diff --git a/stack_definition.json b/stack_definition.json index f67c2a4..1041ac4 100644 --- a/stack_definition.json +++ b/stack_definition.json @@ -1,494 +1,494 @@ { - "inputs": [ - { - "name": "resource_group_name", - "required": true, - "type": "string", - "hidden": false, - "default": "__NULL__", - "custom_config": {} - }, - { - "name": "region", - "required": true, - "type": "string", - "hidden": false, - "default": "us-south" - }, - { - "name": "en_region", - "required": true, - "type": "string", - "hidden": false, - "default": "us-south", - "custom_config": {} - }, - { - "name": "scc_region", - "required": true, - "type": "string", - "hidden": false, - "default": "us-south", - "custom_config": {} - }, - { - "name": "bucket_name", - "required": true, - "type": "string", - "hidden": false, - "default": "" - }, - { - "name": "prefix", - "required": false, - "type": "string", - "hidden": false, - "default": "devsecops" - }, - { - "name": "use_existing_resource_group", - "required": false, - "type": "string", - "hidden": false, - "default": "" - }, - { - "name": "registry_namespace", - "required": false, - "type": "string", - "hidden": false, - "default": "devsecops" - }, - { - "name": "create_cd_instance", - "required": false, - "type": "boolean", - "hidden": false, - "default": true, - "custom_config": {} - }, - { - "name": "sm_service_plan", - "required": false, - "type": "string", - "hidden": false, - "default": "standard", - "custom_config": {} - }, - { - "name": "sm_secret_group", - "required": false, - "type": "string", - "hidden": false, - "default": "devsecops", - "custom_config": {} - }, - { - "name": "cos_api_key_secret_name", - "required": false, - "type": "string", - "hidden": false, - "default": "cos-api-key", - "custom_config": {} - }, - { - "name": "pipeline_ibmcloud_api_key_secret_name", - "required": false, - "type": "string", - "hidden": false, - "default": "ibmcloud-api-key", - "custom_config": {} - }, - { - "name": "ci_signing_key_secret_name", - "required": false, - "type": "string", - "hidden": false, - "default": "signing_key", - "custom_config": {} - }, - { - "name": "cd_code_signing_cert_secret_name", - "required": false, - "type": "string", - "hidden": false, - "default": "signing-certificate", - "custom_config": {} - }, - { - "name": "scc_service_plan", - "required": false, - "type": "string", - "hidden": false, - "default": "security-compliance-center-standard-plan", - "custom_config": {} - }, - { - "name": "scc_region", - "required": false, - "type": "string", - "hidden": false, - "default": "us-south", - "custom_config": {} - }, - { - "name": "project_names", - "required": false, - "type": "array", - "hidden": false, - "default": "[\"CI_Project\",\"CD_Project\"]" - } - ], - "members": [ - { - "inputs": [ - { - "name": "resource_group_name", - "value": "ref:../../inputs/resource_group_name" - }, - { - "name": "use_existing_resource_group", - "value": "ref:../../inputs/use_existing_resource_group" - }, - { - "name": "region", - "value": "ref:../../inputs/region" - }, - { - "name": "prefix", - "value": "ref:../../inputs/prefix" - } - ], - "name": "1 - Key Management", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.650ff7c9-5a41-4d32-a0db-6720ff56a016-global" - }, - { - "inputs": [ - { - "name": "resource_group_name", - "value": "ref:../../members/1 - Key Management/outputs/resource_group_name" - }, - { - "name": "existing_resource_group", - "value": true - }, - { - "name": "cos_instance_name", - "value": "core-services" - }, - { - "name": "prefix", - "value": "ref:../../inputs/prefix" - } - ], - "name": "2 - Cloud Object Storage", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.75709d42-41a3-41ca-8f45-807652f0d1f7-global" - }, - { - "inputs": [ - { - "name" : "bucket_name", - "value" : "ref:../../inputs/bucket_name" - }, - { - "name" : "add_bucket_name_suffix", - "value" : true - }, - { - "name": "existing_cos_instance_id", - "value": "ref:../../members/2 - Cloud Object Storage/outputs/cos_instance_id" - }, - { - "name": "existing_kms_instance_crn", - "value": "ref:../../members/1 - Key Management/outputs/kms_instance_crn" - }, - { - "name": "skip_iam_authorization_policy", - "value": false - } - ], - "name": "3 - Cloud Object Bucket", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.1218c52a-4c9c-433a-817d-ae2f0cdc8be4-global" - }, - { - "inputs": [ - { - "name": "existing_cos_instance_crn", - "value": "ref:../../members/3 - Cloud Object Bucket/outputs/cos_instance_id" - }, - { - "name": "kms_endpoint_url", - "value": "ref:../../members/1 - Key Management/outputs/kms_private_endpoint" - }, - { - "name": "skip_cos_kms_auth_policy", - "value": true - }, - { - "name": "existing_kms_instance_crn", - "value": "ref:../../members/1 - Key Management/outputs/kms_instance_crn" - }, - { - "name": "kms_endpoint_type", - "value": "private" - }, - { - "name": "resource_group_name", - "value": "ref:../../members/1 - Key Management/outputs/resource_group_name" - }, - { - "name": "use_existing_resource_group", - "value": true - }, - { - "name": "region", - "value": "ref:../../inputs/en_region" - } - ], - "name": "4 - Event Notifications", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.3910e11e-c90b-48b0-b271-ec5d5049ad84-global" - }, - { - "inputs": [ - { - "name": "resource_group_name", - "value": "ref:../../members/1 - Key Management/outputs/resource_group_name" - }, - { - "name": "use_existing_resource_group", - "value": true - }, - { - "name": "region", - "value": "ref:../../inputs/region" - }, - { - "name": "prefix", - "value": "ref:../../inputs/prefix" - }, - { - "name": "existing_kms_instance_crn", - "value": "ref:../../members/1 - Key Management/outputs/kms_instance_crn" - }, - { - "name": "existing_event_notification_instance_crn", - "value": "ref:../../members/4 - Event Notifications/outputs/crn" - }, - { - "name": "service_plan", - "value": "ref:../../inputs/sm_service_plan" - } - ], - "name": "5 - Secrets Manager", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.e806bb05-dfb9-40a8-99bf-1b9272cf8d82-global" - }, - { - "inputs": [ - { - "name": "resource_group_name", - "value": "ref:../../members/1 - Key Management/outputs/resource_group_name" - }, - { - "name": "use_existing_resource_group", - "value": true - }, - { - "name": "scc_region", - "value": "ref:../../inputs/scc_region" - }, - { - "name": "cos_region", - "value": "ref:../../inputs/region" - }, - { - "name": "prefix", - "value": "ref:../../inputs/prefix" - }, - { - "name": "existing_kms_instance_crn", - "value": "ref:../../members/1 - Key Management/outputs/kms_instance_crn" - }, - { - "name": "existing_en_crn", - "value": "ref:../../members/4 - Event Notifications/outputs/crn" - }, - { - "name": "kms_endpoint_type", - "value": "private" - }, - { - "name": "skip_cos_kms_auth_policy", - "value": true - }, - { - "name": "scc_service_plan", - "value": "ref:../../inputs/scc_service_plan" - }, - { - "name": "existing_cos_instance_crn", - "value": "ref:../../members/1b- Cloud Object Storage/outputs/cos_instance_id" - }, - { - "name" : "provision_scc_workload_protection", - "value" : false - } - ], - "name": "6 - Security and Compliance Center", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.fe5f970b-e113-4b34-ab40-a368b6149687-global" - }, - { - "inputs": [ - { - "name": "resource_group_name", - "value": "ref:../../members/1 - Key Management/outputs/resource_group_name" - }, - { - "name": "existing_resource_group", - "value": true - }, - { - "name": "prefix", - "value": "ref:../../inputs/prefix" - }, - { - "name": "project_names", - "value": "ref:../../inputs/project_names" - } - ], - "name": "7 - Code Engine Project", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.524cca67-fad4-4842-a52a-3c54677a6b3e-global" - }, - { - "name": "8 - DevSecOps Toolchains", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.3a73ae21-ca89-4120-836a-3d4da7df7ce0-global", - "inputs": [ - { - "name": "ibmcloud_api_key", - "value": "" - }, - { - "name": "toolchain_region", - "value": "ref:../../inputs/region" - }, - { - "name": "toolchain_resource_group", - "value": "ref:../../members/1 - Key Management/outputs/resource_group_name" - }, - { - "name": "sm_secret_group", - "value": "ref:../../inputs/sm_secret_group" - }, - { - "name": "sm_resource_group", - "value": "ref:../../members/5 - Secrets Manager/outputs/resource_group_name" - }, - { - "name": "sm_name", - "value": "ref:../../members/5 - Secrets Manager/outputs/secrets_manager_name" - }, - { - "name": "sm_location", - "value": "ref:../../members/5 - Secrets Manager/outputs/secrets_manager_region" - }, - { - "name": "repositories_prefix", - "value": "ref:../../inputs/prefix" - }, - { - "name": "event_notifications_crn", - "value": "ref:../../members/4 - Event Notifications/outputs/crn" - }, - { - "name" : "cos_bucket_name", - "value" : "ref:../../members/3 - Cloud Object Bucket/outputs/bucket_name" - }, - { - "name" : "cos_endpoint", - "value" : "ref:../../members/3 - Cloud Object Bucket/outputs/s3_endpoint_direct" - }, - { - "name" : "registry_namespace", - "value" : "ref:../../inputs/registry_namespace" - }, - { - "name": "autostart", - "value": "true" - }, - { - "name": "prefix", - "value": "ref:../../inputs/prefix" - }, - { - "name": "create_cd_instance", - "value": "ref:../../inputs/create_cd_instance" - }, - { - "name" : "create_secret_group", - "value" : true - }, - { - "name" : "create_ibmcloud_api_key", - "value" : true - }, - { - "name" : "create_cos_api_key", - "value" : true - }, - { - "name" : "create_signing_key", - "value" : true - }, - { - "name" : "create_signing_certificate", - "value" : true - }, - { - "name" : "pipeline_ibmcloud_api_key_secret_name", - "value" : "ref:../../inputs/pipeline_ibmcloud_api_key_secret_name" - }, - { - "name" : "ci_signing_key_secret_name", - "value" : "ref:../../inputs/ci_signing_key_secret_name" - }, - { - "name" : "cd_code_signing_cert_secret_name", - "value" : "ref:../../inputs/cd_code_signing_cert_secret_name" - }, - { - "name" : "cos_api_key_secret_name", - "value" : "ref:../../inputs/cos_api_key_secret_name" - }, - { - "name" : "ci_code_engine_project", - "value" : "ref:../../members/7 - Code Engine Project/outputs/project_2_name" - }, - { - "name" : "cd_code_engine_project", - "value" : "ref:../../members/7 - Code Engine Project/outputs/project_1_name" - }, - { - "name" : "cc_opt_in_cra_auto_remediation", - "value" : true - }, - { - "name" : "cc_opt_in_cra_auto_remediation_force", - "value" : true - } - ] - } - ], - "outputs": [ - { - "name": "compliance-ci-toolchain", - "value": "ref:./members/7 - DevSecOps Toolchains/outputs/compliance_ci_toolchain_url" - }, - { - "name": "compliance-cd-toolchain", - "value": "ref:./members/7 - DevSecOps Toolchains/outputs/compliance_cd_toolchain_url" - }, - { - "name": "compliance-cc-toolchain", - "value": "ref:./members/7 - DevSecOps Toolchains/outputs/compliance_cc_toolchain_url" - } - ] - } + "inputs": [ + { + "name": "resource_group_name", + "required": true, + "type": "string", + "hidden": false, + "default": "__NULL__", + "custom_config": {} + }, + { + "name": "region", + "required": true, + "type": "string", + "hidden": false, + "default": "us-south" + }, + { + "name": "en_region", + "required": true, + "type": "string", + "hidden": false, + "default": "us-south", + "custom_config": {} + }, + { + "name": "scc_region", + "required": true, + "type": "string", + "hidden": false, + "default": "us-south", + "custom_config": {} + }, + { + "name": "bucket_name", + "required": true, + "type": "string", + "hidden": false, + "default": "" + }, + { + "name": "prefix", + "required": false, + "type": "string", + "hidden": false, + "default": "devsecops" + }, + { + "name": "use_existing_resource_group", + "required": false, + "type": "string", + "hidden": false, + "default": "" + }, + { + "name": "registry_namespace", + "required": false, + "type": "string", + "hidden": false, + "default": "devsecops" + }, + { + "name": "create_cd_instance", + "required": false, + "type": "boolean", + "hidden": false, + "default": true, + "custom_config": {} + }, + { + "name": "sm_service_plan", + "required": false, + "type": "string", + "hidden": false, + "default": "standard", + "custom_config": {} + }, + { + "name": "sm_secret_group", + "required": false, + "type": "string", + "hidden": false, + "default": "devsecops", + "custom_config": {} + }, + { + "name": "cos_api_key_secret_name", + "required": false, + "type": "string", + "hidden": false, + "default": "cos-api-key", + "custom_config": {} + }, + { + "name": "pipeline_ibmcloud_api_key_secret_name", + "required": false, + "type": "string", + "hidden": false, + "default": "ibmcloud-api-key", + "custom_config": {} + }, + { + "name": "ci_signing_key_secret_name", + "required": false, + "type": "string", + "hidden": false, + "default": "signing_key", + "custom_config": {} + }, + { + "name": "cd_code_signing_cert_secret_name", + "required": false, + "type": "string", + "hidden": false, + "default": "signing-certificate", + "custom_config": {} + }, + { + "name": "scc_service_plan", + "required": false, + "type": "string", + "hidden": false, + "default": "security-compliance-center-standard-plan", + "custom_config": {} + }, + { + "name": "scc_region", + "required": false, + "type": "string", + "hidden": false, + "default": "us-south", + "custom_config": {} + }, + { + "name": "project_names", + "required": false, + "type": "array", + "hidden": false, + "default": "[\"CI_Project\",\"CD_Project\"]" + } + ], + "members": [ + { + "inputs": [ + { + "name": "resource_group_name", + "value": "ref:../../inputs/resource_group_name" + }, + { + "name": "use_existing_resource_group", + "value": "ref:../../inputs/use_existing_resource_group" + }, + { + "name": "region", + "value": "ref:../../inputs/region" + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + } + ], + "name": "1 - Key Management", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.206bfa3d-3bbe-435e-adb9-dd244fdaad86-global" + }, + { + "inputs": [ + { + "name": "resource_group_name", + "value": "ref:../../members/1 - Key Management/outputs/resource_group_name" + }, + { + "name": "existing_resource_group", + "value": true + }, + { + "name": "cos_instance_name", + "value": "core-services" + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + } + ], + "name": "2 - Cloud Object Storage", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.1db2434c-c55f-4a5e-9814-1b39f9580b86-global" + }, + { + "inputs": [ + { + "name": "bucket_name", + "value": "ref:../../inputs/bucket_name" + }, + { + "name": "add_bucket_name_suffix", + "value": true + }, + { + "name": "existing_cos_instance_id", + "value": "ref:../../members/2 - Cloud Object Storage/outputs/cos_instance_id" + }, + { + "name": "existing_kms_instance_crn", + "value": "ref:../../members/1 - Key Management/outputs/kms_instance_crn" + }, + { + "name": "skip_iam_authorization_policy", + "value": false + } + ], + "name": "3 - Cloud Object Bucket", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.715785dc-e514-4dd9-9140-5a576b582f73-global" + }, + { + "inputs": [ + { + "name": "existing_cos_instance_crn", + "value": "ref:../../members/3 - Cloud Object Bucket/outputs/cos_instance_id" + }, + { + "name": "kms_endpoint_url", + "value": "ref:../../members/1 - Key Management/outputs/kms_private_endpoint" + }, + { + "name": "skip_cos_kms_auth_policy", + "value": true + }, + { + "name": "existing_kms_instance_crn", + "value": "ref:../../members/1 - Key Management/outputs/kms_instance_crn" + }, + { + "name": "kms_endpoint_type", + "value": "private" + }, + { + "name": "resource_group_name", + "value": "ref:../../members/1 - Key Management/outputs/resource_group_name" + }, + { + "name": "use_existing_resource_group", + "value": true + }, + { + "name": "region", + "value": "ref:../../inputs/en_region" + } + ], + "name": "4 - Event Notifications", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.ee7b0d6c-3603-40fb-953b-4bdbd43c3cbe-global" + }, + { + "inputs": [ + { + "name": "resource_group_name", + "value": "ref:../../members/1 - Key Management/outputs/resource_group_name" + }, + { + "name": "use_existing_resource_group", + "value": true + }, + { + "name": "region", + "value": "ref:../../inputs/region" + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "existing_kms_instance_crn", + "value": "ref:../../members/1 - Key Management/outputs/kms_instance_crn" + }, + { + "name": "existing_event_notification_instance_crn", + "value": "ref:../../members/4 - Event Notifications/outputs/crn" + }, + { + "name": "service_plan", + "value": "ref:../../inputs/sm_service_plan" + } + ], + "name": "5 - Secrets Manager", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.f98df044-b1c7-4f38-86db-6438e76a35bf-global" + }, + { + "inputs": [ + { + "name": "resource_group_name", + "value": "ref:../../members/1 - Key Management/outputs/resource_group_name" + }, + { + "name": "use_existing_resource_group", + "value": true + }, + { + "name": "scc_region", + "value": "ref:../../inputs/scc_region" + }, + { + "name": "cos_region", + "value": "ref:../../inputs/region" + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "existing_kms_instance_crn", + "value": "ref:../../members/1 - Key Management/outputs/kms_instance_crn" + }, + { + "name": "existing_en_crn", + "value": "ref:../../members/4 - Event Notifications/outputs/crn" + }, + { + "name": "kms_endpoint_type", + "value": "private" + }, + { + "name": "skip_cos_kms_auth_policy", + "value": true + }, + { + "name": "scc_service_plan", + "value": "ref:../../inputs/scc_service_plan" + }, + { + "name": "existing_cos_instance_crn", + "value": "ref:../../members/1b- Cloud Object Storage/outputs/cos_instance_id" + }, + { + "name": "provision_scc_workload_protection", + "value": false + } + ], + "name": "6 - Security and Compliance Center", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.c689955e-d4ad-4f9e-8bdc-c8929dd5991a-global" + }, + { + "inputs": [ + { + "name": "resource_group_name", + "value": "ref:../../members/1 - Key Management/outputs/resource_group_name" + }, + { + "name": "existing_resource_group", + "value": true + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "project_names", + "value": "ref:../../inputs/project_names" + } + ], + "name": "7 - Code Engine Project", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.524cca67-fad4-4842-a52a-3c54677a6b3e-global" + }, + { + "name": "8 - DevSecOps Toolchains", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.fba3ffcb-9f24-4ed8-83a7-5d3f5ac2122d-global", + "inputs": [ + { + "name": "ibmcloud_api_key", + "value": "" + }, + { + "name": "toolchain_region", + "value": "ref:../../inputs/region" + }, + { + "name": "toolchain_resource_group", + "value": "ref:../../members/1 - Key Management/outputs/resource_group_name" + }, + { + "name": "sm_secret_group", + "value": "ref:../../inputs/sm_secret_group" + }, + { + "name": "sm_resource_group", + "value": "ref:../../members/5 - Secrets Manager/outputs/resource_group_name" + }, + { + "name": "sm_name", + "value": "ref:../../members/5 - Secrets Manager/outputs/secrets_manager_name" + }, + { + "name": "sm_location", + "value": "ref:../../members/5 - Secrets Manager/outputs/secrets_manager_region" + }, + { + "name": "repositories_prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "event_notifications_crn", + "value": "ref:../../members/4 - Event Notifications/outputs/crn" + }, + { + "name": "cos_bucket_name", + "value": "ref:../../members/3 - Cloud Object Bucket/outputs/bucket_name" + }, + { + "name": "cos_endpoint", + "value": "ref:../../members/3 - Cloud Object Bucket/outputs/s3_endpoint_direct" + }, + { + "name": "registry_namespace", + "value": "ref:../../inputs/registry_namespace" + }, + { + "name": "autostart", + "value": "true" + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "create_cd_instance", + "value": "ref:../../inputs/create_cd_instance" + }, + { + "name": "create_secret_group", + "value": true + }, + { + "name": "create_ibmcloud_api_key", + "value": true + }, + { + "name": "create_cos_api_key", + "value": true + }, + { + "name": "create_signing_key", + "value": true + }, + { + "name": "create_signing_certificate", + "value": true + }, + { + "name": "pipeline_ibmcloud_api_key_secret_name", + "value": "ref:../../inputs/pipeline_ibmcloud_api_key_secret_name" + }, + { + "name": "ci_signing_key_secret_name", + "value": "ref:../../inputs/ci_signing_key_secret_name" + }, + { + "name": "cd_code_signing_cert_secret_name", + "value": "ref:../../inputs/cd_code_signing_cert_secret_name" + }, + { + "name": "cos_api_key_secret_name", + "value": "ref:../../inputs/cos_api_key_secret_name" + }, + { + "name": "ci_code_engine_project", + "value": "ref:../../members/7 - Code Engine Project/outputs/project_2_name" + }, + { + "name": "cd_code_engine_project", + "value": "ref:../../members/7 - Code Engine Project/outputs/project_1_name" + }, + { + "name": "cc_opt_in_cra_auto_remediation", + "value": true + }, + { + "name": "cc_opt_in_cra_auto_remediation_force", + "value": true + } + ] + } + ], + "outputs": [ + { + "name": "compliance-ci-toolchain", + "value": "ref:./members/7 - DevSecOps Toolchains/outputs/compliance_ci_toolchain_url" + }, + { + "name": "compliance-cd-toolchain", + "value": "ref:./members/7 - DevSecOps Toolchains/outputs/compliance_cd_toolchain_url" + }, + { + "name": "compliance-cc-toolchain", + "value": "ref:./members/7 - DevSecOps Toolchains/outputs/compliance_cc_toolchain_url" + } + ] +}