Initial cloud-services repo - gateway service + pkg modules

2026-01-30 23:14:52 -05:00
commit fbb820d7b3
1037 changed files with 171318 additions and 0 deletions
--- a/deploy/base/configmap-common.yaml
+++ b/deploy/base/configmap-common.yaml
@@ -0,0 +1,46 @@
+# Common environment config shared by all services
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: cloud-common-config
+  namespace: cloud-services
+data:
+  # PostgreSQL
+  DB_HOST: cloud-dev-rw.cnpg-system.svc.cluster.local
+  DB_PORT: "5432"
+  DB_NAME: cloud_dev
+  DB_USER: cloud_dev
+  DB_SSLMODE: disable
+  DB_POOLSIZE: "10"
+  
+  # MongoDB
+  MONGO_HOST: cloud-dev-svc.mongodb.svc.cluster.local
+  MONGO_PORT: "27017"
+  MONGO_DB_NAME: db
+  MONGO_ODX_DB_NAME: odx_db
+  MONGO_CLIENT_TIMEOUT: "60"
+  
+  # Redis
+  REDIS_HOST: cloud-dev.redis.svc.cluster.local
+  REDIS_PORT: "6379"
+  REDIS_IDLETIMEOUT_MS: "3600000"
+  REDIS_MAXIDLECONN: "10"
+  REDIS_MAXACTIVECONN: "10"
+  
+  # Kafka (Strimzi)
+  KAFKA_HOSTS: cloud-dev-kafka-bootstrap.kafka.svc.cluster.local:9092
+  KAFKA_SECURITY_PROTOCOL: PLAINTEXT
+  KAFKA_GO_BATCH_CONSUMER: "true"
+  KAFKA_BATCH_NUM_MESSAGES: "50000"
+  KAFKA_BATCH_SIZE: "1000000"
+  KAFKA_LINGER_MS: "50"
+  
+  # Auth (Keycloak)
+  OIDC_ISSUER: https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth
+  OIDC_JWK_URL: https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth/protocol/openid-connect/certs
+  
+  # Vault
+  VAULT_URL: http://vault.vault.svc.cluster.local:8200/v1
+  
+  # Logging
+  LOG_LEVEL: info
--- a/deploy/base/kustomization.yaml
+++ b/deploy/base/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - namespace.yaml
+  - configmap-common.yaml
--- a/deploy/base/namespace.yaml
+++ b/deploy/base/namespace.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: cloud-services
+  labels:
+    app.kubernetes.io/part-of: cloud-platform
--- a/deploy/overlays/development/kustomization.yaml
+++ b/deploy/overlays/development/kustomization.yaml
@@ -0,0 +1,14 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: cloud-services
+
+resources:
+  - ../../base
+  - secrets.yaml
+  # Services (uncomment as migrated)
+  # - services/gateway/
+  # - services/auth/
+
+commonLabels:
+  environment: development
--- a/deploy/overlays/development/secrets.yaml
+++ b/deploy/overlays/development/secrets.yaml
@@ -0,0 +1,21 @@
+# Dev secrets - in prod use external-secrets with Vault
+apiVersion: v1
+kind: Secret
+metadata:
+  name: cloud-db-credentials
+  namespace: cloud-services
+type: Opaque
+stringData:
+  DB_PASSWORD: cloud_dev_password
+  MONGO_PASSWORD: cloud_dev_password
+  REDIS_PASSWORD: ""
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: cloud-auth-credentials
+  namespace: cloud-services
+type: Opaque
+stringData:
+  OIDC_CLIENT_ID: ota-portal
+  OIDC_CLIENT_SECRET: ota-portal-secret-change-me