{"id":49135655,"url":"https://github.com/whispr-messenger/infrastructure","last_synced_at":"2026-04-21T21:11:34.294Z","repository":{"id":311745454,"uuid":"950042172","full_name":"whispr-messenger/infrastructure","owner":"whispr-messenger","description":"Infrastructure as Code (IaC) for the Whispr project.","archived":false,"fork":false,"pushed_at":"2026-04-18T11:14:12.000Z","size":1972,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-18T12:33:10.141Z","etag":null,"topics":["argocd","bash","docker","helm","justfile","k8s","scripts","terraform","tilt"],"latest_commit_sha":null,"homepage":"https://argocd.whispr.epitech.beer","language":"Shell","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/whispr-messenger.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2025-03-17T14:39:26.000Z","updated_at":"2026-04-17T15:03:29.000Z","dependencies_parsed_at":"2025-08-26T11:37:44.523Z","dependency_job_id":"6489ebd0-1ac8-4f4e-9ea8-6c3bee6f76bd","html_url":"https://github.com/whispr-messenger/infrastructure","commit_stats":null,"previous_names":["whispr-messenger/infrastructure"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/whispr-messenger/infrastructure","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whispr-messenger%2Finfrastructure","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whispr-messenger%2Finfrastructure/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whispr-messenger%2Finfrastructure/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whispr-messenger%2Finfrastructure/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/whispr-messenger","download_url":"https://codeload.github.com/whispr-messenger/infrastructure/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whispr-messenger%2Finfrastructure/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32110301,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-21T11:25:29.218Z","status":"ssl_error","status_checked_at":"2026-04-21T11:25:28.499Z","response_time":128,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["argocd","bash","docker","helm","justfile","k8s","scripts","terraform","tilt"],"created_at":"2026-04-21T21:11:33.611Z","updated_at":"2026-04-21T21:11:34.288Z","avatar_url":"https://github.com/whispr-messenger.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Infrastructure Whispr\n\nInfrastructure pour le projet Whispr avec GitOps et Kubernetes.\n\n## Table des matières\n\n- [Quick Start](#quick-start)\n- [Architecture](#architecture)\n- [Structure](#structure)\n- [Applications ArgoCD](#applications-argocd)\n- [Infrastructure](#infrastructure)\n- [Gestion des Secrets](#gestion-des-secrets)\n\n## Quick Start\n\n```bash\n# Configuration initiale GCP\njust setup-gcp-project\n\n# Accès équipe plateforme\njust setup-platform-access\n\n# Voir toutes les commandes\njust --list\n```\n\n## Architecture globale\n\n```\n┌─────────────────────────────────────────────────┐\n│                   Internet                       │\n└────────────────────┬────────────────────────────┘\n                     │\n              ┌──────▼──────┐\n              │ Nginx Ingress│\n              │  + TLS       │\n              └──────┬──────┘\n                     │\n              ┌──────▼──────┐\n              │  Istio Mesh  │\n              │   (mTLS)     │\n              └──────┬──────┘\n                     │\n     ┌───────────────┼───────────────┐\n     │               │               │\n┌────▼────┐   ┌──────▼────┐   ┌─────▼─────┐\n│  Auth   │   │ Messaging │   │   User    │\n│ Service │   │  Service  │   │  Service  │\n└────┬────┘   └─────┬─────┘   └─────┬─────┘\n     │              │               │\n     └──────────────┼───────────────┘\n                    │\n        ┌───────────┼───────────┐\n        │           │           │\n   ┌────▼───┐  ┌────▼───┐  ┌───▼────┐\n   │Postgres│  │ Redis  │  │ Vault  │\n   └────────┘  └────────┘  └────────┘\n```\n\n### Pipeline GitOps\n\n```\nDeveloper ──▶ Git Push ──▶ GitHub ──▶ ArgoCD ──▶ GKE Cluster\n                              │\n                              ▼\n                        GitHub Actions\n                         (CI / Build)\n```\n\n## Structure\n\n```\ninfrastructure/\n├── argocd/                    # Configuration GitOps\n│   ├── applications/          # Applications ArgoCD\n│   ├── infrastructure/        # Infrastructure managée\n│   └── microservices/         # Microservices deployments\n├── docker/                    # Configs Docker (vault-config-job)\n├── docs/                      # Documentation technique\n├── helm/                      # Helm charts (istio, vault, grafana...)\n├── k3d/                       # Config cluster local k3d\n├── k8s/                       # Manifests Kubernetes\n│   ├── whispr/prod/           # Manifests production\n│   ├── whispr/preprod/        # Manifests preprod\n│   ├── istio/                 # Config Istio\n│   └── vault-secrets-operator/# ESO config\n├── scripts/                   # Scripts d'automation\n├── terraform/                 # Infrastructure as Code (GKE)\n└── Justfile                   # Task automation\n```\n\n## Documentation détaillée\n\n- [Topologie réseau](docs/network-topology.md)\n- [Pipeline CI/CD](docs/ci-cd-pipeline.md)\n- [Architecture Vault](docs/vault-architecture.md)\n- [Helm Charts](docs/helm-charts.md)\n- [Configuration Istio](docs/istio-config.md)\n- [Terraform / GKE](docs/terraform.md)\n- [Nginx Ingress](docs/nginx-ingress.md)\n- [Redis](docs/redis-config.md)\n- [PostgreSQL](docs/postgresql-config.md)\n- [MinIO](docs/minio-storage.md)\n- [Monitoring](docs/monitoring.md)\n- [Scaling](docs/scaling.md)\n- [ArgoCD Sync Waves](docs/argocd-sync-waves.md)\n- [Cert-Manager](docs/cert-manager.md)\n- [K8s Namespaces](docs/k8s-namespaces.md)\n- [Troubleshooting](docs/troubleshooting.md)\n- [Dev local avec k3d](docs/local-dev-k8s.md)\n- [Sécurité](SECURITY.md)\n- [Contribuer](CONTRIBUTING.md)\n\n## Applications ArgoCD\n\n| Application | Description | Sync Wave |\n|-------------|-------------|-----------|\n| `rbac` | Permissions et contrôles d'accès | 1 |\n| `argocd` | ArgoCD self-management | 2 |\n| `postgresql` | Base de données partagée | 2 |\n| `redis` | Cache et sessions | 2 |\n| `minio` | Stockage d'objets (media microservice) | 2 |\n| `cert-manager` | Certificats TLS automatiques | 3 |\n| `nginx-ingress` | Ingress controller | 4 |\n| `whispr-microservices` | Application principale | 10 |\n\n### Workflow GitOps :\n\n1. **Modification** : Push code dans git\n2. **Auto-sync** : ArgoCD détecte les changements\n3. **Déploiement** : Application dans l'ordre des sync waves\n4. **Self-healing** : Correction automatique des dérives\n\n## Accès équipe\n\n**Admin :** `just setup-platform-access`  \n**Membres :** Recevoir `platform-engineers-key.json` + suivre `scripts/platform-engineers/README-kubectl-setup-team.md`\n\n## Infrastructure\n\n**Cluster GKE :** `whispr-messenger` (europe-west1, projet tranquil-harbor-480911-k9)  \n**Domaine :** whispr.fr ([Configuration DNS](DNS-CONFIGURATION.md))\n\n**Composants :**\n- ArgoCD (GitOps)\n- Istio (Service mesh)\n- Cert-Manager (TLS)\n- Nginx Ingress\n- PostgreSQL\n- Redis\n- **HashiCorp Vault** (Secrets management)\n- **External Secrets Operator** (Kubernetes secrets sync)\n\n## Gestion des Secrets\n\nLes secrets sont gérés automatiquement via **HashiCorp Vault** et **External Secrets Operator**.\n\n**Guide complet** : [scripts/vault/README-vault-setup.md](scripts/vault/README-vault-setup.md)\n\n**Quick start** :\n```bash\n# Initialiser Vault (première fois uniquement)\ncd scripts/vault\n./init-vault.sh\n\n# Peupler les secrets\n./populate-secrets.sh\n\n# Déployer le SecretStore\nkubectl apply -f k8s/vault/vault-secret-store.yaml\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwhispr-messenger%2Finfrastructure","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwhispr-messenger%2Finfrastructure","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwhispr-messenger%2Finfrastructure/lists"}