feat: Updates: <br>- Add binaries installation support in script for Waypoint runtime compatibilty <br>- use terraform_data resource in-place of null_resource(#95)

* feat: add binary installation support for Waypoint runtime compatibility

* fix: remove local duplicates

* fix: remove local duplicates

* fix: update permissions to install-binaries script

* fix: removing unused binary JQ

* chore: update subscription version to latest v4.19.15

* fix: removed unused null provider declaration

* fix: removed unused  null provider block in readme

* fix: fixing the pipeline issues

* " fix: fixing the pipeline issues"

This reverts commit e4a7fa0.

* chore: replace triggers

* fix: fixed pre-commit errors

* fix: fixed ci  pipeline issues

* fix: fixing indentations issues

* SKIP UPGRADE TEST

* fix: remove triggers and update depends on for installed binaries

* fix: updated tag version

---------

Co-authored-by: raagamounica <mounica.tellabati@ibm.com>

Author: mounicatellabati

README.md

@@ -24,6 +24,9 @@ This module configures Openshift Virtualization on an IBM Cloud Red Hat OpenShif
 * [Examples](./examples)
 :information_source: Ctrl/Cmd+Click or right-click on the Schematics deploy button to open in a new tab
     * <a href="./examples/basic">Basic example</a> <a href="https://cloud.ibm.com/schematics/workspaces/create?workspace_name=ocp-virtualization-basic-example&repository=https://github.com/terraform-ibm-modules/terraform-ibm-ocp-virtualization/tree/main/examples/basic"><img src="https://img.shields.io/badge/Deploy%20with IBM%20Cloud%20Schematics-0f62fe?logo=ibm&logoColor=white&labelColor=0f62fe" alt="Deploy with IBM Cloud Schematics" style="height: 16px; vertical-align: text-bottom; margin-left: 5px;"></a>
+* [Deployable Architectures](./solutions)
+    * <a href="./solutions/fully-configurable">Cloud automation for OpenShift Virtualization (Fully configurable)</a>
+    * <a href="./solutions/quickstart">Cloud automation for OpenShift Virtualization (Quickstart)</a>
 * [Contributing](#contributing)
 <!-- END OVERVIEW HOOK -->
 
@@ -113,7 +116,6 @@ You need the following permissions to run this module.
 | <a name="requirement_helm"></a> [helm](#requirement\_helm) | >= 3.0.0, <4.0.0 |
 | <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | >= 1.79.1, <2.0.0 |
 | <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 3.0.0, < 4.0.0 |
-| <a name="requirement_null"></a> [null](#requirement\_null) | >= 3.2.1, < 4.0.0 |
 | <a name="requirement_time"></a> [time](#requirement\_time) | >= 0.9.1, < 1.0.0 |
 
 ### Modules
@@ -128,10 +130,11 @@ No modules.
 | [helm_release.subscription](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
 | [kubernetes_config_map_v1_data.disable_default_storageclass](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/config_map_v1_data) | resource |
 | [kubernetes_config_map_v1_data.set_vpc_file_default_storage_class](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/config_map_v1_data) | resource |
-| [null_resource.config_map_status](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
-| [null_resource.enable_catalog_source](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
-| [null_resource.storageprofile_status](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
-| [null_resource.update_storage_profile](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
+| [terraform_data.config_map_status](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/resources/data) | resource |
+| [terraform_data.enable_catalog_source](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/resources/data) | resource |
+| [terraform_data.install_required_binaries](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/resources/data) | resource |
+| [terraform_data.storageprofile_status](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/resources/data) | resource |
+| [terraform_data.update_storage_profile](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/resources/data) | resource |
 | [time_sleep.wait_for_subscription](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |
 | [ibm_container_cluster_config.cluster_config](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/data-sources/container_cluster_config) | data source |
 | [ibm_container_vpc_cluster.cluster](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/data-sources/container_vpc_cluster) | data source |
@@ -144,6 +147,7 @@ No modules.
 | <a name="input_cluster_id"></a> [cluster\_id](#input\_cluster\_id) | The ID of the cluster to deploy the agents in. | `string` | n/a | yes |
 | <a name="input_cluster_resource_group_id"></a> [cluster\_resource\_group\_id](#input\_cluster\_resource\_group\_id) | The resource group ID of the cluster. | `string` | n/a | yes |
 | <a name="input_infra_node_selectors"></a> [infra\_node\_selectors](#input\_infra\_node\_selectors) | List of infra node selectors to apply to HyperConverged pods. [Learn more](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). | <pre>list(object({<br/>    key    = string<br/>    values = list(string)<br/>  }))</pre> | <pre>[<br/>  {<br/>    "key": "ibm-cloud.kubernetes.io/server-type",<br/>    "values": [<br/>      "virtual",<br/>      "physical"<br/>    ]<br/>  }<br/>]</pre> | no |
+| <a name="input_install_required_binaries"></a> [install\_required\_binaries](#input\_install\_required\_binaries) | When true, run a script to ensure required CLI binary (kubectl) is available in the runtime; if missing the script will attempt to download them to /tmp. Set to false to skip. | `bool` | `true` | no |
 | <a name="input_vpc_file_default_storage_class"></a> [vpc\_file\_default\_storage\_class](#input\_vpc\_file\_default\_storage\_class) | The name of the VPC File storage class which will be set as the default storage class. | `string` | `"ibmc-vpc-file-metro-1000-iops"` | no |
 | <a name="input_wait_till"></a> [wait\_till](#input\_wait\_till) | To avoid long wait times when you run your Terraform code, you can specify the stage when you want Terraform to mark the cluster resource creation as completed. Depending on what stage you choose, the cluster creation might not be fully completed and continues to run in the background. However, your Terraform code can continue to run without waiting for the cluster to be fully created. Supported args are `MasterNodeReady`, `OneWorkerNodeReady`, `IngressReady` and `Normal`. | `string` | `"Normal"` | no |
 | <a name="input_wait_till_timeout"></a> [wait\_till\_timeout](#input\_wait\_till\_timeout) | Timeout for wait\_till in minutes. | `number` | `90` | no |

common-dev-assets

@@ -26,9 +26,18 @@ resource "kubernetes_config_map_v1_data" "disable_default_storageclass" {
   force = true
 }
 
-resource "null_resource" "config_map_status" {
+resource "terraform_data" "install_required_binaries" {
+  count = var.install_required_binaries ? 1 : 0
   provisioner "local-exec" {
-    command     = "${path.module}/scripts/get_config_map_status.sh"
+    command     = "${path.module}/scripts/install-binaries.sh ${local.binaries_path}"
+    interpreter = ["/bin/bash", "-c"]
+  }
+}
+
+resource "terraform_data" "config_map_status" {
+  depends_on = [terraform_data.install_required_binaries]
+  provisioner "local-exec" {
+    command     = "${path.module}/scripts/get_config_map_status.sh ${local.binaries_path}"
     interpreter = ["/bin/bash", "-c"]
     environment = {
       KUBECONFIG = data.ibm_container_cluster_config.cluster_config.config_file_path
@@ -37,7 +46,7 @@ resource "null_resource" "config_map_status" {
 }
 
 resource "kubernetes_config_map_v1_data" "set_vpc_file_default_storage_class" {
-  depends_on = [null_resource.config_map_status]
+  depends_on = [terraform_data.config_map_status, terraform_data.install_required_binaries]
   metadata {
     name      = "addon-vpc-file-csi-driver-configmap"
     namespace = "kube-system"
@@ -50,9 +59,10 @@ resource "kubernetes_config_map_v1_data" "set_vpc_file_default_storage_class" {
   force = true
 }
 
-resource "null_resource" "enable_catalog_source" {
+resource "terraform_data" "enable_catalog_source" {
+  depends_on = [terraform_data.install_required_binaries]
   provisioner "local-exec" {
-    command     = "${path.module}/scripts/enable_catalog_source.sh"
+    command     = "${path.module}/scripts/enable_catalog_source.sh ${local.binaries_path}"
     interpreter = ["/bin/bash", "-c"]
     environment = {
       KUBECONFIG = data.ibm_container_cluster_config.cluster_config.config_file_path
@@ -65,13 +75,13 @@ resource "null_resource" "enable_catalog_source" {
 ########################################################################################################################
 
 locals {
-  subscription_version        = "v4.17.4"
+  subscription_version        = "v4.19.15"
   subscription_chart_location = "${path.module}/chart/subscription"
   namespace                   = "openshift-cnv" # This is hard-coded because using any other namespace will break the virtualization.
 }
 
 resource "helm_release" "subscription" {
-  depends_on       = [null_resource.enable_catalog_source]
+  depends_on       = [terraform_data.enable_catalog_source]
   name             = "${data.ibm_container_vpc_cluster.cluster.name}-subscription"
   chart            = local.subscription_chart_location
   namespace        = local.namespace
@@ -92,10 +102,11 @@ resource "helm_release" "subscription" {
 
 #########################################################################################################################
 # Deploying the OpenShift Virtualization Operator
-########################################################################################################################
+#########################################################################################################################
 
 locals {
   operator_chart_location = "${path.module}/chart/operator"
+  binaries_path           = "/tmp"
 }
 
 resource "time_sleep" "wait_for_subscription" {
@@ -124,22 +135,21 @@ resource "helm_release" "operator" {
   ]
 }
 
-resource "null_resource" "storageprofile_status" {
-  depends_on = [helm_release.operator]
-
+resource "terraform_data" "storageprofile_status" {
+  depends_on = [helm_release.operator, terraform_data.install_required_binaries]
   provisioner "local-exec" {
-    command     = "${path.module}/scripts/confirm-storageprofile-status.sh"
+    command     = "${path.module}/scripts/confirm-storageprofile-status.sh ${local.binaries_path}"
     interpreter = ["/bin/bash", "-c"]
     environment = {
       KUBECONFIG = data.ibm_container_cluster_config.cluster_config.config_file_path
     }
   }
 }
 
-resource "null_resource" "update_storage_profile" {
-  depends_on = [null_resource.storageprofile_status]
+resource "terraform_data" "update_storage_profile" {
+  depends_on = [terraform_data.storageprofile_status, terraform_data.install_required_binaries]
   provisioner "local-exec" {
-    command     = "${path.module}/scripts/update_storage_profile.sh ${var.vpc_file_default_storage_class}"
+    command     = "${path.module}/scripts/update_storage_profile.sh ${var.vpc_file_default_storage_class} ${local.binaries_path}"
     interpreter = ["/bin/bash", "-c"]
     environment = {
       KUBECONFIG = data.ibm_container_cluster_config.cluster_config.config_file_path

main.tf

@@ -2,6 +2,9 @@
 
 set -e
 
+# The binaries downloaded by the install-binaries script are located in the /tmp directory.
+export PATH=$PATH:${1:-"/tmp"}
+
 attempt=0
 retry_wait_time=60
 MAX_ATTEMPTS=10

scripts/confirm-storageprofile-status.sh

@@ -2,24 +2,26 @@
 
 set -euo pipefail
 
+# The binaries downloaded by the install-binaries script are located in the /tmp directory.
+export PATH=$PATH:${1:-"/tmp"}
 
-PATCH_APPLY="oc patch operatorhub cluster --type json -p '[{\"op\": \"add\", \"path\": \"/spec/disableAllDefaultSources\", \"value\": false}]'"
+PATCH_APPLY="kubectl patch operatorhub cluster --type=json -p '[{\"op\": \"add\", \"path\": \"/spec/disableAllDefaultSources\", \"value\": false}]'"
 MAX_ATTEMPTS=10
 
-function check_oc_cli() {
-  if ! command -v oc &> /dev/null; then
-    echo "Error: OpenShift CLI (oc) is not installed. Exiting."
+function check_kubectl_cli() {
+  if ! command -v kubectl &> /dev/null; then
+    echo "Error: Kubernetes CLI (kubectl) is not installed. Exiting."
     exit 1
   fi
 }
 
-function apply_oc_patch() {
+function apply_kubectl_patch() {
 
   local attempt=0
   local retry_wait_time=5
 
   while [ $attempt -lt $MAX_ATTEMPTS ]; do
-    echo "Attempt $((attempt+1)) of $MAX_ATTEMPTS: Applying OpenShift Console patch..."
+    echo "Attempt $((attempt + 1)) of $MAX_ATTEMPTS: Applying Kubernetes patch..."
 
     if eval "$PATCH_APPLY"; then
       echo "Patch applied successfully."
@@ -37,9 +39,9 @@ function apply_oc_patch() {
 
 echo "========================================="
 
-check_oc_cli
+check_kubectl_cli
 
-    echo "Enabling default catalog source"
-    apply_oc_patch
+echo "Enabling default catalog source"
+apply_kubectl_patch
 
 echo "========================================="

scripts/enable_catalog_source.sh

@@ -2,6 +2,9 @@
 
 set -e
 
+# The binaries downloaded by the install-binaries script are located in the /tmp directory.
+export PATH=$PATH:${1:-"/tmp"}
+
 CONFIGMAP_NAME="addon-vpc-file-csi-driver-configmap"
 NAMESPACE="kube-system"
 COUNTER=0

scripts/get_config_map_status.sh

@@ -0,0 +1,40 @@
+#!/bin/bash
+
+# Installs required CLI binaries into the provided directory (defaults to /tmp).
+set -o errexit
+set -o pipefail
+
+DIRECTORY=${1:-"/tmp"}
+export PATH=$PATH:$DIRECTORY
+# renovate: datasource=github-tags depName=terraform-ibm-modules/common-bash-library
+TAG=v0.2.1
+TMP_DIR=$(mktemp -d "${DIRECTORY}/common-bash-XXXXX")
+
+echo "Downloading common-bash-library version ${TAG}."
+
+# download common-bash-library
+curl --silent \
+    --connect-timeout 5 \
+    --max-time 10 \
+    --retry 3 \
+    --retry-delay 2 \
+    --retry-connrefused \
+    --fail \
+    --show-error \
+    --location \
+    --output "${TMP_DIR}/common-bash.tar.gz" \
+    "https://github.com/terraform-ibm-modules/common-bash-library/archive/refs/tags/$TAG.tar.gz"
+
+mkdir -p "${TMP_DIR}/common-bash-library"
+tar -xzf "${TMP_DIR}/common-bash.tar.gz" -C "${TMP_DIR}"
+rm -f "${TMP_DIR}/common-bash.tar.gz"
+
+# shellcheck disable=SC1091,SC1090
+source "${TMP_DIR}/common-bash-library-${TAG#v}/common/common.sh"
+
+echo "Installing kubectl."
+install_kubectl "latest" "${DIRECTORY}" "true"
+
+rm -rf "$TMP_DIR"
+
+echo "Installation complete successfully"

scripts/install-binaries.sh

@@ -2,24 +2,29 @@
 
 set -euo pipefail
 
+# STORAGE_CLASS is the first argument; optional binaries path is the second argument.
 STORAGE_CLASS="$1"
+# The binaries downloaded by the install-binaries script are located in the /tmp directory.
+export PATH=$PATH:${2:-"/tmp"}
+
+PATCH_PAYLOAD='{"spec":{"claimPropertySets":[{"accessModes":["ReadWriteMany"],"volumeMode":"Filesystem"}]}}'
+STORAGE_PROFILE="kubectl patch storageprofile $STORAGE_CLASS --type=merge -p '$PATCH_PAYLOAD'"
 
-STORAGE_PROFILE="oc patch storageprofile $STORAGE_CLASS -p '{\"spec\": {\"claimPropertySets\": [{\"accessModes\": [\"ReadWriteMany\"], \"volumeMode\": \"Filesystem\"}]}}' --type merge"
 MAX_ATTEMPTS=10
 RETRY_WAIT=5
 
-function check_oc_cli() {
-    if ! command -v oc &>/dev/null; then
-        echo "Error: OpenShift CLI (oc) is not installed. Exiting."
+function check_kubectl_cli() {
+    if ! command -v kubectl &>/dev/null; then
+        echo "Error: Kubernetes CLI (kubectl) is not installed. Exiting."
         exit 1
     fi
 }
 
-function apply_oc_patch() {
-
+function apply_kubectl_patch() {
     local attempt=0
+
     while [ $attempt -lt $MAX_ATTEMPTS ]; do
-        echo "Attempt $((attempt + 1)) of $MAX_ATTEMPTS: Applying OpenShift Console patch..."
+        echo "Attempt $((attempt + 1)) of $MAX_ATTEMPTS: Applying Kubernetes patch..."
 
         if eval "$STORAGE_PROFILE"; then
             echo "Patch applied successfully."
@@ -38,6 +43,7 @@ function apply_oc_patch() {
 
 echo "========================================="
 
-check_oc_cli
-apply_oc_patch
+check_kubectl_cli
+apply_kubectl_patch
+
 echo "========================================="

scripts/update_storage_profile.sh

@@ -74,3 +74,10 @@ variable "workloads_node_selectors" {
     values = ["physical"]
   }]
 }
+
+variable "install_required_binaries" {
+  type        = bool
+  default     = true
+  description = "When true, run a script to ensure required CLI binary (kubectl) is available in the runtime; if missing the script will attempt to download them to /tmp. Set to false to skip."
+  nullable    = false
+}

variables.tf

@@ -10,10 +10,6 @@ terraform {
       source  = "hashicorp/helm"
       version = ">= 3.0.0, <4.0.0"
     }
-    null = {
-      source  = "hashicorp/null"
-      version = ">= 3.2.1, < 4.0.0"
-    }
     kubernetes = {
       source  = "hashicorp/kubernetes"
       version = ">= 3.0.0, < 4.0.0"