From 5fc012902a17e4466ec87f143e36de37c86b8efc Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Thu, 18 Sep 2025 10:16:32 +0100 Subject: [PATCH 01/36] fully configurable --- ibm_catalog.json | 6 ++- solutions/basic/stack_definition.json | 72 ++------------------------- 2 files changed, 8 insertions(+), 70 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index 8696e25c..593c3a87 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -63,7 +63,8 @@ "flavors": [ { "label": "Basic (Deploy on Code Engine)", - "name": "basic", + "name": "basic-fully-config", + "index": 1, "working_directory": "solutions/basic", "compliance": { "authority": "scc-v3", @@ -503,7 +504,8 @@ }, { "label": "Standard (Deploy on Red Hat OpenShift)", - "name": "standard", + "name": "standard-fully-config", + "index": 2, "working_directory": "solutions/standard", "compliance": { "authority": "scc-v3", diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index 1cca3e57..790e6995 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -159,16 +159,12 @@ "members": [ { "name": "Account Infrastructure Base", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.24459be4-397b-4dce-b2d1-555ccd576c14-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.0aabb41f-a26c-42c7-8518-707440670067-global", "inputs": [ { "name": "prefix", "value": "ref:../../inputs/prefix" }, - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "region", "value": "ref:../../inputs/region" @@ -201,34 +197,6 @@ "name": "devops_resource_group_name", "value": "ref:../../inputs/resource_group_name" }, - { - "name": "existing_security_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" - }, - { - "name": "existing_audit_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" - }, - { - "name": "existing_observability_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" - }, - { - "name": "existing_management_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" - }, - { - "name": "existing_workload_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" - }, - { - "name": "existing_edge_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" - }, - { - "name": "existing_devops_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" - }, { "name": "provision_trusted_profile_projects", "value": false @@ -237,7 +205,7 @@ }, { "name": "Essential Security - App Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.c160fa36-fd40-42de-8553-1233e0c5e971-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.8dbc8c6a-12f3-4e56-8f5b-deec5bb36b76-global", "inputs": [ { "name": "existing_resource_group_name", @@ -275,20 +243,12 @@ }, { "name": "Essential Security - Encryption Key Management", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.93bf5d12-a435-4510-8888-1c32db20b82b-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.0775fe25-3fe8-49d4-b86a-9502e4bc533e-global", "inputs": [ { - "name": "resource_group_name", + "name": "existing_resource_group_name", "value": "ref:../Account Infrastructure Base/outputs/security_resource_group_name" }, - { - "name": "use_existing_resource_group", - "value": true - }, - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "region", "value": "ref:../../inputs/region" @@ -311,10 +271,6 @@ "name": "Essential Security - Logging Monitoring Activity Tracker", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.39562a8a-1b92-4342-b990-1944ae583df9-global", "inputs": [ - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "region", "value": "ref:../../inputs/region" @@ -399,10 +355,6 @@ "name": "resource_group_name", "value": "ref:../Account Infrastructure Base/outputs/security_resource_group_name" }, - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "region", "value": "ref:../../inputs/region" @@ -545,10 +497,6 @@ "name": "Gen AI - WatsonX SaaS services", "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.c784a77d-cf67-4287-9284-a126e4a053a7-global", "inputs": [ - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "watsonx_admin_api_key", "value": "ref:../../inputs/watsonx_admin_api_key" @@ -623,10 +571,6 @@ "name": "Workload - Code Engine Projects", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.c27eeec3-a83c-4ca0-9b26-c16a6a883fd7-global", "inputs": [ - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "resource_group_name", "value": "ref:../Account Infrastructure Base/outputs/workload_resource_group_name" @@ -656,10 +600,6 @@ "name": "Workload - DevSecOps Application Lifecycle Management", "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.3bf38800-70e9-40db-aeca-016c9911364f-global", "inputs": [ - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "toolchain_name", "value": "rag-sample-app" @@ -754,10 +694,6 @@ "name": "toolchain_region", "value": "ref:../../inputs/region" }, - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "watson_discovery_region", "value": "ref:../../inputs/region" From 1faac9151f45693858475eabbca0581927538c09 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Thu, 18 Sep 2025 12:11:46 +0100 Subject: [PATCH 02/36] fully configurable --- solutions/basic/stack_definition.json | 132 ++++++++++++++------------ 1 file changed, 72 insertions(+), 60 deletions(-) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index 790e6995..e96bdc40 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -159,16 +159,12 @@ "members": [ { "name": "Account Infrastructure Base", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.0aabb41f-a26c-42c7-8518-707440670067-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.be71d2f4-262c-4186-9b07-30dc1b1517bb-global", "inputs": [ { "name": "prefix", "value": "ref:../../inputs/prefix" }, - { - "name": "region", - "value": "ref:../../inputs/region" - }, { "name": "security_resource_group_name", "value": "ref:../../inputs/resource_group_name" @@ -205,7 +201,7 @@ }, { "name": "Essential Security - App Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.8dbc8c6a-12f3-4e56-8f5b-deec5bb36b76-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.501720d8-c56f-44c9-a4a3-5d1555578749-global", "inputs": [ { "name": "existing_resource_group_name", @@ -243,7 +239,7 @@ }, { "name": "Essential Security - Encryption Key Management", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.0775fe25-3fe8-49d4-b86a-9502e4bc533e-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.bb044371-6bf6-491b-a0fd-1bf77b97c915-global", "inputs": [ { "name": "existing_resource_group_name", @@ -268,46 +264,30 @@ ] }, { - "name": "Essential Security - Logging Monitoring Activity Tracker", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.39562a8a-1b92-4342-b990-1944ae583df9-global", + "name": "Essential Security - Cloud Monitoring", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.8028a206-0824-4ad6-af24-b9fb70cce2ac-global", "inputs": [ { "name": "region", "value": "ref:../../inputs/region" }, { - "name": "existing_kms_instance_crn", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" - }, - { - "name": "resource_group_name", + "name": "existing_resource_group_name", "value": "ref:../Account Infrastructure Base/outputs/observability_resource_group_name" }, { "name": "prefix", "value": "ref:../../inputs/prefix" }, - { - "name": "use_existing_resource_group", - "value": true - }, - { - "name": "existing_en_instance_crn", - "value": "ref:../Essential Security - Event Notifications/outputs/crn" - }, { "name": "enable_platform_metrics", "value": "ref:../../inputs/enable_platform_metrics" - }, - { - "name": "logs_routing_tenant_regions", - "value": "ref:../../inputs/logs_routing_tenant_regions" } ] }, { "name": "Essential Security - Event Notifications", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b02f9aa4-b40f-41d5-8039-8e87742d756e-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.c1468b78-5772-402c-89ff-8c3bd46586a6-global", "inputs": [ { "name": "kms_endpoint_url", @@ -322,37 +302,81 @@ "value": "private" }, { - "name": "resource_group_name", + "name": "existing_resource_group_name", "value": "ref:../Account Infrastructure Base/outputs/observability_resource_group_name" }, { - "name": "use_existing_resource_group", - "value": true + "name": "region", + "value": "ref:../../inputs/region" }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "existing_event_notifications_instance_crn", + "value": "ref:../../inputs/existing_event_notification_instance_crn" + } + ] + }, + { + "name": "Essential Security - Cloud Logs for logging", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.383621a0-d340-4f3c-996e-7c72a46d68a3-global", + "inputs": [ { "name": "region", "value": "ref:../../inputs/region" }, + { + "name": "existing_kms_instance_crn", + "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" + }, + { + "name": "existing_resource_group_name", + "value": "ref:../Account Infrastructure Base/outputs/observability_resource_group_name" + }, { "name": "prefix", "value": "ref:../../inputs/prefix" }, { - "name": "existing_en_instance_crn", - "value": "ref:../../inputs/existing_event_notification_instance_crn" + "name": "existing_event_notifications_instances", + "value": "ref:../Essential Security - Event Notifications/outputs/crn_list_object" + }, + { + "name": "logs_routing_tenant_regions", + "value": "ref:../../inputs/logs_routing_tenant_regions" + } + ] + }, + { + "name": "Essential Security - Cloud Logs for activity tracking", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.e4ea0728-5f34-47c2-b921-b6f61223a6ed-global", + "inputs": [ + { + "name": "region", + "value": "ref:../../inputs/region" + }, + { + "name": "existing_kms_instance_crn", + "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" } ] }, { "name": "Essential Security - Secrets Manager", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.db823650-3010-4482-b807-45145f273553-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.63d15a72-ea75-4cc9-841a-83908095eef3-global", "inputs": [ { "name": "prefix", "value": "ref:../../inputs/prefix" }, { - "name": "resource_group_name", + "name": "existing_resource_group_name", "value": "ref:../Account Infrastructure Base/outputs/security_resource_group_name" }, { @@ -363,16 +387,12 @@ "name": "existing_kms_instance_crn", "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, - { - "name": "use_existing_resource_group", - "value": true - }, { "name": "existing_secrets_manager_crn", "value": "ref:../../inputs/existing_secrets_manager_crn" }, { - "name": "skip_iam_authorization_policy", + "name": "skip_secrets_manager_iam_auth_policy", "value": "ref:../../inputs/skip_iam_authorization_policy" }, { @@ -383,10 +403,6 @@ "name": "existing_event_notifications_instance_crn", "value": "ref:../Essential Security - Event Notifications/outputs/crn" }, - { - "name": "enable_event_notifications", - "value": true - }, { "name": "kms_key_ring_name", "value": "sm-cos-key-ring" @@ -403,7 +419,7 @@ }, { "name": "Essential Security - Security and Compliance Center Workload Protection", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.e436bb10-8b6c-4b3b-b4c5-523929d13686-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.06cc5a6b-bbad-4319-a943-c97318a4f83d-global", "inputs": [ { "name": "existing_resource_group_name", @@ -431,20 +447,16 @@ }, { "name": "existing_monitoring_crn", - "value": "ref:../../members/Essential Security - Logging Monitoring Activity Tracker/outputs/cloud_monitoring_crn" + "value": "ref:../../members/Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" } ] }, { "name": "Gen AI - Databases for Elasticsearch", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.68a66140-e2e8-40ef-be86-c46e6f3442a3-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.55d77b5b-6866-4f7c-b216-2bb86d74d5e5-global", "inputs": [ { - "name": "use_existing_resource_group", - "value": true - }, - { - "name": "resource_group_name", + "name": "existing_resource_group_name", "value": "ref:../../members/Account Infrastructure Base/outputs/workload_resource_group_name" }, { @@ -461,7 +473,7 @@ }, { "name": "elasticsearch_version", - "value": "8.12" + "value": "8.15" }, { "name": "existing_kms_instance_crn", @@ -488,7 +500,7 @@ } }, { - "name": "existing_db_instance_crn", + "name": "existing_elasticsearch_instance_crn", "value": "ref:../../inputs/existing_elasticsearch_instance_crn" } ] @@ -828,19 +840,19 @@ }, { "name": "cloud_logs_crn", - "value": "ref:./members/Essential Security - Logging Monitoring Activity Tracker/outputs/cloud_logs_crn" + "value": "ref:./members/Essential Security - Cloud Logs for logging/outputs/cloud_logs_crn" }, { "name": "cloud_logs_guid", - "value": "ref:./members/Essential Security - Logging Monitoring Activity Tracker/outputs/cloud_logs_guid" + "value": "ref:./members/Essential Security - Cloud Logs for logging/outputs/cloud_logs_guid" }, { "name": "cloud_monitoring_crn", - "value": "ref:./members/Essential Security - Logging Monitoring Activity Tracker/outputs/cloud_monitoring_crn" + "value": "ref:./members/Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" }, { "name": "cloud_monitoring_guid", - "value": "ref:./members/Essential Security - Logging Monitoring Activity Tracker/outputs/cloud_monitoring_guid" + "value": "ref:./members/Essential Security - Cloud Monitoring/outputs/cloud_monitoring_guid" }, { "name": "secrets_manager_crn", @@ -864,11 +876,11 @@ }, { "name": "scc_workload_protection_crn", - "value": "ref:./members/Essential Security - Security and Compliance Center Workload Protection/outputs/crn" + "value": "ref:./members/Essential Security - Security and Compliance Center Workload Protection/outputs/scc_workload_protection_crn" }, { - "name": "scc_workload_protection_guid", - "value": "ref:./members/Essential Security - Security and Compliance Center Workload Protection/outputs/guid" + "name": "scc_workload_protection_id", + "value": "ref:./members/Essential Security - Security and Compliance Center Workload Protection/outputs/scc_workload_protection_id" }, { "name": "watson_discovery_crn", From a5b1369c4ef1c8d9937ed55407c0c5ee35894c7d Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Fri, 19 Sep 2025 09:24:39 +0100 Subject: [PATCH 03/36] fully configurable --- ibm_catalog.json | 4 +-- solutions/standard/stack_definition.json | 34 +----------------------- 2 files changed, 3 insertions(+), 35 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index 593c3a87..8b5e6fda 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -62,7 +62,7 @@ "support_details": "This product is in the community registry, as such support is handled through the originated repo. If you experience issues please open an issue in that repository [https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/issues](https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/issues). Please note this product is not supported via the IBM Cloud Support Center.", "flavors": [ { - "label": "Basic (Deploy on Code Engine)", + "label": "Basic with sample application (Deploy on Code Engine)", "name": "basic-fully-config", "index": 1, "working_directory": "solutions/basic", @@ -503,7 +503,7 @@ "install_type": "fullstack" }, { - "label": "Standard (Deploy on Red Hat OpenShift)", + "label": "Standard with sample application (Deploy on Red Hat OpenShift)", "name": "standard-fully-config", "index": 2, "working_directory": "solutions/standard", diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index c4022de2..4ec9e960 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -159,16 +159,12 @@ "members": [ { "name": "Account Infrastructure Base", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.24459be4-397b-4dce-b2d1-555ccd576c14-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.be71d2f4-262c-4186-9b07-30dc1b1517bb-global", "inputs": [ { "name": "prefix", "value": "ref:../../inputs/prefix" }, - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "region", "value": "ref:../../inputs/region" @@ -285,10 +281,6 @@ "name": "use_existing_resource_group", "value": true }, - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "region", "value": "ref:../../inputs/region" @@ -311,10 +303,6 @@ "name": "Essential Security - Logging Monitoring Activity Tracker", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.39562a8a-1b92-4342-b990-1944ae583df9-global", "inputs": [ - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "region", "value": "ref:../../inputs/region" @@ -399,10 +387,6 @@ "name": "resource_group_name", "value": "ref:../Account Infrastructure Base/outputs/security_resource_group_name" }, - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "region", "value": "ref:../../inputs/region" @@ -553,10 +537,6 @@ "name": "Gen AI - WatsonX SaaS services", "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.c784a77d-cf67-4287-9284-a126e4a053a7-global", "inputs": [ - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "watsonx_admin_api_key", "value": "ref:../../inputs/watsonx_admin_api_key" @@ -631,10 +611,6 @@ "name": "Workload - Compute Red Hat OpenShift Container Platform on VPC", "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.c15a99be-f334-4dfe-b1d2-b650ae01c9ca-global", "inputs": [ - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "prefix", "value": "ref:../../inputs/prefix" @@ -710,10 +686,6 @@ "name": "Workload - DevSecOps Application Lifecycle Management", "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.40c697e5-a339-4bf2-90ed-c598f103c16b-global", "inputs": [ - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "toolchain_name", "value": "rag-sample-app" @@ -804,10 +776,6 @@ "name": "toolchain_region", "value": "ref:../../inputs/region" }, - { - "name": "ibmcloud_api_key", - "value": "" - }, { "name": "watson_discovery_region", "value": "ref:../../inputs/region" From 2f902348be66d53ca3a0b618c199c7a046e35804 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Fri, 19 Sep 2025 09:54:07 +0100 Subject: [PATCH 04/36] fully configurable --- solutions/basic/stack_definition.json | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index e96bdc40..b316bd29 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -319,6 +319,28 @@ } ] }, + {"name": "Essential Security - Cloud Object Storage", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.30851389-2ab5-4be5-8674-7ef756cb372d-global", + "inputs": [ + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "existing_resource_group_name", + "value": "ref:../Account Infrastructure Base/outputs/observability_resource_group_name" + }, + { + "name": "instance_name", + "value": "rag-cos-instance" + }, + { + "name": "plan", + "value": "standard" + } + ] + + }, { "name": "Essential Security - Cloud Logs for logging", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.383621a0-d340-4f3c-996e-7c72a46d68a3-global", @@ -335,6 +357,10 @@ "name": "existing_resource_group_name", "value": "ref:../Account Infrastructure Base/outputs/observability_resource_group_name" }, + { + "name": "existing_cos_instance_crn", + "value": "ref:../Essential Security - Cloud Object Storage/outputs/cos_instance_crn" + }, { "name": "prefix", "value": "ref:../../inputs/prefix" From 75c3097200c59e9ce1762b9e060230060d530dd6 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Fri, 26 Sep 2025 11:34:41 +0100 Subject: [PATCH 05/36] fully configurable --- ibm_catalog.json | 64 ++- solutions/basic/stack_definition.json | 593 ++++++++++++++------------ 2 files changed, 387 insertions(+), 270 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index 8b5e6fda..9f682b1c 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -310,6 +310,40 @@ } ] }, + { + "key": "key_protect_plan", + "type": "string", + "default_value": "tiered-pricing", + "description": "The service plan of the Key Protect instance that will be provisioned by this solution. Only used if not supplying `existing_kms_instance_crn`. [Learn more](https://cloud.ibm.com/docs/key-protect?topic=key-protect-pricing-plan).", + "required": false, + "options": [ + { + "displayname": "Standard", + "value": "tiered-pricing" + }, + { + "displayname": "Cross-region Resiliency", + "value": "cross-region-resiliency" + } + ] + }, + { + "key": "cloud_monitoring_plan", + "type": "string", + "default_value": "graduated-tier", + "description": "The IBM Cloud Monitoring plan to provision. Available values are `lite` and `graduated-tier` and `graduated-tier-sysdig-secure-plus-monitor` (available in region eu-fr2 only). [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-service_plans)", + "required": false, + "options": [ + { + "displayname": "Lite", + "value": "lite" + }, + { + "displayname": "Graduated Tier", + "value": "graduated-tier" + } + ] + }, { "key": "existing_secrets_manager_crn", "type": "string", @@ -340,9 +374,9 @@ "required": false }, { - "key": "app_config_service_plan", + "key": "app_config_plan", "type": "string", - "default_value": "basic", + "default_value": "enterprise", "description": "The pricing plan to use for the IBM Cloud App Configuration instance.", "required": false, "options": [ @@ -795,9 +829,9 @@ "required": false }, { - "key": "app_config_service_plan", + "key": "app_config_plan", "type": "string", - "default_value": "basic", + "default_value": "enterprise", "description": "The pricing plan to use for the IBM Cloud App Configuration instance.", "required": false, "options": [ @@ -859,9 +893,9 @@ }, { - "key": "app_config_service_plan", + "key": "app_config_plan", "type": "string", - "default_value": "basic", + "default_value": "enterprise", "description": "The pricing plan to use for the IBM Cloud App Configuration instance.", "required": false, "options": [ @@ -879,6 +913,24 @@ } ] }, + { + + "key": "elasticsearch_plan", + "type": "string", + "default_value": "enterprise", + "description": "The name of the service plan for your Databases for Elasticsearch instance. [Learn more](https://cloud.ibm.com/docs/databases-for-elasticsearch?topic=databases-for-elasticsearch-elastic-offerings).", + "required": false, + "options": [ + { + "displayname": "Enterprise", + "value": "enterprise" + }, + { + "displayname": "Platinum", + "value": "platinum" + } + ] + }, { "key": "scc_workload_protection_service_plan", "type": "string", diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index b316bd29..e6529c82 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -12,6 +12,20 @@ "type": "string", "hidden": false }, + { + "name": "key_protect_plan", + "required": false, + "type": "string", + "hidden": false, + "custom_config": {} + }, + { + "name": "cloud_monitoring_plan", + "required": false, + "type": "string", + "hidden": false, + "custom_config": {} + }, { "name": "skip_iam_authorization_policy", "required": false, @@ -85,7 +99,7 @@ "hidden": false }, { - "name": "app_config_service_plan", + "name": "app_config_plan", "required": false, "type": "string", "hidden": false, @@ -98,6 +112,13 @@ "hidden": false, "custom_config": {} }, + { + "name": "elasticsearch_plan", + "required": false, + "type": "string", + "hidden": false, + "custom_config": {} + }, { "name": "enterprise_id", "required": false, @@ -158,7 +179,7 @@ ], "members": [ { - "name": "Account Infrastructure Base", + "name": "1 - Account Infrastructure Base", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.be71d2f4-262c-4186-9b07-30dc1b1517bb-global", "inputs": [ { @@ -200,102 +221,137 @@ ] }, { - "name": "Essential Security - App Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.501720d8-c56f-44c9-a4a3-5d1555578749-global", + "name": "2a - Essential Security - Encryption Key Management", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.09dab2dd-6383-4257-8cc4-ba5bf567cd5e-global", "inputs": [ { "name": "existing_resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/audit_resource_group_name" + "value": "ref:../1 - Account Infrastructure Base/outputs/security_resource_group_name" }, { "name": "region", "value": "ref:../../inputs/region" }, { - "name": "prefix", - "value": "ref:../../inputs/prefix" - }, - { - "name": "app_config_plan", - "value": "ref:../../inputs/app_config_service_plan" + "name": "existing_kms_instance_crn", + "value": "ref:../../inputs/existing_kms_instance_crn" }, { - "name": "enable_config_aggregator", - "value": true + "name": "prefix", + "value": "ref:../../inputs/prefix" }, { - "name": "config_aggregator_enterprise_id", - "value": "ref:../../inputs/enterprise_id" - }, + "name": "key_protect_plan", + "value": "ref:../../inputs/key_protect_plan" + } + ] + }, + {"name": "2b - Essential Security - Cloud Object Storage", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.410e4ac2-fe70-4813-ac27-4f5c460cbb55-global", + "inputs": [ { - "name": "config_aggregator_enterprise_account_group_ids_to_assign", - "value": "ref:../../inputs/enterprise_account_group_ids_to_assign" + "name": "prefix", + "value": "ref:../../inputs/prefix" }, { - "name": "config_aggregator_enterprise_account_ids_to_assign", - "value": "ref:../../inputs/enterprise_account_ids_to_assign" + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Infrastructure Base/outputs/observability_resource_group_name" } ] }, { - "name": "Essential Security - Encryption Key Management", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.bb044371-6bf6-491b-a0fd-1bf77b97c915-global", + "name": "2c - Essential Security - Cloud Monitoring", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.8028a206-0824-4ad6-af24-b9fb70cce2ac-global", "inputs": [ - { - "name": "existing_resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/security_resource_group_name" - }, { "name": "region", "value": "ref:../../inputs/region" }, { - "name": "existing_kms_instance_crn", - "value": "ref:../../inputs/existing_kms_instance_crn" + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Infrastructure Base/outputs/observability_resource_group_name" }, { "name": "prefix", "value": "ref:../../inputs/prefix" }, { - "name": "key_protect_instance_name", - "value": "base-security-services-kms" + "name": "enable_platform_metrics", + "value": "ref:../../inputs/enable_platform_metrics" + }, + { + "name": "cloud_monitoring_plan", + "value": "ref:../../inputs/cloud_monitoring_plan" } ] }, { - "name": "Essential Security - Cloud Monitoring", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.8028a206-0824-4ad6-af24-b9fb70cce2ac-global", + "name": "2d - Workload - Code Engine Projects for CI", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b51abcc2-7d00-46b6-adc7-2db2756069eb-global", "inputs": [ + { + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Infrastructure Base/outputs/workload_resource_group_name" + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "project_name", + "value": "Generative_AI_Sample_App_CI_Project" + }, { "name": "region", "value": "ref:../../inputs/region" - }, + } + ] + }, + { + "name": "2e - Workload - Code Engine Projects for CD", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b51abcc2-7d00-46b6-adc7-2db2756069eb-global", + "inputs": [ { "name": "existing_resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/observability_resource_group_name" + "value": "ref:../1 - Account Infrastructure Base/outputs/workload_resource_group_name" }, { "name": "prefix", "value": "ref:../../inputs/prefix" }, { - "name": "enable_platform_metrics", - "value": "ref:../../inputs/enable_platform_metrics" + "name": "project_name", + "value": "Generative_AI_Sample_App_CD_Project" + }, + { + "name": "region", + "value": "ref:../../inputs/region" } ] }, { - "name": "Essential Security - Event Notifications", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.c1468b78-5772-402c-89ff-8c3bd46586a6-global", + "name": "3a - Essential Security - Event Notifications", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.fa8ebdf4-db44-4e25-9846-9278b516cd73-global", "inputs": [ + { + "name": "existing_cos_instance_crn", + "value": "ref:../../members/1b - Object storage/outputs/cos_instance_id" + }, + { + "name": "enable_collecting_failed_events", + "value": true + }, + { + "name": "kms_encryption_enabled", + "value": true + }, { "name": "kms_endpoint_url", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_private_endpoint" + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_private_endpoint" }, { "name": "existing_kms_instance_crn", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, { "name": "kms_endpoint_type", @@ -303,7 +359,7 @@ }, { "name": "existing_resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/observability_resource_group_name" + "value": "ref:../1 - Account Infrastructure Base/outputs/observability_resource_group_name" }, { "name": "region", @@ -316,34 +372,90 @@ { "name": "existing_event_notifications_instance_crn", "value": "ref:../../inputs/existing_event_notification_instance_crn" + }, + { + "name": "existing_monitoring_crn", + "value": "ref:../../members/1c - Cloud Monitoring/outputs/cloud_monitoring_crn" } ] }, - {"name": "Essential Security - Cloud Object Storage", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.30851389-2ab5-4be5-8674-7ef756cb372d-global", - "inputs": [ - { - "name": "prefix", - "value": "ref:../../inputs/prefix" - }, - { - "name": "existing_resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/observability_resource_group_name" - }, - { - "name": "instance_name", - "value": "rag-cos-instance" - }, - { - "name": "plan", - "value": "standard" - } - ] - - }, - { - "name": "Essential Security - Cloud Logs for logging", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.383621a0-d340-4f3c-996e-7c72a46d68a3-global", + { + "name": "3b - Gen AI - WatsonX SaaS services", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.7dffb0ba-df27-4f52-b022-3b5ec6350cfc-global", + "inputs": [ + { + "name": "watsonx_admin_api_key", + "value": "ref:../../inputs/watsonx_admin_api_key" + }, + { + "name": "resource_group_name", + "value": "ref:../1 - Account Infrastructure Base/outputs/workload_resource_group_name" + }, + { + "name": "location", + "value": "ref:../../inputs/region" + }, + { + "name": "resource_prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "use_existing_resource_group", + "value": true + }, + { + "name": "watson_machine_learning_plan", + "value": "v2-standard" + }, + { + "name": "existing_machine_learning_instance", + "value": "ref:../../inputs/existing_machine_learning_instance" + }, + { + "name": "watson_studio_plan", + "value": "professional-v1" + }, + { + "name": "existing_studio_instance", + "value": "ref:../../inputs/existing_studio_instance" + }, + { + "name": "watson_discovery_plan", + "value": "do not install" + }, + { + "name": "existing_discovery_instance", + "value": "ref:../../inputs/existing_discovery_instance" + }, + { + "name": "watsonx_assistant_plan", + "value": "plus" + }, + { + "name": "existing_assistant_instance", + "value": "ref:../../inputs/existing_assistant_instance_crn" + }, + { + "name": "watsonx_governance_plan", + "value": "do not install" + }, + { + "name": "existing_governance_instance", + "value": "ref:../../inputs/existing_governance_instance" + }, + { + "name": "cos_kms_crn", + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" + }, + { + "name": "enable_cos_kms_encryption", + "value": true + } + ] + }, + { + "name": "4a - Essential Security - Cloud Logs for logging", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.ee855d83-2f87-4d0e-bc0d-66c11ba66902-global", "inputs": [ { "name": "region", @@ -351,15 +463,27 @@ }, { "name": "existing_kms_instance_crn", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" + }, + { + "name": "kms_encryption_enabled_buckets", + "value": true + }, + { + "name": "kms_endpoint_type", + "value": "private" }, { "name": "existing_resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/observability_resource_group_name" + "value": "ref:../1 - Account Infrastructure Base/outputs/observability_resource_group_name" }, { "name": "existing_cos_instance_crn", - "value": "ref:../Essential Security - Cloud Object Storage/outputs/cos_instance_crn" + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" + }, + { + "name": "existing_monitoring_crn", + "value": "ref:../../members/1c - Cloud Monitoring/outputs/cloud_monitoring_crn" }, { "name": "prefix", @@ -367,7 +491,7 @@ }, { "name": "existing_event_notifications_instances", - "value": "ref:../Essential Security - Event Notifications/outputs/crn_list_object" + "value": "ref:../3a - Essential Security - Event Notifications/outputs/crn_list_object" }, { "name": "logs_routing_tenant_regions", @@ -376,25 +500,73 @@ ] }, { - "name": "Essential Security - Cloud Logs for activity tracking", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.e4ea0728-5f34-47c2-b921-b6f61223a6ed-global", + "name": "4b - Essential Security - App Configuration", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.7b563b79-03ab-4275-b8d5-54c2ba4f27f3-global", "inputs": [ + { + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Infrastructure Base/outputs/audit_resource_group_name" + }, { "name": "region", "value": "ref:../../inputs/region" }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "app_config_plan", + "value": "ref:../../inputs/app_config_plan" + }, + { + "name": "enable_config_aggregator", + "value": true + }, + { + "name": "config_aggregator_enterprise_id", + "value": "ref:../../inputs/enterprise_id" + }, + { + "name": "config_aggregator_enterprise_account_group_ids_to_assign", + "value": "ref:../../inputs/enterprise_account_group_ids_to_assign" + }, + { + "name": "config_aggregator_enterprise_account_ids_to_assign", + "value": "ref:../../inputs/enterprise_account_ids_to_assign" + }, + { + "name": "kms_encryption_enabled", + "value": true + }, { "name": "existing_kms_instance_crn", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "value": "ref:../../members/1a - Key management/outputs/kms_instance_crn" }, { - "name": "prefix", - "value": "ref:../../inputs/prefix" + "name": "kms_endpoint_url", + "value": "ref:../../members/1a - Key management/outputs/kms_private_endpoint" + }, + { + "name": "enable_event_notifications", + "value": true + }, + { + "name": "existing_event_notifications_instance_crn", + "value": "ref:../../members/2 - Event Notifications/outputs/crn" + }, + { + "name": "event_notifications_endpoint_url", + "value": "ref:../../members/2 - Event Notifications/outputs/event_notifications_private_endpoint" + }, + { + "name": "event_notifications_email_list", + "value": "ref:../../inputs/event_notifications_email_list" } ] }, { - "name": "Essential Security - Secrets Manager", + "name": "4c - Essential Security - Secrets Manager", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.63d15a72-ea75-4cc9-841a-83908095eef3-global", "inputs": [ { @@ -403,7 +575,7 @@ }, { "name": "existing_resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/security_resource_group_name" + "value": "ref:../1 - Account Infrastructure Base/outputs/security_resource_group_name" }, { "name": "region", @@ -411,7 +583,11 @@ }, { "name": "existing_kms_instance_crn", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" + }, + { + "name": "kms_encryption_enabled", + "value": true }, { "name": "existing_secrets_manager_crn", @@ -427,29 +603,17 @@ }, { "name": "existing_event_notifications_instance_crn", - "value": "ref:../Essential Security - Event Notifications/outputs/crn" - }, - { - "name": "kms_key_ring_name", - "value": "sm-cos-key-ring" - }, - { - "name": "kms_key_name", - "value": "sm-cos-key" - }, - { - "name": "secrets_manager_instance_name", - "value": "base-security-services-sm" + "value": "ref:../3a - Essential Security - Event Notifications/outputs/crn" } ] }, { - "name": "Essential Security - Security and Compliance Center Workload Protection", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.06cc5a6b-bbad-4319-a943-c97318a4f83d-global", + "name": "5a - Essential Security - Security and Compliance Center Workload Protection", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b2cd208d-f893-4e44-bc2e-b9997e3a8153-global", "inputs": [ { "name": "existing_resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/audit_resource_group_name" + "value": "ref:../1 - Account Infrastructure Base/outputs/audit_resource_group_name" }, { "name": "region", @@ -469,21 +633,21 @@ }, { "name": "app_config_crn", - "value": "ref:../../members/Essential Security - App Configuration/outputs/app_config_crn" + "value": "ref:../../members/4b - Essential Security - App Configuration/outputs/app_config_crn" }, { "name": "existing_monitoring_crn", - "value": "ref:../../members/Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" + "value": "ref:../../members/2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" } ] }, { - "name": "Gen AI - Databases for Elasticsearch", + "name": "5b - Gen AI - Databases for Elasticsearch", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.55d77b5b-6866-4f7c-b216-2bb86d74d5e5-global", "inputs": [ { "name": "existing_resource_group_name", - "value": "ref:../../members/Account Infrastructure Base/outputs/workload_resource_group_name" + "value": "ref:../../members/1 - Account Infrastructure Base/outputs/workload_resource_group_name" }, { "name": "region", @@ -495,15 +659,15 @@ }, { "name": "plan", - "value": "enterprise" + "value": "ref:../../inputs/elasticsearch_plan" }, { - "name": "elasticsearch_version", - "value": "8.15" + "name": "kms_encryption_enabled", + "value": true }, { "name": "existing_kms_instance_crn", - "value": "ref:../../members/Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "value": "ref:../../members/2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, { "name": "kms_endpoint_type", @@ -528,115 +692,16 @@ { "name": "existing_elasticsearch_instance_crn", "value": "ref:../../inputs/existing_elasticsearch_instance_crn" - } - ] - }, - { - "name": "Gen AI - WatsonX SaaS services", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.c784a77d-cf67-4287-9284-a126e4a053a7-global", - "inputs": [ - { - "name": "watsonx_admin_api_key", - "value": "ref:../../inputs/watsonx_admin_api_key" - }, - { - "name": "resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/workload_resource_group_name" }, { - "name": "location", - "value": "ref:../../inputs/region" - }, - { - "name": "resource_prefix", - "value": "ref:../../inputs/prefix" - }, - { - "name": "use_existing_resource_group", - "value": true - }, - { - "name": "watson_machine_learning_plan", - "value": "v2-standard" - }, - { - "name": "existing_machine_learning_instance", - "value": "ref:../../inputs/existing_machine_learning_instance" - }, - { - "name": "watson_studio_plan", - "value": "professional-v1" - }, - { - "name": "existing_studio_instance", - "value": "ref:../../inputs/existing_studio_instance" - }, - { - "name": "watson_discovery_plan", - "value": "do not install" - }, - { - "name": "existing_discovery_instance", - "value": "ref:../../inputs/existing_discovery_instance" - }, - { - "name": "watsonx_assistant_plan", - "value": "plus" - }, - { - "name": "existing_assistant_instance", - "value": "ref:../../inputs/existing_assistant_instance_crn" - }, - { - "name": "watsonx_governance_plan", - "value": "do not install" - }, - { - "name": "existing_governance_instance", - "value": "ref:../../inputs/existing_governance_instance" - }, - { - "name": "cos_kms_crn", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" - }, - { - "name": "enable_cos_kms_encryption", - "value": true - } - ] - }, - { - "name": "Workload - Code Engine Projects", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.c27eeec3-a83c-4ca0-9b26-c16a6a883fd7-global", - "inputs": [ - { - "name": "resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/workload_resource_group_name" - }, - { - "name": "existing_resource_group", - "value": true - }, - { - "name": "prefix", - "value": "ref:../../inputs/prefix" - }, - { - "name": "project_names", - "value": [ - "Generative_AI_Sample_App_CI_Project", - "Generative_AI_Sample_App_CD_Project" - ] - }, - { - "name": "region", - "value": "ref:../../inputs/region" + "name": "existing_secrets_manager_instance_crn", + "value": "ref:./members/4c - Essential Security - Secrets Manager/outputs/secrets_manager_crn" } ] }, { - "name": "Workload - DevSecOps Application Lifecycle Management", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.3bf38800-70e9-40db-aeca-016c9911364f-global", + "name": "5c - Workload - DevSecOps Application Lifecycle Management", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.9b435db4-ec9c-4d54-baab-210b9627b96c-global", "inputs": [ { "name": "toolchain_name", @@ -648,27 +713,27 @@ }, { "name": "toolchain_resource_group", - "value": "ref:../Account Infrastructure Base/outputs/devops_resource_group_name" + "value": "ref:../1 - Account Infrastructure Base/outputs/devops_resource_group_name" }, { "name": "sm_resource_group", - "value": "ref:../Essential Security - Secrets Manager/outputs/resource_group_name" + "value": "ref:../4c - Essential Security - Secrets Manager/outputs/resource_group_name" }, { "name": "sm_name", - "value": "ref:../Essential Security - Secrets Manager/outputs/secrets_manager_name" + "value": "ref:../4c - Essential Security - Secrets Manager/outputs/secrets_manager_name" }, { "name": "sm_location", - "value": "ref:../Essential Security - Secrets Manager/outputs/secrets_manager_region" + "value": "ref:../4c - Essential Security - Secrets Manager/outputs/secrets_manager_region" }, { "name": "ci_code_engine_project", - "value": "ref:../Workload - Code Engine Projects/outputs/project_1_name" + "value": "ref:../2d - Workload - Code Engine Projects for CI/outputs/project_name" }, { "name": "cd_code_engine_project", - "value": "ref:../Workload - Code Engine Projects/outputs/project_2_name" + "value": "ref:../2e - Workload - Code Engine Projects for CD/outputs/project_name" }, { "name": "registry_namespace", @@ -725,8 +790,8 @@ ] }, { - "name": "Workload - Sample RAG App Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b1bf8a3d-3d51-4362-a13b-eb528a38c6f3-global", + "name": "6 - Workload - Sample RAG App Configuration", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.89b0a04d-4690-4df6-8a7f-e71945053e6b-global", "inputs": [ { "name": "toolchain_region", @@ -746,31 +811,31 @@ }, { "name": "watson_assistant_instance_id", - "value": "ref:../Gen AI - WatsonX SaaS services/outputs/watsonx_assistant_guid" + "value": "ref:../3b - Gen AI - WatsonX SaaS services/outputs/watsonx_assistant_guid" }, { "name": "cd_pipeline_id", - "value": "ref:../Workload - DevSecOps Application Lifecycle Management/outputs/cd_pipeline_id" + "value": "ref:../5c - Workload - DevSecOps Application Lifecycle Management/outputs/cd_pipeline_id" }, { "name": "ci_pipeline_id", - "value": "ref:../Workload - DevSecOps Application Lifecycle Management/outputs/ci_pipeline_id" + "value": "ref:../5c - Workload - DevSecOps Application Lifecycle Management/outputs/ci_pipeline_id" }, { "name": "watson_machine_learning_instance_guid", - "value": "ref:../Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_guid" + "value": "ref:../3b - Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_guid" }, { "name": "watson_machine_learning_instance_resource_name", - "value": "ref:../Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_name" + "value": "ref:../3b - Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_name" }, { "name": "watson_machine_learning_instance_crn", - "value": "ref:../Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_crn" + "value": "ref:../3b - Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_crn" }, { "name": "toolchain_resource_group", - "value": "ref:../Account Infrastructure Base/outputs/devops_resource_group_name" + "value": "ref:../1 - Account Infrastructure Base/outputs/devops_resource_group_name" }, { "name": "prefix", @@ -778,7 +843,7 @@ }, { "name": "resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/devops_resource_group_name" + "value": "ref:../1 - Account Infrastructure Base/outputs/devops_resource_group_name" }, { "name": "use_existing_resource_group", @@ -790,19 +855,19 @@ }, { "name": "secrets_manager_guid", - "value": "ref:../Essential Security - Secrets Manager/outputs/secrets_manager_guid" + "value": "ref:../4c - Essential Security - Secrets Manager/outputs/secrets_manager_guid" }, { "name": "secrets_manager_region", - "value": "ref:../Essential Security - Secrets Manager/outputs/secrets_manager_region" + "value": "ref:../4c - Essential Security - Secrets Manager/outputs/secrets_manager_region" }, { "name": "elastic_instance_crn", - "value": "ref:../Gen AI - Databases for Elasticsearch/outputs/crn" + "value": "ref:../5b - Gen AI - Databases for Elasticsearch/outputs/crn" }, { "name": "cos_kms_crn", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" } ] } @@ -810,159 +875,159 @@ "outputs": [ { "name": "elasticsearch_hostname", - "value": "ref:./members/Gen AI - Databases for Elasticsearch/outputs/hostname" + "value": "ref:./members/5b - Gen AI - Databases for Elasticsearch/outputs/hostname" }, { "name": "elasticsearch_port", - "value": "ref:./members/Gen AI - Databases for Elasticsearch/outputs/port" + "value": "ref:./members/5b - Gen AI - Databases for Elasticsearch/outputs/port" }, { "name": "elasticsearch_service_credentials_json", - "value": "ref:./members/Gen AI - Databases for Elasticsearch/outputs/service_credentials_json" + "value": "ref:./members/5b - Gen AI - Databases for Elasticsearch/outputs/service_credentials_json" }, { "name": "elasticsearch_crn", - "value": "ref:./members/Gen AI - Databases for Elasticsearch/outputs/crn" + "value": "ref:./members/5b - Gen AI - Databases for Elasticsearch/outputs/crn" }, { "name": "watsonx_project_url", - "value": "ref:./members/Workload - Sample RAG App Configuration/outputs/watsonx_project_url" + "value": "ref:./members/6 - Workload - Sample RAG App Configuration/outputs/watsonx_project_url" }, { "name": "watsonx_project_id", - "value": "ref:./members/Workload - Sample RAG App Configuration/outputs/watsonx_project_id" + "value": "ref:./members/6 - Workload - Sample RAG App Configuration/outputs/watsonx_project_id" }, { "name": "watson_discovery_api_url", - "value": "ref:./members/Workload - Sample RAG App Configuration/outputs/watson_discovery_api_url" + "value": "ref:./members/6 - Workload - Sample RAG App Configuration/outputs/watson_discovery_api_url" }, { "name": "watson_discovery_project_id", - "value": "ref:./members/Workload - Sample RAG App Configuration/outputs/watson_discovery_project_id" + "value": "ref:./members/6 - Workload - Sample RAG App Configuration/outputs/watson_discovery_project_id" }, { "name": "kms_instance_crn", - "value": "ref:./members/Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "value": "ref:./members/2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, { "name": "kms_private_endpoint", - "value": "ref:./members/Essential Security - Encryption Key Management/outputs/kms_private_endpoint" + "value": "ref:./members/2a - Essential Security - Encryption Key Management/outputs/kms_private_endpoint" }, { "name": "kms_public_endpoint", - "value": "ref:./members/Essential Security - Encryption Key Management/outputs/kms_public_endpoint" + "value": "ref:./members/2a - Essential Security - Encryption Key Management/outputs/kms_public_endpoint" }, { "name": "event_notification_instance_crn", - "value": "ref:./members/Essential Security - Event Notifications/outputs/crn" + "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/crn" }, { "name": "event_notification_instance_name", - "value": "ref:./members/Essential Security - Event Notifications/outputs/event_notification_instance_name" + "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/event_notification_instance_name" }, { "name": "event_notification_instance_guid", - "value": "ref:./members/Essential Security - Event Notifications/outputs/guid" + "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/guid" }, { "name": "cloud_logs_crn", - "value": "ref:./members/Essential Security - Cloud Logs for logging/outputs/cloud_logs_crn" + "value": "ref:./members/4a - Essential Security - Cloud Logs for logging/outputs/cloud_logs_crn" }, { "name": "cloud_logs_guid", - "value": "ref:./members/Essential Security - Cloud Logs for logging/outputs/cloud_logs_guid" + "value": "ref:./members/4a - Essential Security - Cloud Logs for logging/outputs/cloud_logs_guid" }, { "name": "cloud_monitoring_crn", - "value": "ref:./members/Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" + "value": "ref:./members/2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" }, { "name": "cloud_monitoring_guid", - "value": "ref:./members/Essential Security - Cloud Monitoring/outputs/cloud_monitoring_guid" + "value": "ref:./members/2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_guid" }, { "name": "secrets_manager_crn", - "value": "ref:./members/Essential Security - Secrets Manager/outputs/secrets_manager_crn" + "value": "ref:./members/4c - Essential Security - Secrets Manager/outputs/secrets_manager_crn" }, { "name": "secrets_manager_guid", - "value": "ref:./members/Essential Security - Secrets Manager/outputs/secrets_manager_guid" + "value": "ref:./members/4c - Essential Security - Secrets Manager/outputs/secrets_manager_guid" }, { "name": "secrets_manager_name", - "value": "ref:./members/Essential Security - Secrets Manager/outputs/secrets_manager_name" + "value": "ref:./members/4c - Essential Security - Secrets Manager/outputs/secrets_manager_name" }, { "name": "app_config_crn", - "value": "ref:./members/Essential Security - App Configuration/outputs/app_config_crn" + "value": "ref:./members/4b - Essential Security - App Configuration/outputs/app_config_crn" }, { "name": "app_config_guid", - "value": "ref:./members/Essential Security - App Configuration/outputs/app_config_guid" + "value": "ref:./members/4b - Essential Security - App Configuration/outputs/app_config_guid" }, { "name": "scc_workload_protection_crn", - "value": "ref:./members/Essential Security - Security and Compliance Center Workload Protection/outputs/scc_workload_protection_crn" + "value": "ref:./members/5a - Essential Security - Security and Compliance Center Workload Protection/outputs/scc_workload_protection_crn" }, { "name": "scc_workload_protection_id", - "value": "ref:./members/Essential Security - Security and Compliance Center Workload Protection/outputs/scc_workload_protection_id" + "value": "ref:./members/5a - Essential Security - Security and Compliance Center Workload Protection/outputs/scc_workload_protection_id" }, { "name": "watson_discovery_crn", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_discovery_crn" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_discovery_crn" }, { "name": "watson_discovery_dashboard_url", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_discovery_dashboard_url" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_discovery_dashboard_url" }, { "name": "watson_machine_learning_crn", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_crn" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_crn" }, { "name": "watson_machine_learning_dashboard_url", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_dashboard_url" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_dashboard_url" }, { "name": "watson_machine_learning_guid", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_guid" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_guid" }, { "name": "watson_studio_crn", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_studio_crn" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_studio_crn" }, { "name": "watson_studio_dashboard_url", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_studio_dashboard_url" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_studio_dashboard_url" }, { "name": "watson_studio_guid", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_studio_guid" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_studio_guid" }, { "name": "watsonx_assistant_crn", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watsonx_assistant_crn" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watsonx_assistant_crn" }, { "name": "watsonx_assistant_dashboard_url", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watsonx_assistant_dashboard_url" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watsonx_assistant_dashboard_url" }, { "name": "watsonx_data_crn", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watsonx_data_crn" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watsonx_data_crn" }, { "name": "watsonx_data_dashboard_url", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watsonx_data_dashboard_url" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watsonx_data_dashboard_url" }, { "name": "watsonx_data_guid", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watsonx_data_guid" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watsonx_data_guid" }, { "name": "watson_discovery_guid", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_discovery_guid" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_discovery_guid" } ] } From 8b1a847f613a8eea3aaa96efdb171a730440a8b3 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Fri, 26 Sep 2025 12:37:53 +0100 Subject: [PATCH 06/36] fully configurable --- solutions/basic/stack_definition.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index e6529c82..24ff340d 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -335,7 +335,7 @@ "inputs": [ { "name": "existing_cos_instance_crn", - "value": "ref:../../members/1b - Object storage/outputs/cos_instance_id" + "value": "ref:../../members/2b - Object storage/outputs/cos_instance_id" }, { "name": "enable_collecting_failed_events", @@ -375,7 +375,7 @@ }, { "name": "existing_monitoring_crn", - "value": "ref:../../members/1c - Cloud Monitoring/outputs/cloud_monitoring_crn" + "value": "ref:../../members/2c - Cloud Monitoring/outputs/cloud_monitoring_crn" } ] }, From ca5456512cb2364f92af3bf5496bdb8a99deb83e Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Fri, 26 Sep 2025 12:54:45 +0100 Subject: [PATCH 07/36] fully configurable --- solutions/basic/stack_definition.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index 24ff340d..aff384e0 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -483,7 +483,7 @@ }, { "name": "existing_monitoring_crn", - "value": "ref:../../members/1c - Cloud Monitoring/outputs/cloud_monitoring_crn" + "value": "ref:../../members/2c - Cloud Monitoring/outputs/cloud_monitoring_crn" }, { "name": "prefix", From 88198d23e51c08beaff8c049e6e955bdb7d1d089 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Fri, 26 Sep 2025 12:58:28 +0100 Subject: [PATCH 08/36] fully configurable --- solutions/basic/stack_definition.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index aff384e0..863d2afb 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -541,11 +541,11 @@ }, { "name": "existing_kms_instance_crn", - "value": "ref:../../members/1a - Key management/outputs/kms_instance_crn" + "value": "ref:../../members/2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, { "name": "kms_endpoint_url", - "value": "ref:../../members/1a - Key management/outputs/kms_private_endpoint" + "value": "ref:../../members/2a - Essential Security - Encryption Key Management/outputs/kms_private_endpoint" }, { "name": "enable_event_notifications", @@ -553,11 +553,11 @@ }, { "name": "existing_event_notifications_instance_crn", - "value": "ref:../../members/2 - Event Notifications/outputs/crn" + "value": "ref:../../members/3a - Essential Security - Event Notifications/outputs/crn" }, { "name": "event_notifications_endpoint_url", - "value": "ref:../../members/2 - Event Notifications/outputs/event_notifications_private_endpoint" + "value": "ref:../../members/3a - Essential Security - Event Notifications/outputs/event_notifications_private_endpoint" }, { "name": "event_notifications_email_list", From 50e2e80903748662768e81661aa75592ad7f753d Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Fri, 26 Sep 2025 13:08:56 +0100 Subject: [PATCH 09/36] fully configurable --- ibm_catalog.json | 9 ++++++++- solutions/basic/stack_definition.json | 7 +++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index 9f682b1c..3f69d292 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -373,6 +373,13 @@ "description": "Pass a list of regions to create a tenant that is targeted to the Cloud Logs instance created by this solution. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants.", "required": false }, + { + "key": "event_notifications_email_list", + "type": "array", + "default_value": [], + "description": "List of emails to configure event notifications.", + "required": false + }, { "key": "app_config_plan", "type": "string", @@ -785,7 +792,7 @@ { "key": "secret_manager_service_plan", "type": "string", - "default_value": "trial", + "default_value": "standard", "description": "The service/pricing plan to use when provisioning a new Secrets Manager instance. Only one trial instance is allowed per account.", "required": false, "options": [ diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index 863d2afb..f13f49db 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -74,6 +74,13 @@ "type": "string", "hidden": false }, + { + "name": "event_notifications_email_list", + "required": false, + "type": "array", + "hidden": false, + "custom_config": {} + }, { "name": "existing_kms_instance_crn", "required": false, From debc543fab5d1e15a3603070a9736ec84be464c8 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Mon, 29 Sep 2025 12:00:38 +0100 Subject: [PATCH 10/36] fully configurable --- solutions/basic/stack_definition.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index f13f49db..29500443 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -508,7 +508,7 @@ }, { "name": "4b - Essential Security - App Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.7b563b79-03ab-4275-b8d5-54c2ba4f27f3-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.430291dd-8a78-46c2-8d02-e951da977582-global", "inputs": [ { "name": "existing_resource_group_name", @@ -574,7 +574,7 @@ }, { "name": "4c - Essential Security - Secrets Manager", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.63d15a72-ea75-4cc9-841a-83908095eef3-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.3d0da0a9-0327-44fc-8796-edf8e0017e25-global", "inputs": [ { "name": "prefix", @@ -702,7 +702,7 @@ }, { "name": "existing_secrets_manager_instance_crn", - "value": "ref:./members/4c - Essential Security - Secrets Manager/outputs/secrets_manager_crn" + "value": "ref:../members/4c - Essential Security - Secrets Manager/outputs/secrets_manager_crn" } ] }, From f7e7ecca14f4e84cfa571d448c5cef21acf875b4 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Wed, 1 Oct 2025 11:12:50 +0100 Subject: [PATCH 11/36] fully configurable --- ibm_catalog.json | 2149 ++++++++++++------------- solutions/basic/stack_definition.json | 22 +- 2 files changed, 1073 insertions(+), 1098 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index 3f69d292..589ce89c 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -1,1086 +1,1067 @@ { - "products": [ - { - "label": "Retrieval Augmented Generation (RAG) Pattern", - "name": "Retrieval_Augmented_Generation_Pattern", - "product_kind": "solution", - "tags": [ - "solution", - "watson", - "security", - "banking", - "ibm_created" - ], - "keywords": [ - "rag", - "watson", - "ai", - "compliance", - "fscloud", - "genai", - "sample", - "ibmcloud", - "financial services", - "watsonx", - "llm", - "retrieval augmented generation", - "secure", - "secret manager", - "key protect", - "security and compliance center workload protection", - "cspm", - "config aggregator", - "app config" - ], - "short_description": "Automate RAG deployment with supporting IBM Cloud and watsonx services, embed your enterprise data in generative AI solutions.", - "long_description": "Utilize data from your enterprise to achieve productivity gains in activities related to question/answer conversations, content search, summarization and generation. RAG can be deployed in multiple configurations and is applicable to various industry use cases and solutions.\n\nThis deployable architecture provides a comprehensive foundation for trust, observability, security, and regulatory compliance by configuring and deploying various services and a sample application for a [RAG pattern](https://cloud.ibm.com/docs/pattern-genai-rag?topic=pattern-genai-rag-genai-pattern), including:\n- Configuring IBM Cloud Account with best practices from [IBM Cloud Framework for Financial Services](https://cloud.ibm.com/docs/framework-financial-services?topic=framework-financial-services-about)\n- Deploying key and secrets management services for storage and management of encryption keys and secrets\n- Deploying controls for continuous compliance\n- Deploying observability services for application and platform logging and monitoring\n- Deploying a suite of watsonx services to provide generative AI RAG capabilities\n- Deploying content databases for storing vector embeddings of the documents and content search/retrieval\n- Deploying a sample application in a variety of run times including CI/CD/CC pipelines for secure application lifecycle management\n\nThe above configured and deployed services enable a secure and trustworthy deployment of generative AI applications on IBM Cloud.\n\nThe configurations are flexible and be changed to meet the needs for several types of RAG patterns depending on the chosen combination of technologies and services.\n\nThe generative AI RAG pattern services include:\n- [watsonx.ai](https://dataplatform.cloud.ibm.com/docs/content/wsj/getting-started/welcome-main.html?context=wx)\n- [watsonx.data](https://cloud.ibm.com/docs/watsonxdata) (with Milvus)\n- [watsonx.governance](https://dataplatform.cloud.ibm.com/docs/content/svc-welcome/aiopenscale.html?context=wx)\n- [watsonx Assistant](https://cloud.ibm.com/docs/watson-assistant?topic=watson-assistant-welcome-new-assistant)\n- [watsonx Orchestrate](https://www.ibm.com/docs/en/watsonx/watson-orchestrate/current)\n- [Watson Discovery](https://cloud.ibm.com/docs/discovery-data)\n- [Elasticsearch](https://cloud.ibm.com/docs/databases-for-elasticsearch) Enterprise and Platinum edition\n\nThe supporting services include:\n- [Secrets Manager](https://cloud.ibm.com/docs/secrets-manager)\n- [Key Protect](https://cloud.ibm.com/docs/key-protect)\n- [Security and Compliance Center](https://cloud.ibm.com/docs/security-compliance)\n- [Event Notifications](https://cloud.ibm.com/docs/event-notifications?topic=event-notifications-getting-started)\n- [Logs](https://cloud.ibm.com/docs/cloud-logs)\n- [Monitoring](https://cloud.ibm.com/docs/monitoring?topic=monitoring-getting-started)\n- [Object Storage](https://cloud.ibm.com/docs/cloud-object-storage?topic=cloud-object-storage-getting-started-cloud-object-storage)\n- [Continuous Delivery](https://cloud.ibm.com/docs/ContinuousDelivery) toolchains\n- [Container Registry](https://cloud.ibm.com/docs/Registry)\n\nA [sample RAG application](https://github.com/IBM/gen-ai-rag-watsonx-sample-application) is deployed to [Code Engine](https://cloud.ibm.com/docs/codeengine) or [Red Hat OpenShift](https://cloud.ibm.com/docs/openshift) cluster.\n\nBy leveraging this architecture, you can accelerate your deployment and tailor it to meet your unique business needs and enterprise goals.", - "offering_docs_url": "https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/blob/main/README.md", - "offering_icon_url": "https://globalcatalog.cloud.ibm.com/api/v1/1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc/artifacts/solution.svg", - "provider_name": "IBM", - "features": [ - { - "title": "RAG Pattern", - "description": "Deploy a RAG pattern with supporting IBM Cloud and watsonx services, and a sample application to Code Engine or Red Hat OpenShift using Continuous Delivery." - }, - { - "title": "Implement Security", - "description": "The architecture ensures security by deploying Key Protect and Secrets Manager." - }, - { - "title": "Achieve Regulatory Compliance", - "description": "Ensures regulatory compliance by implementing CI/CD/CC pipelines, along with Security and Compliance Center Workload Protection for continuous compliance." - }, - { - "title": "Ensure Observability", - "description": "Provides observability by deploying services such as Logs and Monitoring for log analysis and tracking activity." - }, - { - "title": "Establish Trust", - "description": "Ensures trust by configuring the IBM Cloud account to align with compliance settings as defined in the Financial Services framework." - } - ], - "support_details": "This product is in the community registry, as such support is handled through the originated repo. If you experience issues please open an issue in that repository [https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/issues](https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/issues). Please note this product is not supported via the IBM Cloud Support Center.", - "flavors": [ - { - "label": "Basic with sample application (Deploy on Code Engine)", - "name": "basic-fully-config", - "index": 1, - "working_directory": "solutions/basic", - "compliance": { - "authority": "scc-v3", - "profiles": [ - { - "profile_name": "AI Security Guardrails 2.0", - "profile_version": "1.1.0" - } - ] - }, - "iam_permissions": [ - { - "service_name": "iam-groups", - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Administrator" - ] - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Manager", - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "cloud-object-storage" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Administrator" - ], - "service_name": "iam-identity" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Writer", - "crn:v1:bluemix:public:iam::::role:Administrator" - ], - "service_name": "atracker" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Manager", - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "kms" - }, - { - "service_name": "sysdig-secure", - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Manager", - "crn:v1:bluemix:public:iam::::role:Editor" - ] - }, - { - "service_name": "apprapp", - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Manager", - "crn:v1:bluemix:public:iam::::role:Editor" - ] - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "pm-20" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "data-science-experience" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "aiopenscale" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "conversation" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "discovery" - }, - { - "service_name": "databases-for-elasticsearch", - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Editor" - ] - }, - { - "service_name": "event-notifications", - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Manager", - "crn:v1:bluemix:public:iam::::role:Editor" - ] - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Writer", - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "codeengine" - } - ], - "architecture": { - "features": [ - { - "title": " ", - "description": "Enables:" - }, - { - "title": "1. Code Engine for containerized and serverless workloads", - "description": " " - }, - { - "title": "2. Elasticsearch Enterprise for building and storing dense vector indexes or keyword search indexes", - "description": " " - }, - { - "title": "3. watsonx.ai in-memory vector store for RAG trial and exploration", - "description": " " - }, - { - "title": "4. watsonx.ai UI to upload documents", - "description": " " - }, - { - "title": "5. watsonx.ai Prompt Lab for inferencing and Prompt Templates", - "description": " " - }, - { - "title": "6. watsonx Assistant Conversational Search with embedded LLM", - "description": " " - }, - { - "title": "7. Build your own data processing, ingestion pipeline and indexes", - "description": " " - } - ], - "diagrams": [ - { - "diagram": { - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-pattern.svg", - "caption": "Reference architecture", - "type": "image/svg+xml", - "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-pattern.svg" - }, - "description": "Reference architecture" - }, - { - "diagram": { - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-stack.svg", - "caption": "Solution components", - "type": "image/svg+xml", - "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-stack.svg" - }, - "description": "Solution components" - } - ] - }, - "configuration": [ - { - "key": "prefix", - "type": "string", - "description": "A prefix added to the name of all resources created by this solution. Used to avoid name clashes in the target account when deploying this solution multiple times.", - "default_value": "rag", - "required": true - }, - { - "key": "ibmcloud_api_key", - "type": "password", - "description": "The API Key used to provision all resources created in this solution.", - "required": true - }, - { - "key": "signing_key", - "type": "password", - "description": "The key used to sign the application image built by the CI pipeline deployed in this solution; please refer to the documentation at https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/blob/main/README.md for generating the key; if not set, all resources will deploy successfully, but the initial CI pipeline execution will fail at the signing step.", - "default_value": "replace", - "required": false, - "custom_config": { - "type": "multiline_secure_value", - "grouping": "deployment", - "original_grouping": "deployment" - } - }, - { - "key": "region", - "type": "string", - "default_value": "us-south", - "description": "The region in which all resources are deployed.", - "required": false, - "options": [ - { - "displayname": "us-south", - "value": "us-south" - }, - { - "displayname": "eu-de", - "value": "eu-de" - } - ] - }, - { - "key": "resource_group_name", - "type": "string", - "default_value": "rag-services", - "description": "The name of the resource group that is created by this solution. The actual name is prefixed with the value of the input 'prefix'. All resources created by this solution are deployed in this resource group.", - "required": false - }, - { - "key": "existing_resource_group_name", - "type": "string", - "default_value": "__NULL__", - "description": "The name of an existing resource group that is used by this solution, takes precedence over resource_group_name. Prefix is NOT used for existing resource group. All resources created by this solution are deployed in this resource group.", - "required": false - }, - { - "key": "watsonx_admin_api_key", - "type": "password", - "description": "The API key used to provision the watson project resources. If not set, the API key used to deploy the solution is used.", - "required": false - }, - { - "key": "secret_manager_service_plan", - "type": "string", - "default_value": "trial", - "description": "The service/pricing plan to use when provisioning a new Secrets Manager instance. Only one trial instance is allowed per account.", - "required": false, - "options": [ - { - "displayname": "Trial", - "value": "trial" - }, - { - "displayname": "Standard", - "value": "standard" - } - ] - }, - { - "key": "key_protect_plan", - "type": "string", - "default_value": "tiered-pricing", - "description": "The service plan of the Key Protect instance that will be provisioned by this solution. Only used if not supplying `existing_kms_instance_crn`. [Learn more](https://cloud.ibm.com/docs/key-protect?topic=key-protect-pricing-plan).", - "required": false, - "options": [ - { - "displayname": "Standard", - "value": "tiered-pricing" - }, - { - "displayname": "Cross-region Resiliency", - "value": "cross-region-resiliency" - } - ] - }, - { - "key": "cloud_monitoring_plan", - "type": "string", - "default_value": "graduated-tier", - "description": "The IBM Cloud Monitoring plan to provision. Available values are `lite` and `graduated-tier` and `graduated-tier-sysdig-secure-plus-monitor` (available in region eu-fr2 only). [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-service_plans)", - "required": false, - "options": [ - { - "displayname": "Lite", - "value": "lite" - }, - { - "displayname": "Graduated Tier", - "value": "graduated-tier" - } - ] - }, - { - "key": "existing_secrets_manager_crn", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing secret manager instance to use in this solution. If not set, a new secret manager instance is provisioned.", - "required": false - }, - { - "key": "skip_iam_authorization_policy", - "display_name": "disable_secrets_manager_iam_credentials_engine", - "type": "boolean", - "default_value": false, - "description": "Whether to skip the creation of the IAM authorization policies required to enable the Secrets Manager IAM credentials engine. If set to false, policies will be created that grants the Secrets Manager instance 'Operator' access to the IAM identity service, and 'Groups Service Member Manage' access to the IAM groups service.", - "required": false - }, - { - "key": "enable_platform_metrics", - "type": "boolean", - "default_value": false, - "description": "Setting this to true will enable platform metrics for the Cloud Monitoring instance. NOTE: You can configure 1 instance only of the IBM Cloud Monitoring service per region to collect platform metrics in that location.", - "required": false - }, - { - "key": "logs_routing_tenant_regions", - "type": "array", - "default_value": [], - "description": "Pass a list of regions to create a tenant that is targeted to the Cloud Logs instance created by this solution. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants.", - "required": false - }, - { - "key": "event_notifications_email_list", - "type": "array", - "default_value": [], - "description": "List of emails to configure event notifications.", - "required": false - }, - { - "key": "app_config_plan", - "type": "string", - "default_value": "enterprise", - "description": "The pricing plan to use for the IBM Cloud App Configuration instance.", - "required": false, - "options": [ - { - "displayname": "Basic", - "value": "basic" - }, - { - "displayname": "Standard", - "value": "standardv2" - }, - { - "displayname": "Enterprise", - "value": "enterprise" - } - ] - }, - { - "key": "scc_workload_protection_service_plan", - "type": "string", - "default_value": "graduated-tier", - "description": "The pricing plan to use for the IBM Cloud Security and Compliance Center Workload Protection instance.", - "required": false, - "options": [ - { - "displayname": "Graduated Tier", - "value": "graduated-tier" - }, - { - "displayname": "Free Trial", - "value": "free-trial" - } - ] - }, - { - "key": "enterprise_id", - "type": "string", - "default_value": "__NULL__", - "description": "If the account is an enterprise account and you want to scan sub-accounts for compliance, this value should be set to the enterprise ID (this is different to the account ID).", - "required": false - }, - { - "key": "enterprise_account_group_ids_to_assign", - "type": "array", - "default_value": [ - "all" - ], - "description": "A list of enterprise account group IDs to assign the trusted profile template to in order for the accounts to be scanned for compliance. Supports passing the string 'all' in the list to assign to all account groups. Only applies if a value is being passed for `enterprise_id`.", - "required": false - }, - { - "key": "enterprise_account_ids_to_assign", - "type": "array", - "default_value": [ - "all" - ], - "description": "A list of enterprise account IDs to assign the trusted profile template to in order for the accounts to be scanned. Supports passing the string 'all' in the list to assign to all accounts. Only applies if a value is being passed for `enterprise_id`.", - "required": false - }, - { - "key": "sample_app_git_url", - "type": "string", - "default_value": "https://github.com/IBM/gen-ai-rag-watsonx-sample-application", - "description": "The URL to the public git repository containing the sample rag application code.", - "required": false - }, - { - "key": "existing_kms_instance_crn", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing KMS instance to use in this solution. If not set, a new KP instance is provisioned.", - "required": false - }, - { - "key": "existing_event_notification_instance_crn", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing event notification instance to use in this solution. If not set, a new event notification instance is provisioned.", - "required": false - }, - { - "key": "existing_discovery_instance", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing WatsonX SaaS discovery instance to use in this solution. If not set, a new discovery instance is provisioned depending on which plan is selected.", - "required": false - }, - { - "key": "existing_assistant_instance_crn", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing WatsonX SaaS assistant instance to use in this solution. If not set, a new assistant instance is provisioned depending on which plan is selected.", - "required": false - }, - { - "key": "existing_governance_instance", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing WatsonX SaaS governance instance to use in this solution. If not set, a new governance instance is provisioned depending on which plan is selected.", - "required": false - }, - { - "key": "existing_studio_instance", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing WatsonX SaaS studio instance to use in this solution. If not set, a new studio instance is provisioned depending on which plan is selected.", - "required": false - }, - { - "key": "existing_machine_learning_instance", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing WatsonX SaaS machine learning instance to use in this solution. If not set, a new machine learning instance is provisioned depending on which plan is selected.", - "required": false - }, - { - "key": "existing_elasticsearch_instance_crn", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing elasticsearch instance to use in this solution. If not set, a new elasticsearch instance is provisioned.", - "required": false - } - ], - "outputs": [ - { - "key": "elasticsearch_hostname", - "description": "The hostname of the Elasticsearch instance." - }, - { - "key": "elasticsearch_port", - "description": "The port of the Elasticsearch instance." - }, - { - "key": "elasticsearch_service_credentials_json", - "description": "The service credentials of the Elasticsearch instance." - }, - { - "key": "elasticsearch_crn", - "description": "The CRN of the Elasticsearch instance." - }, - { - "key": "watsonx_project_url", - "description": "The URL to the WatsonX project for the sample RAG application." - }, - { - "key": "watsonx_project_id", - "description": "The ID for the WatsonX project for the sample RAG application." - }, - { - "key": "watson_discovery_api_url", - "description": "The URL to the Watson Discovery API endpoint." - }, - { - "key": "watson_discovery_project_id", - "description": "The ID for the Watson Discovery project for the sample RAG application." - } - ], - "install_type": "fullstack" - }, - { - "label": "Standard with sample application (Deploy on Red Hat OpenShift)", - "name": "standard-fully-config", - "index": 2, - "working_directory": "solutions/standard", - "compliance": { - "authority": "scc-v3", - "profiles": [ - { - "profile_name": "AI Security Guardrails 2.0", - "profile_version": "1.1.0" - } - ] - }, - "iam_permissions": [ - { - "service_name": "iam-groups", - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Administrator" - ] - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Manager", - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "cloud-object-storage" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Administrator", - "crn:v1:bluemix:public:iam-identity::::serviceRole:UserApiKeyCreator" - ], - "service_name": "iam-identity" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Writer", - "crn:v1:bluemix:public:iam::::role:Administrator" - ], - "service_name": "atracker" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Manager", - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "kms" - }, - { - "service_name": "sysdig-secure", - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Manager", - "crn:v1:bluemix:public:iam::::role:Editor" - ] - }, - { - "service_name": "apprapp", - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Manager", - "crn:v1:bluemix:public:iam::::role:Editor" - ] - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "pm-20" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "data-science-experience" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "aiopenscale" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "conversation" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Editor" - ], - "service_name": "discovery" - }, - { - "service_name": "databases-for-elasticsearch", - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Editor" - ] - }, - { - "service_name": "event-notifications", - "role_crns": [ - "crn:v1:bluemix:public:iam::::serviceRole:Manager", - "crn:v1:bluemix:public:iam::::role:Editor" - ] - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Administrator" - ], - "service_name": "containers-kubernetes" - }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Administrator" - ], - "service_name": "is.vpc" - } - ], - "architecture": { - "features": [ - { - "title": " ", - "description": "Enables:" - }, - { - "title": "1. Red Hat OpenShift cluster for microservices workloads", - "description": " " - }, - { - "title": "2. Elasticsearch Platinum for building and storing sparse vectors, dense vector indexes or keyword search indexes", - "description": " " - }, - { - "title": "i. watsonx.ai use of Elasticsearch ELSER2 vector index for RAG", - "description": " " - }, - { - "title": "ii. watsonx Assistant Conversational Search with UI feature for uploading documents to create or use Elasticsearch ELSER2 vector index for RAG", - "description": " " - }, - { - "title": "3. watsonx.ai in-memory vector store for RAG trial and exploration", - "description": " " - }, - { - "title": "4. watsonx.ai UI to upload documents", - "description": " " - }, - { - "title": "5. watsonx.ai Prompt Lab for inferencing and Prompt Templates", - "description": " " - }, - { - "title": "6. watsonx Assistant Conversational Search with embedded LLM", - "description": " " - }, - { - "title": "7. Build your own data processing, ingestion pipeline and indexes", - "description": " " - } - ], - "diagrams": [ - { - "diagram": { - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-pattern.svg", - "caption": "Reference architecture", - "type": "image/svg+xml", - "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-pattern.svg" - }, - "description": "Reference architecture" - }, - { - "diagram": { - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-stack.svg", - "caption": "Solution components", - "type": "image/svg+xml", - "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-stack.svg" - }, - "description": "Solution components" - } - ] - }, - "configuration": [ - { - "key": "prefix", - "type": "string", - "description": "A prefix added to the name of all resources created by this solution. Must start with a letter, contain only lowercase letters, numbers, or dashes, and be 13 characters or less. Used to avoid name clashes in the target account when deploying this solution multiple times.", - "default_value": "rag", - "required": true - }, - { - "key": "ibmcloud_api_key", - "type": "password", - "description": "The API Key used to provision all resources created in this solution.", - "required": true - }, - { - "key": "signing_key", - "type": "password", - "description": "The key used to sign the application image built by the CI pipeline deployed in this solution; please refer to the documentation at https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/blob/main/README.md for generating the key; if not set, all resources will deploy successfully, but the initial CI pipeline execution will fail at the signing step.", - "default_value": "replace", - "required": false, - "custom_config": { - "type": "multiline_secure_value", - "grouping": "deployment", - "original_grouping": "deployment" - } - }, - { - "key": "region", - "type": "string", - "default_value": "us-south", - "description": "The region in which all resources are deployed.", - "required": false, - "options": [ - { - "displayname": "us-south", - "value": "us-south" - }, - { - "displayname": "eu-de", - "value": "eu-de" - } - ] - }, - { - "key": "resource_group_name", - "type": "string", - "default_value": "rag-services", - "description": "The name of the resource group that is created by this solution. The actual name is prefixed with the value of the input 'prefix'. All resources created by this solution are deployed in this resource group.", - "required": false - }, - { - "key": "existing_resource_group_name", - "type": "string", - "default_value": "__NULL__", - "description": "The name of an existing resource group that is used by this solution, takes precedence over resource_group_name. Prefix is NOT used for existing resource group. All resources created by this solution are deployed in this resource group.", - "required": false - }, - { - "key": "watsonx_admin_api_key", - "type": "password", - "description": "The API key used to provision the watson project resources. If not set, the API key used to deploy the solution is used.", - "required": false - }, - { - "key": "secret_manager_service_plan", - "type": "string", - "default_value": "standard", - "description": "The service/pricing plan to use when provisioning a new Secrets Manager instance. Only one trial instance is allowed per account.", - "required": false, - "options": [ - { - "displayname": "Trial", - "value": "trial" - }, - { - "displayname": "Standard", - "value": "standard" - } - ] - }, - { - "key": "existing_secrets_manager_crn", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing secret manager instance to use in this solution. If not set, a new secret manager instance is provisioned.", - "required": false - }, - { - "key": "skip_iam_authorization_policy", - "display_name": "disable_secrets_manager_iam_credentials_engine", - "type": "boolean", - "default_value": false, - "description": "Whether to skip the creation of the IAM authorization policies required to enable the Secrets Manager IAM credentials engine. If set to false, policies will be created that grants the Secrets Manager instance 'Operator' access to the IAM identity service, and 'Groups Service Member Manage' access to the IAM groups service.", - "required": false - }, - { - "key": "enable_platform_metrics", - "type": "boolean", - "default_value": false, - "description": "Setting this to true will enable platform metrics for the Cloud Monitoring instance. NOTE: You can configure 1 instance only of the IBM Cloud Monitoring service per region to collect platform metrics in that location.", - "required": false - }, - { - "key": "logs_routing_tenant_regions", - "type": "array", - "default_value": [], - "description": "Pass a list of regions to create a tenant that is targeted to the Cloud Logs instance created by this solution. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants.", - "required": false - }, - { - "key": "app_config_plan", - "type": "string", - "default_value": "enterprise", - "description": "The pricing plan to use for the IBM Cloud App Configuration instance.", - "required": false, - "options": [ - { - "displayname": "Basic", - "value": "basic" - }, - { - "displayname": "Standard", - "value": "standardv2" - }, - { - "displayname": "Enterprise", - "value": "enterprise" - } - ] - }, - { - "key": "scc_workload_protection_service_plan", - "type": "string", - "default_value": "graduated-tier", - "description": "The pricing plan to use for the IBM Cloud Security and Compliance Center Workload Protection instance.", - "required": false, - "options": [ - { - "displayname": "Graduated Tier", - "value": "graduated-tier" - }, - { - "displayname": "Free Trial", - "value": "free-trial" - } - ] - }, - { - "key": "enterprise_id", - "type": "string", - "default_value": "__NULL__", - "description": "If the account is an enterprise account and you want to scan sub-accounts for compliance, this value should be set to the enterprise ID (this is different to the account ID).", - "required": false - }, - { - "key": "enterprise_account_group_ids_to_assign", - "type": "array", - "default_value": [ - "all" - ], - "description": "A list of enterprise account group IDs to assign the trusted profile template to in order for the accounts to be scanned for compliance. Supports passing the string 'all' in the list to assign to all account groups. Only applies if a value is being passed for `enterprise_id`.", - "required": false - }, - { - "key": "enterprise_account_ids_to_assign", - "type": "array", - "default_value": [ - "all" - ], - "description": "A list of enterprise account IDs to assign the trusted profile template to in order for the accounts to be scanned. Supports passing the string 'all' in the list to assign to all accounts. Only applies if a value is being passed for `enterprise_id`.", - "required": false - }, - { - - "key": "app_config_plan", - "type": "string", - "default_value": "enterprise", - "description": "The pricing plan to use for the IBM Cloud App Configuration instance.", - "required": false, - "options": [ - { - "displayname": "Basic", - "value": "basic" - }, - { - "displayname": "Standard", - "value": "standardv2" - }, - { - "displayname": "Enterprise", - "value": "enterprise" - } - ] - }, - { - - "key": "elasticsearch_plan", - "type": "string", - "default_value": "enterprise", - "description": "The name of the service plan for your Databases for Elasticsearch instance. [Learn more](https://cloud.ibm.com/docs/databases-for-elasticsearch?topic=databases-for-elasticsearch-elastic-offerings).", - "required": false, - "options": [ - { - "displayname": "Enterprise", - "value": "enterprise" - }, - { - "displayname": "Platinum", - "value": "platinum" - } - ] - }, - { - "key": "scc_workload_protection_service_plan", - "type": "string", - "default_value": "graduated-tier", - "description": "The pricing plan to use for the IBM Cloud Security and Compliance Center Workload Protection instance.", - "required": false, - "options": [ - { - "displayname": "Graduated Tier", - "value": "graduated-tier" - }, - { - "displayname": "Free Trial", - "value": "free-trial" - } - ] - }, - { - "key": "enterprise_id", - "type": "string", - "default_value": "__NULL__", - "description": "If the account is an enterprise account and you want to scan sub-accounts for compliance, this value should be set to the enterprise ID (this is different to the account ID).", - "required": false - }, - { - "key": "enterprise_account_group_ids_to_assign", - "type": "array", - "default_value": [ - "all" - ], - "description": "A list of enterprise account group IDs to assign the trusted profile template to in order for the accounts to be scanned for compliance. Supports passing the string 'all' in the list to assign to all account groups. Only applies if a value is being passed for `enterprise_id`.", - "required": false - }, - { - "key": "enterprise_account_ids_to_assign", - "type": "array", - "default_value": [ - "all" - ], - "description": "A list of enterprise account IDs to assign the trusted profile template to in order for the accounts to be scanned. Supports passing the string 'all' in the list to assign to all accounts. Only applies if a value is being passed for `enterprise_id`.", - "required": false - }, - { - "key": "sample_app_git_url", - "type": "string", - "default_value": "https://github.com/IBM/gen-ai-rag-watsonx-sample-application", - "description": "The URL to the public git repository containing the sample rag application code.", - "required": false - }, - { - "key": "existing_kms_instance_crn", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing KMS instance to use in this solution. If not set, a new KP instance is provisioned.", - "required": false - }, - { - "key": "existing_event_notification_instance_crn", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing event notification instance to use in this solution. If not set, a new event notification instance is provisioned.", - "required": false - }, - { - "key": "existing_discovery_instance", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing WatsonX SaaS discovery instance to use in this solution. If not set, a new discovery instance is provisioned depending on which plan is selected.", - "required": false - }, - { - "key": "existing_assistant_instance_crn", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing WatsonX SaaS assistant instance to use in this solution. If not set, a new assistant instance is provisioned depending on which plan is selected.", - "required": false - }, - { - "key": "existing_governance_instance", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing WatsonX SaaS governance instance to use in this solution. If not set, a new governance instance is provisioned depending on which plan is selected.", - "required": false - }, - { - "key": "existing_studio_instance", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing WatsonX SaaS studio instance to use in this solution. If not set, a new studio instance is provisioned depending on which plan is selected.", - "required": false - }, - { - "key": "existing_machine_learning_instance", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing WatsonX SaaS machine learning instance to use in this solution. If not set, a new machine learning instance is provisioned depending on which plan is selected.", - "required": false - }, - { - "key": "existing_elasticsearch_instance_crn", - "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing elasticsearch instance to use in this solution. If not set, a new elasticsearch instance is provisioned.", - "required": false - } - ], - "outputs": [ - { - "key": "elasticsearch_hostname", - "description": "The hostname of the Elasticsearch instance." - }, - { - "key": "elasticsearch_port", - "description": "The port of the Elasticsearch instance." - }, - { - "key": "elasticsearch_service_credentials_json", - "description": "The service credentials of the Elasticsearch instance." - }, - { - "key": "elasticsearch_crn", - "description": "The CRN of the Elasticsearch instance." - }, - { - "key": "watsonx_project_url", - "description": "The URL to the WatsonX project for the sample RAG application." - }, - { - "key": "watsonx_project_id", - "description": "The ID for the WatsonX project for the sample RAG application." - }, - { - "key": "watson_discovery_api_url", - "description": "The URL to the Watson Discovery API endpoint." - }, - { - "key": "watson_discovery_project_id", - "description": "The ID for the Watson Discovery project for the sample RAG application." - } - ], - "install_type": "fullstack" - } - ] - } - ] + "products": [ + { + "label": "Retrieval Augmented Generation (RAG) Pattern", + "name": "Retrieval_Augmented_Generation_Pattern", + "product_kind": "solution", + "tags": [ + "solution", + "watson", + "security", + "banking", + "ibm_created" + ], + "keywords": [ + "rag", + "watson", + "ai", + "compliance", + "fscloud", + "genai", + "sample", + "ibmcloud", + "financial services", + "watsonx", + "llm", + "retrieval augmented generation", + "secure", + "secret manager", + "key protect", + "security and compliance center workload protection", + "cspm", + "config aggregator", + "app config" + ], + "short_description": "Automate RAG deployment with supporting IBM Cloud and watsonx services, embed your enterprise data in generative AI solutions.", + "long_description": "Utilize data from your enterprise to achieve productivity gains in activities related to question/answer conversations, content search, summarization and generation. RAG can be deployed in multiple configurations and is applicable to various industry use cases and solutions.\n\nThis deployable architecture provides a comprehensive foundation for trust, observability, security, and regulatory compliance by configuring and deploying various services and a sample application for a [RAG pattern](https://cloud.ibm.com/docs/pattern-genai-rag?topic=pattern-genai-rag-genai-pattern), including:\n- Configuring IBM Cloud Account with best practices from [IBM Cloud Framework for Financial Services](https://cloud.ibm.com/docs/framework-financial-services?topic=framework-financial-services-about)\n- Deploying key and secrets management services for storage and management of encryption keys and secrets\n- Deploying controls for continuous compliance\n- Deploying observability services for application and platform logging and monitoring\n- Deploying a suite of watsonx services to provide generative AI RAG capabilities\n- Deploying content databases for storing vector embeddings of the documents and content search/retrieval\n- Deploying a sample application in a variety of run times including CI/CD/CC pipelines for secure application lifecycle management\n\nThe above configured and deployed services enable a secure and trustworthy deployment of generative AI applications on IBM Cloud.\n\nThe configurations are flexible and be changed to meet the needs for several types of RAG patterns depending on the chosen combination of technologies and services.\n\nThe generative AI RAG pattern services include:\n- [watsonx.ai](https://dataplatform.cloud.ibm.com/docs/content/wsj/getting-started/welcome-main.html?context=wx)\n- [watsonx.data](https://cloud.ibm.com/docs/watsonxdata) (with Milvus)\n- [watsonx.governance](https://dataplatform.cloud.ibm.com/docs/content/svc-welcome/aiopenscale.html?context=wx)\n- [watsonx Assistant](https://cloud.ibm.com/docs/watson-assistant?topic=watson-assistant-welcome-new-assistant)\n- [watsonx Orchestrate](https://www.ibm.com/docs/en/watsonx/watson-orchestrate/current)\n- [Watson Discovery](https://cloud.ibm.com/docs/discovery-data)\n- [Elasticsearch](https://cloud.ibm.com/docs/databases-for-elasticsearch) Enterprise and Platinum edition\n\nThe supporting services include:\n- [Secrets Manager](https://cloud.ibm.com/docs/secrets-manager)\n- [Key Protect](https://cloud.ibm.com/docs/key-protect)\n- [Security and Compliance Center](https://cloud.ibm.com/docs/security-compliance)\n- [Event Notifications](https://cloud.ibm.com/docs/event-notifications?topic=event-notifications-getting-started)\n- [Logs](https://cloud.ibm.com/docs/cloud-logs)\n- [Monitoring](https://cloud.ibm.com/docs/monitoring?topic=monitoring-getting-started)\n- [Object Storage](https://cloud.ibm.com/docs/cloud-object-storage?topic=cloud-object-storage-getting-started-cloud-object-storage)\n- [Continuous Delivery](https://cloud.ibm.com/docs/ContinuousDelivery) toolchains\n- [Container Registry](https://cloud.ibm.com/docs/Registry)\n\nA [sample RAG application](https://github.com/IBM/gen-ai-rag-watsonx-sample-application) is deployed to [Code Engine](https://cloud.ibm.com/docs/codeengine) or [Red Hat OpenShift](https://cloud.ibm.com/docs/openshift) cluster.\n\nBy leveraging this architecture, you can accelerate your deployment and tailor it to meet your unique business needs and enterprise goals.", + "offering_docs_url": "https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/blob/main/README.md", + "offering_icon_url": "https://globalcatalog.cloud.ibm.com/api/v1/1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc/artifacts/solution.svg", + "provider_name": "IBM", + "features": [ + { + "title": "RAG Pattern", + "description": "Deploy a RAG pattern with supporting IBM Cloud and watsonx services, and a sample application to Code Engine or Red Hat OpenShift using Continuous Delivery." + }, + { + "title": "Implement Security", + "description": "The architecture ensures security by deploying Key Protect and Secrets Manager." + }, + { + "title": "Achieve Regulatory Compliance", + "description": "Ensures regulatory compliance by implementing CI/CD/CC pipelines, along with Security and Compliance Center Workload Protection for continuous compliance." + }, + { + "title": "Ensure Observability", + "description": "Provides observability by deploying services such as Logs and Monitoring for log analysis and tracking activity." + }, + { + "title": "Establish Trust", + "description": "Ensures trust by configuring the IBM Cloud account to align with compliance settings as defined in the Financial Services framework." + } + ], + "support_details": "This product is in the community registry, as such support is handled through the originated repo. If you experience issues please open an issue in that repository [https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/issues](https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/issues). Please note this product is not supported via the IBM Cloud Support Center.", + "flavors": [ + { + "label": "Basic with sample application (Deploy on Code Engine)", + "name": "basic-fully-config", + "index": 1, + "working_directory": "solutions/basic", + "compliance": { + "authority": "scc-v3", + "profiles": [ + { + "profile_name": "AI Security Guardrails 2.0", + "profile_version": "1.1.0" + } + ] + }, + "iam_permissions": [ + { + "service_name": "iam-groups", + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Administrator" + ] + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Manager", + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "cloud-object-storage" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Administrator" + ], + "service_name": "iam-identity" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Writer", + "crn:v1:bluemix:public:iam::::role:Administrator" + ], + "service_name": "atracker" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Manager", + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "kms" + }, + { + "service_name": "sysdig-secure", + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Manager", + "crn:v1:bluemix:public:iam::::role:Editor" + ] + }, + { + "service_name": "apprapp", + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Manager", + "crn:v1:bluemix:public:iam::::role:Editor" + ] + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "pm-20" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "data-science-experience" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "aiopenscale" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "conversation" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "discovery" + }, + { + "service_name": "databases-for-elasticsearch", + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Editor" + ] + }, + { + "service_name": "event-notifications", + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Manager", + "crn:v1:bluemix:public:iam::::role:Editor" + ] + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Writer", + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "codeengine" + } + ], + "architecture": { + "features": [ + { + "title": " ", + "description": "Enables:" + }, + { + "title": "1. Code Engine for containerized and serverless workloads", + "description": " " + }, + { + "title": "2. Elasticsearch Enterprise for building and storing dense vector indexes or keyword search indexes", + "description": " " + }, + { + "title": "3. watsonx.ai in-memory vector store for RAG trial and exploration", + "description": " " + }, + { + "title": "4. watsonx.ai UI to upload documents", + "description": " " + }, + { + "title": "5. watsonx.ai Prompt Lab for inferencing and Prompt Templates", + "description": " " + }, + { + "title": "6. watsonx Assistant Conversational Search with embedded LLM", + "description": " " + }, + { + "title": "7. Build your own data processing, ingestion pipeline and indexes", + "description": " " + } + ], + "diagrams": [ + { + "diagram": { + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-pattern.svg", + "caption": "Reference architecture", + "type": "image/svg+xml", + "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-pattern.svg" + }, + "description": "Reference architecture" + }, + { + "diagram": { + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-stack.svg", + "caption": "Solution components", + "type": "image/svg+xml", + "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-stack.svg" + }, + "description": "Solution components" + } + ] + }, + "configuration": [ + { + "key": "prefix", + "type": "string", + "description": "A prefix added to the name of all resources created by this solution. Used to avoid name clashes in the target account when deploying this solution multiple times.", + "default_value": "rag", + "required": true + }, + { + "key": "ibmcloud_api_key", + "type": "password", + "description": "The API Key used to provision all resources created in this solution.", + "required": true + }, + { + "key": "signing_key", + "type": "password", + "description": "The key used to sign the application image built by the CI pipeline deployed in this solution; please refer to the documentation at https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/blob/main/README.md for generating the key; if not set, all resources will deploy successfully, but the initial CI pipeline execution will fail at the signing step.", + "default_value": "replace", + "required": false, + "custom_config": { + "type": "multiline_secure_value", + "grouping": "deployment", + "original_grouping": "deployment" + } + }, + { + "key": "region", + "type": "string", + "default_value": "us-south", + "description": "The region in which all resources are deployed.", + "required": false, + "options": [ + { + "displayname": "us-south", + "value": "us-south" + }, + { + "displayname": "eu-de", + "value": "eu-de" + } + ] + }, + { + "key": "resource_group_name", + "type": "string", + "default_value": "rag-services", + "description": "The name of the resource group that is created by this solution. The actual name is prefixed with the value of the input 'prefix'. All resources created by this solution are deployed in this resource group.", + "required": false + }, + { + "key": "existing_resource_group_name", + "type": "string", + "default_value": "__NULL__", + "description": "The name of an existing resource group that is used by this solution, takes precedence over resource_group_name. Prefix is NOT used for existing resource group. All resources created by this solution are deployed in this resource group.", + "required": false + }, + { + "key": "watsonx_admin_api_key", + "type": "password", + "description": "The API key used to provision the watson project resources. If not set, the API key used to deploy the solution is used.", + "required": false + }, + { + "key": "secret_manager_service_plan", + "type": "string", + "default_value": "trial", + "description": "The service/pricing plan to use when provisioning a new Secrets Manager instance. Only one trial instance is allowed per account.", + "required": false, + "options": [ + { + "displayname": "Trial", + "value": "trial" + }, + { + "displayname": "Standard", + "value": "standard" + } + ] + }, + { + "key": "key_protect_plan", + "type": "string", + "default_value": "tiered-pricing", + "description": "The service plan of the Key Protect instance that will be provisioned by this solution. Only used if not supplying `existing_kms_instance_crn`. [Learn more](https://cloud.ibm.com/docs/key-protect?topic=key-protect-pricing-plan).", + "required": false, + "options": [ + { + "displayname": "Standard", + "value": "tiered-pricing" + }, + { + "displayname": "Cross-region Resiliency", + "value": "cross-region-resiliency" + } + ] + }, + { + "key": "cloud_monitoring_plan", + "type": "string", + "default_value": "graduated-tier", + "description": "The IBM Cloud Monitoring plan to provision. Available values are `lite` and `graduated-tier` and `graduated-tier-sysdig-secure-plus-monitor` (available in region eu-fr2 only). [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-service_plans)", + "required": false, + "options": [ + { + "displayname": "Lite", + "value": "lite" + }, + { + "displayname": "Graduated Tier", + "value": "graduated-tier" + } + ] + }, + { + "key": "existing_secrets_manager_crn", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing secret manager instance to use in this solution. If not set, a new secret manager instance is provisioned.", + "required": false + }, + { + "key": "skip_iam_authorization_policy", + "display_name": "disable_secrets_manager_iam_credentials_engine", + "type": "boolean", + "default_value": false, + "description": "Whether to skip the creation of the IAM authorization policies required to enable the Secrets Manager IAM credentials engine. If set to false, policies will be created that grants the Secrets Manager instance 'Operator' access to the IAM identity service, and 'Groups Service Member Manage' access to the IAM groups service.", + "required": false + }, + { + "key": "enable_platform_metrics", + "type": "boolean", + "default_value": false, + "description": "Setting this to true will enable platform metrics for the Cloud Monitoring instance. NOTE: You can configure 1 instance only of the IBM Cloud Monitoring service per region to collect platform metrics in that location.", + "required": false + }, + { + "key": "logs_routing_tenant_regions", + "type": "array", + "default_value": [], + "description": "Pass a list of regions to create a tenant that is targeted to the Cloud Logs instance created by this solution. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants.", + "required": false + }, + { + "key": "event_notifications_email_list", + "type": "array", + "default_value": [], + "description": "List of emails to configure event notifications.", + "required": false + }, + { + "key": "app_config_service_plan", + "type": "string", + "default_value": "enterprise", + "description": "The pricing plan to use for the IBM Cloud App Configuration instance.", + "required": false, + "options": [ + { + "displayname": "Basic", + "value": "basic" + }, + { + "displayname": "Standard", + "value": "standardv2" + }, + { + "displayname": "Enterprise", + "value": "enterprise" + } + ] + }, + { + "key": "scc_workload_protection_service_plan", + "type": "string", + "default_value": "graduated-tier", + "description": "The pricing plan to use for the IBM Cloud Security and Compliance Center Workload Protection instance.", + "required": false, + "options": [ + { + "displayname": "Graduated Tier", + "value": "graduated-tier" + }, + { + "displayname": "Free Trial", + "value": "free-trial" + } + ] + }, + { + "key": "enterprise_id", + "type": "string", + "default_value": "__NULL__", + "description": "If the account is an enterprise account and you want to scan sub-accounts for compliance, this value should be set to the enterprise ID (this is different to the account ID).", + "required": false + }, + { + "key": "enterprise_account_group_ids_to_assign", + "type": "array", + "default_value": [ + "all" + ], + "description": "A list of enterprise account group IDs to assign the trusted profile template to in order for the accounts to be scanned for compliance. Supports passing the string 'all' in the list to assign to all account groups. Only applies if a value is being passed for `enterprise_id`.", + "required": false + }, + { + "key": "enterprise_account_ids_to_assign", + "type": "array", + "default_value": [ + "all" + ], + "description": "A list of enterprise account IDs to assign the trusted profile template to in order for the accounts to be scanned. Supports passing the string 'all' in the list to assign to all accounts. Only applies if a value is being passed for `enterprise_id`.", + "required": false + }, + { + "key": "sample_app_git_url", + "type": "string", + "default_value": "https://github.com/IBM/gen-ai-rag-watsonx-sample-application", + "description": "The URL to the public git repository containing the sample rag application code.", + "required": false + }, + { + "key": "existing_kms_instance_crn", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing KMS instance to use in this solution. If not set, a new KP instance is provisioned.", + "required": false + }, + { + "key": "existing_event_notification_instance_crn", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing event notification instance to use in this solution. If not set, a new event notification instance is provisioned.", + "required": false + }, + { + "key": "existing_discovery_instance", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing WatsonX SaaS discovery instance to use in this solution. If not set, a new discovery instance is provisioned depending on which plan is selected.", + "required": false + }, + { + "key": "existing_assistant_instance_crn", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing WatsonX SaaS assistant instance to use in this solution. If not set, a new assistant instance is provisioned depending on which plan is selected.", + "required": false + }, + { + "key": "existing_governance_instance", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing WatsonX SaaS governance instance to use in this solution. If not set, a new governance instance is provisioned depending on which plan is selected.", + "required": false + }, + { + "key": "existing_studio_instance", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing WatsonX SaaS studio instance to use in this solution. If not set, a new studio instance is provisioned depending on which plan is selected.", + "required": false + }, + { + "key": "existing_machine_learning_instance", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing WatsonX SaaS machine learning instance to use in this solution. If not set, a new machine learning instance is provisioned depending on which plan is selected.", + "required": false + }, + { + "key": "existing_elasticsearch_instance_crn", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing elasticsearch instance to use in this solution. If not set, a new elasticsearch instance is provisioned.", + "required": false + } + ], + "outputs": [ + { + "key": "elasticsearch_hostname", + "description": "The hostname of the Elasticsearch instance." + }, + { + "key": "elasticsearch_port", + "description": "The port of the Elasticsearch instance." + }, + { + "key": "elasticsearch_service_credentials_json", + "description": "The service credentials of the Elasticsearch instance." + }, + { + "key": "elasticsearch_crn", + "description": "The CRN of the Elasticsearch instance." + }, + { + "key": "watsonx_project_url", + "description": "The URL to the WatsonX project for the sample RAG application." + }, + { + "key": "watsonx_project_id", + "description": "The ID for the WatsonX project for the sample RAG application." + }, + { + "key": "watson_discovery_api_url", + "description": "The URL to the Watson Discovery API endpoint." + }, + { + "key": "watson_discovery_project_id", + "description": "The ID for the Watson Discovery project for the sample RAG application." + } + ], + "install_type": "fullstack" + }, + { + "label": "Standard (Deploy on Red Hat OpenShift)", + "name": "standard", + "index": 2, + "working_directory": "solutions/standard", + "compliance": { + "authority": "scc-v3", + "profiles": [ + { + "profile_name": "AI Security Guardrails 2.0", + "profile_version": "1.1.0" + } + ] + }, + "iam_permissions": [ + { + "service_name": "iam-groups", + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Administrator" + ] + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Manager", + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "cloud-object-storage" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Administrator", + "crn:v1:bluemix:public:iam-identity::::serviceRole:UserApiKeyCreator" + ], + "service_name": "iam-identity" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Writer", + "crn:v1:bluemix:public:iam::::role:Administrator" + ], + "service_name": "atracker" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Manager", + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "kms" + }, + { + "service_name": "sysdig-secure", + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Manager", + "crn:v1:bluemix:public:iam::::role:Editor" + ] + }, + { + "service_name": "apprapp", + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Manager", + "crn:v1:bluemix:public:iam::::role:Editor" + ] + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "pm-20" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "data-science-experience" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "aiopenscale" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "conversation" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Editor" + ], + "service_name": "discovery" + }, + { + "service_name": "databases-for-elasticsearch", + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Editor" + ] + }, + { + "service_name": "event-notifications", + "role_crns": [ + "crn:v1:bluemix:public:iam::::serviceRole:Manager", + "crn:v1:bluemix:public:iam::::role:Editor" + ] + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Administrator" + ], + "service_name": "containers-kubernetes" + }, + { + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Administrator" + ], + "service_name": "is.vpc" + } + ], + "architecture": { + "features": [ + { + "title": " ", + "description": "Enables:" + }, + { + "title": "1. Red Hat OpenShift cluster for microservices workloads", + "description": " " + }, + { + "title": "2. Elasticsearch Platinum for building and storing sparse vectors, dense vector indexes or keyword search indexes", + "description": " " + }, + { + "title": "i. watsonx.ai use of Elasticsearch ELSER2 vector index for RAG", + "description": " " + }, + { + "title": "ii. watsonx Assistant Conversational Search with UI feature for uploading documents to create or use Elasticsearch ELSER2 vector index for RAG", + "description": " " + }, + { + "title": "3. watsonx.ai in-memory vector store for RAG trial and exploration", + "description": " " + }, + { + "title": "4. watsonx.ai UI to upload documents", + "description": " " + }, + { + "title": "5. watsonx.ai Prompt Lab for inferencing and Prompt Templates", + "description": " " + }, + { + "title": "6. watsonx Assistant Conversational Search with embedded LLM", + "description": " " + }, + { + "title": "7. Build your own data processing, ingestion pipeline and indexes", + "description": " " + } + ], + "diagrams": [ + { + "diagram": { + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-pattern.svg", + "caption": "Reference architecture", + "type": "image/svg+xml", + "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-pattern.svg" + }, + "description": "Reference architecture" + }, + { + "diagram": { + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-stack.svg", + "caption": "Solution components", + "type": "image/svg+xml", + "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-stack.svg" + }, + "description": "Solution components" + } + ] + }, + "configuration": [ + { + "key": "prefix", + "type": "string", + "description": "A prefix added to the name of all resources created by this solution. Must start with a letter, contain only lowercase letters, numbers, or dashes, and be 13 characters or less. Used to avoid name clashes in the target account when deploying this solution multiple times.", + "default_value": "rag", + "required": true + }, + { + "key": "ibmcloud_api_key", + "type": "password", + "description": "The API Key used to provision all resources created in this solution.", + "required": true + }, + { + "key": "signing_key", + "type": "password", + "description": "The key used to sign the application image built by the CI pipeline deployed in this solution; please refer to the documentation at https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/blob/main/README.md for generating the key; if not set, all resources will deploy successfully, but the initial CI pipeline execution will fail at the signing step.", + "default_value": "replace", + "required": false, + "custom_config": { + "type": "multiline_secure_value", + "grouping": "deployment", + "original_grouping": "deployment" + } + }, + { + "key": "region", + "type": "string", + "default_value": "us-south", + "description": "The region in which all resources are deployed.", + "required": false, + "options": [ + { + "displayname": "us-south", + "value": "us-south" + }, + { + "displayname": "eu-de", + "value": "eu-de" + } + ] + }, + { + "key": "resource_group_name", + "type": "string", + "default_value": "rag-services", + "description": "The name of the resource group that is created by this solution. The actual name is prefixed with the value of the input 'prefix'. All resources created by this solution are deployed in this resource group.", + "required": false + }, + { + "key": "existing_resource_group_name", + "type": "string", + "default_value": "__NULL__", + "description": "The name of an existing resource group that is used by this solution, takes precedence over resource_group_name. Prefix is NOT used for existing resource group. All resources created by this solution are deployed in this resource group.", + "required": false + }, + { + "key": "watsonx_admin_api_key", + "type": "password", + "description": "The API key used to provision the watson project resources. If not set, the API key used to deploy the solution is used.", + "required": false + }, + { + "key": "secret_manager_service_plan", + "type": "string", + "default_value": "standard", + "description": "The service/pricing plan to use when provisioning a new Secrets Manager instance. Only one trial instance is allowed per account.", + "required": false, + "options": [ + { + "displayname": "Trial", + "value": "trial" + }, + { + "displayname": "Standard", + "value": "standard" + } + ] + }, + { + "key": "existing_secrets_manager_crn", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing secret manager instance to use in this solution. If not set, a new secret manager instance is provisioned.", + "required": false + }, + { + "key": "skip_iam_authorization_policy", + "display_name": "disable_secrets_manager_iam_credentials_engine", + "type": "boolean", + "default_value": false, + "description": "Whether to skip the creation of the IAM authorization policies required to enable the Secrets Manager IAM credentials engine. If set to false, policies will be created that grants the Secrets Manager instance 'Operator' access to the IAM identity service, and 'Groups Service Member Manage' access to the IAM groups service.", + "required": false + }, + { + "key": "enable_platform_metrics", + "type": "boolean", + "default_value": false, + "description": "Setting this to true will enable platform metrics for the Cloud Monitoring instance. NOTE: You can configure 1 instance only of the IBM Cloud Monitoring service per region to collect platform metrics in that location.", + "required": false + }, + { + "key": "logs_routing_tenant_regions", + "type": "array", + "default_value": [], + "description": "Pass a list of regions to create a tenant that is targeted to the Cloud Logs instance created by this solution. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants.", + "required": false + }, + { + "key": "app_config_service_plan", + "type": "string", + "default_value": "enterprise", + "description": "The pricing plan to use for the IBM Cloud App Configuration instance.", + "required": false, + "options": [ + { + "displayname": "Basic", + "value": "basic" + }, + { + "displayname": "Standard", + "value": "standardv2" + }, + { + "displayname": "Enterprise", + "value": "enterprise" + } + ] + }, + { + "key": "scc_workload_protection_service_plan", + "type": "string", + "default_value": "graduated-tier", + "description": "The pricing plan to use for the IBM Cloud Security and Compliance Center Workload Protection instance.", + "required": false, + "options": [ + { + "displayname": "Graduated Tier", + "value": "graduated-tier" + }, + { + "displayname": "Free Trial", + "value": "free-trial" + } + ] + }, + { + "key": "enterprise_id", + "type": "string", + "default_value": "__NULL__", + "description": "If the account is an enterprise account and you want to scan sub-accounts for compliance, this value should be set to the enterprise ID (this is different to the account ID).", + "required": false + }, + { + "key": "enterprise_account_group_ids_to_assign", + "type": "array", + "default_value": [ + "all" + ], + "description": "A list of enterprise account group IDs to assign the trusted profile template to in order for the accounts to be scanned for compliance. Supports passing the string 'all' in the list to assign to all account groups. Only applies if a value is being passed for `enterprise_id`.", + "required": false + }, + { + "key": "enterprise_account_ids_to_assign", + "type": "array", + "default_value": [ + "all" + ], + "description": "A list of enterprise account IDs to assign the trusted profile template to in order for the accounts to be scanned. Supports passing the string 'all' in the list to assign to all accounts. Only applies if a value is being passed for `enterprise_id`.", + "required": false + }, + { + "key": "app_config_service_plan", + "type": "string", + "default_value": "enterprise", + "description": "The pricing plan to use for the IBM Cloud App Configuration instance.", + "required": false, + "options": [ + { + "displayname": "Basic", + "value": "basic" + }, + { + "displayname": "Standard", + "value": "standardv2" + }, + { + "displayname": "Enterprise", + "value": "enterprise" + } + ] + }, + { + "key": "scc_workload_protection_service_plan", + "type": "string", + "default_value": "graduated-tier", + "description": "The pricing plan to use for the IBM Cloud Security and Compliance Center Workload Protection instance.", + "required": false, + "options": [ + { + "displayname": "Graduated Tier", + "value": "graduated-tier" + }, + { + "displayname": "Free Trial", + "value": "free-trial" + } + ] + }, + { + "key": "enterprise_id", + "type": "string", + "default_value": "__NULL__", + "description": "If the account is an enterprise account and you want to scan sub-accounts for compliance, this value should be set to the enterprise ID (this is different to the account ID).", + "required": false + }, + { + "key": "enterprise_account_group_ids_to_assign", + "type": "array", + "default_value": [ + "all" + ], + "description": "A list of enterprise account group IDs to assign the trusted profile template to in order for the accounts to be scanned for compliance. Supports passing the string 'all' in the list to assign to all account groups. Only applies if a value is being passed for `enterprise_id`.", + "required": false + }, + { + "key": "enterprise_account_ids_to_assign", + "type": "array", + "default_value": [ + "all" + ], + "description": "A list of enterprise account IDs to assign the trusted profile template to in order for the accounts to be scanned. Supports passing the string 'all' in the list to assign to all accounts. Only applies if a value is being passed for `enterprise_id`.", + "required": false + }, + { + "key": "sample_app_git_url", + "type": "string", + "default_value": "https://github.com/IBM/gen-ai-rag-watsonx-sample-application", + "description": "The URL to the public git repository containing the sample rag application code.", + "required": false + }, + { + "key": "existing_kms_instance_crn", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing KMS instance to use in this solution. If not set, a new KP instance is provisioned.", + "required": false + }, + { + "key": "existing_event_notification_instance_crn", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing event notification instance to use in this solution. If not set, a new event notification instance is provisioned.", + "required": false + }, + { + "key": "existing_discovery_instance", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing WatsonX SaaS discovery instance to use in this solution. If not set, a new discovery instance is provisioned depending on which plan is selected.", + "required": false + }, + { + "key": "existing_assistant_instance_crn", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing WatsonX SaaS assistant instance to use in this solution. If not set, a new assistant instance is provisioned depending on which plan is selected.", + "required": false + }, + { + "key": "existing_governance_instance", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing WatsonX SaaS governance instance to use in this solution. If not set, a new governance instance is provisioned depending on which plan is selected.", + "required": false + }, + { + "key": "existing_studio_instance", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing WatsonX SaaS studio instance to use in this solution. If not set, a new studio instance is provisioned depending on which plan is selected.", + "required": false + }, + { + "key": "existing_machine_learning_instance", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing WatsonX SaaS machine learning instance to use in this solution. If not set, a new machine learning instance is provisioned depending on which plan is selected.", + "required": false + }, + { + "key": "existing_elasticsearch_instance_crn", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing elasticsearch instance to use in this solution. If not set, a new elasticsearch instance is provisioned.", + "required": false + } + ], + "outputs": [ + { + "key": "elasticsearch_hostname", + "description": "The hostname of the Elasticsearch instance." + }, + { + "key": "elasticsearch_port", + "description": "The port of the Elasticsearch instance." + }, + { + "key": "elasticsearch_service_credentials_json", + "description": "The service credentials of the Elasticsearch instance." + }, + { + "key": "elasticsearch_crn", + "description": "The CRN of the Elasticsearch instance." + }, + { + "key": "watsonx_project_url", + "description": "The URL to the WatsonX project for the sample RAG application." + }, + { + "key": "watsonx_project_id", + "description": "The ID for the WatsonX project for the sample RAG application." + }, + { + "key": "watson_discovery_api_url", + "description": "The URL to the Watson Discovery API endpoint." + }, + { + "key": "watson_discovery_project_id", + "description": "The ID for the Watson Discovery project for the sample RAG application." + } + ], + "install_type": "fullstack" + } + ] + } + ] } diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index 29500443..e825cf66 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -106,7 +106,7 @@ "hidden": false }, { - "name": "app_config_plan", + "name": "app_config_service_plan", "required": false, "type": "string", "hidden": false, @@ -119,13 +119,6 @@ "hidden": false, "custom_config": {} }, - { - "name": "elasticsearch_plan", - "required": false, - "type": "string", - "hidden": false, - "custom_config": {} - }, { "name": "enterprise_id", "required": false, @@ -186,7 +179,7 @@ ], "members": [ { - "name": "1 - Account Infrastructure Base", + "name": "1 - Account Configuration", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.be71d2f4-262c-4186-9b07-30dc1b1517bb-global", "inputs": [ { @@ -253,7 +246,8 @@ } ] }, - {"name": "2b - Essential Security - Cloud Object Storage", + { + "name": "2b - Essential Security - Cloud Object Storage", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.410e4ac2-fe70-4813-ac27-4f5c460cbb55-global", "inputs": [ { @@ -523,8 +517,8 @@ "value": "ref:../../inputs/prefix" }, { - "name": "app_config_plan", - "value": "ref:../../inputs/app_config_plan" + "name": "app_config_service_plan", + "value": "ref:../../inputs/app_config_service_plan" }, { "name": "enable_config_aggregator", @@ -666,7 +660,7 @@ }, { "name": "plan", - "value": "ref:../../inputs/elasticsearch_plan" + "value": "enterprise" }, { "name": "kms_encryption_enabled", @@ -797,7 +791,7 @@ ] }, { - "name": "6 - Workload - Sample RAG App Configuration", + "name": "6 - Workload - Sample RAG App", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.89b0a04d-4690-4df6-8a7f-e71945053e6b-global", "inputs": [ { From 6cea097dbb02cfc163182d49a9806e8afcf16286 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Wed, 1 Oct 2025 11:24:59 +0100 Subject: [PATCH 12/36] fully configurable --- tests/pr_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/pr_test.go b/tests/pr_test.go index 6a95df02..48cdcfc0 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -134,7 +134,8 @@ func TestProjectsBasicExistingResourcesTest(t *testing.T) { "signing_key": privateKey, "existing_kms_instance_crn": terraform.Output(t, existingTerraformOptions, "kms_instance_crn"), "existing_event_notification_instance_crn": terraform.Output(t, existingTerraformOptions, "event_notification_instance_crn"), - "en_email_list": []string{"GoldenEye.Operations@ibm.com"}, + "event_notifications_email_list": []string{"GoldenEye.Operations@ibm.com"}, + "secrets_manager_secret_groups": []string{}, // Don't create any secret groups in existing instance (The default 'General' group already exists) } err := options.RunProjectsTest() From 24b467e5eab7ce962afb4c2e52af2e222f263798 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Thu, 2 Oct 2025 11:12:36 +0100 Subject: [PATCH 13/36] fully configurable --- ibm_catalog.json | 18 ++++++++-------- solutions/basic/stack_definition.json | 30 +++++++++++++++------------ tests/pr_test.go | 2 +- 3 files changed, 27 insertions(+), 23 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index 589ce89c..107973df 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -352,7 +352,7 @@ "required": false }, { - "key": "skip_iam_authorization_policy", + "key": "skip_secrets_manager_iam_auth_policy", "display_name": "disable_secrets_manager_iam_credentials_engine", "type": "boolean", "default_value": false, @@ -458,14 +458,14 @@ "required": false }, { - "key": "existing_event_notification_instance_crn", + "key": "existing_event_notifications_instance_crn", "type": "string", "default_value": "__NULL__", "description": "The CRN of an existing event notification instance to use in this solution. If not set, a new event notification instance is provisioned.", "required": false }, { - "key": "existing_discovery_instance", + "key": "existing_discovery_instance_crn", "type": "string", "default_value": "__NULL__", "description": "The CRN of an existing WatsonX SaaS discovery instance to use in this solution. If not set, a new discovery instance is provisioned depending on which plan is selected.", @@ -479,14 +479,14 @@ "required": false }, { - "key": "existing_governance_instance", + "key": "existing_governance_instance_crn", "type": "string", "default_value": "__NULL__", "description": "The CRN of an existing WatsonX SaaS governance instance to use in this solution. If not set, a new governance instance is provisioned depending on which plan is selected.", "required": false }, { - "key": "existing_studio_instance", + "key": "existing_studio_instance_crn", "type": "string", "default_value": "__NULL__", "description": "The CRN of an existing WatsonX SaaS studio instance to use in this solution. If not set, a new studio instance is provisioned depending on which plan is selected.", @@ -976,14 +976,14 @@ "required": false }, { - "key": "existing_event_notification_instance_crn", + "key": "existing_event_notifications_instance_crn", "type": "string", "default_value": "__NULL__", "description": "The CRN of an existing event notification instance to use in this solution. If not set, a new event notification instance is provisioned.", "required": false }, { - "key": "existing_discovery_instance", + "key": "existing_discovery_instance_crn", "type": "string", "default_value": "__NULL__", "description": "The CRN of an existing WatsonX SaaS discovery instance to use in this solution. If not set, a new discovery instance is provisioned depending on which plan is selected.", @@ -997,14 +997,14 @@ "required": false }, { - "key": "existing_governance_instance", + "key": "existing_governance_instance_crn", "type": "string", "default_value": "__NULL__", "description": "The CRN of an existing WatsonX SaaS governance instance to use in this solution. If not set, a new governance instance is provisioned depending on which plan is selected.", "required": false }, { - "key": "existing_studio_instance", + "key": "existing_studio_instance_crn", "type": "string", "default_value": "__NULL__", "description": "The CRN of an existing WatsonX SaaS studio instance to use in this solution. If not set, a new studio instance is provisioned depending on which plan is selected.", diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index e825cf66..d3286cb1 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -27,7 +27,7 @@ "custom_config": {} }, { - "name": "skip_iam_authorization_policy", + "name": "skip_secrets_manager_iam_auth_policy", "required": false, "type": "boolean", "hidden": false @@ -88,7 +88,7 @@ "hidden": false }, { - "name": "existing_event_notification_instance_crn", + "name": "existing_event_notifications_instance_crn", "required": false, "type": "string", "hidden": false @@ -141,7 +141,7 @@ "custom_config": {} }, { - "name": "existing_discovery_instance", + "name": "existing_discovery_instance_crn", "required": false, "type": "string", "hidden": false @@ -153,13 +153,13 @@ "hidden": false }, { - "name": "existing_governance_instance", + "name": "existing_governance_instance_crn", "required": false, "type": "string", "hidden": false }, { - "name": "existing_studio_instance", + "name": "existing_studio_instance_crn", "required": false, "type": "string", "hidden": false @@ -186,6 +186,10 @@ "name": "prefix", "value": "ref:../../inputs/prefix" }, + { + "name": "single_resource_group_name", + "value": "ref:../../inputs/existing_resource_group_name" + }, { "name": "security_resource_group_name", "value": "ref:../../inputs/resource_group_name" @@ -372,7 +376,7 @@ }, { "name": "existing_event_notifications_instance_crn", - "value": "ref:../../inputs/existing_event_notification_instance_crn" + "value": "ref:../../inputs/existing_event_notifications_instance_crn" }, { "name": "existing_monitoring_crn", @@ -418,7 +422,7 @@ }, { "name": "existing_studio_instance", - "value": "ref:../../inputs/existing_studio_instance" + "value": "ref:../../inputs/existing_studio_instance_crn" }, { "name": "watson_discovery_plan", @@ -426,7 +430,7 @@ }, { "name": "existing_discovery_instance", - "value": "ref:../../inputs/existing_discovery_instance" + "value": "ref:../../inputs/existing_discovery_instance_crn" }, { "name": "watsonx_assistant_plan", @@ -442,7 +446,7 @@ }, { "name": "existing_governance_instance", - "value": "ref:../../inputs/existing_governance_instance" + "value": "ref:../../inputs/existing_governance_instance_crn" }, { "name": "cos_kms_crn", @@ -596,7 +600,7 @@ }, { "name": "skip_secrets_manager_iam_auth_policy", - "value": "ref:../../inputs/skip_iam_authorization_policy" + "value": "ref:../../inputs/skip_secrets_manager_iam_auth_policy" }, { "name": "service_plan", @@ -919,15 +923,15 @@ "value": "ref:./members/2a - Essential Security - Encryption Key Management/outputs/kms_public_endpoint" }, { - "name": "event_notification_instance_crn", + "name": "event_notifications_instance_crn", "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/crn" }, { - "name": "event_notification_instance_name", + "name": "event_notifications_instance_name", "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/event_notification_instance_name" }, { - "name": "event_notification_instance_guid", + "name": "event_notifications_instance_guid", "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/guid" }, { diff --git a/tests/pr_test.go b/tests/pr_test.go index 48cdcfc0..db586d8c 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -130,7 +130,7 @@ func TestProjectsBasicExistingResourcesTest(t *testing.T) { "ibmcloud_api_key": options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], // always required by the stack "enable_platform_metrics": false, "existing_secrets_manager_crn": terraform.Output(t, existingTerraformOptions, "secrets_manager_instance_crn"), - "skip_iam_authorization_policy": true, // skip as s2s auth policy was already created for existing instance + "skip_secrets_manager_iam_auth_policy": true, // skip as s2s auth policy was already created for existing instance "signing_key": privateKey, "existing_kms_instance_crn": terraform.Output(t, existingTerraformOptions, "kms_instance_crn"), "existing_event_notification_instance_crn": terraform.Output(t, existingTerraformOptions, "event_notification_instance_crn"), From e00c47ad29b062b5c3eb4f2c2fc2b940d0049442 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Thu, 2 Oct 2025 11:30:54 +0100 Subject: [PATCH 14/36] fully configurable --- solutions/basic/stack_definition.json | 38 +++++++++++++-------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index d3286cb1..517500c4 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -230,7 +230,7 @@ "inputs": [ { "name": "existing_resource_group_name", - "value": "ref:../1 - Account Infrastructure Base/outputs/security_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/security_resource_group_name" }, { "name": "region", @@ -260,7 +260,7 @@ }, { "name": "existing_resource_group_name", - "value": "ref:../1 - Account Infrastructure Base/outputs/observability_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" } ] }, @@ -274,7 +274,7 @@ }, { "name": "existing_resource_group_name", - "value": "ref:../1 - Account Infrastructure Base/outputs/observability_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" }, { "name": "prefix", @@ -296,7 +296,7 @@ "inputs": [ { "name": "existing_resource_group_name", - "value": "ref:../1 - Account Infrastructure Base/outputs/workload_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/workload_resource_group_name" }, { "name": "prefix", @@ -318,7 +318,7 @@ "inputs": [ { "name": "existing_resource_group_name", - "value": "ref:../1 - Account Infrastructure Base/outputs/workload_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/workload_resource_group_name" }, { "name": "prefix", @@ -364,7 +364,7 @@ }, { "name": "existing_resource_group_name", - "value": "ref:../1 - Account Infrastructure Base/outputs/observability_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" }, { "name": "region", @@ -394,7 +394,7 @@ }, { "name": "resource_group_name", - "value": "ref:../1 - Account Infrastructure Base/outputs/workload_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/workload_resource_group_name" }, { "name": "location", @@ -480,7 +480,7 @@ }, { "name": "existing_resource_group_name", - "value": "ref:../1 - Account Infrastructure Base/outputs/observability_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" }, { "name": "existing_cos_instance_crn", @@ -510,7 +510,7 @@ "inputs": [ { "name": "existing_resource_group_name", - "value": "ref:../1 - Account Infrastructure Base/outputs/audit_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/audit_resource_group_name" }, { "name": "region", @@ -580,7 +580,7 @@ }, { "name": "existing_resource_group_name", - "value": "ref:../1 - Account Infrastructure Base/outputs/security_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/security_resource_group_name" }, { "name": "region", @@ -618,7 +618,7 @@ "inputs": [ { "name": "existing_resource_group_name", - "value": "ref:../1 - Account Infrastructure Base/outputs/audit_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/audit_resource_group_name" }, { "name": "region", @@ -652,7 +652,7 @@ "inputs": [ { "name": "existing_resource_group_name", - "value": "ref:../../members/1 - Account Infrastructure Base/outputs/workload_resource_group_name" + "value": "ref:../../members/1 - Account Configuration/outputs/workload_resource_group_name" }, { "name": "region", @@ -718,7 +718,7 @@ }, { "name": "toolchain_resource_group", - "value": "ref:../1 - Account Infrastructure Base/outputs/devops_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/devops_resource_group_name" }, { "name": "sm_resource_group", @@ -840,7 +840,7 @@ }, { "name": "toolchain_resource_group", - "value": "ref:../1 - Account Infrastructure Base/outputs/devops_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/devops_resource_group_name" }, { "name": "prefix", @@ -848,7 +848,7 @@ }, { "name": "resource_group_name", - "value": "ref:../1 - Account Infrastructure Base/outputs/devops_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/devops_resource_group_name" }, { "name": "use_existing_resource_group", @@ -896,19 +896,19 @@ }, { "name": "watsonx_project_url", - "value": "ref:./members/6 - Workload - Sample RAG App Configuration/outputs/watsonx_project_url" + "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watsonx_project_url" }, { "name": "watsonx_project_id", - "value": "ref:./members/6 - Workload - Sample RAG App Configuration/outputs/watsonx_project_id" + "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watsonx_project_id" }, { "name": "watson_discovery_api_url", - "value": "ref:./members/6 - Workload - Sample RAG App Configuration/outputs/watson_discovery_api_url" + "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watson_discovery_api_url" }, { "name": "watson_discovery_project_id", - "value": "ref:./members/6 - Workload - Sample RAG App Configuration/outputs/watson_discovery_project_id" + "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watson_discovery_project_id" }, { "name": "kms_instance_crn", From 3e078e7f73d6fed598e7bec07cea5c06d6ce3eef Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Thu, 2 Oct 2025 13:50:12 +0100 Subject: [PATCH 15/36] fully configurable --- solutions/basic/stack_definition.json | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index 517500c4..7e002552 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -340,7 +340,7 @@ "inputs": [ { "name": "existing_cos_instance_crn", - "value": "ref:../../members/2b - Object storage/outputs/cos_instance_id" + "value": "ref:../2b - Object storage/outputs/cos_instance_id" }, { "name": "enable_collecting_failed_events", @@ -380,7 +380,7 @@ }, { "name": "existing_monitoring_crn", - "value": "ref:../../members/2c - Cloud Monitoring/outputs/cloud_monitoring_crn" + "value": "ref:../2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" } ] }, @@ -488,7 +488,7 @@ }, { "name": "existing_monitoring_crn", - "value": "ref:../../members/2c - Cloud Monitoring/outputs/cloud_monitoring_crn" + "value": "ref:../2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" }, { "name": "prefix", @@ -546,11 +546,11 @@ }, { "name": "existing_kms_instance_crn", - "value": "ref:../../members/2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, { "name": "kms_endpoint_url", - "value": "ref:../../members/2a - Essential Security - Encryption Key Management/outputs/kms_private_endpoint" + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_private_endpoint" }, { "name": "enable_event_notifications", @@ -558,11 +558,11 @@ }, { "name": "existing_event_notifications_instance_crn", - "value": "ref:../../members/3a - Essential Security - Event Notifications/outputs/crn" + "value": "ref:../3a - Essential Security - Event Notifications/outputs/crn" }, { "name": "event_notifications_endpoint_url", - "value": "ref:../../members/3a - Essential Security - Event Notifications/outputs/event_notifications_private_endpoint" + "value": "ref:../3a - Essential Security - Event Notifications/outputs/event_notifications_private_endpoint" }, { "name": "event_notifications_email_list", @@ -638,11 +638,11 @@ }, { "name": "app_config_crn", - "value": "ref:../../members/4b - Essential Security - App Configuration/outputs/app_config_crn" + "value": "ref:../4b - Essential Security - App Configuration/outputs/app_config_crn" }, { "name": "existing_monitoring_crn", - "value": "ref:../../members/2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" + "value": "ref:../2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" } ] }, @@ -652,7 +652,7 @@ "inputs": [ { "name": "existing_resource_group_name", - "value": "ref:../../members/1 - Account Configuration/outputs/workload_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/workload_resource_group_name" }, { "name": "region", @@ -672,7 +672,7 @@ }, { "name": "existing_kms_instance_crn", - "value": "ref:../../members/2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, { "name": "kms_endpoint_type", @@ -700,7 +700,7 @@ }, { "name": "existing_secrets_manager_instance_crn", - "value": "ref:../members/4c - Essential Security - Secrets Manager/outputs/secrets_manager_crn" + "value": "ref:../4c - Essential Security - Secrets Manager/outputs/secrets_manager_crn" } ] }, From 01625deabc7f88bb266c363f0c256205384c41a9 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Thu, 2 Oct 2025 14:13:15 +0100 Subject: [PATCH 16/36] fully configurable --- solutions/basic/stack_definition.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index 7e002552..d7012e40 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -340,7 +340,7 @@ "inputs": [ { "name": "existing_cos_instance_crn", - "value": "ref:../2b - Object storage/outputs/cos_instance_id" + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_id" }, { "name": "enable_collecting_failed_events", From ecc32a469b15d88b3fd430c5117d7db2eb916199 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Fri, 3 Oct 2025 16:21:48 +0100 Subject: [PATCH 17/36] fully configurable --- common-dev-assets | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common-dev-assets b/common-dev-assets index 6e39f79e..95eee196 160000 --- a/common-dev-assets +++ b/common-dev-assets @@ -1 +1 @@ -Subproject commit 6e39f79e1389a1ec3bbe57215573e7d4e6dd98f1 +Subproject commit 95eee1969a5ad814bfa2e5a07b03c8ee6b589271 From 33570d4ce0eca29933669be5e8358f8865146e51 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Fri, 3 Oct 2025 16:22:44 +0100 Subject: [PATCH 18/36] fully configurable --- .catalog-onboard-pipeline.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.catalog-onboard-pipeline.yaml b/.catalog-onboard-pipeline.yaml index a57b29f9..efb2f58f 100644 --- a/.catalog-onboard-pipeline.yaml +++ b/.catalog-onboard-pipeline.yaml @@ -6,7 +6,7 @@ offerings: catalog_id: 7df1e4ca-d54c-4fd0-82ce-3d13247308cd offering_id: 5fdd0045-30fc-4013-a8bc-6db9d5447a52 variations: - - name: basic + - name: basic-fully-config mark_ready: false install_type: fullstack format_kind: stack From 916906a2969ff4ad1009f473a0ffae714f109c08 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Fri, 3 Oct 2025 21:51:09 +0100 Subject: [PATCH 19/36] fully configurable --- .catalog-onboard-pipeline.yaml | 2 +- ibm_catalog.json | 47 +- solutions/standard/stack_definition.json | 684 ++++++++++++----------- 3 files changed, 410 insertions(+), 323 deletions(-) diff --git a/.catalog-onboard-pipeline.yaml b/.catalog-onboard-pipeline.yaml index efb2f58f..c22908d2 100644 --- a/.catalog-onboard-pipeline.yaml +++ b/.catalog-onboard-pipeline.yaml @@ -14,7 +14,7 @@ offerings: scc: instance_id: 1c7d5f78-9262-44c3-b779-b28fe4d88c37 region: us-south - - name: standard + - name: standard-fully-config mark_ready: false install_type: fullstack format_kind: stack diff --git a/ibm_catalog.json b/ibm_catalog.json index 107973df..81fa7cd0 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -544,8 +544,8 @@ "install_type": "fullstack" }, { - "label": "Standard (Deploy on Red Hat OpenShift)", - "name": "standard", + "label": "Standard with sample application (Deploy on Red Hat OpenShift)", + "name": "standard-fully-config", "index": 2, "working_directory": "solutions/standard", "compliance": { @@ -806,6 +806,40 @@ } ] }, + { + "key": "key_protect_plan", + "type": "string", + "default_value": "tiered-pricing", + "description": "The service plan of the Key Protect instance that will be provisioned by this solution. Only used if not supplying `existing_kms_instance_crn`. [Learn more](https://cloud.ibm.com/docs/key-protect?topic=key-protect-pricing-plan).", + "required": false, + "options": [ + { + "displayname": "Standard", + "value": "tiered-pricing" + }, + { + "displayname": "Cross-region Resiliency", + "value": "cross-region-resiliency" + } + ] + }, + { + "key": "cloud_monitoring_plan", + "type": "string", + "default_value": "graduated-tier", + "description": "The IBM Cloud Monitoring plan to provision. Available values are `lite` and `graduated-tier` and `graduated-tier-sysdig-secure-plus-monitor` (available in region eu-fr2 only). [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-service_plans)", + "required": false, + "options": [ + { + "displayname": "Lite", + "value": "lite" + }, + { + "displayname": "Graduated Tier", + "value": "graduated-tier" + } + ] + }, { "key": "existing_secrets_manager_crn", "type": "string", @@ -814,7 +848,7 @@ "required": false }, { - "key": "skip_iam_authorization_policy", + "key": "skip_secrets_manager_iam_auth_policy", "display_name": "disable_secrets_manager_iam_credentials_engine", "type": "boolean", "default_value": false, @@ -835,6 +869,13 @@ "description": "Pass a list of regions to create a tenant that is targeted to the Cloud Logs instance created by this solution. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants.", "required": false }, + { + "key": "event_notifications_email_list", + "type": "array", + "default_value": [], + "description": "List of emails to configure event notifications.", + "required": false + }, { "key": "app_config_service_plan", "type": "string", diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index 4ec9e960..7f86115e 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -13,7 +13,21 @@ "hidden": false }, { - "name": "skip_iam_authorization_policy", + "name": "key_protect_plan", + "required": false, + "type": "string", + "hidden": false, + "custom_config": {} + }, + { + "name": "cloud_monitoring_plan", + "required": false, + "type": "string", + "hidden": false, + "custom_config": {} + }, + { + "name": "skip_secrets_manager_iam_auth_policy", "required": false, "type": "boolean", "hidden": false @@ -60,6 +74,13 @@ "type": "string", "hidden": false }, + { + "name": "event_notifications_email_list", + "required": false, + "type": "array", + "hidden": false, + "custom_config": {} + }, { "name": "existing_kms_instance_crn", "required": false, @@ -67,7 +88,7 @@ "hidden": false }, { - "name": "existing_event_notification_instance_crn", + "name": "existing_event_notifications_instance_crn", "required": false, "type": "string", "hidden": false @@ -91,6 +112,7 @@ "hidden": false, "custom_config": {} }, + { "name": "scc_workload_protection_service_plan", "required": false, @@ -120,7 +142,7 @@ "custom_config": {} }, { - "name": "existing_discovery_instance", + "name": "existing_discovery_instance_crn", "required": false, "type": "string", "hidden": false @@ -132,13 +154,13 @@ "hidden": false }, { - "name": "existing_governance_instance", + "name": "existing_governance_instance_crn", "required": false, "type": "string", "hidden": false }, { - "name": "existing_studio_instance", + "name": "existing_studio_instance_crn", "required": false, "type": "string", "hidden": false @@ -158,7 +180,7 @@ ], "members": [ { - "name": "Account Infrastructure Base", + "name": "1 - Account Infrastructure Base", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.be71d2f4-262c-4186-9b07-30dc1b1517bb-global", "inputs": [ { @@ -166,8 +188,8 @@ "value": "ref:../../inputs/prefix" }, { - "name": "region", - "value": "ref:../../inputs/region" + "name": "single_resource_group_name", + "value": "ref:../../inputs/existing_resource_group_name" }, { "name": "security_resource_group_name", @@ -198,125 +220,145 @@ "value": "ref:../../inputs/resource_group_name" }, { - "name": "existing_security_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" - }, + "name": "provision_trusted_profile_projects", + "value": false + } + ] + }, + { + "name": "2a - Essential Security - Encryption Key Management", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.09dab2dd-6383-4257-8cc4-ba5bf567cd5e-global", + "inputs": [ { - "name": "existing_audit_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Configuration/outputs/security_resource_group_name" }, { - "name": "existing_observability_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" + "name": "region", + "value": "ref:../../inputs/region" }, { - "name": "existing_management_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" + "name": "existing_kms_instance_crn", + "value": "ref:../../inputs/existing_kms_instance_crn" }, { - "name": "existing_workload_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" + "name": "prefix", + "value": "ref:../../inputs/prefix" }, { - "name": "existing_edge_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" - }, + "name": "key_protect_plan", + "value": "ref:../../inputs/key_protect_plan" + } + ] + }, + { + "name": "2b - Essential Security - Cloud Object Storage", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.410e4ac2-fe70-4813-ac27-4f5c460cbb55-global", + "inputs": [ { - "name": "existing_devops_resource_group_name", - "value": "ref:../../inputs/existing_resource_group_name" + "name": "prefix", + "value": "ref:../../inputs/prefix" }, { - "name": "provision_trusted_profile_projects", - "value": false + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" } ] }, { - "name": "Essential Security - App Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.c160fa36-fd40-42de-8553-1233e0c5e971-global", + "name": "2c - Essential Security - Cloud Monitoring", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.8028a206-0824-4ad6-af24-b9fb70cce2ac-global", "inputs": [ - { - "name": "existing_resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/audit_resource_group_name" - }, { "name": "region", "value": "ref:../../inputs/region" }, { - "name": "prefix", - "value": "ref:../../inputs/prefix" - }, - { - "name": "app_config_plan", - "value": "ref:../../inputs/app_config_service_plan" - }, - { - "name": "enable_config_aggregator", - "value": true + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" }, { - "name": "config_aggregator_enterprise_id", - "value": "ref:../../inputs/enterprise_id" + "name": "prefix", + "value": "ref:../../inputs/prefix" }, { - "name": "config_aggregator_enterprise_account_group_ids_to_assign", - "value": "ref:../../inputs/enterprise_account_group_ids_to_assign" + "name": "enable_platform_metrics", + "value": "ref:../../inputs/enable_platform_metrics" }, { - "name": "config_aggregator_enterprise_account_ids_to_assign", - "value": "ref:../../inputs/enterprise_account_ids_to_assign" + "name": "cloud_monitoring_plan", + "value": "ref:../../inputs/cloud_monitoring_plan" } ] }, { - "name": "Essential Security - Encryption Key Management", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.93bf5d12-a435-4510-8888-1c32db20b82b-global", + "name": "3a - Essential Security - Event Notifications", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.fa8ebdf4-db44-4e25-9846-9278b516cd73-global", "inputs": [ { - "name": "resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/security_resource_group_name" + "name": "existing_cos_instance_crn", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_id" }, { - "name": "use_existing_resource_group", + "name": "enable_collecting_failed_events", "value": true }, { - "name": "region", - "value": "ref:../../inputs/region" + "name": "kms_encryption_enabled", + "value": true + }, + { + "name": "kms_endpoint_url", + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_private_endpoint" }, { "name": "existing_kms_instance_crn", - "value": "ref:../../inputs/existing_kms_instance_crn" + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" + }, + { + "name": "kms_endpoint_type", + "value": "private" + }, + { + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" + }, + { + "name": "region", + "value": "ref:../../inputs/region" }, { "name": "prefix", "value": "ref:../../inputs/prefix" }, { - "name": "key_protect_instance_name", - "value": "base-security-services-kms" + "name": "existing_event_notifications_instance_crn", + "value": "ref:../../inputs/existing_event_notifications_instance_crn" + }, + { + "name": "existing_monitoring_crn", + "value": "ref:../2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" } ] }, { - "name": "Essential Security - Logging Monitoring Activity Tracker", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.39562a8a-1b92-4342-b990-1944ae583df9-global", + "name": "3b - Gen AI - WatsonX SaaS services", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.7dffb0ba-df27-4f52-b022-3b5ec6350cfc-global", "inputs": [ { - "name": "region", - "value": "ref:../../inputs/region" + "name": "watsonx_admin_api_key", + "value": "ref:../../inputs/watsonx_admin_api_key" }, { - "name": "existing_kms_instance_crn", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "name": "resource_group_name", + "value": "ref:../1 - Account Configuration/outputs/workload_resource_group_name" }, { - "name": "resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/observability_resource_group_name" + "name": "location", + "value": "ref:../../inputs/region" }, { - "name": "prefix", + "name": "resource_prefix", "value": "ref:../../inputs/prefix" }, { @@ -324,160 +366,183 @@ "value": true }, { - "name": "existing_en_instance_crn", - "value": "ref:../Essential Security - Event Notifications/outputs/crn" + "name": "watson_machine_learning_plan", + "value": "v2-standard" }, { - "name": "enable_platform_metrics", - "value": "ref:../../inputs/enable_platform_metrics" + "name": "existing_machine_learning_instance", + "value": "ref:../../inputs/existing_machine_learning_instance" }, { - "name": "logs_routing_tenant_regions", - "value": "ref:../../inputs/logs_routing_tenant_regions" - } - ] - }, - { - "name": "Essential Security - Event Notifications", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b02f9aa4-b40f-41d5-8039-8e87742d756e-global", - "inputs": [ + "name": "watson_studio_plan", + "value": "professional-v1" + }, { - "name": "kms_endpoint_url", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_private_endpoint" + "name": "existing_studio_instance", + "value": "ref:../../inputs/existing_studio_instance_crn" }, { - "name": "existing_kms_instance_crn", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "name": "watson_discovery_plan", + "value": "do not install" }, { - "name": "kms_endpoint_type", - "value": "private" + "name": "existing_discovery_instance", + "value": "ref:../../inputs/existing_discovery_instance_crn" }, { - "name": "resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/observability_resource_group_name" + "name": "watsonx_assistant_plan", + "value": "plus" }, { - "name": "use_existing_resource_group", - "value": true + "name": "existing_assistant_instance", + "value": "ref:../../inputs/existing_assistant_instance_crn" }, { - "name": "region", - "value": "ref:../../inputs/region" + "name": "watsonx_governance_plan", + "value": "do not install" }, { - "name": "prefix", - "value": "ref:../../inputs/prefix" + "name": "existing_governance_instance", + "value": "ref:../../inputs/existing_governance_instance_crn" }, { - "name": "existing_en_instance_crn", - "value": "ref:../../inputs/existing_event_notification_instance_crn" + "name": "cos_kms_crn", + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" + }, + { + "name": "enable_cos_kms_encryption", + "value": true } ] }, { - "name": "Essential Security - Secrets Manager", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.db823650-3010-4482-b807-45145f273553-global", + "name": "3c - Workload - Compute Red Hat OpenShift Container Platform on VPC", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.d165c908-e8e5-470e-b5d4-0c284ec4cf43-global", "inputs": [ { "name": "prefix", "value": "ref:../../inputs/prefix" }, - { - "name": "resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/security_resource_group_name" - }, { "name": "region", "value": "ref:../../inputs/region" }, { - "name": "existing_kms_instance_crn", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "name": "vpcs", + "value": [ + "management", + "workload" + ] }, { - "name": "use_existing_resource_group", - "value": true + "name": "ignore_vpcs_for_cluster_deployment", + "value": [ + "management" + ] }, { - "name": "existing_secrets_manager_crn", - "value": "ref:../../inputs/existing_secrets_manager_crn" + "name": "enable_transit_gateway", + "value": false }, { - "name": "skip_iam_authorization_policy", - "value": "ref:../../inputs/skip_iam_authorization_policy" + "name": "add_atracker_route", + "value": false }, { - "name": "service_plan", - "value": "ref:../../inputs/secret_manager_service_plan" + "name": "existing_kms_instance_name", + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/key_protect_name" }, { - "name": "existing_event_notifications_instance_crn", - "value": "ref:../Essential Security - Event Notifications/outputs/crn" + "name": "existing_kms_resource_group", + "value": "ref:../1 - Account Infrastructure Base/outputs/security_resource_group_name" }, { - "name": "enable_event_notifications", + "name": "existing_kms_endpoint_type", + "value": "private" + }, + { + "name": "existing_cos_instance_name", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_name" + }, + { + "name": "existing_cos_resource_group", + "value": "ref:../1 - Account Infrastructure Base/outputs/observability_resource_group_name" + }, + { + "name": "existing_cos_endpoint_type", + "value": "private" + }, + { + "name": "use_existing_cos_for_vpc_flowlogs", "value": true }, { - "name": "kms_key_ring_name", - "value": "sm-cos-key-ring" + "name": "cluster_zones", + "value": "2" }, { - "name": "kms_key_name", - "value": "sm-cos-key" + "name": "flavor", + "value": "bx2.4x16" }, { - "name": "secrets_manager_instance_name", - "value": "base-security-services-sm" + "name": "workers_per_zone", + "value": 1 } ] }, { - "name": "Essential Security - Security and Compliance Center Workload Protection", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.e436bb10-8b6c-4b3b-b4c5-523929d13686-global", + "name": "4a - Essential Security - Cloud Logs for logging", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.ee855d83-2f87-4d0e-bc0d-66c11ba66902-global", "inputs": [ - { - "name": "existing_resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/audit_resource_group_name" - }, { "name": "region", "value": "ref:../../inputs/region" }, { - "name": "prefix", - "value": "ref:../../inputs/prefix" + "name": "existing_kms_instance_crn", + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, { - "name": "scc_workload_protection_service_plan", - "value": "ref:../../inputs/scc_workload_protection_service_plan" + "name": "kms_encryption_enabled_buckets", + "value": true }, { - "name": "cspm_enabled", - "value": true + "name": "kms_endpoint_type", + "value": "private" }, { - "name": "app_config_crn", - "value": "ref:../../members/Essential Security - App Configuration/outputs/app_config_crn" + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" + }, + { + "name": "existing_cos_instance_crn", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" }, { "name": "existing_monitoring_crn", - "value": "ref:../../members/Essential Security - Logging Monitoring Activity Tracker/outputs/cloud_monitoring_crn" + "value": "ref:../2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "existing_event_notifications_instances", + "value": "ref:../3a - Essential Security - Event Notifications/outputs/crn_list_object" + }, + { + "name": "logs_routing_tenant_regions", + "value": "ref:../../inputs/logs_routing_tenant_regions" } ] }, { - "name": "Gen AI - Databases for Elasticsearch", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.68a66140-e2e8-40ef-be86-c46e6f3442a3-global", + "name": "4b - Essential Security - App Configuration", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.430291dd-8a78-46c2-8d02-e951da977582-global", "inputs": [ { - "name": "use_existing_resource_group", - "value": true - }, - { - "name": "resource_group_name", - "value": "ref:../../members/Account Infrastructure Base/outputs/workload_resource_group_name" + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Configuration/outputs/audit_resource_group_name" }, { "name": "region", @@ -488,202 +553,191 @@ "value": "ref:../../inputs/prefix" }, { - "name": "plan", - "value": "platinum" + "name": "app_config_service_plan", + "value": "ref:../../inputs/app_config_service_plan" + }, + { + "name": "enable_config_aggregator", + "value": true }, { - "name": "elasticsearch_version", - "value": "8.12" + "name": "config_aggregator_enterprise_id", + "value": "ref:../../inputs/enterprise_id" }, { - "name": "existing_kms_instance_crn", - "value": "ref:../../members/Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "name": "config_aggregator_enterprise_account_group_ids_to_assign", + "value": "ref:../../inputs/enterprise_account_group_ids_to_assign" }, { - "name": "kms_endpoint_type", - "value": "private" + "name": "config_aggregator_enterprise_account_ids_to_assign", + "value": "ref:../../inputs/enterprise_account_ids_to_assign" }, { - "name": "member_host_flavor", - "value": "b3c.4x16.encrypted" + "name": "kms_encryption_enabled", + "value": true }, { - "name": "member_cpu_count", - "value": 3 + "name": "existing_kms_instance_crn", + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" + }, + { + "name": "kms_endpoint_url", + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_private_endpoint" }, { - "name": "enable_elser_model", + "name": "enable_event_notifications", "value": true }, { - "name": "elser_model_type", - "value": ".elser_model_2_linux-x86_64" + "name": "existing_event_notifications_instance_crn", + "value": "ref:../3a - Essential Security - Event Notifications/outputs/crn" }, { - "name": "service_credential_names", - "value": { - "elastic_db_admin": "Administrator", - "wxasst_db_user": "Editor", - "toolchain_db_user": "Editor" - } + "name": "event_notifications_endpoint_url", + "value": "ref:../3a - Essential Security - Event Notifications/outputs/event_notifications_private_endpoint" }, { - "name": "existing_db_instance_crn", - "value": "ref:../../inputs/existing_elasticsearch_instance_crn" + "name": "event_notifications_email_list", + "value": "ref:../../inputs/event_notifications_email_list" } ] }, { - "name": "Gen AI - WatsonX SaaS services", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.c784a77d-cf67-4287-9284-a126e4a053a7-global", + "name": "4c - Essential Security - Secrets Manager", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.3d0da0a9-0327-44fc-8796-edf8e0017e25-global", "inputs": [ { - "name": "watsonx_admin_api_key", - "value": "ref:../../inputs/watsonx_admin_api_key" + "name": "prefix", + "value": "ref:../../inputs/prefix" }, { - "name": "resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/workload_resource_group_name" + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Configuration/outputs/security_resource_group_name" }, { - "name": "location", + "name": "region", "value": "ref:../../inputs/region" }, { - "name": "resource_prefix", - "value": "ref:../../inputs/prefix" + "name": "existing_kms_instance_crn", + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, { - "name": "use_existing_resource_group", + "name": "kms_encryption_enabled", "value": true }, { - "name": "watson_machine_learning_plan", - "value": "v2-standard" + "name": "existing_secrets_manager_crn", + "value": "ref:../../inputs/existing_secrets_manager_crn" }, { - "name": "existing_machine_learning_instance", - "value": "ref:../../inputs/existing_machine_learning_instance" + "name": "skip_secrets_manager_iam_auth_policy", + "value": "ref:../../inputs/skip_secrets_manager_iam_auth_policy" }, { - "name": "watson_studio_plan", - "value": "professional-v1" - }, - { - "name": "existing_studio_instance", - "value": "ref:../../inputs/existing_studio_instance" + "name": "service_plan", + "value": "ref:../../inputs/secret_manager_service_plan" }, { - "name": "watson_discovery_plan", - "value": "do not install" - }, + "name": "existing_event_notifications_instance_crn", + "value": "ref:../3a - Essential Security - Event Notifications/outputs/crn" + } + ] + }, + { + "name": "5a - Essential Security - Security and Compliance Center Workload Protection", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b2cd208d-f893-4e44-bc2e-b9997e3a8153-global", + "inputs": [ { - "name": "existing_discovery_instance", - "value": "ref:../../inputs/existing_discovery_instance" + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Configuration/outputs/audit_resource_group_name" }, { - "name": "watsonx_assistant_plan", - "value": "plus" + "name": "region", + "value": "ref:../../inputs/region" }, { - "name": "existing_assistant_instance", - "value": "ref:../../inputs/existing_assistant_instance_crn" + "name": "prefix", + "value": "ref:../../inputs/prefix" }, { - "name": "watsonx_governance_plan", - "value": "do not install" + "name": "scc_workload_protection_service_plan", + "value": "ref:../../inputs/scc_workload_protection_service_plan" }, { - "name": "existing_governance_instance", - "value": "ref:../../inputs/existing_governance_instance" + "name": "cspm_enabled", + "value": true }, { - "name": "cos_kms_crn", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "name": "app_config_crn", + "value": "ref:../4b - Essential Security - App Configuration/outputs/app_config_crn" }, { - "name": "enable_cos_kms_encryption", - "value": true + "name": "existing_monitoring_crn", + "value": "ref:../2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" } ] }, { - "name": "Workload - Compute Red Hat OpenShift Container Platform on VPC", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.c15a99be-f334-4dfe-b1d2-b650ae01c9ca-global", + "name": "5b - Gen AI - Databases for Elasticsearch", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.55d77b5b-6866-4f7c-b216-2bb86d74d5e5-global", "inputs": [ { - "name": "prefix", - "value": "ref:../../inputs/prefix" + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Configuration/outputs/workload_resource_group_name" }, { "name": "region", "value": "ref:../../inputs/region" }, { - "name": "vpcs", - "value": [ - "management", - "workload" - ] - }, - { - "name": "ignore_vpcs_for_cluster_deployment", - "value": [ - "management" - ] - }, - { - "name": "enable_transit_gateway", - "value": false + "name": "prefix", + "value": "ref:../../inputs/prefix" }, { - "name": "add_atracker_route", - "value": false + "name": "plan", + "value": "enterprise" }, { - "name": "existing_kms_instance_name", - "value": "ref:../../members/Essential Security - Encryption Key Management/outputs/key_protect_name" + "name": "kms_encryption_enabled", + "value": true }, { - "name": "existing_kms_resource_group", - "value": "ref:../Account Infrastructure Base/outputs/security_resource_group_name" + "name": "existing_kms_instance_crn", + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, { - "name": "existing_kms_endpoint_type", + "name": "kms_endpoint_type", "value": "private" }, { - "name": "existing_cos_instance_name", - "value": "ref:../Essential Security - Logging Monitoring Activity Tracker/outputs/cos_instance_name" - }, - { - "name": "existing_cos_resource_group", - "value": "ref:../Account Infrastructure Base/outputs/observability_resource_group_name" - }, - { - "name": "existing_cos_endpoint_type", - "value": "private" + "name": "member_host_flavor", + "value": "multitenant" }, { - "name": "use_existing_cos_for_vpc_flowlogs", - "value": true + "name": "member_cpu_count", + "value": 0 }, { - "name": "cluster_zones", - "value": "2" + "name": "service_credential_names", + "value": { + "elastic_db_admin": "Administrator", + "wxasst_db_user": "Editor", + "toolchain_db_user": "Editor" + } }, { - "name": "flavor", - "value": "bx2.4x16" + "name": "existing_elasticsearch_instance_crn", + "value": "ref:../../inputs/existing_elasticsearch_instance_crn" }, { - "name": "workers_per_zone", - "value": 1 + "name": "existing_secrets_manager_instance_crn", + "value": "ref:../4c - Essential Security - Secrets Manager/outputs/secrets_manager_crn" } ] }, { - "name": "Workload - DevSecOps Application Lifecycle Management", + "name": "5c - Workload - DevSecOps Application Lifecycle Management", "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.40c697e5-a339-4bf2-90ed-c598f103c16b-global", "inputs": [ { @@ -696,23 +750,23 @@ }, { "name": "toolchain_resource_group", - "value": "ref:../Account Infrastructure Base/outputs/devops_resource_group_name" + "value": "ref:../1 - Account Infrastructure Base/outputs/devops_resource_group_name" }, { "name": "sm_resource_group", - "value": "ref:../Essential Security - Secrets Manager/outputs/resource_group_name" + "value": "ref:../4c - Essential Security - Secrets Manager/outputs/resource_group_name" }, { "name": "sm_name", - "value": "ref:../Essential Security - Secrets Manager/outputs/secrets_manager_name" + "value": "ref:../4c - Essential Security - Secrets Manager/outputs/secrets_manager_name" }, { "name": "sm_location", - "value": "ref:../Essential Security - Secrets Manager/outputs/secrets_manager_region" + "value": "ref:../4c - Essential Security - Secrets Manager/outputs/secrets_manager_region" }, { "name": "cluster_name", - "value": "ref:../Workload - Compute Red Hat OpenShift Container Platform on VPC/outputs/workload_cluster_name" + "value": "ref:../3c - Workload - Compute Red Hat OpenShift Container Platform on VPC/outputs/workload_cluster_name" }, { "name": "registry_namespace", @@ -769,8 +823,8 @@ ] }, { - "name": "Workload - Sample RAG App Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b1bf8a3d-3d51-4362-a13b-eb528a38c6f3-global", + "name": "6 - Workload - Sample RAG App", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.89b0a04d-4690-4df6-8a7f-e71945053e6b-global", "inputs": [ { "name": "toolchain_region", @@ -790,31 +844,31 @@ }, { "name": "watson_assistant_instance_id", - "value": "ref:../Gen AI - WatsonX SaaS services/outputs/watsonx_assistant_guid" + "value": "ref:../3b - Gen AI - WatsonX SaaS services/outputs/watsonx_assistant_guid" }, { "name": "cd_pipeline_id", - "value": "ref:../Workload - DevSecOps Application Lifecycle Management/outputs/cd_pipeline_id" + "value": "ref:../5c - Workload - DevSecOps Application Lifecycle Management/outputs/cd_pipeline_id" }, { "name": "ci_pipeline_id", - "value": "ref:../Workload - DevSecOps Application Lifecycle Management/outputs/ci_pipeline_id" + "value": "ref:../5c - Workload - DevSecOps Application Lifecycle Management/outputs/ci_pipeline_id" }, { "name": "watson_machine_learning_instance_guid", - "value": "ref:../Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_guid" + "value": "ref:../3b - Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_guid" }, { "name": "watson_machine_learning_instance_resource_name", - "value": "ref:../Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_name" + "value": "ref:../3b - Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_name" }, { "name": "watson_machine_learning_instance_crn", - "value": "ref:../Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_crn" + "value": "ref:../3b - Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_crn" }, { "name": "toolchain_resource_group", - "value": "ref:../Account Infrastructure Base/outputs/devops_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/devops_resource_group_name" }, { "name": "prefix", @@ -822,7 +876,7 @@ }, { "name": "resource_group_name", - "value": "ref:../Account Infrastructure Base/outputs/devops_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/devops_resource_group_name" }, { "name": "use_existing_resource_group", @@ -834,27 +888,19 @@ }, { "name": "secrets_manager_guid", - "value": "ref:../Essential Security - Secrets Manager/outputs/secrets_manager_guid" + "value": "ref:../4c - Essential Security - Secrets Manager/outputs/secrets_manager_guid" }, { "name": "secrets_manager_region", - "value": "ref:../Essential Security - Secrets Manager/outputs/secrets_manager_region" + "value": "ref:../4c - Essential Security - Secrets Manager/outputs/secrets_manager_region" }, { "name": "elastic_instance_crn", - "value": "ref:../Gen AI - Databases for Elasticsearch/outputs/crn" + "value": "ref:../5b - Gen AI - Databases for Elasticsearch/outputs/crn" }, { "name": "cos_kms_crn", - "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn" - }, - { - "name": "cluster_name", - "value": "ref:../Workload - Compute Red Hat OpenShift Container Platform on VPC/outputs/workload_cluster_name" - }, - { - "name": "cluster_zone_count", - "value": "ref:../Workload - Compute Red Hat OpenShift Container Platform on VPC/inputs/cluster_zones" + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" } ] } @@ -862,175 +908,175 @@ "outputs": [ { "name": "elasticsearch_hostname", - "value": "ref:./members/Gen AI - Databases for Elasticsearch/outputs/hostname" + "value": "ref:./members/5b - Gen AI - Databases for Elasticsearch/outputs/hostname" }, { "name": "elasticsearch_port", - "value": "ref:./members/Gen AI - Databases for Elasticsearch/outputs/port" + "value": "ref:./members/5b - Gen AI - Databases for Elasticsearch/outputs/port" }, { "name": "elasticsearch_service_credentials_json", - "value": "ref:./members/Gen AI - Databases for Elasticsearch/outputs/service_credentials_json" + "value": "ref:./members/5b - Gen AI - Databases for Elasticsearch/outputs/service_credentials_json" }, { "name": "elasticsearch_crn", - "value": "ref:./members/Gen AI - Databases for Elasticsearch/outputs/crn" + "value": "ref:./members/5b - Gen AI - Databases for Elasticsearch/outputs/crn" }, { "name": "watsonx_project_url", - "value": "ref:./members/Workload - Sample RAG App Configuration/outputs/watsonx_project_url" + "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watsonx_project_url" }, { "name": "watsonx_project_id", - "value": "ref:./members/Workload - Sample RAG App Configuration/outputs/watsonx_project_id" + "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watsonx_project_id" }, { "name": "watson_discovery_api_url", - "value": "ref:./members/Workload - Sample RAG App Configuration/outputs/watson_discovery_api_url" + "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watson_discovery_api_url" }, { "name": "watson_discovery_project_id", - "value": "ref:./members/Workload - Sample RAG App Configuration/outputs/watson_discovery_project_id" + "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watson_discovery_project_id" }, { "name": "kms_instance_crn", - "value": "ref:./members/Essential Security - Encryption Key Management/outputs/kms_instance_crn" + "value": "ref:./members/2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, { "name": "kms_private_endpoint", - "value": "ref:./members/Essential Security - Encryption Key Management/outputs/kms_private_endpoint" + "value": "ref:./members/2a - Essential Security - Encryption Key Management/outputs/kms_private_endpoint" }, { "name": "kms_public_endpoint", - "value": "ref:./members/Essential Security - Encryption Key Management/outputs/kms_public_endpoint" + "value": "ref:./members/2a - Essential Security - Encryption Key Management/outputs/kms_public_endpoint" }, { "name": "event_notification_instance_crn", - "value": "ref:./members/Essential Security - Event Notifications/outputs/crn" + "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/crn" }, { "name": "event_notification_instance_name", - "value": "ref:./members/Essential Security - Event Notifications/outputs/event_notification_instance_name" + "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/event_notification_instance_name" }, { "name": "event_notification_instance_guid", - "value": "ref:./members/Essential Security - Event Notifications/outputs/guid" + "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/guid" }, { "name": "cloud_logs_crn", - "value": "ref:./members/Essential Security - Logging Monitoring Activity Tracker/outputs/cloud_logs_crn" + "value": "ref:./members/4a - Essential Security - Cloud Logs for logging/outputs/cloud_logs_crn" }, { "name": "cloud_logs_guid", - "value": "ref:./members/Essential Security - Logging Monitoring Activity Tracker/outputs/cloud_logs_guid" + "value": "ref:./members/4a - Essential Security - Cloud Logs for logging/outputs/cloud_logs_guid" }, { "name": "cloud_monitoring_crn", - "value": "ref:./members/Essential Security - Logging Monitoring Activity Tracker/outputs/cloud_monitoring_crn" + "value": "ref:./members/2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" }, { "name": "cloud_monitoring_guid", - "value": "ref:./members/Essential Security - Logging Monitoring Activity Tracker/outputs/cloud_monitoring_guid" + "value": "ref:./members/2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_guid" }, { "name": "secrets_manager_crn", - "value": "ref:./members/Essential Security - Secrets Manager/outputs/secrets_manager_crn" + "value": "ref:./members/4c - Essential Security - Secrets Manager/outputs/secrets_manager_crn" }, { "name": "secrets_manager_guid", - "value": "ref:./members/Essential Security - Secrets Manager/outputs/secrets_manager_guid" + "value": "ref:./members/4c - Essential Security - Secrets Manager/outputs/secrets_manager_guid" }, { "name": "secrets_manager_name", - "value": "ref:./members/Essential Security - Secrets Manager/outputs/secrets_manager_name" + "value": "ref:./members/4c - Essential Security - Secrets Manager/outputs/secrets_manager_name" }, { "name": "app_config_crn", - "value": "ref:./members/Essential Security - App Configuration/outputs/app_config_crn" + "value": "ref:./members/4b - Essential Security - App Configuration/outputs/app_config_crn" }, { "name": "app_config_guid", - "value": "ref:./members/Essential Security - App Configuration/outputs/app_config_guid" + "value": "ref:./members/4b - Essential Security - App Configuration/outputs/app_config_guid" }, { "name": "scc_workload_protection_crn", - "value": "ref:./members/Essential Security - Security and Compliance Center Workload Protection/outputs/crn" + "value": "ref:./members/5a - Essential Security - Security and Compliance Center Workload Protection/outputs/crn" }, { "name": "scc_workload_protection_guid", - "value": "ref:./members/Essential Security - Security and Compliance Center Workload Protection/outputs/guid" + "value": "ref:./members/5a - Essential Security - Security and Compliance Center Workload Protection/outputs/guid" }, { "name": "watson_discovery_crn", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_discovery_crn" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_discovery_crn" }, { "name": "watson_discovery_dashboard_url", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_discovery_dashboard_url" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_discovery_dashboard_url" }, { "name": "watson_machine_learning_crn", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_crn" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_crn" }, { "name": "watson_machine_learning_dashboard_url", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_dashboard_url" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_dashboard_url" }, { "name": "watson_machine_learning_guid", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_guid" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_machine_learning_guid" }, { "name": "watson_studio_crn", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_studio_crn" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_studio_crn" }, { "name": "watson_studio_dashboard_url", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_studio_dashboard_url" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_studio_dashboard_url" }, { "name": "watson_studio_guid", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_studio_guid" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_studio_guid" }, { "name": "watsonx_assistant_crn", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watsonx_assistant_crn" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watsonx_assistant_crn" }, { "name": "watsonx_assistant_dashboard_url", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watsonx_assistant_dashboard_url" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watsonx_assistant_dashboard_url" }, { "name": "watsonx_data_crn", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watsonx_data_crn" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watsonx_data_crn" }, { "name": "watsonx_data_dashboard_url", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watsonx_data_dashboard_url" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watsonx_data_dashboard_url" }, { "name": "watsonx_data_guid", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watsonx_data_guid" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watsonx_data_guid" }, { "name": "watson_discovery_guid", - "value": "ref:./members/Gen AI - WatsonX SaaS services/outputs/watson_discovery_guid" + "value": "ref:./members/3b - Gen AI - WatsonX SaaS services/outputs/watson_discovery_guid" }, { "name": "workload_cluster_name", - "value": "ref:./members/Workload - Compute Red Hat OpenShift Container Platform on VPC/outputs/workload_cluster_name" + "value": "ref:./members/3c - Workload - Compute Red Hat OpenShift Container Platform on VPC/outputs/workload_cluster_name" }, { "name": "workload_cluster_id", - "value": "ref:./members/Workload - Compute Red Hat OpenShift Container Platform on VPC/outputs/workload_cluster_id" + "value": "ref:./members/3c - Workload - Compute Red Hat OpenShift Container Platform on VPC/outputs/workload_cluster_id" }, { "name": "workload_cluster_private_service_endpoint_url", - "value": "ref:./members/Workload - Compute Red Hat OpenShift Container Platform on VPC/outputs/workload_cluster_private_service_endpoint_url" + "value": "ref:./members/3c - Workload - Compute Red Hat OpenShift Container Platform on VPC/outputs/workload_cluster_private_service_endpoint_url" }, { "name": "workload_cluster_public_service_endpoint_url", - "value": "ref:./members/Workload - Compute Red Hat OpenShift Container Platform on VPC/outputs/workload_cluster_public_service_endpoint_url" + "value": "ref:./members/3c - Workload - Compute Red Hat OpenShift Container Platform on VPC/outputs/workload_cluster_public_service_endpoint_url" } ] } From b97dc290f1843919ddc3f15262eefaf5eced77d9 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Fri, 3 Oct 2025 22:08:37 +0100 Subject: [PATCH 20/36] fully configurable --- solutions/standard/stack_definition.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index 7f86115e..d2fda9a1 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -180,7 +180,7 @@ ], "members": [ { - "name": "1 - Account Infrastructure Base", + "name": "1 - Account Configuration", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.be71d2f4-262c-4186-9b07-30dc1b1517bb-global", "inputs": [ { @@ -454,7 +454,7 @@ }, { "name": "existing_kms_resource_group", - "value": "ref:../1 - Account Infrastructure Base/outputs/security_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/security_resource_group_name" }, { "name": "existing_kms_endpoint_type", @@ -466,7 +466,7 @@ }, { "name": "existing_cos_resource_group", - "value": "ref:../1 - Account Infrastructure Base/outputs/observability_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" }, { "name": "existing_cos_endpoint_type", @@ -750,7 +750,7 @@ }, { "name": "toolchain_resource_group", - "value": "ref:../1 - Account Infrastructure Base/outputs/devops_resource_group_name" + "value": "ref:../1 - Account Configuration/outputs/devops_resource_group_name" }, { "name": "sm_resource_group", From d98dd4ddad7f32075a0196ef2755f65c83bc6a02 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Mon, 6 Oct 2025 09:08:51 +0100 Subject: [PATCH 21/36] fully configurable --- solutions/basic/stack_definition.json | 4 ++++ solutions/standard/stack_definition.json | 4 ++++ tests/pr_test.go | 1 + 3 files changed, 9 insertions(+) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index d7012e40..5a6aafdf 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -658,6 +658,10 @@ "name": "region", "value": "ref:../../inputs/region" }, + { + "name": "deletion_protection", + "value": false + }, { "name": "prefix", "value": "ref:../../inputs/prefix" diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index d2fda9a1..0936dcd5 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -690,6 +690,10 @@ "name": "region", "value": "ref:../../inputs/region" }, + { + "name": "deletion_protection", + "value": false + }, { "name": "prefix", "value": "ref:../../inputs/prefix" diff --git a/tests/pr_test.go b/tests/pr_test.go index db586d8c..f4dd5848 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -136,6 +136,7 @@ func TestProjectsBasicExistingResourcesTest(t *testing.T) { "existing_event_notification_instance_crn": terraform.Output(t, existingTerraformOptions, "event_notification_instance_crn"), "event_notifications_email_list": []string{"GoldenEye.Operations@ibm.com"}, "secrets_manager_secret_groups": []string{}, // Don't create any secret groups in existing instance (The default 'General' group already exists) + } err := options.RunProjectsTest() From 49365e2555863e65cd027870bfd9f5cf16ec2b82 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Mon, 6 Oct 2025 10:43:04 +0100 Subject: [PATCH 22/36] fully configurable --- ibm_catalog.json | 202 ++++++++++++++++++++++- solutions/basic/stack_definition.json | 115 ++++++++++++- solutions/standard/stack_definition.json | 131 +++++++++++++-- tests/pr_test.go | 51 +++--- tests/resources/main.tf | 14 -- tests/resources/outputs.tf | 9 +- 6 files changed, 449 insertions(+), 73 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index 81fa7cd0..5a8b416b 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -234,8 +234,8 @@ { "key": "prefix", "type": "string", + "default_value": "__NOT_SET__", "description": "A prefix added to the name of all resources created by this solution. Used to avoid name clashes in the target account when deploying this solution multiple times.", - "default_value": "rag", "required": true }, { @@ -285,7 +285,15 @@ "type": "string", "default_value": "__NULL__", "description": "The name of an existing resource group that is used by this solution, takes precedence over resource_group_name. Prefix is NOT used for existing resource group. All resources created by this solution are deployed in this resource group.", - "required": false + "required": false, + "custom_config": { + "type": "resource_group", + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "identifier": "rg_name" + } + } }, { "key": "watsonx_admin_api_key", @@ -294,7 +302,7 @@ "required": false }, { - "key": "secret_manager_service_plan", + "key": "secrets_manager_service_plan", "type": "string", "default_value": "trial", "description": "The service/pricing plan to use when provisioning a new Secrets Manager instance. Only one trial instance is allowed per account.", @@ -327,11 +335,22 @@ } ] }, + { + "key": "secrets_manager_secret_groups", + "type": "array", + "default_value": "[\n {\n secret_group_name = \"General\"\n secret_group_description = \"A general purpose secrets group with an associated access group which has a secrets reader role\"\n create_access_group = true\n access_group_name = \"general-secrets-group-access-group\"\n access_group_roles = [\"SecretsReader\"]\n }\n ]", + "description": "Secret Manager secret group and access group configurations. If a prefix input variable is specified, it is added to the `access_group_name` value in the `-value` format. If you do not wish to create any groups, set the value to `[]`. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-secrets-manager/tree/main/solutions/fully-configurable/provisioning_secrets_groups.md).", + "custom_config": { + "type": "code_editor", + "grouping": "deployment", + "original_grouping": "deployment" + } + }, { "key": "cloud_monitoring_plan", "type": "string", "default_value": "graduated-tier", - "description": "The IBM Cloud Monitoring plan to provision. Available values are `lite` and `graduated-tier` and `graduated-tier-sysdig-secure-plus-monitor` (available in region eu-fr2 only). [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-service_plans)", + "description": "The IBM Cloud Monitoring plan to provision. Available values are `lite` and `graduated-tier`. [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-service_plans)", "required": false, "options": [ { @@ -730,8 +749,8 @@ { "key": "prefix", "type": "string", + "default_value": "__NOT_SET__", "description": "A prefix added to the name of all resources created by this solution. Must start with a letter, contain only lowercase letters, numbers, or dashes, and be 13 characters or less. Used to avoid name clashes in the target account when deploying this solution multiple times.", - "default_value": "rag", "required": true }, { @@ -781,7 +800,15 @@ "type": "string", "default_value": "__NULL__", "description": "The name of an existing resource group that is used by this solution, takes precedence over resource_group_name. Prefix is NOT used for existing resource group. All resources created by this solution are deployed in this resource group.", - "required": false + "required": false, + "custom_config": { + "type": "resource_group", + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "identifier": "rg_name" + } + } }, { "key": "watsonx_admin_api_key", @@ -790,7 +817,7 @@ "required": false }, { - "key": "secret_manager_service_plan", + "key": "secrets_manager_service_plan", "type": "string", "default_value": "standard", "description": "The service/pricing plan to use when provisioning a new Secrets Manager instance. Only one trial instance is allowed per account.", @@ -806,6 +833,17 @@ } ] }, + { + "key": "secrets_manager_secret_groups", + "type": "array", + "default_value": "[\n {\n secret_group_name = \"General\"\n secret_group_description = \"A general purpose secrets group with an associated access group which has a secrets reader role\"\n create_access_group = true\n access_group_name = \"general-secrets-group-access-group\"\n access_group_roles = [\"SecretsReader\"]\n }\n ]", + "description": "Secret Manager secret group and access group configurations. If a prefix input variable is specified, it is added to the `access_group_name` value in the `-value` format. If you do not wish to create any groups, set the value to `[]`. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-secrets-manager/tree/main/solutions/fully-configurable/provisioning_secrets_groups.md).", + "custom_config": { + "type": "code_editor", + "grouping": "deployment", + "original_grouping": "deployment" + } + }, { "key": "key_protect_plan", "type": "string", @@ -827,7 +865,7 @@ "key": "cloud_monitoring_plan", "type": "string", "default_value": "graduated-tier", - "description": "The IBM Cloud Monitoring plan to provision. Available values are `lite` and `graduated-tier` and `graduated-tier-sysdig-secure-plus-monitor` (available in region eu-fr2 only). [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-service_plans)", + "description": "The IBM Cloud Monitoring plan to provision. Available values are `lite` and `graduated-tier`. [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-service_plans)", "required": false, "options": [ { @@ -1098,6 +1136,154 @@ { "key": "watson_discovery_project_id", "description": "The ID for the Watson Discovery project for the sample RAG application." + }, + { + "key": "kms_instance_crn", + "description": "The CRN of the Hyper Protect Crypto Service instance or Key Protect instance" + }, + { + "key": "kms_private_endpoint", + "description": "Key Management Service instance private endpoint URL." + }, + { + "key": "kms_public_endpoint", + "description": "Key Management Service instance public endpoint URL." + }, + { + "key": "event_notifications_instance_crn", + "description": "Event Notifications crn" + }, + { + "key": "event_notifications_instance_name", + "description": "Event Notifications name" + }, + { + "key": "event_notifications_instance_guid", + "description": "Event Notifications guid" + }, + { + "key": "cloud_logs_for_logging_crn", + "description": "The id of the provisioned IBM Cloud Logs for logging instance." + }, + { + "key": "cloud_logs_for_logging_guid", + "description": "The guid of the provisioned IBM Cloud Logs for logging instance." + }, + { + "key": "cloud_logs_for_activity_tracking_crn", + "description": "The id of the provisioned IBM Cloud Logs for activity tracking instance." + }, + { + "key": "cloud_logs_for_activity_tracking_guid", + "description": "The guid of the provisioned IBM Cloud Logs for activity tracking instance." + }, + { + "key": "cloud_monitoring_crn", + "description": "The id of the provisioned IBM cloud monitoring instance." + }, + { + "key": "cloud_monitoring_guid", + "description": "The guid of the provisioned IBM cloud monitoring instance." + }, + { + "key": "secrets_manager_crn", + "description": "CRN of the Secrets Manager instance" + }, + { + "key": "secrets_manager_guid", + "description": "GUID of Secrets Manager instance" + }, + { + "key": "secrets_manager_name", + "description": "Name of the Secrets Manager instance" + }, + { + "key": "app_config_crn", + "description": "CRN of the App Configuration instance" + }, + { + "key": "app_config_guid", + "description": "GUID of the App Configuration instance" + }, + { + "key": "scc_workload_protection_crn", + "description": "SCC Workload Protection instance CRN" + }, + { + "key": "scc_workload_protection_guid", + "description": "SCC Workload Protection instance ID" + }, + { + "key": "watson_discovery_crn", + "description": "The CRN of the Watson Discovery instance." + }, + { + "key": "watson_discovery_dashboard_url", + "description": "The dashboard URL of the Watson Discovery instance." + }, + { + "key": "watson_machine_learning_crn", + "description": "The CRN of the Watson Machine Learning instance." + }, + { + "key": "watson_machine_learning_dashboard_url", + "description": "The dashboard URL of the Watson Machine Learning instance." + }, + { + "key": "watson_machine_learning_guid", + "description": "The GUID of the Watson Machine Learning instance." + }, + { + "key": "watson_studio_crn", + "description": "The CRN of the Watson Studio instance." + }, + { + "key": "watson_studio_dashboard_url", + "description": "The dashboard URL of the Watson Studio instance." + }, + { + "key": "watson_studio_guid", + "description": "The GUID of the Watson Studio instance." + }, + { + "key": "watsonx_assistant_crn", + "description": "The CRN of the watsonx Assistant instance." + }, + { + "key": "watsonx_assistant_dashboard_url", + "description": "The dashboard URL of the watsonx Assistant instance." + }, + { + "key": "watsonx_data_crn", + "description": "The CRN of the watsonx.data instance." + }, + { + "key": "watsonx_data_dashboard_url", + "description": "The dashboard URL of the watsonx.data instance." + }, + { + "key": "watsonx_data_guid", + "description": "The GUID of the watsonx.data instance." + }, + { + "key": "watson_discovery_guid", + "description": "The GUID of the Watson Discovery instance." + }, + { + "key": "workload_cluster_name", + "description": "The name of the workload cluster. If the cluster name does not exactly match the prefix-workload-cluster pattern it will be null." + }, + { + "key": "workload_cluster_id", + "description": "The id of the workload cluster. If the cluster name does not exactly match the prefix-workload-cluster pattern it will be null." + }, + { + "key": "workload_cluster_private_service_endpoint_url", + "description": "The private service endpoint URL of the Workload cluster, if not then null." + }, + { + "key": "workload_cluster_public_service_endpoint_url", + "description": "The public service endpoint URL of the Workload cluster, if not then null." } ], "install_type": "fullstack" diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index 5a6aafdf..175e86b3 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -7,7 +7,7 @@ "hidden": false }, { - "name": "secret_manager_service_plan", + "name": "secrets_manager_service_plan", "required": false, "type": "string", "hidden": false @@ -26,6 +26,13 @@ "hidden": false, "custom_config": {} }, + { + "name": "secrets_manager_secret_groups", + "required": false, + "type": "array", + "hidden": false, + "custom_config": {} + }, { "name": "skip_secrets_manager_iam_auth_policy", "required": false, @@ -602,9 +609,13 @@ "name": "skip_secrets_manager_iam_auth_policy", "value": "ref:../../inputs/skip_secrets_manager_iam_auth_policy" }, + { + "name": "secret_groups", + "value": "ref:../../inputs/secrets_manager_secret_groups" + }, { "name": "service_plan", - "value": "ref:../../inputs/secret_manager_service_plan" + "value": "ref:../../inputs/secrets_manager_service_plan" }, { "name": "existing_event_notifications_instance_crn", @@ -612,6 +623,52 @@ } ] }, + { + "name": "4d - Essential Security - Cloud Logs for activity tracking", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.ee855d83-2f87-4d0e-bc0d-66c11ba66902-global", + "inputs": [ + { + "name": "region", + "value": "ref:../../inputs/region" + }, + { + "name": "existing_kms_instance_crn", + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" + }, + { + "name": "kms_encryption_enabled_buckets", + "value": true + }, + { + "name": "kms_endpoint_type", + "value": "private" + }, + { + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" + }, + { + "name": "existing_cos_instance_crn", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" + }, + { + "name": "existing_monitoring_crn", + "value": "ref:../2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "existing_event_notifications_instances", + "value": "ref:../3a - Essential Security - Event Notifications/outputs/crn_list_object" + }, + { + "name": "logs_routing_tenant_regions", + "value": "ref:../../inputs/logs_routing_tenant_regions" + } + ] + }, { "name": "5a - Essential Security - Security and Compliance Center Workload Protection", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b2cd208d-f893-4e44-bc2e-b9997e3a8153-global", @@ -670,6 +727,10 @@ "name": "plan", "value": "enterprise" }, + { + "name": "elasticsearch_version", + "value": "8.15" + }, { "name": "kms_encryption_enabled", "value": true @@ -798,6 +859,44 @@ } ] }, + { + "name": "5d - Essential Security - Activity Tracker Event Routing", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.6cec6dd7-d4e4-4bec-8f94-da26611d42a5-global", + "inputs": [ + { + "name": "region", + "value": "ref:../../inputs/region" + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "existing_kms_instance_crn", + "value": "ref:../../members/2a - Key management/outputs/kms_instance_crn" + }, + { + "name": "kms_encryption_enabled_buckets", + "value": true + }, + { + "name": "kms_endpoint_type", + "value": "private" + }, + { + "name": "existing_cos_instance_crn", + "value": "ref:../../members/2b - Object storage/outputs/cos_instance_crn" + }, + { + "name": "existing_cloud_logs_instance_crn", + "value": "ref:../../members/4d - Cloud Logs for activity tracking/outputs/cloud_logs_crn" + }, + { + "name": "enable_activity_tracker_event_routing_to_cos_bucket", + "value": true + } + ] + }, { "name": "6 - Workload - Sample RAG App", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.89b0a04d-4690-4df6-8a7f-e71945053e6b-global", @@ -939,13 +1038,21 @@ "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/guid" }, { - "name": "cloud_logs_crn", + "name": "cloud_logs_for_logging_crn", "value": "ref:./members/4a - Essential Security - Cloud Logs for logging/outputs/cloud_logs_crn" }, { - "name": "cloud_logs_guid", + "name": "cloud_logs_for_logging_guid", "value": "ref:./members/4a - Essential Security - Cloud Logs for logging/outputs/cloud_logs_guid" }, + { + "name": "cloud_logs_for_activity_tracking_crn", + "value": "ref:./members/4d - Essential Security - Cloud Logs for activity tracking/outputs/cloud_logs_crn" + }, + { + "name": "cloud_logs_for_activity_tracking_guid", + "value": "ref:./members/4d - Essential Security - Cloud Logs for activity tracking/outputs/cloud_logs_guid" + }, { "name": "cloud_monitoring_crn", "value": "ref:./members/2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index 0936dcd5..2a110a41 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -7,7 +7,7 @@ "hidden": false }, { - "name": "secret_manager_service_plan", + "name": "secrets_manager_service_plan", "required": false, "type": "string", "hidden": false @@ -62,6 +62,13 @@ "type": "string", "hidden": false }, + { + "name": "secrets_manager_secret_groups", + "required": false, + "type": "array", + "hidden": false, + "custom_config": {} + }, { "name": "signing_key", "required": false, @@ -466,11 +473,7 @@ }, { "name": "existing_cos_resource_group", - "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" - }, - { - "name": "existing_cos_endpoint_type", - "value": "private" + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/resource_group_name" }, { "name": "use_existing_cos_for_vpc_flowlogs", @@ -636,7 +639,11 @@ }, { "name": "service_plan", - "value": "ref:../../inputs/secret_manager_service_plan" + "value": "ref:../../inputs/secrets_manager_service_plan" + }, + { + "name": "secret_groups", + "value": "ref:../../inputs/secrets_manager_secret_groups" }, { "name": "existing_event_notifications_instance_crn", @@ -644,6 +651,52 @@ } ] }, + { + "name": "4d - Essential Security - Cloud Logs for activity tracking", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.ee855d83-2f87-4d0e-bc0d-66c11ba66902-global", + "inputs": [ + { + "name": "region", + "value": "ref:../../inputs/region" + }, + { + "name": "existing_kms_instance_crn", + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" + }, + { + "name": "kms_encryption_enabled_buckets", + "value": true + }, + { + "name": "kms_endpoint_type", + "value": "private" + }, + { + "name": "existing_resource_group_name", + "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" + }, + { + "name": "existing_cos_instance_crn", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" + }, + { + "name": "existing_monitoring_crn", + "value": "ref:../2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "existing_event_notifications_instances", + "value": "ref:../3a - Essential Security - Event Notifications/outputs/crn_list_object" + }, + { + "name": "logs_routing_tenant_regions", + "value": "ref:../../inputs/logs_routing_tenant_regions" + } + ] + }, { "name": "5a - Essential Security - Security and Compliance Center Workload Protection", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b2cd208d-f893-4e44-bc2e-b9997e3a8153-global", @@ -702,6 +755,10 @@ "name": "plan", "value": "enterprise" }, + { + "name": "elasticsearch_version", + "value": "8.15" + }, { "name": "kms_encryption_enabled", "value": true @@ -826,6 +883,44 @@ } ] }, + { + "name": "5d - Essential Security - Activity Tracker Event Routing", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.6cec6dd7-d4e4-4bec-8f94-da26611d42a5-global", + "inputs": [ + { + "name": "region", + "value": "ref:../../inputs/region" + }, + { + "name": "prefix", + "value": "ref:../../inputs/prefix" + }, + { + "name": "existing_kms_instance_crn", + "value": "ref:../../members/2a - Key management/outputs/kms_instance_crn" + }, + { + "name": "kms_encryption_enabled_buckets", + "value": true + }, + { + "name": "kms_endpoint_type", + "value": "private" + }, + { + "name": "existing_cos_instance_crn", + "value": "ref:../../members/2b - Object storage/outputs/cos_instance_crn" + }, + { + "name": "existing_cloud_logs_instance_crn", + "value": "ref:../../members/4d - Cloud Logs for activity tracking/outputs/cloud_logs_crn" + }, + { + "name": "enable_activity_tracker_event_routing_to_cos_bucket", + "value": true + } + ] + }, { "name": "6 - Workload - Sample RAG App", "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.89b0a04d-4690-4df6-8a7f-e71945053e6b-global", @@ -955,25 +1050,33 @@ "value": "ref:./members/2a - Essential Security - Encryption Key Management/outputs/kms_public_endpoint" }, { - "name": "event_notification_instance_crn", + "name": "event_notifications_instance_crn", "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/crn" }, { - "name": "event_notification_instance_name", + "name": "event_notifications_instance_name", "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/event_notification_instance_name" }, { - "name": "event_notification_instance_guid", + "name": "event_notifications_instance_guid", "value": "ref:./members/3a - Essential Security - Event Notifications/outputs/guid" }, { - "name": "cloud_logs_crn", + "name": "cloud_logs_for_logging_crn", "value": "ref:./members/4a - Essential Security - Cloud Logs for logging/outputs/cloud_logs_crn" }, { - "name": "cloud_logs_guid", + "name": "cloud_logs_for_logging_guid", "value": "ref:./members/4a - Essential Security - Cloud Logs for logging/outputs/cloud_logs_guid" }, + { + "name": "cloud_logs_for_activity_tracking_crn", + "value": "ref:./members/4d - Essential Security - Cloud Logs for activity tracking/outputs/cloud_logs_crn" + }, + { + "name": "cloud_logs_for_activity_tracking_guid", + "value": "ref:./members/4d - Essential Security - Cloud Logs for activity tracking/outputs/cloud_logs_guid" + }, { "name": "cloud_monitoring_crn", "value": "ref:./members/2c - Essential Security - Cloud Monitoring/outputs/cloud_monitoring_crn" @@ -1004,11 +1107,11 @@ }, { "name": "scc_workload_protection_crn", - "value": "ref:./members/5a - Essential Security - Security and Compliance Center Workload Protection/outputs/crn" + "value": "ref:./members/5a - Essential Security - Security and Compliance Center Workload Protection/outputs/scc_workload_protection_crn" }, { "name": "scc_workload_protection_guid", - "value": "ref:./members/5a - Essential Security - Security and Compliance Center Workload Protection/outputs/guid" + "value": "ref:./members/5a - Essential Security - Security and Compliance Center Workload Protection/outputs/scc_workload_protection_id" }, { "name": "watson_discovery_crn", diff --git a/tests/pr_test.go b/tests/pr_test.go index f4dd5848..782309fd 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -58,12 +58,12 @@ func TestProjectsBasicFullTest(t *testing.T) { t.Fatal(kerr) } options.StackInputs = map[string]interface{}{ - "resource_group_name": options.ResourceGroup, - "region": validRegions[rand.Intn(len(validRegions))], - "ibmcloud_api_key": options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], - "prefix": options.Prefix, - "signing_key": privateKey, - "secret_manager_service_plan": "trial", + "resource_group_name": options.ResourceGroup, + "region": validRegions[rand.Intn(len(validRegions))], + "ibmcloud_api_key": options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], + "prefix": options.Prefix, + "signing_key": privateKey, + "secrets_manager_service_plan": "trial", } err := options.RunProjectsTest() @@ -78,7 +78,7 @@ func TestProjectsBasicExistingResourcesTest(t *testing.T) { t.Parallel() // ------------------------------------------------------------------------------------ - // Provision RG, EN and SM + // Provision RG, EN and KMS // ------------------------------------------------------------------------------------ prefix := fmt.Sprintf("ragext-%s", strings.ToLower(random.UniqueId())) @@ -124,19 +124,18 @@ func TestProjectsBasicExistingResourcesTest(t *testing.T) { } options.StackInputs = map[string]interface{}{ - "prefix": terraform.Output(t, existingTerraformOptions, "prefix"), - "region": terraform.Output(t, existingTerraformOptions, "region"), - "existing_resource_group_name": terraform.Output(t, existingTerraformOptions, "resource_group_name"), - "ibmcloud_api_key": options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], // always required by the stack - "enable_platform_metrics": false, - "existing_secrets_manager_crn": terraform.Output(t, existingTerraformOptions, "secrets_manager_instance_crn"), - "skip_secrets_manager_iam_auth_policy": true, // skip as s2s auth policy was already created for existing instance - "signing_key": privateKey, - "existing_kms_instance_crn": terraform.Output(t, existingTerraformOptions, "kms_instance_crn"), - "existing_event_notification_instance_crn": terraform.Output(t, existingTerraformOptions, "event_notification_instance_crn"), - "event_notifications_email_list": []string{"GoldenEye.Operations@ibm.com"}, - "secrets_manager_secret_groups": []string{}, // Don't create any secret groups in existing instance (The default 'General' group already exists) - + "prefix": terraform.Output(t, existingTerraformOptions, "prefix"), + "region": terraform.Output(t, existingTerraformOptions, "region"), + "existing_resource_group_name": terraform.Output(t, existingTerraformOptions, "resource_group_name"), + "ibmcloud_api_key": options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], // always required by the stack + "enable_platform_metrics": false, + "existing_secrets_manager_crn": permanentResources["privateOnlySecMgrCRN"], + "skip_secrets_manager_iam_auth_policy": true, // skip as s2s auth policy was already created for existing instance + "signing_key": privateKey, + "existing_kms_instance_crn": terraform.Output(t, existingTerraformOptions, "kms_instance_crn"), + "existing_event_notifications_instance_crn": terraform.Output(t, existingTerraformOptions, "event_notifications_instance_crn"), + "event_notifications_email_list": []string{"GoldenEye.Operations@ibm.com"}, + "secrets_manager_secret_groups": []string{}, // Don't create any secret groups in existing instance (The default 'General' group already exists) } err := options.RunProjectsTest() @@ -176,12 +175,12 @@ func TestProjectsStandardFullTest(t *testing.T) { t.Fatal(kerr) } options.StackInputs = map[string]interface{}{ - "resource_group_name": options.ResourceGroup, - "region": validRegions[rand.Intn(len(validRegions))], - "ibmcloud_api_key": options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], - "prefix": options.Prefix, - "signing_key": privateKey, - "secret_manager_service_plan": "trial", + "resource_group_name": options.ResourceGroup, + "region": validRegions[rand.Intn(len(validRegions))], + "ibmcloud_api_key": options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], + "prefix": options.Prefix, + "signing_key": privateKey, + "secrets_manager_service_plan": "trial", } err := options.RunProjectsTest() diff --git a/tests/resources/main.tf b/tests/resources/main.tf index ff7aa5c6..4d8fa175 100644 --- a/tests/resources/main.tf +++ b/tests/resources/main.tf @@ -24,20 +24,6 @@ module "event_notifications" { region = var.region } -############################################################################## -# Secrets Manager -############################################################################## - -module "secrets_manager" { - source = "terraform-ibm-modules/secrets-manager/ibm" - version = "2.0.0" - resource_group_id = module.resource_group.resource_group_id - region = var.region - secrets_manager_name = "${var.prefix}-secrets-manager" #tfsec:ignore:general-secrets-no-plaintext-exposure - sm_service_plan = "trial" - sm_tags = var.resource_tags -} - ############################################################################## # Key Protect All Inclusive ############################################################################## diff --git a/tests/resources/outputs.tf b/tests/resources/outputs.tf index 7e7a5229..c5b8999c 100644 --- a/tests/resources/outputs.tf +++ b/tests/resources/outputs.tf @@ -18,14 +18,9 @@ output "resource_group_id" { description = "Resource group ID" } -output "event_notification_instance_crn" { +output "event_notifications_instance_crn" { value = module.event_notifications.crn - description = "CRN of created event notification" -} - -output "secrets_manager_instance_crn" { - value = module.secrets_manager.secrets_manager_crn - description = "CRN of created secret manager instance" + description = "CRN of created event notifications" } output "kms_instance_crn" { From 4a9103045f4e8861148b9ae5daa78af9a34beb0e Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Mon, 6 Oct 2025 10:43:46 +0100 Subject: [PATCH 23/36] fully configurable --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 1d33c03d..97d93660 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,5 @@ .terraform *.tfstate *.lock.hcl +.DS_Store +.idea From 2deced3ecd6721c1ccc32d4c940d68c916638cba Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Mon, 6 Oct 2025 10:46:33 +0100 Subject: [PATCH 24/36] fully configurable --- tests/go.mod | 77 +++++++++++++------------ tests/go.sum | 156 ++++++++++++++++++++++++++------------------------- 2 files changed, 120 insertions(+), 113 deletions(-) diff --git a/tests/go.mod b/tests/go.mod index f1a792a1..438ebb92 100644 --- a/tests/go.mod +++ b/tests/go.mod @@ -1,55 +1,55 @@ module github.com/terraform-ibm-modules/stack-retrieval-augmented-generation -go 1.23.0 +go 1.24.0 toolchain go1.24.1 require ( - github.com/gruntwork-io/terratest v0.48.2 - github.com/stretchr/testify v1.10.0 - github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.47.1 + github.com/gruntwork-io/terratest v0.50.0 + github.com/stretchr/testify v1.11.1 + github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.10 ) require ( dario.cat/mergo v1.0.0 // indirect github.com/IBM-Cloud/bluemix-go v0.0.0-20240719075425-078fcb3a55be // indirect - github.com/IBM-Cloud/power-go-client v1.11.0 // indirect - github.com/IBM/cloud-databases-go-sdk v0.7.1 // indirect - github.com/IBM/go-sdk-core/v5 v5.19.0 // indirect - github.com/IBM/platform-services-go-sdk v0.79.0 // indirect + github.com/IBM-Cloud/power-go-client v1.12.0 // indirect + github.com/IBM/cloud-databases-go-sdk v0.8.0 // indirect + github.com/IBM/go-sdk-core/v5 v5.21.0 // indirect + github.com/IBM/platform-services-go-sdk v0.86.1 // indirect github.com/IBM/project-go-sdk v0.3.6 // indirect github.com/IBM/schematics-go-sdk v0.4.0 // indirect - github.com/IBM/vpc-go-sdk v0.65.0 // indirect + github.com/IBM/vpc-go-sdk v0.71.1 // indirect github.com/Microsoft/go-winio v0.6.2 // indirect - github.com/ProtonMail/go-crypto v1.1.5 // indirect + github.com/ProtonMail/go-crypto v1.1.6 // indirect github.com/agext/levenshtein v1.2.3 // indirect github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect - github.com/cloudflare/circl v1.6.0 // indirect + github.com/cloudflare/circl v1.6.1 // indirect github.com/cyphar/filepath-securejoin v0.4.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/emirpasic/gods v1.18.1 // indirect - github.com/gabriel-vasile/mimetype v1.4.8 // indirect + github.com/gabriel-vasile/mimetype v1.4.9 // indirect github.com/ghodss/yaml v1.0.0 // indirect github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect github.com/go-git/go-billy/v5 v5.6.2 // indirect - github.com/go-git/go-git/v5 v5.14.0 // indirect + github.com/go-git/go-git/v5 v5.16.2 // indirect github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect - github.com/go-openapi/analysis v0.21.5 // indirect - github.com/go-openapi/errors v0.22.1 // indirect - github.com/go-openapi/jsonpointer v0.20.1 // indirect - github.com/go-openapi/jsonreference v0.20.3 // indirect - github.com/go-openapi/loads v0.21.3 // indirect - github.com/go-openapi/runtime v0.26.0 // indirect - github.com/go-openapi/spec v0.20.12 // indirect + github.com/go-openapi/analysis v0.23.0 // indirect + github.com/go-openapi/errors v0.22.2 // indirect + github.com/go-openapi/jsonpointer v0.21.1 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/loads v0.22.0 // indirect + github.com/go-openapi/runtime v0.28.0 // indirect + github.com/go-openapi/spec v0.21.0 // indirect github.com/go-openapi/strfmt v0.23.0 // indirect - github.com/go-openapi/swag v0.22.5 // indirect - github.com/go-openapi/validate v0.22.4 // indirect + github.com/go-openapi/swag v0.23.1 // indirect + github.com/go-openapi/validate v0.24.0 // indirect github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect - github.com/go-playground/validator/v10 v10.24.0 // indirect + github.com/go-playground/validator/v10 v10.26.0 // indirect github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect github.com/google/go-cmp v0.7.0 // indirect github.com/google/uuid v1.6.0 // indirect @@ -61,14 +61,14 @@ require ( github.com/hashicorp/go-safetemp v1.0.0 // indirect github.com/hashicorp/go-version v1.7.0 // indirect github.com/hashicorp/hcl/v2 v2.22.0 // indirect - github.com/hashicorp/terraform-json v0.24.0 // indirect + github.com/hashicorp/terraform-json v0.26.0 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect github.com/jinzhu/copier v0.4.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/kevinburke/ssh_config v1.2.0 // indirect github.com/klauspost/compress v1.16.7 // indirect github.com/leodido/go-urn v1.4.0 // indirect - github.com/mailru/easyjson v0.7.7 // indirect + github.com/mailru/easyjson v0.9.0 // indirect github.com/mattn/go-zglob v0.0.4 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect @@ -80,22 +80,25 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect github.com/skeema/knownhosts v1.3.1 // indirect + github.com/stretchr/objx v0.5.2 // indirect github.com/tmccombs/hcl2json v0.6.4 // indirect github.com/ulikunitz/xz v0.5.11 // indirect github.com/xanzy/ssh-agent v0.3.3 // indirect - github.com/zclconf/go-cty v1.15.1 // indirect - go.mongodb.org/mongo-driver v1.17.2 // indirect - go.opentelemetry.io/otel v1.29.0 // indirect - go.opentelemetry.io/otel/metric v1.29.0 // indirect - go.opentelemetry.io/otel/trace v1.29.0 // indirect - golang.org/x/crypto v0.36.0 // indirect - golang.org/x/mod v0.18.0 // indirect - golang.org/x/net v0.37.0 // indirect - golang.org/x/sync v0.12.0 // indirect - golang.org/x/sys v0.31.0 // indirect - golang.org/x/text v0.23.0 // indirect - golang.org/x/tools v0.22.0 // indirect + github.com/zclconf/go-cty v1.16.3 // indirect + go.mongodb.org/mongo-driver v1.17.3 // indirect + go.opentelemetry.io/auto/sdk v1.1.0 // indirect + go.opentelemetry.io/otel v1.35.0 // indirect + go.opentelemetry.io/otel/metric v1.35.0 // indirect + go.opentelemetry.io/otel/trace v1.35.0 // indirect + golang.org/x/crypto v0.41.0 // indirect + golang.org/x/mod v0.26.0 // indirect + golang.org/x/net v0.42.0 // indirect + golang.org/x/sync v0.17.0 // indirect + golang.org/x/sys v0.35.0 // indirect + golang.org/x/text v0.28.0 // indirect + golang.org/x/tools v0.35.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/tests/go.sum b/tests/go.sum index bce79c1f..f987ca67 100644 --- a/tests/go.sum +++ b/tests/go.sum @@ -2,25 +2,25 @@ dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= github.com/IBM-Cloud/bluemix-go v0.0.0-20240719075425-078fcb3a55be h1:USOcBHkYQ4o/ccoEvoHinrba8NQthLJpFXnAoBY+MI4= github.com/IBM-Cloud/bluemix-go v0.0.0-20240719075425-078fcb3a55be/go.mod h1:/7hMjdZA6fEpd/dQAOEABxKEwN0t72P3PlpEDu0Y7bE= -github.com/IBM-Cloud/power-go-client v1.11.0 h1:4xlYXF2+S3s6Crb0D2+d5c1kb6gUE7eowMXLB7Q6cWY= -github.com/IBM-Cloud/power-go-client v1.11.0/go.mod h1:UDyXeIKEp6r7yWUXYu3r0ZnFSlNZ2YeQTHwM2Tmlgv0= -github.com/IBM/cloud-databases-go-sdk v0.7.1 h1:5kK4/3NUsGxZzmuUe+1ftajpOQbeDVh5VeemrPgROP4= -github.com/IBM/cloud-databases-go-sdk v0.7.1/go.mod h1:JYucI1PdwqbAd8XGdDAchxzxRP7bxOh1zUnseovHKsc= -github.com/IBM/go-sdk-core/v5 v5.19.0 h1:YN2S5JUvq/EwYulmcNFwgyYBxZhVWl9nkY22H7Hpghw= -github.com/IBM/go-sdk-core/v5 v5.19.0/go.mod h1:deZO1J5TSlU69bCnl/YV7nPxFZA2UEaup7cq/7ZTOgw= -github.com/IBM/platform-services-go-sdk v0.79.0 h1:qCNheB3390holPcpDxdgNyi11JS6ZfsL39YgnJEOsTo= -github.com/IBM/platform-services-go-sdk v0.79.0/go.mod h1:FzCPOfbNAt0s9RwtIrbJbfDwA7mKIObtZ/18KnviKr0= +github.com/IBM-Cloud/power-go-client v1.12.0 h1:tF9Mq5GLYHebpzQT6IYB89lIxEST1E9teuchjxSAaw0= +github.com/IBM-Cloud/power-go-client v1.12.0/go.mod h1:SpTK1ttW8bfMNUVQS8qOEuWn2KOkzaCLyzfze8MG1JE= +github.com/IBM/cloud-databases-go-sdk v0.8.0 h1:uMFqhnc/roVTzfCaUsJ23eaHKjChhGpM1F7Mpxik0bo= +github.com/IBM/cloud-databases-go-sdk v0.8.0/go.mod h1:JYucI1PdwqbAd8XGdDAchxzxRP7bxOh1zUnseovHKsc= +github.com/IBM/go-sdk-core/v5 v5.21.0 h1:DUnYhvC4SoC8T84rx5omnhY3+xcQg/Whyoa3mDPIMkk= +github.com/IBM/go-sdk-core/v5 v5.21.0/go.mod h1:Q3BYO6iDA2zweQPDGbNTtqft5tDcEpm6RTuqMlPcvbw= +github.com/IBM/platform-services-go-sdk v0.86.1 h1:ngBpaXvUF3gmLvbU1Z4lX1wowOSYgGoKBEBaR/urt30= +github.com/IBM/platform-services-go-sdk v0.86.1/go.mod h1:aGD045m6I8pfcB77wft8w2cHqWOJjcM3YSSV55BX0Js= github.com/IBM/project-go-sdk v0.3.6 h1:DRiANKnAePevFsIKSvR89SUaMa2xsd7YKK71Ka1eqKI= github.com/IBM/project-go-sdk v0.3.6/go.mod h1:FOJM9ihQV3EEAY6YigcWiTNfVCThtdY8bLC/nhQHFvo= github.com/IBM/schematics-go-sdk v0.4.0 h1:x01f/tPquYJYLQzJLGuxWfCbV/EdSMXRikOceNy/JLM= github.com/IBM/schematics-go-sdk v0.4.0/go.mod h1:Xe7R7xgwmXBHu09w2CbBe8lkWZaYxNQo19bS4dpLrUA= -github.com/IBM/vpc-go-sdk v0.65.0 h1:wCOm4pPdrsPnnHlpLHrqntLdzEmyjafK5BfZdke/ntI= -github.com/IBM/vpc-go-sdk v0.65.0/go.mod h1:VL7sy61ybg6tvA60SepoQx7TFe20m7JyNUt+se2tHP4= +github.com/IBM/vpc-go-sdk v0.71.1 h1:SP5/uQs5JDb1QRvSJ1QC2BzE+BHEMq4jd2+JEcRuieE= +github.com/IBM/vpc-go-sdk v0.71.1/go.mod h1:K3vVlje72PYE3ZRt1iouE+jSIq+vCyYzT1HiFC06hUA= github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= -github.com/ProtonMail/go-crypto v1.1.5 h1:eoAQfK2dwL+tFSFpr7TbOaPNUbPiJj4fLYwwGE1FQO4= -github.com/ProtonMail/go-crypto v1.1.5/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE= +github.com/ProtonMail/go-crypto v1.1.6 h1:ZcV+Ropw6Qn0AX9brlQLAUXfqLBc7Bl+f/DmNxpLfdw= +github.com/ProtonMail/go-crypto v1.1.6/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= @@ -38,8 +38,8 @@ github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/cloudflare/circl v1.6.0 h1:cr5JKic4HI+LkINy2lg3W2jF8sHCVTBncJr5gIIq7qk= -github.com/cloudflare/circl v1.6.0/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs= +github.com/cloudflare/circl v1.6.1 h1:zqIqSPIndyBh1bjLVVDHMPpVKqp8Su/V+6MeDzzQBQ0= +github.com/cloudflare/circl v1.6.1/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/cyphar/filepath-securejoin v0.4.1 h1:JyxxyPEaktOD+GAnqIqTf9A8tHyAG22rowi7HkoSU1s= github.com/cyphar/filepath-securejoin v0.4.1/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI= @@ -56,8 +56,8 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/gabriel-vasile/mimetype v1.4.8 h1:FfZ3gj38NjllZIeJAmMhr+qKL8Wu+nOoI3GqacKw1NM= -github.com/gabriel-vasile/mimetype v1.4.8/go.mod h1:ByKUIKGjh1ODkGM1asKUbQZOLGrPjydw3hYPU2YU9t8= +github.com/gabriel-vasile/mimetype v1.4.9 h1:5k+WDwEsD9eTLL8Tz3L0VnmVh9QxGjRmjBvAG7U/oYY= +github.com/gabriel-vasile/mimetype v1.4.9/go.mod h1:WnSQhFKJuBlRyLiKohA/2DtIlPFAbguNaG7QCHcyGok= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gliderlabs/ssh v0.3.8 h1:a4YXD1V7xMF9g5nTkdfnja3Sxy1PVDCj1Zg4Wb8vY6c= @@ -68,8 +68,8 @@ github.com/go-git/go-billy/v5 v5.6.2 h1:6Q86EsPXMa7c3YZ3aLAQsMA0VlWmy43r6FHqa/UN github.com/go-git/go-billy/v5 v5.6.2/go.mod h1:rcFC2rAsp/erv7CMz9GczHcuD0D32fWzH+MJAU+jaUU= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII= -github.com/go-git/go-git/v5 v5.14.0 h1:/MD3lCrGjCen5WfEAzKg00MJJffKhC8gzS80ycmCi60= -github.com/go-git/go-git/v5 v5.14.0/go.mod h1:Z5Xhoia5PcWA3NF8vRLURn9E5FRhSl7dGj9ItW3Wk5k= +github.com/go-git/go-git/v5 v5.16.2 h1:fT6ZIOjE5iEnkzKyxTHK1W4HGAsPhqEqiSAssSO77hM= +github.com/go-git/go-git/v5 v5.16.2/go.mod h1:4Ge4alE/5gPs30F2H1esi2gPd69R0C39lolkucHBOp8= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -78,36 +78,36 @@ github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-openapi/analysis v0.21.5 h1:3tHfEBh6Ia8eKc4M7khOGjPOAlWKJ10d877Cr9teujI= -github.com/go-openapi/analysis v0.21.5/go.mod h1:25YcZosX9Lwz2wBsrFrrsL8bmjjXdlyP6zsr2AMy29M= +github.com/go-openapi/analysis v0.23.0 h1:aGday7OWupfMs+LbmLZG4k0MYXIANxcuBTYUC03zFCU= +github.com/go-openapi/analysis v0.23.0/go.mod h1:9mz9ZWaSlV8TvjQHLl2mUW2PbZtemkE8yA5v22ohupo= github.com/go-openapi/errors v0.20.3/go.mod h1:Z3FlZ4I8jEGxjUK+bugx3on2mIAk4txuAOhlsB1FSgk= -github.com/go-openapi/errors v0.22.1 h1:kslMRRnK7NCb/CvR1q1VWuEQCEIsBGn5GgKD9e+HYhU= -github.com/go-openapi/errors v0.22.1/go.mod h1:+n/5UdIqdVnLIJ6Q9Se8HNGUXYaY6CN8ImWzfi/Gzp0= -github.com/go-openapi/jsonpointer v0.20.1 h1:MkK4VEIEZMj4wT9PmjaUmGflVBr9nvud4Q4UVFbDoBE= -github.com/go-openapi/jsonpointer v0.20.1/go.mod h1:bHen+N0u1KEO3YlmqOjTT9Adn1RfD91Ar825/PuiRVs= -github.com/go-openapi/jsonreference v0.20.3 h1:EjGcjTW8pD1mRis6+w/gmoBdqv5+RbE9B85D1NgDOVQ= -github.com/go-openapi/jsonreference v0.20.3/go.mod h1:FviDZ46i9ivh810gqzFLl5NttD5q3tSlMLqLr6okedM= -github.com/go-openapi/loads v0.21.3 h1:8sSH2FIm/SnbDUGv572md4YqVMFne/a9Eubvcd3anew= -github.com/go-openapi/loads v0.21.3/go.mod h1:Y3aMR24iHbKHppOj91nQ/SHc0cuPbAr4ndY4a02xydc= -github.com/go-openapi/runtime v0.26.0 h1:HYOFtG00FM1UvqrcxbEJg/SwvDRvYLQKGhw2zaQjTcc= -github.com/go-openapi/runtime v0.26.0/go.mod h1:QgRGeZwrUcSHdeh4Ka9Glvo0ug1LC5WyE+EV88plZrQ= -github.com/go-openapi/spec v0.20.12 h1:cgSLbrsmziAP2iais+Vz7kSazwZ8rsUZd6TUzdDgkVI= -github.com/go-openapi/spec v0.20.12/go.mod h1:iSCgnBcwbMW9SfzJb8iYynXvcY6C/QFrI7otzF7xGM4= +github.com/go-openapi/errors v0.22.2 h1:rdxhzcBUazEcGccKqbY1Y7NS8FDcMyIRr0934jrYnZg= +github.com/go-openapi/errors v0.22.2/go.mod h1:+n/5UdIqdVnLIJ6Q9Se8HNGUXYaY6CN8ImWzfi/Gzp0= +github.com/go-openapi/jsonpointer v0.21.1 h1:whnzv/pNXtK2FbX/W9yJfRmE2gsmkfahjMKB0fZvcic= +github.com/go-openapi/jsonpointer v0.21.1/go.mod h1:50I1STOfbY1ycR8jGz8DaMeLCdXiI6aDteEdRNNzpdk= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= +github.com/go-openapi/loads v0.22.0 h1:ECPGd4jX1U6NApCGG1We+uEozOAvXvJSF4nnwHZ8Aco= +github.com/go-openapi/loads v0.22.0/go.mod h1:yLsaTCS92mnSAZX5WWoxszLj0u+Ojl+Zs5Stn1oF+rs= +github.com/go-openapi/runtime v0.28.0 h1:gpPPmWSNGo214l6n8hzdXYhPuJcGtziTOgUpvsFWGIQ= +github.com/go-openapi/runtime v0.28.0/go.mod h1:QN7OzcS+XuYmkQLw05akXk0jRH/eZ3kb18+1KwW9gyc= +github.com/go-openapi/spec v0.21.0 h1:LTVzPc3p/RzRnkQqLRndbAzjY0d0BCL72A6j3CdL9ZY= +github.com/go-openapi/spec v0.21.0/go.mod h1:78u6VdPw81XU44qEWGhtr982gJ5BWg2c0I5XwVMotYk= github.com/go-openapi/strfmt v0.21.7/go.mod h1:adeGTkxE44sPyLk0JV235VQAO/ZXUr8KAzYjclFs3ew= github.com/go-openapi/strfmt v0.23.0 h1:nlUS6BCqcnAk0pyhi9Y+kdDVZdZMHfEKQiS4HaMgO/c= github.com/go-openapi/strfmt v0.23.0/go.mod h1:NrtIpfKtWIygRkKVsxh7XQMDQW5HKQl6S5ik2elW+K4= -github.com/go-openapi/swag v0.22.5 h1:fVS63IE3M0lsuWRzuom3RLwUMVI2peDH01s6M70ugys= -github.com/go-openapi/swag v0.22.5/go.mod h1:Gl91UqO+btAM0plGGxHqJcQZ1ZTy6jbmridBTsDy8A0= -github.com/go-openapi/validate v0.22.4 h1:5v3jmMyIPKTR8Lv9syBAIRxG6lY0RqeBPB1LKEijzk8= -github.com/go-openapi/validate v0.22.4/go.mod h1:qm6O8ZIcPVdSY5219468Jv7kBdGvkiZLPOmqnqTUZ2A= +github.com/go-openapi/swag v0.23.1 h1:lpsStH0n2ittzTnbaSloVZLuB5+fvSY/+hnagBjSNZU= +github.com/go-openapi/swag v0.23.1/go.mod h1:STZs8TbRvEQQKUA+JZNAm3EWlgaOBGpyFDqQnDHMef0= +github.com/go-openapi/validate v0.24.0 h1:LdfDKwNbpB6Vn40xhTdNZAnfLECL81w+VX3BumrGD58= +github.com/go-openapi/validate v0.24.0/go.mod h1:iyeX1sEufmv3nPbBdX3ieNviWnOZaJ1+zquzJEf2BAQ= github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA= github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= -github.com/go-playground/validator/v10 v10.24.0 h1:KHQckvo8G6hlWnrPX4NJJ+aBfWNAE/HH+qdL2cBpCmg= -github.com/go-playground/validator/v10 v10.24.0/go.mod h1:GGzBIJMuE98Ic/kJsBXbz1x/7cByt++cQ+YOuDM5wus= +github.com/go-playground/validator/v10 v10.26.0 h1:SP05Nqhjcvz81uJaRfEV0YBSSSGMc/iMaVtFbr3Sw2k= +github.com/go-playground/validator/v10 v10.26.0/go.mod h1:I5QpIEbmr8On7W0TktmJAumgzX4CA1XNl4ZmDuVHKKo= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/go-test/deep v1.0.7 h1:/VSMRlnY/JSyqxQUzQLKVMAskpY/NZKFA5j2P+0pP2M= @@ -139,8 +139,8 @@ github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLe github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/gruntwork-io/terratest v0.48.2 h1:+VwfODchq8jxZZWD+s8gBlhD1z6/C4bFLNrhpm9ONrs= -github.com/gruntwork-io/terratest v0.48.2/go.mod h1:Y5ETyD4ZQ2MZhasPno272fWuCpKwvTPYDi8Y0tIMqTE= +github.com/gruntwork-io/terratest v0.50.0 h1:AbBJ7IRCpLZ9H4HBrjeoWESITv8nLjN6/f1riMNcAsw= +github.com/gruntwork-io/terratest v0.50.0/go.mod h1:see0lbKvAqz6rvzvN2wyfuFQQG4PWcAb2yHulF6B2q4= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -160,8 +160,8 @@ github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKe github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/hcl/v2 v2.22.0 h1:hkZ3nCtqeJsDhPRFz5EA9iwcG1hNWGePOTw6oyul12M= github.com/hashicorp/hcl/v2 v2.22.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA= -github.com/hashicorp/terraform-json v0.24.0 h1:rUiyF+x1kYawXeRth6fKFm/MdfBS6+lW4NbeATsYz8Q= -github.com/hashicorp/terraform-json v0.24.0/go.mod h1:Nfj5ubo9xbu9uiAoZVBsNOjvNKB66Oyrvtit74kC7ow= +github.com/hashicorp/terraform-json v0.26.0 h1:+BnJavhRH+oyNWPnfzrfQwVWCZBFMvjdiH2Vi38Udz4= +github.com/hashicorp/terraform-json v0.26.0/go.mod h1:eyWCeC3nrZamyrKLFnrvwpc3LQPIJsx8hWHQ/nu2/v4= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= @@ -184,8 +184,8 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ= github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= +github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= @@ -247,8 +247,8 @@ github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJK github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= github.com/onsi/gomega v1.31.1/go.mod h1:y40C95dwAD1Nz36SsEnxvfFe8FFfNxzI5eJ0EYGyAy0= -github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= -github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= +github.com/onsi/gomega v1.37.0 h1:CdEG8g0S133B4OswTDC/5XPSzE1OeP29QOioj2PID2Y= +github.com/onsi/gomega v1.37.0/go.mod h1:8D9+Txp43QWKhM24yyOBEdpkzN8FvJyAwecBgsU4KU0= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/pjbgf/sha1cd v0.3.2 h1:a9wb0bp1oC2TGwStyn0Umc/IGKQnEgF0vVaZ8QF8eo4= @@ -277,10 +277,10 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= -github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.47.1 h1:tNFE95ARyd8tTjP0zSmIJIFKBf7Kdl8Cuwp5NZ1xqUo= -github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.47.1/go.mod h1:be/us5lpuIvNmni1CXR0nJcAiFJkvluQDM0iFe960s8= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= +github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.10 h1:dOH4lHp8/wtXDNJA2SGI2NOuMp/EDoWFw1uVWf5HJ88= +github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.10/go.mod h1:YBrRYc+5y5Pr9CXmY35lOqTQdlIjA4x4+3iVObXGOCE= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tmccombs/hcl2json v0.6.4 h1:/FWnzS9JCuyZ4MNwrG4vMrFrzRgsWEOVi+1AyYUVLGw= github.com/tmccombs/hcl2json v0.6.4/go.mod h1:+ppKlIW3H5nsAsZddXPy2iMyvld3SHxyjswOZhavRDk= @@ -295,21 +295,23 @@ github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7Jul github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/zclconf/go-cty v1.15.1 h1:RgQYm4j2EvoBRXOPxhUvxPzRrGDo1eCOhHXuGfrj5S0= -github.com/zclconf/go-cty v1.15.1/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= +github.com/zclconf/go-cty v1.16.3 h1:osr++gw2T61A8KVYHoQiFbFd1Lh3JOCXc/jFLJXKTxk= +github.com/zclconf/go-cty v1.16.3/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940 h1:4r45xpDWB6ZMSMNJFMOjqrGHynW3DIBuR2H9j0ug+Mo= github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940/go.mod h1:CmBdvvj3nqzfzJ6nTCIwDTPZ56aVGvDrmztiO5g3qrM= go.mongodb.org/mongo-driver v1.11.3/go.mod h1:PTSz5yu21bkT/wXpkS7WR5f0ddqw5quethTUn9WM+2g= -go.mongodb.org/mongo-driver v1.17.2 h1:gvZyk8352qSfzyZ2UMWcpDpMSGEr1eqE4T793SqyhzM= -go.mongodb.org/mongo-driver v1.17.2/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ= -go.opentelemetry.io/otel v1.29.0 h1:PdomN/Al4q/lN6iBJEN3AwPvUiHPMlt93c8bqTG5Llw= -go.opentelemetry.io/otel v1.29.0/go.mod h1:N/WtXPs1CNCUEx+Agz5uouwCba+i+bJGFicT8SR4NP8= -go.opentelemetry.io/otel/metric v1.29.0 h1:vPf/HFWTNkPu1aYeIsc98l4ktOQaL6LeSoeV2g+8YLc= -go.opentelemetry.io/otel/metric v1.29.0/go.mod h1:auu/QWieFVWx+DmQOUMgj0F8LHWdgalxXqvp7BII/W8= +go.mongodb.org/mongo-driver v1.17.3 h1:TQyXhnsWfWtgAhMtOgtYHMTkZIfBTpMTsMnd9ZBeHxQ= +go.mongodb.org/mongo-driver v1.17.3/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ= +go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= +go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= +go.opentelemetry.io/otel v1.35.0 h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ= +go.opentelemetry.io/otel v1.35.0/go.mod h1:UEqy8Zp11hpkUrL73gSlELM0DupHoiq72dR+Zqel/+Y= +go.opentelemetry.io/otel/metric v1.35.0 h1:0znxYu2SNyuMSQT4Y9WDWej0VpcsxkuklLa4/siN90M= +go.opentelemetry.io/otel/metric v1.35.0/go.mod h1:nKVFgxBZ2fReX6IlyW28MgZojkoAkJGaE8CpgeAU3oE= go.opentelemetry.io/otel/sdk v1.29.0 h1:vkqKjk7gwhS8VaWb0POZKmIEDimRCMsopNYnriHyryo= go.opentelemetry.io/otel/sdk v1.29.0/go.mod h1:pM8Dx5WKnvxLCb+8lG1PRNIDxu9g9b9g59Qr7hfAAok= -go.opentelemetry.io/otel/trace v1.29.0 h1:J/8ZNK4XgR7a21DZUAsbF8pZ5Jcw1VhACmnYt39JTi4= -go.opentelemetry.io/otel/trace v1.29.0/go.mod h1:eHl3w0sp3paPkYstJOmAimxhiFXPg+MMTlEh3nsQgWQ= +go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt/xgMs= +go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -321,8 +323,8 @@ golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98y golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34= -golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc= +golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4= +golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= @@ -333,8 +335,8 @@ golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0= -golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.26.0 h1:EGMPT//Ezu+ylkCijjPc+f4Aih7sZvaAr+O3EHBxvZg= +golang.org/x/mod v0.26.0/go.mod h1:/j6NAhSk8iQ723BGAUyoAcn7SlD7s15Dp9Nd/SfeaFQ= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -360,8 +362,8 @@ golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= -golang.org/x/net v0.37.0 h1:1zLorHbz+LYj7MQlSf1+2tPIIgibq2eL5xkrGk6f+2c= -golang.org/x/net v0.37.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8= +golang.org/x/net v0.42.0 h1:jzkYrhi3YQWD6MLBJcsklgQsoAcw89EcZbJw8Z614hs= +golang.org/x/net v0.42.0/go.mod h1:FF1RA5d3u7nAYA4z2TkclSCKh68eSXtiFwcWQpPXdt8= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -371,8 +373,8 @@ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw= -golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= +golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug= +golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -408,8 +410,8 @@ golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik= -golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= +golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -424,8 +426,8 @@ golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= -golang.org/x/term v0.30.0 h1:PQ39fJZ+mfadBm0y5WlL4vlM7Sx1Hgf13sMIY2+QS9Y= -golang.org/x/term v0.30.0/go.mod h1:NYYFdzHoI5wRh/h5tDMdMqCqPJZEuNqVR5xJLd/n67g= +golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4= +golang.org/x/term v0.34.0/go.mod h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -440,8 +442,8 @@ golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY= -golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4= +golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng= +golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= @@ -456,8 +458,8 @@ golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= -golang.org/x/tools v0.22.0 h1:gqSGLZqv+AI9lIQzniJ0nZDRG5GBPsSi+DRNHWNz6yA= -golang.org/x/tools v0.22.0/go.mod h1:aCwcsjqvq7Yqt6TNyX7QMU2enbQ/Gt0bo6krSeEri+c= +golang.org/x/tools v0.35.0 h1:mBffYraMEf7aa0sB+NuKnuCy8qI/9Bughn8dC2Gu5r0= +golang.org/x/tools v0.35.0/go.mod h1:NKdj5HkL/73byiZSJjqJgKn3ep7KjFkBOkR/Hps3VPw= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -492,3 +494,5 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= From c8f936567268fac2c67330e71f3d2ab483917f35 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Mon, 6 Oct 2025 10:55:38 +0100 Subject: [PATCH 25/36] fully configurable --- tests/go.mod | 2 +- tests/pr_test.go | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/go.mod b/tests/go.mod index 438ebb92..657b4356 100644 --- a/tests/go.mod +++ b/tests/go.mod @@ -2,7 +2,7 @@ module github.com/terraform-ibm-modules/stack-retrieval-augmented-generation go 1.24.0 -toolchain go1.24.1 +toolchain go1.25.1 require ( github.com/gruntwork-io/terratest v0.50.0 diff --git a/tests/pr_test.go b/tests/pr_test.go index 782309fd..b9a5ac2b 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -50,7 +50,7 @@ func TestProjectsBasicFullTest(t *testing.T) { Prefix: "rag", StackConfigurationPath: basicDaStackDefPath, CatalogProductName: "Retrieval_Augmented_Generation_Pattern", - CatalogFlavorName: "basic", + CatalogFlavorName: "basic-fully-config", }) privateKey, _, kerr := common.GenerateTempGPGKeyPairBase64() @@ -115,7 +115,7 @@ func TestProjectsBasicExistingResourcesTest(t *testing.T) { Testing: t, StackConfigurationPath: basicDaStackDefPath, CatalogProductName: "Retrieval_Augmented_Generation_Pattern", - CatalogFlavorName: "basic", + CatalogFlavorName: "basic-fully-config", }) privateKey, _, kerr := common.GenerateTempGPGKeyPairBase64() @@ -167,7 +167,7 @@ func TestProjectsStandardFullTest(t *testing.T) { Prefix: "rag-s", StackConfigurationPath: standardDaStackDefPath, CatalogProductName: "Retrieval_Augmented_Generation_Pattern", - CatalogFlavorName: "standard", + CatalogFlavorName: "standard-fully-config", }) privateKey, _, kerr := common.GenerateTempGPGKeyPairBase64() From 65bb77458c960c18fec611c71e17562e3f537a7b Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Mon, 6 Oct 2025 11:20:53 +0100 Subject: [PATCH 26/36] fully configurable --- solutions/standard/stack_definition.json | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index 2a110a41..01ad9656 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -269,6 +269,10 @@ { "name": "existing_resource_group_name", "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" + }, + { + "name": "instance_name", + "value": "essential-cos" } ] }, From 4920f4908979ddb4d6c879dc910e9a0906bb5d00 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Mon, 6 Oct 2025 11:28:21 +0100 Subject: [PATCH 27/36] fully configurable --- solutions/basic/stack_definition.json | 12 ++++++++++++ solutions/standard/stack_definition.json | 12 ++++++++++++ 2 files changed, 24 insertions(+) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index 175e86b3..1093ada7 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -666,6 +666,18 @@ { "name": "logs_routing_tenant_regions", "value": "ref:../../inputs/logs_routing_tenant_regions" + }, + { + "name": "cloud_logs_data_cos_bucket_name", + "value": "at-cloud-logs-logs-bucket" + }, + { + "name": "cloud_logs_metrics_cos_bucket_name", + "value": "at-cloud-logs-metrics-bucket" + }, + { + "name": "cloud_logs_instance_name", + "value": "at-cloud-logs" } ] }, diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index 01ad9656..c89f6ebb 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -698,6 +698,18 @@ { "name": "logs_routing_tenant_regions", "value": "ref:../../inputs/logs_routing_tenant_regions" + }, + { + "name": "cloud_logs_data_cos_bucket_name", + "value": "at-cloud-logs-logs-bucket" + }, + { + "name": "cloud_logs_metrics_cos_bucket_name", + "value": "at-cloud-logs-metrics-bucket" + }, + { + "name": "cloud_logs_instance_name", + "value": "at-cloud-logs" } ] }, From 2cb734b5c9d6ad3ea55bc73a87bf51ea625fdf43 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Mon, 6 Oct 2025 13:21:58 +0100 Subject: [PATCH 28/36] fully configurable --- solutions/basic/stack_definition.json | 8 ++++---- solutions/standard/stack_definition.json | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index 1093ada7..b656fd18 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -343,7 +343,7 @@ }, { "name": "3a - Essential Security - Event Notifications", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.fa8ebdf4-db44-4e25-9846-9278b516cd73-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.dcb7092c-99fd-425c-af23-0d03a85fa7d7-global", "inputs": [ { "name": "existing_cos_instance_crn", @@ -885,7 +885,7 @@ }, { "name": "existing_kms_instance_crn", - "value": "ref:../../members/2a - Key management/outputs/kms_instance_crn" + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, { "name": "kms_encryption_enabled_buckets", @@ -897,11 +897,11 @@ }, { "name": "existing_cos_instance_crn", - "value": "ref:../../members/2b - Object storage/outputs/cos_instance_crn" + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" }, { "name": "existing_cloud_logs_instance_crn", - "value": "ref:../../members/4d - Cloud Logs for activity tracking/outputs/cloud_logs_crn" + "value": "ref:../4d - Essential Security - Cloud Logs for activity tracking/outputs/cloud_logs_crn" }, { "name": "enable_activity_tracker_event_routing_to_cos_bucket", diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index c89f6ebb..3f7215c1 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -304,7 +304,7 @@ }, { "name": "3a - Essential Security - Event Notifications", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.fa8ebdf4-db44-4e25-9846-9278b516cd73-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.dcb7092c-99fd-425c-af23-0d03a85fa7d7-global", "inputs": [ { "name": "existing_cos_instance_crn", @@ -913,7 +913,7 @@ }, { "name": "existing_kms_instance_crn", - "value": "ref:../../members/2a - Key management/outputs/kms_instance_crn" + "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, { "name": "kms_encryption_enabled_buckets", @@ -925,11 +925,11 @@ }, { "name": "existing_cos_instance_crn", - "value": "ref:../../members/2b - Object storage/outputs/cos_instance_crn" + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" }, { "name": "existing_cloud_logs_instance_crn", - "value": "ref:../../members/4d - Cloud Logs for activity tracking/outputs/cloud_logs_crn" + "value": "ref:../4d - Essential Security - Cloud Logs for activity tracking/outputs/cloud_logs_crn" }, { "name": "enable_activity_tracker_event_routing_to_cos_bucket", From b1deefd1f1eea93a4f93888e86959157f3235f17 Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Mon, 6 Oct 2025 15:00:05 +0100 Subject: [PATCH 29/36] full config --- tests/pr_test.go | 4 ++-- tests/resources/main.tf | 14 ++++++++++++++ tests/resources/outputs.tf | 5 +++++ 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/tests/pr_test.go b/tests/pr_test.go index b9a5ac2b..05dcea6f 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -78,7 +78,7 @@ func TestProjectsBasicExistingResourcesTest(t *testing.T) { t.Parallel() // ------------------------------------------------------------------------------------ - // Provision RG, EN and KMS + // Provision RG, EN, SM and KMS // ------------------------------------------------------------------------------------ prefix := fmt.Sprintf("ragext-%s", strings.ToLower(random.UniqueId())) @@ -129,7 +129,7 @@ func TestProjectsBasicExistingResourcesTest(t *testing.T) { "existing_resource_group_name": terraform.Output(t, existingTerraformOptions, "resource_group_name"), "ibmcloud_api_key": options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], // always required by the stack "enable_platform_metrics": false, - "existing_secrets_manager_crn": permanentResources["privateOnlySecMgrCRN"], + "existing_secrets_manager_crn": terraform.Output(t, existingTerraformOptions, "secrets_manager_instance_crn"), "skip_secrets_manager_iam_auth_policy": true, // skip as s2s auth policy was already created for existing instance "signing_key": privateKey, "existing_kms_instance_crn": terraform.Output(t, existingTerraformOptions, "kms_instance_crn"), diff --git a/tests/resources/main.tf b/tests/resources/main.tf index 4d8fa175..ff7aa5c6 100644 --- a/tests/resources/main.tf +++ b/tests/resources/main.tf @@ -24,6 +24,20 @@ module "event_notifications" { region = var.region } +############################################################################## +# Secrets Manager +############################################################################## + +module "secrets_manager" { + source = "terraform-ibm-modules/secrets-manager/ibm" + version = "2.0.0" + resource_group_id = module.resource_group.resource_group_id + region = var.region + secrets_manager_name = "${var.prefix}-secrets-manager" #tfsec:ignore:general-secrets-no-plaintext-exposure + sm_service_plan = "trial" + sm_tags = var.resource_tags +} + ############################################################################## # Key Protect All Inclusive ############################################################################## diff --git a/tests/resources/outputs.tf b/tests/resources/outputs.tf index c5b8999c..0a07359a 100644 --- a/tests/resources/outputs.tf +++ b/tests/resources/outputs.tf @@ -23,6 +23,11 @@ output "event_notifications_instance_crn" { description = "CRN of created event notifications" } +output "secrets_manager_instance_crn" { + value = module.secrets_manager.secrets_manager_crn + description = "CRN of created secret manager instance" +} + output "kms_instance_crn" { value = module.key_protect_all_inclusive.key_protect_crn description = "CRN of created kms instance" From fd4e0a59c3a13f53149663957b93057397a6e7fe Mon Sep 17 00:00:00 2001 From: Rajat Agrawal Date: Mon, 6 Oct 2025 17:19:45 +0100 Subject: [PATCH 30/36] full config --- solutions/basic/stack_definition.json | 4 ++++ solutions/standard/stack_definition.json | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index b656fd18..d9fa1d74 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -813,6 +813,10 @@ "name": "ci_code_engine_project", "value": "ref:../2d - Workload - Code Engine Projects for CI/outputs/project_name" }, + { + "name": "use_legacy_ref", + "value": false + }, { "name": "cd_code_engine_project", "value": "ref:../2e - Workload - Code Engine Projects for CD/outputs/project_name" diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index 3f7215c1..1a9ccce1 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -873,6 +873,10 @@ "name": "pipeline_ibmcloud_api_key_secret_name", "value": "ibmcloud-api-key" }, + { + "name": "use_legacy_ref", + "value": false + }, { "name": "prefix", "value": "ref:../../inputs/prefix" From ebb598fd03fd117276b880951b30af0b8a096d8b Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Mon, 27 Oct 2025 15:43:35 +0000 Subject: [PATCH 31/36] cleanup --- .github/workflows/ci.yml | 2 +- .secrets.baseline | 2 +- README.md | 36 +- common-dev-assets | 2 +- ibm_catalog.json | 341 +++++++++--------- .../rag-pattern.svg | 0 .../rag-stack.svg | 0 solutions/basic/stack_definition.json | 75 ++-- solutions/standard/stack_definition.json | 72 ++-- tests/go.mod | 43 +-- tests/go.sum | 123 ++++--- tests/resources/main.tf | 8 +- 12 files changed, 360 insertions(+), 344 deletions(-) rename {reference-architecture => reference-architectures}/rag-pattern.svg (100%) rename {reference-architecture => reference-architectures}/rag-stack.svg (100%) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index fded5f67..0aca2050 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,5 +7,5 @@ on: - created jobs: call-terraform-ci-pipeline: - uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-terraform-module-ci-v2.yml@v1.22.5 + uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-terraform-module-ci-v2.yml@v1.23.2 secrets: inherit diff --git a/.secrets.baseline b/.secrets.baseline index 0016d172..4e8ba946 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -77,7 +77,7 @@ } ], "results": {}, - "version": "0.13.1+ibm.62.dss", + "version": "0.13.1+ibm.64.dss", "word_list": { "file": null, "hash": null diff --git a/README.md b/README.md index 2e3ec253..7db3228a 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Retrieval augmented generation (RAG) for watsonx on IBM Cloud +# Cloud-native AI The following [deployable architecture](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-understand-module-da#what-is-da) automates the deployment of a sample gen AI Pattern on IBM Cloud, including all underlying IBM Cloud and WatsonX infrastructure. This architecture implements the best practices for watsonx gen AI Pattern deployment on IBM Cloud, as described in the [reference architecture](https://cloud.ibm.com/docs/pattern-genai-rag?topic=pattern-genai-rag-genai-pattern). @@ -198,17 +198,6 @@ For example, by editing the member configuration, you can accomplish these thing To edit the member configuration, select **Edit** from the Options icon ![Options icon](/images/action-menu-icon.svg "Options") in the member configuration row. -### Removing configurations from the stack - -You can remove a member configuration from the stack that other configurations don't depend on. - -You can remove the following configurations in this architecture: - -- Security and Control Center -- Sample RAG App Configuration - -To remove a member configuration, select **Remove from Stack** from the Options icon ![Options icon](/images/action-menu-icon.svg "Options") in the member configuration row. - ### Managing input and output variables You can add or remove input and output variables at the stack level by following these steps: @@ -219,25 +208,6 @@ You can add or remove input and output variables at the stack level by following 1. Select a member configuration. 1. From the deployed details window, you can promote any of the configuration inputs or outputs. -### Selective provisioning of observability resources - -You can selectively provision observability resources such as Activity Tracker routes and targets, and Cloud Monitoring instances by following these steps: - -1. In the IBM Cloud console, click the **Navigation menu** icon ![Navigation menu icon](/images/icon_hamburger.svg "Menu") > **Projects**. -1. Click the project with the stacked deployable architecture that you want to update. -1. Click the **Configurations** tab. -1. **Navigate to the Configurations**: Access the "Essential Security - Logging Monitoring Activity Tracker" configuration by clicking on it. -1. **Edit Member Configuration**: On the top right side click on 3 dots, then select Edit option to access the member configuration page. -1. **Locate Optional Variables**: Under the Optional tab, you’ll find the specific variable settings. -1. From the deployed details window, you can enable or disable the provisioning of specific observability resources. For example: - - **IBM Cloud Logs instance** (`cloud_logs_provision`): Set this to provision or skip provisioning an IBM Cloud Logs instance. - - **IBM Cloud Monitoring instance** (`cloud_monitoring_provision`): Set this to provision or skip provisioning an IBM cloud monitoring instance. - - **Event routing from Activity Tracker to Object Storage** (`enable_at_event_routing_to_cos_bucket`): Set this to enable or disable event routing from Activity Tracker to the Object Storage bucket. - - **Event routing from Activity Tracker to Cloud Logs** (`enable_at_event_routing_to_cloud_logs`): Set this to enable or disable event routing from Activity Tracker to Cloud Logs. -1. After making the necessary changes, click Save, validate the settings, and deploy to apply the updated configuration. - - - ### Sharing modified stacks through a private IBM Cloud catalog After you modify your deployable architecture in projects, you can share it with others through a private IBM Cloud catalog. To share your deployable architecture, follow the steps in [Sharing your deployable architecture to your enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-share-custom). @@ -246,7 +216,7 @@ After you modify your deployable architecture in projects, you can share it with You can use the code of this sample automation as a guide to customize the sample app to meet your requirements. The code is available at [https://github.com/terraform-ibm-modules/terraform-ibm-rag-sample-da](https://github.com/terraform-ibm-modules/terraform-ibm-rag-sample-da). -To use your own app, remove the `Workload - Sample RAG App Configuration` member configuration from the stack. This member configuration is specific to the default sample app. +To use your own app, remove the `Workload - Sample RAG Application` member configuration from the stack. This member configuration is specific to the default sample app. ## Undeploying the stack and infrastructure @@ -264,7 +234,7 @@ To use your own app, remove the `Workload - Sample RAG App Configuration` member - Code Engine Project - Delete the code engine project created for the sample application. - Container Registry Namespace - - Delete the container registry namespace created by the CI tookchain. + - Delete the container registry namespace created by the CI toolchain. 1. Delete the project. diff --git a/common-dev-assets b/common-dev-assets index 95eee196..ae23e021 160000 --- a/common-dev-assets +++ b/common-dev-assets @@ -1 +1 @@ -Subproject commit 95eee1969a5ad814bfa2e5a07b03c8ee6b589271 +Subproject commit ae23e021950779a9c0612e71ce51d074f14b7543 diff --git a/ibm_catalog.json b/ibm_catalog.json index 5a8b416b..d98f06d8 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -1,7 +1,7 @@ { "products": [ { - "label": "Retrieval Augmented Generation (RAG) Pattern", + "label": "Cloud-native AI", "name": "Retrieval_Augmented_Generation_Pattern", "product_kind": "solution", "tags": [ @@ -12,6 +12,7 @@ "ibm_created" ], "keywords": [ + "cloud-native", "rag", "watson", "ai", @@ -32,8 +33,8 @@ "config aggregator", "app config" ], - "short_description": "Automate RAG deployment with supporting IBM Cloud and watsonx services, embed your enterprise data in generative AI solutions.", - "long_description": "Utilize data from your enterprise to achieve productivity gains in activities related to question/answer conversations, content search, summarization and generation. RAG can be deployed in multiple configurations and is applicable to various industry use cases and solutions.\n\nThis deployable architecture provides a comprehensive foundation for trust, observability, security, and regulatory compliance by configuring and deploying various services and a sample application for a [RAG pattern](https://cloud.ibm.com/docs/pattern-genai-rag?topic=pattern-genai-rag-genai-pattern), including:\n- Configuring IBM Cloud Account with best practices from [IBM Cloud Framework for Financial Services](https://cloud.ibm.com/docs/framework-financial-services?topic=framework-financial-services-about)\n- Deploying key and secrets management services for storage and management of encryption keys and secrets\n- Deploying controls for continuous compliance\n- Deploying observability services for application and platform logging and monitoring\n- Deploying a suite of watsonx services to provide generative AI RAG capabilities\n- Deploying content databases for storing vector embeddings of the documents and content search/retrieval\n- Deploying a sample application in a variety of run times including CI/CD/CC pipelines for secure application lifecycle management\n\nThe above configured and deployed services enable a secure and trustworthy deployment of generative AI applications on IBM Cloud.\n\nThe configurations are flexible and be changed to meet the needs for several types of RAG patterns depending on the chosen combination of technologies and services.\n\nThe generative AI RAG pattern services include:\n- [watsonx.ai](https://dataplatform.cloud.ibm.com/docs/content/wsj/getting-started/welcome-main.html?context=wx)\n- [watsonx.data](https://cloud.ibm.com/docs/watsonxdata) (with Milvus)\n- [watsonx.governance](https://dataplatform.cloud.ibm.com/docs/content/svc-welcome/aiopenscale.html?context=wx)\n- [watsonx Assistant](https://cloud.ibm.com/docs/watson-assistant?topic=watson-assistant-welcome-new-assistant)\n- [watsonx Orchestrate](https://www.ibm.com/docs/en/watsonx/watson-orchestrate/current)\n- [Watson Discovery](https://cloud.ibm.com/docs/discovery-data)\n- [Elasticsearch](https://cloud.ibm.com/docs/databases-for-elasticsearch) Enterprise and Platinum edition\n\nThe supporting services include:\n- [Secrets Manager](https://cloud.ibm.com/docs/secrets-manager)\n- [Key Protect](https://cloud.ibm.com/docs/key-protect)\n- [Security and Compliance Center](https://cloud.ibm.com/docs/security-compliance)\n- [Event Notifications](https://cloud.ibm.com/docs/event-notifications?topic=event-notifications-getting-started)\n- [Logs](https://cloud.ibm.com/docs/cloud-logs)\n- [Monitoring](https://cloud.ibm.com/docs/monitoring?topic=monitoring-getting-started)\n- [Object Storage](https://cloud.ibm.com/docs/cloud-object-storage?topic=cloud-object-storage-getting-started-cloud-object-storage)\n- [Continuous Delivery](https://cloud.ibm.com/docs/ContinuousDelivery) toolchains\n- [Container Registry](https://cloud.ibm.com/docs/Registry)\n\nA [sample RAG application](https://github.com/IBM/gen-ai-rag-watsonx-sample-application) is deployed to [Code Engine](https://cloud.ibm.com/docs/codeengine) or [Red Hat OpenShift](https://cloud.ibm.com/docs/openshift) cluster.\n\nBy leveraging this architecture, you can accelerate your deployment and tailor it to meet your unique business needs and enterprise goals.", + "short_description": "Automate a cloud-native AI deployment with supporting IBM Cloud and watsonx services, embed your enterprise data in generative AI solutions.", + "long_description": "Utilize data from your enterprise to achieve productivity gains in activities related to question/answer conversations, content search, summarization and generation. Cloud-native AI can be deployed in multiple configurations and is applicable to various industry use cases and solutions.\n\nThis deployable architecture provides a comprehensive foundation for trust, observability, security, and regulatory compliance by configuring and deploying various services and a sample application for a [RAG pattern](https://cloud.ibm.com/docs/pattern-genai-rag?topic=pattern-genai-rag-genai-pattern), including:\n- Configuring IBM Cloud Account with best practices from [IBM Cloud Framework for Financial Services](https://cloud.ibm.com/docs/framework-financial-services?topic=framework-financial-services-about)\n- Deploying key and secrets management services for storage and management of encryption keys and secrets\n- Deploying controls for continuous compliance\n- Deploying observability services for application and platform logging and monitoring\n- Deploying a suite of watsonx services to provide generative AI RAG capabilities\n- Deploying content databases for storing vector embeddings of the documents and content search/retrieval\n- Deploying a sample application in a variety of run times including CI/CD/CC pipelines for secure application lifecycle management\n\nThe above configured and deployed services enable a secure and trustworthy deployment of generative AI applications on IBM Cloud.\n\nThe configurations are flexible and be changed to meet the needs for several types of RAG patterns depending on the chosen combination of technologies and services.\n\nThe generative AI RAG pattern services include:\n- [watsonx.ai](https://dataplatform.cloud.ibm.com/docs/content/wsj/getting-started/welcome-main.html?context=wx)\n- [watsonx.data](https://cloud.ibm.com/docs/watsonxdata) (with Milvus)\n- [watsonx.governance](https://dataplatform.cloud.ibm.com/docs/content/svc-welcome/aiopenscale.html?context=wx)\n- [watsonx Assistant](https://cloud.ibm.com/docs/watson-assistant?topic=watson-assistant-welcome-new-assistant)\n- [watsonx Orchestrate](https://www.ibm.com/docs/en/watsonx/watson-orchestrate/current)\n- [Watson Discovery](https://cloud.ibm.com/docs/discovery-data)\n- [Elasticsearch](https://cloud.ibm.com/docs/databases-for-elasticsearch) Enterprise and Platinum edition\n\nThe supporting services include:\n- [Secrets Manager](https://cloud.ibm.com/docs/secrets-manager)\n- [Key Protect](https://cloud.ibm.com/docs/key-protect)\n- [Security and Compliance Center](https://cloud.ibm.com/docs/security-compliance)\n- [Event Notifications](https://cloud.ibm.com/docs/event-notifications?topic=event-notifications-getting-started)\n- [Logs](https://cloud.ibm.com/docs/cloud-logs)\n- [Monitoring](https://cloud.ibm.com/docs/monitoring?topic=monitoring-getting-started)\n- [Object Storage](https://cloud.ibm.com/docs/cloud-object-storage?topic=cloud-object-storage-getting-started-cloud-object-storage)\n- [Continuous Delivery](https://cloud.ibm.com/docs/ContinuousDelivery) toolchains\n- [Container Registry](https://cloud.ibm.com/docs/Registry)\n\nA [sample RAG application](https://github.com/IBM/gen-ai-rag-watsonx-sample-application) is deployed to [Code Engine](https://cloud.ibm.com/docs/codeengine) or [Red Hat OpenShift](https://cloud.ibm.com/docs/openshift) cluster.\n\nBy leveraging this architecture, you can accelerate your deployment and tailor it to meet your unique business needs and enterprise goals.", "offering_docs_url": "https://github.com/terraform-ibm-modules/stack-retrieval-augmented-generation/blob/main/README.md", "offering_icon_url": "https://globalcatalog.cloud.ibm.com/api/v1/1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc/artifacts/solution.svg", "provider_name": "IBM", @@ -63,7 +64,7 @@ "flavors": [ { "label": "Basic with sample application (Deploy on Code Engine)", - "name": "basic-fully-config", + "name": "basic", "index": 1, "working_directory": "solutions/basic", "compliance": { @@ -212,19 +213,19 @@ "diagrams": [ { "diagram": { - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-pattern.svg", + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architectures/rag-pattern.svg", "caption": "Reference architecture", "type": "image/svg+xml", - "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-pattern.svg" + "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architectures/rag-pattern.svg" }, "description": "Reference architecture" }, { "diagram": { - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-stack.svg", + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architectures/rag-stack.svg", "caption": "Solution components", "type": "image/svg+xml", - "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-stack.svg" + "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architectures/rag-stack.svg" }, "description": "Solution components" } @@ -234,9 +235,19 @@ { "key": "prefix", "type": "string", - "default_value": "__NOT_SET__", - "description": "A prefix added to the name of all resources created by this solution. Used to avoid name clashes in the target account when deploying this solution multiple times.", - "required": true + "default_value": "dev", + "random_string" : { + "length": 4 + }, + "description": "The prefix to add to all resources that this solution creates (e.g `prod`, `test`, `dev`). Used to avoid name clashes in the target account when deploying this solution multiple times.", + "required": true, + "value_constraints": [ + { + "type": "regex", + "description": "Prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It must not end with a hyphen('-'), and cannot contain consecutive hyphens ('--'). It should not exceed 16 characters", + "value": "^$|^__NULL__$|^[a-z](?!.*--)(?:[a-z0-9-]{0,14}[a-z0-9])?$" + } + ] }, { "key": "ibmcloud_api_key", @@ -264,12 +275,28 @@ "required": false, "options": [ { - "displayname": "us-south", + "displayname": "Dallas (us-south)", "value": "us-south" }, { - "displayname": "eu-de", + "displayname": "Frankfurt (eu-de)", "value": "eu-de" + }, + { + "displayname": "London (eu-gb)", + "value": "eu-gb" + }, + { + "displayname": "Sydney (au-syd)", + "value": "au-syd" + }, + { + "displayname": "Tokyo (jp-tok)", + "value": "jp-tok" + }, + { + "displayname": "Toronto (ca-tor)", + "value": "ca-tor" } ] }, @@ -277,14 +304,14 @@ "key": "resource_group_name", "type": "string", "default_value": "rag-services", - "description": "The name of the resource group that is created by this solution. The actual name is prefixed with the value of the input 'prefix'. All resources created by this solution are deployed in this resource group.", + "description": "The name of the resource group that is created by this solution. The actual name is prefixed with the value of the input 'prefix'. All resources created by this solution are deployed in this resource group.", "required": false }, { "key": "existing_resource_group_name", "type": "string", "default_value": "__NULL__", - "description": "The name of an existing resource group that is used by this solution, takes precedence over resource_group_name. Prefix is NOT used for existing resource group. All resources created by this solution are deployed in this resource group.", + "description": "The name of an existing resource group that is used by this solution, takes precedence over `resource_group_name`. Prefix is NOT used for existing resource group. All resources created by this solution are deployed in this resource group.", "required": false, "custom_config": { "type": "resource_group", @@ -335,17 +362,6 @@ } ] }, - { - "key": "secrets_manager_secret_groups", - "type": "array", - "default_value": "[\n {\n secret_group_name = \"General\"\n secret_group_description = \"A general purpose secrets group with an associated access group which has a secrets reader role\"\n create_access_group = true\n access_group_name = \"general-secrets-group-access-group\"\n access_group_roles = [\"SecretsReader\"]\n }\n ]", - "description": "Secret Manager secret group and access group configurations. If a prefix input variable is specified, it is added to the `access_group_name` value in the `-value` format. If you do not wish to create any groups, set the value to `[]`. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-secrets-manager/tree/main/solutions/fully-configurable/provisioning_secrets_groups.md).", - "custom_config": { - "type": "code_editor", - "grouping": "deployment", - "original_grouping": "deployment" - } - }, { "key": "cloud_monitoring_plan", "type": "string", @@ -364,11 +380,33 @@ ] }, { - "key": "existing_secrets_manager_crn", + "key": "scc_workload_protection_service_plan", "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing secret manager instance to use in this solution. If not set, a new secret manager instance is provisioned.", - "required": false + "default_value": "graduated-tier", + "description": "The pricing plan to use for the IBM Cloud Security and Compliance Center Workload Protection instance.", + "required": false, + "options": [ + { + "displayname": "Graduated Tier", + "value": "graduated-tier" + }, + { + "displayname": "Free Trial", + "value": "free-trial" + } + ] + }, + { + "key": "secrets_manager_secret_groups", + "type": "array", + "default_value": "[\n {\n secret_group_name = \"General\"\n secret_group_description = \"A general purpose secrets group with an associated access group which has a secrets reader role\"\n create_access_group = true\n access_group_name = \"general-secrets-group-access-group\"\n access_group_roles = [\"SecretsReader\"]\n }\n ]", + "description": "Secret Manager secret group and access group configurations. If a prefix input variable is specified, it is added to the `access_group_name` value in the `-value` format. If you do not wish to create any groups, set the value to `[]`. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-secrets-manager/tree/main/solutions/fully-configurable/provisioning_secrets_groups.md).", + "required": false, + "custom_config": { + "type": "code_editor", + "grouping": "deployment", + "original_grouping": "deployment" + } }, { "key": "skip_secrets_manager_iam_auth_policy", @@ -399,44 +437,6 @@ "description": "List of emails to configure event notifications.", "required": false }, - { - "key": "app_config_service_plan", - "type": "string", - "default_value": "enterprise", - "description": "The pricing plan to use for the IBM Cloud App Configuration instance.", - "required": false, - "options": [ - { - "displayname": "Basic", - "value": "basic" - }, - { - "displayname": "Standard", - "value": "standardv2" - }, - { - "displayname": "Enterprise", - "value": "enterprise" - } - ] - }, - { - "key": "scc_workload_protection_service_plan", - "type": "string", - "default_value": "graduated-tier", - "description": "The pricing plan to use for the IBM Cloud Security and Compliance Center Workload Protection instance.", - "required": false, - "options": [ - { - "displayname": "Graduated Tier", - "value": "graduated-tier" - }, - { - "displayname": "Free Trial", - "value": "free-trial" - } - ] - }, { "key": "enterprise_id", "type": "string", @@ -466,7 +466,14 @@ "key": "sample_app_git_url", "type": "string", "default_value": "https://github.com/IBM/gen-ai-rag-watsonx-sample-application", - "description": "The URL to the public git repository containing the sample rag application code.", + "description": "The URL to the public git repository containing the sample RAG application code.", + "required": false + }, + { + "key": "existing_secrets_manager_crn", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing secret manager instance to use in this solution. If not set, a new secret manager instance is provisioned.", "required": false }, { @@ -527,6 +534,18 @@ } ], "outputs": [ + { + "name": "cos_instance_crn", + "description": "Cloud Object Storage instance CRN" + }, + { + "name": "cos_instance_guid", + "description": "Cloud Object Storage instance GUID" + }, + { + "name": "cos_instance_name", + "description": "Cloud Object Storage instance name" + }, { "key": "elasticsearch_hostname", "description": "The hostname of the Elasticsearch instance." @@ -564,7 +583,7 @@ }, { "label": "Standard with sample application (Deploy on Red Hat OpenShift)", - "name": "standard-fully-config", + "name": "standard", "index": 2, "working_directory": "solutions/standard", "compliance": { @@ -727,19 +746,19 @@ "diagrams": [ { "diagram": { - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-pattern.svg", + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architectures/rag-pattern.svg", "caption": "Reference architecture", "type": "image/svg+xml", - "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-pattern.svg" + "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architectures/rag-pattern.svg" }, "description": "Reference architecture" }, { "diagram": { - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-stack.svg", + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architectures/rag-stack.svg", "caption": "Solution components", "type": "image/svg+xml", - "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architecture/rag-stack.svg" + "thumbnail_url": "https://raw.githubusercontent.com/terraform-ibm-modules/stack-retrieval-augmented-generation/main/reference-architectures/rag-stack.svg" }, "description": "Solution components" } @@ -749,9 +768,19 @@ { "key": "prefix", "type": "string", - "default_value": "__NOT_SET__", - "description": "A prefix added to the name of all resources created by this solution. Must start with a letter, contain only lowercase letters, numbers, or dashes, and be 13 characters or less. Used to avoid name clashes in the target account when deploying this solution multiple times.", - "required": true + "default_value": "rag", + "random_string" : { + "length": 3 + }, + "description": "The prefix to add to all resources that this solution creates (e.g `prod`, `test`, `dev`). Used to avoid name clashes in the target account when deploying this solution multiple times.", + "required": true, + "value_constraints": [ + { + "type": "regex", + "description": "Prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It must not end with a hyphen('-'), and cannot contain consecutive hyphens ('--'). It should not exceed 16 characters", + "value": "^$|^__NULL__$|^[a-z](?!.*--)(?:[a-z0-9-]{0,14}[a-z0-9])?$" + } + ] }, { "key": "ibmcloud_api_key", @@ -779,12 +808,28 @@ "required": false, "options": [ { - "displayname": "us-south", + "displayname": "Dallas (us-south)", "value": "us-south" }, { - "displayname": "eu-de", + "displayname": "Frankfurt (eu-de)", "value": "eu-de" + }, + { + "displayname": "London (eu-gb)", + "value": "eu-gb" + }, + { + "displayname": "Sydney (au-syd)", + "value": "au-syd" + }, + { + "displayname": "Tokyo (jp-tok)", + "value": "jp-tok" + }, + { + "displayname": "Toronto (ca-tor)", + "value": "ca-tor" } ] }, @@ -833,17 +878,6 @@ } ] }, - { - "key": "secrets_manager_secret_groups", - "type": "array", - "default_value": "[\n {\n secret_group_name = \"General\"\n secret_group_description = \"A general purpose secrets group with an associated access group which has a secrets reader role\"\n create_access_group = true\n access_group_name = \"general-secrets-group-access-group\"\n access_group_roles = [\"SecretsReader\"]\n }\n ]", - "description": "Secret Manager secret group and access group configurations. If a prefix input variable is specified, it is added to the `access_group_name` value in the `-value` format. If you do not wish to create any groups, set the value to `[]`. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-secrets-manager/tree/main/solutions/fully-configurable/provisioning_secrets_groups.md).", - "custom_config": { - "type": "code_editor", - "grouping": "deployment", - "original_grouping": "deployment" - } - }, { "key": "key_protect_plan", "type": "string", @@ -879,11 +913,33 @@ ] }, { - "key": "existing_secrets_manager_crn", + "key": "scc_workload_protection_service_plan", "type": "string", - "default_value": "__NULL__", - "description": "The CRN of an existing secret manager instance to use in this solution. If not set, a new secret manager instance is provisioned.", - "required": false + "default_value": "graduated-tier", + "description": "The pricing plan to use for the IBM Cloud Security and Compliance Center Workload Protection instance.", + "required": false, + "options": [ + { + "displayname": "Graduated Tier", + "value": "graduated-tier" + }, + { + "displayname": "Free Trial", + "value": "free-trial" + } + ] + }, + { + "key": "secrets_manager_secret_groups", + "type": "array", + "default_value": "[\n {\n secret_group_name = \"General\"\n secret_group_description = \"A general purpose secrets group with an associated access group which has a secrets reader role\"\n create_access_group = true\n access_group_name = \"general-secrets-group-access-group\"\n access_group_roles = [\"SecretsReader\"]\n }\n ]", + "description": "Secret Manager secret group and access group configurations. If a prefix input variable is specified, it is added to the `access_group_name` value in the `-value` format. If you do not wish to create any groups, set the value to `[]`. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-secrets-manager/tree/main/solutions/fully-configurable/provisioning_secrets_groups.md).", + "required": false, + "custom_config": { + "type": "code_editor", + "grouping": "deployment", + "original_grouping": "deployment" + } }, { "key": "skip_secrets_manager_iam_auth_policy", @@ -914,44 +970,6 @@ "description": "List of emails to configure event notifications.", "required": false }, - { - "key": "app_config_service_plan", - "type": "string", - "default_value": "enterprise", - "description": "The pricing plan to use for the IBM Cloud App Configuration instance.", - "required": false, - "options": [ - { - "displayname": "Basic", - "value": "basic" - }, - { - "displayname": "Standard", - "value": "standardv2" - }, - { - "displayname": "Enterprise", - "value": "enterprise" - } - ] - }, - { - "key": "scc_workload_protection_service_plan", - "type": "string", - "default_value": "graduated-tier", - "description": "The pricing plan to use for the IBM Cloud Security and Compliance Center Workload Protection instance.", - "required": false, - "options": [ - { - "displayname": "Graduated Tier", - "value": "graduated-tier" - }, - { - "displayname": "Free Trial", - "value": "free-trial" - } - ] - }, { "key": "enterprise_id", "type": "string", @@ -977,44 +995,6 @@ "description": "A list of enterprise account IDs to assign the trusted profile template to in order for the accounts to be scanned. Supports passing the string 'all' in the list to assign to all accounts. Only applies if a value is being passed for `enterprise_id`.", "required": false }, - { - "key": "app_config_service_plan", - "type": "string", - "default_value": "enterprise", - "description": "The pricing plan to use for the IBM Cloud App Configuration instance.", - "required": false, - "options": [ - { - "displayname": "Basic", - "value": "basic" - }, - { - "displayname": "Standard", - "value": "standardv2" - }, - { - "displayname": "Enterprise", - "value": "enterprise" - } - ] - }, - { - "key": "scc_workload_protection_service_plan", - "type": "string", - "default_value": "graduated-tier", - "description": "The pricing plan to use for the IBM Cloud Security and Compliance Center Workload Protection instance.", - "required": false, - "options": [ - { - "displayname": "Graduated Tier", - "value": "graduated-tier" - }, - { - "displayname": "Free Trial", - "value": "free-trial" - } - ] - }, { "key": "enterprise_id", "type": "string", @@ -1044,7 +1024,14 @@ "key": "sample_app_git_url", "type": "string", "default_value": "https://github.com/IBM/gen-ai-rag-watsonx-sample-application", - "description": "The URL to the public git repository containing the sample rag application code.", + "description": "The URL to the public git repository containing the sample RAG application code.", + "required": false + }, + { + "key": "existing_secrets_manager_crn", + "type": "string", + "default_value": "__NULL__", + "description": "The CRN of an existing secret manager instance to use in this solution. If not set, a new secret manager instance is provisioned.", "required": false }, { @@ -1105,6 +1092,18 @@ } ], "outputs": [ + { + "name": "cos_instance_crn", + "description": "Cloud Object Storage instance CRN" + }, + { + "name": "cos_instance_guid", + "description": "Cloud Object Storage instance GUID" + }, + { + "name": "cos_instance_name", + "description": "Cloud Object Storage instance name" + }, { "key": "elasticsearch_hostname", "description": "The hostname of the Elasticsearch instance." diff --git a/reference-architecture/rag-pattern.svg b/reference-architectures/rag-pattern.svg similarity index 100% rename from reference-architecture/rag-pattern.svg rename to reference-architectures/rag-pattern.svg diff --git a/reference-architecture/rag-stack.svg b/reference-architectures/rag-stack.svg similarity index 100% rename from reference-architecture/rag-stack.svg rename to reference-architectures/rag-stack.svg diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index d9fa1d74..249ee012 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -112,13 +112,6 @@ "type": "array", "hidden": false }, - { - "name": "app_config_service_plan", - "required": false, - "type": "string", - "hidden": false, - "custom_config": {} - }, { "name": "scc_workload_protection_service_plan", "required": false, @@ -187,7 +180,7 @@ "members": [ { "name": "1 - Account Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.be71d2f4-262c-4186-9b07-30dc1b1517bb-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.63df805b-f866-4a3e-a168-faa43d4c8a2b-global", "inputs": [ { "name": "prefix", @@ -233,7 +226,7 @@ }, { "name": "2a - Essential Security - Encryption Key Management", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.09dab2dd-6383-4257-8cc4-ba5bf567cd5e-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.23e68097-1552-41e2-a8e3-a493e1427ebb-global", "inputs": [ { "name": "existing_resource_group_name", @@ -259,7 +252,7 @@ }, { "name": "2b - Essential Security - Cloud Object Storage", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.410e4ac2-fe70-4813-ac27-4f5c460cbb55-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.6722b081-5cec-4234-82bf-fc1d036ef51e-global", "inputs": [ { "name": "prefix", @@ -273,7 +266,7 @@ }, { "name": "2c - Essential Security - Cloud Monitoring", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.8028a206-0824-4ad6-af24-b9fb70cce2ac-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.5a46e96b-8776-4e9a-9290-21c4217069e1-global", "inputs": [ { "name": "region", @@ -298,8 +291,8 @@ ] }, { - "name": "2d - Workload - Code Engine Projects for CI", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b51abcc2-7d00-46b6-adc7-2db2756069eb-global", + "name": "2d - Workload - Code Engine Project for CI", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.333c5bb1-dac1-4767-91fd-5da513c5b9f1-global", "inputs": [ { "name": "existing_resource_group_name", @@ -320,8 +313,8 @@ ] }, { - "name": "2e - Workload - Code Engine Projects for CD", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b51abcc2-7d00-46b6-adc7-2db2756069eb-global", + "name": "2e - Workload - Code Engine Project for CD", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.333c5bb1-dac1-4767-91fd-5da513c5b9f1-global", "inputs": [ { "name": "existing_resource_group_name", @@ -343,7 +336,7 @@ }, { "name": "3a - Essential Security - Event Notifications", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.dcb7092c-99fd-425c-af23-0d03a85fa7d7-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.86dd9347-d1b4-4dc3-b520-f747557c9a42-global", "inputs": [ { "name": "existing_cos_instance_crn", @@ -455,6 +448,10 @@ "name": "existing_governance_instance", "value": "ref:../../inputs/existing_governance_instance_crn" }, + { + "name": "existing_cos_instance_crn", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" + }, { "name": "cos_kms_crn", "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" @@ -467,7 +464,7 @@ }, { "name": "4a - Essential Security - Cloud Logs for logging", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.ee855d83-2f87-4d0e-bc0d-66c11ba66902-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.05329b70-0b0b-4c7c-9b16-c7024a525465-global", "inputs": [ { "name": "region", @@ -513,7 +510,7 @@ }, { "name": "4b - Essential Security - App Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.430291dd-8a78-46c2-8d02-e951da977582-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.01bb35a3-8a27-4e08-a938-1f0f50b972a3-global", "inputs": [ { "name": "existing_resource_group_name", @@ -529,7 +526,7 @@ }, { "name": "app_config_service_plan", - "value": "ref:../../inputs/app_config_service_plan" + "value": "enterprise" }, { "name": "enable_config_aggregator", @@ -579,7 +576,7 @@ }, { "name": "4c - Essential Security - Secrets Manager", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.3d0da0a9-0327-44fc-8796-edf8e0017e25-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.09c13b73-1987-4c38-b54d-2c79712bfa76-global", "inputs": [ { "name": "prefix", @@ -625,7 +622,7 @@ }, { "name": "4d - Essential Security - Cloud Logs for activity tracking", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.ee855d83-2f87-4d0e-bc0d-66c11ba66902-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.05329b70-0b0b-4c7c-9b16-c7024a525465-global", "inputs": [ { "name": "region", @@ -683,7 +680,7 @@ }, { "name": "5a - Essential Security - Security and Compliance Center Workload Protection", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b2cd208d-f893-4e44-bc2e-b9997e3a8153-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.dcdef1bc-68b8-460e-93d4-a72aac3f317b-global", "inputs": [ { "name": "existing_resource_group_name", @@ -717,7 +714,7 @@ }, { "name": "5b - Gen AI - Databases for Elasticsearch", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.55d77b5b-6866-4f7c-b216-2bb86d74d5e5-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.5acd3054-0a4f-4242-9110-890dc65f0ae7-global", "inputs": [ { "name": "existing_resource_group_name", @@ -783,7 +780,7 @@ }, { "name": "5c - Workload - DevSecOps Application Lifecycle Management", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.9b435db4-ec9c-4d54-baab-210b9627b96c-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.844034e5-4ccc-4fb7-af46-e43c20d00a72-global", "inputs": [ { "name": "toolchain_name", @@ -811,7 +808,7 @@ }, { "name": "ci_code_engine_project", - "value": "ref:../2d - Workload - Code Engine Projects for CI/outputs/project_name" + "value": "ref:../2d - Workload - Code Engine Project for CI/outputs/project_name" }, { "name": "use_legacy_ref", @@ -819,7 +816,7 @@ }, { "name": "cd_code_engine_project", - "value": "ref:../2e - Workload - Code Engine Projects for CD/outputs/project_name" + "value": "ref:../2e - Workload - Code Engine Project for CD/outputs/project_name" }, { "name": "registry_namespace", @@ -877,7 +874,7 @@ }, { "name": "5d - Essential Security - Activity Tracker Event Routing", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.6cec6dd7-d4e4-4bec-8f94-da26611d42a5-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.3b795a48-00a9-4430-95ba-857a324329e2-global", "inputs": [ { "name": "region", @@ -914,8 +911,8 @@ ] }, { - "name": "6 - Workload - Sample RAG App", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.89b0a04d-4690-4df6-8a7f-e71945053e6b-global", + "name": "6 - Workload - Sample RAG Application", + "version_locator": "7df1e4ca-d54c-4fd0-82ce-3d13247308cd.cf9bdedf-48c7-440e-bf04-82ba6008b2b9", "inputs": [ { "name": "toolchain_region", @@ -997,6 +994,18 @@ } ], "outputs": [ + { + "name": "cos_instance_crn", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" + }, + { + "name": "cos_instance_guid", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_guid" + }, + { + "name": "cos_instance_name", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_name" + }, { "name": "elasticsearch_hostname", "value": "ref:./members/5b - Gen AI - Databases for Elasticsearch/outputs/hostname" @@ -1015,19 +1024,19 @@ }, { "name": "watsonx_project_url", - "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watsonx_project_url" + "value": "ref:./members/6 - Workload - Sample RAG Application/outputs/watsonx_project_url" }, { "name": "watsonx_project_id", - "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watsonx_project_id" + "value": "ref:./members/6 - Workload - Sample RAG Application/outputs/watsonx_project_id" }, { "name": "watson_discovery_api_url", - "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watson_discovery_api_url" + "value": "ref:./members/6 - Workload - Sample RAG Application/outputs/watson_discovery_api_url" }, { "name": "watson_discovery_project_id", - "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watson_discovery_project_id" + "value": "ref:./members/6 - Workload - Sample RAG Application/outputs/watson_discovery_project_id" }, { "name": "kms_instance_crn", diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index 1a9ccce1..0cd4ab0e 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -112,14 +112,6 @@ "type": "array", "hidden": false }, - { - "name": "app_config_service_plan", - "required": false, - "type": "string", - "hidden": false, - "custom_config": {} - }, - { "name": "scc_workload_protection_service_plan", "required": false, @@ -188,7 +180,7 @@ "members": [ { "name": "1 - Account Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.be71d2f4-262c-4186-9b07-30dc1b1517bb-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.63df805b-f866-4a3e-a168-faa43d4c8a2b-global", "inputs": [ { "name": "prefix", @@ -234,7 +226,7 @@ }, { "name": "2a - Essential Security - Encryption Key Management", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.09dab2dd-6383-4257-8cc4-ba5bf567cd5e-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.23e68097-1552-41e2-a8e3-a493e1427ebb-global", "inputs": [ { "name": "existing_resource_group_name", @@ -260,7 +252,7 @@ }, { "name": "2b - Essential Security - Cloud Object Storage", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.410e4ac2-fe70-4813-ac27-4f5c460cbb55-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.6722b081-5cec-4234-82bf-fc1d036ef51e-global", "inputs": [ { "name": "prefix", @@ -269,16 +261,12 @@ { "name": "existing_resource_group_name", "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" - }, - { - "name": "instance_name", - "value": "essential-cos" } ] }, { "name": "2c - Essential Security - Cloud Monitoring", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.8028a206-0824-4ad6-af24-b9fb70cce2ac-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.5a46e96b-8776-4e9a-9290-21c4217069e1-global", "inputs": [ { "name": "region", @@ -304,11 +292,11 @@ }, { "name": "3a - Essential Security - Event Notifications", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.dcb7092c-99fd-425c-af23-0d03a85fa7d7-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.86dd9347-d1b4-4dc3-b520-f747557c9a42-global", "inputs": [ { "name": "existing_cos_instance_crn", - "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_id" + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" }, { "name": "enable_collecting_failed_events", @@ -416,6 +404,10 @@ "name": "existing_governance_instance", "value": "ref:../../inputs/existing_governance_instance_crn" }, + { + "name": "existing_cos_instance_crn", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" + }, { "name": "cos_kms_crn", "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" @@ -428,7 +420,7 @@ }, { "name": "3c - Workload - Compute Red Hat OpenShift Container Platform on VPC", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.d165c908-e8e5-470e-b5d4-0c284ec4cf43-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.cb341280-efa5-4bdf-8976-cea6ea62c3a4-global", "inputs": [ { "name": "prefix", @@ -499,7 +491,7 @@ }, { "name": "4a - Essential Security - Cloud Logs for logging", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.ee855d83-2f87-4d0e-bc0d-66c11ba66902-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.05329b70-0b0b-4c7c-9b16-c7024a525465-global", "inputs": [ { "name": "region", @@ -545,7 +537,7 @@ }, { "name": "4b - Essential Security - App Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.430291dd-8a78-46c2-8d02-e951da977582-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.01bb35a3-8a27-4e08-a938-1f0f50b972a3-global", "inputs": [ { "name": "existing_resource_group_name", @@ -561,7 +553,7 @@ }, { "name": "app_config_service_plan", - "value": "ref:../../inputs/app_config_service_plan" + "value": "enterprise" }, { "name": "enable_config_aggregator", @@ -611,7 +603,7 @@ }, { "name": "4c - Essential Security - Secrets Manager", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.3d0da0a9-0327-44fc-8796-edf8e0017e25-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.09c13b73-1987-4c38-b54d-2c79712bfa76-global", "inputs": [ { "name": "prefix", @@ -657,7 +649,7 @@ }, { "name": "4d - Essential Security - Cloud Logs for activity tracking", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.ee855d83-2f87-4d0e-bc0d-66c11ba66902-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.05329b70-0b0b-4c7c-9b16-c7024a525465-global", "inputs": [ { "name": "region", @@ -715,7 +707,7 @@ }, { "name": "5a - Essential Security - Security and Compliance Center Workload Protection", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b2cd208d-f893-4e44-bc2e-b9997e3a8153-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.dcdef1bc-68b8-460e-93d4-a72aac3f317b-global", "inputs": [ { "name": "existing_resource_group_name", @@ -749,7 +741,7 @@ }, { "name": "5b - Gen AI - Databases for Elasticsearch", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.55d77b5b-6866-4f7c-b216-2bb86d74d5e5-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.5acd3054-0a4f-4242-9110-890dc65f0ae7-global", "inputs": [ { "name": "existing_resource_group_name", @@ -815,7 +807,7 @@ }, { "name": "5c - Workload - DevSecOps Application Lifecycle Management", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.40c697e5-a339-4bf2-90ed-c598f103c16b-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.64e4c450-7e38-427e-856b-7d158f146c8d-global", "inputs": [ { "name": "toolchain_name", @@ -905,7 +897,7 @@ }, { "name": "5d - Essential Security - Activity Tracker Event Routing", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.6cec6dd7-d4e4-4bec-8f94-da26611d42a5-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.3b795a48-00a9-4430-95ba-857a324329e2-global", "inputs": [ { "name": "region", @@ -942,8 +934,8 @@ ] }, { - "name": "6 - Workload - Sample RAG App", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.89b0a04d-4690-4df6-8a7f-e71945053e6b-global", + "name": "6 - Workload - Sample RAG Application", + "version_locator": "7df1e4ca-d54c-4fd0-82ce-3d13247308cd.cf9bdedf-48c7-440e-bf04-82ba6008b2b9", "inputs": [ { "name": "toolchain_region", @@ -1025,6 +1017,18 @@ } ], "outputs": [ + { + "name": "cos_instance_crn", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" + }, + { + "name": "cos_instance_guid", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_guid" + }, + { + "name": "cos_instance_name", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_name" + }, { "name": "elasticsearch_hostname", "value": "ref:./members/5b - Gen AI - Databases for Elasticsearch/outputs/hostname" @@ -1043,19 +1047,19 @@ }, { "name": "watsonx_project_url", - "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watsonx_project_url" + "value": "ref:./members/6 - Workload - Sample RAG Application/outputs/watsonx_project_url" }, { "name": "watsonx_project_id", - "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watsonx_project_id" + "value": "ref:./members/6 - Workload - Sample RAG Application/outputs/watsonx_project_id" }, { "name": "watson_discovery_api_url", - "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watson_discovery_api_url" + "value": "ref:./members/6 - Workload - Sample RAG Application/outputs/watson_discovery_api_url" }, { "name": "watson_discovery_project_id", - "value": "ref:./members/6 - Workload - Sample RAG App/outputs/watson_discovery_project_id" + "value": "ref:./members/6 - Workload - Sample RAG Application/outputs/watson_discovery_project_id" }, { "name": "kms_instance_crn", diff --git a/tests/go.mod b/tests/go.mod index 657b4356..b77381f5 100644 --- a/tests/go.mod +++ b/tests/go.mod @@ -5,21 +5,21 @@ go 1.24.0 toolchain go1.25.1 require ( - github.com/gruntwork-io/terratest v0.50.0 + github.com/gruntwork-io/terratest v0.51.0 github.com/stretchr/testify v1.11.1 - github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.10 + github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.17 ) require ( dario.cat/mergo v1.0.0 // indirect github.com/IBM-Cloud/bluemix-go v0.0.0-20240719075425-078fcb3a55be // indirect - github.com/IBM-Cloud/power-go-client v1.12.0 // indirect - github.com/IBM/cloud-databases-go-sdk v0.8.0 // indirect + github.com/IBM-Cloud/power-go-client v1.13.0 // indirect + github.com/IBM/cloud-databases-go-sdk v0.8.1 // indirect github.com/IBM/go-sdk-core/v5 v5.21.0 // indirect - github.com/IBM/platform-services-go-sdk v0.86.1 // indirect - github.com/IBM/project-go-sdk v0.3.6 // indirect + github.com/IBM/platform-services-go-sdk v0.89.0 // indirect + github.com/IBM/project-go-sdk v0.3.9 // indirect github.com/IBM/schematics-go-sdk v0.4.0 // indirect - github.com/IBM/vpc-go-sdk v0.71.1 // indirect + github.com/IBM/vpc-go-sdk v1.0.2 // indirect github.com/Microsoft/go-winio v0.6.2 // indirect github.com/ProtonMail/go-crypto v1.1.6 // indirect github.com/agext/levenshtein v1.2.3 // indirect @@ -34,22 +34,23 @@ require ( github.com/ghodss/yaml v1.0.0 // indirect github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect github.com/go-git/go-billy/v5 v5.6.2 // indirect - github.com/go-git/go-git/v5 v5.16.2 // indirect + github.com/go-git/go-git/v5 v5.16.3 // indirect github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/analysis v0.23.0 // indirect - github.com/go-openapi/errors v0.22.2 // indirect + github.com/go-openapi/errors v0.22.3 // indirect github.com/go-openapi/jsonpointer v0.21.1 // indirect github.com/go-openapi/jsonreference v0.21.0 // indirect github.com/go-openapi/loads v0.22.0 // indirect github.com/go-openapi/runtime v0.28.0 // indirect github.com/go-openapi/spec v0.21.0 // indirect - github.com/go-openapi/strfmt v0.23.0 // indirect + github.com/go-openapi/strfmt v0.24.0 // indirect github.com/go-openapi/swag v0.23.1 // indirect github.com/go-openapi/validate v0.24.0 // indirect github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect github.com/go-playground/validator/v10 v10.26.0 // indirect + github.com/go-viper/mapstructure/v2 v2.4.0 // indirect github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect github.com/google/go-cmp v0.7.0 // indirect github.com/google/uuid v1.6.0 // indirect @@ -61,7 +62,7 @@ require ( github.com/hashicorp/go-safetemp v1.0.0 // indirect github.com/hashicorp/go-version v1.7.0 // indirect github.com/hashicorp/hcl/v2 v2.22.0 // indirect - github.com/hashicorp/terraform-json v0.26.0 // indirect + github.com/hashicorp/terraform-json v0.27.2 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect github.com/jinzhu/copier v0.4.0 // indirect github.com/josharian/intern v1.0.0 // indirect @@ -73,7 +74,6 @@ require ( github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect github.com/mitchellh/go-wordwrap v1.0.1 // indirect - github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/oklog/ulid v1.3.1 // indirect github.com/opentracing/opentracing-go v1.2.0 // indirect github.com/pjbgf/sha1cd v0.3.2 // indirect @@ -84,21 +84,22 @@ require ( github.com/tmccombs/hcl2json v0.6.4 // indirect github.com/ulikunitz/xz v0.5.11 // indirect github.com/xanzy/ssh-agent v0.3.3 // indirect - github.com/zclconf/go-cty v1.16.3 // indirect - go.mongodb.org/mongo-driver v1.17.3 // indirect + github.com/zclconf/go-cty v1.16.4 // indirect + go.mongodb.org/mongo-driver v1.17.4 // indirect go.opentelemetry.io/auto/sdk v1.1.0 // indirect go.opentelemetry.io/otel v1.35.0 // indirect go.opentelemetry.io/otel/metric v1.35.0 // indirect go.opentelemetry.io/otel/trace v1.35.0 // indirect - golang.org/x/crypto v0.41.0 // indirect - golang.org/x/mod v0.26.0 // indirect - golang.org/x/net v0.42.0 // indirect + go.yaml.in/yaml/v2 v2.4.2 // indirect + golang.org/x/crypto v0.43.0 // indirect + golang.org/x/mod v0.28.0 // indirect + golang.org/x/net v0.45.0 // indirect golang.org/x/sync v0.17.0 // indirect - golang.org/x/sys v0.35.0 // indirect - golang.org/x/text v0.28.0 // indirect - golang.org/x/tools v0.35.0 // indirect + golang.org/x/sys v0.37.0 // indirect + golang.org/x/text v0.30.0 // indirect + golang.org/x/tools v0.37.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - sigs.k8s.io/yaml v1.4.0 // indirect + sigs.k8s.io/yaml v1.6.0 // indirect ) diff --git a/tests/go.sum b/tests/go.sum index f987ca67..40652bf9 100644 --- a/tests/go.sum +++ b/tests/go.sum @@ -2,20 +2,21 @@ dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= github.com/IBM-Cloud/bluemix-go v0.0.0-20240719075425-078fcb3a55be h1:USOcBHkYQ4o/ccoEvoHinrba8NQthLJpFXnAoBY+MI4= github.com/IBM-Cloud/bluemix-go v0.0.0-20240719075425-078fcb3a55be/go.mod h1:/7hMjdZA6fEpd/dQAOEABxKEwN0t72P3PlpEDu0Y7bE= -github.com/IBM-Cloud/power-go-client v1.12.0 h1:tF9Mq5GLYHebpzQT6IYB89lIxEST1E9teuchjxSAaw0= -github.com/IBM-Cloud/power-go-client v1.12.0/go.mod h1:SpTK1ttW8bfMNUVQS8qOEuWn2KOkzaCLyzfze8MG1JE= -github.com/IBM/cloud-databases-go-sdk v0.8.0 h1:uMFqhnc/roVTzfCaUsJ23eaHKjChhGpM1F7Mpxik0bo= -github.com/IBM/cloud-databases-go-sdk v0.8.0/go.mod h1:JYucI1PdwqbAd8XGdDAchxzxRP7bxOh1zUnseovHKsc= +github.com/IBM-Cloud/power-go-client v1.13.0 h1:TqxPlkJe0VkNdV9hYOD5NRepxEFhhyKXWXfg22x2zhU= +github.com/IBM-Cloud/power-go-client v1.13.0/go.mod h1:SpTK1ttW8bfMNUVQS8qOEuWn2KOkzaCLyzfze8MG1JE= +github.com/IBM/cloud-databases-go-sdk v0.8.1 h1:ULQ5L8V/9z79/qS185LqbIK2LD4kMtk3Hdhp4lFMVcw= +github.com/IBM/cloud-databases-go-sdk v0.8.1/go.mod h1:JYucI1PdwqbAd8XGdDAchxzxRP7bxOh1zUnseovHKsc= +github.com/IBM/go-sdk-core/v5 v5.9.2/go.mod h1:YlOwV9LeuclmT/qi/LAK2AsobbAP42veV0j68/rlZsE= github.com/IBM/go-sdk-core/v5 v5.21.0 h1:DUnYhvC4SoC8T84rx5omnhY3+xcQg/Whyoa3mDPIMkk= github.com/IBM/go-sdk-core/v5 v5.21.0/go.mod h1:Q3BYO6iDA2zweQPDGbNTtqft5tDcEpm6RTuqMlPcvbw= -github.com/IBM/platform-services-go-sdk v0.86.1 h1:ngBpaXvUF3gmLvbU1Z4lX1wowOSYgGoKBEBaR/urt30= -github.com/IBM/platform-services-go-sdk v0.86.1/go.mod h1:aGD045m6I8pfcB77wft8w2cHqWOJjcM3YSSV55BX0Js= -github.com/IBM/project-go-sdk v0.3.6 h1:DRiANKnAePevFsIKSvR89SUaMa2xsd7YKK71Ka1eqKI= -github.com/IBM/project-go-sdk v0.3.6/go.mod h1:FOJM9ihQV3EEAY6YigcWiTNfVCThtdY8bLC/nhQHFvo= +github.com/IBM/platform-services-go-sdk v0.89.0 h1:fIvKR1bQchPoMUXQf69gaRKak/giVAkRDISiAX8TlE8= +github.com/IBM/platform-services-go-sdk v0.89.0/go.mod h1:aGD045m6I8pfcB77wft8w2cHqWOJjcM3YSSV55BX0Js= +github.com/IBM/project-go-sdk v0.3.9 h1:D/UfMMn+vMQyvYf9EfocV6HrD3HcVpeIVoUSjNKuROo= +github.com/IBM/project-go-sdk v0.3.9/go.mod h1:FOJM9ihQV3EEAY6YigcWiTNfVCThtdY8bLC/nhQHFvo= github.com/IBM/schematics-go-sdk v0.4.0 h1:x01f/tPquYJYLQzJLGuxWfCbV/EdSMXRikOceNy/JLM= github.com/IBM/schematics-go-sdk v0.4.0/go.mod h1:Xe7R7xgwmXBHu09w2CbBe8lkWZaYxNQo19bS4dpLrUA= -github.com/IBM/vpc-go-sdk v0.71.1 h1:SP5/uQs5JDb1QRvSJ1QC2BzE+BHEMq4jd2+JEcRuieE= -github.com/IBM/vpc-go-sdk v0.71.1/go.mod h1:K3vVlje72PYE3ZRt1iouE+jSIq+vCyYzT1HiFC06hUA= +github.com/IBM/vpc-go-sdk v1.0.2 h1:WhI1Cb8atA8glUdFg0SEUh9u8afjnKHxZAj9onQBi04= +github.com/IBM/vpc-go-sdk v1.0.2/go.mod h1:42NO/XCXsyrYqpvtxoX5xwSEv/jBU1MKEoyaYkIUico= github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= @@ -31,6 +32,7 @@ github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= @@ -68,8 +70,8 @@ github.com/go-git/go-billy/v5 v5.6.2 h1:6Q86EsPXMa7c3YZ3aLAQsMA0VlWmy43r6FHqa/UN github.com/go-git/go-billy/v5 v5.6.2/go.mod h1:rcFC2rAsp/erv7CMz9GczHcuD0D32fWzH+MJAU+jaUU= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII= -github.com/go-git/go-git/v5 v5.16.2 h1:fT6ZIOjE5iEnkzKyxTHK1W4HGAsPhqEqiSAssSO77hM= -github.com/go-git/go-git/v5 v5.16.2/go.mod h1:4Ge4alE/5gPs30F2H1esi2gPd69R0C39lolkucHBOp8= +github.com/go-git/go-git/v5 v5.16.3 h1:Z8BtvxZ09bYm/yYNgPKCzgWtaRqDTgIKRgIRHBfU6Z8= +github.com/go-git/go-git/v5 v5.16.3/go.mod h1:4Ge4alE/5gPs30F2H1esi2gPd69R0C39lolkucHBOp8= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -80,9 +82,10 @@ github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-openapi/analysis v0.23.0 h1:aGday7OWupfMs+LbmLZG4k0MYXIANxcuBTYUC03zFCU= github.com/go-openapi/analysis v0.23.0/go.mod h1:9mz9ZWaSlV8TvjQHLl2mUW2PbZtemkE8yA5v22ohupo= +github.com/go-openapi/errors v0.19.8/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/errors v0.20.3/go.mod h1:Z3FlZ4I8jEGxjUK+bugx3on2mIAk4txuAOhlsB1FSgk= -github.com/go-openapi/errors v0.22.2 h1:rdxhzcBUazEcGccKqbY1Y7NS8FDcMyIRr0934jrYnZg= -github.com/go-openapi/errors v0.22.2/go.mod h1:+n/5UdIqdVnLIJ6Q9Se8HNGUXYaY6CN8ImWzfi/Gzp0= +github.com/go-openapi/errors v0.22.3 h1:k6Hxa5Jg1TUyZnOwV2Lh81j8ayNw5VVYLvKrp4zFKFs= +github.com/go-openapi/errors v0.22.3/go.mod h1:+WvbaBBULWCOna//9B9TbLNGSFOfF8lY9dw4hGiEiKQ= github.com/go-openapi/jsonpointer v0.21.1 h1:whnzv/pNXtK2FbX/W9yJfRmE2gsmkfahjMKB0fZvcic= github.com/go-openapi/jsonpointer v0.21.1/go.mod h1:50I1STOfbY1ycR8jGz8DaMeLCdXiI6aDteEdRNNzpdk= github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= @@ -93,25 +96,31 @@ github.com/go-openapi/runtime v0.28.0 h1:gpPPmWSNGo214l6n8hzdXYhPuJcGtziTOgUpvsF github.com/go-openapi/runtime v0.28.0/go.mod h1:QN7OzcS+XuYmkQLw05akXk0jRH/eZ3kb18+1KwW9gyc= github.com/go-openapi/spec v0.21.0 h1:LTVzPc3p/RzRnkQqLRndbAzjY0d0BCL72A6j3CdL9ZY= github.com/go-openapi/spec v0.21.0/go.mod h1:78u6VdPw81XU44qEWGhtr982gJ5BWg2c0I5XwVMotYk= +github.com/go-openapi/strfmt v0.21.1/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k= github.com/go-openapi/strfmt v0.21.7/go.mod h1:adeGTkxE44sPyLk0JV235VQAO/ZXUr8KAzYjclFs3ew= -github.com/go-openapi/strfmt v0.23.0 h1:nlUS6BCqcnAk0pyhi9Y+kdDVZdZMHfEKQiS4HaMgO/c= -github.com/go-openapi/strfmt v0.23.0/go.mod h1:NrtIpfKtWIygRkKVsxh7XQMDQW5HKQl6S5ik2elW+K4= +github.com/go-openapi/strfmt v0.24.0 h1:dDsopqbI3wrrlIzeXRbqMihRNnjzGC+ez4NQaAAJLuc= +github.com/go-openapi/strfmt v0.24.0/go.mod h1:Lnn1Bk9rZjXxU9VMADbEEOo7D7CDyKGLsSKekhFr7s4= github.com/go-openapi/swag v0.23.1 h1:lpsStH0n2ittzTnbaSloVZLuB5+fvSY/+hnagBjSNZU= github.com/go-openapi/swag v0.23.1/go.mod h1:STZs8TbRvEQQKUA+JZNAm3EWlgaOBGpyFDqQnDHMef0= github.com/go-openapi/validate v0.24.0 h1:LdfDKwNbpB6Vn40xhTdNZAnfLECL81w+VX3BumrGD58= github.com/go-openapi/validate v0.24.0/go.mod h1:iyeX1sEufmv3nPbBdX3ieNviWnOZaJ1+zquzJEf2BAQ= github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= +github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs= github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA= github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= +github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA= github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= github.com/go-playground/validator/v10 v10.26.0 h1:SP05Nqhjcvz81uJaRfEV0YBSSSGMc/iMaVtFbr3Sw2k= github.com/go-playground/validator/v10 v10.26.0/go.mod h1:I5QpIEbmr8On7W0TktmJAumgzX4CA1XNl4ZmDuVHKKo= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/go-test/deep v1.0.7 h1:/VSMRlnY/JSyqxQUzQLKVMAskpY/NZKFA5j2P+0pP2M= github.com/go-test/deep v1.0.7/go.mod h1:QV8Hv/iy04NyLBxAdO9njL0iVPN1S4d/A3NVv1V36o8= +github.com/go-viper/mapstructure/v2 v2.4.0 h1:EBsztssimR/CONLSZZ04E8qAkxNYq4Qp9LvH92wZUgs= +github.com/go-viper/mapstructure/v2 v2.4.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ= github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -136,22 +145,26 @@ github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/gruntwork-io/terratest v0.50.0 h1:AbBJ7IRCpLZ9H4HBrjeoWESITv8nLjN6/f1riMNcAsw= -github.com/gruntwork-io/terratest v0.50.0/go.mod h1:see0lbKvAqz6rvzvN2wyfuFQQG4PWcAb2yHulF6B2q4= +github.com/gruntwork-io/terratest v0.51.0 h1:RCXlCwWlHqhUoxgF6n3hvywvbvrsTXqoqt34BrnLekw= +github.com/gruntwork-io/terratest v0.51.0/go.mod h1:evZHXb8VWDgv5O5zEEwfkwMhkx9I53QR/RB11cISrpg= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-getter/v2 v2.2.3 h1:6CVzhT0KJQHqd9b0pK3xSP0CM/Cv+bVhk+jcaRJ2pGk= github.com/hashicorp/go-getter/v2 v2.2.3/go.mod h1:hp5Yy0GMQvwWVUmwLs3ygivz1JSLI323hdIE9J9m7TY= +github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= +github.com/hashicorp/go-retryablehttp v0.7.0/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo= @@ -160,8 +173,8 @@ github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKe github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/hcl/v2 v2.22.0 h1:hkZ3nCtqeJsDhPRFz5EA9iwcG1hNWGePOTw6oyul12M= github.com/hashicorp/hcl/v2 v2.22.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA= -github.com/hashicorp/terraform-json v0.26.0 h1:+BnJavhRH+oyNWPnfzrfQwVWCZBFMvjdiH2Vi38Udz4= -github.com/hashicorp/terraform-json v0.26.0/go.mod h1:eyWCeC3nrZamyrKLFnrvwpc3LQPIJsx8hWHQ/nu2/v4= +github.com/hashicorp/terraform-json v0.27.2 h1:BwGuzM6iUPqf9JYM/Z4AF1OJ5VVJEEzoKST/tRDBJKU= +github.com/hashicorp/terraform-json v0.27.2/go.mod h1:GzPLJ1PLdUG5xL6xn1OXWIjteQRT2CNT9o/6A9mi9hE= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= @@ -182,6 +195,7 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY= github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ= github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI= github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= @@ -198,7 +212,7 @@ github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJ github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= -github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= +github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= @@ -209,6 +223,7 @@ github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= +github.com/onsi/ginkgo v1.14.2/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= @@ -230,6 +245,7 @@ github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xl github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= +github.com/onsi/gomega v1.10.5/go.mod h1:gza4q3jKQJijlu05nKWRCW/GavJumGt8aNRxWg7mt48= github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= github.com/onsi/gomega v1.20.1/go.mod h1:DtrZpjmvpn2mPm4YWQa0/ALMDj9v4YxLgojwPeREyVo= @@ -274,13 +290,14 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= -github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.10 h1:dOH4lHp8/wtXDNJA2SGI2NOuMp/EDoWFw1uVWf5HJ88= -github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.10/go.mod h1:YBrRYc+5y5Pr9CXmY35lOqTQdlIjA4x4+3iVObXGOCE= +github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.17 h1:unGRxvM9OJBTsfDQg/AZCYOeJZ5TqrCsPphjWJ2wI94= +github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.17/go.mod h1:g0kmBhFk6pVoTmse42tMNCSNktiOYJHAda/pAzOIxco= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tmccombs/hcl2json v0.6.4 h1:/FWnzS9JCuyZ4MNwrG4vMrFrzRgsWEOVi+1AyYUVLGw= github.com/tmccombs/hcl2json v0.6.4/go.mod h1:+ppKlIW3H5nsAsZddXPy2iMyvld3SHxyjswOZhavRDk= @@ -289,19 +306,22 @@ github.com/ulikunitz/xz v0.5.11/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0o github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= +github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs= github.com/xdg-go/scram v1.1.1/go.mod h1:RaEWvsqvNKKvBPvcKeFjrG2cJqOkHTiyTpzz23ni57g= +github.com/xdg-go/stringprep v1.0.2/go.mod h1:8F9zXuvzgwmyT5DUm4GUfZGDdT3W+LCvS6+da4O5kxM= github.com/xdg-go/stringprep v1.0.3/go.mod h1:W3f5j4i+9rC0kuIEJL0ky1VpHXQU3ocBgklLGvcBnW8= github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/zclconf/go-cty v1.16.3 h1:osr++gw2T61A8KVYHoQiFbFd1Lh3JOCXc/jFLJXKTxk= -github.com/zclconf/go-cty v1.16.3/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= +github.com/zclconf/go-cty v1.16.4 h1:QGXaag7/7dCzb+odlGrgr+YmYZFaOCMW6DEpS+UD1eE= +github.com/zclconf/go-cty v1.16.4/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940 h1:4r45xpDWB6ZMSMNJFMOjqrGHynW3DIBuR2H9j0ug+Mo= github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940/go.mod h1:CmBdvvj3nqzfzJ6nTCIwDTPZ56aVGvDrmztiO5g3qrM= +go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= go.mongodb.org/mongo-driver v1.11.3/go.mod h1:PTSz5yu21bkT/wXpkS7WR5f0ddqw5quethTUn9WM+2g= -go.mongodb.org/mongo-driver v1.17.3 h1:TQyXhnsWfWtgAhMtOgtYHMTkZIfBTpMTsMnd9ZBeHxQ= -go.mongodb.org/mongo-driver v1.17.3/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ= +go.mongodb.org/mongo-driver v1.17.4 h1:jUorfmVzljjr0FLzYQsGP8cgN/qzzxlY9Vh0C9KFXVw= +go.mongodb.org/mongo-driver v1.17.4/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ= go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= go.opentelemetry.io/otel v1.35.0 h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ= @@ -312,8 +332,11 @@ go.opentelemetry.io/otel/sdk v1.29.0 h1:vkqKjk7gwhS8VaWb0POZKmIEDimRCMsopNYnriHy go.opentelemetry.io/otel/sdk v1.29.0/go.mod h1:pM8Dx5WKnvxLCb+8lG1PRNIDxu9g9b9g59Qr7hfAAok= go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt/xgMs= go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc= +go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= +go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= @@ -323,8 +346,8 @@ golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98y golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4= -golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc= +golang.org/x/crypto v0.43.0 h1:dduJYIi3A3KOfdGOHX8AVZ/jGiyPa3IbBozJ5kNuE04= +golang.org/x/crypto v0.43.0/go.mod h1:BFbav4mRNlXJL4wNeejLpWxB7wMbc79PdRGhWKncxR0= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= @@ -335,13 +358,15 @@ golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/mod v0.26.0 h1:EGMPT//Ezu+ylkCijjPc+f4Aih7sZvaAr+O3EHBxvZg= -golang.org/x/mod v0.26.0/go.mod h1:/j6NAhSk8iQ723BGAUyoAcn7SlD7s15Dp9Nd/SfeaFQ= +golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U= +golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= @@ -362,10 +387,11 @@ golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= -golang.org/x/net v0.42.0 h1:jzkYrhi3YQWD6MLBJcsklgQsoAcw89EcZbJw8Z614hs= -golang.org/x/net v0.42.0/go.mod h1:FF1RA5d3u7nAYA4z2TkclSCKh68eSXtiFwcWQpPXdt8= +golang.org/x/net v0.45.0 h1:RLBg5JKixCy82FtLJpeNlVM0nrSqpCRYzVU1n8kj0tM= +golang.org/x/net v0.45.0/go.mod h1:ECOoLqd5U3Lhyeyo/QDCEVQ4sNgYsqvCZ722XogGieY= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -384,6 +410,7 @@ golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -410,8 +437,8 @@ golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= -golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/sys v0.37.0 h1:fdNQudmxPjkdUTPnLn5mdQv7Zwvbvpaxqs831goi9kQ= +golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -426,10 +453,12 @@ golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= -golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4= -golang.org/x/term v0.34.0/go.mod h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw= +golang.org/x/term v0.36.0 h1:zMPR+aF8gfksFprF/Nc/rd1wRS1EI6nDBGyWAvDzx2Q= +golang.org/x/term v0.36.0/go.mod h1:Qu394IJq6V6dCBRgwqshf3mPF85AqzYEzofzRdZkWss= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= @@ -442,9 +471,10 @@ golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng= -golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU= +golang.org/x/text v0.30.0 h1:yznKA/E9zq54KzlzBEAWn1NXSQ8DIp/NYMy88xJjl4k= +golang.org/x/text v0.30.0/go.mod h1:yDdHFIX9t+tORqspjENWgzaCVXgk0yYnYuSZ8UzzBVM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190531172133-b3315ee88b7d/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= @@ -458,8 +488,8 @@ golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= -golang.org/x/tools v0.35.0 h1:mBffYraMEf7aa0sB+NuKnuCy8qI/9Bughn8dC2Gu5r0= -golang.org/x/tools v0.35.0/go.mod h1:NKdj5HkL/73byiZSJjqJgKn3ep7KjFkBOkR/Hps3VPw= +golang.org/x/tools v0.37.0 h1:DVSRzp7FwePZW356yEAChSdNcQo6Nsp+fex1SUW09lE= +golang.org/x/tools v0.37.0/go.mod h1:MBN5QPQtLMHVdvsbtarmTNukZDdgwdwlO5qGacAzF0w= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -473,8 +503,8 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= -google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM= +google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -482,6 +512,8 @@ gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE= +gopkg.in/go-playground/validator.v9 v9.31.0/go.mod h1:+c9/zcJMFNgbLvly1L1V+PpxWdVbfP1avr/N00E2vyQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME= @@ -492,7 +524,8 @@ gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= -sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= +sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs= +sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4= diff --git a/tests/resources/main.tf b/tests/resources/main.tf index ff7aa5c6..b233b715 100644 --- a/tests/resources/main.tf +++ b/tests/resources/main.tf @@ -4,7 +4,7 @@ module "resource_group" { source = "terraform-ibm-modules/resource-group/ibm" - version = "1.1.6" + version = "1.3.0" # if an existing resource group is not set (null) create a new one using prefix resource_group_name = var.resource_group == null ? "${var.prefix}-resource-group" : null existing_resource_group_name = var.resource_group @@ -16,7 +16,7 @@ module "resource_group" { module "event_notifications" { source = "terraform-ibm-modules/event-notifications/ibm" - version = "1.19.8" + version = "2.8.4" resource_group_id = module.resource_group.resource_group_id name = "${var.prefix}-en" tags = var.resource_tags @@ -30,7 +30,7 @@ module "event_notifications" { module "secrets_manager" { source = "terraform-ibm-modules/secrets-manager/ibm" - version = "2.0.0" + version = "2.10.2" resource_group_id = module.resource_group.resource_group_id region = var.region secrets_manager_name = "${var.prefix}-secrets-manager" #tfsec:ignore:general-secrets-no-plaintext-exposure @@ -44,7 +44,7 @@ module "secrets_manager" { module "key_protect_all_inclusive" { source = "terraform-ibm-modules/kms-all-inclusive/ibm" - version = "4.21.4" + version = "5.3.2" resource_group_id = module.resource_group.resource_group_id key_protect_instance_name = "${var.prefix}-kms" region = var.region From c68733c9a449b628a73d55a121b8d12894ca5a07 Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Mon, 27 Oct 2025 16:33:07 +0000 Subject: [PATCH 32/36] clean --- ibm_catalog.json | 102 +++++++++++++++++++---- solutions/basic/stack_definition.json | 6 +- solutions/standard/stack_definition.json | 6 +- 3 files changed, 97 insertions(+), 17 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index d98f06d8..d58d9b3a 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -67,6 +67,7 @@ "name": "basic", "index": 1, "working_directory": "solutions/basic", + "ignore_readme": true, "compliance": { "authority": "scc-v3", "profiles": [ @@ -420,7 +421,7 @@ "key": "enable_platform_metrics", "type": "boolean", "default_value": false, - "description": "Setting this to true will enable platform metrics for the Cloud Monitoring instance. NOTE: You can configure 1 instance only of the IBM Cloud Monitoring service per region to collect platform metrics in that location.", + "description": "Setting this to true will enable platform metrics for the Cloud Monitoring instance, including setting up a metrics routing route to the Cloud Monitoring instance. NOTE: You can configure 1 instance only of the IBM Cloud Monitoring service per region to collect platform metrics in that location.", "required": false }, { @@ -428,14 +429,28 @@ "type": "array", "default_value": [], "description": "Pass a list of regions to create a tenant that is targeted to the Cloud Logs instance created by this solution. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants.", - "required": false + "required": false, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "type": "string" + } + } }, { "key": "event_notifications_email_list", "type": "array", "default_value": [], "description": "List of emails to configure event notifications.", - "required": false + "required": false, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "type": "string" + } + } }, { "key": "enterprise_id", @@ -451,7 +466,14 @@ "all" ], "description": "A list of enterprise account group IDs to assign the trusted profile template to in order for the accounts to be scanned for compliance. Supports passing the string 'all' in the list to assign to all account groups. Only applies if a value is being passed for `enterprise_id`.", - "required": false + "required": false, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "type": "string" + } + } }, { "key": "enterprise_account_ids_to_assign", @@ -460,7 +482,14 @@ "all" ], "description": "A list of enterprise account IDs to assign the trusted profile template to in order for the accounts to be scanned. Supports passing the string 'all' in the list to assign to all accounts. Only applies if a value is being passed for `enterprise_id`.", - "required": false + "required": false, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "type": "string" + } + } }, { "key": "sample_app_git_url", @@ -586,6 +615,7 @@ "name": "standard", "index": 2, "working_directory": "solutions/standard", + "ignore_readme": true, "compliance": { "authority": "scc-v3", "profiles": [ @@ -768,10 +798,10 @@ { "key": "prefix", "type": "string", - "default_value": "rag", + "default_value": "dev", "random_string" : { - "length": 3 - }, + "length": 4 + }, "description": "The prefix to add to all resources that this solution creates (e.g `prod`, `test`, `dev`). Used to avoid name clashes in the target account when deploying this solution multiple times.", "required": true, "value_constraints": [ @@ -953,7 +983,7 @@ "key": "enable_platform_metrics", "type": "boolean", "default_value": false, - "description": "Setting this to true will enable platform metrics for the Cloud Monitoring instance. NOTE: You can configure 1 instance only of the IBM Cloud Monitoring service per region to collect platform metrics in that location.", + "description": "Setting this to true will enable platform metrics for the Cloud Monitoring instance, including setting up a metrics routing route to the Cloud Monitoring instance. NOTE: You can configure 1 instance only of the IBM Cloud Monitoring service per region to collect platform metrics in that location.", "required": false }, { @@ -961,14 +991,28 @@ "type": "array", "default_value": [], "description": "Pass a list of regions to create a tenant that is targeted to the Cloud Logs instance created by this solution. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants.", - "required": false + "required": false, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "type": "string" + } + } }, { "key": "event_notifications_email_list", "type": "array", "default_value": [], "description": "List of emails to configure event notifications.", - "required": false + "required": false, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "type": "string" + } + } }, { "key": "enterprise_id", @@ -984,7 +1028,14 @@ "all" ], "description": "A list of enterprise account group IDs to assign the trusted profile template to in order for the accounts to be scanned for compliance. Supports passing the string 'all' in the list to assign to all account groups. Only applies if a value is being passed for `enterprise_id`.", - "required": false + "required": false, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "type": "string" + } + } }, { "key": "enterprise_account_ids_to_assign", @@ -993,7 +1044,14 @@ "all" ], "description": "A list of enterprise account IDs to assign the trusted profile template to in order for the accounts to be scanned. Supports passing the string 'all' in the list to assign to all accounts. Only applies if a value is being passed for `enterprise_id`.", - "required": false + "required": false, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "type": "string" + } + } }, { "key": "enterprise_id", @@ -1009,7 +1067,14 @@ "all" ], "description": "A list of enterprise account group IDs to assign the trusted profile template to in order for the accounts to be scanned for compliance. Supports passing the string 'all' in the list to assign to all account groups. Only applies if a value is being passed for `enterprise_id`.", - "required": false + "required": false, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "type": "string" + } + } }, { "key": "enterprise_account_ids_to_assign", @@ -1018,7 +1083,14 @@ "all" ], "description": "A list of enterprise account IDs to assign the trusted profile template to in order for the accounts to be scanned. Supports passing the string 'all' in the list to assign to all accounts. Only applies if a value is being passed for `enterprise_id`.", - "required": false + "required": false, + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "type": "string" + } + } }, { "key": "sample_app_git_url", diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index 249ee012..d09effd5 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -284,6 +284,10 @@ "name": "enable_platform_metrics", "value": "ref:../../inputs/enable_platform_metrics" }, + { + "name": "enable_metrics_routing_to_cloud_monitoring", + "value": "ref:../../inputs/enable_platform_metrics" + }, { "name": "cloud_monitoring_plan", "value": "ref:../../inputs/cloud_monitoring_plan" @@ -386,7 +390,7 @@ }, { "name": "3b - Gen AI - WatsonX SaaS services", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.7dffb0ba-df27-4f52-b022-3b5ec6350cfc-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.9ca79f5e-f2ad-4222-b654-efcbca158aaa-global", "inputs": [ { "name": "watsonx_admin_api_key", diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index 0cd4ab0e..431e66b7 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -284,6 +284,10 @@ "name": "enable_platform_metrics", "value": "ref:../../inputs/enable_platform_metrics" }, + { + "name": "enable_metrics_routing_to_cloud_monitoring", + "value": "ref:../../inputs/enable_platform_metrics" + }, { "name": "cloud_monitoring_plan", "value": "ref:../../inputs/cloud_monitoring_plan" @@ -342,7 +346,7 @@ }, { "name": "3b - Gen AI - WatsonX SaaS services", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.7dffb0ba-df27-4f52-b022-3b5ec6350cfc-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.9ca79f5e-f2ad-4222-b654-efcbca158aaa-global", "inputs": [ { "name": "watsonx_admin_api_key", From 0fc714a7a537e73ee19cb176d8e6270b3125ee56 Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Mon, 27 Oct 2025 18:50:35 +0000 Subject: [PATCH 33/36] updates --- .catalog-onboard-pipeline.yaml | 4 ++-- solutions/basic/stack_definition.json | 12 ++++++------ solutions/standard/stack_definition.json | 12 ++++++------ tests/pr_test.go | 6 +++--- 4 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.catalog-onboard-pipeline.yaml b/.catalog-onboard-pipeline.yaml index c22908d2..a57b29f9 100644 --- a/.catalog-onboard-pipeline.yaml +++ b/.catalog-onboard-pipeline.yaml @@ -6,7 +6,7 @@ offerings: catalog_id: 7df1e4ca-d54c-4fd0-82ce-3d13247308cd offering_id: 5fdd0045-30fc-4013-a8bc-6db9d5447a52 variations: - - name: basic-fully-config + - name: basic mark_ready: false install_type: fullstack format_kind: stack @@ -14,7 +14,7 @@ offerings: scc: instance_id: 1c7d5f78-9262-44c3-b779-b28fe4d88c37 region: us-south - - name: standard-fully-config + - name: standard mark_ready: false install_type: fullstack format_kind: stack diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index d09effd5..0f01415a 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -261,6 +261,10 @@ { "name": "existing_resource_group_name", "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" + }, + { + "name": "instance_name", + "value": "essential-security" } ] }, @@ -340,7 +344,7 @@ }, { "name": "3a - Essential Security - Event Notifications", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.86dd9347-d1b4-4dc3-b520-f747557c9a42-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.5dbe54b9-6e6c-4843-a4f3-087400a99019-global", "inputs": [ { "name": "existing_cos_instance_crn", @@ -390,7 +394,7 @@ }, { "name": "3b - Gen AI - WatsonX SaaS services", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.9ca79f5e-f2ad-4222-b654-efcbca158aaa-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.7dffb0ba-df27-4f52-b022-3b5ec6350cfc-global", "inputs": [ { "name": "watsonx_admin_api_key", @@ -452,10 +456,6 @@ "name": "existing_governance_instance", "value": "ref:../../inputs/existing_governance_instance_crn" }, - { - "name": "existing_cos_instance_crn", - "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" - }, { "name": "cos_kms_crn", "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index 431e66b7..71070351 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -261,6 +261,10 @@ { "name": "existing_resource_group_name", "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" + }, + { + "name": "instance_name", + "value": "essential-security" } ] }, @@ -296,7 +300,7 @@ }, { "name": "3a - Essential Security - Event Notifications", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.86dd9347-d1b4-4dc3-b520-f747557c9a42-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.5dbe54b9-6e6c-4843-a4f3-087400a99019-global", "inputs": [ { "name": "existing_cos_instance_crn", @@ -346,7 +350,7 @@ }, { "name": "3b - Gen AI - WatsonX SaaS services", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.9ca79f5e-f2ad-4222-b654-efcbca158aaa-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.7dffb0ba-df27-4f52-b022-3b5ec6350cfc-global", "inputs": [ { "name": "watsonx_admin_api_key", @@ -408,10 +412,6 @@ "name": "existing_governance_instance", "value": "ref:../../inputs/existing_governance_instance_crn" }, - { - "name": "existing_cos_instance_crn", - "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" - }, { "name": "cos_kms_crn", "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" diff --git a/tests/pr_test.go b/tests/pr_test.go index 05dcea6f..458bbc3c 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -50,7 +50,7 @@ func TestProjectsBasicFullTest(t *testing.T) { Prefix: "rag", StackConfigurationPath: basicDaStackDefPath, CatalogProductName: "Retrieval_Augmented_Generation_Pattern", - CatalogFlavorName: "basic-fully-config", + CatalogFlavorName: "basic", }) privateKey, _, kerr := common.GenerateTempGPGKeyPairBase64() @@ -115,7 +115,7 @@ func TestProjectsBasicExistingResourcesTest(t *testing.T) { Testing: t, StackConfigurationPath: basicDaStackDefPath, CatalogProductName: "Retrieval_Augmented_Generation_Pattern", - CatalogFlavorName: "basic-fully-config", + CatalogFlavorName: "basic", }) privateKey, _, kerr := common.GenerateTempGPGKeyPairBase64() @@ -167,7 +167,7 @@ func TestProjectsStandardFullTest(t *testing.T) { Prefix: "rag-s", StackConfigurationPath: standardDaStackDefPath, CatalogProductName: "Retrieval_Augmented_Generation_Pattern", - CatalogFlavorName: "standard-fully-config", + CatalogFlavorName: "standard", }) privateKey, _, kerr := common.GenerateTempGPGKeyPairBase64() From b7ffd00feeff203a05f68c8f12cfeaf9640569ad Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Mon, 27 Oct 2025 20:43:06 +0000 Subject: [PATCH 34/36] fix wx --- solutions/basic/stack_definition.json | 14 +++++++++----- solutions/standard/stack_definition.json | 14 +++++++++----- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index 0f01415a..cc2ff5c5 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -261,10 +261,6 @@ { "name": "existing_resource_group_name", "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" - }, - { - "name": "instance_name", - "value": "essential-security" } ] }, @@ -394,7 +390,7 @@ }, { "name": "3b - Gen AI - WatsonX SaaS services", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.7dffb0ba-df27-4f52-b022-3b5ec6350cfc-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.9ca79f5e-f2ad-4222-b654-efcbca158aaa-global", "inputs": [ { "name": "watsonx_admin_api_key", @@ -456,10 +452,18 @@ "name": "existing_governance_instance", "value": "ref:../../inputs/existing_governance_instance_crn" }, + { + "name": "existing_cos_instance_crn", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" + }, { "name": "cos_kms_crn", "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, + { + "name": "cos_kms_new_key_name", + "value": "watsonx" + }, { "name": "enable_cos_kms_encryption", "value": true diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index 71070351..8c9de2ae 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -261,10 +261,6 @@ { "name": "existing_resource_group_name", "value": "ref:../1 - Account Configuration/outputs/observability_resource_group_name" - }, - { - "name": "instance_name", - "value": "essential-security" } ] }, @@ -350,7 +346,7 @@ }, { "name": "3b - Gen AI - WatsonX SaaS services", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.7dffb0ba-df27-4f52-b022-3b5ec6350cfc-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.9ca79f5e-f2ad-4222-b654-efcbca158aaa-global", "inputs": [ { "name": "watsonx_admin_api_key", @@ -412,10 +408,18 @@ "name": "existing_governance_instance", "value": "ref:../../inputs/existing_governance_instance_crn" }, + { + "name": "existing_cos_instance_crn", + "value": "ref:../2b - Essential Security - Cloud Object Storage/outputs/cos_instance_crn" + }, { "name": "cos_kms_crn", "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, + { + "name": "cos_kms_new_key_name", + "value": "watsonx" + }, { "name": "enable_cos_kms_encryption", "value": true From 96d5467cffbc74e8d770d0bc03600f1071958ea0 Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Tue, 4 Nov 2025 11:50:42 +0000 Subject: [PATCH 35/36] updates --- .github/workflows/release.yml | 2 +- common-dev-assets | 2 +- solutions/basic/stack_definition.json | 46 ++++++++++-------------- solutions/standard/stack_definition.json | 42 +++++++++------------- tests/go.mod | 2 +- tests/resources/main.tf | 8 ++--- 6 files changed, 43 insertions(+), 59 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 13edc440..a6421eb1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,5 +8,5 @@ on: jobs: call-terraform-release-pipeline: - uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-release.yml@v1.22.5 + uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-release.yml@v1.23.2 secrets: inherit diff --git a/common-dev-assets b/common-dev-assets index ae23e021..bb642791 160000 --- a/common-dev-assets +++ b/common-dev-assets @@ -1 +1 @@ -Subproject commit ae23e021950779a9c0612e71ce51d074f14b7543 +Subproject commit bb64279162cdd0eecd962220d538fd8f41e922e7 diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index cc2ff5c5..c9a4de8d 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -180,7 +180,7 @@ "members": [ { "name": "1 - Account Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.63df805b-f866-4a3e-a168-faa43d4c8a2b-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.0e456e60-9ca9-4e9e-8f28-6265f8a12f97-global", "inputs": [ { "name": "prefix", @@ -226,7 +226,7 @@ }, { "name": "2a - Essential Security - Encryption Key Management", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.23e68097-1552-41e2-a8e3-a493e1427ebb-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.fbb4dc92-6318-4f20-afc9-65cc586ac241-global", "inputs": [ { "name": "existing_resource_group_name", @@ -252,7 +252,7 @@ }, { "name": "2b - Essential Security - Cloud Object Storage", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.6722b081-5cec-4234-82bf-fc1d036ef51e-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.6433c58f-9e1b-4520-ae52-5ab4f4559cf9-global", "inputs": [ { "name": "prefix", @@ -266,7 +266,7 @@ }, { "name": "2c - Essential Security - Cloud Monitoring", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.5a46e96b-8776-4e9a-9290-21c4217069e1-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.4c21c293-3f7d-454b-97bc-9808aee58bfe-global", "inputs": [ { "name": "region", @@ -296,7 +296,7 @@ }, { "name": "2d - Workload - Code Engine Project for CI", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.333c5bb1-dac1-4767-91fd-5da513c5b9f1-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.879ff223-c2d9-486c-b7b6-62dbc3083a0d-global", "inputs": [ { "name": "existing_resource_group_name", @@ -318,7 +318,7 @@ }, { "name": "2e - Workload - Code Engine Project for CD", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.333c5bb1-dac1-4767-91fd-5da513c5b9f1-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.879ff223-c2d9-486c-b7b6-62dbc3083a0d-global", "inputs": [ { "name": "existing_resource_group_name", @@ -340,7 +340,7 @@ }, { "name": "3a - Essential Security - Event Notifications", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.5dbe54b9-6e6c-4843-a4f3-087400a99019-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.29f017cd-7a6f-45cc-a4ed-5f23505380bf-global", "inputs": [ { "name": "existing_cos_instance_crn", @@ -390,28 +390,24 @@ }, { "name": "3b - Gen AI - WatsonX SaaS services", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.9ca79f5e-f2ad-4222-b654-efcbca158aaa-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.bb975238-fc56-4180-ab1e-9608239182c8-global", "inputs": [ { "name": "watsonx_admin_api_key", "value": "ref:../../inputs/watsonx_admin_api_key" }, { - "name": "resource_group_name", + "name": "existing_resource_group_name", "value": "ref:../1 - Account Configuration/outputs/workload_resource_group_name" }, { - "name": "location", + "name": "region", "value": "ref:../../inputs/region" }, { - "name": "resource_prefix", + "name": "prefix", "value": "ref:../../inputs/prefix" }, - { - "name": "use_existing_resource_group", - "value": true - }, { "name": "watson_machine_learning_plan", "value": "v2-standard" @@ -460,10 +456,6 @@ "name": "cos_kms_crn", "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, - { - "name": "cos_kms_new_key_name", - "value": "watsonx" - }, { "name": "enable_cos_kms_encryption", "value": true @@ -472,7 +464,7 @@ }, { "name": "4a - Essential Security - Cloud Logs for logging", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.05329b70-0b0b-4c7c-9b16-c7024a525465-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b6bf9a7b-6ac3-4821-b3e4-f274293603f3-global", "inputs": [ { "name": "region", @@ -518,7 +510,7 @@ }, { "name": "4b - Essential Security - App Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.01bb35a3-8a27-4e08-a938-1f0f50b972a3-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.bff2dc4d-9e19-4b2c-8890-4cda020ce39e-global", "inputs": [ { "name": "existing_resource_group_name", @@ -584,7 +576,7 @@ }, { "name": "4c - Essential Security - Secrets Manager", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.09c13b73-1987-4c38-b54d-2c79712bfa76-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.c7ba4599-f65a-4a9b-bd6b-120e52947652-global", "inputs": [ { "name": "prefix", @@ -630,7 +622,7 @@ }, { "name": "4d - Essential Security - Cloud Logs for activity tracking", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.05329b70-0b0b-4c7c-9b16-c7024a525465-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b6bf9a7b-6ac3-4821-b3e4-f274293603f3-global", "inputs": [ { "name": "region", @@ -688,7 +680,7 @@ }, { "name": "5a - Essential Security - Security and Compliance Center Workload Protection", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.dcdef1bc-68b8-460e-93d4-a72aac3f317b-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.e543e47d-1b78-4415-963c-3c59fcf5ef2b-global", "inputs": [ { "name": "existing_resource_group_name", @@ -722,7 +714,7 @@ }, { "name": "5b - Gen AI - Databases for Elasticsearch", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.5acd3054-0a4f-4242-9110-890dc65f0ae7-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.2a25caea-0f63-4911-a5fb-c1ef792edea0-global", "inputs": [ { "name": "existing_resource_group_name", @@ -882,7 +874,7 @@ }, { "name": "5d - Essential Security - Activity Tracker Event Routing", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.3b795a48-00a9-4430-95ba-857a324329e2-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.1d61413e-c149-4a3a-bd6d-9207e0c60385-global", "inputs": [ { "name": "region", @@ -920,7 +912,7 @@ }, { "name": "6 - Workload - Sample RAG Application", - "version_locator": "7df1e4ca-d54c-4fd0-82ce-3d13247308cd.cf9bdedf-48c7-440e-bf04-82ba6008b2b9", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.e7af3542-6a4a-44fe-b646-2598bb925719-global", "inputs": [ { "name": "toolchain_region", diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index 8c9de2ae..2237865a 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -180,7 +180,7 @@ "members": [ { "name": "1 - Account Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.63df805b-f866-4a3e-a168-faa43d4c8a2b-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.0e456e60-9ca9-4e9e-8f28-6265f8a12f97-global", "inputs": [ { "name": "prefix", @@ -226,7 +226,7 @@ }, { "name": "2a - Essential Security - Encryption Key Management", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.23e68097-1552-41e2-a8e3-a493e1427ebb-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.fbb4dc92-6318-4f20-afc9-65cc586ac241-global", "inputs": [ { "name": "existing_resource_group_name", @@ -252,7 +252,7 @@ }, { "name": "2b - Essential Security - Cloud Object Storage", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.6722b081-5cec-4234-82bf-fc1d036ef51e-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.6433c58f-9e1b-4520-ae52-5ab4f4559cf9-global", "inputs": [ { "name": "prefix", @@ -266,7 +266,7 @@ }, { "name": "2c - Essential Security - Cloud Monitoring", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.5a46e96b-8776-4e9a-9290-21c4217069e1-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.4c21c293-3f7d-454b-97bc-9808aee58bfe-global", "inputs": [ { "name": "region", @@ -296,7 +296,7 @@ }, { "name": "3a - Essential Security - Event Notifications", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.5dbe54b9-6e6c-4843-a4f3-087400a99019-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.29f017cd-7a6f-45cc-a4ed-5f23505380bf-global", "inputs": [ { "name": "existing_cos_instance_crn", @@ -346,28 +346,24 @@ }, { "name": "3b - Gen AI - WatsonX SaaS services", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.9ca79f5e-f2ad-4222-b654-efcbca158aaa-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.bb975238-fc56-4180-ab1e-9608239182c8-global", "inputs": [ { "name": "watsonx_admin_api_key", "value": "ref:../../inputs/watsonx_admin_api_key" }, { - "name": "resource_group_name", + "name": "existing_resource_group_name", "value": "ref:../1 - Account Configuration/outputs/workload_resource_group_name" }, { - "name": "location", + "name": "region", "value": "ref:../../inputs/region" }, { - "name": "resource_prefix", + "name": "prefix", "value": "ref:../../inputs/prefix" }, - { - "name": "use_existing_resource_group", - "value": true - }, { "name": "watson_machine_learning_plan", "value": "v2-standard" @@ -416,10 +412,6 @@ "name": "cos_kms_crn", "value": "ref:../2a - Essential Security - Encryption Key Management/outputs/kms_instance_crn" }, - { - "name": "cos_kms_new_key_name", - "value": "watsonx" - }, { "name": "enable_cos_kms_encryption", "value": true @@ -499,7 +491,7 @@ }, { "name": "4a - Essential Security - Cloud Logs for logging", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.05329b70-0b0b-4c7c-9b16-c7024a525465-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b6bf9a7b-6ac3-4821-b3e4-f274293603f3-global", "inputs": [ { "name": "region", @@ -545,7 +537,7 @@ }, { "name": "4b - Essential Security - App Configuration", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.01bb35a3-8a27-4e08-a938-1f0f50b972a3-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.bff2dc4d-9e19-4b2c-8890-4cda020ce39e-global", "inputs": [ { "name": "existing_resource_group_name", @@ -611,7 +603,7 @@ }, { "name": "4c - Essential Security - Secrets Manager", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.09c13b73-1987-4c38-b54d-2c79712bfa76-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.c7ba4599-f65a-4a9b-bd6b-120e52947652-global", "inputs": [ { "name": "prefix", @@ -657,7 +649,7 @@ }, { "name": "4d - Essential Security - Cloud Logs for activity tracking", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.05329b70-0b0b-4c7c-9b16-c7024a525465-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b6bf9a7b-6ac3-4821-b3e4-f274293603f3-global", "inputs": [ { "name": "region", @@ -715,7 +707,7 @@ }, { "name": "5a - Essential Security - Security and Compliance Center Workload Protection", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.dcdef1bc-68b8-460e-93d4-a72aac3f317b-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.e543e47d-1b78-4415-963c-3c59fcf5ef2b-global", "inputs": [ { "name": "existing_resource_group_name", @@ -749,7 +741,7 @@ }, { "name": "5b - Gen AI - Databases for Elasticsearch", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.5acd3054-0a4f-4242-9110-890dc65f0ae7-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.2a25caea-0f63-4911-a5fb-c1ef792edea0-global", "inputs": [ { "name": "existing_resource_group_name", @@ -905,7 +897,7 @@ }, { "name": "5d - Essential Security - Activity Tracker Event Routing", - "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.3b795a48-00a9-4430-95ba-857a324329e2-global", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.1d61413e-c149-4a3a-bd6d-9207e0c60385-global", "inputs": [ { "name": "region", @@ -943,7 +935,7 @@ }, { "name": "6 - Workload - Sample RAG Application", - "version_locator": "7df1e4ca-d54c-4fd0-82ce-3d13247308cd.cf9bdedf-48c7-440e-bf04-82ba6008b2b9", + "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.e7af3542-6a4a-44fe-b646-2598bb925719-global", "inputs": [ { "name": "toolchain_region", diff --git a/tests/go.mod b/tests/go.mod index b77381f5..e0d1d1b9 100644 --- a/tests/go.mod +++ b/tests/go.mod @@ -2,7 +2,7 @@ module github.com/terraform-ibm-modules/stack-retrieval-augmented-generation go 1.24.0 -toolchain go1.25.1 +toolchain go1.25.3 require ( github.com/gruntwork-io/terratest v0.51.0 diff --git a/tests/resources/main.tf b/tests/resources/main.tf index b233b715..8ede1846 100644 --- a/tests/resources/main.tf +++ b/tests/resources/main.tf @@ -4,7 +4,7 @@ module "resource_group" { source = "terraform-ibm-modules/resource-group/ibm" - version = "1.3.0" + version = "1.4.0" # if an existing resource group is not set (null) create a new one using prefix resource_group_name = var.resource_group == null ? "${var.prefix}-resource-group" : null existing_resource_group_name = var.resource_group @@ -16,7 +16,7 @@ module "resource_group" { module "event_notifications" { source = "terraform-ibm-modules/event-notifications/ibm" - version = "2.8.4" + version = "2.10.7" resource_group_id = module.resource_group.resource_group_id name = "${var.prefix}-en" tags = var.resource_tags @@ -30,7 +30,7 @@ module "event_notifications" { module "secrets_manager" { source = "terraform-ibm-modules/secrets-manager/ibm" - version = "2.10.2" + version = "2.11.3" resource_group_id = module.resource_group.resource_group_id region = var.region secrets_manager_name = "${var.prefix}-secrets-manager" #tfsec:ignore:general-secrets-no-plaintext-exposure @@ -44,7 +44,7 @@ module "secrets_manager" { module "key_protect_all_inclusive" { source = "terraform-ibm-modules/kms-all-inclusive/ibm" - version = "5.3.2" + version = "5.4.5" resource_group_id = module.resource_group.resource_group_id key_protect_instance_name = "${var.prefix}-kms" region = var.region From 53737ea2a8172e7ce3f0c6ff9f49b11cac946cd8 Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Tue, 4 Nov 2025 20:46:15 +0000 Subject: [PATCH 36/36] update wx saas --- solutions/basic/stack_definition.json | 2 +- solutions/standard/stack_definition.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json index c9a4de8d..c896e62c 100644 --- a/solutions/basic/stack_definition.json +++ b/solutions/basic/stack_definition.json @@ -390,7 +390,7 @@ }, { "name": "3b - Gen AI - WatsonX SaaS services", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.bb975238-fc56-4180-ab1e-9608239182c8-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.63f85fe2-082f-44fa-add2-6a0f93d130e8-global", "inputs": [ { "name": "watsonx_admin_api_key", diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json index 2237865a..e8d5df8d 100644 --- a/solutions/standard/stack_definition.json +++ b/solutions/standard/stack_definition.json @@ -346,7 +346,7 @@ }, { "name": "3b - Gen AI - WatsonX SaaS services", - "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.bb975238-fc56-4180-ab1e-9608239182c8-global", + "version_locator": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc.63f85fe2-082f-44fa-add2-6a0f93d130e8-global", "inputs": [ { "name": "watsonx_admin_api_key",