Initial commit: Product OS platform

- Control Plane API with Gemini integration
- Executors: Deploy, Analytics, Marketing
- MCP Adapter for Continue integration
- VSCode/VSCodium extension
- Tool registry and run tracking
- In-memory storage for local dev
- Terraform infrastructure setup

platform/infra/terraform/iam.tf

@@ -0,0 +1,16 @@
+# Allow control-plane to write artifacts in GCS
+resource "google_storage_bucket_iam_member" "control_plane_bucket_writer" {
+  bucket = google_storage_bucket.artifacts.name
+  role   = "roles/storage.objectAdmin"
+  member = "serviceAccount:${google_service_account.control_plane_sa.email}"
+}
+
+# Firestore access for run/tool metadata
+resource "google_project_iam_member" "control_plane_firestore" {
+  project = var.project_id
+  role    = "roles/datastore.user"
+  member  = "serviceAccount:${google_service_account.control_plane_sa.email}"
+}
+
+# Placeholder: executor services will each have their own service accounts.
+# Control-plane should be granted roles/run.invoker on each executor service once created.

platform/infra/terraform/main.tf

@@ -0,0 +1,54 @@
+# GCS Bucket for artifacts (logs, AI outputs, patches)
+resource "google_storage_bucket" "artifacts" {
+  name                        = var.artifact_bucket_name
+  location                    = var.region
+  uniform_bucket_level_access = true
+  versioning { enabled = true }
+}
+
+# Firestore (Native mode) – requires enabling in console once per project
+resource "google_firestore_database" "default" {
+  name        = "(default)"
+  location_id = var.region
+  type        = "FIRESTORE_NATIVE"
+}
+
+# Service account for Control Plane
+resource "google_service_account" "control_plane_sa" {
+  account_id   = "sa-control-plane"
+  display_name = "Product OS Control Plane"
+}
+
+# Cloud Run service for Control Plane API
+resource "google_cloud_run_v2_service" "control_plane" {
+  name     = "control-plane"
+  location = var.region
+
+  template {
+    service_account = google_service_account.control_plane_sa.email
+
+    containers {
+      image = var.control_plane_image
+      env {
+        name  = "GCP_PROJECT_ID"
+        value = var.project_id
+      }
+      env {
+        name  = "GCS_BUCKET_ARTIFACTS"
+        value = google_storage_bucket.artifacts.name
+      }
+      env {
+        name  = "AUTH_MODE"
+        value = "dev"
+      }
+    }
+  }
+}
+
+# Public access for dev; prefer IAM auth in production
+resource "google_cloud_run_v2_service_iam_member" "control_plane_public" {
+  name     = google_cloud_run_v2_service.control_plane.name
+  location = var.region
+  role     = "roles/run.invoker"
+  member   = "allUsers"
+}

platform/infra/terraform/outputs.tf

@@ -0,0 +1,9 @@
+output "control_plane_url" {
+  value       = google_cloud_run_v2_service.control_plane.uri
+  description = "URL of the Control Plane API"
+}
+
+output "artifact_bucket" {
+  value       = google_storage_bucket.artifacts.name
+  description = "GCS bucket for artifacts"
+}

platform/infra/terraform/providers.tf

@@ -0,0 +1,14 @@
+terraform {
+  required_version = ">= 1.5.0"
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "~> 5.30"
+    }
+  }
+}
+
+provider "google" {
+  project = var.project_id
+  region  = var.region
+}

platform/infra/terraform/terraform.tfvars.example

@@ -0,0 +1,4 @@
+project_id           = "your-gcp-project-id"
+region               = "us-central1"
+artifact_bucket_name = "productos-artifacts-dev"
+control_plane_image  = "us-central1-docker.pkg.dev/YOUR_PROJECT/productos/control-plane:latest"

platform/infra/terraform/variables.tf

@@ -0,0 +1,20 @@
+variable "project_id" { 
+  type        = string
+  description = "GCP Project ID"
+}
+
+variable "region" { 
+  type        = string  
+  default     = "us-central1"
+  description = "GCP region for resources"
+}
+
+variable "artifact_bucket_name" { 
+  type        = string
+  description = "Name for the GCS bucket storing artifacts"
+}
+
+variable "control_plane_image" {
+  type        = string
+  description = "Container image URI for control-plane (Artifact Registry)."
+}