Deployment Architecture

The deployment architecture outlines how the Spring Boot application and its supporting services are deployed and managed, primarily within the Microsoft Azure cloud.

1. Internet (End Users)

• End Users & Admin Users: Both regular users and administrative users interact with the application over the internet using HTTPS.

2. Azure Region: West Europe

The core infrastructure is hosted within an Azure region, providing regional availability and performance.

• Azure App Service (Spring Boot Application - nhx-kesy-backend):

• This is where your Spring Boot application is deployed. Azure App Service provides a fully managed platform for hosting web applications.

• Environment Variables: Critical configurations like JWT secrets, database credentials, Azure Storage keys, and SMTP settings are securely managed as environment variables within the App Service, ensuring they are not hardcoded in the application.

• Health Check (/actuator/health): The App Service is configured to perform health checks on the application, typically using Spring Boot Actuator's /actuator/health endpoint, to ensure the application is running and responsive.

• Azure Database for PostgreSQL (PostgreSQL Flexible Server - West Europe):

• A managed PostgreSQL database instance is used for persistent data storage. "Flexible Server" indicates a deployment option that offers more granular control and performance optimization.

• Automated Backups: The database benefits from automated backups with a 7-day retention period, ensuring data recovery capabilities.

• Azure Blob Storage:

• Blob Storage Account: A service for storing large amounts of unstructured data (blobs).

• Container: kyc: A dedicated container within the Blob Storage account is used to store KYC (Know Your Customer) documents.

• User-based Folder Structure (user-ID/documents): Documents are organized within the kyc container using a folder structure based on user IDs, enhancing organization and access control.

3. CI/CD Pipeline (GitHub Actions)

A Continuous Integration/Continuous Deployment (CI/CD) pipeline automates the build, test, and deployment processes.

• GitHub Repository (nhx-finance/nhx-kesy): The source code is hosted on GitHub.

• GitHub Actions (Build & Deploy Workflow): This is the automation platform that orchestrates the CI/CD pipeline.

• Maven Build (mvn clean install): The pipeline includes a step to build the application using Maven, which compiles the code and packages it into a deployable artifact.

• Run Tests (mvn test): Automated tests are executed as part of the pipeline to ensure code quality and prevent regressions.

• Deploy to App: Upon successful build and testing, the application artifact is deployed to the Azure App Service.

• Configure Environment Variables: The CI/CD pipeline is also responsible for configuring the environment variables in the Azure App Service.

4. Email Service

• Spring Mail (SMTP Configuration): The application uses Spring Mail for sending emails.