d-bis/the_order
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8649ad41242e8aa5e73c5a026a43ea7762b4db2e
the_order/docs/deployment/DEPLOYMENT_QUICK_REFERENCE.md
defiQUG 8649ad4124 feat: implement naming convention, deployment automation, and infrastructure updates 
- Add comprehensive naming convention (provider-region-resource-env-purpose)
- Implement Terraform locals for centralized naming
- Update all Terraform resources to use new naming convention
- Create deployment automation framework (18 phase scripts)
- Add Azure setup scripts (provider registration, quota checks)
- Update deployment scripts config with naming functions
- Create complete deployment documentation (guide, steps, quick reference)
- Add frontend portal implementations (public and internal)
- Add UI component library (18 components)
- Enhance Entra VerifiedID integration with file utilities
- Add API client package for all services
- Create comprehensive documentation (naming, deployment, next steps)

Infrastructure:
- Resource groups, storage accounts with new naming
- Terraform configuration updates
- Outputs with naming convention examples

Deployment:
- Automated deployment scripts for all 15 phases
- State management and logging
- Error handling and validation

Documentation:
- Naming convention guide and implementation summary
- Complete deployment guide (296 steps)
- Next steps and quick start guides
- Azure prerequisites and setup completion docs

Note: ESLint warnings present - will be addressed in follow-up commit
2025-11-12 08:22:51 -08:00

5.9 KiB
Raw Blame History

Deployment Quick Reference

Last Updated: 2025-01-27
Purpose: Quick command reference for deployment operations

Prerequisites Check

# Verify tools
node --version    # >= 18.0.0
pnpm --version    # >= 8.0.0
az --version      # Azure CLI
terraform --version  # >= 1.5.0
kubectl version   # Kubernetes CLI
docker --version  # Docker

# Verify Azure login
az account show

Phase 1: Prerequisites

# Clone and setup
git clone <repo-url> && cd the-order
git submodule update --init --recursive
pnpm install --frozen-lockfile
pnpm build

Phase 2: Azure Infrastructure

# Run setup scripts
./infra/scripts/azure-setup.sh
./infra/scripts/azure-register-providers.sh
./infra/scripts/azure-check-quotas.sh

# Terraform
cd infra/terraform
terraform init
terraform plan
terraform apply

Phase 3: Entra ID

# Configure in Azure Portal
# Then store secrets:
az keyvault secret set --vault-name <vault> --name "entra-tenant-id" --value "..."
az keyvault secret set --vault-name <vault> --name "entra-client-id" --value "..."
az keyvault secret set --vault-name <vault> --name "entra-client-secret" --value "..."
az keyvault secret set --vault-name <vault> --name "entra-credential-manifest-id" --value "..."

Phase 4: Database & Storage

# Create databases (via Azure Portal or CLI)
az postgres db create --resource-group <rg> --server-name <server> --name theorder_dev

# Create storage containers
az storage container create --name intake-documents --account-name <account>
az storage container create --name dataroom-deals --account-name <account>

Phase 5: Container Registry

# Login to ACR
az acr login --name <acr-name>

# Attach to AKS
az aks update -n <aks-name> -g <rg> --attach-acr <acr-name>

Phase 6: Build & Package

# Build packages
pnpm build

# Build and push images (after Dockerfiles created)
docker build -t <acr>.azurecr.io/identity:latest -f services/identity/Dockerfile .
docker push <acr>.azurecr.io/identity:latest

# Repeat for: intake, finance, dataroom, portal-public, portal-internal

Phase 7: Database Migrations

export DATABASE_URL="postgresql://user:pass@host:5432/theorder_dev"
pnpm --filter @the-order/database migrate up

Phase 8: Secrets

# Store all secrets in Azure Key Vault
az keyvault secret set --vault-name <vault> --name <secret-name> --value "<value>"

# Configure External Secrets Operator
kubectl apply -f https://external-secrets.io/latest/deploy/
# Then apply SecretStore and ExternalSecret resources

Phase 9: Infrastructure Services

# External Secrets
kubectl apply -f https://external-secrets.io/latest/deploy/

# Prometheus & Grafana
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm install prometheus prometheus-community/kube-prometheus-stack

Phase 10: Backend Services

# Get AKS credentials
az aks get-credentials --resource-group <rg> --name <aks-name>

# Deploy services
kubectl apply -k infra/k8s/overlays/dev

# Verify
kubectl get pods -n the-order-dev
kubectl logs -f <pod-name> -n the-order-dev

Phase 11: Frontend Apps

# Deploy portals
kubectl apply -f infra/k8s/base/portal-public/
kubectl apply -f infra/k8s/base/portal-internal/

# Verify
kubectl get pods -l app=portal-public -n the-order-dev

Phase 12: Networking

# Deploy ingress
helm install ingress-nginx ingress-nginx/ingress-nginx

# Apply ingress rules
kubectl apply -f infra/k8s/base/ingress.yaml

# Verify
kubectl get ingress -n the-order-dev

Phase 13: Monitoring

# Application Insights
az monitor app-insights component create --app the-order-dev --location westeurope -g <rg>

# Log Analytics
az monitor log-analytics workspace create --workspace-name the-order-dev-logs -g <rg>

Phase 14: Testing

# Health checks
kubectl get pods -n the-order-dev
for svc in identity intake finance dataroom; do
  kubectl port-forward svc/$svc <port>:<port> &
  curl http://localhost:<port>/health
done

# Integration tests
curl https://api.theorder.org/identity/health

Phase 15: Production

# Scale deployments
kubectl scale deployment identity --replicas=3 -n the-order-prod

# Apply production config
kubectl apply -k infra/k8s/overlays/prod

Common Operations

Check Deployment Status

kubectl get all -n the-order-dev
kubectl get pods -n the-order-dev
kubectl get svc -n the-order-dev
kubectl get ingress -n the-order-dev

View Logs

kubectl logs -f deployment/<service-name> -n the-order-dev
kubectl logs -f <pod-name> -n the-order-dev --tail=100

Port Forward for Testing

kubectl port-forward svc/identity 4002:4002
kubectl port-forward svc/portal-public 3000:3000

Restart Deployment

kubectl rollout restart deployment/<service-name> -n the-order-dev

Rollback

kubectl rollout undo deployment/<service-name> -n the-order-dev

Scale Services

kubectl scale deployment/<service-name> --replicas=3 -n the-order-dev

Troubleshooting

Pod Issues

kubectl describe pod <pod-name> -n the-order-dev
kubectl logs <pod-name> -n the-order-dev
kubectl exec -it <pod-name> -n the-order-dev -- /bin/sh

Service Issues

kubectl get endpoints <service-name> -n the-order-dev
kubectl describe svc <service-name> -n the-order-dev

Network Issues

kubectl get ingress -n the-order-dev
kubectl describe ingress <ingress-name> -n the-order-dev

Environment Variables

Key environment variables needed (store in Key Vault):

  • DATABASE_URL
  • ENTRA_TENANT_ID, ENTRA_CLIENT_ID, ENTRA_CLIENT_SECRET, ENTRA_CREDENTIAL_MANIFEST_ID
  • STORAGE_BUCKET, STORAGE_REGION
  • KMS_KEY_ID
  • JWT_SECRET
  • REDIS_URL
  • Service-specific variables

See DEPLOYMENT_GUIDE.md for detailed instructions.

Reference in New Issue View Git Blame Copy Permalink