# @atomisthq/pulumi

Shared library of Pulumi infrastructure-as-code (IaC) TypeScript helper functions and types used across Docker Scout platform infrastructure projects.

## Tech Stack

- **TypeScript** - Core language
- **Pulumi** - IaC framework (AWS, GCP, Kubernetes, Datadog providers)
- **Mocha** - Test framework
- **ESLint** / **Prettier** - Linting and formatting

## Modules

| Module | Description |
|--------|-------------|
| `dns` | DNS record management |
| `docker` | Docker-related infrastructure helpers |
| `gcp` | GCP resources (AlloyDB, Secrets, Spanner, Storage, Tailscale) |
| `iam` | IAM policy and role management |
| `k8s` | Kubernetes resources (networking, policy, RBAC, providers, specs) |
| `label` | Resource labeling conventions |
| `postgres` | PostgreSQL database provisioning |
| `pubsub` | Pub/Sub topic and subscription management |
| `vpn` | VPN configuration |
| `workloadIdentity` | GCP Workload Identity setup |

## Installation

```bash
npm install @atomisthq/pulumi
```

## Development

```bash
# Install dependencies
npm ci

# Full build (clean, compile, test, lint, doc)
npm run build

# Individual steps
npm run compile    # TypeScript compilation
npm run test       # Run Mocha tests
npm run lint       # Run ESLint and Prettier checks
npm run lint:fix   # Auto-fix lint issues
```

## Release

Push a semantic version tag to trigger a release:

```bash
t=v$(jq -r .version package.json) && git tag -s -m "$t: Some release" "$t" && git push origin "$t"
```

## License

Apache-2.0