Price prediction service

.github/workflows/ci.yml

@@ -15,18 +15,23 @@ jobs:
 
       - uses: actions/setup-python@v5
         with:
-          python-version: "3.11"
+          python-version: "3.12"
 
       - name: Install ruff
         run: pip install ruff
 
       - name: Lint all services
         run: |
-          ruff check services/auth/app \
-                        services/farmer/app \
-                        services/buyer/app \
-                        services/produce/app \
-                        services/recommendation/app
+          ruff check \
+            services/auth/app \
+            services/user/app \
+            services/produce/app \
+            services/order/app \
+            services/payment/app \
+            services/notification/app \
+            services/message/app \
+            services/blog/app \
+            services/ussd/app
 
   integration-tests:
     name: Integration Tests
@@ -36,33 +41,36 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
+      # CI uses dev defaults — no real secrets needed
+      - name: Create bridge network for ML stack
+        run: docker network create soko-ml-bridge || true
+
       - name: Build and start services
         run: docker compose up --build -d
-        timeout-minutes: 10
+        timeout-minutes: 15
 
-      - name: Wait for all services to be healthy
+      - name: Wait for all core services to be healthy
         run: |
-          echo "Waiting for all 5 services to respond..."
-          for port in 8001 8002 8003 8004 8005; do
+          echo "Waiting for core services..."
+          for port in 8001 8002 8003 8004 8005 8007 8008 8009; do
             for i in $(seq 1 40); do
               if curl -sf http://localhost:${port}/health > /dev/null 2>&1; then
-                echo "Port ${port} is up."
+                echo "  :${port} up"
                 break
               fi
               if [ "$i" = "40" ]; then
-                echo "Timed out waiting for port ${port}"
+                echo "  :${port} timed out"
                 docker compose logs
                 exit 1
               fi
-              echo "Port ${port} not ready, attempt $i — waiting 5s..."
               sleep 5
             done
           done
           echo "All services ready."
 
       - uses: actions/setup-python@v5
         with:
-          python-version: "3.11"
+          python-version: "3.12"
 
       - name: Install test dependencies
         run: pip install -r tests/integration/requirements.txt

.github/workflows/deploy.yml

@@ -0,0 +1,62 @@
+name: Deploy to Production
+
+on:
+  push:
+    branches: [main, price_prediction_service]
+  workflow_dispatch:  # allow manual trigger from GitHub UI
+
+concurrency:
+  group: deploy-prod
+  cancel-in-progress: false  # never cancel a running deploy
+
+jobs:
+  deploy:
+    name: Deploy Backend
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Deploy via SSH
+        uses: appleboy/ssh-action@v1.2.0
+        with:
+          host: ${{ secrets.EC2_HOST }}
+          username: ubuntu
+          key: ${{ secrets.EC2_SSH_KEY }}
+          timeout: 600s
+          script: |
+            set -e
+
+            echo "=== Pulling latest code ==="
+            cd /opt/soko
+            git fetch origin
+            git reset --hard origin/${{ github.ref_name }}
+
+            echo "=== Refreshing secrets ==="
+            bash scripts/fetch-secrets.sh
+            bash scripts/fetch-ml-secrets.sh
+
+            echo "=== Restarting core platform ==="
+            docker compose pull --ignore-pull-failures 2>/dev/null || true
+            docker compose up -d --build --remove-orphans
+
+            echo "=== Restarting ML stack ==="
+            cd services/soko-ml
+            docker compose up -d --build --remove-orphans
+
+            echo "=== Pruning unused images ==="
+            docker image prune -f
+
+            echo "=== Verifying health ==="
+            sleep 15
+            for port in 8001 8002 8003 8004 8005 8007 8008 8009; do
+              status=$(curl -sf --max-time 5 http://localhost:${port}/health | jq -r '.status' 2>/dev/null || echo "unreachable")
+              echo "Service :${port} -> ${status}"
+            done
+
+      - name: Notify on failure
+        if: failure()
+        run: |
+          echo "::error::Deployment failed — check SSH logs above"
+          # Add Slack/email notification here if desired

.gitignore

@@ -94,3 +94,10 @@ erl_crash.dump
 
 # Claude Code
 .claude/
+
+# Terraform
+infrastructure/.terraform/
+infrastructure/terraform.tfvars
+infrastructure/*.tfstate
+infrastructure/*.tfstate.backup
+infrastructure/.terraform.lock.hcl