diff --git a/.releaserc b/.releaserc
index ed039b19..aafef0a4 100644
--- a/.releaserc
+++ b/.releaserc
@@ -10,7 +10,7 @@
}],
["@semantic-release/exec", {
"successCmd": "echo \"SEMVER_VERSION=${nextRelease.version}\" >> $GITHUB_ENV",
- "publishCmd": "./ci/trigger-catalog-onboarding-pipeline.sh --version=${nextRelease.version}"
+ "publishCmd": "./ci/trigger-catalog-onboarding-pipeline.sh --version=v${nextRelease.version}"
}]
]
}
diff --git a/.tekton/lsf/lsf-pr-pipeline/listener-git-pr-status.yaml b/.tekton/lsf/lsf-pr-pipeline/listener-git-pr-status.yaml
index ad0bd42a..495d346f 100644
--- a/.tekton/lsf/lsf-pr-pipeline/listener-git-pr-status.yaml
+++ b/.tekton/lsf/lsf-pr-pipeline/listener-git-pr-status.yaml
@@ -73,9 +73,6 @@ spec:
- name: solution
description: Provide the value for the solution that is needed for the support of lsf and HPC.
default: "lsf"
- - name: ibm_customer_number
- description: Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)..
- default: ""
resourcetemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
@@ -142,8 +139,6 @@ spec:
value: $(params.git_user_email)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
workspaces:
- name: pipeline-ws
persistentVolumeClaim:
diff --git a/.tekton/lsf/lsf-pr-pipeline/lsf-pipeline-git-pr-status.yaml b/.tekton/lsf/lsf-pr-pipeline/lsf-pipeline-git-pr-status.yaml
index 854aa53c..c9dfdece 100644
--- a/.tekton/lsf/lsf-pr-pipeline/lsf-pipeline-git-pr-status.yaml
+++ b/.tekton/lsf/lsf-pr-pipeline/lsf-pipeline-git-pr-status.yaml
@@ -78,9 +78,6 @@ spec:
- name: solution
description: Provide the value for the solution that is needed for the support of lsf and HPC.
default: "lsf"
- - name: ibm_customer_number
- description: Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)..
- default: ""
workspaces:
- name: pipeline-ws
tasks:
@@ -223,8 +220,6 @@ spec:
value: $(params.git_user_email)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
# - name: wes-lsf-da-ubuntu-pr
# runAfter: [git-clone, pre-requisites-install, ssh-key-creation]
# taskRef:
diff --git a/.tekton/lsf/lsf-regression-pipeline/listener-git-trigger.yaml b/.tekton/lsf/lsf-regression-pipeline/listener-git-trigger.yaml
index 96f226af..c9a8a849 100644
--- a/.tekton/lsf/lsf-regression-pipeline/listener-git-trigger.yaml
+++ b/.tekton/lsf/lsf-regression-pipeline/listener-git-trigger.yaml
@@ -80,9 +80,6 @@ spec:
- name: solution
description: Provide the value for the solution that is needed for the support of lsf and HPC.
default: "lsf"
- - name: ibm_customer_number
- description: Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)..
- default: ""
- name: pac_ha_exist_certificate
description: PAC HA Existing Certificate
default: ""
@@ -142,8 +139,6 @@ spec:
value: $(params.cos_api_key)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: hpc_custom_reports_repo
value: $(params.hpc_custom_reports_repo)
- name: hpc_custom_reports_branch
@@ -199,8 +194,6 @@ spec:
value: $(params.git_user_email)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: pac_ha_exist_certificate
value: $(params.pac_ha_exist_certificate)
---
@@ -266,8 +259,6 @@ spec:
value: $(event.ref)
- name: solution
value: $(event.ref)
- - name: ibm_customer_number
- value: $(event.ref)
- name: pac_ha_exist_certificate
value: $(event.ref)
---
diff --git a/.tekton/lsf/lsf-regression-pipeline/lsf-pipeline-git-trigger.yaml b/.tekton/lsf/lsf-regression-pipeline/lsf-pipeline-git-trigger.yaml
index 607faa3e..299e3783 100644
--- a/.tekton/lsf/lsf-regression-pipeline/lsf-pipeline-git-trigger.yaml
+++ b/.tekton/lsf/lsf-regression-pipeline/lsf-pipeline-git-trigger.yaml
@@ -71,9 +71,6 @@ spec:
- name: solution
description: Provide the value for the solution that is needed for the support of lsf and HPC.
default: "lsf"
- - name: ibm_customer_number
- description: Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)..
- default: ""
- name: pac_ha_exist_certificate
description: PAC HA Existing Certificate
default: ""
@@ -177,8 +174,6 @@ spec:
value: $(params.git_user_email)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: wes-lsf-da-rhel-2
runAfter: [git-clone, pre-requisites-install, ssh-key-creation]
taskRef:
@@ -225,8 +220,6 @@ spec:
value: $(params.git_user_email)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: wes-lsf-da-rhel-3
runAfter: [git-clone, pre-requisites-install, ssh-key-creation]
taskRef:
@@ -273,8 +266,6 @@ spec:
value: $(params.git_user_email)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: wes-lsf-da-rhel-4
runAfter: [git-clone, pre-requisites-install, ssh-key-creation]
taskRef:
@@ -321,8 +312,6 @@ spec:
value: $(params.git_user_email)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: pac_ha_exist_certificate
value: $(params.pac_ha_exist_certificate)
# - name: wes-lsf-da-ubuntu
@@ -415,8 +404,6 @@ spec:
value: $(params.git_user_email)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: wes-lsf-da-negative
runAfter: [git-clone, pre-requisites-install, ssh-key-creation]
taskRef:
@@ -461,8 +448,6 @@ spec:
value: $(params.git_user_name)
- name: git_user_email
value: $(params.git_user_email)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: ssh-key-deletion
runAfter:
[
diff --git a/.tekton/lsf/lsf_task/lsf-task-infra-rhel-1.yaml b/.tekton/lsf/lsf_task/lsf-task-infra-rhel-1.yaml
index 3654a5cf..5acfd253 100644
--- a/.tekton/lsf/lsf_task/lsf-task-infra-rhel-1.yaml
+++ b/.tekton/lsf/lsf_task/lsf-task-infra-rhel-1.yaml
@@ -71,9 +71,6 @@ spec:
- name: solution
description: Provide the value for the solution that is needed for the support of lsf and HPC.
default: "lsf"
- - name: ibm_customer_number
- description: Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)..
- default: ""
workspaces:
- name: workspace
mountPath: /artifacts
@@ -121,8 +118,6 @@ spec:
value: $(params.git_access_token)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: management_image_name
value: $(params.management_image_name)
steps:
diff --git a/.tekton/lsf/lsf_task/lsf-task-infra-rhel-2.yaml b/.tekton/lsf/lsf_task/lsf-task-infra-rhel-2.yaml
index 048dd1dd..7cdb229b 100644
--- a/.tekton/lsf/lsf_task/lsf-task-infra-rhel-2.yaml
+++ b/.tekton/lsf/lsf_task/lsf-task-infra-rhel-2.yaml
@@ -71,9 +71,6 @@ spec:
- name: solution
description: Provide the value for the solution that is needed for the support of lsf and HPC.
default: "lsf"
- - name: ibm_customer_number
- description: Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)..
- default: ""
workspaces:
- name: workspace
mountPath: /artifacts
@@ -121,8 +118,6 @@ spec:
value: $(params.git_access_token)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: management_image_name
value: $(params.management_image_name)
steps:
diff --git a/.tekton/lsf/lsf_task/lsf-task-infra-rhel-3.yaml b/.tekton/lsf/lsf_task/lsf-task-infra-rhel-3.yaml
index 5ec6e567..b9ace01c 100644
--- a/.tekton/lsf/lsf_task/lsf-task-infra-rhel-3.yaml
+++ b/.tekton/lsf/lsf_task/lsf-task-infra-rhel-3.yaml
@@ -71,9 +71,6 @@ spec:
- name: solution
description: Provide the value for the solution that is needed for the support of lsf and HPC.
default: "lsf"
- - name: ibm_customer_number
- description: Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)..
- default: ""
workspaces:
- name: workspace
mountPath: /artifacts
@@ -121,8 +118,6 @@ spec:
value: $(params.git_access_token)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: management_image_name
value: $(params.management_image_name)
steps:
diff --git a/.tekton/lsf/lsf_task/lsf-task-infra-rhel-4.yaml b/.tekton/lsf/lsf_task/lsf-task-infra-rhel-4.yaml
index dc8c535e..9fc2a361 100644
--- a/.tekton/lsf/lsf_task/lsf-task-infra-rhel-4.yaml
+++ b/.tekton/lsf/lsf_task/lsf-task-infra-rhel-4.yaml
@@ -71,9 +71,6 @@ spec:
- name: solution
description: Provide the value for the solution that is needed for the support of lsf and HPC.
default: "lsf"
- - name: ibm_customer_number
- description: Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)..
- default: ""
- name: pac_ha_exist_certificate
description: PAC HA Existing Certificate
default: ""
@@ -124,8 +121,6 @@ spec:
value: $(params.git_access_token)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: management_image_name
value: $(params.management_image_name)
- name: pac_ha_exist_certificate
diff --git a/.tekton/lsf/lsf_task/lsf-task-negative.yaml b/.tekton/lsf/lsf_task/lsf-task-negative.yaml
index 329129b9..330aad0a 100644
--- a/.tekton/lsf/lsf_task/lsf-task-negative.yaml
+++ b/.tekton/lsf/lsf_task/lsf-task-negative.yaml
@@ -71,9 +71,6 @@ spec:
- name: solution
description: Provide the value for the solution that is needed for the support of lsf and HPC.
default: "lsf"
- - name: ibm_customer_number
- description: Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)..
- default: ""
workspaces:
- name: workspace
mountPath: /artifacts
@@ -121,8 +118,6 @@ spec:
value: $(params.git_access_token)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: management_image_name
value: $(params.management_image_name)
steps:
diff --git a/.tekton/lsf/lsf_task/lsf-task-pr-rhel.yaml b/.tekton/lsf/lsf_task/lsf-task-pr-rhel.yaml
index 8b7f34c7..f1d600c9 100644
--- a/.tekton/lsf/lsf_task/lsf-task-pr-rhel.yaml
+++ b/.tekton/lsf/lsf_task/lsf-task-pr-rhel.yaml
@@ -72,9 +72,6 @@ spec:
- name: solution
description: Provide the value for the solution that is needed for the support of lsf and HPC.
default: "lsf"
- - name: ibm_customer_number
- description: Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)..
- default: ""
workspaces:
- name: workspace
mountPath: /artifacts
@@ -127,8 +124,6 @@ spec:
value: $(params.git_access_token)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: management_image_name
value: $(params.management_image_name)
workingDir: "/artifacts"
diff --git a/.tekton/lsf/lsf_task/lsf-task-region.yaml b/.tekton/lsf/lsf_task/lsf-task-region.yaml
index 0341b909..40c92766 100644
--- a/.tekton/lsf/lsf_task/lsf-task-region.yaml
+++ b/.tekton/lsf/lsf_task/lsf-task-region.yaml
@@ -71,9 +71,6 @@ spec:
- name: solution
description: Provide the value for the solution that is needed for the support of lsf and HPC.
default: "lsf"
- - name: ibm_customer_number
- description: Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)..
- default: ""
workspaces:
- name: workspace
mountPath: /artifacts
@@ -121,8 +118,6 @@ spec:
value: $(params.git_access_token)
- name: solution
value: $(params.solution)
- - name: ibm_customer_number
- value: $(params.ibm_customer_number)
- name: management_image_name
value: $(params.management_image_name)
steps:
diff --git a/.tekton/scripts/issue_track.sh b/.tekton/scripts/issue_track.sh
index 26e68255..1db43446 100644
--- a/.tekton/scripts/issue_track.sh
+++ b/.tekton/scripts/issue_track.sh
@@ -7,7 +7,7 @@ error_check_on_all_file() {
for file in "$DIRECTORY"/$pattern; do
if [ -f "$file" ]; then
if [[ "${file}" == *"negative"* ]]; then
- infra_validation_negative_log_fail_check=$(eval "grep -v 'Terraform upgrade output:' $file" | grep -E -w 'FAIL')
+ infra_validation_negative_log_fail_check=$(grep -v -e 'Terraform upgrade output:' -e 'Error retrieving reservation ID from secrets:' -e 'Field validation for' "$file" | grep -E -w 'FAIL')
if [[ "$infra_validation_negative_log_fail_check" ]]; then
results+=("true")
if [[ "${infra_or_validation}" == "infra" ]]; then
@@ -17,7 +17,7 @@ error_check_on_all_file() {
fi
fi
else
- infra_validation_log_error_check=$(eval "grep -v 'Terraform upgrade output:' $file" | grep -E -w 'FAIL|Error|ERROR')
+ infra_validation_log_error_check=$(grep -v -e 'Terraform upgrade output:' -e 'Error retrieving reservation ID from secrets:' -e 'Field validation for' "$file" | grep -E -w 'FAIL|Error|ERROR')
if [[ "$infra_validation_log_error_check" ]]; then
results+=("true")
if [[ "${infra_or_validation}" == "infra" ]]; then
@@ -45,7 +45,7 @@ issue_track() {
DIRECTORY="/artifacts/tests"
if [ -d "$DIRECTORY" ]; then
if [[ "${LOG_FILE_NAME}" == *"negative"* ]]; then
- negative_log_error_check=$(eval "grep -v 'Terraform upgrade output:' $DIRECTORY/$LOG_FILE_NAME" | grep 'FAIL')
+ negative_log_error_check=$(grep -v -e 'Terraform upgrade output:' -e 'Error retrieving reservation ID from secrets:' -e 'Field validation for' $DIRECTORY/"$LOG_FILE_NAME" | grep 'FAIL')
if [[ "$negative_log_error_check" ]]; then
echo "${negative_log_error_check}"
echo "Found FAIL in plan/apply log. Please check log : ${LOG_FILE_NAME}"
@@ -53,7 +53,7 @@ issue_track() {
fi
else
# Track error/fail from the suites log file
- log_error_check=$(eval "grep -v 'Terraform upgrade output:' $DIRECTORY/$LOG_FILE_NAME" | grep -E -w 'FAIL|Error|ERROR')
+ log_error_check=$(grep -v -e 'Terraform upgrade output:' -e 'Error retrieving reservation ID from secrets:' -e 'Field validation for' $DIRECTORY/"$LOG_FILE_NAME" | grep -E -w 'FAIL|Error|ERROR')
if [[ "$log_error_check" ]]; then
echo "${log_error_check}"
echo "Found Error/FAIL/ERROR in plan/apply log. Please check log : ${LOG_FILE_NAME}"
@@ -103,9 +103,9 @@ display_validation_log() {
echo "##################################################################################"
echo "##################################################################################"
if [[ "${LOG_FILE_NAME}" == *"negative"* ]]; then
- validation_log_error_check=$(eval "grep -v 'Terraform upgrade output:' $DIRECTORY/logs/$LOG_FILE_NAME" | grep -E -w 'FAIL')
+ validation_log_error_check=$(grep -v -e 'Terraform upgrade output:' -e 'Error retrieving reservation ID from secrets:' -e 'Field validation for' $DIRECTORY/logs/"$LOG_FILE_NAME" | grep -E -w 'FAIL')
else
- validation_log_error_check=$(eval "grep -v 'Terraform upgrade output:' $DIRECTORY/logs/$LOG_FILE_NAME" | grep -E -w 'FAIL|Error|ERROR')
+ validation_log_error_check=$(grep -v -e 'Terraform upgrade output:' -e 'Error retrieving reservation ID from secrets:' -e 'Field validation for' $DIRECTORY/logs/"$LOG_FILE_NAME" | grep -E -w 'FAIL|Error|ERROR')
fi
# Display if any error in validation log
diff --git a/.tekton/scripts/suites.sh b/.tekton/scripts/suites.sh
index 175b25f6..fdbbff69 100644
--- a/.tekton/scripts/suites.sh
+++ b/.tekton/scripts/suites.sh
@@ -40,7 +40,7 @@ common_suite() {
# get ssh-key created based on pr-id
get_pr_ssh_key "${PR_REVISION}" "${CHECK_SOLUTION}"
SSH_KEY=${CICD_SSH_KEY:?} COMPUTE_IMAGE_NAME=${compute_image_name:?} LOGIN_NODE_IMAGE_NAME=${login_image_name:?} MANAGEMENT_IMAGE_NAME=${management_image_name:?} \
- ZONE=${zone:?} SOLUTION=${solution:?} IBM_CUSTOMER_NUMBER=${ibm_customer_number:?} DEFAULT_EXISTING_RESOURCE_GROUP=${resource_group:?} \
+ ZONE=${zone:?} SOLUTION=${solution:?} DEFAULT_EXISTING_RESOURCE_GROUP=${resource_group:?} \
go test -v -timeout 9000m -run "${test_cases}" | tee -a "$LOG_FILE"
# Upload log/test_output files to cos bucket
cos_upload "PR" "${CHECK_SOLUTION}" "${DIRECTORY}"
@@ -78,7 +78,7 @@ common_suite() {
# get ssh-key created based on commit-id
get_commit_ssh_key "${REVISION}" "${CHECK_SOLUTION}"
SSH_KEY=${CICD_SSH_KEY:?} COMPUTE_IMAGE_NAME=${compute_image_name:?} LOGIN_NODE_IMAGE_NAME=${login_image_name:?} MANAGEMENT_IMAGE_NAME=${management_image_name:?} \
- ZONE=${zone:?} SOLUTION=${solution:?} IBM_CUSTOMER_NUMBER=${ibm_customer_number:?} DEFAULT_EXISTING_RESOURCE_GROUP=${resource_group:?} \
+ ZONE=${zone:?} SOLUTION=${solution:?} DEFAULT_EXISTING_RESOURCE_GROUP=${resource_group:?} \
go test -v -timeout 9000m -run "${test_cases}" | tee -a "$LOG_FILE"
# Upload log/test_output files to cos bucket
cos_upload "REGRESSION" "${CHECK_SOLUTION}" "${DIRECTORY}" "${VALIDATION_LOG_FILE_NAME}"
diff --git a/cra-config.yaml b/cra-config.yaml
index 4bf655a9..cd11f19e 100644
--- a/cra-config.yaml
+++ b/cra-config.yaml
@@ -10,5 +10,4 @@ CRA_TARGETS:
TF_VAR_bastion_ssh_keys: "[\"geretain-hpc\"]"
TF_VAR_compute_ssh_keys: "[\"geretain-hpc\"]"
TF_VAR_remote_allowed_ips: "[\"49.207.216.50\"]"
- TF_VAR_ibm_customer_number: "051700"
TF_VAR_solution: "lsf"
diff --git a/ibm_catalog.json b/ibm_catalog.json
index f1e8d4cf..64527b17 100644
--- a/ibm_catalog.json
+++ b/ibm_catalog.json
@@ -51,8 +51,8 @@
"authority": "scc-v3",
"profiles": [
{
- "profile_name": "CIS IBM Cloud Foundations Benchmark",
- "profile_version": "1.0.0"
+ "profile_name": "CIS IBM Cloud Foundations Benchmark v1.1.0",
+ "profile_version": "1.1.0"
}
]
},
@@ -77,10 +77,6 @@
{
"key": "remote_allowed_ips"
},
- {
- "key": "ibm_customer_number",
- "required": true
- },
{
"key": "zones",
"required": true,
diff --git a/modules/landing_zone_vsi/README.md b/modules/landing_zone_vsi/README.md
index ac29451b..222d3394 100644
--- a/modules/landing_zone_vsi/README.md
+++ b/modules/landing_zone_vsi/README.md
@@ -91,7 +91,6 @@
| [existing\_kms\_instance\_guid](#input\_existing\_kms\_instance\_guid) | GUID of boot volume encryption key | `string` | `null` | no |
| [file\_share](#input\_file\_share) | VPC file share mount points considering the ip address and the file share name | `list(string)` | n/a | yes |
| [hyperthreading\_enabled](#input\_hyperthreading\_enabled) | Setting this to true will enable hyper-threading in the compute nodes of the cluster (default). Otherwise, hyper-threading will be disabled. | `bool` | `true` | no |
-| [ibm\_customer\_number](#input\_ibm\_customer\_number) | Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn). | `string` | `null` | no |
| [ibmcloud\_api\_key](#input\_ibmcloud\_api\_key) | IBM Cloud API Key that will be used for authentication in scripts run in this module. Only required if certain options are required. | `string` | `null` | no |
| [kms\_encryption\_enabled](#input\_kms\_encryption\_enabled) | Enable Key management | `bool` | `true` | no |
| [ldap\_admin\_password](#input\_ldap\_admin\_password) | The LDAP administrative password should be 8 to 20 characters long, with a mix of at least three alphabetic characters, including one uppercase and one lowercase letter. It must also include two numerical digits and at least one special character from (~@\_+:) are required. It is important to avoid including the username in the password for enhanced security.[This value is ignored for an existing LDAP server]. | `string` | `""` | no |
diff --git a/modules/landing_zone_vsi/configuration_steps/compute_user_data_fragment.sh b/modules/landing_zone_vsi/configuration_steps/compute_user_data_fragment.sh
index fbf4b93d..a84735cb 100644
--- a/modules/landing_zone_vsi/configuration_steps/compute_user_data_fragment.sh
+++ b/modules/landing_zone_vsi/configuration_steps/compute_user_data_fragment.sh
@@ -467,7 +467,7 @@ if [ "$observability_logs_enable_for_compute" = true ]; then
Plugins_File plugins.conf
HTTP_Server On
HTTP_Listen 0.0.0.0
- HTTP_Port 9090
+ HTTP_Port 9001
Health_Check On
HC_Errors_Count 1
HC_Retry_Failure_Count 1
diff --git a/modules/landing_zone_vsi/configuration_steps/configure_management_vsi.sh b/modules/landing_zone_vsi/configuration_steps/configure_management_vsi.sh
index 889e8ebd..fd47d656 100644
--- a/modules/landing_zone_vsi/configuration_steps/configure_management_vsi.sh
+++ b/modules/landing_zone_vsi/configuration_steps/configure_management_vsi.sh
@@ -1286,7 +1286,7 @@ if [ "$observability_logs_enable_for_management" = true ]; then
Plugins_File plugins.conf
HTTP_Server On
HTTP_Listen 0.0.0.0
- HTTP_Port 9090
+ HTTP_Port 9001
Health_Check On
HC_Errors_Count 1
HC_Retry_Failure_Count 1
diff --git a/modules/landing_zone_vsi/locals.tf b/modules/landing_zone_vsi/locals.tf
index ae7db03d..2cb0a638 100644
--- a/modules/landing_zone_vsi/locals.tf
+++ b/modules/landing_zone_vsi/locals.tf
@@ -16,7 +16,7 @@ locals {
management_ssh_keys = local.compute_ssh_keys
ldap_enable = var.enable_ldap == true && var.ldap_server == "null" ? 1 : 0
# enable_worker_vsi = var.solution == "lsf" && var.worker_node_min_count >= 0 ? var.worker_node_min_count : 0
- products = var.solution == "lsf" && var.enable_app_center ? "lsf,lsf-app-center" : "lsf"
+ # products = var.solution == "lsf" && var.enable_app_center ? "lsf,lsf-app-center" : "lsf"
# Region and Zone calculations
region = join("-", slice(split("-", var.zones[0]), 0, 2))
diff --git a/modules/landing_zone_vsi/main.tf b/modules/landing_zone_vsi/main.tf
index e304710e..c7d8b30c 100644
--- a/modules/landing_zone_vsi/main.tf
+++ b/modules/landing_zone_vsi/main.tf
@@ -98,7 +98,6 @@ module "management_candidate_vsi" {
machine_type = data.ibm_is_instance_profile.management_node.name
vsi_per_subnet = 1
tags = local.tags
- depends_on = [module.lsf_entitlement]
}
module "worker_vsi" {
@@ -124,7 +123,7 @@ module "worker_vsi" {
boot_volume_encryption_key = var.boot_volume_encryption_key
enable_dedicated_host = var.enable_dedicated_host
dedicated_host_id = var.dedicated_host_id
- depends_on = [module.management_vsi, module.lsf_entitlement, module.do_management_vsi_configuration]
+ depends_on = [module.management_vsi, module.do_management_vsi_configuration]
}
module "login_vsi" {
@@ -236,22 +235,6 @@ module "wait_worker_vsi_booted" {
]
}
-module "lsf_entitlement" {
- count = var.solution == "lsf" ? 1 : 0
- source = "./../../modules/null/remote_exec"
- cluster_host = concat([local.management_private_ip])
- cluster_user = var.cluster_user #"root" #"root"
- cluster_private_key = var.compute_private_key_content
- login_host = var.bastion_fip
- login_user = "ubuntu"
- login_private_key = var.bastion_private_key_content
- command = ["sudo python3.8 /opt/IBM/cloud_entitlement/entitlement_check.py --products ${local.products} --icns ${var.ibm_customer_number != null ? var.ibm_customer_number : ""}"]
- depends_on = [
- module.management_vsi,
- module.wait_management_vsi_booted # this implies vsi have been configured too
- ]
-}
-
module "do_management_vsi_configuration" {
source = "./../../modules/null/remote_exec_script"
cluster_host = concat([local.management_private_ip])
@@ -268,8 +251,7 @@ module "do_management_vsi_configuration" {
sudo_user = "root"
with_bash = true
depends_on = [
- module.wait_management_vsi_booted,
- module.lsf_entitlement
+ module.wait_management_vsi_booted
]
trigger_string = join(",", module.management_vsi[0].ids)
}
diff --git a/modules/landing_zone_vsi/templates/static_worker_vsi.sh b/modules/landing_zone_vsi/templates/static_worker_vsi.sh
index ae9f7be3..6dfa9ce2 100644
--- a/modules/landing_zone_vsi/templates/static_worker_vsi.sh
+++ b/modules/landing_zone_vsi/templates/static_worker_vsi.sh
@@ -661,7 +661,7 @@ if [ "$observability_logs_enable_for_compute" = true ]; then
Plugins_File plugins.conf
HTTP_Server On
HTTP_Listen 0.0.0.0
- HTTP_Port 9090
+ HTTP_Port 9001
Health_Check On
HC_Errors_Count 1
HC_Retry_Failure_Count 1
diff --git a/modules/landing_zone_vsi/variables.tf b/modules/landing_zone_vsi/variables.tf
index 718d37ba..45d8cd24 100644
--- a/modules/landing_zone_vsi/variables.tf
+++ b/modules/landing_zone_vsi/variables.tf
@@ -453,13 +453,6 @@ variable "solution" {
description = "Provide the value for the solution that is needed for the support of lsf and HPC"
}
-variable "ibm_customer_number" {
- type = string
- sensitive = true
- default = null
- description = "Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)."
-}
-
variable "worker_node_max_count" {
type = number
default = 10
diff --git a/modules/observability_instance/datasources.tf b/modules/observability_instance/datasources.tf
index 6be8d171..f431ff4e 100644
--- a/modules/observability_instance/datasources.tf
+++ b/modules/observability_instance/datasources.tf
@@ -7,7 +7,7 @@ data "http" "sysdig_prws_key" {
# Optional request headers
request_headers = {
Accept = "application/json"
- Authorization = data.ibm_iam_auth_token.tokendata.iam_access_token
+ Authorization = sensitive(data.ibm_iam_auth_token.tokendata.iam_access_token) # <--- Wrap this
IBMInstanceID = var.cloud_monitoring_provision ? module.observability_instance.cloud_monitoring_guid : ""
}
}
diff --git a/samples/configs/hpc_schematics_values.json b/samples/configs/hpc_schematics_values.json
index b242a0c7..823b01a1 100644
--- a/samples/configs/hpc_schematics_values.json
+++ b/samples/configs/hpc_schematics_values.json
@@ -83,13 +83,6 @@
"secure": false,
"description": "Provide a unique cluster name that LSF uses to configure and group the cluster. Without this name, LSF cannot form a cluster, and the initial deployments will fail. The cluster name can be up to 39 alphanumeric characters and may include underscores (_), hyphens (-), and periods (.). Spaces and other special characters are not allowed. Avoid using the name of any host or user as the cluster name. Note that the cluster name cannot be changed after deployment."
},
- {
- "name": "ibm_customer_number",
- "value": "__NULL__",
- "type": "string",
- "secure": true,
- "description": "Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)."
- },
{
"name": "bastion_ssh_keys",
"value": "[\"Please fill here\"]",
diff --git a/solutions/hpc/catalogValidationValues.json.template b/solutions/hpc/catalogValidationValues.json.template
index ad7d1530..9f1867b8 100644
--- a/solutions/hpc/catalogValidationValues.json.template
+++ b/solutions/hpc/catalogValidationValues.json.template
@@ -1,7 +1,6 @@
{
"ibmcloud_api_key": $VALIDATION_APIKEY,
"existing_resource_group": $RG_NAME,
- "ibm_customer_number": $HPC_IBM_CUSTOMER_NUMBER,
"cluster_name": "HPC-LSF-1",
"bastion_ssh_keys": "[\"geretain-hpc\"]",
"compute_ssh_keys": "[\"geretain-hpc\"]",
diff --git a/solutions/hpc/input_validation.tf b/solutions/hpc/input_validation.tf
index 9d0d4d15..94027282 100644
--- a/solutions/hpc/input_validation.tf
+++ b/solutions/hpc/input_validation.tf
@@ -81,21 +81,6 @@ locals {
"^${local.validate_worker_error_msg}$",
(local.validate_worker_count ? local.validate_worker_error_msg : ""))
- validate_lsf_solution = var.solution == "lsf" ? var.ibm_customer_number != null : true
- validate_lsf_solution_error_msg = "If the solution is set as LSF, then the ibm customer number cannot be set as null."
- # tflint-ignore: terraform_unused_declarations
- validate_lsf_solution_chk = regex(
- "^${local.validate_lsf_solution_error_msg}$",
- (local.validate_lsf_solution ? local.validate_lsf_solution_error_msg : ""))
-
- validate_icn_number = var.solution == "lsf" ? can(regex("^[0-9A-Za-z]*([0-9A-Za-z]+,[0-9A-Za-z]+)*$", var.ibm_customer_number)) : true
- validate_icn_number_error = "The IBM customer number input value cannot have special characters."
- # tflint-ignore: terraform_unused_declarations
- validate_icn_number_chk = regex(
- "^${local.validate_icn_number_error}$",
- (local.validate_icn_number ? local.validate_icn_number_error : ""))
-
-
# Validate custom fileshare
# Construct a list of Share size(GB) and IOPS range(IOPS)from values provided in https://cloud.ibm.com/docs/vpc?topic=vpc-file-storage-profiles&interface=ui#dp2-profile
# List values [[sharesize_start,sharesize_end,min_iops,max_iops], [..]....]
diff --git a/solutions/hpc/main.tf b/solutions/hpc/main.tf
index ddf871ff..c0bcbc24 100644
--- a/solutions/hpc/main.tf
+++ b/solutions/hpc/main.tf
@@ -144,7 +144,6 @@ module "landing_zone_vsi" {
observability_logs_enable_for_compute = var.observability_logs_enable_for_compute
solution = var.solution
worker_node_max_count = var.worker_node_max_count
- ibm_customer_number = var.ibm_customer_number
worker_node_instance_type = var.worker_node_instance_type
enable_dedicated_host = var.enable_dedicated_host
dedicated_host_id = var.enable_dedicated_host && local.total_worker_node_count >= 1 ? module.dedicated_host[0].dedicated_host_id[0] : null
diff --git a/solutions/hpc/variables.tf b/solutions/hpc/variables.tf
index 7637b7e3..c6b31487 100644
--- a/solutions/hpc/variables.tf
+++ b/solutions/hpc/variables.tf
@@ -81,13 +81,6 @@ variable "reservation_id" {
description = "Ensure that you have received the reservation ID from IBM technical sales. Reservation ID is a unique identifier to distinguish different IBM Cloud HPC service agreements. It must start with a letter and can only contain letters, numbers, hyphens (-), or underscores (_)."
}
-variable "ibm_customer_number" {
- type = string
- sensitive = true
- default = null
- description = "Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)."
-}
-
##############################################################################
# VPC Variables
##############################################################################
diff --git a/tests/README.md b/tests/README.md
index 770b39c8..e2b4717a 100644
--- a/tests/README.md
+++ b/tests/README.md
@@ -133,7 +133,7 @@ SOLUTION=hpc SSH_KEY=your_ssh_key ZONE=your_zone EXISTING_RESOURCE_GROUP=your_ex
#### Example for LSF:
```sh
-SOLUTION=lsf SSH_KEY=your_ssh_key ZONE=your_zone EXISTING_RESOURCE_GROUP=your_default_existing_resource_group IBM_CUSTOMER_NUMBER=your_customer_number WORKER_NODE_MAX_COUNT=your_worker_node_max_count WORKER_NODE_INSTANCE_TYPE=your_worker_node_instance_type KMS_INSTANCE_ID=your_kms_instance_id KMS_KEY_NAME=your_kms_key_name IMAGE_NAME=your_image_name CLUSTER_NAME=your_cluster_name DEFAULT_EXISTING_RESOURCE_GROUP=your_default_existing_resource_group NON_DEFAULT_EXISTING_RESOURCE_GROUP=your_non_default_existing_resource_group LOGIN_NODE_INSTANCE_TYPE=your_login_node_instance_type MANAGEMENT_IMAGE_NAME=your_management_image_name COMPUTE_IMAGE_NAME=your_compute_image_name MANAGEMENT_NODE_INSTANCE_TYPE=your_management_node_instance_type MANAGEMENT_NODE_COUNT=your_management_node_count ENABLE_VPC_FLOW_LOGS=true KEY_MANAGEMENT=enabled KMS_INSTANCE_NAME=your_kms_instance_name HYPERTHREADING_ENABLED=true SSH_FILE_PATH=your_ssh_file_path APP_CENTER_EXISTING_CERTIFICATE_INSTANCE=your_app_center_existing_certificate_instance go test -v -timeout=900m -parallel=4 -run "TestRunBasic" | tee -a $LOG_FILE_NAME
+SOLUTION=lsf SSH_KEY=your_ssh_key ZONE=your_zone EXISTING_RESOURCE_GROUP=your_default_existing_resource_group WORKER_NODE_MAX_COUNT=your_worker_node_max_count WORKER_NODE_INSTANCE_TYPE=your_worker_node_instance_type KMS_INSTANCE_ID=your_kms_instance_id KMS_KEY_NAME=your_kms_key_name IMAGE_NAME=your_image_name CLUSTER_NAME=your_cluster_name DEFAULT_EXISTING_RESOURCE_GROUP=your_default_existing_resource_group NON_DEFAULT_EXISTING_RESOURCE_GROUP=your_non_default_existing_resource_group LOGIN_NODE_INSTANCE_TYPE=your_login_node_instance_type MANAGEMENT_IMAGE_NAME=your_management_image_name COMPUTE_IMAGE_NAME=your_compute_image_name MANAGEMENT_NODE_INSTANCE_TYPE=your_management_node_instance_type MANAGEMENT_NODE_COUNT=your_management_node_count ENABLE_VPC_FLOW_LOGS=true KEY_MANAGEMENT=enabled KMS_INSTANCE_NAME=your_kms_instance_name HYPERTHREADING_ENABLED=true SSH_FILE_PATH=your_ssh_file_path APP_CENTER_EXISTING_CERTIFICATE_INSTANCE=your_app_center_existing_certificate_instance go test -v -timeout=900m -parallel=4 -run "TestRunBasic" | tee -a $LOG_FILE_NAME
```
### Notes:
diff --git a/tests/lsf/cluster_helpers.go b/tests/lsf/cluster_helpers.go
index 561fcb80..aded2159 100644
--- a/tests/lsf/cluster_helpers.go
+++ b/tests/lsf/cluster_helpers.go
@@ -700,8 +700,8 @@ func VerifyCloudMonitoring(
mgmtErr := LSFPrometheusAndDragentServiceForManagementNodes(t, sshClient, managementNodeIPList, isCloudMonitoringEnabledForManagement, logger)
utils.LogVerificationResult(t, mgmtErr, "Prometheus and Dragent service for management nodes", logger)
- // Verify Prometheus Dragent service for compute nodes
- compErr := LSFPrometheusAndDragentServiceForComputeNodes(t, sshClient, expectedSolution, staticWorkerNodeIPList, isCloudMonitoringEnabledForCompute, logger)
+ // Verify Dragent service for compute nodes
+ compErr := LSFDragentServiceForComputeNodes(t, sshClient, expectedSolution, staticWorkerNodeIPList, isCloudMonitoringEnabledForCompute, logger)
utils.LogVerificationResult(t, compErr, "Prometheus and Dragent service for compute nodes", logger)
}
diff --git a/tests/lsf/cluster_utils.go b/tests/lsf/cluster_utils.go
index 265a559e..32a4bc45 100644
--- a/tests/lsf/cluster_utils.go
+++ b/tests/lsf/cluster_utils.go
@@ -2095,7 +2095,7 @@ func ValidateFlowLogs(t *testing.T, apiKey, region, resourceGroup, clusterPrefix
if err := utils.LoginIntoIBMCloudUsingCLI(t, apiKey, region, resourceGroup); err != nil {
return fmt.Errorf("failed to log in to IBM Cloud: %w", err)
}
- flowLogName := fmt.Sprintf("%s-hpc-vpc", clusterPrefix)
+ flowLogName := fmt.Sprintf("%s-lsf-vpc", clusterPrefix)
// Fetching the flow log details
retrieveFlowLogs := fmt.Sprintf("ibmcloud is flow-logs %s", flowLogName)
cmdRetrieveFlowLogs := exec.Command("bash", "-c", retrieveFlowLogs)
@@ -3265,13 +3265,13 @@ func VerifyCloudLogsURLFromTerraformOutput(t *testing.T, LastTestTerraformOutput
logger.Info(t, fmt.Sprintf("API Status: %s - %d", cloudLogsURL, statusCode))
- if statusCode < 200 || statusCode >= 500 {
- logger.Warn(t, fmt.Sprintf("API returned non-success status: %d", statusCode))
+ if statusCode != 200 {
+ logger.FAIL(t, fmt.Sprintf("API returned non-success status: %d", statusCode))
return fmt.Errorf("API returned non-success status: %d", statusCode)
- } else {
- logger.PASS(t, fmt.Sprintf("API returned success status: %d", statusCode))
}
- logger.Info(t, fmt.Sprintf("API Status: %s - %d\n", cloudLogsURL, statusCode))
+
+ logger.PASS(t, fmt.Sprintf("API returned success status: %d", statusCode))
+
}
logger.Info(t, "Terraform output validation completed successfully")
@@ -3464,21 +3464,8 @@ func VerifycloudMonitoringURLFromTerraformOutput(t *testing.T, LastTestTerraform
if !ok || len(strings.TrimSpace(cloudLogsURL)) == 0 {
return errors.New("missing or empty 'cloud_monitoring_url' in Terraform outputs")
}
- logger.Info(t, fmt.Sprintf("cloud_monitoring_url = %s", cloudLogsURL))
- statusCode, err := utils.CheckAPIStatus(cloudLogsURL)
- if err != nil {
- return fmt.Errorf("error checking cloud_monitoring_url API: %v", err)
- }
- logger.Info(t, fmt.Sprintf("API Status: %s - %d", cloudLogsURL, statusCode))
-
- if statusCode < 200 || statusCode >= 500 {
- logger.Warn(t, fmt.Sprintf("API returned non-success status: %d", statusCode))
- return fmt.Errorf("API returned non-success status: %d", statusCode)
- } else {
- logger.PASS(t, fmt.Sprintf("API returned success status: %d", statusCode))
- }
- logger.Info(t, fmt.Sprintf("API Status: %s - %d\n", cloudLogsURL, statusCode))
+ logger.PASS(t, fmt.Sprintf("cloud_monitoring_url present: %s", cloudLogsURL))
}
logger.Info(t, "cloud_monitoring_url Terraform output validation completed successfully")
@@ -3516,11 +3503,11 @@ func LSFPrometheusAndDragentServiceForManagementNodes(t *testing.T, sshClient *s
return nil
}
-// LSFPrometheusAndDragentServiceForComputeNodes validates the Prometheus and Dragent services for compute nodes.
+// LSFDragentServiceForComputeNodes validates the Dragent services for compute nodes.
// If cloud monitoring is enabled, it retrieves compute node IPs and verifies service statuses via SSH.
// The function logs results and returns an error if any node fails validation.
-func LSFPrometheusAndDragentServiceForComputeNodes(
+func LSFDragentServiceForComputeNodes(
t *testing.T,
sshClient *ssh.Client,
expectedSolution string,
@@ -3540,12 +3527,8 @@ func LSFPrometheusAndDragentServiceForComputeNodes(
return fmt.Errorf("failed to retrieve compute node IPs: %w", err)
}
- // Iterate over each compute node and verify Prometheus service
+ // Iterate over each compute node and verify dragent service
for _, computeIP := range computeNodeIPs {
- err := VerifyLSFPrometheusServiceForNode(t, sshClient, computeIP, logger)
- if err != nil {
- return fmt.Errorf("failed Prometheus service verification for compute node %s: %w", computeIP, err)
- }
err = VerifyLSFdragentServiceForNode(t, sshClient, computeIP, logger)
if err != nil {
@@ -3554,7 +3537,7 @@ func LSFPrometheusAndDragentServiceForComputeNodes(
}
} else {
- logger.Warn(t, "Cloud monitoring are not enabled for the compute node. As a result, the Prometheus and Fluent dragent service will not be validated.")
+ logger.Warn(t, "Cloud monitoring are not enabled for the compute node. As a result, the dragent service will not be validated.")
}
return nil
}
diff --git a/tests/lsf_config.yml b/tests/lsf_config.yml
index 90e77e0a..c284e9ba 100644
--- a/tests/lsf_config.yml
+++ b/tests/lsf_config.yml
@@ -1,9 +1,8 @@
solution: lsf
default_existing_resource_group: Default
non_default_existing_resource_group: HPCC
-zone: us-east-3
+zone: us-east-2
cluster_name: HPC-LSF-1
-ibm_customer_number:
remote_allowed_ips:
ssh_key: geretain-hpc
login_node_instance_type: bx2-2x8
diff --git a/tests/other_test.go b/tests/other_test.go
index 866ca039..d4059a5f 100644
--- a/tests/other_test.go
+++ b/tests/other_test.go
@@ -166,6 +166,7 @@ func TestRunSCCEnabled(t *testing.T) {
options.TerraformVars["scc_enable"] = envVars.sccEnabled
options.TerraformVars["scc_event_notification_plan"] = envVars.sccEventNotificationPlan
options.TerraformVars["scc_location"] = envVars.sccLocation
+ options.TerraformVars["existing_resource_group"] = envVars.NonDefaultExistingResourceGroup
// Skip test teardown; defer teardown to the end of the test
options.SkipTestTearDown = true
@@ -1103,7 +1104,6 @@ func TestRunExistingLDAP(t *testing.T) {
options1.TerraformVars["ldap_user_name"] = envVars.LdapUserName
options1.TerraformVars["ldap_user_password"] = envVars.LdapUserPassword // pragma: allowlist secret
options1.TerraformVars["key_management"] = "null"
- options1.TerraformVars["management_node_count"] = 1
options1.TerraformVars["enable_cos_integration"] = false
options1.TerraformVars["enable_vpc_flow_logs"] = false
@@ -1147,7 +1147,7 @@ func TestRunExistingLDAP(t *testing.T) {
require.NoError(t, err, "Error setting up test options for the second cluster: %v", err)
// Set Terraform variables for the second cluster
- options2.TerraformVars["vpc_name"] = options1.TerraformVars["cluster_prefix"].(string) + "-hpc-vpc"
+ options2.TerraformVars["vpc_name"] = options1.TerraformVars["cluster_prefix"].(string) + "-lsf-vpc"
options2.TerraformVars["vpc_cluster_private_subnets_cidr_blocks"] = []string{CLUSTER_TWO_VPC_CLUSTER_PRIVATE_SUBNETS_CIDR_BLOCKS}
options2.TerraformVars["vpc_cluster_login_private_subnets_cidr_blocks"] = []string{CLUSTER_TWO_VPC_CLUSTER_LOGIN_PRIVATE_SUBNETS_CIDR_BLOCKS}
options2.TerraformVars["management_node_count"] = 2
@@ -1708,65 +1708,6 @@ func TestRunLSFWithoutMandatory(t *testing.T) {
}
-// TestRunLSFInvalidIBMCustomerNumber verifies Terraform's behavior when mandatory variables are missing.
-// Specifically, it checks for appropriate error messages when "ibm_customer_number" is not set correctly.
-func TestRunLSFInvalidIBMCustomerNumber(t *testing.T) {
- // Parallelize the test for concurrent execution
- t.Parallel()
-
- // Set up the test suite environment
- setupTestSuite(t)
-
- // Log the initiation of the cluster creation process
- testLogger.Info(t, "Cluster creation process initiated for "+t.Name())
-
- // Retrieve required environment variables
- envVars := GetEnvVars()
-
- // Determine the absolute path to the Terraform directory
- absPath, err := filepath.Abs("solutions/hpc")
- require.NoError(t, err, "Unable to get the absolute path for the solutions directory")
-
- // Adjust the Terraform directory path to remove "tests/" if present
- terraformDir := strings.ReplaceAll(absPath, "tests/", "")
-
- // Define Terraform options with relevant variables
- terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
- TerraformDir: terraformDir,
- Vars: map[string]interface{}{
- "bastion_ssh_keys": utils.SplitAndTrim(envVars.SSHKey, ","),
- "compute_ssh_keys": utils.SplitAndTrim(envVars.SSHKey, ","),
- "zones": utils.SplitAndTrim(envVars.Zone, ","),
- "remote_allowed_ips": utils.SplitAndTrim(envVars.RemoteAllowedIPs, ","),
- "solution": "lsf",
- "cluster_name": envVars.ClusterName,
- },
- })
-
- // Perform Terraform upgrade only once
- UpgradeTerraformOnce(t, terraformOptions)
-
- // Plan the Terraform deployment
- _, err = terraform.PlanE(t, terraformOptions)
-
- // Ensure an error is returned during the planning stage
- assert.Error(t, err, "Expected an error during plan")
-
- // Validate the error message if an error occurred
- if err != nil {
- // Verify the error message contains expected substrings
- isErrorValid := utils.VerifyDataContains(t, err.Error(), "If the solution is set as LSF, then the ibm customer number cannot be set as null.", testLogger) &&
- utils.VerifyDataContains(t, err.Error(), "The IBM customer number input value cannot have special characters.", testLogger)
-
- // Assert that all required validations passed
- assert.True(t, isErrorValid, "Error validation failed")
- } else {
- // Log failure if the expected error did not occur
- t.Error("Expected error did not occur")
- testLogger.FAIL(t, "Expected error did not occur for IBM Customer Number")
- }
-}
-
// TestRunHPCInvalidReservationID verifies Terraform's behavior when mandatory variables are missing.
// Specifically, it checks for appropriate error messages when "reservation_id" is not set correctly.
func TestRunHPCInvalidReservationID(t *testing.T) {
@@ -1822,7 +1763,7 @@ func TestRunHPCInvalidReservationID(t *testing.T) {
} else {
// Log failure if the expected error did not occur
t.Error("Expected error did not occur")
- testLogger.FAIL(t, "Expected error did not occur for IBM Customer Number")
+ testLogger.FAIL(t, "Expected error did not occur for reservation ID")
}
}
@@ -1867,9 +1808,6 @@ func TestRunInvalidSubnetCIDR(t *testing.T) {
if envVars.Solution == "HPC" {
// specific to HPC
vars["reservation_id"] = envVars.ReservationID
- } else {
- // // specific to LSF
- vars["ibm_customer_number"] = envVars.IBMCustomerNumber
}
// Define Terraform options
@@ -1945,9 +1883,6 @@ func TestRunInvalidSshKeysAndRemoteAllowedIP(t *testing.T) {
if envVars.Solution == "HPC" {
// specific to HPC
vars["reservation_id"] = envVars.ReservationID
- } else {
- // // specific to LSF
- vars["ibm_customer_number"] = envVars.IBMCustomerNumber
}
// Define Terraform options
@@ -2116,9 +2051,6 @@ func TestRunInvalidLDAPServerIP(t *testing.T) {
if envVars.Solution == "HPC" {
// specific to HPC
vars["reservation_id"] = envVars.ReservationID
- } else {
- // // specific to LSF
- vars["ibm_customer_number"] = envVars.IBMCustomerNumber
}
// Define Terraform options
@@ -2208,9 +2140,6 @@ func TestRunInvalidLDAPServerCert(t *testing.T) {
if envVars.Solution == "HPC" {
// specific to HPC
vars["reservation_id"] = envVars.ReservationID
- } else {
- // // specific to LSF
- vars["ibm_customer_number"] = envVars.IBMCustomerNumber
}
// Define Terraform options
@@ -2310,9 +2239,6 @@ func TestRunInvalidLDAPUsernamePassword(t *testing.T) {
if envVars.Solution == "HPC" {
// specific to HPC
vars["reservation_id"] = envVars.ReservationID
- } else {
- // // specific to LSF
- vars["ibm_customer_number"] = envVars.IBMCustomerNumber
}
// Define Terraform options
@@ -2398,9 +2324,6 @@ func TestRunInvalidAPPCenterPassword(t *testing.T) {
if envVars.Solution == "HPC" {
// specific to HPC
vars["reservation_id"] = envVars.ReservationID
- } else {
- // // specific to LSF
- vars["ibm_customer_number"] = envVars.IBMCustomerNumber
}
// Define Terraform options
@@ -2473,9 +2396,6 @@ func TestRunInvalidDomainName(t *testing.T) {
if envVars.Solution == "HPC" {
// specific to HPC
vars["reservation_id"] = envVars.ReservationID
- } else {
- // // specific to LSF
- vars["ibm_customer_number"] = envVars.IBMCustomerNumber
}
// Define Terraform options
@@ -2569,9 +2489,6 @@ func TestRunKMSInstanceNameAndKMSKeyNameWithInvalidValue(t *testing.T) {
if envVars.Solution == "HPC" {
// specific to HPC
vars1["reservation_id"] = envVars.ReservationID
- } else {
- // // specific to LSF
- vars1["ibm_customer_number"] = envVars.IBMCustomerNumber
}
// Test with valid instance ID and invalid key name
@@ -2616,9 +2533,6 @@ func TestRunKMSInstanceNameAndKMSKeyNameWithInvalidValue(t *testing.T) {
if envVars.Solution == "HPC" {
// specific to HPC
vars2["reservation_id"] = envVars.ReservationID
- } else {
- // // specific to LSF
- vars2["ibm_customer_number"] = envVars.IBMCustomerNumber
}
// Test with invalid instance ID and valid key name
@@ -2658,9 +2572,6 @@ func TestRunKMSInstanceNameAndKMSKeyNameWithInvalidValue(t *testing.T) {
if envVars.Solution == "HPC" {
// specific to HPC
vars3["reservation_id"] = envVars.ReservationID
- } else {
- // // specific to LSF
- vars3["ibm_customer_number"] = envVars.IBMCustomerNumber
}
// Test without instance ID and valid key name
@@ -2741,9 +2652,6 @@ func TestRunExistSubnetIDVpcNameAsNull(t *testing.T) {
if envVars.Solution == "HPC" {
// specific to HPC
vars["reservation_id"] = envVars.ReservationID
- } else {
- // // specific to LSF
- vars["ibm_customer_number"] = envVars.IBMCustomerNumber
}
// Define Terraform options
@@ -2872,9 +2780,6 @@ func TestRunInvalidDedicatedHostProfile(t *testing.T) {
if envVars.Solution == "HPC" {
// specific to HPC
vars["reservation_id"] = envVars.ReservationID
- } else {
- // // specific to LSF
- vars["ibm_customer_number"] = envVars.IBMCustomerNumber
}
// Define Terraform options
@@ -2966,7 +2871,6 @@ func TestRunInvalidMinWorkerNodeCountGreaterThanMax(t *testing.T) {
"enable_cos_integration": false,
"enable_vpc_flow_logs": false,
"key_management": "null",
- "ibm_customer_number": envVars.IBMCustomerNumber,
}
// Define Terraform options
diff --git a/tests/pr_test.go b/tests/pr_test.go
index b6d8aefc..e657c03c 100644
--- a/tests/pr_test.go
+++ b/tests/pr_test.go
@@ -48,6 +48,7 @@ var ignoreDestroys = []string{
"module.landing_zone_vsi[0].module.wait_worker_vsi_booted[0].null_resource.remote_exec[0]",
"module.check_node_status.null_resource.remote_exec[2]",
"module.landing_zone_vsi[0].module.wait_worker_vsi_booted[0].null_resource.remote_exec[1]",
+ "module.landing_zone_vsi[0].module.do_management_vsi_configuration.null_resource.remote_exec_script_run[0]",
}
var ignoreUpdates = []string{
@@ -101,7 +102,6 @@ type EnvVars struct {
JPTokClusterName string
WorkerNodeMaxCount string
WorkerNodeInstanceType string
- IBMCustomerNumber string
Solution string
sccEnabled string
sccEventNotificationPlan string
@@ -154,7 +154,6 @@ func GetEnvVars() EnvVars {
SSHFilePath: os.Getenv("SSH_FILE_PATH"),
WorkerNodeMaxCount: os.Getenv("WORKER_NODE_MAX_COUNT"), //LSF specific parameter
WorkerNodeInstanceType: os.Getenv("WORKER_NODE_INSTANCE_TYPE"), //LSF specific parameter
- IBMCustomerNumber: os.Getenv("IBM_CUSTOMER_NUMBER"), //LSF specific parameter
Solution: os.Getenv("SOLUTION"),
sccEnabled: os.Getenv("SCC_ENABLED"),
sccEventNotificationPlan: os.Getenv("SCC_EVENT_NOTIFICATION_PLAN"),
@@ -223,7 +222,7 @@ func validateEnvVars(solution string, envVars EnvVars) error {
if strings.Contains(solution, "hpc") {
requiredVars = []string{"SSHKey", "ClusterName", "Zone", "ReservationID"}
} else if strings.Contains(solution, "lsf") {
- requiredVars = []string{"SSHKey", "ClusterName", "Zone", "IBMCustomerNumber"}
+ requiredVars = []string{"SSHKey", "ClusterName", "Zone"}
} else {
return fmt.Errorf("invalid solution type: %s", solution)
}
@@ -331,7 +330,6 @@ func setupOptions(t *testing.T, hpcClusterPrefix, terraformDir, existingResource
"observability_atracker_enable": false,
"dns_domain_name": map[string]string{"compute": envVars.DnsDomainName},
"worker_node_max_count": envVars.WorkerNodeMaxCount, //LSF specific parameter
- "ibm_customer_number": envVars.IBMCustomerNumber, //LSF specific parameter
"worker_node_instance_type": envVars.WorkerNodeInstanceType, //LSF specific parameter
"solution": envVars.Solution,
"scc_enable": false,
@@ -342,7 +340,6 @@ func setupOptions(t *testing.T, hpcClusterPrefix, terraformDir, existingResource
if solution == "hpc" {
delete(options.TerraformVars, "worker_node_max_count")
delete(options.TerraformVars, "worker_node_instance_type")
- delete(options.TerraformVars, "ibm_customer_number")
}
diff --git a/tests/utilities/deployment.go b/tests/utilities/deployment.go
index 6cde895d..167fad76 100644
--- a/tests/utilities/deployment.go
+++ b/tests/utilities/deployment.go
@@ -11,10 +11,9 @@ import (
)
var (
- ip string
- reservationIDSouth string
- reservationIDEast string
- HPCIbmCustomerNumber string
+ ip string
+ reservationIDSouth string
+ reservationIDEast string
)
// Define a struct with fields that match the structure of the YAML data
@@ -70,7 +69,6 @@ type Config struct {
SSHFilePath string `yaml:"ssh_file_path"`
SSHFilePathTwo string `yaml:"ssh_file_path_two"`
Solution string `yaml:"solution"`
- IBMCustomerNumber string `yaml:"ibm_customer_number"`
WorkerNodeMaxCount int `yaml:"worker_node_max_count"`
WorkerNodeInstanceType []WorkerNode `yaml:"worker_node_instance_type"`
SccEnabled bool `yaml:"scc_enable"`
@@ -127,24 +125,6 @@ func GetConfigFromYAML(filePath string) (*Config, error) {
reservationIDEast = *reservationIDEastPtr
}
- // Retrieve IBM customer number from Secret Manager // pragma: allowlist secret
- val, ok := permanentResources["hpc_ibm_customer_number_secret_id"].(string)
- if !ok {
- fmt.Println("Invalid type or nil value")
- }
-
- IBMCustomerNumberPtr, err := GetSecretsManagerKey(
- permanentResources["secretsManagerGuid"].(string),
- permanentResources["secretsManagerRegion"].(string),
- val, // Use `val` here after checking
- )
-
- if err != nil {
- fmt.Printf("Retrieving IBM Customer Number from secrets: %v\n", err) // pragma: allowlist secret
- } else if IBMCustomerNumberPtr != nil {
- HPCIbmCustomerNumber = *IBMCustomerNumberPtr
- }
-
// Set environment variables from config
if err := setEnvFromConfig(&config); err != nil {
return nil, fmt.Errorf("failed to set environment variables: %v", err)
@@ -197,7 +177,6 @@ func setEnvFromConfig(config *Config) error {
"SSH_FILE_PATH": config.SSHFilePath,
"SSH_FILE_PATH_TWO": config.SSHFilePathTwo,
"SOLUTION": config.Solution,
- "IBM_CUSTOMER_NUMBER": config.IBMCustomerNumber, //LSF specific parameter
"WORKER_NODE_MAX_COUNT": config.WorkerNodeMaxCount, //LSF specific parameter
"SCC_ENABLED": config.SccEnabled,
"SCC_EVENT_NOTIFICATION_PLAN": config.SccEventNotificationPlan,
@@ -280,8 +259,7 @@ func setEnvFromConfig(config *Config) error {
os.Setenv("EU_DE_RESERVATION_ID", reservationIDEast)
case key == "US_SOUTH_RESERVATION_ID" && !ok && value == "":
os.Setenv("US_SOUTH_RESERVATION_ID", reservationIDSouth)
- case key == "IBM_CUSTOMER_NUMBER" && !ok && value == "":
- os.Setenv("IBM_CUSTOMER_NUMBER", HPCIbmCustomerNumber)
+
}
}
return nil
diff --git a/tools/image-builder/template_files.tf b/tools/image-builder/template_files.tf
index 4bbcd653..d3cf7a19 100644
--- a/tools/image-builder/template_files.tf
+++ b/tools/image-builder/template_files.tf
@@ -20,6 +20,5 @@ data "template_file" "packer_user_data" {
resource_group = var.resource_group
private_catalog_id = var.private_catalog_id
solution = var.solution
- ibm_customer_number = var.ibm_customer_number
}
}
diff --git a/tools/image-builder/templates/packer_user_data.tpl b/tools/image-builder/templates/packer_user_data.tpl
index fb771bac..d6ae82b4 100644
--- a/tools/image-builder/templates/packer_user_data.tpl
+++ b/tools/image-builder/templates/packer_user_data.tpl
@@ -138,9 +138,9 @@ if [ "${solution}" != "lsf" ]; then
fi
else
if [ "${private_catalog_id}" ]; then
- SOLUTION=${solution} IBM_CUSTOMER_NUMBER=${ibm_customer_number} PREFIX=${prefix} CLUSTER_ID=${cluster_id} SSH_FILE_PATH="/HPCaaS/artifacts/.ssh/id_rsa" REMOTE_ALLOWED_IPS=$PACKER_FIP SSH_KEYS=$CICD_SSH_KEY CATALOG_VALIDATE_SSH_KEY=${catalog_validate_ssh_key} ZONES=${zones} RESOURCE_GROUP=${resource_group} COMPUTE_IMAGE_NAME=${image_name} PRIVATE_CATALOG_ID=${private_catalog_id} VPC_ID=${vpc_id} SUBNET_ID=${vpc_subnet_id} SOURCE_IMAGE_NAME=${source_image_name} go test -v -timeout 900m -parallel 4 -run "TestRunHpcDeploymentForCustomImageBuilder" | tee hpc_log_$(date +%d-%m-%Y-%H-%M-%S).log
+ SOLUTION=${solution} PREFIX=${prefix} CLUSTER_ID=${cluster_id} SSH_FILE_PATH="/HPCaaS/artifacts/.ssh/id_rsa" REMOTE_ALLOWED_IPS=$PACKER_FIP SSH_KEYS=$CICD_SSH_KEY CATALOG_VALIDATE_SSH_KEY=${catalog_validate_ssh_key} ZONES=${zones} RESOURCE_GROUP=${resource_group} COMPUTE_IMAGE_NAME=${image_name} PRIVATE_CATALOG_ID=${private_catalog_id} VPC_ID=${vpc_id} SUBNET_ID=${vpc_subnet_id} SOURCE_IMAGE_NAME=${source_image_name} go test -v -timeout 900m -parallel 4 -run "TestRunHpcDeploymentForCustomImageBuilder" | tee hpc_log_$(date +%d-%m-%Y-%H-%M-%S).log
else
- SOLUTION=${solution} IBM_CUSTOMER_NUMBER=${ibm_customer_number} PREFIX=${prefix} CLUSTER_ID=${cluster_id} SSH_FILE_PATH="/HPCaaS/artifacts/.ssh/id_rsa" REMOTE_ALLOWED_IPS=$PACKER_FIP SSH_KEYS=$CICD_SSH_KEY ZONES=${zones} RESOURCE_GROUP=${resource_group} COMPUTE_IMAGE_NAME=${image_name} SOURCE_IMAGE_NAME=${source_image_name} go test -v -timeout 900m -parallel 4 -run "TestRunHpcDeploymentForCustomImageBuilder" | tee hpc_log_$(date +%d-%m-%Y-%H-%M-%S).log
+ SOLUTION=${solution} PREFIX=${prefix} CLUSTER_ID=${cluster_id} SSH_FILE_PATH="/HPCaaS/artifacts/.ssh/id_rsa" REMOTE_ALLOWED_IPS=$PACKER_FIP SSH_KEYS=$CICD_SSH_KEY ZONES=${zones} RESOURCE_GROUP=${resource_group} COMPUTE_IMAGE_NAME=${image_name} SOURCE_IMAGE_NAME=${source_image_name} go test -v -timeout 900m -parallel 4 -run "TestRunHpcDeploymentForCustomImageBuilder" | tee hpc_log_$(date +%d-%m-%Y-%H-%M-%S).log
fi
fi
echo "========== Deleting the SSH key ========="
diff --git a/tools/image-builder/variables.tf b/tools/image-builder/variables.tf
index 44b67ec2..d0029c4b 100644
--- a/tools/image-builder/variables.tf
+++ b/tools/image-builder/variables.tf
@@ -217,10 +217,3 @@ variable "solution" {
default = "lsf"
description = "Provide the value for the solution that is needed for the support of lsf and HPC"
}
-
-variable "ibm_customer_number" {
- type = string
- sensitive = true
- default = ""
- description = "Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see [What is my IBM Customer Number (ICN)?](https://www.ibm.com/support/pages/what-my-ibm-customer-number-icn)."
-}