feat: initial creation of module (#6)

Author: toddgiguere

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "go.sum|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2023-12-09T06:39:44Z",
+  "generated_at": "2024-01-19T16:07:13Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -76,7 +76,18 @@
       "name": "TwilioKeyDetector"
     }
   ],
-  "results": {},
+  "results": {
+    "README.md": [
+      {
+        "hashed_secret": "ff9ee043d85595eb255c05dfe32ece02a53efbb2",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 53,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ]
+  },
   "version": "0.13.1+ibm.62.dss",
   "word_list": {
     "file": null,

README.md

@@ -1,11 +1,10 @@
 # More info about this file at https://github.com/terraform-ibm-modules/common-pipeline-assets/blob/main/.github/workflows/terraform-test-pipeline.md#cra-config-yaml
 version: "v1"
 CRA_TARGETS:
-  - CRA_TARGET: "examples/complete" # Target directory for CRA scan. If not provided, the CRA Scan will not be run.
-    CRA_IGNORE_RULES_FILE: "cra-tf-validate-ignore-rules.json" # CRA Ignore file to use. If not provided, it checks the repo root directory for `cra-tf-validate-ignore-rules.json`
-    PROFILE_ID: "0e6e7b5a-817d-4344-ab6f-e5d7a9c49520" # SCC profile ID (currently set to the FSCloud 1.4.0 profile).
-    # SCC_INSTANCE_ID: "" # The SCC instance ID to use to download profile for CRA scan. If not provided, a default global value will be used.
-    # SCC_REGION: "" # The IBM Cloud region that the SCC instance is in. If not provided, a default global value will be used.
-    # CRA_ENVIRONMENT_VARIABLES:  # An optional map of environment variables for CRA, where the key is the variable name and value is the value. Useful for providing TF_VARs.
-    #   TF_VAR_sample: "sample value"
-    #   TF_VAR_other:  "another value"
+  - CRA_TARGET: "examples/fscloud"
+    CRA_IGNORE_RULES_FILE: "cra-tf-validate-ignore-rules.json"
+    PROFILE_ID: "0e6e7b5a-817d-4344-ab6f-e5d7a9c49520"
+    CRA_ENVIRONMENT_VARIABLES:
+      TF_VAR_existing_at_instance_crn: "crn:v1:bluemix:public:logdnaat:eu-de:a/abac0df06b644a9cabc6e44f55b3880e:b1ef3365-dfbf-4d8f-8ac8-75f4f84d6f4a::"
+      TF_VAR_existing_kms_instance_guid: "e6dce284-e80f-46e1-a3c1-830f7adff7a9"
+      TF_VAR_kms_key_crn: "crn:v1:bluemix:public:hs-crypto:us-south:a/abac0df06b644a9cabc6e44f55b3880e:e6dce284-e80f-46e1-a3c1-830f7adff7a9:key:76170fae-4e0c-48c3-8ebe-326059ebb533"

cra-config.yaml

@@ -1,3 +1,10 @@
 {
-    "scc_rules": []
+  "scc_rules": [
+    {
+      "scc_rule_id": "rule-216e2449-27d7-4afc-929a-b66e196a9cf9",
+      "description": "Check whether Flow Logs for VPC are enabled",
+      "ignore_reason": "This rule is not relevant to the module itself, just the VPC resource is used in the example that is scanned",
+      "is_valid": false
+    }
+  ]
 }

cra-tf-validate-ignore-rules.json

@@ -0,0 +1,7 @@
+# Restore from backup example
+
+This example provides an end-to-end executable flow of how a MySQL DB can be created from a backup instance. This example uses the IBM Cloud terraform provider to:
+
+- Create a new resource group if one is not passed in.
+- Create a new ICD MySQL database instance if no existing backup crn is provided.
+- Create a restored ICD MySQL database instance pointing to the backup of the first instance.

examples/backup/README.md

@@ -0,0 +1,39 @@
+##############################################################################
+# Resource Group
+##############################################################################
+
+module "resource_group" {
+  source  = "terraform-ibm-modules/resource-group/ibm"
+  version = "1.1.4"
+  # if an existing resource group is not set (null) create a new one using prefix
+  resource_group_name          = var.resource_group == null ? "${var.prefix}-resource-group" : null
+  existing_resource_group_name = var.resource_group
+}
+
+module "mysql_db" {
+  count             = var.mysql_db_backup_crn != null ? 0 : 1
+  source            = "../.."
+  resource_group_id = module.resource_group.resource_group_id
+  name              = "${var.prefix}-mysql"
+  mysql_version     = var.mysql_version
+  region            = var.region
+  resource_tags     = var.resource_tags
+  access_tags       = var.access_tags
+}
+
+data "ibm_database_backups" "backup_database" {
+  count         = var.mysql_db_backup_crn != null ? 0 : 1
+  deployment_id = module.mysql_db[0].id
+}
+
+# New mysql instance pointing to the backup instance
+module "restored_mysql_db" {
+  source            = "../.."
+  resource_group_id = module.resource_group.resource_group_id
+  name              = "${var.prefix}-mysql-restored"
+  mysql_version     = var.mysql_version
+  region            = var.region
+  resource_tags     = var.resource_tags
+  access_tags       = var.access_tags
+  backup_crn        = var.mysql_db_backup_crn == null ? data.ibm_database_backups.backup_database[0].backups[0].backup_id : var.mysql_db_backup_crn
+}

examples/backup/main.tf

@@ -0,0 +1,17 @@
+##############################################################################
+# Outputs
+##############################################################################
+output "id" {
+  description = "MySQL instance id"
+  value       = var.mysql_db_backup_crn == null ? module.mysql_db[0].id : null
+}
+
+output "restored_mysql_db_id" {
+  description = "Restored MySQL instance id"
+  value       = module.restored_mysql_db.id
+}
+
+output "restored_mysql_db_version" {
+  description = "Restored MySQL instance version"
+  value       = module.restored_mysql_db.version
+}

examples/backup/outputs.tf

@@ -0,0 +1,4 @@
+provider "ibm" {
+  ibmcloud_api_key = var.ibmcloud_api_key
+  region           = var.region
+}

examples/backup/provider.tf

@@ -0,0 +1,47 @@
+variable "ibmcloud_api_key" {
+  type        = string
+  description = "The IBM Cloud API Key"
+  sensitive   = true
+}
+
+variable "region" {
+  type        = string
+  description = "Region to provision all resources created by this example."
+  default     = "us-south"
+}
+
+variable "prefix" {
+  type        = string
+  description = "Prefix to append to all resources created by this example"
+  default     = "mysql-res"
+}
+
+variable "mysql_version" {
+  description = "Version of the MySQL instance. If no value passed, the current ICD preferred version is used."
+  type        = string
+  default     = null
+}
+
+variable "resource_group" {
+  type        = string
+  description = "An existing resource group name to use for this example, if unset a new resource group will be created"
+  default     = null
+}
+
+variable "resource_tags" {
+  type        = list(string)
+  description = "Optional list of tags to be added to created resources"
+  default     = []
+}
+
+variable "access_tags" {
+  type        = list(string)
+  description = "A list of access tags to apply to the MySQL instance created by the module, see https://cloud.ibm.com/docs/account?topic=account-access-tags-tutorial for more details"
+  default     = []
+}
+
+variable "mysql_db_backup_crn" {
+  type        = string
+  description = "The existing CRN of a backup resource to restore from. If null then it will create a new instance first and then create another instance pointing to the backup of the first instance."
+  default     = null
+}

examples/backup/variables.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.3.0, <1.6.0"
+  required_providers {
+    # Use latest version of provider in non-basic examples to verify latest version works with module
+    ibm = {
+      source  = "IBM-Cloud/ibm"
+      version = ">= 1.61.0"
+    }
+  }
+}