bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
bakery-ia/skaffold.yaml
Urtzi Alfaro aeff6b1537 Add new infra architecture 13
2026-01-21 23:16:19 +01:00

622 lines
20 KiB
YAML
Raw Permalink Blame History

apiVersion: skaffold/v2beta28
kind: Config
metadata:
name: bakery-ia
# =============================================================================
# BUILD CONFIGURATION
# =============================================================================
# Environment-configurable base images via Docker ARG:
# - BASE_REGISTRY: Registry URL for base images
# - PYTHON_IMAGE: Python image name and tag
#
# Dev (default): BASE_REGISTRY=localhost:5000, PYTHON_IMAGE=python_3_11_slim
# Prod: BASE_REGISTRY=registry.bakewise.ai/bakery-admin, PYTHON_IMAGE=python:3.11-slim
#
# Usage:
# skaffold dev # Uses dev settings (local registry)
# skaffold dev -p debug # Dev with port forwarding
# skaffold run -p prod # Production build with Docker Hub
# skaffold run -p gitea # Gitea registry mode (internal cluster)
# BASE_REGISTRY=ghcr.io/myorg skaffold run -p prod # Production with custom registry
# =============================================================================
build:
local:
push: false
tagPolicy:
envTemplate:
template: "dev"
artifacts:
# Gateway
- image: bakery/gateway
context: .
docker:
dockerfile: gateway/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
# Frontend (no Python base image needed)
- image: bakery/dashboard
context: ./frontend
docker:
dockerfile: Dockerfile.kubernetes
# Microservices - all use configurable Python base image
- image: bakery/auth-service
context: .
docker:
dockerfile: services/auth/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/tenant-service
context: .
docker:
dockerfile: services/tenant/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/training-service
context: .
docker:
dockerfile: services/training/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/forecasting-service
context: .
docker:
dockerfile: services/forecasting/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/sales-service
context: .
docker:
dockerfile: services/sales/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/external-service
context: .
docker:
dockerfile: services/external/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/notification-service
context: .
docker:
dockerfile: services/notification/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/inventory-service
context: .
docker:
dockerfile: services/inventory/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/recipes-service
context: .
docker:
dockerfile: services/recipes/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/suppliers-service
context: .
docker:
dockerfile: services/suppliers/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/pos-service
context: .
docker:
dockerfile: services/pos/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/orders-service
context: .
docker:
dockerfile: services/orders/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/production-service
context: .
docker:
dockerfile: services/production/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/alert-processor
context: .
docker:
dockerfile: services/alert_processor/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
- image: bakery/demo-session-service
context: .
docker:
dockerfile: services/demo_session/Dockerfile
buildArgs:
BASE_REGISTRY: localhost:5000
PYTHON_IMAGE: python_3_11_slim
deploy:
kustomize:
paths:
- infrastructure/environments/dev/k8s-manifests
statusCheck: true
statusCheckDeadlineSeconds: 600
kubectl:
hooks:
before:
- host:
command: ["sh", "-c", "echo '======================================'"]
- host:
command: ["sh", "-c", "echo 'Bakery IA Secure Deployment'"]
- host:
command: ["sh", "-c", "echo '======================================'"]
- host:
command: ["sh", "-c", "echo ''"]
- host:
command: ["sh", "-c", "echo 'Applying security configurations...'"]
- host:
command: ["sh", "-c", "echo ' - TLS certificates for PostgreSQL and Redis'"]
- host:
command: ["sh", "-c", "echo ' - Strong passwords (32-character)'"]
- host:
command: ["sh", "-c", "echo ' - PersistentVolumeClaims for data persistence'"]
- host:
command: ["sh", "-c", "echo ' - pgcrypto extension for encryption at rest'"]
- host:
command: ["sh", "-c", "echo ' - PostgreSQL audit logging'"]
- host:
command: ["sh", "-c", "echo ''"]
- host:
command: ["kubectl", "apply", "-f", "infrastructure/environments/common/configs/secrets.yaml"]
- host:
command: ["kubectl", "apply", "-f", "infrastructure/platform/storage/postgres/secrets/postgres-tls-secret.yaml"]
- host:
command: ["kubectl", "apply", "-f", "infrastructure/platform/storage/redis/secrets/redis-tls-secret.yaml"]
- host:
command: ["kubectl", "apply", "-f", "infrastructure/platform/storage/postgres/configs/postgres-init-config.yaml"]
- host:
command: ["kubectl", "apply", "-f", "infrastructure/platform/storage/postgres/configs/postgres-logging-config.yaml"]
- host:
command: ["sh", "-c", "echo ''"]
- host:
command: ["sh", "-c", "echo 'Security configurations applied'"]
- host:
command: ["sh", "-c", "echo ''"]
after:
- host:
command: ["sh", "-c", "echo ''"]
- host:
command: ["sh", "-c", "echo '======================================'"]
- host:
command: ["sh", "-c", "echo 'Deployment Complete!'"]
- host:
command: ["sh", "-c", "echo '======================================'"]
- host:
command: ["sh", "-c", "echo ''"]
- host:
command: ["sh", "-c", "echo 'Security Features Enabled:'"]
- host:
command: ["sh", "-c", "echo ' - TLS encryption for all database connections'"]
- host:
command: ["sh", "-c", "echo ' - Strong 32-character passwords'"]
- host:
command: ["sh", "-c", "echo ' - Persistent storage (PVCs) - no data loss'"]
- host:
command: ["sh", "-c", "echo ' - pgcrypto extension for column encryption'"]
- host:
command: ["sh", "-c", "echo ' - PostgreSQL audit logging enabled'"]
- host:
command: ["sh", "-c", "echo ''"]
- host:
command: ["sh", "-c", "echo 'Verify deployment:'"]
- host:
command: ["sh", "-c", "echo ' kubectl get pods -n bakery-ia'"]
- host:
command: ["sh", "-c", "echo ' kubectl get pvc -n bakery-ia'"]
- host:
command: ["sh", "-c", "echo ''"]
# =============================================================================
# PROFILES
# =============================================================================
profiles:
# ---------------------------------------------------------------------------
# DEV PROFILE - Local development with local registry
# ---------------------------------------------------------------------------
- name: dev
activation:
- command: dev
build:
local:
push: false
tagPolicy:
envTemplate:
template: "dev"
deploy:
kustomize:
paths:
- infrastructure/environments/dev/k8s-manifests
# ---------------------------------------------------------------------------
# DEBUG PROFILE - Dev with port forwarding for debugging
# ---------------------------------------------------------------------------
- name: debug
activation:
- command: debug
build:
local:
push: false
tagPolicy:
envTemplate:
template: "dev"
deploy:
kustomize:
paths:
- infrastructure/environments/dev/k8s-manifests
portForward:
- resourceType: service
resourceName: frontend-service
namespace: bakery-ia
port: 3000
localPort: 3000
- resourceType: service
resourceName: gateway-service
namespace: bakery-ia
port: 8000
localPort: 8000
- resourceType: service
resourceName: auth-service
namespace: bakery-ia
port: 8000
localPort: 8001
# ---------------------------------------------------------------------------
# PROD PROFILE - Production deployment with Docker Hub base images
# ---------------------------------------------------------------------------
# Usage:
# skaffold run -p prod # Default Docker Hub
# BASE_REGISTRY=ghcr.io/myorg skaffold run -p prod # Custom registry
# ---------------------------------------------------------------------------
- name: prod
build:
local:
push: true
tagPolicy:
gitCommit:
variant: AbbrevCommitSha
artifacts:
# Gateway - Production base images
- image: bakery/gateway
context: .
docker:
dockerfile: gateway/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python_3_11_slim"
# Frontend
- image: bakery/dashboard
context: ./frontend
docker:
dockerfile: Dockerfile.kubernetes
# Microservices - Production base images (registry.bakewise.ai/bakery-admin/python_3.11-slim)
- image: bakery/auth-service
context: .
docker:
dockerfile: services/auth/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python_3_11_slim"
- image: bakery/tenant-service
context: .
docker:
dockerfile: services/tenant/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python_3_11_slim"
- image: bakery/training-service
context: .
docker:
dockerfile: services/training/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/forecasting-service
context: .
docker:
dockerfile: services/forecasting/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/sales-service
context: .
docker:
dockerfile: services/sales/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/external-service
context: .
docker:
dockerfile: services/external/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/notification-service
context: .
docker:
dockerfile: services/notification/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/inventory-service
context: .
docker:
dockerfile: services/inventory/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/recipes-service
context: .
docker:
dockerfile: services/recipes/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/suppliers-service
context: .
docker:
dockerfile: services/suppliers/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/pos-service
context: .
docker:
dockerfile: services/pos/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/orders-service
context: .
docker:
dockerfile: services/orders/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/production-service
context: .
docker:
dockerfile: services/production/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/alert-processor
context: .
docker:
dockerfile: services/alert_processor/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/demo-session-service
context: .
docker:
dockerfile: services/demo_session/Dockerfile
buildArgs:
BASE_REGISTRY: docker.io
PYTHON_IMAGE: "python:3.11-slim"
deploy:
kustomize:
paths:
- infrastructure/environments/prod/k8s-manifests
# ---------------------------------------------------------------------------
# GITEA PROFILE - Development with Gitea registry for base images
# Uses external HTTPS registry URL (containerd requires HTTPS for auth)
# ---------------------------------------------------------------------------
# Usage:
# skaffold run -p gitea # Gitea registry mode
# skaffold dev -p gitea # Dev with Gitea registry
# ---------------------------------------------------------------------------
- name: gitea
build:
local:
push: true
tagPolicy:
envTemplate:
template: "gitea"
artifacts:
# Gateway - Gitea registry base images
- image: bakery/gateway
context: .
docker:
dockerfile: gateway/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
# Frontend
- image: bakery/dashboard
context: ./frontend
docker:
dockerfile: Dockerfile.kubernetes
# Microservices - Gitea registry base images
- image: bakery/auth-service
context: .
docker:
dockerfile: services/auth/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/tenant-service
context: .
docker:
dockerfile: services/tenant/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/training-service
context: .
docker:
dockerfile: services/training/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/forecasting-service
context: .
docker:
dockerfile: services/forecasting/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/sales-service
context: .
docker:
dockerfile: services/sales/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/external-service
context: .
docker:
dockerfile: services/external/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/notification-service
context: .
docker:
dockerfile: services/notification/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/inventory-service
context: .
docker:
dockerfile: services/inventory/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/recipes-service
context: .
docker:
dockerfile: services/recipes/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/procurement-service
context: .
docker:
dockerfile: services/procurement/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/distribution-service
context: .
docker:
dockerfile: services/distribution/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/production-service
context: .
docker:
dockerfile: services/production/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/pos-service
context: .
docker:
dockerfile: services/pos/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/orders-service
context: .
docker:
dockerfile: services/orders/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/alert-processor
context: .
docker:
dockerfile: services/alert_processor/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
- image: bakery/demo-session-service
context: .
docker:
dockerfile: services/demo_session/Dockerfile
buildArgs:
BASE_REGISTRY: registry.bakewise.ai/bakery-admin
PYTHON_IMAGE: "python:3.11-slim"
deploy:
kustomize:
paths:
- infrastructure/environments/dev/k8s-manifests
Reference in New Issue View Git Blame Copy Permalink