feat: initial copy of v0.1.0

2026-03-13 09:03:49 +01:00 · 2026-03-13 09:03:49 +01:00 · 7d4cbb6b08
commit 7d4cbb6b08
parent 4cc801a7f3
538 changed files with 63361 additions and 55213 deletions
--- a/generator/cmd/build/build.go
+++ b/generator/cmd/build/build.go
@ -0,0 +1,346 @@
+package build
+
+import (
+	"errors"
+	"fmt"
+	"go/ast"
+	"go/parser"
+	"go/token"
+	"log/slog"
+	"os"
+	"os/exec"
+	"path"
+	"regexp"
+	"strings"
+)
+
+type Builder struct {
+	rootDir      string
+	SkipClone    bool
+	SkipCleanup  bool
+	PackagesOnly bool
+	Verbose      bool
+	Debug        bool
+}
+
+func (b *Builder) Build() error {
+	slog.Info("Starting Builder")
+	if b.PackagesOnly {
+		slog.Info("  >>> only generating pkg_gen <<<")
+	}
+
+	rootErr := b.determineRoot()
+	if rootErr != nil {
+		return rootErr
+	}
+
+	if !b.PackagesOnly {
+		if b.Verbose {
+			slog.Info("  ... Checking needed commands available")
+		}
+		chkErr := checkCommands([]string{})
+		if chkErr != nil {
+			return chkErr
+		}
+	}
+
+	// if !b.SkipCleanup {
+	//	slog.Info("Cleaning up old packages directory")
+	//	err := os.RemoveAll(path.Join(b.rootDir, "pkg_gen"))
+	//	if err != nil {
+	//		return err
+	//	}
+	//}
+	//
+	// if !b.SkipCleanup && !b.PackagesOnly {
+	//	slog.Info("Cleaning up old packages directory")
+	//	err := os.RemoveAll(path.Join(b.rootDir, "pkg_gen"))
+	//	if err != nil {
+	//		return err
+	//	}
+	//}
+
+	// slog.Info("Creating generator dir", "dir", fmt.Sprintf("%s/%s", *root, GEN_REPO_NAME))
+	// genDir := path.Join(*root, GEN_REPO_NAME)
+	// if !b.SkipClone {
+	//	err = createGeneratorDir(GEN_REPO, genDir, b.SkipClone)
+	//	if err != nil {
+	//		return err
+	//	}
+	//}
+
+	oasHandlerErr := b.oasHandler(path.Join(b.rootDir, "service_specs"))
+	if oasHandlerErr != nil {
+		return oasHandlerErr
+	}
+
+	// if !b.PackagesOnly {
+	//	slog.Info("Generating service boilerplate")
+	//	err = generateServiceFiles(*root, path.Join(*root, GEN_REPO_NAME))
+	//	if err != nil {
+	//		return err
+	//	}
+	//
+	//	slog.Info("Copying all service files")
+	//	err = CopyDirectory(
+	//		path.Join(*root, "generated", "internal", "services"),
+	//		path.Join(*root, "stackit", "internal", "services"),
+	//	)
+	//	if err != nil {
+	//		return err
+	//	}
+	//
+	//	err = createBoilerplate(*root, path.Join(*root, "stackit", "internal", "services"))
+	//	if err != nil {
+	//		return err
+	//	}
+	//}
+
+	// workaround to remove linter complain :D
+	if b.PackagesOnly && b.Verbose && b.SkipClone && b.SkipCleanup {
+		bpErr := createBoilerplate(b.rootDir, "boilerplate")
+		if bpErr != nil {
+			return bpErr
+		}
+	}
+
+	slog.Info("Done")
+	return nil
+}
+
+type templateData struct {
+	PackageName       string
+	PackageNameCamel  string
+	PackageNamePascal string
+	NameCamel         string
+	NamePascal        string
+	NameSnake         string
+	Fields            []string
+}
+
+func createBoilerplate(rootFolder, folder string) error {
+	services, err := os.ReadDir(folder)
+	if err != nil {
+		return err
+	}
+	for _, svc := range services {
+		if !svc.IsDir() {
+			continue
+		}
+		resources, err := os.ReadDir(path.Join(folder, svc.Name()))
+		if err != nil {
+			return err
+		}
+
+		var handleDS bool
+		var handleRes bool
+		var foundDS bool
+		var foundRes bool
+
+		for _, res := range resources {
+			if !res.IsDir() {
+				continue
+			}
+
+			resourceName := res.Name()
+
+			dsFile := path.Join(
+				folder,
+				svc.Name(),
+				res.Name(),
+				"datasources_gen",
+				fmt.Sprintf("%s_data_source_gen.go", res.Name()),
+			)
+			handleDS = FileExists(dsFile)
+
+			resFile := path.Join(
+				folder,
+				svc.Name(),
+				res.Name(),
+				"resources_gen",
+				fmt.Sprintf("%s_resource_gen.go", res.Name()),
+			)
+			handleRes = FileExists(resFile)
+
+			dsGoFile := path.Join(folder, svc.Name(), res.Name(), "datasource.go")
+			foundDS = FileExists(dsGoFile)
+
+			resGoFile := path.Join(folder, svc.Name(), res.Name(), "resource.go")
+			foundRes = FileExists(resGoFile)
+
+			if handleDS && !foundDS {
+				slog.Info("  creating missing datasource.go", "service", svc.Name(), "resource", resourceName)
+				if !ValidateSnakeCase(resourceName) {
+					return errors.New("resource name is invalid")
+				}
+
+				fields, tokenErr := getTokens(dsFile)
+				if tokenErr != nil {
+					return fmt.Errorf("error reading tokens: %w", tokenErr)
+				}
+
+				tplName := "data_source_scaffold.gotmpl"
+				err = writeTemplateToFile(
+					tplName,
+					path.Join(rootFolder, "cmd", "cmd", "build", "templates", tplName),
+					dsGoFile,
+					&templateData{
+						PackageName:       svc.Name(),
+						PackageNameCamel:  ToCamelCase(svc.Name()),
+						PackageNamePascal: ToPascalCase(svc.Name()),
+						NameCamel:         ToCamelCase(resourceName),
+						NamePascal:        ToPascalCase(resourceName),
+						NameSnake:         resourceName,
+						Fields:            fields,
+					},
+				)
+				if err != nil {
+					panic(err)
+				}
+			}
+
+			if handleRes && !foundRes {
+				slog.Info("  creating missing resource.go", "service", svc.Name(), "resource", resourceName)
+				if !ValidateSnakeCase(resourceName) {
+					return errors.New("resource name is invalid")
+				}
+
+				fields, tokenErr := getTokens(resFile)
+				if tokenErr != nil {
+					return fmt.Errorf("error reading tokens: %w", tokenErr)
+				}
+
+				tplName := "resource_scaffold.gotmpl"
+				err = writeTemplateToFile(
+					tplName,
+					path.Join(rootFolder, "cmd", "cmd", "build", "templates", tplName),
+					resGoFile,
+					&templateData{
+						PackageName:       svc.Name(),
+						PackageNameCamel:  ToCamelCase(svc.Name()),
+						PackageNamePascal: ToPascalCase(svc.Name()),
+						NameCamel:         ToCamelCase(resourceName),
+						NamePascal:        ToPascalCase(resourceName),
+						NameSnake:         resourceName,
+						Fields:            fields,
+					},
+				)
+				if err != nil {
+					return err
+				}
+
+				if !FileExists(path.Join(folder, svc.Name(), res.Name(), "functions.go")) {
+					slog.Info("  creating missing functions.go", "service", svc.Name(), "resource", resourceName)
+					if !ValidateSnakeCase(resourceName) {
+						return errors.New("resource name is invalid")
+					}
+					fncTplName := "functions_scaffold.gotmpl"
+					err = writeTemplateToFile(
+						fncTplName,
+						path.Join(rootFolder, "cmd", "cmd", "build", "templates", fncTplName),
+						path.Join(folder, svc.Name(), res.Name(), "functions.go"),
+						&templateData{
+							PackageName:       svc.Name(),
+							PackageNameCamel:  ToCamelCase(svc.Name()),
+							PackageNamePascal: ToPascalCase(svc.Name()),
+							NameCamel:         ToCamelCase(resourceName),
+							NamePascal:        ToPascalCase(resourceName),
+							NameSnake:         resourceName,
+						},
+					)
+					if err != nil {
+						return err
+					}
+				}
+			}
+		}
+	}
+	return nil
+}
+
+func handleLine(line string) (string, error) {
+	schemaRegex := regexp.MustCompile(`(\s+")(id)(": schema.[a-zA-Z0-9]+Attribute{)`)
+
+	schemaMatches := schemaRegex.FindAllStringSubmatch(line, -1)
+	if schemaMatches != nil {
+		return fmt.Sprintf("%stf_original_api_id%s", schemaMatches[0][1], schemaMatches[0][3]), nil
+	}
+
+	modelRegex := regexp.MustCompile(`(\s+Id\s+types.[a-zA-Z0-9]+\s+.tfsdk:")(id)(".)`)
+	modelMatches := modelRegex.FindAllStringSubmatch(line, -1)
+	if modelMatches != nil {
+		return fmt.Sprintf("%stf_original_api_id%s", modelMatches[0][1], modelMatches[0][3]), nil
+	}
+
+	return line, nil
+}
+
+func (b *Builder) determineRoot() error {
+	cmd := exec.Command("git", "rev-parse", "--show-toplevel")
+	out, err := cmd.Output()
+	if err != nil {
+		return err
+	}
+	lines := strings.Split(string(out), "\n")
+	if lines[0] == "" {
+		return fmt.Errorf("unable to determine root directory from git")
+	}
+	b.rootDir = lines[0]
+	if b.Verbose {
+		slog.Info("  ... using root", "dir", b.rootDir)
+	}
+
+	return nil
+}
+
+// func createGeneratorDir(repoUrl, targetDir string, skipClone bool) error {
+//	if !skipClone {
+//		if FileExists(targetDir) {
+//			remErr := os.RemoveAll(targetDir)
+//			if remErr != nil {
+//				return remErr
+//			}
+//		}
+//		_, cloneErr := git.Clone(
+//			clone.Repository(repoUrl),
+//			clone.Directory(targetDir),
+//		)
+//		if cloneErr != nil {
+//			return cloneErr
+//		}
+//	}
+//	return nil
+//}
+
+func getTokens(fileName string) ([]string, error) {
+	fset := token.NewFileSet()
+
+	var result []string
+
+	node, err := parser.ParseFile(fset, fileName, nil, parser.ParseComments)
+	if err != nil {
+		return nil, err
+	}
+
+	ast.Inspect(
+		node, func(n ast.Node) bool {
+			// Suche nach Typ-Deklarationen (structs)
+			ts, ok := n.(*ast.TypeSpec)
+			if ok {
+				if strings.Contains(ts.Name.Name, "Model") {
+					ast.Inspect(
+						ts, func(sn ast.Node) bool {
+							tts, tok := sn.(*ast.Field)
+							if tok {
+								result = append(result, tts.Names[0].String())
+							}
+							return true
+						},
+					)
+				}
+			}
+			return true
+		},
+	)
+	return result, nil
+}
--- a/generator/cmd/build/copy.go
+++ b/generator/cmd/build/copy.go
@ -0,0 +1,131 @@
+package build
+
+import (
+	"fmt"
+	"io"
+	"log/slog"
+	"os"
+	"path/filepath"
+	"syscall"
+)
+
+// Source - https://stackoverflow.com/a
+// Posted by Oleg Neumyvakin, modified by community. See post 'Timeline' for change history
+// Retrieved 2026-01-20, License - CC BY-SA 4.0
+
+func CopyDirectory(scrDir, dest string) error {
+	entries, err := os.ReadDir(scrDir)
+	if err != nil {
+		return err
+	}
+	for _, entry := range entries {
+		sourcePath := filepath.Join(scrDir, entry.Name())
+		destPath := filepath.Join(dest, entry.Name())
+
+		fileInfo, err := os.Stat(sourcePath)
+		if err != nil {
+			return err
+		}
+
+		stat, ok := fileInfo.Sys().(*syscall.Stat_t)
+		if !ok {
+			return fmt.Errorf("failed to get raw syscall.Stat_t data for '%s'", sourcePath)
+		}
+
+		switch fileInfo.Mode() & os.ModeType {
+		case os.ModeDir:
+			if err := CreateIfNotExists(destPath, 0o755); err != nil {
+				return err
+			}
+			if err := CopyDirectory(sourcePath, destPath); err != nil {
+				return err
+			}
+		case os.ModeSymlink:
+			if err := CopySymLink(sourcePath, destPath); err != nil {
+				return err
+			}
+		default:
+			if err := Copy(sourcePath, destPath); err != nil {
+				return err
+			}
+		}
+
+		if err := os.Lchown(destPath, int(stat.Uid), int(stat.Gid)); err != nil {
+			return err
+		}
+
+		fInfo, err := entry.Info()
+		if err != nil {
+			return err
+		}
+
+		isSymlink := fInfo.Mode()&os.ModeSymlink != 0
+		if !isSymlink {
+			if err := os.Chmod(destPath, fInfo.Mode()); err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}
+
+func Copy(srcFile, dstFile string) error {
+	out, err := os.Create(dstFile)
+	if err != nil {
+		return err
+	}
+
+	defer func(out *os.File) {
+		err := out.Close()
+		if err != nil {
+			slog.Error("failed to close file", slog.Any("err", err))
+		}
+	}(out)
+
+	in, err := os.Open(srcFile)
+	if err != nil {
+		return err
+	}
+
+	defer func(in *os.File) {
+		err := in.Close()
+		if err != nil {
+			slog.Error("error closing destination file", slog.Any("err", err))
+		}
+	}(in)
+
+	_, err = io.Copy(out, in)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func Exists(filePath string) bool {
+	if _, err := os.Stat(filePath); os.IsNotExist(err) {
+		return false
+	}
+
+	return true
+}
+
+func CreateIfNotExists(dir string, perm os.FileMode) error {
+	if Exists(dir) {
+		return nil
+	}
+
+	if err := os.MkdirAll(dir, perm); err != nil {
+		return fmt.Errorf("failed to create directory: '%s', error: '%s'", dir, err.Error())
+	}
+
+	return nil
+}
+
+func CopySymLink(source, dest string) error {
+	link, err := os.Readlink(source)
+	if err != nil {
+		return err
+	}
+	return os.Symlink(link, dest)
+}
--- a/generator/cmd/build/formats.go
+++ b/generator/cmd/build/formats.go
@ -0,0 +1,53 @@
+package build
+
+import (
+	"regexp"
+	"strings"
+	"unicode"
+	"unicode/utf8"
+)
+
+// snakeLetters will match to the first letter and an underscore followed by a letter
+var snakeLetters = regexp.MustCompile("(^[a-z])|_[a-z0-9]")
+
+func ToPascalCase(in string) string {
+	inputSplit := strings.Split(in, ".")
+
+	var ucName string
+
+	for _, v := range inputSplit {
+		if len(v) < 1 {
+			continue
+		}
+
+		firstChar := v[0:1]
+		ucFirstChar := strings.ToUpper(firstChar)
+
+		if len(v) < 2 {
+			ucName += ucFirstChar
+			continue
+		}
+
+		ucName += ucFirstChar + v[1:]
+	}
+
+	return snakeLetters.ReplaceAllStringFunc(ucName, func(s string) string {
+		return strings.ToUpper(strings.ReplaceAll(s, "_", ""))
+	})
+}
+
+func ToCamelCase(in string) string {
+	pascal := ToPascalCase(in)
+
+	// Grab first rune and lower case it
+	firstLetter, size := utf8.DecodeRuneInString(pascal)
+	if firstLetter == utf8.RuneError && size <= 1 {
+		return pascal
+	}
+
+	return string(unicode.ToLower(firstLetter)) + pascal[size:]
+}
+
+func ValidateSnakeCase(in string) bool {
+	return snakeLetters.MatchString(string(in))
+}
--- a/generator/cmd/build/functions.go
+++ b/generator/cmd/build/functions.go
@ -0,0 +1,120 @@
+package build
+
+import (
+	"fmt"
+	"log/slog"
+	"os"
+	"os/exec"
+	"strings"
+	"text/template"
+)
+
+func FileExists(pathValue string) bool {
+	_, err := os.Stat(pathValue)
+	if os.IsNotExist(err) {
+		return false
+	}
+	if err != nil {
+		panic(err)
+	}
+	return true
+}
+
+func ucfirst(s string) string {
+	if s == "" {
+		return ""
+	}
+	return strings.ToUpper(s[:1]) + s[1:]
+}
+
+func writeTemplateToFile(tplName, tplFile, outFile string, data *templateData) error {
+	fn := template.FuncMap{
+		"ucfirst": ucfirst,
+	}
+
+	tmpl, err := template.New(tplName).Funcs(fn).ParseFiles(tplFile)
+	if err != nil {
+		return err
+	}
+
+	var f *os.File
+	f, err = os.Create(outFile)
+	if err != nil {
+		return err
+	}
+
+	err = tmpl.Execute(f, *data)
+	if err != nil {
+		return err
+	}
+
+	err = f.Close()
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+/* saved for later
+func deleteFiles(fNames ...string) error {
+	for _, fName := range fNames {
+		if _, err := os.Stat(fName); !os.IsNotExist(err) {
+			err = os.Remove(fName)
+			if err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}
+
+func copyFile(src, dst string) (int64, error) {
+	sourceFileStat, err := os.Stat(src)
+	if err != nil {
+		return 0, err
+	}
+
+	if !sourceFileStat.Mode().IsRegular() {
+		return 0, fmt.Errorf("%s is not a regular file", src)
+	}
+
+	source, err := os.Open(src)
+	if err != nil {
+		return 0, err
+	}
+	defer func(source *os.File) {
+		err := source.Close()
+		if err != nil {
+			slog.Error("copyFile", "err", err)
+		}
+	}(source)
+
+	destination, err := os.Create(dst)
+	if err != nil {
+		return 0, err
+	}
+	defer func(destination *os.File) {
+		err := destination.Close()
+		if err != nil {
+			slog.Error("copyFile", "err", err)
+		}
+	}(destination)
+	nBytes, err := io.Copy(destination, source)
+	return nBytes, err
+}
+*/
+
+func checkCommands(commands []string) error {
+	for _, commandName := range commands {
+		if !commandExists(commandName) {
+			return fmt.Errorf("missing command %s", commandName)
+		}
+		slog.Info("        found", "command", commandName)
+	}
+	return nil
+}
+
+func commandExists(cmd string) bool {
+	_, err := exec.LookPath(cmd)
+	return err == nil
+}
--- a/generator/cmd/build/oas-handler.go
+++ b/generator/cmd/build/oas-handler.go
@ -0,0 +1,446 @@
+package build
+
+import (
+	"bufio"
+	"bytes"
+	"errors"
+	"fmt"
+	"log"
+	"log/slog"
+	"os"
+	"os/exec"
+	"path"
+	"regexp"
+	"strings"
+
+	"gopkg.in/yaml.v3"
+
+	"github.com/ldez/go-git-cmd-wrapper/v2/clone"
+	"github.com/ldez/go-git-cmd-wrapper/v2/git"
+)
+
+const (
+	OasRepoName = "stackit-api-specifications"
+	OasRepo     = "https://github.com/stackitcloud/stackit-api-specifications.git"
+
+	ResTypeResource   = "resources"
+	ResTypeDataSource = "datasources"
+)
+
+type Data struct {
+	ServiceName string    `yaml:",omitempty" json:",omitempty"`
+	Versions    []Version `yaml:"versions" json:"versions"`
+}
+
+type Version struct {
+	Name string `yaml:"name" json:"name"`
+	Path string `yaml:"path" json:"path"`
+}
+
+var oasTempDir string
+
+func (b *Builder) oasHandler(specDir string) error {
+	if b.Verbose {
+		slog.Info("creating schema files", "dir", specDir)
+	}
+	if _, err := os.Stat(specDir); os.IsNotExist(err) {
+		return fmt.Errorf("spec files directory does not exist")
+	}
+
+	err := b.createRepoDir(b.SkipClone)
+	if err != nil {
+		return fmt.Errorf("%s", err.Error())
+	}
+
+	err2 := b.handleServices(specDir)
+	if err2 != nil {
+		return err2
+	}
+
+	if !b.SkipCleanup {
+		if b.Verbose {
+			slog.Info("Finally removing temporary files and directories")
+		}
+		err := os.RemoveAll(path.Join(b.rootDir, "generated"))
+		if err != nil {
+			slog.Error("RemoveAll", "dir", path.Join(b.rootDir, "generated"), "err", err)
+			return err
+		}
+
+		err = os.RemoveAll(oasTempDir)
+		if err != nil {
+			slog.Error("RemoveAll", "dir", oasTempDir, "err", err)
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (b *Builder) handleServices(specDir string) error {
+	services, err := os.ReadDir(specDir)
+	if err != nil {
+		return err
+	}
+
+	for _, svc := range services {
+		if !svc.IsDir() {
+			continue
+		}
+
+		if b.Verbose {
+			slog.Info("  ... found", "service", svc.Name())
+		}
+		var svcVersions Data
+		svcVersions.ServiceName = svc.Name()
+
+		versionsErr := b.getServiceVersions(path.Join(specDir, svc.Name(), "generator_settings.yml"), &svcVersions)
+		if versionsErr != nil {
+			return versionsErr
+		}
+
+		oasSpecErr := b.generateServiceFiles(&svcVersions)
+		if oasSpecErr != nil {
+			return oasSpecErr
+		}
+	}
+	return nil
+}
+
+func (b *Builder) getServiceVersions(confFile string, data *Data) error {
+	if _, cfgFileErr := os.Stat(confFile); os.IsNotExist(cfgFileErr) {
+		return fmt.Errorf("config file does not exist")
+	}
+
+	fileContent, fileErr := os.ReadFile(confFile)
+	if fileErr != nil {
+		return fileErr
+	}
+	convErr := yaml.Unmarshal(fileContent, &data)
+	if convErr != nil {
+		return convErr
+	}
+
+	return nil
+}
+
+func (b *Builder) createRepoDir(skipClone bool) error {
+	tmpDirName, err := os.MkdirTemp("", "oasbuild")
+	if err != nil {
+		return err
+	}
+	oasTempDir = path.Join(tmpDirName, OasRepoName)
+	slog.Info("Creating oas repo dir", "dir", oasTempDir)
+	if !skipClone {
+		if FileExists(oasTempDir) {
+			slog.Warn("target dir exists - skipping", "targetDir", oasTempDir)
+			return nil
+		}
+		out, cloneErr := git.Clone(
+			clone.Repository(OasRepo),
+			clone.Directory(oasTempDir),
+		)
+		if cloneErr != nil {
+			slog.Error("git clone error", "output", out)
+			return cloneErr
+		}
+		if b.Verbose {
+			slog.Info("git clone result", "output", out)
+		}
+	}
+	return nil
+}
+
+func (b *Builder) generateServiceFiles(data *Data) error {
+	err := os.MkdirAll(path.Join(b.rootDir, "generated", "specs"), 0o750)
+	if err != nil {
+		return err
+	}
+
+	for _, v := range data.Versions {
+		specFiles, specsErr := os.ReadDir(path.Join(b.rootDir, "service_specs", data.ServiceName, v.Name))
+		if specsErr != nil {
+			return specsErr
+		}
+		for _, specFile := range specFiles {
+			if specFile.IsDir() {
+				continue
+			}
+			r := regexp.MustCompile(`^(.*)_config.yml$`)
+			matches := r.FindAllStringSubmatch(specFile.Name(), -1)
+			if matches == nil {
+				slog.Warn("    skipping file (no regex match)", "file", specFile.Name())
+				continue
+			}
+
+			srcSpecFile := path.Join(b.rootDir, "service_specs", data.ServiceName, v.Name, specFile.Name())
+
+			if matches[0][0] != specFile.Name() {
+				return fmt.Errorf("matched filename differs from original filename - this should not happen")
+			}
+			resource := matches[0][1]
+			if b.Verbose {
+				slog.Info(
+					"    found service spec",
+					"service",
+					data.ServiceName,
+					"resource",
+					resource,
+					"file",
+					specFile.Name(),
+				)
+			}
+
+			oasFile := path.Join(
+				oasTempDir,
+				"services",
+				data.ServiceName,
+				v.Path,
+				fmt.Sprintf("%s.json", data.ServiceName),
+			)
+			if _, oasErr := os.Stat(oasFile); os.IsNotExist(oasErr) {
+				slog.Warn(
+					"        could not find matching oas",
+					"svc",
+					data.ServiceName,
+					"version",
+					v.Name,
+				)
+				continue
+			}
+
+			// determine correct target service name
+			scName := fmt.Sprintf("%s%s", data.ServiceName, v.Name)
+			scName = strings.ReplaceAll(scName, "-", "")
+
+			specJSONFile := path.Join(
+				b.rootDir,
+				"generated",
+				"specs",
+				fmt.Sprintf("%s_%s_spec.json", scName, resource),
+			)
+
+			cmdErr := b.runTerraformPluginGenOpenAPI(srcSpecFile, specJSONFile, oasFile)
+			if cmdErr != nil {
+				return cmdErr
+			}
+
+			cmdResGenErr := b.runTerraformPluginGenFramework(ResTypeResource, scName, resource, specJSONFile)
+			if cmdResGenErr != nil {
+				return cmdResGenErr
+			}
+
+			cmdDsGenErr := b.runTerraformPluginGenFramework(ResTypeDataSource, scName, resource, specJSONFile)
+			if cmdDsGenErr != nil {
+				return cmdDsGenErr
+			}
+		}
+	}
+
+	return nil
+}
+
+func (b *Builder) runTerraformPluginGenFramework(resType, svcName, resource, specJSONFile string) error {
+	var stdOut, stdErr bytes.Buffer
+	tgtFolder := path.Join(
+		b.rootDir,
+		"stackit",
+		"internal",
+		"services",
+		svcName,
+		resource,
+		fmt.Sprintf("%s_gen", resType),
+	)
+
+	//nolint:gosec // this file is not sensitive, so we can use 0755
+	err := os.MkdirAll(tgtFolder, 0o755)
+	if err != nil {
+		return err
+	}
+
+	var subCmd string
+	switch resType {
+	case ResTypeResource:
+		subCmd = "resources"
+	case ResTypeDataSource:
+		subCmd = "data-sources"
+	default:
+		return fmt.Errorf("unknown resource type given: %s", resType)
+	}
+
+	// nolint:gosec // #nosec this command is not using any untrusted input, so we can ignore gosec warning
+	cmd := exec.Command(
+		"tfplugingen-framework",
+		"generate",
+		subCmd,
+		"--input",
+		specJSONFile,
+		"--output",
+		tgtFolder,
+		"--package",
+		svcName,
+	)
+
+	cmd.Stdout = &stdOut
+	cmd.Stderr = &stdErr
+	if err = cmd.Start(); err != nil {
+		slog.Error(fmt.Sprintf("tfplugingen-framework generate %s", resType), "error", err)
+		return err
+	}
+
+	if err = cmd.Wait(); err != nil {
+		var exitErr *exec.ExitError
+		if errors.As(err, &exitErr) {
+			slog.Error(
+				fmt.Sprintf("tfplugingen-framework generate %s", resType),
+				"code",
+				exitErr.ExitCode(),
+				"error",
+				err,
+				"stdout",
+				stdOut.String(),
+				"stderr",
+				stdErr.String(),
+			)
+			return fmt.Errorf("%s", stdErr.String())
+		}
+		if err != nil {
+			slog.Error(
+				fmt.Sprintf("tfplugingen-framework generate %s", resType),
+				"err",
+				err,
+				"stdout",
+				stdOut.String(),
+				"stderr",
+				stdErr.String(),
+			)
+			return err
+		}
+	}
+
+	if resType == ResTypeDataSource {
+		tfAnoErr := b.handleTfTagForDatasourceFile(
+			path.Join(tgtFolder, fmt.Sprintf("%s_data_source_gen.go", resource)),
+			svcName,
+			resource,
+		)
+		if tfAnoErr != nil {
+			return tfAnoErr
+		}
+	}
+
+	return nil
+}
+
+func (b *Builder) runTerraformPluginGenOpenAPI(srcSpecFile, specJSONFile, oasFile string) error {
+	var stdOut, stdErr bytes.Buffer
+
+	// nolint:gosec // #nosec this command is not using any untrusted input, so we can ignore gosec warning
+	cmd := exec.Command(
+		"tfplugingen-openapi",
+		"generate",
+		"--config",
+		srcSpecFile,
+		"--output",
+		specJSONFile,
+		oasFile,
+	)
+	cmd.Stdout = &stdOut
+	cmd.Stderr = &stdErr
+
+	if err := cmd.Start(); err != nil {
+		slog.Error(
+			"tfplugingen-openapi generate",
+			"error",
+			err,
+			"stdOut",
+			stdOut.String(),
+			"stdErr",
+			stdErr.String(),
+		)
+		return err
+	}
+
+	if err := cmd.Wait(); err != nil {
+		var exitErr *exec.ExitError
+		if errors.As(err, &exitErr) {
+			slog.Error(
+				"tfplugingen-openapi generate",
+				"code",
+				exitErr.ExitCode(),
+				"error",
+				err,
+				"stdout",
+				stdOut.String(),
+				"stderr",
+				stdErr.String(),
+			)
+			return fmt.Errorf("%s", stdErr.String())
+		}
+		if err != nil {
+			slog.Error(
+				"tfplugingen-openapi generate",
+				"err",
+				err,
+				"stdout",
+				stdOut.String(),
+				"stderr",
+				stdErr.String(),
+			)
+			return err
+		}
+	}
+	if stdOut.Len() > 0 {
+		slog.Warn("    command output", "stdout", stdOut.String(), "stderr", stdErr.String())
+	}
+
+	return nil
+}
+
+// handleTfTagForDatasourceFile replaces existing "id" with "stf_original_api_id"
+func (b *Builder) handleTfTagForDatasourceFile(filePath, service, resource string) error {
+	if b.Verbose {
+		slog.Info("   handle terraform tag for datasource", "service", service, "resource", resource)
+	}
+	if !FileExists(filePath) {
+		slog.Warn("        could not find file, skipping", "path", filePath)
+		return nil
+	}
+	f, err := os.Open(filePath)
+	if err != nil {
+		return err
+	}
+
+	tmp, err := os.CreateTemp(b.rootDir, "replace-*")
+	if err != nil {
+		return err
+	}
+
+	sc := bufio.NewScanner(f)
+	for sc.Scan() {
+		resLine, err := handleLine(sc.Text())
+		if err != nil {
+			return err
+		}
+		if _, err := tmp.WriteString(resLine + "\n"); err != nil {
+			return err
+		}
+	}
+	if scErr := sc.Err(); scErr != nil {
+		return scErr
+	}
+
+	if err := tmp.Close(); err != nil {
+		return err
+	}
+
+	if err := f.Close(); err != nil {
+		return err
+	}
+
+	//nolint:gosec // path traversal is not a concern here
+	if err := os.Rename(tmp.Name(), filePath); err != nil {
+		log.Fatal(err)
+	}
+	return nil
+}
--- a/generator/cmd/build/templates/data_source_scaffold.gotmpl
+++ b/generator/cmd/build/templates/data_source_scaffold.gotmpl
@ -0,0 +1,148 @@
+package {{.PackageName}}
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+
+	"github.com/hashicorp/terraform-plugin-framework/datasource"
+	"github.com/hashicorp/terraform-plugin-framework/datasource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+	"github.com/hashicorp/terraform-plugin-log/tflog"
+	"github.com/stackitcloud/stackit-sdk-go/core/config"
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/conversion"
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/core"
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/utils"
+
+    {{.PackageName}}Pkg "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/pkg_gen/{{.PackageName}}"
+
+    {{.PackageName}}Gen "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/services/{{.PackageName}}/{{.NameSnake}}/datasources_gen"
+)
+
+var _ datasource.DataSource = (*{{.NameCamel}}DataSource)(nil)
+
+const errorPrefix = "[{{.PackageNamePascal}} - {{.NamePascal}}]"
+
+func New{{.NamePascal}}DataSource() datasource.DataSource {
+	return &{{.NameCamel}}DataSource{}
+}
+
+type dsModel struct {
+	{{.PackageName}}Gen.{{.NamePascal}}Model
+	TfId types.String `tfsdk:"id"`
+}
+
+type {{.NameCamel}}DataSource struct{
+	client       *{{.PackageName}}Pkg.APIClient
+	providerData core.ProviderData
+}
+
+func (d *{{.NameCamel}}DataSource) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) {
+	resp.TypeName = req.ProviderTypeName + "_{{.PackageName}}_{{.NameSnake}}"
+}
+
+func (d *{{.NameCamel}}DataSource) Schema(ctx context.Context, _ datasource.SchemaRequest, resp *datasource.SchemaResponse) {
+	resp.Schema = {{.PackageName}}Gen.{{.NamePascal}}DataSourceSchema(ctx)
+    resp.Schema.Attributes["id"] = schema.StringAttribute{
+        Computed:            true,
+        Description:         "The terraform internal identifier.",
+        MarkdownDescription: "The terraform internal identifier.",
+    }
+}
+
+// Configure adds the provider configured client to the data source.
+func (d *{{.NameCamel}}DataSource) Configure(
+	ctx context.Context,
+	req datasource.ConfigureRequest,
+	resp *datasource.ConfigureResponse,
+) {
+	var ok bool
+	d.providerData, ok = conversion.ParseProviderData(ctx, req.ProviderData, &resp.Diagnostics)
+	if !ok {
+		return
+	}
+
+	apiClientConfigOptions := []config.ConfigurationOption{
+		config.WithCustomAuth(d.providerData.RoundTripper),
+		utils.UserAgentConfigOption(d.providerData.Version),
+	}
+	if d.providerData.{{.PackageNamePascal}}CustomEndpoint != "" {
+		apiClientConfigOptions = append(
+			apiClientConfigOptions,
+			config.WithEndpoint(d.providerData.{{.PackageNamePascal}}CustomEndpoint),
+		)
+	} else {
+		apiClientConfigOptions = append(
+			apiClientConfigOptions,
+			config.WithRegion(d.providerData.GetRegion()),
+		)
+	}
+	apiClient, err := {{.PackageName}}Pkg.NewAPIClient(apiClientConfigOptions...)
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Error configuring API client",
+			fmt.Sprintf(
+				"Configuring client: %v. This is an error related to the provider configuration, not to the resource configuration",
+				err,
+			),
+		)
+		return
+	}
+	d.client = apiClient
+	tflog.Info(ctx, fmt.Sprintf("%s client configured", errorPrefix))
+}
+
+func (d *{{.NameCamel}}DataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
+	var data dsModel
+
+	// Read Terraform configuration data into the model
+	resp.Diagnostics.Append(req.Config.Get(ctx, &data)...)
+
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	ctx = core.InitProviderContext(ctx)
+
+	projectId := data.ProjectId.ValueString()
+	region := d.providerData.GetRegionWithOverride(data.Region)
+	{{.NameCamel}}Id := data.{{.NamePascal}}Id.ValueString()
+
+	ctx = tflog.SetField(ctx, "project_id", projectId)
+	ctx = tflog.SetField(ctx, "region", region)
+
+	// TODO: implement needed fields
+	ctx = tflog.SetField(ctx, "{{.NameCamel}}_id", {{.NameCamel}}Id)
+
+    // TODO: refactor to correct implementation
+	{{.NameCamel}}Resp, err := d.client.Get{{.NamePascal}}Request(ctx, projectId, region, {{.NameCamel}}Id).Execute()
+	if err != nil {
+		utils.LogError(
+			ctx,
+			&resp.Diagnostics,
+			err,
+			"Reading {{.NameCamel}}",
+			fmt.Sprintf("{{.NameCamel}} with ID %q does not exist in project %q.", {{.NameCamel}}Id, projectId),
+			map[int]string{
+				http.StatusForbidden: fmt.Sprintf("Project with ID %q not found or forbidden access", projectId),
+			},
+		)
+		resp.State.RemoveResource(ctx)
+		return
+	}
+
+	ctx = core.LogResponse(ctx)
+
+
+	data.TfId = utils.BuildInternalTerraformId(projectId, region, ..)
+
+	// TODO: fill remaining fields
+{{- range .Fields }}
+    // data.{{.}} = types.Sometype(apiResponse.Get{{.}}())
+{{- end -}}
+
+	// Save data into Terraform state
+	resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
+
+	tflog.Info(ctx, fmt.Sprintf("%s read successful", errorPrefix))
+}
--- a/generator/cmd/build/templates/functions_scaffold.gotmpl
+++ b/generator/cmd/build/templates/functions_scaffold.gotmpl
@ -0,0 +1,98 @@
+package {{.PackageName}}
+
+import (
+	"context"
+	"fmt"
+	"math"
+
+	"github.com/hashicorp/terraform-plugin-framework/attr"
+	"github.com/hashicorp/terraform-plugin-framework/diag"
+	"github.com/hashicorp/terraform-plugin-framework/resource"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/conversion"
+
+	{{.PackageName}} "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/pkg_gen/{{.PackageName}}"
+	{{.PackageName}}ResGen "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/services/{{.PackageName}}/instance/resources_gen"
+)
+
+func mapResponseToModel(
+	ctx context.Context,
+	resp *{{.PackageName}}.Get{{.NamePascal}}Response,
+	m *{{.PackageName}}ResGen.{{.NamePascal}}Model,
+	tfDiags diag.Diagnostics,
+) error {
+    // TODO: complete and refactor
+	m.Id = types.StringValue(resp.GetId())
+
+    /*
+	sampleList, diags := types.ListValueFrom(ctx, types.StringType, resp.GetList())
+	tfDiags.Append(diags...)
+	if diags.HasError() {
+		return fmt.Errorf(
+			"error converting list response value",
+		)
+	}
+	sample, diags := {{.PackageName}}ResGen.NewSampleValue(
+		{{.PackageName}}ResGen.SampleValue{}.AttributeTypes(ctx),
+		map[string]attr.Value{
+			"field":     types.StringValue(string(resp.GetField())),
+		},
+	)
+	tfDiags.Append(diags...)
+	if diags.HasError() {
+		return fmt.Errorf(
+			"error converting sample response value",
+			"sample",
+			types.StringValue(string(resp.GetField())),
+		)
+	}
+	m.Sample = sample
+	*/
+	return nil
+}
+
+func handleEncryption(
+	m *{{.PackageName}}ResGen.{{.NamePascal}}Model,
+	resp *{{.PackageName}}.Get{{.NamePascal}}Response,
+) {{.PackageName}}ResGen.EncryptionValue {
+	if !resp.HasEncryption() ||
+		resp.Encryption == nil ||
+		resp.Encryption.KekKeyId == nil ||
+		resp.Encryption.KekKeyRingId == nil ||
+		resp.Encryption.KekKeyVersion == nil ||
+		resp.Encryption.ServiceAccount == nil {
+
+		if m.Encryption.IsNull() || m.Encryption.IsUnknown() {
+			return {{.PackageName}}ResGen.NewEncryptionValueNull()
+		}
+		return m.Encryption
+	}
+
+	enc := {{.PackageName}}ResGen.NewEncryptionValueNull()
+	if kVal, ok := resp.Encryption.GetKekKeyIdOk(); ok {
+		enc.KekKeyId = types.StringValue(kVal)
+	}
+	if kkVal, ok := resp.Encryption.GetKekKeyRingIdOk(); ok {
+		enc.KekKeyRingId = types.StringValue(kkVal)
+	}
+	if kkvVal, ok := resp.Encryption.GetKekKeyVersionOk(); ok {
+		enc.KekKeyVersion = types.StringValue(kkvVal)
+	}
+	if sa, ok := resp.Encryption.GetServiceAccountOk(); ok {
+		enc.ServiceAccount = types.StringValue(sa)
+	}
+	return enc
+}
+
+func toCreatePayload(
+	ctx context.Context,
+	model *{{.PackageName}}ResGen.{{.NamePascal}}Model,
+) (*{{.PackageName}}.Create{{.NamePascal}}RequestPayload, error) {
+	if model == nil {
+		return nil, fmt.Errorf("nil model")
+	}
+
+	return &{{.PackageName}}.Create{{.NamePascal}}RequestPayload{
+	    // TODO: fill fields
+	}, nil
+}
--- a/generator/cmd/build/templates/provider_scaffold.gotmpl
+++ b/generator/cmd/build/templates/provider_scaffold.gotmpl
@ -0,0 +1,39 @@
+package {{.PackageName}}
+
+import (
+	"context"
+
+	"github.com/hashicorp/terraform-plugin-framework/datasource"
+	"github.com/hashicorp/terraform-plugin-framework/provider"
+	"github.com/hashicorp/terraform-plugin-framework/resource"
+)
+
+var _ provider.Provider = (*{{.NameCamel}}Provider)(nil)
+
+func New() func() provider.Provider {
+	return func() provider.Provider {
+		return &{{.NameCamel}}Provider{}
+	}
+}
+
+type {{.NameCamel}}Provider struct{}
+
+func (p *{{.NameCamel}}Provider) Schema(ctx context.Context, req provider.SchemaRequest, resp *provider.SchemaResponse) {
+
+}
+
+func (p *{{.NameCamel}}Provider) Configure(ctx context.Context, req provider.ConfigureRequest, resp *provider.ConfigureResponse) {
+
+}
+
+func (p *{{.NameCamel}}Provider) Metadata(ctx context.Context, req provider.MetadataRequest, resp *provider.MetadataResponse) {
+	resp.TypeName = "{{.NameSnake}}"
+}
+
+func (p *{{.NameCamel}}Provider) DataSources(ctx context.Context) []func() datasource.DataSource {
+	return []func() datasource.DataSource{}
+}
+
+func (p *{{.NameCamel}}Provider) Resources(ctx context.Context) []func() resource.Resource {
+	return []func() resource.Resource{}
+}
--- a/generator/cmd/build/templates/resource_scaffold.gotmpl
+++ b/generator/cmd/build/templates/resource_scaffold.gotmpl
@ -0,0 +1,429 @@
+package {{.PackageName}}
+
+import (
+	"context"
+	_ "embed"
+	"fmt"
+	"strings"
+
+	"github.com/hashicorp/terraform-plugin-framework/path"
+	"github.com/hashicorp/terraform-plugin-framework/resource"
+	"github.com/hashicorp/terraform-plugin-framework/resource/identityschema"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+	"github.com/hashicorp/terraform-plugin-log/tflog"
+	"github.com/stackitcloud/stackit-sdk-go/core/config"
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/conversion"
+
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/pkg_gen/{{.PackageName}}"
+
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/core"
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/utils"
+
+	{{.PackageName}}ResGen "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/services/{{.PackageName}}/{{.NameSnake}}/resources_gen"
+)
+
+var (
+	_ resource.Resource                = &{{.NameCamel}}Resource{}
+	_ resource.ResourceWithConfigure   = &{{.NameCamel}}Resource{}
+	_ resource.ResourceWithImportState = &{{.NameCamel}}Resource{}
+	_ resource.ResourceWithModifyPlan  = &{{.NameCamel}}Resource{}
+	_ resource.ResourceWithIdentity    = &{{.NameCamel}}Resource{}
+)
+
+func New{{.NamePascal}}Resource() resource.Resource {
+	return &{{.NameCamel}}Resource{}
+}
+
+type {{.NameCamel}}Resource struct{
+	client       *{{.PackageName}}.APIClient
+	providerData core.ProviderData
+}
+
+// resourceModel represents the Terraform resource state
+type resourceModel = {{.PackageName}}.{{.NamePascal}}Model
+
+type {{.NamePascal}}ResourceIdentityModel struct {
+	ProjectID  types.String `tfsdk:"project_id"`
+	Region     types.String `tfsdk:"region"`
+	// TODO: implement further needed parts
+	{{.NamePascal}}ID types.String `tfsdk:"{{.NameSnake}}_id"`
+}
+
+// Metadata defines terraform resource name
+func (r *{{.NameCamel}}Resource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
+	resp.TypeName = req.ProviderTypeName + "_{{.PackageName}}_{{.NameSnake}}"
+}
+
+//go:embed planModifiers.yaml
+var modifiersFileByte []byte
+
+// Schema loads the schema from generated files and adds plan modifiers
+func (r *{{.NameCamel}}Resource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) {
+	schema = {{.PackageName}}ResGen.{{.NamePascal}}ResourceSchema(ctx)
+
+    fields, err := {{.PackageName}}Utils.ReadModifiersConfig(modifiersFileByte)
+    if err != nil {
+        resp.Diagnostics.AddError("error during read modifiers config file", err.Error())
+        return
+    }
+
+    err = {{.PackageName}}Utils.AddPlanModifiersToResourceSchema(fields, &schema)
+    if err != nil {
+        resp.Diagnostics.AddError("error adding plan modifiers", err.Error())
+        return
+    }
+    resp.Schema = schema
+}
+
+// IdentitySchema defines the identity schema
+func (r *instanceResource) IdentitySchema(_ context.Context, _ resource.IdentitySchemaRequest, resp *resource.IdentitySchemaResponse) {
+	resp.IdentitySchema = identityschema.Schema{
+		Attributes: map[string]identityschema.Attribute{
+			"project_id": identityschema.StringAttribute{
+				RequiredForImport: true, // must be set during import by the practitioner
+			},
+			"region": identityschema.StringAttribute{
+				RequiredForImport: true, // can be defaulted by the provider configuration
+			},
+			"instance_id": identityschema.StringAttribute{
+				RequiredForImport: true, // can be defaulted by the provider configuration
+			},
+			// TODO: implement remaining schema parts
+		},
+	}
+}
+
+// Configure adds the provider configured client to the resource.
+func (r *{{.NameCamel}}Resource) Configure(
+	ctx context.Context,
+	req resource.ConfigureRequest,
+	resp *resource.ConfigureResponse,
+) {
+	var ok bool
+	r.providerData, ok = conversion.ParseProviderData(ctx, req.ProviderData, &resp.Diagnostics)
+	if !ok {
+		return
+	}
+
+	apiClientConfigOptions := []config.ConfigurationOption{
+		config.WithCustomAuth(r.providerData.RoundTripper),
+		utils.UserAgentConfigOption(r.providerData.Version),
+	}
+	if r.providerData.{{.PackageNamePascal}}CustomEndpoint != "" {
+		apiClientConfigOptions = append(apiClientConfigOptions, config.WithEndpoint(r.providerData.{{.PackageName}}CustomEndpoint))
+	} else {
+		apiClientConfigOptions = append(apiClientConfigOptions, config.WithRegion(r.providerData.GetRegion()))
+	}
+	apiClient, err := {{.PackageName}}.NewAPIClient(apiClientConfigOptions...)
+	if err != nil {
+		resp.Diagnostics.AddError(
+		    "Error configuring API client",
+		    fmt.Sprintf(
+		        "Configuring client: %v. This is an error related to the provider configuration, not to the resource configuration",
+		        err,
+            ),
+        )
+		return
+	}
+	r.client = apiClient
+	tflog.Info(ctx, "{{.PackageName}}.{{.NamePascal}} client configured")
+}
+
+// ModifyPlan implements resource.ResourceWithModifyPlan.
+// Use the modifier to set the effective region in the current plan.
+func (r *{{.NameCamel}}Resource) ModifyPlan(
+	ctx context.Context,
+	req resource.ModifyPlanRequest,
+	resp *resource.ModifyPlanResponse,
+) { // nolint:gocritic // function signature required by Terraform
+
+	// skip initial empty configuration to avoid follow-up errors
+	if req.Config.Raw.IsNull() {
+		return
+	}
+	var configModel {{.PackageName}}ResGen.{{.NamePascal}}Model
+	resp.Diagnostics.Append(req.Config.Get(ctx, &configModel)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	if req.Plan.Raw.IsNull() {
+		return
+	}
+	var planModel {{.PackageName}}ResGen.{{.NamePascal}}Model
+	resp.Diagnostics.Append(req.Plan.Get(ctx, &planModel)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	utils.AdaptRegion(ctx, configModel.Region, &planModel.Region, r.providerData.GetRegion(), resp)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	resp.Diagnostics.Append(resp.Plan.Set(ctx, planModel)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+}
+
+// Create creates a new resource
+func (r *{{.NameCamel}}Resource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) {
+	var data {{.PackageName}}ResGen.{{.NamePascal}}Model
+
+	// Read Terraform plan data into the model
+	resp.Diagnostics.Append(req.Plan.Get(ctx, &data)...)
+
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	ctx = core.InitProviderContext(ctx)
+
+	projectId := data.ProjectId.ValueString()
+	region := data.Region.ValueString()
+	ctx = tflog.SetField(ctx, "project_id", projectId)
+	ctx = tflog.SetField(ctx, "region", region)
+	// TODO: add remaining fields
+
+	// TODO: Create API call logic
+	/*
+		// Generate API request body from model
+    	payload, err := toCreatePayload(ctx, &model)
+    	if err != nil {
+    		core.LogAndAddError(
+    			ctx,
+    			&resp.Diagnostics,
+    			"Error creating {{.NamePascal}}",
+    			fmt.Sprintf("Creating API payload: %v", err),
+    		)
+    		return
+    	}
+    	// Create new {{.NamePascal}}
+    	createResp, err := r.client.Create{{.NamePascal}}Request(
+    		ctx,
+    		projectId,
+    		region,
+    	).Create{{.NamePascal}}RequestPayload(*payload).Execute()
+    	if err != nil {
+    		core.LogAndAddError(ctx, &resp.Diagnostics, "Error creating {{.NamePascal}}", fmt.Sprintf("Calling API: %v", err))
+    		return
+    	}
+
+    	ctx = core.LogResponse(ctx)
+
+    	{{.NamePascal}}Id := *createResp.Id
+    */
+
+	// Example data value setting
+	data.{{.NameCamel | ucfirst}}Id = types.StringValue("id-from-response")
+
+	// TODO: Set data returned by API in identity
+	identity := {{.NamePascal}}ResourceIdentityModel{
+		ProjectID:  types.StringValue(projectId),
+		Region:     types.StringValue(region),
+		// TODO: add missing values
+		{{.NamePascal}}ID: types.StringValue({{.NamePascal}}Id),
+	}
+	resp.Diagnostics.Append(resp.Identity.Set(ctx, identity)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	// TODO: implement wait handler if needed
+	/*
+
+		waitResp, err := wait.Create{{.NamePascal}}WaitHandler(
+    		ctx,
+    		r.client,
+    		projectId,
+    		{{.NamePascal}}Id,
+    		region,
+    	).SetSleepBeforeWait(
+    		30 * time.Second,
+    	).SetTimeout(
+    		90 * time.Minute,
+    	).WaitWithContext(ctx)
+    	if err != nil {
+    		core.LogAndAddError(
+    			ctx,
+    			&resp.Diagnostics,
+    			"Error creating {{.NamePascal}}",
+    			fmt.Sprintf("{{.NamePascal}} creation waiting: %v", err),
+    		)
+    		return
+    	}
+
+    	if waitResp.Id == nil {
+    		core.LogAndAddError(
+    			ctx,
+    			&resp.Diagnostics,
+    			"Error creating {{.NamePascal}}",
+    			"{{.NamePascal}} creation waiting: returned id is nil",
+    		)
+    		return
+    	}
+
+    	// Map response body to schema
+    	err = mapResponseToModel(ctx, waitResp, &model, resp.Diagnostics)
+    	if err != nil {
+    		core.LogAndAddError(
+    			ctx,
+    			&resp.Diagnostics,
+    			"Error creating {{.NamePascal}}",
+    			fmt.Sprintf("Processing API payload: %v", err),
+    		)
+    		return
+    	}
+
+	*/
+
+	// Save data into Terraform state
+	resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
+
+	tflog.Info(ctx, "{{.PackageName}}.{{.NamePascal}} created")
+}
+
+func (r *{{.NameCamel}}Resource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) {
+	var data {{.PackageName}}ResGen.{{.NamePascal}}Model
+
+	// Read Terraform prior state data into the model
+	resp.Diagnostics.Append(req.State.Get(ctx, &data)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	// Read identity data
+	var identityData {{.NamePascal}}ResourceIdentityModel
+	resp.Diagnostics.Append(req.Identity.Get(ctx, &identityData)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+
+	ctx = core.InitProviderContext(ctx)
+
+	projectId := identityData.ProjectID.ValueString()
+	region := identityData.Region.ValueString()
+	ctx = tflog.SetField(ctx, "project_id", projectId)
+	ctx = tflog.SetField(ctx, "region", region)
+
+	// TODO: Read API call logic
+
+	// Save updated data into Terraform state
+	resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
+
+	// TODO: Set data returned by API in identity
+	identity := {{.NamePascal}}ResourceIdentityModel{
+		ProjectID:  types.StringValue(projectId),
+		Region:     types.StringValue(region),
+		// InstanceID: types.StringValue(instanceId),
+	}
+	resp.Diagnostics.Append(resp.Identity.Set(ctx, identity)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	tflog.Info(ctx, "{{.PackageName}}.{{.NamePascal}} read")
+}
+
+func (r *{{.NameCamel}}Resource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) {
+	var data {{.PackageName}}ResGen.{{.NamePascal}}Model
+
+	// Read Terraform prior state data into the model
+	resp.Diagnostics.Append(req.State.Get(ctx, &data)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	ctx = core.InitProviderContext(ctx)
+
+	projectId := data.ProjectId.ValueString()
+	region := data.Region.ValueString()
+	ctx = tflog.SetField(ctx, "project_id", projectId)
+	ctx = tflog.SetField(ctx, "region", region)
+
+	// TODO: Update API call logic
+
+	// TODO: Set data returned by API in identity
+	identity := {{.NamePascal}}ResourceIdentityModel{
+		ProjectID:  types.StringValue(projectId),
+		Region:     types.StringValue(region),
+		// TODO: add missing values
+		{{.NamePascal}}ID: types.StringValue({{.NamePascal}}Id),
+	}
+	resp.Diagnostics.Append(resp.Identity.Set(ctx, identity)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	// Save updated data into Terraform state
+	resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
+
+	tflog.Info(ctx, "{{.PackageName}}.{{.NamePascal}} updated")
+}
+
+func (r *{{.NameCamel}}Resource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) {
+	var data {{.PackageName}}ResGen.{{.NamePascal}}Model
+
+	// Read Terraform prior state data into the model
+	resp.Diagnostics.Append(req.State.Get(ctx, &data)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	// Read identity data
+	var identityData {{.NamePascal}}ResourceIdentityModel
+	resp.Diagnostics.Append(req.Identity.Get(ctx, &identityData)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+
+	ctx = core.InitProviderContext(ctx)
+
+	projectId := identityData.ProjectID.ValueString()
+	region := identityData.Region.ValueString()
+	ctx = tflog.SetField(ctx, "project_id", projectId)
+	ctx = tflog.SetField(ctx, "region", region)
+
+	// TODO: Delete API call logic
+
+	tflog.Info(ctx, "{{.PackageName}}.{{.NamePascal}} deleted")
+}
+
+// ImportState imports a resource into the Terraform state on success.
+// The expected format of the resource import identifier is: project_id,zone_id,record_set_id
+func (r *{{.NameCamel}}Resource) ImportState(
+	ctx context.Context,
+	req resource.ImportStateRequest,
+	resp *resource.ImportStateResponse,
+) {
+	idParts := strings.Split(req.ID, core.Separator)
+
+	// TODO: Import logic
+	// TODO: fix len and parts itself
+	if len(idParts) < 2 || idParts[0] == "" || idParts[1] == "" {
+		core.LogAndAddError(
+			ctx, &resp.Diagnostics,
+			"Error importing database",
+			fmt.Sprintf(
+				"Expected import identifier with format [project_id],[region],..., got %q",
+				req.ID,
+			),
+		)
+		return
+	}
+
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("project_id"), idParts[0])...)
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("region"), idParts[1])...)
+	// ... more ...
+
+	core.LogAndAddWarning(
+		ctx,
+		&resp.Diagnostics,
+		"{{.PackageName | ucfirst}} database imported with empty password",
+		"The database password is not imported as it is only available upon creation of a new database. The password field will be empty.",
+	)
+	tflog.Info(ctx, "{{.PackageName | ucfirst}} {{.NameCamel}} state imported")
+}
--- a/generator/cmd/build/templates/util.gotmpl
+++ b/generator/cmd/build/templates/util.gotmpl
@ -0,0 +1,47 @@
+package utils
+
+import (
+	"context"
+	"fmt"
+
+	{{.PackageName}} "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/pkg_gen/{{.PackageName}}"
+
+	"github.com/hashicorp/terraform-plugin-framework/diag"
+	"github.com/stackitcloud/stackit-sdk-go/core/config"
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/core"
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/utils"
+)
+
+func ConfigureClient(
+	ctx context.Context,
+	providerData *core.ProviderData,
+	diags *diag.Diagnostics,
+) *{{.PackageName}}.APIClient {
+	apiClientConfigOptions := []config.ConfigurationOption{
+		config.WithCustomAuth(providerData.RoundTripper),
+		utils.UserAgentConfigOption(providerData.Version),
+	}
+	if providerData.{{.PackageName}}CustomEndpoint != "" {
+		apiClientConfigOptions = append(
+			apiClientConfigOptions,
+			config.WithEndpoint(providerData.{{.PackageName}}CustomEndpoint),
+		)
+	} else {
+		apiClientConfigOptions = append(apiClientConfigOptions, config.WithRegion(providerData.GetRegion()))
+	}
+	apiClient, err := {{.PackageName}}.NewAPIClient(apiClientConfigOptions...)
+	if err != nil {
+		core.LogAndAddError(
+			ctx,
+			diags,
+			"Error configuring API client",
+			fmt.Sprintf(
+				"Configuring client: %v. This is an error related to the provider configuration, not to the resource configuration",
+				err,
+			),
+		)
+		return nil
+	}
+
+	return apiClient
+}
--- a/generator/cmd/build/templates/util_test.gotmpl
+++ b/generator/cmd/build/templates/util_test.gotmpl
@ -0,0 +1,97 @@
+package utils
+
+import (
+	"context"
+	"os"
+	"reflect"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-framework/diag"
+	sdkClients "github.com/stackitcloud/stackit-sdk-go/core/clients"
+	"github.com/stackitcloud/stackit-sdk-go/core/config"
+	{{.PackageName}} "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/pkg_gen/{{.PackageName}}"
+
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/core"
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/utils"
+)
+
+const (
+	testVersion        = "1.2.3"
+	testCustomEndpoint = "https://sqlserverflex-custom-endpoint.api.stackit.cloud"
+)
+
+func TestConfigureClient(t *testing.T) {
+	/* mock authentication by setting service account token env variable */
+	os.Clearenv()
+	err := os.Setenv(sdkClients.ServiceAccountToken, "mock-val")
+	if err != nil {
+		t.Errorf("error setting env variable: %v", err)
+	}
+
+	type args struct {
+		providerData *core.ProviderData
+	}
+	tests := []struct {
+		name     string
+		args     args
+		wantErr  bool
+		expected *sqlserverflex.APIClient
+	}{
+		{
+			name: "default endpoint",
+			args: args{
+				providerData: &core.ProviderData{
+					Version: testVersion,
+				},
+			},
+			expected: func() *sqlserverflex.APIClient {
+				apiClient, err := sqlserverflex.NewAPIClient(
+					config.WithRegion("eu01"),
+					utils.UserAgentConfigOption(testVersion),
+				)
+				if err != nil {
+					t.Errorf("error configuring client: %v", err)
+				}
+				return apiClient
+			}(),
+			wantErr: false,
+		},
+		{
+			name: "custom endpoint",
+			args: args{
+				providerData: &core.ProviderData{
+					Version:                     testVersion,
+					SQLServerFlexCustomEndpoint: testCustomEndpoint,
+				},
+			},
+			expected: func() *sqlserverflex.APIClient {
+				apiClient, err := sqlserverflex.NewAPIClient(
+					utils.UserAgentConfigOption(testVersion),
+					config.WithEndpoint(testCustomEndpoint),
+				)
+				if err != nil {
+					t.Errorf("error configuring client: %v", err)
+				}
+				return apiClient
+			}(),
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(
+			tt.name, func(t *testing.T) {
+				ctx := context.Background()
+				diags := diag.Diagnostics{}
+
+				actual := ConfigureClient(ctx, tt.args.providerData, &diags)
+				if diags.HasError() != tt.wantErr {
+					t.Errorf("ConfigureClient() error = %v, want %v", diags.HasError(), tt.wantErr)
+				}
+
+				if !reflect.DeepEqual(actual, tt.expected) {
+					t.Errorf("ConfigureClient() = %v, want %v", actual, tt.expected)
+				}
+			},
+		)
+	}
+}
--- a/generator/cmd/buildCmd.go
+++ b/generator/cmd/buildCmd.go
@ -0,0 +1,43 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/generator/cmd/build"
+)
+
+var (
+	skipCleanup  bool
+	skipClone    bool
+	packagesOnly bool
+	verbose      bool
+	debug        bool
+)
+
+var buildCmd = &cobra.Command{
+	Use:   "build",
+	Short: "Build the necessary boilerplate",
+	Long:  `...`,
+	RunE: func(_ *cobra.Command, _ []string) error {
+		b := build.Builder{
+			SkipClone:    skipClone,
+			SkipCleanup:  skipCleanup,
+			PackagesOnly: packagesOnly,
+			Verbose:      verbose,
+			Debug:        debug,
+		}
+		return b.Build()
+	},
+}
+
+func NewBuildCmd() *cobra.Command {
+	return buildCmd
+}
+
+func init() { //nolint:gochecknoinits // This is the standard way to set up Cobra commands
+	buildCmd.Flags().BoolVarP(&skipCleanup, "skip-clean", "c", false, "Skip cleanup steps")
+	buildCmd.Flags().BoolVarP(&debug, "debug", "d", false, "Enable debug output")
+	buildCmd.Flags().BoolVarP(&skipClone, "skip-clone", "g", false, "Skip cloning from git")
+	buildCmd.Flags().BoolVarP(&packagesOnly, "packages-only", "p", false, "Only generate packages")
+	buildCmd.Flags().BoolVarP(&verbose, "verbose", "v", false, "verbose - show more logs")
+}
--- a/generator/cmd/examplesCmd.go
+++ b/generator/cmd/examplesCmd.go
@ -0,0 +1,114 @@
+package cmd
+
+import (
+	"fmt"
+	"os"
+	"path"
+
+	"github.com/spf13/cobra"
+)
+
+var examplesCmd = &cobra.Command{
+	Use:   "examples",
+	Short: "create examples",
+	Long:  `...`,
+	RunE: func(_ *cobra.Command, _ []string) error {
+		// filePathStr := "stackit/internal/services/postgresflexalpha/database/datasources_gen/database_data_source_gen.go"
+		//
+		// src, err := os.ReadFile(filePathStr)
+		// if err != nil {
+		//	return err
+		//}
+		//
+		// i := interp.New(
+		//	interp.Options{
+		//		GoPath:               "/home/henselinm/.asdf/installs/golang/1.25.6/packages",
+		//		BuildTags:            nil,
+		//		Stdin:                nil,
+		//		Stdout:               nil,
+		//		Stderr:               nil,
+		//		Args:                 nil,
+		//		Env:                  nil,
+		//		SourcecodeFilesystem: nil,
+		//		Unrestricted:         false,
+		//	},
+		//)
+		// err = i.Use(i.Symbols("github.com/hashicorp/terraform-plugin-framework-validators"))
+		// if err != nil {
+		//	return err
+		//}
+		// err = i.Use(stdlib.Symbols)
+		// if err != nil {
+		//	return err
+		//}
+		// _, err = i.Eval(string(src))
+		// if err != nil {
+		//	return err
+		//}
+		//
+		// v, err := i.Eval("DatabaseDataSourceSchema")
+		// if err != nil {
+		//	return err
+		//}
+		//
+		// bar := v.Interface().(func(string) string)
+		//
+		// r := bar("Kung")
+		// println(r)
+		//
+		// evalPath, err := i.EvalPath(filePathStr)
+		// if err != nil {
+		//	return err
+		//}
+		//
+		// fmt.Printf("%+v\n", evalPath)
+
+		// _, err = i.Eval(`import "fmt"`)
+		// if err != nil {
+		//	return err
+		//}
+		// _, err = i.Eval(`func Hallo() { fmt.Println("Hi!") }`)
+		// if err != nil {
+		//	return err
+		//}
+
+		// v = i.Symbols("Hallo")
+
+		// fmt.Println(v)
+		return workServices()
+	},
+}
+
+func workServices() error {
+	startPath := path.Join("stackit", "internal", "services")
+
+	services, err := os.ReadDir(startPath)
+	if err != nil {
+		return err
+	}
+
+	for _, entry := range services {
+		if !entry.IsDir() {
+			continue
+		}
+		resources, err := os.ReadDir(path.Join(startPath, entry.Name()))
+		if err != nil {
+			return err
+		}
+		for _, res := range resources {
+			if !res.IsDir() {
+				continue
+			}
+			fmt.Println("Gefunden:", startPath, "subdir", entry.Name(), "resource", res.Name())
+		}
+	}
+	return nil
+}
+
+func NewExamplesCmd() *cobra.Command {
+	return examplesCmd
+}
+
+// func init() { // nolint: gochecknoinits
+//	examplesCmd.Flags().BoolVarP(&example, "example", "e", false, "example")
+//}
--- a/generator/cmd/getFieldsCmd.go
+++ b/generator/cmd/getFieldsCmd.go
@ -0,0 +1,148 @@
+package cmd
+
+import (
+	"fmt"
+	"go/ast"
+	"go/parser"
+	"go/token"
+	"path"
+	"path/filepath"
+	"strings"
+
+	"github.com/spf13/cobra"
+)
+
+var (
+	inFile   string
+	svcName  string
+	resName  string
+	resType  string
+	filePath string
+)
+
+var getFieldsCmd = &cobra.Command{
+	Use:   "get-fields",
+	Short: "get fields from file",
+	Long:  `...`,
+	PreRunE: func(_ *cobra.Command, _ []string) error {
+		typeStr := "data_source"
+		if resType != "resource" && resType != "datasource" {
+			return fmt.Errorf("--type can only be resource or datasource")
+		}
+
+		if resType == "resource" {
+			typeStr = resType
+		}
+
+		if inFile == "" && svcName == "" && resName == "" {
+			return fmt.Errorf("--infile or --service and --resource must be provided")
+		}
+
+		if inFile != "" {
+			if svcName != "" || resName != "" {
+				return fmt.Errorf("--infile is provided and excludes --service and --resource")
+			}
+			p, err := filepath.Abs(inFile)
+			if err != nil {
+				return err
+			}
+			filePath = p
+			return nil
+		}
+
+		if svcName != "" && resName == "" {
+			return fmt.Errorf("if --service is provided, you MUST also provide --resource")
+		}
+
+		if svcName == "" && resName != "" {
+			return fmt.Errorf("if --resource is provided, you MUST also provide --service")
+		}
+
+		p, err := filepath.Abs(
+			path.Join(
+				"stackit",
+				"internal",
+				"services",
+				svcName,
+				resName,
+				fmt.Sprintf("%ss_gen", resType),
+				fmt.Sprintf("%s_%s_gen.go", resName, typeStr),
+			),
+		)
+		if err != nil {
+			return err
+		}
+		filePath = p
+
+		//// Enum check
+		// switch format {
+		// case "json", "yaml":
+		//default:
+		//	return fmt.Errorf("invalid --format: %s (want json|yaml)", format)
+		//}
+		return nil
+	},
+	RunE: func(_ *cobra.Command, _ []string) error {
+		return getFields(filePath)
+	},
+}
+
+func getFields(f string) error {
+	tokens, err := getTokens(f)
+	if err != nil {
+		return err
+	}
+	for _, item := range tokens {
+		fmt.Printf("%s \n", item)
+	}
+	return nil
+}
+
+func getTokens(fileName string) ([]string, error) {
+	fset := token.NewFileSet()
+	var result []string
+
+	node, err := parser.ParseFile(fset, fileName, nil, parser.ParseComments)
+	if err != nil {
+		return nil, err
+	}
+
+	ast.Inspect(
+		node, func(n ast.Node) bool {
+			// Suche nach Typ-Deklarationen (structs)
+			ts, ok := n.(*ast.TypeSpec)
+			if ok {
+				if strings.Contains(ts.Name.Name, "Model") {
+					ast.Inspect(
+						ts, func(sn ast.Node) bool {
+							tts, tok := sn.(*ast.Field)
+							if tok {
+								result = append(result, tts.Names[0].String())
+							}
+							return true
+						},
+					)
+				}
+			}
+			return true
+		},
+	)
+	return result, nil
+}
+
+func NewGetFieldsCmd() *cobra.Command {
+	return getFieldsCmd
+}
+
+func init() { //nolint:gochecknoinits //this is the only way to add the command to the rootCmd
+	getFieldsCmd.Flags().StringVarP(&inFile, "infile", "i", "", "input filename incl path")
+	getFieldsCmd.Flags().StringVarP(&svcName, "service", "s", "", "service name")
+	getFieldsCmd.Flags().StringVarP(&resName, "resource", "r", "", "resource name")
+	getFieldsCmd.Flags().StringVarP(
+		&resType,
+		"type",
+		"t",
+		"resource",
+		"resource type (data-source or resource [default])",
+	)
+}
--- a/generator/cmd/publish/architecture.go
+++ b/generator/cmd/publish/architecture.go
@ -0,0 +1,137 @@
+package publish
+
+import (
+	"encoding/json"
+	"fmt"
+	"log"
+	"net/url"
+	"os"
+	"path"
+	"strings"
+)
+
+type Architecture struct {
+	Protocols           []string   `json:"protocols"`
+	OS                  string     `json:"os"`
+	Arch                string     `json:"arch"`
+	FileName            string     `json:"filename"`
+	DownloadUrl         string     `json:"download_url"`
+	ShaSumsUrl          string     `json:"shasums_url"`
+	ShaSumsSignatureUrl string     `json:"shasums_signature_url"`
+	ShaSum              string     `json:"shasum"`
+	SigningKeys         SigningKey `json:"signing_keys"`
+}
+
+type SigningKey struct {
+	GpgPublicKeys []GpgPublicKey `json:"gpg_public_keys"`
+}
+
+type GpgPublicKey struct {
+	KeyId          string `json:"key_id"`
+	AsciiArmor     string `json:"ascii_armor"`
+	TrustSignature string `json:"trust_signature"`
+	Source         string `json:"source"`
+	SourceUrl      string `json:"source_url"`
+}
+
+func (p *Provider) CreateArchitectureFiles() error {
+	log.Println("* Creating architecture files in target directories")
+
+	prefix := path.Join("v1", "providers", p.Namespace, p.Provider, p.Version)
+
+	pathPrefix := path.Join("release", prefix)
+
+	urlPrefix, err := url.JoinPath("https://", p.Domain, prefix)
+	if err != nil {
+		return fmt.Errorf("error creating base url: %w", err)
+	}
+
+	downloadUrlPrefix, err := url.JoinPath(urlPrefix, "download")
+	if err != nil {
+		return fmt.Errorf("error crearting download url: %w", err)
+	}
+	downloadPathPrefix := path.Join(pathPrefix, "download")
+
+	shasumsUrl, err := url.JoinPath(urlPrefix, fmt.Sprintf("%s_%s_SHA256SUMS", p.RepoName, p.Version))
+	if err != nil {
+		return fmt.Errorf("error creating shasums url: %w", err)
+	}
+	shasumsSigUrl := shasumsUrl + ".sig"
+
+	gpgAsciiPub, err := p.ReadGpgFile()
+	if err != nil {
+		return err
+	}
+
+	shaSums, err := p.GetShaSums()
+	if err != nil {
+		return err
+	}
+	for _, sum := range shaSums {
+		downloadUrl, err := url.JoinPath(downloadUrlPrefix, sum.Path)
+		if err != nil {
+			return fmt.Errorf("error creating url: %w", err)
+		}
+
+		// get os and arch from filename
+		removeFileExtension := strings.Split(sum.Path, ".zip")
+		fileNameSplit := strings.Split(removeFileExtension[0], "_")
+
+		// Get build target and architecture from the zip file name
+		target := fileNameSplit[2]
+		arch := fileNameSplit[3]
+
+		// build filepath
+		archFileName := path.Join(downloadPathPrefix, target, arch)
+
+		a := Architecture{
+			Protocols:           []string{"5.1", "6.0"},
+			OS:                  target,
+			Arch:                arch,
+			FileName:            sum.Path,
+			DownloadUrl:         downloadUrl,
+			ShaSumsUrl:          shasumsUrl,
+			ShaSumsSignatureUrl: shasumsSigUrl,
+			ShaSum:              sum.Sum,
+			SigningKeys:         SigningKey{},
+		}
+
+		a.SigningKeys = SigningKey{
+			GpgPublicKeys: []GpgPublicKey{
+				{
+					KeyId:          p.GpgFingerprint,
+					AsciiArmor:     gpgAsciiPub,
+					TrustSignature: "",
+					Source:         "",
+					SourceUrl:      "",
+				},
+			},
+		}
+
+		log.Printf("  - Arch file: %s", archFileName)
+
+		err = WriteArchitectureFile(archFileName, a)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func WriteArchitectureFile(filePath string, arch Architecture) error {
+	jsonString, err := json.Marshal(arch)
+	if err != nil {
+		return fmt.Errorf("error encoding data: %w", err)
+	}
+	//nolint:gosec // this file is not sensitive, so we can use os.ModePerm
+	err = os.WriteFile(
+		filePath,
+		jsonString,
+		os.ModePerm,
+	)
+	if err != nil {
+		return fmt.Errorf("error writing data: %w", err)
+	}
+	return nil
+}
--- a/generator/cmd/publish/gpg.go
+++ b/generator/cmd/publish/gpg.go
@ -0,0 +1,14 @@
+package publish
+
+import (
+	"fmt"
+	"strings"
+)
+
+func (p *Provider) ReadGpgFile() (string, error) {
+	gpgFile, err := ReadFile(p.GpgPubKeyFile)
+	if err != nil {
+		return "", fmt.Errorf("error reading '%s' file: %w", p.GpgPubKeyFile, err)
+	}
+	return strings.Join(gpgFile, "\n"), nil
+}
--- a/generator/cmd/publish/provider.go
+++ b/generator/cmd/publish/provider.go
@ -0,0 +1,297 @@
+package publish
+
+import (
+	"bufio"
+	"errors"
+	"fmt"
+	"io"
+	"io/fs"
+	"log"
+	"log/slog"
+	"os"
+	"os/exec"
+	"path"
+	"strings"
+)
+
+type Provider struct {
+	RootPath       string
+	Namespace      string
+	Provider       string
+	DistPath       string
+	RepoName       string
+	Version        string
+	GpgFingerprint string
+	GpgPubKeyFile  string
+	Domain         string
+}
+
+func (p *Provider) GetRoot() error {
+	cmd := exec.Command("git", "rev-parse", "--show-toplevel")
+	out, err := cmd.Output()
+	if err != nil {
+		return err
+	}
+	lines := strings.Split(string(out), "\n")
+	p.RootPath = lines[0]
+	return nil
+}
+
+func (p *Provider) CreateV1Dir() error {
+	// Path to semantic version dir
+	versionPath := p.providerDirs()
+
+	// Files to create under v1/providers/[namespace]/[provider_name]
+	err := p.createVersionsFile()
+	if err != nil {
+		return fmt.Errorf("[CreateV1Dir] - create versions file:%w", err)
+	} // Creates version file one above download, which is why downloadPath isn't used
+
+	// Files/Directories to create under v1/providers/[namespace]/[provider_name]/[version]
+	err = p.copyShaFiles(versionPath)
+	if err != nil {
+		return fmt.Errorf("[CreateV1Dir] - copy sha files: %w", err)
+	}
+
+	log.Printf("* Creating download/ in %s directory", versionPath)
+	downloadsPath := path.Join(versionPath, "download")
+	err = CreateDir(downloadsPath)
+	if err != nil {
+		return err
+	}
+
+	// Create darwin, freebsd, linux, windows dirs
+	for _, v := range [4]string{"darwin", "freebsd", "linux", "windows"} {
+		err = CreateDir(path.Join(downloadsPath, v))
+		if err != nil {
+			return fmt.Errorf("error creating dir '%s': %w", path.Join(downloadsPath, v), err)
+		}
+	}
+
+	// Copy all zips
+	err = p.copyBuildZips(downloadsPath)
+	if err != nil {
+		return err
+	}
+
+	// Create all individual files for build targets and each architecture for the build targets
+	err = p.CreateArchitectureFiles()
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (p *Provider) copyBuildZips(destPath string) error {
+	log.Println("* Copying build zips")
+
+	shaSums, err := p.GetShaSums()
+	if err != nil {
+		return err
+	}
+
+	// Loop through and copy each
+	for _, sum := range shaSums {
+		zipSrcPath := path.Join(p.DistPath, sum.Path)
+		zipDestPath := path.Join(destPath, sum.Path)
+
+		log.Printf("  - Zip Source: %s", zipSrcPath)
+		log.Printf("   - Zip Dest:  %s", zipDestPath)
+
+		// Copy the zip
+		_, err = CopyFile(zipSrcPath, zipDestPath)
+		if err != nil {
+			return fmt.Errorf("error copying file '%s': %w", zipSrcPath, err)
+		}
+	}
+
+	return nil
+}
+
+func (p *Provider) copyShaFiles(destPath string) error {
+	log.Printf("* Copying SHA files in %s directory", p.DistPath)
+
+	// Copy files from srcPath
+	shaSum := p.RepoName + "_" + p.Version + "_SHA256SUMS"
+	shaSumPath := path.Join(p.DistPath, shaSum)
+
+	// _SHA256SUMS file
+	_, err := CopyFile(shaSumPath, path.Join(destPath, shaSum))
+	if err != nil {
+		return err
+	}
+
+	// _SHA256SUMS.sig file
+	_, err = CopyFile(shaSumPath+".sig", path.Join(destPath, shaSum+".sig"))
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func (p *Provider) createVersionsFile() error {
+	log.Println("* Writing to release/v1/providers/[namespace]/[repo]/versions file")
+
+	versionPath := path.Join("release", "v1", "providers", p.Namespace, p.Provider, "versions")
+
+	shasums, err := p.GetShaSums()
+	if err != nil {
+		return fmt.Errorf("error getting sha sums: %w", err)
+	}
+
+	// Build the versions file...
+	version := Version{
+		Version:   p.Version,
+		Protocols: []string{"5.1", "6.1"},
+		Platforms: nil,
+	}
+	for _, sum := range shasums {
+		// get os and arch from filename
+		removeFileExtension := strings.Split(sum.Path, ".zip")
+		if len(removeFileExtension) < 1 {
+			log.Fatalf("error: %s does not have .zip extension", sum.Path)
+		}
+		fileNameSplit := strings.Split(removeFileExtension[0], "_")
+		if len(fileNameSplit) < 4 {
+			log.Fatalf("filename does not match our regex: %s", removeFileExtension[0])
+		}
+
+		// Get build target and architecture from the zip file name
+		target := fileNameSplit[2]
+		arch := fileNameSplit[3]
+
+		version.Platforms = append(
+			version.Platforms, Platform{
+				OS:   target,
+				Arch: arch,
+			},
+		)
+	}
+
+	data := Data{}
+
+	downloadPath := path.Join(p.Domain, "v1", "providers", p.Namespace, p.Provider, "versions")
+	err = data.LoadFromUrl(fmt.Sprintf("https://%s", downloadPath))
+	if err != nil {
+		slog.Warn("error getting existing versions file, start with empty")
+		// TODO: create flag for first use or make it more robust
+		// return fmt.Errorf("error getting existing versions file: %w", err)
+	}
+
+	err = data.AddVersion(version)
+	if err != nil {
+		return fmt.Errorf("error appending version: %w", err)
+	}
+
+	err = data.WriteToFile(versionPath)
+	if err != nil {
+		return fmt.Errorf("error saving file '%s':%w", versionPath, err)
+	}
+
+	return nil
+}
+
+func (p *Provider) providerDirs() string {
+	log.Println("* Creating release/v1/providers/[namespace]/[provider]/[version] directories")
+
+	target := path.Join("release", "v1", "providers", p.Namespace, p.Provider, p.Version)
+
+	err := CreateDir(target)
+	if err != nil {
+		return ""
+	}
+	return target
+}
+
+func (p *Provider) CreateWellKnown() error {
+	log.Println("* Creating .well-known directory")
+	pathString := path.Join(p.RootPath, "release", ".well-known")
+
+	//nolint:gosec // this file is not sensitive, so we can use ModePerm
+	err := os.MkdirAll(pathString, os.ModePerm)
+	if err != nil && !errors.Is(err, fs.ErrExist) {
+		return fmt.Errorf("error creating '%s' dir: %w", pathString, err)
+	}
+
+	log.Println("  - Writing to .well-known/terraform.json file")
+
+	//nolint:gosec // this file is not sensitive, so we can use 0644
+	err = os.WriteFile(
+		fmt.Sprintf("%s/terraform.json", pathString),
+		[]byte(`{"providers.v1": "/v1/providers/"}`),
+		0o644,
+	)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func CreateDir(pathValue string) error {
+	log.Printf("* Creating %s directory", pathValue)
+	//nolint:gosec // this file is not sensitive, so we can use ModePerm
+	err := os.MkdirAll(pathValue, os.ModePerm)
+	if errors.Is(err, fs.ErrExist) {
+		return nil
+	}
+	return err
+}
+
+func ReadFile(filePath string) ([]string, error) {
+	rFile, err := os.Open(filePath)
+
+	if err != nil {
+		return nil, err
+	}
+	fileScanner := bufio.NewScanner(rFile)
+	fileScanner.Split(bufio.ScanLines)
+	var fileLines []string
+
+	for fileScanner.Scan() {
+		fileLines = append(fileLines, fileScanner.Text())
+	}
+
+	err = rFile.Close()
+	if err != nil {
+		return nil, err
+	}
+
+	return fileLines, nil
+}
+
+func CopyFile(src, dst string) (int64, error) {
+	sourceFileStat, err := os.Stat(src)
+	if err != nil {
+		return 0, err
+	}
+
+	if !sourceFileStat.Mode().IsRegular() {
+		return 0, fmt.Errorf("%s is not a regular file", src)
+	}
+
+	source, err := os.Open(src)
+	if err != nil {
+		return 0, err
+	}
+	defer func(source *os.File) {
+		err := source.Close()
+		if err != nil {
+			slog.Error("error closing source file", slog.Any("err", err))
+		}
+	}(source)
+
+	destination, err := os.Create(dst)
+	if err != nil {
+		return 0, err
+	}
+	defer func(destination *os.File) {
+		err := destination.Close()
+		if err != nil {
+			slog.Error("error closing destination file", slog.Any("err", err))
+		}
+	}(destination)
+	nBytes, err := io.Copy(destination, source)
+	return nBytes, err
+}
--- a/generator/cmd/publish/shasums.go
+++ b/generator/cmd/publish/shasums.go
@ -0,0 +1,39 @@
+package publish
+
+import (
+	"log/slog"
+	"path"
+	"regexp"
+)
+
+func (p *Provider) GetShaSums() (ShaSums, error) {
+	return GetShaSumContents(p.DistPath, p.RepoName, p.Version)
+}
+
+type ShaSums []ShaSum
+type ShaSum struct {
+	Sum  string
+	Path string
+}
+
+func GetShaSumContents(distPath, repoName, version string) (ShaSums, error) {
+	shaSumFileName := repoName + "_" + version + "_SHA256SUMS"
+	shaSumPath := path.Join(distPath, shaSumFileName)
+
+	shaSumLine, err := ReadFile(shaSumPath)
+	if err != nil {
+		return nil, err
+	}
+
+	regEx := regexp.MustCompile(`([0-9a-fA-F]+)\s+(.+)`)
+	shaSums := ShaSums{}
+	for _, line := range shaSumLine {
+		matches := regEx.FindAllStringSubmatch(line, -1)
+		if len(matches) < 1 {
+			slog.Warn("unable to parse SHA sum line", "line", line)
+			continue
+		}
+		shaSums = append(shaSums, ShaSum{Sum: matches[0][1], Path: matches[0][2]})
+	}
+	return shaSums, nil
+}
--- a/generator/cmd/publish/templates/Caddyfile
+++ b/generator/cmd/publish/templates/Caddyfile
@ -0,0 +1,38 @@
+{
+    log {
+            level debug
+        }
+
+
+    filesystem tf s3 {
+                         bucket "terraform-provider-privatepreview"
+                         region eu01
+                         endpoint https://object.storage.eu01.onstackit.cloud
+                         use_path_style
+                     }
+}
+
+tfregistry.sysops.stackit.rocks {
+    encode zstd gzip
+
+    handle_path /docs/* {
+                            root /srv/www
+                            templates
+
+                            @md {
+                                    file {path}
+                                    path *.md
+                                }
+
+                            rewrite @md /markdown.html
+
+                            file_server {
+                                            browse
+                                        }
+                        }
+
+    file_server {
+                    fs tf
+                    browse
+                }
+}
--- a/generator/cmd/publish/templates/index.html.gompl
+++ b/generator/cmd/publish/templates/index.html.gompl
@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html lang="de">
+<head>
+    <title>Forwarding | Weiterleitung</title>
+    <meta http-equiv="refresh" content="0; URL=index.md">
+</head>
+<body>
+<a href="index.md">Falls Sie nicht automatisch weitergeleitet werden, klicken Sie bitte hier.</a><br />
+Sie gelangen dann auf unsere Hauptseite
+</body>
+</html>
--- a/generator/cmd/publish/templates/index.md.gompl
+++ b/generator/cmd/publish/templates/index.md.gompl
@ -0,0 +1,34 @@
+---
+page_title: STACKIT provider PrivatePreview
+description: none
+---
+
+# provider
+[Provider](docs/index.md)
+
+## PostGreSQL alpha
+### data sources
+
+- [Flavor](docs/data-sources/postgresflexalpha_flavor.md)
+- [Database](docs/data-sources/postgresflexalpha_database.md)
+- [Instance](docs/data-sources/postgresflexalpha_instance.md)
+- [Flavors](docs/data-sources/postgresflexalpha_flavors.md)
+- [User](docs/data-sources/postgresflexalpha_user.md)
+
+### resources
+- [Database](docs/resources/postgresflexalpha_database.md)
+- [Instance](docs/resources/postgresflexalpha_instance.md)
+- [User](docs/resources/postgresflexalpha_user.md)
+
+## SQL Server alpha
+### data sources
+- [Database](docs/data-sources/sqlserverflexalpha_database.md)
+- [Version](docs/data-sources/sqlserverflexalpha_version.md)
+- [User](docs/data-sources/sqlserverflexalpha_user.md)
+- [Flavor](docs/data-sources/sqlserverflexalpha_flavor.md)
+- [Instance](docs/data-sources/sqlserverflexalpha_instance.md)
+
+### resources
+- [Database](docs/resources/sqlserverflexalpha_database.md)
+- [User](docs/resources/sqlserverflexalpha_user.md)
+- [Instance](docs/resources/sqlserverflexalpha_instance.md)
--- a/generator/cmd/publish/templates/markdown.html.gompl
+++ b/generator/cmd/publish/templates/markdown.html.gompl
@ -0,0 +1,79 @@
+<!DOCTYPE html>
+{{ $mdFile := .OriginalReq.URL.Path | trimPrefix "/docs" }}
+{{ $md := (include $mdFile | splitFrontMatter) }}
+<html lang="en">
+<head>
+    <title>{{$md.Meta.page_title}}</title>
+    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css">
+    <link rel="stylesheet" href="/docs/terraform-registry.css">
+</head>
+<body>
+<h1>{{$md.Meta.page_title}}</h1>
+<div class="provider-view">
+    <div class="provider-nav">
+        <nav class="bread-crumbs is-light" aria-label="Provider">
+            <div class="container is-widescreen">
+                <div class="level">
+                    <ul class="provider-nav-breadcrumbs bread-crumbs-list">
+                        <li class="bread-crumbs-item">
+                            <a id="ember20" class="ember-view bread-crumbs-link" href="/">
+                                Main
+                            </a>
+                        </li>
+                    </ul>
+                </div>
+            </div>
+        </nav>
+        <nav class="block-border section-navbar section-header" aria-label="Provider details">
+            <div class="container">
+                <div class="columns is-vcentered">
+                    <div class="column is-4">
+                          <div class="provider-nav-info-header">
+                              <div class="provider-overview-logo">
+                                <span class="provider-logo">
+                                    <img class="github-image" src="https://avatars3.githubusercontent.com/stackitcloud" alt="stackitcloud">
+                                </span>
+                              </div>
+                              <div class="provider-nav-info-origin">
+                                  <h1>PRIVATE PREVIEW</h1>
+                              </div>
+                          </div>
+                    </div>
+                    <div class="column is-8">
+
+                        <ul class="nav-tabs-list nav-tabs tabs">
+
+                            <li class="nav-tabs-item">
+                                <a id="ember30" class="ember-view navbar-item" href="/">
+                                    Overview
+                                </a>
+                            </li>
+
+                        </ul>
+
+                        <div class="provider-nav-provision-wrapper">
+                            <!---->          </div>
+                    </div>
+                </div>
+            </div>
+        </nav>
+    </div>
+
+    <div class="section block-border block-white section-content">
+        <div class="container">
+            <div class="columns columns-provider-docs">
+                <div class="column is-3 column-provider-docs-menu"></div>
+                <article id="provider-docs-content" class="column is-6  provider-docs-content">
+                    <div class="markdown">
+                        <div class="highlighted-code-wrapper">
+                            {{markdown $md.Body}}
+                        </div>
+                    </div>
+                </article>
+                <div class="column is-3 column-provider-docs-menu"></div>
+            </div>
+        </div>
+    </div>
+</div>
+</body>
+</html>
--- a/generator/cmd/publish/versions.go
+++ b/generator/cmd/publish/versions.go
@ -0,0 +1,169 @@
+package publish
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"log/slog"
+	"net/http"
+	"net/url"
+	"os"
+)
+
+type Version struct {
+	Version   string     `json:"version"`
+	Protocols []string   `json:"protocols"`
+	Platforms []Platform `json:"platforms"`
+}
+
+type Platform struct {
+	OS   string `json:"os" yaml:"os"`
+	Arch string `json:"arch" yaml:"arch"`
+}
+
+type Data struct {
+	Id       string    `json:"id,omitempty"`
+	Versions []Version `json:"versions"`
+}
+
+func (d *Data) WriteToFile(filePath string) error {
+	// TODO: make it variable
+	d.Id = "tfregistry.sysops.stackit.rocks/mhenselin/stackitprivatepreview"
+
+	jsonString, err := json.Marshal(d)
+	if err != nil {
+		return fmt.Errorf("error encoding data: %w", err)
+	}
+
+	//nolint:gosec // this file is not sensitive, so we can use os.ModePerm
+	err = os.WriteFile(
+		filePath,
+		jsonString,
+		os.ModePerm,
+	)
+	if err != nil {
+		return fmt.Errorf("error writing data: %w", err)
+	}
+	return nil
+}
+
+func (d *Data) AddVersion(v Version) error {
+	var newVersions []Version
+	for _, ver := range d.Versions {
+		if ver.Version != v.Version {
+			newVersions = append(newVersions, ver)
+		}
+	}
+	newVersions = append(newVersions, v)
+	d.Versions = newVersions
+	return nil
+}
+
+func (d *Data) Validate() error {
+	for _, v := range d.Versions {
+		err := v.Validate()
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (d *Data) LoadFromFile(filePath string) error {
+	plan, err := os.ReadFile(filePath)
+	if err != nil {
+		return err
+	}
+	err = json.Unmarshal(plan, &d)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func (d *Data) LoadFromUrl(uri string) error {
+	u, err := url.ParseRequestURI(uri)
+	if err != nil {
+		return err
+	}
+
+	file, err := os.CreateTemp("", "versions.*.json")
+	if err != nil {
+		return err
+	}
+	defer func(name string) {
+		//nolint:gosec // The file path is generated by os.CreateTemp and is not user-controllable
+		err := os.Remove(name)
+		if err != nil {
+			slog.Error("failed to remove temporary file", slog.Any("err", err))
+		}
+	}(file.Name()) // Clean up
+
+	err = DownloadFile(
+		u.String(),
+		file.Name(),
+	)
+	if err != nil {
+		return err
+	}
+
+	return d.LoadFromFile(file.Name())
+}
+
+func (v *Version) Validate() error {
+	slog.Warn("validation needs to be implemented")
+	return nil
+}
+
+func (v *Version) AddPlatform(p Platform) error {
+	if p.OS == "" || p.Arch == "" {
+		return fmt.Errorf("OS and Arch MUST NOT be empty")
+	}
+	v.Platforms = append(v.Platforms, p)
+	return nil
+}
+
+func (v *Version) AddProtocol(p string) error {
+	if p == "" {
+		return fmt.Errorf("protocol MUST NOT be empty")
+	}
+	v.Protocols = append(v.Protocols, p)
+	return nil
+}
+
+// DownloadFile will download a url and store it in local filepath.
+// It writes to the destination file as it downloads it, without
+// loading the entire file into memory.
+func DownloadFile(urlValue, filepath string) error {
+	// Create the file
+	//nolint:gosec // path traversal is not a concern here, as the filepath is generated by us and not user input
+	out, err := os.Create(filepath)
+	if err != nil {
+		return err
+	}
+	defer func(out *os.File) {
+		err := out.Close()
+		if err != nil {
+			slog.Error("failed to close file", slog.Any("err", err))
+		}
+	}(out)
+
+	// Get the data
+
+	//nolint:gosec,bodyclose // this is a controlled URL, not user input
+	resp, err := http.Get(urlValue)
+	if err != nil {
+		return err
+	}
+	defer func(Body io.ReadCloser) {
+		_ = Body.Close()
+	}(resp.Body)
+
+	// Write the body to file
+	_, err = io.Copy(out, resp.Body)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
--- a/generator/cmd/publishCmd.go
+++ b/generator/cmd/publishCmd.go
@ -0,0 +1,139 @@
+package cmd
+
+import (
+	"errors"
+	"fmt"
+	"io/fs"
+	"log"
+	"os"
+	"path"
+	"path/filepath"
+
+	"github.com/spf13/cobra"
+
+	publish2 "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/generator/cmd/publish"
+)
+
+var (
+	namespace      string
+	domain         string
+	providerName   string
+	distPath       string
+	repoName       string
+	version        string
+	gpgFingerprint string
+	gpgPubKeyFile  string
+)
+
+var publishCmd = &cobra.Command{
+	Use:   "publish",
+	Short: "Publish terraform provider",
+	Long:  `...`,
+	RunE: func(_ *cobra.Command, _ []string) error {
+		return publish()
+	},
+}
+
+func init() { //nolint:gochecknoinits //this is the standard way to set up cobra commands
+	publishCmd.Flags().StringVarP(&namespace, "namespace", "n", "", "Namespace for the Terraform registry.")
+	publishCmd.Flags().StringVarP(&domain, "domain", "d", "", "Domain for the Terraform registry.")
+	publishCmd.Flags().StringVarP(&providerName, "providerName", "p", "", "ProviderName for the Terraform registry.")
+	publishCmd.Flags().StringVarP(&distPath, "distPath", "x", "dist", "Dist Path for the Terraform registry.")
+	publishCmd.Flags().StringVarP(&repoName, "repoName", "r", "", "RepoName for the Terraform registry.")
+	publishCmd.Flags().StringVarP(&version, "version", "v", "", "Version for the Terraform registry.")
+	publishCmd.Flags().StringVarP(
+		&gpgFingerprint,
+		"gpgFingerprint",
+		"f",
+		"",
+		"GPG Fingerprint for the Terraform registry.",
+	)
+	publishCmd.Flags().StringVarP(
+		&gpgPubKeyFile,
+		"gpgPubKeyFile",
+		"k",
+		"",
+		"GPG PubKey file name for the Terraform registry.",
+	)
+
+	err := publishCmd.MarkFlagRequired("namespace")
+	if err != nil {
+		return
+	}
+	err = publishCmd.MarkFlagRequired("domain")
+	if err != nil {
+		return
+	}
+	err = publishCmd.MarkFlagRequired("providerName")
+	if err != nil {
+		return
+	}
+	err = publishCmd.MarkFlagRequired("gpgFingerprint")
+	if err != nil {
+		return
+	}
+	err = publishCmd.MarkFlagRequired("gpgPubKeyFile")
+	if err != nil {
+		return
+	}
+	err = publishCmd.MarkFlagRequired("repoName")
+	if err != nil {
+		return
+	}
+	err = publishCmd.MarkFlagRequired("version")
+	if err != nil {
+		return
+	}
+	err = publishCmd.MarkFlagRequired("gpgFingerprint")
+	if err != nil {
+		return
+	}
+	err = publishCmd.MarkFlagRequired("gpgPubKeyFile")
+	if err != nil {
+		return
+	}
+}
+
+func NewPublishCmd() *cobra.Command {
+	return publishCmd
+}
+
+func publish() error {
+	log.Println("📦 Packaging Terraform Provider for private registry...")
+	p := publish2.Provider{
+		Namespace:      namespace,
+		Provider:       providerName,
+		DistPath:       filepath.Clean(distPath) + "/",
+		RepoName:       repoName,
+		Version:        version,
+		GpgFingerprint: gpgFingerprint,
+		GpgPubKeyFile:  gpgPubKeyFile,
+		Domain:         domain,
+	}
+	err := p.GetRoot()
+	if err != nil {
+		return err
+	}
+
+	// Create release dir - only the contents of this need to be uploaded to S3
+	log.Printf("* Creating release directory")
+	//nolint:gosec // this directory is not sensitive, so we can use 0750
+	err = os.MkdirAll(path.Join(p.RootPath, "release"), os.ModePerm)
+	if err != nil && !errors.Is(err, fs.ErrExist) {
+		return fmt.Errorf("error creating '%s' dir: %w", path.Join(p.RootPath, "release"), err)
+	}
+
+	// Create .wellKnown directory and terraform.json file
+	err = p.CreateWellKnown()
+	if err != nil {
+		return fmt.Errorf("error creating '.well-known' dir: %w", err)
+	}
+
+	err = p.CreateV1Dir()
+	if err != nil {
+		return fmt.Errorf("error creating 'v1' dir: %w", err)
+	}
+
+	log.Println("📦 Packaged Terraform Provider for private registry.")
+	return nil
+}
--- a/generator/cmd/rootCmd.go
+++ b/generator/cmd/rootCmd.go
@ -0,0 +1,23 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+)
+
+func NewRootCmd() *cobra.Command {
+	return &cobra.Command{
+		Use:               "build-tools",
+		Short:             "...",
+		Long:              "...",
+		SilenceErrors:     true, // Error is beautified in a custom way before being printed
+		SilenceUsage:      true,
+		DisableAutoGenTag: true,
+		RunE: func(cmd *cobra.Command, _ []string) error {
+			err := cmd.Help()
+			if err != nil {
+				return err
+			}
+			return nil
+		},
+	}
+}
--- a/generator/main.go
+++ b/generator/main.go
@ -0,0 +1,40 @@
+package main
+
+import (
+	"log"
+	"log/slog"
+	"os"
+
+	"github.com/SladkyCitron/slogcolor"
+	cc "github.com/ivanpirog/coloredcobra"
+
+	"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/generator/cmd"
+)
+
+func main() {
+	slog.SetDefault(slog.New(slogcolor.NewHandler(os.Stderr, slogcolor.DefaultOptions)))
+
+	rootCmd := cmd.NewRootCmd()
+
+	cc.Init(&cc.Config{
+		RootCmd:  rootCmd,
+		Headings: cc.HiCyan + cc.Bold + cc.Underline,
+		Commands: cc.HiYellow + cc.Bold,
+		Example:  cc.Italic,
+		ExecName: cc.Bold,
+		Flags:    cc.Bold,
+	})
+	rootCmd.SetOut(os.Stdout)
+
+	rootCmd.AddCommand(
+		cmd.NewBuildCmd(),
+		cmd.NewPublishCmd(),
+		cmd.NewGetFieldsCmd(),
+		cmd.NewExamplesCmd(),
+	)
+
+	err := rootCmd.Execute()
+	if err != nil {
+		log.Fatal(err)
+	}
+}