diff --git a/README.md b/README.md index feb5460..c71c3ee 100644 --- a/README.md +++ b/README.md @@ -8,14 +8,29 @@ Refactored cloud microservices from project-ai. cloud-services/ ├── pkg/ # Shared Go packages │ ├── kafka/ # Pure Go Kafka client (franz-go) +│ ├── redis/ # Redis connection pool │ ├── dbc/ # CAN database signal definitions │ ├── can-go/ # CAN protocol library │ └── ... # Other shared modules ├── services/ │ └── gateway/ # API gateway service +│ └── Dockerfile # Service-specific Dockerfile ├── deploy/ -│ ├── base/ # Base k8s manifests -│ └── overlays/ # Environment-specific configs +│ ├── base/ # Base k8s manifests (configMapGenerator) +│ │ ├── kustomization.yaml +│ │ └── config.env # Common environment config +│ └── overlays/ +│ └── development/ # Dev environment overlay +│ ├── kustomization.yaml +│ ├── secrets.yaml +│ └── services/ +│ └── gateway/ +│ ├── deployment.yaml +│ ├── ingress.yaml +│ └── external-secret.yaml +├── argocd-apps/ +│ └── development/ +│ └── cloud-services.yaml # ArgoCD Application └── scripts/ # Build and utility scripts ``` @@ -31,8 +46,8 @@ go build ./services/gateway # Run tests go test ./... -# Build Docker image -docker build -t gateway -f services/gateway/Dockerfile . +# Build Docker image (arm64 for Mac Mini cluster) +docker build --platform linux/arm64 -t localhost:32000/gateway:latest -f services/gateway/Dockerfile . ``` ## Services @@ -48,6 +63,7 @@ WebSocket gateway for TRex, HMI, and Mobile connections. Handles auth, message r ### Prerequisites - Go 1.25+ - Docker (for container builds) +- devbox (optional, for consistent dev environment) ### Module Structure Uses Go workspaces (`go.work`) for local development: @@ -64,22 +80,37 @@ CAN signal definitions are generated from DBC files. See `pkg/dbc/README.md`. ## Deployment -Kubernetes manifests in `deploy/` use Kustomize overlays: +### Kustomize Structure + +Uses `configMapGenerator` with hash suffixes for automatic rolling updates when config changes: ```bash -# Development -kubectl apply -k deploy/overlays/development +# Preview what will be deployed +kustomize build deploy/overlays/development -# Or via ArgoCD -# See k8s-gitops-setup repo +# Apply directly (without ArgoCD) +kustomize build deploy/overlays/development | kubectl apply -f - ``` +### ArgoCD + +The `argocd-apps/development/cloud-services.yaml` Application points to `deploy/overlays/development` and auto-syncs changes from git. + +### Secrets + +Database credentials are managed via ExternalSecrets from Vault: +- `cloud-db-credentials` - DB_PASSWORD, MONGO_USER, MONGO_PASSWORD + ## Environment Variables +Configured in `deploy/base/config.env`: + | Variable | Default | Description | |----------|---------|-------------| -| `KAFKA_HOSTS` | `localhost:9092` | Kafka brokers | -| `REDIS_HOST` | `localhost` | Redis host | +| `DB_HOST` | `cloud-dev-rw.cnpg-system.svc.cluster.local` | PostgreSQL host | +| `KAFKA_HOSTS` | `cloud-dev-kafka-bootstrap.kafka.svc.cluster.local:9092` | Kafka brokers | +| `REDIS_HOST` | `cloud-dev.redis.svc.cluster.local` | Redis host | | `REDIS_PORT` | `6379` | Redis port | -| `JWK_URL` | - | JWKS endpoint for JWT validation | +| `MONGO_HOST` | `cloud-dev-svc.mongodb.svc.cluster.local` | MongoDB host | +| `OIDC_ISSUER` | Keycloak URL | OIDC issuer for JWT validation | | `LOG_LEVEL` | `info` | Log level | diff --git a/pkg/redis/pool.go b/pkg/redis/pool.go index 1c81c46..276f875 100644 --- a/pkg/redis/pool.go +++ b/pkg/redis/pool.go @@ -16,7 +16,7 @@ import ( var ( host = envtool.GetEnv("REDIS_HOST", "localhost") port = envtool.GetEnv("REDIS_PORT", "6379") - password = envtool.GetEnv("REDIS_PASSWORD", "REPLACE_ME") + password = envtool.GetEnv("REDIS_PASSWORD", "") addr = fmt.Sprintf("%v:%v", host, port) )