chore: Update for SIT (#333)

* chore: Update for sap inside track

* chore: fixes

* chore: fixes

* chore: fixes

Author: prajin-op

released/SAP-Inside-Tracks/SITBLR2024/main.tf

@@ -0,0 +1,159 @@
+
+
+###############################################################################################
+# This is the Terraform script for the SAP Insidetrack event. In this script you will create
+# the infrastructure for the development of an SAP extension project  
+# The script will do the following
+#   - create a new subaccount (if the subaccount id is not set)
+#   - add users as subaccount administrators and viewers
+#   - create entitlements for the following services:
+#        * SAP Business Application Studio
+#        * SAP Continous & Integration Application
+#        * SAP Build Workzone - standard edition
+#   - create subscriptions
+#   - add user to service role collections
+###############################################################################################
+
+###############################################################################################
+# Creation of subaccount - if subaccount_id = ""
+###############################################################################################
+# Setup subaccount domain (to ensure uniqueness in BTP global account)
+resource "random_uuid" "uuid" {}
+
+resource "btp_subaccount" "create_subaccount" {
+  count     = var.subaccount_id == "" ? 1 : 0
+  name      = var.subaccount_name
+  subdomain = join("-", [var.subaccount_name, random_uuid.uuid.result])
+  region    = lower(var.region)
+}
+
+# For the next resources we need the subaccount ID – either use the new one or one from the subaccount_id variable
+data "btp_subaccount" "project" {
+  id = var.subaccount_id != "" ? var.subaccount_id : btp_subaccount.create_subaccount[0].id
+}
+
+##############################################################################################
+# Assign users to the subaccount role collections
+##############################################################################################
+# Assignment of admins to the sub account as sub account administrators
+resource "btp_subaccount_role_collection_assignment" "subaccount_admins" {
+  for_each             = toset("${var.subaccount_admins}")
+  subaccount_id        = data.btp_subaccount.project.id
+  role_collection_name = "Subaccount Administrator"
+  user_name            = each.value
+}
+
+# Assignment of developers to the sub account as sub account viewer
+resource "btp_subaccount_role_collection_assignment" "subaccount_viewer" {
+  for_each             = toset("${var.developers}")
+  subaccount_id        = data.btp_subaccount.project.id
+  role_collection_name = "Subaccount Viewer"
+  user_name            = each.value
+}
+# Assignment of the subaccount service administrators 
+resource "btp_subaccount_role_collection_assignment" "subaccount_service_admin" {
+  for_each             = toset("${var.service_admins}")
+  subaccount_id        = data.btp_subaccount.project.id
+  role_collection_name = "Subaccount Service Administrator"
+  user_name            = each.value
+}
+
+##############################################################################################
+# Creating entitlements
+##############################################################################################
+# Entitle subaccount for usage of app  destination SAP Build Workzone, standard edition
+resource "btp_subaccount_entitlement" "build_workzone" {
+  subaccount_id = data.btp_subaccount.project.id
+  service_name  = "SAPLaunchpad"
+  plan_name     = var.build_workzone_service_plan
+  amount        = 1
+}
+
+# Entitle subaccount for usage of app  destination SAP Business Application Studio
+resource "btp_subaccount_entitlement" "bas" {
+  subaccount_id = data.btp_subaccount.project.id
+  service_name  = "sapappstudio"
+  plan_name     = var.bas_service_plan
+}
+# Entitle subaccount for usage of app  destination Continous Integration & Delivery
+resource "btp_subaccount_entitlement" "cicd" {
+  subaccount_id = data.btp_subaccount.project.id
+  service_name  = "cicd-app"
+  plan_name     = var.cicd_service_plan
+}
+
+##############################################################################################
+# Creating subscriptions
+##############################################################################################
+# Create app subscription to SAP Build Workzone, standard edition (depends on entitlement)
+resource "btp_subaccount_subscription" "build_workzone" {
+  subaccount_id = data.btp_subaccount.project.id
+  app_name      = "SAPLaunchpad"
+  plan_name     = var.build_workzone_service_plan
+  depends_on    = [btp_subaccount_entitlement.build_workzone]
+}
+
+# Create app subscription to SAP Business Application Studio (depends on entitlement)
+resource "btp_subaccount_subscription" "bas" {
+  subaccount_id = data.btp_subaccount.project.id
+  app_name      = "sapappstudio"
+  plan_name     = var.bas_service_plan
+  depends_on    = [btp_subaccount_entitlement.bas]
+}
+# Create app subscription to SAP Business Application Studio (depends on entitlement)
+resource "btp_subaccount_subscription" "cicd" {
+  subaccount_id = data.btp_subaccount.project.id
+  app_name      = "cicd-app"
+  plan_name     = var.cicd_service_plan
+  depends_on    = [btp_subaccount_entitlement.cicd]
+}
+
+###############################################################################################
+# Assign User to role collections
+###############################################################################################
+
+
+# Assign users to Role Collection: Launchpad_Admin
+resource "btp_subaccount_role_collection_assignment" "launchpad_admin" {
+  for_each             = toset("${var.service_admins}")
+  subaccount_id        = data.btp_subaccount.project.id
+  role_collection_name = "Launchpad_Admin"
+  user_name            = each.value
+  depends_on           = [btp_subaccount_subscription.build_workzone]
+}
+
+# Assign users to Role Collection: Business_Application_Studio_Administrator
+resource "btp_subaccount_role_collection_assignment" "bas_admin" {
+  for_each             = toset("${var.service_admins}")
+  subaccount_id        = data.btp_subaccount.project.id
+  role_collection_name = "Business_Application_Studio_Administrator"
+  user_name            = each.value
+  depends_on           = [btp_subaccount_subscription.bas]
+}
+
+# Assign users to Role Collection: Business_Application_Studio_Developer
+resource "btp_subaccount_role_collection_assignment" "bas_dev" {
+  for_each             = toset("${var.developers}")
+  subaccount_id        = data.btp_subaccount.project.id
+  role_collection_name = "Business_Application_Studio_Developer"
+  user_name            = each.value
+  depends_on           = [btp_subaccount_subscription.bas]
+}
+
+# Assign users to Role Collection: CICD Service Administrator
+resource "btp_subaccount_role_collection_assignment" "cicd_admin" {
+  for_each             = toset("${var.service_admins}")
+  subaccount_id        = data.btp_subaccount.project.id
+  role_collection_name = "CICD Service Administrator"
+  user_name            = each.value
+  depends_on           = [btp_subaccount_subscription.cicd]
+}
+
+# Assign users to Role Collection: CICD Service Developer
+resource "btp_subaccount_role_collection_assignment" "cicd_dev" {
+  for_each             = toset("${var.developers}")
+  subaccount_id        = data.btp_subaccount.project.id
+  role_collection_name = "CICD Service Developer"
+  user_name            = each.value
+  depends_on           = [btp_subaccount_subscription.cicd]
+}

released/SAP-Inside-Tracks/SITBLR2024/provider.tf

@@ -0,0 +1,17 @@
+terraform {
+  required_providers {
+    btp = {
+      source  = "sap/btp"
+      version = "~> 1.5.0"
+    }
+  }
+}
+
+# Please checkout documentation on how best to authenticate against SAP BTP
+# via the Terraform provider for SAP BTP
+provider "btp" {
+  globalaccount = var.globalaccount
+  username      = var.btp_username
+  password      = var.btp_password
+  idp           = var.idp
+}

released/SAP-Inside-Tracks/SITBLR2024/samples.tfvars

@@ -0,0 +1,32 @@
+########################################################################
+# Account settings
+########################################################################
+globalaccount   = "inside-track-2023"
+region          = "us10"
+subaccount_name = "learningjourney"
+idp             = "<name of the custom identity provider>"
+
+
+# Set the subaccount_id ro run the script in an existing subaccount, 
+# keep it empty to create a new one, for that you need the global account administration role
+# subaccount_id = ""
+
+#####################################################################################
+# Subaccount administrators - don't add your own user here, your ID is added automatically
+#####################################################################################
+subaccount_admins = ["[email protected]", "[email protected]"]
+
+
+#####################################################################################
+# Service administrators and developers - add your ID here
+#####################################################################################
+service_admins = ["[email protected]", "[email protected]"]
+developers     = ["[email protected]"]
+
+#####################################################################################
+# Service plans - for testing the services you can set "free" as value, the free service plan 
+# is only supported for SAP BTP accounts  with the CPEA, BTPEA or Pay-as-you-go commercial model
+#####################################################################################
+build_workzone_service_plan = "free"
+bas_service_plan            = "free"
+cicd_service_plan           = "default"

released/SAP-Inside-Tracks/SITBLR2024/variables.tf

@@ -0,0 +1,85 @@
+variable "globalaccount" {
+  type        = string
+  description = "The globalaccount subdomain where the sub account shall be created."
+}
+variable "idp" {
+  type        = string
+  description = "The custom identity provider for the subaccount."
+  default     = "aviss4yru.accounts.ondemand.com"
+}
+
+variable "subaccount_name" {
+  type        = string
+  description = "The subaccount name."
+  default     = "My SAP subaccount"
+}
+
+variable "subaccount_id" {
+  type        = string
+  description = "The subaccount ID."
+  default     = ""
+}
+variable "region" {
+  type        = string
+  description = "The region where the subaccount shall be created in."
+  default     = "us10"
+}
+
+variable "build_workzone_service_plan" {
+  type        = string
+  description = "The plan for the SAP Build Workzone subscription"
+  default     = "free"
+  validation {
+    condition     = contains(["free", "standard"], var.build_workzone_service_plan)
+    error_message = "Invalid value for build_workzone_service_plan. Only 'free' and 'standard' are allowed."
+  }
+}
+
+variable "bas_service_plan" {
+  type        = string
+  description = "The plan for SAP Business Application Studio subscription"
+  default     = "free"
+  validation {
+    condition     = contains(["free", "standard-edition"], var.bas_service_plan)
+    error_message = "Invalid value for SAP Business Application Studion. Only 'free' and 'standard-edition' are allowed."
+  }
+}
+
+variable "cicd_service_plan" {
+  type        = string
+  description = "The plan for Continous Integraion & Delivery subscription"
+  default     = "free"
+  validation {
+    condition     = contains(["free", "default"], var.cicd_service_plan)
+    error_message = "Invalid value for Continous Integraion & Delivery. Only 'free' and 'default' are allowed."
+  }
+}
+
+variable "subaccount_admins" {
+  type        = list(string)
+  description = "Defines the colleagues who are added to each subaccount as emergency administrators."
+}
+variable "service_admins" {
+  type        = list(string)
+  description = "Defines the users who are added to each subaccount as service administrators."
+}
+variable "developers" {
+  type        = list(string)
+  description = "Defines the colleagues who are added to services as developers."
+}
+
+variable "btp_username" {
+  type        = string
+  description = "SAP BTP user name"
+  ## set default value to "" when using environment values for user and password
+  #   default     = ""
+}
+
+
+variable "btp_password" {
+  type        = string
+  description = "Password for SAP BTP user"
+  sensitive   = true
+  ## set default value to "" when using environment values for user and password
+  #   default     = ""
+}