Initial commit: Product OS platform

- Control Plane API with Gemini integration
- Executors: Deploy, Analytics, Marketing
- MCP Adapter for Continue integration
- VSCode/VSCodium extension
- Tool registry and run tracking
- In-memory storage for local dev
- Terraform infrastructure setup

platform/infra/terraform/main.tf

@@ -0,0 +1,54 @@
+# GCS Bucket for artifacts (logs, AI outputs, patches)
+resource "google_storage_bucket" "artifacts" {
+  name                        = var.artifact_bucket_name
+  location                    = var.region
+  uniform_bucket_level_access = true
+  versioning { enabled = true }
+}
+
+# Firestore (Native mode) – requires enabling in console once per project
+resource "google_firestore_database" "default" {
+  name        = "(default)"
+  location_id = var.region
+  type        = "FIRESTORE_NATIVE"
+}
+
+# Service account for Control Plane
+resource "google_service_account" "control_plane_sa" {
+  account_id   = "sa-control-plane"
+  display_name = "Product OS Control Plane"
+}
+
+# Cloud Run service for Control Plane API
+resource "google_cloud_run_v2_service" "control_plane" {
+  name     = "control-plane"
+  location = var.region
+
+  template {
+    service_account = google_service_account.control_plane_sa.email
+
+    containers {
+      image = var.control_plane_image
+      env {
+        name  = "GCP_PROJECT_ID"
+        value = var.project_id
+      }
+      env {
+        name  = "GCS_BUCKET_ARTIFACTS"
+        value = google_storage_bucket.artifacts.name
+      }
+      env {
+        name  = "AUTH_MODE"
+        value = "dev"
+      }
+    }
+  }
+}
+
+# Public access for dev; prefer IAM auth in production
+resource "google_cloud_run_v2_service_iam_member" "control_plane_public" {
+  name     = google_cloud_run_v2_service.control_plane.name
+  location = var.region
+  role     = "roles/run.invoker"
+  member   = "allUsers"
+}