Skip to content

fix(deps): update terraform-module #228

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 23, 2025
Merged

fix(deps): update terraform-module #228

merged 2 commits into from
Apr 23, 2025

Conversation

@MatthewLemmond
Copy link
Member

@MatthewLemmond MatthewLemmond commented Apr 22, 2025
edited
Loading

Description

PR to fix failures seen in #206, failing because of upgrade test seeing changes/deletions due to changes in the COS bucket lifecycle arguments. Link to the failed pipeline run: https://github.com/terraform-ibm-modules/terraform-ibm-s2s-auth/actions/runs/14562532493

Manual Upgrade Test output 
module.service_auth_cbr_rules.module.cbr_rules.data.ibm_iam_account_settings.iam_account_settings: Reading...
module.resource_group.ibm_resource_group.resource_group[0]: Refreshing state... [id=ab26923bd3804da686bdcbce8cb06758]
module.service_auth_cbr_rules.module.cbr_rules.data.ibm_iam_account_settings.iam_account_settings: Read complete after 1s [id=abac0df06b644a9cabc6e44f55b3880e]
module.key_protect_instance.ibm_resource_instance.key_protect_instance: Refreshing state... [id=crn:v1:bluemix:public:kms:us-south:a/abac0df06b644a9cabc6e44f55b3880e:599b3f82-4dc9-4ae3-b666-e78213e95724::]
module.cos_instance.ibm_resource_instance.cos_instance[0]: Refreshing state... [id=crn:v1:bluemix:public:cloud-object-storage:global:a/abac0df06b644a9cabc6e44f55b3880e:4ccd9eaa-4288-4a0e-8e72-f891b51b01a0::]
ibm_is_vpc.vpc_instance: Refreshing state... [id=r006-d1891995-c1b6-4dc9-8e03-71516ce5b793]
module.key_protect_instance.ibm_kms_instance_policies.key_protect_instance_policies: Refreshing state... [id=crn:v1:bluemix:public:kms:us-south:a/abac0df06b644a9cabc6e44f55b3880e:599b3f82-4dc9-4ae3-b666-e78213e95724::]
module.service_auth_cbr_rules.ibm_iam_authorization_policy.auth_policies[2]: Refreshing state... [id=260ff9a0-8c35-43e1-b77f-d0f053be8b48]
module.service_auth_cbr_rules.ibm_iam_authorization_policy.auth_policies[1]: Refreshing state... [id=2a342f14-92ce-4006-a16c-3212f57e33c1]
module.service_auth_cbr_rules.ibm_iam_authorization_policy.auth_policies[0]: Refreshing state... [id=b193fbc8-c8d8-40e1-a16a-c53e4cf649a0]
module.cos_instance.ibm_cos_bucket.cos_bucket1[0]: Refreshing state... [id=crn:v1:bluemix:public:cloud-object-storage:global:a/abac0df06b644a9cabc6e44f55b3880e:4ccd9eaa-4288-4a0e-8e72-f891b51b01a0:bucket:complete-s2s-cos-bucket:meta:rl:us-south:public]
module.service_auth_cbr_rules.module.cbr_rules.module.cbr_zone[1].ibm_cbr_zone.cbr_zone[0]: Refreshing state... [id=38e644d62da87a3b159f89312c6874bb]
module.service_auth_cbr_rules.module.cbr_rules.module.cbr_zone[0].ibm_cbr_zone.cbr_zone[0]: Refreshing state... [id=1c1091009321de6e0f28b3945a6bc228]
module.service_auth_cbr_rules.module.cbr_rules.module.cbr_rule[0].ibm_cbr_rule.cbr_rule: Refreshing state... [id=e8820205d2064532042b65273b68dba4]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create
  ~ update in-place

Terraform will perform the following actions:

  # module.cos_instance.ibm_cos_bucket.cos_bucket1[0] will be updated in-place
  ~ resource "ibm_cos_bucket" "cos_bucket1" {
        id                   = "crn:v1:bluemix:public:cloud-object-storage:global:a/abac0df06b644a9cabc6e44f55b3880e:4ccd9eaa-4288-4a0e-8e72-f891b51b01a0:bucket:complete-s2s-cos-bucket:meta:rl:us-south:public"
        # (12 unchanged attributes hidden)

      - archive_rule {
          - days    = 90 -> null
          - enable  = true -> null
          - rule_id = "ab5d4e92-f62c-40af-893c-ffc20b9a82e6" -> null
          - type    = "GLACIER" -> null
        }

      - expire_rule {
          - days                         = 365 -> null
          - enable                       = true -> null
          - expired_object_delete_marker = false -> null
          - rule_id                      = "bce78d58-72db-403a-bb26-4f9acc479c5c" -> null
            # (2 unchanged attributes hidden)
        }

        # (2 unchanged blocks hidden)
    }

  # module.cos_instance.ibm_cos_bucket_lifecycle_configuration.cos_bucket_lifecycle[0] will be created
  + resource "ibm_cos_bucket_lifecycle_configuration" "cos_bucket_lifecycle" {
      + bucket_crn      = "crn:v1:bluemix:public:cloud-object-storage:global:a/abac0df06b644a9cabc6e44f55b3880e:4ccd9eaa-4288-4a0e-8e72-f891b51b01a0:bucket:complete-s2s-cos-bucket"
      + bucket_location = "us-south"
      + endpoint_type   = "public"
      + id              = (known after apply)

      + lifecycle_rule {
          + rule_id = "expiry-rule"
          + status  = "enable"

          + expiration {
              + days                         = 365
              + expired_object_delete_marker = (known after apply)
            }

          + filter {
                # (1 unchanged attribute hidden)
            }
        }
      + lifecycle_rule {
          + rule_id = "archive-rule"
          + status  = "enable"

          + filter {
                # (1 unchanged attribute hidden)
            }

          + transition {
              + days          = 90
              + storage_class = "GLACIER"
            }
        }
    }

  # module.cos_instance.time_sleep.wait_for_cos_bucket_lifecycle[0] will be created
  + resource "time_sleep" "wait_for_cos_bucket_lifecycle" {
      + create_duration = "90s"
      + id              = (known after apply)
    }

Plan: 2 to add, 1 to change, 0 to destroy.

Release required?

  • No release
  • Patch release (x.x.X)
  • Minor release (x.X.x)
  • Major release (X.x.x)
Release notes content

Renovate Release Notes from #206

Package Type Update Change
terraform-ibm-modules/cbr/ibm (source) module minor 1.29.0 -> 1.30.0
terraform-ibm-modules/cos/ibm (source) module minor 8.16.5 -> 8.21.13
terraform-ibm-modules/key-protect/ibm (source) module minor 2.9.0 -> 2.10.1
terraform-ibm-modules/resource-group/ibm (source) module minor 1.1.6 -> 1.2.0

Release Notes

terraform-ibm-modules/terraform-ibm-cbr (terraform-ibm-modules/cbr/ibm)

v1.30.0

Compare Source

Features
  • Updated services list to support CBR
    - New supported services "atracker", "logs", "ghost-tags"
    - Deprecated services "databases-for-cassandra", "logdna", "logdnaat" (#​641) (be6a290)

v1.29.1

Compare Source

Bug Fixes
terraform-ibm-modules/terraform-ibm-cos (terraform-ibm-modules/cos/ibm)

v8.21.13

Compare Source

Bug Fixes
  • deps: update terraform ibm to latest for the deployable architecture solution (#​858) (b022096)

v8.21.12

Compare Source

Bug Fixes
  • deps: update terraform terraform-ibm-modules/kms-all-inclusive/ibm to v4.21.10 (#​862) (bc62fc9)

v8.21.11

Compare Source

Bug Fixes
  • deps: update terraform terraform-ibm-modules/kms-all-inclusive/ibm to v4.21.9 (#​861) (93790ba)

v8.21.10

Compare Source

Bug Fixes
  • deps: update terraform terraform-ibm-modules/cbr/ibm to v1.30.0 (#​860) (4641cdc)

v8.21.9

Compare Source

Bug Fixes
  • deps: update terraform terraform-ibm-modules/kms-all-inclusive/ibm to v4.21.8 (#​857) (89e16ab)

v8.21.8

Compare Source

Bug Fixes

v8.21.7

Compare Source

Bug Fixes

v8.21.6

Compare Source

Bug Fixes
  • deps: update terraform ibm to latest for the deployable architecture solution (#​851) (6d159d7)

v8.21.5

Compare Source

Bug Fixes
  • deps: update terraform terraform-ibm-modules/secrets-manager/ibm to v2 (#​853) (33abb97)

v8.21.4

Compare Source

Bug Fixes
  • add missing endpoint_type to the ibm_cos_bucket_lifecycle_configuration resource (#​850) (f548200)

v8.21.3

Compare Source

Bug Fixes

v8.21.2

Compare Source

Bug Fixes
  • deps: update terraform ibm to latest for the deployable architecture solution (#​845) (b123a13)

v8.21.1

Compare Source

Bug Fixes
  • deps: update terraform terraform-ibm-modules/secrets-manager/ibm to v1.25.3 (#​846) (fe0a6e2)

v8.21.0

Compare Source

Features
  • added new output cos_instance_crn to the instance DA (#​843) (2ab2aac)

v8.20.2

Compare Source

Bug Fixes

v8.20.1

Compare Source

Bug Fixes

v8.20.0

Compare Source

Features
  • The following inputs have been renamed in the instances DA variation:
    - existing_resource_group -> use_existing_resource_group
    - skip_cos_sm_auth_policy -> skip_secrets_manager_cos_iam_auth_policy
    - instance_cbr_rules -> cos_instance_cbr_rules
  • Added support to both bucket variation to use a prefix value
  • The following inputs have been renamed in the bucket DA variations:
    - skip_iam_authorization_policy -> skip_cos_kms_iam_auth_policy
    - hard_quota -> bucket_hard_quota
    - object_versioning_enabled -> enable_object_versioning
    - retention_enabled -> enable_retention
    - retention_default -> default_retention_days
    - retention_maximum -> maximum_retention_days
    - retention_minimum -> minimum_retention_days
    - retention_permanent -> enable_permanent_retention
    - object_locking_enabled -> enable_object_locking
  • The following input haa been renamed in the bucket DA variations:
    - existing_cos_instance_id -> existing_cos_instance_crn (#​831) (7a5b631)

v8.19.8

Compare Source

Bug Fixes

v8.19.7

Compare Source

Bug Fixes
  • deps: update required_provider to latest for the deployable architecture solution (#​827) (b2f6f09)

v8.19.6

Compare Source

Bug Fixes

v8.19.5

Compare Source

Bug Fixes
  • deps: update terraform terraform-ibm-modules/secrets-manager/ibm to v1.24.3 (#​832) (0e261cf)

v8.19.4

Compare Source

Bug Fixes

v8.19.3

Compare Source

Bug Fixes

v8.19.2

Compare Source

Bug Fixes

v8.19.1

Compare Source

Bug Fixes
  • deps: update terraform ibm to latest for the deployable architecture solution (#​813) (64e0a00)

v8.19.0

Compare Source

Features
  • improved user experience for validating input variable values
    * updated required terraform to be >= 1.9.0 (#​821) (a1cb65f)

v8.18.0

Compare Source

(#​820) (31bd240)

Features
  • updated the service_credential_secrets input object schema of the DA to support creating service specific roles
    • The service_credentials_source_service_role attribute has been renamed to service_credentials_source_service_role_crn and now requires a full CRN value. For example:
      service_credentials_source_service_role_crn = "crn:v1:bluemix:public:cloud-object-storage::::serviceRole:ObjectWriter"`
    • For detailed usage, see Service credential secrets

v8.17.2

Compare Source

Bug Fixes
  • lock the time provider to specific version in the DA (#​819) (4765387)

v8.17.1

Compare Source

Bug Fixes
  • Added a default prefix value to the DA (cos). NOTE: It is still supported to pass null (or __NULL__ if in projects / schematics) if you do not wan't to use any prefix (#​812) (2876761)

v8.17.0

Compare Source

Features (#​769) (acd33fc)
  • updated configuration to use the new ibm_cos_bucket_lifecycle_configuration for managing lifecycle configuration for a bucket since the legacy approach is now deprecated. Migrating to the new schema addresses the limitations where one cannot create a rule with same rule id that has transition, expiration and abort_incomplete simultaneously, and not being able to create multiple abort_incomplete_multipart_upload rules.
  • support has been added to optionally apply an expire or archive prefix filter using new inputs expire_filter_prefix and archive_filter_prefix

Upgrade note: When upgrading to this version, existing buckets will be updated in-place to migrate to the new lifecycle configuration.

terraform-ibm-modules/terraform-ibm-key-protect (terraform-ibm-modules/key-protect/ibm)

v2.10.1

Compare Source

Bug Fixes
  • deps: update terraform terraform-ibm-modules/cbr/ibm to v1.30.0 (#​691) (38843c8)

v2.10.0

Compare Source

Features
terraform-ibm-modules/terraform-ibm-resource-group (terraform-ibm-modules/resource-group/ibm)

v1.2.0

Compare Source

Features
  • improved user experience for validating input variable values
  • updated required terraform to be >= 1.9.0

(#​706) (d2dbcd8)

Run the pipeline

If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.

Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:

/run pipeline

Checklist for reviewers

  • If relevant, a test for the change is included or updated with this PR.
  • If relevant, documentation for the change is included or updated with this PR.

For mergers

  • Use a conventional commit message to set the release level. Follow the guidelines.
  • Include information that users need to know about the PR in the commit message. The commit message becomes part of the GitHub release notes.
  • Use the Squash and merge option.

@MatthewLemmond
refactor: skipping upgrade test
8c30173 
SKIP UPGRADE TEST due to changes to the bucket's lifecycle and deprecated arguments the upgrade test is detecting changes, documented in PR and now skipping for test to pass
@MatthewLemmond
Copy link
Member Author

/run pipeline

@toddgiguere toddgiguere merged commit 4489e3c into main Apr 23, 2025
2 checks passed
@toddgiguere toddgiguere deleted the terraform-module-update branch April 23, 2025 11:39
@terraform-ibm-modules-ops
Copy link
Contributor

🎉 This PR is included in version 1.2.5 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@toddgiguere toddgiguere toddgiguere approved these changes

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@MatthewLemmond @terraform-ibm-modules-ops @toddgiguere