A fully automated, secure, and scalable multi-language development platform on Google Cloud Platform
Features • Quick Start • Documentation • Architecture • Contributing
NexusForge is a production-ready, cloud-native development platform that provides:
- Multi-Language Support: Python 3.9, Node.js 16, and Go 1.18 microservices
- Automated CI/CD: GitHub Actions with Workload Identity Federation
- Cloud Infrastructure: GCP Cloud Run, Cloud SQL, and managed services
- Monitoring & Observability: Prometheus, Grafana, and structured logging
- Security First: IAP, Cloud Armor, Secret Manager, and RBAC
- Developer Experience: Hot reload, Docker Compose, VS Code integration
| Language | Framework | ORM | Cache | Size |
|---|---|---|---|---|
| Python 3.9 | FastAPI | SQLAlchemy | Redis | ~150MB |
| Node.js 16 | Express + TypeScript | Prisma | Redis | ~120MB |
| Go 1.18 | Gin | GORM | Redis | ~15MB |
- ✅ Workload Identity Federation - No service account keys
- ✅ Cloud Armor - DDoS protection and WAF
- ✅ Identity-Aware Proxy - Zero-trust access
- ✅ Secret Manager - Secure credential storage
- ✅ VPC - Network isolation
- ✅ RBAC - Role-based access control
- ✅ Cloud Run - Serverless container deployment
- ✅ Cloud SQL - Managed PostgreSQL 14
- ✅ Memorystore - Managed Redis 6
- ✅ Artifact Registry - Container image storage
- ✅ Cloud Logging - Centralized logs
- ✅ Cloud Monitoring - Metrics and alerts
- ✅ Prometheus - Metrics collection
- ✅ Grafana - Visualization dashboards
- ✅ Health Checks - Kubernetes-ready endpoints
- ✅ Structured Logging - JSON logs with context
- ✅ Alert Policies - Automated notifications
- ✅ GitHub Actions - Automated workflows
- ✅ Multi-Environment - Dev, Staging, Production
- ✅ Security Scanning - Trivy, Snyk integration
- ✅ Automated Testing - Unit, integration, E2E
- ✅ Canary Deployment - Progressive rollouts
- ✅ Automated Backups - Daily database snapshots
- GCP Account with billing enabled
- GitHub Repository with Actions enabled
- Local Tools:
- Docker & Docker Compose
- gcloud CLI
- Git
- VS Code (recommended)
git clone https://github.com/yourusername/nexusforge-platform.git
cd nexusforge-platform# Run interactive setup wizard
./infrastructure/scripts/00-setup-manager.sh
# Or manual setup
./infrastructure/scripts/01-gcp-initial-setup.sh
./infrastructure/scripts/02-workload-identity-setup.sh# Start all services with Docker Compose
docker-compose -f config/docker/docker-compose-all-in-one.yml up -d
# Check service health
curl http://localhost:8000/health # Python
curl http://localhost:3000/health # Node.js
curl http://localhost:8080/health # Go# Commit and push to trigger CI/CD
git add .
git commit -m "Initial deployment"
git push origin main
# Or deploy manually
gcloud run deploy nexusforge-python \
--image gcr.io/PROJECT_ID/nexusforge-python:latest \
--platform managed \
--region us-central1- 📖 Setup Guide - Detailed installation instructions
- 💻 Development Guide - Local development workflow
- 🚢 Deployment Guide - Production deployment
- 🔒 Security Guide - Security best practices
- 🔧 Troubleshooting - Common issues and solutions
- 🐳 Docker Guide - Container deployment
- 📊 Monitoring Guide - Observability setup
- 🏗️ Architecture - System design and patterns
- 📡 API Documentation - API reference
- 🔄 Disaster Recovery - Backup and recovery
┌─────────────────────────────────────────────────────────────────┐
│ Internet / Users │
└─────────────────────────┬───────────────────────────────────────┘
│
┌───────▼────────┐
│ Cloud Armor │ ← DDoS Protection
│ (WAF/CDN) │
└───────┬────────┘
│
┌───────▼────────┐
│ IAP │ ← Authentication
└───────┬────────┘
│
┌───────▼────────┐
│ Load Balancer │
└───────┬────────┘
│
┌─────────────────┼─────────────────┐
│ │ │
┌────▼─────┐ ┌─────▼──────┐ ┌─────▼──────┐
│ Python │ │ Node.js │ │ Go │
│ FastAPI │ │ Express │ │ Gin │
│ Cloud Run│ │ Cloud Run │ │ Cloud Run │
└────┬─────┘ └─────┬──────┘ └─────┬──────┘
│ │ │
└────────────────┼─────────────────┘
│
┌────────────────┼─────────────────┐
│ │ │
┌────▼──────┐ ┌───▼────────┐ ┌────▼──────┐
│ Cloud SQL │ │ Memorystore│ │ Secret │
│PostgreSQL │ │ Redis │ │ Manager │
└───────────┘ └────────────┘ └───────────┘
Backend Services:
- Python 3.9 + FastAPI + SQLAlchemy + Alembic
- Node.js 16 + Express + TypeScript + Prisma
- Go 1.18 + Gin + GORM
Infrastructure:
- GCP Cloud Run (serverless containers)
- Cloud SQL PostgreSQL 14 (managed database)
- Memorystore Redis 6 (managed cache)
- Artifact Registry (container images)
CI/CD:
- GitHub Actions (automation)
- Workload Identity Federation (secure auth)
- Multi-environment deployments
Monitoring:
- Prometheus (metrics)
- Grafana (dashboards)
- Cloud Logging (logs)
- Cloud Monitoring (alerts)
nexusforge-platform/
├── .github/
│ ├── actions/ # Reusable composite actions
│ ├── workflows/ # CI/CD pipelines
│ └── config/ # Environment configurations
├── config/
│ ├── docker/ # Dockerfiles and compose
│ ├── nginx/ # Reverse proxy config
│ ├── monitoring/ # Prometheus, Grafana
│ └── security/ # Security policies
├── infrastructure/
│ ├── scripts/ # Setup and automation scripts
│ └── terraform/ # IaC (optional)
├── workspace/
│ ├── python/ # FastAPI service (38 files)
│ ├── nodejs/ # Express service (33 files)
│ └── go/ # Gin service (26 files)
├── docs/ # Documentation
├── scripts/ # Utility scripts
└── tests/ # End-to-end tests
# Install dependencies
cd workspace/python && pip install -r requirements.txt
cd workspace/nodejs && npm install
cd workspace/go && go mod download
# Start development servers
cd workspace/python && make run
cd workspace/nodejs && npm run dev
cd workspace/go && make run# Python
cd workspace/python && pytest
# Node.js
cd workspace/nodejs && npm test
# Go
cd workspace/go && make test# Start all services
docker-compose -f config/docker/docker-compose-all-in-one.yml up -d
# View logs
docker-compose logs -f python-api
# Stop services
docker-compose downAccess monitoring dashboards:
- Prometheus: http://localhost:9090
- Grafana: http://localhost:3001 (admin/admin)
- Adminer: http://localhost:8081 (database UI)
- Redis Commander: http://localhost:8082
- Authentication: JWT tokens with refresh
- Authorization: Role-based access control (RBAC)
- Network Security: VPC, Cloud Armor, IAP
- Data Security: Secret Manager, encrypted connections
- Container Security: Non-root users, minimal images
- API Security: Rate limiting, input validation
# Scan Docker images
docker scan nexusforge-python:latest
# Security audit (Python)
cd workspace/python && pip-audit
# Security audit (Node.js)
cd workspace/nodejs && npm audit
# Security audit (Go)
cd workspace/go && gosec ./...We welcome contributions! Please see:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Make your changes with tests
- Run linters and tests
- Commit with conventional commits (
git commit -m 'feat: add amazing feature') - Push to your fork (
git push origin feature/amazing-feature) - Open a Pull Request
- Multi-language microservices (Python, Node.js, Go)
- Automated CI/CD with GitHub Actions
- GCP Cloud Run deployment
- Monitoring and observability
- Comprehensive documentation
- GraphQL API gateway
- gRPC inter-service communication
- Service mesh (Istio)
- Multi-region deployment
- Advanced caching strategies
- Machine learning pipeline
This project is licensed under the MIT License - see the LICENSE file for details.
- Built with FastAPI, Express, and Gin
- Deployed on Google Cloud Platform
- Monitored with Prometheus and Grafana
- Inspired by cloud-native best practices
- Documentation: docs/
- Issues: GitHub Issues
- Discussions: GitHub Discussions
Made with ❤️ by the NexusForge Team