rede5/gohorsejobs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
gohorsejobs/docs/DEVOPS.md
Tiago Yamamoto 32fc42a29c docs: Update all documentation files (API_SECURITY, ROADMAP, TASKS, DEVOPS, DATABASE, API) 
- Updated dates to 2024-12-26
- Added new features: Email System, Avatar Upload, Public Job Posting
- Updated security routes and access levels
- Updated infrastructure and secrets documentation
- Marked completed tasks in ROADMAP and TASKS
2025-12-26 12:45:03 -03:00

258 lines
4.9 KiB
Markdown
Raw Blame History

# DevOps - GoHorseJobs
Infraestrutura, CI/CD e deploy do projeto GoHorseJobs.
> **Last Updated:** 2024-12-26
---
## 📁 Estrutura
```
.
├── .drone.yml # Pipeline CI/CD (Drone)
├── k8s/
│ ├── dev/ # Kubernetes - Desenvolvimento
│ ├── hml/ # Kubernetes - Homologação
│ └── prd/ # Kubernetes - Produção
├── backend/
│ ├── Dockerfile # Go API (multi-stage, ~73MB)
│ └── .env.example
├── backoffice/
│ ├── Dockerfile # NestJS (Fastify)
│ └── .env.example
├── frontend/
│ ├── Dockerfile # Next.js
│ └── .env.example
├── seeder-api/ # Node.js seeder
└── docs/ # Documentation
```
---
## 🌍 Ambientes
| Ambiente | Branch | Namespace | Réplicas | URL |
|----------|--------|-----------|----------|-----|
| **DEV** | `dev` | `gohorsejobsdev` | 1 | gohorsejobs-dev.appwrite.network |
| **HML** | `hml` | `gohorsejobshml` | 2 | - |
| **PRD** | `main` | `gohorsejobs` | 3 | gohorsejobs.com |
---
## 🔄 Pipeline CI/CD (Drone)
### Fluxo
```
dev branch → build → push (Harbor) → deploy (K8s dev)
hml branch → build → push (Harbor) → deploy (K8s hml)
main branch → build → push (Harbor) → deploy (K8s prd)
```
### Stages
1. **build-and-push** - Docker build + push to Harbor
2. **export-envs-to-k8s** - Create/update secrets
3. **deploy** - Apply manifests + rollout restart
---
## 🔐 Secrets (Drone CI)
### Registry
| Secret | Description |
|--------|-------------|
| `HARBOR_USERNAME` | Harbor username |
| `HARBOR_PASSWORD` | Harbor password |
### Database
| Secret | Description |
|--------|-------------|
| `DATABASE_URL` | PostgreSQL connection string |
| `DB_SSLMODE` | `require` or `disable` |
### Application
| Secret | Description |
|--------|-------------|
| `JWT_SECRET` | JWT secret (min 32 chars) |
| `PASSWORD_PEPPER` | Password pepper |
| `CORS_ORIGINS` | Allowed origins |
### External Services
| Secret | Description |
|--------|-------------|
| `RSA_PRIVATE_KEY_BASE64` | RSA key for credentials |
| `STRIPE_SECRET_KEY` | Stripe API key |
| `STRIPE_WEBHOOK_SECRET` | Stripe webhook secret |
| `FIREBASE_SERVICE_ACCOUNT` | Firebase Admin SDK JSON |
### Storage (S3/R2)
| Secret | Description |
|--------|-------------|
| `AWS_ACCESS_KEY_ID` | Access Key |
| `AWS_SECRET_ACCESS_KEY` | Secret Key |
| `AWS_ENDPOINT` | S3-compatible endpoint |
| `S3_BUCKET` | Bucket name |
### LavinMQ
| Secret | Description |
|--------|-------------|
| `AMQP_URL` | LavinMQ connection URL |
---
## ☸️ Kubernetes
### Create Namespaces
```bash
kubectl create namespace gohorsejobsdev
kubectl create namespace gohorsejobshml
kubectl create namespace gohorsejobs
```
### Registry Secret
```bash
kubectl create secret docker-registry harbor-registry \
--docker-server=in.gohorsejobs.com \
--docker-username=<user> \
--docker-password=<pass> \
-n gohorsejobsdev
```
### Deploy Manual
```bash
# DEV
kubectl apply -f k8s/dev/ -n gohorsejobsdev
# Check pods
kubectl get pods -n gohorsejobsdev
# Check logs
kubectl logs -f deployment/gohorse-backend -n gohorsejobsdev
# Rollout restart
kubectl rollout restart deployment/gohorse-backend -n gohorsejobsdev
```
---
## 🐳 Docker
### Build Local
```bash
# Backend
cd backend && docker build -t gohorse-backend .
# Backoffice
cd backoffice && docker build -t gohorse-backoffice .
# Frontend
cd frontend && docker build -t gohorse-frontend .
```
### Docker Compose (Dev)
```yaml
version: '3.8'
services:
backend:
build: ./backend
ports:
- "8521:8521"
env_file:
- ./backend/.env
backoffice:
build: ./backoffice
ports:
- "3001:3001"
env_file:
- ./backoffice/.env
frontend:
build: ./frontend
ports:
- "3000:3000"
env_file:
- ./frontend/.env
```
---
## 🗄️ Database
### Connection
```bash
# PostgreSQL hosted
Host: db-60059.dc-sp-1.absamcloud.com
Port: 26868
SSL: require
```
### Databases
| Environment | Database |
|-------------|----------|
| DEV | `gohorsejobs_dev` |
| HML | `gohorsejobs_hml` |
| PRD | `gohorsejobs` |
### Migrations
```bash
cd backend
go run ./cmd/manual_migrate
```
### Seeder
```bash
cd seeder-api
npm install
npm run seed
```
---
## 👤 Test Users
### SuperAdmin
- **Login:** `superadmin`
- **Password:** `Admin@2025!`
### Company Admin
| Login | Password |
|-------|----------|
| `takeshi_yamamoto` | `Takeshi@2025` |
### Candidate
| Login | Password |
|-------|----------|
| `paulo_santos` | `User@2025` |
---
## 📋 Deploy Checklist
- [ ] Create K8s namespace
- [ ] Create `harbor-registry` secret
- [ ] Add Drone CI secrets
- [ ] Create database
- [ ] Run migrations
- [ ] Run seeder (optional)
- [ ] Push to branch
- [ ] Verify pipeline logs
- [ ] Test `/health` endpoint
- [ ] Test `/docs` endpoint
Reference in a new issue View git blame Copy permalink