terraform-ibm-modules · ocofaigh · May 15, 2025 · May 14, 2025 · May 14, 2025 · May 14, 2025
@@ -3,7 +3,7 @@
     "files": "go.sum|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2025-04-01T10:27:06Z",
+  "generated_at": "2025-05-14T17:28:16Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -82,7 +82,7 @@
         "hashed_secret": "8196b86ede820e665b2b8af9c648f4996be99838",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 60,
+        "line_number": 65,
         "type": "Secret Keyword",
         "verified_result": null
       }

@@ -235,7 +235,7 @@ Optionally, you need the following permissions to attach Access Management tags
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.9.0 |
-| <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | >= 1.71.0, < 2.0.0 |
+| <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | >= 1.78.2, < 2.0.0 |
 | <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.16.1, < 3.0.0 |
 | <a name="requirement_null"></a> [null](#requirement\_null) | >= 3.2.1, < 4.0.0 |
 
@@ -263,7 +263,6 @@ Optionally, you need the following permissions to attach Access Management tags
 | [ibm_resource_tag.cos_access_tag](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/resources/resource_tag) | resource |
 | [kubernetes_config_map_v1_data.set_autoscaling](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/config_map_v1_data) | resource |
 | [null_resource.config_map_status](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
-| [null_resource.confirm_lb_active](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
 | [null_resource.confirm_network_healthy](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
 | [null_resource.ocp_console_management](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
 | [null_resource.reset_api_key](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
@@ -273,7 +272,6 @@ Optionally, you need the following permissions to attach Access Management tags
 | [ibm_container_vpc_worker_pool.all_pools](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/data-sources/container_vpc_worker_pool) | data source |
 | [ibm_iam_account_settings.iam_account_settings](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/data-sources/iam_account_settings) | data source |
 | [ibm_iam_auth_token.reset_api_key_tokendata](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/data-sources/iam_auth_token) | data source |
-| [ibm_iam_auth_token.tokendata](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/data-sources/iam_auth_token) | data source |
 | [ibm_is_lbs.all_lbs](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/data-sources/is_lbs) | data source |
 | [ibm_is_virtual_endpoint_gateway.api_vpe](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/data-sources/is_virtual_endpoint_gateway) | data source |
 | [ibm_is_virtual_endpoint_gateway.master_vpe](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/data-sources/is_virtual_endpoint_gateway) | data source |

@@ -6,7 +6,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = "1.76.0"
+      version = "1.78.2"
     }
   }
 }
@@ -6,7 +6,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.71.0"
+      version = ">= 1.78.2"
     }
     kubernetes = {
       source  = "hashicorp/kubernetes"

@@ -6,7 +6,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = "1.76.0"
+      version = "1.78.2"
     }
   }
 }
@@ -6,7 +6,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.71.0"
+      version = ">= 1.78.2"
     }
   }
 }
@@ -6,7 +6,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.71.0"
+      version = ">= 1.78.2"
     }
   }
 }
@@ -6,7 +6,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "ibm-cloud/ibm"
-      version = ">= 1.71.0"
+      version = ">= 1.78.2"
     }
   }
 }
@@ -6,7 +6,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "ibm-cloud/ibm"
-      version = ">= 1.71.0"
+      version = ">= 1.78.2"
     }
     kubernetes = {
       source  = "hashicorp/kubernetes"

@@ -602,30 +602,7 @@ locals {
   lbs_associated_with_cluster = length(var.additional_lb_security_group_ids) > 0 ? [for lb in data.ibm_is_lbs.all_lbs[0].load_balancers : lb.id if strcontains(lb.name, local.cluster_id)] : []
 }
 
-
-data "ibm_iam_auth_token" "tokendata" {
-  depends_on = [data.ibm_is_lbs.all_lbs]
-}
-
-resource "null_resource" "confirm_lb_active" {
-  count      = length(var.additional_lb_security_group_ids)
-  depends_on = [data.ibm_iam_auth_token.tokendata]
-
-  triggers = {
-    confirm_lb_active = var.additional_lb_security_group_ids[count.index]
-  }
-
-  provisioner "local-exec" {
-    command     = "${path.module}/scripts/confirm_lb_active.sh ${var.region} ${local.lbs_associated_with_cluster[count.index]} ${var.use_private_endpoint}"
-    interpreter = ["/bin/bash", "-c"]
-    environment = {
-      IAM_TOKEN = data.ibm_iam_auth_token.tokendata.iam_access_token
-    }
-  }
-}
-
 module "attach_sg_to_lb" {
-  depends_on                     = [null_resource.confirm_lb_active]
   count                          = length(var.additional_lb_security_group_ids)
   source                         = "terraform-ibm-modules/security-group/ibm"
   version                        = "2.7.0"

@@ -93,7 +93,7 @@ module "ocp_base_fscloud" {
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.9.0 |
-| <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | >= 1.71.0, < 2.0.0 |
+| <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | >= 1.78.2, < 2.0.0 |
 | <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.16.1, < 3.0.0 |
 | <a name="requirement_null"></a> [null](#requirement\_null) | >= 3.2.1, < 4.0.0 |
 | <a name="requirement_time"></a> [time](#requirement\_time) | >= 0.9.1, < 1.0.0 |

@@ -12,7 +12,7 @@ terraform {
     # tflint-ignore: terraform_unused_required_providers
     ibm = {
       source  = "ibm-cloud/ibm"
-      version = ">= 1.71.0, < 2.0.0"
+      version = ">= 1.78.2, < 2.0.0"
     }
     # tflint-ignore: terraform_unused_required_providers
     null = {

@@ -57,7 +57,7 @@ module "kube_audit" {
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >=1.9.0 |
 | <a name="requirement_helm"></a> [helm](#requirement\_helm) | >= 2.15.0, <3.0.0 |
-| <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | >= 1.70.0, <2.0.0 |
+| <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | >= 1.78.2, <2.0.0 |
 | <a name="requirement_null"></a> [null](#requirement\_null) | >= 3.2.1, < 4.0.0 |
 | <a name="requirement_time"></a> [time](#requirement\_time) | >= 0.9.1, < 1.0.0 |
 

@@ -6,7 +6,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "ibm-cloud/ibm"
-      version = ">= 1.70.0, <2.0.0"
+      version = ">= 1.78.2, <2.0.0"
     }
     null = {
       source  = "hashicorp/null"

@@ -17,7 +17,7 @@ The following resources are provisioned by this example:
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >=1.9.0 |
-| <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | 1.78.0 |
+| <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | 1.78.2 |
 
 ### Modules
 
@@ -35,8 +35,8 @@ The following resources are provisioned by this example:
 
 | Name | Type |
 |------|------|
-| [ibm_is_subnet.subnets](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.0/docs/data-sources/is_subnet) | data source |
-| [ibm_is_subnets.vpc_subnets](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.0/docs/data-sources/is_subnets) | data source |
+| [ibm_is_subnet.subnets](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.2/docs/data-sources/is_subnet) | data source |
+| [ibm_is_subnets.vpc_subnets](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.2/docs/data-sources/is_subnets) | data source |
 
 ### Inputs
 

@@ -5,7 +5,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = "1.78.0"
+      version = "1.78.2"
     }
   }
 }
@@ -15,12 +15,6 @@ const advancedExampleDir = "examples/advanced"
 const basicExampleDir = "examples/basic"
 const fscloudExampleDir = "examples/fscloud"
 const crossKmsSupportExampleDir = "examples/cross_kms_support"
-const customsgExampleDir = "examples/custom_sg"
-
-// Ensure there is one test per supported OCP version
-const ocpVersion2 = "4.16" // used by TestCustomSGExample and TestRunCustomsgExample
-const ocpVersion3 = "4.15" // used by TestRunAdvancedExample and TestCrossKmsSupportExample
-const ocpVersion4 = "4.14" // used by TestRunAddRulesToSGExample and TestRunBasicExample
 
 func setupOptions(t *testing.T, prefix string, terraformDir string, ocpVersion string) *testhelper.TestOptions {
 	options := testhelper.TestOptionsDefaultWithVars(&testhelper.TestOptions{
@@ -74,17 +68,6 @@ func TestRunBasicExample(t *testing.T) {
 	assert.NotNil(t, output, "Expected some output")
 }
 
-func TestRunCustomsgExample(t *testing.T) {
-	t.Parallel()
-
-	options := setupOptions(t, "base-ocp-customsg", customsgExampleDir, ocpVersion2)
-
-	output, err := options.RunTestConsistency()
-
-	assert.Nil(t, err, "This should not have errored")
-	assert.NotNil(t, output, "Expected some output")
-}
-
 func TestRunMultiClusterExample(t *testing.T) {
 	t.Parallel()
 	options := testhelper.TestOptionsDefaultWithVars(&testhelper.TestOptions{
@@ -147,28 +130,6 @@ func TestRunAddRulesToSGExample(t *testing.T) {
 	assert.NotNil(t, output, "Expected some output")
 }
 
-func TestCustomSGExample(t *testing.T) {
-	t.Parallel()
-	options := testhelper.TestOptionsDefaultWithVars(&testhelper.TestOptions{
-		Testing:       t,
-		TerraformDir:  "examples/custom_sg",
-		Prefix:        "cust-sg",
-		ResourceGroup: resourceGroup,
-		ImplicitDestroy: []string{
-			"module.ocp_base.null_resource.confirm_network_healthy",
-			"module.ocp_base.null_resource.reset_api_key",
-		},
-		// Do not hard fail the test if the implicit destroy steps fail to allow a full destroy of resource to occur
-		ImplicitRequired: false,
-		TerraformVars: map[string]interface{}{
-			"ocp_version": ocpVersion2,
-		},
-	})
-	output, err := options.RunTestConsistency()
-	assert.Nil(t, err, "This should not have errored")
-	assert.NotNil(t, output, "Expected some output")
-}
-
 func TestCrossKmsSupportExample(t *testing.T) {
 	t.Parallel()
 

@@ -15,18 +15,23 @@ import (
 	"github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/common"
 	"github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testschematic"
 
+	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/cloudinfo"
 	"github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testhelper"
 )
 
 const fullyConfigurableTerraformDir = "solutions/fully-configurable"
+const customsgExampleDir = "examples/custom_sg"
 
 // Define a struct with fields that match the structure of the YAML data
 const yamlLocation = "../common-dev-assets/common-go-assets/common-permanent-resources.yaml"
 
 // Ensure there is one test per supported OCP version
 const ocpVersion1 = "4.17" // used by TestRunFullyConfigurable, TestRunUpgradeFullyConfigurable, TestFSCloudInSchematic and TestRunMultiClusterExample
+const ocpVersion2 = "4.16" // used by TestCustomSGExample and TestRunCustomsgExample
+const ocpVersion3 = "4.15" // used by TestRunAdvancedExample and TestCrossKmsSupportExample
+const ocpVersion4 = "4.14" // used by TestRunAddRulesToSGExample and TestRunBasicExample
 
 var (
 	sharedInfoSvc      *cloudinfo.CloudInfoService
@@ -153,3 +158,33 @@ func TestRunUpgradeFullyConfigurable(t *testing.T) {
 	require.NoError(t, options.RunSchematicUpgradeTest(), "This should not have errored")
 	cleanupTerraform(t, existingTerraformOptions, prefix)
 }
+
+// Adding the custom_sg example test to PR test.
+// The custom_sg example was the subject of an IBM-Cloud provider bug in the past that has been resolved,
+// so we want to keep testing this use-case in the PR pipelines.
+func TestRunCustomsgExample(t *testing.T) {
+	t.Parallel()
+
+	options := testhelper.TestOptionsDefaultWithVars(&testhelper.TestOptions{
+		Testing:          t,
+		TerraformDir:     customsgExampleDir,
+		Prefix:           "base-ocp-customsg",
+		ResourceGroup:    "geretain-test-base-ocp-vpc",
+		CloudInfoService: sharedInfoSvc,
+		ImplicitDestroy: []string{
+			"module.ocp_base.null_resource.confirm_network_healthy",
+			"module.ocp_base.null_resource.reset_api_key",
+		},
+		ImplicitRequired: false,
+		TerraformVars: map[string]interface{}{
+			"ocp_version":     ocpVersion2,
+			"access_tags":     permanentResources["accessTags"],
+			"ocp_entitlement": "cloud_pak",
+		},
+	})
+
+	output, err := options.RunTestConsistency()
+
+	assert.Nil(t, err, "This should not have errored")
+	assert.NotNil(t, output, "Expected some output")
+}
@@ -4,7 +4,7 @@ terraform {
     # Use "greater than or equal to" range in modules
     ibm = {
       source  = "ibm-cloud/ibm"
-      version = ">= 1.71.0, < 2.0.0"
+      version = ">= 1.78.2, < 2.0.0"
     }
     null = {
       source  = "hashicorp/null"