feat: comprehensive project structure improvements and Cloud for Sovereignty landing zone

- Add Cloud for Sovereignty landing zone architecture and deployment - Implement complete legal document management system - Reorganize documentation with improved navigation - Add infrastructure improvements (Dockerfiles, K8s, monitoring) - Add operational improvements (graceful shutdown, rate limiting, caching) - Create comprehensive project structure documentation - Add Azure deployment automation scripts - Improve repository navigation and organization
2025-11-13 09:32:55 -08:00
parent 92cc41d26d
commit 6a8582e54d
202 changed files with 22699 additions and 981 deletions
--- a/services/identity/Dockerfile
+++ b/services/identity/Dockerfile
@@ -0,0 +1,49 @@
+FROM node:20-alpine AS builder
+
+WORKDIR /app
+
+# Copy package files
+COPY package.json pnpm-lock.yaml ./
+COPY packages/*/package.json ./packages/*/
+COPY services/identity/package.json ./services/identity/
+
+# Install pnpm
+RUN npm install -g pnpm
+
+# Install dependencies
+RUN pnpm install --frozen-lockfile
+
+# Copy source code
+COPY . .
+
+# Build
+RUN pnpm build --filter=@the-order/identity-service
+
+FROM node:20-alpine AS runner
+
+WORKDIR /app
+
+# Copy package files
+COPY package.json pnpm-lock.yaml ./
+COPY packages/*/package.json ./packages/*/
+COPY services/identity/package.json ./services/identity/
+
+# Install pnpm
+RUN npm install -g pnpm
+
+# Install production dependencies
+RUN pnpm install --frozen-lockfile --prod
+
+# Copy built files
+COPY --from=builder /app/services/identity/dist ./services/identity/dist
+COPY --from=builder /app/packages ./packages
+
+WORKDIR /app/services/identity
+
+EXPOSE 4002
+
+# Graceful shutdown signal handling
+STOPSIGNAL SIGTERM
+
+CMD ["node", "dist/index.js"]
+
--- a/services/identity/src/index.ts
+++ b/services/identity/src/index.ts
@@ -18,6 +18,8 @@ import {
  authenticateDID,
  requireRole,
  registerCredentialRateLimit,
+  setupGracefulShutdown,
+  createConnectionDrainer,
 } from '@the-order/shared';
 import { IssueVCSchema, VerifyVCSchema } from '@the-order/schemas';
 import { KMSClient } from '@the-order/crypto';
@@ -428,6 +430,13 @@ const start = async () => {
    const port = env.PORT || 4002;
    await server.listen({ port, host: '0.0.0.0' });
    logger.info({ port }, 'Identity service listening');
+
+    // Setup graceful shutdown
+    const pool = getPool({ connectionString: env.DATABASE_URL });
+    setupGracefulShutdown(server, {
+      timeout: 30000,
+      onShutdown: createConnectionDrainer(pool),
+    });
  } catch (err) {
    logger.error({ err }, 'Failed to start server');
    process.exit(1);