feat: working infra with sso

infra/scripts/deploy.sh

@@ -210,6 +210,18 @@ deploy_all() {
     if [ "$ENVIRONMENT" = "local" ]; then
         log_info "Deploying unified stack for local environment..."
         compose_cmd "all" up -d "$@"
+    elif [ "$ENVIRONMENT" = "production" ]; then
+        log_info "Deploying unified stack for production environment..."
+        local cmd="docker compose"
+        cmd="$cmd -f $BASE_DIR/infrastructure.yaml"
+        cmd="$cmd -f $BASE_DIR/services.yaml"
+        cmd="$cmd -f $BASE_DIR/monitoring.yaml"
+
+        if [ -f "$INFRA_DIR/environments/$ENVIRONMENT/compose.override.yaml" ]; then
+            cmd="$cmd -f $INFRA_DIR/environments/$ENVIRONMENT/compose.override.yaml"
+        fi
+
+        $cmd --env-file "$ENV_FILE" --project-name "ai-tax-agent-$ENVIRONMENT" up -d "$@"
     elif [ -f "$unified_compose" ]; then
         log_info "Deploying unified stack for $ENVIRONMENT environment..."
         docker compose -f "$unified_compose" --env-file "$ENV_FILE" --project-name "ai-tax-agent-$ENVIRONMENT" up -d "$@"
@@ -225,6 +237,27 @@ deploy_all() {
 
     log_success "All stacks deployed successfully!"
     echo ""
+
+    # Post-deployment setup for Production
+    if [ "$ENVIRONMENT" = "production" ]; then
+        log_info "Running post-deployment setup..."
+
+        # Vault Setup
+        if [ -f "$INFRA_DIR/scripts/init-vault.sh" ]; then
+            log_info "Initializing/Unsealing Vault..."
+            chmod +x "$INFRA_DIR/scripts/init-vault.sh"
+            # Wait for Vault to be ready
+            sleep 10
+            "$INFRA_DIR/scripts/init-vault.sh"
+        fi
+
+        if [ -f "$INFRA_DIR/scripts/setup-vault.sh" ]; then
+            log_info "Configuring Vault OIDC..."
+            chmod +x "$INFRA_DIR/scripts/setup-vault.sh"
+            "$INFRA_DIR/scripts/setup-vault.sh"
+        fi
+    fi
+
     log_info "Access your services:"
     echo "  - Grafana: https://grafana.$DOMAIN"
     echo "  - Prometheus: https://prometheus.$DOMAIN"