# DevOps - GoHorseJobs Infraestrutura, CI/CD e deploy do projeto GoHorseJobs. > **Last Updated:** 2024-12-26 --- ## πŸ“ Estrutura ``` . β”œβ”€β”€ .drone.yml # Pipeline CI/CD (Drone) β”œβ”€β”€ k8s/ β”‚ β”œβ”€β”€ dev/ # Kubernetes - Desenvolvimento β”‚ β”œβ”€β”€ hml/ # Kubernetes - Homologação β”‚ └── prd/ # Kubernetes - Produção β”‚ β”œβ”€β”€ backend/ β”‚ β”œβ”€β”€ Dockerfile # Go API (multi-stage, ~73MB) β”‚ └── .env.example β”‚ β”œβ”€β”€ backoffice/ β”‚ β”œβ”€β”€ Dockerfile # NestJS (Fastify) β”‚ └── .env.example β”‚ β”œβ”€β”€ frontend/ β”‚ β”œβ”€β”€ Dockerfile # Next.js β”‚ └── .env.example β”‚ β”œβ”€β”€ seeder-api/ # Node.js seeder └── docs/ # Documentation ``` --- ## 🌍 Ambientes | Ambiente | Branch | Namespace | RΓ©plicas | URL | |----------|--------|-----------|----------|-----| | **DEV** | `dev` | `gohorsejobsdev` | 1 | gohorsejobs-dev.appwrite.network | | **HML** | `hml` | `gohorsejobshml` | 2 | - | | **PRD** | `main` | `gohorsejobs` | 3 | gohorsejobs.com | --- ## πŸ”„ Pipeline CI/CD (Drone) ### Fluxo ``` dev branch β†’ build β†’ push (Harbor) β†’ deploy (K8s dev) ↓ hml branch β†’ build β†’ push (Harbor) β†’ deploy (K8s hml) ↓ main branch β†’ build β†’ push (Harbor) β†’ deploy (K8s prd) ``` ### Stages 1. **build-and-push** - Docker build + push to Harbor 2. **export-envs-to-k8s** - Create/update secrets 3. **deploy** - Apply manifests + rollout restart --- ## πŸ” Secrets (Drone CI) ### Registry | Secret | Description | |--------|-------------| | `HARBOR_USERNAME` | Harbor username | | `HARBOR_PASSWORD` | Harbor password | ### Database | Secret | Description | |--------|-------------| | `DATABASE_URL` | PostgreSQL connection string | | `DB_SSLMODE` | `require` or `disable` | ### Application | Secret | Description | |--------|-------------| | `JWT_SECRET` | JWT secret (min 32 chars) | | `PASSWORD_PEPPER` | Password pepper | | `CORS_ORIGINS` | Allowed origins | ### External Services | Secret | Description | |--------|-------------| | `RSA_PRIVATE_KEY_BASE64` | RSA key for credentials | | `STRIPE_SECRET_KEY` | Stripe API key | | `STRIPE_WEBHOOK_SECRET` | Stripe webhook secret | | `FIREBASE_SERVICE_ACCOUNT` | Firebase Admin SDK JSON | ### Storage (S3/R2) | Secret | Description | |--------|-------------| | `AWS_ACCESS_KEY_ID` | Access Key | | `AWS_SECRET_ACCESS_KEY` | Secret Key | | `AWS_ENDPOINT` | S3-compatible endpoint | | `S3_BUCKET` | Bucket name | ### LavinMQ | Secret | Description | |--------|-------------| | `AMQP_URL` | LavinMQ connection URL | --- ## ☸️ Kubernetes ### Create Namespaces ```bash kubectl create namespace gohorsejobsdev kubectl create namespace gohorsejobshml kubectl create namespace gohorsejobs ``` ### Registry Secret ```bash kubectl create secret docker-registry harbor-registry \ --docker-server=in.gohorsejobs.com \ --docker-username= \ --docker-password= \ -n gohorsejobsdev ``` ### Deploy Manual ```bash # DEV kubectl apply -f k8s/dev/ -n gohorsejobsdev # Check pods kubectl get pods -n gohorsejobsdev # Check logs kubectl logs -f deployment/gohorse-backend -n gohorsejobsdev # Rollout restart kubectl rollout restart deployment/gohorse-backend -n gohorsejobsdev ``` --- ## 🐳 Docker ### Build Local ```bash # Backend cd backend && docker build -t gohorse-backend . # Backoffice cd backoffice && docker build -t gohorse-backoffice . # Frontend cd frontend && docker build -t gohorse-frontend . ``` ### Docker Compose (Dev) ```yaml version: '3.8' services: backend: build: ./backend ports: - "8521:8521" env_file: - ./backend/.env backoffice: build: ./backoffice ports: - "3001:3001" env_file: - ./backoffice/.env frontend: build: ./frontend ports: - "3000:3000" env_file: - ./frontend/.env ``` --- ## πŸ—„οΈ Database ### Connection ```bash # PostgreSQL hosted Host: db-60059.dc-sp-1.absamcloud.com Port: 26868 SSL: require ``` ### Databases | Environment | Database | |-------------|----------| | DEV | `gohorsejobs_dev` | | HML | `gohorsejobs_hml` | | PRD | `gohorsejobs` | ### Migrations ```bash cd backend go run ./cmd/manual_migrate ``` ### Seeder ```bash cd seeder-api npm install npm run seed ``` --- ## πŸ‘€ Test Users ### SuperAdmin - **Login:** `superadmin` - **Password:** `Admin@2025!` ### Company Admin | Login | Password | |-------|----------| | `takeshi_yamamoto` | `Takeshi@2025` | ### Candidate | Login | Password | |-------|----------| | `paulo_santos` | `User@2025` | --- ## πŸ“‹ Deploy Checklist - [ ] Create K8s namespace - [ ] Create `harbor-registry` secret - [ ] Add Drone CI secrets - [ ] Create database - [ ] Run migrations - [ ] Run seeder (optional) - [ ] Push to branch - [ ] Verify pipeline logs - [ ] Test `/health` endpoint - [ ] Test `/docs` endpoint