ehsan-minadd/peikarband

Files

Ehsan.Asadi b9217fe81e refactor: complete project restructure - clean and professional

🎯 New Structure:
- landing/ (root) - Only Makefile, .gitignore, .woodpecker.yml
- helm/ - Kubernetes deployment (with argocd inside chart)
- docker/ - Docker build configs
- peikarband/ - All source code (src, tests, assets, config, tools, docs)

✅ Changes:
- Moved Docker files: build/docker/ → docker/
- Moved Helm charts: deploy/helm/ → helm/
- Moved ArgoCD: deploy/argocd/ → helm/peikarband/argocd/
- Moved all source code to peikarband/
- Removed duplicate files (7 files)
- Removed old empty directories

🐳 Docker Fixes:
- Added npm retry configuration (fetch-retry-mintimeout, etc.)
- Added 3-attempt retry mechanism for reflex export
- Fixed ECONNREFUSED errors
- Updated paths for new structure

📦 Config Updates:
- Makefile: Updated all paths (docker/, helm/, peikarband/)
- .woodpecker.yml: Updated dockerfile and context paths
- .gitignore: Updated data/ path

🧪 Tests:
- ✓ Helm lint passes
- ✓ All paths validated
- ✓ Structure verified

📊 Result:
- Before: 20+ files in root, scattered structure
- After: 3 files + 3 directories, clean and organized
- Production-ready ✨

2025-12-30 21:33:32 +03:30

5.5 KiB

Raw Blame History

راهنمای سریع دیپلوی - Peikarband

راهنمای سریع برای راه‌اندازی پروژه پیکربند در Production

🚀 دیپلوی سریع در 10 دقیقه

1️⃣ Harbor Registry Setup (2 دقیقه)

# لاگین به Harbor
docker login harbor.peikarband.ir

# ساخت project: peikarband
# ساخت robot account: deployer

2️⃣ Kubernetes Secrets (2 دقیقه)

# Harbor pull secret
kubectl create secret docker-registry harbor-registry-secret \
  --docker-server=harbor.peikarband.ir \
  --docker-username=robot\$peikarband+deployer \
  --docker-password="YOUR_TOKEN" \
  --namespace=peikarband

# Application secrets
kubectl create secret generic peikarband-prod-secrets \
  --from-literal=db-password=YOUR_DB_PASS \
  --from-literal=redis-password=YOUR_REDIS_PASS \
  --from-literal=secret-key=YOUR_SECRET_KEY \
  --from-literal=jwt-secret-key=YOUR_JWT_KEY \
  --namespace=peikarband

3️⃣ ArgoCD Setup (3 دقیقه)

# نصب ArgoCD
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

# Deploy application
kubectl apply -f argocd/application.yaml

# Sync
argocd app sync peikarband

4️⃣ Woodpecker CI Secrets (2 دقیقه)

در Woodpecker UI یا با CLI:

woodpecker-cli secret add --name harbor_username --value "robot\$peikarband+deployer"
woodpecker-cli secret add --name harbor_password --value "YOUR_TOKEN"
woodpecker-cli secret add --name argocd_server --value "argocd.peikarband.ir"
woodpecker-cli secret add --name argocd_token --value "YOUR_ARGOCD_TOKEN"

5️⃣ Push & Deploy (1 دقیقه)

git add .
git commit -m "feat: production deployment setup"
git push origin main

# Woodpecker به صورت خودکار:
# ✅ Tests را اجرا می‌کند
# ✅ Docker image را build می‌کند
# ✅ به Harbor push می‌کند
# ✅ ArgoCD را trigger می‌کند
# ✅ در Kubernetes deploy می‌شود

📋 Checklist قبل از Production

Infrastructure

Kubernetes cluster آماده است (3+ nodes)
Harbor registry نصب شده
ArgoCD نصب شده
Woodpecker CI پیکربندی شده
cert-manager برای SSL نصب شده
Ingress NGINX نصب شده

Database & Cache

PostgreSQL در دسترس است
Redis در دسترس است
Backup strategy تعریف شده

DNS & SSL

Domain به cluster اشاره می‌کند
SSL certificate صادر شده (Let's Encrypt)
HTTPS کار می‌کند

Secrets & Security

Harbor robot account ساخته شده
Kubernetes secrets ایجاد شده
ArgoCD token ساخته شده
Woodpecker secrets تنظیم شده

Monitoring

Prometheus نصب شده (اختیاری)
Grafana پیکربندی شده (اختیاری)
Telegram/Slack notifications تنظیم شده

🧪 تست سریع

# Health check
curl https://peikarband.ir/ping
# Expected: {"status":"ok",...}

# Kubernetes pods
kubectl get pods -n peikarband
# Expected: 3 pods در حالت Running

# ArgoCD status
argocd app get peikarband
# Expected: Health Status: Healthy, Sync Status: Synced

# Logs
kubectl logs -f deployment/peikarband -n peikarband

📊 CI/CD Pipeline Flow

graph LR
    A[Git Push] --> B[Woodpecker CI]
    B --> C[Run Tests]
    C --> D[Build Docker Image]
    D --> E[Push to Harbor]
    E --> F[Update ArgoCD]
    F --> G[Deploy to K8s]
    G --> H[Health Check]
    H --> I[Notify Team]

Pipeline Stages:

Lint & Test (2-3 min)
- Python linting (flake8, black)
- Unit tests
- Integration tests
Security Scan (1-2 min)
- Dependency vulnerabilities
- Secret scanning
- Code security analysis
Build & Push (3-5 min)
- Docker build (multi-stage)
- Trivy security scan
- Push to Harbor
Deploy (2-3 min)
- Update ArgoCD app
- Kubernetes rolling update
- Health verification

Total Pipeline Time: ~10-15 minutes

🔧 دستورات مفید

Development

# Local development
make dev

# Run tests
make test

# Build Docker image
make docker-build

# Push to Harbor
make docker-login
make docker-push

Deployment

# Full deploy
make k8s-deploy

# Helm lint
make helm-lint

# Helm upgrade
make helm-upgrade

Monitoring

# Watch pods
kubectl get pods -n peikarband -w

# Tail logs
kubectl logs -f deployment/peikarband -n peikarband

# Port forward to app
kubectl port-forward svc/peikarband -n peikarband 8000:8000

# Describe deployment
kubectl describe deployment peikarband -n peikarband

Troubleshooting

# Pod details
kubectl describe pod POD_NAME -n peikarband

# Previous logs (if crashed)
kubectl logs POD_NAME -n peikarband --previous

# Execute in pod
kubectl exec -it POD_NAME -n peikarband -- /bin/bash

# Events
kubectl get events -n peikarband --sort-by='.lastTimestamp'

📞 Support

Documentation: docs/deployment/PRODUCTION_DEPLOYMENT.md
Issues: راهنمای کامل عیب‌یابی در مستندات
Team: support@peikarband.ir

🎯 Next Steps

بعد از دیپلوی موفق:

✅ تنظیم monitoring و alerting
✅ پیکربندی backup strategy
✅ تست load testing
✅ تنظیم CI/CD برای سایر برنچ‌ها
✅ مستندسازی runbooks

Happy Deploying! 🚀