From 3cb427d484de5bf93da7fe216ae8dcbac15e68ec Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Tue, 21 Oct 2025 17:42:02 +0100 Subject: [PATCH 1/3] feat: remove Account Config DA from customize DA flow, add default value for prefix using random string generator and update logic that handles default resource group lookup --- ibm_catalog.json | 80 +++++++++++++++++++----------------------------- tests/go.mod | 2 +- tests/go.sum | 4 +-- tests/pr_test.go | 1 - 4 files changed, 34 insertions(+), 53 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index fc39135..3588853 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -89,26 +89,19 @@ ], "notes": "[Optional] Required to create the containers-kubernetes-key needed by the OpenShift cluster on IBM Cloud." }, - { - "role_crns": [ - "crn:v1:bluemix:public:iam::::role:Administrator" - ], - "service_name": "All Account Management services", - "notes": "[Optional] Required to create new resource groups when enabling the Account Configuration integration." - }, { "role_crns": [ "crn:v1:bluemix:public:iam::::role:Administrator" ], "service_name": "All Identity and Access enabled services", - "notes": "[Optional] Required to create new resource groups with account settings when enabling the Account Configuration integration." + "notes": "[Optional] Required to to create trusted profile for App Configuration aggregator which is used for compliance scanning." }, { "service_name": "is.vpc", "role_crns": [ "crn:v1:bluemix:public:iam::::role:Administrator" ], - "notes": "[Optional] Required for creating Virtual Private Cloud(VPC)." + "notes": "[Optional] Required for creating Virtual Private Cloud (VPC)." }, { "service_name": "cloud-object-storage", @@ -221,6 +214,10 @@ { "key": "prefix", "required": true, + "default_value": "dev", + "random_string": { + "length": 4 + }, "value_constraints": [ { "type": "regex", @@ -240,7 +237,7 @@ "required": true }, { - "display_name": "resource_group", + "display_name": "cluster_resource_group", "key": "cluster_resource_group_id", "custom_config": { "type": "resource_group", @@ -772,7 +769,7 @@ "required": true, "virtual": true, "type": "number", - "default_value": 2, + "default_value": 1, "description": "Number of worker nodes in each zone of the cluster." }, { @@ -798,22 +795,12 @@ "description": "The operating system installed on the worker nodes. [Learn more](https://cloud.ibm.com/docs/openshift?topic=openshift-vpc-flavors)." }, { - "key": "allow_public_access_to_cluster", + "key": "allow_public_access_to_cluster_management", "type": "boolean", "required": true, "virtual": true, "default_value": false, - "options": [ - { - "displayname": "true", - "value": "true" - }, - { - "displayname": "false", - "value": "false" - } - ], - "description": "When set to `true`, public endpoint will be enabled for the cluster which will allow access to master node of the cluster from outside the VPC network." + "description": "Set to true to access the cluster through a public cloud service endpoint. [Learn More](https://cloud.ibm.com/docs/openshift?topic=openshift-access_cluster)." }, { "key": "allow_outbound_traffic", @@ -821,16 +808,6 @@ "required": true, "virtual": true, "default_value": false, - "options": [ - { - "displayname": "true", - "value": "true" - }, - { - "displayname": "false", - "value": "false" - } - ], "description": "Set to true to allow public outbound access from the cluster workers." }, { @@ -878,17 +855,7 @@ "default_value": false, "description": "When set to `true`, the IBM Cloud Monitoring instance will be configured to collect platform metrics from the provided region. ⚠️ You can configure 1 instance only of the IBM Cloud Monitoring service per region to collect platform metrics in that location. Check with the account or service administrator if another monitoring instance has already been configured. You may not have permissions to see all monitoring instances in the region. [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-platform_metrics_enabling).", "required": true, - "virtual": true, - "options": [ - { - "displayname": "true", - "value": "true" - }, - { - "displayname": "false", - "value": "false" - } - ] + "virtual": true }, { "key": "logs_routing_tenant_regions", @@ -928,7 +895,7 @@ "name": "deploy-arch-ibm-cloud-monitoring", "description": "Sets up a Cloud Monitoring instance to gain operational visibility on applications running on OpenShift Cluster.", "id": "73debdbf-894f-4c14-81c7-5ece3a70b67d-global", - "version": "v1.7.2", + "version": "v1.9.0", "flavors": [ "fully-configurable" ], @@ -941,6 +908,11 @@ "version_input": "region", "reference_version": true }, + { + "dependency_input": "existing_resource_group_name", + "version_input": "existing_resource_group_name", + "reference_version": true + }, { "dependency_input": "prefix", "version_input": "prefix", @@ -966,7 +938,7 @@ "name": "deploy-arch-ibm-scc-workload-protection", "description": "Configure an IBM Cloud Security and Compliance Center Workload Protection instance to help you manage security and compliance for your organization.", "id": "4322cf44-2289-49aa-a719-dd79e39b14dc-global", - "version": "v1.12.3", + "version": "v1.14.0", "flavors": [ "fully-configurable" ], @@ -984,6 +956,11 @@ "version_input": "prefix", "reference_version": true }, + { + "dependency_input": "existing_resource_group_name", + "version_input": "existing_resource_group_name", + "reference_version": true + }, { "dependency_input": "scc_workload_protection_instance_name", "version_input": "scc_workload_protection_instance_name", @@ -1028,6 +1005,11 @@ "version_input": "prefix", "reference_version": true }, + { + "dependency_input": "existing_resource_group_name", + "version_input": "existing_resource_group_name", + "reference_version": true + }, { "dependency_input": "region", "version_input": "region", @@ -1049,8 +1031,8 @@ "reference_version": true }, { - "dependency_input": "allow_public_access_to_cluster", - "version_input": "allow_public_access_to_cluster", + "dependency_input": "allow_public_access_to_cluster_management", + "version_input": "allow_public_access_to_cluster_management", "reference_version": true }, { @@ -1094,7 +1076,7 @@ "reference_version": true } ], - "version": "v3.63.1" + "version": "v3.66.0" } ], "dependency_version_2": true, diff --git a/tests/go.mod b/tests/go.mod index d732e3c..7975efe 100644 --- a/tests/go.mod +++ b/tests/go.mod @@ -7,7 +7,7 @@ toolchain go1.25.3 require ( github.com/gruntwork-io/terratest v0.51.0 github.com/stretchr/testify v1.11.1 - github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.15 + github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.17 ) require ( diff --git a/tests/go.sum b/tests/go.sum index 9d276d3..40652bf 100644 --- a/tests/go.sum +++ b/tests/go.sum @@ -296,8 +296,8 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= -github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.15 h1:vTLAB97MQ45Hfla67pIWYnb/Z5YuEzRLjQ6WN4GHWgI= -github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.15/go.mod h1:g0kmBhFk6pVoTmse42tMNCSNktiOYJHAda/pAzOIxco= +github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.17 h1:unGRxvM9OJBTsfDQg/AZCYOeJZ5TqrCsPphjWJ2wI94= +github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.17/go.mod h1:g0kmBhFk6pVoTmse42tMNCSNktiOYJHAda/pAzOIxco= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tmccombs/hcl2json v0.6.4 h1:/FWnzS9JCuyZ4MNwrG4vMrFrzRgsWEOVi+1AyYUVLGw= github.com/tmccombs/hcl2json v0.6.4/go.mod h1:+ppKlIW3H5nsAsZddXPy2iMyvld3SHxyjswOZhavRDk= diff --git a/tests/pr_test.go b/tests/pr_test.go index 707fc69..94181bf 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -305,7 +305,6 @@ func TestAgentDefaultConfiguration(t *testing.T) { "deploy-arch-ibm-monitoring-agent", "fully-configurable", map[string]interface{}{ - "prefix": options.Prefix, "region": "eu-de", }, ) From 640ce7392fc18e1d4d82b7dd7de9fdad31c2d231 Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Tue, 21 Oct 2025 17:44:18 +0100 Subject: [PATCH 2/3] update defaults --- ibm_catalog.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index 3588853..434826a 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -799,7 +799,7 @@ "type": "boolean", "required": true, "virtual": true, - "default_value": false, + "default_value": true, "description": "Set to true to access the cluster through a public cloud service endpoint. [Learn More](https://cloud.ibm.com/docs/openshift?topic=openshift-access_cluster)." }, { @@ -807,7 +807,7 @@ "type": "boolean", "required": true, "virtual": true, - "default_value": false, + "default_value": true, "description": "Set to true to allow public outbound access from the cluster workers." }, { From 874eb6c986a4bc90d22a2264c081891d9aa80e52 Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Thu, 23 Oct 2025 13:27:47 +0100 Subject: [PATCH 3/3] fix missing virtual inpput --- ibm_catalog.json | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/ibm_catalog.json b/ibm_catalog.json index 434826a..75b869b 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -236,6 +236,21 @@ }, "required": true }, + { + "key": "existing_resource_group_name", + "display_name": "resource_group", + "custom_config": { + "type": "resource_group", + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "identifier": "rg_name" + } + }, + "default_value": "Default", + "description": "The name of an existing resource group to provision the resources. [Learn more](https://cloud.ibm.com/docs/account?topic=account-rgs&interface=ui#create_rgs) about how to create a resource group.", + "virtual": true + }, { "display_name": "cluster_resource_group", "key": "cluster_resource_group_id",