Merge pull request #2306 from oracle/release_gh

Releasing v6.28.0

Author: tf-oci-pub

CHANGELOG.md

@@ -1,3 +1,18 @@
+## 6.28.0 (February 28, 2025)
+
+### Added
+- Support for OIDC multi issuer support
+- Support for OCI Cache - Valkey Support and valkey migration
+- Support for HeatWave MySQL Service: Extra Configuration Parameters, System Tags
+- Support for BYODKIM
+- Support for X11 M | Exadata Infrastructure Support on ExaDB-C@C
+- Support for EXADB-D- X11M
+- Support for Dataflow Integration and Storage Mounts with Pipelines
+- Support for DBLM: Database Life Cycle Management (Externally Registered Database Vulnerability and Patching)
+
+### Bug Fix
+- Make secret version optional and computed for cross connects
+
 ## 6.27.0 (February 19, 2025)
 
 ### Added

GNUmakefile

@@ -161,16 +161,4 @@ check-untagged-tests:
 	@sh -c "'$(CURDIR)/scripts/check-untagged-tests.sh' -s ''$(SERVICE)"
 
 check-module-name:
-	@sh -c "'$(CURDIR)/scripts/gomodnamecheck.sh'"
-
-buildpyEnv:
-	cd ./terraform-test-resources/dev_tools/teamcity_scripts/python_script; @echo $(SCRIPT_ARG) ; sh run_python_script.sh
-
-buildpyEnv:
-	@if [ -d "./terraform-test-resources" ]; then \
-		cd ./terraform-test-resources/dev_tools/teamcity_scripts/python_script; \
-		echo $(SCRIPT_ARG); \
-		sh run_python_script.sh; \
-	else \
-		echo "Skipping script execution: terraform-test-resources submodule not found."; \
-	fi
+	@sh -c "'$(CURDIR)/scripts/gomodnamecheck.sh'"

examples/README.md

@@ -81,6 +81,8 @@ This directory contains Terraform configuration files showing how to create spec
     [![Deploy to Oracle Cloud](https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg)](https://cloud.oracle.com/resourcemanager/stacks/create?zipUrl=https://github.com/oracle/terraform-provider-oci/raw/master/examples/zips/datasafe.zip)
 - datascience  
     [![Deploy to Oracle Cloud](https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg)](https://cloud.oracle.com/resourcemanager/stacks/create?zipUrl=https://github.com/oracle/terraform-provider-oci/raw/master/examples/zips/datascience.zip)
+- dblm  
+    [![Deploy to Oracle Cloud](https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg)](https://cloud.oracle.com/resourcemanager/stacks/create?zipUrl=https://github.com/oracle/terraform-provider-oci/raw/master/examples/zips/dblm.zip)
 - delegation_management  
     [![Deploy to Oracle Cloud](https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg)](https://cloud.oracle.com/resourcemanager/stacks/create?zipUrl=https://github.com/oracle/terraform-provider-oci/raw/master/examples/zips/delegation_management.zip)
 - demand_signal  

examples/container_engine/oidc_authn_token_config/main.tf

@@ -87,6 +87,10 @@ variable "cluster_options_open_id_connect_token_authentication_config_groups_cla
   default = "groupsClaim"
 }
 
+variable "cluster_options_open_id_connect_token_authentication_config_configuration_file" {
+  default = ""
+}
+
 variable "cluster_options_open_id_connect_token_authentication_config_groups_prefix" {
   default = "groupsPrefix"
 }
@@ -256,6 +260,8 @@ resource "oci_containerengine_cluster" "test_cluster" {
       ca_certificate = var.cluster_options_open_id_connect_token_authentication_config_ca_certificate
       groups_claim   = var.cluster_options_open_id_connect_token_authentication_config_groups_claim
       groups_prefix  = var.cluster_options_open_id_connect_token_authentication_config_groups_prefix
+      #Optional
+      configuration_file = var.cluster_options_open_id_connect_token_authentication_config_configuration_file
       required_claims {
 
         #Optional
@@ -272,7 +278,7 @@ resource "oci_containerengine_cluster" "test_cluster" {
 
 data "oci_containerengine_clusters" "test_clusters" {
   #Required
-  compartment_id = var.compartment_id
+  compartment_id = var.compartment_ocid
 
   #Optional
   name  = var.cluster_name

examples/container_engine/oidc_authn_token_config_multi_issuers/main.tf

@@ -0,0 +1,232 @@
+// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+variable "tenancy_ocid" {
+}
+
+variable "user_ocid" {
+}
+
+variable "compartment_ocid" {
+}
+
+variable "region" {
+  default = "us-ashburn-1"
+}
+
+variable "kms_vault_id" {
+}
+
+variable "compartment_id" {
+}
+
+variable "cluster_cluster_pod_network_options_cni_type" {
+  default = "OCI_VCN_IP_NATIVE"
+}
+
+variable "cluster_defined_tags_value" {
+  default = "value"
+}
+
+variable "cluster_endpoint_config_is_public_ip_enabled" {
+  default = false
+}
+
+variable "cluster_endpoint_config_nsg_ids" {
+  default = []
+}
+
+variable "cluster_freeform_tags" {
+  default = { "Department" = "Finance" }
+}
+
+variable "cluster_image_policy_config_is_policy_enabled" {
+  default = false
+}
+
+variable "cluster_kubernetes_version" {
+  default = "kubernetesVersion"
+}
+
+variable "cluster_name" {
+  default = "name"
+}
+
+variable "cluster_options_add_ons_is_kubernetes_dashboard_enabled" {
+  default = true
+}
+
+variable "cluster_options_add_ons_is_tiller_enabled" {
+  default = true
+}
+
+variable "cluster_options_admission_controller_options_is_pod_security_policy_enabled" {
+  default = false
+}
+
+variable "cluster_options_kubernetes_network_config_pods_cidr" {
+  default = "10.1.0.0/16"
+}
+
+variable "cluster_options_kubernetes_network_config_services_cidr" {
+  default = "10.2.0.0/16"
+}
+
+variable "cluster_options_open_id_connect_token_authentication_config_is_open_id_connect_auth_enabled" {
+  default = true
+}
+
+variable "cluster_options_open_id_connect_token_authentication_config_configuration_file" {
+  default = "YXBpVmVyc2lvbjogYXBpc2VydmVyLmNvbmZpZy5rOHMuaW8vdjFiZXRhMQpraW5kOiBBdXRoZW50aWNhdGlvbkNvbmZpZ3VyYXRpb24Kand0OgogIC0gaXNzdWVyOgogICAgICB1cmw6IGh0dHBzOi8vYWNjb3VudHMuZ29vZ2xlLmNvbQogICAgICBhdWRpZW5jZXM6CiAgICAgICAgLSA3OTc3NjQ0NDY1NjctMjZycTVrdDMzMTYyMWozdXJzdGQwZDVyODFkNnJkZDAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20KICAgICAgYXVkaWVuY2VNYXRjaFBvbGljeTogTWF0Y2hBbnkKICAgIGNsYWltTWFwcGluZ3M6CiAgICAgIHVzZXJuYW1lOgogICAgICAgIGNsYWltOiAic3ViIgogICAgICAgIHByZWZpeDogIiIKICAgICAgZ3JvdXBzOgogICAgICAgIGNsYWltOiAiZ3JvdXBzIgogICAgICAgIHByZWZpeDogIiIKICAgICAgdWlkOgogICAgICAgIGNsYWltOiAic3ViIgogIC0gaXNzdWVyOgogICAgICB1cmw6IGh0dHBzOi8vZGV2LWQ4Y21qeXcydm1rMm1qY24udXMuYXV0aDAuY29tLwogICAgICBhdWRpZW5jZXM6CiAgICAgICAgLSBWM2YxeTJ4WVFvTFdXYmhUcXY4SGE3azltQ1FwSDg0aAogICAgICBhdWRpZW5jZU1hdGNoUG9saWN5OiBNYXRjaEFueQogICAgY2xhaW1NYXBwaW5nczoKICAgICAgdXNlcm5hbWU6CiAgICAgICAgY2xhaW06ICJzdWIiCiAgICAgICAgcHJlZml4OiAiIgogICAgICBncm91cHM6CiAgICAgICAgY2xhaW06ICJncm91cHMiCiAgICAgICAgcHJlZml4OiAiIgogICAgICB1aWQ6CiAgICAgICAgY2xhaW06ICJzdWIiCg=="
+}
+
+variable "cluster_options_persistent_volume_config_defined_tags_value" {
+  default = "value"
+}
+
+variable "cluster_options_persistent_volume_config_freeform_tags" {
+  default = { "Department" = "Finance" }
+}
+
+variable "cluster_options_service_lb_config_defined_tags_value" {
+  default = "value"
+}
+
+variable "cluster_options_service_lb_config_freeform_tags" {
+  default = { "Department" = "Finance" }
+}
+
+variable "cluster_options_service_lb_subnet_ids" {
+  default = []
+}
+
+variable "cluster_state" {
+  default = []
+}
+
+variable "cluster_type" {
+  default = "ENHANCED_CLUSTER"
+}
+
+
+
+provider "oci" {
+  region           = var.region
+  auth = "SecurityToken"
+  config_file_profile = "terraform-federation-test"
+}
+
+#variable defined_tag_namespace_name {
+#  default = "test"
+#}
+
+resource "oci_core_vcn" "test_vcn" {
+  cidr_block     = "10.0.0.0/16"
+  compartment_id = var.compartment_ocid
+  display_name   = "tfVcnForClusters"
+}
+
+resource "oci_core_internet_gateway" "test_ig" {
+  compartment_id = var.compartment_ocid
+  display_name   = "tfClusterInternetGateway"
+  vcn_id         = oci_core_vcn.test_vcn.id
+}
+
+#resource "oci_identity_tag_namespace" "tag-namespace1" {
+#  #Required
+#  compartment_id = var.tenancy_ocid
+#  description = "example tag namespace"
+#  name = var.defined_tag_namespace_name != "" ? var.defined_tag_namespace_name : "example-tag-namespace-all"
+#
+#  is_retired = false
+#}
+
+resource "oci_core_route_table" "test_route_table" {
+  compartment_id = var.compartment_ocid
+  vcn_id         = oci_core_vcn.test_vcn.id
+  display_name   = "tfClustersRouteTable"
+
+  route_rules {
+    destination       = "0.0.0.0/0"
+    destination_type  = "CIDR_BLOCK"
+    network_entity_id = oci_core_internet_gateway.test_ig.id
+  }
+}
+
+data "oci_identity_availability_domains" "test_availability_domains" {
+  compartment_id = var.tenancy_ocid
+}
+
+data "oci_identity_availability_domain" "ad1" {
+  compartment_id = var.tenancy_ocid
+  ad_number      = 1
+}
+
+data "oci_identity_availability_domain" "ad2" {
+  compartment_id = var.tenancy_ocid
+  ad_number      = 2
+}
+
+resource "oci_core_subnet" "clusterSubnet_2" {
+  #Required
+  availability_domain = data.oci_identity_availability_domain.ad2.name
+  cidr_block          = "10.0.21.0/24"
+  compartment_id      = var.compartment_ocid
+  vcn_id              = oci_core_vcn.test_vcn.id
+  display_name        = "tfSubNet1ForClusters"
+
+  # Provider code tries to maintain compatibility with old versions.
+  security_list_ids = [oci_core_vcn.test_vcn.default_security_list_id]
+  route_table_id    = oci_core_route_table.test_route_table.id
+}
+
+resource "oci_containerengine_cluster" "test_cluster_multi_issuer" {
+  #Required
+  compartment_id     = var.compartment_ocid
+  kubernetes_version = "v1.30.1"
+  name               = "tfTestMultiIssuer"
+  vcn_id             = oci_core_vcn.test_vcn.id
+
+  #Optional
+  #   defined_tags = map(oci_identity_tag_namespace.tag-namespace1.name.oci_identity_tag.tag1.name, var.cluster_defined_tags_value)
+
+  freeform_tags = var.cluster_freeform_tags
+  options {
+
+    #Optional
+    add_ons {
+
+      #Optional
+      is_kubernetes_dashboard_enabled = var.cluster_options_add_ons_is_kubernetes_dashboard_enabled
+      is_tiller_enabled               = var.cluster_options_add_ons_is_tiller_enabled
+    }
+    admission_controller_options {
+
+      #Optional
+      is_pod_security_policy_enabled = var.cluster_options_admission_controller_options_is_pod_security_policy_enabled
+    }
+    kubernetes_network_config {
+
+      #Optional
+      pods_cidr     = var.cluster_options_kubernetes_network_config_pods_cidr
+      services_cidr = var.cluster_options_kubernetes_network_config_services_cidr
+    }
+    open_id_connect_token_authentication_config {
+      #Required
+      is_open_id_connect_auth_enabled = var.cluster_options_open_id_connect_token_authentication_config_is_open_id_connect_auth_enabled
+
+      #Optional
+      configuration_file = var.cluster_options_open_id_connect_token_authentication_config_configuration_file
+    }
+  }
+  type = var.cluster_type
+}
+
+data "oci_containerengine_clusters" "test_clusters" {
+  #Required
+  compartment_id = var.compartment_ocid
+
+  #Optional
+  name  = var.cluster_name
+  state = var.cluster_state
+}

examples/database/db_systems/db_exacs/resources.tf

@@ -12,6 +12,8 @@ resource "oci_database_cloud_exadata_infrastructure" "test_cloud_exadata_infrast
   subscription_id = var.tenant_subscription_id
   compute_count = var.cloud_exadata_infrastructure_compute_count
   storage_count = var.cloud_exadata_infrastructure_storage_count
+  database_server_type = var.cloud_exadata_infrastructure_database_server_type
+  storage_server_type = var.cloud_exadata_infrastructure_storage_server_type
 }
 
 resource "oci_database_cloud_vm_cluster" "test_cloud_vm_cluster" {

examples/database/db_systems/db_exacs/variables.tf

@@ -15,7 +15,15 @@ variable "ssh_public_key" {
 variable "ssh_private_key" {}
 
 variable "cloud_exadata_infrastructure_shape" {
-  default = "Exadata.X8M"
+  default = "Exadata.X11M"
+}
+
+variable "cloud_exadata_infrastructure_database_server_type" {
+  default = "X11M"
+}
+
+variable "cloud_exadata_infrastructure_storage_server_type" {
+  default = "X11M-HC"
 }
 
 variable "cloud_exadata_infrastructure_cluster_placement_group_id" {
@@ -35,7 +43,7 @@ variable "cloud_exadata_infrastructure_storage_count" {
 }
 
 variable "cloud_vm_cluster_cpu_core_count" {
-  default = "8"
+  default = "16"
 }
 
 variable "cloud_vm_cluster_ocpu_count" {

examples/database/exadata_cc/exadata-infrastructure.tf

@@ -42,13 +42,15 @@ resource "oci_database_exadata_infrastructure" "test_exadata_infrastructure" {
   infini_band_network_cidr    = "10.31.8.0/21"
   netmask                     = "255.255.255.0"
   ntp_server                  = ["10.231.225.76"]
-  shape                       = "ExadataCC.X7"
+  shape                       = "ExadataCC.X11M"
   time_zone                   = "US/Pacific"
   activation_file             = "activation.zip"
   storage_count               = 3
   compute_count               = 2
   is_cps_offline_report_enabled = false
   is_multi_rack_deployment      = false
+  database_server_type        = "X11M"
+  storage_server_type         = "X11M-HC"
 
   #Optional
   network_bonding_mode_details {

examples/database/exadata_cc/vm_cluster.tf

@@ -187,7 +187,7 @@ resource "oci_database_vm_cluster" "test_vm_cluster" {
   cpu_core_count            = "4"
   display_name              = "testVmCluster"
   exadata_infrastructure_id = oci_database_exadata_infrastructure.test_exadata_infrastructure.id
-  gi_version                = "23.0.0.0.0"
+  gi_version                = data.oci_database_gi_versions.gi_version.gi_versions.0.version
   ssh_public_keys           = [var.ssh_public_key]
   vm_cluster_network_id     = oci_database_vm_cluster_network.test_vm_cluster_network.id
   db_servers                = [data.oci_database_db_servers.test_db_servers.db_servers.0.id, data.oci_database_db_servers.test_db_servers.db_servers.1.id]
@@ -344,9 +344,9 @@ data "oci_database_vm_clusters" "test_vm_clusters" {
   #Optional
   exadata_infrastructure_id = oci_database_exadata_infrastructure.test_exadata_infrastructure.id
 }
-/*
+
 resource "local_file" "test_vm_cluster_network_downloaded_config_file" {
   content  = data.oci_database_vm_cluster_network_download_config_file.test_vm_cluster_network_download_config_file.content
   filename = "${path.module}/vm_cluster_config.txt"
 }
-*/
+

examples/database/flex_component/main.tf

@@ -20,10 +20,15 @@ provider "oci" {
   region           = var.region
 }
 
+variable "flex_component_shape" {
+  default = "shape"
+}
+
 data "oci_database_flex_components" "test_flex_components" {
   #Required
   compartment_id = "${var.compartment_ocid}"
 
   #Optional
   name = var.flex_component_name
+  shape = var.flex_component_shape
 }