rede5/gohorsejobs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
gohorsejobs/DEVOPS.md
Tiago Yamamoto 55e678c8f2 chore: cleanup files and update documentation
2025-12-15 16:13:10 -03:00

252 lines
6.1 KiB
Markdown
Raw Blame History

# DevOps - GoHorseJobs
Documentação de infraestrutura, CI/CD e deploy do projeto GoHorseJobs.
---
## 📁 Estrutura
```
.
├── .drone.yml # Pipeline CI/CD (Drone)
├── k8s/
│ ├── dev/ # Manifests Kubernetes - Desenvolvimento
│ │ ├── backend-deployment.yaml
│ │ └── backend-service.yaml
│ ├── hml/ # Manifests Kubernetes - Homologação
│ │ ├── backend-deployment.yaml
│ │ └── backend-service.yaml
│ └── prd/ # Manifests Kubernetes - Produção
│ ├── backend-deployment.yaml
│ └── backend-service.yaml
├── backend/
│ ├── Dockerfile # Build da API Go
│ └── .env.example # Variáveis de ambiente
├── frontend/ # Next.js App
└── seeder-api/ # Seeder Node.js para popular DB
```
---
## 🌍 Ambientes
| Ambiente | Branch | Namespace K8s | Registry Harbor | Réplicas |
|----------|--------|---------------|-----------------|----------|
| **DEV** | `dev` | `gohorsejobsdev` | `gohorsejobsdev/gohorsejobs-backend` | 1 |
| **HML** | `hml` | `gohorsejobshml` | `gohorsejobshml/gohorsejobs-backend` | 2 |
| **PRD** | `main` | `gohorsejobs` | `gohorsejobs/gohorsejobs-backend` | 3 |
---
## 🔄 Pipeline CI/CD (Drone)
### Fluxo de Deploy
```
dev branch → build → push (Harbor) → deploy (K8s gohorsejobsdev)
hml branch → build → push (Harbor) → deploy (K8s gohorsejobshml)
main branch → build → push (Harbor) → deploy (K8s gohorsejobs)
```
### Triggers
- Push na branch `dev` → executa pipeline `deploy-backend-dev`
- Push na branch `hml` → executa pipeline `deploy-backend-hml`
- Push na branch `main` → executa pipeline `deploy-backend-prd`
### Etapas do Pipeline
1. **build-and-push-backend** - Builda imagem Docker e envia para Harbor
2. **export-envs-to-k8s** - Cria secret `backend-secrets` no namespace
3. **deploy-backend** - Aplica manifests K8s e reinicia deployment
---
## 🔐 Secrets (Drone CI)
Secrets que precisam estar configurados no Drone:
### Registry
| Secret | Descrição |
|--------|-----------|
| `HARBOR_USERNAME` | Usuário do Harbor |
| `HARBOR_PASSWORD` | Senha do Harbor |
### Database
| Secret | Ambiente | Descrição |
|--------|----------|-----------|
| `DB_HOST` | Todos | Host do PostgreSQL |
| `DB_PORT` | Todos | Porta do PostgreSQL |
| `DB_USER` | Todos | Usuário do PostgreSQL |
| `DB_PASSWORD` | Todos | Senha do PostgreSQL |
| `DB_SSLMODE` | Todos | `require` ou `disable` |
| `DB_NAME_DEV` | DEV | Nome do banco dev |
| `DB_NAME_HML` | HML | Nome do banco hml |
| `DB_NAME` | PRD | Nome do banco produção |
### S3/Object Storage
| Secret | Descrição |
|--------|-----------|
| `AWS_ACCESS_KEY_ID` | Access Key |
| `AWS_SECRET_ACCESS_KEY` | Secret Key |
| `AWS_ENDPOINT` | Endpoint S3-compatible |
| `AWS_REGION` | Região |
| `S3_BUCKET` | Nome do bucket |
### Aplicação
| Secret | Descrição |
|--------|-----------|
| `JWT_SECRET` | Secret para tokens JWT (min. 32 chars) |
| `PORT` | Porta da API (8521) |
| `CORS_ORIGINS_DEV` | URLs permitidas CORS (dev) |
| `CORS_ORIGINS_HML` | URLs permitidas CORS (hml) |
| `CORS_ORIGINS` | URLs permitidas CORS (prd) |
---
## ☸️ Kubernetes
### Namespaces
```bash
# Criar namespaces
kubectl create namespace gohorsejobsdev
kubectl create namespace gohorsejobshml
kubectl create namespace gohorsejobs
```
### Registry Secret
Criar secret para pull de imagens do Harbor em cada namespace:
```bash
kubectl create secret docker-registry harbor-registry \
--docker-server=in.gohorsejobs.com \
--docker-username=<user> \
--docker-password=<pass> \
-n gohorsejobsdev
# Repetir para gohorsejobshml e gohorsejobs
```
### Deploy Manual
```bash
# DEV
kubectl apply -f k8s/dev/backend-deployment.yaml
kubectl apply -f k8s/dev/backend-service.yaml
# HML
kubectl apply -f k8s/hml/backend-deployment.yaml
kubectl apply -f k8s/hml/backend-service.yaml
# PRD
kubectl apply -f k8s/prd/backend-deployment.yaml
kubectl apply -f k8s/prd/backend-service.yaml
```
### Comandos Úteis
```bash
# Ver pods
kubectl get pods -n gohorsejobsdev
# Ver logs
kubectl logs -f deployment/gohorse-backend -n gohorsejobsdev
# Restart deployment
kubectl rollout restart deployment/gohorse-backend -n gohorsejobsdev
# Ver secrets
kubectl get secrets -n gohorsejobsdev
# Descrever deployment
kubectl describe deployment gohorse-backend -n gohorsejobsdev
```
---
## 🐳 Docker
### Build Local
```bash
cd backend
docker build -t gohorsejobs-backend:local .
```
### Variáveis de Ambiente
Ver `.env.example` para lista completa. Principais:
| Variável | Descrição | Exemplo |
|----------|-----------|---------|
| `PORT` | Porta da API | `8521` |
| `DB_HOST` | Host PostgreSQL | `db.example.com` |
| `DB_NAME` | Nome do banco | `gohorsejobs_dev` |
| `DB_SSLMODE` | Modo SSL | `require` |
| `JWT_SECRET` | Secret JWT | `sua-chave-secreta-32-chars` |
---
## 🗄️ Banco de Dados
### Conexão
```
Host: db-60059.dc-sp-1.absamcloud.com
Port: 26868
SSL: require
```
### Bancos por Ambiente
| Ambiente | Database |
|----------|----------|
| DEV | `gohorsejobs_dev` |
| HML | `gohorsejobs_hml` |
| PRD | `gohorsejobs` |
### Seeder
```bash
cd seeder-api
npm install
npm run seed # Popular banco
npm run seed:reset # Limpar banco
```
---
## 🧑‍💻 Usuários de Teste
### SuperAdmin
- **Login:** `superadmin`
- **Senha:** `Admin@2025!`
### Company Admins
| Login | Senha | Empresa |
|-------|-------|---------|
| `takeshi_yamamoto` | `Takeshi@2025` | TechCorp |
| `maria_santos` | `User@2025` | DesignHub |
### Candidatos
| Login | Senha |
|-------|-------|
| `paulo_santos` | `User@2025` |
| `maria@email.com` | `User@2025` |
---
## 📋 Checklist Deploy Novo Ambiente
- [ ] Criar namespace no K8s
- [ ] Criar secret `harbor-registry` no namespace
- [ ] Adicionar secrets no Drone CI
- [ ] Criar banco de dados
- [ ] Executar seeder (opcional)
- [ ] Fazer push na branch correspondente
- [ ] Verificar logs do pipeline
- [ ] Testar endpoint `/health`
Reference in a new issue View git blame Copy permalink