Dev

.github/workflows/build.yaml

@@ -0,0 +1,89 @@
+name: Build and Package Service
+on:
+  push:
+    branches:
+      - 'main'
+      - 'devOps'
+      - 'dev'
+  pull_request:
+    branches:
+      - 'main'
+      - 'devOps'
+      - 'dev'
+
+permissions:
+  contents: read
+  packages: write 
+
+jobs:
+  build-test:
+    name: Install and Build (Tests Skipped)
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          cache: maven
+
+      - name: Cache Maven packages
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
+
+      - name: Build with Maven (Skip Tests)
+        run: mvn -B clean package -DskipTests --file notification-service/pom.xml
+
+      - name: Upload Build Artifact (JAR)
+        uses: actions/upload-artifact@v4
+        with:
+          name: notification-service-jar
+          path: notification-service/target/*.jar
+
+  build-and-push-docker:
+    name: Build & Push Docker Image
+    if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/devOps' || github.ref == 'refs/heads/dev'
+    runs-on: ubuntu-latest
+    needs: build-test 
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Download JAR Artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: notification-service-jar
+          path: notification-service/target/
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/techtorque-2025/notification_service
+          tags: |
+            type=sha,prefix=
+            type=raw,value=latest,enable={{is_default_branch}}
+
+      - name: Log in to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/deploy.yaml

@@ -0,0 +1,58 @@
+name: Deploy Notification Service to Kubernetes
+
+on:
+  workflow_run:
+    workflows: ["Build and Package Service"]
+    types:
+      - completed
+    branches:
+      - 'main'
+      - 'devOps'
+
+jobs:
+  deploy:
+    name: Deploy Notification Service to Kubernetes
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Get Commit SHA
+        id: get_sha
+        run: |
+          echo "sha=$(echo ${{ github.event.workflow_run.head_sha }} | cut -c1-7)" >> $GITHUB_OUTPUT
+
+      - name: Checkout K8s Config Repo
+        uses: actions/checkout@v4
+        with:
+          repository: 'TechTorque-2025/k8s-config' 
+          token: ${{ secrets.REPO_ACCESS_TOKEN }} 
+          path: 'config-repo'
+          ref: 'main' 
+
+      - name: Install kubectl
+        uses: azure/setup-kubectl@v3
+
+      - name: Install yq
+        run: |
+          sudo wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq
+          sudo chmod +x /usr/bin/yq
+
+      - name: Set Kubernetes context
+        uses: azure/k8s-set-context@v4
+        with:
+          kubeconfig: ${{ secrets.KUBE_CONFIG_DATA }}
+
+      - name: Update image tag in YAML
+        run: |
+          yq -i '(select(.kind == "Deployment") | .spec.template.spec.containers[0].image) = "ghcr.io/techtorque-2025/notification_service:${{ steps.get_sha.outputs.sha }}"' config-repo/k8s/services/notificationservice-deployment.yaml
+
+      - name: Display file contents before apply
+        run: |
+          echo "--- Displaying k8s/services/notificationservice-deployment.yaml ---"
+          cat config-repo/k8s/services/notificationservice-deployment.yaml
+          echo "------------------------------------------------------------"
+
+      - name: Deploy to Kubernetes
+        run: |
+          kubectl apply -f config-repo/k8s/services/notificationservice-deployment.yaml
+          kubectl rollout status deployment/notificationservice-deployment

Dockerfile

@@ -0,0 +1,34 @@
+# Dockerfile for notification-service
+
+# --- Build Stage ---
+# Use the official Maven image which contains the Java JDK
+FROM maven:3.8-eclipse-temurin-17 AS build
+
+# Set the working directory
+WORKDIR /app
+
+# Copy the pom.xml and download dependencies
+COPY notification-service/pom.xml .
+RUN mvn -B dependency:go-offline
+
+# Copy the rest of the source code and build the application
+# Note: We copy the pom.xml *first* to leverage Docker layer caching.
+COPY notification-service/src ./src
+RUN mvn -B clean package -DskipTests
+
+# --- Run Stage ---
+# Use a minimal JRE image for the final container
+FROM eclipse-temurin:17-jre-jammy
+
+# Set a working directory
+WORKDIR /app
+
+# Copy the built JAR from the 'build' stage
+# The wildcard is used in case the version number is in the JAR name
+COPY --from=build /app/target/*.jar app.jar
+
+# Expose the port your application runs on
+EXPOSE 8088
+
+# The command to run your application
+ENTRYPOINT ["java", "-jar", "app.jar"]

EMAIL_CONFIGURATION.md

@@ -0,0 +1,177 @@
+# Email Configuration Guide for Notification Service
+
+## Development Mode (Default)
+
+By default, the service runs with the **dev profile** which **disables email health checks**. This prevents authentication failures during local development.
+
+### Running in Development Mode
+
+```bash
+# Using Maven
+mvn spring-boot:run
+
+# Using IDE - the dev profile is active by default
+# Just run NotificationServiceApplication.java
+```
+
+**Note:** Email sending will be attempted but won't fail the health check if credentials are invalid.
+
+---
+
+## Testing Email Functionality
+
+If you want to test actual email sending during development, you need valid Gmail credentials with an App Password.
+
+### Step 1: Generate Gmail App Password
+
+1. Go to your Google Account: https://myaccount.google.com/
+2. Navigate to **Security**
+3. Enable **2-Step Verification** (if not already enabled)
+4. Go to **App Passwords**: https://myaccount.google.com/apppasswords
+5. Generate a new app password for "Mail"
+6. Copy the 16-character password
+
+### Step 2: Set Environment Variables
+
+```bash
+# Linux/Mac
+export EMAIL_USERNAME="your-email@gmail.com"
+export EMAIL_PASSWORD="your-16-char-app-password"
+
+# Windows (PowerShell)
+$env:EMAIL_USERNAME="your-email@gmail.com"
+$env:EMAIL_PASSWORD="your-16-char-app-password"
+```
+
+### Step 3: Enable Mail Health Check (Optional)
+
+In `application-dev.properties`, change:
+```properties
+management.health.mail.enabled=true
+```
+
+### Step 4: Run the Service
+
+```bash
+mvn spring-boot:run
+```
+
+---
+
+## Production Mode
+
+For production deployments, use the **prod profile** with proper credentials:
+
+```bash
+# Set all required environment variables
+export SPRING_PROFILE=prod
+export DB_URL=jdbc:postgresql://prod-host:5432/notification_db
+export DB_USERNAME=prod_user
+export DB_PASSWORD=prod_password
+export EMAIL_USERNAME=noreply@techtorque.com
+export EMAIL_PASSWORD=production-app-password
+
+# Run the application
+java -jar notification-service.jar --spring.profiles.active=prod
+```
+
+**Production profile automatically:**
+- Enables mail health checks
+- Uses environment variables for sensitive data
+- Reduces logging verbosity
+- Sets JPA to validate-only mode
+
+---
+
+## Troubleshooting
+
+### Issue: "Username and Password not accepted"
+
+**Cause:** Invalid Gmail credentials or regular password used instead of App Password.
+
+**Solutions:**
+1. Generate an App Password (see above)
+2. Disable mail health check: `management.health.mail.enabled=false`
+3. Use dev profile (mail health check disabled by default)
+
+### Issue: "535-5.7.8 BadCredentials"
+
+**Cause:** Gmail blocking login attempt.
+
+**Solutions:**
+1. Ensure 2-Step Verification is enabled
+2. Use an App Password, not your regular password
+3. Check if "Less secure app access" is required (deprecated by Google)
+
+### Issue: Email sending works but health check fails
+
+**Cause:** Transient connection issues or rate limiting.
+
+**Solution:** Disable health check in development:
+```properties
+management.health.mail.enabled=false
+```
+
+---
+
+## Configuration Summary
+
+| Profile | Mail Health Check | Use Case |
+|---------|------------------|----------|
+| **dev** (default) | Disabled | Local development without email |
+| **prod** | Enabled | Production with valid credentials |
+
+---
+
+## Quick Commands
+
+```bash
+# Development (no email credentials needed)
+mvn spring-boot:run
+
+# Development with email testing
+export EMAIL_USERNAME="your@gmail.com"
+export EMAIL_PASSWORD="app-password"
+mvn spring-boot:run
+
+# Production
+export SPRING_PROFILE=prod
+export EMAIL_USERNAME="prod@techtorque.com"
+export EMAIL_PASSWORD="prod-password"
+java -jar notification-service.jar
+```
+
+---
+
+## Security Notes
+
+⚠️ **Never commit email credentials to version control!**
+
+- Always use environment variables
+- Add `.env` files to `.gitignore`
+- Use secret management in production (AWS Secrets Manager, Azure Key Vault, etc.)
+- Rotate credentials regularly
+
+---
+
+## Alternative: Using MailHog for Development
+
+For local email testing without real credentials:
+
+```bash
+# Start MailHog
+docker run -d -p 1025:1025 -p 8025:8025 mailhog/mailhog
+
+# Update application-dev.properties
+spring.mail.host=localhost
+spring.mail.port=1025
+spring.mail.username=
+spring.mail.password=
+spring.mail.properties.mail.smtp.auth=false
+spring.mail.properties.mail.smtp.starttls.enable=false
+management.health.mail.enabled=false
+
+# Access web UI at http://localhost:8025
+```
+
+This captures all emails locally without sending them to real addresses.