// lib/context.ts // // The shared deploy context every component receives (ADR-006). The bootstrap // creates ONE docker.Provider (Docker-over-SSH to the foundation VM) and ONE // foundation-net network; components then create their own container(s) against // this shared provider/network, which gives the bootstrap full control over // ordering and the phase GATES (e.g. Vault init between data-plane and Forgejo) // that the vendored monolithic DockerDeployments cannot express. // // Validation override: the committed Pulumi.foundation.yaml carries placeholder // VM coordinates (RFC-5737). For local/ephemeral validation against a dev Docker // host, export FOUNDATION_DOCKER_HOST=ssh://user@host to point the provider there // without editing committed config. import * as pulumi from "@pulumi/pulumi"; import * as docker from "@pulumi/docker"; import { FoundationConfig, sshPrivateKeyPath } from "../config"; import { image } from "./versions"; /** Base context: shared provider + helpers, before the network exists. */ export interface BaseCtx { cfg: FoundationConfig; provider: docker.Provider; sshKeyPath: string; /** Resolve a pinned image by VERSIONS key suffix, e.g. ctx.image("POSTGRES"). */ image: (name: string) => string; } /** Full context handed to every component: base + the shared network. */ export interface DeployCtx extends BaseCtx { network: docker.Network; } /** Signature every Wave-2+ component factory follows (ADR-006). */ export type ComponentFactory = (ctx: DeployCtx) => T; function providerHost(cfg: FoundationConfig): string { return ( process.env.FOUNDATION_DOCKER_HOST || `ssh://${cfg.vm.user}@${cfg.vm.host}:${cfg.vm.sshPort}` ); } /** * Build the shared Docker-over-SSH provider. SSH options mirror the vendored * pulumi-docker wrapper (non-interactive host-key handling for automation). */ export function buildBaseContext(cfg: FoundationConfig): BaseCtx { const sshKeyPath = sshPrivateKeyPath(); const provider = new docker.Provider("foundation-host", { host: providerHost(cfg), sshOpts: [ "-o", "StrictHostKeyChecking=no", "-o", "UserKnownHostsFile=/dev/null", "-i", sshKeyPath, ], }); return { cfg, provider, sshKeyPath, image }; }