lukas/uis-cloud-computing
1
0
Fork 0
mirror of https://github.com/dat515-2025/Group-8.git synced 2026-03-22 06:57:47 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: lukas:test_arm_build
Branches Tags
lukas:main lukas:merge/core_simplificcation lukas:test_arm_build lukas:51-refactor-project-structure lukas:merge/update_workers lukas:merge/email_sender lukas:merge/prometheus_custom_metrics lukas:add_more_tests lukas:merge/prometheus_metrics lukas:merge/csas_scraping lukas:30-create-tests-and-set-up-a-github-pipeline lukas:merge/fix_react_oauth lukas:merge/frontend_basics lukas:merge/deployment_envs lukas:20-create-a-controller-layer-on-backend-side lukas:merge/database_backups lukas:merge/oauth lukas:merge/basic_database_structure lukas:11-update-deployment lukas:merge/cloudflare-deploy lukas:merge/pr_deploy_test lukas:merge/background-worker lukas:merge/refactor_migrations
...
compare: lukas:16f660ea5bfdf40d0ae257ced59426d237583ff7
Branches Tags
lukas:main lukas:merge/core_simplificcation lukas:test_arm_build lukas:51-refactor-project-structure lukas:merge/update_workers lukas:merge/email_sender lukas:merge/prometheus_custom_metrics lukas:add_more_tests lukas:merge/prometheus_metrics lukas:merge/csas_scraping lukas:30-create-tests-and-set-up-a-github-pipeline lukas:merge/fix_react_oauth lukas:merge/frontend_basics lukas:merge/deployment_envs lukas:20-create-a-controller-layer-on-backend-side lukas:merge/database_backups lukas:merge/oauth lukas:merge/basic_database_structure lukas:11-update-deployment lukas:merge/cloudflare-deploy lukas:merge/pr_deploy_test lukas:merge/background-worker lukas:merge/refactor_migrations

20 Commits
test_arm_b ... 16f660ea5b

Author SHA1 Message Date
ribardej
16f660ea5b feat(docs): finalized checklist.md 2025-11-16 21:07:16 +01:00
Lukáš Trkan
7a0d7dc4af update report 2025-11-16 17:30:51 +01:00
Lukáš Trkan
fabdff3bef update checklist 2025-11-16 17:27:13 +01:00
Lukáš Trkan
1c1130b9b0 update checklist 2025-11-16 17:21:45 +01:00
Lukáš Trkan
7d7698450d feat(deployment): Optimize Dockerfile 2025-11-16 17:07:32 +01:00
ribardej
db9092b78f feat(docs): checklist.md and report.md update 2025-11-15 23:48:29 +01:00
Lukáš Trkan
3557b3ea13 updated Dockerfile 2025-11-15 18:23:09 +01:00
Lukáš Trkan
4a1a9f03a1 Merge remote-tracking branch 'origin/main' 2025-11-15 13:55:51 +01:00
Lukáš Trkan
b1be15f559 updated docs 2025-11-15 13:55:41 +01:00
ribardej
515106b238 feat(docs): report.md update 2025-11-14 22:54:45 +01:00
ribardej
b5290119e9 feat(docs): report.md update 2025-11-14 17:56:08 +01:00
Lukáš Trkan
0beb889f5e updated docs 2025-11-14 17:32:11 +01:00
ribardej
0a96c32c93 Merge remote-tracking branch 'origin/main' 2025-11-14 17:24:04 +01:00
ribardej
f1034f6ed5 feat(docs): report.md update 2025-11-14 17:23:55 +01:00
Lukáš Trkan
0f729d28d1 Merge pull request #54 from dat515-2025/merge/core_simplificcation 
refactor(core): simplify core module
 2025-11-14 17:14:47 +01:00
Lukáš Trkan
c689caea88 refactor(core): fix tests 2025-11-14 16:51:21 +01:00
Lukáš Trkan
8c20deb690 refactor(core): simplify core module 2025-11-14 16:42:35 +01:00
Lukáš Trkan
39979b51ee update report 2025-11-14 15:20:16 +01:00
Lukáš Trkan
da0c77101d Merge pull request #53 from dat515-2025/test_arm_build
Some checks failed
Deploy Prod / Run Python Tests (push) Has been cancelled
Details
Deploy Prod / Build and push image (reusable) (push) Has been cancelled
Details
Deploy Prod / Generate Production URLs (push) Has been cancelled
Details
Deploy Prod / Frontend - Build and Deploy to Cloudflare Pages (prod) (push) Has been cancelled
Details
Deploy Prod / Helm upgrade/install (prod) (push) Has been cancelled
Details 
build arm64 image
 2025-11-14 00:58:33 +01:00
Lukáš Trkan
a5a83e5d07 update docs 2025-11-14 00:20:19 +01:00
15 changed files with 455 additions and 247 deletions
Expand all files Collapse all files

109
7project/checklist.md
View File

@@ -7,64 +7,65 @@ Focus on areas that align with your project goals and interests.
The core deliverables are required.
This means that you must get at least 2 points for each item in this category.
| **Category** | **Item** | **Max Points** | **Points** | **Comments** |
|----------------------------------| --------------------------------------- | -------------- |-------------------------------------------------| |
| **Category** | **Item** | **Max Points** | **Points** | **Comment** |
|:---------------------------------|:----------------------------------------|:---------------|:-----------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **Core Deliverables (Required)** | | | | |
| Codebase & Organization | Well-organized project structure | 5 | 5 | |
| | Clean, readable code | 5 | 4 | |
| | Use planning tool (e.g., GitHub issues) | 5 | 4 | |
| | Proper version control usage | 5 | 5 | |
| 23 | Complete source code | 5 | 5 | |
| Documentation | Comprehensive reproducibility report | 10 | 4-5 | |
| | Updated design document | 5 | 2 | |
| | Clear build/deployment instructions | 5 | 2 | |
| | Troubleshooting guide | 5 | 1 | |
| | Completed self-assessment table | 5 | 2 | |
| 14 | Hour sheets for all members | 5 | 3 | |
| Presentation Video | Project demonstration | 5 | 0 | |
| | Code walk-through | 5 | 0 | |
| 0 | Deployment showcase | 5 | 0 | |
| Codebase & Organization | Well-organized project structure | 5 | 5 | Project is well-organized, each part is separated (backend, frontend, IaC) and these parts are separated even mode (modules, packages...) |
| | Clean, readable code | 5 | 4 | Should be readable(function names should help), but readability can always be improved |
| | Use planning tool (e.g., GitHub issues) | 5 | 4 | We used Github issues |
| | Proper version control usage | 5 | 5 | We used branches for development, pull request reviews |
| 23 | Complete source code | 5 | 5 | The code is complete - entire codebase is in this repository |
| Documentation | Comprehensive reproducibility report | 10 | 10 | Our report is precise, anybody should be able to reproduce our deployment by following provided instructions |
| | Updated design document | 5 | 4 | Our design document was updated and merged into the report |
| | Clear build/deployment instructions | 5 | 5 | Should be clear |
| | Troubleshooting guide | 5 | 3 | When it comes to troubleshooting, there is never enough documentation |
| | Completed self-assessment table | 5 | 5 | Completed. |
| 32 | Hour sheets for all members | 5 | 5 | Filled. |
| Presentation Video | Project demonstration | 5 | 5 | Yes |
| | Code walk-through | 5 | 3 | There was not enough time to go through all of our code, so we just mentioned some parts of it. |
| 13 | Deployment showcase | 5 | 5 | Yes |
| **Technical Implementation** | | | | |
| Application Functionality | Basic functionality works | 10 | 8 | |
| | Advanced features implemented | 10 | 0 | |
| | Error handling & robustness | 10 | 4 | |
| 16 | User-friendly interface | 5 | 4 | |
| Backend & Architecture | Stateless web server | 5 | 5 | |
| | Stateful application | 10 | ? WHAT DOES THIS MEAN | |
| | Database integration | 10 | 10 | |
| | API design | 5 | 5 | |
| 20 | Microservices architecture | 10 | 0 | |
| Cloud Integration | Basic cloud deployment | 10 | 10 | |
| | Cloud APIs usage | 10 | ? WHAT DOES THIS MEAN | |
| | Serverless components | 10 | 0 | |
| 10 | Advanced cloud services | 5 | 0 | |
| Application Functionality | Basic functionality works | 10 | 10 | The app works as intended |
| | Advanced features implemented | 10 | 5 | OAuth, BankAPI connection (not only mock bank) |
| | Error handling & robustness | 10 | 5 | App notifies user about errors, errors in code are also logged by sentry and we get notified |
| 24 | User-friendly interface | 5 | 4 | Responsive interface with dark mode support, should by user friendly enough |
| Backend & Architecture | Stateless web server | 5 | 5 | Yes, the web server is stateless - authentication uses JWT, not sessions. |
| | Stateful application | 10 | 10 | Yes, the app is stateful - data are persistently stored in database |
| | Database integration | 10 | 10 | We have deployed 3 MariaDB nodes with replication, MaxScale proxy and periodic backups. Connection app with this setup is same as with standalone db. |
| | API design | 5 | 5 | Backend APIs are implemented with public Swagger docs |
| 33 | Microservices architecture | 10 | 3 | We have separated API deployment and worker deployment. Worker process slow tasks - emails, payment scraping. There is no need for another service in current state but adding it is easy. |
| Cloud Integration | Basic cloud deployment | 10 | 10 | Yes (In private cluster), using GH Actions and self-hosted runner. |
| | Cloud APIs usage | 10 | 8 | GH Actions deploys frontend to Cloudflare Pages, deployment creates CF tunnel record automatically |
| | Serverless components | 10 | 10 | We are using CF pages for frontend deployment |
| 33 | Advanced cloud services | 5 | 5 | Using CF provides us with DDOS protection, access rules, it hides our IP |
| **DevOps & Deployment** | | | | |
| Containerization | Basic Dockerfile | 5 | 5 | |
| | Optimized Dockerfile | 5 | 0 | |
| | Docker Compose | 5 | 5 - dev only | |
| 15 | Persistent storage | 5 | 5 | |
| Deployment & Scaling | Manual deployment | 5 | 5 | |
| | Automated deployment | 5 | 5 | |
| | Multiple replicas | 5 | 5 | |
| 20 | Kubernetes deployment | 10 | 10 | |
| Containerization | Basic Dockerfile | 5 | 5 | Yes |
| | Optimized Dockerfile | 5 | 5 | Rootless Dockerfile |
| | Docker Compose | 5 | 5 | For development environment |
| 20 | Persistent storage | 5 | 5 | Yes, using Longhorn. |
| Deployment & Scaling | Manual deployment | 5 | 5 | Yes, possible by using Helm manually |
| | Automated deployment | 5 | 5 | Yes, with Github actions |
| | Multiple replicas | 5 | 5 | Yes, 3 pods with API, 3 pods with workers, 3 database pods |
| 25 | Kubernetes deployment | 10 | 10 | Yes |
| **Quality Assurance** | | | | |
| Testing | Unit tests | 5 | 2 | |
| | Integration tests | 5 | 2 | |
| | End-to-end tests | 5 | 5 | |
| 9 | Performance testing | 5 | 0 | |
| Monitoring & Operations | Health checks | 5 | 5 | |
| | Logging | 5 | 2 - only to terminal add logstash | |
| 9 | Metrics/Monitoring | 5 | 2 - only DB, need to create Prometheus endpoint | |
| Security | HTTPS/TLS | 5 | 5 | |
| | Authentication | 5 | 5 | |
| 15 | Authorization | 5 | 5 | |
| Testing | Unit tests | 5 | 4 | All workflows are covered by tests |
| | Integration tests | 5 | 5 | Yes |
| | End-to-end tests | 5 | 5 | Yes |
| 14 | Performance testing | 5 | 0 | No |
| Monitoring & Operations | Health checks | 5 | 5 | Yes |
| | Logging | 5 | 4 | Logs can be accessed easily using Grafana |
| | Metrics/Monitoring | 2 | 2 | Yes, visualised in Grafana |
| 14 | Custom Metrics for your project | 3 | 3 | Yes, API has /metrics endpoint providing information about FastAPI itself and custom information such as number of users or transactions. |
| Security | HTTPS/TLS | 5 | 5 | Yes |
| | Authentication | 5 | 5 | Yes |
| 15 | Authorization | 5 | 5 | Yes |
| **Innovation & Excellence** | | | | |
| Advanced Features and | AI/ML Integration | 10 | 0 | |
| Technical Excellence | Real-time features | 10 | 0 | |
| | Creative problem solving | 10 | ? | |
| | Performance optimization | 5 | 2 | |
| 2 | Exceptional user experience | 5 | 0 | |
| **Total** | | **255** | **153** | |
| Advanced Features and | AI/ML Integration | 10 | 0 | No |
| Technical Excellence | Real-time features | 10 | 0 | No |
| | Creative problem solving | 10 | 4 | Cron jobs for bank scraping |
| | Performance optimization | 5 | 4 | Delegating emails and scraping to workers, hosting frontend on CF |
| 11 | Exceptional user experience | 5 | 3 | |
| **Total** | | **255** | **257** | |
## Grading Scale
@@ -72,7 +73,7 @@ This means that you must get at least 2 points for each item in this category.
- **Maximum: 200+ points**
| Grade | Points |
| ----- | -------- |
|-------|----------|
| A | 180-200+ |
| B | 160-179 |
| C | 140-159 |

279
7project/report.md
View File

@@ -56,6 +56,60 @@ The workflow works in the following way:
using background worker.
- After successful load, these transactions are stored to the database and displayed to the client
### Database Schema
```mermaid
classDiagram
direction BT
class alembic_version {
varchar(32) version_num
}
class categories {
varchar(100) name
varchar(255) description
char(36) user_id
int(11) id
}
class category_transaction {
int(11) category_id
int(11) transaction_id
}
class oauth_account {
char(36) user_id
varchar(100) oauth_name
varchar(4096) access_token
int(11) expires_at
varchar(1024) refresh_token
varchar(320) account_id
varchar(320) account_email
char(36) id
}
class transaction {
blob amount
blob description
char(36) user_id
date date
int(11) id
}
class user {
varchar(100) first_name
varchar(100) last_name
varchar(320) email
varchar(1024) hashed_password
tinyint(1) is_active
tinyint(1) is_superuser
tinyint(1) is_verified
longtext config
char(36) id
}
categories --> user: user_id -> id
category_transaction --> categories: category_id -> id
category_transaction --> transaction: transaction_id -> id
oauth_account --> user: user_id -> id
transaction --> user: user_id -> id
```
### Features
- The stored transactions are encrypted in the DB for security reasons.
@@ -79,6 +133,14 @@ The workflow works in the following way:
etc.).
- Deployment Chart (charts/myapp-chart/): Helm chart to deploy the application to Kubernetes.
### Other services deployed in the cluster
- Longhorn: distributed storage system providing persistent volumes for the database and other services
- Prometheus + Grafana: monitoring stack collecting metrics from the app and cluster, visualized in Grafana dashboards
- MariaDB operator: manages the MariaDB cluster based on Custom resources, creates Databases, users, handles backups
- RabbitMQ operator: manages RabbitMQ cluster based on Custom resources
- Cloudflare Tunnel: allows public access to backend API running in the private cluster, providing HTTPS
### Technologies Used
- Backend: Python, FastAPI, FastAPI Users, SQLAlchemy, Pydantic, Alembic, Celery
@@ -91,10 +153,15 @@ The workflow works in the following way:
## Prerequisites
Here are software and hardware prerequisites for the development and production environments. This section also
describes
necessary environment variables and key dependencies used in the project.
### System Requirements
#### Development
- OS: Tested on MacOS, Linux and Windows should work as well
- Minimum RAM: 8 GB
- Storage: 10 GB+ free
@@ -168,7 +235,7 @@ You can run the project with Docker Compose and Python virtual environment for t
```bash
git clone https://github.com/dat515-2025/Group-8.git
cd Group-8/7project
cd Group-8/7project/src
```
### 2) Install dependencies
@@ -197,10 +264,11 @@ bash upgrade_database.sh
### 5) Run backend
Before running the backend, make sure to set the necessary environment variables. Either by setting them in your shell
or by setting them in run configuration in your IDE.
```bash
cd backend
#TODO: set env variables
uvicorn app.app:fastApi --reload --host 0.0.0.0 --port 8000
```
@@ -227,8 +295,11 @@ npm run dev
### Backend
App is separated into backend and frontend so it also needs to be built separately. Backend is build into docker image
and frontend is deployed as static files.
```bash
cd 7project/backend
cd 7project/src/backend
# Dont forget to set correct image tag with your registry and name
# For example lukastrkan/cc-app-demo or gitea.ltrk.dev/lukas/cc-app-demo
docker buildx build --platform linux/amd64,linux/arm64 -t CHANGE_ME --push .
@@ -244,9 +315,13 @@ npm run build
## Deployment Instructions
Deployment is tested on TalosOS cluster with 1 control plane and 4 workers, cluster needs to be setup and configured
manually. Terraform/OpenTofu is then used to deploy base services to the cluster. App itself is deployed automatically
via GitHub actions and Helm chart. Frontend files are deployed to Cloudflare pages.
### Setup Cluster
Deployment should work on any Kubernetes cluster. However, we are using 4 TalosOS virtual machines (1 control plane, 3
Deployment should work on any Kubernetes cluster. However, we are using 5 TalosOS virtual machines (1 control plane, 4
workers)
running on top of Proxmox VE.
@@ -427,6 +502,7 @@ See the workflow [here](../.github/workflows/run-tests.yml).
If you want to run the tests locally, the preferred way is to use a [bash script](backend/test_locally.sh)
that will start a test DB container with [docker compose](backend/docker-compose.test.yml) and remove it afterwards.
```bash
cd 7project/src/backend
bash test_locally.sh
@@ -487,9 +563,11 @@ curl -H "Authorization: Bearer $TOKEN" http://127.0.0.1:8000/authenticated-route
### Frontend
- Start with:
```bash
npm run dev in 7project/src/frontend
```
- Ensure VITE_BACKEND_URL is set to the backend URL (e.g., http://127.0.0.1:8000)
- Open http://localhost:5173
- Login, view latest transactions, filter, and add new transactions from the UI.
@@ -498,40 +576,72 @@ npm run dev in 7project/src/frontend
## Presentation Video
**YouTube Link**: [Insert your YouTube link here]
**YouTube Link**: https://youtu.be/FKR85AVN8bI
**Duration**: [X minutes Y seconds]
**Duration**: 9 minutes 43 seconds
**Video Includes**:
- [ ] Project overview and architecture
- [ ] Live demonstration of key features
- [ ] Code walkthrough
- [ ] Build and deployment showcase
- [x] Project overview and architecture
- [x] Live demonstration of key features
- [x] Code walkthrough
- [x] Build and deployment showcase
## Troubleshooting
running on arm
tofu apply error
### Common Issues
#### Issue 1: [Common problem]
#### Issue 1: Unable to apply Cloudflare terraform module
**Symptoms**: [What the user sees]
**Solution**: [Step-by-step fix]
**Symptoms**: Terraform/OpenTofu apply fails during Cloudflare module deployment.
This is caused by unknown variable not known beforehand.
#### Issue 2: [Another common problem]
**Solution**: Apply first without Cloudflare module and then apply again.
**Symptoms**: [What the user sees]
**Solution**: [Step-by-step fix]
```bash
tofu apply -exclude modules.cloudflare
tofu apply
```
#### Issue 2: Pods are unable to start
**Symptoms**: Pods are unable to start with ImagePullBackOff error. This could be caused
by either hitting docker hub rate limits or by docker hub being down.
**Solution**: Make sure you updated the cluster config to use registry mirror as described in
"Setup Cluster" section.
### Debug Commands
Get a detailed description of the Deployment:
```bash
# Useful commands for debugging
# Log viewing commands
# Service status checks
kubectl describe deployment finance-tracker -n prod
```
Get a list of pods in the Deployment:
```bash
kubectl get pods -n prod
```
Check the logs of a specific pod copy value for <pod-name> from the command above (--previous flag shows logs of a
failing pod, remove it if the pod is not failing):
```bash
kubectl logs <pod-name> -n prod --previous
```
See the service description:
```bash
kubectl describe service finance-tracker -n prod
```
Connect to the pod and run a bash shell:
```bash
kubectl exec -it <pod-name> -n prod -- /bin/bash
```
---
@@ -543,33 +653,29 @@ tofu apply error
> Link to the specific commit on GitHub for each contribution.
| Task/Component | Assigned To | Status | Time Spent | Difficulty | Notes |
|-------------------------------------------------------------------------------------------------------------------|-------------|----------------|------------|------------|-----------------------------------------------------------------------------------------------------|
| [Project Setup & Repository](https://github.com/dat515-2025/Group-8#) | Lukas | ✅ Complete | [X hours] | Medium | [Any notes] |
| [Design Document](https://github.com/dat515-2025/Group-8/blob/main/6design/design.md) | Both | ✅ Complete | 4 Hours | Easy | [Any notes] |
| [Backend API Development](https://github.com/dat515-2025/Group-8/tree/main/7project/backend/app/api) | Dejan | ✅ Complete | 12 hours | Medium | [Any notes] |
| [Database Setup & Models](https://github.com/dat515-2025/Group-8/tree/main/7project/backend/app/models) | Lukas | ✅ Complete | [X hours] | Medium | [Any notes] |
| [Frontend Development](https://github.com/dat515-2025/Group-8/tree/main/7project/frontend) | Dejan | ✅ Complete | 17 hours | Medium | [Any notes] |
| [Docker Configuration](https://github.com/dat515-2025/Group-8/blob/main/7project/compose.yml) | Lukas | ✅ Complete | 3 hours | Easy | [Any notes] |
| [Cloud Deployment](https://github.com/dat515-2025/Group-8/blob/main/7project/deployment/app-demo-deployment.yaml) | Lukas | ✅ Complete | [X hours] | Hard | Using Talos cluster running in proxmox - easy snapshots etc. Frontend deployed at Cloudflare pages. |
| [Testing Implementation](https://github.com/dat515-2025/group-name) | Dejan | ✅ Complete | 16 hours | Medium | [Any notes] |
| [Documentation](https://github.com/dat515-2025/group-name) | Both | 🔄 In Progress | [X hours] | Easy | [Any notes] |
| [Presentation Video](https://github.com/dat515-2025/group-name) | Both | ❌ Not Started | [X hours] | Medium | [Any notes] |
**Legend**: ✅ Complete | 🔄 In Progress | ⏳ Pending | ❌ Not Started
|:----------------------------------------------------------------------------------------------------------|:------------|:-----------|:-----------|:-----------|:------|
| [Project Setup & Repository](https://github.com/dat515-2025/Group-8/pull/1) | Both | ✅ Complete | 10 Hours | Medium | |
| [Design Document](https://github.com/dat515-2025/Group-8/commit/f09f9eaa82d0953afe41f33c57ff63e0933a81ef) | Both | ✅ Complete | 4 Hours | Easy | |
| [Cluster setup ](https://github.com/dat515-2025/Group-8/commit/c8048d940df00874c290d99cdb4ad366bca6e95d) | Lukas | ✅ Complete | 30 hours | Hard | |
| [Backend API Development](https://github.com/dat515-2025/Group-8/pull/26) | Dejan | ✅ Complete | 22 hours | Medium | |
| [Database Setup & Models](https://github.com/dat515-2025/Group-8/pull/19) | Lukas | ✅ Complete | 5 hours | Medium | |
| [Frontend Development](https://github.com/dat515-2025/Group-8/pull/28) | Dejan | ✅ Complete | 32 hours | Medium | |
| [Docker Configuration](https://github.com/dat515-2025/Group-8/pull/1) | Lukas | ✅ Complete | 3 hours | Easy | |
| [Authentification](https://github.com/dat515-2025/Group-8/pull/23) | Both | ✅ Complete | 11 hours | Medium | |
| [Transactions loading](https://github.com/dat515-2025/Group-8/pull/32) | Lukas | ✅ Complete | 7 hours | Medium | |
| [Monitoring](https://github.com/dat515-2025/Group-8/pull/42/) | Lukas | ✅ Complete | 9 hours | Medium | |
| [Cloud Deployment](https://github.com/dat515-2025/Group-8/pull/16) | Both | ✅ Complete | 21 hours | Hard | |
| [Testing Implementation](https://github.com/dat515-2025/Group-8/pull/31/) | Both | ✅ Complete | 21 hours | Medium | |
| [Documentation](https://github.com/dat515-2025/Group-8/commit/515106b238bc032d5f7d5dcae931b5cb7ee2a281) | Both | ✅ Complete | 14 hours | Medium | |
| [Presentation Video](https://youtu.be/FKR85AVN8bI) | Both | ✅ Complete | 3 hours | Medium | |
## Hour Sheet
> Link to the specific commit on GitHub for each contribution.
### [Lukáš]
## Hour Sheet
**Name:** Lukáš Trkan
### Lukáš
| Date | Activity | Hours | Description | Representative Commit / PR |
|:----------------|:----------------------------|:--------|:------------------------------------------------------------------------------------|:------------------------------------------------------|
| 18.9. - 19.9. | Initial Setup & Design | 40 | Repository init, system design diagrams, basic Terraform setup | `feat(infrastructure): add basic terraform resources` |
| 18.9. - 19.9. | Initial Setup & Design | 10 | Repository init, system design diagrams, basic Terraform setup | `feat(infrastructure): add basic terraform resources` |
| 20.9. - 5.10. | Core Infrastructure & CI/CD | 12 | K8s setup (ArgoCD), CI/CD workflows, RabbitMQ, Redis, Celery workers, DB migrations | `PR #2`, `feat(infrastructure): add rabbitmq cluster` |
| 6.10. - 9.10. | Frontend Infra & DB | 5 | Deployed frontend to Cloudflare, setup metrics, created database models | `PR #16` (Cloudflare), `PR #19` (DB structure) |
| 10.10. - 11.10. | Backend | 5 | Implemented OAuth support (MojeID, BankID) | `feat(auth): add support for OAuth and MojeID` |
@@ -582,29 +688,31 @@ tofu apply error
| 9.11. | Monitoring | 2 | Added custom Prometheus metrics | `PR #46` (Prometheus custom metrics) |
| 11.11. | Tests | 1 | Investigated and fixed broken Pytest environment | `fix(tests): set pytest env` |
| 11.11. - 12.11. | Features & Deployment | 6 | Added cron support, email sender service, updated workers & image | `PR #49` (Email), `PR #50` (Update workers) |
| 18.9 - 14.11 | Documentation | 8 | Updated report.md, design docs, and tfvars.example | `Create design.md`, `update report` |
| **Total** | | **105** | | |
| 18.9 - 16.11 | Documentation | 8 | Updated report.md, design docs, and tfvars.example | `Create design.md`, `update report` |
| 15.11 | Video | 2 | Record my video part, edit video | |
| **Total** | | **107** | | |
### Dejan
| Date | Activity | Hours | Description | Representative Commit / PR |
|:----------------|:-------------------------|:-------|:--------------------------------------------------------------|:---------------------------------------------------------|
|:-----------------|:---------------------|:-------|:----------------------------------------------------------------|:----------------------------------------------------------------------------------------------------------------------|
| 25.9. | Design | 2 | 6design | |
| 9.10 to 11.10. | Backend APIs | 14 | Implemented Backend APIs | `PR #26`, `20-create-a-controller-layer-on-backend-side` |
| 13.10 to 15.10. | Frontend Development | 8 | Created user interface mockups | `PR #28`, `frontend basics` |
| Continually | Documentation | 7 | Documenting the dev process | |
| 21.10 to 23.10 | Tests, frontend | 10 | Test basics, balance charts, and frontend improvement | `PR #31`, `30 create tests and set up a GitHub pipeline` |
| 28.10 to 30.10 | CI | 6 | Integrated tests with test database setup on github workflows | `PR #28`, `frontend basics` |
| 28.10 to 30.10 | Frontend | 8 | UI improvements and exchange rate API integration | `PR #28`, `frontend basics` |
| 4.11 to 6.11 | Tests | 6 | Test fixes improvement, more integration and e2e | `PR #28`, `frontend basics` |
| 4.11 to 6.11 | Frontend | 6 | Fixes, Improved UI, added support for mobile devices | `PR #28`, `frontend basics` |
| 11.11 | Backend APIs | 4 | Moved rates API, mock bank to Backend, few fixes | `PR #28`, `frontend basics` |
| 11.11 to 12.11 | Tests | 3 | Local testing DB container, few fixes | `PR #28`, `frontend basics` |
| 12.11 | Frontend | 3 | Enabled multiple transaction edits at once, CSAS button state | `PR #28`, `frontend basics` |
| 13.11 | Video | 3 | Video | |
| **Total** | | **80** | | |
| 9.10. to 11.10. | Backend APIs | 14 | Implemented Backend APIs | `PR #26`, `20-create-a-controller-layer-on-backend-side` |
| 13.10. to 15.10. | Frontend Development | 8 | Created user interface mockups | `PR #28`, `frontend basics` |
| 21.10. to 23.10. | Tests, frontend | 10 | Test basics, balance charts, and frontend improvement | `PR #31`, `30 create tests and set up a GitHub pipeline` |
| 28.10. to 30.10. | CI/CD | 6 | Integrated tests with test database setup on github workflows | `PR #31`, `30 create tests and set up a GitHub pipeline` |
| 28.10. to 30.10. | Frontend | 8 | UI improvements and exchange rate API integration | `PR #35`, `34 improve frontend functionality` |
| 29.10. | Backend | 4 | Token invalidation, few fixes | `PR #38`, `fix(backend): implemented jwt token invalidation so users cannot use …` |
| 4.11. to 6.11. | Tests | 6 | Test fixes improvement, more integration and e2e | `PR #45`, `feat(test): added more tests ` |
| 4.11. to 6.11. | Frontend | 8 | Fixes, rates API, Improved UI, added support for mobile devices | `PR #41, #44`, `feat(frontend): added CNB API and moved management into a new tab`, `43 fix the UI layout in chrome ` |
| 11.11. | Backend APIs | 4 | Moved rates API, mock bank to Backend, few fixes | `feat(backend): Moved the unirate API to the backend `, `feat(backend): moved mock bank to backend` |
| 11.11. to 12.11. | Tests | 3 | Local testing DB container, few fixes | `PR #48`, `fix(tests): fixed test runtime errors regarding database connection ` |
| 12.11. | Frontend | 3 | Enabled multiple transaction edits at once, CSAS button state | `feat(frontend): implemented multiple transaction selections in UI` |
| 13.11. | Video | 3 | Video | |
| 25.9. to 14.11. | Documentation | 8 | Documenting the dev process | multiple `feat(docs): report.md update` |
| **Total** | | **87** | | |
### Group Total: [XXX.X] hours
### Group Total: 194 hours
---
@@ -612,7 +720,16 @@ tofu apply error
### What We Learned
[Reflect on the key technical and collaboration skills learned during this project]
#### Technical
- We learned how to use AI to help us with our project.
- We learned how to use Copilot for PR reviews.
- We learned how to troubleshoot issues with our project in different areas.
#### Collaboration
- Weekly meetings with the TA were great for syncing up on progress, discussing issues, planning future work.
- Using GitHub issues and pull requests was very helpful for keeping track of progress.
### Challenges Faced
@@ -626,6 +743,11 @@ If the deployed module (helm chart for example) was not configured properly, it
namespace that cannot be deleted.
This was solved by using snapshots in Proxmox and restoring if this happened.
#### Not enough time to implement all features
Since this course is worth only 5 credits, we often had to prioritize other courses we were attending over this project.
In the end, we were able to implement all necessary features.
### If We Did This Again
#### Different framework
@@ -634,6 +756,16 @@ FastAPI lacks usable build in support for database migrations and implementing A
Tricky was also integrating FastAPI auth system with React frontend, since there is no official project template.
Using .NET (which we considered initially) would probably solve these issues.
#### Private container registry
Using private container registry would allow us to include environment variables directly in the image during build.
This would simplify deployment and CI/CD setup.
#### Start sooner
The weekly meetings helped us to start planning the project earlier and avoid spending too much time on details,
but we could have started earlier if we had more time.
[What would you do differently? What worked well that you'd keep?]
### Individual Growth
@@ -649,18 +781,25 @@ The biggest challenge for me was time tracking since I am used to tracking to pr
It was also interesting experience to be the one responsible for the initial project structure/design/setup
used not only by myself.
[Personal reflection on growth, challenges, and learning]
#### [Dejan]
Since I do not have a job, this project was probably the most complex one I have ever worked on.
It was also the first school project where I was encouraged to use AI.
Lukas
Since I do not have a job and I am more theoretically oriented student (I am more into math, algorithms, cryptography),
this project was probably the most complex one I have ever worked on.
For me, it was a great experience to work on an actually deployed fullstack app and not only local development, that I
was used to from the past.
It was also a great experience to collaborate with Lukas who has prior experience with app deployment and
infrastructure.
Thanks to this, I learned a lot new technologies and how to work in a team (First time reviewing PRs).
It was challenging to wrap my head around the project structure and how everything was connected (And I still think I
have some gaps in my knowledge).
But I think that if I decide to create my own demo project in the future, I will definitely be able to work on it much
more efficiently.
[Personal reflection on growth, challenges, and learning]
---
**Report Completion Date**: [Date]
**Last Updated**: 13.11.2025
**Report Completion Date**: 15.11.2025
**Last Updated**: 15.11.2025

23
7project/src/README.md
View File

@@ -1,23 +1,14 @@
## Folder structure
- `src/`
- `backend/`
- `alembic/` - database migrations
- `app/` - main application code
- `tests/` - tests
- `docker-compose.test.yml` - docker compose for testing database
- `Dockerfile` - production Dockerfile
- `main.py` - App entrypoint
- `requirements.txt` - Python dependencies
- `test_locally.sh` - script to run tests with temporary database
- `backend/` - Python FastAPI backend application. Described in separate [README](./backend/README.md).
- `charts/`
- `myapp-chart/` - Helm chart for deploying the application, supports prod and dev environments
- `frontend/` - React frontend application
- `tofu/` - Terraform/OpenTofu services deployment configurations
- `modules/` - separated modules for different services
- `main.tf` - main deployment configuration
- `variables.tf` - deployment variables
- `terraform.tfvars.example` - example variables file
- `myapp-chart/` - Helm chart for deploying the application, supports prod and dev environments. Described in
separate [README](./charts/README.md).
- `frontend/` - React frontend application. Described in separate
[README](./frontend/README.md).
- `tofu/` - Terraform/OpenTofu services deployment configurations. Described in separate
[README](./tofu/README.md).
- `compose.yaml` - Docker Compose file for local development
- `create_migration.sh` - script to create new Alembic database migration
- `upgrade_database.sh` - script to upgrade database to latest Alembic revision

12
7project/src/backend/Dockerfile
View File

@@ -1,8 +1,16 @@
FROM python:3.11-trixie
FROM python:3.11-slim
WORKDIR /app
RUN useradd --create-home --shell /bin/bash app
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
COPY . .
RUN chown -R app:app /app
USER app
EXPOSE 8000
CMD alembic upgrade head && uvicorn app.app:fastApi --host 0.0.0.0 --port 8000
CMD ["sh", "-c", "alembic upgrade head && uvicorn app.app:fastApi --host 0.0.0.0 --port 8000"]

23
7project/src/backend/README.md Normal file
View File

@@ -0,0 +1,23 @@
# Backend
This directory contains the backend code for the project. It is built using Python and FastAPI framework and with
database migrations support using Alembic.
## Directory structure
- `alembic/` - database migrations
- `app/` - main application code
- `api/` - API endpoints - routers/controllers with request handling logic
- `core/` - core application logic - database session management, security
- `models/` - database models
- `schemas/` - Endpoint schemas
- `services/` - utilities for various tasks
- `workers/` - background tasks
- `app.py` - FastAPI startup script
- `celery_app.py` - Celery startup script
- `tests/` - tests
- `docker-compose.test.yml` - docker compose for testing database
- `Dockerfile` - production Dockerfile
- `main.py` - App entrypoint
- `requirements.txt` - Python dependencies
- `test_locally.sh` - script to run tests with temporary database

6
7project/src/backend/app/core/queue.py
View File

@@ -1,6 +0,0 @@
import app.celery_app # noqa: F401
from app.workers.celery_tasks import send_email
def enqueue_email(to: str, subject: str, body: str) -> None:
send_email.delay(to, subject, body)

5
7project/src/backend/app/services/user_service.py
View File

@@ -14,11 +14,10 @@ from httpx_oauth.oauth2 import BaseOAuth2
from app.models.user import User
from app.oauth.bank_id import BankID
from app.oauth.csas import CSASOAuth
from app.workers.celery_tasks import send_email
from app.oauth.custom_openid import CustomOpenID
from app.oauth.moje_id import MojeIDOAuth
from app.services.db import get_user_db
from app.core.queue import enqueue_email
SECRET = os.getenv("SECRET", "CHANGE_ME_SECRET")
@@ -87,7 +86,7 @@ class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):
"Pokud jsi registraci neprováděl(a), tento email ignoruj.\n"
)
try:
enqueue_email(to=user.email, subject=subject, body=body)
send_email.delay(user.email, subject, body)
except Exception as e:
print("[Email Fallback] To:", user.email)
print("[Email Fallback] Subject:", subject)

5
7project/src/backend/tests/test_unit_user_service.py
View File

@@ -34,7 +34,8 @@ def test_authenticated_route_requires_auth(client):
async def test_on_after_request_verify_enqueues_email(monkeypatch):
calls = {}
def fake_enqueue_email(to: str, subject: str, body: str):
class FakeCeleryTask:
def delay(to: str, subject: str, body: str):
calls.setdefault("emails", []).append({
"to": to,
"subject": subject,
@@ -42,7 +43,7 @@ async def test_on_after_request_verify_enqueues_email(monkeypatch):
})
# Patch the enqueue_email used inside user_service
monkeypatch.setattr(user_service, "enqueue_email", fake_enqueue_email)
monkeypatch.setattr(user_service, "send_email", FakeCeleryTask)
class DummyUser:
def __init__(self, email):

30
7project/src/charts/README.md Normal file
View File

@@ -0,0 +1,30 @@
# Helm chart deployment
This directory contains a Helm chart for deploying the app to a cluster, it support bot production and preview
deployment.
## Directory Structure
- `myapp-chart/`
- `templates/`
- `app-deployment.yaml` - Kubernetes Deployment for the application
- `cron.yaml` - cronjob for periodic tasks - periodically calls app endpoint
- `database.yaml` - Creates database using MariaDB operator. Production database is kept, but preview/dev
database is dropped after uninstalling the chart.
- `database-grant.yaml` - Defines rights for the database user
- `database-user.yaml` - Creates database user
- `monitoring.yaml` - Adds /metrics endpoint to Prometheus scraping
- `prod.yaml` - Application secrets
- `rabbitmq-cluster.yaml` - Defines RabbitMQ cluster for this deployment
- `rabbitmq-permission.yalm` - Defines RabbitMQ user permissions
- `rabbitmq-queue.yaml` - Defines RabbitMQ queue
- `rabbitmq-user.yaml` - Defines RabbitMQ user
- `rabbitmq-user-secret.yaml` - Defines RabbitMQ user secret
- `service.yaml` - Kubernetes Service for the application
- `tunnel.yaml` - Cloudflare tunnel for accessing the application¨
- `worker-deployment.yaml` - Kubernetes Deployment for the Celery worker, uses same image as the app-deployment,
but with different entrypoint
- `Chart.yaml` - Helm chart metadata
- `values.yaml` - list of all configurable values
- `values-dev.yaml` - default values for development/preview deployment
- `values-prod.yaml` - default values for production deployment

86
7project/src/frontend/README.md
View File

@@ -1,73 +1,21 @@
# React + TypeScript + Vite
This template provides a minimal setup to get React working in Vite with HMR and some ESLint rules.
This directory contains the frontend code.
Currently, two official plugins are available:
## Directory Structure
- [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react) uses [Babel](https://babeljs.io/) (or [oxc](https://oxc.rs) when used in [rolldown-vite](https://vite.dev/guide/rolldown)) for Fast Refresh
- [@vitejs/plugin-react-swc](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react-swc) uses [SWC](https://swc.rs/) for Fast Refresh
## React Compiler
The React Compiler is not enabled on this template because of its impact on dev & build performances. To add it, see [this documentation](https://react.dev/learn/react-compiler/installation).
## Expanding the ESLint configuration
If you are developing a production application, we recommend updating the configuration to enable type-aware lint rules:
```js
export default defineConfig([
globalIgnores(['dist']),
{
files: ['**/*.{ts,tsx}'],
extends: [
// Other configs...
// Remove tseslint.configs.recommended and replace with this
tseslint.configs.recommendedTypeChecked,
// Alternatively, use this for stricter rules
tseslint.configs.strictTypeChecked,
// Optionally, add this for stylistic rules
tseslint.configs.stylisticTypeChecked,
// Other configs...
],
languageOptions: {
parserOptions: {
project: ['./tsconfig.node.json', './tsconfig.app.json'],
tsconfigRootDir: import.meta.dirname,
},
// other options...
},
},
])
```
You can also install [eslint-plugin-react-x](https://github.com/Rel1cx/eslint-react/tree/main/packages/plugins/eslint-plugin-react-x) and [eslint-plugin-react-dom](https://github.com/Rel1cx/eslint-react/tree/main/packages/plugins/eslint-plugin-react-dom) for React-specific lint rules:
```js
// eslint.config.js
import reactX from 'eslint-plugin-react-x'
import reactDom from 'eslint-plugin-react-dom'
export default defineConfig([
globalIgnores(['dist']),
{
files: ['**/*.{ts,tsx}'],
extends: [
// Other configs...
// Enable lint rules for React
reactX.configs['recommended-typescript'],
// Enable lint rules for React DOM
reactDom.configs.recommended,
],
languageOptions: {
parserOptions: {
project: ['./tsconfig.node.json', './tsconfig.app.json'],
tsconfigRootDir: import.meta.dirname,
},
// other options...
},
},
])
```
- `public/` - static files
- `src/` - frontend code
- `assets/` - static assets
- `pages/` - React pages
- `api.ts` - API client
- `App.tsx` - React app
- `main.tsx` - entry point
- `index.css` - global styles
- `config.ts` - configuration
- `ui.css` - UI styles
- `vite.config.ts` - Vite configuration
- `package.json` - NPM dependencies
- `tsconfig.json` - TypeScript configuration
- `index.html` - HTML template
-

20
7project/src/tofu/README.md Normal file
View File

@@ -0,0 +1,20 @@
# Terraform/OpenTofu IaC
This directory contains infrastructure configuration files and modules for underlying services.
## Directory Structure
- `modules/` - separated modules for different services
- `cert-manager/` - module for deploying Cert-Manager
- `cloudflare/` - module for Cloudflare tunnels operator - allows to expose services via Cloudflare tunnels
- `maxscale/` - module for MariaDB Operator set up for MaxScale and 3 nodes, backups and phpMyAdmin. PHPMyAdmin is
available at mysql.YOU_DOMAIN, MaxScale UI at maxscale.YOU_DOMAIN
- `metallb/` - module for MetalLB load balancer
- `metrics-server/` - module for Kubernetes Metrics Server
- `prometheus/` - module for Prometheus and Grafana - monitoring stack with grafana available at grafana.YOU_DOMAIN
- `rabbitmq/` - module for RabbitMQ message queue cluster
- `redis/` - module for Redis cluster, not used currently
- `storage/` - module for Longhorn file storage
- `main.tf` - main deployment configuration
- `variables.tf` - deployment variables
- `terraform.tfvars.example` - example variables file

2
7project/src/tofu/modules/storage/main.tf
View File

@@ -31,5 +31,5 @@ resource "helm_release" "longhorn" {
chart = "longhorn"
namespace = "longhorn-system"
version = "1.9.1"
timeout = 3600
timeout = 300
}

7
7project/src/tofu/variables.tf
View File

@@ -95,13 +95,6 @@ variable "cloudflare_account_id" {
nullable = false
}
variable "argocd_admin_password" {
type = string
nullable = false
sensitive = true
description = "ArgoCD admin password"
}
variable "rabbitmq-password" {
type = string
nullable = false

61
todo.md Normal file
View File

@@ -0,0 +1,61 @@
- sentry for error tracking
- github actions for ci/cd
- deployment using helmchart, prod + dev
- celery background tasks
- cron
- cloudflare tunnels
- mariadb operator for database, maxscale 3 nodes, phpmyadmin, maxscale ui, backups
- prometheus + grafana dashboards for monitoring
- rabbitmq message queue
- longhorn for file storage (edited talosos deployment)
Aplikace:
- umíme oauth - mojeid, bankid => oboje se používá i pro autorizaci komunikace s CZ státem
- automatický import plateb z banky
- ukázat frontend
- ukázat backend - oauth, celery tasky,
- alembic na migrace db
- sentry integrace
Infrastruktura:
- běžíme na proxmoxu
- kubernetes cluster přes TalosOS jako virtuálky with edited configs
- deployment služeb přes tofu/terraform
- longhorn pro persistentní storage
- mariadb operator s maxscale - 3 nody + phpmyadmin
- prometheus + grafana monitoring
- rabbitmq message queue pro background tasky
- veřejný přístup přes cloudflare tunnels
- ukázat headlamp map
- build v github actions
- deployment pomocí helmchartu prod + dev prostředí pomocí selfhosted runneru
- remote access do clusteru přes tailscale
-
Where to put description of infrastructure components? for example Helm chart of app is quite large
How about readme?
linking commits in time table? I cant link all of them - many of them was directly to main branch
- for example iterative CI/CD setup
done
create src in 7project
make the chart vertical
urls as hyperlinks text
frontned npm run dev as codeblock
describe folder structure in readme in 7project
add comment column to checklist
readme in src folder with folder structure description
readme in src/tofu
readme in src/charts
add link to report for app
write few lines in Build intructrions, deployment instructions like in testing
add other services in cluster in report architecture overview
debug commands - kubectl logs -f podname, mention grafana