HubOps / Delivery Platform — Services & Functions Catalog
| Status | Draft |
| Classification | INTERNAL |
| Scope | All HubOps microservices, Cloud Functions, supporting infrastructure, and frontend applications |
| Date | 2026-04-22 |
| Source | Automated deep analysis across DroneUp organization repositories |
1. Executive Summary
The HubOps / Delivery platform currently spans 5 GCP projects and 2 GKE clusters due to an incomplete migration. Services are distributed as follows:
| Platform Layer | Where Deployed |
|---|---|
| Compute (GKE microservices) | droneup-hubops-dev (dev/sandbox/stg) and droneup-hubops-prod (prod) |
| Firestore / Firebase | droneup-deliveries (prod) and droneup-deliveries-dev (dev/sandbox) — legacy, never migrated |
| Cloud Functions | droneup-deliveries (prod) and droneup-deliveries-dev (dev) — legacy |
| Abandoned project | mongodb-hubops-service — no active workloads found |
Additionally, a newer Uncrew platform runs on separate GCP projects (droneup-uncrew-dev, droneup-uncrew-prod) with its own GKE clusters and represents the next-generation system.
This catalog is the service-level companion to the GCP Project Consolidation analysis. Read them together for the full migration picture.
2. GCP Projects & Environments
| GCP Project | Purpose | Environments | Key Resources |
|---|---|---|---|
droneup-hubops-dev | HubOps primary compute (non-prod) | dev, sandbox | GKE, CloudSQL (PostgreSQL), PubSub, GSM, Redis (Memorystore), Shared VPC |
droneup-hubops-prod | HubOps primary compute (prod) | prod | GKE, CloudSQL (PostgreSQL), PubSub, GSM, Redis (Memorystore), Shared VPC |
droneup-deliveries-dev | Legacy Firebase/Firestore (non-prod) | dev, sandbox | Firestore DB, Cloud Functions, GCS buckets, PubSub topics, Firebase Auth |
droneup-deliveries | Legacy Firebase/Firestore (prod) | prod | Firestore DB, Cloud Functions, GCS buckets, PubSub topics, Firebase Auth |
mongodb-hubops-service | Abandoned — likely MongoDB Atlas integration | N/A | No active workloads |
droneup-uncrew-dev | Uncrew platform compute (non-prod) | dev, sandbox, stg | GKE, GSM, GAR |
droneup-uncrew-prod | Uncrew platform compute (prod) | prod | GKE, GSM, GAR |
2.1 GKE Clusters
| Cluster | GCP Project | Region | IP |
|---|---|---|---|
droneup-hubops-dev | droneup-hubops-dev | us-east1 | 34.148.53.219 |
droneup-hubops-prod | droneup-hubops-prod | us-east1 | 104.196.59.194 |
droneup-uncrew-dev | droneup-uncrew-dev | us-east1 | (internal) |
droneup-uncrew-prod | droneup-uncrew-prod | us-east1 | (internal) |
3. Backend Microservices (GKE)
3.1 HubOps GKE Services (Legacy Platform)
These services run on the HubOps GKE clusters (droneup-hubops-dev / droneup-hubops-prod).
hubops-mission-service
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-mission-service |
| Function | Core mission lifecycle management — creation, assignment, status tracking, and event streaming for delivery missions |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox) |
| GCP Compute | droneup-hubops-dev (dev/sandbox), droneup-hubops-prod (prod) |
| Firestore dependency | droneup-deliveries-dev (dev/sandbox), droneup-deliveries (prod) — FIREBASE_PROJECT_ID |
| Other dependencies | PubSub (mission events), CloudSQL |
hubops-mission-planner
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-mission-planner |
| Function | Mission route planning and optimization — calculates flight paths, waypoints, and mission parameters |
| GKE Namespace | services (dev, prod) |
| GCP Compute | droneup-hubops-dev (dev), droneup-hubops-prod (prod) |
| Firestore dependency | droneup-deliveries-dev (dev), droneup-deliveries (prod) — FIREBASE_PROJECT_ID |
hubops-order-service
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-order-service |
| Function | Order ingestion and management — receives delivery orders (e.g., from Walmart), creates corresponding missions |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox) |
| GCP Compute | droneup-hubops-dev (dev/sandbox), droneup-hubops-prod (prod) |
| Firestore dependency | droneup-deliveries-dev (dev/sandbox), droneup-deliveries (prod) — FIREBASE_PROJECT_ID |
hubops-walmart-deliveries-service
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-walmart-deliveries-service |
| Function | Walmart-specific delivery integration — handles Walmart order API, status callbacks, delivery-specific business logic |
| GKE Namespace | services |
| GCP Compute | droneup-hubops-dev (dev), droneup-hubops-prod (prod) |
| Firestore dependency | droneup-deliveries (prod) — FIRESTORE_PROJECT_ID: "droneup-deliveries-prod" |
| CloudSQL | PostgreSQL instance (⚠️ prod DB_HOST references droneup-hubops-dev prefix — needs verification) |
hubops-firestore-api
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-firestore-api |
| Function | Firestore read/write abstraction layer — provides a unified API for Firestore operations used by other HubOps services |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox) |
| GCP Compute | droneup-hubops-dev (dev/sandbox), droneup-hubops-prod (prod) |
| Firestore dependency | droneup-deliveries-dev (dev/sandbox), droneup-deliveries (prod) — FIRESTORE_PROJECT_ID |
hubops-reservation-service
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-reservation-service |
| Function | Delivery time-slot reservation — manages scheduling, availability windows, and capacity for delivery hubs |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox) |
| GCP Compute | droneup-hubops-dev (dev/sandbox), droneup-hubops-prod (prod) |
| Firestore dependency | droneup-deliveries-dev (dev/sandbox), droneup-deliveries (prod) — FIREBASE_PROJECT_ID |
hubops-weather-cache
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-weather-cache |
| Function | Weather data caching and retrieval — fetches and caches weather conditions for flight safety decisions |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox) |
| GCP Compute | droneup-hubops-dev (dev/sandbox), droneup-hubops-prod (prod) |
| Firestore dependency | droneup-deliveries-dev (sandbox), droneup-deliveries (prod) — FIREBASE_PROJECT_ID |
hubops-delivery-api-v2
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-delivery-api-v2 |
| Function | Public-facing delivery API (v2) — REST/gRPC gateway for external consumers (partners, mobile apps) to interact with delivery system |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox) |
| GCP Compute | droneup-hubops-dev (dev/sandbox), droneup-hubops-prod (prod) |
| Firestore dependency | droneup-deliveries-dev (dev/sandbox), droneup-deliveries (prod) — FIRESTORE_PROJECT_ID |
hubops-bucket-populator
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-bucket-populator |
| Function | GCS bucket data population — syncs/exports Firestore data to GCS buckets for analytics, reporting, and backup |
| GKE Namespace | services |
| GCP Compute | droneup-hubops-dev (dev), droneup-hubops-prod (prod) |
| Firestore dependency | droneup-deliveries-dev (dev), droneup-deliveries (prod) — both FIRESTORE_PROJECT_ID and FIREBASE_PROJECT_ID |
hubops-control-plane
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-control-plane |
| Function | Central control plane — orchestrates service-to-service communication, system health, and operational state management |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox) |
| GCP Compute | droneup-hubops-dev (dev/sandbox), droneup-hubops-prod (prod) |
| Dependencies | CloudSQL, PubSub, Redis |
hubops-status-manager
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-status-manager |
| Function | Delivery status tracking — manages and broadcasts status updates across the platform (e.g., order picked up, in-flight, delivered) |
| GKE Namespace | services |
| GCP Compute | droneup-hubops-dev (dev), droneup-hubops-prod (prod) |
| Dependencies | PubSub (status update topics) |
hubops-systems-check
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-systems-check |
| Function | System health checks — pre-flight readiness verification, infrastructure health monitoring |
| Language | Go |
| GKE Namespace | services |
| GCP Compute | droneup-hubops-dev (dev) |
| Firestore dependency | ⚠️ Hardcoded ProjectID: "droneup-deliveries-dev" in internal/database/firestore.go |
hubops-gcp-functions
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-gcp-functions |
| Function | GKE-hosted wrapper for legacy Cloud Functions — runs Cloud Function logic as containerized services in GKE |
| GKE Namespace | services |
| GCP Compute | droneup-hubops-dev (dev) |
| Firebase emulator | Configured with --project droneup-deliveries-dev |
groundinfrasvc-backend
| Attribute | Details |
|---|---|
| Repository | droneup/groundinfrasvc-backend |
| Function | Ground infrastructure management — manages ground-side equipment (launch pads, charging stations, lockers) |
| GKE Namespace | services |
| GCP Compute | droneup-hubops-dev (dev), droneup-hubops-prod (prod) |
acs-bucket-populator
| Attribute | Details |
|---|---|
| Repository | droneup/acs-bucket-populator |
| Function | ACS (Airspace Control System) data export — populates buckets with Firestore data for ACS analytics |
| GKE Namespace | services |
| GCP Compute | droneup-hubops-dev (sandbox), droneup-hubops-prod (prod) |
| Firestore dependency | droneup-deliveries-dev (sandbox), droneup-deliveries (prod) — FIRESTORE_PROJECT_ID |
3.2 Uncrew GKE Services (Next-Gen Platform)
These services run on the Uncrew GKE clusters (droneup-uncrew-dev / droneup-uncrew-prod). The Uncrew platform is the next-generation system being built alongside (and eventually replacing) HubOps.
uncrew-missions-service (Mission Service)
| Attribute | Details |
|---|---|
| Repository | droneup/uncrew-missions-service |
| Function | Next-gen mission management — gRPC-based mission lifecycle (create, claim, assign, start, cancel, status events). Provides MissionClaimerService, MissionRequestService, OperationalSettingsService, and OperatorService |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox), services-stg (stg) |
| GCP Compute | droneup-uncrew-dev (dev/sandbox/stg), droneup-uncrew-prod (prod) |
| Dependencies | PostgreSQL (CloudSQL), PubSub (mission-updates-topic, mission-status-updates-topic), GCS |
| gRPC route | /mission-service via Alloy API gateway |
Avatar Service
| Attribute | Details |
|---|---|
| Function | Drone telemetry, pilot commands, drone requests, and failure injection — real-time drone communication layer. Provides TelemetryService, PilotCommandService, RequestToOperatorService, FailureInjectionService |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox), services-stg (stg) |
| GCP Compute | droneup-uncrew-dev (dev/sandbox/stg), droneup-uncrew-prod (prod) |
| gRPC route | /avatar-service/{droneId} via Alloy API gateway |
Inventory Service
| Attribute | Details |
|---|---|
| Function | Vehicle (UAV) inventory and certificate management — tracks drone fleet, manages airworthiness certificates. Provides CertificateManagementService |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox), services-stg (stg) |
| GCP Compute | droneup-uncrew-dev (dev/sandbox/stg), droneup-uncrew-prod (prod) |
| gRPC route | /inventory-service via Alloy API gateway |
Geodata Service
| Attribute | Details |
|---|---|
| Function | Geospatial data services — elevation data, airspace map tiles (MVT), and terrain analysis. Provides AirspaceMvtService (gRPC) and REST elevation APIs |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox), services-stg (stg) |
| GCP Compute | droneup-uncrew-dev (dev/sandbox/stg), droneup-uncrew-prod (prod) |
| gRPC route | /geodata-service via Alloy API gateway |
| REST routes | /geodata-service/elevation/path, /geodata-service/elevation/points |
Simulator Service
| Attribute | Details |
|---|---|
| Function | Drone flight simulation — creates and controls simulated UAVs for testing and demo purposes. Provides SimulatorControllerService |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox), services-stg (stg) |
| GCP Compute | droneup-uncrew-dev (dev/sandbox/stg), droneup-uncrew-prod (prod) |
| gRPC route | /simulator via Alloy API gateway |
droneup-flight-traffic-exchanger (Traffic Service)
| Attribute | Details |
|---|---|
| Repository | droneup/droneup-flight-traffic-exchanger |
| Function | Real-time air traffic surveillance — aggregates and streams live traffic observations (ADS-B, Remote ID, radar). Provides TrafficService and TalosSimulationService |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox), services-stg (stg) |
| GCP Compute | droneup-uncrew-dev (dev/sandbox/stg), droneup-uncrew-prod (prod) |
| gRPC route | /traffic-service via Alloy API gateway |
droneup-notification-service (Notification Service)
| Attribute | Details |
|---|---|
| Repository | droneup/droneup-notification-service |
| Function | Operator notifications — delivers real-time in-app notifications to operators. Provides NotificationService |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox), services-stg (stg) |
| GCP Compute | droneup-uncrew-dev (dev/sandbox/stg), droneup-uncrew-prod (prod) |
| Dependencies | PostgreSQL |
| gRPC route | /notification-service via Alloy API gateway |
TALOS Services (Jurisdiction / Operational Intent / Authorization / Profile / Simulation)
| Attribute | Details |
|---|---|
| Function | UTM / airspace management suite — manages airspace jurisdictions, flight authorizations, operational intents, and operator profiles. Provides JurisdictionService, ZoneService, OperationalIntentService, TalosAuthorizationService, TalosProfileService, TalosSimulationService |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox), services-stg (stg) |
| GCP Compute | droneup-uncrew-dev (dev/sandbox/stg), droneup-uncrew-prod (prod) |
| gRPC routes | Jurisdiction/Zone/OI/Authorization/Profile → /mission-service; Simulation → /traffic-service via Alloy API gateway |
Alloy API Gateway
| Attribute | Details |
|---|---|
| Function | Unified API gateway — routes all frontend gRPC-web and REST requests to backend services. Handles TLS termination, authentication forwarding, and service routing |
| Endpoints | alloy.uncrew.dev.droneup.cloud:443 (dev/sandbox/stg), alloy.uncrew.prod.droneup.cloud:443 (prod) |
| GCP Compute | droneup-uncrew-dev (dev/sandbox/stg), droneup-uncrew-prod (prod) |
4. Cloud Functions (Legacy)
These Cloud Functions run directly in the legacy Firebase/Deliveries projects, not in GKE.
deliveries-live-function
| Attribute | Details |
|---|---|
| GCP Project | droneup-deliveries (prod) |
| Runtime | Cloud Functions (Gen 1) |
| Function | Production event handler — processes PubSub events (delivery status changes, hub state), updates Firestore, and handles mobile app requests (e.g., deliveries-activeUser) |
| Triggers | PubSub topics: email-notifications, sms-notifications, hub-active, suspensions, deliveries-live-store0001 |
| Called by | hubops-delivery-react-native mobile app via cloudfunctions.net/deliveries-activeUser URL |
deliveries-dev-function
| Attribute | Details |
|---|---|
| GCP Project | droneup-deliveries-dev (dev) |
| Runtime | Cloud Functions (Gen 1) |
| Function | Dev/sandbox event handler — same logic as deliveries-live-function for non-production environments |
| Triggers | PubSub topics: deliveries-dev-store0001, email-notifications, sms-notifications, hub-active, suspensions |
5. Frontend Applications
uncrew-apollo-frontend (Apollo)
| Attribute | Details |
|---|---|
| Repository | droneup/uncrew-apollo-frontend |
| Function | Operator command & control web application — mission management, live map, drone telemetry, vehicle management, flight planning, airspace authorizations, jurisdictions, traffic monitoring, simulator control, settings |
| Technology | React + TypeScript (Vite), gRPC-web, Mapbox GL |
| GKE Namespace | services (dev, prod), services-sandbox (sandbox), services-stg (stg) |
| GCP Compute | droneup-uncrew-dev (dev/sandbox/stg), droneup-uncrew-prod (prod) |
| Endpoints | apollo.uncrew.dev.droneup.cloud (dev), apollo-sandbox.uncrew.dev.droneup.cloud (sandbox), apollo-stg.uncrew.dev.droneup.cloud (stg), apollo.uncrew.prod.droneup.cloud (prod) |
| Docker image | us-east4-docker.pkg.dev/pe-tools-main/pe-docker/uncrew-apollo-frontend |
| Backend services consumed | Mission Service, Avatar Service, Inventory Service, Geodata Service, Simulator Service, Traffic Service, Notification Service, TALOS Services (Jurisdiction, OI, Authorization, Profile, Simulation) |
| Auth | FrontEgg (primary), Auth0 (legacy, being migrated away) |
Apollo Feature Modules:
| Module | Page/Route | Backend Services Used | Description |
|---|---|---|---|
| Main / Live Map | / | Mission Service, Avatar Service, Traffic Service, Geodata Service | Real-time map showing active missions, drone positions, telemetry, and traffic |
| Mission Console | /mission-console | Mission Service, Avatar Service | Per-mission detailed control — flight commands, telemetry monitoring, status updates |
| Mission Manager | /mission-manager | Mission Service, Avatar Service, Operators Service | Operator assignment, mission queue management, mission lifecycle actions |
| Mission Planner | /mission-planner | Mission Service (Mission Request, Operational Settings), Geodata Service | Create new missions with route planning, waypoint editing, site selection |
| Vehicle Manager — Inventory | /vehicle-manager/inventory | Inventory Service (Certificate Management) | Drone fleet inventory, airworthiness certificate management |
| Vehicle Manager — Simulators | /vehicle-manager/simulators | Simulator Service, Avatar Service (Failure Injection) | Create/control simulated UAVs, inject failures for testing |
| Authorizations (My) | /authorizations | TALOS Authorization Service, TALOS Profile Service, Geodata Service | Request and track airspace authorizations |
| Authorizations (Review) | /authorization-review | TALOS Authorization Service | Review and approve/decline authorization requests (admin) |
| Jurisdictions | /jurisdictions | Jurisdiction Service, Zone Service, Operational Intent Service | Create and manage airspace jurisdictions and zones |
| Settings | /settings | Operational Settings Service | Flight settings, site configuration, operational parameters |
| User Profile | /profile | Operators Service | Operator profile management |
hubops-delivery-react-native (Mobile App)
| Attribute | Details |
|---|---|
| Repository | droneup/hubops-delivery-react-native |
| Function | Delivery driver/operator mobile app — delivery status updates, active user tracking, real-time notifications |
| Technology | React Native |
| Firebase dependency | droneup-deliveries (prod) / droneup-deliveries-dev (dev) — Firebase Auth, Cloud Functions (cloudfunctions.net URL) |
| ⚠️ Hardcoded references | Checks projectId === 'droneup-deliveries-dev' for auth URL routing in auth.api.ts and actions.ts |
6. Data & Analytics Pipelines
da-composer-pipelines (Airflow DAGs)
| Attribute | Details |
|---|---|
| Repository | droneup/da-composer-pipelines |
| Function | Data export pipeline — Airflow DAG (hubops.py) exports Firestore data from HubOps to BigQuery for analytics and reporting |
| Source | SRC_PROJECT_ID = 'droneup-deliveries' (reads from Firestore in the legacy deliveries project) |
| Destination | BigQuery dataset |
| Trigger | Scheduled (Cloud Composer / Airflow) |
7. Infrastructure & Platform Services
droneup-hubops-infrastructure
| Attribute | Details |
|---|---|
| Repository | droneup/droneup-hubops-infrastructure |
| Function | Terraform IaC for HubOps GKE clusters, networking, CloudSQL, Redis, and related infrastructure |
| Contains | legacy/droneup-deliveries* folders (old infrastructure definitions) |
pe-gcp-service-accounts
| Attribute | Details |
|---|---|
| Repository | droneup/pe-gcp-service-accounts |
| Function | Terraform-managed GCP service accounts and IAM role bindings across all projects |
| Key entries | Cross-project service accounts: hubops-api@, hubops-mission-service@, hubops-weather-cache-svc-acc@, hubops-firebase-svc-account@, hubops-gcp-functions@, acs-delivery-api-*@, acs-bucket-populator*@, terraform-cloud@ |
pe-gcp-iam
| Attribute | Details |
|---|---|
| Repository | droneup/pe-gcp-iam |
| Function | Organization-level IAM policy management |
| References | droneup-deliveries / droneup-deliveries-dev in live_projects / dev_projects lists |
pe-tfc-automation
| Attribute | Details |
|---|---|
| Repository | droneup/pe-tfc-automation |
| Function | Terraform Cloud workspace management |
| References | du-deliveries / du-deliveries-dev legacy TFC workspaces |
pe-terraform-iasc
| Attribute | Details |
|---|---|
| Repository | droneup/pe-terraform-iasc |
| Function | Infrastructure-as-Code shared modules |
| References | droneup-deliveries folder (legacy) |
terraform-google-flightops
| Attribute | Details |
|---|---|
| Repository | droneup/terraform-google-flightops |
| Function | Terraform module for FlightOps PubSub integration |
| References | function_project_name defaults referencing deliveries-live-function |
terraform-google-pubsub-hubops
| Attribute | Details |
|---|---|
| Repository | droneup/terraform-google-pubsub-hubops |
| Function | Terraform module for HubOps PubSub topics and subscriptions |
| References | deliveries_project_name parameter |
acs-local-compose
| Attribute | Details |
|---|---|
| Repository | droneup/acs-local-compose |
| Function | Local development docker-compose setup for ACS services |
| References | FIRESTORE_PROJECT_ID=droneup-deliveries-dev |
common-github-actions-workflows
| Attribute | Details |
|---|---|
| Repository | droneup/common-github-actions-workflows |
| Function | Shared CI/CD workflows — provides reusable deploy.yml workflow used by all services for GKE deployment |
| Used by | All Uncrew and HubOps service deployments |
8. Service-to-GCP-Project Mapping Matrix
| Service / Resource | droneup-hubops-dev | droneup-hubops-prod | droneup-deliveries-dev | droneup-deliveries | droneup-uncrew-dev | droneup-uncrew-prod | mongodb-hubops-service |
|---|---|---|---|---|---|---|---|
| hubops-mission-service | GKE | GKE | Firestore | Firestore | — | — | — |
| hubops-mission-planner | GKE | GKE | Firestore | Firestore | — | — | — |
| hubops-order-service | GKE | GKE | Firestore | Firestore | — | — | — |
| hubops-walmart-deliveries | GKE | GKE | — | Firestore | — | — | — |
| hubops-firestore-api | GKE | GKE | Firestore | Firestore | — | — | — |
| hubops-reservation-service | GKE | GKE | Firestore | Firestore | — | — | — |
| hubops-weather-cache | GKE | GKE | Firestore | Firestore | — | — | — |
| hubops-delivery-api-v2 | GKE | GKE | Firestore | Firestore | — | — | — |
| hubops-bucket-populator | GKE | GKE | Firestore | Firestore | — | — | — |
| hubops-control-plane | GKE | GKE | — | — | — | — | — |
| hubops-status-manager | GKE | GKE | — | — | — | — | — |
| hubops-systems-check | GKE | — | Firestore¹ | — | — | — | — |
| hubops-gcp-functions | GKE | — | Emulator | — | — | — | — |
| groundinfrasvc-backend | GKE | GKE | — | — | — | — | — |
| acs-bucket-populator | GKE | GKE | Firestore | Firestore | — | — | — |
| deliveries-live-function | — | — | — | CF² | — | — | — |
| deliveries-dev-function | — | — | CF² | — | — | — | — |
| uncrew-missions-service | — | — | — | — | GKE | GKE | — |
| Avatar Service | — | — | — | — | GKE | GKE | — |
| Inventory Service | — | — | — | — | GKE | GKE | — |
| Geodata Service | — | — | — | — | GKE | GKE | — |
| Simulator Service | — | — | — | — | GKE | GKE | — |
| Traffic Service | — | — | — | — | GKE | GKE | — |
| Notification Service | — | — | — | — | GKE | GKE | — |
| TALOS Services | — | — | — | — | GKE | GKE | — |
| Alloy API Gateway | — | — | — | — | GKE | GKE | — |
| uncrew-apollo-frontend | — | — | — | — | GKE | GKE | — |
| hubops-delivery-react-native | — | — | Firebase Auth | Firebase Auth | — | — | — |
| da-composer-pipelines | — | — | — | Firestore export | — | — | — |
| PubSub topics | ✓ | ✓ | ✓ (legacy) | ✓ (legacy) | ✓ | ✓ | — |
| CloudSQL (PostgreSQL) | ✓ | ✓ ³ | — | — | ✓ | ✓ | — |
| Redis (Memorystore) | ✓ | ✓ | — | — | — | — | — |
| Secret Manager (GSM) | ✓ | ✓ | — | — | ✓ | ✓ | — |
| GCS Buckets | — | — | ✓ | ✓ | — | — | — |
| (any active workload) | — | — | — | — | — | — | ❌ None |
¹ Hardcoded in Go source code, not configurable via environment variable ² CF = Cloud Functions (Gen 1) ³ ⚠️ Prod CloudSQL
DB_HOSTstring containsdroneup-hubops-devprefix — investigate whether prod DB actually resides in dev project
9. Cross-Project Dependencies
The incomplete migration created a web of cross-project service account bindings. Services running in droneup-hubops-* (GKE) need IAM permissions to read/write Firestore in droneup-deliveries-*.
9.1 Production Cross-Project Service Accounts
Service Account (in droneup-hubops-prod) | Role in droneup-deliveries |
|---|---|
acs-delivery-api-prod@ | roles/datastore.user |
acs-bucket-populator@ | roles/datastore.viewer |
hubops-api@ | roles/datastore.user, roles/storage.objectAdmin, ServiceAccountPubSub |
hubops-weather-cache-svc-acc@ | roles/datastore.user |
hubops-wm-deliveries@ | roles/datastore.viewer |
hubops-firebase-svc-account@ | roles/datastore.user |
hubops-mission-service@ | roles/datastore.user |
hubops-gcp-functions@ | roles/datastore.user, ServiceAccountPubSub |
terraform-cloud@ | roles/admin |
9.2 Dev Cross-Project Service Accounts
Service Account (in droneup-hubops-dev) | Role in droneup-deliveries-dev |
|---|---|
acs-delivery-api-dev@ | roles/datastore.user |
acs-bucket-populator-dev@ | roles/datastore.viewer |
hubops-api-dev@ | roles/datastore.user, roles/storage.objectAdmin, ServiceAccountPubSub |
hubops-weather-cache-svc-acc@ | roles/datastore.user |
terraform-cloud@ | roles/admin |
9.3 Service Accounts Local to droneup-deliveries-dev
| Service Account | Purpose |
|---|---|
hubops-dbupdate | Firestore database update operations |
hubops-auth-service | Firebase authentication |
hubops-publicapi-deliveries | Public API Firestore access |
location-availability-service | Location/availability data in Firestore |
10. Abandoned / Unused Resources
10.1 mongodb-hubops-service GCP Project
- Status: Abandoned — no active code references found in any org repository
- Evidence: Only appears as a string in
pe-gcp-service-accounts/modules/prod/main.tfproject inventory list (IAM scope, not creation/management) - Likely origin: Created for MongoDB Atlas ↔ GCP VPC peering during early HubOps development, never used or subsequently abandoned
- IaC management: None found — project was likely created manually via GCP Console
- Recommendation: Delete immediately after verifying no active resources in GCP Console
10.2 Legacy PubSub Topics (candidates for cleanup)
deliveries-test-store0000indroneup-deliveries— test topic, likely unused- Various
deliveries-*-store*topics — verify active subscribers before removing
10.3 Legacy Cloud Functions
deliveries-live-functionanddeliveries-dev-function— consider migrating to Cloud Run or GKE services
11. Recommendations
11.1 Immediate Actions (No Risk)
- Delete
mongodb-hubops-service— verify no active GCP resources, then delete the project - Audit legacy PubSub topics — identify and remove topics with zero active subscribers
- Verify prod CloudSQL location — confirm whether
hubops-cloudsql-prod-*is actually indroneup-hubops-devordroneup-hubops-prod
11.2 Medium-Term: Complete the Firestore Migration
The root cause of cross-project complexity is that Firestore was never migrated from droneup-deliveries* to droneup-hubops*:
- Export/import Firestore from
droneup-deliveries→droneup-hubops-prodanddroneup-deliveries-dev→droneup-hubops-dev - Update all
FIREBASE_PROJECT_ID/FIRESTORE_PROJECT_IDenvironment variables across ~15 repositories - Fix hardcoded references in
hubops-systems-check(Go code) andhubops-delivery-react-native(TypeScript) - Migrate Cloud Functions to Cloud Run or GKE in the hubops projects
- Migrate Firebase Auth to hubops projects (or complete migration to FrontEgg)
- Move GCS buckets to hubops projects
- Update
da-composer-pipelinesAirflow DAG source project ID - Remove cross-project IAM bindings from
pe-gcp-service-accounts
11.3 Long-Term: Consolidate to Uncrew
The Uncrew platform (droneup-uncrew-dev/droneup-uncrew-prod) is the strategic direction. Evaluate whether HubOps services should migrate to the Uncrew clusters or whether the HubOps GKE clusters can be decommissioned once all delivery workloads move to Uncrew.
11.4 Target State
FROM (7 GCP projects): TO (2-4 GCP projects):
├── droneup-hubops-dev ──┐ ├── droneup-uncrew-dev
├── droneup-hubops-prod ──┤ │ (all dev/sandbox/stg services)
├── droneup-deliveries-dev ──┤ ───► │
├── droneup-deliveries ──┤ ├── droneup-uncrew-prod
├── droneup-uncrew-dev ──┘ │ (all prod services)
├── droneup-uncrew-prod ──────────► │
└── mongodb-hubops-service ──► DELETE └── (HubOps clusters retained only
if needed for legacy delivery
workloads during transition)Companion document: GCP Project Consolidation — HubOps / Deliveries — the full migration plan and repository-level change list. Adoption of a target state should be recorded as an ADR under content/docs/HubOps/ADR/.
Last updated on