Stage 08: Control Plane Services

Stage 08 deploys all control plane Java Spring Boot services to the matih-control-plane namespace. It reads image tags from build metadata, validates their existence in Azure Container Registry, and deploys each service via Helm.

Source file: scripts/stages/08-control-plane-services.sh

Services Deployed

Image Tag Resolution

The stage resolves image tags in the following priority order:

1. Build metadata file (logs/deployment/.build_metadata.json) -- includes tag, git commit, branch
2. Tag file (logs/deployment/.current_image_tag) -- simple tag string
3. ACR latest tag query -- fallback to most recent tag in registry
4. latest -- last resort (not recommended for production)

Build Metadata Format

{
  "imageTag": "20260212-abc1234",
  "gitCommit": "abc1234",
  "gitBranch": "main",
  "acrRegistry": "matihlabsacr.azurecr.io",
  "initiatedBy": "cd-pipeline"
}

ACR Validation

Before deployment, the stage validates that the image tag exists in ACR:

az acr repository show-tags --name matihlabsacr \
    --repository matih/config-service \
    --orderby time_desc --top 10

If the tag is not found, the stage falls back to the latest available tag.

Deployment Pattern

Each service is deployed using helm upgrade --install:

helm upgrade --install <service-name> \
    infrastructure/helm/<service-name> \
    --namespace matih-control-plane \
    --set image.repository=${ACR_URL}/matih/<service-name> \
    --set image.tag=${IMAGE_TAG} \
    --wait --timeout 10m

Dependencies

• Requires: 05a-control-plane-infrastructure, 07-control-plane-monitoring
• Required by: 09-control-plane-frontend, 18-validate

Dependency Verification

kubectl get pods -n matih-control-plane
kubectl get deployments -n matih-control-plane