diff --git a/.github/workflows/microservices.yml b/.github/workflows/microservices.yml index 2ddf3e3..b1bf3d4 100644 --- a/.github/workflows/microservices.yml +++ b/.github/workflows/microservices.yml @@ -185,7 +185,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - service: [backup-engine, storage-hal, compression-engine, ml-optimizer, sync-coordinator] + service: [backup-engine, storage-hal, compression-engine, ml-optimizer, sync-coordinator, encryption-service] steps: - name: Checkout uses: actions/checkout@v4 diff --git a/services/encryption-service/tsconfig.json b/services/encryption-service/tsconfig.json new file mode 100644 index 0000000..f150bf7 --- /dev/null +++ b/services/encryption-service/tsconfig.json @@ -0,0 +1,21 @@ +{ + "compilerOptions": { + "target": "ES2020", + "module": "commonjs", + "lib": ["ES2020"], + "outDir": "./dist", + "rootDir": "./src", + "strict": true, + "esModuleInterop": true, + "skipLibCheck": true, + "forceConsistentCasingInFileNames": true, + "resolveJsonModule": true, + "moduleResolution": "node", + "declaration": true, + "declarationMap": true, + "sourceMap": true, + "types": ["node", "jest"] + }, + "include": ["src/**/*"], + "exclude": ["node_modules", "dist", "**/*.test.ts", "**/*.spec.ts"] +} diff --git a/services/ml-optimizer/Dockerfile b/services/ml-optimizer/Dockerfile new file mode 100644 index 0000000..2ffde01 --- /dev/null +++ b/services/ml-optimizer/Dockerfile @@ -0,0 +1,60 @@ +# Build stage +FROM python:3.11-slim as builder + +WORKDIR /app + +# Install build dependencies +RUN apt-get update && apt-get install -y \ + gcc \ + g++ \ + && rm -rf /var/lib/apt/lists/* + +# Copy requirements +COPY requirements.txt . + +# Install Python dependencies +RUN pip install --no-cache-dir --user -r requirements.txt + +# Runtime stage +FROM python:3.11-slim + +WORKDIR /app + +# Install runtime dependencies +RUN apt-get update && apt-get install -y \ + libgomp1 \ + && rm -rf /var/lib/apt/lists/* + +# Copy Python dependencies from builder +COPY --from=builder /root/.local /root/.local + +# Copy application code +COPY main.py . +COPY models ./models +COPY training ./training + +# Create non-root user +RUN useradd -m -u 1000 appuser && \ + mkdir -p /var/lib/ml-optimizer /var/log/ml-optimizer && \ + chown -R appuser:appuser /app /var/lib/ml-optimizer /var/log/ml-optimizer + +USER appuser + +# Make sure scripts in .local are usable +ENV PATH=/root/.local/bin:$PATH +ENV PYTHONUNBUFFERED=1 + +# Expose ports +EXPOSE 8000 9090 + +# Set environment variables +ENV SERVICE_PORT=8000 +ENV METRICS_PORT=9090 +ENV MODEL_PATH=/var/lib/ml-optimizer/models + +# Health check +HEALTHCHECK --interval=30s --timeout=3s --start-period=10s --retries=3 \ + CMD python -c "import requests; requests.get('http://localhost:8000/health')" || exit 1 + +# Run the application +CMD ["python", "main.py"] diff --git a/services/storage-hal/Dockerfile b/services/storage-hal/Dockerfile new file mode 100644 index 0000000..3759626 --- /dev/null +++ b/services/storage-hal/Dockerfile @@ -0,0 +1,55 @@ +# Build stage +FROM rust:1.75-slim as builder + +WORKDIR /usr/src/storage-hal + +# Install build dependencies +RUN apt-get update && apt-get install -y \ + pkg-config \ + libssl-dev \ + protobuf-compiler \ + && rm -rf /var/lib/apt/lists/* + +# Copy manifests +COPY Cargo.toml Cargo.lock* ./ +COPY build.rs ./ + +# Copy source code +COPY src ./src + +# Build for release +RUN cargo build --release + +# Runtime stage +FROM debian:bookworm-slim + +# Install runtime dependencies +RUN apt-get update && apt-get install -y \ + ca-certificates \ + libssl3 \ + && rm -rf /var/lib/apt/lists/* + +# Copy the binary from builder +COPY --from=builder /usr/src/storage-hal/target/release/storage-hal /usr/local/bin/storage-hal + +# Create non-root user +RUN useradd -m -u 1000 appuser && \ + mkdir -p /var/lib/storage-hal /var/log/storage-hal && \ + chown -R appuser:appuser /var/lib/storage-hal /var/log/storage-hal + +USER appuser + +# Expose ports +EXPOSE 50051 9090 + +# Set environment variables +ENV RUST_LOG=info +ENV SERVICE_PORT=50051 +ENV METRICS_PORT=9090 + +# Health check +HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ + CMD [ "/usr/local/bin/storage-hal", "--health-check" ] || exit 1 + +# Run the binary +CMD ["/usr/local/bin/storage-hal"] diff --git a/services/sync-coordinator/Dockerfile b/services/sync-coordinator/Dockerfile new file mode 100644 index 0000000..ed98d79 --- /dev/null +++ b/services/sync-coordinator/Dockerfile @@ -0,0 +1,54 @@ +# Build stage +FROM node:18-alpine as builder + +WORKDIR /app + +# Copy package files +COPY package*.json ./ +COPY tsconfig.json ./ + +# Install dependencies +RUN npm ci --only=production && \ + npm ci --only=development + +# Copy source code +COPY src ./src + +# Build TypeScript +RUN npm run build + +# Runtime stage +FROM node:18-alpine + +WORKDIR /app + +# Install production dependencies only +COPY package*.json ./ +RUN npm ci --only=production && \ + npm cache clean --force + +# Copy built application from builder +COPY --from=builder /app/dist ./dist + +# Create non-root user +RUN addgroup -g 1000 appuser && \ + adduser -D -u 1000 -G appuser appuser && \ + mkdir -p /var/lib/sync-coordinator /var/log/sync-coordinator && \ + chown -R appuser:appuser /app /var/lib/sync-coordinator /var/log/sync-coordinator + +USER appuser + +# Expose ports +EXPOSE 8080 9090 + +# Set environment variables +ENV NODE_ENV=production +ENV SERVICE_PORT=8080 +ENV METRICS_PORT=9090 + +# Health check +HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ + CMD node -e "require('http').get('http://localhost:8080/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})" || exit 1 + +# Run the application +CMD ["node", "dist/index.js"]