# DevOps - GoHorseJobs Documentação de infraestrutura, CI/CD e deploy do projeto GoHorseJobs. --- ## 📁 Estrutura ``` . ├── .drone.yml # Pipeline CI/CD (Drone) ├── k8s/ │ ├── dev/ # Manifests Kubernetes - Desenvolvimento │ │ ├── backend-deployment.yaml │ │ └── backend-service.yaml │ ├── hml/ # Manifests Kubernetes - Homologação │ │ ├── backend-deployment.yaml │ │ └── backend-service.yaml │ └── prd/ # Manifests Kubernetes - Produção │ ├── backend-deployment.yaml │ └── backend-service.yaml ├── backend/ │ ├── Dockerfile # Build da API Go │ └── .env.example # Variáveis de ambiente ├── frontend/ # Next.js App └── seeder-api/ # Seeder Node.js para popular DB ``` --- ## 🌍 Ambientes | Ambiente | Branch | Namespace K8s | Registry Harbor | Réplicas | |----------|--------|---------------|-----------------|----------| | **DEV** | `dev` | `gohorsejobsdev` | `gohorsejobsdev/gohorsejobs-backend` | 1 | | **HML** | `hml` | `gohorsejobshml` | `gohorsejobshml/gohorsejobs-backend` | 2 | | **PRD** | `main` | `gohorsejobs` | `gohorsejobs/gohorsejobs-backend` | 3 | --- ## 🔄 Pipeline CI/CD (Drone) ### Fluxo de Deploy ``` dev branch → build → push (Harbor) → deploy (K8s gohorsejobsdev) ↓ hml branch → build → push (Harbor) → deploy (K8s gohorsejobshml) ↓ main branch → build → push (Harbor) → deploy (K8s gohorsejobs) ``` ### Triggers - Push na branch `dev` → executa pipeline `deploy-backend-dev` - Push na branch `hml` → executa pipeline `deploy-backend-hml` - Push na branch `main` → executa pipeline `deploy-backend-prd` ### Etapas do Pipeline 1. **build-and-push-backend** - Builda imagem Docker e envia para Harbor 2. **export-envs-to-k8s** - Cria secret `backend-secrets` no namespace 3. **deploy-backend** - Aplica manifests K8s e reinicia deployment --- ## 🔐 Secrets (Drone CI) Secrets que precisam estar configurados no Drone: ### Registry | Secret | Descrição | |--------|-----------| | `HARBOR_USERNAME` | Usuário do Harbor | | `HARBOR_PASSWORD` | Senha do Harbor | ### Database | Secret | Ambiente | Descrição | |--------|----------|-----------| | `DB_HOST` | Todos | Host do PostgreSQL | | `DB_PORT` | Todos | Porta do PostgreSQL | | `DB_USER` | Todos | Usuário do PostgreSQL | | `DB_PASSWORD` | Todos | Senha do PostgreSQL | | `DB_SSLMODE` | Todos | `require` ou `disable` | | `DB_NAME_DEV` | DEV | Nome do banco dev | | `DB_NAME_HML` | HML | Nome do banco hml | | `DB_NAME` | PRD | Nome do banco produção | ### S3/Object Storage | Secret | Descrição | |--------|-----------| | `AWS_ACCESS_KEY_ID` | Access Key | | `AWS_SECRET_ACCESS_KEY` | Secret Key | | `AWS_ENDPOINT` | Endpoint S3-compatible | | `AWS_REGION` | Região | | `S3_BUCKET` | Nome do bucket | ### Aplicação | Secret | Descrição | |--------|-----------| | `JWT_SECRET` | Secret para tokens JWT (min. 32 chars) | | `PORT` | Porta da API (8521) | | `CORS_ORIGINS_DEV` | URLs permitidas CORS (dev) | | `CORS_ORIGINS_HML` | URLs permitidas CORS (hml) | | `CORS_ORIGINS` | URLs permitidas CORS (prd) | --- ## ☸️ Kubernetes ### Namespaces ```bash # Criar namespaces kubectl create namespace gohorsejobsdev kubectl create namespace gohorsejobshml kubectl create namespace gohorsejobs ``` ### Registry Secret Criar secret para pull de imagens do Harbor em cada namespace: ```bash kubectl create secret docker-registry harbor-registry \ --docker-server=in.gohorsejobs.com \ --docker-username= \ --docker-password= \ -n gohorsejobsdev # Repetir para gohorsejobshml e gohorsejobs ``` ### Deploy Manual ```bash # DEV kubectl apply -f k8s/dev/backend-deployment.yaml kubectl apply -f k8s/dev/backend-service.yaml # HML kubectl apply -f k8s/hml/backend-deployment.yaml kubectl apply -f k8s/hml/backend-service.yaml # PRD kubectl apply -f k8s/prd/backend-deployment.yaml kubectl apply -f k8s/prd/backend-service.yaml ``` ### Comandos Úteis ```bash # Ver pods kubectl get pods -n gohorsejobsdev # Ver logs kubectl logs -f deployment/gohorse-backend -n gohorsejobsdev # Restart deployment kubectl rollout restart deployment/gohorse-backend -n gohorsejobsdev # Ver secrets kubectl get secrets -n gohorsejobsdev # Descrever deployment kubectl describe deployment gohorse-backend -n gohorsejobsdev ``` --- ## 🐳 Docker ### Build Local ```bash cd backend docker build -t gohorsejobs-backend:local . ``` ### Variáveis de Ambiente Ver `.env.example` para lista completa. Principais: | Variável | Descrição | Exemplo | |----------|-----------|---------| | `PORT` | Porta da API | `8521` | | `DB_HOST` | Host PostgreSQL | `db.example.com` | | `DB_NAME` | Nome do banco | `gohorsejobs_dev` | | `DB_SSLMODE` | Modo SSL | `require` | | `JWT_SECRET` | Secret JWT | `sua-chave-secreta-32-chars` | --- ## 🗄️ Banco de Dados ### Conexão ``` Host: db-60059.dc-sp-1.absamcloud.com Port: 26868 SSL: require ``` ### Bancos por Ambiente | Ambiente | Database | |----------|----------| | DEV | `gohorsejobs_dev` | | HML | `gohorsejobs_hml` | | PRD | `gohorsejobs` | ### Seeder ```bash cd seeder-api npm install npm run seed # Popular banco npm run seed:reset # Limpar banco ``` --- ## 🧑‍💻 Usuários de Teste ### SuperAdmin - **Login:** `superadmin` - **Senha:** `Admin@2025!` ### Company Admins | Login | Senha | Empresa | |-------|-------|---------| | `takeshi_yamamoto` | `Takeshi@2025` | TechCorp | | `maria_santos` | `User@2025` | DesignHub | ### Candidatos | Login | Senha | |-------|-------| | `paulo_santos` | `User@2025` | | `maria@email.com` | `User@2025` | --- ## 📋 Checklist Deploy Novo Ambiente - [ ] Criar namespace no K8s - [ ] Criar secret `harbor-registry` no namespace - [ ] Adicionar secrets no Drone CI - [ ] Criar banco de dados - [ ] Executar seeder (opcional) - [ ] Fazer push na branch correspondente - [ ] Verificar logs do pipeline - [ ] Testar endpoint `/health`