Infrastructure Components
The infrastructure is organized into modular components, each responsible for a specific set of GCP resources. Components are built using Pulumi's ComponentResource pattern for reusability and clear dependency management.
Component Architecture
Component Pattern
Each component follows a consistent TypeScript pattern:
import * as pulumi from '@pulumi/pulumi';
import * as gcp from '@pulumi/gcp';
// Configuration interface
export interface ComponentConfig {
projectId: string;
region: string;
// Component-specific config...
}
// Output interface
export interface ComponentOutputs {
resourceId: pulumi.Output<string>;
resourceName: pulumi.Output<string>;
// Component-specific outputs...
}
// Component class
export class Component extends pulumi.ComponentResource {
public readonly resource: gcp.SomeResource;
constructor(
name: string,
config: ComponentConfig,
opts?: pulumi.ComponentResourceOptions
) {
super('serko:gcp:Component', name, {}, opts);
// Create resources...
this.resource = new gcp.SomeResource(name, {
// configuration...
}, { parent: this });
this.registerOutputs({
resourceId: this.resource.id,
});
}
public getOutputs(): ComponentOutputs {
return {
resourceId: this.resource.id,
resourceName: this.resource.name,
};
}
}
Available Components
| Component | Source File | Purpose |
|---|---|---|
| Network | src/gcp/network.ts | VPC, subnets, firewall, NAT |
| GKE | src/gcp/gke.ts | Kubernetes Autopilot cluster |
| Artifact Registry | src/gcp/artifact-registry.ts | Docker image repository |
| AlloyDB | src/gcp/alloydb.ts | PostgreSQL database cluster |
| Memorystore | src/gcp/memorystore.ts | Redis cache |
| Cloud Storage | src/gcp/gcs.ts | Object storage buckets |
| IAM | src/gcp/iam.ts | Service accounts and roles |
| Secrets | src/gcp/secrets.ts | Secret Manager |
Dependency Order
Components must be created in a specific order due to dependencies:
- GCP APIs - Enable required services
- Network - VPC and networking foundation
- IAM - Service accounts (needed for GKE workload identity)
- GKE - Kubernetes cluster (depends on network)
- Artifact Registry - Container registry
- Cloud Storage - Storage buckets
- AlloyDB - Database (depends on network private service connection)
- Memorystore - Redis cache (depends on network)
- Secrets - Secrets with connection strings (depends on databases)
Main Entry Point
The src/index.ts file orchestrates component creation:
// Enable APIs first
const apis = new GcpApis('apis', { projectId });
// Create network
const network = new Network('network', networkConfig, {
dependsOn: [apis],
});
// Create GKE cluster
const gke = new GkeCluster('gke', gkeConfig, {
dependsOn: [network],
});
// Continue with other components...