{"id":31284881,"url":"https://github.com/metalcloud1/microforge","last_synced_at":"2026-04-12T00:03:26.799Z","repository":{"id":311723085,"uuid":"1037765037","full_name":"MetalCloud1/MicroForge","owner":"MetalCloud1","description":"MicroForge: Cloud-native microservices template with secure authentication, automated CI/CD, Terraform-managed infrastructure (EKS, PostgreSQL), and monitoring.","archived":false,"fork":false,"pushed_at":"2025-08-26T06:16:07.000Z","size":398,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main-clean","last_synced_at":"2025-08-26T08:20:07.337Z","etag":null,"topics":["alembic","authentication","aws","ci-cd","cloud","containers","devops","docker","eks","grafana","iac-terraform","kubernetes","loki","microservices","observability","pipeline","postgresql","prometheus","python","terraform"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MetalCloud1.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":"SUPPORT.md","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-08-14T04:58:46.000Z","updated_at":"2025-08-26T06:16:03.000Z","dependencies_parsed_at":"2025-08-26T08:20:31.225Z","dependency_job_id":null,"html_url":"https://github.com/MetalCloud1/MicroForge","commit_stats":null,"previous_names":["metalcloud1/microforge"],"tags_count":2,"template":true,"template_full_name":null,"purl":"pkg:github/MetalCloud1/MicroForge","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MetalCloud1%2FMicroForge","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MetalCloud1%2FMicroForge/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MetalCloud1%2FMicroForge/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MetalCloud1%2FMicroForge/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MetalCloud1","download_url":"https://codeload.github.com/MetalCloud1/MicroForge/tar.gz/refs/heads/main-clean","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MetalCloud1%2FMicroForge/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":276713544,"owners_count":25691389,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-24T02:00:09.776Z","response_time":97,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["alembic","authentication","aws","ci-cd","cloud","containers","devops","docker","eks","grafana","iac-terraform","kubernetes","loki","microservices","observability","pipeline","postgresql","prometheus","python","terraform"],"created_at":"2025-09-24T07:34:54.864Z","updated_at":"2026-04-12T00:03:26.749Z","avatar_url":"https://github.com/MetalCloud1.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 id=\"microforge\" align=\"center\" style=\"font-size:40px;\"\u003e\n \u003cb\u003e⚒️MicroForge🗡️\u003c/b\u003e\n \u003c/h1\u003e\n\n \u003cp align=\"center\" style=\"font-size:15px;\"\u003e\n \u003cem\u003e\nKickstart your microservices projects with secure authentication,\nscalable services, automated CI/CD pipelines, and built-in monitoring.\n\u003c/em\u003e\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/MetalCloud1/MicroForge/actions/workflows/ci-cd.yaml\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/actions/workflow/status/MetalCloud1/MicroForge/ci-cd.yaml?branch=dev\u0026style=for-the-badge\u0026logo=githubactions\u0026logoColor=white\" alt=\"CI/CD\"\u003e\n  \u003c/a\u003e\n  \u003cimg src=\"https://img.shields.io/badge/version-v1.0.1-4f8cc9?style=for-the-badge\u0026logo=git\u0026logoColor=white\" alt=\"Version\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/python-3.11+-3776AB?style=for-the-badge\u0026logo=python\u0026logoColor=white\" alt=\"Python\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/docker-ready-2496ED?style=for-the-badge\u0026logo=docker\u0026logoColor=white\" alt=\"Docker\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/template-ready-2ea44f?style=for-the-badge\u0026logo=github\u0026logoColor=white\" alt=\"Template\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e🚀 Version 1.0.1 — stable release\u003c/p\u003e\n\u003cp align=\"center\"\u003e❗ Note: initial/primitive release may contain minor issues.\u003c/p\u003e\n\n\u003ch2 align=\"center\"\u003e\n \n🧭 About MicroForge (context)\n \n\u003c/h2\u003e\n\n\u003cp\u003e\n \nMicroForge began as my first end-to-end cloud learning platform — a practical environment where I taught myself to design, deploy, and operate real infrastructure instead of learning through isolated exercises.\nIt captures the foundational engineering lessons that shaped how I now approach systems: secure-by-design workflows, reproducible environments, GitOps-driven automation, and observability as a core requirement.\n\nThis project is intentionally hands-on and iterative. Every component reflects a decision, a trade-off, or a failure that forced clarity. MicroForge is not meant to be polished; it’s meant to be real.\nIt documents the exact engineering patterns that built my current technical foundation.\n\n\u003c/p\u003e\n\n\u003ch2 id=\"overview\"\u003e🔍 Project Overview\u003c/h2\u003e\n\n\u003cp\u003e\nMicroForge is a cloud-native microservices template that gives you a reproducible base for building service-oriented systems. It includes:\n\u003c/p\u003e\n\n\u003cul\u003e\n  \u003cli\u003e\u003cstrong\u003eIaC\u003c/strong\u003e: Terraform modules for PostgreSQL RDS, AWS Secrets Manager, and Kubernetes infra.\u003c/li\u003e\n  \u003cli\u003e\u003cstrong\u003eKubernetes\u003c/strong\u003e: manifests for Deployments, Services, Namespaces, ServiceAccounts and (optionally) IRSA/OIDC roles.\u003c/li\u003e\n  \u003cli\u003e\u003cstrong\u003eCI/CD\u003c/strong\u003e: GitHub Actions workflows for linting, testing, building Docker images and optional deployments.\u003c/li\u003e\n  \u003cli\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e: environment-specific secrets, password hashing, and optional HIBP checks.\u003c/li\u003e\n  \u003cli\u003e\u003cstrong\u003eObservability\u003c/strong\u003e: Prometheus metrics, Loki JSON logs, Grafana dashboards (provisionable via Helm).\u003c/li\u003e\n  \u003cli\u003e\u003cstrong\u003eMicroservices\u003c/strong\u003e: `auth_service` (complete auth flow) and `users-api` (scaffold).\u003c/li\u003e\n\u003c/ul\u003e\n\n---\n\n\u003ch1 id=\"architecture\" align=\"center\"\u003e\n\n🏗️ Architecture\n\n\u003c/h1\u003e\n\n\u003c/hr\u003e\n\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"docs/diagrams/diagrams-svg-files/ProjectArchitecture.svg\" width=\"600\" alt=\"Project Architecture\"/\u003e\n\u003c/p\u003e\n\n\n\u003ch1 align=\"center\"\u003e\n\n📂 Project Structure\n\n\u003c/h1\u003e\n\n---\n\n\u003ch2 id=\"project-overview-diagram\" align=\"center\"\u003e\n\n1️⃣ Project Overview\n\n\u003c/h2\u003e\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"docs/diagrams/diagrams-svg-files/Project-Overview.svg\" width=\"600\" alt=\"Project Overview\"/\u003e\u003c/p\u003e\n\n\u003ch2 id=\"repo-workflows\" align=\"center\"\u003e\n\n2️⃣ \n\n2️⃣  Auth Service\n\n\u003c/h2\u003e\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"docs/diagrams/diagrams-svg-files/auth-service.svg\" width=\"600\" alt=\"Auth Service\"/\u003e\u003c/p\u003e\n\n\u003ch2 id=\"monitoring-diagram\" align=\"center\"\u003e\n\n3️⃣ Monitoring\n\n\u003c/h2\u003e\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"docs/diagrams/diagrams-svg-files/monitoring.svg\" width=\"600\" alt=\"Monitoring\"/\u003e\u003c/p\u003e\n\n\u003ch2 id=\"terraform-diagram\" align=\"center\"\u003e\n\n4️⃣ Terraform\n\n\u003c/h2\u003e\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"docs/diagrams/diagrams-svg-files/terraform.svg\" width=\"600\" alt=\"Terraform\"/\u003e\u003c/p\u003e\n\n\u003ch2 id=\"demo-service-diagram\" align=\"center\"\u003e\n \n5️⃣ Template / Demo Service\n\n\u003c/h2\u003e\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"docs/diagrams/diagrams-svg-files/demo-service.svg\" width=\"600\" alt=\"Demo Service\"/\u003e\u003c/p\u003e\n\n\u003chr/\u003e\n\n\u003ch1 id=\"ci-cd-pipeline\" align=\"center\"\u003e\n\n🔄 CI/CD Pipeline\n\n\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"docs/diagrams/diagrams-svg-files/PipelineCI-CD.svg\" width=\"600\" alt=\"CI/CD Pipeline\"/\u003e\n\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003eWorkflow summary\u003c/strong\u003e:\u003c/p\u003e\n\u003col\u003e\n  \u003cli\u003e\u003ccode\u003elint\u003c/code\u003e → static checks (ruff / mypy / black)\u003c/li\u003e\n  \u003cli\u003e\u003ccode\u003etest\u003c/code\u003e → unit + integration tests (\u003ccode\u003epytest\u003c/code\u003e)\u003c/li\u003e\n  \u003cli\u003e\u003ccode\u003ebuild\u003c/code\u003e → Docker image build \u0026 tag\u003c/li\u003e\n  \u003cli\u003e\u003ccode\u003epublish\u003c/code\u003e → push image to registry (optional)\u003c/li\u003e\n  \u003cli\u003e\u003ccode\u003edeploy\u003c/code\u003e → manual/automated deployment to staging/production\u003c/li\u003e\n\u003c/ol\u003e\n\n\u003ch2 id=\"observability\"\u003e🛰️ Observability \u0026 Monitoring (clear scope)\u003c/h2\u003e\n\n\u003cp\u003e\nMonitoring is provided and intentionally scoped to two dedicated namespaces so you can compare Dev vs Prod easily:\n\u003c/p\u003e\n\n\n\u003cul\u003e\n  \u003cli\u003e\u003cstrong\u003eNamespaces monitored\u003c/strong\u003e:\n    \u003cul\u003e\n      \u003cli\u003e\u003ccode\u003eauth-dev\u003c/code\u003e — development / staging environment\u003c/li\u003e\n      \u003cli\u003e\u003ccode\u003eauth-prod\u003c/code\u003e — production environment\u003c/li\u003e\n    \u003c/ul\u003e\n  \u003c/li\u003e\n  \u003cli\u003e\u003cstrong\u003eMonitoring stack (recommended)\u003c/strong\u003e:\n    \u003cul\u003e\n      \u003cli\u003ePrometheus (kube-prometheus-stack) — scrapes service endpoints and kube metrics\u003c/li\u003e\n      \u003cli\u003eLoki (loki-stack) — collects structured JSON logs\u003c/li\u003e\n      \u003cli\u003eGrafana — dashboards for latency, throughput, errors; dashboards are pre-bundled and can be provisioned\u003c/li\u003e\n    \u003c/ul\u003e\n  \u003c/li\u003e\n\u003c/ul\u003e\n\n\u003ch3\u003eHow monitoring is configured\u003c/h3\u003e\n\n---\n\n\u003cp\u003e\n- Prometheus is configured to \u003cstrong\u003escrape metrics from pods/services in the namespaces \u003ccode\u003eauth-dev\u003c/code\u003e and \u003ccode\u003eauth-prod\u003c/code\u003e\u003c/strong\u003e. Use the Prometheus Helm values file at \u003ccode\u003emonitoring/prometheus-values.yaml\u003c/code\u003e to set the namespaceSelectors/namespaceRegex or static targets.  \n- Loki is installed with a values file at \u003ccode\u003emonitoring/values.yaml\u003c/code\u003e and configured to collect pod logs cluster-wide but dashboards are filtered by namespace.  \n- Grafana contains pre-made dashboards that use the \u003ccode\u003enamespace\u003c/code\u003e label so you can switch between \u003ccode\u003eauth-dev\u003c/code\u003e and \u003ccode\u003eauth-prod\u003c/code\u003e views.\n\u003c/p\u003e\n\n\u003ch3\u003eQuick install (Helm)\u003c/h3\u003e\n\n```bash\n# add chart repos\nhelm repo add grafana https://grafana.github.io/helm-charts\nhelm repo add prometheus-community https://prometheus-community.github.io/helm-charts\nhelm repo update\n\n# install Loki (replace monitoring/values.yaml with your values)\nhelm upgrade --install loki-stack grafana/loki-stack -n monitoring -f monitoring/values.yaml --create-namespace\n\n# install kube-prometheus-stack (replace monitoring/prometheus-values.yaml with your values)\nhelm upgrade --install prom-stack prometheus-community/kube-prometheus-stack -n monitoring -f monitoring/prometheus-values.yaml\n```\n\u003ch3\u003eNotes: ensuring Prometheus scrapes only the auth namespaces\u003c/h3\u003e\n\nIn your monitoring/prometheus-values.yaml you can add a serviceMonitor or modify the namespaceSelector so Prometheus scrapes only auth-dev and auth-prod. Example snippet:\n\n```yaml\nprometheus:\n  prometheusSpec:\n    serviceMonitorSelectorNilUsesHelmValues: false\n    serviceMonitorSelector:\n      matchExpressions:\n        - {key: kubernetes.io/metadata.name, operator: In, values: [\"auth-dev\", \"auth-prod\"]}\n```\n\n(Adjust according to the chart version — the repo contains example values.)\n\n\u003ch3\u003eAccess Grafana\u003c/h3\u003e\n\n```bash\n# port-forward Grafana (example service name for kube-prometheus-stack)\nkubectl port-forward svc/prom-stack-grafana -n monitoring 3000:80\n# then open http://localhost:3000\n```\n\n\u003ch1 id=\"quick-start\" align=\"center\"\u003e⚡ Quick Start\u003c/h1\u003e\n\n\u003ch2 id=\"prerequisites\" align=\"center\"\u003ePre-requisites\u003c/h2\u003e\n\n\u003cul\u003e\n  \u003cli\u003eDocker \u0026 Docker Compose (for local/demo)\u003c/li\u003e\n  \u003cli\u003ePython 3.11+\u003c/li\u003e\n  \u003cli\u003ePostgreSQL (local or managed) — or use the provided Docker image\u003c/li\u003e\n  \u003cli\u003e\u003ccode\u003ekubectl\u003c/code\u003e, \u003ccode\u003ehelm\u003c/code\u003e (if testing Kubernetes/Helm flows)\u003c/li\u003e\n  \u003cli\u003e(Optional) AWS CLI + credentials for Terraform / real deployments\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003ch3\u003e1) Create namespaces\u003c/h3\u003e\n\n```bash\n# create dev namespace\nkubectl apply -f k8s/namespaces/auth-dev.yaml\n\n# create prod namespace (if you want to test prod layout too)\nkubectl apply -f k8s/namespaces/auth-prod.yaml\n```\n\nExample content for the namespace manifest (k8s/namespaces/auth-dev.yaml):\n\n```yaml\napiVersion: v1\nkind: Namespace\nmetadata:\n  name: auth-dev\n  labels:\n    environment: dev\n```\n\u003ch3\u003e2) Deploy Postgres and services (relative paths)\u003c/h3\u003e\n\n```bash\n# deploy Postgres into auth-dev\nkubectl apply -n auth-dev -f ./k8s/postgres/\n\n# deploy auth service into auth-dev\nkubectl apply -n auth-dev -f ./k8s/auth_service/\n\n# deploy users-api into auth-dev\nkubectl apply -n auth-dev -f ./k8s/users-api/\n```\n\u003e **Tip:** if manifests already include a namespace: field, -n is still ok; keep the YAMLs consistent.\n\n\u003ch3\u003e3) Verify pods \u0026 services\u003c/h3\u003e\n\n```bash\nkubectl get pods -n auth-dev\nkubectl get svc -n auth-dev\nkubectl get deploy -n auth-dev\n```\n\n\u003ch3\u003e4) Port-forward for local testing\u003c/h3\u003e\n\n```bash\n# get the auth-service pod name\nPOD_AUTH=$(kubectl get pods -n auth-dev -l app=auth-service -o jsonpath='{.items[0].metadata.name}')\n\n# forward auth-service pod (example: pod exposes 8000)\nkubectl port-forward -n auth-dev $POD_AUTH 8000:8000 \u0026\necho \"auth service forwarded at http://localhost:8000\"\n\n# get postgres pod name and forward\nPOD_PG=$(kubectl get pods -n auth-dev -l app=postgres -o jsonpath='{.items[0].metadata.name}')\nkubectl port-forward -n auth-dev $POD_PG 5432:5432 \u0026\necho \"postgres forwarded at localhost:5432\"\n```\n\n\u003ch3\u003e5) Smoke tests (curl)\u003c/h3\u003e\n\n```bash\n# register a user\ncurl -s -X POST http://localhost:8000/register \\\n  -H \"Content-Type: application/json\" \\\n  -d '{\"email\":\"tester@example.com\",\"password\":\"Test1234!\"}' | jq\n\n# request a token (form style)\ncurl -s -X POST http://localhost:8000/token \\\n  -d \"username=tester@example.com\u0026password=Test1234!\" | jq\n```\n\n\u003ch3\u003e6) Running tests inside the cluster (recommended for integration tests)\u003c/h3\u003e\n\n* If your test suite expects pods and DB, run the tests from a ephemeral pod with the repo mounted or using an image that has pytest and dependencies:\n\n```bash\n# run tests from a temporary pod mounting current repo (requires accessible files from runner)\nkubectl run -n auth-dev test-runner --rm -i --tty --image=python:3.11 -- bash -c \"\n  pip install -r /tmp/repo/auth_service/requirements-test.txt \u0026\u0026\n  pytest /tmp/repo/auth_service/tests -q\n\"\n```\n\n(Alternative: kubectl exec into an existing test pod if you have one.)\n\n\u003chr/\u003e \u003ch2 id=\"docker-quickstart\"\u003e🐳 Quick Start — Docker (alternative)\u003c/h2\u003e \n\n\u003cp\u003e If you prefer to test locally with Docker, use a dedicated Docker network so containers can talk to each other. \u003c/p\u003e\n\n \u003ch3\u003e1) Create Docker network\u003c/h3\u003e\n\n ```bash\n docker network create microforge-net || true\n```\n\n\u003ch3\u003e2) Start Postgres\u003c/h3\u003e\n\n```bash\ndocker run -d --name mg-postgres --network microforge-net \\\n  -e POSTGRES_USER=authuser -e POSTGRES_PASSWORD=authpass -e POSTGRES_DB=authdb \\\n  -p 5432:5432 postgres:13\n```\n\u003ch3\u003e3) Start services (default images)\u003c/h3\u003e\n\n```bash\ndocker run -d --name auth-service --network microforge-net \\\n  -e POSTGRES_HOST=mg-postgres -e POSTGRES_USER=authuser -e POSTGRES_PASSWORD=authpass -e POSTGRES_DB=authdb \\\n  -p 8000:8000 gilbr/auth-service:latest\n\ndocker run -d --name users-api --network microforge-net \\\n  -e POSTGRES_HOST=mg-postgres -e POSTGRES_USER=authuser -e POSTGRES_PASSWORD=authpass -e POSTGRES_DB=authdb \\\n  -p 8080:8080 gilbr/users-api:latest\n```\n\n\u003chr/\u003e \u003ch2 id=\"postgres-test-config\"\u003e🗄️ PostgreSQL test configuration\u003c/h2\u003e\n\nEnvironment used by the workflow's PostgreSQL service:\n\n```ini\nPOSTGRES_USER=testuser\nPOSTGRES_PASSWORD=testpass\nPOSTGRES_DB=testdb\n```\n\nDatabase URL for tests (used in CI jobs):\n\n```bash\npostgresql+asyncpg://testuser:testpass@localhost:5432/testdb\n```\n\nEnvironment variables used in CI:\n\n```bash\nDATABASE_URL — See PostgreSQL test configuration above.\nPYTHONPATH — add service src dirs when running tests locally (example in workflow).\n```\n\n\u003chr/\u003e \u003ch2 id=\"ci-cd\"\u003e🔄 CI/CD pipeline (high level)\u003c/h2\u003e \n\n\u003cp\u003e The GitHub Actions workflow runs on PRs and pushes to \u003ccode\u003edev\u003c/code\u003e / \u003ccode\u003emain\u003c/code\u003e. Typical steps: \u003c/p\u003e\n\n \u003col\u003e \u003cli\u003e\u003ccode\u003elint\u003c/code\u003e — ruff / mypy / black\u003c/li\u003e \u003cli\u003e\u003ccode\u003etest\u003c/code\u003e — pytest (unit + integration) using the test Postgres service\u003c/li\u003e \u003cli\u003e\u003ccode\u003ebuild\u003c/code\u003e — build Docker images (local or CI registry)\u003c/li\u003e \u003cli\u003e\u003ccode\u003epublish\u003c/code\u003e — optional push to container registry\u003c/li\u003e \u003cli\u003e\u003ccode\u003edeploy\u003c/code\u003e — manual or automated promotion (staging → prod)\u003c/li\u003e \u003c/ol\u003e\n\n---\n\n  \u003ch1 id=\"microservices\" align=\"center\"\u003e📦 Microservices\u003c/h1\u003e\n\n\u003cul\u003e\n  \u003cli\u003e\u003cstrong\u003eAuth Service (\u003ccode\u003eauth_service\u003c/code\u003e)\u003c/strong\u003e — Full authentication flow: registration, email verification, JWT login/refresh, password hashing, user management.\u003c/li\u003e\n  \u003cli\u003e\u003cstrong\u003eUsers API (\u003ccode\u003eusers-api\u003c/code\u003e)\u003c/strong\u003e — Minimal scaffold service: health endpoint, basic CRUD layout, designed to be copied \u0026 extended.\u003c/li\u003e\n\u003c/ul\u003e\n\n   \u003ch2 id=\"testing\"\u003e🧪 Testing \u0026 Linting\u003c/h2\u003e \n\n   \u003cp\u003e \n\n   **Run tests locally (example):**\n\n  \u003c/p\u003e\n\n```bash\n  # run pytest\npytest -q\n\n# run lint/static checks\nruff check .\nblack --check .\nmypy src\n```\n\n\u003cp\u003eFor integration tests that depend on pods (Postgres/Services), prefer running tests from inside the cluster (see Kubernetes instructions above) or create ephemeral containers that connect to the running Postgres container.\u003c/p\u003e \n\n\u003chr/\u003e\n\n\u003ch1 id=\"roadmap\" align=\"center\"\u003e\n📍 Roadmap\n\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"docs/diagrams/diagrams-svg-files/roadmap.svg\" width=\"600\" alt=\"Roadmap\"/\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003cstrong\u003ePlanned near-term improvements:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n  \u003cli\u003eFuture releases will pin versions; 1.0 is stable. streamline Helm charts for demo deploys\u003c/li\u003e\n  \u003cli\u003eAdd OAuth2 / social login options\u003c/li\u003e\n  \u003cli\u003eAdd alerting rules for Prometheus + Grafana alertmanager\u003c/li\u003e\n  \u003cli\u003eHarden Terraform modules; add automated IaC tests\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003chr/\u003e\n\n\u003ch1 id=\"contributing--license\" align=\"center\"\u003e\n\n🤝 Contributing \u0026 License\n\n\u003c/h1\u003e \n\n\u003ch2 id=\"contributing\" align=\"center\"\u003e\n\nContributing (short)\n\n\u003c/h2\u003e \n\n\u003cp\u003eThis template is intended for learning, inspiration, and building new projects. If you'd like to contribute improvements:\u003c/p\u003e \u003cul\u003e \u003cli\u003eOpen an issue describing the change / improvement.\u003c/li\u003e \u003cli\u003eSend a PR against the \u003ccode\u003edev\u003c/code\u003e branch.\u003c/li\u003e \u003cli\u003eRespect the license: contact the author before public redistribution or claiming work as your own.\u003c/li\u003e \u003c/ul\u003e \n\n\u003ch2 id=\"license\" align=\"center\"\u003eLicense (short)\u003c/h2\u003e \n\n\u003cp\u003eThis project is a \u003cstrong\u003etemplate created by Gilbert Ramírez\u003c/strong\u003e (GitHub: \u003ca href=\"https://github.com/MetalCloud1\"\u003e\nhttps://github.com/MetalCloud1\u003c/a\u003e).\n\n\u003c/p\u003e \u003cp\u003e\u003cstrong\u003eLicense:\u003c/strong\u003e CC BY-NC-ND (custom) — full terms in \u003ccode\u003eLICENSE.md\u003c/code\u003e.\n\n\u003c/p\u003e \u003cp\u003e\u003cstrong\u003eYou may:\u003c/strong\u003e\u003c/p\u003e \n\n\u003cul\u003e \u003cli\u003eView, study, and use this template for personal, educational, or inspiration purposes.\u003c/li\u003e \n\n\u003cli\u003eModify or extend it; substantial transformations that add new functionality may be used as your own work \u003cstrong\u003eif you properly acknowledge the original template\u003c/strong\u003e.\u003c/li\u003e \n\n\u003c/ul\u003e \u003cp\u003e\u003cstrong\u003eYou may NOT:\n\n\u003c/strong\u003e\u003c/p\u003e \u003cul\u003e \u003cli\u003eClaim the original template as entirely your own in resumes/portfolios without prior notice to the author.\u003c/li\u003e \u003cli\u003eSell, redistribute, or deploy the original template commercially without consent.\u003c/li\u003e \u003c/ul\u003e \u003cp\u003e\n\n\n\n\u003ch2 id=\"notes\"\u003e📝 Notes \u0026 tips\u003c/h2\u003e \n\n\u003cul\u003e \u003cli\u003eDocker Compose is useful for quick demos (ephemeral). For more realistic tests use Kubernetes + Helm.\u003c/li\u003e \u003cli\u003eMonitoring dashboards are pre-made and filtered by namespace — use \u003ccode\u003eauth-dev\u003c/code\u003e vs \u003ccode\u003eauth-prod\u003c/code\u003e to compare behavior.\u003c/li\u003e \n\n\u003cli\u003eKeep a \u003ccode\u003ek8s/namespaces/\u003c/code\u003e folder with namespace manifests so applying the same namespace is reproducible.\u003c/li\u003e \u003cli\u003eBefore running a rebase/squash, create a backup branch: \u003ccode\u003egit branch backup-main\u003c/code\u003e.\u003c/li\u003e \u003c/ul\u003e\n\n\u003cp align=\"center\"\u003eBuilt with ❤️ by Gilbert Ramírez — \u003ca href=\"https://github.com/MetalCloud1\"\u003egithub.com/MetalCloud1\u003c/a\u003e\u003c/p\u003e ```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmetalcloud1%2Fmicroforge","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmetalcloud1%2Fmicroforge","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmetalcloud1%2Fmicroforge/lists"}