[ ] Stack. How do we define it (what is it scoped to - application, microservice? + environment).
[ ] Private link
[ ] Introduce Staging (different Authorization)
[ ] AD setup per environment
[ ] API for applying infrastructure for an application and its microservices in an environment.
Design thoughts
Artifacts
The hierarchy is as follows:
+─ Application
└─ Microservice
└─ Deployable
Type
Description
Application
Top level grouping of every running artifact that goes into it an application, it is the outside security boundary as well
Microservice
A logical representation of a unit of work. Self contained, autonomous.
Deployable
A container that runs as part of the microservice. One can have multiple containers. They are closely related and change together.
Environments
Applications can exist in multiple environments. By environment we mean things like; Development, Staging, Production.
Global
Below are the things that is considered global for an application, across all environments.
Container Registry. Allowing us to publish versioned containers in one place and then move them through environments.
Application, per environment
MongoDB Cluster
Cratis Cluster
Authentication - AAD App Registration
Container Apps managed environment
VNet
Ingress App (routing)
Configuration
Environment variables
Secrets
Microservice, per environment
Configuration
Environment variables
Secrets
Deployable, per environment
Configuration
Environment variables
Secrets
Important
It is important that we support deploying new microservices to a specific environment and it not be deployed to others until we move it across. This includes the Pulumi infrastructure piece.
Design thoughts
Artifacts
The hierarchy is as follows:
Environments
Applications can exist in multiple environments. By environment we mean things like; Development, Staging, Production.
Global
Below are the things that is considered global for an application, across all environments.
Application, per environment
Microservice, per environment
Deployable, per environment
Important
It is important that we support deploying new microservices to a specific environment and it not be deployed to others until we move it across. This includes the Pulumi infrastructure piece.