Tiago Ribeiro 389ec232de docs(nexus): atualiza documentacao para estado atual 2026-02-28

- README.md: reescrito com 6 MFEs, 3 clusters OKE, 9 microservicos, links para novos docs tf_oci_clusters
- OCI.md: corrige VCN CIDR (10.120 orphan deletado -> 10.110 ativo), atualiza 6 buckets mfe-*-dev, API Gateway PRIVATE em sbn-api-gateway, pipelines padronizadas
- OCI-DEV-NEXUS.md: API Gateway com 6 deployments MFE, Object Storage com 6 buckets, corrige tipo PUBLIC->PRIVATE e subnet
- API-GATEWAY.md: 6 deployments api-gateway-mfe-dev, 8 buckets na secao Frontends Estaticos, pendencias atualizadas
- OCI-MFE-TASKS.md: VCN orphan marcada como deletada, 6 buckets mfe-*-dev, checklist atualizado

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-01 07:51:22 -03:00

6.4 KiB

Raw Blame History

OCI API Gateways - Completo

Gateway 1: api-gateway-nexus-dev

Propriedade	Valor
Nome	api-gateway-nexus-dev
Tipo	PRIVATE
Hostname	`dnqe6ufrommkqxtfp7k2ehrbmu.apigateway.sa-saopaulo-1.oci.customer-oci.com`
IP	10.6.0.123
Compartment	cmp-dev-nexus
Estado	ACTIVE

Deployments

Nome	Endpoint
auth	/api/auth
user	/api/user
user-external	/api/user-external
user-internal	/api/user-internal
person	/api/person
role	/api/role
sso	/api/sso
cache	/api/cache
poc	/api/poc
commercial-manager	/api/commercial-manager

Gateway 2: api-gateway-insign-dev

Propriedade	Valor
Nome	api-gateway-insign-dev
Tipo	PRIVATE
Hostname	`oyk5unl6ec7a53aychqlvz5bwa.apigateway.sa-saopaulo-1.oci.customer-oci.com`
IP	10.6.0.33
Compartment	cmp-dev-insign
Estado	ACTIVE

Deployments

Nome	Endpoint
insign-deploy-dev	/insign
insing-dev	/
root	/

Gateway 3: api-gateway-mfe-dev (Terraform-managed)

Propriedade	Valor
Nome	api-gateway-mfe-dev
Tipo	PRIVATE
OCID	`ocid1.apigateway.oc1.sa-saopaulo-1.amaaaaaasks3yliabdiquogy2pqyohas4wjopizv2xzgzrclmsvsh4x7ewea`
Hostname	`guhal72tzyekzchzamhhi3lvgi.apigateway.sa-saopaulo-1.oci.customer-oci.com`
IP	10.110.198.250
VCN	vcn-oke (10.110.0.0/16)
Subnet	sbn-api-gateway (10.110.192.0/20)
Compartment	DEV (`ocid1.compartment.oc1..aaaaaaaa76x3nykkjwvctpr6px34dysu3pbg7p62h2r65fegt7fvbrioll3a`)
Estado	ACTIVE
Gerenciado por	Terraform (`tf_oci_clusters/modules/api_gateway_mfe`)
Criado em	2026-02-22 (pipeline build #5964)

Deployments

6 deployments — um por MFE. Cada deployment tem 2 rotas: / (index.html) e /{path*} (arquivos estáticos).

Deployment	Bucket OCI	Hostname planejado
deploy-mfe-shell-dev	`mfe-shell-dev`	`mfe-shell-dev.invista.com.br`
deploy-mfe-auth-dev	`mfe-auth-dev`	`mfe-auth-dev.invista.com.br`
deploy-mfe-user-dev	`mfe-user-dev`	`mfe-user-dev.invista.com.br`
deploy-mfe-person-dev	`mfe-person-dev`	`mfe-person-dev.invista.com.br`
deploy-mfe-formalization-dev	`mfe-formalization-dev`	`mfe-formalization-dev.invista.com.br`
deploy-mfe-poc-dev	`mfe-poc-dev`	`mfe-poc-dev.invista.com.br`

Namespace Object Storage: grbb7qzeuoag | Region: sa-saopaulo-1

Acesso

Tipo	URL
Direto (privado)	`https://guhal72tzyekzchzamhhi3lvgi.apigateway.sa-saopaulo-1.oci.customer-oci.com/{mfe-name}/`
Planejado (DNS)	`https://mfe-{name}-dev.invista.com.br` (pendente VCN peering + LB + Cloudflare)

Terraform

# environments/dev/api_gateway_mfe.tf
module "api_gateway_mfe" {
  count  = var.enable_api_gateway_mfe ? 1 : 0
  source = "../../modules/api_gateway_mfe"

  compartment_id = local.compartment_id
  subnet_id      = module.network.lb_subnet_ids[0]
  env_name       = var.env_name
  endpoint_type  = "PUBLIC"

  mfe_deployments = [
    { name = "mfe-shell",         hostname = "mfe-shell-dev.invista.com.br",         bucket_name = "mfe-shell-dev",         object_namespace = var.mfe_object_namespace, region = var.oci_region },
    { name = "mfe-auth",          hostname = "mfe-auth-dev.invista.com.br",          bucket_name = "mfe-auth-dev",          object_namespace = var.mfe_object_namespace, region = var.oci_region },
    { name = "mfe-user",          hostname = "mfe-user-dev.invista.com.br",          bucket_name = "mfe-user-dev",          object_namespace = var.mfe_object_namespace, region = var.oci_region },
    { name = "mfe-person",        hostname = "mfe-person-dev.invista.com.br",        bucket_name = "mfe-person-dev",        object_namespace = var.mfe_object_namespace, region = var.oci_region },
    { name = "mfe-formalization", hostname = "mfe-formalization-dev.invista.com.br", bucket_name = "mfe-formalization-dev", object_namespace = var.mfe_object_namespace, region = var.oci_region },
    { name = "mfe-poc",           hostname = "mfe-poc-dev.invista.com.br",           bucket_name = "mfe-poc-dev",           object_namespace = var.mfe_object_namespace, region = var.oci_region },
  ]
}

Pendencias

VCN Peering: Attach vcn-oke ao DRG-Invista-Shared
Rota no LB Test_Crivo_Dev: backend set apontando para 10.110.198.250:443
Routing policy por hostname: mfe-{name}-dev.invista.com.br para cada MFE
DNS Cloudflare: 6 CNAMEs mfe-{name}-dev -> LB IP (via Cloudflare proxy)
Atualizar federation.manifest.json do mfe-shell com URLs reais dos remotes
Migrar EnvironmentService do mfe-shell de AWS para OCI api-gateway-nexus-dev

Frontends Estaticos (Buckets)

Bucket	Namespace	Acesso	Descricao
`mfe-shell-dev`	grbb7qzeuoag	API Gateway MFE	Shell Angular (HOST) — orquestra todos os remotes
`mfe-auth-dev`	grbb7qzeuoag	API Gateway MFE	MFE Auth
`mfe-user-dev`	grbb7qzeuoag	API Gateway MFE	MFE User
`mfe-person-dev`	grbb7qzeuoag	API Gateway MFE	MFE Person
`mfe-formalization-dev`	grbb7qzeuoag	API Gateway MFE	MFE Formalization
`mfe-poc-dev`	grbb7qzeuoag	API Gateway MFE	MFE PoC
`app-front-insign-teste`	grbb7qzeuoag	Cloudflare + OCI	Site estatico de teste (insign)
`front`	grbb7qzeuoag	—	Icones SVG

Todos os buckets MFE: public-access-type = ObjectReadWithoutList, criados via pipeline CI/CD (Azure DevOps).

Conectividade de Rede

VCNs envolvidas

VCN	CIDR	Componentes
VCN-Shared	10.8.0.0/16	LB Test_Crivo_Dev (10.8.4.127)
vcn-oke (dev)	10.110.0.0/16	API Gateway MFE (10.110.198.250), OKE clusters

DRG (Dynamic Routing Gateway)

Propriedade	Valor
Nome	DRG-Invista-Shared
OCID	`ocid1.drg.oc1.sa-saopaulo-1.aaaaaaaazuiluiavm3zcrzelqs2f3k3sdy3fka5yytwjua37a2ksn446deza`
VCN-Shared	Attached
vcn-oke (dev)	Pendente - necessario para LB acessar API Gateway

Fluxo de rede planejado

Browser -> Cloudflare (mfe-{name}-dev.invista.com.br)
  -> LB Test_Crivo_Dev (10.8.4.127, VCN-Shared)
    -> DRG-Invista-Shared (VCN peering — PENDENTE)
      -> API Gateway MFE (10.110.198.250, vcn-oke)
        -> Object Storage (mfe-{name}-dev, namespace grbb7qzeuoag)

Atualizado em: 2026-02-28

6.4 KiB Raw Blame History

OCI API Gateways - Completo

Gateway 1: api-gateway-nexus-dev

Deployments

Gateway 2: api-gateway-insign-dev

Deployments

Gateway 3: api-gateway-mfe-dev (Terraform-managed)

Deployments

Acesso

Terraform

Pendencias

Frontends Estaticos (Buckets)

Conectividade de Rede

VCNs envolvidas

DRG (Dynamic Routing Gateway)

Fluxo de rede planejado

6.4 KiB

Raw Blame History