bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add new infra architecture 6

Browse Source
This commit is contained in:
Urtzi Alfaro
2026-01-19 16:31:11 +01:00
parent b78399da2c
commit 7d6845574c
58 changed files with 2360 additions and 492 deletions
Download Patch File Download Diff File Expand all files Collapse all files

265
skaffold.yaml
View File

@@ -3,6 +3,23 @@ kind: Config
metadata:
name: bakery-ia
# =============================================================================
# BUILD CONFIGURATION
# =============================================================================
# Environment-configurable base images via Docker ARG:
# - BASE_REGISTRY: Registry URL for base images
# - PYTHON_IMAGE: Python image name and tag
#
# Dev (default): BASE_REGISTRY=localhost:5000, PYTHON_IMAGE=python_3.11-slim
# Prod: BASE_REGISTRY=docker.io, PYTHON_IMAGE=python:3.11-slim
#
# Usage:
# skaffold dev # Uses dev settings (local registry)
# skaffold dev -p debug # Dev with port forwarding
# skaffold run -p prod # Production build with Docker Hub
# BASE_REGISTRY=ghcr.io/myorg skaffold run -p prod # Production with custom registry
# =============================================================================
build:
local:
push: false
@@ -15,88 +32,136 @@ build:
context: .
docker:
dockerfile: gateway/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
# Frontend
# Frontend (no Python base image needed)
- image: bakery/dashboard
context: ./frontend
docker:
dockerfile: Dockerfile.kubernetes
# Microservices
# Microservices - all use configurable Python base image
- image: bakery/auth-service
context: .
docker:
dockerfile: services/auth/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/tenant-service
context: .
docker:
dockerfile: services/tenant/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/training-service
context: .
docker:
dockerfile: services/training/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/forecasting-service
context: .
docker:
dockerfile: services/forecasting/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/sales-service
context: .
docker:
dockerfile: services/sales/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/external-service
context: .
docker:
dockerfile: services/external/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/notification-service
context: .
docker:
dockerfile: services/notification/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/inventory-service
context: .
docker:
dockerfile: services/inventory/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/recipes-service
context: .
docker:
dockerfile: services/recipes/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/suppliers-service
context: .
docker:
dockerfile: services/suppliers/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/pos-service
context: .
docker:
dockerfile: services/pos/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/orders-service
context: .
docker:
dockerfile: services/orders/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/production-service
context: .
docker:
dockerfile: services/production/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/alert-processor
context: .
docker:
dockerfile: services/alert_processor/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
- image: bakery/demo-session-service
context: .
docker:
dockerfile: services/demo_session/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3.11-slim
deploy:
kustomize:
@@ -110,7 +175,7 @@ deploy:
- host:
command: ["sh", "-c", "echo '======================================'"]
- host:
command: ["sh", "-c", "echo '🔐 Bakery IA Secure Deployment'"]
command: ["sh", "-c", "echo 'Bakery IA Secure Deployment'"]
- host:
command: ["sh", "-c", "echo '======================================'"]
- host:
@@ -130,19 +195,19 @@ deploy:
- host:
command: ["sh", "-c", "echo ''"]
- host:
command: ["kubectl", "apply", "-f", "infrastructure/environments/dev/k8s-manifests/base/secrets.yaml"]
command: ["kubectl", "apply", "-f", "infrastructure/environments/common/configs/secrets.yaml"]
- host:
command: ["kubectl", "apply", "-f", "infrastructure/environments/dev/k8s-manifests/base/secrets/postgres-tls-secret.yaml"]
command: ["kubectl", "apply", "-f", "infrastructure/platform/storage/postgres/secrets/postgres-tls-secret.yaml"]
- host:
command: ["kubectl", "apply", "-f", "infrastructure/environments/dev/k8s-manifests/base/secrets/redis-tls-secret.yaml"]
command: ["kubectl", "apply", "-f", "infrastructure/platform/storage/redis/secrets/redis-tls-secret.yaml"]
- host:
command: ["kubectl", "apply", "-f", "infrastructure/environments/dev/k8s-manifests/base/configs/postgres-init-config.yaml"]
command: ["kubectl", "apply", "-f", "infrastructure/platform/storage/postgres/configs/postgres-init-config.yaml"]
- host:
command: ["kubectl", "apply", "-f", "infrastructure/environments/dev/k8s-manifests/base/configmaps/postgres-logging-config.yaml"]
command: ["kubectl", "apply", "-f", "infrastructure/platform/storage/postgres/configs/postgres-logging-config.yaml"]
- host:
command: ["sh", "-c", "echo ''"]
- host:
command: ["sh", "-c", "echo 'Security configurations applied'"]
command: ["sh", "-c", "echo 'Security configurations applied'"]
- host:
command: ["sh", "-c", "echo ''"]
after:
@@ -151,7 +216,7 @@ deploy:
- host:
command: ["sh", "-c", "echo '======================================'"]
- host:
command: ["sh", "-c", "echo 'Deployment Complete!'"]
command: ["sh", "-c", "echo 'Deployment Complete!'"]
- host:
command: ["sh", "-c", "echo '======================================'"]
- host:
@@ -159,15 +224,15 @@ deploy:
- host:
command: ["sh", "-c", "echo 'Security Features Enabled:'"]
- host:
command: ["sh", "-c", "echo ' TLS encryption for all database connections'"]
command: ["sh", "-c", "echo ' - TLS encryption for all database connections'"]
- host:
command: ["sh", "-c", "echo ' Strong 32-character passwords'"]
command: ["sh", "-c", "echo ' - Strong 32-character passwords'"]
- host:
command: ["sh", "-c", "echo ' Persistent storage (PVCs) - no data loss'"]
command: ["sh", "-c", "echo ' - Persistent storage (PVCs) - no data loss'"]
- host:
command: ["sh", "-c", "echo ' pgcrypto extension for column encryption'"]
command: ["sh", "-c", "echo ' - pgcrypto extension for column encryption'"]
- host:
command: ["sh", "-c", "echo ' PostgreSQL audit logging enabled'"]
command: ["sh", "-c", "echo ' - PostgreSQL audit logging enabled'"]
- host:
command: ["sh", "-c", "echo ''"]
- host:
@@ -179,20 +244,13 @@ deploy:
- host:
command: ["sh", "-c", "echo ''"]
# Default deployment uses dev overlay with full security features
# Access via ingress: http://localhost (or https://localhost)
#
# Available profiles:
# - dev: Local development with full security (default)
# - debug: Local development with port forwarding for debugging
# - prod: Production deployment with production settings
#
# Usage:
# skaffold dev # Uses secure dev overlay
# skaffold dev -p debug # Use debug profile with port forwarding
# skaffold run -p prod # Use prod profile for production
# =============================================================================
# PROFILES
# =============================================================================
profiles:
# ---------------------------------------------------------------------------
# DEV PROFILE - Local development with local registry
# ---------------------------------------------------------------------------
- name: dev
activation:
- command: dev
@@ -207,6 +265,9 @@ profiles:
paths:
- infrastructure/environments/dev/k8s-manifests
# ---------------------------------------------------------------------------
# DEBUG PROFILE - Dev with port forwarding for debugging
# ---------------------------------------------------------------------------
- name: debug
activation:
- command: debug
@@ -237,14 +298,158 @@ profiles:
port: 8000
localPort: 8001
# ---------------------------------------------------------------------------
# PROD PROFILE - Production deployment with Docker Hub base images
# ---------------------------------------------------------------------------
# Usage:
# skaffold run -p prod # Default Docker Hub
# BASE_REGISTRY=ghcr.io/myorg skaffold run -p prod # Custom registry
# ---------------------------------------------------------------------------
- name: prod
build:
local:
push: false
push: true
tagPolicy:
gitCommit:
variant: AbbrevCommitSha
artifacts:
# Gateway - Production base images
- image: bakery/gateway
context: .
docker:
dockerfile: gateway/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
# Frontend
- image: bakery/dashboard
context: ./frontend
docker:
dockerfile: Dockerfile.kubernetes
# Microservices - Production base images (docker.io/python:3.11-slim)
- image: bakery/auth-service
context: .
docker:
dockerfile: services/auth/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/tenant-service
context: .
docker:
dockerfile: services/tenant/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/training-service
context: .
docker:
dockerfile: services/training/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/forecasting-service
context: .
docker:
dockerfile: services/forecasting/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/sales-service
context: .
docker:
dockerfile: services/sales/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/external-service
context: .
docker:
dockerfile: services/external/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/notification-service
context: .
docker:
dockerfile: services/notification/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/inventory-service
context: .
docker:
dockerfile: services/inventory/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/recipes-service
context: .
docker:
dockerfile: services/recipes/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/suppliers-service
context: .
docker:
dockerfile: services/suppliers/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/pos-service
context: .
docker:
dockerfile: services/pos/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/orders-service
context: .
docker:
dockerfile: services/orders/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/production-service
context: .
docker:
dockerfile: services/production/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/alert-processor
context: .
docker:
dockerfile: services/alert_processor/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/demo-session-service
context: .
docker:
dockerfile: services/demo_session/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
deploy:
kustomize:
paths:
- infrastructure/environments/prod/k8s-manifests
- infrastructure/environments/prod/k8s-manifests