KWS (Kitchen Web Service)

Table of Contents

• 1. Overview
• 2. Quick Start
  • 2.1. Prerequisites
  • 2.2. Clone and Setup
  • 2.3. Start Dependencies (MongoDB, Keycloak)
  • 2.4. Verify Dependencies
  • 2.5. Build and Run KWS
  • 2.6. Access KWS
• 3. Configuration
  • 3.1. Configuration Files
  • 3.2. Environment Variable Overrides
  • 3.3. Key Configuration Options
• 4. Docker Compose Services
  • 4.1. Common Docker Commands
• 5. Development Workflow
  • 5.1. Daily Development
  • 5.2. API Testing
• 6. Project Structure
• 7. KOS Integration
  • 7.1. KOS Authentication Flow
  • 7.2. KOS Endpoints
• 8. Troubleshooting
  • 8.1. MongoDB Connection Issues
  • 8.2. Keycloak Issues
  • 8.3. Template Errors
  • 8.4. Port Conflicts
• 9. Makefile Targets
• 10. Related Documentation

1. Overview

KWS is a B2B cloud platform for managing multiple KOS (Kitchen Operating System) instances across different tenants, regions, and sites. It provides centralized recipe management, order routing, and fleet management for autonomous kitchen operations.

2. Quick Start

2.1. Prerequisites

• Go 1.25+

• Docker and Docker Compose v2

• MongoDB 8.0+ (runs in Docker)

• Keycloak 26+ (runs in Docker)

2.2. Clone and Setup

cd ~/src/ak/kws

# Copy production config for local development
cp config/config.prod.yaml config/config.yaml

# Edit config.yaml for local development (optional)
# - Change port if needed
# - Enable debug mode

2.3. Start Dependencies (MongoDB, Keycloak)

# Start MongoDB and Keycloak containers
docker compose up -d mongodb postgres keycloak

# Wait for services to be ready (about 30 seconds)
docker compose logs -f keycloak  # Wait until you see "Keycloak ... started"
# Press Ctrl+C to exit logs

2.4. Verify Dependencies

# Check MongoDB is running
docker compose exec mongodb mongosh --eval "db.runCommand({ping:1})"

# Check Keycloak is running
curl -s http://localhost:8180/health/ready

# Access Keycloak Admin Console
# URL: http://localhost:8180
# Username: admin
# Password: admin (or $KEYCLOAK_ADMIN_PASSWORD)

2.5. Build and Run KWS

# Build the application
make build

# Run the server (uses config/config.yaml)
make run

# Or run directly
./bin/kws serve

2.6. Access KWS

• Web UI: http://localhost:7000 (or port configured in config.yaml)

• API: http://localhost:7000/api/v1/

3. Configuration

3.1. Configuration Files

File	Purpose	Git Status
config/config.prod.yaml	Production defaults, committed to git	Tracked
config/config.yaml	Local development, secrets allowed	Gitignored
config/config.local.yaml	Additional local overrides	Gitignored

3.2. Environment Variable Overrides

All config values can be overridden via environment variables with KWS_ prefix:

export KWS_SERVER_PORT=8080
export KWS_MONGODB_URI=mongodb://production-host:27017
export KWS_KEYCLOAK_URL=https://auth.example.com

3.3. Key Configuration Options

# config/config.yaml
app:
  env: development  # development, staging, production
  debug: true       # Enable debug logging

server:
  port: 7000        # HTTP server port

mongodb:
  uri: mongodb://localhost:27017
  database: kws

keycloak:
  url: http://localhost:8180
  admin_username: admin
  admin_password: admin  # Use env var in production!

4. Docker Compose Services

Service	Port	Description
kws	8000:8080	KWS Application (only when running full stack)
mongodb	27017:27017	MongoDB for application data
postgres	5432 (internal)	PostgreSQL for Keycloak
keycloak	8180:8080	IAM (Authentication & Authorization)
nginx	443, 8443	Reverse proxy (production profile only)

4.1. Common Docker Commands

# Start only dependencies (for local development)
docker compose up -d mongodb postgres keycloak

# Start everything including KWS container
docker compose up -d

# View logs
docker compose logs -f kws
docker compose logs -f keycloak

# Stop all services
docker compose down

# Stop and remove volumes (full reset)
docker compose down -v

# Rebuild KWS container after code changes
docker compose build kws
docker compose up -d kws

5. Development Workflow

5.1. Daily Development

# 1. Start dependencies
docker compose up -d mongodb postgres keycloak

# 2. Build and run locally (faster iteration)
make run

# 3. Make changes, rebuild
make run

5.2. API Testing

# Health check
curl http://localhost:7000/health

# List tenants (requires auth in production)
curl http://localhost:7000/api/v1/tenants

# Create a tenant
curl -X POST http://localhost:7000/api/v1/tenants \
  -H "Content-Type: application/json" \
  -d '{"code": "test-tenant", "name": "Test Tenant", "plan": "starter"}'

6. Project Structure

kws/
├── cmd/kws/              # Application entry point
├── config/               # Configuration files
│   ├── config.prod.yaml  # Production defaults (committed)
│   └── config.yaml       # Local development (gitignored)
├── docker-compose.yaml   # Docker services
├── Dockerfile            # Container build
├── docs/                 # Documentation (AsciiDoc)
│   ├── KWS-Requirements-Document.adoc
│   ├── KWS-Functional-Specification.adoc
│   └── KWS-Technical-Design.adoc
├── internal/
│   ├── app/              # HTTP handlers, middleware
│   ├── domain/           # Models, repositories, services
│   ├── infrastructure/   # Config, database, external services
│   └── pkg/              # Shared utilities
├── scripts/
│   ├── ca/               # Certificate Authority scripts
│   └── db/               # Database initialization
└── web/                  # Web UI (templates, static files)

7. KOS Integration

KWS manages KOS instances via REST API with mTLS authentication.

7.1. KOS Authentication Flow

1. KOS instance is provisioned with mTLS client certificate

2. On first startup, KOS generates a UUID and stores it in local database

3. KOS connects to KWS with:

   • mTLS client certificate (transport layer)

   • X-KOS-ID header with UUID

7.2. KOS Endpoints

Endpoint	Method	Description
/api/v1/kos/register	POST	Register new KOS instance
/api/v1/kos/heartbeat	POST	Health check (every 60s)
/api/v1/kos/recipes	GET	Get recipes assigned to this KOS
/api/v1/kos/ingredients	GET	Get ingredients for assigned recipes
/api/v1/kos/orders	GET	Get pending orders for this site
/api/v1/kos/orders/:id/status	POST	Update order status
/api/v1/kos/orders/local	POST	Report locally-created order

8. Troubleshooting

8.1. MongoDB Connection Issues

# Check if MongoDB container is running
docker compose ps mongodb

# Check MongoDB logs
docker compose logs mongodb

# Test connection
docker compose exec mongodb mongosh --eval "db.runCommand({ping:1})"

8.2. Keycloak Issues

# Keycloak takes ~30s to start fully
docker compose logs -f keycloak

# Check health endpoint
curl http://localhost:8180/health/ready

# Reset Keycloak (loses all data)
docker compose down keycloak postgres
docker volume rm kws_postgres-data
docker compose up -d postgres keycloak

8.3. Template Errors

If you see template errors like "invalid value; expected int":

1. Check the handler is passing correct data types

2. Ensure pagination fields (Page, TotalPages) are integers

3. Use {{with .Field}} to handle nil values

8.4. Port Conflicts

# Check what's using a port
lsof -i :7000
lsof -i :27017

# Change KWS port in config/config.yaml
# Change MongoDB port in docker-compose.yaml

9. Makefile Targets

Target	Description
make	Format and build (default)
make build	Build the binary
make run	Build and run server
make fmt	Format Go code
make test	Run tests
make tidy	Run go mod tidy
make clean	Remove build artifacts
make up	Start Docker Compose services
make down	Stop Docker Compose services

10. Related Documentation

• Requirements Document - System requirements and SOPs

• Functional Specification - User features and workflows

• Technical Design - Architecture and schemas

• CLAUDE.md - AI assistant context and coding guidelines