3d99940658
Sandbox Deployment Platform — Go control plane + agents, NextJS dashboard, nginx reverse proxy. Cross-compile via Docker; deploy via sshpass to 172.18.136.92 (micro) and 172.18.139.186 (gateway). - control-plane: HTTP API, WS hub, SQLite (modernc.org/sqlite) for progress, .log files for log persistence - agent-micro / agent-gateway: alpine:3.20 + bind-mounted repo, binary exec'd in container, no Dockerfile build step - dashboard: NextJS static export + shadcn/ui components, single WebSocket hook - docker-compose.yml: three services on alpine:latest with docker socket bind for agents - scripts/: build.sh (golang:1.23-alpine cross-compile), deploy.sh, patch-nginx.sh (idempotent nginx splice), ssh wrappers Runtime model: pass-through Bitbucket creds per deploy, never logged or persisted on the agent. Control plane never touches git or docker directly — agents do all the work locally.
66 lines
2.3 KiB
Markdown
66 lines
2.3 KiB
Markdown
# Sandbox Deployment Platform (SDP)
|
|
|
|
Internal deployment platform for Backend/QA. Lets a developer deploy a feature
|
|
branch into an isolated sandbox, with the API Gateway routing selected
|
|
services to the sandbox and the rest to OCP. See [REQUIREMENTS.md](REQUIREMENTS.md)
|
|
for the full spec.
|
|
|
|
## Layout
|
|
|
|
```
|
|
.
|
|
├── protocol/ # shared wire types (Event, DeployRequest)
|
|
├── control-plane/ # Go. HTTP API + WS hub + SQLite/.log persistence
|
|
├── agent-micro/ # Go. Runs on 172.18.136.92, deploys Go microservices
|
|
├── agent-gateway/ # Go. Runs on 172.18.139.186, deploys the API Gateway
|
|
├── dashboard/ # NextJS static export, served by nginx
|
|
└── nginx/ # reverse proxy + try_files for the dashboard
|
|
```
|
|
|
|
## End-to-end smoke (manual)
|
|
|
|
Prereqs: Go 1.22+, Node 18+, Docker on each agent VM, alpine:3.20 loaded
|
|
locally (`docker load -i alpine.tar`).
|
|
|
|
1. Build everything:
|
|
```bash
|
|
cd protocol && go build ./...
|
|
cd ../control-plane && go build -o bin/control-plane ./cmd/control-plane
|
|
cd ../agent-micro && go build -o bin/agent-micro ./cmd/agent-micro
|
|
cd ../agent-gateway && go build -o bin/agent-gateway ./cmd/agent-gateway
|
|
cd ../dashboard && npm install && npm run build
|
|
```
|
|
|
|
2. Start the control plane:
|
|
```bash
|
|
./control-plane/bin/control-plane -addr :8080 -data ./data
|
|
```
|
|
|
|
3. Start the micro agent on 172.18.136.92:
|
|
```bash
|
|
SDP_CP_URL=ws://172.18.139.186:8080/ws/agent SDP_NODE_ID=micro \
|
|
./agent-micro/bin/agent-micro
|
|
```
|
|
|
|
4. Start the gateway agent on 172.18.139.186:
|
|
```bash
|
|
SDP_CP_URL=ws://172.18.139.186:8080/ws/agent SDP_NODE_ID=gateway \
|
|
./agent-gateway/bin/agent-gateway
|
|
```
|
|
|
|
5. Point nginx at the dashboard build (`dashboard/out/`) and the control
|
|
plane (`:8080`). See `nginx/nginx.conf`.
|
|
|
|
6. Open `http://<nginx-host>/`, sign in with any Bitbucket creds, pick
|
|
`account` → `feature/login-error`, click Deploy. Watch the stage
|
|
checkmarks and the log stream.
|
|
|
|
## Notes
|
|
|
|
- Credentials are passed per-operation to the agent and never persisted
|
|
on the agent longer than the operation.
|
|
- The runtime model is `alpine:3.20` + bind-mounted repo + exec'd binary.
|
|
No Dockerfile build step on the agent.
|
|
- Logs persist to `<data>/logs/<deploymentId>.log`. SQLite holds progress
|
|
snapshots and final state.
|