Dc mission 3248 (#267)

Author: markusbalsam

released/discovery_center/mission_3061/README.md

@@ -14,7 +14,7 @@ The process is done in two steps:
    - The trust setup to the custom IdP 
 
 2. In the directory `step2` the following resources are created:
-   - the assignment of Cloud FOundry org roles
+   - the assignment of Cloud Foundry org roles
    - a new Cloud Foundry space
    - the assignment of Cloud Foundry space roles
    - the ABAP environment (service instance)

released/discovery_center/mission_3248_trial/README.md

@@ -0,0 +1,19 @@
+# Prepare an Account for ABAP Trial
+
+## Overview
+
+This directory prepares a Trial account for ABAP Trial. 
+
+The process is done in two steps:
+
+1. In the directory `step1` the following configurations are applied:
+   - Assignement the `abab-trial` entitlement with plan `shared` to the existing subaccount
+   - Creation of a Cloud Foundry environment instance, in case Cloud Foundry is disabled for the subaccount
+
+2. In the directory `step2` the following configurations are applied:
+   - Creation a new Cloud Foundry space if no space with the provided name exists
+   - Assignment of Cloud Foundry org and space roles
+   - Creation of an ABAP Trial service instance in the Cloud Foundry space
+   - Creation of a service key for the instance 
+
+Please refer to the READMEs in the subdirectories for further instructions.

released/discovery_center/mission_3248_trial/step1/README.md

@@ -0,0 +1,33 @@
+# Prepare an Account for ABAP Trial - Step 1
+
+## Overview
+
+The first configuration step prepares your existing Trial subaccount for ABAP Trial. The following configurations are applied:
+- Assignement the `abab-trial` entitlement with plan `shared` to the existing subaccount
+- Creation of a Cloud Foundry environment instance, in case Cloud Foundry is disabled for the subaccount
+
+## Deploying the resources
+
+To deploy the resources of this step execute the following commands:
+
+1. Initialize your workspace:
+
+   ```bash
+   terraform init
+   ```
+
+1. Assign the variable values in a `*.tfvars` file e.g., the global account subdomain
+
+1. You can check what Terraform plans to apply based on your configuration:
+
+   ```bash
+   terraform plan -var-file="<name of your tfvars file>.tfvars" 
+   ```
+
+1. Apply your configuration to provision the resources:
+
+   ```bash
+   terraform apply -var-file="<name of your tfvars file>.tfvars"
+   ```
+
+> **Note** - Some outputs of the first step are needed as input for the second step.

released/discovery_center/mission_3248_trial/step1/main.tf

@@ -0,0 +1,64 @@
+###
+# Retrieval of existing trial subaccount
+###
+data "btp_subaccount" "trial" {
+  id = var.subaccount_id
+}
+
+###
+# Assignment of basic entitlements for an ABAP setup
+###
+resource "btp_subaccount_entitlement" "abap-trial" {
+  subaccount_id = var.subaccount_id
+  service_name  = "abap-trial"
+  plan_name     = "shared"
+  amount        = 1
+}
+
+###
+# Retrieval of existing CF environment instance
+###
+data "btp_subaccount_environment_instances" "all" {
+  subaccount_id = var.subaccount_id
+}
+
+locals {
+  cf_org_name     = join("_", [var.globalaccount, data.btp_subaccount.trial.subdomain])
+  cf_instances    = [for env in data.btp_subaccount_environment_instances.all.values : env if env.service_name == "cloudfoundry" && env.environment_type == "cloudfoundry"]
+  cf_enabled      = length(local.cf_instances) > 0
+  create_cf_space = var.create_cf_space || !local.cf_enabled
+}
+
+resource "btp_subaccount_environment_instance" "cloudfoundry" {
+  count = local.cf_enabled ? 0 : 1
+
+  subaccount_id    = var.subaccount_id
+  name             = local.cf_org_name
+  environment_type = "cloudfoundry"
+  service_name     = "cloudfoundry"
+  plan_name        = "trial"
+
+  parameters = jsonencode({
+    instance_name = local.cf_org_name
+  })
+}
+
+locals {
+  cf_environment_instance = local.cf_enabled ? local.cf_instances[0] : btp_subaccount_environment_instance.cloudfoundry[0]
+}
+
+resource "local_file" "output_vars_step1" {
+  count    = var.create_tfvars_file_for_next_stage ? 1 : 0
+  content  = <<-EOT
+      cf_api_url          = "${jsondecode(local.cf_environment_instance.labels)["API Endpoint"]}"
+      cf_org_id           = "${local.cf_environment_instance.platform_id}"
+      cf_org_managers     = ${jsonencode(var.cf_org_managers)}
+      cf_space_developers = ${jsonencode(var.cf_space_developers)}
+      cf_space_managers   = ${jsonencode(var.cf_space_managers)}
+      cf_space_name       = "${var.cf_space_name}"
+      create_cf_space     = ${local.create_cf_space}
+      abap_admin_email    = "${var.abap_admin_email}"
+
+      EOT
+  filename = "../step2/terraform.tfvars"
+}

released/discovery_center/mission_3248_trial/step1/outputs.tf

@@ -0,0 +1,44 @@
+output "subaccount_id" {
+  value       = var.subaccount_id
+  description = "The ID of the subaccount."
+}
+
+output "cf_org_id" {
+  value       = local.cf_environment_instance.platform_id
+  description = "The ID of the Cloud Foundry org connected to the subaccount."
+}
+
+output "cf_api_url" {
+  value       = lookup(jsondecode(local.cf_environment_instance.labels), "API Endpoint", "not found")
+  description = "API endpoint of the Cloud Foundry environment."
+}
+
+output "cf_org_managers" {
+  value       = var.cf_org_managers
+  description = "List of managers for the Cloud Foundry org."
+}
+
+output "cf_space_managers" {
+  value       = var.cf_space_managers
+  description = "List of managers for the Cloud Foundry space."
+}
+
+output "cf_space_developers" {
+  value       = var.cf_space_developers
+  description = "List of developers for the Cloud Foundry space."
+}
+
+output "cf_space_name" {
+  value       = var.cf_space_name
+  description = "The name of the CF space to use."
+}
+
+output "create_cf_space" {
+  value       = local.create_cf_space
+  description = "Determines whether a new CF space should be created. Must be true if no space with the name cf_space_name exists for the Org, yet, and false otherwise."
+}
+
+output "abap_admin_email" {
+  value       = var.abap_admin_email
+  description = "Email of the ABAP Administrator."
+}

released/discovery_center/mission_3248_trial/step1/provider.tf

@@ -0,0 +1,17 @@
+
+terraform {
+  required_providers {
+    btp = {
+      source  = "sap/btp"
+      version = "~> 1.4.0"
+    }
+  }
+
+}
+
+# Please checkout documentation on how best to authenticate against SAP BTP
+# via the Terraform provider for SAP BTP
+provider "btp" {
+  globalaccount  = var.globalaccount
+  cli_server_url = var.cli_server_url
+}

released/discovery_center/mission_3248_trial/step1/samples.tfvars

@@ -0,0 +1,28 @@
+# ------------------------------------------------------------------------------------------------------
+# Provider configuration
+# ------------------------------------------------------------------------------------------------------
+globalaccount = "subdomain of your trial globalaccount"
+
+# ------------------------------------------------------------------------------------------------------
+# Project specific configuration (please adapt)
+# ------------------------------------------------------------------------------------------------------
+subaccount_id = "id of your trial subaccount"
+
+# Must be false if CF is enabled and a space with the configured space name already exists
+create_cf_space = false
+cf_space_name   = "dev"
+
+cf_org_managers = ["[email protected]"]
+
+# If create_cf_space is true or Clouf Foundry is disabled for your trial subaccount, you must add
+# yourself as a space manager and developer. DON'T add yourself if the space exists and you are
+# already a space manager or developer of the space.
+cf_space_developers = ["[email protected]", "[email protected]"]
+cf_space_managers   = ["[email protected]", "[email protected]"]
+
+abap_admin_email = "[email protected]"
+
+# ------------------------------------------------------------------------------------------------------
+# Create tfvars file for step 2
+# ------------------------------------------------------------------------------------------------------
+create_tfvars_file_for_next_stage = true

released/discovery_center/mission_3248_trial/step1/variables.tf

@@ -0,0 +1,55 @@
+variable "globalaccount" {
+  type        = string
+  description = "The subdomain of the trial account."
+}
+
+variable "subaccount_id" {
+  type        = string
+  description = "The ID of the trial subaccount."
+  default     = ""
+}
+
+variable "cli_server_url" {
+  type        = string
+  description = "The BTP CLI server URL."
+  default     = "https://cli.btp.cloud.sap"
+}
+
+variable "cf_org_managers" {
+  type        = list(string)
+  description = "List of managers for the Cloud Foundry org."
+  default     = []
+}
+
+variable "cf_space_managers" {
+  type        = list(string)
+  description = "List of managers for the Cloud Foundry space."
+}
+
+variable "cf_space_developers" {
+  type        = list(string)
+  description = "List of developers for the Cloud Foundry space."
+}
+
+variable "cf_space_name" {
+  type        = string
+  description = "The name of the CF space to use."
+}
+
+variable "create_cf_space" {
+  type        = bool
+  description = "Determines whether a new CF space should be created. Must be true if no space with the given name exists for the org, false otherwise. If CF isn't enabled for the subaccount a new space will always be created"
+  default     = false
+}
+
+variable "abap_admin_email" {
+  type        = string
+  description = "Email of the ABAP Administrator."
+  default     = ""
+}
+
+variable "create_tfvars_file_for_next_stage" {
+  type        = bool
+  description = "Switch to enable the creation of the tfvars file for the next step."
+  default     = false
+}

released/discovery_center/mission_3248_trial/step2/README.md

@@ -0,0 +1,35 @@
+# Prepare an Account for ABAP Trial - Step 2
+
+## Overview
+
+The second configuration step finalizes the ABAP Trial setup for the subaccount. The following configurations are applied:
+- Creation a new Cloud Foundry space if no space with the provided name exists
+- Assignment of Cloud Foundry org and space roles
+- Creation of an ABAP Trial service instance in the Cloud Foundry space
+- Creation of a service key for the instance
+
+## Deploying the resources
+
+To deploy the resources of this step execute the following commands:
+
+1. Initialize your workspace:
+
+   ```bash
+   terraform init
+   ```
+
+> **Note** - Some variables of the output of the first step are needed as input for this step.
+
+1. Assign the variable values in a `*.tfvars` file e.g., the global account subdomain
+
+1. You can check what Terraform plans to apply based on your configuration:
+
+   ```bash
+   terraform plan -var-file="<name of your tfvars file>.tfvars" 
+   ```
+
+1. Apply your configuration to provision the resources:
+
+   ```bash
+   terraform apply -var-file="<name of your tfvars file>.tfvars"
+   ```

released/discovery_center/mission_3248_trial/step2/main.tf

@@ -0,0 +1,78 @@
+###
+# Assignment of Cloud Foundry space roles 
+###
+resource "cloudfoundry_org_role" "org_managers" {
+  for_each = toset(var.cf_org_managers)
+  username = each.value
+  type     = "organization_manager"
+  org      = var.cf_org_id
+}
+
+###
+# Creation of Cloud Foundry space
+###
+data "cloudfoundry_space" "dev" {
+  count = var.create_cf_space ? 0 : 1
+  name  = var.cf_space_name
+  org   = var.cf_org_id
+}
+
+resource "cloudfoundry_space" "dev" {
+  count = var.create_cf_space ? 1 : 0
+
+  name = var.cf_space_name
+  org  = var.cf_org_id
+}
+
+locals {
+  space_id = var.create_cf_space ? cloudfoundry_space.dev[0].id : data.cloudfoundry_space.dev[0].id
+}
+
+###
+# Assignment of Cloud Foundry space roles 
+###
+resource "cloudfoundry_space_role" "space_managers" {
+  for_each = toset(var.cf_space_managers)
+  username = each.value
+  type     = "space_manager"
+  space    = local.space_id
+}
+
+resource "cloudfoundry_space_role" "space_developers" {
+  for_each = toset(var.cf_space_developers)
+  username = each.value
+  type     = "space_developer"
+  space    = local.space_id
+}
+
+###
+# Creation of service instance for ABAP
+###
+data "cloudfoundry_service" "abap_service_plans" {
+  name = "abap-trial"
+}
+
+resource "cloudfoundry_service_instance" "abap_trial" {
+  depends_on   = [cloudfoundry_space_role.space_managers, cloudfoundry_space_role.space_developers]
+  name         = "abap-trial"
+  space        = local.space_id
+  service_plan = data.cloudfoundry_service.abap_service_plans.service_plans["shared"]
+  type         = "managed"
+  parameters = jsonencode({
+    email = "${var.abap_admin_email}"
+  })
+  timeouts = {
+    create = "30m"
+    delete = "30m"
+    update = "30m"
+  }
+}
+
+###
+# Creation of service key for ABAP Development Tools (ADT)
+###
+resource "cloudfoundry_service_credential_binding" "abap_trial_service_key" {
+  type             = "key"
+  name             = "abap_trial_adt_key"
+  service_instance = cloudfoundry_service_instance.abap_trial.id
+}