first commit

This commit is contained in:
Beyhan Oğur
2026-04-26 21:52:23 +03:00
commit 880f412e2c
2662 changed files with 866266 additions and 0 deletions

132
terraform/README.md Normal file
View File

@@ -0,0 +1,132 @@
# Bifrost Terraform Modules
Deploy Bifrost on AWS, GCP, Azure, or any Kubernetes cluster using a single Terraform module.
## Quick Start
Reference the module directly from GitHub. Pin to a specific release tag using `?ref=`:
```hcl
module "bifrost" {
source = "github.com/maximhq/bifrost//terraform/modules/bifrost?ref=terraform/v0.1.0"
cloud_provider = "aws" # "aws" | "gcp" | "azure" | "kubernetes"
service = "ecs" # AWS: "ecs" | "eks", GCP: "gke" | "cloud-run", Azure: "aks" | "aci", K8s: "deployment"
region = "us-east-1"
image_tag = "v1.4.6"
# Option A: Provide a config.json file
config_json_file = "./config.json"
# Option B: Build config from Terraform variables (overrides matching keys from file)
providers_config = {
openai = { keys = [{ value = var.openai_key, weight = 1 }] }
}
config_store = {
enabled = true
type = "postgres"
config = { host = var.db_host, port = "5432", user = "bifrost", password = var.db_password, db_name = "bifrost" }
}
}
```
## Supported Deployments
| Cloud | Service | Description |
|-------|---------|-------------|
| AWS | `ecs` | ECS Fargate with ALB, Secrets Manager, auto-scaling |
| AWS | `eks` | EKS with K8s Deployment, PVC for SQLite, HPA |
| GCP | `gke` | GKE with K8s Deployment, persistent disk, HPA |
| GCP | `cloud-run` | Cloud Run v2 with Secret Manager, auto-scaling |
| Azure | `aks` | AKS with K8s Deployment, managed disk, HPA |
| Azure | `aci` | Azure Container Instances (single instance, dev/test) |
| Kubernetes | `deployment` | Any K8s cluster with Deployment, PVC, HPA, Ingress |
## Configuration
Bifrost config can come from two sources simultaneously. Terraform variables override matching keys from the base file.
1. **File-based**: Set `config_json_file` to a path or `config_json` to a raw JSON string.
2. **Variable-based**: Set individual variables (`config_store`, `logs_store`, `providers_config`, `auth_config`, etc.) corresponding to top-level keys in [config.schema.json](../transports/config.schema.json).
All 17 top-level config properties from the schema are supported as variables:
`encryption_key`, `auth_config`, `client`, `framework`, `providers_config`, `governance`, `mcp`, `vector_store`, `config_store`, `logs_store`, `cluster_config`, `scim_config`, `load_balancer_config`, `guardrails_config`, `plugins`, `audit_logs`, `websocket`.
For `scim_config` with `provider = "okta"`, include `config.issuerUrl`, `config.clientId`, `config.clientSecret`, and `config.apiToken`.
## Provider Configuration
You only need to configure the Terraform providers for the cloud you are deploying to. For example, deploying to AWS ECS only requires the `aws` provider -- you do not need to configure `google`, `azurerm`, or `kubernetes`.
See the [module README](modules/bifrost/README.md#provider-configuration) for provider configuration examples per cloud.
## Testing
The module includes native Terraform tests (requires Terraform >= 1.7) that run with mocked providers -- no cloud credentials needed:
```bash
cd modules/bifrost
terraform init
terraform test
```
Tests cover all 7 deployment targets across 10 test files. See the [module README](modules/bifrost/README.md#testing) for details.
## Directory Structure
```text
terraform/
modules/bifrost/ # Top-level module (the only thing you call)
aws/ # AWS platform (VPC, SG, IAM, Secrets Manager)
services/ecs/ # ECS Fargate
services/eks/ # EKS + K8s resources
gcp/ # GCP platform (VPC, firewall, Secret Manager, SA)
services/gke/ # GKE + K8s resources
services/cloud-run/ # Cloud Run v2
azure/ # Azure platform (VNet, NSG, Key Vault, identity)
services/aks/ # AKS + K8s resources
services/aci/ # Azure Container Instances
kubernetes/ # Generic K8s (any cluster, no cloud APIs)
examples/
aws-ecs/ # Deploy on ECS Fargate
gcp-gke/ # Deploy on GKE
azure-aks/ # Deploy on AKS
kubernetes/ # Deploy on any K8s cluster
```
## Examples
Each example directory contains `main.tf`, `variables.tf`, `outputs.tf`, `terraform.tfvars.example`, and a `README.md`.
```bash
cd examples/aws-ecs
cp terraform.tfvars.example terraform.tfvars
# Edit terraform.tfvars with your values
terraform init
terraform plan
terraform apply
```
## Key Variables
| Variable | Default | Description |
|----------|---------|-------------|
| `cloud_provider` | (required) | `"aws"`, `"gcp"`, `"azure"`, or `"kubernetes"` |
| `service` | (required) | Service type (see table above) |
| `region` | (required) | Cloud region |
| `image_tag` | `"latest"` | Bifrost Docker image tag |
| `desired_count` | `1` | Number of replicas |
| `cpu` | `512` | CPU units (ECS) or millicores (K8s) |
| `memory` | `1024` | Memory in MB |
| `create_load_balancer` | `false` | Create a load balancer |
| `enable_autoscaling` | `false` | Enable auto-scaling |
| `create_cluster` | `true` | Create new cluster (set `false` to use existing) |
| `storage_class_name` | `"standard"` | K8s StorageClass for PVC (generic K8s only) |
| `ingress_class_name` | `"nginx"` | Ingress controller class (generic K8s only) |
| `ingress_annotations` | `{}` | Ingress annotations (generic K8s only) |
## Outputs
| Output | Description |
|--------|-------------|
| `service_url` | URL to access Bifrost |
| `health_check_url` | Health endpoint URL |