Skip to content

16016 part3 changes #800

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 12 commits into from
Sep 26, 2025
+94 −52
Merged

16016 part3 changes #800

Show file tree
Hide file tree
Changes from 10 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
ac1157a
catalog changes
mukulpalit-ibm Sep 19, 2025
b4b32ba
test
mukulpalit-ibm Sep 19, 2025
99be7bf
test
mukulpalit-ibm Sep 19, 2025
a730813
changes
mukulpalit-ibm Sep 21, 2025
439f15e
Desc changes
mukulpalit-ibm Sep 22, 2025
cfd1761
Merge branch 'main' into 16016-part3-changes
mukulpalit-ibm Sep 22, 2025
bd7012b
Merge branch 'main' into 16016-part3-changes
mukulpalit-ibm Sep 22, 2025
291a015
Merge branch 'main' into 16016-part3-changes
mukulpalit-ibm Sep 23, 2025
2b84726
change SM plan
mukulpalit-ibm Sep 24, 2025
2c0ab00
Update required fields
mukulpalit-ibm Sep 24, 2025
937952f
Update subnets
mukulpalit-ibm Sep 25, 2025
2179fb0
Merge branch 'main' into 16016-part3-changes
mukulpalit-ibm Sep 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
113 changes: 70 additions & 43 deletions ibm_catalog.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -493,17 +493,6 @@
}
]
},
{
"key": "existing_vpc_crn",
"required": true,
"value_constraints": [
{
"type": "regex",
"description": "The value provided for 'existing_vpc_crn' is not valid.",
"value": "^crn:(.*:){3}is:(.*:){2}:vpc:[0-9a-z]{4}-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"
}
]
},
{
"key": "region",
"required": true,
Expand All @@ -520,17 +509,6 @@
"virtual": true,
"default_value": "us-south"
},
{
"key": "existing_cos_instance_crn",
"required": true,
"value_constraints": [
{
"type": "regex",
"description": "The value provided for 'existing_cos_instance_crn' is not valid.",
"value": "^crn:(.*:){3}cloud-object-storage:(.*:){2}[0-9a-fA-F]{8}(?:-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}::$"
}
]
},
{
"key": "allow_public_access_to_cluster",
"required": true
Expand Down Expand Up @@ -609,6 +587,7 @@
},
{
"key": "cluster_ready_when",
"hidden": true,
"options": [
{
"displayname": "Normal",
Expand All @@ -632,10 +611,16 @@
"key": "enable_ocp_console"
},
{
"key": "addons"
"key": "addons",
"custom_config": {
"type": "code_editor",
"grouping": "deployment",
"original_grouping": "deployment"
}
},
{
"key": "manage_all_addons"
"key": "manage_all_addons",
"hidden": true
},
{
"key": "additional_worker_pools",
Expand All @@ -648,24 +633,27 @@
},
{
"key": "worker_pools_taints",
"type": "array",
"hidden": true,
"custom_config": {
"type": "code_editor",
"grouping": "deployment",
"original_grouping": "deployment"
}
},
{
"key": "ignore_worker_pool_size_changes"
"key": "ignore_worker_pool_size_changes",
"hidden": true
},
{
"key": "allow_default_worker_pool_replacement"
"key": "allow_default_worker_pool_replacement",
"hidden": true
},
{
"key": "default_worker_pool_labels"
},
{
"key": "enable_autoscaling_for_default_pool"
"key": "enable_autoscaling_for_default_pool",
"hidden": true
},
{
"key": "default_pool_minimum_number_of_nodes"
Expand All @@ -677,13 +665,15 @@
"key": "additional_security_group_ids"
},
{
"key": "existing_subnet_ids"
"key": "existing_subnet_ids",
"hidden": true
},
{
"key": "use_private_endpoint"
},
{
"key": "cluster_config_endpoint_type",
"hidden": true,
"options": [
{
"displayname": "default",
Expand All @@ -707,25 +697,30 @@
"key": "allow_outbound_traffic"
},
{
"key": "verify_worker_network_readiness"
"key": "verify_worker_network_readiness",
"hidden": true
},
{
"key": "pod_subnet_cidr"
"key": "pod_subnet_cidr",
"hidden": true
},
{
"key": "service_subnet_cidr"
"key": "service_subnet_cidr",
"hidden": true
},
{
"key": "custom_security_group_ids"
},
{
"key": "attach_ibm_managed_security_group"
"key": "attach_ibm_managed_security_group",
"hidden": true
},
{
"key": "additional_lb_security_group_ids"
},
{
"key": "number_of_lbs"
"key": "number_of_lbs",
"hidden": true
},
{
"key": "additional_vpe_security_group_ids"
Expand Down Expand Up @@ -790,13 +785,16 @@
]
},
{
"key": "boot_volume_kms_key_name"
"key": "boot_volume_kms_key_name",
"hidden": true
},
{
"key": "boot_volume_kms_key_ring_name"
"key": "boot_volume_kms_key_ring_name",
"hidden": true
},
{
"key": "cbr_rules",
"hidden": true,
"display_name": "openshift_cluster_cbr_rules",
"type": "array",
"custom_config": {
Expand Down Expand Up @@ -847,19 +845,43 @@
"value": "trial"
}
],
"default_value": "__NOT_SET__",
"default_value": "standard",
"description": "The pricing plan to use when provisioning a Secrets Manager instance. Possible values: `standard`, `trial`. You can create only one Trial instance of Secrets Manager per account. Before you can create a new Trial instance, you must delete the existing Trial instance and its reclamation. [Learn more](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-create-instance&interface=ui#upgrade-instance-standard)."
},
{
"key": "existing_vpc_crn",
"value_constraints": [
{
"type": "regex",
"description": "The value provided for 'existing_vpc_crn' is not valid.",
"value": "^crn:(.*:){3}is:(.*:){2}:vpc:[0-9a-z]{4}-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"
}
]
},
{
"key": "existing_cos_instance_crn",
"value_constraints": [
{
"type": "regex",
"description": "The value provided for 'existing_cos_instance_crn' is not valid.",
"value": "^crn:(.*:){3}cloud-object-storage:(.*:){2}[0-9a-fA-F]{8}(?:-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}::$"
}
]
},
{
"key": "skip_ocp_secrets_manager_iam_auth_policy"
},
{
"key": "subnets",
"type": "object",
"default_value": "{\n zone-1 = [\n {\n name = \"subnet-a\"\n cidr = \"10.10.10.0/24\"\n public_gateway = true\n acl_name = \"vpc-acl\"\n no_addr_prefix = false\n }\n ],\n zone-2 = [\n {\n name = \"subnet-b\"\n cidr = \"10.20.10.0/24\"\n public_gateway = false\n acl_name = \"vpc-acl\"\n no_addr_prefix = false\n }\n ],\n zone-3 = [\n {\n name = \"subnet-c\"\n cidr = \"10.30.10.0/24\"\n public_gateway = false\n acl_name = \"vpc-acl\"\n no_addr_prefix = false\n }\n ]\n }",
"description": "List of subnets for the vpc. For each item in each array, a subnet will be created. Items can be either CIDR blocks or total ipv4 addresses. Public gateways will be enabled only in zones where a gateway has been created. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#subnets-).",
"required": false,
"virtual": true
"virtual": true,
"custom_config": {
"grouping": "deployment",
"original_grouping": "deployment",
"type": "code_editor"
}
},
{
"key": "network_acls",
Expand Down Expand Up @@ -896,10 +918,12 @@
"key": "enable_kube_audit"
},
{
"key": "audit_deployment_name"
"key": "audit_deployment_name",
"hidden": true
},
{
"key": "audit_log_policy",
"hidden": true,
"options": [
{
"displayname": "Default",
Expand All @@ -912,13 +936,16 @@
]
},
{
"key": "audit_namespace"
"key": "audit_namespace",
"hidden": true
},
{
"key": "audit_webhook_listener_image"
"key": "audit_webhook_listener_image",
"hidden": true
},
{
"key": "audit_webhook_listener_image_tag_digest"
"key": "audit_webhook_listener_image_tag_digest",
"hidden": true
}
],
"dependencies": [
Expand Down
29 changes: 22 additions & 7 deletions solutions/fully-configurable/DA_docs.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,13 @@

Several optional input variables in the Red Hat Openshift Cluster [Deployable Architecture](https://cloud.ibm.com/catalog#deployable_architecture) use complex object types. You can specify these inputs when you configure your Deployable Architectures (DA).

- [Add-ons](#options-with-addons) (`addons`)
- [Add-ons](#options-with-add-ons) (`addons`)
- [Manage All Add-ons](#manage-all-add-ons) (`manage_all_addons`)
- [Additional Worker Pools](#options-with-additional-worker-pools) (`additional_worker_pools`)
- [Worker Pool Taints](#options-with-worker-pools-taints) (`worker_pools_taints`)
- [Additional VPE Security IDs](#options-with-additional-vpe-security-group-ids) (`additional_vpe_security_group_ids`)
- [Context Based Restrictions](#options-with-cbr) (`cbr_rules`)
- [Additional Worker Pools](#additional-worker-pools) (`additional_worker_pools`)
- [Worker Pool Taints](#options-with-worker_pool_taints) (`worker_pools_taints`)
- [Additional VPE Security IDs](#options-with-additional_vpe_security_group_ids) (`additional_vpe_security_group_ids`)
- [Context Based Restrictions](#options-with-cbr_rules) (`cbr_rules`)
- [Default Worker Pool Labels](#default-worker-pool-labels) (`default_worker_pool_labels`)

## Options with Add-ons <a name="options-with-addons"></a>

Expand Down Expand Up @@ -88,7 +89,7 @@ The variable `manage_all_addons` determines whether Terraform manages all add-on

- If set to `false`, Terraform will only manage the add-ons listed in the addons map, leaving any others unchanged.

## Options with additional_worker_pools <a name="options-with-additional-worker-pools"></a>
## Additional Worker Pools <a name="options-with-additional-worker-pools"></a>

This variable defines the worker node pools for your OCP cluster, with each pool having its own configuration settings.

Expand Down Expand Up @@ -129,7 +130,7 @@ This variable defines the worker node pools for your OCP cluster, with each pool
{
id = "<REPLACE ME>"
zone = "us-south-1"
cidr_block = " "10.10.10.0/24"
cidr_block = "10.10.10.0/24"
},
{
id = "<REPLACE ME>"
Expand Down Expand Up @@ -256,3 +257,17 @@ This variable allows you to provide a rule for the target service to enforce acc
}
]
```

## Default Worker Pool Labels <a name="default-worker-pool-labels"></a>

This variable is used to assign a set of key-value labels to the default worker pool for identification. Labels are helpful for organizing and filtering your resources.

- Variable name: `default_worker_pool_labels`
- Type: map(string)
- Default value: An empty map (`{}`).

### Example for default_worker_pool_labels

```hcl
{env = "prod", team = "devops"}
```
2 changes: 1 addition & 1 deletion solutions/fully-configurable/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -186,7 +186,7 @@ variable "default_worker_pool_operating_system" {

variable "default_worker_pool_labels" {
type = map(string)
description = "A set of key-value labels assigned to the worker pool for identification. For Example: { env = \"prod\", team = \"devops\" }"
description = "A set of key-value labels assigned to the worker pool for identification. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-base-ocp-vpc/blob/main/solutions/fully-configurable/DA_docs.md#default-worker-pool-labels)"
default = {}
}

Expand Down