DevOps - GoHorseJobs
Infraestrutura, CI/CD e deploy do projeto GoHorseJobs.
Last Updated: 2024-12-26
📁 Estrutura
.
├── .drone.yml # Pipeline CI/CD (Drone)
├── k8s/
│ ├── dev/ # Kubernetes - Desenvolvimento
│ ├── hml/ # Kubernetes - Homologação
│ └── prd/ # Kubernetes - Produção
│
├── backend/
│ ├── Dockerfile # Go API (multi-stage, ~73MB)
│ └── .env.example
│
├── backoffice/
│ ├── Dockerfile # NestJS (Fastify)
│ └── .env.example
│
├── frontend/
│ ├── Dockerfile # Next.js
│ └── .env.example
│
├── seeder-api/ # Node.js seeder
└── docs/ # Documentation
🌍 Ambientes
| Ambiente |
Branch |
Namespace |
Réplicas |
URL |
| DEV |
dev |
gohorsejobsdev |
1 |
gohorsejobs-dev.appwrite.network |
| HML |
hml |
gohorsejobshml |
2 |
- |
| PRD |
main |
gohorsejobs |
3 |
gohorsejobs.com |
🔄 Pipeline CI/CD (Drone)
Fluxo
dev branch → build → push (Harbor) → deploy (K8s dev)
↓
hml branch → build → push (Harbor) → deploy (K8s hml)
↓
main branch → build → push (Harbor) → deploy (K8s prd)
Stages
- build-and-push - Docker build + push to Harbor
- export-envs-to-k8s - Create/update secrets
- deploy - Apply manifests + rollout restart
🔐 Secrets (Drone CI)
Registry
| Secret |
Description |
HARBOR_USERNAME |
Harbor username |
HARBOR_PASSWORD |
Harbor password |
Database
| Secret |
Description |
DATABASE_URL |
PostgreSQL connection string |
DB_SSLMODE |
require or disable |
Application
| Secret |
Description |
JWT_SECRET |
JWT secret (min 32 chars) |
PASSWORD_PEPPER |
Password pepper |
CORS_ORIGINS |
Allowed origins |
External Services
| Secret |
Description |
RSA_PRIVATE_KEY_BASE64 |
RSA key for credentials |
STRIPE_SECRET_KEY |
Stripe API key |
STRIPE_WEBHOOK_SECRET |
Stripe webhook secret |
FIREBASE_SERVICE_ACCOUNT |
Firebase Admin SDK JSON |
Storage (S3/R2)
| Secret |
Description |
AWS_ACCESS_KEY_ID |
Access Key |
AWS_SECRET_ACCESS_KEY |
Secret Key |
AWS_ENDPOINT |
S3-compatible endpoint |
S3_BUCKET |
Bucket name |
LavinMQ
| Secret |
Description |
AMQP_URL |
LavinMQ connection URL |
☸️ Kubernetes
Create Namespaces
kubectl create namespace gohorsejobsdev
kubectl create namespace gohorsejobshml
kubectl create namespace gohorsejobs
Registry Secret
kubectl create secret docker-registry harbor-registry \
--docker-server=in.gohorsejobs.com \
--docker-username=<user> \
--docker-password=<pass> \
-n gohorsejobsdev
Deploy Manual
# DEV
kubectl apply -f k8s/dev/ -n gohorsejobsdev
# Check pods
kubectl get pods -n gohorsejobsdev
# Check logs
kubectl logs -f deployment/gohorse-backend -n gohorsejobsdev
# Rollout restart
kubectl rollout restart deployment/gohorse-backend -n gohorsejobsdev
🐳 Docker
Build Local
# Backend
cd backend && docker build -t gohorse-backend .
# Backoffice
cd backoffice && docker build -t gohorse-backoffice .
# Frontend
cd frontend && docker build -t gohorse-frontend .
Docker Compose (Dev)
version: '3.8'
services:
backend:
build: ./backend
ports:
- "8521:8521"
env_file:
- ./backend/.env
backoffice:
build: ./backoffice
ports:
- "3001:3001"
env_file:
- ./backoffice/.env
frontend:
build: ./frontend
ports:
- "3000:3000"
env_file:
- ./frontend/.env
🗄️ Database
Connection
# PostgreSQL hosted
Host: db-60059.dc-sp-1.absamcloud.com
Port: 26868
SSL: require
Databases
| Environment |
Database |
| DEV |
gohorsejobs_dev |
| HML |
gohorsejobs_hml |
| PRD |
gohorsejobs |
Migrations
cd backend
go run ./cmd/manual_migrate
Seeder
cd seeder-api
npm install
npm run seed
👤 Test Users
Nota: O SuperAdmin foi atualizado via migration 032_update_superadmin_lol.sql.
SuperAdmin
- Login:
lol
- Email:
lol@gohorsejobs.com
- Nome: Dr. Horse Expert
- Password: trocar no primeiro acesso (status
force_change_password)
Company Admin
| Login |
Password |
takeshi_yamamoto |
Takeshi@2025 |
Candidate
| Login |
Password |
paulo_santos |
User@2025 |
📋 Deploy Checklist
31fadc1b11