vijay_admin/sentryagent-idp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4e3b989629990686cbc58cf11b3d3b6e4f8c73b7
sentryagent-idp/openspec/specs/deployment/spec.md
SentryAgent.ai Developer f1fbe0e29a chore(openspec): archive all completed changes, sync 14 new specs to library 
Archived 4 completed OpenSpec changes (2026-04-02):
- phase-3-enterprise (100/100 tasks) — 6 Phase 3 capabilities synced
- devops-documentation (48/48 tasks) — 3 new + 1 merged capability
- bedroom-developer-docs (33/33 tasks) — 4 new capabilities synced
- engineering-docs (superseded by 2026-03-29 archive) — no tasks

Main spec library grows from 21 → 35 capabilities (+14 new):
federation, multi-tenancy, oidc, soc2, w3c-dids, webhooks,
database, operations, system-overview, api-reference, core-concepts,
developer-guides, quick-start + deployment (merged additive requirements)

Active changes: 0 — project board is clear for Phase 4 planning.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-02 03:50:47 +00:00

2.0 KiB
Raw Blame History

Spec: Multi-Region Deployment (Terraform)

Status: Pending CEO approval Workstream: 8 of 8

Scope

  • terraform/ directory at project root
  • Shared agentidp module (compute, networking, secrets)
  • environments/aws/ — ECS Fargate + RDS PostgreSQL + ElastiCache Redis
  • environments/gcp/ — Cloud Run + Cloud SQL + Memorystore Redis
  • Deployment guide: docs/devops/deployment.md

Module structure

terraform/
  modules/
    agentidp/
      main.tf       — compute (ECS task or Cloud Run service)
      networking.tf — VPC, subnets, security groups
      variables.tf  — all configurable inputs
      outputs.tf    — service URL, DB endpoint, Redis endpoint
    rds/            — managed PostgreSQL
    redis/          — managed Redis
    lb/             — ALB (AWS) or Cloud LB (GCP), TLS cert
  environments/
    aws/
      main.tf       — calls modules, sets AWS-specific vars
      variables.tf
      terraform.tfvars.example
    gcp/
      main.tf
      variables.tf
      terraform.tfvars.example

Acceptance Criteria

  • terraform validate passes for both aws and gcp environments
  • terraform plan produces no errors against a live AWS/GCP account (test in dev env)
  • JWT_PRIVATE_KEY and JWT_PUBLIC_KEY injected as environment secrets (not hardcoded)
  • TLS termination at load balancer — HTTPS only in production modules
  • PostgreSQL and Redis not publicly accessible — VPC-internal only
  • docs/devops/deployment.md — end-to-end deployment walkthrough for AWS and GCP
  • terraform.tfvars.example provided for both environments — no secrets in version control

ADDED Requirements

Requirement: Local development guide exists at docs/devops/local-development.md

The system SHALL provide docs/devops/local-development.md documenting the complete local setup using docker-compose for infrastructure and npm for the application server, including all service ports, health check verification, and the Dockerfile gap note.

Reference in New Issue View Git Blame Copy Permalink