class="nt">--storage-size</span> 32 <span class="se">\</span> <span class="nt">--public-access</span> 0.0.0.0 <span class="c"># 4. Create database</span> az postgres flexible-server db create <span class="se">\</span> <span class="nt">--resource-group</span> <span class="nv">$RESOURCE_GROUP</span> <span class="se">\</span> <span class="nt">--server-name</span> user-service-db <span class="se">\</span> <span class="nt">--database-name</span> user_service_db <span class="c"># 5. Create PostgreSQL for Template Service</span> az postgres flexible-server create <span class="se">\</span> <span class="nt">--name</span> template-service-db <span class="se">\</span> <span class="nt">--resource-group</span> <span class="nv">$RESOURCE_GROUP</span> <span class="se">\</span> <span class="nt">--location</span> <span class="nv">$LOCATION</span> <span class="se">\</span> <span class="nt">--admin-user</span> dbadmin <span class="se">\</span> <span class="nt">--admin-password</span> <span class="s2">"YourSecurePassword123"</span> <span class="se">\</span> <span class="nt">--sku-name</span> Standard_B1ms <span class="se">\</span> <span class="nt">--tier</span> Burstable <span class="se">\</span> <span class="nt">--version</span> 15 <span class="se">\</span> <span class="nt">--storage-size</span> 32 <span class="se">\</span> <span class="nt">--public-access</span> 0.0.0.0 az postgres flexible-server db create <span class="se">\</span> <span class="nt">--resource-group</span> <span class="nv">$RESOURCE_GROUP</span> <span class="se">\</span> <span class="nt">--server-name</span> template-service-db <span class="se">\</span> <span class="nt">--database-name</span> template_service_db <span class="c"># 6. Configure firewall rules</span> az postgres flexible-server firewall-rule create <span class="se">\</span> <span class="nt">--resource-group</span> <span class="nv">$RESOURCE_GROUP</span> <span class="se">\</span> <span class="nt">--name</span> user-service-db <span class="se">\</span> <span class="nt">--rule-name</span> AllowAzureServices <span class="se">\</span> <span class="nt">--start-ip-address</span> 0.0.0.0 <span class="se">\</span> <span class="nt">--end-ip-address</span> 0.0.0.0 az postgres flexible-server firewall-rule create <span class="se">\</span> <span class="nt">--resource-group</span> <span class="nv">$RESOURCE_GROUP</span> <span class="se">\</span> <span class="nt">--name</span> template-service-db <span class="se">\</span> <span class="nt">--rule-name</span> AllowAzureServices <span class="se">\</span> <span class="nt">--start-ip-address</span> 0.0.0.0 <span class="se">\</span> <span class="nt">--end-ip-address</span> 0.0.0.0 <span class="c"># 7. Create Container Apps Environment</span> az containerapp <span class="nb">env </span>create <span class="se">\</span> <span class="nt">--name</span> <span class="nv">$ENV_NAME</span> <span class="se">\</span> <span class="nt">--resource-group</span> <span class="nv">$RESOURCE_GROUP</span> <span class="se">\</span> <span class="nt">--location</span> <span class="nv">$LOCATION</span> <span class="nb">echo</span> <span class="s2">"✅ Infrastructure setup complete!"</span> </code></pre> </div> <h2> 🚀 Step 4: Database Migrations </h2> <p><strong>Important:</strong> Run migrations BEFORE deploying containers!<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># User Service migrations</span> <span class="nb">cd </span>services/user-service <span class="nv">DATABASE_URL</span><span class="o">=</span><span class="s2">"postgresql://dbadmin:YourSecurePassword123@user-service-db.postgres.database.azure.com:5432/user_service_db?sslmode=require"</span> <span class="se">\</span> npx prisma migrate deploy <span class="c"># Template Service migrations</span> <span class="nb">cd </span>services/template-service <span class="nv">DATABASE_URL</span><span class="o">=</span><span class="s2">"postgresql://dbadmin:YourSecurePassword123@template-service-db.postgres.database.azure.com:5432/template_service_db?sslmode=require"</span> <span class="se">\</span> npx prisma migrate deploy </code></pre> </div> <h2> 📦 Step 5: Building and Pushing Docker Images </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Login to ACR</span> az acr login <span class="nt">--name</span> notificationsystemacr <span class="c"># Build and push User Service</span> <span class="nb">cd </span>services/user-service docker build <span class="nt">-t</span> notificationsystemacr.azurecr.io/user-service:latest <span class="nb">.</span> docker push notificationsystemacr.azurecr.io/user-service:latest <span class="c"># Build and push Template Service</span> <span class="nb">cd </span>services/template-service docker build <span class="nt">-t</span> notificationsystemacr.azurecr.io/template-service:latest <span class="nb">.</span> docker push notificationsystemacr.azurecr.io/template-service:latest </code></pre> </div> <h2> 🎯 Step 6: Deploying Container Apps </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Get ACR credentials</span> <span class="nv">ACR_PASSWORD</span><span class="o">=</span><span class="si">$(</span>az acr credential show <span class="se">\</span> <span class="nt">--name</span> notificationsystemacr <span class="se">\</span> <span class="nt">--query</span> <span class="s2">"passwords[0].value"</span> <span class="nt">-o</span> tsv<span class="si">)</span> <span class="c"># Generate JWT secrets</span> <span class="nv">JWT_SECRET</span><span class="o">=</span><span class="si">$(</span>openssl rand <span class="nt">-base64</span> 32<span class="si">)</span> <span class="nv">JWT_REFRESH_SECRET</span><span class="o">=</span><span class="si">$(</span>openssl rand <span class="nt">-base64</span> 32<span class="si">)</span> <span class="c"># Deploy User Service</span> az containerapp create <span class="se">\</span> <span class="nt">--name</span> user-service-app <span class="se">\</span> <span class="nt">--resource-group</span> notification-system-rg <span class="se">\</span> <span class="nt">--environment</span> notification-env <span class="se">\</span> <span class="nt">--image</span> notificationsystemacr.azurecr.io/user-service:latest <span class="se">\</span> <span class="nt">--registry-server</span> notificationsystemacr.azurecr.io <span class="se">\</span> <span class="nt">--registry-username</span> notificationsystemacr <span class="se">\</span> <span class="nt">--registry-password</span> <span class="s2">"</span><span class="nv">$ACR_PASSWORD</span><span class="s2">"</span> <span class="se">\</span> <span class="nt">--target-port</span> 3001 <span class="se">\</span> <span class="nt">--ingress</span> external <span class="se">\</span> <span class="nt">--min-replicas</span> 1 <span class="se">\</span> <span class="nt">--max-replicas</span> 3 <span class="se">\</span> <span class="nt">--cpu</span> 0.5 <span class="se">\</span> <span class="nt">--memory</span> 1Gi <span class="se">\</span> <span class="nt">--env-vars</span> <span class="se">\</span> <span class="s2">"DATABASE_URL=secretref:database-url"</span> <span class="se">\</span> <span class="s2">"JWT_SECRET=secretref:jwt-secret"</span> <span class="se">\</span> <span class="s2">"JWT_REFRESH_SECRET=secretref:jwt-refresh-secret"</span> <span class="se">\</span> <span class="s2">"PORT=3001"</span> <span class="se">\</span> <span class="s2">"NODE_ENV=production"</span> <span class="se">\</span> <span class="nt">--secrets</span> <span class="se">\</span> <span class="s2">"database-url=postgresql://dbadmin:YourSecurePassword123@user-service-db.postgres.database.azure.com:5432/user_service_db?sslmode=require"</span> <span class="se">\</span> <span class="s2">"jwt-secret=</span><span class="nv">$JWT_SECRET</span><span class="s2">"</span> <span class="se">\</span> <span class="s2">"jwt-refresh-secret=</span><span class="nv">$JWT_REFRESH_SECRET</span><span class="s2">"</span> <span class="c"># Deploy Template Service</span> az containerapp create <span class="se">\</span> <span class="nt">--name</span> template-service-app <span class="se">\</span> <span class="nt">--resource-group</span> notification-system-rg <span class="se">\</span> <span class="nt">--environment</span> notification-env <span class="se">\</span> <span class="nt">--image</span> notificationsystemacr.azurecr.io/template-service:latest <span class="se">\</span> <span class="nt">--registry-server</span> notificationsystemacr.azurecr.io <span class="se">\</span> <span class="nt">--registry-username</span> notificationsystemacr <span class="se">\</span> <span class="nt">--registry-password</span> <span class="s2">"</span><span class="nv">$ACR_PASSWORD</span><span class="s2">"</span> <span class="se">\</span> <span class="nt">--target-port</span> 3004 <span class="se">\</span> <span class="nt">--ingress</span> external <span class="se">\</span> <span class="nt">--min-replicas</span> 1 <span class="se">\</span> <span class="nt">--max-replicas</span> 3 <span class="se">\</span> <span class="nt">--cpu</span> 0.5 <span class="se">\</span> <span class="nt">--memory</span> 1Gi <span class="se">\</span> <span class="nt">--env-vars</span> <span class="se">\</span> <span class="s2">"DATABASE_URL=secretref:database-url"</span> <span class="se">\</span> <span class="s2">"PORT=3004"</span> <span class="se">\</span> <span class="s2">"NODE_ENV=production"</span> <span class="se">\</span> <span class="nt">--secrets</span> <span class="se">\</span> <span class="s2">"database-url=postgresql://dbadmin:YourSecurePassword123@template-service-db.postgres.database.azure.com:5432/template_service_db?sslmode=require"</span> </code></pre> </div> <h2> 🔥 Common Issues &amp; Solutions </h2> <h3> Issue 1: Containers Keep Crashing with OpenSSL Error </h3> <p><strong>Symptoms:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>PrismaClientInitializationError Error loading shared library libssl.so.1.1 </code></pre> </div> <p><strong>Root Cause:</strong> Alpine Linux 3.22+ doesn't have <code>openssl1.1-compat</code></p> <p><strong>Solution:</strong> Switch to Debian Slim (see Dockerfile above)</p> <h3> Issue 2: Container Apps Not Using New Images </h3> <p><strong>Symptoms:</strong> Updated code, pushed new images, but containers still running old code</p> <p><strong>Root Cause:</strong> Azure cached the <code>:latest</code> tag</p> <p><strong>Solution:</strong> Force new revision with unique suffix<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">TIMESTAMP</span><span class="o">=</span><span class="si">$(</span><span class="nb">date</span> +%s<span class="si">)</span> az containerapp update <span class="se">\</span> <span class="nt">--name</span> user-service-app <span class="se">\</span> <span class="nt">--resource-group</span> notification-system-rg <span class="se">\</span> <span class="nt">--image</span> notificationsystemacr.azurecr.io/user-service:latest <span class="se">\</span> <span class="nt">--revision-suffix</span> <span class="s2">"v2-</span><span class="k">${</span><span class="nv">TIMESTAMP</span><span class="k">}</span><span class="s2">"</span> </code></pre> </div> <h3> Issue 3: Database Connection Timeout </h3> <p><strong>Symptoms:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Error: P1001: Can't reach database server </code></pre> </div> <p><strong>Solution:</strong> </p> <ol> <li>Check firewall rules allow Azure services (0.0.0.0)</li> <li>Verify connection string format includes <code>?sslmode=require</code> </li> <li>Wait 2-3 minutes after creating firewall rules</li> </ol> <h3> Issue 4: Rate Limiter Warning </h3> <p><strong>Warning:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>ValidationError: The 'X-Forwarded-For' header is set but Express 'trust proxy' is false </code></pre> </div> <p><strong>Solution:</strong> Add to <code>main.ts</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">async</span> <span class="kd">function</span> <span class="nf">bootstrap</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">NestFactory</span><span class="p">.</span><span class="nf">create</span><span class="p">(</span><span class="nx">AppModule</span><span class="p">);</span> <span class="c1">// Trust Azure's proxy</span> <span class="nx">app</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">trust proxy</span><span class="dl">'</span><span class="p">,</span> <span class="mi">1</span><span class="p">);</span> <span class="k">await</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="mi">3001</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <h2> ✅ Verification &amp; Testing </h2> <h3> Health Checks </h3> <p>Both services expose health endpoints:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># User Service</span> curl https://user-service-app.blacksky-6bcbe9ee.uksouth.azurecontainerapps.io/api/v1/health <span class="c"># Response:</span> <span class="o">{</span> <span class="s2">"status"</span>: <span class="s2">"healthy"</span>, <span class="s2">"timestamp"</span>: <span class="s2">"2025-11-12T02:33:03.054Z"</span>, <span class="s2">"service"</span>: <span class="s2">"user-service"</span>, <span class="s2">"version"</span>: <span class="s2">"1.0.0"</span>, <span class="s2">"uptime"</span>: 371.52, <span class="s2">"database"</span>: <span class="o">{</span> <span class="s2">"status"</span>: <span class="s2">"connected"</span>, <span class="s2">"response_time_ms"</span>: 88 <span class="o">}</span>, <span class="s2">"memory"</span>: <span class="o">{</span> <span class="s2">"used_mb"</span>: 19, <span class="s2">"total_mb"</span>: 21 <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <h3> API Testing </h3> <p><strong>1. Register a User:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="nt">-X</span> POST <span class="se">\</span> https://user-service-app.blacksky-6bcbe9ee.uksouth.azurecontainerapps.io/api/v1/auth/register <span class="se">\</span> <span class="nt">-H</span> <span class="s2">"Content-Type: application/json"</span> <span class="se">\</span> <span class="nt">-d</span> <span class="s1">'{ "email": "john@example.com", "password": "SecurePass123!", "first_name": "John", "last_name": "Doe" }'</span> </code></pre> </div> <p><strong>2. Login:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="nt">-X</span> POST <span class="se">\</span> https://user-service-app.blacksky-6bcbe9ee.uksouth.azurecontainerapps.io/api/v1/auth/login <span class="se">\</span> <span class="nt">-H</span> <span class="s2">"Content-Type: application/json"</span> <span class="se">\</span> <span class="nt">-d</span> <span class="s1">'{ "email": "john@example.com", "password": "SecurePass123!" }'</span> </code></pre> </div> <p><strong>3. Access Protected Endpoint:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="nt">-X</span> GET <span class="se">\</span> https://user-service-app.blacksky-6bcbe9ee.uksouth.azurecontainerapps.io/api/v1/users <span class="se">\</span> <span class="nt">-H</span> <span class="s2">"Authorization: Bearer YOUR_ACCESS_TOKEN"</span> </code></pre> </div> <p><strong>4. Create a Template:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="nt">-X</span> POST <span class="se">\</span> https://template-service-app.blacksky-6bcbe9ee.uksouth.azurecontainerapps.io/api/v1/templates <span class="se">\</span> <span class="nt">-H</span> <span class="s2">"Content-Type: application/json"</span> <span class="se">\</span> <span class="nt">-d</span> <span class="s1">'{ "name": "welcome-email", "type": "email", "subject": "Welcome {{user_name}}!", "body": "Hello {{user_name}}, thanks for joining!", "language": "en" }'</span> </code></pre> </div> <h2> 📊 Monitoring &amp; Metrics </h2> <h3> Azure Portal Monitoring </h3> <ol> <li>Navigate to your Container App in Azure Portal</li> <li>Click <strong>Metrics</strong> in the left menu</li> <li>Add metrics: <ul> <li> <strong>Requests</strong> - HTTP request count</li> <li> <strong>Replica Count</strong> - Number of running instances</li> <li> <strong>CPU Usage</strong> - Container CPU utilization</li> <li> <strong>Memory Usage</strong> - Container memory utilization</li> </ul> </li> </ol> <h3> Application Insights (Optional) </h3> <p>Add Application Insights for detailed telemetry:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/main.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">INestApplication</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@nestjs/common</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">appInsights</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">applicationinsights</span><span class="dl">'</span><span class="p">;</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">bootstrap</span><span class="p">()</span> <span class="p">{</span> <span class="c1">// Initialize Application Insights</span> <span class="k">if </span><span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">APPLICATIONINSIGHTS_CONNECTION_STRING</span><span class="p">)</span> <span class="p">{</span> <span class="nx">appInsights</span><span class="p">.</span><span class="nf">setup</span><span class="p">()</span> <span class="p">.</span><span class="nf">setAutoCollectRequests</span><span class="p">(</span><span class="kc">true</span><span class="p">)</span> <span class="p">.</span><span class="nf">setAutoCollectPerformance</span><span class="p">(</span><span class="kc">true</span><span class="p">)</span> <span class="p">.</span><span class="nf">setAutoCollectExceptions</span><span class="p">(</span><span class="kc">true</span><span class="p">)</span> <span class="p">.</span><span class="nf">start</span><span class="p">();</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">NestFactory</span><span class="p">.</span><span class="nf">create</span><span class="p">(</span><span class="nx">AppModule</span><span class="p">);</span> <span class="k">await</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="mi">3001</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <h2> 💰 Cost Optimization </h2> <h3> Current Setup Costs (Approximate) </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Resource</th> <th>Tier</th> <th>Monthly Cost</th> </tr> </thead> <tbody> <tr> <td>Container Apps Environment</td> <td>Consumption</td> <td>$0 (free tier)</td> </tr> <tr> <td>User Service Container</td> <td>0.5 vCPU, 1GB RAM</td> <td>~$15-25</td> </tr> <tr> <td>Template Service Container</td> <td>0.5 vCPU, 1GB RAM</td> <td>~$15-25</td> </tr> <tr> <td>PostgreSQL User DB</td> <td>Burstable B1ms</td> <td>~$13</td> </tr> <tr> <td>PostgreSQL Template DB</td> <td>Burstable B1ms</td> <td>~$13</td> </tr> <tr> <td>Container Registry</td> <td>Basic</td> <td>~$5</td> </tr> <tr> <td><strong>Total</strong></td> <td></td> <td><strong>~$60-80/month</strong></td> </tr> </tbody> </table></div> <h3> Optimization Tips </h3> <ol> <li> <strong>Scale to Zero</strong> for dev/staging: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>az containerapp update <span class="se">\</span> <span class="nt">--name</span> user-service-app <span class="se">\</span> <span class="nt">--resource-group</span> notification-system-rg <span class="se">\</span> <span class="nt">--min-replicas</span> 0 <span class="se">\</span> <span class="nt">--max-replicas</span> 3 </code></pre> </div> <ol> <li><p><strong>Use Spot Instances</strong> for non-critical workloads</p></li> <li><p><strong>Share PostgreSQL Server</strong> across multiple databases</p></li> <li><p><strong>Use Azure Reserved Instances</strong> for 30-40% savings</p></li> </ol> <h2> 🎯 Results &amp; Performance </h2> <h3> Deployment Metrics </h3> <ul> <li> <strong>Build Time:</strong> ~3-4 minutes per service</li> <li> <strong>Deployment Time:</strong> ~2-3 minutes per service</li> <li> <strong>Cold Start:</strong> ~3-5 seconds</li> <li> <strong>Response Time (P95):</strong> &lt;100ms</li> <li> <strong>Database Latency:</strong> ~80-120ms</li> </ul> <h3> Load Test Results </h3> <p>Using Apache Bench for basic load testing:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>ab <span class="nt">-n</span> 10000 <span class="nt">-c</span> 100 <span class="se">\</span> https://user-service-app.blacksky-6bcbe9ee.uksouth.azurecontainerapps.io/api/v1/health </code></pre> </div> <p><strong>Results:</strong></p> <ul> <li> <strong>Requests per second:</strong> ~450</li> <li> <strong>Mean response time:</strong> 220ms</li> <li> <strong>95th percentile:</strong> 380ms</li> <li> <strong>Failed requests:</strong> 0</li> </ul> <h2> 🔐 Security Best Practices </h2> <h3> 1. Secrets Management </h3> <p>❌ <strong>DON'T</strong> hardcode secrets:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">jwtSecret</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">my-secret-key</span><span class="dl">'</span><span class="p">;</span> <span class="c1">// BAD!</span> </code></pre> </div> <p>✅ <strong>DO</strong> use environment variables:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">jwtSecret</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">JWT_SECRET</span><span class="p">;</span> </code></pre> </div> <p>✅ <strong>BETTER</strong> - Use Azure Key Vault:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>az keyvault create <span class="se">\</span> <span class="nt">--name</span> notification-kv <span class="se">\</span> <span class="nt">--resource-group</span> notification-system-rg az keyvault secret <span class="nb">set</span> <span class="se">\</span> <span class="nt">--vault-name</span> notification-kv <span class="se">\</span> <span class="nt">--name</span> jwt-secret <span class="se">\</span> <span class="nt">--value</span> <span class="s2">"your-secret"</span> </code></pre> </div> <h3> 2. Network Security </h3> <ul> <li>✅ Use private networking for databases</li> <li>✅ Restrict database firewall to specific IP ranges</li> <li>✅ Enable SSL/TLS for all connections</li> <li>✅ Use managed identities instead of passwords</li> </ul> <h3> 3. Container Security </h3> <div class="highlight js-code-highlight"> <pre class="highlight docker"><code><span class="c"># Run as non-root user</span> <span class="k">FROM</span><span class="s"> node:20-slim</span> <span class="k">RUN </span>groupadd <span class="nt">-r</span> nodejs <span class="o">&amp;&amp;</span> useradd <span class="nt">-r</span> <span class="nt">-g</span> nodejs nodejs <span class="k">USER</span><span class="s"> nodejs</span> <span class="c"># Use specific versions</span> <span class="k">FROM</span><span class="s"> node:20.10.0-slim</span> <span class="c"># Scan for vulnerabilities</span> <span class="k">RUN </span>npm audit fix </code></pre> </div> <h2> 📚 Key Learnings </h2> <h3> What Went Right ✅ </h3> <ol> <li> <strong>Debian Slim over Alpine</strong> - Saved hours of OpenSSL troubleshooting</li> <li> <strong>Migrations before deployment</strong> - Databases ready when containers start</li> <li> <strong>Health checks</strong> - Essential for monitoring and debugging</li> <li> <strong>Swagger documentation</strong> - Makes API testing effortless</li> <li> <strong>Auto-scaling</strong> - Handles traffic spikes automatically</li> </ol> <h3> What I'd Do Differently 🔄 </h3> <ol> <li> <strong>Use Infrastructure as Code</strong> (Terraform/Bicep) from day one</li> <li> <strong>Set up CI/CD pipeline</strong> before manual deployments</li> <li> <strong>Implement centralized logging</strong> (ELK/Datadog) earlier</li> <li> <strong>Add integration tests</strong> for database connectivity</li> <li> <strong>Use Azure Key Vault</strong> for secrets management</li> </ol> <h3> Challenges Overcome 💪 </h3> <ol> <li> <strong>Alpine OpenSSL compatibility</strong> → Switched to Debian</li> <li> <strong>Container caching issues</strong> → Used unique revision suffixes</li> <li> <strong>Database connection timeouts</strong> → Configured firewall rules properly</li> <li> <strong>Rate limiter warnings</strong> → Added Express trust proxy configuration</li> </ol> <h2> 🚀 Next Steps </h2> <h3> Phase 2: Additional Services </h3> <ul> <li>[ ] <strong>Notification Service</strong> - Email, SMS, and push notification delivery</li> <li>[ ] <strong>Notification Worker</strong> - Queue processing with Bull/BullMQ</li> <li>[ ] <strong>Analytics Service</strong> - Track delivery rates and engagement</li> <li>[ ] <strong>Admin Dashboard</strong> - Service management UI</li> </ul> <h3> Phase 3: Enhancements </h3> <ul> <li>[ ] <strong>CI/CD Pipeline</strong> - GitHub Actions or Azure DevOps</li> <li>[ ] <strong>Infrastructure as Code</strong> - Terraform or Bicep</li> <li>[ ] <strong>API Gateway</strong> - Centralized routing and authentication</li> <li>[ ] <strong>Message Queue</strong> - Redis or Azure Service Bus</li> <li>[ ] <strong>Caching Layer</strong> - Redis for frequently accessed data</li> <li>[ ] <strong>Monitoring</strong> - Application Insights, Prometheus, Grafana</li> </ul> <h2> 🔗 Live Demo &amp; Resources </h2> <h3> Try It Yourself! </h3> <p><strong>User Service:</strong></p> <ul> <li>🔗 <a href="https://user-service-app.blacksky-6bcbe9ee.uksouth.azurecontainerapps.io/api/docs" rel="noopener noreferrer">API Documentation</a> </li> <li>🔗 <a href="https://user-service-app.blacksky-6bcbe9ee.uksouth.azurecontainerapps.io/api/v1/health" rel="noopener noreferrer">Health Check</a> </li> </ul> <p><strong>Template Service:</strong></p> <ul> <li>🔗 <a href="https://template-service-app.blacksky-6bcbe9ee.uksouth.azurecontainerapps.io/api/docs" rel="noopener noreferrer">API Documentation</a> </li> <li>🔗 <a href="https://template-service-app.blacksky-6bcbe9ee.uksouth.azurecontainerapps.io/api/v1/health" rel="noopener noreferrer">Health Check</a> </li> </ul> <p><strong>Test User:</strong></p> <ul> <li>Email: <code>test@example.com</code> </li> <li>Password: <code>TestPass123!</code> </li> </ul> <h3> Additional Resources </h3> <ul> <li>📖 <a href="https://docs.microsoft.com/azure/container-apps/" rel="noopener noreferrer">Azure Container Apps Documentation</a> </li> <li>📖 <a href="https://docs.nestjs.com/" rel="noopener noreferrer">NestJS Documentation</a> </li> <li>📖 <a href="https://www.prisma.io/docs/" rel="noopener noreferrer">Prisma Documentation</a> </li> <li>🐙 Source Code <em>(Add your GitHub repo link)</em> </li> </ul> <h2> 💭 Final Thoughts </h2> <p>Deploying microservices to production is never as straightforward as tutorials make it seem. Between Docker compatibility issues, database connectivity problems, and platform-specific quirks, there's always something unexpected.</p> <p>But that's also what makes it rewarding! Every issue solved is a lesson learned, and every deployment gets smoother.</p> <p><strong>Key Takeaways:</strong></p> <ul> <li>✅ Start with a solid local development setup</li> <li>✅ Test Docker images thoroughly before deploying</li> <li>✅ Use managed services (databases, registries) to reduce complexity</li> <li>✅ Implement comprehensive health checks</li> <li>✅ Monitor everything from day one</li> <li>✅ Document your deployment process</li> </ul> <p>If you found this helpful, give it a ❤️ and feel free to ask questions in the comments!</p> <h2> 🤝 Connect With Me </h2> <ul> <li>💼 http://www.linkedin.com/in/ibraheem-bello-049b34287 </li> <li>🐙 https://github.com/ibraheembello </li> <li>🐦 https://x.com/Officialibrosky </li> <li>📧 <a href="mailto:belloibrahimolawale@gmail.com">belloibrahimolawale@gmail.com</a> </li> </ul> <p><strong>Tags:</strong> #azure #nestjs #microservices #docker #prisma #typescript #devops #cloudcomputing #containerization #tutorial</p> <p><em>Have questions or suggestions? Drop a comment below! 👇</em></p> azure nestjs microservices docker ibraheembello Sun, 02 Nov 2025 19:19:58 +0000 https://dev.to/ibraheembello/github-issue-monitor-ai-agent-with-mastra-334c https://dev.to/ibraheembello/github-issue-monitor-ai-agent-with-mastra-334c <h2> Building a GitHub Issue Monitor AI Agent with Mastra and Telex.im </h2> <p><em>How I built an intelligent AI agent to track repository issues and integrated it with Telex using the A2A protocol</em></p> <h2> 🎯 The Challenge </h2> <p>As a developer, staying on top of GitHub issues across multiple repositories can be overwhelming. Whether you're maintaining open-source projects, contributing to others, or just keeping track of important discussions, manually checking each repository is time-consuming and inefficient.</p> <p>I wanted to solve this by building an AI agent that could:</p> <ul> <li> <strong>Monitor GitHub repositories</strong> for new and updated issues</li> <li> <strong>Provide intelligent summaries</strong> of changes</li> <li> <strong>Integrate seamlessly</strong> with communication platforms</li> <li> <strong>Run automatically</strong> in the background</li> </ul> <p>This is the story of how I built the <strong>GitHub Issue Monitor</strong> using Mastra and integrated it with Telex.im.</p> <h2> 🛠️ Tech Stack </h2> <p>Here's what I used to build this project:</p> <ul> <li> <strong><a href="https://mastra.ai" rel="noopener noreferrer">Mastra</a></strong>: AI agent framework for building and orchestrating intelligent agents</li> <li> <strong><a href="https://telex.im" rel="noopener noreferrer">Telex.im</a></strong>: Communication platform with A2A (Agent-to-Agent) protocol support</li> <li> <strong>Azure App Service</strong>: Cloud hosting for the agent</li> <li> <strong>Node.js + TypeScript</strong>: Backend runtime and type safety</li> <li> <strong>Octokit</strong>: Official GitHub API client</li> <li> <strong>OpenAI GPT-4o-mini</strong>: Language model for intelligence</li> </ul> <h2> 🏗️ Architecture Overview </h2> <p>The GitHub Issue Monitor consists of several key components working together seamlessly.</p> <h3> System Design </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>User Message (Telex) ↓ JSON-RPC 2.0 Request ↓ Azure App Service (Node.js Server) ↓ Message Parser &amp; Router ↓ Simple GitHub Agent ↓ GitHub API (Octokit) ↓ Format &amp; Return ↓ A2A Response ↓ Telex.im Display </code></pre> </div> <h2> 💻 Building the Agent </h2> <h3> Step 1: Setting Up Mastra </h3> <p>I started by creating a Mastra agent with clear instructions:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Agent</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@mastra/core/agent</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">openai</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@ai-sdk/openai</span><span class="dl">'</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">githubIssueMonitorAgent</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Agent</span><span class="p">({</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">GitHub Issue Monitor</span><span class="dl">'</span><span class="p">,</span> <span class="na">instructions</span><span class="p">:</span> <span class="s2">` You are a GitHub Issue Monitor that tracks repository issues and provides concise summaries with proper formatting. `</span><span class="p">,</span> <span class="na">model</span><span class="p">:</span> <span class="nf">openai</span><span class="p">(</span><span class="dl">'</span><span class="s1">gpt-4o-mini</span><span class="dl">'</span><span class="p">),</span> <span class="p">});</span> </code></pre> </div> <h3> Step 2: GitHub API Integration </h3> <p>Using Octokit, I built the core functionality:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Octokit</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">octokit</span><span class="dl">'</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">octokit</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Octokit</span><span class="p">({</span> <span class="na">auth</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">GITHUB_TOKEN</span><span class="p">,</span> <span class="p">});</span> <span class="c1">// Fetch repository issues</span> <span class="kd">const</span> <span class="p">{</span> <span class="na">data</span><span class="p">:</span> <span class="nx">issues</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">octokit</span><span class="p">.</span><span class="nx">rest</span><span class="p">.</span><span class="nx">issues</span><span class="p">.</span><span class="nf">listForRepo</span><span class="p">({</span> <span class="na">owner</span><span class="p">:</span> <span class="dl">'</span><span class="s1">facebook</span><span class="dl">'</span><span class="p">,</span> <span class="na">repo</span><span class="p">:</span> <span class="dl">'</span><span class="s1">react</span><span class="dl">'</span><span class="p">,</span> <span class="na">state</span><span class="p">:</span> <span class="dl">'</span><span class="s1">open</span><span class="dl">'</span><span class="p">,</span> <span class="na">per_page</span><span class="p">:</span> <span class="mi">10</span><span class="p">,</span> <span class="na">sort</span><span class="p">:</span> <span class="dl">'</span><span class="s1">created</span><span class="dl">'</span><span class="p">,</span> <span class="na">direction</span><span class="p">:</span> <span class="dl">'</span><span class="s1">desc</span><span class="dl">'</span><span class="p">,</span> <span class="p">});</span> </code></pre> </div> <h3> Step 3: Direct Formatting for Reliability </h3> <p>After experimenting with LLM-based formatting, I found that direct JavaScript formatting was more reliable:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">let</span> <span class="nx">summary</span> <span class="o">=</span> <span class="s2">`📊 **GitHub Repository: </span><span class="p">${</span><span class="nx">owner</span><span class="p">}</span><span class="s2">/</span><span class="p">${</span><span class="nx">repo</span><span class="p">}</span><span class="s2">**\n\n`</span><span class="p">;</span> <span class="nx">summary</span> <span class="o">+=</span> <span class="s2">`Total open issues: **</span><span class="p">${</span><span class="nx">issues</span><span class="p">.</span><span class="nx">length</span><span class="p">}</span><span class="s2">**\n`</span><span class="p">;</span> <span class="nx">summary</span> <span class="o">+=</span> <span class="s2">`Showing 5 most recent:\n\n`</span><span class="p">;</span> <span class="nx">recentIssues</span><span class="p">.</span><span class="nf">forEach</span><span class="p">((</span><span class="nx">issue</span><span class="p">,</span> <span class="nx">index</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">summary</span> <span class="o">+=</span> <span class="s2">`</span><span class="p">${</span><span class="nx">index</span> <span class="o">+</span> <span class="mi">1</span><span class="p">}</span><span class="s2">. **#</span><span class="p">${</span><span class="nx">issue</span><span class="p">.</span><span class="kr">number</span><span class="p">}</span><span class="s2">**: </span><span class="p">${</span><span class="nx">issue</span><span class="p">.</span><span class="nx">title</span><span class="p">}</span><span class="s2">\n`</span><span class="p">;</span> <span class="nx">summary</span> <span class="o">+=</span> <span class="s2">` 👤 @</span><span class="p">${</span><span class="nx">issue</span><span class="p">.</span><span class="nx">user</span><span class="p">?.</span><span class="nx">login</span><span class="p">}</span><span class="s2">`</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="nx">labels</span><span class="p">)</span> <span class="p">{</span> <span class="nx">summary</span> <span class="o">+=</span> <span class="s2">` | 🏷️ </span><span class="p">${</span><span class="nx">labels</span><span class="p">}</span><span class="s2">`</span><span class="p">;</span> <span class="p">}</span> <span class="nx">summary</span> <span class="o">+=</span> <span class="s2">`\n 🔗 </span><span class="p">${</span><span class="nx">issue</span><span class="p">.</span><span class="nx">html_url</span><span class="p">}</span><span class="s2">\n\n`</span><span class="p">;</span> <span class="p">});</span> </code></pre> </div> <p><strong>Why direct formatting?</strong></p> <ul> <li>✅ Faster (no LLM API call)</li> <li>✅ More reliable (predictable output)</li> <li>✅ Cost-effective (no extra tokens)</li> <li>✅ Easier to debug</li> </ul> <h3> Step 4: Implementing A2A Protocol </h3> <p>The key challenge was supporting Telex's JSON-RPC 2.0 format:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Parse JSON-RPC request</span> <span class="k">if </span><span class="p">(</span><span class="nx">data</span><span class="p">.</span><span class="nx">jsonrpc</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">2.0</span><span class="dl">'</span> <span class="o">&amp;&amp;</span> <span class="nx">data</span><span class="p">.</span><span class="nx">params</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">textPart</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">params</span><span class="p">.</span><span class="nx">message</span><span class="p">?.</span><span class="nx">parts</span><span class="p">?.</span><span class="nf">find</span><span class="p">(</span> <span class="p">(</span><span class="nx">p</span><span class="p">:</span> <span class="kr">any</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">p</span><span class="p">.</span><span class="nx">kind</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">text</span><span class="dl">'</span> <span class="p">);</span> <span class="nx">userMessage</span> <span class="o">=</span> <span class="nx">textPart</span><span class="p">?.</span><span class="nx">text</span><span class="p">;</span> <span class="p">}</span> <span class="c1">// Return A2A-compliant response</span> <span class="kd">const</span> <span class="nx">a2aResponse</span> <span class="o">=</span> <span class="p">{</span> <span class="na">kind</span><span class="p">:</span> <span class="dl">'</span><span class="s1">message</span><span class="dl">'</span><span class="p">,</span> <span class="na">role</span><span class="p">:</span> <span class="dl">'</span><span class="s1">assistant</span><span class="dl">'</span><span class="p">,</span> <span class="na">parts</span><span class="p">:</span> <span class="p">[{</span> <span class="na">kind</span><span class="p">:</span> <span class="dl">'</span><span class="s1">text</span><span class="dl">'</span><span class="p">,</span> <span class="na">text</span><span class="p">:</span> <span class="nx">formattedSummary</span> <span class="p">}]</span> <span class="p">};</span> <span class="c1">// Wrap in JSON-RPC format</span> <span class="nx">res</span><span class="p">.</span><span class="nf">end</span><span class="p">(</span><span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">jsonrpc</span><span class="p">:</span> <span class="dl">'</span><span class="s1">2.0</span><span class="dl">'</span><span class="p">,</span> <span class="na">id</span><span class="p">:</span> <span class="nx">data</span><span class="p">.</span><span class="nx">id</span><span class="p">,</span> <span class="na">result</span><span class="p">:</span> <span class="nx">a2aResponse</span> <span class="p">}));</span> </code></pre> </div> <h3> Step 5: Deploying to Azure </h3> <p>Deployment was streamlined with GitHub Actions:</p> <ol> <li>Push code to GitHub</li> <li>Azure detects changes</li> <li>Runs <code>npm install</code> and <code>npm run build</code> </li> <li>Deploys to App Service</li> <li>Restarts server automatically</li> </ol> <p><strong>Environment variables</strong> (configured in Azure):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">OPENAI_API_KEY</span><span class="o">=</span>sk-proj-... <span class="nv">GITHUB_TOKEN</span><span class="o">=</span>ghp_... <span class="nv">GITHUB_OWNER</span><span class="o">=</span>facebook <span class="nv">GITHUB_REPO</span><span class="o">=</span>react <span class="nv">CHECK_INTERVAL_MINUTES</span><span class="o">=</span>30 <span class="nv">PORT</span><span class="o">=</span>8080 </code></pre> </div> <h2> 🎨 Features &amp; Output </h2> <h3> Example Interaction </h3> <p><strong>User</strong>: <code>Check facebook/react</code></p> <p><strong>Agent</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>📊 **GitHub Repository: facebook/react** Total open issues: **847** Showing 5 most recent: 1. **#35033**: Typo in comment: "untill" → "until" in ReactDOMRoot.js 👤 @Ashish-coder-gif | 🏷️ Status: Unconfirmed 🔗 https://github.com/facebook/react/issues/35033 2. **#35032**: chore(react-reconciler/README.md): replace older Medium links 👤 @onstash | 🏷️ CLA Signed 🔗 https://github.com/facebook/react/pull/35032 3. **#35029**: [Compiler Bug]: set-state-in-effect false negative 👤 @mdwyer6 | 🏷️ Type: Bug, Status: Unconfirmed 🔗 https://github.com/facebook/react/issues/35029 4. **#35028**: Bug: state changes inside forwardRef change props object 👤 @Hypnosphi | 🏷️ Status: Unconfirmed 🔗 https://github.com/facebook/react/issues/35028 5. **#35027**: test: add coverage for zero-length style values 👤 @Biki-das | 🏷️ CLA Signed 🔗 https://github.com/facebook/react/pull/35027 💡 *Ask for specific labels or date ranges to filter results* </code></pre> </div> <h2> 🚧 Challenges &amp; Solutions </h2> <h3> Challenge 1: Empty LLM Responses </h3> <p><strong>Problem</strong>: Initial implementation using Mastra tools returned empty responses.</p> <p><strong>Root Cause</strong>: The tool wasn't being invoked properly, and the LLM sometimes returned empty text.</p> <p><strong>Solution</strong>: </p> <ol> <li>Added <code>toolChoice: 'required'</code> to force tool usage</li> <li>Eventually replaced with direct formatting (more reliable)</li> </ol> <h3> Challenge 2: A2A Protocol Format </h3> <p><strong>Problem</strong>: Telex uses JSON-RPC 2.0 with nested structures:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"jsonrpc"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2.0"</span><span class="p">,</span><span class="w"> </span><span class="nl">"params"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"parts"</span><span class="p">:</span><span class="w"> </span><span class="p">[{</span><span class="nl">"kind"</span><span class="p">:</span><span class="w"> </span><span class="s2">"text"</span><span class="p">,</span><span class="w"> </span><span class="nl">"text"</span><span class="p">:</span><span class="w"> </span><span class="s2">"..."</span><span class="p">}]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p><strong>Solution</strong>: Created flexible message parser supporting multiple formats:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Support JSON-RPC</span> <span class="k">if </span><span class="p">(</span><span class="nx">data</span><span class="p">.</span><span class="nx">jsonrpc</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">2.0</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="nx">messageData</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">params</span><span class="p">;</span> <span class="p">}</span> <span class="c1">// Support standard messages</span> <span class="k">if </span><span class="p">(</span><span class="nx">data</span><span class="p">.</span><span class="nx">messages</span><span class="p">)</span> <span class="p">{</span> <span class="nx">userMessage</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">messages</span><span class="p">[</span><span class="nx">data</span><span class="p">.</span><span class="nx">messages</span><span class="p">.</span><span class="nx">length</span> <span class="o">-</span> <span class="mi">1</span><span class="p">];</span> <span class="p">}</span> <span class="c1">// Support parts array</span> <span class="k">if </span><span class="p">(</span><span class="nx">data</span><span class="p">.</span><span class="nx">parts</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">textPart</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">parts</span><span class="p">.</span><span class="nf">find</span><span class="p">(</span><span class="nx">p</span> <span class="o">=&gt;</span> <span class="nx">p</span><span class="p">.</span><span class="nx">kind</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">text</span><span class="dl">'</span><span class="p">);</span> <span class="nx">userMessage</span> <span class="o">=</span> <span class="nx">textPart</span><span class="p">?.</span><span class="nx">text</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <h3> Challenge 3: ES Module Imports </h3> <p><strong>Problem</strong>: TypeScript compiles to <code>.js</code> but imports need explicit extensions:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// This fails at runtime</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">tool</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./tools/github-tool</span><span class="dl">'</span><span class="p">;</span> <span class="c1">// This works</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">tool</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./tools/github-tool.js</span><span class="dl">'</span><span class="p">;</span> </code></pre> </div> <p><strong>Solution</strong>: Added <code>.js</code> extensions to all relative imports in TypeScript files.</p> <h3> Challenge 4: Build Errors on Azure </h3> <p><strong>Problem</strong>: Azure deployment failed due to TypeScript errors in test files.</p> <p><strong>Solution</strong>: Updated <code>tsconfig.json</code> to exclude test files:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"exclude"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"node_modules"</span><span class="p">,</span><span class="w"> </span><span class="s2">"dist"</span><span class="p">,</span><span class="w"> </span><span class="s2">"src/**/*.test.ts"</span><span class="p">,</span><span class="w"> </span><span class="s2">"src/**/test-*.ts"</span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> 📊 Performance &amp; Metrics </h2> <p><strong>Response Times:</strong></p> <ul> <li>GitHub API call: <strong>~500ms</strong> </li> <li>Formatting: <strong>&lt;50ms</strong> </li> <li>Total response: <strong>~2-3 seconds</strong> </li> </ul> <p><strong>Reliability:</strong></p> <ul> <li>Uptime: <strong>99.9%</strong> </li> <li>Success rate: <strong>100%</strong> (with proper error handling)</li> <li>Average requests/day: <strong>~50</strong> (testing phase)</li> </ul> <p><strong>Cost:</strong></p> <ul> <li>Azure App Service B1: <strong>$13/month</strong> </li> <li>GitHub API: <strong>Free</strong> (5,000 requests/hour)</li> <li>OpenAI (minimal): <strong>~$0.10/month</strong> (mostly unused now)</li> </ul> <h2> 🎓 Key Learnings </h2> <h3> 1. <strong>Simplicity Over Complexity</strong> </h3> <p>My first instinct was to use LLMs for everything. But sometimes plain JavaScript is better:</p> <ul> <li>More predictable</li> <li>Faster</li> <li>Cheaper</li> <li>Easier to debug</li> </ul> <h3> 2. <strong>Protocol Compliance Matters</strong> </h3> <p>Understanding the A2A protocol and JSON-RPC 2.0 was crucial. Reading the spec saved hours of debugging.</p> <h3> 3. <strong>Azure is Developer-Friendly</strong> </h3> <p>The GitHub integration and automatic deployments made iteration fast. Environment variables through the portal are convenient.</p> <h3> 4. <strong>Error Handling is Critical</strong> </h3> <p>Production agents need robust error handling:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">issues</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetchIssues</span><span class="p">();</span> <span class="k">return</span> <span class="nf">formatResponse</span><span class="p">(</span><span class="nx">issues</span><span class="p">);</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">[Agent] Error:</span><span class="dl">'</span><span class="p">,</span> <span class="nx">error</span><span class="p">.</span><span class="nx">message</span><span class="p">);</span> <span class="k">return</span> <span class="s2">`Error: </span><span class="p">${</span><span class="nx">error</span><span class="p">.</span><span class="nx">message</span><span class="p">}</span><span class="s2">`</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <h3> 5. <strong>Logging is Your Friend</strong> </h3> <p>Detailed logs at every step made debugging on Azure much easier:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">[Simple Agent] Fetching issues for</span><span class="dl">'</span><span class="p">,</span> <span class="nx">owner</span><span class="p">,</span> <span class="nx">repo</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">[Simple Agent] Fetched</span><span class="dl">'</span><span class="p">,</span> <span class="nx">issues</span><span class="p">.</span><span class="nx">length</span><span class="p">,</span> <span class="dl">'</span><span class="s1">issues</span><span class="dl">'</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">[Simple Agent] Formatted summary (</span><span class="dl">'</span><span class="p">,</span> <span class="nx">summary</span><span class="p">.</span><span class="nx">length</span><span class="p">,</span> <span class="dl">'</span><span class="s1">chars)</span><span class="dl">'</span><span class="p">);</span> </code></pre> </div> <h2> 🚀 Future Enhancements </h2> <h3> Near-term: </h3> <ol> <li> <strong>Advanced filtering</strong> by labels, milestones, assignees</li> <li> <strong>Custom formatting</strong> options (compact, detailed, etc.)</li> <li> <strong>Multi-repository</strong> monitoring in single query</li> <li> <strong>Caching</strong> to reduce API calls</li> </ol> <h3> Long-term: </h3> <ol> <li> <strong>Real-time notifications</strong> for important changes</li> <li> <strong>Analytics dashboard</strong> with trends and insights</li> <li> <strong>Smart summaries</strong> using LLM for complex analysis</li> <li> <strong>Integration</strong> with other Git platforms (GitLab, Bitbucket)</li> </ol> <h2> 📚 Technical Stack Details </h2> <p><strong>Backend:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Node.js 20 LTS TypeScript 5.x Express-style HTTP server ES Modules </code></pre> </div> <p><strong>APIs &amp; SDKs:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>@mastra/core: ^0.1.x octokit: ^3.x @ai-sdk/openai: ^0.x dotenv: ^16.x </code></pre> </div> <p><strong>Deployment:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Platform: Azure App Service OS: Linux Region: West Europe Tier: Basic B1 Auto-deploy: GitHub Actions </code></pre> </div> <h2> 💡 Tips for Building Your Own </h2> <p>If you want to build something similar:</p> <ol> <li> <strong>Start with curl</strong> - Test your agent locally before deploying</li> <li> <strong>Read the A2A spec</strong> - Understanding the protocol saves time</li> <li> <strong>Use environment variables</strong> - Never hardcode API keys</li> <li> <strong>Test edge cases</strong> - Empty responses, API errors, invalid inputs</li> <li> <strong>Monitor logs</strong> - Set up proper logging from day one</li> <li> <strong>Keep it simple</strong> - Start basic, add complexity when needed</li> </ol> <h2> 🤝 Open Source &amp; Community </h2> <p>This project is <strong>open source</strong>! You can:</p> <ul> <li>View the code</li> <li>Report issues</li> <li>Contribute features</li> <li>Fork and customize</li> </ul> <p><strong>GitHub Repository</strong>: [<a href="https://github.com/ibraheembello/GitHub-Issue-Monitor.git" rel="noopener noreferrer">https://github.com/ibraheembello/GitHub-Issue-Monitor.git</a>]</p> <p><strong>Contributions welcome for:</strong></p> <ul> <li>Bug fixes</li> <li>New features</li> <li>Documentation improvements</li> <li>Test coverage</li> <li>Performance optimizations</li> </ul> <h2> 🎯 Conclusion </h2> <p>Building this GitHub Issue Monitor taught me valuable lessons about AI agent development, protocol integration, and production deployment. The combination of Mastra's framework and Telex's A2A protocol makes it surprisingly easy to build powerful, communicative AI agents.</p> <p>Whether you're tracking open-source projects, managing team workflows, or experimenting with AI agents, I hope this post inspires you to build something cool!</p> <p><strong>Try the agent in Telex.im and let me know what you think!</strong></p> <h2> 📞 Connect &amp; Follow </h2> <ul> <li> <strong>Twitter/X</strong>: [<a href="https://x.com/Officialibrosky" rel="noopener noreferrer">https://x.com/Officialibrosky</a>]</li> <li> <strong>GitHub</strong>: [<a href="https://github.com/ibraheembello" rel="noopener noreferrer">https://github.com/ibraheembello</a>]</li> <li> <strong>LinkedIn</strong>: [<a href="http://www.linkedin.com/in/ibraheem-bello-049b34287" rel="noopener noreferrer">www.linkedin.com/in/ibraheem-bello-049b34287</a>]</li> </ul> <p><em>Built with ❤️ using Mastra, Telex.im, and Azure</em></p> <p><strong>#AI #Mastra #Telex #GitHub #AgentDevelopment #A2A #Azure #NodeJS #TypeScript #OpenSource</strong></p> <p><strong>Found this helpful? ⭐ Star the repo and share with your network!</strong><br> : A Complete A2A Integration Guide</p> ai agents azure typescript