feat(phase-34): resolve blocking tech debt — Redis, domain exceptions, indexes, CI

Foundational changes required before any new feature work can begin. - 0.1 Redis infrastructure: add redis:7-alpine to docker-compose dev and prod, REDIS_URL config, singleton client in app/infrastructure/redis_client.py - 0.2 Token blacklist on Redis SEC-001: replace in-memory dict with Redis SETEX keyed by jti, auto-expiring TTL derived from token exp - 0.3 Database indexes SR-006: Alembic migration b019 with 5 composite indexes for scoring, MTTD/MTTR, remediation, and notification queries - 0.4 Domain exceptions TD-003: app/domain/exceptions.py with typed errors, error_handler middleware mapping them to HTTP, services decoupled from FastAPI - 0.5 Fix silenced exceptions TD-007: replace 4 bare except-pass blocks in test_workflow_service with logger.warning with exc_info - 0.6 CI pipeline TD-009: GitHub Actions workflow with Postgres and Redis service containers, ruff lint, pytest; ruff.toml for baseline config
2026-02-17 15:43:05 +01:00
parent 6a327f6b51
commit 6d18a5417d
21 changed files with 464 additions and 124 deletions
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -47,6 +47,22 @@ services:
    networks:
      - aegis-network

+  # ── Redis ──────────────────────────────────────────────────────────────────
+  redis:
+    image: redis:7-alpine
+    container_name: aegis-redis
+    command: redis-server --appendonly yes --maxmemory 256mb --maxmemory-policy allkeys-lru
+    volumes:
+      - redis_data:/data
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 5s
+      timeout: 3s
+      retries: 5
+    restart: always
+    networks:
+      - aegis-network
+
  # ── FastAPI Backend ────────────────────────────────────────────────────────
  backend:
    build:
@@ -63,6 +79,7 @@ services:
      MINIO_SECRET_KEY: ${MINIO_SECRET_KEY:-minioadmin}
      MINIO_BUCKET: ${MINIO_BUCKET:-evidence}
      MINIO_SECURE: ${MINIO_SECURE:-false}
+      REDIS_URL: redis://redis:6379/0
      CORS_ORIGINS: ${CORS_ORIGINS:-}
      AEGIS_ENV: ${AEGIS_ENV:-production}
      ADMIN_USERNAME: ${ADMIN_USERNAME:-admin}
@@ -70,6 +87,8 @@ services:
    depends_on:
      postgres:
        condition: service_healthy
+      redis:
+        condition: service_healthy
      minio:
        condition: service_started
    command: sh /app/entrypoint.prod.sh
@@ -108,3 +127,5 @@ volumes:
    name: aegis_postgres_data_prod
  minio_data:
    name: aegis_minio_data_prod
+  redis_data:
+    name: aegis_redis_data_prod