fix(deps): bump to v3.2.1 of cloud pak deployer + add fix for helm upgrade issue

README.md

@@ -39,7 +39,7 @@ module "watsonx_self_managed_ocp" {
   version                   = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
   ibmcloud_api_key          = "xxxxxxxxxxxxxxxxx"   # pragma: allowlist secret
   cluster_name              = "my-ocp-cluster"
-  cluster_resource_group_id = "xxxxxxxxxxxxxxxxx"
+  cluster_resource_group_id = "xxxxxxxxxxxxxxxxxx"
   cpd_admin_password        = "XXXXXXXX"
   cpd_entitlement_key       = "XXXXXXXX"
 }
@@ -100,8 +100,8 @@ For more information on access and permissions, see [IBM Cloud IAM service roles
 |------|-------------|------|---------|:--------:|
 | <a name="input_add_random_suffix_code_engine_project"></a> [add\_random\_suffix\_code\_engine\_project](#input\_add\_random\_suffix\_code\_engine\_project) | Whether to add a randomly generated 4-character suffix to the newly created Code Engine project. Only applies if `code_engine_project_id` is `null`. | `bool` | `true` | no |
 | <a name="input_add_random_suffix_icr_namespace"></a> [add\_random\_suffix\_icr\_namespace](#input\_add\_random\_suffix\_icr\_namespace) | Whether to add a randomly generated 4-character suffix to the newly created ICR namespace. | `bool` | `true` | no |
-| <a name="input_cloud_pak_deployer_image"></a> [cloud\_pak\_deployer\_image](#input\_cloud\_pak\_deployer\_image) | Cloud Pak Deployer image to use. If `null`, the image will be built using Code Engine and publish to a private Container Registry namespace. | `string` | `"quay.io/cloud-pak-deployer/cloud-pak-deployer:v3.1.8@sha256:e9cde204359a3014a3cee6a43c1e945a7dcb31d5fa92439326d4e5ab2191b48f"` | no |
-| <a name="input_cloud_pak_deployer_release"></a> [cloud\_pak\_deployer\_release](#input\_cloud\_pak\_deployer\_release) | The GIT release of Cloud Pak Deployer version to build from. Only applies if `cloud_pak_deployer_image` is `null`. View releases at: https://github.com/IBM/cloud-pak-deployer/releases. | `string` | `"v3.1.8"` | no |
+| <a name="input_cloud_pak_deployer_image"></a> [cloud\_pak\_deployer\_image](#input\_cloud\_pak\_deployer\_image) | Cloud Pak Deployer image to use. If `null`, the image will be built using Code Engine and publish to a private Container Registry namespace. | `string` | `"quay.io/cloud-pak-deployer/cloud-pak-deployer:v3.2.1@sha256:311952546b0cbec425435269e9a1e7d8a4230dbcde6f257d1bd80461cb82f284"` | no |
+| <a name="input_cloud_pak_deployer_release"></a> [cloud\_pak\_deployer\_release](#input\_cloud\_pak\_deployer\_release) | The GIT release of Cloud Pak Deployer version to build from. Only applies if `cloud_pak_deployer_image` is `null`. View releases at: https://github.com/IBM/cloud-pak-deployer/releases. | `string` | `"v3.2.1"` | no |
 | <a name="input_cloud_pak_deployer_secret"></a> [cloud\_pak\_deployer\_secret](#input\_cloud\_pak\_deployer\_secret) | Secret for accessing the Cloud Pak Deployer image. If `null`, a default secret will be created. | <pre>object({<br/>    username = string<br/>    password = string<br/>    server   = string<br/>    email    = string<br/>  })</pre> | `null` | no |
 | <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Name of an existing Red Hat OpenShift cluster to install watsonX onto | `string` | n/a | yes |
 | <a name="input_cluster_resource_group_id"></a> [cluster\_resource\_group\_id](#input\_cluster\_resource\_group\_id) | The resource group ID of the cluster provided in `cluster_name` | `string` | n/a | yes |
@@ -111,11 +111,11 @@ For more information on access and permissions, see [IBM Cloud IAM service roles
 | <a name="input_cpd_accept_license"></a> [cpd\_accept\_license](#input\_cpd\_accept\_license) | When set to 'true', it is understood that the user has read the terms of the Cloud Pak license(s) and agrees to the terms outlined. | `bool` | `true` | no |
 | <a name="input_cpd_admin_password"></a> [cpd\_admin\_password](#input\_cpd\_admin\_password) | Password for the Cloud Pak for Data admin user. | `string` | n/a | yes |
 | <a name="input_cpd_entitlement_key"></a> [cpd\_entitlement\_key](#input\_cpd\_entitlement\_key) | Cloud Pak for Data entitlement key for access to the IBM Entitled Registry. Can be fetched from https://myibm.ibm.com/products-services/containerlibrary. | `string` | n/a | yes |
-| <a name="input_cpd_version"></a> [cpd\_version](#input\_cpd\_version) | Cloud Pak for Data version to install.  Only version 5.x.x is supported, latest versions can be found [here](https://www.ibm.com/docs/en/cloud-paks/cp-data?topic=versions-cloud-pak-data). | `string` | `"5.0.3"` | no |
+| <a name="input_cpd_version"></a> [cpd\_version](#input\_cpd\_version) | Cloud Pak for Data version to install.  Only version 5.x.x is supported, latest versions can be found [here](https://www.ibm.com/docs/en/cloud-paks/cp-data?topic=versions-cloud-pak-data). | `string` | `"5.1.3"` | no |
 | <a name="input_ibmcloud_api_key"></a> [ibmcloud\_api\_key](#input\_ibmcloud\_api\_key) | The IBM Cloud API key to deploy resources. | `string` | n/a | yes |
 | <a name="input_install_odf_cluster_addon"></a> [install\_odf\_cluster\_addon](#input\_install\_odf\_cluster\_addon) | Install the ODF cluster add-on. | `bool` | `true` | no |
-| <a name="input_odf_config"></a> [odf\_config](#input\_odf\_config) | Configuration for the ODF addon. Only applies if `install_odf_cluster_addon` is true. | `map(string)` | <pre>{<br/>  "addSingleReplicaPool": "false",<br/>  "billingType": "essentials",<br/>  "clusterEncryption": "false",<br/>  "disableNoobaaLB": "false",<br/>  "enableNFS": "false",<br/>  "encryptionInTransit": "false",<br/>  "hpcsBaseUrl": "",<br/>  "hpcsEncryption": "false",<br/>  "hpcsInstanceId": "",<br/>  "hpcsSecretName": "",<br/>  "hpcsServiceName": "",<br/>  "hpcsTokenUrl": "",<br/>  "ignoreNoobaa": "true",<br/>  "numOfOsd": "1",<br/>  "ocsUpgrade": "false",<br/>  "odfDeploy": "true",<br/>  "osdDevicePaths": "",<br/>  "osdSize": "512Gi",<br/>  "osdStorageClassName": "ibmc-vpc-block-metro-10iops-tier",<br/>  "prepareForDisasterRecovery": "false",<br/>  "resourceProfile": "balanced",<br/>  "taintNodes": "false",<br/>  "useCephRBDAsDefaultStorageClass": "false",<br/>  "workerNodes": "all",<br/>  "workerPool": ""<br/>}</pre> | no |
-| <a name="input_odf_version"></a> [odf\_version](#input\_odf\_version) | Version of OpenShift Data Foundation (ODF) add-on to install. Only applies if `install_odf_cluster_addon` is true. | `string` | `"4.16.0"` | no |
+| <a name="input_odf_config"></a> [odf\_config](#input\_odf\_config) | Configuration for the ODF addon. Only applies if `install_odf_cluster_addon` is true. | `map(string)` | <pre>{<br/>  "addSingleReplicaPool": "false",<br/>  "billingType": "essentials",<br/>  "clusterEncryption": "false",<br/>  "disableNoobaaLB": "false",<br/>  "enableNFS": "false",<br/>  "encryptionInTransit": "false",<br/>  "hpcsBaseUrl": "",<br/>  "hpcsEncryption": "false",<br/>  "hpcsInstanceId": "",<br/>  "hpcsSecretName": "",<br/>  "hpcsServiceName": "",<br/>  "hpcsTokenUrl": "",<br/>  "ignoreNoobaa": "true",<br/>  "numOfOsd": "1",<br/>  "ocsUpgrade": "false",<br/>  "odfDeploy": "true",<br/>  "osdDevicePaths": "",<br/>  "osdSize": "512Gi",<br/>  "osdStorageClassName": "ibmc-vpc-block-metro-10iops-tier",<br/>  "resourceProfile": "balanced",<br/>  "taintNodes": "false",<br/>  "useCephRBDAsDefaultStorageClass": "false",<br/>  "workerNodes": "all",<br/>  "workerPool": ""<br/>}</pre> | no |
+| <a name="input_odf_version"></a> [odf\_version](#input\_odf\_version) | Version of OpenShift Data Foundation (ODF) add-on to install. Only applies if `install_odf_cluster_addon` is true. | `string` | `"4.18.0"` | no |
 | <a name="input_region"></a> [region](#input\_region) | Region where Code Engine and Container Registry resources will be provisioned. Only applies if `cloud_pak_deployer_image` is `null`. To use the 'Global' Container Registry location set `use_global_container_registry_location` to true. | `string` | `"us-south"` | no |
 | <a name="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id) | The ID of the resource group where Code Engine and Container Registry resources will be provisioned. Only applies if `cloud_pak_deployer_image` is `null`. If not set, Default resource group will be used. | `string` | `null` | no |
 | <a name="input_use_global_container_registry_location"></a> [use\_global\_container\_registry\_location](#input\_use\_global\_container\_registry\_location) | Set to true to create the Container Registry namespace in the 'Global' location. If set to false, the namespace will be created in the region provided in the `region` input value. Only applies if `cloud_pak_deployer_image` is `null`. | `bool` | `false` | no |

chart/cloud-pak-deployer/templates/install-job.yaml

@@ -75,11 +75,11 @@ spec:
             - '/cloud-pak-deployer/cp-deploy.sh vault set -vs cp4d_admin_cpd_{{ .Values.cluster_name }} -vsv {{ .Values.deployer.admin_password }} && /cloud-pak-deployer/cp-deploy.sh env apply -vvvv {{ .Values.deployer.accept_license_flag }}'
           resources:
             limits:
+              cpu: 500m
+              memory: 768Mi
+            requests:
               cpu: 250m
               memory: 512Mi
-            requests:
-              cpu: 100m
-              memory: 256Mi
       serviceAccount: {{ .Values.deployer.prefix }}-sa
       volumes:
         - name: config-volume

chart/cloud-pak-deployer/templates/pvc.yaml

@@ -1,7 +1,8 @@
+{{ $pvcName := printf "%s-%s" .Values.deployer.prefix "status" }}
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: {{ .Values.deployer.prefix }}-status
+  name: {{ $pvcName }}
   namespace: {{ .Values.namespace }}
 spec:
   accessModes:
@@ -11,3 +12,6 @@ spec:
       storage: 10Gi
   storageClassName: ibmc-vpc-block-10iops-tier
   volumeMode: Filesystem
+  {{- if (lookup "v1" "PersistentVolumeClaim" .Values.namespace $pvcName) }}
+  volumeName: {{ (lookup "v1" "PersistentVolumeClaim" .Values.namespace $pvcName).spec.volumeName }}
+  {{- end }}

modules/cloud-pak-deployer/variables.tf

@@ -20,7 +20,6 @@ variable "cloud_pak_deployer_secret" {
   default = null
 }
 
-
 variable "cluster_name" {
   description = "Name of Red Hat OpenShift cluster to install watsonx onto"
   type        = string

scripts/wait_for_cpd_pod.sh

@@ -3,7 +3,7 @@
 
 set -e
 NAMESPACE="cloud-pak-deployer"
-POD_NAME=$(kubectl get pods -n "${NAMESPACE}" -o jsonpath='{.items[0].metadata.name}')
+POD_NAME=$(kubectl get pods --sort-by=.metadata.creationTimestamp -n "${NAMESPACE}" -o jsonpath='{.items[-1].metadata.name}')
 STATUS=""
 while true; do
   STATUS=$(kubectl get pod "${POD_NAME}" -n "${NAMESPACE}" -o jsonpath='{.status.phase}')

solutions/fully-configurable/variables.tf

@@ -49,7 +49,8 @@ variable "prefix" {
 variable "cloud_pak_deployer_image" {
   description = "Cloud Pak Deployer image to use. If `null`, the image will be built using Code Engine and publish to a private Container Registry namespace."
   type        = string
-  default     = "quay.io/cloud-pak-deployer/cloud-pak-deployer:v3.1.8@sha256:e9cde204359a3014a3cee6a43c1e945a7dcb31d5fa92439326d4e5ab2191b48f"
+  # TODO: update renovate to manage this version
+  default = "quay.io/cloud-pak-deployer/cloud-pak-deployer:v3.2.1@sha256:311952546b0cbec425435269e9a1e7d8a4230dbcde6f257d1bd80461cb82f284"
 }
 
 variable "existing_cluster_id" {
@@ -97,7 +98,7 @@ variable "cpd_entitlement_key" {
 variable "cpd_version" {
   description = "Cloud Pak for Data version to install.  Only version 5.x.x is supported, latest versions can be found [here](https://www.ibm.com/docs/en/cloud-paks/cp-data?topic=versions-cloud-pak-data)."
   type        = string
-  default     = "5.0.3"
+  default     = "5.1.3"
 
   validation {
     error_message = "Cloud pak for data major version 5 is supported."
@@ -152,7 +153,7 @@ variable "install_odf_cluster_addon" {
 variable "odf_version" {
   description = "Version of ODF to install."
   type        = string
-  default     = "4.16.0"
+  default     = "4.18.0"
   validation {
     error_message = "ODF version must be in the format 'x.y.z'."
     condition     = can(regex("^[0-9]+\\.[0-9]+\\.[0-9]+$", var.odf_version))
@@ -185,7 +186,6 @@ variable "odf_config" {
     "addSingleReplicaPool"            = "false"
     "ignoreNoobaa"                    = "true"
     "disableNoobaaLB"                 = "false"
-    "prepareForDisasterRecovery"      = "false"
     "useCephRBDAsDefaultStorageClass" = "false"
     "osdDevicePaths"                  = ""
     "taintNodes"                      = "false"
@@ -239,5 +239,5 @@ variable "code_engine_project_id" {
 variable "cloud_pak_deployer_release" {
   description = "The GIT release of Cloud Pak Deployer version to build from. Only applies if `cloud_pak_deployer_image` is `null`. View releases at: https://github.com/IBM/cloud-pak-deployer/releases."
   type        = string
-  default     = "v3.1.8" # TODO: manage this version with renovate - https://github.com/terraform-ibm-modules/terraform-ibm-watsonx-self-managed-ocp/issues/36
+  default     = "v3.2.1" # TODO: manage this version with renovate - https://github.com/terraform-ibm-modules/terraform-ibm-watsonx-self-managed-ocp/issues/36
 }

tests/pr_test.go

@@ -196,7 +196,8 @@ func TestRunFullyConfigurableUpgradeSolution(t *testing.T) {
 			Testing:      t,
 			TerraformDir: instanceFlavorDir,
 			// Do not hard fail the test if the implicit destroy steps fail to allow a full destroy of resource to occur
-			ImplicitRequired: false,
+			ImplicitRequired:           false,
+			CheckApplyResultForUpgrade: true,
 			TerraformVars: map[string]any{
 				"prefix":                               prefix,
 				"region":                               region,

tests/resources/main.tf

@@ -63,14 +63,14 @@ locals {
       pool_name        = "default" # ibm_container_vpc_cluster automatically names default pool "default" (See https://github.com/IBM-Cloud/terraform-provider-ibm/issues/2849)
       machine_type     = "bx2.16x64"
       workers_per_zone = 3 # Minimum 3 workers to install ODF and ensure high availability
-      operating_system = "REDHAT_8_64"
+      operating_system = "RHCOS"
     }
   ]
 }
 
 module "ocp_base" {
   source                              = "terraform-ibm-modules/base-ocp-vpc/ibm"
-  version                             = "3.50.3"
+  version                             = "3.51.2"
   resource_group_id                   = module.resource_group.resource_group_id
   region                              = var.region
   tags                                = var.resource_tags
@@ -81,4 +81,5 @@ module "ocp_base" {
   worker_pools                        = local.worker_pools
   access_tags                         = []
   disable_outbound_traffic_protection = true
+  ocp_version                         = "4.18"
 }

variables.tf

@@ -11,7 +11,8 @@ variable "ibmcloud_api_key" {
 variable "cloud_pak_deployer_image" {
   description = "Cloud Pak Deployer image to use. If `null`, the image will be built using Code Engine and publish to a private Container Registry namespace."
   type        = string
-  default     = "quay.io/cloud-pak-deployer/cloud-pak-deployer:v3.1.8@sha256:e9cde204359a3014a3cee6a43c1e945a7dcb31d5fa92439326d4e5ab2191b48f"
+  # TODO: update renovate to manage this version
+  default = "quay.io/cloud-pak-deployer/cloud-pak-deployer:v3.2.1@sha256:311952546b0cbec425435269e9a1e7d8a4230dbcde6f257d1bd80461cb82f284"
 }
 
 variable "cluster_name" {
@@ -56,7 +57,7 @@ variable "cpd_entitlement_key" {
 variable "cpd_version" {
   description = "Cloud Pak for Data version to install.  Only version 5.x.x is supported, latest versions can be found [here](https://www.ibm.com/docs/en/cloud-paks/cp-data?topic=versions-cloud-pak-data)."
   type        = string
-  default     = "5.0.3"
+  default     = "5.1.3"
 
   validation {
     error_message = "Cloud pak for data major version 5 is supported."
@@ -110,7 +111,7 @@ variable "install_odf_cluster_addon" {
 variable "odf_version" {
   description = "Version of OpenShift Data Foundation (ODF) add-on to install. Only applies if `install_odf_cluster_addon` is true."
   type        = string
-  default     = "4.16.0"
+  default     = "4.18.0"
 }
 
 variable "odf_config" {
@@ -138,7 +139,6 @@ variable "odf_config" {
     "addSingleReplicaPool"            = "false"
     "ignoreNoobaa"                    = "true"
     "disableNoobaaLB"                 = "false"
-    "prepareForDisasterRecovery"      = "false"
     "useCephRBDAsDefaultStorageClass" = "false"
     "osdDevicePaths"                  = ""
     "taintNodes"                      = "false"
@@ -193,7 +193,7 @@ variable "code_engine_project_id" {
 variable "cloud_pak_deployer_release" {
   description = "The GIT release of Cloud Pak Deployer version to build from. Only applies if `cloud_pak_deployer_image` is `null`. View releases at: https://github.com/IBM/cloud-pak-deployer/releases."
   type        = string
-  default     = "v3.1.8" # TODO: manage this version with renovate - https://github.com/terraform-ibm-modules/terraform-ibm-watsonx-self-managed-ocp/issues/36
+  default     = "v3.2.1" # TODO: manage this version with renovate - https://github.com/terraform-ibm-modules/terraform-ibm-watsonx-self-managed-ocp/issues/36
 }
 
 variable "add_random_suffix_icr_namespace" {