af

.dockerignore

@@ -10,4 +10,7 @@ target/
 k8s/
 scripts/
 
-.github/
+.github/
+
+log/
+logs/

.github/workflows/push-image.yml

@@ -19,8 +19,7 @@ jobs:
           distribution: 'temurin'
       - name: Format with Gradle
         uses: gradle/gradle-build-action@bd5760595778326ba7f1441bcf7e88b49de61a25 # v2.6.0
-        with:
-          arguments: format
+        run: make checkformat
       - name: Setup
         run: make local-setup
       - name: Build with Gradle
@@ -50,8 +49,6 @@ jobs:
         run: docker login -u $DOCKER_USER -p $DOCKER_PASSWORD
       - name: Build the Docker image
         run: docker build . --file Dockerfile --tag ${{secrets.DOCKER_USER}}/template-service-java-springboot:latest
-      - name: Build the Fluentbit Docker image
-        run: docker build . --file Fluentbit-Dockerfile --tag ${{secrets.DOCKER_USER}}/template-service-java-springboot-fluentbit:latest
 #      - name: Prisma Cloud image scan
 #        id: scan
 #        uses: PaloAltoNetworks/[email protected]
@@ -69,6 +66,4 @@ jobs:
 #          pcc_pass: ${{ secrets.PCC_PASS }}
 #          image_name: template-service-java-springboot:latest
       - name: Docker Push To DockerHub
-        run: docker push ${{secrets.DOCKER_USER}}/template-service-java-springboot
-      - name: Docker Push Fluentbit To DockerHub
-        run: docker push ${{secrets.DOCKER_USER}}/template-service-java-springboot-fluentbit
+        run: docker push ${{secrets.DOCKER_USER}}/template-service-java-springboot

.gitignore

@@ -35,3 +35,7 @@ out/
 
 ### VS Code ###
 .vscode/
+
+## logs
+log/
+logs/

Makefile

@@ -5,12 +5,12 @@ define start-services
 	@docker compose -f compose.yaml up --force-recreate -d --remove-orphans sonar fluentbit db kafka kafdrop elasticsearch prometheus grafana telegraf influxdb keycloak
 endef
 
-define check
+define start-check
 	@docker compose -f sonar-compose.yaml up --force-recreate -d --remove-orphans sonar-db sonar
 endef
 
 define start-app
-	@docker compose -f compose.yaml up -d app
+	@docker compose -f compose.yaml up -d web worker
 endef
 
 define teardown
@@ -58,8 +58,12 @@ define k8s-delete-app
 endef
 
 define del-local-app
-    @docker stop template-service-java-springboot
-    @docker rm template-service-java-springboot
+    @docker stop template-service-java-springboot-worker
+    @docker stop template-service-java-springboot-web
+    @docker rm template-service-java-springboot-worker
+    @docker rm template-service-java-springboot-web
+    @docker image rm template-service-java-springboot
+    @docker image rm shubham01/template-service-java-springboot
 endef
 
 
@@ -79,6 +83,9 @@ help:
 	@echo "run-test: Run specific test"
 	@echo "############################"
 
+start-check:
+	$(call start-check)
+
 check:
 	./gradlew sonar
 
@@ -102,8 +109,11 @@ run-test:
 
 migrations:
 
+checkformat:
+	sudo ./gradlew checkformat
+
 format:
-	./gradlew format
+	sudo ./gradlew format
 
 install: setup
 
@@ -112,16 +122,17 @@ clean:
 	./gradlew clean
 
 build-local: clean
+	./gradlew build -x test
+
+build-local-test: clean
 	./gradlew build
 
 rm-images: clean
-	docker image rm shubham01/template-service-java-springboot-fluentbit
 	docker image rm shubham01/template-service-java-springboot
 	docker image rm template-service-java-springboot
 
 docker-build:
 	docker build -t shubham01/template-service-java-springboot:latest .
-	docker build -t shubham01/template-service-java-springboot-fluentbit:latest fluentbit
 
 build: clean build-local docker-build
 
@@ -132,7 +143,6 @@ run-local: build-local
 
 run: build
 	docker run -p 8080:8080 shubham01/template-service-java-springboot:latest --network="host"
-	docker run -p 24224:24224 shubham01/template-service-java-springboot-fluentbit:latest --network="host"
 
 k8s-apply:
 	$(call k8s-apply)
@@ -151,8 +161,12 @@ local-app-re: del-local-app local-app
 coverage:
 	./gradlew jacocoTestCoverageVerification
 
-tests:
+tests: local-setup
 	sudo ./gradlew test
+	make teardown
+
+pipeline-build: local-setup
+	./gradlew build
 
 # condb:
 #     mysql -h 127.0.0.1 -P 3306 -u test template-service-java-springboot -p

README.md

@@ -10,3 +10,154 @@ Simple application to demonstrate server sent events using Spring Boot.
 # Github Secrets
 DOCKER_USER
 DOCKER_PASSWORD
+
+# Setup
+### Local
+      make local-setup
+      make local-app
+
+# [API Documentation](http://localhost:8080/api/swagger-ui/index.html#/)
+
+
+# Tech Stack
+##### Code Repository
+- Github
+
+#### Configuration
+- AWS Param Store
+##### Secure Config
+- AWS KMS - Encryption keys
+- AWS Secret manager: Database keys
+
+(Alternative centralized Spring Config Server (git branch support), Vault for secured keys]
+
+#### Deployment
+- Github Action (format, build, sonarqube static code analysis, test, test coverage, create image, push image to registry)
+- Jfrog artifact code repository (Dependency repository with vulnerability check) (exploring)
+- AWS ECR - Image Repository
+- Prisma Cloud - Image Scan (exploring)
+- AWS Cloudformation (IaC)
+- AWS Codepipeline (Env - DEV, QA, Pre-Prod, Prod (full auto on approval in pre prod )) (Stages - Source (AutoTrigger on commit), setup infra, test, deploy, approve for next env (Manual))
+
+
+#### DNS
+- Route 53
+
+#### CDN
+- AWS Cloudfront
+
+#### DFS
+- AWS S3
+
+
+#### API Gateway
+- AWS API Gateway (Routing, Rate Limiting)
+
+
+##### Auth
+- OAuth2 Google with Role in IAM service for eahc email.  (RBAC Keycloak when allowing self registration)
+- AWS Lambda Authorizer
+
+
+#### VPC
+- VPC with private Subnet
+- VPC Link (connect AWS Api Gateway to ELB (on VPC with private subnet))
+
+
+#### Load Balancing
+- AWS ELB (ALB) - Round Robin
+
+#### Service Host - Stateless
+- AWS ECS (Auto Scaling on CPU (AWS Cloudwatch Alarm on CPU Metric))
+  (Alternative Kubernetes with Horizontal Pod Autoscaling (not clear on metrics collection in kubernetes))
+
+#### Programming Language
+- Java
+
+#### Framework
+- Spring Boot
+
+#### Circuit Breaker
+- Hystrix
+
+#### Event Sourcing
+- Eventuate (exploring)
+
+#### Transactional outbox with AWS DynamoDB backed Services
+- DynamoDB Stream
+- Kinesis (Dynamo event stream persisted here for more than 24 hours)
+- AWS Lambda (Consumer)
+- SNS
+
+#### Test
+- JaCoCo - Code Coverage
+- Mockito
+- Junit
+- Docker Compose
+
+#### Static code analysis
+- Sonarqube
+
+#### Firewall
+- AWS Security group
+
+#### Cache
+- AWS Elasticache (Redis)
+
+
+#### Databases
+- Postgres (AWS RDS (Multi AZ with Read Replica), RDS Proxy(ConnectionPool)) - Driver, Driver Onboard, Document, Order, OrderProduct, IAM, UserProfile
+- AWS DynamoDB - Blob, Background Verification, Shipment
+
+#### Queue
+- AWS SQS
+
+#### InterService Communication
+##### Synchronous
+- Rest API
+
+##### Asynchronous
+###### PubSub
+- AWS SNS
+
+#### Logging
+- FlunetBit (Sidecar/Daemon Set in Kubernetes)
+- AWS Cloudwatch Logs
+- AWS Opensearch
+
+#### Metrics & Alarms
+##### Push
+- FlunetBit (Sidecar/Daemon Set in Kubernetes)
+- AWS Cloudwatch Logs
+- AWS Cloudwatch Metrics - Dashboard, Alarms
+##### Pull
+- Prometheus, InfluxDB (when needed)
+
+#### Exception tracking & Error De-Duplication
+- Sentry
+
+#### Jump Host
+- AWS Session Manager
+
+#### Cron
+- AWS Eventbridge
+
+#### Analytic Report
+- eventbridge
+- sns
+- sqs
+- Schema - AWS Glue
+- job within service or aws emr
+- S3
+
+#### ServiceMesh
+Istio (With kubernetes, exploring)
+
+# High Level Design
+![HIghLevelDesign](https://github.com/shubhamv108/craft/assets/16763337/2c653f9a-59b1-4643-9ac8-62e117ab4441)
+
+
+# Images
+#### Generate Google OAuth2 Bearer Token
+![Screenshot from 2023-12-31 13-02-34](https://github.com/shubhamv108/craft/assets/16763337/a6f293dc-40d0-4712-bdf7-63839ab0bb75)
+