Fix issues

infrastructure/kubernetes/base/configmap.yaml

@@ -2,7 +2,6 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: bakery-config
-  namespace: bakery-ia
   labels:
     app.kubernetes.io/name: bakery-ia
     app.kubernetes.io/component: config
@@ -22,7 +21,7 @@ data:
   BUILD_DATE: "2024-01-20T10:00:00Z"
   VCS_REF: "latest"
   IMAGE_TAG: "latest"
-  DOMAIN: "localhost"
+  DOMAIN: "bakery.yourdomain.com"
   AUTO_RELOAD: "false"
   PROFILING_ENABLED: "false"
   MOCK_EXTERNAL_APIS: "false"
@@ -109,7 +108,7 @@ data:
   # ================================================================
   # CORS & API CONFIGURATION
   # ================================================================
-  CORS_ORIGINS: "http://frontend-service:3000,http://localhost:3000,http://bakery-ia.local,https://bakery.yourdomain.com,http://localhost"
+  CORS_ORIGINS: "https://bakery.yourdomain.com,http://frontend-service:3000"
   CORS_ALLOW_CREDENTIALS: "true"
   RATE_LIMIT_ENABLED: "true"
   RATE_LIMIT_REQUESTS: "100"
@@ -136,11 +135,11 @@ data:
   # ================================================================
   # PAYMENT CONFIGURATION
   # ================================================================
-  STRIPE_PUBLISHABLE_KEY: "pk_test_your_stripe_publishable_key_here"
+  STRIPE_PUBLISHABLE_KEY: "pk_live_your_stripe_publishable_key_here"
   SQUARE_APPLICATION_ID: "your-square-application-id"
-  SQUARE_ENVIRONMENT: "sandbox"
-  TOAST_ENVIRONMENT: "sandbox"
-  LIGHTSPEED_ENVIRONMENT: "sandbox"
+  SQUARE_ENVIRONMENT: "production"
+  TOAST_ENVIRONMENT: "production"
+  LIGHTSPEED_ENVIRONMENT: "production"
 
   # ================================================================
   # EMAIL CONFIGURATION

infrastructure/kubernetes/base/configs/development-config.yaml

@@ -1,22 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: development-config
-  namespace: bakery-ia
-  labels:
-    app.kubernetes.io/component: config
-    app.kubernetes.io/part-of: bakery-ia
-    environment: development
-data:
-  # Set to "true" to force recreate all tables from scratch (development mode)
-  # This will drop all existing tables and recreate them from SQLAlchemy models
-  DB_FORCE_RECREATE: "false"
-
-  # Development mode flag
-  DEVELOPMENT_MODE: "true"
-
-  # Enable debug logging in development
-  DEBUG_LOGGING: "true"
-
-  # Skip migration version checking in development
-  SKIP_MIGRATION_VERSION_CHECK: "false"

infrastructure/kubernetes/base/configs/postgres-init-config.yaml

@@ -2,7 +2,6 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: postgres-init-config
-  namespace: bakery-ia
   labels:
     app.kubernetes.io/component: database
     app.kubernetes.io/part-of: bakery-ia

infrastructure/kubernetes/base/kustomization.yaml

@@ -14,7 +14,6 @@ resources:
 
   # Additional configs
   - configs/postgres-init-config.yaml
-  - configs/development-config.yaml
 
   # Migration jobs
   - migrations/auth-migration-job.yaml

infrastructure/kubernetes/overlays/dev/dev-patches.yaml

@@ -1,20 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: bakery-config
-  namespace: bakery-ia
-data:
-  # Development specific overrides
-  ENVIRONMENT: "development"
-  DEBUG: "true"
-  LOG_LEVEL: "DEBUG"
-  AUTO_RELOAD: "true"
-  PROFILING_ENABLED: "true"
-  MOCK_EXTERNAL_APIS: "true"
-
-  # CORS Configuration for Development
-  CORS_ORIGINS: "http://frontend-service:3000,http://localhost:3000,http://localhost:3001,http://localhost,http://127.0.0.1:3000,http://127.0.0.1:3001,http://bakery-ia.local,https://localhost,https://127.0.0.1"
-
-  # Frontend Development Configuration
-  VITE_ENVIRONMENT: "development"
-  VITE_API_URL: "/api"

infrastructure/kubernetes/overlays/dev/kustomization.yaml

@@ -11,7 +11,6 @@ resources:
   - dev-ingress.yaml
 
 patches:
-  - path: dev-patches.yaml
   - target:
       group: apps
       version: v1
@@ -487,13 +486,41 @@ patches:
             cpu: "500m"
 
 configMapGenerator:
-  - name: bakery-dev-config
+  - name: bakery-config
+    behavior: merge
     literals:
+      # Environment & Build Settings
       - ENVIRONMENT=development
       - DEBUG=true
       - LOG_LEVEL=DEBUG
       - AUTO_RELOAD=true
       - PROFILING_ENABLED=true
+      - MOCK_EXTERNAL_APIS=true
+      - TESTING=false
+      - DOMAIN=localhost
+      - API_DOCS_ENABLED=true
+
+      # CORS Configuration for Development
+      - CORS_ORIGINS=http://frontend-service:3000,http://localhost:3000,http://localhost:3001,http://localhost,http://127.0.0.1:3000,http://127.0.0.1:3001,http://bakery-ia.local,https://localhost,https://127.0.0.1
+
+      # Frontend Development Configuration
+      - VITE_ENVIRONMENT=development
+      - VITE_API_URL=/api
+
+      # Payment Configuration (Sandbox for dev)
+      - STRIPE_PUBLISHABLE_KEY=pk_test_your_stripe_publishable_key_here
+      - SQUARE_ENVIRONMENT=sandbox
+      - TOAST_ENVIRONMENT=sandbox
+      - LIGHTSPEED_ENVIRONMENT=sandbox
+
+      # Rate Limiting (Disabled for dev)
+      - RATE_LIMIT_ENABLED=false
+
+      # Database (Development mode)
+      - DB_FORCE_RECREATE=false
+      - DEVELOPMENT_MODE=true
+      - DEBUG_LOGGING=true
+      - SKIP_MIGRATION_VERSION_CHECK=false
 
 secretGenerator:
   - name: dev-secrets

infrastructure/kubernetes/overlays/prod/kustomization.yaml

@@ -0,0 +1,85 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+metadata:
+  name: bakery-ia-prod
+
+namespace: bakery-ia
+
+resources:
+  - ../../base
+  - prod-ingress.yaml
+
+labels:
+  - includeSelectors: true
+    pairs:
+      environment: production
+      tier: production
+
+images:
+  - name: bakery/auth-service
+    newTag: latest
+  - name: bakery/tenant-service
+    newTag: latest
+  - name: bakery/training-service
+    newTag: latest
+  - name: bakery/forecasting-service
+    newTag: latest
+  - name: bakery/sales-service
+    newTag: latest
+  - name: bakery/external-service
+    newTag: latest
+  - name: bakery/notification-service
+    newTag: latest
+  - name: bakery/inventory-service
+    newTag: latest
+  - name: bakery/recipes-service
+    newTag: latest
+  - name: bakery/suppliers-service
+    newTag: latest
+  - name: bakery/pos-service
+    newTag: latest
+  - name: bakery/orders-service
+    newTag: latest
+  - name: bakery/production-service
+    newTag: latest
+  - name: bakery/alert-processor
+    newTag: latest
+  - name: bakery/gateway
+    newTag: latest
+  - name: bakery/dashboard
+    newTag: latest
+
+replicas:
+  - name: auth-service
+    count: 3
+  - name: tenant-service
+    count: 2
+  - name: training-service
+    count: 2
+  - name: forecasting-service
+    count: 3
+  - name: sales-service
+    count: 2
+  - name: external-service
+    count: 2
+  - name: notification-service
+    count: 3
+  - name: inventory-service
+    count: 2
+  - name: recipes-service
+    count: 2
+  - name: suppliers-service
+    count: 2
+  - name: pos-service
+    count: 2
+  - name: orders-service
+    count: 3
+  - name: production-service
+    count: 2
+  - name: alert-processor-service
+    count: 3
+  - name: gateway
+    count: 3
+  - name: frontend
+    count: 2

infrastructure/kubernetes/overlays/prod/prod-ingress.yaml

@@ -0,0 +1,93 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: bakery-ingress-prod
+  labels:
+    app.kubernetes.io/name: bakery-ia
+    app.kubernetes.io/component: ingress
+  annotations:
+    # Nginx ingress controller annotations
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/proxy-body-size: "10m"
+    nginx.ingress.kubernetes.io/proxy-connect-timeout: "600"
+    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
+    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
+
+    # CORS configuration for production
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+    nginx.ingress.kubernetes.io/cors-allow-origin: "https://bakery.yourdomain.com,https://api.yourdomain.com"
+    nginx.ingress.kubernetes.io/cors-allow-methods: "GET, POST, PUT, DELETE, OPTIONS, PATCH"
+    nginx.ingress.kubernetes.io/cors-allow-headers: "Content-Type, Authorization, X-Requested-With, Accept, Origin"
+    nginx.ingress.kubernetes.io/cors-allow-credentials: "true"
+
+    # Security headers
+    nginx.ingress.kubernetes.io/configuration-snippet: |
+      more_set_headers "X-Frame-Options: DENY";
+      more_set_headers "X-Content-Type-Options: nosniff";
+      more_set_headers "X-XSS-Protection: 1; mode=block";
+      more_set_headers "Referrer-Policy: strict-origin-when-cross-origin";
+
+    # Rate limiting
+    nginx.ingress.kubernetes.io/limit-rps: "100"
+    nginx.ingress.kubernetes.io/limit-connections: "50"
+
+    # Cert-manager annotations for automatic certificate issuance
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+    cert-manager.io/acme-challenge-type: http01
+
+spec:
+  ingressClassName: nginx
+  tls:
+  - hosts:
+    - bakery.yourdomain.com
+    - api.yourdomain.com
+    - monitoring.yourdomain.com
+    secretName: bakery-ia-prod-tls-cert
+  rules:
+  - host: bakery.yourdomain.com
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: frontend-service
+            port:
+              number: 3000
+      - path: /api
+        pathType: Prefix
+        backend:
+          service:
+            name: gateway-service
+            port:
+              number: 8000
+
+  - host: api.yourdomain.com
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: gateway-service
+            port:
+              number: 8000
+
+  - host: monitoring.yourdomain.com
+    http:
+      paths:
+      - path: /grafana
+        pathType: Prefix
+        backend:
+          service:
+            name: grafana-service
+            port:
+              number: 3000
+      - path: /prometheus
+        pathType: Prefix
+        backend:
+          service:
+            name: prometheus-service
+            port:
+              number: 9090