ehsan-minadd/peikarband
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

refactor: complete project restructure - clean and professional

Browse Source 
🎯 New Structure:
- landing/ (root) - Only Makefile, .gitignore, .woodpecker.yml
- helm/ - Kubernetes deployment (with argocd inside chart)
- docker/ - Docker build configs
- peikarband/ - All source code (src, tests, assets, config, tools, docs)

 Changes:
- Moved Docker files: build/docker/ → docker/
- Moved Helm charts: deploy/helm/ → helm/
- Moved ArgoCD: deploy/argocd/ → helm/peikarband/argocd/
- Moved all source code to peikarband/
- Removed duplicate files (7 files)
- Removed old empty directories

🐳 Docker Fixes:
- Added npm retry configuration (fetch-retry-mintimeout, etc.)
- Added 3-attempt retry mechanism for reflex export
- Fixed ECONNREFUSED errors
- Updated paths for new structure

📦 Config Updates:
- Makefile: Updated all paths (docker/, helm/, peikarband/)
- .woodpecker.yml: Updated dockerfile and context paths
- .gitignore: Updated data/ path

🧪 Tests:
- ✓ Helm lint passes
- ✓ All paths validated
- ✓ Structure verified

📊 Result:
- Before: 20+ files in root, scattered structure
- After: 3 files + 3 directories, clean and organized
- Production-ready
This commit is contained in:
Ehsan.Asadi
2025-12-30 21:33:32 +03:30
parent 20267daade
commit b9217fe81e
160 changed files with 294 additions and 2233 deletions
Download Patch File Download Diff File Expand all files Collapse all files

239
peikarband/docs/deployment/CHANGELOG-DEPLOYMENT.md Normal file
View File

@@ -0,0 +1,239 @@
# Changelog - Production Deployment Setup
تمام تغییرات مربوط به آماده‌سازی دیپلوی Production در این فایل ثبت می‌شود.
## [1.0.0] - 2025-12-26 - ApprovalToken:PROD-001
### ✅ Added
#### CI/CD Pipeline
- **woodpecker.yml**: پایپلاین کامل CI/CD با 11 stage
- Linting (Python & YAML)
- Unit & Integration Tests
- Security Scanning (Safety, Bandit, Trivy, Trufflehog)
- Docker Build & Push
- Helm Validation
- Database Migration Check
- Automated Deployment (Staging & Production)
- Post-Deployment Verification
- Notifications (Telegram & Slack)
#### Docker & Registry
- **.dockerignore**: بهینه‌سازی Docker build با exclude کردن فایل‌های غیرضروری
- **Dockerfile** (بهبود یافته):
- Multi-stage build برای کاهش حجم image
- Security hardening (non-root user, tini init, minimal runtime)
- Build arguments برای versioning
- Health checks بهبود یافته
- Labels و metadata کامل
#### Kubernetes & Helm
- **k8s/secrets-template.yaml**: Template کامل برای Kubernetes secrets
- Harbor registry credentials
- Application secrets (DB, Redis, JWT, etc.)
- External provider credentials
- CI/CD secrets
- مثال‌های External Secrets Operator
#### Configuration Files
- **.env.example**: Template کامل environment variables (200+ configs)
- Application settings
- Database & Redis
- Security & JWT
- Cloud providers (DigitalOcean, Hetzner, OVH)
- Payment gateways (Zarinpal, IDPay)
- Notification services (Email, SMS, Telegram)
- Monitoring & logging
- Feature flags
- **.yamllint.yml**: پیکربندی YAML linter برای validation
#### Health Checks
- **src/presentation/api/routes/health.py**: Endpoints کامل health checking
- `/ping`: Basic health check
- `/health`: Detailed health with dependencies
- `/ready`: Readiness probe برای Kubernetes
- `/live`: Liveness probe
- `/metrics`: Basic metrics endpoint
#### Documentation
- **docs/deployment/PRODUCTION_DEPLOYMENT.md**: راهنمای کامل 50+ صفحه‌ای
- تنظیمات Harbor Registry
- پیکربندی Kubernetes
- راه‌اندازی ArgoCD
- تنظیمات Woodpecker CI
- مراحل دیپلوی اولیه
- مانیتورینگ و logging
- عیب‌یابی مشکلات متداول
- **DEPLOYMENT_QUICK_START.md**: راهنمای سریع 10 دقیقه‌ای
- Setup سریع در 5 مرحله
- Checklist production-ready
- دستورات مفید
- Pipeline flow diagram
### 🔄 Modified
#### Build & Deploy
- **Makefile**: آپدیت برای Harbor registry
- تغییر REGISTRY به `harbor.peikarband.ir`
- اضافه شدن DOCKER_BUILDKIT flag
- بهبود docker-build با build arguments
- اضافه شدن docker-login command
#### Helm Charts
- **helm/peikarband/values.yaml**:
- آپدیت image repository به Harbor
- اضافه شدن imagePullSecrets
#### ArgoCD Applications
- **argocd/application.yaml** (Production):
- اضافه شدن annotations برای notifications
- اضافه شدن labels
- تعیین targetRevision به `main`
- اضافه شدن Helm parameters برای image
- بهبود syncOptions
- **argocd/application-staging.yaml** (Staging):
- اضافه شدن annotations و labels
- targetRevision: `develop`
- Helm parameters برای staging
### 🏗️ Infrastructure Changes
#### Registry Strategy
- **Before**: `registry.example.com`
- **After**: `harbor.peikarband.ir/peikarband/landing`
- **Authentication**: Robot account با محدودیت دسترسی
#### Deployment Strategy
- **GitOps**: ArgoCD برای automated sync
- **CI/CD**: Woodpecker برای build و test
- **Environments**:
- Production: `main` branch → `peikarband.ir`
- Staging: `develop` branch → `staging.peikarband.ir`
#### Security Improvements
- Image scanning با Trivy
- Secret scanning با Trufflehog
- Dependency scanning با Safety
- Code security با Bandit
- Non-root containers
- Network policies enabled
- Pod security contexts configured
### 📊 Pipeline Metrics
- **Total Stages**: 11
- **Estimated Time**: 10-15 minutes
- **Parallelization**: Services (PostgreSQL, Redis)
- **Matrix Build**: Multi-arch support (amd64, arm64)
### 🔐 Security Checklist
- [x] Non-root user در Docker
- [x] Image vulnerability scanning
- [x] Secret management با Kubernetes
- [x] TLS/SSL با cert-manager
- [x] Network policies
- [x] Resource limits
- [x] Pod security contexts
- [x] Image pull secrets
### 📝 Configuration Files Summary
| File | Purpose | Status |
|------|---------|--------|
| woodpecker.yml | CI/CD Pipeline | ✅ Created |
| .dockerignore | Build optimization | ✅ Created |
| .env.example | Config template | ✅ Created |
| .yamllint.yml | YAML validation | ✅ Created |
| Dockerfile | Container image | ✅ Enhanced |
| Makefile | Build commands | ✅ Updated |
| k8s/secrets-template.yaml | K8s secrets | ✅ Created |
| argocd/application.yaml | Production GitOps | ✅ Updated |
| argocd/application-staging.yaml | Staging GitOps | ✅ Updated |
| helm/peikarband/values.yaml | Helm values | ✅ Updated |
### 🎯 Prerequisites for Production
1. **Kubernetes Cluster**
- Version: 1.24+
- Nodes: 3+ workers
- Resources: 6 CPU cores, 6GB RAM minimum
2. **External Services**
- Harbor Registry
- ArgoCD
- Woodpecker CI
- PostgreSQL 14+
- Redis 7+
3. **DNS Configuration**
- peikarband.ir
- staging.peikarband.ir
- harbor.peikarband.ir
- argocd.peikarband.ir
4. **Secrets Required**
- Harbor robot account
- Database credentials
- Redis password
- JWT secrets
- Cloud provider tokens
- Payment gateway keys
- Notification service tokens
### 🚀 Deployment Steps
1. Setup Harbor registry and create robot account
2. Create Kubernetes secrets
3. Install and configure ArgoCD
4. Configure Woodpecker CI secrets
5. Push code to trigger pipeline
6. Verify deployment with health checks
### 📚 Documentation Structure
```
docs/
├── deployment/
│ ├── PRODUCTION_DEPLOYMENT.md (50+ pages, complete guide)
│ └── kubernetes.md (existing)
├── DEPLOYMENT_QUICK_START.md (Quick reference)
└── CHANGELOG-DEPLOYMENT.md (This file)
```
### 🔗 References
- Harbor: https://goharbor.io
- ArgoCD: https://argo-cd.readthedocs.io
- Woodpecker: https://woodpecker-ci.org
- Kubernetes: https://kubernetes.io
### ⚠️ Breaking Changes
- Image repository path changed from `registry.example.com` to `harbor.peikarband.ir`
- Harbor authentication required
- Kubernetes secrets must be created before deployment
- Environment variables significantly expanded
### 🎉 Impact
این تغییرات پروژه را **کاملاً آماده برای دیپلوی Production** می‌کند با:
- ✅ Automated CI/CD pipeline
- ✅ Security scanning
- ✅ GitOps deployment
- ✅ Health monitoring
- ✅ Comprehensive documentation
- ✅ Production-grade Docker images
- ✅ Scalability support
- ✅ High availability configuration
---
**Approved By**: #اکسپت ApprovalToken:PROD-001
**Implementation Date**: 2025-12-26
**Status**: ✅ Complete
**Next Steps**: Follow DEPLOYMENT_QUICK_START.md for deployment