{"id":27079254,"url":"https://github.com/sloweyyy/cloud-native-ecommerce-platform","last_synced_at":"2026-01-16T20:28:20.894Z","repository":{"id":285130206,"uuid":"957142627","full_name":"sloweyyy/cloud-native-ecommerce-platform","owner":"sloweyyy","description":"Cloud-native e-commerce platform built on .NET 8 microservices with React/Nx microfrontends, containerized for Docker/Kubernetes, integrating MongoDB, Redis, PostgreSQL, SQL Server, RabbitMQ, and Ocelot API gateway (with legacy Angular included)","archived":false,"fork":false,"pushed_at":"2026-01-14T06:43:56.000Z","size":84931,"stargazers_count":17,"open_issues_count":36,"forks_count":3,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-01-14T09:22:54.186Z","etag":null,"topics":["angular","cloud-native","csharp","devops","docker","dotnet","elasticsearch","elk-stack","grafana","istio","jaeger","kibana","kubernetes","logstash","microservice","prometheus"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sloweyyy.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["sloweyyy"]}},"created_at":"2025-03-29T16:52:37.000Z","updated_at":"2026-01-14T06:42:54.000Z","dependencies_parsed_at":"2025-10-28T19:12:53.972Z","dependency_job_id":null,"html_url":"https://github.com/sloweyyy/cloud-native-ecommerce-platform","commit_stats":null,"previous_names":["sloweyyy/cloud-native-ecommerce-platform"],"tags_count":20,"template":false,"template_full_name":null,"purl":"pkg:github/sloweyyy/cloud-native-ecommerce-platform","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sloweyyy%2Fcloud-native-ecommerce-platform","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sloweyyy%2Fcloud-native-ecommerce-platform/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sloweyyy%2Fcloud-native-ecommerce-platform/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sloweyyy%2Fcloud-native-ecommerce-platform/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sloweyyy","download_url":"https://codeload.github.com/sloweyyy/cloud-native-ecommerce-platform/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sloweyyy%2Fcloud-native-ecommerce-platform/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28482267,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T11:59:17.896Z","status":"ssl_error","status_checked_at":"2026-01-16T11:55:55.838Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["angular","cloud-native","csharp","devops","docker","dotnet","elasticsearch","elk-stack","grafana","istio","jaeger","kibana","kubernetes","logstash","microservice","prometheus"],"created_at":"2025-04-06T01:33:27.915Z","updated_at":"2026-01-16T20:28:20.883Z","avatar_url":"https://github.com/sloweyyy.png","language":"TypeScript","funding_links":["https://github.com/sponsors/sloweyyy"],"categories":[],"sub_categories":[],"readme":"# Cloud-Native E-Commerce Platform\n\n[![.NET 8](https://img.shields.io/badge/.NET-8.0-blue.svg)](https://dotnet.microsoft.com/)\n[![React 18](https://img.shields.io/badge/React-18-61dafb.svg)](https://react.dev/)\n[![Nx](https://img.shields.io/badge/Nx-21-96267f.svg)](https://nx.dev/)\n[![TypeScript](https://img.shields.io/badge/TypeScript-5.9-3178c6.svg)](https://www.typescriptlang.org/)\n[![AWS](https://img.shields.io/badge/AWS-EKS-ff9900.svg)](https://aws.amazon.com/eks/)\n[![Kubernetes](https://img.shields.io/badge/Kubernetes-Ready-326ce5.svg)](https://kubernetes.io/)\n[![Docker](https://img.shields.io/badge/Docker-Compose-2496ed.svg)](https://www.docker.com/)\n[![MIT License](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)\n\n\u003e **Enterprise-grade cloud-native e-commerce platform** built with modern microfrontend architecture, microservices, and cloud-native DevOps. Production-ready with full observability, security scanning, and multi-environment deployment.\n\n## โœจ Key Features\n\n- **๐Ÿ—๏ธ Microfrontend Architecture** - Webpack Module Federation with runtime composition, independent deployment, and shared authentication\n- **โ˜๏ธ Enterprise Cloud Infrastructure** - AWS EKS with auto-scaling, multi-AZ, CloudFormation IaC, and IRSA for secure AWS access\n- **๐ŸŽฏ Microservices Backend** - Clean Architecture with CQRS pattern, event-driven design, and gRPC communication\n- **๐Ÿ“Š Full Observability** - Elastic Stack, Prometheus, Grafana, Jaeger distributed tracing, and Istio service mesh\n- **๐Ÿ”’ Security \u0026 Compliance** - JWT authentication, IRSA, Istio mTLS, Trivy/CodeQL scanning, and secrets management\n- **๐ŸŽจ Advanced Admin Dashboard** - Real-time analytics, activity tracking, product management, and audit logs\n- **โšก Developer Experience** - Nx monorepo with caching, hot reload, type-safe APIs, and E2E testing (Playwright)\n\n## ๐Ÿ›๏ธ Architecture Overview\n\n### System Architecture\n\n```mermaid\ngraph TB\n subgraph \"Client Layer\"\n Web[\"๐Ÿ–ฅ๏ธ Web Application\u003cbr/\u003eReact Microfrontends\"]\n end\n\n subgraph \"Microfrontend Shell (Host)\"\n Host[\"Host Shell\u003cbr/\u003ePort 4200\u003cbr/\u003eRouter \u0026 Auth\"]\n end\n\n subgraph \"Microfrontends (Runtime Federation)\"\n Store[\"Store MFE\u003cbr/\u003ePort 4201\u003cbr/\u003eProduct Browsing\"]\n Checkout[\"Checkout MFE\u003cbr/\u003ePort 4202\u003cbr/\u003eCart \u0026 Checkout\"]\n Account[\"Account MFE\u003cbr/\u003ePort 4203\u003cbr/\u003eUser Profile\"]\n Admin[\"Admin MFE\u003cbr/\u003ePort 4204\u003cbr/\u003eManagement\"]\n end\n\n subgraph \"Shared Packages\"\n Auth[\"@ecommerce-platform/\u003cbr/\u003eauth-provider\"]\n Layout[\"@ecommerce-platform/\u003cbr/\u003eshared-layout\"]\n Injector[\"@ecommerce-platform/\u003cbr/\u003eapp-injector\"]\n end\n\n subgraph \"API Gateway\"\n Gateway[\"Ocelot Gateway\u003cbr/\u003ePort 8010\u003cbr/\u003eCORS, Auth, Routing\"]\n end\n\n subgraph \"Identity \u0026 Security\"\n AuthServer[\"Identity Server 4\u003cbr/\u003eJWT Authentication\u003cbr/\u003eAzure AD B2C\"]\n end\n\n subgraph \"Microservices\"\n Catalog[\"Catalog Service\u003cbr/\u003ePort 8000\u003cbr/\u003eProduct Management\"]\n Basket[\"Basket Service\u003cbr/\u003ePort 8001\u003cbr/\u003eShopping Cart\"]\n Discount[\"Discount Service\u003cbr/\u003ePort 8002\u003cbr/\u003eCoupon System\"]\n Ordering[\"Ordering Service\u003cbr/\u003ePort 8003\u003cbr/\u003eOrder Processing\"]\n end\n\n subgraph \"Data Layer\"\n CatalogDB[\"MongoDB\u003cbr/\u003eCatalog DB\"]\n BasketDB[\"Redis\u003cbr/\u003eSession Store\"]\n DiscountDB[\"PostgreSQL\u003cbr/\u003eDiscount DB\"]\n OrderDB[\"SQL Server\u003cbr/\u003eOrder DB\"]\n S3[\"AWS S3\u003cbr/\u003eProduct Images\"]\n end\n\n subgraph \"Event Bus \u0026 Communication\"\n MessageBus[\"RabbitMQ\u003cbr/\u003eEvent Bus\u003cbr/\u003eMassTransit\"]\n end\n\n subgraph \"Infrastructure \u0026 Monitoring\"\n ServiceMesh[\"Istio Service Mesh\u003cbr/\u003eEnvoy Sidecars\u003cbr/\u003emTLS, Traffic Mgmt\"]\n Logs[\"Elasticsearch\u003cbr/\u003eLog Aggregation\"]\n Metrics[\"Prometheus\u003cbr/\u003eMetrics Collection\"]\n Dashboard[\"Grafana\u003cbr/\u003eDashboards\"]\n Tracing[\"Jaeger\u003cbr/\u003eDistributed Tracing\"]\n end\n\n Web --\u003e Host\n Host --\u003e Auth\n Host --\u003e Layout\n Host --\u003e Injector\n Host --\u003e Store\n Host --\u003e Checkout\n Host --\u003e Account\n Host --\u003e Admin\n\n Store --\u003e Gateway\n Checkout --\u003e Gateway\n Account --\u003e Gateway\n Admin --\u003e Gateway\n\n Gateway --\u003e AuthServer\n Gateway --\u003e Catalog\n Gateway --\u003e Basket\n Gateway --\u003e Discount\n Gateway --\u003e Ordering\n\n Catalog --\u003e CatalogDB\n Catalog --\u003e S3\n Basket --\u003e BasketDB\n Discount --\u003e DiscountDB\n Ordering --\u003e OrderDB\n\n Basket --\u003e MessageBus\n Ordering --\u003e MessageBus\n Catalog --\u003e MessageBus\n\n Basket -.-\u003e|gRPC| Discount\n\n Catalog --\u003e ServiceMesh\n Basket --\u003e ServiceMesh\n Discount --\u003e ServiceMesh\n Ordering --\u003e ServiceMesh\n\n ServiceMesh --\u003e Logs\n ServiceMesh --\u003e Metrics\n Logs --\u003e Dashboard\n Metrics --\u003e Dashboard\n ServiceMesh --\u003e Tracing\n```\n\n### Microfrontend Architecture\n\n```mermaid\ngraph LR\n subgraph \"Development Mode\"\n D_Host[\"Host\u003cbr/\u003elocalhost:4200\"]\n D_Store[\"Store Remote\u003cbr/\u003elocalhost:4201\"]\n D_Checkout[\"Checkout Remote\u003cbr/\u003elocalhost:4202\"]\n D_Account[\"Account Remote\u003cbr/\u003elocalhost:4203\"]\n D_Admin[\"Admin Remote\u003cbr/\u003elocalhost:4204\"]\n D_Shared[\"Shared Packages\u003cbr/\u003eauth-provider, app-injector,\u003cbr/\u003eshared-layout\"]\n end\n\n subgraph \"Production Mode\"\n P_Host[\"Host App\u003cbr/\u003e/\"]\n P_Store[\"Store\u003cbr/\u003e/remotes/store\"]\n P_Checkout[\"Checkout\u003cbr/\u003e/remotes/checkout\"]\n P_Account[\"Account\u003cbr/\u003e/remotes/account\"]\n P_Admin[\"Admin\u003cbr/\u003e/remotes/admin\"]\n P_MFE[\"Module Federation\u003cbr/\u003eRuntime Loading\"]\n end\n\n D_Host -.-\u003e|Dynamic Load| D_Store\n D_Host -.-\u003e|Dynamic Load| D_Checkout\n D_Host -.-\u003e|Dynamic Load| D_Account\n D_Host -.-\u003e|Dynamic Load| D_Admin\n D_Store -.-\u003e D_Shared\n D_Checkout -.-\u003e D_Shared\n D_Account -.-\u003e D_Shared\n D_Admin -.-\u003e D_Shared\n\n P_Host --\u003e|Runtime Load| P_MFE\n P_MFE --\u003e|Load| P_Store\n P_MFE --\u003e|Load| P_Checkout\n P_MFE --\u003e|Load| P_Account\n P_MFE --\u003e|Load| P_Admin\n```\n\n### Cloud Infrastructure (AWS)\n\n```mermaid\ngraph TB\n subgraph \"AWS Region: ap-southeast-1\"\n subgraph \"VPC: 10.0.0.0/16\"\n subgraph \"Public Subnets\"\n NAT[\"NAT Gateway\u003cbr/\u003e10.0.1.0/24\"]\n IGW[\"Internet Gateway\"]\n end\n\n subgraph \"Private Subnets\"\n EKS[\"EKS Cluster\u003cbr/\u003eKubernetes Control Plane\"]\n NodeGroup[\"Node Group (1-3 EC2)\u003cbr/\u003em7i-flex.large\u003cbr/\u003e80GB EBS\"]\n end\n end\n\n ECR[\"ECR Repositories\u003cbr/\u003ecatalogapi, basketapi,\u003cbr/\u003ediscountapi, orderingapi,\u003cbr/\u003eocelotapigateway\"]\n\n subgraph \"Load Balancing\"\n NLB[\"Network Load Balancer\u003cbr/\u003eHTTPS/TLS Termination\u003cbr/\u003eACM Certificate\"]\n ALB[\"Application Load Balancer\u003cbr/\u003ePath-based Routing\"]\n end\n\n S3[\"S3 Bucket\u003cbr/\u003eProduct Images\"]\n end\n\n subgraph \"Kubernetes Deployments\"\n Databases[\"Databases (Helm)\u003cbr/\u003eMongoDB, Redis,\u003cbr/\u003ePostgreSQL, SQL Server\"]\n Apps[\"Microservices (Helm)\u003cbr/\u003eCatalog, Basket, Discount,\u003cbr/\u003eOrdering, API Gateway\"]\n Monitoring[\"Monitoring Stack (Helm)\u003cbr/\u003ePrometheus, Grafana,\u003cbr/\u003eElasticsearch, Kibana, Jaeger\"]\n end\n\n EKS --\u003e NodeGroup\n NodeGroup --\u003e Databases\n NodeGroup --\u003e Apps\n NodeGroup --\u003e Monitoring\n\n NLB --\u003e EKS\n ALB --\u003e EKS\n\n ECR --\u003e|Pull Images| NodeGroup\n Apps --\u003e|Read/Write| S3\n\n IAM[\"IRSA\u003cbr/\u003eIAM Roles for\u003cbr/\u003eService Accounts\"]\n IAM -.-\u003e|Pod Identity| Apps\n```\n\n### Clean Architecture (Per Microservice)\n\n```mermaid\ngraph TD\n API[\"API Layer\u003cbr/\u003eControllers, Endpoints\"]\n App[\"Application Layer\u003cbr/\u003eCommands, Queries, Handlers\u003cbr/\u003eMediatR, CQRS\"]\n Domain[\"Domain Layer\u003cbr/\u003eEntities, Value Objects\u003cbr/\u003eBusiness Rules\"]\n Infra[\"Infrastructure Layer\u003cbr/\u003eRepositories, External Services\u003cbr/\u003eDatabase, S3, gRPC\"]\n\n API --\u003e App\n App --\u003e Domain\n App --\u003e Infra\n Infra --\u003e Domain\n\n classDef api fill:#e3f2fd,stroke:#1976d2,color:#000\n classDef app fill:#f3e5f5,stroke:#7b1fa2,color:#000\n classDef domain fill:#e8f5e9,stroke:#388e3c,color:#000\n classDef infra fill:#fff3e0,stroke:#f57c00,color:#000\n\n class API api\n class App app\n class Domain domain\n class Infra infra\n```\n\n## ๐Ÿš€ Quick Start\n\nChoose your deployment path:\n\n### ๐Ÿ“ Option 1: Local Development (Minikube)\n\nBest for: Development, testing, and learning\n\n```bash\n# Clone repository\ngit clone https://github.com/sloweyyy/cloud-native-ecommerce-platform.git\ncd cloud-native-ecommerce-platform\n\n# Deploy locally (all services + monitoring)\n./deploy.sh\n```\n\n**Time**: ~15-20 minutes\n**Includes**: Minikube cluster, all services, LocalStack (S3), monitoring stack (Prometheus, Grafana, Jaeger, Kibana)\n\n### โ˜๏ธ Option 2: AWS Minimal (Cost-Optimized)\n\nBest for: Budget-conscious deployments, small teams\n\n```bash\n# Deploy to AWS with minimal services\n./deploy-aws-minimal.sh\n```\n\n**Time**: ~20-25 minutes\n**Includes**: EKS cluster (single AZ), core services, AWS S3, no monitoring stack\n**Cost**: ~$20-50/month\n\n### ๐Ÿข Option 3: AWS Production (Full Stack)\n\nBest for: Production workloads, enterprise deployments\n\n```bash\n# Full production deployment with monitoring\n./deploy-aws.sh\n```\n\n**Time**: ~30-40 minutes\n**Includes**: Multi-AZ EKS, all services, full monitoring (Prometheus, Grafana, Jaeger, Elasticsearch, Kibana), HTTPS, auto-scaling\n**Cost**: ~$150-300/month\n\nFor detailed deployment instructions, see [DEPLOYMENT-GUIDE.md](DEPLOYMENT-GUIDE.md)\n\n## ๐Ÿ“ Access Services\n\n### Frontend Applications\n\n| Service | Local | Description |\n| --- | --- | --- |\n| **Host Shell** | [localhost:4200](http://localhost:4200) | Main application (router) |\n| **Store** | [localhost:4201](http://localhost:4201) | Public product browsing |\n| **Checkout** | [localhost:4202](http://localhost:4202) | Shopping cart \u0026 checkout |\n| **Account** | [localhost:4203](http://localhost:4203) | User profile \u0026 orders |\n| **Admin Dashboard** | [localhost:4204](http://localhost:4204) | Admin management |\n\n### Backend Services\n\n| Service | Local | Swagger UI |\n| --- | --- | --- |\n| **API Gateway** | [localhost:8010](http://localhost:8010) | [Swagger](http://localhost:8010/swagger) |\n| **Catalog API** | [localhost:8000](http://localhost:8000) | [Swagger](http://localhost:8000/swagger) |\n| **Basket API** | [localhost:8001](http://localhost:8001) | [Swagger](http://localhost:8001/swagger) |\n| **Discount API** | [localhost:8002](http://localhost:8002) | [Swagger](http://localhost:8002/swagger) |\n| **Ordering API** | [localhost:8003](http://localhost:8003) | [Swagger](http://localhost:8003/swagger) |\n| **Identity Server** | [localhost:9009](http://localhost:9009) | - |\n\n### Monitoring \u0026 Observability\n\n| Tool | Local | Purpose |\n| --- | --- | --- |\n| **Prometheus** | [localhost:9090](http://localhost:9090) | Metrics collection |\n| **Grafana** | [localhost:3000](http://localhost:3000) | Dashboards \u0026 visualization |\n| **Kibana** | [localhost:5601](http://localhost:5601) | Log analytics |\n| **Jaeger** | [localhost:16686](http://localhost:16686) | Distributed tracing |\n| **Kiali** | [localhost:20001](http://localhost:20001) | Service mesh visualization |\n| **RabbitMQ** | [localhost:15672](http://localhost:15672) | Message broker UI |\n\n## ๐Ÿ› ๏ธ Tech Stack\n\n### Frontend Architecture\n\n| Component | Technology | Version | Purpose |\n| --- | --- | --- | --- |\n| **Microfrontend Framework** | Webpack Module Federation | 5 | Runtime app composition |\n| **Monorepo** | Nx | 21.6 | Build orchestration \u0026 caching |\n| **Runtime** | React | 18.3 | UI framework |\n| **Language** | TypeScript | 5.9 | Type-safe development |\n| **Routing** | React Router (Host) / TanStack Router (Remotes) | 6 / 1 | URL management |\n| **State Management** | TanStack Query + Zustand | 5 / 5 | Server + client state |\n| **UI Components** | Ant Design | 5.22 | Component library |\n| **Authentication** | Azure MSAL | 3.27 | OAuth/OIDC support |\n| **Form Validation** | Zod | 3.24 | Type-safe validation |\n| **Testing** | Playwright + Jest | 1.56 / 30 | E2E and unit tests |\n\n### Backend Services\n\n| Component | Technology | Version | Purpose |\n| --- | --- | --- | --- |\n| **Runtime** | .NET | 8.0 | Framework |\n| **Framework** | ASP.NET Core | 8.0 | Web API |\n| **Architecture** | Clean Architecture | - | SOLID principles |\n| **Pattern** | CQRS + MediatR | 12.5 | Command/Query separation |\n| **ORM** | Entity Framework Core | 8.0 | Database abstraction |\n| **Mapping** | AutoMapper | 13.0 | DTO mapping |\n| **Validation** | FluentValidation | 11.9 | Input validation |\n| **Communication** | gRPC + REST | - | Service communication |\n| **API Documentation** | Swagger/OpenAPI | 3.0 | Interactive docs |\n\n### Data \u0026 Storage\n\n| Database | Type | Purpose | Port |\n| --- | --- | --- | --- |\n| **MongoDB** | Document DB | Product catalog | 27017 |\n| **Redis** | Cache/Session | Shopping baskets | 6379 |\n| **PostgreSQL** | Relational | Discount coupons | 5432 |\n| **SQL Server** | Relational | Orders \u0026 activity | 1433 |\n| **AWS S3** | Object Storage | Product images | - |\n\n### Message Bus \u0026 Communication\n\n| Technology | Purpose |\n| --- | --- |\n| **RabbitMQ** | Event bus for asynchronous communication |\n| **MassTransit** | .NET messaging framework |\n| **gRPC** | High-performance RPC (Basket โ†’ Discount) |\n| **REST/JSON** | Client-facing APIs |\n\n### Cloud \u0026 DevOps\n\n| Component | Technology | Purpose |\n| --- | --- | --- |\n| **Container Platform** | Docker | Application containerization |\n| **Orchestration** | Kubernetes (EKS) | Container management |\n| **IaC** | CloudFormation + Helm | Infrastructure automation |\n| **Service Mesh** | Istio (1.20) | Traffic management, security |\n| **CI/CD** | GitHub Actions | Automated build \u0026 deploy |\n| **Container Registry** | ECR (AWS) / GHCR (GitHub) | Image storage |\n| **Local Development** | Minikube + LocalStack | Local simulation |\n\n### Monitoring \u0026 Observability\n\n| Stack | Components | Purpose |\n| --- | --- | --- |\n| **Logs** | Serilog โ†’ Elasticsearch โ†’ Kibana | Centralized logging |\n| **Metrics** | Prometheus | Metrics collection (15s scrape) |\n| **Dashboards** | Grafana | Metrics visualization |\n| **Traces** | Jaeger Collector | Distributed tracing |\n| **Service Mesh** | Istio + Envoy sidecars | Service observability |\n| **Topology** | Kiali | Service mesh visualization |\n| **Health Checks** | Custom endpoints | Service health monitoring |\n\n## ๐Ÿ“ฆ Project Structure\n\n```text\ncloud-native-ecommerce-platform/\nโ”‚\nโ”œโ”€โ”€ ๐Ÿ“ ecommerce-micro-frontend/ # Microfrontend monorepo (Nx)\nโ”‚ โ”œโ”€โ”€ host/ # Shell app (Host) - Router, Auth\nโ”‚ โ”œโ”€โ”€ store/ # Store MFE - Product browsing\nโ”‚ โ”œโ”€โ”€ checkout/ # Checkout MFE - Cart \u0026 checkout\nโ”‚ โ”œโ”€โ”€ account/ # Account MFE - User profile\nโ”‚ โ”œโ”€โ”€ admin/ # Admin MFE - Management dashboard\nโ”‚ โ”œโ”€โ”€ packages/\nโ”‚ โ”‚ โ”œโ”€โ”€ app-injector/ # MFE injection utilities\nโ”‚ โ”‚ โ”œโ”€โ”€ auth-provider/ # Shared authentication provider\nโ”‚ โ”‚ โ””โ”€โ”€ shared-layout/ # Shared UI components (Navbar, Footer)\nโ”‚ โ”œโ”€โ”€ e2e/ # E2E tests (Playwright)\nโ”‚ โ”œโ”€โ”€ nx.json # Nx configuration\nโ”‚ โ”œโ”€โ”€ tsconfig.base.json # TypeScript base config\nโ”‚ โ””โ”€โ”€ package.json # Dependencies\nโ”‚\nโ”œโ”€โ”€ ๐Ÿ“ Services/ # Backend microservices (.NET 8)\nโ”‚ โ”œโ”€โ”€ Catalog/\nโ”‚ โ”‚ โ”œโ”€โ”€ Catalog.API/ # REST endpoints\nโ”‚ โ”‚ โ”œโ”€โ”€ Catalog.Core/ # Domain entities\nโ”‚ โ”‚ โ””โ”€โ”€ Catalog.Infrastructure/ # MongoDB, S3\nโ”‚ โ”œโ”€โ”€ Basket/\nโ”‚ โ”‚ โ”œโ”€โ”€ Basket.API/ # REST endpoints\nโ”‚ โ”‚ โ”œโ”€โ”€ Basket.Core/ # Domain entities\nโ”‚ โ”‚ โ””โ”€โ”€ Basket.Infrastructure/ # Redis, gRPC client\nโ”‚ โ”œโ”€โ”€ Discount/\nโ”‚ โ”‚ โ”œโ”€โ”€ Discount.API/ # gRPC \u0026 REST endpoints\nโ”‚ โ”‚ โ”œโ”€โ”€ Discount.Core/ # Domain entities\nโ”‚ โ”‚ โ””โ”€โ”€ Discount.Infrastructure/ # PostgreSQL\nโ”‚ โ””โ”€โ”€ Ordering/\nโ”‚ โ”œโ”€โ”€ Ordering.API/ # REST endpoints\nโ”‚ โ”œโ”€โ”€ Ordering.Core/ # Domain entities, Activity tracking\nโ”‚ โ””โ”€โ”€ Ordering.Infrastructure/ # SQL Server, RabbitMQ consumer\nโ”‚\nโ”œโ”€โ”€ ๐Ÿ“ ApiGateways/\nโ”‚ โ””โ”€โ”€ Ocelot.ApiGateway/ # API Gateway configuration\nโ”‚\nโ”œโ”€โ”€ ๐Ÿ“ Infrastructure/ # Shared libraries \u0026 IaC\nโ”‚ โ”œโ”€โ”€ aws/\nโ”‚ โ”‚ โ””โ”€โ”€ cloudformation/ # AWS infrastructure templates\nโ”‚ โ”‚ โ”œโ”€โ”€ vpc.yaml # VPC, subnets, NAT\nโ”‚ โ”‚ โ”œโ”€โ”€ eks-cluster.yaml # EKS cluster \u0026 node groups\nโ”‚ โ”‚ โ”œโ”€โ”€ minimal-stack.yaml # Combined VPC + EKS\nโ”‚ โ”‚ โ””โ”€โ”€ alb-ingress.yaml # Load balancer\nโ”‚ โ””โ”€โ”€ EventBus/ # RabbitMQ, MassTransit setup\nโ”‚\nโ”œโ”€โ”€ ๐Ÿ“ Deployments/\nโ”‚ โ”œโ”€โ”€ helm/ # Helm charts (19 total)\nโ”‚ โ”‚ โ”œโ”€โ”€ catalogdb/ # MongoDB chart\nโ”‚ โ”‚ โ”œโ”€โ”€ basketdb/ # Redis chart\nโ”‚ โ”‚ โ”œโ”€โ”€ discountdb/ # PostgreSQL chart\nโ”‚ โ”‚ โ”œโ”€โ”€ orderdb/ # SQL Server chart\nโ”‚ โ”‚ โ”œโ”€โ”€ rabbitmq/ # RabbitMQ chart\nโ”‚ โ”‚ โ”œโ”€โ”€ catalog/ # Catalog service chart\nโ”‚ โ”‚ โ”œโ”€โ”€ basket/ # Basket service chart\nโ”‚ โ”‚ โ”œโ”€โ”€ discount/ # Discount service chart\nโ”‚ โ”‚ โ”œโ”€โ”€ ordering/ # Ordering service chart\nโ”‚ โ”‚ โ”œโ”€โ”€ ocelotapigw/ # API Gateway chart\nโ”‚ โ”‚ โ”œโ”€โ”€ prometheus/ # Prometheus chart\nโ”‚ โ”‚ โ”œโ”€โ”€ grafana/ # Grafana chart\nโ”‚ โ”‚ โ”œโ”€โ”€ elasticsearch/ # Elasticsearch chart\nโ”‚ โ”‚ โ””โ”€โ”€ kibana/ # Kibana chart\nโ”‚ โ”œโ”€โ”€ k8s/ # Kubernetes manifests\nโ”‚ โ”‚ โ”œโ”€โ”€ deployments/ # Service deployments\nโ”‚ โ”‚ โ”œโ”€โ”€ services/ # Service definitions\nโ”‚ โ”‚ โ”œโ”€โ”€ ingress/ # Ingress rules\nโ”‚ โ”‚ โ””โ”€โ”€ monitoring/ # Monitoring resources\nโ”‚ โ””โ”€โ”€ monitoring/ # Observability configs\nโ”‚\nโ”œโ”€โ”€ ๐Ÿ“ .github/\nโ”‚ โ””โ”€โ”€ workflows/ # CI/CD pipelines\nโ”‚ โ”œโ”€โ”€ ci.yml # Build, test, security scan\nโ”‚ โ”œโ”€โ”€ cd.yml # Build images, push ECR, deploy\nโ”‚ โ””โ”€โ”€ docker.yml # Publish to GHCR\nโ”‚\nโ”œโ”€โ”€ ๐Ÿ“ scripts/\nโ”‚ โ”œโ”€โ”€ deploy.sh # Local Minikube deployment\nโ”‚ โ”œโ”€โ”€ deploy-aws.sh # Full AWS EKS deployment\nโ”‚ โ”œโ”€โ”€ deploy-aws-minimal.sh # Cost-optimized AWS deployment\nโ”‚ โ”œโ”€โ”€ cleanup.sh # Resource cleanup\nโ”‚ โ””โ”€โ”€ monitoring/ # Observability setup scripts\nโ”‚\nโ”œโ”€โ”€ ๐Ÿ“ PostmanCollection/ # API testing collections\nโ”œโ”€โ”€ ๐Ÿ“ diagrams/ # Architecture diagrams\nโ”œโ”€โ”€ ๐Ÿ“ wiki/ # Documentation\nโ”‚\nโ”œโ”€โ”€ README.md # This file\nโ”œโ”€โ”€ DEPLOYMENT-GUIDE.md # Detailed deployment docs\nโ”œโ”€โ”€ LICENSE # MIT License\nโ””โ”€โ”€ docker-compose.yml # Local development stack\n```\n\n## ๐Ÿง  Architecture Patterns \u0026 Design\n\n### Microfrontend Architecture\n\nThe platform uses **Webpack Module Federation** with a shell-based orchestration pattern:\n\n- **Host Application** (Shell): Manages routing, authentication, shared layout\n- **Remote Applications**: Store, Checkout, Account, Admin - independently deployed\n- **Shared Packages**: Common authentication, UI components, injection utilities\n- **Runtime Loading**: Remotes loaded dynamically at runtime (no compile-time dependencies)\n- **Development**: Each micro-app runs on separate port (4200-4204)\n- **Production**: All apps bundled together, remotes served from `/remotes/` directory\n\n**Benefits**:\n\n- โœ… Independent deployability per micro-app\n- โœ… Team autonomy (each team owns a micro-app)\n- โœ… Technology flexibility (each remote can use different versions)\n- โœ… Better performance (lazy loading of remotes)\n\n### Backend Architecture\n\nEach microservice follows **Clean Architecture** with **CQRS Pattern**:\n\n```text\nControllers/Endpoints โ†’ MediatR Pipeline โ†’ Commands/Queries\n โ†“\n Command Handlers / Query Handlers\n โ†“\n Domain Layer\n โ†“\n Infrastructure (Repositories, Services)\n โ†“\n Data Layer\n```\n\n### Communication Patterns\n\n1. **Synchronous**: REST APIs, gRPC (Basket โ†” Discount)\n2. **Asynchronous**: RabbitMQ with MassTransit (Event-driven)\n3. **Frontend-Backend**: REST APIs with JWT authentication\n\n### Security Architecture\n\n- **Authentication**: JWT tokens via Identity Server 4 + Azure AD B2C\n- **Authorization**: Role-based access control (RBAC)\n- **Service-to-Service**: Istio mTLS for encrypted communication\n- **Data Security**: Encryption at rest (S3, databases) and in transit (HTTPS/TLS)\n\n## ๐Ÿข Business Features\n\n### Product Management\n\n- Full CRUD operations for products\n- Brand and type management\n- Image upload \u0026 storage (AWS S3 or LocalStack)\n- Product search and filtering\n\n### Shopping Experience\n\n- Real-time shopping basket (Redis-backed)\n- Coupon/discount application\n- Product recommendations\n- Multi-item checkout\n\n### Order Processing\n\n- Event-driven order creation\n- Order status tracking\n- Payment information handling\n- Order history and details\n\n### Admin Dashboard\n\n- **Products**: CRUD, bulk upload, categorization\n- **Orders**: View, manage, track\n- **Brands \u0026 Types**: Management\n- **Activity Tracking**: Audit log of all changes\n- **Analytics**: Real-time statistics and insights\n\n### Activity Tracking \u0026 Audit\n\n- Track all product changes (Create, Update, Delete)\n- Track all order lifecycle events\n- User accountability\n- Compliance reporting\n\n## ๐Ÿงช Testing\n\n### E2E Testing (Playwright)\n\n```bash\ncd ecommerce-micro-frontend\nnpm run test:e2e # Run all tests\nnpm run test:e2e:ui # Interactive mode\nnpm run test:e2e:debug # Debug mode\nnpm run test:e2e:report # View report\n```\n\nTests cover:\n\n- Cross-microfrontend navigation\n- Authentication flows\n- Shopping journey (browse โ†’ add to cart โ†’ checkout)\n- Admin dashboard functionality\n- Error handling\n\n### Unit Tests\n\n```bash\n# Frontend tests\nnpm test # All frontend tests\nnpm run test:coverage # Coverage report\n\n# Backend tests\ndotnet test # All backend tests\ndotnet test --filter Category=Integration # Integration tests only\n```\n\n### API Testing (Postman)\n\n- Pre-built Postman collections for all services\n- Located in: [PostmanCollection/](PostmanCollection/)\n\n## ๐Ÿ”’ Security\n\n### Application Security\n\n- **JWT Authentication** with Identity Server 4\n- **Role-Based Access Control** (RBAC)\n- **Input Validation** with FluentValidation\n- **SQL Injection Prevention** via parameterized queries \u0026 ORM\n- **CORS Configuration** at API Gateway level\n\n### Cloud Security\n\n- **IRSA** (IAM Roles for Service Accounts) - no static credentials\n- **Secrets Management** via Kubernetes Secrets\n- **Network Policies** for pod-to-pod communication\n- **Service Mesh mTLS** for encrypted communication\n\n### CI/CD Security\n\n- **Trivy** for container image scanning\n- **CodeQL** for static code analysis\n- **Dependency Scanning** via GitHub Dependabot\n- **SBOM Generation** for supply chain security\n\n### Data Protection\n\n- **Encryption at Rest**: All databases encrypted\n- **Encryption in Transit**: HTTPS/TLS for all connections\n- **S3 Bucket Policies**: Restricted access to product images\n\n## ๐Ÿ“Š Monitoring \u0026 Observability\n\nThe platform follows the **3 Pillars of Observability**:\n\n### 1๏ธโƒฃ Logs (ELK Stack)\n\n- **Serilog**: Structured logging in backend\n- **Elasticsearch**: Log aggregation and indexing\n- **Kibana**: Log exploration and visualization\n- **Access**: [Kibana at localhost:5601](http://localhost:5601)\n\n### 2๏ธโƒฃ Metrics (Prometheus \u0026 Grafana)\n\n- **Prometheus**: Metrics collection (15-second scrape interval)\n- **Scrape Targets**: API servers, Node Exporter, Kubernetes components\n- **Grafana**: Custom dashboards for application and infrastructure metrics\n- **Access**:\n - [Prometheus at localhost:9090](http://localhost:9090)\n - [Grafana at localhost:3000](http://localhost:3000)\n\n### 3๏ธโƒฃ Traces (Jaeger \u0026 Istio)\n\n- **Istio/Envoy**: Automatic trace collection (service mesh layer)\n- **Jaeger Collector**: Trace aggregation\n- **Jaeger UI**: Trace visualization and analysis\n- **Access**: [Jaeger at localhost:16686](http://localhost:16686)\n\n### Service Mesh Visualization\n\n- **Kiali**: Real-time service topology, traffic flows, and health\n- **Access**: [Kiali at localhost:20001](http://localhost:20001)\n\n### Health Checks\n\nAll services expose health check endpoints:\n\n- `/health` - Service health status\n- `/health/live` - Liveness probe\n- `/health/ready` - Readiness probe\n\n## โš™๏ธ CI/CD Pipeline\n\n### GitHub Actions Workflows\n\n#### 1. CI Pipeline (Continuous Integration)\n\nTriggered on: Pull requests, pushes to main\n\n**Steps**:\n\n1. **Code Quality**\n - Build .NET 8 backend\n - Run backend unit tests (with Cobertura coverage)\n - Run frontend tests via Nx affected\n - ESLint and Prettier\n\n2. **Security Scanning**\n - Trivy: Container vulnerability scanning\n - CodeQL: Static code analysis (C#, TypeScript)\n\n3. **Docker Build**\n - Build all 5 microservice images\n - Multi-arch support (linux/amd64)\n - Cache integration for speed\n\n4. **Integration Tests**\n - Start service containers (Redis, PostgreSQL, MongoDB, RabbitMQ)\n - Run integration test suite\n\n5. **Deployment Validation**\n - Helm chart linting\n - Kubernetes manifest validation\n\n#### 2. CD Pipeline (Continuous Deployment)\n\nTriggered on: Tags, manual workflow dispatch\n\n**Steps**:\n\n1. **Build \u0026 Push to ECR**\n - Build 5 microservice images\n - Push to AWS ECR\n - Scan images with Trivy\n - Tag: latest, git sha, version\n\n2. **Deploy to EKS** (per environment)\n - Environment-specific deployment (dev/staging/prod)\n - Helm upgrade --install for databases\n - Helm upgrade --install for services\n - S3 configuration and image migration\n - Health checks and smoke tests\n\n#### 3. Docker Pipeline\n\nTriggered on: Pushes to main/release branches\n\n**Steps**:\n\n- Build 5 microservice images\n- Publish to GitHub Container Registry (GHCR)\n- Automatic semantic versioning\n- Security scanning with Trivy\n\n## ๐Ÿš€ Deployment\n\n### Local Development\n\n```bash\n# Requires: Docker, Docker Compose, Minikube, Helm, kubectl\n\n# Start everything locally\n./deploy.sh\n\n# Access at http://localhost:4200\n```\n\n**What's deployed**:\n\n- Minikube Kubernetes cluster (10GB RAM, 8 CPUs)\n- All 5 microservices\n- All 4 databases\n- RabbitMQ message broker\n- LocalStack (S3 emulation)\n- Monitoring stack (Prometheus, Grafana, Elasticsearch, Kibana, Jaeger)\n\n### AWS Deployment\n\n#### Prerequisites\n\n```bash\naws configure # Configure AWS credentials\nexport AWS_REGION=ap-southeast-1 # Set region\n```\n\n#### Full Production Deployment\n\n```bash\n./deploy-aws.sh\n```\n\n**What's deployed**:\n\n- AWS EKS cluster (multi-AZ)\n- EC2 node group (1-3 m7i-flex.large instances)\n- RDS-managed databases (in Kubernetes)\n- Network Load Balancer with HTTPS\n- Full monitoring stack\n- Auto-scaling policies (HPA)\n\n**Time**: ~30-40 minutes\n**Cost**: ~$150-300/month\n\n#### Minimal Deployment (Cost-Optimized)\n\n```bash\n./deploy-aws-minimal.sh\n```\n\n**What's deployed**:\n\n- AWS EKS cluster (single AZ)\n- Single m7i-flex.large node (1-3 auto-scaling)\n- Core services only (no monitoring)\n- AWS S3 for image storage\n\n**Time**: ~20-25 minutes\n**Cost**: ~$20-50/month\n\n### Configuration\n\nFor detailed configuration options, see:\n\n- [Deployments/DEPLOYMENT-CONFIGURATION.md](Deployments/DEPLOYMENT-CONFIGURATION.md)\n- [DEPLOYMENT-GUIDE.md](DEPLOYMENT-GUIDE.md)\n\n## ๐Ÿ’ป Development\n\n### Frontend Development\n\n```bash\ncd ecommerce-micro-frontend\n\n# Install dependencies\nnpm install\n\n# Start all micro-apps in parallel\nnpm start\n\n# Or run individual micro-apps\nnpm run start:host # Port 4200\nnpm run start:store # Port 4201\nnpm run start:checkout # Port 4202\nnpm run start:account # Port 4203\nnpm run start:admin # Port 4204\n```\n\n### Backend Development\n\n```bash\n# Catalog Service\ncd Services/Catalog/Catalog.API\ndotnet watch run # Auto-reload on changes\n\n# Other services (similar pattern)\ncd Services/Basket/Basket.API \u0026\u0026 dotnet watch run\ncd Services/Discount/Discount.API \u0026\u0026 dotnet watch run\ncd Services/Ordering/Ordering.API \u0026\u0026 dotnet watch run\n```\n\n### Available npm Commands\n\n```bash\n# Building\nnpm run build # Build all apps (dev)\nnpm run build:prod # Build all apps (production)\nnpm run build:packages # Build shared packages\n\n# Testing\nnpm test # Run all tests\nnpm run test:watch # Watch mode\nnpm run test:coverage # Coverage report\nnpm run test:e2e # E2E tests (Playwright)\n\n# Linting \u0026 Formatting\nnpm run lint # ESLint\nnpm run lint:fix # Fix linting issues\nnpm run format # Prettier\n\n# Nx Commands\nnpm run affected:test # Test affected apps\nnpm run affected:build # Build affected apps\nnpm run graph # View dependency graph\nnpm run clean # Clean cache and dist\n```\n\n## ๐Ÿค Contributing\n\nWe welcome contributions! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for:\n\n- Development environment setup\n- Coding standards and guidelines\n- Testing requirements\n- Pull request process\n- Issue reporting guidelines\n\nAlso review:\n\n- [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md)\n- [SECURITY.md](SECURITY.md)\n\n## ๐Ÿ“š Documentation\n\n- [DEPLOYMENT-GUIDE.md](DEPLOYMENT-GUIDE.md) - Complete deployment instructions\n- [Deployments/DEPLOYMENT-CONFIGURATION.md](Deployments/DEPLOYMENT-CONFIGURATION.md) - Service configurations\n- [wiki/](wiki/) - Comprehensive documentation\n - [Architecture](wiki/Architecture.md)\n - [Microservices](wiki/Microservices.md)\n - [Deployment](wiki/Deployment.md)\n - [Monitoring](wiki/Monitoring.md)\n - [Development](wiki/Development.md)\n\n## ๐Ÿ“„ License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n\n## ๐Ÿ™‹ Support\n\nFor issues and questions:\n\n- ๐Ÿ› [GitHub Issues](https://github.com/sloweyyy/cloud-native-ecommerce-platform/issues)\n- ๐Ÿ’ฌ [GitHub Discussions](https://github.com/sloweyyy/cloud-native-ecommerce-platform/discussions)\n- ๐Ÿ“ง Create a detailed issue with reproduction steps\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsloweyyy%2Fcloud-native-ecommerce-platform","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsloweyyy%2Fcloud-native-ecommerce-platform","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsloweyyy%2Fcloud-native-ecommerce-platform/lists"}