fix: add capability to add existing rule_contexts in CBR rules in the DA (#678)

Author: dishankkalra23

.github/settings.yml

@@ -24,4 +24,4 @@ repository:
   # and update the description to the current repo description.
   description: "This module can be used to provision and configure Context Based Restrictions."
 
-  topics: core-team, terraform, ibm-cloud, terraform-module, cbr, context-based-restrictions, graduated, supported
+  topics: core-team, terraform, ibm-cloud, terraform-module, cbr, context-based-restrictions, graduated, supported, deployable-architecture

solutions/fully-configurable/main.tf

@@ -62,8 +62,7 @@ module "cbr_rule" {
   for_each         = var.cbr_rules
   source           = "../../modules/cbr-rule-module"
   rule_description = each.value.rule_description
-  # rule_contexts    = concat(local.rule_zone_contexts[each.key], each.value.rule_contexts)
-  rule_contexts    = local.rule_zone_contexts[each.key]
+  rule_contexts    = concat(local.rule_zone_contexts[each.key], each.value.rule_contexts)
   enforcement_mode = each.value.enforcement_mode
   resources        = each.value.resources
   operations       = each.value.operations

solutions/fully-configurable/outputs.tf

@@ -4,10 +4,10 @@
 
 output "network_zone_ids" {
   value       = local.cbr_zone_ids
-  description = "Array of all the CBR rules created"
+  description = "List of all the CBR zones created"
 }
 
 output "cbr_rule_ids" {
   value       = local.cbr_rule_ids
-  description = "Array of all the CBR zones created"
+  description = "List of all the CBR rules created"
 }

tests/pr_test.go

@@ -395,7 +395,7 @@ func TestFullyConfigurableDAInSchematics(t *testing.T) {
 	// Sample data for cbr_rules
 	cbrRules := map[string]interface{}{
 		"rule1": map[string]interface{}{
-			"rule_description": "Only allow Redis access from zone1 with ipAddress 192.168.99.99 and zone2 with ipAddress 192.168.98.98",
+			"rule_description": "Only allow App Configuration access from zone1 with ipAddress 192.168.99.99 and zone2 with ipAddress 192.168.98.98",
 			"enforcement_mode": "disabled",
 			"resources": []map[string]interface{}{
 				{
@@ -406,7 +406,7 @@ func TestFullyConfigurableDAInSchematics(t *testing.T) {
 						},
 						{
 							"name":  "serviceName",
-							"value": "databases-for-redis",
+							"value": "apprapp",
 						},
 					},
 				},
@@ -415,15 +415,15 @@ func TestFullyConfigurableDAInSchematics(t *testing.T) {
 				{
 					"api_types": []map[string]interface{}{
 						{
-							"api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:data-plane",
+							"api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:",
 						},
 					},
 				},
 			},
 			"zone_keys": []string{"zone1", "zone2"},
 		},
 		"rule2": map[string]interface{}{
-			"rule_description": "Only allow Postgres access from zone2 with ipAddress 192.168.98.98",
+			"rule_description": "Only allow Container Registry access from zone2 with ipAddress 192.168.98.98",
 			"resources": []map[string]interface{}{
 				{
 					"attributes": []map[string]interface{}{
@@ -433,7 +433,7 @@ func TestFullyConfigurableDAInSchematics(t *testing.T) {
 						},
 						{
 							"name":  "serviceName",
-							"value": "databases-for-postgresql",
+							"value": "container-registry",
 						},
 					},
 				},
@@ -442,7 +442,7 @@ func TestFullyConfigurableDAInSchematics(t *testing.T) {
 				{
 					"api_types": []map[string]interface{}{
 						{
-							"api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:data-plane",
+							"api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:",
 						},
 					},
 				},
@@ -487,17 +487,17 @@ func TestRunUpgradeFullyConfigurableDAInSchematics(t *testing.T) {
 
 	// Sample data for cbr_zones
 	cbrZones := map[string]interface{}{
-		"zone1": map[string]interface{}{
-			"name": "test-zone-1",
+		"zone3": map[string]interface{}{
+			"name": "test-zone-3",
 			"addresses": []map[string]interface{}{
 				{
 					"type":  "ipAddress",
 					"value": "192.168.99.99",
 				},
 			},
 		},
-		"zone2": map[string]interface{}{
-			"name": "test-zone-2",
+		"zone4": map[string]interface{}{
+			"name": "test-zone-4",
 			"addresses": []map[string]interface{}{
 				{
 					"type":  "ipAddress",
@@ -515,7 +515,7 @@ func TestRunUpgradeFullyConfigurableDAInSchematics(t *testing.T) {
 	// Sample data for cbr_rules
 	cbrRules := map[string]interface{}{
 		"rule1": map[string]interface{}{
-			"rule_description": "Only allow Redis access from zone1 with ipAddress 192.168.99.99 and zone2 with ipAddress 192.168.98.98",
+			"rule_description": "Only allow Redis access from zone3 with ipAddress 192.168.99.99 and zone4 with ipAddress 192.168.98.98",
 			"enforcement_mode": "disabled",
 			"resources": []map[string]interface{}{
 				{
@@ -540,10 +540,10 @@ func TestRunUpgradeFullyConfigurableDAInSchematics(t *testing.T) {
 					},
 				},
 			},
-			"zone_keys": []string{"zone1", "zone2"},
+			"zone_keys": []string{"zone3", "zone4"},
 		},
 		"rule2": map[string]interface{}{
-			"rule_description": "Only allow Postgres access from zone2 with ipAddress 192.168.98.98",
+			"rule_description": "Only allow Postgres access from zone3 with ipAddress 192.168.98.98",
 			"resources": []map[string]interface{}{
 				{
 					"attributes": []map[string]interface{}{
@@ -567,7 +567,7 @@ func TestRunUpgradeFullyConfigurableDAInSchematics(t *testing.T) {
 					},
 				},
 			},
-			"zone_keys": []string{"zone2"},
+			"zone_keys": []string{"zone4"},
 		},
 	}