yusiboyz/platform
1
0
Fork 0
Code Issues 4 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Deployment Hardening: Containers, Health Checks, and Production Readiness #10

New Issue
Open
opened 2026-03-29 08:35:01 -05:00 by yusiboyz · 0 comments
yusiboyz commented 2026-03-29 08:35:01 -05:00
Owner
Copy Link

This issue covers container and production deployment hardening.

Problems:

  • Dockerfiles still run as root
  • No HEALTHCHECK instructions are present
  • Python services still have ad hoc dependency installation with no pinned requirements files
  • Trips Dockerfile still copies the whole context
  • Observability is still mostly print-based

Files:

  • gateway/Dockerfile
  • services/trips/Dockerfile
  • services/fitness/Dockerfile.backend
  • services/inventory/Dockerfile
  • services/budget/Dockerfile
  • frontend-v2/Dockerfile

Acceptance criteria:

  • Runtime containers use non-root users where feasible
  • Health checks are defined for internet-facing and critical internal services
  • Python dependencies are pinned in explicit requirements files
  • Docker build contexts avoid copying live data and secrets
  • Logging and error reporting are structured enough for production debugging
This issue covers container and production deployment hardening. Problems: - Dockerfiles still run as root - No `HEALTHCHECK` instructions are present - Python services still have ad hoc dependency installation with no pinned requirements files - Trips Dockerfile still copies the whole context - Observability is still mostly print-based Files: - gateway/Dockerfile - services/trips/Dockerfile - services/fitness/Dockerfile.backend - services/inventory/Dockerfile - services/budget/Dockerfile - frontend-v2/Dockerfile Acceptance criteria: - Runtime containers use non-root users where feasible - Health checks are defined for internet-facing and critical internal services - Python dependencies are pinned in explicit requirements files - Docker build contexts avoid copying live data and secrets - Logging and error reporting are structured enough for production debugging
yusiboyz added this to the Next milestone 2026-03-29 08:43:51 -05:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
auth
critical
dependencies
high
immediate
medium
next
ops
performance
security
No Label
Milestone
No items
No Milestone Next
Projects
Clear projects
No project
Assignees
Clear assignees
yusiboyz
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: yusiboyz/platform#10
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?