Bakery-IA Infrastructure
This directory contains all infrastructure-as-code for the Bakery-IA project, organized according to best practices for maintainability and scalability.
Directory Structure
infrastructure/
├── environments/ # Environment-specific configurations
│ ├── dev/ # Development environment
│ │ ├── k8s-manifests/ # Kubernetes manifests for dev
│ │ └── values/ # Environment-specific values
│ ├── staging/ # Staging environment
│ │ ├── k8s-manifests/
│ │ └── values/
│ └── prod/ # Production environment
│ ├── k8s-manifests/
│ ├── terraform/ # Production-specific IaC
│ └── values/
├── platform/ # Platform-level infrastructure
│ ├── cluster/ # Cluster configuration (EKS, Kind)
│ ├── networking/ # Network configuration
│ ├── security/ # Security policies and TLS
│ └── storage/ # Storage configuration
├── services/ # Application services
│ ├── databases/ # Database configurations
│ ├── api-gateway/ # API gateway configuration
│ └── microservices/ # Individual microservice configs
├── monitoring/ # Observability stack
│ └── signoz/ # SigNoz configuration
├── cicd/ # CI/CD pipeline components
├── security/ # Security configurations
├── scripts/ # Automation scripts
└── docs/ # Infrastructure documentation
Environments
Each environment (dev, staging, prod) has its own configuration with appropriate isolation and security settings.
Services
Services are organized by business domain with clear separation between databases, microservices, and infrastructure components.
Getting Started
- Local Development: Use
tilt upto start the development environment - Deployment: Use
skaffold runto deploy to your target environment - CI/CD: Tekton pipelines manage automated deployments
Security
Security configurations are centralized in the security/ directory with:
- TLS certificates and rotation scripts
- Network policies
- RBAC configurations
- Compliance checks