-
Notifications
You must be signed in to change notification settings - Fork 34
chore: Update for SIT #333
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Changes from 2 commits
Commits
Show all changes
4 commits
Select commit
Hold shift + click to select a range
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,159 @@ | ||
|
|
||
|
|
||
| ############################################################################################### | ||
| # This is the Terraform script for the BTP_200 Learning Journey. In this script you will create | ||
| # the infrastructure for the development of an SAP extension project | ||
| # The script will do the following | ||
| # - create a new subaccount (if the subaccount id is not set) | ||
| # - add users as subaccount administrators and viewers | ||
| # - create entitlements for the following services: | ||
| # * SAP Business Application Studio | ||
| # * SAP Continous & Integration Application | ||
| # * SAP Build Workzone - standard edition | ||
| # - create subscriptions | ||
| # - add user to service role collections | ||
| ############################################################################################### | ||
|
|
||
| ############################################################################################### | ||
| # Creation of subaccount - if subaccount_id = "" | ||
| ############################################################################################### | ||
| # Setup subaccount domain (to ensure uniqueness in BTP global account) | ||
| resource "random_uuid" "uuid" {} | ||
|
|
||
| resource "btp_subaccount" "create_subaccount" { | ||
| count = var.subaccount_id == "" ? 1 : 0 | ||
| name = var.subaccount_name | ||
| subdomain = join("-", [var.subaccount_name, random_uuid.uuid.result]) | ||
| region = lower(var.region) | ||
| } | ||
|
|
||
| # For the next resources we need the subaccount ID – either use the new one or one from the subaccount_id variable | ||
| data "btp_subaccount" "project" { | ||
| id = var.subaccount_id != "" ? var.subaccount_id : btp_subaccount.create_subaccount[0].id | ||
| } | ||
|
|
||
| ############################################################################################## | ||
| # Assign users to the subaccount role collections | ||
| ############################################################################################## | ||
| # Assignment of admins to the sub account as sub account administrators | ||
| resource "btp_subaccount_role_collection_assignment" "subaccount_admins" { | ||
| for_each = toset("${var.subaccount_admins}") | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| role_collection_name = "Subaccount Administrator" | ||
| user_name = each.value | ||
| } | ||
|
|
||
| # Assignment of developers to the sub account as sub account viewer | ||
| resource "btp_subaccount_role_collection_assignment" "subaccount_viewer" { | ||
| for_each = toset("${var.developers}") | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| role_collection_name = "Subaccount Viewer" | ||
| user_name = each.value | ||
| } | ||
| # Assignment of the subaccount service administrators | ||
| resource "btp_subaccount_role_collection_assignment" "subaccount_service_admin" { | ||
| for_each = toset("${var.service_admins}") | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| role_collection_name = "Subaccount Service Administrator" | ||
| user_name = each.value | ||
| } | ||
|
|
||
| ############################################################################################## | ||
| # Creating entitlements | ||
| ############################################################################################## | ||
| # Entitle subaccount for usage of app destination SAP Build Workzone, standard edition | ||
| resource "btp_subaccount_entitlement" "build_workzone" { | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| service_name = "SAPLaunchpad" | ||
| plan_name = var.build_workzone_service_plan | ||
| amount = 1 | ||
| } | ||
|
|
||
| # Entitle subaccount for usage of app destination SAP Business Application Studio | ||
| resource "btp_subaccount_entitlement" "bas" { | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| service_name = "sapappstudio" | ||
| plan_name = var.bas_service_plan | ||
| } | ||
| # Entitle subaccount for usage of app destination Continous Integration & Delivery | ||
| resource "btp_subaccount_entitlement" "cicd" { | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| service_name = "cicd-app" | ||
| plan_name = var.cicd_service_plan | ||
| } | ||
|
|
||
| ############################################################################################## | ||
| # Creating subscriptions | ||
| ############################################################################################## | ||
| # Create app subscription to SAP Build Workzone, standard edition (depends on entitlement) | ||
| resource "btp_subaccount_subscription" "build_workzone" { | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| app_name = "SAPLaunchpad" | ||
| plan_name = var.build_workzone_service_plan | ||
| depends_on = [btp_subaccount_entitlement.build_workzone] | ||
| } | ||
|
|
||
| # Create app subscription to SAP Business Application Studio (depends on entitlement) | ||
| resource "btp_subaccount_subscription" "bas" { | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| app_name = "sapappstudio" | ||
| plan_name = var.bas_service_plan | ||
| depends_on = [btp_subaccount_entitlement.bas] | ||
| } | ||
| # Create app subscription to SAP Business Application Studio (depends on entitlement) | ||
| resource "btp_subaccount_subscription" "cicd" { | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| app_name = "cicd-app" | ||
| plan_name = var.cicd_service_plan | ||
| depends_on = [btp_subaccount_entitlement.cicd] | ||
| } | ||
|
|
||
| ############################################################################################### | ||
| # Assign User to role collections | ||
| ############################################################################################### | ||
|
|
||
|
|
||
| # Assign users to Role Collection: Launchpad_Admin | ||
| resource "btp_subaccount_role_collection_assignment" "launchpad_admin" { | ||
| for_each = toset("${var.service_admins}") | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| role_collection_name = "Launchpad_Admin" | ||
| user_name = each.value | ||
| depends_on = [btp_subaccount_subscription.build_workzone] | ||
| } | ||
|
|
||
| # Assign users to Role Collection: Business_Application_Studio_Administrator | ||
| resource "btp_subaccount_role_collection_assignment" "bas_admin" { | ||
| for_each = toset("${var.service_admins}") | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| role_collection_name = "Business_Application_Studio_Administrator" | ||
| user_name = each.value | ||
| depends_on = [btp_subaccount_subscription.bas] | ||
| } | ||
|
|
||
| # Assign users to Role Collection: Business_Application_Studio_Developer | ||
| resource "btp_subaccount_role_collection_assignment" "bas_dev" { | ||
| for_each = toset("${var.developers}") | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| role_collection_name = "Business_Application_Studio_Developer" | ||
| user_name = each.value | ||
| depends_on = [btp_subaccount_subscription.bas] | ||
| } | ||
|
|
||
| # Assign users to Role Collection: CICD Service Administrator | ||
| resource "btp_subaccount_role_collection_assignment" "cicd_admin" { | ||
| for_each = toset("${var.service_admins}") | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| role_collection_name = "CICD Service Administrator" | ||
| user_name = each.value | ||
| depends_on = [btp_subaccount_subscription.cicd] | ||
| } | ||
|
|
||
| # Assign users to Role Collection: CICD Service Developer | ||
| resource "btp_subaccount_role_collection_assignment" "cicd_dev" { | ||
| for_each = toset("${var.developers}") | ||
| subaccount_id = data.btp_subaccount.project.id | ||
| role_collection_name = "CICD Service Developer" | ||
| user_name = each.value | ||
| depends_on = [btp_subaccount_subscription.cicd] | ||
| } |
wope4455 marked this conversation as resolved.
Show resolved
Hide resolved
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| terraform { | ||
| required_providers { | ||
| btp = { | ||
| source = "sap/btp" | ||
| version = "~> 1.5.0" | ||
| } | ||
| } | ||
| } | ||
|
|
||
| # Please checkout documentation on how best to authenticate against SAP BTP | ||
| # via the Terraform provider for SAP BTP | ||
| provider "btp" { | ||
| globalaccount = var.globalaccount | ||
| username = var.btp_username | ||
| password = var.btp_password | ||
| idp = "<custom idp name>" | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| ######################################################################## | ||
| # Account settings | ||
| ######################################################################## | ||
| globalaccount = "myglobalaccount" | ||
| region = "us10" | ||
| subaccount_name = "learningjourney" | ||
|
|
||
|
|
||
| # Set the subaccount_id ro run the script in an existing subaccount, | ||
| # keep it empty to create a new one, for that you need the global account administration role | ||
| # subaccount_id = "" | ||
|
|
||
| ##################################################################################### | ||
| # Subaccount administrators - don't add your own user here, your ID is added automatically | ||
| ##################################################################################### | ||
| subaccount_admins = ["[email protected]", "[email protected]"] | ||
|
|
||
|
|
||
| ##################################################################################### | ||
| # Service administrators and developers - add your ID here | ||
| ##################################################################################### | ||
| service_admins = ["[email protected]", "[email protected]"] | ||
| developers = ["[email protected]"] | ||
|
|
||
| ##################################################################################### | ||
| # Service plans - for testing the services you can set "free" as value, the free service plan | ||
| # is only supported for SAP BTP accounts with the CPEA, BTPEA or Pay-as-you-go commercial model | ||
| ##################################################################################### | ||
| build_workzone_service_plan = "free" | ||
| bas_service_plan = "free" | ||
| cicd_service_plan = "default" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,85 @@ | ||
| variable "globalaccount" { | ||
| type = string | ||
| description = "The globalaccount subdomain where the sub account shall be created." | ||
| } | ||
| variable "custom_idp" { | ||
| type = string | ||
| description = "The custom identity provider for the subaccount." | ||
| default = "aviss4yru-platform.accounts.ondemand.com" | ||
| } | ||
|
|
||
| variable "subaccount_name" { | ||
| type = string | ||
| description = "The subaccount name." | ||
| default = "My SAP subaccount" | ||
| } | ||
|
|
||
| variable "subaccount_id" { | ||
| type = string | ||
| description = "The subaccount ID." | ||
| default = "" | ||
| } | ||
| variable "region" { | ||
| type = string | ||
| description = "The region where the subaccount shall be created in." | ||
| default = "us10" | ||
| } | ||
|
|
||
| variable "build_workzone_service_plan" { | ||
| type = string | ||
| description = "The plan for the SAP Build Workzone subscription" | ||
| default = "free" | ||
| validation { | ||
| condition = contains(["free", "standard"], var.build_workzone_service_plan) | ||
| error_message = "Invalid value for build_workzone_service_plan. Only 'free' and 'standard' are allowed." | ||
| } | ||
| } | ||
|
|
||
| variable "bas_service_plan" { | ||
| type = string | ||
| description = "The plan for SAP Business Application Studio subscription" | ||
| default = "free" | ||
| validation { | ||
| condition = contains(["free", "standard-edition"], var.bas_service_plan) | ||
| error_message = "Invalid value for SAP Business Application Studion. Only 'free' and 'standard-edition' are allowed." | ||
| } | ||
| } | ||
|
|
||
| variable "cicd_service_plan" { | ||
| type = string | ||
| description = "The plan for Continous Integraion & Delivery subscription" | ||
| default = "free" | ||
| validation { | ||
| condition = contains(["free", "default"], var.cicd_service_plan) | ||
| error_message = "Invalid value for Continous Integraion & Delivery. Only 'free' and 'default' are allowed." | ||
| } | ||
| } | ||
|
|
||
| variable "subaccount_admins" { | ||
| type = list(string) | ||
| description = "Defines the colleagues who are added to each subaccount as emergency administrators." | ||
| } | ||
| variable "service_admins" { | ||
| type = list(string) | ||
| description = "Defines the users who are added to each subaccount as service administrators." | ||
| } | ||
| variable "developers" { | ||
| type = list(string) | ||
| description = "Defines the colleagues who are added to services as developers." | ||
| } | ||
|
|
||
| variable "btp_username" { | ||
| type = string | ||
| description = "SAP BTP user name" | ||
| ## set default value to "" when using environment values for user and password | ||
| # default = "" | ||
| } | ||
|
|
||
|
|
||
| variable "btp_password" { | ||
| type = string | ||
| description = "Password for SAP BTP user" | ||
| sensitive = true | ||
| ## set default value to "" when using environment values for user and password | ||
| # default = "" | ||
| } |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.