blockmine 1.24.0 → 1.27.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +76 -1
- package/README.en.md +427 -0
- package/README.md +40 -0
- package/backend/package.json +2 -2
- package/backend/prisma/migrations/20260328173000_add_plugin_source_ref/migration.sql +2 -0
- package/backend/prisma/migrations/migration_lock.toml +2 -2
- package/backend/prisma/schema.prisma +2 -0
- package/backend/src/ai/plugin-assistant-system-prompt.md +664 -5
- package/backend/src/api/routes/apiKeys.js +8 -0
- package/backend/src/api/routes/bots.js +271 -9
- package/backend/src/api/routes/eventGraphs.js +151 -1
- package/backend/src/api/routes/health.js +38 -0
- package/backend/src/api/routes/nodeRegistry.js +63 -0
- package/backend/src/api/routes/plugins.js +254 -29
- package/backend/src/api/routes/servers.js +14 -2
- package/backend/src/container.js +11 -8
- package/backend/src/core/BotCommandLoader.js +161 -0
- package/backend/src/core/BotConnection.js +125 -0
- package/backend/src/core/BotEventHandlers.js +234 -0
- package/backend/src/core/BotIPCHandler.js +445 -0
- package/backend/src/core/BotManager.js +15 -7
- package/backend/src/core/BotProcess.js +169 -140
- package/backend/src/core/EventGraphManager.js +7 -3
- package/backend/src/core/GraphDebugHandler.js +229 -0
- package/backend/src/core/GraphDebugIPC.js +117 -0
- package/backend/src/core/GraphExecutionEngine.js +545 -978
- package/backend/src/core/GraphTraversal.js +80 -0
- package/backend/src/core/GraphValidation.js +73 -0
- package/backend/src/core/NodeDefinition.js +138 -0
- package/backend/src/core/NodeRegistry.js +153 -141
- package/backend/src/core/PluginLoader.js +83 -3
- package/backend/src/core/PluginManager.js +346 -35
- package/backend/src/core/RewindSignal.js +9 -0
- package/backend/src/core/config/ConfigValidator.js +72 -0
- package/backend/src/core/config/FeatureFlags.js +52 -0
- package/backend/src/core/config/__tests__/ConfigValidator.test.js +232 -0
- package/backend/src/core/domain/entities/Bot.js +39 -0
- package/backend/src/core/domain/entities/Command.js +41 -0
- package/backend/src/core/domain/entities/EventGraph.js +39 -0
- package/backend/src/core/domain/entities/Plugin.js +45 -0
- package/backend/src/core/domain/entities/User.js +40 -0
- package/backend/src/core/domain/services/DependencyResolver.js +168 -0
- package/backend/src/core/domain/services/GraphValidator.js +117 -0
- package/backend/src/core/domain/services/PermissionChecker.js +34 -0
- package/backend/src/core/domain/services/__tests__/DependencyResolver.test.js +126 -0
- package/backend/src/core/domain/valueObjects/BotConfig.js +27 -0
- package/backend/src/core/domain/valueObjects/DependencyGraph.js +86 -0
- package/backend/src/core/domain/valueObjects/PluginManifest.js +36 -0
- package/backend/src/core/errors/BaseError.js +29 -0
- package/backend/src/core/errors/ErrorHandler.js +81 -0
- package/backend/src/core/errors/__tests__/ErrorHandler.test.js +188 -0
- package/backend/src/core/errors/index.js +68 -0
- package/backend/src/core/infrastructure/BatchingUtility.js +66 -0
- package/backend/src/core/infrastructure/CircuitBreaker.js +103 -0
- package/backend/src/core/infrastructure/ConnectionPool.js +81 -0
- package/backend/src/core/infrastructure/RateLimiter.js +64 -0
- package/backend/src/core/infrastructure/__tests__/BatchingUtility.test.js +86 -0
- package/backend/src/core/infrastructure/__tests__/CircuitBreaker.test.js +156 -0
- package/backend/src/core/infrastructure/__tests__/ConnectionPool.test.js +146 -0
- package/backend/src/core/infrastructure/__tests__/RateLimiter.test.js +171 -0
- package/backend/src/core/ipc/botApiFactory.js +72 -0
- package/backend/src/core/ipc/ipcMessageTypes.js +115 -0
- package/backend/src/core/logging/AuditLogger.js +61 -0
- package/backend/src/core/logging/StructuredLogger.js +80 -0
- package/backend/src/core/logging/__tests__/StructuredLogger.test.js +213 -0
- package/backend/src/core/logging/index.js +7 -0
- package/backend/src/core/metrics/MetricsCollector.js +104 -0
- package/backend/src/core/metrics/__tests__/MetricsCollector.test.js +131 -0
- package/backend/src/core/node-registries/actionsNodes.js +191 -0
- package/backend/src/core/node-registries/arraysNodes.js +152 -0
- package/backend/src/core/node-registries/botNodes.js +48 -0
- package/backend/src/core/node-registries/containerNodes.js +141 -0
- package/backend/src/core/node-registries/dataNodes.js +284 -0
- package/backend/src/core/node-registries/debugNodes.js +23 -0
- package/backend/src/core/node-registries/eventsNodes.js +223 -0
- package/backend/src/core/node-registries/flowNodes.js +151 -0
- package/backend/src/core/node-registries/furnaceNodes.js +123 -0
- package/backend/src/core/node-registries/index.js +108 -0
- package/backend/src/core/node-registries/inventory.js +102 -106
- package/backend/src/core/node-registries/logicNodes.js +54 -0
- package/backend/src/core/node-registries/mathNodes.js +38 -0
- package/backend/src/core/node-registries/navigationNodes.js +109 -0
- package/backend/src/core/node-registries/objectsNodes.js +90 -0
- package/backend/src/core/node-registries/stringsNodes.js +165 -0
- package/backend/src/core/node-registries/timeNodes.js +105 -0
- package/backend/src/core/node-registries/typeNodes.js +22 -0
- package/backend/src/core/node-registries/usersNodes.js +126 -0
- package/backend/src/core/nodes/arrays/shuffle.js +14 -0
- package/backend/src/core/nodes/bot/get_name.js +8 -0
- package/backend/src/core/nodes/bot/stop_bot.js +5 -0
- package/backend/src/core/nodes/container/open.js +101 -111
- package/backend/src/core/nodes/data/store_read.js +26 -0
- package/backend/src/core/nodes/data/store_write.js +23 -0
- package/backend/src/core/nodes/event/call_event.js +31 -0
- package/backend/src/core/nodes/event/custom_event.js +8 -0
- package/backend/src/core/nodes/flow/timer.js +35 -0
- package/backend/src/core/nodes/inventory/drop.js +73 -65
- package/backend/src/core/nodes/inventory/equip.js +54 -45
- package/backend/src/core/nodes/inventory/select_slot.js +48 -46
- package/backend/src/core/nodes/navigation/follow.js +54 -51
- package/backend/src/core/nodes/navigation/go_to.js +41 -53
- package/backend/src/core/nodes/navigation/go_to_entity.js +65 -69
- package/backend/src/core/nodes/navigation/go_to_player.js +65 -70
- package/backend/src/core/nodes/navigation/stop.js +17 -26
- package/backend/src/core/nodes/users/add_to_group.js +24 -0
- package/backend/src/core/nodes/users/check_permission.js +26 -0
- package/backend/src/core/nodes/users/remove_from_group.js +24 -0
- package/backend/src/core/services/BotIPCMessageRouter.js +337 -0
- package/backend/src/core/services/BotLifecycleService.js +43 -450
- package/backend/src/core/services/CacheManager.js +83 -23
- package/backend/src/core/services/CrashRestartManager.js +42 -0
- package/backend/src/core/services/DebugSessionManager.js +114 -12
- package/backend/src/core/services/EventGraphService.js +69 -0
- package/backend/src/core/services/MinecraftBotManager.js +9 -1
- package/backend/src/core/services/PluginManagementService.js +84 -0
- package/backend/src/core/services/TestModeContext.js +65 -0
- package/backend/src/core/services/__tests__/CacheManager.test.js +168 -0
- package/backend/src/core/services.js +1 -11
- package/backend/src/core/validation/InputValidator.js +167 -0
- package/backend/src/core/validation/__tests__/InputValidator.test.js +296 -0
- package/backend/src/real-time/botApi/index.js +1 -1
- package/backend/src/real-time/socketHandler.js +26 -0
- package/backend/src/server.js +21 -6
- package/frontend/dist/assets/browser-ponyfill-D8y0Ty7C.js +2 -0
- package/frontend/dist/assets/index-CFJLS0dk.css +32 -0
- package/frontend/dist/assets/index-D91UGNMG.js +11260 -0
- package/frontend/dist/flags/en.svg +32 -0
- package/frontend/dist/flags/ru.svg +5 -0
- package/frontend/dist/index.html +2 -2
- package/frontend/dist/locales/en/admin.json +100 -0
- package/frontend/dist/locales/en/api-keys.json +58 -0
- package/frontend/dist/locales/en/bots.json +113 -0
- package/frontend/dist/locales/en/common.json +53 -0
- package/frontend/dist/locales/en/configuration.json +22 -0
- package/frontend/dist/locales/en/console.json +10 -0
- package/frontend/dist/locales/en/dashboard.json +85 -0
- package/frontend/dist/locales/en/dialogs.json +70 -0
- package/frontend/dist/locales/en/event-graphs.json +50 -0
- package/frontend/dist/locales/en/graph-store.json +70 -0
- package/frontend/dist/locales/en/login.json +36 -0
- package/frontend/dist/locales/en/management.json +192 -0
- package/frontend/dist/locales/en/minecraft-viewer.json +27 -0
- package/frontend/dist/locales/en/nodes.json +1132 -0
- package/frontend/dist/locales/en/permissions.json +50 -0
- package/frontend/dist/locales/en/plugin-detail.json +69 -0
- package/frontend/dist/locales/en/plugins.json +329 -0
- package/frontend/dist/locales/en/proxies.json +81 -0
- package/frontend/dist/locales/en/servers.json +39 -0
- package/frontend/dist/locales/en/setup.json +19 -0
- package/frontend/dist/locales/en/sidebar.json +195 -0
- package/frontend/dist/locales/en/tasks.json +62 -0
- package/frontend/dist/locales/en/visual-editor.json +418 -0
- package/frontend/dist/locales/en/websocket.json +86 -0
- package/frontend/dist/locales/ru/admin.json +100 -0
- package/frontend/dist/locales/ru/api-keys.json +58 -0
- package/frontend/dist/locales/ru/bots.json +113 -0
- package/frontend/dist/locales/ru/common.json +49 -0
- package/frontend/dist/locales/ru/configuration.json +22 -0
- package/frontend/dist/locales/ru/console.json +10 -0
- package/frontend/dist/locales/ru/dashboard.json +85 -0
- package/frontend/dist/locales/ru/dialogs.json +70 -0
- package/frontend/dist/locales/ru/event-graphs.json +50 -0
- package/frontend/dist/locales/ru/graph-store.json +70 -0
- package/frontend/dist/locales/ru/login.json +36 -0
- package/frontend/dist/locales/ru/management.json +192 -0
- package/frontend/dist/locales/ru/minecraft-viewer.json +30 -0
- package/frontend/dist/locales/ru/nodes.json +1131 -0
- package/frontend/dist/locales/ru/permissions.json +50 -0
- package/frontend/dist/locales/ru/plugin-detail.json +49 -0
- package/frontend/dist/locales/ru/plugins.json +209 -0
- package/frontend/dist/locales/ru/proxies.json +81 -0
- package/frontend/dist/locales/ru/servers.json +39 -0
- package/frontend/dist/locales/ru/setup.json +19 -0
- package/frontend/dist/locales/ru/sidebar.json +195 -0
- package/frontend/dist/locales/ru/tasks.json +62 -0
- package/frontend/dist/locales/ru/visual-editor.json +420 -0
- package/frontend/dist/locales/ru/websocket.json +86 -0
- package/frontend/dist/monacoeditorwork/css.worker.bundle.js +7 -7
- package/frontend/dist/monacoeditorwork/html.worker.bundle.js +7 -7
- package/frontend/dist/monacoeditorwork/json.worker.bundle.js +7 -7
- package/frontend/dist/monacoeditorwork/ts.worker.bundle.js +3 -3
- package/frontend/package.json +6 -0
- package/nul +12 -0
- package/package.json +3 -3
- package/screen/3dviewer.png +0 -0
- package/screen/console.png +0 -0
- package/screen/dashboard.png +0 -0
- package/screen/graph_collabe.png +0 -0
- package/screen/graph_live_debug.png +0 -0
- package/screen/language_selector.png +0 -0
- package/screen/management_command.png +0 -0
- package/screen/node_debug_trace.png +0 -0
- package/screen/plugin_/320/276/320/261/320/267/320/276/321/200.png +0 -0
- package/screen/websocket.png +0 -0
- package/screen//320/275/320/260/321/201/321/202/321/200/320/276/320/271/320/272/320/270_/320/276/321/202/320/264/320/265/320/273/321/214/320/275/321/213/321/205_/320/272/320/276/320/274/320/260/320/275/320/264_/320/272/320/260/320/266/320/264/321/203_/320/272/320/276/320/274/320/260/320/275/320/273/320/264/321/203_/320/274/320/276/320/266/320/275/320/276_/320/275/320/260/321/201/321/202/321/200/320/260/320/270/320/262/320/260/321/202/321/214.png +0 -0
- package/screen//320/277/320/273/320/260/320/275/320/270/321/200/320/276/320/262/321/211/320/270/320/272_/320/274/320/276/320/266/320/275/320/276_/320/267/320/260/320/264/320/260/320/262/320/260/321/202/321/214_/320/264/320/265/320/271/321/201/321/202/320/262/320/270/321/217_/320/277/320/276_/320/262/321/200/320/265/320/274/320/265/320/275/320/270.png +0 -0
- package/.claude/agents/README.md +0 -469
- package/.claude/agents/auth-route-debugger.md +0 -118
- package/.claude/agents/auth-route-tester.md +0 -93
- package/.claude/agents/auto-error-resolver.md +0 -97
- package/.claude/agents/build-optimizer.md +0 -236
- package/.claude/agents/code-architect.md +0 -34
- package/.claude/agents/code-architecture-reviewer.md +0 -83
- package/.claude/agents/code-explorer.md +0 -51
- package/.claude/agents/code-refactor-master.md +0 -94
- package/.claude/agents/code-reviewer.md +0 -46
- package/.claude/agents/cost-optimizer.md +0 -134
- package/.claude/agents/deployment-orchestrator.md +0 -113
- package/.claude/agents/documentation-architect.md +0 -82
- package/.claude/agents/frontend-error-fixer.md +0 -77
- package/.claude/agents/iac-code-generator.md +0 -71
- package/.claude/agents/incident-responder.md +0 -346
- package/.claude/agents/infrastructure-architect.md +0 -31
- package/.claude/agents/kubernetes-specialist.md +0 -56
- package/.claude/agents/migration-planner.md +0 -181
- package/.claude/agents/network-architect.md +0 -196
- package/.claude/agents/plan-reviewer.md +0 -52
- package/.claude/agents/refactor-planner.md +0 -63
- package/.claude/agents/security-scanner.md +0 -102
- package/.claude/agents/web-research-specialist.md +0 -78
- package/.claude/commands/cost-analysis.md +0 -315
- package/.claude/commands/dev-docs-update.md +0 -55
- package/.claude/commands/dev-docs.md +0 -51
- package/.claude/commands/feature-dev.md +0 -125
- package/.claude/commands/incident-debug.md +0 -247
- package/.claude/commands/infra-plan.md +0 -81
- package/.claude/commands/migration-plan.md +0 -478
- package/.claude/commands/route-research-for-testing.md +0 -37
- package/.claude/commands/security-review.md +0 -66
- package/.claude/hooks/CONFIG.md +0 -448
- package/.claude/hooks/README.md +0 -163
- package/.claude/hooks/SKILL_ACTIVATION_COMPLETE.md +0 -226
- package/.claude/hooks/WINDOWS_HOOKS_README.md +0 -151
- package/.claude/hooks/add-skill-activation-banners.ts +0 -132
- package/.claude/hooks/comprehensive-skill-test.ts +0 -1315
- package/.claude/hooks/error-handling-reminder.sh +0 -12
- package/.claude/hooks/error-handling-reminder.ts +0 -222
- package/.claude/hooks/k8s-manifest-validator.sh +0 -56
- package/.claude/hooks/package-lock.json +0 -556
- package/.claude/hooks/package.json +0 -16
- package/.claude/hooks/post-tool-use-tracker.ps1 +0 -174
- package/.claude/hooks/post-tool-use-tracker.sh +0 -183
- package/.claude/hooks/security-policy-check.sh +0 -247
- package/.claude/hooks/skill-activation-prompt.ps1 +0 -10
- package/.claude/hooks/skill-activation-prompt.sh +0 -10
- package/.claude/hooks/skill-activation-prompt.ts +0 -141
- package/.claude/hooks/stop-build-check-enhanced.sh +0 -130
- package/.claude/hooks/terraform-validator.sh +0 -53
- package/.claude/hooks/test-input.json +0 -7
- package/.claude/hooks/test-skill-activation.ts +0 -427
- package/.claude/hooks/trigger-build-resolver.sh +0 -79
- package/.claude/hooks/tsc-check.sh +0 -173
- package/.claude/hooks/tsconfig.json +0 -19
- package/.claude/settings.json +0 -59
- package/.claude/settings.local.json +0 -67
- package/.claude/skills/README.md +0 -507
- package/.claude/skills/api-engineering/SKILL.md +0 -63
- package/.claude/skills/api-engineering/resources/api-versioning.md +0 -88
- package/.claude/skills/api-engineering/resources/graphql-patterns.md +0 -106
- package/.claude/skills/api-engineering/resources/rate-limiting.md +0 -118
- package/.claude/skills/api-engineering/resources/rest-api-design.md +0 -105
- package/.claude/skills/backend-dev-guidelines/SKILL.md +0 -306
- package/.claude/skills/backend-dev-guidelines/resources/architecture-overview.md +0 -451
- package/.claude/skills/backend-dev-guidelines/resources/async-and-errors.md +0 -307
- package/.claude/skills/backend-dev-guidelines/resources/complete-examples.md +0 -638
- package/.claude/skills/backend-dev-guidelines/resources/configuration.md +0 -275
- package/.claude/skills/backend-dev-guidelines/resources/database-patterns.md +0 -224
- package/.claude/skills/backend-dev-guidelines/resources/middleware-guide.md +0 -213
- package/.claude/skills/backend-dev-guidelines/resources/routing-and-controllers.md +0 -756
- package/.claude/skills/backend-dev-guidelines/resources/sentry-and-monitoring.md +0 -336
- package/.claude/skills/backend-dev-guidelines/resources/services-and-repositories.md +0 -789
- package/.claude/skills/backend-dev-guidelines/resources/testing-guide.md +0 -235
- package/.claude/skills/backend-dev-guidelines/resources/validation-patterns.md +0 -754
- package/.claude/skills/budget-and-cost-management/SKILL.md +0 -850
- package/.claude/skills/build-engineering/SKILL.md +0 -431
- package/.claude/skills/build-engineering/resources/artifact-repositories.md +0 -72
- package/.claude/skills/build-engineering/resources/build-caching.md +0 -96
- package/.claude/skills/build-engineering/resources/build-pipelines.md +0 -105
- package/.claude/skills/build-engineering/resources/build-security.md +0 -95
- package/.claude/skills/build-engineering/resources/build-systems.md +0 -389
- package/.claude/skills/build-engineering/resources/compilation-optimization.md +0 -201
- package/.claude/skills/build-engineering/resources/dependency-management.md +0 -73
- package/.claude/skills/build-engineering/resources/monorepo-builds.md +0 -110
- package/.claude/skills/build-engineering/resources/performance-optimization.md +0 -113
- package/.claude/skills/build-engineering/resources/reproducible-builds.md +0 -82
- package/.claude/skills/cloud-engineering/SKILL.md +0 -675
- package/.claude/skills/cloud-engineering/resources/aws-patterns.md +0 -742
- package/.claude/skills/cloud-engineering/resources/azure-patterns.md +0 -714
- package/.claude/skills/cloud-engineering/resources/cleared-cloud-environments.md +0 -987
- package/.claude/skills/cloud-engineering/resources/cloud-cost-optimization.md +0 -757
- package/.claude/skills/cloud-engineering/resources/cloud-networking.md +0 -1058
- package/.claude/skills/cloud-engineering/resources/cloud-security-tools.md +0 -1530
- package/.claude/skills/cloud-engineering/resources/cloud-security.md +0 -990
- package/.claude/skills/cloud-engineering/resources/gcp-patterns.md +0 -758
- package/.claude/skills/cloud-engineering/resources/migration-strategies.md +0 -820
- package/.claude/skills/cloud-engineering/resources/multi-cloud-strategies.md +0 -670
- package/.claude/skills/cloud-engineering/resources/oci-patterns.md +0 -1198
- package/.claude/skills/cloud-engineering/resources/serverless-patterns.md +0 -795
- package/.claude/skills/cloud-engineering/resources/well-architected-frameworks.md +0 -966
- package/.claude/skills/cybersecurity/SKILL.md +0 -409
- package/.claude/skills/cybersecurity/resources/security-architecture.md +0 -266
- package/.claude/skills/database-engineering/SKILL.md +0 -61
- package/.claude/skills/database-engineering/resources/backup-and-recovery.md +0 -72
- package/.claude/skills/database-engineering/resources/database-replication.md +0 -63
- package/.claude/skills/database-engineering/resources/postgresql-fundamentals.md +0 -70
- package/.claude/skills/database-engineering/resources/query-optimization.md +0 -68
- package/.claude/skills/devsecops/SKILL.md +0 -374
- package/.claude/skills/devsecops/resources/ci-cd-security.md +0 -204
- package/.claude/skills/devsecops/resources/compliance-automation.md +0 -530
- package/.claude/skills/devsecops/resources/compliance-frameworks.md +0 -2322
- package/.claude/skills/devsecops/resources/container-security.md +0 -915
- package/.claude/skills/devsecops/resources/cspm-integration.md +0 -1440
- package/.claude/skills/devsecops/resources/policy-enforcement.md +0 -619
- package/.claude/skills/devsecops/resources/secrets-management.md +0 -755
- package/.claude/skills/devsecops/resources/security-monitoring.md +0 -146
- package/.claude/skills/devsecops/resources/security-scanning.md +0 -887
- package/.claude/skills/devsecops/resources/security-testing.md +0 -203
- package/.claude/skills/devsecops/resources/supply-chain-security.md +0 -518
- package/.claude/skills/devsecops/resources/vulnerability-management.md +0 -481
- package/.claude/skills/devsecops/resources/zero-trust-architecture.md +0 -177
- package/.claude/skills/documentation-as-code/SKILL.md +0 -323
- package/.claude/skills/documentation-as-code/resources/api-documentation.md +0 -90
- package/.claude/skills/documentation-as-code/resources/changelog-management.md +0 -79
- package/.claude/skills/documentation-as-code/resources/diagram-generation.md +0 -44
- package/.claude/skills/documentation-as-code/resources/docs-as-code-workflow.md +0 -99
- package/.claude/skills/documentation-as-code/resources/documentation-automation.md +0 -68
- package/.claude/skills/documentation-as-code/resources/documentation-sites.md +0 -79
- package/.claude/skills/documentation-as-code/resources/markdown-best-practices.md +0 -162
- package/.claude/skills/documentation-as-code/resources/openapi-specification.md +0 -77
- package/.claude/skills/documentation-as-code/resources/readme-engineering.md +0 -60
- package/.claude/skills/documentation-as-code/resources/technical-writing-guide.md +0 -202
- package/.claude/skills/engineering-management/SKILL.md +0 -356
- package/.claude/skills/engineering-management/resources/career-ladders.md +0 -609
- package/.claude/skills/engineering-management/resources/hiring-and-assessment.md +0 -555
- package/.claude/skills/engineering-management/resources/one-on-one-guides.md +0 -609
- package/.claude/skills/engineering-management/resources/resource-planning.md +0 -557
- package/.claude/skills/engineering-management/resources/team-organization-patterns.md +0 -491
- package/.claude/skills/engineering-management/resources/technical-interviews.md +0 -474
- package/.claude/skills/engineering-operations-management/SKILL.md +0 -817
- package/.claude/skills/error-tracking/SKILL.md +0 -379
- package/.claude/skills/frontend-design/SKILL.md +0 -42
- package/.claude/skills/frontend-dev-guidelines/SKILL.md +0 -403
- package/.claude/skills/frontend-dev-guidelines/resources/common-patterns.md +0 -331
- package/.claude/skills/frontend-dev-guidelines/resources/complete-examples.md +0 -872
- package/.claude/skills/frontend-dev-guidelines/resources/component-patterns.md +0 -502
- package/.claude/skills/frontend-dev-guidelines/resources/data-fetching.md +0 -767
- package/.claude/skills/frontend-dev-guidelines/resources/file-organization.md +0 -502
- package/.claude/skills/frontend-dev-guidelines/resources/loading-and-error-states.md +0 -501
- package/.claude/skills/frontend-dev-guidelines/resources/performance.md +0 -406
- package/.claude/skills/frontend-dev-guidelines/resources/routing-guide.md +0 -364
- package/.claude/skills/frontend-dev-guidelines/resources/styling-guide.md +0 -428
- package/.claude/skills/frontend-dev-guidelines/resources/typescript-standards.md +0 -418
- package/.claude/skills/general-it-engineering/SKILL.md +0 -393
- package/.claude/skills/general-it-engineering/resources/asset-management.md +0 -712
- package/.claude/skills/general-it-engineering/resources/automation-orchestration.md +0 -817
- package/.claude/skills/general-it-engineering/resources/business-continuity.md +0 -786
- package/.claude/skills/general-it-engineering/resources/change-management.md +0 -715
- package/.claude/skills/general-it-engineering/resources/enterprise-monitoring.md +0 -729
- package/.claude/skills/general-it-engineering/resources/help-desk-operations.md +0 -738
- package/.claude/skills/general-it-engineering/resources/incident-service-management.md +0 -834
- package/.claude/skills/general-it-engineering/resources/it-governance.md +0 -753
- package/.claude/skills/general-it-engineering/resources/itil-framework.md +0 -503
- package/.claude/skills/general-it-engineering/resources/service-management.md +0 -669
- package/.claude/skills/infrastructure-architecture/SKILL.md +0 -328
- package/.claude/skills/infrastructure-architecture/resources/architecture-decision-records.md +0 -505
- package/.claude/skills/infrastructure-architecture/resources/architecture-patterns.md +0 -528
- package/.claude/skills/infrastructure-architecture/resources/capacity-planning.md +0 -453
- package/.claude/skills/infrastructure-architecture/resources/cleared-environment-architecture.md +0 -773
- package/.claude/skills/infrastructure-architecture/resources/cost-architecture.md +0 -499
- package/.claude/skills/infrastructure-architecture/resources/data-architecture.md +0 -501
- package/.claude/skills/infrastructure-architecture/resources/disaster-recovery.md +0 -535
- package/.claude/skills/infrastructure-architecture/resources/migration-architecture.md +0 -512
- package/.claude/skills/infrastructure-architecture/resources/multi-region-design.md +0 -608
- package/.claude/skills/infrastructure-architecture/resources/reference-architectures.md +0 -562
- package/.claude/skills/infrastructure-architecture/resources/security-architecture.md +0 -538
- package/.claude/skills/infrastructure-architecture/resources/system-design-principles.md +0 -489
- package/.claude/skills/infrastructure-architecture/resources/workload-classification.md +0 -1000
- package/.claude/skills/infrastructure-strategy/SKILL.md +0 -924
- package/.claude/skills/network-engineering/SKILL.md +0 -385
- package/.claude/skills/network-engineering/resources/dns-management.md +0 -738
- package/.claude/skills/network-engineering/resources/load-balancing.md +0 -820
- package/.claude/skills/network-engineering/resources/network-architecture.md +0 -546
- package/.claude/skills/network-engineering/resources/network-security.md +0 -921
- package/.claude/skills/network-engineering/resources/network-troubleshooting.md +0 -749
- package/.claude/skills/network-engineering/resources/routing-switching.md +0 -373
- package/.claude/skills/network-engineering/resources/sdn-networking.md +0 -695
- package/.claude/skills/network-engineering/resources/service-mesh-networking.md +0 -777
- package/.claude/skills/network-engineering/resources/tcp-ip-protocols.md +0 -444
- package/.claude/skills/network-engineering/resources/vpn-connectivity.md +0 -672
- package/.claude/skills/node-development/SKILL.md +0 -317
- package/.claude/skills/observability-engineering/SKILL.md +0 -101
- package/.claude/skills/observability-engineering/resources/apm-tools.md +0 -97
- package/.claude/skills/observability-engineering/resources/correlation-strategies.md +0 -87
- package/.claude/skills/observability-engineering/resources/distributed-tracing.md +0 -98
- package/.claude/skills/observability-engineering/resources/logs-aggregation.md +0 -118
- package/.claude/skills/observability-engineering/resources/observability-cost-optimization.md +0 -141
- package/.claude/skills/observability-engineering/resources/opentelemetry.md +0 -110
- package/.claude/skills/platform-engineering/SKILL.md +0 -555
- package/.claude/skills/platform-engineering/resources/architecture-overview.md +0 -600
- package/.claude/skills/platform-engineering/resources/container-orchestration.md +0 -916
- package/.claude/skills/platform-engineering/resources/cost-optimization.md +0 -634
- package/.claude/skills/platform-engineering/resources/developer-platforms.md +0 -670
- package/.claude/skills/platform-engineering/resources/gitops-automation.md +0 -650
- package/.claude/skills/platform-engineering/resources/infrastructure-as-code.md +0 -778
- package/.claude/skills/platform-engineering/resources/infrastructure-standards.md +0 -708
- package/.claude/skills/platform-engineering/resources/multi-tenancy.md +0 -602
- package/.claude/skills/platform-engineering/resources/platform-security.md +0 -711
- package/.claude/skills/platform-engineering/resources/resource-management.md +0 -592
- package/.claude/skills/platform-engineering/resources/service-mesh.md +0 -628
- package/.claude/skills/release-engineering/SKILL.md +0 -393
- package/.claude/skills/release-engineering/resources/artifact-management.md +0 -108
- package/.claude/skills/release-engineering/resources/build-optimization.md +0 -84
- package/.claude/skills/release-engineering/resources/ci-cd-pipelines.md +0 -411
- package/.claude/skills/release-engineering/resources/deployment-strategies.md +0 -197
- package/.claude/skills/release-engineering/resources/pipeline-security.md +0 -62
- package/.claude/skills/release-engineering/resources/progressive-delivery.md +0 -83
- package/.claude/skills/release-engineering/resources/release-automation.md +0 -68
- package/.claude/skills/release-engineering/resources/release-orchestration.md +0 -77
- package/.claude/skills/release-engineering/resources/rollback-strategies.md +0 -66
- package/.claude/skills/release-engineering/resources/versioning-strategies.md +0 -59
- package/.claude/skills/route-tester/SKILL.md +0 -392
- package/.claude/skills/skill-developer/ADVANCED.md +0 -197
- package/.claude/skills/skill-developer/HOOK_MECHANISMS.md +0 -306
- package/.claude/skills/skill-developer/PATTERNS_LIBRARY.md +0 -152
- package/.claude/skills/skill-developer/SKILL.md +0 -430
- package/.claude/skills/skill-developer/SKILL_RULES_REFERENCE.md +0 -315
- package/.claude/skills/skill-developer/TRIGGER_TYPES.md +0 -305
- package/.claude/skills/skill-developer/TROUBLESHOOTING.md +0 -514
- package/.claude/skills/skill-rules.json +0 -2989
- package/.claude/skills/sre/SKILL.md +0 -464
- package/.claude/skills/sre/resources/alerting-best-practices.md +0 -282
- package/.claude/skills/sre/resources/capacity-planning.md +0 -226
- package/.claude/skills/sre/resources/chaos-engineering.md +0 -193
- package/.claude/skills/sre/resources/disaster-recovery.md +0 -232
- package/.claude/skills/sre/resources/incident-management.md +0 -436
- package/.claude/skills/sre/resources/observability-stack.md +0 -240
- package/.claude/skills/sre/resources/on-call-runbooks.md +0 -167
- package/.claude/skills/sre/resources/performance-optimization.md +0 -108
- package/.claude/skills/sre/resources/reliability-patterns.md +0 -183
- package/.claude/skills/sre/resources/slo-sli-sla.md +0 -464
- package/.claude/skills/sre/resources/toil-reduction.md +0 -145
- package/.claude/skills/systems-engineering/SKILL.md +0 -648
- package/.claude/skills/systems-engineering/resources/automation-patterns.md +0 -771
- package/.claude/skills/systems-engineering/resources/configuration-management.md +0 -998
- package/.claude/skills/systems-engineering/resources/linux-administration.md +0 -672
- package/.claude/skills/systems-engineering/resources/networking-fundamentals.md +0 -982
- package/.claude/skills/systems-engineering/resources/performance-tuning.md +0 -871
- package/.claude/skills/systems-engineering/resources/powershell-scripting.md +0 -482
- package/.claude/skills/systems-engineering/resources/security-hardening.md +0 -739
- package/.claude/skills/systems-engineering/resources/shell-scripting.md +0 -915
- package/.claude/skills/systems-engineering/resources/storage-management.md +0 -628
- package/.claude/skills/systems-engineering/resources/system-monitoring.md +0 -787
- package/.claude/skills/systems-engineering/resources/troubleshooting-guide.md +0 -753
- package/.claude/skills/systems-engineering/resources/windows-administration.md +0 -738
- package/.claude/skills/technical-leadership/SKILL.md +0 -728
- package/backend/docs/SECRETS_DOCUMENTATION.md +0 -327
- package/backend/package-lock.json +0 -6801
- package/backend/src/core/node-registries/actions.js +0 -202
- package/backend/src/core/node-registries/arrays.js +0 -155
- package/backend/src/core/node-registries/bot.js +0 -23
- package/backend/src/core/node-registries/container.js +0 -162
- package/backend/src/core/node-registries/data.js +0 -290
- package/backend/src/core/node-registries/debug.js +0 -26
- package/backend/src/core/node-registries/events.js +0 -201
- package/backend/src/core/node-registries/flow.js +0 -139
- package/backend/src/core/node-registries/furnace.js +0 -143
- package/backend/src/core/node-registries/logic.js +0 -62
- package/backend/src/core/node-registries/math.js +0 -42
- package/backend/src/core/node-registries/navigation.js +0 -111
- package/backend/src/core/node-registries/objects.js +0 -98
- package/backend/src/core/node-registries/strings.js +0 -187
- package/backend/src/core/node-registries/time.js +0 -113
- package/backend/src/core/node-registries/type.js +0 -25
- package/backend/src/core/node-registries/users.js +0 -79
- package/frontend/dist/assets/index-BC-NbKXi.css +0 -32
- package/frontend/dist/assets/index-DqJXZMHY.js +0 -11266
|
@@ -1,411 +0,0 @@
|
|
|
1
|
-
# CI/CD Pipelines
|
|
2
|
-
|
|
3
|
-
Pipeline design, GitHub Actions, GitLab CI, Jenkins, Azure DevOps, and CI/CD best practices.
|
|
4
|
-
|
|
5
|
-
## Table of Contents
|
|
6
|
-
|
|
7
|
-
- [Pipeline Design](#pipeline-design)
|
|
8
|
-
- [GitHub Actions](#github-actions)
|
|
9
|
-
- [GitLab CI](#gitlab-ci)
|
|
10
|
-
- [Jenkins](#jenkins)
|
|
11
|
-
- [Best Practices](#best-practices)
|
|
12
|
-
|
|
13
|
-
## Pipeline Design
|
|
14
|
-
|
|
15
|
-
**Standard Pipeline Stages:**
|
|
16
|
-
```
|
|
17
|
-
Source → Build → Test → Package → Deploy → Verify
|
|
18
|
-
```
|
|
19
|
-
|
|
20
|
-
**Detailed Flow:**
|
|
21
|
-
```yaml
|
|
22
|
-
stages:
|
|
23
|
-
checkout:
|
|
24
|
-
- Clone repository
|
|
25
|
-
- Checkout branch
|
|
26
|
-
- Fetch dependencies metadata
|
|
27
|
-
|
|
28
|
-
build:
|
|
29
|
-
- Install dependencies
|
|
30
|
-
- Compile code
|
|
31
|
-
- Run linters
|
|
32
|
-
- Static analysis
|
|
33
|
-
|
|
34
|
-
test:
|
|
35
|
-
- Unit tests
|
|
36
|
-
- Integration tests
|
|
37
|
-
- Coverage report
|
|
38
|
-
- Security scan
|
|
39
|
-
|
|
40
|
-
package:
|
|
41
|
-
- Build artifacts
|
|
42
|
-
- Create container image
|
|
43
|
-
- Scan image
|
|
44
|
-
- Sign artifacts
|
|
45
|
-
|
|
46
|
-
deploy:
|
|
47
|
-
- Deploy to staging
|
|
48
|
-
- Run smoke tests
|
|
49
|
-
- Deploy to production (manual approval)
|
|
50
|
-
|
|
51
|
-
verify:
|
|
52
|
-
- Health checks
|
|
53
|
-
- Integration tests in prod
|
|
54
|
-
- Monitor metrics
|
|
55
|
-
```
|
|
56
|
-
|
|
57
|
-
## GitHub Actions
|
|
58
|
-
|
|
59
|
-
**Complete Workflow:**
|
|
60
|
-
```yaml
|
|
61
|
-
name: CI/CD
|
|
62
|
-
|
|
63
|
-
on:
|
|
64
|
-
push:
|
|
65
|
-
branches: [main, develop]
|
|
66
|
-
tags: ['v*']
|
|
67
|
-
pull_request:
|
|
68
|
-
branches: [main]
|
|
69
|
-
|
|
70
|
-
env:
|
|
71
|
-
REGISTRY: ghcr.io
|
|
72
|
-
IMAGE_NAME: ${{ github.repository }}
|
|
73
|
-
|
|
74
|
-
jobs:
|
|
75
|
-
test:
|
|
76
|
-
runs-on: ubuntu-latest
|
|
77
|
-
steps:
|
|
78
|
-
- uses: actions/checkout@v3
|
|
79
|
-
|
|
80
|
-
- uses: actions/setup-node@v3
|
|
81
|
-
with:
|
|
82
|
-
node-version: '20'
|
|
83
|
-
cache: 'npm'
|
|
84
|
-
|
|
85
|
-
- run: npm ci
|
|
86
|
-
- run: npm run lint
|
|
87
|
-
- run: npm test
|
|
88
|
-
- run: npm run build
|
|
89
|
-
|
|
90
|
-
- name: Upload coverage
|
|
91
|
-
uses: codecov/codecov-action@v3
|
|
92
|
-
|
|
93
|
-
build-push:
|
|
94
|
-
needs: test
|
|
95
|
-
if: github.event_name == 'push'
|
|
96
|
-
runs-on: ubuntu-latest
|
|
97
|
-
permissions:
|
|
98
|
-
contents: read
|
|
99
|
-
packages: write
|
|
100
|
-
outputs:
|
|
101
|
-
version: ${{ steps.meta.outputs.version }}
|
|
102
|
-
tags: ${{ steps.meta.outputs.tags }}
|
|
103
|
-
steps:
|
|
104
|
-
- uses: actions/checkout@v3
|
|
105
|
-
|
|
106
|
-
- name: Docker meta
|
|
107
|
-
id: meta
|
|
108
|
-
uses: docker/metadata-action@v4
|
|
109
|
-
with:
|
|
110
|
-
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
|
111
|
-
tags: |
|
|
112
|
-
type=ref,event=branch
|
|
113
|
-
type=semver,pattern={{version}}
|
|
114
|
-
type=semver,pattern={{major}}.{{minor}}
|
|
115
|
-
type=sha,prefix={{branch}}-
|
|
116
|
-
|
|
117
|
-
- name: Login to registry
|
|
118
|
-
uses: docker/login-action@v2
|
|
119
|
-
with:
|
|
120
|
-
registry: ${{ env.REGISTRY }}
|
|
121
|
-
username: ${{ github.actor }}
|
|
122
|
-
password: ${{ secrets.GITHUB_TOKEN }}
|
|
123
|
-
|
|
124
|
-
- name: Build and push
|
|
125
|
-
uses: docker/build-push-action@v4
|
|
126
|
-
with:
|
|
127
|
-
context: .
|
|
128
|
-
push: true
|
|
129
|
-
tags: ${{ steps.meta.outputs.tags }}
|
|
130
|
-
labels: ${{ steps.meta.outputs.labels }}
|
|
131
|
-
cache-from: type=gha
|
|
132
|
-
cache-to: type=gha,mode=max
|
|
133
|
-
|
|
134
|
-
deploy-staging:
|
|
135
|
-
needs: build-push
|
|
136
|
-
if: github.ref == 'refs/heads/develop'
|
|
137
|
-
runs-on: ubuntu-latest
|
|
138
|
-
environment: staging
|
|
139
|
-
steps:
|
|
140
|
-
- name: Deploy to staging
|
|
141
|
-
run: |
|
|
142
|
-
kubectl set image deployment/myapp \
|
|
143
|
-
app=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.build-push.outputs.version }} \
|
|
144
|
-
--namespace=staging
|
|
145
|
-
|
|
146
|
-
- name: Verify deployment
|
|
147
|
-
run: |
|
|
148
|
-
kubectl rollout status deployment/myapp -n staging
|
|
149
|
-
kubectl wait --for=condition=available --timeout=5m deployment/myapp -n staging
|
|
150
|
-
|
|
151
|
-
deploy-production:
|
|
152
|
-
needs: build-push
|
|
153
|
-
if: startsWith(github.ref, 'refs/tags/v')
|
|
154
|
-
runs-on: ubuntu-latest
|
|
155
|
-
environment: production
|
|
156
|
-
steps:
|
|
157
|
-
- name: Deploy to production
|
|
158
|
-
run: |
|
|
159
|
-
kubectl set image deployment/myapp \
|
|
160
|
-
app=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.build-push.outputs.version }} \
|
|
161
|
-
--namespace=production
|
|
162
|
-
|
|
163
|
-
- name: Verify deployment
|
|
164
|
-
run: kubectl rollout status deployment/myapp -n production
|
|
165
|
-
|
|
166
|
-
- name: Create GitHub release
|
|
167
|
-
uses: softprops/action-gh-release@v1
|
|
168
|
-
with:
|
|
169
|
-
generate_release_notes: true
|
|
170
|
-
```
|
|
171
|
-
|
|
172
|
-
## GitLab CI
|
|
173
|
-
|
|
174
|
-
```yaml
|
|
175
|
-
# .gitlab-ci.yml
|
|
176
|
-
stages:
|
|
177
|
-
- build
|
|
178
|
-
- test
|
|
179
|
-
- package
|
|
180
|
-
- deploy
|
|
181
|
-
|
|
182
|
-
variables:
|
|
183
|
-
DOCKER_DRIVER: overlay2
|
|
184
|
-
DOCKER_TLS_CERTDIR: ""
|
|
185
|
-
|
|
186
|
-
before_script:
|
|
187
|
-
- echo "Pipeline starting"
|
|
188
|
-
|
|
189
|
-
build:
|
|
190
|
-
stage: build
|
|
191
|
-
image: node:20
|
|
192
|
-
script:
|
|
193
|
-
- npm ci
|
|
194
|
-
- npm run build
|
|
195
|
-
artifacts:
|
|
196
|
-
paths:
|
|
197
|
-
- dist/
|
|
198
|
-
expire_in: 1 hour
|
|
199
|
-
cache:
|
|
200
|
-
paths:
|
|
201
|
-
- node_modules/
|
|
202
|
-
|
|
203
|
-
test:unit:
|
|
204
|
-
stage: test
|
|
205
|
-
image: node:20
|
|
206
|
-
script:
|
|
207
|
-
- npm ci
|
|
208
|
-
- npm test
|
|
209
|
-
coverage: '/Coverage: \d+\.\d+%/'
|
|
210
|
-
|
|
211
|
-
test:lint:
|
|
212
|
-
stage: test
|
|
213
|
-
image: node:20
|
|
214
|
-
script:
|
|
215
|
-
- npm ci
|
|
216
|
-
- npm run lint
|
|
217
|
-
|
|
218
|
-
package:
|
|
219
|
-
stage: package
|
|
220
|
-
image: docker:latest
|
|
221
|
-
services:
|
|
222
|
-
- docker:dind
|
|
223
|
-
script:
|
|
224
|
-
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
|
225
|
-
- docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA .
|
|
226
|
-
- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
|
|
227
|
-
- docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest
|
|
228
|
-
- docker push $CI_REGISTRY_IMAGE:latest
|
|
229
|
-
only:
|
|
230
|
-
- main
|
|
231
|
-
- develop
|
|
232
|
-
|
|
233
|
-
deploy:staging:
|
|
234
|
-
stage: deploy
|
|
235
|
-
image: bitnami/kubectl:latest
|
|
236
|
-
script:
|
|
237
|
-
- kubectl config use-context $KUBE_CONTEXT
|
|
238
|
-
- kubectl set image deployment/myapp app=$CI_REGISTRY_IMAGE:$CI_COMMIT_SHA -n staging
|
|
239
|
-
- kubectl rollout status deployment/myapp -n staging
|
|
240
|
-
environment:
|
|
241
|
-
name: staging
|
|
242
|
-
url: https://staging.example.com
|
|
243
|
-
only:
|
|
244
|
-
- develop
|
|
245
|
-
|
|
246
|
-
deploy:production:
|
|
247
|
-
stage: deploy
|
|
248
|
-
image: bitnami/kubectl:latest
|
|
249
|
-
script:
|
|
250
|
-
- kubectl config use-context $KUBE_CONTEXT
|
|
251
|
-
- kubectl set image deployment/myapp app=$CI_REGISTRY_IMAGE:$CI_COMMIT_SHA -n production
|
|
252
|
-
- kubectl rollout status deployment/myapp -n production
|
|
253
|
-
environment:
|
|
254
|
-
name: production
|
|
255
|
-
url: https://example.com
|
|
256
|
-
when: manual
|
|
257
|
-
only:
|
|
258
|
-
- main
|
|
259
|
-
- tags
|
|
260
|
-
```
|
|
261
|
-
|
|
262
|
-
## Jenkins
|
|
263
|
-
|
|
264
|
-
**Jenkinsfile (Declarative):**
|
|
265
|
-
```groovy
|
|
266
|
-
pipeline {
|
|
267
|
-
agent any
|
|
268
|
-
|
|
269
|
-
environment {
|
|
270
|
-
DOCKER_REGISTRY = 'registry.example.com'
|
|
271
|
-
IMAGE_NAME = 'myapp'
|
|
272
|
-
KUBECONFIG = credentials('kubeconfig')
|
|
273
|
-
}
|
|
274
|
-
|
|
275
|
-
stages {
|
|
276
|
-
stage('Checkout') {
|
|
277
|
-
steps {
|
|
278
|
-
checkout scm
|
|
279
|
-
}
|
|
280
|
-
}
|
|
281
|
-
|
|
282
|
-
stage('Build') {
|
|
283
|
-
steps {
|
|
284
|
-
sh 'npm ci'
|
|
285
|
-
sh 'npm run build'
|
|
286
|
-
}
|
|
287
|
-
}
|
|
288
|
-
|
|
289
|
-
stage('Test') {
|
|
290
|
-
parallel {
|
|
291
|
-
stage('Unit Tests') {
|
|
292
|
-
steps {
|
|
293
|
-
sh 'npm test'
|
|
294
|
-
}
|
|
295
|
-
}
|
|
296
|
-
stage('Lint') {
|
|
297
|
-
steps {
|
|
298
|
-
sh 'npm run lint'
|
|
299
|
-
}
|
|
300
|
-
}
|
|
301
|
-
}
|
|
302
|
-
}
|
|
303
|
-
|
|
304
|
-
stage('Package') {
|
|
305
|
-
steps {
|
|
306
|
-
script {
|
|
307
|
-
docker.build("${DOCKER_REGISTRY}/${IMAGE_NAME}:${env.BUILD_NUMBER}")
|
|
308
|
-
}
|
|
309
|
-
}
|
|
310
|
-
}
|
|
311
|
-
|
|
312
|
-
stage('Push') {
|
|
313
|
-
steps {
|
|
314
|
-
script {
|
|
315
|
-
docker.withRegistry("https://${DOCKER_REGISTRY}", 'docker-credentials') {
|
|
316
|
-
docker.image("${DOCKER_REGISTRY}/${IMAGE_NAME}:${env.BUILD_NUMBER}").push()
|
|
317
|
-
docker.image("${DOCKER_REGISTRY}/${IMAGE_NAME}:${env.BUILD_NUMBER}").push('latest')
|
|
318
|
-
}
|
|
319
|
-
}
|
|
320
|
-
}
|
|
321
|
-
}
|
|
322
|
-
|
|
323
|
-
stage('Deploy to Staging') {
|
|
324
|
-
when {
|
|
325
|
-
branch 'develop'
|
|
326
|
-
}
|
|
327
|
-
steps {
|
|
328
|
-
sh """
|
|
329
|
-
kubectl set image deployment/myapp \
|
|
330
|
-
app=${DOCKER_REGISTRY}/${IMAGE_NAME}:${env.BUILD_NUMBER} \
|
|
331
|
-
--namespace=staging
|
|
332
|
-
kubectl rollout status deployment/myapp -n staging
|
|
333
|
-
"""
|
|
334
|
-
}
|
|
335
|
-
}
|
|
336
|
-
|
|
337
|
-
stage('Deploy to Production') {
|
|
338
|
-
when {
|
|
339
|
-
branch 'main'
|
|
340
|
-
}
|
|
341
|
-
steps {
|
|
342
|
-
input message: 'Deploy to production?', ok: 'Deploy'
|
|
343
|
-
sh """
|
|
344
|
-
kubectl set image deployment/myapp \
|
|
345
|
-
app=${DOCKER_REGISTRY}/${IMAGE_NAME}:${env.BUILD_NUMBER} \
|
|
346
|
-
--namespace=production
|
|
347
|
-
kubectl rollout status deployment/myapp -n production
|
|
348
|
-
"""
|
|
349
|
-
}
|
|
350
|
-
}
|
|
351
|
-
}
|
|
352
|
-
|
|
353
|
-
post {
|
|
354
|
-
success {
|
|
355
|
-
slackSend color: 'good', message: "Deployment successful: ${env.JOB_NAME} #${env.BUILD_NUMBER}"
|
|
356
|
-
}
|
|
357
|
-
failure {
|
|
358
|
-
slackSend color: 'danger', message: "Deployment failed: ${env.JOB_NAME} #${env.BUILD_NUMBER}"
|
|
359
|
-
}
|
|
360
|
-
}
|
|
361
|
-
}
|
|
362
|
-
```
|
|
363
|
-
|
|
364
|
-
## Best Practices
|
|
365
|
-
|
|
366
|
-
### 1. Fast Pipelines
|
|
367
|
-
|
|
368
|
-
```yaml
|
|
369
|
-
# Run tests in parallel
|
|
370
|
-
jobs:
|
|
371
|
-
test:
|
|
372
|
-
strategy:
|
|
373
|
-
matrix:
|
|
374
|
-
node: [18, 20]
|
|
375
|
-
os: [ubuntu-latest, windows-latest]
|
|
376
|
-
runs-on: ${{ matrix.os }}
|
|
377
|
-
```
|
|
378
|
-
|
|
379
|
-
### 2. Caching
|
|
380
|
-
|
|
381
|
-
```yaml
|
|
382
|
-
# Cache dependencies
|
|
383
|
-
- uses: actions/cache@v3
|
|
384
|
-
with:
|
|
385
|
-
path: ~/.npm
|
|
386
|
-
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
|
|
387
|
-
```
|
|
388
|
-
|
|
389
|
-
### 3. Secrets Management
|
|
390
|
-
|
|
391
|
-
```yaml
|
|
392
|
-
# Never hardcode secrets
|
|
393
|
-
env:
|
|
394
|
-
API_KEY: ${{ secrets.API_KEY }}
|
|
395
|
-
```
|
|
396
|
-
|
|
397
|
-
### 4. Artifact Management
|
|
398
|
-
|
|
399
|
-
```yaml
|
|
400
|
-
# Upload build artifacts
|
|
401
|
-
- uses: actions/upload-artifact@v3
|
|
402
|
-
with:
|
|
403
|
-
name: dist
|
|
404
|
-
path: dist/
|
|
405
|
-
```
|
|
406
|
-
|
|
407
|
-
---
|
|
408
|
-
|
|
409
|
-
**Related Resources:**
|
|
410
|
-
- [build-optimization.md](build-optimization.md)
|
|
411
|
-
- [pipeline-security.md](pipeline-security.md)
|
|
@@ -1,197 +0,0 @@
|
|
|
1
|
-
# Deployment Strategies
|
|
2
|
-
|
|
3
|
-
Blue-green deployment, canary releases, rolling updates, recreate strategy, and progressive deployment patterns.
|
|
4
|
-
|
|
5
|
-
## Blue-Green Deployment
|
|
6
|
-
|
|
7
|
-
**Concept:** Two identical environments, switch traffic instantly.
|
|
8
|
-
|
|
9
|
-
**Kubernetes Implementation:**
|
|
10
|
-
```yaml
|
|
11
|
-
# Blue deployment (current production)
|
|
12
|
-
apiVersion: apps/v1
|
|
13
|
-
kind: Deployment
|
|
14
|
-
metadata:
|
|
15
|
-
name: myapp-blue
|
|
16
|
-
labels:
|
|
17
|
-
version: blue
|
|
18
|
-
spec:
|
|
19
|
-
replicas: 3
|
|
20
|
-
selector:
|
|
21
|
-
matchLabels:
|
|
22
|
-
app: myapp
|
|
23
|
-
version: blue
|
|
24
|
-
template:
|
|
25
|
-
metadata:
|
|
26
|
-
labels:
|
|
27
|
-
app: myapp
|
|
28
|
-
version: blue
|
|
29
|
-
spec:
|
|
30
|
-
containers:
|
|
31
|
-
- name: app
|
|
32
|
-
image: myapp:v1.0.0
|
|
33
|
-
|
|
34
|
-
---
|
|
35
|
-
# Green deployment (new version)
|
|
36
|
-
apiVersion: apps/v1
|
|
37
|
-
kind: Deployment
|
|
38
|
-
metadata:
|
|
39
|
-
name: myapp-green
|
|
40
|
-
labels:
|
|
41
|
-
version: green
|
|
42
|
-
spec:
|
|
43
|
-
replicas: 3
|
|
44
|
-
selector:
|
|
45
|
-
matchLabels:
|
|
46
|
-
app: myapp
|
|
47
|
-
version: green
|
|
48
|
-
template:
|
|
49
|
-
metadata:
|
|
50
|
-
labels:
|
|
51
|
-
app: myapp
|
|
52
|
-
version: green
|
|
53
|
-
spec:
|
|
54
|
-
containers:
|
|
55
|
-
- name: app
|
|
56
|
-
image: myapp:v2.0.0
|
|
57
|
-
|
|
58
|
-
---
|
|
59
|
-
# Service switches between blue and green
|
|
60
|
-
apiVersion: v1
|
|
61
|
-
kind: Service
|
|
62
|
-
metadata:
|
|
63
|
-
name: myapp
|
|
64
|
-
spec:
|
|
65
|
-
selector:
|
|
66
|
-
app: myapp
|
|
67
|
-
version: blue # Change to 'green' to switch
|
|
68
|
-
ports:
|
|
69
|
-
- port: 80
|
|
70
|
-
targetPort: 8080
|
|
71
|
-
```
|
|
72
|
-
|
|
73
|
-
**Switch Script:**
|
|
74
|
-
```bash
|
|
75
|
-
# Deploy green
|
|
76
|
-
kubectl apply -f myapp-green.yaml
|
|
77
|
-
|
|
78
|
-
# Wait for green to be ready
|
|
79
|
-
kubectl wait --for=condition=available deployment/myapp-green
|
|
80
|
-
|
|
81
|
-
# Run smoke tests
|
|
82
|
-
./smoke-tests.sh http://myapp-green
|
|
83
|
-
|
|
84
|
-
# Switch traffic
|
|
85
|
-
kubectl patch service myapp -p '{"spec":{"selector":{"version":"green"}}}'
|
|
86
|
-
|
|
87
|
-
# Monitor for 10 minutes
|
|
88
|
-
sleep 600
|
|
89
|
-
|
|
90
|
-
# If issues, rollback
|
|
91
|
-
# kubectl patch service myapp -p '{"spec":{"selector":{"version":"blue"}}}'
|
|
92
|
-
|
|
93
|
-
# Clean up old blue deployment
|
|
94
|
-
kubectl delete deployment myapp-blue
|
|
95
|
-
```
|
|
96
|
-
|
|
97
|
-
## Canary Deployment
|
|
98
|
-
|
|
99
|
-
**Concept:** Gradually shift traffic from old to new version.
|
|
100
|
-
|
|
101
|
-
**Flagger Configuration:**
|
|
102
|
-
```yaml
|
|
103
|
-
apiVersion: flagger.app/v1beta1
|
|
104
|
-
kind: Canary
|
|
105
|
-
metadata:
|
|
106
|
-
name: myapp
|
|
107
|
-
spec:
|
|
108
|
-
targetRef:
|
|
109
|
-
apiVersion: apps/v1
|
|
110
|
-
kind: Deployment
|
|
111
|
-
name: myapp
|
|
112
|
-
service:
|
|
113
|
-
port: 80
|
|
114
|
-
analysis:
|
|
115
|
-
interval: 1m
|
|
116
|
-
threshold: 5
|
|
117
|
-
maxWeight: 50
|
|
118
|
-
stepWeight: 10
|
|
119
|
-
metrics:
|
|
120
|
-
- name: request-success-rate
|
|
121
|
-
thresholdRange:
|
|
122
|
-
min: 99
|
|
123
|
-
- name: request-duration
|
|
124
|
-
thresholdRange:
|
|
125
|
-
max: 500
|
|
126
|
-
```
|
|
127
|
-
|
|
128
|
-
**Traffic Split Progression:**
|
|
129
|
-
```
|
|
130
|
-
Step 1: 10% canary, 90% primary
|
|
131
|
-
Step 2: 20% canary, 80% primary
|
|
132
|
-
Step 3: 30% canary, 70% primary
|
|
133
|
-
...
|
|
134
|
-
Final: 100% canary, 0% primary
|
|
135
|
-
```
|
|
136
|
-
|
|
137
|
-
## Rolling Update
|
|
138
|
-
|
|
139
|
-
**Kubernetes Native:**
|
|
140
|
-
```yaml
|
|
141
|
-
apiVersion: apps/v1
|
|
142
|
-
kind: Deployment
|
|
143
|
-
metadata:
|
|
144
|
-
name: myapp
|
|
145
|
-
spec:
|
|
146
|
-
replicas: 6
|
|
147
|
-
strategy:
|
|
148
|
-
type: RollingUpdate
|
|
149
|
-
rollingUpdate:
|
|
150
|
-
maxSurge: 2 # Max 2 extra pods during update
|
|
151
|
-
maxUnavailable: 1 # Max 1 pod down during update
|
|
152
|
-
template:
|
|
153
|
-
spec:
|
|
154
|
-
containers:
|
|
155
|
-
- name: app
|
|
156
|
-
image: myapp:v2.0.0
|
|
157
|
-
```
|
|
158
|
-
|
|
159
|
-
**Update Process:**
|
|
160
|
-
```
|
|
161
|
-
Current: [V1] [V1] [V1] [V1] [V1] [V1]
|
|
162
|
-
[V1] [V1] [V1] [V1] [V1] [V2] [V2] ← 2 new, 1 old terminating
|
|
163
|
-
[V1] [V1] [V1] [V1] [V2] [V2]
|
|
164
|
-
[V1] [V1] [V1] [V2] [V2] [V2]
|
|
165
|
-
[V1] [V1] [V2] [V2] [V2] [V2]
|
|
166
|
-
[V1] [V2] [V2] [V2] [V2] [V2]
|
|
167
|
-
New: [V2] [V2] [V2] [V2] [V2] [V2]
|
|
168
|
-
```
|
|
169
|
-
|
|
170
|
-
## Recreate Strategy
|
|
171
|
-
|
|
172
|
-
**Use Case:** Database schema changes requiring downtime.
|
|
173
|
-
|
|
174
|
-
```yaml
|
|
175
|
-
apiVersion: apps/v1
|
|
176
|
-
kind: Deployment
|
|
177
|
-
metadata:
|
|
178
|
-
name: myapp
|
|
179
|
-
spec:
|
|
180
|
-
strategy:
|
|
181
|
-
type: Recreate # Kill all old pods before creating new
|
|
182
|
-
```
|
|
183
|
-
|
|
184
|
-
## Strategy Comparison
|
|
185
|
-
|
|
186
|
-
| Strategy | Downtime | Rollback Speed | Resource Cost | Complexity |
|
|
187
|
-
|----------|----------|----------------|---------------|------------|
|
|
188
|
-
| Blue-Green | None | Instant | 2x (temporary) | Low |
|
|
189
|
-
| Canary | None | Gradual | 1.1-1.5x | Medium |
|
|
190
|
-
| Rolling | None | Medium | 1.1-1.5x | Low |
|
|
191
|
-
| Recreate | Yes | Fast | 1x | Very Low |
|
|
192
|
-
|
|
193
|
-
---
|
|
194
|
-
|
|
195
|
-
**Related Resources:**
|
|
196
|
-
- [progressive-delivery.md](progressive-delivery.md)
|
|
197
|
-
- [rollback-strategies.md](rollback-strategies.md)
|
|
@@ -1,62 +0,0 @@
|
|
|
1
|
-
# Pipeline Security
|
|
2
|
-
|
|
3
|
-
Securing CI/CD pipelines, secrets management, artifact signing, supply chain security, and pipeline hardening.
|
|
4
|
-
|
|
5
|
-
## Pipeline Hardening
|
|
6
|
-
|
|
7
|
-
**Minimal Permissions:**
|
|
8
|
-
```yaml
|
|
9
|
-
permissions:
|
|
10
|
-
contents: read # Read code
|
|
11
|
-
packages: write # Push containers
|
|
12
|
-
id-token: write # OIDC for signing
|
|
13
|
-
# Don't grant more than needed
|
|
14
|
-
```
|
|
15
|
-
|
|
16
|
-
**Pin Actions:**
|
|
17
|
-
```yaml
|
|
18
|
-
# ❌ Bad - mutable tag
|
|
19
|
-
- uses: actions/checkout@v3
|
|
20
|
-
|
|
21
|
-
# ✅ Good - pinned SHA
|
|
22
|
-
- uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
|
|
23
|
-
```
|
|
24
|
-
|
|
25
|
-
## Secrets Management
|
|
26
|
-
|
|
27
|
-
**GitHub Secrets:**
|
|
28
|
-
```yaml
|
|
29
|
-
- name: Deploy
|
|
30
|
-
env:
|
|
31
|
-
API_KEY: ${{ secrets.API_KEY }}
|
|
32
|
-
DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
|
|
33
|
-
run: ./deploy.sh
|
|
34
|
-
```
|
|
35
|
-
|
|
36
|
-
**Vault Integration:**
|
|
37
|
-
```yaml
|
|
38
|
-
- uses: hashicorp/vault-action@v2
|
|
39
|
-
with:
|
|
40
|
-
url: https://vault.example.com
|
|
41
|
-
token: ${{ secrets.VAULT_TOKEN }}
|
|
42
|
-
secrets: |
|
|
43
|
-
secret/data/production api_key | API_KEY ;
|
|
44
|
-
secret/data/production db_pass | DB_PASSWORD
|
|
45
|
-
```
|
|
46
|
-
|
|
47
|
-
## Artifact Signing
|
|
48
|
-
|
|
49
|
-
**Cosign:**
|
|
50
|
-
```yaml
|
|
51
|
-
- name: Sign image
|
|
52
|
-
run: |
|
|
53
|
-
cosign sign --yes \
|
|
54
|
-
-a git_sha=${{ github.sha }} \
|
|
55
|
-
myregistry.com/myapp:${{ github.sha }}
|
|
56
|
-
```
|
|
57
|
-
|
|
58
|
-
---
|
|
59
|
-
|
|
60
|
-
**Related Resources:**
|
|
61
|
-
- [ci-cd-pipelines.md](ci-cd-pipelines.md)
|
|
62
|
-
- [../devsecops/resources/ci-cd-security.md](../../devsecops/resources/ci-cd-security.md)
|