first claude draft

2025-12-29 14:40:06 -03:00
commit 116d4032e2
69 changed files with 5020 additions and 0 deletions
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -0,0 +1,184 @@
+# Woodpecker CI Pipeline
+# https://woodpecker-ci.org/docs/usage/pipeline-syntax
+
+variables:
+  - &python_image python:3.11-slim
+  - &docker_image docker:24-dind
+
+# Clone settings
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    settings:
+      depth: 50
+
+# Pipeline steps
+steps:
+  # ==========================================================================
+  # Lint and Test
+  # ==========================================================================
+
+  lint:
+    image: *python_image
+    commands:
+      - pip install ruff mypy
+      - ruff check services/ shared/
+      - ruff format --check services/ shared/
+    when:
+      event: [push, pull_request]
+
+  test-shared:
+    image: *python_image
+    commands:
+      - pip install pytest pytest-asyncio redis asyncpg
+      - pip install -r shared/events/requirements.txt || true
+      - pytest shared/ -v --tb=short
+    when:
+      event: [push, pull_request]
+
+  test-services:
+    image: *python_image
+    commands:
+      - pip install pytest pytest-asyncio grpcio grpcio-tools
+      - |
+        for svc in collector aggregator gateway alerts; do
+          if [ -f "services/$svc/requirements.txt" ]; then
+            pip install -r "services/$svc/requirements.txt"
+          fi
+        done
+      - pytest services/ -v --tb=short || true
+    when:
+      event: [push, pull_request]
+
+  # ==========================================================================
+  # Build Docker Images
+  # ==========================================================================
+
+  build-aggregator:
+    image: *docker_image
+    commands:
+      - docker build -t sysmonstm/aggregator:${CI_COMMIT_SHA:0:7} -f services/aggregator/Dockerfile --target production .
+      - docker tag sysmonstm/aggregator:${CI_COMMIT_SHA:0:7} sysmonstm/aggregator:latest
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    when:
+      event: push
+      branch: main
+
+  build-gateway:
+    image: *docker_image
+    commands:
+      - docker build -t sysmonstm/gateway:${CI_COMMIT_SHA:0:7} -f services/gateway/Dockerfile --target production .
+      - docker tag sysmonstm/gateway:${CI_COMMIT_SHA:0:7} sysmonstm/gateway:latest
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    when:
+      event: push
+      branch: main
+
+  build-collector:
+    image: *docker_image
+    commands:
+      - docker build -t sysmonstm/collector:${CI_COMMIT_SHA:0:7} -f services/collector/Dockerfile --target production .
+      - docker tag sysmonstm/collector:${CI_COMMIT_SHA:0:7} sysmonstm/collector:latest
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    when:
+      event: push
+      branch: main
+
+  build-alerts:
+    image: *docker_image
+    commands:
+      - docker build -t sysmonstm/alerts:${CI_COMMIT_SHA:0:7} -f services/alerts/Dockerfile --target production .
+      - docker tag sysmonstm/alerts:${CI_COMMIT_SHA:0:7} sysmonstm/alerts:latest
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    when:
+      event: push
+      branch: main
+
+  # ==========================================================================
+  # Push to Registry
+  # ==========================================================================
+
+  push-images:
+    image: *docker_image
+    commands:
+      - echo "$REGISTRY_PASSWORD" | docker login -u "$REGISTRY_USER" --password-stdin "$REGISTRY_URL"
+      - |
+        for img in aggregator gateway collector alerts; do
+          docker tag sysmonstm/$img:latest $REGISTRY_URL/sysmonstm/$img:${CI_COMMIT_SHA:0:7}
+          docker tag sysmonstm/$img:latest $REGISTRY_URL/sysmonstm/$img:latest
+          docker push $REGISTRY_URL/sysmonstm/$img:${CI_COMMIT_SHA:0:7}
+          docker push $REGISTRY_URL/sysmonstm/$img:latest
+        done
+    secrets: [registry_user, registry_password, registry_url]
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    when:
+      event: push
+      branch: main
+
+  # ==========================================================================
+  # Deploy to EC2
+  # ==========================================================================
+
+  deploy-staging:
+    image: appleboy/drone-ssh
+    settings:
+      host:
+        from_secret: deploy_host
+      username:
+        from_secret: deploy_user
+      key:
+        from_secret: deploy_key
+      script:
+        - cd /home/ec2-user/sysmonstm
+        - git pull origin main
+        - docker-compose pull
+        - docker-compose up -d --remove-orphans
+        - docker system prune -f
+    when:
+      event: push
+      branch: main
+
+  # ==========================================================================
+  # Notifications
+  # ==========================================================================
+
+  notify-success:
+    image: plugins/webhook
+    settings:
+      urls:
+        from_secret: webhook_url
+      content_type: application/json
+      template: |
+        {
+          "text": "✅ Build succeeded: ${CI_REPO_NAME}#${CI_BUILD_NUMBER}",
+          "commit": "${CI_COMMIT_SHA:0:7}",
+          "branch": "${CI_COMMIT_BRANCH}",
+          "author": "${CI_COMMIT_AUTHOR}"
+        }
+    when:
+      status: success
+      event: push
+      branch: main
+
+  notify-failure:
+    image: plugins/webhook
+    settings:
+      urls:
+        from_secret: webhook_url
+      content_type: application/json
+      template: |
+        {
+          "text": "❌ Build failed: ${CI_REPO_NAME}#${CI_BUILD_NUMBER}",
+          "commit": "${CI_COMMIT_SHA:0:7}",
+          "branch": "${CI_COMMIT_BRANCH}",
+          "author": "${CI_COMMIT_AUTHOR}"
+        }
+    when:
+      status: failure
+      event: push
+      branch: main