From df5c9fe6b10a2fbb9d764a347c7731885ccd5028 Mon Sep 17 00:00:00 2001 From: Terraform IBM Modules Operations Date: Sun, 25 May 2025 16:53:10 +0000 Subject: [PATCH 1/5] chore(deps): update terraform dependencies --- modules/powervs-vpc-landing-zone/README.md | 8 ++++---- modules/powervs-vpc-landing-zone/client2sitevpn.tf | 6 +++--- modules/powervs-vpc-landing-zone/main.tf | 2 +- solutions/standard-extend/README.md | 6 +++--- solutions/standard-extend/versions.tf | 2 +- solutions/standard-plus-vsi/README.md | 4 ++-- solutions/standard-plus-vsi/versions.tf | 2 +- solutions/standard/README.md | 2 +- solutions/standard/versions.tf | 2 +- 9 files changed, 17 insertions(+), 17 deletions(-) diff --git a/modules/powervs-vpc-landing-zone/README.md b/modules/powervs-vpc-landing-zone/README.md index fc1605f3..d7016277 100644 --- a/modules/powervs-vpc-landing-zone/README.md +++ b/modules/powervs-vpc-landing-zone/README.md @@ -107,15 +107,15 @@ Creates VPC Landing Zone | Performs VPC VSI OS Config | Creates PowerVS Infrastr | Name | Source | Version | |------|--------|---------| -| [client\_to\_site\_vpn](#module\_client\_to\_site\_vpn) | terraform-ibm-modules/client-to-site-vpn/ibm | 3.0.10 | +| [client\_to\_site\_vpn](#module\_client\_to\_site\_vpn) | terraform-ibm-modules/client-to-site-vpn/ibm | 3.2.2 | | [configure\_monitoring\_host](#module\_configure\_monitoring\_host) | ./submodules/ansible | n/a | | [configure\_network\_services](#module\_configure\_network\_services) | ./submodules/ansible | n/a | | [configure\_scc\_wp\_agent](#module\_configure\_scc\_wp\_agent) | ./submodules/ansible | n/a | | [landing\_zone](#module\_landing\_zone) | terraform-ibm-modules/landing-zone/ibm//patterns//vsi//module | 7.5.0 | | [powervs\_workspace](#module\_powervs\_workspace) | terraform-ibm-modules/powervs-workspace/ibm | 3.0.2 | -| [private\_secret\_engine](#module\_private\_secret\_engine) | terraform-ibm-modules/secrets-manager-private-cert-engine/ibm | 1.5.1 | -| [scc\_wp\_instance](#module\_scc\_wp\_instance) | terraform-ibm-modules/scc-workload-protection/ibm | 1.5.12 | -| [secrets\_manager\_group](#module\_secrets\_manager\_group) | terraform-ibm-modules/secrets-manager-secret-group/ibm | 1.3.6 | +| [private\_secret\_engine](#module\_private\_secret\_engine) | terraform-ibm-modules/secrets-manager-private-cert-engine/ibm | 1.5.2 | +| [scc\_wp\_instance](#module\_scc\_wp\_instance) | terraform-ibm-modules/scc-workload-protection/ibm | 1.6.1 | +| [secrets\_manager\_group](#module\_secrets\_manager\_group) | terraform-ibm-modules/secrets-manager-secret-group/ibm | 1.3.7 | | [secrets\_manager\_private\_certificate](#module\_secrets\_manager\_private\_certificate) | terraform-ibm-modules/secrets-manager-private-cert/ibm | 1.3.3 | | [vpc\_file\_share\_alb](#module\_vpc\_file\_share\_alb) | ./submodules/fileshare-alb | n/a | diff --git a/modules/powervs-vpc-landing-zone/client2sitevpn.tf b/modules/powervs-vpc-landing-zone/client2sitevpn.tf index ef25b4ba..6668ca81 100644 --- a/modules/powervs-vpc-landing-zone/client2sitevpn.tf +++ b/modules/powervs-vpc-landing-zone/client2sitevpn.tf @@ -77,7 +77,7 @@ resource "ibm_resource_instance" "secrets_manager" { # Configure private cert engine if provisioning a new SM instance module "private_secret_engine" { source = "terraform-ibm-modules/secrets-manager-private-cert-engine/ibm" - version = "1.5.1" + version = "1.5.2" providers = { ibm = ibm.ibm-sm } count = var.client_to_site_vpn.enable ? 1 : 0 depends_on = [ibm_resource_instance.secrets_manager] @@ -94,7 +94,7 @@ module "private_secret_engine" { # Create a secret group to place the certificate in module "secrets_manager_group" { source = "terraform-ibm-modules/secrets-manager-secret-group/ibm" - version = "1.3.6" + version = "1.3.7" providers = { ibm = ibm.ibm-sm } count = var.client_to_site_vpn.enable ? 1 : 0 @@ -127,7 +127,7 @@ module "secrets_manager_private_certificate" { # Create client to site VPN Server module "client_to_site_vpn" { source = "terraform-ibm-modules/client-to-site-vpn/ibm" - version = "3.0.10" + version = "3.2.2" providers = { ibm = ibm.ibm-is } count = var.client_to_site_vpn.enable ? 1 : 0 diff --git a/modules/powervs-vpc-landing-zone/main.tf b/modules/powervs-vpc-landing-zone/main.tf index 1754560c..8bd78c0e 100644 --- a/modules/powervs-vpc-landing-zone/main.tf +++ b/modules/powervs-vpc-landing-zone/main.tf @@ -58,7 +58,7 @@ locals { module "scc_wp_instance" { source = "terraform-ibm-modules/scc-workload-protection/ibm" - version = "1.5.12" + version = "1.6.1" providers = { ibm = ibm.ibm-is } count = var.enable_scc_wp ? 1 : 0 diff --git a/solutions/standard-extend/README.md b/solutions/standard-extend/README.md index 0a9314e4..fc2376a8 100644 --- a/solutions/standard-extend/README.md +++ b/solutions/standard-extend/README.md @@ -36,7 +36,7 @@ If you do not have a PowerVS infrastructure that is the [Standard Landscape Vari | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.9 | -| [ibm](#requirement\_ibm) | 1.78.2 | +| [ibm](#requirement\_ibm) | 1.78.3 | ### Modules @@ -48,8 +48,8 @@ If you do not have a PowerVS infrastructure that is the [Standard Landscape Vari | Name | Type | |------|------| -| [ibm_schematics_output.schematics_output](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.2/docs/data-sources/schematics_output) | data source | -| [ibm_schematics_workspace.schematics_workspace](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.2/docs/data-sources/schematics_workspace) | data source | +| [ibm_schematics_output.schematics_output](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.3/docs/data-sources/schematics_output) | data source | +| [ibm_schematics_workspace.schematics_workspace](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.3/docs/data-sources/schematics_workspace) | data source | ### Inputs diff --git a/solutions/standard-extend/versions.tf b/solutions/standard-extend/versions.tf index 79a594b6..31cf8d0c 100644 --- a/solutions/standard-extend/versions.tf +++ b/solutions/standard-extend/versions.tf @@ -7,7 +7,7 @@ terraform { required_providers { ibm = { source = "IBM-Cloud/ibm" - version = "1.78.2" + version = "1.78.3" } } } diff --git a/solutions/standard-plus-vsi/README.md b/solutions/standard-plus-vsi/README.md index 540b24b9..ccd8abfb 100644 --- a/solutions/standard-plus-vsi/README.md +++ b/solutions/standard-plus-vsi/README.md @@ -47,7 +47,7 @@ This example sets up the following infrastructure: | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.9 | -| [ibm](#requirement\_ibm) | 1.78.2 | +| [ibm](#requirement\_ibm) | 1.78.3 | ### Modules @@ -60,7 +60,7 @@ This example sets up the following infrastructure: | Name | Type | |------|------| -| [ibm_pi_catalog_images.catalog_images_ds](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.2/docs/data-sources/pi_catalog_images) | data source | +| [ibm_pi_catalog_images.catalog_images_ds](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.3/docs/data-sources/pi_catalog_images) | data source | ### Inputs diff --git a/solutions/standard-plus-vsi/versions.tf b/solutions/standard-plus-vsi/versions.tf index 67850b51..34220038 100644 --- a/solutions/standard-plus-vsi/versions.tf +++ b/solutions/standard-plus-vsi/versions.tf @@ -7,7 +7,7 @@ terraform { required_providers { ibm = { source = "IBM-Cloud/ibm" - version = "1.78.2" + version = "1.78.3" } } } diff --git a/solutions/standard/README.md b/solutions/standard/README.md index d122f897..6e95866e 100644 --- a/solutions/standard/README.md +++ b/solutions/standard/README.md @@ -47,7 +47,7 @@ This example sets up the following infrastructure: | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.9 | -| [ibm](#requirement\_ibm) | 1.78.2 | +| [ibm](#requirement\_ibm) | 1.78.3 | ### Modules diff --git a/solutions/standard/versions.tf b/solutions/standard/versions.tf index 8caf6958..8a207c6e 100644 --- a/solutions/standard/versions.tf +++ b/solutions/standard/versions.tf @@ -7,7 +7,7 @@ terraform { required_providers { ibm = { source = "IBM-Cloud/ibm" - version = "1.78.2" + version = "1.78.3" } } } From 16a7af3c3ee8f7c457effffc7cc61ab1465c4a78 Mon Sep 17 00:00:00 2001 From: stafaniasaju Date: Mon, 26 May 2025 14:22:56 +0200 Subject: [PATCH 2/5] fix: app-configuration for scc_wp_instance SKIP UPGRADE TEST: app-configuration for scc_wp_instance --- modules/powervs-vpc-landing-zone/README.md | 1 + modules/powervs-vpc-landing-zone/main.tf | 17 +++++++++++++++++ solutions/standard/README.md | 5 ++++- solutions/standard/provider.tf | 13 +++++++++++++ solutions/standard/versions.tf | 4 ++++ 5 files changed, 39 insertions(+), 1 deletion(-) diff --git a/modules/powervs-vpc-landing-zone/README.md b/modules/powervs-vpc-landing-zone/README.md index d7016277..c7a8428e 100644 --- a/modules/powervs-vpc-landing-zone/README.md +++ b/modules/powervs-vpc-landing-zone/README.md @@ -107,6 +107,7 @@ Creates VPC Landing Zone | Performs VPC VSI OS Config | Creates PowerVS Infrastr | Name | Source | Version | |------|--------|---------| +| [app\_config](#module\_app\_config) | terraform-ibm-modules/app-configuration/ibm | 1.6.2 | | [client\_to\_site\_vpn](#module\_client\_to\_site\_vpn) | terraform-ibm-modules/client-to-site-vpn/ibm | 3.2.2 | | [configure\_monitoring\_host](#module\_configure\_monitoring\_host) | ./submodules/ansible | n/a | | [configure\_network\_services](#module\_configure\_network\_services) | ./submodules/ansible | n/a | diff --git a/modules/powervs-vpc-landing-zone/main.tf b/modules/powervs-vpc-landing-zone/main.tf index 8bd78c0e..7ddc533f 100644 --- a/modules/powervs-vpc-landing-zone/main.tf +++ b/modules/powervs-vpc-landing-zone/main.tf @@ -56,6 +56,22 @@ locals { # SCC Workload Protection Instance module ################################################# +# Create new App Config instance +module "app_config" { + source = "terraform-ibm-modules/app-configuration/ibm" + version = "1.6.2" + providers = { ibm = ibm.ibm-is } + count = var.enable_scc_wp ? 1 : 0 + + region = lookup(local.ibm_powervs_zone_cloud_region_map, var.powervs_zone, null) + resource_group_id = module.landing_zone.resource_group_data["${var.prefix}-slz-service-rg"] + app_config_plan = "basic" + app_config_name = "${var.prefix}-app-config" + app_config_tags = var.tags + enable_config_aggregator = true + config_aggregator_trusted_profile_name = "${var.prefix}-app-config-tp" +} + module "scc_wp_instance" { source = "terraform-ibm-modules/scc-workload-protection/ibm" version = "1.6.1" @@ -70,6 +86,7 @@ module "scc_wp_instance" { resource_key_name = "${var.prefix}-scc-wp-manager-key" resource_key_tags = var.tags cloud_monitoring_instance_crn = local.monitoring_instance.crn != "" ? local.monitoring_instance.crn : null + app_config_crn = var.enable_scc_wp ? module.app_config[0].app_config_crn : null } locals { diff --git a/solutions/standard/README.md b/solutions/standard/README.md index 6e95866e..d779dc37 100644 --- a/solutions/standard/README.md +++ b/solutions/standard/README.md @@ -48,6 +48,7 @@ This example sets up the following infrastructure: |------|---------| | [terraform](#requirement\_terraform) | >= 1.9 | | [ibm](#requirement\_ibm) | 1.78.3 | +| [restapi](#requirement\_restapi) | >=1.20.0, <2.0.0 | ### Modules @@ -57,7 +58,9 @@ This example sets up the following infrastructure: ### Resources -No resources. +| Name | Type | +|------|------| +| [ibm_iam_auth_token.auth_token](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.3/docs/data-sources/iam_auth_token) | data source | ### Inputs diff --git a/solutions/standard/provider.tf b/solutions/standard/provider.tf index 54188d15..ea0573a9 100644 --- a/solutions/standard/provider.tf +++ b/solutions/standard/provider.tf @@ -69,3 +69,16 @@ provider "ibm" { zone = var.powervs_zone ibmcloud_api_key = var.ibmcloud_api_key != null ? var.ibmcloud_api_key : null } + +data "ibm_iam_auth_token" "auth_token" { + provider = ibm.ibm-is +} + +# Null resource replaced with restapi_object to enable CSPM +provider "restapi" { + uri = "https://resource-controller.cloud.ibm.com" + headers = { + Authorization = data.ibm_iam_auth_token.auth_token.iam_access_token + } + write_returns_object = true +} diff --git a/solutions/standard/versions.tf b/solutions/standard/versions.tf index 8a207c6e..1766a255 100644 --- a/solutions/standard/versions.tf +++ b/solutions/standard/versions.tf @@ -9,5 +9,9 @@ terraform { source = "IBM-Cloud/ibm" version = "1.78.3" } + restapi = { + source = "Mastercard/restapi" + version = ">=1.20.0, <2.0.0" + } } } From fce0d6843e9d460e6f0d314403affdb0934d6d33 Mon Sep 17 00:00:00 2001 From: stafaniasaju Date: Mon, 26 May 2025 14:25:04 +0200 Subject: [PATCH 3/5] fix: release changes SKIP UPGRADE TEST: app-configuration for scc_wp_instance --- ibm_catalog.json | 6 +++--- .../deploy-arch-ibm-pvs-inf-standard-extend.md | 6 +++--- .../deploy-arch-ibm-pvs-inf-standard-plus-vsi.md | 6 +++--- .../standard/deploy-arch-ibm-pvs-inf-standard.md | 6 +++--- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index a2ce6332..7758e836 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -560,7 +560,7 @@ { "diagram": { "caption": "Power Virtual Server with VPC landing zone 'Standard Landscape' variation", - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/refs/tags/v8.4.4/reference-architectures/standard/deploy-arch-ibm-pvs-inf-standard.svg", + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/refs/tags/v8.4.5/reference-architectures/standard/deploy-arch-ibm-pvs-inf-standard.svg", "type": "image/svg+xml" }, "description": "The Power Virtual Server with VPC landing zone as variation 'Create a new architecture' deploys VPC services and a Power Virtual Server workspace and interconnects them.\n \nRequired and optional management components are configured." @@ -1218,7 +1218,7 @@ { "diagram": { "caption": "Power Virtual Server with VPC landing zone 'Quickstart' variation", - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/refs/tags/v8.4.4/reference-architectures/standard-plus-vsi/deploy-arch-ibm-pvs-inf-standard-plus-vsi.svg", + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/refs/tags/v8.4.5/reference-architectures/standard-plus-vsi/deploy-arch-ibm-pvs-inf-standard-plus-vsi.svg", "type": "image/svg+xml" }, "description": "The Power Virtual Server with VPC landing zone as 'Quickstart' variation of 'Create a new architecture' option deploys VPC services and a Power Virtual Server workspace and interconnects them. It also creates one Power virtual server instance of chosen t-shirt size or custom configuration.\n \nRequired and optional management components are configured." @@ -1545,7 +1545,7 @@ { "diagram": { "caption": "Power Virtual Server with VPC landing zone 'Extend Standard Landscape' variation", - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/refs/tags/v8.4.4/reference-architectures/standard-extend/deploy-arch-ibm-pvs-inf-standard-extend.svg", + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/refs/tags/v8.4.5/reference-architectures/standard-extend/deploy-arch-ibm-pvs-inf-standard-extend.svg", "type": "image/svg+xml" }, "description": "The Power Virtual Server with VPC landing zone as variation 'Extend Power Virtual Server with VPC landing zone' creates an additional Power Virtual Server workspace and connects it with already created Power Virtual Server with VPC landing zone. It builds on existing Power Virtual Server with VPC landing zone deployed as a variation 'Create a new architecture'." diff --git a/reference-architectures/standard-extend/deploy-arch-ibm-pvs-inf-standard-extend.md b/reference-architectures/standard-extend/deploy-arch-ibm-pvs-inf-standard-extend.md index 66d7ccfb..2b81803b 100644 --- a/reference-architectures/standard-extend/deploy-arch-ibm-pvs-inf-standard-extend.md +++ b/reference-architectures/standard-extend/deploy-arch-ibm-pvs-inf-standard-extend.md @@ -1,7 +1,7 @@ --- copyright: years: 2024, 2025 -lastupdated: "2025-05-23" +lastupdated: "2025-05-26" keywords: subcollection: deployable-reference-architectures authors: @@ -15,7 +15,7 @@ image_source: https://github.com/terraform-ibm-modules/terraform-ibm-powervs-inf use-case: ITServiceManagement industry: Technology content-type: reference-architecture -version: v8.4.4 +version: v8.4.5 compliance: SAPCertified --- @@ -28,7 +28,7 @@ compliance: SAPCertified {: toc-industry="Technology"} {: toc-use-case="ITServiceManagement"} {: toc-compliance="SAPCertified"} -{: toc-version="v8.4.4"} +{: toc-version="v8.4.5"} The Power Virtual Server with VPC landing zone as variation 'Extend Power Virtual Server with VPC landing zone' creates an additional Power Virtual Server workspace and connects it with the already created Power Virtual Server with VPC landing zone. It builds on the existing Power Virtual Server with VPC landing zone deployed as a variation 'Create a new architecture'. diff --git a/reference-architectures/standard-plus-vsi/deploy-arch-ibm-pvs-inf-standard-plus-vsi.md b/reference-architectures/standard-plus-vsi/deploy-arch-ibm-pvs-inf-standard-plus-vsi.md index e0d3d8d9..1b4f5c45 100644 --- a/reference-architectures/standard-plus-vsi/deploy-arch-ibm-pvs-inf-standard-plus-vsi.md +++ b/reference-architectures/standard-plus-vsi/deploy-arch-ibm-pvs-inf-standard-plus-vsi.md @@ -1,7 +1,7 @@ --- copyright: years: 2024, 2025 -lastupdated: "2025-05-23" +lastupdated: "2025-05-26" keywords: subcollection: deployable-reference-architectures authors: @@ -16,7 +16,7 @@ image_source: https://github.com/terraform-ibm-modules/terraform-ibm-powervs-inf use-case: ITServiceManagement industry: Technology content-type: reference-architecture -version: v8.4.4 +version: v8.4.5 compliance: --- @@ -28,7 +28,7 @@ compliance: {: toc-content-type="reference-architecture"} {: toc-industry="Technology"} {: toc-use-case="ITServiceManagement"} -{: toc-version="v8.4.4"} +{: toc-version="v8.4.5"} Quickstart deployment of the Power Virtual Server with VPC landing zone creates VPC services, a Power Virtual Server workspace, and interconnects them. It also deploys a Power Virtual Server of chosen T-shirt size or custom configuration. Supported Os are Aix, IBM i, and Linux images. diff --git a/reference-architectures/standard/deploy-arch-ibm-pvs-inf-standard.md b/reference-architectures/standard/deploy-arch-ibm-pvs-inf-standard.md index 0083bbee..9942c064 100644 --- a/reference-architectures/standard/deploy-arch-ibm-pvs-inf-standard.md +++ b/reference-architectures/standard/deploy-arch-ibm-pvs-inf-standard.md @@ -1,7 +1,7 @@ --- copyright: years: 2024, 2025 -lastupdated: "2025-05-23" +lastupdated: "2025-05-26" keywords: subcollection: deployable-reference-architectures authors: @@ -15,7 +15,7 @@ image_source: https://github.com/terraform-ibm-modules/terraform-ibm-powervs-inf use-case: ITServiceManagement industry: Technology content-type: reference-architecture -version: v8.4.4 +version: v8.4.5 compliance: SAPCertified --- @@ -28,7 +28,7 @@ compliance: SAPCertified {: toc-industry="Technology"} {: toc-use-case="ITServiceManagement"} {: toc-compliance="SAPCertified"} -{: toc-version="v8.4.4"} +{: toc-version="v8.4.5"} The Standard deployment of the Power Virtual Server with VPC landing zone creates VPC services and a Power Virtual Server workspace and interconnects them. From 62695e82cc7ba170913110ee3a166f62509d0546 Mon Sep 17 00:00:00 2001 From: stafaniasaju Date: Mon, 26 May 2025 14:58:56 +0200 Subject: [PATCH 4/5] fix: app-configuration for scc_wp_instance (quickstart) SKIP UPGRADE TEST: app-configuration for scc_wp_instance --- solutions/standard-plus-vsi/README.md | 2 ++ solutions/standard-plus-vsi/provider.tf | 12 ++++++++++++ solutions/standard-plus-vsi/versions.tf | 4 ++++ solutions/standard/README.md | 2 +- solutions/standard/provider.tf | 1 - solutions/standard/versions.tf | 2 +- 6 files changed, 20 insertions(+), 3 deletions(-) diff --git a/solutions/standard-plus-vsi/README.md b/solutions/standard-plus-vsi/README.md index ccd8abfb..b47ac2c3 100644 --- a/solutions/standard-plus-vsi/README.md +++ b/solutions/standard-plus-vsi/README.md @@ -48,6 +48,7 @@ This example sets up the following infrastructure: |------|---------| | [terraform](#requirement\_terraform) | >= 1.9 | | [ibm](#requirement\_ibm) | 1.78.3 | +| [restapi](#requirement\_restapi) | 1.20.0 | ### Modules @@ -60,6 +61,7 @@ This example sets up the following infrastructure: | Name | Type | |------|------| +| [ibm_iam_auth_token.auth_token](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.3/docs/data-sources/iam_auth_token) | data source | | [ibm_pi_catalog_images.catalog_images_ds](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.78.3/docs/data-sources/pi_catalog_images) | data source | ### Inputs diff --git a/solutions/standard-plus-vsi/provider.tf b/solutions/standard-plus-vsi/provider.tf index 54188d15..3f8f7515 100644 --- a/solutions/standard-plus-vsi/provider.tf +++ b/solutions/standard-plus-vsi/provider.tf @@ -69,3 +69,15 @@ provider "ibm" { zone = var.powervs_zone ibmcloud_api_key = var.ibmcloud_api_key != null ? var.ibmcloud_api_key : null } + +data "ibm_iam_auth_token" "auth_token" { + provider = ibm.ibm-is +} + +provider "restapi" { + uri = "https://resource-controller.cloud.ibm.com" + headers = { + Authorization = data.ibm_iam_auth_token.auth_token.iam_access_token + } + write_returns_object = true +} diff --git a/solutions/standard-plus-vsi/versions.tf b/solutions/standard-plus-vsi/versions.tf index 34220038..fe2eab06 100644 --- a/solutions/standard-plus-vsi/versions.tf +++ b/solutions/standard-plus-vsi/versions.tf @@ -9,5 +9,9 @@ terraform { source = "IBM-Cloud/ibm" version = "1.78.3" } + restapi = { + source = "Mastercard/restapi" + version = "1.20.0" + } } } diff --git a/solutions/standard/README.md b/solutions/standard/README.md index d779dc37..70f7fe96 100644 --- a/solutions/standard/README.md +++ b/solutions/standard/README.md @@ -48,7 +48,7 @@ This example sets up the following infrastructure: |------|---------| | [terraform](#requirement\_terraform) | >= 1.9 | | [ibm](#requirement\_ibm) | 1.78.3 | -| [restapi](#requirement\_restapi) | >=1.20.0, <2.0.0 | +| [restapi](#requirement\_restapi) | 1.20.0 | ### Modules diff --git a/solutions/standard/provider.tf b/solutions/standard/provider.tf index ea0573a9..3f8f7515 100644 --- a/solutions/standard/provider.tf +++ b/solutions/standard/provider.tf @@ -74,7 +74,6 @@ data "ibm_iam_auth_token" "auth_token" { provider = ibm.ibm-is } -# Null resource replaced with restapi_object to enable CSPM provider "restapi" { uri = "https://resource-controller.cloud.ibm.com" headers = { diff --git a/solutions/standard/versions.tf b/solutions/standard/versions.tf index 1766a255..f9adcc92 100644 --- a/solutions/standard/versions.tf +++ b/solutions/standard/versions.tf @@ -11,7 +11,7 @@ terraform { } restapi = { source = "Mastercard/restapi" - version = ">=1.20.0, <2.0.0" + version = "1.20.0" } } } From e43e91c862c4af597f02520fe271babeca45ba58 Mon Sep 17 00:00:00 2001 From: stafaniasaju Date: Tue, 27 May 2025 09:55:01 +0200 Subject: [PATCH 5/5] fix: terratest workaround for cspm SKIP UPGRADE TEST: app-configuration for scc_wp_instance --- .secrets.baseline | 4 ++-- tests/pr_test.go | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.secrets.baseline b/.secrets.baseline index 92cbce30..25859af7 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "go.sum|^.secrets.baseline$", "lines": null }, - "generated_at": "2025-05-19T21:33:07Z", + "generated_at": "2025-05-26T17:03:08Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -144,7 +144,7 @@ "hashed_secret": "fa501f2ceec739604d621b521446b88d41a7f76b", "is_secret": false, "is_verified": false, - "line_number": 80, + "line_number": 84, "type": "Secret Keyword", "verified_result": null } diff --git a/tests/pr_test.go b/tests/pr_test.go index 61db2dfe..54768bdb 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -61,6 +61,10 @@ func setupOptionsStandardSolution(t *testing.T, prefix string, powervs_zone stri ResourceGroup: resourceGroup, Region: powervs_zone, ImplicitDestroy: []string{}, + // workaround for https://github.com/terraform-ibm-modules/terraform-ibm-scc-workload-protection/issues/243 + IgnoreAdds: testhelper.Exemptions{ + List: []string{"module.standard.module.scc_wp_instance[0].restapi_object.cspm"}, + }, }) options.TerraformVars = map[string]interface{}{