bakery-ia/skaffold.yaml

apiVersion: skaffold/v2beta28
kind: Config
metadata:
  name: bakery-ia

build:
  local:
    push: false
  tagPolicy:
    envTemplate:
      template: "dev"
  artifacts:
    # Gateway
    - image: bakery/gateway
      context: .
      docker:
        dockerfile: gateway/Dockerfile

    # Frontend
    - image: bakery/dashboard
      context: ./frontend
      docker:
        dockerfile: Dockerfile.kubernetes

    # Microservices
    - image: bakery/auth-service
      context: .
      docker:
        dockerfile: services/auth/Dockerfile

    - image: bakery/tenant-service
      context: .
      docker:
        dockerfile: services/tenant/Dockerfile

    - image: bakery/training-service
      context: .
      docker:
        dockerfile: services/training/Dockerfile

    - image: bakery/forecasting-service
      context: .
      docker:
        dockerfile: services/forecasting/Dockerfile

    - image: bakery/sales-service
      context: .
      docker:
        dockerfile: services/sales/Dockerfile

    - image: bakery/external-service
      context: .
      docker:
        dockerfile: services/external/Dockerfile

    - image: bakery/notification-service
      context: .
      docker:
        dockerfile: services/notification/Dockerfile

    - image: bakery/inventory-service
      context: .
      docker:
        dockerfile: services/inventory/Dockerfile

    - image: bakery/recipes-service
      context: .
      docker:
        dockerfile: services/recipes/Dockerfile

    - image: bakery/suppliers-service
      context: .
      docker:
        dockerfile: services/suppliers/Dockerfile

    - image: bakery/pos-service
      context: .
      docker:
        dockerfile: services/pos/Dockerfile

    - image: bakery/orders-service
      context: .
      docker:
        dockerfile: services/orders/Dockerfile

    - image: bakery/production-service
      context: .
      docker:
        dockerfile: services/production/Dockerfile

    - image: bakery/alert-processor
      context: .
      docker:
        dockerfile: services/alert_processor/Dockerfile

    - image: bakery/demo-session-service
      context: .
      docker:
        dockerfile: services/demo_session/Dockerfile

deploy:
  kustomize:
    paths:
      - infrastructure/kubernetes/overlays/dev
  statusCheck: true
  statusCheckDeadlineSeconds: 600
  kubectl:
    hooks:
      before:
        - host:
            command: ["sh", "-c", "echo '======================================'"]
        - host:
            command: ["sh", "-c", "echo '🔐 Bakery IA Secure Deployment'"]
        - host:
            command: ["sh", "-c", "echo '======================================'"]
        - host:
            command: ["sh", "-c", "echo ''"]
        - host:
            command: ["sh", "-c", "echo 'Applying security configurations...'"]
        - host:
            command: ["sh", "-c", "echo '  - TLS certificates for PostgreSQL and Redis'"]
        - host:
            command: ["sh", "-c", "echo '  - Strong passwords (32-character)'"]
        - host:
            command: ["sh", "-c", "echo '  - PersistentVolumeClaims for data persistence'"]
        - host:
            command: ["sh", "-c", "echo '  - pgcrypto extension for encryption at rest'"]
        - host:
            command: ["sh", "-c", "echo '  - PostgreSQL audit logging'"]
        - host:
            command: ["sh", "-c", "echo ''"]
        - host:
            command: ["kubectl", "apply", "-f", "infrastructure/kubernetes/base/secrets.yaml"]
        - host:
            command: ["kubectl", "apply", "-f", "infrastructure/kubernetes/base/secrets/postgres-tls-secret.yaml"]
        - host:
            command: ["kubectl", "apply", "-f", "infrastructure/kubernetes/base/secrets/redis-tls-secret.yaml"]
        - host:
            command: ["kubectl", "apply", "-f", "infrastructure/kubernetes/base/configs/postgres-init-config.yaml"]
        - host:
            command: ["kubectl", "apply", "-f", "infrastructure/kubernetes/base/configmaps/postgres-logging-config.yaml"]
        - host:
            command: ["sh", "-c", "echo ''"]
        - host:
            command: ["sh", "-c", "echo '✅ Security configurations applied'"]
        - host:
            command: ["sh", "-c", "echo ''"]
      after:
        - host:
            command: ["sh", "-c", "echo ''"]
        - host:
            command: ["sh", "-c", "echo '======================================'"]
        - host:
            command: ["sh", "-c", "echo '✅ Deployment Complete!'"]
        - host:
            command: ["sh", "-c", "echo '======================================'"]
        - host:
            command: ["sh", "-c", "echo ''"]
        - host:
            command: ["sh", "-c", "echo 'Security Features Enabled:'"]
        - host:
            command: ["sh", "-c", "echo '  ✅ TLS encryption for all database connections'"]
        - host:
            command: ["sh", "-c", "echo '  ✅ Strong 32-character passwords'"]
        - host:
            command: ["sh", "-c", "echo '  ✅ Persistent storage (PVCs) - no data loss'"]
        - host:
            command: ["sh", "-c", "echo '  ✅ pgcrypto extension for column encryption'"]
        - host:
            command: ["sh", "-c", "echo '  ✅ PostgreSQL audit logging enabled'"]
        - host:
            command: ["sh", "-c", "echo ''"]
        - host:
            command: ["sh", "-c", "echo 'Verify deployment:'"]
        - host:
            command: ["sh", "-c", "echo '  kubectl get pods -n bakery-ia'"]
        - host:
            command: ["sh", "-c", "echo '  kubectl get pvc -n bakery-ia'"]
        - host:
            command: ["sh", "-c", "echo ''"]

# Default deployment uses dev overlay with full security features
# Access via ingress: http://localhost (or https://localhost)
#
# Available profiles:
#   - dev: Local development with full security (default)
#   - debug: Local development with port forwarding for debugging
#   - prod: Production deployment with production settings
#
# Usage:
#   skaffold dev                # Uses secure dev overlay
#   skaffold dev -p debug       # Use debug profile with port forwarding
#   skaffold run -p prod        # Use prod profile for production

profiles:
  - name: dev
    activation:
      - command: dev
    build:
      local:
        push: false
      tagPolicy:
        envTemplate:
          template: "dev"
    deploy:
      kustomize:
        paths:
          - infrastructure/kubernetes/overlays/dev

  - name: debug
    activation:
      - command: debug
    build:
      local:
        push: false
      tagPolicy:
        envTemplate:
          template: "dev"
    deploy:
      kustomize:
        paths:
          - infrastructure/kubernetes/overlays/dev
    portForward:
      - resourceType: service
        resourceName: frontend-service
        namespace: bakery-ia
        port: 3000
        localPort: 3000
      - resourceType: service
        resourceName: gateway-service
        namespace: bakery-ia
        port: 8000
        localPort: 8000
      - resourceType: service
        resourceName: auth-service
        namespace: bakery-ia
        port: 8000
        localPort: 8001

  - name: prod
    build:
      local:
        push: false
      tagPolicy:
        gitCommit:
          variant: AbbrevCommitSha
    deploy:
      kustomize:
        paths:
          - infrastructure/kubernetes/overlays/prod
Add base kubernetes support 5 2025-09-27 22:55:42 +02:00			`apiVersion: skaffold/v2beta28`
			`kind: Config`
			`metadata:`
Fix issues 2025-10-01 16:25:53 +02:00			`name: bakery-ia`
Add base kubernetes support 5 2025-09-27 22:55:42 +02:00
			`build:`
			`local:`
			`push: false`
Add base kubernetes support final 2025-09-28 13:54:28 +02:00			`tagPolicy:`
			`envTemplate:`
			`template: "dev"`
Add base kubernetes support 5 2025-09-27 22:55:42 +02:00			`artifacts:`
			`# Gateway`
			`- image: bakery/gateway`
			`context: .`
			`docker:`
			`dockerfile: gateway/Dockerfile`

			`# Frontend`
			`- image: bakery/dashboard`
			`context: ./frontend`
			`docker:`
			`dockerfile: Dockerfile.kubernetes`

			`# Microservices`
			`- image: bakery/auth-service`
			`context: .`
			`docker:`
			`dockerfile: services/auth/Dockerfile`

			`- image: bakery/tenant-service`
			`context: .`
			`docker:`
			`dockerfile: services/tenant/Dockerfile`

			`- image: bakery/training-service`
			`context: .`
			`docker:`
			`dockerfile: services/training/Dockerfile`

			`- image: bakery/forecasting-service`
			`context: .`
			`docker:`
			`dockerfile: services/forecasting/Dockerfile`

			`- image: bakery/sales-service`
			`context: .`
			`docker:`
			`dockerfile: services/sales/Dockerfile`

			`- image: bakery/external-service`
			`context: .`
			`docker:`
			`dockerfile: services/external/Dockerfile`

			`- image: bakery/notification-service`
			`context: .`
			`docker:`
			`dockerfile: services/notification/Dockerfile`

			`- image: bakery/inventory-service`
			`context: .`
			`docker:`
			`dockerfile: services/inventory/Dockerfile`

			`- image: bakery/recipes-service`
			`context: .`
			`docker:`
			`dockerfile: services/recipes/Dockerfile`

			`- image: bakery/suppliers-service`
			`context: .`
			`docker:`
			`dockerfile: services/suppliers/Dockerfile`

			`- image: bakery/pos-service`
			`context: .`
			`docker:`
			`dockerfile: services/pos/Dockerfile`

			`- image: bakery/orders-service`
			`context: .`
			`docker:`
			`dockerfile: services/orders/Dockerfile`

			`- image: bakery/production-service`
			`context: .`
			`docker:`
			`dockerfile: services/production/Dockerfile`

			`- image: bakery/alert-processor`
			`context: .`
			`docker:`
			`dockerfile: services/alert_processor/Dockerfile`

REFACTOR ALL APIs 2025-10-06 15:27:01 +02:00			`- image: bakery/demo-session-service`
			`context: .`
			`docker:`
			`dockerfile: services/demo_session/Dockerfile`

Add base kubernetes support 5 2025-09-27 22:55:42 +02:00			`deploy:`
			`kustomize:`
			`paths:`
			`- infrastructure/kubernetes/overlays/dev`
Improve kubernetes for prod 2025-11-06 11:04:50 +01:00			`statusCheck: true`
			`statusCheckDeadlineSeconds: 600`
			`kubectl:`
			`hooks:`
			`before:`
			`- host:`
			`command: ["sh", "-c", "echo '======================================'"]`
			`- host:`
			`command: ["sh", "-c", "echo '🔐 Bakery IA Secure Deployment'"]`
			`- host:`
			`command: ["sh", "-c", "echo '======================================'"]`
			`- host:`
			`command: ["sh", "-c", "echo ''"]`
			`- host:`
			`command: ["sh", "-c", "echo 'Applying security configurations...'"]`
			`- host:`
			`command: ["sh", "-c", "echo ' - TLS certificates for PostgreSQL and Redis'"]`
			`- host:`
			`command: ["sh", "-c", "echo ' - Strong passwords (32-character)'"]`
			`- host:`
			`command: ["sh", "-c", "echo ' - PersistentVolumeClaims for data persistence'"]`
			`- host:`
			`command: ["sh", "-c", "echo ' - pgcrypto extension for encryption at rest'"]`
			`- host:`
			`command: ["sh", "-c", "echo ' - PostgreSQL audit logging'"]`
			`- host:`
			`command: ["sh", "-c", "echo ''"]`
			`- host:`
			`command: ["kubectl", "apply", "-f", "infrastructure/kubernetes/base/secrets.yaml"]`
			`- host:`
			`command: ["kubectl", "apply", "-f", "infrastructure/kubernetes/base/secrets/postgres-tls-secret.yaml"]`
			`- host:`
			`command: ["kubectl", "apply", "-f", "infrastructure/kubernetes/base/secrets/redis-tls-secret.yaml"]`
			`- host:`
			`command: ["kubectl", "apply", "-f", "infrastructure/kubernetes/base/configs/postgres-init-config.yaml"]`
			`- host:`
			`command: ["kubectl", "apply", "-f", "infrastructure/kubernetes/base/configmaps/postgres-logging-config.yaml"]`
			`- host:`
			`command: ["sh", "-c", "echo ''"]`
			`- host:`
			`command: ["sh", "-c", "echo '✅ Security configurations applied'"]`
			`- host:`
			`command: ["sh", "-c", "echo ''"]`
			`after:`
			`- host:`
			`command: ["sh", "-c", "echo ''"]`
			`- host:`
			`command: ["sh", "-c", "echo '======================================'"]`
			`- host:`
			`command: ["sh", "-c", "echo '✅ Deployment Complete!'"]`
			`- host:`
			`command: ["sh", "-c", "echo '======================================'"]`
			`- host:`
			`command: ["sh", "-c", "echo ''"]`
			`- host:`
			`command: ["sh", "-c", "echo 'Security Features Enabled:'"]`
			`- host:`
			`command: ["sh", "-c", "echo ' ✅ TLS encryption for all database connections'"]`
			`- host:`
			`command: ["sh", "-c", "echo ' ✅ Strong 32-character passwords'"]`
			`- host:`
			`command: ["sh", "-c", "echo ' ✅ Persistent storage (PVCs) - no data loss'"]`
			`- host:`
			`command: ["sh", "-c", "echo ' ✅ pgcrypto extension for column encryption'"]`
			`- host:`
			`command: ["sh", "-c", "echo ' ✅ PostgreSQL audit logging enabled'"]`
			`- host:`
			`command: ["sh", "-c", "echo ''"]`
			`- host:`
			`command: ["sh", "-c", "echo 'Verify deployment:'"]`
			`- host:`
			`command: ["sh", "-c", "echo ' kubectl get pods -n bakery-ia'"]`
			`- host:`
			`command: ["sh", "-c", "echo ' kubectl get pvc -n bakery-ia'"]`
			`- host:`
			`command: ["sh", "-c", "echo ''"]`

			`# Default deployment uses dev overlay with full security features`
Fix issues 2025-10-01 16:25:53 +02:00			`# Access via ingress: http://localhost (or https://localhost)`
			`#`
			`# Available profiles:`
Improve kubernetes for prod 2025-11-06 11:04:50 +01:00			`# - dev: Local development with full security (default)`
Fix issues 2025-10-01 16:25:53 +02:00			`# - debug: Local development with port forwarding for debugging`
			`# - prod: Production deployment with production settings`
			`#`
			`# Usage:`
Improve kubernetes for prod 2025-11-06 11:04:50 +01:00			`# skaffold dev # Uses secure dev overlay`
			`# skaffold dev -p debug # Use debug profile with port forwarding`
			`# skaffold run -p prod # Use prod profile for production`
Add base kubernetes support 5 2025-09-27 22:55:42 +02:00
			`profiles:`
			`- name: dev`
Fix issues 2025-10-01 16:25:53 +02:00			`activation:`
			`- command: dev`
Add base kubernetes support 5 2025-09-27 22:55:42 +02:00			`build:`
			`local:`
			`push: false`
			`tagPolicy:`
Add base kubernetes support final 2025-09-28 13:54:28 +02:00			`envTemplate:`
			`template: "dev"`
Add base kubernetes support 5 2025-09-27 22:55:42 +02:00			`deploy:`
			`kustomize:`
			`paths:`
			`- infrastructure/kubernetes/overlays/dev`

			`- name: debug`
Fix issues 2025-10-01 16:25:53 +02:00			`activation:`
			`- command: debug`
Add base kubernetes support 5 2025-09-27 22:55:42 +02:00			`build:`
			`local:`
			`push: false`
			`tagPolicy:`
Fix issues 2025-10-01 16:25:53 +02:00			`envTemplate:`
			`template: "dev"`
Add base kubernetes support 5 2025-09-27 22:55:42 +02:00			`deploy:`
			`kustomize:`
			`paths:`
			`- infrastructure/kubernetes/overlays/dev`
			`portForward:`
			`- resourceType: service`
			`resourceName: frontend-service`
			`namespace: bakery-ia`
			`port: 3000`
			`localPort: 3000`
			`- resourceType: service`
			`resourceName: gateway-service`
			`namespace: bakery-ia`
			`port: 8000`
			`localPort: 8000`
			`- resourceType: service`
			`resourceName: auth-service`
			`namespace: bakery-ia`
			`port: 8000`
Fix issues 2025-10-01 16:25:53 +02:00			`localPort: 8001`

			`- name: prod`
			`build:`
			`local:`
			`push: false`
			`tagPolicy:`
			`gitCommit:`
			`variant: AbbrevCommitSha`
			`deploy:`
			`kustomize:`
			`paths:`
REFACTOR ALL APIs 2025-10-06 15:27:01 +02:00			`- infrastructure/kubernetes/overlays/prod`