From 7e437ccd13e4ef0ceb4b1920514008eeadb09dd8 Mon Sep 17 00:00:00 2001
From: Leonid Shestera <leonid@shestera.com>
Date: Fri, 9 Aug 2024 23:28:38 +0200
Subject: [PATCH] add step 2 and 3

---
 .github/workflows/ci.yaml                     |  35 ++++
 .gitignore                                    | 151 ++++++++++++++++++
 README.md                                     |  74 +++++++++
 api.yaml                                      |  22 +++
 charts/smart-home-monolith/.helmignore        |  23 +++
 charts/smart-home-monolith/Chart.lock         |   6 +
 charts/smart-home-monolith/Chart.yaml         |  34 ++++
 .../smart-home-monolith/templates/NOTES.txt   |  22 +++
 .../templates/_helpers.tpl                    |  62 +++++++
 .../templates/deployment.yaml                 |  64 ++++++++
 charts/smart-home-monolith/templates/hpa.yaml |  32 ++++
 .../templates/ingress.yaml                    |  61 +++++++
 .../templates/service.yaml                    |  15 ++
 .../templates/serviceaccount.yaml             |  13 ++
 .../templates/tests/test-connection.yaml      |  15 ++
 charts/smart-home-monolith/values.yaml        | 109 +++++++++++++
 smart-home-monolith/Dockerfile                |  12 ++
 .../src/main/resources/application.yml        |  12 +-
 .../src/main/resources/init.sql               |  12 ++
 terraform/.terraform.lock.hcl                 |  17 ++
 terraform/apigw.tf                            |  53 ++++++
 terraform/kafka.tf                            |   8 +
 terraform/main.tf                             |  20 +++
 terraform/smart-home-monolith.tf              |   5 +
 24 files changed, 875 insertions(+), 2 deletions(-)
 create mode 100644 .github/workflows/ci.yaml
 create mode 100644 README.md
 create mode 100644 api.yaml
 create mode 100644 charts/smart-home-monolith/.helmignore
 create mode 100644 charts/smart-home-monolith/Chart.lock
 create mode 100644 charts/smart-home-monolith/Chart.yaml
 create mode 100644 charts/smart-home-monolith/templates/NOTES.txt
 create mode 100644 charts/smart-home-monolith/templates/_helpers.tpl
 create mode 100644 charts/smart-home-monolith/templates/deployment.yaml
 create mode 100644 charts/smart-home-monolith/templates/hpa.yaml
 create mode 100644 charts/smart-home-monolith/templates/ingress.yaml
 create mode 100644 charts/smart-home-monolith/templates/service.yaml
 create mode 100644 charts/smart-home-monolith/templates/serviceaccount.yaml
 create mode 100644 charts/smart-home-monolith/templates/tests/test-connection.yaml
 create mode 100644 charts/smart-home-monolith/values.yaml
 create mode 100644 smart-home-monolith/Dockerfile
 create mode 100644 smart-home-monolith/src/main/resources/init.sql
 create mode 100644 terraform/.terraform.lock.hcl
 create mode 100644 terraform/apigw.tf
 create mode 100644 terraform/kafka.tf
 create mode 100644 terraform/main.tf
 create mode 100644 terraform/smart-home-monolith.tf

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
new file mode 100644
index 000000000..8d47e20e1
--- /dev/null
+++ b/.github/workflows/ci.yaml
@@ -0,0 +1,35 @@
+name: ci
+
+on:
+  push:
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v4
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      -
+        name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/amd64,linux/arm64
+          context: smart-home-monolith
+          push: true
+          tags: ghcr.io/yandex-practicum/architecture-sprint-3:latest
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index fceb346f5..1a91a61ca 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,154 @@
+# Created by https://www.toptal.com/developers/gitignore/api/terraform,helm,visualstudiocode,jetbrains+all
+# Edit at https://www.toptal.com/developers/gitignore?templates=terraform,helm,visualstudiocode,jetbrains+all
+
+### Helm ###
+# Chart dependencies
+**/charts/*.tgz
+
+### JetBrains+all ###
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# User-specific stuff
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/**/usage.statistics.xml
+.idea/**/dictionaries
+.idea/**/shelf
+
+# AWS User-specific
+.idea/**/aws.xml
+
+# Generated files
+.idea/**/contentModel.xml
+
+# Sensitive or high-churn files
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+.idea/**/dbnavigator.xml
+
+# Gradle
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# Gradle and Maven with auto-import
+# When using Gradle or Maven with auto-import, you should exclude module files,
+# since they will be recreated, and may cause churn.  Uncomment if using
+# auto-import.
+# .idea/artifacts
+# .idea/compiler.xml
+# .idea/jarRepositories.xml
+# .idea/modules.xml
+# .idea/*.iml
+# .idea/modules
+# *.iml
+# *.ipr
+
+# CMake
+cmake-build-*/
+
+# Mongo Explorer plugin
+.idea/**/mongoSettings.xml
+
+# File-based project format
+*.iws
+
+# IntelliJ
+out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# SonarLint plugin
+.idea/sonarlint/
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+
+# Editor-based Rest Client
+.idea/httpRequests
+
+# Android studio 3.1+ serialized cache file
+.idea/caches/build_file_checksums.ser
+
+### JetBrains+all Patch ###
+# Ignore everything but code style settings and run configurations
+# that are supposed to be shared within teams.
+
+.idea/*
+
+!.idea/codeStyles
+!.idea/runConfigurations
+
+### Terraform ###
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+### VisualStudioCode ###
+.vscode/*
+!.vscode/settings.json
+!.vscode/tasks.json
+!.vscode/launch.json
+!.vscode/extensions.json
+!.vscode/*.code-snippets
+
+# Local History for Visual Studio Code
+.history/
+
+# Built Visual Studio Code Extensions
+*.vsix
+
+### VisualStudioCode Patch ###
+# Ignore all local history of files
+.history
+.ionide
+
+# End of https://www.toptal.com/developers/gitignore/api/terraform,helm,visualstudiocode,jetbrains+all
 target/
 !.mvn/wrapper/maven-wrapper.jar
 !**/src/main/**/target/
diff --git a/README.md b/README.md
new file mode 100644
index 000000000..1ec6dbc64
--- /dev/null
+++ b/README.md
@@ -0,0 +1,74 @@
+# Базовая настройка
+
+## Запуск minikube
+
+[Инструкция по установке](https://minikube.sigs.k8s.io/docs/start/)
+
+```bash
+minikube start
+```
+
+
+## Добавление токена авторизации GitHub
+
+[Получение токена](https://github.com/settings/tokens/new)
+
+```bash
+kubectl create secret docker-registry ghcr --docker-server=https://ghcr.io --docker-username=<github_username> --docker-password=<github_token> -n default
+```
+
+
+## Установка API GW kusk
+
+[Install Kusk CLI](https://docs.kusk.io/getting-started/install-kusk-cli)
+
+```bash
+kusk cluster install
+```
+
+
+## Настройка terraform
+
+[Установите Terraform](https://yandex.cloud/ru/docs/tutorials/infrastructure-management/terraform-quickstart#install-terraform)
+
+
+Создайте файл ~/.terraformrc
+
+```hcl
+provider_installation {
+  network_mirror {
+    url = "https://terraform-mirror.yandexcloud.net/"
+    include = ["registry.terraform.io/*/*"]
+  }
+  direct {
+    exclude = ["registry.terraform.io/*/*"]
+  }
+}
+```
+
+## Применяем terraform конфигурацию 
+
+```bash
+cd terraform
+terraform apply
+```
+
+## Настройка API GW
+
+```bash
+kusk deploy -i api.yaml
+```
+
+## Проверяем работоспособность
+
+```bash
+kubectl port-forward svc/kusk-gateway-envoy-fleet -n kusk-system 8080:80
+curl localhost:8080/hello
+```
+
+
+## Delete minikube
+
+```bash
+minikube delete
+```
diff --git a/api.yaml b/api.yaml
new file mode 100644
index 000000000..83e0264a6
--- /dev/null
+++ b/api.yaml
@@ -0,0 +1,22 @@
+openapi: 3.0.0
+info:
+  title: simple-api
+  version: 0.1.0
+
+paths:
+  /hello:
+    get:
+      responses:
+        '200':
+          description: A simple hello world!
+          content:
+            text/plain:
+              schema:
+                type: string
+              example: Hello from a mocked response!
+      x-kusk:
+        upstream:
+          service:
+            name: hello-world-svc
+            namespace: default
+            port: 8080
\ No newline at end of file
diff --git a/charts/smart-home-monolith/.helmignore b/charts/smart-home-monolith/.helmignore
new file mode 100644
index 000000000..0e8a0eb36
--- /dev/null
+++ b/charts/smart-home-monolith/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/smart-home-monolith/Chart.lock b/charts/smart-home-monolith/Chart.lock
new file mode 100644
index 000000000..89f3b52ef
--- /dev/null
+++ b/charts/smart-home-monolith/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: postgresql
+  repository: oci://registry-1.docker.io/bitnamicharts
+  version: 15.5.20
+digest: sha256:fa28791d6a669ccb1c04be8dd4dce32693ae1699ba318338f5ee8abadf40e0f2
+generated: "2024-08-08T04:05:09.74862+02:00"
diff --git a/charts/smart-home-monolith/Chart.yaml b/charts/smart-home-monolith/Chart.yaml
new file mode 100644
index 000000000..9c71c996f
--- /dev/null
+++ b/charts/smart-home-monolith/Chart.yaml
@@ -0,0 +1,34 @@
+apiVersion: v2
+name: smart-home-monolith
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"
+
+dependencies:
+  - name: postgresql
+    version: "15.5.20"
+    repository: oci://registry-1.docker.io/bitnamicharts
+    condition: postgresql.enabled
+
+
+    # version: "11.9.13"
+    # repository: https://charts.bitnami.com/bitnami
\ No newline at end of file
diff --git a/charts/smart-home-monolith/templates/NOTES.txt b/charts/smart-home-monolith/templates/NOTES.txt
new file mode 100644
index 000000000..0ffeff904
--- /dev/null
+++ b/charts/smart-home-monolith/templates/NOTES.txt
@@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "smart-home-monolith.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "smart-home-monolith.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "smart-home-monolith.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "smart-home-monolith.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
diff --git a/charts/smart-home-monolith/templates/_helpers.tpl b/charts/smart-home-monolith/templates/_helpers.tpl
new file mode 100644
index 000000000..a1455a6e9
--- /dev/null
+++ b/charts/smart-home-monolith/templates/_helpers.tpl
@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "smart-home-monolith.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "smart-home-monolith.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "smart-home-monolith.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "smart-home-monolith.labels" -}}
+helm.sh/chart: {{ include "smart-home-monolith.chart" . }}
+{{ include "smart-home-monolith.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "smart-home-monolith.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "smart-home-monolith.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "smart-home-monolith.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "smart-home-monolith.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
diff --git a/charts/smart-home-monolith/templates/deployment.yaml b/charts/smart-home-monolith/templates/deployment.yaml
new file mode 100644
index 000000000..b84912220
--- /dev/null
+++ b/charts/smart-home-monolith/templates/deployment.yaml
@@ -0,0 +1,64 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "smart-home-monolith.fullname" . }}
+  labels:
+    {{- include "smart-home-monolith.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.autoscaling.enabled }}
+  replicas: {{ .Values.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "smart-home-monolith.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "smart-home-monolith.labels" . | nindent 8 }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "smart-home-monolith.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.service.port }}
+              protocol: TCP
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          {{- with .Values.volumeMounts }}
+          volumeMounts:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+      {{- with .Values.volumes }}
+      volumes:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/charts/smart-home-monolith/templates/hpa.yaml b/charts/smart-home-monolith/templates/hpa.yaml
new file mode 100644
index 000000000..912ce5583
--- /dev/null
+++ b/charts/smart-home-monolith/templates/hpa.yaml
@@ -0,0 +1,32 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "smart-home-monolith.fullname" . }}
+  labels:
+    {{- include "smart-home-monolith.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "smart-home-monolith.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
diff --git a/charts/smart-home-monolith/templates/ingress.yaml b/charts/smart-home-monolith/templates/ingress.yaml
new file mode 100644
index 000000000..169fa1b5f
--- /dev/null
+++ b/charts/smart-home-monolith/templates/ingress.yaml
@@ -0,0 +1,61 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "smart-home-monolith.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+  {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
+  {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
+  {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "smart-home-monolith.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+  ingressClassName: {{ .Values.ingress.className }}
+  {{- end }}
+  {{- if .Values.ingress.tls }}
+  tls:
+    {{- range .Values.ingress.tls }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          {{- range .paths }}
+          - path: {{ .path }}
+            {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+            pathType: {{ .pathType }}
+            {{- end }}
+            backend:
+              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+              {{- else }}
+              serviceName: {{ $fullName }}
+              servicePort: {{ $svcPort }}
+              {{- end }}
+          {{- end }}
+    {{- end }}
+{{- end }}
diff --git a/charts/smart-home-monolith/templates/service.yaml b/charts/smart-home-monolith/templates/service.yaml
new file mode 100644
index 000000000..2d724f49b
--- /dev/null
+++ b/charts/smart-home-monolith/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "smart-home-monolith.fullname" . }}
+  labels:
+    {{- include "smart-home-monolith.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "smart-home-monolith.selectorLabels" . | nindent 4 }}
diff --git a/charts/smart-home-monolith/templates/serviceaccount.yaml b/charts/smart-home-monolith/templates/serviceaccount.yaml
new file mode 100644
index 000000000..aeceaae6e
--- /dev/null
+++ b/charts/smart-home-monolith/templates/serviceaccount.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "smart-home-monolith.serviceAccountName" . }}
+  labels:
+    {{- include "smart-home-monolith.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
+{{- end }}
diff --git a/charts/smart-home-monolith/templates/tests/test-connection.yaml b/charts/smart-home-monolith/templates/tests/test-connection.yaml
new file mode 100644
index 000000000..118bb578c
--- /dev/null
+++ b/charts/smart-home-monolith/templates/tests/test-connection.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "smart-home-monolith.fullname" . }}-test-connection"
+  labels:
+    {{- include "smart-home-monolith.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "smart-home-monolith.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never
diff --git a/charts/smart-home-monolith/values.yaml b/charts/smart-home-monolith/values.yaml
new file mode 100644
index 000000000..d709f2451
--- /dev/null
+++ b/charts/smart-home-monolith/values.yaml
@@ -0,0 +1,109 @@
+# Default values for smart-home-monolith.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: ghcr.io/yandex-practicum/architecture-sprint-3
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: latest
+
+imagePullSecrets: 
+  - name: ghcr
+
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Automatically mount a ServiceAccount's API credentials?
+  automount: true
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: {}
+podLabels: {}
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 8080
+
+ingress:
+  enabled: false
+  className: ""
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: chart-example.local
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 100
+  targetCPUUtilizationPercentage: 80
+  # targetMemoryUtilizationPercentage: 80
+
+# Additional volumes on the output Deployment definition.
+volumes: []
+# - name: foo
+#   secret:
+#     secretName: mysecret
+#     optional: false
+
+# Additional volumeMounts on the output Deployment definition.
+volumeMounts: []
+# - name: foo
+#   mountPath: "/etc/foo"
+#   readOnly: true
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+
+postgresql:
+  enabled: true
+  auth:
+    username: your_username
+    password: your_password
+    database: smart_home
diff --git a/smart-home-monolith/Dockerfile b/smart-home-monolith/Dockerfile
new file mode 100644
index 000000000..b79ab4fea
--- /dev/null
+++ b/smart-home-monolith/Dockerfile
@@ -0,0 +1,12 @@
+FROM maven:3.8.6-eclipse-temurin-17-alpine@sha256:e88c1a981319789d0c00cd508af67a9c46524f177ecc66ca37c107d4c371d23b AS builder
+WORKDIR /build
+COPY . .
+RUN mvn clean package -DskipTests
+ 
+FROM eclipse-temurin:17.0.5_8-jre-alpine@sha256:02c04793fa49ad5cd193c961403223755f9209a67894622e05438598b32f210e
+WORKDIR /opt/app
+RUN addgroup --system javauser && adduser -S -s /usr/sbin/nologin -G javauser javauser
+COPY --from=builder /build/target/smart-home-monolith-1.0-SNAPSHOT.jar app.jar
+RUN chown -R javauser:javauser .
+USER javauser
+ENTRYPOINT ["java", "-jar", "app.jar"]
\ No newline at end of file
diff --git a/smart-home-monolith/src/main/resources/application.yml b/smart-home-monolith/src/main/resources/application.yml
index 587265170..ed6626fc3 100644
--- a/smart-home-monolith/src/main/resources/application.yml
+++ b/smart-home-monolith/src/main/resources/application.yml
@@ -1,15 +1,23 @@
 spring:
   datasource:
-    url: jdbc:postgresql://localhost:5432/smart_home
+    url: jdbc:postgresql://smart-home-monolith-postgresql.default:5432/smart_home
     username: your_username
     password: your_password
+    hikari:
+      allow-pool-suspension: true
   jpa:
     hibernate:
-      ddl-auto: update
+      ddl-auto: none
     show-sql: true
+    database-platform: org.hibernate.dialect.PostgreSQLDialect
     properties:
       hibernate:
+        boot.allow_jdbc_metadata_access: false
         dialect: org.hibernate.dialect.PostgreSQLDialect
+  sql:
+    init:
+      mode: always
+      schema-locations: classpath:init.sql
 
 server:
   port: 8080
diff --git a/smart-home-monolith/src/main/resources/init.sql b/smart-home-monolith/src/main/resources/init.sql
new file mode 100644
index 000000000..48fbbf7fd
--- /dev/null
+++ b/smart-home-monolith/src/main/resources/init.sql
@@ -0,0 +1,12 @@
+CREATE TABLE IF NOT EXISTS heating_systems (
+    id BIGSERIAL PRIMARY KEY,
+    is_on BOOLEAN NOT NULL,
+    target_temperature DOUBLE PRECISION NOT NULL,
+    current_temperature DOUBLE PRECISION NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS temperature_sensors (
+    id BIGSERIAL PRIMARY KEY,
+    current_temperature DOUBLE PRECISION NOT NULL,
+    last_updated TIMESTAMP NOT NULL
+);
diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
new file mode 100644
index 000000000..a1ee3b42b
--- /dev/null
+++ b/terraform/.terraform.lock.hcl
@@ -0,0 +1,17 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/helm" {
+  version = "2.14.0"
+  hashes = [
+    "h1:8Vt9264v3UE6mHLRG8yiteVl5h8ZSTkJXf1xdVLa7GA=",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/kubernetes" {
+  version     = "2.31.0"
+  constraints = "2.31.0"
+  hashes = [
+    "h1:ZlKkkHJrjF4AiMueI2yA+abBc1c37cfwjyxURdLKhEw=",
+  ]
+}
diff --git a/terraform/apigw.tf b/terraform/apigw.tf
new file mode 100644
index 000000000..b652c94a4
--- /dev/null
+++ b/terraform/apigw.tf
@@ -0,0 +1,53 @@
+
+resource "kubernetes_deployment" "hello_world" {
+  metadata {
+    name      = "hello-world"
+    namespace = "default"
+    labels = {
+      app = "hello-world"
+    }
+  }
+
+  spec {
+    replicas = 1
+
+    selector {
+      match_labels = {
+        app = "hello-world"
+      }
+    }
+
+    template {
+      metadata {
+        labels = {
+          app = "hello-world"
+        }
+      }
+
+      spec {
+        container {
+          name  = "hello-world"
+          image = "kubeshop/kusk-hello-world:v1.0.0"
+        }
+      }
+    }
+  }
+}
+
+resource "kubernetes_service" "hello_world_svc" {
+  metadata {
+    name      = "hello-world-svc"
+    namespace = "default"
+  }
+
+  spec {
+    selector = {
+      app = "hello-world"
+    }
+
+    port {
+      port        = 8080
+      target_port = 8080
+    }
+  }
+}
diff --git a/terraform/kafka.tf b/terraform/kafka.tf
new file mode 100644
index 000000000..25947c1e7
--- /dev/null
+++ b/terraform/kafka.tf
@@ -0,0 +1,8 @@
+resource "helm_release" "kafka" {
+    repository = "oci://registry-1.docker.io/bitnamicharts"
+    name = "kafka"
+    chart = "kafka"
+    version = "30.0.0"
+    namespace  = "kafka"
+    create_namespace = true
+}
\ No newline at end of file
diff --git a/terraform/main.tf b/terraform/main.tf
new file mode 100644
index 000000000..5f2926547
--- /dev/null
+++ b/terraform/main.tf
@@ -0,0 +1,20 @@
+terraform {
+  required_providers {
+    kubernetes = {
+      source = "hashicorp/kubernetes"
+      version = "2.31.0"
+    }
+  }
+}
+
+provider "kubernetes" {
+    config_path    = "~/.kube/config"
+    config_context = "minikube"
+}
+
+provider "helm" {
+  kubernetes {
+    config_path    = "~/.kube/config"
+    config_context = "minikube"
+  }
+}
diff --git a/terraform/smart-home-monolith.tf b/terraform/smart-home-monolith.tf
new file mode 100644
index 000000000..62a4ebcf3
--- /dev/null
+++ b/terraform/smart-home-monolith.tf
@@ -0,0 +1,5 @@
+resource "helm_release" "smart-home-monolith" {
+  name       = "smart-home-monolith"
+  namespace  = "default"
+  chart      = "../charts/smart-home-monolith"
+}
\ No newline at end of file