Questions / Things to do

[einari]

• [ ] Stack. How do we define it (what is it scoped to - application, microservice? + environment).
• [ ] Private link
• [ ] Introduce Staging (different Authorization)
• [ ] AD setup per environment
• [ ] API for applying infrastructure for an application and its microservices in an environment.

Design thoughts

Artifacts

The hierarchy is as follows:

+─ Application
     └─ Microservice
            └─ Deployable

Type	Description
Application	Top level grouping of every running artifact that goes into it an application, it is the outside security boundary as well
Microservice	A logical representation of a unit of work. Self contained, autonomous.
Deployable	A container that runs as part of the microservice. One can have multiple containers. They are closely related and change together.

Environments

Applications can exist in multiple environments. By environment we mean things like; Development, Staging, Production.

Global

Below are the things that is considered global for an application, across all environments.

• Container Registry. Allowing us to publish versioned containers in one place and then move them through environments.

Application, per environment

• MongoDB Cluster
• Cratis Cluster
• Authentication - AAD App Registration
• Container Apps managed environment
• VNet
• Ingress App (routing)
• Configuration
• Environment variables
• Secrets

Microservice, per environment

• Configuration
• Environment variables
• Secrets

Deployable, per environment

• Configuration
• Environment variables
• Secrets

Important

It is important that we support deploying new microservices to a specific environment and it not be deployed to others until we move it across. This includes the Pulumi infrastructure piece.