admin/pos-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add order lifecycle integration tests (29 tests) and staging K8s deployment manifests

Browse Source 
Testing (P0-7):
- 29 functional tests for order-service API (create/pay/complete/cancel lifecycle)
- CustomWebApplicationFactory with InMemory DB, mocked wallet/SignalR/tenant
- TestAuthHandler for JWT auth in tests
- Full lifecycle tests: cash flow and online payment flow end-to-end

Staging Deployment (P0-8):
- K8s manifests for 8 MVP services + Redis + POS web (namespace, configmap, secrets)
- Traefik Ingress with path-based routing and TLS via cert-manager
- HPA auto-scaling (2-4 replicas, CPU/memory thresholds)
- deploy-staging.sh script with --dry-run and --service flags
- CI/CD: deploy-staging.yml and docker-build.yml with matrix strategy
- Consistent patterns: port 8080, 3 health probes, RollingUpdate

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Ho Ngoc Hai
2026-03-06 13:56:03 +07:00
parent 914dda3fe9
commit 1d12a7980b
24 changed files with 3448 additions and 164 deletions
Download Patch File Download Diff File Expand all files Collapse all files

341
.github/workflows/deploy-staging.yml vendored
View File

@@ -1,3 +1,5 @@
# EN: Deploy GoodGo Platform MVP services to Kubernetes staging
# VI: Trien khai cac service MVP cua GoodGo Platform len K8s staging
name: Deploy to Staging
on:
@@ -6,48 +8,345 @@ on:
- develop
paths:
- 'services/iam-service-net/**'
- 'apps/web-client/**'
- 'services/merchant-service-net/**'
- 'services/order-service-net/**'
- 'services/fnb-engine-net/**'
- 'services/inventory-service-net/**'
- 'services/wallet-service-net/**'
- 'services/catalog-service-net/**'
- 'services/storage-service-net/**'
- 'apps/web-client-tpos-net/**'
- 'deployments/staging/**'
workflow_dispatch:
inputs:
service:
description: 'Service to deploy (leave empty for all)'
required: false
default: ''
type: choice
options:
- ''
- iam-service
- merchant-service
- order-service
- fnb-engine
- inventory-service
- wallet-service
- catalog-service
- storage-service
- pos-web
env:
REGISTRY: docker.io
NAMESPACE: staging
jobs:
deploy:
# =========================================================================
# Build & Push Docker Images
# =========================================================================
detect-changes:
runs-on: ubuntu-latest
outputs:
services: ${{ steps.changes.outputs.services }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2
- name: Detect changed services
id: changes
run: |
if [ -n "${{ github.event.inputs.service }}" ]; then
echo 'services=["${{ github.event.inputs.service }}"]' >> $GITHUB_OUTPUT
exit 0
fi
SERVICES=()
CHANGED=$(git diff --name-only HEAD~1 HEAD)
declare -A SERVICE_MAP=(
["services/iam-service-net"]="iam-service"
["services/merchant-service-net"]="merchant-service"
["services/order-service-net"]="order-service"
["services/fnb-engine-net"]="fnb-engine"
["services/inventory-service-net"]="inventory-service"
["services/wallet-service-net"]="wallet-service"
["services/catalog-service-net"]="catalog-service"
["services/storage-service-net"]="storage-service"
["apps/web-client-tpos-net"]="pos-web"
)
for path in "${!SERVICE_MAP[@]}"; do
if echo "$CHANGED" | grep -q "^${path}/"; then
SERVICES+=("\"${SERVICE_MAP[$path]}\"")
fi
done
# EN: If deployment configs changed, deploy all
# VI: Neu cau hinh deployment thay doi, deploy tat ca
if echo "$CHANGED" | grep -q "^deployments/staging/"; then
SERVICES=("\"iam-service\"" "\"merchant-service\"" "\"order-service\"" "\"fnb-engine\"" "\"inventory-service\"" "\"wallet-service\"" "\"catalog-service\"" "\"storage-service\"" "\"pos-web\"")
fi
if [ ${#SERVICES[@]} -eq 0 ]; then
echo 'services=[]' >> $GITHUB_OUTPUT
else
JOINED=$(IFS=,; echo "${SERVICES[*]}")
echo "services=[${JOINED}]" >> $GITHUB_OUTPUT
fi
build-and-push:
needs: detect-changes
if: needs.detect-changes.outputs.services != '[]'
runs-on: ubuntu-latest
strategy:
matrix:
service: ${{ fromJSON(needs.detect-changes.outputs.services) }}
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Determine build context
id: context
run: |
declare -A CONTEXT_MAP=(
["iam-service"]="./services/iam-service-net"
["merchant-service"]="./services/merchant-service-net"
["order-service"]="./services/order-service-net"
["fnb-engine"]="./services/fnb-engine-net"
["inventory-service"]="./services/inventory-service-net"
["wallet-service"]="./services/wallet-service-net"
["catalog-service"]="./services/catalog-service-net"
["storage-service"]="./services/storage-service-net"
["pos-web"]="./apps/web-client-tpos-net"
)
declare -A IMAGE_MAP=(
["iam-service"]="goodgo/iam-service-net"
["merchant-service"]="goodgo/merchant-service-net"
["order-service"]="goodgo/order-service-net"
["fnb-engine"]="goodgo/fnb-engine-net"
["inventory-service"]="goodgo/inventory-service-net"
["wallet-service"]="goodgo/wallet-service-net"
["catalog-service"]="goodgo/catalog-service-net"
["storage-service"]="goodgo/storage-service-net"
["pos-web"]="goodgo/web-client-tpos-net"
)
echo "context=${CONTEXT_MAP[${{ matrix.service }}]}" >> $GITHUB_OUTPUT
echo "image=${IMAGE_MAP[${{ matrix.service }}]}" >> $GITHUB_OUTPUT
- name: Build and push ${{ matrix.service }}
uses: docker/build-push-action@v5
with:
context: ${{ steps.context.outputs.context }}
push: true
tags: |
${{ steps.context.outputs.image }}:staging
${{ steps.context.outputs.image }}:${{ github.sha }}
cache-from: type=registry,ref=${{ steps.context.outputs.image }}:buildcache
cache-to: type=registry,ref=${{ steps.context.outputs.image }}:buildcache,mode=max
# =========================================================================
# Run Database Migrations
# =========================================================================
migrations:
needs: [detect-changes, build-and-push]
if: needs.detect-changes.outputs.services != '[]'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup .NET SDK
uses: actions/setup-dotnet@v4
with:
dotnet-version: '10.0.x'
- name: Run database migrations
- name: Install EF Core tools
run: dotnet tool install --global dotnet-ef || true
- name: Run IAM migrations
if: contains(needs.detect-changes.outputs.services, 'iam-service')
run: |
dotnet tool install --global dotnet-ef || true
dotnet ef database update \
--project services/iam-service-net/src/IamService.Infrastructure/IamService.Infrastructure.csproj \
--startup-project services/iam-service-net/src/IamService.API/IamService.API.csproj
env:
ConnectionStrings__DefaultConnection: ${{ secrets.NEON_DATABASE_URL_STAGING }}
ConnectionStrings__DefaultConnection: ${{ secrets.NEON_IAM_DATABASE_URL_STAGING }}
- name: Run Merchant migrations
if: contains(needs.detect-changes.outputs.services, 'merchant-service')
run: |
dotnet ef database update \
--project services/merchant-service-net/src/MerchantService.Infrastructure/MerchantService.Infrastructure.csproj \
--startup-project services/merchant-service-net/src/MerchantService.API/MerchantService.API.csproj
env:
ConnectionStrings__DefaultConnection: ${{ secrets.NEON_MERCHANT_DATABASE_URL_STAGING }}
- name: Run Order migrations
if: contains(needs.detect-changes.outputs.services, 'order-service')
run: |
dotnet ef database update \
--project services/order-service-net/src/OrderService.Infrastructure/OrderService.Infrastructure.csproj \
--startup-project services/order-service-net/src/OrderService.API/OrderService.API.csproj
env:
ConnectionStrings__DefaultConnection: ${{ secrets.NEON_ORDER_DATABASE_URL_STAGING }}
- name: Run FnB Engine migrations
if: contains(needs.detect-changes.outputs.services, 'fnb-engine')
run: |
dotnet ef database update \
--project services/fnb-engine-net/src/FnbEngine.Infrastructure/FnbEngine.Infrastructure.csproj \
--startup-project services/fnb-engine-net/src/FnbEngine.API/FnbEngine.API.csproj
env:
ConnectionStrings__DefaultConnection: ${{ secrets.NEON_FNB_DATABASE_URL_STAGING }}
- name: Run Inventory migrations
if: contains(needs.detect-changes.outputs.services, 'inventory-service')
run: |
dotnet ef database update \
--project services/inventory-service-net/src/InventoryService.Infrastructure/InventoryService.Infrastructure.csproj \
--startup-project services/inventory-service-net/src/InventoryService.API/InventoryService.API.csproj
env:
ConnectionStrings__DefaultConnection: ${{ secrets.NEON_INVENTORY_DATABASE_URL_STAGING }}
- name: Run Wallet migrations
if: contains(needs.detect-changes.outputs.services, 'wallet-service')
run: |
dotnet ef database update \
--project services/wallet-service-net/src/WalletService.Infrastructure/WalletService.Infrastructure.csproj \
--startup-project services/wallet-service-net/src/WalletService.API/WalletService.API.csproj
env:
ConnectionStrings__DefaultConnection: ${{ secrets.NEON_WALLET_DATABASE_URL_STAGING }}
- name: Run Catalog migrations
if: contains(needs.detect-changes.outputs.services, 'catalog-service')
run: |
dotnet ef database update \
--project services/catalog-service-net/src/CatalogService.Infrastructure/CatalogService.Infrastructure.csproj \
--startup-project services/catalog-service-net/src/CatalogService.API/CatalogService.API.csproj
env:
ConnectionStrings__DefaultConnection: ${{ secrets.NEON_CATALOG_DATABASE_URL_STAGING }}
- name: Run Storage migrations
if: contains(needs.detect-changes.outputs.services, 'storage-service')
run: |
dotnet ef database update \
--project services/storage-service-net/src/StorageService.Infrastructure/StorageService.Infrastructure.csproj \
--startup-project services/storage-service-net/src/StorageService.API/StorageService.API.csproj
env:
ConnectionStrings__DefaultConnection: ${{ secrets.NEON_STORAGE_DATABASE_URL_STAGING }}
# =========================================================================
# Deploy to Kubernetes
# =========================================================================
deploy:
needs: [detect-changes, build-and-push, migrations]
if: needs.detect-changes.outputs.services != '[]'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup kubectl
uses: azure/setup-kubectl@v3
- name: Configure kubectl
run: |
echo "${{ secrets.KUBECONFIG_STAGING }}" | base64 -d > kubeconfig
export KUBECONFIG=./kubeconfig
- name: Deploy IAM Service
echo "KUBECONFIG=$(pwd)/kubeconfig" >> $GITHUB_ENV
- name: Apply namespace and config
run: |
kubectl apply -f deployments/staging/kubernetes/namespace.yaml
kubectl apply -f deployments/staging/kubernetes/configmap.yaml
- name: Deploy Redis
run: |
kubectl apply -f deployments/staging/kubernetes/redis.yaml
- name: Deploy services
run: |
SERVICES='${{ needs.detect-changes.outputs.services }}'
declare -A DEPLOY_MAP=(
["iam-service"]="iam-service.yaml"
["merchant-service"]="merchant-service.yaml"
["order-service"]="order-service.yaml"
["fnb-engine"]="fnb-engine.yaml"
["inventory-service"]="inventory-service.yaml"
["wallet-service"]="wallet-service.yaml"
["catalog-service"]="catalog-service.yaml"
["storage-service"]="storage-service.yaml"
["pos-web"]="pos-web.yaml"
)
for svc in "${!DEPLOY_MAP[@]}"; do
if echo "$SERVICES" | grep -q "\"${svc}\""; then
echo "Deploying ${svc}..."
kubectl apply -f "deployments/staging/kubernetes/${DEPLOY_MAP[$svc]}"
# EN: Force rollout to pick up new image
# VI: Buoc rollout de cap nhat image moi
kubectl set image "deployment/${svc}" \
"${svc}=$(echo ${DEPLOY_MAP[$svc]} | sed 's/.yaml//')" \
-n staging 2>/dev/null || true
kubectl rollout restart "deployment/${svc}" -n staging
fi
done
- name: Apply ingress
run: |
export KUBECONFIG=./kubeconfig
kubectl apply -f deployments/staging/kubernetes/iam-service.yaml
kubectl apply -f deployments/staging/kubernetes/iam-service-configmap.yaml
kubectl apply -f deployments/staging/kubernetes/ingress.yaml
kubectl rollout status deployment/iam-service -n staging
- name: Deploy Web App
- name: Wait for rollouts
run: |
export KUBECONFIG=./kubeconfig
kubectl apply -f deployments/staging/kubernetes/web-app.yaml || echo "Web app deployment not configured"
kubectl rollout status deployment/web-app -n staging || echo "Web app deployment not configured"
SERVICES='${{ needs.detect-changes.outputs.services }}'
declare -A DEPLOY_NAMES=(
["iam-service"]="iam-service"
["merchant-service"]="merchant-service"
["order-service"]="order-service"
["fnb-engine"]="fnb-engine"
["inventory-service"]="inventory-service"
["wallet-service"]="wallet-service"
["catalog-service"]="catalog-service"
["storage-service"]="storage-service"
["pos-web"]="pos-web"
)
FAILED=0
for svc in "${!DEPLOY_NAMES[@]}"; do
if echo "$SERVICES" | grep -q "\"${svc}\""; then
echo "Waiting for ${svc}..."
if ! kubectl rollout status "deployment/${DEPLOY_NAMES[$svc]}" -n staging --timeout=180s; then
echo "WARNING: ${svc} rollout did not complete in time"
FAILED=$((FAILED + 1))
fi
fi
done
if [ $FAILED -gt 0 ]; then
echo "WARNING: ${FAILED} service(s) did not complete rollout"
kubectl get pods -n staging
exit 1
fi
- name: Verify deployment
run: |
echo "=== Pods ==="
kubectl get pods -n staging -o wide
echo ""
echo "=== Services ==="
kubectl get svc -n staging
echo ""
echo "=== Ingress ==="
kubectl get ingress -n staging

114
.github/workflows/docker-build.yml vendored
View File

@@ -1,3 +1,5 @@
# EN: Build and push Docker images for all MVP services
# VI: Build va push Docker images cho tat ca MVP services
name: Docker Build
on:
@@ -7,56 +9,104 @@ on:
- develop
paths:
- 'services/iam-service-net/**'
- 'apps/web-client/**'
- 'services/merchant-service-net/**'
- 'services/order-service-net/**'
- 'services/fnb-engine-net/**'
- 'services/inventory-service-net/**'
- 'services/wallet-service-net/**'
- 'services/catalog-service-net/**'
- 'services/storage-service-net/**'
- 'apps/web-client-tpos-net/**'
workflow_dispatch:
inputs:
service:
description: 'Service to build (leave empty for changed only)'
required: false
default: ''
jobs:
build-iam-service:
detect-changes:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push IAM Service
uses: docker/build-push-action@v5
with:
context: ./services/iam-service-net
push: true
tags: |
goodgo/iam-service-net:latest
goodgo/iam-service-net:${{ github.sha }}
cache-from: type=registry,ref=goodgo/iam-service-net:buildcache
cache-to: type=registry,ref=goodgo/iam-service-net:buildcache,mode=max
fetch-depth: 2
build-web-client:
- name: Detect changed services
id: set-matrix
run: |
if [ -n "${{ github.event.inputs.service }}" ]; then
echo 'matrix={"include":[{"service":"${{ github.event.inputs.service }}"}]}' >> $GITHUB_OUTPUT
exit 0
fi
CHANGED=$(git diff --name-only HEAD~1 HEAD)
INCLUDES=()
declare -A SERVICES=(
["services/iam-service-net"]='{"service":"iam-service-net","context":"./services/iam-service-net","image":"goodgo/iam-service-net"}'
["services/merchant-service-net"]='{"service":"merchant-service-net","context":"./services/merchant-service-net","image":"goodgo/merchant-service-net"}'
["services/order-service-net"]='{"service":"order-service-net","context":"./services/order-service-net","image":"goodgo/order-service-net"}'
["services/fnb-engine-net"]='{"service":"fnb-engine-net","context":"./services/fnb-engine-net","image":"goodgo/fnb-engine-net"}'
["services/inventory-service-net"]='{"service":"inventory-service-net","context":"./services/inventory-service-net","image":"goodgo/inventory-service-net"}'
["services/wallet-service-net"]='{"service":"wallet-service-net","context":"./services/wallet-service-net","image":"goodgo/wallet-service-net"}'
["services/catalog-service-net"]='{"service":"catalog-service-net","context":"./services/catalog-service-net","image":"goodgo/catalog-service-net"}'
["services/storage-service-net"]='{"service":"storage-service-net","context":"./services/storage-service-net","image":"goodgo/storage-service-net"}'
["apps/web-client-tpos-net"]='{"service":"web-client-tpos-net","context":"./apps/web-client-tpos-net","image":"goodgo/web-client-tpos-net"}'
)
for path in "${!SERVICES[@]}"; do
if echo "$CHANGED" | grep -q "^${path}/"; then
INCLUDES+=("${SERVICES[$path]}")
fi
done
if [ ${#INCLUDES[@]} -eq 0 ]; then
echo 'matrix={"include":[]}' >> $GITHUB_OUTPUT
else
JOINED=$(IFS=,; echo "${INCLUDES[*]}")
echo "matrix={\"include\":[${JOINED}]}" >> $GITHUB_OUTPUT
fi
build:
needs: detect-changes
if: needs.detect-changes.outputs.matrix != '{"include":[]}'
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix: ${{ fromJSON(needs.detect-changes.outputs.matrix) }}
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push Web Client
- name: Set tags
id: tags
run: |
IMAGE="${{ matrix.image }}"
SHA="${{ github.sha }}"
BRANCH="${{ github.ref_name }}"
if [ "$BRANCH" = "main" ]; then
echo "tags=${IMAGE}:latest,${IMAGE}:${SHA}" >> $GITHUB_OUTPUT
else
echo "tags=${IMAGE}:staging,${IMAGE}:${SHA}" >> $GITHUB_OUTPUT
fi
- name: Build and push ${{ matrix.service }}
uses: docker/build-push-action@v5
with:
context: ./apps/web-client
context: ${{ matrix.context }}
push: true
tags: |
goodgo/web-client:latest
goodgo/web-client:${{ github.sha }}
cache-from: type=registry,ref=goodgo/web-client:buildcache
cache-to: type=registry,ref=goodgo/web-client:buildcache,mode=max
tags: ${{ steps.tags.outputs.tags }}
cache-from: type=registry,ref=${{ matrix.image }}:buildcache
cache-to: type=registry,ref=${{ matrix.image }}:buildcache,mode=max