erichiroshi
diff --git a/‎.github/dependabot.yml‎
Lines changed: 10 additions & 0 deletions b/‎.github/dependabot.yml‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 23 additions & 15 deletions b/‎.github/workflows/ci.yml‎
Lines changed: 23 additions & 15 deletions
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎docker-compose.dev.yml‎
Lines changed: 0 additions & 1 deletion b/‎docker-compose.dev.yml‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎docker-compose.yml‎
Lines changed: 26 additions & 4 deletions b/‎docker-compose.yml‎
Lines changed: 26 additions & 4 deletions
diff --git a/‎monitoring/README.md‎
Lines changed: 11 additions & 0 deletions b/‎monitoring/README.md‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎monitoring/grafana/provisioning/dashboards/dashboard.yml‎
Lines changed: 11 additions & 0 deletions b/‎monitoring/grafana/provisioning/dashboards/dashboard.yml‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎monitoring/grafana/provisioning/dashboards/library-dashboard.json‎
Lines changed: 86 additions & 0 deletions b/‎monitoring/grafana/provisioning/dashboards/library-dashboard.json‎
Lines changed: 86 additions & 0 deletions
diff --git a/‎monitoring/grafana/provisioning/datasources/datasource.yml‎
Lines changed: 8 additions & 0 deletions b/‎monitoring/grafana/provisioning/datasources/datasource.yml‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎monitoring/prometheus/alerts.yml‎
Lines changed: 17 additions & 0 deletions b/‎monitoring/prometheus/alerts.yml‎
Lines changed: 17 additions & 0 deletions
@@ -1,6 +1,16 @@
 version: 2
 updates:
   - package-ecosystem: "gradle"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+  
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      
+  - package-ecosystem: "docker"
     directory: "/"
     schedule:
       interval: "weekly"
@@ -7,13 +7,10 @@ on:
     branches: [ "main" ]
 
 jobs:
-  build:
+  
+  ci:
     runs-on: ubuntu-latest
 
-    # ─── Variável de ambiente necessária para o JwtService inicializar ───
-    env:
-      JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }}
-
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
@@ -27,31 +24,42 @@ jobs:
           java-version: '25'
           cache: gradle
 
+      - name: Grant execute permission for Gradle
+        run: chmod +x gradlew
+
       - name: Cache SonarCloud packages
         uses: actions/cache@v4
         with:
           path: ~/.sonar/cache
           key: ${{ runner.os }}-sonar
           restore-keys: ${{ runner.os }}-sonar
 
-      - name: Grant execute permission for Gradle
-        run: chmod +x gradlew
+      - name: Build + Test + Coverage
+        run: ./gradlew clean build 
 
-      - name: Build, Test, Coverage and Sonar
+      - name: SonarCloud Scan
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: |
-          ./gradlew clean build \
-            jacocoTestReport \
-            jacocoTestCoverageVerification \
-            sonar --info
+        run: ./gradlew sonar --info
 
       - name: Upload coverage to Codecov
         uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de  # v5.5.2 - pinned SHA
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           files: build/reports/jacoco/test/jacocoTestReport.xml
 
+  docker:
+    runs-on: ubuntu-latest
+
+    needs: ci
+
+    if: github.ref == 'refs/heads/main'
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        
       # ─── Build Docker ───
-      - name: Build Docker image
-        run: docker build -t library-api .
+      - name: Validate Docker Build
+        run: docker build -t library-api:${{ github.sha }} . \
+             -t library-api:latest .
@@ -4,6 +4,7 @@ build/
 !gradle/wrapper/gradle-wrapper.jar
 !**/src/main/**/build/
 !**/src/test/**/build/
+/monitoring/grafana/data/
 
 ### STS ###
 .apt_generated
 
@@ -81,4 +81,3 @@ volumes:
   redis_data:
   pgadmin_data:
   prometheus_data:
-  grafana_data:
@@ -40,7 +40,7 @@ services:
     ports:
       - "9090:9090"
     volumes:
-      - ./prometheus.yml:/etc/prometheus/prometheus.yml
+      - ./monitoring/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml
       - prometheus_data:/prometheus
     restart: unless-stopped
     networks:
@@ -51,7 +51,14 @@ services:
     ports:
       - "3000:3000"
     volumes:
-      - grafana_data:/var/lib/grafana
+      # provisioning config
+      - ./monitoring/grafana/provisioning:/etc/grafana/provisioning
+
+      # banco interno (persistência real)
+      - ./monitoring/grafana/data:/var/lib/grafana
+    environment:
+      - GF_ALERTING_ENABLED=true
+      - GF_UNIFIED_ALERTING_ENABLED=true
     depends_on:
       - prometheus
     restart: unless-stopped
@@ -74,6 +81,14 @@ services:
       - backend
 
   library-api:
+      deploy:
+        resources:
+          limits:
+            cpus: '1'
+            memory: 1G
+          reservations:
+            cpus: '0.5'
+            memory: 512M
       build: .
       image: library-api
       environment:
@@ -82,6 +97,8 @@ services:
         DB_USERNAME: ${DB_USERNAME}
         DB_PASSWORD: ${DB_PASSWORD}
         JWT_SECRET_KEY: ${JWT_SECRET_KEY}
+        REDIS_HOST: ${REDIS_HOST}
+        REDIS_PORT: ${REDIS_PORT}
       ports:
         - "8080:8080"
       depends_on:
@@ -91,7 +108,13 @@ services:
           condition: service_healthy
       networks:
         - backend
-      restart: unless-stopped	  
+      restart: unless-stopped
+      healthcheck:
+        test: ["CMD", "curl", "-f", "http://localhost:8080/actuator/health"]
+        interval: 30s
+        timeout: 10s
+        retries: 3
+        start_period: 40s
 
 networks:
   backend:
@@ -101,4 +124,3 @@ volumes:
   redis_data:
   pgadmin_data:
   prometheus_data:
-  grafana_data:
 
@@ -0,0 +1,11 @@
+# Monitoring Stack
+
+## Services
+- Prometheus: http://localhost:9090
+- Grafana: http://localhost:3000 (admin/admin)
+
+## Dashboards
+- Library API Overview: Auto-imported
+
+## Custom Metrics
+- `books_created_total`: Counter de livros criados
@@ -0,0 +1,11 @@
+apiVersion: 1
+
+providers:
+  - name: 'library'
+    orgId: 1
+    folder: ''
+    type: file
+    disableDeletion: false
+    editable: true
+    options:
+      path: /etc/grafana/provisioning/dashboards
@@ -0,0 +1,86 @@
+{
+  "annotations": { "list": [] },
+  "editable": true,
+  "panels": [
+    {
+      "type": "stat",
+      "title": "Total Books",
+      "datasource": "Prometheus",
+      "targets": [
+        { "expr": "library_books_total", "refId": "A" }
+      ],
+      "gridPos": { "h": 5, "w": 6, "x": 0, "y": 0 }
+    },
+    {
+      "type": "timeseries",
+      "title": "Requests per Second",
+      "datasource": "Prometheus",
+      "targets": [
+        {
+          "expr": "rate(http_server_requests_seconds_count{uri!=\"/actuator/prometheus\"}[1m])",
+          "legendFormat": "RPS",
+          "refId": "A"
+        }
+      ],
+      "gridPos": { "h": 8, "w": 12, "x": 6, "y": 0 }
+    },
+    {
+      "type": "timeseries",
+      "title": "Requests by Endpoint",
+      "datasource": "Prometheus",
+      "targets": [
+        {
+          "expr": "rate(http_server_requests_seconds_count{uri!=\"/actuator/prometheus\"}[1m])",
+          "legendFormat": "{{uri}}",
+          "refId": "A"
+        }
+      ],
+      "gridPos": { "h": 8, "w": 12, "x": 0, "y": 5 }
+    },
+    {
+      "type": "timeseries",
+      "title": "5xx Errors per Second",
+      "datasource": "Prometheus",
+      "targets": [
+        {
+          "expr": "rate(http_server_requests_seconds_count{status=~\"5..\"}[1m])",
+          "legendFormat": "5xx",
+          "refId": "A"
+        }
+      ],
+      "gridPos": { "h": 8, "w": 12, "x": 12, "y": 5 }
+    },
+    {
+      "type": "timeseries",
+      "title": "Average Response Time (ms)",
+      "datasource": "Prometheus",
+      "targets": [
+        {
+          "expr": "rate(http_server_requests_seconds_sum[1m]) / rate(http_server_requests_seconds_count[1m]) * 1000",
+          "legendFormat": "Avg Response",
+          "refId": "A"
+        }
+      ],
+      "gridPos": { "h": 8, "w": 12, "x": 0, "y": 13 }
+    },
+    {
+      "type": "stat",
+      "title": "Error Rate (%)",
+      "datasource": "Prometheus",
+      "targets": [
+        {
+          "expr": "(rate(http_server_requests_seconds_count{status=~\"5..\"}[1m]) / rate(http_server_requests_seconds_count[1m])) * 100",
+          "refId": "A"
+        }
+      ],
+      "gridPos": { "h": 5, "w": 6, "x": 12, "y": 13 }
+    }
+  ],
+  "refresh": "5s",
+  "schemaVersion": 38,
+  "style": "dark",
+  "tags": ["library", "observability"],
+  "time": { "from": "now-15m", "to": "now" },
+  "title": "Library API - Production Dashboard",
+  "version": 1
+}
@@ -0,0 +1,8 @@
+apiVersion: 1
+
+datasources:
+  - name: Prometheus
+    type: prometheus
+    access: proxy
+    url: http://prometheus:9090
+    isDefault: true
@@ -0,0 +1,17 @@
+groups:
+  - name: library-api
+    interval: 30s
+    rules:
+      - alert: HighErrorRate
+        expr: rate(http_server_requests_seconds_count{status=~"5.."}[5m]) > 0.05
+        for: 5m
+        labels:
+          severity: warning
+        annotations:
+          summary: "High error rate detected"
+          
+      - alert: HighMemoryUsage
+        expr: jvm_memory_used_bytes / jvm_memory_max_bytes > 0.9
+        for: 5m
+        labels:
+          severity: critical