feat: Initialize Zastava Webhook service with TLS and Authority authentication

- Added Program.cs to set up the web application with Serilog for logging, health check endpoints, and a placeholder admission endpoint. - Configured Kestrel server to use TLS 1.3 and handle client certificates appropriately. - Created StellaOps.Zastava.Webhook.csproj with necessary dependencies including Serilog and Polly. - Documented tasks in TASKS.md for the Zastava Webhook project, outlining current work and exit criteria for each task.
2025-10-19 18:36:22 +03:00
parent 7e2fa0a42a
commit 5ce40d2eeb
966 changed files with 91038 additions and 1850 deletions
--- a/deploy/helm/stellaops/values-dev.yaml
+++ b/deploy/helm/stellaops/values-dev.yaml
@@ -8,6 +8,49 @@ global:
    pullPolicy: IfNotPresent
  labels:
    stellaops.io/channel: edge
+
+configMaps:
+  notify-config:
+    data:
+      notify.yaml: |
+        storage:
+          driver: mongo
+          connectionString: "mongodb://notify-mongo.dev.svc.cluster.local:27017"
+          database: "stellaops_notify_dev"
+          commandTimeoutSeconds: 30
+
+        authority:
+          enabled: true
+          issuer: "https://authority.dev.stella-ops.local"
+          metadataAddress: "https://authority.dev.stella-ops.local/.well-known/openid-configuration"
+          requireHttpsMetadata: false
+          allowAnonymousFallback: false
+          backchannelTimeoutSeconds: 30
+          tokenClockSkewSeconds: 60
+          audiences:
+            - notify.dev
+          readScope: notify.read
+          adminScope: notify.admin
+
+        api:
+          basePath: "/api/v1/notify"
+          internalBasePath: "/internal/notify"
+          tenantHeader: "X-StellaOps-Tenant"
+
+        plugins:
+          baseDirectory: "../"
+          directory: "plugins/notify"
+          searchPatterns:
+            - "StellaOps.Notify.Connectors.*.dll"
+          orderedPlugins:
+            - StellaOps.Notify.Connectors.Slack
+            - StellaOps.Notify.Connectors.Teams
+            - StellaOps.Notify.Connectors.Email
+            - StellaOps.Notify.Connectors.Webhook
+
+        telemetry:
+          enableRequestLogging: true
+          minimumLogLevel: Debug
 services:
  authority:
    image: registry.stella-ops.org/stellaops/authority@sha256:a8e8faec44a579aa5714e58be835f25575710430b1ad2ccd1282a018cd9ffcdd
@@ -67,6 +110,17 @@ services:
      SCANNER__STORAGE__S3__ACCESSKEYID: "stellaops"
      SCANNER__STORAGE__S3__SECRETACCESSKEY: "dev-minio-secret"
      SCANNER__QUEUE__BROKER: "nats://stellaops-nats:4222"
+  notify-web:
+    image: registry.stella-ops.org/stellaops/notify-web:2025.10.0-edge
+    service:
+      port: 8446
+    env:
+      DOTNET_ENVIRONMENT: Development
+    configMounts:
+      - name: notify-config
+        mountPath: /app/etc/notify.yaml
+        subPath: notify.yaml
+        configMap: notify-config
  excititor:
    image: registry.stella-ops.org/stellaops/excititor@sha256:d9bd5cadf1eab427447ce3df7302c30ded837239771cc6433b9befb895054285
    env: