feat: Added feature to add CBR for Kibana app and other security issues

[Ak-sky]

Description

This PR covers several security issues-

• Setting up built-in kibana_system user password specifically for the Code Engine Kibana application to connect to Elasticsearch instance with reduced permissions.
• Creates a new user for the Kibana application with database role.
• Set CBR rule for the Kibana dashboard using cbr_code_engine_kibana_project_rules variable.

Git Issue

Release required?

• No release
• Patch release (x.x.X)
• Minor release (x.X.x)
• Major release (X.x.x)

Release notes content

• Implements secure Kibana authentication by configuring built-in kibana_system user password and creating database-role users for dashboard access, plus adds CBR rules for Code Engine Kibana app integration using cbr_code_engine_kibana_project_rules variable.

Run the pipeline

If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.

Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:

/run pipeline

Checklist for reviewers

• If relevant, a test for the change is included or updated with this PR.
• If relevant, documentation for the change is included or updated with this PR.

For mergers

• Use a conventional commit message to set the release level. Follow the guidelines.
• Include information that users need to know about the PR in the commit message. The commit message becomes part of the GitHub release notes.
• Use the Squash and merge option.

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[github-actions]

@Ak-sky you must be in the team github-collaborators in order to trigger the pipeline.

[Ak-sky]

/run pipeline

[github-actions]

@Ak-sky you must be in the team github-collaborators in order to trigger the pipeline.

[Ak-sky]

/run pipeline

[github-actions]

@Ak-sky you must be in the team github-collaborators in order to trigger the pipeline.

[shemau]

I am not convinced this will work as expected.

Are there any tests to cover/validate the new feature?

[ocofaigh]

left some small feedback

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

Test failing with-, investigating

        	Error Trace:	/go/pkg/mod/github.com/terraform-ibm-modules/[email protected]/testhelper/terraform.go:252
        	            				/go/pkg/mod/github.com/terraform-ibm-modules/[email protected]/testschematic/tests.go:273
        	            				/go/pkg/mod/github.com/terraform-ibm-modules/[email protected]/testschematic/tests.go:28
        	            				/__w/terraform-ibm-icd-elasticsearch/terraform-ibm-icd-elasticsearch/tests/pr_test.go:124
        	Error:      	Should be false
        	Test:       	TestRunFullyConfigurableSolutionSchematics
        	Messages:   	Resource(s) identified to be created 
        	            	Name: set_kibana_system_user_password
        	            	Address: restapi_object.set_kibana_system_user_password[0]
        	            	Actions: [create]
        	            	DIFF:
        	            	Error getting diff: 'before' value is not an object

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[shemau]

LGTM

[shemau]

/run pipeline

resolved

[terraform-ibm-modules-ops]

🎉 This PR is included in version 2.3.0 🎉

The release is available on:

• GitHub release
• v2.3.0

Your semantic-release bot 📦🚀