feat: add marketplace metrics, privacy features, and service registry endpoints

- Add Prometheus metrics for marketplace API throughput and error rates with new dashboard panels - Implement confidential transaction models with encryption support and access control - Add key management system with registration, rotation, and audit logging - Create services and registry routers for service discovery and management - Integrate ZK proof generation for privacy-preserving receipts - Add metrics instru
2025-12-22 10:33:23 +01:00
parent d98b2c7772
commit c8be9d7414
260 changed files with 59033 additions and 351 deletions
--- a/infra/k8s/sealed-secrets.yaml
+++ b/infra/k8s/sealed-secrets.yaml
@ -0,0 +1,81 @@
+# SealedSecrets Controller Installation
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: sealed-secrets
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: https://bitnami-labs.github.io/sealed-secrets
+    chart: sealed-secrets
+    targetRevision: 2.15.0
+    helm:
+      releaseName: sealed-secrets
+      parameters:
+      - name: namespace
+        value: kube-system
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: kube-system
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+---
+# Example SealedSecret for Coordinator API Keys
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  name: coordinator-api-keys
+  namespace: default
+  annotations:
+    sealedsecrets.bitnami.com/cluster-wide: "true"
+spec:
+  encryptedData:
+    # Production API key (encrypted)
+    api-key-prod: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx...
+    # Staging API key (encrypted)
+    api-key-staging: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx...
+    # Development API key (encrypted)
+    api-key-dev: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx...
+  template:
+    metadata:
+      name: coordinator-api-keys
+      namespace: default
+    type: Opaque
+---
+# Example SealedSecret for Database Credentials
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  name: coordinator-db-credentials
+  namespace: default
+spec:
+  encryptedData:
+    username: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx...
+    password: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx...
+    database: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx...
+  template:
+    metadata:
+      name: coordinator-db-credentials
+      namespace: default
+    type: Opaque
+---
+# Example SealedSecret for JWT Signing Keys (if needed in future)
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  name: coordinator-jwt-keys
+  namespace: default
+spec:
+  encryptedData:
+    private-key: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx...
+    public-key: AgBy3i4OJSWK+PiTySYZZA9rO43cGDEQAx...
+  template:
+    metadata:
+      name: coordinator-jwt-keys
+      namespace: default
+    type: Opaque