Topic sk jcs 13514 (#118)

* deploy deply_sample_app to the compute module.

* terraform fmt.

* Fix the sample url for idcs.

* IDCS changes.

Author: skommala

terraform/locals.tf

@@ -90,13 +90,16 @@ locals {
 
   assign_weblogic_public_ip = var.assign_weblogic_public_ip || var.subnet_type == "Use Public Subnet"
 
+  // Deploy sample-app only if the edition is not SE
+  deploy_sample_app = (var.deploy_sample_app && var.wls_edition != "SE")
+
   admin_ip_address      = local.assign_weblogic_public_ip ? module.compute.instance_public_ips[0] : module.compute.instance_private_ips[0]
   admin_console_app_url = format("https://%s:%s/console", local.admin_ip_address, var.wls_extern_ssl_admin_port)
   sample_app_protocol   = local.add_load_balancer ? "https" : "http"
-  sample_app_url_lb_ip  = var.deploy_sample_app && local.add_load_balancer ? format("%s://%s/sample-app", local.sample_app_protocol, local.lb_ip) : ""
-  sample_app_url_wls_ip = var.deploy_sample_app ? format("https://%s:%s/sample-app", local.admin_ip_address, var.wls_ms_extern_ssl_port) : ""
-  sample_app_url        = var.wls_edition != "SE" ? (var.deploy_sample_app && local.add_load_balancer ? local.sample_app_url_lb_ip : local.sample_app_url_wls_ip) : ""
-  sample_idcs_app_url = var.deploy_sample_app && local.add_load_balancer && var.is_idcs_selected ? format(
+  sample_app_url_lb_ip  = local.deploy_sample_app && local.add_load_balancer ? format("%s://%s/sample-app", local.sample_app_protocol, local.lb_ip) : ""
+  sample_app_url_wls_ip = local.deploy_sample_app ? format("https://%s:%s/sample-app", local.admin_ip_address, var.wls_ms_extern_ssl_port) : ""
+  sample_app_url        = local.deploy_sample_app ? (local.add_load_balancer ? local.sample_app_url_lb_ip : local.sample_app_url_wls_ip) : ""
+  sample_idcs_app_url = local.deploy_sample_app && local.add_load_balancer && var.is_idcs_selected ? format(
     "%s://%s/__protected/idcs-sample-app",
     local.sample_app_protocol,
     local.lb_ip,

terraform/main.tf

@@ -566,6 +566,8 @@ module "compute" {
   num_vm_instances              = var.wls_node_count
   resource_name_prefix          = var.service_name
 
+  deploy_sample_app = local.deploy_sample_app
+
   is_bastion_instance_required = var.is_bastion_instance_required
 
   is_idcs_selected      = var.is_idcs_selected

terraform/modules/policies/locals.tf

@@ -21,7 +21,7 @@ locals {
   secrets_policy_statement2 = (var.is_idcs_selected && var.idcs_client_secret_id != "") ? "Allow dynamic-group ${oci_identity_dynamic_group.wlsc_instance_principal_group.name} to read secret-bundles in tenancy where target.secret.id = '${var.idcs_client_secret_id}'" : ""
   atp_policy_statement1     = (var.atp_db.is_atp && var.atp_db.password_id != "") ? "Allow dynamic-group ${oci_identity_dynamic_group.wlsc_instance_principal_group.name} to read secret-bundles in tenancy where target.secret.id = '${var.atp_db.password_id}'" : ""
   # This policy with "use autonomous-transaction-processing-family" verb is needed to download ATP db wallet
-  atp_policy_statement2    = (var.atp_db.is_atp && var.atp_db.compartment_id != "") ? "Allow dynamic-group ${oci_identity_dynamic_group.wlsc_instance_principal_group.name} to use autonomous-transaction-processing-family in compartment id ${var.atp_db.compartment_id}" : ""
+  atp_policy_statement2 = (var.atp_db.is_atp && var.atp_db.compartment_id != "") ? "Allow dynamic-group ${oci_identity_dynamic_group.wlsc_instance_principal_group.name} to use autonomous-transaction-processing-family in compartment id ${var.atp_db.compartment_id}" : ""
   # This policy with "manage network-security-groups" verb is needed to add security rule in the ATP db (with private endpoint) NSG in the ATP db VCN
   atp_policy_statement3    = (var.atp_db.is_atp_with_private_endpoints && var.atp_db.existing_vcn_add_seclist && var.atp_db.network_compartment_id != "") ? "Allow dynamic-group ${oci_identity_dynamic_group.wlsc_instance_principal_group.name} to manage network-security-groups in compartment id ${var.atp_db.network_compartment_id} where request.operation = 'AddNetworkSecurityGroupSecurityRules'" : ""
   oci_db_policy_statement1 = var.oci_db.password_id != "" ? "Allow dynamic-group ${oci_identity_dynamic_group.wlsc_instance_principal_group.name} to read secret-bundles in tenancy where target.secret.id = '${var.oci_db.password_id}'" : ""