Skip to content

feat: simplify fully configurable #821

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 20, 2025
+44 −16
Merged

feat: simplify fully configurable #821

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8ed7706
feat: simplify fully configurable
vburckhardt Oct 17, 2025
e75b91c
Merge branch 'main' into simply-fully-configurable
ocofaigh Oct 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
56 changes: 42 additions & 14 deletions ibm_catalog.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -528,6 +528,7 @@
"description": "When set to `true`, the IBM Cloud Monitoring instance will be configured to collect platform metrics from the provided region. ⚠️ You can configure 1 instance only of the IBM Cloud Monitoring service per region to collect platform metrics in that location. Check with the account or service administrator if another monitoring instance has already been configured. You may not have permissions to see all monitoring instances in the region. [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-platform_metrics_enabling).",
"required": true,
"virtual": true,
"hidden": true,
"options": [
{
"displayname": "true",
Expand All @@ -546,6 +547,7 @@
"description": "To manage platform logs that are generated by IBM Cloud services in a region of IBM Cloud, you must create a tenant in each region that you operate. Pass a list of regions to create a tenant in. For example: [\"us-south\", \"us-east\"]. [Learn more](https://cloud.ibm.com/docs/logs-router?topic=logs-router-about-platform-logs).",
"required": true,
"virtual": true,
"hidden": true,
"custom_config": {
"grouping": "deployment",
"original_grouping": "deployment",
Expand Down Expand Up @@ -616,10 +618,12 @@
]
},
{
"key": "enable_ocp_console"
"key": "enable_ocp_console",
"hidden": true
},
{
"key": "addons",
"hidden": true,
"custom_config": {
"type": "code_editor",
"grouping": "deployment",
Expand All @@ -633,6 +637,7 @@
{
"key": "additional_worker_pools",
"type": "array",
"hidden": true,
"custom_config": {
"type": "code_editor",
"grouping": "deployment",
Expand All @@ -658,6 +663,7 @@
},
{
"key": "default_worker_pool_labels",
"hidden": true,
"custom_config": {
"type": "code_editor",
"grouping": "deployment",
Expand All @@ -669,13 +675,16 @@
"hidden": true
},
{
"key": "default_pool_minimum_number_of_nodes"
"key": "default_pool_minimum_number_of_nodes",
"hidden": true
},
{
"key": "default_pool_maximum_number_of_nodes"
"key": "default_pool_maximum_number_of_nodes",
"hidden": true
},
{
"key": "additional_security_group_ids",
"hidden": true,
"custom_config": {
"type": "array",
"grouping": "deployment",
Expand All @@ -690,7 +699,8 @@
"hidden": true
},
{
"key": "use_private_endpoint"
"key": "use_private_endpoint",
"hidden": true
},
{
"key": "cluster_config_endpoint_type",
Expand Down Expand Up @@ -731,6 +741,7 @@
},
{
"key": "custom_security_group_ids",
"hidden": true,
"custom_config": {
"type": "array",
"grouping": "deployment",
Expand All @@ -746,6 +757,7 @@
},
{
"key": "additional_lb_security_group_ids",
"hidden": true,
"description": "A list of additional security group IDs to be attached to the load balancers associated with the cluster. These groups are applied in addition to the default IBM-managed security group."
},
{
Expand All @@ -754,17 +766,20 @@
},
{
"key": "additional_vpe_security_group_ids",
"hidden": true,
"custom_config": {
"type": "code_editor",
"grouping": "deployment",
"original_grouping": "deployment"
}
},
{
"key": "ibmcloud_kms_api_key"
"key": "ibmcloud_kms_api_key",
"hidden": true
},
{
"key": "kms_encryption_enabled_cluster"
"key": "kms_encryption_enabled_cluster",
"hidden": true
},
{
"key": "existing_kms_instance_crn",
Expand All @@ -774,10 +789,12 @@
"description": "The value provided for 'existing_kms_instance_crn' is not valid.",
"value": "^__NULL__$|^crn:(.*:){3}(kms|hs-crypto):(.*:){2}[0-9a-fA-F]{8}(?:-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}::$"
}
]
],
"hidden": true
},
{
"key": "existing_cluster_kms_key_crn",
"hidden": true,
"value_constraints": [
{
"type": "regex",
Expand All @@ -801,16 +818,20 @@
"hidden": true
},
{
"key": "cluster_kms_key_name"
"key": "cluster_kms_key_name",
"hidden": true
},
{
"key": "cluster_kms_key_ring_name"
"key": "cluster_kms_key_ring_name",
"hidden": true
},
{
"key": "kms_encryption_enabled_boot_volume"
"key": "kms_encryption_enabled_boot_volume",
"hidden": true
},
{
"key": "existing_boot_volume_kms_key_crn",
"hidden": true,
"value_constraints": [
{
"type": "regex",
Expand Down Expand Up @@ -839,7 +860,8 @@
}
},
{
"key": "enable_secrets_manager_integration"
"key": "enable_secrets_manager_integration",
"hidden": true
},
{
"key": "existing_secrets_manager_instance_crn",
Expand All @@ -849,10 +871,12 @@
"description": "The value provided for 'existing_secrets_manager_instance_crn' is not valid.",
"value": "^__NULL__$|^crn:(.*:){3}secrets-manager:(.*:){2}[0-9a-fA-F]{8}(?:-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}::$"
}
]
],
"hidden": true
},
{
"key": "secrets_manager_secret_group_id",
"hidden": true,
"value_constraints": [
{
"type": "regex",
Expand Down Expand Up @@ -906,14 +930,16 @@
]
},
{
"key": "skip_ocp_secrets_manager_iam_auth_policy"
"key": "skip_ocp_secrets_manager_iam_auth_policy",
"hidden": true
},
{
"key": "subnets",
"default_value": "{\n zone-1 = [\n {\n name = \"subnet-a\"\n cidr = \"10.10.10.0/24\"\n public_gateway = true\n acl_name = \"vpc-acl\"\n no_addr_prefix = false\n }\n ],\n zone-2 = [\n {\n name = \"subnet-b\"\n cidr = \"10.20.10.0/24\"\n public_gateway = true\n acl_name = \"vpc-acl\"\n no_addr_prefix = false\n }\n ],\n zone-3 = [\n {\n name = \"subnet-c\"\n cidr = \"10.30.10.0/24\"\n public_gateway = true\n acl_name = \"vpc-acl\"\n no_addr_prefix = false\n }\n ]\n }",
"description": "List of subnets for the vpc. For each item in each array, a subnet will be created. Items can be either CIDR blocks or total ipv4 addresses. Public gateways will be enabled only in zones where a gateway has been created. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#subnets-).",
"required": false,
"virtual": true,
"hidden": true,
"custom_config": {
"grouping": "deployment",
"original_grouping": "deployment",
Expand All @@ -927,6 +953,7 @@
"description": "The list of ACLs to create. Provide at least one rule for each ACL. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#network-acls-).",
"required": false,
"virtual": true,
"hidden": true,
"custom_config": {
"type": "code_editor",
"grouping": "deployment",
Expand All @@ -952,7 +979,8 @@
"hidden": true
},
{
"key": "enable_kube_audit"
"key": "enable_kube_audit",
"hidden": true
},
{
"key": "audit_deployment_name",
Expand Down
4 changes: 2 additions & 2 deletions solutions/fully-configurable/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -269,13 +269,13 @@ variable "use_private_endpoint" {
variable "allow_public_access_to_cluster_management" {
type = bool
description = "Set to true to access the cluster through a public cloud service endpoint. [Learn More](https://cloud.ibm.com/docs/openshift?topic=openshift-access_cluster)."
default = false
default = true
}

variable "allow_outbound_traffic" {
type = bool
description = "Set to true to allow public outbound access from the cluster workers."
default = false
default = true
}

variable "cluster_config_endpoint_type" {
Expand Down