Composition substrate for Wave 2 (T03+): - lib/context.ts: one Docker-over-SSH provider + DeployCtx threaded to component factories; FOUNDATION_DOCKER_HOST override for ephemeral validation. - lib/versions.ts: resolve pinned images from VERSIONS; FOUNDATION_ALLOW_UNPINNED for local validation when digests are still PIN_DIGEST. - components/network.ts: foundation-net (CONTRACT_003 §3.1). - index.ts: phase-orchestration entrypoint with dependsOn gates; Wave-2 slots. - ADR-006: shared-provider + per-component-factory model (egg does not route its phased bootstrap through the monolithic vendored DockerDeployments). Validated: pulumi up over Docker-over-SSH created+verified+destroyed foundation-net on crunchy01 (x86_64); ephemeral, nothing persisted. tsc + preview clean. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
21 lines
811 B
TypeScript
21 lines
811 B
TypeScript
// components/network.ts
|
|
//
|
|
// The foundation-net user-defined bridge (CONTRACT_003 §3.1). Created once, on the
|
|
// shared provider; every service container attaches to it and reaches peers by
|
|
// container name via Docker's embedded DNS. This is the first thing the bootstrap
|
|
// creates — all data-plane and forge components depend on it.
|
|
import * as docker from "@pulumi/docker";
|
|
import { BaseCtx } from "../lib/context";
|
|
|
|
export function deployNetwork(ctx: BaseCtx): docker.Network {
|
|
return new docker.Network(
|
|
"foundation-net",
|
|
{
|
|
name: ctx.cfg.network.name, // "foundation-net" (CONTRACT_003)
|
|
driver: "bridge",
|
|
attachable: true,
|
|
ipamConfigs: [{ subnet: ctx.cfg.network.subnet }], // "172.30.0.0/24"
|
|
},
|
|
{ provider: ctx.provider, deleteBeforeReplace: true },
|
|
);
|
|
}
|