2026-06-30 18:18:40 +02:00
|
|
|
// lib/context.ts
|
|
|
|
|
//
|
|
|
|
|
// The shared deploy context every component receives (ADR-006). The bootstrap
|
|
|
|
|
// creates ONE docker.Provider (Docker-over-SSH to the foundation VM) and ONE
|
|
|
|
|
// foundation-net network; components then create their own container(s) against
|
|
|
|
|
// this shared provider/network, which gives the bootstrap full control over
|
|
|
|
|
// ordering and the phase GATES (e.g. Vault init between data-plane and Forgejo)
|
|
|
|
|
// that the vendored monolithic DockerDeployments cannot express.
|
|
|
|
|
//
|
|
|
|
|
// Validation override: the committed Pulumi.foundation.yaml carries placeholder
|
|
|
|
|
// VM coordinates (RFC-5737). For local/ephemeral validation against a dev Docker
|
|
|
|
|
// host, export FOUNDATION_DOCKER_HOST=ssh://user@host to point the provider there
|
|
|
|
|
// without editing committed config.
|
|
|
|
|
import * as pulumi from "@pulumi/pulumi";
|
|
|
|
|
import * as docker from "@pulumi/docker";
|
|
|
|
|
import { FoundationConfig, sshPrivateKeyPath } from "../config";
|
|
|
|
|
import { image } from "./versions";
|
|
|
|
|
|
|
|
|
|
/** Base context: shared provider + helpers, before the network exists. */
|
|
|
|
|
export interface BaseCtx {
|
|
|
|
|
cfg: FoundationConfig;
|
|
|
|
|
provider: docker.Provider;
|
|
|
|
|
sshKeyPath: string;
|
|
|
|
|
/** Resolve a pinned image by VERSIONS key suffix, e.g. ctx.image("POSTGRES"). */
|
|
|
|
|
image: (name: string) => string;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** Full context handed to every component: base + the shared network. */
|
|
|
|
|
export interface DeployCtx extends BaseCtx {
|
|
|
|
|
network: docker.Network;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** Signature every Wave-2+ component factory follows (ADR-006). */
|
|
|
|
|
export type ComponentFactory<T> = (ctx: DeployCtx) => T;
|
|
|
|
|
|
|
|
|
|
function providerHost(cfg: FoundationConfig): string {
|
2026-06-30 20:47:30 +02:00
|
|
|
return (
|
|
|
|
|
process.env.FOUNDATION_DOCKER_HOST ||
|
|
|
|
|
`ssh://${cfg.vm.user}@${cfg.vm.host}:${cfg.vm.sshPort}`
|
|
|
|
|
);
|
2026-06-30 18:18:40 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Build the shared Docker-over-SSH provider. SSH options mirror the vendored
|
|
|
|
|
* pulumi-docker wrapper (non-interactive host-key handling for automation).
|
|
|
|
|
*/
|
|
|
|
|
export function buildBaseContext(cfg: FoundationConfig): BaseCtx {
|
|
|
|
|
const sshKeyPath = sshPrivateKeyPath();
|
|
|
|
|
const provider = new docker.Provider("foundation-host", {
|
|
|
|
|
host: providerHost(cfg),
|
|
|
|
|
sshOpts: [
|
|
|
|
|
"-o",
|
|
|
|
|
"StrictHostKeyChecking=no",
|
|
|
|
|
"-o",
|
|
|
|
|
"UserKnownHostsFile=/dev/null",
|
|
|
|
|
"-i",
|
|
|
|
|
sshKeyPath,
|
|
|
|
|
],
|
|
|
|
|
});
|
|
|
|
|
return { cfg, provider, sshKeyPath, image };
|
|
|
|
|
}
|