Remove React frontend support and fix VPC connector naming

- Remove cloud-run-react.tf and all React frontend resources
- Eliminate React-specific variables and outputs
- Consolidate DNS to single app subdomain instead of separate API/UI
- Make database deployment optional with enable_database variable
- Update documentation to reflect simplified architecture
- Remove production example directory structure
- Update dev example with proper resource references
- Fix VPC connector naming to comply with Google's 25-char limit

Author: dcmcand

Makefile

@@ -64,7 +64,6 @@ docs: ## Generate documentation with terraform-docs
 	@echo "Generating documentation..."
 	@docker run --rm --volume "$$(pwd):/terraform-docs" -u $$(id -u) quay.io/terraform-docs/terraform-docs:latest markdown /terraform-docs --output-file README.md
 	@terraform-docs markdown examples/dev > examples/dev/README.md || true
-	@terraform-docs markdown examples/prod > examples/prod/README.md || true
 
 clean: ## Clean up temporary files and directories
 	@echo "Cleaning up..."

README.md

@@ -60,13 +60,16 @@ resource "google_cloud_run_service" "main_app" {
           }
         }
 
-        # Database connection string from Secret Manager
-        env {
-          name = "DATABASE_URL"
-          value_from {
-            secret_key_ref {
-              name = local.db_connection_secret
-              key  = "latest"
+        # Database connection string from Secret Manager (if database is enabled)
+        dynamic "env" {
+          for_each = var.enable_database ? [1] : []
+          content {
+            name = "DATABASE_URL"
+            value_from {
+              secret_key_ref {
+                name = local.db_connection_secret
+                key  = "latest"
+              }
             }
           }
         }
@@ -121,7 +124,6 @@ resource "google_cloud_run_service" "main_app" {
 
   depends_on = [
     google_project_service.required_apis,
-    google_secret_manager_secret_version.db_connection,
     google_secret_manager_secret_version.ai_api_keys
   ]
 }
@@ -136,30 +138,11 @@ resource "google_cloud_run_service_iam_member" "main_app_public" {
 }
 
 # Domain mapping for the hrafnar application (if Cloudflare DNS is enabled)
+# Domain mapping for the application
 resource "google_cloud_run_domain_mapping" "main_app" {
   count    = var.enable_cloudflare_dns && var.base_domain != "" ? 1 : 0
   location = var.region
-  name     = local.api_fqdn
-  project  = var.project_id
-
-  metadata {
-    namespace = var.project_id
-    labels    = local.common_labels
-  }
-
-  spec {
-    route_name = google_cloud_run_service.main_app.name
-  }
-
-  depends_on = [google_cloud_run_service.main_app]
-}
-
-# Domain mapping for UI traffic (points to hrafnar app if no React frontend)
-resource "google_cloud_run_domain_mapping" "ui_app" {
-  count = var.enable_cloudflare_dns && var.base_domain != "" && !var.enable_react_frontend && var.enable_htmx_frontend ? 1 : 0
-
-  location = var.region
-  name     = local.ui_fqdn
+  name     = local.app_fqdn
   project  = var.project_id
 
   metadata {

cloud-run-react.tf

@@ -1,11 +1,13 @@
 # Random password for database user
 resource "random_password" "db_password" {
+  count   = var.enable_database ? 1 : 0
   length  = 32
   special = true
 }
 
 # Cloud SQL PostgreSQL instance
 resource "google_sql_database_instance" "main" {
+  count            = var.enable_database ? 1 : 0
   name             = local.database_name
   database_version = "POSTGRES_15"
   region           = var.region
@@ -85,11 +87,12 @@ resource "google_sql_database_instance" "main" {
     }
   }
 
-  depends_on = [google_service_networking_connection.private_vpc_connection]
+  depends_on = [google_service_networking_connection.private_vpc_connection[0]]
 }
 
 # Private service connection for Cloud SQL
 resource "google_compute_global_address" "private_ip_address" {
+  count         = var.enable_database ? 1 : 0
   name          = "${local.resource_prefix}-private-ip"
   purpose       = "VPC_PEERING"
   address_type  = "INTERNAL"
@@ -99,28 +102,32 @@ resource "google_compute_global_address" "private_ip_address" {
 }
 
 resource "google_service_networking_connection" "private_vpc_connection" {
+  count                   = var.enable_database ? 1 : 0
   network                 = google_compute_network.main.id
   service                 = "servicenetworking.googleapis.com"
-  reserved_peering_ranges = [google_compute_global_address.private_ip_address.name]
+  reserved_peering_ranges = [google_compute_global_address.private_ip_address[0].name]
 }
 
 # Database
 resource "google_sql_database" "main" {
+  count    = var.enable_database ? 1 : 0
   name     = local.database_name
-  instance = google_sql_database_instance.main.name
+  instance = google_sql_database_instance.main[0].name
   project  = var.project_id
 }
 
 # Database user
 resource "google_sql_user" "main" {
+  count    = var.enable_database ? 1 : 0
   name     = local.database_user
-  instance = google_sql_database_instance.main.name
-  password = random_password.db_password.result
+  instance = google_sql_database_instance.main[0].name
+  password = random_password.db_password[0].result
   project  = var.project_id
 }
 
 # Store database password in Secret Manager
 resource "google_secret_manager_secret" "db_password" {
+  count     = var.enable_database ? 1 : 0
   secret_id = local.db_password_secret_name
   project   = var.project_id
 
@@ -132,6 +139,7 @@ resource "google_secret_manager_secret" "db_password" {
 }
 
 resource "google_secret_manager_secret_version" "db_password" {
-  secret      = google_secret_manager_secret.db_password.id
-  secret_data = random_password.db_password.result
+  count       = var.enable_database ? 1 : 0
+  secret      = google_secret_manager_secret.db_password[0].id
+  secret_data = random_password.db_password[0].result
 }

cloud-run.tf

@@ -1,32 +1,14 @@
 
-# DNS A record for API subdomain pointing to hrafnar application
-resource "cloudflare_record" "api" {
+# DNS CNAME record for application subdomain pointing to hrafnar application
+resource "cloudflare_record" "app" {
   count   = var.enable_cloudflare_dns && var.base_domain != "" ? 1 : 0
   zone_id = var.cloudflare_zone_id
-  name    = var.api_subdomain
+  name    = var.app_subdomain
   content = google_cloud_run_service.main_app.status[0].url
   type    = "CNAME"
   proxied = true
 
-  comment = "Managed by Terraform - API endpoint for ${local.resource_prefix} hrafnar application"
+  comment = "Managed by Terraform - Application endpoint for ${local.resource_prefix} hrafnar application"
 
   depends_on = [google_cloud_run_domain_mapping.main_app]
 }
-
-# DNS A record for UI subdomain pointing to React frontend or hrafnar application
-resource "cloudflare_record" "ui" {
-  count = var.enable_cloudflare_dns && var.base_domain != "" && (var.enable_react_frontend || var.enable_htmx_frontend) ? 1 : 0
-
-  zone_id = var.cloudflare_zone_id
-  name    = var.ui_subdomain
-  content = var.enable_react_frontend ? google_cloud_run_service.react_frontend[0].status[0].url : google_cloud_run_service.main_app.status[0].url
-  type    = "CNAME"
-  proxied = true
-
-  comment = var.enable_react_frontend ? "Managed by Terraform - UI endpoint for ${local.resource_prefix} React frontend" : "Managed by Terraform - UI endpoint for ${local.resource_prefix} hrafnar HTMX frontend"
-
-  depends_on = [
-    google_cloud_run_domain_mapping.react_frontend,
-    google_cloud_run_domain_mapping.ui_app
-  ]
-}

database.tf

@@ -79,38 +79,48 @@ module "hrafnar_gcp_deploy" {
 
 ## Providers
 
-No providers.
+| Name | Version |
+|------|---------|
+| <a name="provider_google"></a> [google](#provider\_google) | 5.45.2 |
+| <a name="provider_random"></a> [random](#provider\_random) | 3.7.2 |
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_hrafnar_dev"></a> [hrafnar\_dev](#module\_hrafnar\_dev) | ../../ | n/a |
+| <a name="module_hrafnar_deploy"></a> [hrafnar\_deploy](#module\_hrafnar\_deploy) | ../../ | n/a |
 
 ## Resources
 
-No resources.
+| Name | Type |
+|------|------|
+| [google_secret_manager_secret.hrafnar_auth_password](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/secret_manager_secret) | resource |
+| [google_secret_manager_secret_version.hrafnar_auth_password](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/secret_manager_secret_version) | resource |
+| [random_password.hrafnar_auth_password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_ai_api_keys"></a> [ai\_api\_keys](#input\_ai\_api\_keys) | Map of AI API keys (e.g., OPENAI\_API\_KEY, ANTHROPIC\_API\_KEY) | `map(string)` | `{}` | no |
 | <a name="input_app_image"></a> [app\_image](#input\_app\_image) | Container image for the hrafnar application | `string` | `"gcr.io/my-project/hrafnar:dev"` | no |
+| <a name="input_app_subdomain"></a> [app\_subdomain](#input\_app\_subdomain) | Subdomain for application access (e.g., 'app' for app.example.com) | `string` | `"app"` | no |
 | <a name="input_base_domain"></a> [base\_domain](#input\_base\_domain) | Base domain name (e.g., 'example.com') | `string` | `""` | no |
 | <a name="input_cloudflare_api_token"></a> [cloudflare\_api\_token](#input\_cloudflare\_api\_token) | Cloudflare API token (required if enable\_cloudflare\_dns is true) | `string` | `""` | no |
 | <a name="input_cloudflare_zone_id"></a> [cloudflare\_zone\_id](#input\_cloudflare\_zone\_id) | Cloudflare zone ID (required if enable\_cloudflare\_dns is true) | `string` | `""` | no |
 | <a name="input_enable_cloudflare_dns"></a> [enable\_cloudflare\_dns](#input\_enable\_cloudflare\_dns) | Enable Cloudflare DNS management for development | `bool` | `false` | no |
+| <a name="input_environment"></a> [environment](#input\_environment) | Deployment environment (e.g., 'prod') | `string` | `"test"` | no |
 | <a name="input_mcp_servers"></a> [mcp\_servers](#input\_mcp\_servers) | MCP server configurations for development | <pre>map(object({<br/>    url         = string<br/>    api_key     = optional(string)<br/>    description = string<br/>  }))</pre> | <pre>{<br/>  "filesystem": {<br/>    "description": "Local filesystem MCP server for development",<br/>    "url": "http://localhost:3001"<br/>  }<br/>}</pre> | no |
+| <a name="input_name_prefix"></a> [name\_prefix](#input\_name\_prefix) | Prefix for resource names | `string` | `"hrafnar-dev"` | no |
 | <a name="input_project_id"></a> [project\_id](#input\_project\_id) | GCP project ID for development environment | `string` | n/a | yes |
+| <a name="input_region"></a> [region](#input\_region) | GCP region for production deployment | `string` | `"us-central1"` | no |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
-| <a name="output_api_domain"></a> [api\_domain](#output\_api\_domain) | Development API domain (if DNS enabled) |
+| <a name="output_app_domain"></a> [app\_domain](#output\_app\_domain) | Development app domain (if DNS enabled) |
 | <a name="output_database_connection_name"></a> [database\_connection\_name](#output\_database\_connection\_name) | Development database connection name |
 | <a name="output_hrafnar_app_url"></a> [hrafnar\_app\_url](#output\_hrafnar\_app\_url) | URL of the hrafnar application in development |
-| <a name="output_ui_domain"></a> [ui\_domain](#output\_ui\_domain) | Development UI domain (if DNS enabled) |
 | <a name="output_vpc_name"></a> [vpc\_name](#output\_vpc\_name) | Development VPC network name |
-<!-- END_TF_DOCS -->
+<!-- END_TF_DOCS -->