Feat: Add Service to Service Authorisation DA

[dishankkalra23]

Description

This PR adds Service to Service Authorisation DA in existing module

Issue

#281

Release required?

• No release
• Patch release (x.x.X)
• Minor release (x.X.x)
• Major release (X.x.x)

Release notes content

Run the pipeline

If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.

Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:

/run pipeline

Checklist for reviewers

• If relevant, a test for the change is included or updated with this PR.
• If relevant, documentation for the change is included or updated with this PR.

For mergers

• Use a conventional commit message to set the release level. Follow the guidelines.
• Include information that users need to know about the PR in the commit message. The commit message becomes part of the GitHub release notes.
• Use the Squash and merge option.

[dishankkalra23]

/run pipeline

[dishankkalra23]

/run pipeline

[toddgiguere]

Upgrade test failed which is expected, this PR is already a known breaking change. Due to the renaming of the terraform resources from an indexed count (integer) to a map key (string), it is causing upgrade test to destroy and recreate all policies:

module.service_auth_cbr_rules.ibm_iam_authorization_policy.auth_policies[0] will be destroyed
module.service_auth_cbr_rules.ibm_iam_authorization_policy.auth_policies[1] will be destroyed

module.service_auth_cbr_rules.ibm_iam_authorization_policy.auth_policies["test-policy-1"] will be created
module.service_auth_cbr_rules.ibm_iam_authorization_policy.auth_policies["test-policy-2"] will be created

We will skip upgrade test from this point on.

[toddgiguere]

/run pipeline

[toddgiguere]

/run pipeline

[ocofaigh]

You need to onboard this to the catalog pipeline..

• Add a file called .catalog-onboard-pipeline.yaml The catalog ID is 7df1e4ca-d54c-4fd0-82ce-3d13247308cd and the offering ID is 51b92aab-bbf2-489e-b462-bf7bd547961b (see other DA repos for examples of this file)
• Update the .releaserc to trigger the pipeline for every new release generated. Add this line -> https://github.com/terraform-ibm-modules/terraform-ibm-secrets-manager/blob/d11524626244fea3be600a526fa109783c4b88c5/.releaserc#L14-L16

[ocofaigh]

please follow the guidance here for prefix input

[dishankkalra23]

Updated var.prefix

[dishankkalra23]

@ocofaigh Regarding the prefix variable, it is safe to remove prefix from the DA as it is not used in the creation of the auth policy. It was only referenced in cbr_rules here which we have already disabled by default here.

[ocofaigh]

please use the HCL editor for this

[dishankkalra23]

@ocofaigh what's the type for hcl editor? is it "code_editor"?

[ocofaigh]

No need to expose this in the example as a variable. Just set it to false in the main.tf of the example. We don't want examples to become flexible solutions

[dishankkalra23]

/run pipeline

[dishankkalra23]

/run pipeline

[ocofaigh]

This is a complex object - consumers of the DA will not know the required format. A helper markdown doc is required that this description should link to. For example -> https://github.com/terraform-ibm-modules/terraform-ibm-kms-all-inclusive/blob/main/solutions/fully-configurable/DA-keys.md

[dishankkalra23]

Can we get an initial release of the DA and later I can add the helper doc after coming from leave next week?

[ocofaigh]

Left another comment - please stop triggering pipeline until it has been approved

[dishankkalra23]

/run pipeline

[dishankkalra23]

Left another comment - please stop triggering pipeline until it has been approved

Just saw the comment after triggering it.

[terraform-ibm-modules-ops]

🎉 This PR is included in version 2.0.0 🎉

The release is available on:

• GitHub release
• v2.0.0

Your semantic-release bot 📦🚀