terraform-ibm-modules
diff --git a/‎.secrets.baseline‎
Lines changed: 0 additions & 20 deletions b/‎.secrets.baseline‎
Lines changed: 0 additions & 20 deletions
diff --git a/‎ibm_catalog.json‎
Lines changed: 139 additions & 46 deletions b/‎ibm_catalog.json‎
Lines changed: 139 additions & 46 deletions
diff --git a/‎modules/ansible/main.tf‎
Lines changed: 2 additions & 2 deletions b/‎modules/ansible/main.tf‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎modules/ansible/variables.tf‎
Lines changed: 7 additions & 7 deletions b/‎modules/ansible/variables.tf‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎modules/pi-sap-system-type1/README.md‎
Lines changed: 4 additions & 4 deletions b/‎modules/pi-sap-system-type1/README.md‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎modules/pi-sap-system-type1/variables.tf‎
Lines changed: 1 addition & 1 deletion b/‎modules/pi-sap-system-type1/variables.tf‎
Lines changed: 1 addition & 1 deletion
@@ -107,26 +107,6 @@
         "verified_result": null
       }
     ],
-    "solutions/sap-ready-to-go/README.md": [
-      {
-        "hashed_secret": "2254481e1661d8f017a712b0d1ad9a14fd9460a3",
-        "is_secret": false,
-        "is_verified": false,
-        "line_number": 60,
-        "type": "Secret Keyword",
-        "verified_result": null
-      }
-    ],
-    "solutions/sap-ready-to-go/input.tfvars": [
-      {
-        "hashed_secret": "4d82fc4e8ef3a90cebdf3a1fc0e4abab79a41391",
-        "is_secret": false,
-        "is_verified": false,
-        "line_number": 18,
-        "type": "Secret Keyword",
-        "verified_result": null
-      }
-    ],
     "tests/pr_test.go": [
       {
         "hashed_secret": "c7c6508b19455e3e8040e60e9833fbede92e5d8e",
 
@@ -49,40 +49,13 @@
         {
           "label": "SAP ready PowerVS",
           "name": "sap-ready-to-go",
-          "install_type": "extension",
+          "install_type": "fullstack",
           "working_directory": "solutions/ibm-catalog/sap-ready-to-go",
           "compliance": {
             "authority": "",
             "profiles": []
           },
-          "dependencies": [
-            {
-              "flavors": [
-                "standard",
-                "standard-extend"
-              ],
-              "id": "2dd486c7-b317-4aaa-907b-42671485ad96-global",
-              "name": "deploy-arch-ibm-pvs-inf",
-              "install_type": "fullstack",
-              "optional": true,
-              "version": ">=8.0.0"
-            }
-          ],
           "configuration": [
-            {
-              "key": "prerequisite_workspace_id",
-              "required": true,
-              "custom_config": {
-                "config_constraints": {
-                  "catalogID": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc",
-                  "offeringID": "2dd486c7-b317-4aaa-907b-42671485ad96-global",
-                  "versionConstraint": ">=8.0.0"
-                },
-                "grouping": "deployment",
-                "original_grouping": "deployment",
-                "type": "schematics_workspace"
-              }
-            },
             {
               "key": "powervs_zone",
               "type": "string",
@@ -164,6 +137,19 @@
               ],
               "custom_config": {}
             },
+            {
+              "key": "powervs_resource_group_name",
+              "required": true,
+              "default_value": "",
+              "custom_config": {
+                "config_constraints": {
+                  "identifier": "rg_name"
+                },
+                "grouping": "deployment",
+                "original_grouping": "deployment",
+                "type": "resource_group"
+              }
+            },
             {
               "key": "prefix",
               "required": true,
@@ -202,6 +188,26 @@
               "key": "powervs_netweaver_memory_size",
               "required": true
             },
+            {
+              "key": "external_access_ip",
+              "default_value": "__NULL__",
+              "required": true
+            },
+            {
+              "key": "powervs_sap_network_cidr",
+              "required": true
+            },
+            {
+              "key": "ssh_public_key",
+              "type": "multiline_secure_value",
+              "display_name": "ssh_public_key",
+              "required": true,
+              "custom_config": {
+                "grouping": "deployment",
+                "original_grouping": "deployment",
+                "type": "multiline_secure_value"
+              }
+            },
             {
               "key": "ssh_private_key",
               "type": "multiline_secure_value",
@@ -225,20 +231,36 @@
               }
             },
             {
-              "key": "sap_domain"
+              "key": "client_to_site_vpn",
+              "required": true
             },
             {
-              "key": "nfs_directory",
-              "hidden": true
+              "key": "sap_domain",
+              "required": true
             },
             {
-              "key": "powervs_sap_network_cidr"
+              "key": "enable_monitoring",
+              "required": true
             },
             {
-              "key": "powervs_hana_instance_name"
+              "key": "enable_scc_wp",
+              "required": true
             },
             {
-              "key": "powervs_netweaver_instance_name"
+              "key": "nfs_server_config",
+              "required": true
+            },
+            {
+              "key": "ansible_vault_password",
+              "type": "multiline_secure_value",
+              "required": true,
+              "default_value": "__NULL__",
+              "display_name": "ansible_vault_password",
+              "custom_config": {
+                "grouping": "deployment",
+                "original_grouping": "deployment",
+                "type": "multiline_secure_value"
+              }
             },
             {
               "key": "powervs_hana_instance_custom_storage_config",
@@ -264,6 +286,14 @@
                 "type": "code_editor"
               }
             },
+            {
+              "key": "vpc_intel_images",
+              "custom_config": {
+                "grouping": "deployment",
+                "original_grouping": "deployment",
+                "type": "code_editor"
+              }
+            },
             {
               "key": "powervs_default_sap_images",
               "custom_config": {
@@ -286,37 +316,100 @@
               }
             },
             {
-              "key": "ansible_vault_password",
+              "key": "powervs_custom_images",
+              "custom_config": {
+                "grouping": "deployment",
+                "original_grouping": "deployment",
+                "type": "code_editor"
+              }
+            },
+            {
+              "key": "powervs_custom_image_cos_configuration",
+              "custom_config": {
+                "grouping": "deployment",
+                "original_grouping": "deployment",
+                "type": "code_editor"
+              }
+            },
+            {
+              "key": "powervs_custom_image_cos_service_credentials",
               "type": "multiline_secure_value",
-              "display_name": "ansible_vault_password",
               "custom_config": {
                 "grouping": "deployment",
                 "original_grouping": "deployment",
                 "type": "multiline_secure_value"
               }
-            }
-          ],
-          "outputs": [
+            },
             {
-              "key": "infrastructure_data"
+              "key": "tags",
+              "custom_config": {
+                "grouping": "deployment",
+                "original_grouping": "deployment",
+                "type": "code_editor"
+              }
             },
             {
-              "key": "access_host_or_ip"
+              "key": "existing_monitoring_instance_crn"
             },
             {
-              "key": "powervs_hana_instance_ips"
+              "key": "sm_service_plan"
             },
             {
-              "key": "powervs_hana_instance_management_ip"
+              "key": "existing_sm_instance_guid"
             },
             {
-              "key": "powervs_netweaver_instance_ips"
+              "key": "existing_sm_instance_region",
+              "type": "string",
+              "default_value": "__NULL__",
+              "options": [
+                {
+                  "displayname": "Null",
+                  "value": "__NULL__"
+                },
+                {
+                  "displayname": "au-syd",
+                  "value": "au-syd"
+                },
+                {
+                  "displayname": "br-sao",
+                  "value": "br-sao"
+                },
+                {
+                  "displayname": "ca-tor",
+                  "value": "ca-tor"
+                },
+                {
+                  "displayname": "eu-de",
+                  "value": "eu-de"
+                },
+                {
+                  "displayname": "eu-gb",
+                  "value": "eu-gb"
+                },
+                {
+                  "displayname": "jp-osa",
+                  "value": "jp-osa"
+                },
+                {
+                  "displayname": "jp-tok",
+                  "value": "jp-tok"
+                },
+                {
+                  "displayname": "us-east",
+                  "value": "us-east"
+                },
+                {
+                  "displayname": "us-south",
+                  "value": "us-south"
+                }
+              ],
+              "custom_config": {}
             },
             {
-              "key": "powervs_netweaver_instance_management_ips"
+              "key": "powervs_management_network"
             },
             {
-              "key": "powervs_lpars_data"
+              "key": "powervs_backup_network"
             }
           ],
           "iam_permissions": [
 
@@ -67,7 +67,7 @@ resource "terraform_data" "trigger_ansible_vars" {
 
 resource "terraform_data" "execute_playbooks" {
   depends_on = [terraform_data.setup_ansible_host]
-  count      = var.ansible_vault_password != null ? 0 : 1
+  count      = var.ansible_vault_password != "" ? 0 : 1
 
   connection {
     type         = "ssh"
@@ -138,7 +138,7 @@ resource "terraform_data" "execute_playbooks" {
 
 resource "terraform_data" "execute_playbooks_with_vault" {
   depends_on = [terraform_data.setup_ansible_host]
-  count      = var.ansible_vault_password != null ? 1 : 0
+  count      = var.ansible_vault_password != "" ? 1 : 0
 
   connection {
     type         = "ssh"
 
@@ -63,29 +63,29 @@ variable "ansible_vault_password" {
   description = "Vault password to encrypt ansible variable file for SAP installation. Password requirements: 15-100 characters and at least one uppercase letter, one lowercase letter, one number, and one special character. Allowed characters: A-Z, a-z, 0-9, !#$%&()*+-.:;<=>?@[]_{|}~."
   type        = string
   sensitive   = true
-  default     = null
+  default     = ""
   validation {
-    condition     = var.ansible_vault_password == null ? true : (length(var.ansible_vault_password) >= 15 && length(var.ansible_vault_password) <= 100)
+    condition     = var.ansible_vault_password == "" ? true : (length(var.ansible_vault_password) >= 15 && length(var.ansible_vault_password) <= 100)
     error_message = "ansible_vault_password needs to be between 15 and 100 characters in length."
   }
   validation {
-    condition     = var.ansible_vault_password == null ? true : can(regex("[A-Z]", var.ansible_vault_password))
+    condition     = var.ansible_vault_password == "" ? true : can(regex("[A-Z]", var.ansible_vault_password))
     error_message = "ansible_vault_password needs to contain at least one uppercase character (A-Z)."
   }
   validation {
-    condition     = var.ansible_vault_password == null ? true : can(regex("[a-z]", var.ansible_vault_password))
+    condition     = var.ansible_vault_password == "" ? true : can(regex("[a-z]", var.ansible_vault_password))
     error_message = "ansible_vault_password needs to contain at least one lowercase character (a-z)."
   }
   validation {
-    condition     = var.ansible_vault_password == null ? true : can(regex("[0-9]", var.ansible_vault_password))
+    condition     = var.ansible_vault_password == "" ? true : can(regex("[0-9]", var.ansible_vault_password))
     error_message = "ansible_vault_password needs to contain at least one number (0-9)."
   }
   validation {
-    condition     = var.ansible_vault_password == null ? true : can(regex("[!#$%&()*+\\-.:;<=>?@[\\]_{|}~]", var.ansible_vault_password))
+    condition     = var.ansible_vault_password == "" ? true : can(regex("[!#$%&()*+\\-.:;<=>?@[\\]_{|}~]", var.ansible_vault_password))
     error_message = "ansible_vault_password needs to contain at least one of the following special characters: !#$%&()*+-.:;<=>?@[]_{|}~"
   }
   validation {
-    condition     = var.ansible_vault_password == null ? true : can(regex("^[A-Za-z0-9!#$%&()*+\\-.:;<=>?@[\\]_{|}~]+$", var.ansible_vault_password))
+    condition     = var.ansible_vault_password == "" ? true : can(regex("^[A-Za-z0-9!#$%&()*+\\-.:;<=>?@[\\]_{|}~]+$", var.ansible_vault_password))
     error_message = "ansible_vault_password contains illegal characters. Allowed characters: A-Z, a-z, 0-9, !#$%&()*+-.:;<=>?@[]_{|}~"
   }
 }
 
@@ -32,10 +32,10 @@ The Power Virtual Server for SAP module automates the following tasks:
 | <a name="module_ansible_pi_netweaver_secondary_instances_sapmnt_mount"></a> [ansible\_pi\_netweaver\_secondary\_instances\_sapmnt\_mount](#module\_ansible\_pi\_netweaver\_secondary\_instances\_sapmnt\_mount) | ../ansible | n/a |
 | <a name="module_ansible_sap_instance_init"></a> [ansible\_sap\_instance\_init](#module\_ansible\_sap\_instance\_init) | ../ansible | n/a |
 | <a name="module_configure_scc_wp_agent"></a> [configure\_scc\_wp\_agent](#module\_configure\_scc\_wp\_agent) | ../ansible | n/a |
-| <a name="module_pi_hana_instance"></a> [pi\_hana\_instance](#module\_pi\_hana\_instance) | terraform-ibm-modules/powervs-instance/ibm | 2.7.0 |
+| <a name="module_pi_hana_instance"></a> [pi\_hana\_instance](#module\_pi\_hana\_instance) | terraform-ibm-modules/powervs-instance/ibm | 2.8.0 |
 | <a name="module_pi_hana_storage_calculation"></a> [pi\_hana\_storage\_calculation](#module\_pi\_hana\_storage\_calculation) | ../pi-hana-storage-config | n/a |
-| <a name="module_pi_netweaver_primary_instance"></a> [pi\_netweaver\_primary\_instance](#module\_pi\_netweaver\_primary\_instance) | terraform-ibm-modules/powervs-instance/ibm | 2.7.0 |
-| <a name="module_pi_netweaver_secondary_instances"></a> [pi\_netweaver\_secondary\_instances](#module\_pi\_netweaver\_secondary\_instances) | terraform-ibm-modules/powervs-instance/ibm | 2.7.0 |
+| <a name="module_pi_netweaver_primary_instance"></a> [pi\_netweaver\_primary\_instance](#module\_pi\_netweaver\_primary\_instance) | terraform-ibm-modules/powervs-instance/ibm | 2.8.0 |
+| <a name="module_pi_netweaver_secondary_instances"></a> [pi\_netweaver\_secondary\_instances](#module\_pi\_netweaver\_secondary\_instances) | terraform-ibm-modules/powervs-instance/ibm | 2.8.0 |
 
 ### Resources
 
@@ -48,7 +48,7 @@ The Power Virtual Server for SAP module automates the following tasks:
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_ansible_vault_password"></a> [ansible\_vault\_password](#input\_ansible\_vault\_password) | Vault password to encrypt OS registration parameters. Only required with customer provided linux subscription (pi\_os\_registration). Password requirements: 15-100 characters and at least one uppercase letter, one lowercase letter, one number, and one special character. Allowed characters: A-Z, a-z, 0-9, !#$%&()*+-.:;<=>?@[]\_{\|}~. | `string` | `null` | no |
+| <a name="input_ansible_vault_password"></a> [ansible\_vault\_password](#input\_ansible\_vault\_password) | Vault password to encrypt OS registration parameters. Only required with customer provided linux subscription (pi\_os\_registration). Password requirements: 15-100 characters and at least one uppercase letter, one lowercase letter, one number, and one special character. Allowed characters: A-Z, a-z, 0-9, !#$%&()*+-.:;<=>?@[]\_{\|}~. | `string` | `""` | no |
 | <a name="input_pi_hana_instance"></a> [pi\_hana\_instance](#input\_pi\_hana\_instance) | PowerVS SAP HANA instance hostname (non FQDN). Will get the form of <var.prefix>-<var.pi\_hana\_instance.name>. Max length of final hostname must be <= 13 characters.'sap\_profile\_id' Must be one of the supported profiles. See [here](https://cloud.ibm.com/docs/sap?topic=sap-hana-iaas-offerings-profiles-power-vs). File system sizes are automatically calculated. Override automatic calculation by setting values in optional 'pi\_hana\_instance\_custom\_storage\_config' parameter. 'additional\_storage\_config' additional File systems to be created and attached to PowerVS SAP HANA instance. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. | <pre>object({<br/>    name           = string<br/>    image_id       = string<br/>    sap_profile_id = string<br/>    additional_storage_config = list(object({<br/>      name  = string<br/>      size  = string<br/>      count = string<br/>      tier  = string<br/>      mount = string<br/>    }))<br/>  })</pre> | <pre>{<br/>  "additional_storage_config": [<br/>    {<br/>      "count": "1",<br/>      "mount": "/usr/sap",<br/>      "name": "usrsap",<br/>      "size": "50",<br/>      "tier": "tier3"<br/>    }<br/>  ],<br/>  "image_id": "insert_value_here",<br/>  "name": "hana",<br/>  "sap_profile_id": "ush1-4x256"<br/>}</pre> | no |
 | <a name="input_pi_hana_instance_custom_storage_config"></a> [pi\_hana\_instance\_custom\_storage\_config](#input\_pi\_hana\_instance\_custom\_storage\_config) | Custom file systems to be created and attached to PowerVS SAP HANA instance. 'size' is in GB. 'count' specify over how many storage volumes the file system will be striped. 'tier' specifies the storage tier in PowerVS workspace. 'mount' specifies the target mount point on OS. | <pre>list(object({<br/>    name  = string<br/>    size  = string<br/>    count = string<br/>    tier  = string<br/>    mount = string<br/>  }))</pre> | <pre>[<br/>  {<br/>    "count": "",<br/>    "mount": "",<br/>    "name": "",<br/>    "size": "",<br/>    "tier": ""<br/>  }<br/>]</pre> | no |
 | <a name="input_pi_instance_init_linux"></a> [pi\_instance\_init\_linux](#input\_pi\_instance\_init\_linux) | Configures a PowerVS linux instance to have internet access by setting proxy on it, updates os and create filesystems using ansible collection [ibm.power\_linux\_sap collection](https://galaxy.ansible.com/ui/repo/published/ibm/power_linux_sap/) where 'bastion\_host\_ip' is public IP of bastion/jump host to access the 'ansible\_host\_or\_ip' private IP of ansible node. This ansible host must have access to the power virtual server instance and ansible host OS must be RHEL distribution. | <pre>object(<br/>    {<br/>      enable             = bool<br/>      bastion_host_ip    = string<br/>      ansible_host_or_ip = string<br/>      ssh_private_key    = string<br/>      custom_os_registration = optional(object({<br/>        username = string<br/>        password = string<br/>      }))<br/>    }<br/>  )</pre> | n/a | yes |
 
@@ -44,7 +44,7 @@ variable "ansible_vault_password" {
 
   type      = string
   sensitive = true
-  default   = null
+  default   = ""
 }
Original file line number	Diff line number	Diff line change
`@@ -63,29 +63,29 @@ variable "ansible_vault_password" {`
`63`	`63`	`description = "Vault password to encrypt ansible variable file for SAP installation. Password requirements: 15-100 characters and at least one uppercase letter, one lowercase letter, one number, and one special character. Allowed characters: A-Z, a-z, 0-9, !#$%&()*+-.:;<=>?@[]_{\|}~."`
`64`	`64`	`type = string`
`65`	`65`	`sensitive = true`
`66`		`- default = null`
	`66`	`+ default = ""`
`67`	`67`	`validation {`
`68`		`- condition = var.ansible_vault_password == null ? true : (length(var.ansible_vault_password) >= 15 && length(var.ansible_vault_password) <= 100)`
	`68`	`+ condition = var.ansible_vault_password == "" ? true : (length(var.ansible_vault_password) >= 15 && length(var.ansible_vault_password) <= 100)`
`69`	`69`	`error_message = "ansible_vault_password needs to be between 15 and 100 characters in length."`
`70`	`70`	`}`
`71`	`71`	`validation {`
`72`		`- condition = var.ansible_vault_password == null ? true : can(regex("[A-Z]", var.ansible_vault_password))`
	`72`	`+ condition = var.ansible_vault_password == "" ? true : can(regex("[A-Z]", var.ansible_vault_password))`
`73`	`73`	`error_message = "ansible_vault_password needs to contain at least one uppercase character (A-Z)."`
`74`	`74`	`}`
`75`	`75`	`validation {`
`76`		`- condition = var.ansible_vault_password == null ? true : can(regex("[a-z]", var.ansible_vault_password))`
	`76`	`+ condition = var.ansible_vault_password == "" ? true : can(regex("[a-z]", var.ansible_vault_password))`
`77`	`77`	`error_message = "ansible_vault_password needs to contain at least one lowercase character (a-z)."`
`78`	`78`	`}`
`79`	`79`	`validation {`
`80`		`- condition = var.ansible_vault_password == null ? true : can(regex("[0-9]", var.ansible_vault_password))`
	`80`	`+ condition = var.ansible_vault_password == "" ? true : can(regex("[0-9]", var.ansible_vault_password))`
`81`	`81`	`error_message = "ansible_vault_password needs to contain at least one number (0-9)."`
`82`	`82`	`}`
`83`	`83`	`validation {`
`84`		`- condition = var.ansible_vault_password == null ? true : can(regex("[!#$%&()*+\\-.:;<=>?@[\\]_{\|}~]", var.ansible_vault_password))`
	`84`	`+ condition = var.ansible_vault_password == "" ? true : can(regex("[!#$%&()*+\\-.:;<=>?@[\\]_{\|}~]", var.ansible_vault_password))`
`85`	`85`	`error_message = "ansible_vault_password needs to contain at least one of the following special characters: !#$%&()*+-.:;<=>?@[]_{\|}~"`
`86`	`86`	`}`
`87`	`87`	`validation {`
`88`		`- condition = var.ansible_vault_password == null ? true : can(regex("^[A-Za-z0-9!#$%&()*+\\-.:;<=>?@[\\]_{\|}~]+$", var.ansible_vault_password))`
	`88`	`+ condition = var.ansible_vault_password == "" ? true : can(regex("^[A-Za-z0-9!#$%&()*+\\-.:;<=>?@[\\]_{\|}~]+$", var.ansible_vault_password))`
`89`	`89`	`error_message = "ansible_vault_password contains illegal characters. Allowed characters: A-Z, a-z, 0-9, !#$%&()*+-.:;<=>?@[]_{\|}~"`
`90`	`90`	`}`
`91`	`91`	`}`
Original file line number	Diff line number	Diff line change
`@@ -44,7 +44,7 @@ variable "ansible_vault_password" {`
`44`	`44`
`45`	`45`	`type = string`
`46`	`46`	`sensitive = true`
`47`		`- default = null`
	`47`	`+ default = ""`
`48`	`48`	`}`
`49`	`49`
`50`	`50`