Skip to main content

CODITECT Flow Platform - Infrastructure as Code

OpenTofu (Terraform-compatible) configuration for deploying CODITECT Flow Platform to Google Cloud Platform.

Structure

infra/
├── modules/
│   ├── gke/           # GKE cluster with workload identity
│   ├── cloudsql/      # PostgreSQL 15 HA database
│   ├── nats/          # NATS JetStream cluster
│   ├── redis/         # Redis Memorystore
│   ├── networking/    # VPC, subnets, NAT, firewall
│   └── iam/           # Service accounts and bindings
├── environments/
│   ├── staging/       # Staging environment config
│   └── production/    # Production environment config
└── backend.tf.example # GCS state backend template

Prerequisites

  • OpenTofu >= 1.6.0
  • gcloud CLI configured with coditect-citus-prod project access
  • GCS bucket for state storage: gs://coditect-flow-terraform-state

Quick Start

1. Configure Backend

# Create state bucket (one-time)
gsutil mb -p coditect-citus-prod -c STANDARD -l us-central1 gs://coditect-flow-terraform-state
gsutil versioning set on gs://coditect-flow-terraform-state

# Copy backend config
cp backend.tf.example environments/staging/backend.tf

2. Deploy Staging

cd environments/staging
tofu init
tofu plan -out=staging.tfplan
tofu apply staging.tfplan

3. Deploy Production

cd environments/production
tofu init
tofu plan -out=production.tfplan
tofu apply production.tfplan

Naming Convention

All resources follow: coditect-step-{env}-{resource}

Examples:

  • coditect-step-staging-gke
  • coditect-step-production-cloudsql
  • coditect-step-staging-nats

Outputs

Each environment exports:

  • gke_cluster_endpoint - Kubernetes API endpoint
  • gke_cluster_ca_certificate - Cluster CA cert
  • cloudsql_connection_name - Cloud SQL connection string
  • redis_host - Redis Memorystore endpoint
  • nats_cluster_ips - NATS cluster IP addresses

Security

  • All resources use private IP addresses
  • Workload Identity enabled for GKE pods
  • IAM follows least-privilege principle
  • Secrets managed via GCP Secret Manager
  • No public database endpoints

Cost Estimates

EnvironmentMonthly (approx)
Staging$350-500
Production$1,200-1,800

Support

Owner: AZ1.AI INC Lead: Hal Casteel Track: AO.19