fix: Added Missing parts in OCP DA

solutions/fully-configurable/main.tf

@@ -195,7 +195,7 @@ locals {
   # Managing the ODF version accordingly, as it changes with each OCP version.
   addons = lookup(var.addons, "openshift-data-foundation", null) != null ? lookup(var.addons["openshift-data-foundation"], "version", null) == null ? { for key, value in var.addons :
     key => value != null ? {
-      version         = lookup(value, "version", null) == null && key == "openshift-data-foundation" ? "${var.ocp_version}.0" : lookup(value, "version", null)
+      version         = lookup(value, "version", null) == null && key == "openshift-data-foundation" ? "${var.openshift_version}.0" : lookup(value, "version", null)
       parameters_json = lookup(value, "parameters_json", null)
   } : null } : var.addons : var.addons
 }
@@ -211,7 +211,7 @@ module "ocp_base" {
   existing_cos_id                          = var.existing_cos_instance_crn
   vpc_id                                   = local.existing_vpc_id
   vpc_subnets                              = local.vpc_subnets
-  ocp_version                              = var.ocp_version
+  ocp_version                              = var.openshift_version
   worker_pools                             = local.worker_pools
   access_tags                              = var.access_tags
   ocp_entitlement                          = var.ocp_entitlement
@@ -224,8 +224,8 @@ module "ocp_base" {
   cbr_rules                                = var.cbr_rules
   cluster_ready_when                       = var.cluster_ready_when
   custom_security_group_ids                = var.custom_security_group_ids
-  disable_outbound_traffic_protection      = var.disable_outbound_traffic_protection
-  disable_public_endpoint                  = var.disable_public_endpoint
+  disable_outbound_traffic_protection      = var.allow_outbound_traffic
+  disable_public_endpoint                  = !var.allow_public_access_to_cluster
   enable_ocp_console                       = var.enable_ocp_console
   ignore_worker_pool_size_changes          = var.ignore_worker_pool_size_changes
   kms_config                               = local.kms_config

solutions/fully-configurable/variables.tf

@@ -67,7 +67,7 @@ variable "cluster_name" {
   default     = "openshift"
 }
 
-variable "ocp_version" {
+variable "openshift_version" {
   type        = string
   description = "Version of the OpenShift cluster to provision."
   default     = null
@@ -266,10 +266,16 @@ variable "use_private_endpoint" {
   default     = true
 }
 
-variable "disable_public_endpoint" {
+variable "allow_public_access_to_cluster" {
   type        = bool
-  description = "Whether access to the public service endpoint is disabled when the cluster is created. Does not affect existing clusters. You can't disable a public endpoint on an existing cluster, so you can't convert a public cluster to a private cluster. To change a public endpoint to private, create another cluster with this input set to `true`. Warning: Set this field to `false` if you want to retain public access to the cluster. Once the cluster is created, this cannot be changed."
-  default     = true
+  description = "Set to true to allow public access to master node of the cluster by enabling public endpoint."
+  default     = false
+}
+
+variable "allow_outbound_traffic" {
+  type        = bool
+  description = "Set to true to allow public outbound access from the cluster workers."
+  default     = false
 }
 
 variable "cluster_config_endpoint_type" {
@@ -279,12 +285,6 @@ variable "cluster_config_endpoint_type" {
   nullable    = false
 }
 
-variable "disable_outbound_traffic_protection" {
-  type        = bool
-  description = "Whether to allow public outbound access from the cluster workers. This is only applicable for OCP 4.15 and later."
-  default     = false
-}
-
 variable "verify_worker_network_readiness" {
   type        = bool
   description = "By setting this to true, a script runs kubectl commands to verify that all worker nodes can communicate successfully with the master. If the runtime does not have access to the kube cluster to run kubectl commands, set this value to false."

solutions/fully-configurable/version.tf

@@ -5,7 +5,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = "1.81.0"
+      version = "1.81.1"
     }
     helm = {
       source  = "hashicorp/helm"

solutions/quickstart/main.tf

@@ -135,14 +135,14 @@ module "ocp_base" {
   cluster_name                        = local.cluster_name
   resource_group_id                   = module.resource_group.resource_group_id
   region                              = var.region
-  ocp_version                         = var.ocp_version
+  ocp_version                         = var.openshift_version
   ocp_entitlement                     = var.ocp_entitlement
   vpc_id                              = module.vpc.vpc_id
   vpc_subnets                         = local.cluster_vpc_subnets
   worker_pools                        = local.worker_pools
-  disable_outbound_traffic_protection = var.disable_outbound_traffic_protection
+  disable_outbound_traffic_protection = var.allow_outbound_traffic
   access_tags                         = var.access_tags
-  disable_public_endpoint             = var.disable_public_endpoint
+  disable_public_endpoint             = !var.allow_public_access_to_cluster
   use_private_endpoint                = true
   cluster_config_endpoint_type        = "default"
 }

solutions/quickstart/variables.tf

@@ -47,7 +47,7 @@ variable "region" {
   default     = "us-south"
 }
 
-variable "ocp_version" {
+variable "openshift_version" {
   type        = string
   description = "Version of the OpenShift cluster to provision."
   default     = null
@@ -91,14 +91,14 @@ variable "size" {
   default     = "mini"
 }
 
-variable "disable_public_endpoint" {
+variable "allow_public_access_to_cluster" {
   type        = bool
-  description = "Disables the public endpoint, which allows internet access to the cluster, during creation only."
-  default     = false
+  description = "Set to true to allow public access to master node of the cluster by enabling public endpoint."
+  default     = true
 }
 
-variable "disable_outbound_traffic_protection" {
+variable "allow_outbound_traffic" {
   type        = bool
-  description = "Whether to allow public outbound access from the cluster workers. This is only applicable for OCP 4.15 and later. [Learn more](https://cloud.ibm.com/docs/openshift?topic=openshift-sbd-allow-outbound)."
+  description = "Set to true to allow public outbound access from the cluster workers."
   default     = true
 }

solutions/quickstart/version.tf

@@ -5,7 +5,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = "1.80.3"
+      version = "1.81.1"
     }
   }
 }