Pre commit fix pr 199 #209
Conversation
.secrets.baseline
Outdated
| "lines": null | ||
| }, | ||
| "generated_at": "2024-04-08T15:16:34Z", | ||
| "generated_at": "2025-03-12T08:49:38Z", |
There was a problem hiding this comment.
Is this the latest one ? Or you need to use what we have on our HPCaaS repo ? @manirtm
| @@ -1,3 +1,3 @@ | |||
| data "ibm_resource_group" "itself" { | |||
| name = var.resource_group | |||
| data "ibm_resource_group" "resource_group" { | |||
There was a problem hiding this comment.
@manirtm May be here also can we use it as existing_resource_group as a resource name ?
| # var.network_cidr | ||
| ]) | ||
| resource_group_id = var.resource_group != null ? data.ibm_resource_group.itself.id : "" | ||
| resource_group_id = var.existing_resource_group != null ? data.ibm_resource_group.resource_group.id : "" |
There was a problem hiding this comment.
@manirtm Once we make the changes above, probably here also you can change that to existing_resource_group
locals.tf
Outdated
| #vpc_id = var.vpc == null ? module.landing_zone.vpc_id[0] : data.ibm_is_vpc.itself[0].id | ||
| #vpc_crn = var.vpc == null ? module.landing_zone.vpc_crn[0] : data.ibm_is_vpc.itself[0].crn | ||
| #vpc_id = var.vpc_name == null ? module.landing_zone.vpc_id[0] : data.ibm_is_vpc.existing_vpc[0].id | ||
| #vpc_crn = var.vpc_name == null ? module.landing_zone.vpc_crn[0] : data.ibm_is_vpc.existing_vpc[0].crn |
There was a problem hiding this comment.
@manirtm If we do not need this content, can we please remove the commented lines ?
locals.tf
Outdated
| service_rg = var.resource_group == null ? module.landing_zone.resource_group_id[0]["service-rg"] : data.ibm_resource_group.resource_group[0].id | ||
| workload_rg = var.resource_group == null ? module.landing_zone.resource_group_id[0]["workload-rg"] : data.ibm_resource_group.resource_group[0].id | ||
| # management_rg = var.existing_resource_group == null ? module.landing_zone.resource_group_id[0]["management-rg"] : one(values(one(module.landing_zone.resource_group_id))) | ||
| service_rg = var.existing_resource_group == null ? module.landing_zone.resource_group_id[0]["service-rg"] : data.ibm_resource_group.resource_group[0].id |
There was a problem hiding this comment.
@manirtm even here when we change the resource name to existing_resource_group.. The data source name should be changed
| ha_shared_dir = local.ha_shared_dir | ||
| nfs_install_dir = local.nfs_install_dir | ||
| Enable_Monitoring = local.Enable_Monitoring | ||
| enable_monitoring = local.enable_monitoring |
There was a problem hiding this comment.
@manirtm We are setting enable_monitoring as false on the locals above. What monitoring is this used for ? Is this the observability monitoring ?
modules/deployer/datasource.tf
Outdated
| @@ -1,4 +1,4 @@ | |||
| data "ibm_resource_group" "itself" { | |||
| data "ibm_resource_group" "resource_group" { | |||
There was a problem hiding this comment.
@manirtm I would prefer to use the same existing_resource_group
| source = "./../key" | ||
| private_key_path = var.enable_bastion ? "${path.root}/../../modules/ansible-roles/compute_id_rsa" : "${path.root}/modules/ansible-roles/compute_id_rsa" #checkov:skip=CKV_SECRET_6 | ||
| } | ||
|
|
There was a problem hiding this comment.
@manirtm I see that the version for using the landing_zone_vsi module is 4.2.0.. But we are already on 4.5.0. Please make sure the versions are upgraded now itself. If there are any issues then we will have to debug and make changes again !
The latest is 4.6.0. But we are using 4.5.0 on our existing code. Please see this:
https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vsi
There was a problem hiding this comment.
Please keep a note on line 62: skip_iam_authorization_policy = var.enable_bastion ? true : false
I dont want the changes now. When we implement the existing bastion concept we need the changes to implemented like below. Which is already there on our LSF DA
skip_iam_authorization_policy = var.bastion_instance_name != null ? false : local.skip_iam_authorization_policy @manirtm
modules/deployer/variables.tf
Outdated
| ) | ||
| description = "Total Number of instances to be launched for compute cluster." | ||
| } | ||
| # variable "management_instances" { |
There was a problem hiding this comment.
I see these are not needed on the deployer node. As these are created through another module. Can we remove this from here. I dont want any commented codes . @manirtm
| scale_cloud_infra_repo_url = "https://github.com/IBM/ibm-spectrum-scale-install-infra" | ||
| scale_cloud_infra_repo_name = "ibm-spectrum-scale-install-infra" | ||
| scale_cloud_infra_repo_tag = "ibmcloud_v2.6.0" | ||
| # scale_cloud_deployer_path = "/opt/IBM/ibm-spectrumscale-cloud-deploy" |
There was a problem hiding this comment.
@manirtm Please see this line no -2: Tags
I see we are hardcoding it as HPC.. Either we need to update this or come up with a appropriate name.. As the deployer node is common for all the solutions. It cannot be hpc.. We need to talk through this.
And where ever we add tags, please ensure for scale they are as scale and for lsf it is lsf.
modules/inventory/main.tf
Outdated
| @@ -1,14 +1,14 @@ | |||
| # resource "local_sensitive_file" "itself" { | |||
| # resource "local_sensitive_file" "mount_path_file" { | |||
There was a problem hiding this comment.
@manirtm As discussed if this is not used, please remove this commented lines
modules/landing_zone/version.tf
Outdated
| # version = ">= 3.4.3, < 4.0.0" | ||
| # } | ||
| # time = { | ||
| # source = "hashicorp/time" |
There was a problem hiding this comment.
Please check if these versions are needed or not !!
| @@ -1,17 +1,14 @@ | |||
| module "hpcaas" { | |||
| source = "./../.." | |||
| scheduler = "HPCaaS" | |||
There was a problem hiding this comment.
@manirtm Why are we removing this scheduler attribute from here ?
| "prefix": $PREFIX, | ||
| "zones": "[\"ca-tor-1\"]", | ||
| "resource_group": "geretain-hpc-rg", | ||
| "zone": "ca-tor-1", |
There was a problem hiding this comment.
@manirtm We need the zone value to be a list of string like below:
["ca-tor-1"] This is required on our DA pipelines
| description = "Password for IBM Spectrum LSF Application Center database GUI." | ||
| } | ||
| # variable "app_center_db_password" { | ||
| # type = string |
There was a problem hiding this comment.
This variable is not needed and we are not supporting.. Need to review once and then remove ! @manirtm
| { | ||
| "ibmcloud_api_key": $VALIDATION_APIKEY, | ||
| "prefix": $PREFIX, | ||
| "zones": "[\"ca-tor-1\"]", |
There was a problem hiding this comment.
@manirtm same as above we need it in this format only
There was a problem hiding this comment.
Discussed with @manirtm and reviewed the changes and looks good.
This can be merged once we do the deployment directly from LSF folder for end-end and one deployment from scale folder . If both of them are passed we are good to merge this PR
|
Discussed with @manirtm and understood that the deployment for the LSF with this changes are working as expected. And there are some hicups with doing deployments as we have the implementation of the deployer node. So the scale deployments are failing. Considering the requirement of other PR merging, This can be considered as merged ! |
Description
Release required?
x.x.X)x.X.x)X.x.x)Release notes content
Run the pipeline
If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.
Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:
Checklist for reviewers
For mergers