# Nexus - Invista FIDC

Microservicos e infraestrutura do projeto Nexus para Invista FIDC.

> **Atualizado em:** 2026-02-28

## Estrutura

```
nexus/
├── README.md                    # Este arquivo
├── OPERATIONS.md                # Historico de operacoes e incidentes
├── CONNECTIONS.md               # Conexoes e credenciais K8s, Registry, Namespaces
├── OCI-DEV-NEXUS.md             # Documentacao completa do ambiente DEV OCI
├── OCI-MFE-PADRONIZACAO.md      # Como os MFEs foram padronizados para OCI
├── API-GATEWAY.md               # Todos os API Gateways OCI (nexus, insign, MFE)
└── azure-devops/
    ├── CONNECTION.md            # Azure DevOps CN-Squad (repos, PAT, SSH)
    └── OCI-CONNECTION.md        # Oracle Cloud Infrastructure credentials
```

---

## Clusters OCI OKE (DEV)

3 clusters gerenciados por Terraform (`tf_oci_clusters`) em `cmp-dev-nexus`:

| Cluster | Proposito | K8s | Nodes | IP LB |
|---------|-----------|-----|-------|-------|
| `cls-dev-nexus` | Aplicacoes de negocio + MFEs | v1.34.1 | 3x VM.E4.Flex (2cpu/16GB) | 10.110.135.3 / 137.131.236.202 (pub) |
| `cls-dev-barramento` | Integracoes, APIs terceiros, mensageria | v1.34.1 | 3x VM.E4.Flex (2cpu/16GB) | 10.110.133.131 |
| `cls-dev-observabilidade` | Prometheus, Grafana, Jaeger, OTEL | v1.34.1 | 3x VM.E4.Flex (2cpu/16GB) | 10.110.129.64 |

- **Registry:** `gru.ocir.io/grbb7qzeuoag`
- **Regiao:** `sa-saopaulo-1`
- **Kubeconfigs:** `~/.kube/config-dev-1` (nexus) / `config-dev-2` (barramento) / `config-dev-3` (observabilidade)

---

## Micro Frontends (MFEs)

6 MFEs Angular 19 com Native Federation. O `mfe-shell` e o HOST que orquestra os demais.
Pipeline: push na branch `devops` → Build → Upload para OCI Object Storage.

| MFE | Repo Azure DevOps | Bucket OCI | Rota no shell | Pipeline |
|-----|------------------|-----------|--------------|---------|
| `mfe-shell` | `mfe-shell` | `mfe-shell-dev` | `/` (host) | branch `devops` |
| `mfe-auth` | `mfe-auth` | `mfe-auth-dev` | `/auth` | branch `devops` |
| `mfe-user` | `mfe-user` | `mfe-user-dev` | `/user` | branch `devops` |
| `mfe-person` | `mfe-person` | `mfe-person-dev` | `/person` | branch `devops` |
| `mfe-formalization` | `mfe-formalization` | `mfe-formalization-dev` | `/formalization` | branch `devops` |
| `mfe-poc` | `mfe-poc` | `mfe-poc-dev` | `/poc` | branch `devops` |

**Infraestrutura de hosting:**
- API Gateway MFE: `api-gateway-mfe-dev` (Terraform, PRIVATE, IP `10.110.198.250`)
- Object Storage namespace: `grbb7qzeuoag`
- Template CI/CD: `azure-pipelines-templates/mfe/deploy-mfe-oci.yaml`
- Variable Group: `oci-terraform` (ID 34)

---

## Microservicos (ms-*)

Todos no cluster `cls-dev-nexus`, namespace `nexus-services`:

| Servico | API path | Status |
|---------|----------|--------|
| `ms-auth-external` | `/api/auth` | Running |
| `ms-auth-sso` | `/api/sso` | Running |
| `ms-user` | `/api/user`, `/api/user-external`, `/api/role` | Running |
| `ms-person` | `/api/person` | Running |
| `ms-belt` | `/api/cache` | Running |
| `ms-notify` | — | Running |
| `ms-parameters` | — | Running |
| `ms-poc` | `/api/poc` | Running |
| `ms-barramento` | `/api/commercial-manager` | Running |

**Rota de acesso API:**
```
Cloudflare (*.invista.com.br)
  → LB Test_Crivo_Dev (10.8.4.127, VCN-Shared)
  → api-gateway-nexus-dev (10.6.0.123, PRIVATE, VCN-DEV)
  → Ingress NGINX interno (cls-dev-nexus)
  → Pod ms-*  (namespace: nexus-services)
```

---

## Documentacao

### Infraestrutura OCI
- [OCI DEV Nexus](./OCI-DEV-NEXUS.md) — Documentacao completa: compartments, clusters, rede, LBs, gateways, buckets
- [API Gateways](./API-GATEWAY.md) — api-gateway-nexus-dev + api-gateway-mfe-dev + api-gateway-insign-dev
- [Load Balancers](./LOAD-BALANCERS.md) — 34 LBs ativos por compartment
- [OCI Network Analysis](./OCI-NETWORK-ANALYSIS.md) — Analise de VCNs, subnets, DRG
- [Cloudflare](./CLOUDFLARE.md) — DNS e proxy

### MFEs
- [MFE URLs e Endpoints](./MFE-URLS.md) — Onde ficam os endereços no mfe-shell (federation.manifest.json + EnvironmentService)
- [MFE Padronizacao OCI](./OCI-MFE-PADRONIZACAO.md) — Como todos os 6 MFEs foram migrados para OCI
- [MFE Tasks / Checklist](./OCI-MFE-TASKS.md) — Status e pendencias
- [MFE User Pipeline](./MFE-USER-PIPELINE.md) — Detalhe da pipeline mfe-user (multi-cloud legado)
- [OCI MFE Step-by-step](./OCI-MFE-STEPBYSTEP.md) — Guia de deploy manual

### Terraform (tf_oci_clusters — docs/)
- [compartment-nexus.md](https://dev.azure.com/CN-Squad/Invista%20FIDC%20-%20Nexus/_git/tf_oci_clusters?path=/docs/compartment-nexus.md) — Todos recursos OCI por compartment (Terraform vs Manual)
- [mfe-architecture.md](https://dev.azure.com/CN-Squad/Invista%20FIDC%20-%20Nexus/_git/tf_oci_clusters?path=/docs/mfe-architecture.md) — Arquitetura MFE de ponta a ponta
- [melhorias.md](https://dev.azure.com/CN-Squad/Invista%20FIDC%20-%20Nexus/_git/tf_oci_clusters?path=/docs/melhorias.md) — Backlog de melhorias priorizadas

### Operacoes
- [Historico de Operacoes](./OPERATIONS.md)
- [Conexoes e Credenciais](./CONNECTIONS.md)
- [Azure DevOps](./azure-devops/CONNECTION.md) — 49 repos, PAT, SSH
- [OCI Connection](./azure-devops/OCI-CONNECTION.md)
- [MS-USER - Microservico de Usuarios](./MS-USER.md)
- [Terraform Import](./OCI-TERRAFORM.md) — Importacao de recursos para Terraform

---

*Projeto InventCloud - Invista FIDC | Atualizado: 2026-02-28*