@vertile-ai/iac 0.0.1

package/docs/positioning.md

@@ -0,0 +1,65 @@
+# Positioning
+
+Vertile AI IaC is for developers who want portable infrastructure intent without
+operating a platform control plane.
+
+## Why This Exists
+
+In the AI era, more products are built by one-person companies and very small
+teams. Collaboration overhead matters less than abstraction quality. A single
+developer, or an AI working with that developer, should not need to hand-author
+different infrastructure definitions for every provider.
+
+Vertile AI IaC provides one manifest for app infrastructure needs:
+
+- app hosting
+- domains
+- environment variables and secrets
+- object storage
+- databases
+- queues
+- sandboxes and runtimes
+- clusters and compute
+
+Provider adapters compile those needs into Vercel, AWS, DigitalOcean, and later
+other providers.
+
+## Crossplane Comparison
+
+Crossplane is a strong reference point, but it makes Kubernetes the control
+plane. Your app does not have to run on Kubernetes to use Crossplane, but the
+Crossplane controllers do.
+
+That is powerful for platform teams that need:
+
+- RBAC
+- audit logs
+- CRDs
+- admission policies
+- namespaces
+- Kubernetes secrets
+- continuous controllers
+
+Those are mostly developer-platform collaboration features. They are valuable
+inside larger engineering organizations, but heavy for solo builders and small
+teams that only want app infrastructure.
+
+Vertile AI IaC takes a different position:
+
+```text
+Crossplane:
+  Kubernetes as the infrastructure control plane.
+
+Vertile AI IaC:
+  Git repo + CLI as the infrastructure control surface.
+```
+
+## Terraform And OpenTofu
+
+Terraform and OpenTofu are execution engines, not portable abstractions.
+Terraform can manage many providers, but provider resources are not portable by
+themselves. An AWS S3 bucket resource is not the same as a DigitalOcean Spaces
+resource or a Cloudflare R2 resource.
+
+Vertile AI IaC treats Terraform/OpenTofu files as generated output. The portable
+source of truth is the manifest.

package/docs/roadmap.md

@@ -0,0 +1,77 @@
+# Roadmap
+
+## Phase 1: Stable Compiler Core
+
+- Keep `infrastructure/iac/iac.json` as the only user-authored source of truth.
+- Render provider-specific Terraform into `.vertile/terraform/<provider>/`.
+- Keep legacy Vercel API reconciliation working until the Terraform path is
+  verified.
+- Support `render`, `plan`, and guarded `apply`.
+- Add schema validation with clear errors.
+
+## Phase 2: First-Class Resource Concepts
+
+Move provider-specific escape hatches behind portable app infrastructure
+concepts:
+
+- `apps`
+- `domains`
+- `env`
+- `objectStorage`
+- `databases`
+- `queues`
+- `sandboxes`
+- `clusters`
+
+Each concept should have shared fields and optional provider overrides.
+
+Current implementation status:
+
+- `apps` and `domains` render to Vercel resources.
+- `objectStorage` renders to AWS S3 and DigitalOcean Spaces.
+- `databases` renders to AWS RDS and DigitalOcean Managed Databases.
+- `queues` renders to AWS SQS.
+- `sandboxes` and `clusters` render to AWS EC2 instances and DigitalOcean
+  Droplets.
+
+## Phase 3: Provider Matrix
+
+Initial providers:
+
+- Vercel: apps, domains, env vars, project settings.
+- AWS: S3, RDS or DynamoDB, SQS, Lambda or ECS, EC2 where needed.
+- DigitalOcean: Spaces, Managed Databases, App Platform, Droplets, Kubernetes
+  where needed.
+
+Likely later providers:
+
+- Cloudflare for DNS, Workers, R2, and queues.
+- Neon and Supabase for databases.
+- Fly.io, Render, and Railway for app hosting.
+- Modal, E2B, and Daytona for sandbox or runtime providers.
+- Hetzner and Vultr for cheaper compute and clusters.
+
+## Phase 4: AI-Native Workflow
+
+- `vertile-iac explain`: explain a manifest in product language.
+- `vertile-iac doctor`: detect unsupported mappings, missing credentials, and
+  risky settings.
+- `vertile-iac migrate`: suggest moves between providers.
+- Plan summaries that say what changes mean, not just what Terraform will do.
+
+## Phase 5: State And Outputs
+
+- Use local state by default.
+- Support optional remote backend configuration later.
+- Add drift detection through `plan`.
+- Write provider outputs to `.vertile/outputs/<env>.json`.
+
+## Guiding Rule
+
+Vertile AI IaC should not become Terraform, Pulumi, or Crossplane.
+
+It should stay focused on app-first portable infrastructure intent:
+
+```text
+one manifest -> provider adapters -> Terraform/OpenTofu execution
+```

package/examples/dynomic/README.md

@@ -0,0 +1,22 @@
+# Dynomic
+
+Dynomic is a fixture project used to exercise Vertile AI IaC from the shape a
+product repo would keep. It intentionally uses the full current manifest surface:
+multiple Vercel apps, domains, preview/production env provisioning, local env
+sync, portable storage/database/queue/compute concepts, provider overrides, and
+provider-specific escape hatch resources.
+
+It intentionally contains no real secrets. The env files use placeholder values
+so package consumers can inspect and run dry-runs without extra setup.
+
+## Commands
+
+```bash
+vertile-iac sync-env --repo-root examples/dynomic --variants=staging,production
+vertile-iac env --repo-root examples/dynomic --targets=preview,production
+vertile-iac projects --repo-root examples/dynomic --projects=web
+vertile-iac domains --repo-root examples/dynomic --projects=web
+vertile-iac render --repo-root examples/dynomic --target=all --env=production
+```
+
+Apply commands require `VERCEL_TOKEN` and a real Vercel team/project.

package/examples/dynomic/apps/admin/package.json

@@ -0,0 +1,7 @@
+{
+  "name": "dynomic-admin",
+  "private": true,
+  "scripts": {
+    "build": "echo \"dynomic admin fixture build\""
+  }
+}

package/examples/dynomic/apps/admin/vercel.json

@@ -0,0 +1,4 @@
+{
+  "$schema": "https://openapi.vercel.sh/vercel.json",
+  "framework": "nextjs"
+}

package/examples/dynomic/apps/web/package.json

@@ -0,0 +1,7 @@
+{
+  "name": "dynomic-web",
+  "private": true,
+  "scripts": {
+    "build": "echo \"dynomic fixture build\""
+  }
+}

package/examples/dynomic/apps/web/vercel.json

@@ -0,0 +1,4 @@
+{
+  "$schema": "https://openapi.vercel.sh/vercel.json",
+  "framework": "nextjs"
+}

package/examples/dynomic/infrastructure/iac/iac.json

@@ -0,0 +1,191 @@
+{
+  "$schema": "../../../../schema/iac.schema.json",
+  "version": 1,
+  "project": {
+    "key": "dynomic",
+    "name": "dynomic"
+  },
+  "environments": ["development", "preview", "production"],
+  "providers": {
+    "vercel": {
+      "teamSlug": "vertile-ai",
+      "projectDefaults": {
+        "nodeVersion": "20.x",
+        "enableAffectedProjectsDeployments": true
+      },
+      "resources": [
+        {
+          "type": "vercel_project_environment_variable",
+          "name": "example_escape_hatch",
+          "values": {
+            "project_id": "prj_dynomic_placeholder",
+            "key": "ESCAPE_HATCH_EXAMPLE",
+            "value": "configured-through-provider-resource",
+            "target": ["preview"]
+          }
+        }
+      ]
+    },
+    "aws": {
+      "region": "us-east-1",
+      "defaultTags": {
+        "Owner": "vertile-ai",
+        "Fixture": "dynomic"
+      },
+      "resources": [
+        {
+          "type": "aws_sns_topic",
+          "name": "events",
+          "values": {
+            "name": "dynomic-events"
+          }
+        }
+      ]
+    },
+    "digitalocean": {
+      "region": "nyc3",
+      "version": ">= 2.0.0",
+      "resources": [
+        {
+          "type": "digitalocean_project",
+          "name": "main",
+          "values": {
+            "name": "dynomic"
+          }
+        }
+      ]
+    }
+  },
+  "env": {
+    "sourceDir": "infrastructure",
+    "sync": {
+      "apps": ["web", "admin"],
+      "sharedKey": "shared"
+    }
+  },
+  "apps": [
+    {
+      "key": "web",
+      "id": "prj_dynomic_web_placeholder",
+      "name": "dynomic-web",
+      "framework": "nextjs",
+      "rootDirectory": "apps/web",
+      "nodeVersion": "20.x",
+      "domains": [
+        "dynomic.example.com",
+        {
+          "name": "preview.dynomic.example.com",
+          "gitBranch": "preview"
+        }
+      ],
+      "providers": {
+        "vercel": {
+          "enableAffectedProjectsDeployments": true
+        }
+      }
+    },
+    {
+      "key": "admin",
+      "id": "prj_dynomic_admin_placeholder",
+      "name": "dynomic-admin",
+      "framework": "nextjs",
+      "rootDirectory": "apps/admin",
+      "nodeVersion": "20.x",
+      "domains": [
+        "admin.dynomic.example.com",
+        {
+          "name": "admin-preview.dynomic.example.com",
+          "gitBranch": "preview"
+        }
+      ],
+      "env": {
+        "sharedPrefix": "ADMIN_"
+      }
+    }
+  ],
+  "domains": [
+    {
+      "name": "www.dynomic.example.com",
+      "app": "web"
+    }
+  ],
+  "objectStorage": [
+    {
+      "key": "uploads",
+      "visibility": "private",
+      "providers": {
+        "aws": {
+          "bucket": "dynomic-production-uploads",
+          "forceDestroy": true
+        },
+        "digitalocean": {
+          "name": "dynomic-uploads",
+          "acl": "private",
+          "region": "nyc3"
+        }
+      }
+    }
+  ],
+  "databases": [
+    {
+      "key": "appdb",
+      "engine": "postgres",
+      "providers": {
+        "aws": {
+          "engineVersion": "16",
+          "instanceClass": "db.t4g.micro",
+          "allocatedStorage": 20,
+          "databaseName": "dynomic",
+          "username": "dynomic",
+          "skipFinalSnapshot": true
+        },
+        "digitalocean": {
+          "engine": "pg",
+          "version": "16",
+          "size": "db-s-1vcpu-1gb",
+          "nodeCount": 1
+        }
+      }
+    }
+  ],
+  "queues": [
+    {
+      "key": "jobs",
+      "kind": "fifo",
+      "providers": {
+        "aws": {
+          "visibilityTimeoutSeconds": 60,
+          "messageRetentionSeconds": 345600
+        }
+      }
+    }
+  ],
+  "sandboxes": [
+    {
+      "key": "runner",
+      "providers": {
+        "aws": {
+          "instanceType": "t3.micro"
+        },
+        "digitalocean": {
+          "sizeSlug": "s-1vcpu-1gb"
+        }
+      }
+    }
+  ],
+  "clusters": [
+    {
+      "key": "workers",
+      "size": 2,
+      "providers": {
+        "aws": {
+          "instanceType": "t3.small"
+        },
+        "digitalocean": {
+          "nodes": 2,
+          "sizeSlug": "s-1vcpu-2gb"
+        }
+      }
+    }
+  ]
+}

package/examples/dynomic/package.json

@@ -0,0 +1,17 @@
+{
+  "name": "dynomic",
+  "private": true,
+  "scripts": {
+    "iac:env:dry-run": "vertile-iac env --repo-root . --targets=preview,production",
+    "iac:env:apply": "vertile-iac env --repo-root . --targets=preview,production --apply",
+    "iac:projects:dry-run": "vertile-iac projects --repo-root .",
+    "iac:projects:apply": "vertile-iac projects --repo-root . --apply",
+    "iac:domains:dry-run": "vertile-iac domains --repo-root .",
+    "iac:domains:apply": "vertile-iac domains --repo-root . --apply",
+    "iac:sync-env": "vertile-iac sync-env --repo-root . --variants=staging,production",
+    "iac:render": "vertile-iac render --repo-root . --target=vercel --env=production"
+  },
+  "devDependencies": {
+    "@vertile-ai/iac": "0.0.1"
+  }
+}

package/package.json

@@ -0,0 +1,51 @@
+{
+  "name": "@vertile-ai/iac",
+  "version": "0.0.1",
+  "description": "App-first portable infrastructure intent for Vercel, AWS, and DigitalOcean.",
+  "type": "module",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/vertile-ai/iac.git"
+  },
+  "bugs": {
+    "url": "https://github.com/vertile-ai/iac/issues"
+  },
+  "homepage": "https://github.com/vertile-ai/iac#readme",
+  "bin": {
+    "vertile-iac": "src/cli.mjs",
+    "vertile-iac-render": "src/render.mjs",
+    "vertile-iac-plan": "src/plan.mjs",
+    "vertile-iac-apply": "src/apply.mjs",
+    "vertile-iac-sync-env": "src/sync-env.mjs",
+    "vertile-iac-env": "src/provision-env.mjs",
+    "vertile-iac-projects": "src/reconcile-project-settings.mjs",
+    "vertile-iac-domains": "src/reconcile-project-domains.mjs"
+  },
+  "files": [
+    "src",
+    "docs",
+    "schema",
+    "examples",
+    "!examples/**/.env",
+    "!examples/**/.env.*",
+    "README.md"
+  ],
+  "scripts": {
+    "test": "node --test",
+    "check": "find src -name '*.mjs' -print0 | xargs -0 -n1 node --check",
+    "sync-env": "node src/sync-env.mjs",
+    "env:dry-run": "node src/provision-env.mjs",
+    "env:apply": "node src/provision-env.mjs --apply",
+    "projects:dry-run": "node src/reconcile-project-settings.mjs",
+    "projects:apply": "node src/reconcile-project-settings.mjs --apply",
+    "domains:dry-run": "node src/reconcile-project-domains.mjs",
+    "domains:apply": "node src/reconcile-project-domains.mjs --apply"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "engines": {
+    "node": ">=20"
+  },
+  "packageManager": "pnpm@10.33.0"
+}