diff --git a/.docs/powervs-poc.md b/.docs/powervs-poc.md index 7bf1d781..bdba97b0 100644 --- a/.docs/powervs-poc.md +++ b/.docs/powervs-poc.md @@ -120,7 +120,7 @@ The VPC VPN Server used for client to site VPNs requires SSL/TLS certificates st 1. Create a Secrets Manager instance and either [order public certificates](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-public-certificates&interface=ui ), [create private certificates](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-private-certificates&interface=ui -), or [import certificates](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-certificates&interface=ui). +), or [import certificates](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-certificates&interface=ui). Consult the [VPC client-to-site server authentication documentation](https://cloud.ibm.com/docs/vpc?topic=vpc-client-to-site-authentication) to ensure the certificate authorities and certificates are created using values that are compatible with the VPN server. 2. Choose VPC Deployments from the menu and create a new security group for the VPN Server. Create the security group in the `transit-rg` resource group. Add the following rules to the group: @@ -140,7 +140,7 @@ Set the VPN Server values using the following table as a guide. | VPC | transit | | Subnets | vpn-zone-1 | | Security group | security group created in step 3 | -| Authentication method | Certificate | +| Authentication method | Username and Certificate | | Certificate CRN | The CRN of the Secrets Manager secret containing the certificate for the VPN Server. | | Client CA CRN | The CRN of the Secrets Manager secret containing the certificate for the VPN client. | | Client CIDR Pool | Specify a network CIDR that does not conflict with any on-premises network, the VPC network, or the Power VS network. The CIDR should also be a subnet of 10.0.0.0/8 to avoid additional security group changes. | @@ -199,3 +199,20 @@ Here are the list of fields and values to be used to setup on-prem VPN gateway: * Preshared Key: Shared between both VPNs to establish connection. * Peer CIDR: IBM VPC CIDRs + IBM PowerVS CIDRs to allow communication into IBM cloud environment via VPN. * IKE policy: IKEv2 + +### Configuring VPC VPN Server - Client to Site VPN users + +If a VPC VPN Server was added to the configuration as documented with the `Username and Certificate` authentication mechanism, VPN users must have the correct access policies to log into the VPN. + +The following steps can be used to create an access group with the appropriate access policy and add VPN users: + +Create Access Group: + - Manage -> Access (IAM) -> Access Groups -> Create + + - Name the access group _(i.e. VPN Users)_ + - Add users and/or service IDs as needed + - Navigate to Access tab -> Assign access + + - Create an access policy with the following: + +| Service | Resources | Access | +|- |- |- | +| VPC Infrastructure Service | All | Users of the VPN server need this role to connect to the VPN server | diff --git a/CHANGELOG.md b/CHANGELOG.md index 7fed1809..fea4b1dd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,27 @@ All notable changes to this project will be documented in this file. +## 1.15.6 + +### Upgrade Notes + +- Updated the VPN as a Service template's default authentication method and changed the Secrets Manager to the Trial plan +- Updated AIX stock images and removed deprecated images for all templates with invalid image references + +### Features + +- When creating a VPN Server, users can now have both certificate and username authentication by selecting the `Username and Certificate` authentication method + +### Fixes + +- Fixed an issue causing Resource Groups assigned to Security Groups to not be correctly imported into VPC modules +- Fixed an issue preventing users from downloading Terraform code when using only existing VPCs and VPC Subnets +- Fixed an issue in the Power VS POC template where the LogDNA files were written to the AIX save files COS bucket +- Fixed an issue causing Cloud Services with missing values not to be highlighed red on the `/v2/services` page +- The Power VS POC Template Activity Tracker COS instance now correctly uses a random suffix to ensure unique resource naming +- Fixed an issue causing imported VPC Security Groups to fail on Terraform Plan +- Power VS Images are now reset when changing zones or changing the name of an existing workspace + ## 1.15.5 ### Fixes diff --git a/client/package-lock.json b/client/package-lock.json index 5b06a8e7..bdc27b9b 100644 --- a/client/package-lock.json +++ b/client/package-lock.json @@ -1,12 +1,12 @@ { "name": "craig", - "version": "1.15.5", + "version": "1.15.6", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "craig", - "version": "1.15.5", + "version": "1.15.6", "license": "Apache-2.0", "dependencies": { "@apollo/client": "^3.4.10", diff --git a/client/package.json b/client/package.json index c3155b52..54cfc871 100644 --- a/client/package.json +++ b/client/package.json @@ -1,6 +1,6 @@ { "name": "craig", - "version": "1.15.5", + "version": "1.15.6", "private": true, "license": "Apache-2.0", "scripts": { diff --git a/client/src/components/forms/dynamic-form/DynamicFetchMultiSelect.js b/client/src/components/forms/dynamic-form/DynamicFetchMultiSelect.js index 78a99731..8c5ac7d6 100644 --- a/client/src/components/forms/dynamic-form/DynamicFetchMultiSelect.js +++ b/client/src/components/forms/dynamic-form/DynamicFetchMultiSelect.js @@ -43,9 +43,12 @@ class DynamicFetchMultiSelect extends React.Component { this._isMounted = false; } - // Force re-fetch of images on zone change + // Force re-fetch of images on name or zone change componentDidUpdate(prevProps) { - if (prevProps.parentState.zone != this.props.parentState.zone) { + if ( + prevProps.parentState.zone != this.props.parentState.zone || + prevProps.parentState.name != this.props.parentState.name + ) { this._isMounted = false; this.setState({ data: ["Loading..."] }, () => { this.componentDidMount(); diff --git a/client/src/components/pages/cloud-services/CloudServices.js b/client/src/components/pages/cloud-services/CloudServices.js index 24f3e7e5..7bb431f2 100644 --- a/client/src/components/pages/cloud-services/CloudServices.js +++ b/client/src/components/pages/cloud-services/CloudServices.js @@ -587,7 +587,9 @@ class CloudServicesPage extends React.Component { service={{ type: "atracker", name: "atracker", + data: craig.store.json.atracker, }} + craig={craig} onClick={this.onServiceIconClick} isSelected={this.state.service === "atracker"} /> @@ -688,6 +690,7 @@ class CloudServicesPage extends React.Component { resourceGroup={rg} service={service} icon={serviceFormMap[service.type].icon} + craig={craig} onClick={this.onServiceIconClick} isSelected={ this.state.service === service.type && diff --git a/client/src/components/pages/diagrams/ManageService.js b/client/src/components/pages/diagrams/ManageService.js index b5a65845..c5413c0b 100644 --- a/client/src/components/pages/diagrams/ManageService.js +++ b/client/src/components/pages/diagrams/ManageService.js @@ -2,6 +2,7 @@ import { contains, titleCase } from "lazy-z"; import React from "react"; import PropTypes from "prop-types"; import { RenderForm } from "../../forms"; +import { disableSave } from "../../../lib"; export const ManageService = (props) => { return ( @@ -10,7 +11,14 @@ export const ManageService = (props) => { "manageService alignButtons" + (props.isSelected ? " serviceOpen" - : props.resourceGroup === "No Resource Group" + : disableSave( + props.service.overrideType || props.service.type, + props.service.data, + { + data: props.service.data, + craig: props.craig, + } + ) ? " noRgService" : "") + " " + diff --git a/client/src/components/pages/diagrams/RgServiceMap.js b/client/src/components/pages/diagrams/RgServiceMap.js index ad3f7bd0..ab24c443 100644 --- a/client/src/components/pages/diagrams/RgServiceMap.js +++ b/client/src/components/pages/diagrams/RgServiceMap.js @@ -110,6 +110,7 @@ export const RgServiceMap = (props) => { icon={serviceFormMap[service.type].icon} className="pointerEventsNone" small={props.small} + craig={props.craig} /> ); }) diff --git a/client/src/lib/docs/release-notes.json b/client/src/lib/docs/release-notes.json index b1a502e2..ff4df754 100644 --- a/client/src/lib/docs/release-notes.json +++ b/client/src/lib/docs/release-notes.json @@ -1,4 +1,23 @@ [ + { + "version": "1.15.6", + "features": [ + "When creating a VPN Server, users can now have both certificate and username authentication by selecting the `Username and Certificate` authentication method" + ], + "fixes": [ + "Fixed an issue causing Resource Groups assigned to Security Groups to not be correctly imported into VPC modules", + "Fixed an issue preventing users from downloading Terraform code when using only existing VPCs and VPC Subnets", + "Fixed an issue in the Power VS POC template where the LogDNA files were written to the AIX save files COS bucket", + "Fixed an issue causing Cloud Services with missing values not to be highlighed red on the `/v2/services` page", + "The Power VS POC Template Activity Tracker COS instance now correctly uses a random suffix to ensure unique resource naming", + "Fixed an issue causing imported VPC Security Groups to fail on Terraform Plan", + "Power VS Images are now reset when changing zones or changing the name of an existing workspace" + ], + "upgrade_notes": [ + "Updated the VPN as a Service template's default authentication method and changed the Secrets Manager to the Trial plan", + "Updated AIX stock images and removed deprecated images for all templates with invalid image references" + ] + }, { "version": "1.15.5", "features": [], diff --git a/client/src/lib/docs/templates/oracle-rac.json b/client/src/lib/docs/templates/oracle-rac.json index 3f9e00dc..de55f397 100644 --- a/client/src/lib/docs/templates/oracle-rac.json +++ b/client/src/lib/docs/templates/oracle-rac.json @@ -11,12 +11,13 @@ "dynamic_subnets": false, "enable_power_vs": true, "power_vs_zones": ["dal12", "dal10", "us-south"], - "craig_version": "1.10.0", + "craig_version": "1.15.6", "power_vs_high_availability": false, "no_vpn_secrets_manager_auth": false, "power_vs_ha_zone_1": null, "power_vs_ha_zone_2": null, - "manual_power_vsi_naming": false + "manual_power_vsi_naming": false, + "template": "Power VS Oracle Ready" }, "access_groups": [], "appid": [], @@ -36,12 +37,19 @@ }, "cbr_rules": [], "cbr_zones": [], + "cis": [], + "cis_glbs": [], + "classic_bare_metal": [], + "classic_gateways": [], + "classic_security_groups": [], "classic_ssh_keys": [], "classic_vlans": [], + "classic_vsi": [], "clusters": [], "dns": [], "event_streams": [], "f5_vsi": [], + "fortigate_vnf": [], "iam_account_settings": { "enable": false, "mfa": null, @@ -250,15 +258,15 @@ "cloud_connections": [], "images": [ { - "name": "7300-00-01", + "name": "7300-02-01", "workspace": "oracle-template", "zone": "dal12", - "pi_image_id": "2cf98f53-433d-4c7a-bc46-1f2dfcc04066", + "pi_image_id": "dd13124c-1212-4b25-a2aa-17dabc040eaa", "workspace_use_data": false } ], "attachments": [], - "imageNames": ["7300-00-01"], + "imageNames": ["7300-02-01"], "use_data": false } ], @@ -266,7 +274,7 @@ { "name": "oracle-1", "workspace": "oracle-template", - "image": "7300-00-01", + "image": "7300-02-01", "network": [ { "name": "oracle-private-1", @@ -306,12 +314,13 @@ "pi_ibmi_rds_users": null, "pi_user_data": null, "pi_pin_policy": "none", - "pi_license_repository_capacity": null + "pi_license_repository_capacity": null, + "index": 0 }, { "name": "oracle-2", "workspace": "oracle-template", - "image": "7300-00-01", + "image": "7300-02-01", "network": [ { "name": "oracle-private-1", @@ -351,7 +360,8 @@ "pi_ibmi_rds_users": null, "pi_user_data": null, "pi_pin_policy": "none", - "pi_license_repository_capacity": null + "pi_license_repository_capacity": null, + "index": 1 } ], "power_volumes": [ @@ -373,7 +383,8 @@ "pi_affinity_instance": "oracle-1", "pi_volume_pool": null, "pi_affinity_volume": null, - "count": null + "count": null, + "index": 0 }, { "name": "oracle-1-db-2", @@ -393,7 +404,8 @@ "pi_affinity_instance": "oracle-1", "pi_volume_pool": null, "pi_affinity_volume": null, - "count": null + "count": null, + "index": 1 }, { "name": "oracle-2-db-1", @@ -413,7 +425,8 @@ "pi_affinity_instance": "oracle-2", "pi_volume_pool": null, "pi_affinity_volume": null, - "count": null + "count": null, + "index": 2 }, { "name": "oracle-2-db-2", @@ -433,7 +446,8 @@ "pi_affinity_instance": "oracle-2", "pi_volume_pool": null, "pi_affinity_volume": null, - "count": null + "count": null, + "index": 3 }, { "name": "redo-1", @@ -452,7 +466,8 @@ "pi_affinity_instance": null, "pi_anti_affinity_volume": null, "pi_anti_affinity_instance": null, - "count": null + "count": null, + "index": 4 }, { "name": "redo-2", @@ -471,7 +486,8 @@ "pi_affinity_instance": null, "pi_anti_affinity_volume": null, "pi_anti_affinity_instance": null, - "count": null + "count": null, + "index": 5 }, { "name": "asm-data-1", @@ -491,7 +507,8 @@ "pi_anti_affinity_volume": null, "pi_anti_affinity_instance": null, "pi_volume_pool": null, - "count": null + "count": null, + "index": 6 }, { "name": "asm-data-2", @@ -510,7 +527,8 @@ "pi_affinity_instance": null, "pi_anti_affinity_volume": null, "pi_anti_affinity_instance": null, - "count": null + "count": null, + "index": 7 }, { "name": "management", @@ -529,7 +547,8 @@ "pi_affinity_instance": null, "pi_anti_affinity_volume": null, "pi_anti_affinity_instance": null, - "count": null + "count": null, + "index": 8 }, { "name": "vote-1", @@ -549,7 +568,8 @@ "pi_affinity_instance": "oracle-1", "pi_volume_pool": null, "pi_affinity_volume": null, - "count": null + "count": null, + "index": 9 }, { "name": "vote-2", @@ -569,7 +589,8 @@ "pi_affinity_instance": "oracle-1", "pi_volume_pool": null, "pi_affinity_volume": null, - "count": null + "count": null, + "index": 10 }, { "name": "vote-3", @@ -589,7 +610,8 @@ "pi_affinity_instance": "oracle-1", "pi_volume_pool": null, "pi_affinity_volume": null, - "count": null + "count": null, + "index": 11 } ], "resource_groups": [ @@ -626,6 +648,17 @@ "scope_description": null, "enable": false }, + "scc_v2": { + "enable": false, + "resource_group": null, + "region": null, + "account_id": "${var.account_id}", + "profile_attachments": [], + "name": null, + "use_cos": false, + "cos": null, + "bucket": null + }, "secrets_manager": [], "security_groups": [ { @@ -1720,7 +1753,7 @@ { "kms": "kms", "encryption_key": "vsi-volume-key", - "image": "ibm-ubuntu-22-04-1-minimal-amd64-1", + "image": "ibm-ubuntu-22-04-4-minimal-amd64-1", "profile": "cx2-4x8", "name": "management-server", "security_groups": ["management-vsi"], @@ -1733,7 +1766,7 @@ "user_data": null, "network_interfaces": [], "volumes": [], - "image_name": null, + "image_name": "Ubuntu Linux 22.04 LTS Jammy Jellyfish Minimal Install (amd64) [ibm-ubuntu-22-04-4-minimal-amd64-1]", "enable_floating_ip": false, "primary_interface_ip_spoofing": false, "use_variable_names": false, @@ -1749,8 +1782,7 @@ { "kms": "kms", "encryption_key": "vsi-volume-key", - "image": "ibm-ubuntu-22-04-3-minimal-amd64-1", - "image_name": "Ubuntu Linux 22.04 LTS Jammy Jellyfish Minimal Install (amd64) [ibm-ubuntu-22-04-3-minimal-amd64-1]", + "image": "ibm-ubuntu-22-04-4-minimal-amd64-1", "profile": "bx2-2x8", "name": "workload-server", "security_groups": ["workload-vpe"], @@ -1763,6 +1795,7 @@ "network_interfaces": [], "subnets": ["vsi-zone-1", "vsi-zone-2", "vsi-zone-3"], "volumes": [], + "image_name": "Ubuntu Linux 22.04 LTS Jammy Jellyfish Minimal Install (amd64) [ibm-ubuntu-22-04-4-minimal-amd64-1]", "subnet": "", "enable_floating_ip": false, "primary_interface_ip_spoofing": false, @@ -1772,5 +1805,6 @@ "reserved_ips": [[""], [""], [""]], "enable_static_ips": false } - ] + ], + "vtl": [] } diff --git a/client/src/lib/docs/templates/oracle-si.json b/client/src/lib/docs/templates/oracle-si.json index 895e3e8a..5912f081 100644 --- a/client/src/lib/docs/templates/oracle-si.json +++ b/client/src/lib/docs/templates/oracle-si.json @@ -10,13 +10,14 @@ "dynamic_subnets": false, "enable_power_vs": true, "power_vs_zones": ["dal12", "dal10", "us-south"], - "craig_version": "1.12.0", + "craig_version": "1.15.6", "power_vs_high_availability": false, "no_vpn_secrets_manager_auth": false, "enable_classic": false, "power_vs_ha_zone_1": null, "power_vs_ha_zone_2": null, - "manual_power_vsi_naming": false + "manual_power_vsi_naming": false, + "template": "Power VS Oracle Single Instance" }, "access_groups": [], "appid": [], @@ -36,12 +37,19 @@ }, "cbr_rules": [], "cbr_zones": [], + "cis": [], + "cis_glbs": [], + "classic_bare_metal": [], + "classic_gateways": [], + "classic_security_groups": [], "classic_ssh_keys": [], "classic_vlans": [], + "classic_vsi": [], "clusters": [], "dns": [], "event_streams": [], "f5_vsi": [], + "fortigate_vnf": [], "iam_account_settings": { "enable": false, "mfa": null, @@ -226,15 +234,15 @@ "cloud_connections": [], "images": [ { - "name": "7300-00-01", + "name": "7300-02-01", "workspace": "oracle-template", "zone": "dal12", - "pi_image_id": "2cf98f53-433d-4c7a-bc46-1f2dfcc04066", + "pi_image_id": "dd13124c-1212-4b25-a2aa-17dabc040eaa", "workspace_use_data": false } ], "attachments": [], - "imageNames": ["7300-00-01"], + "imageNames": ["7300-02-01"], "use_data": false } ], @@ -242,7 +250,7 @@ { "name": "oracle", "workspace": "oracle-template", - "image": "7300-00-01", + "image": "7300-02-01", "network": [ { "name": "oracle-vlan", @@ -274,7 +282,8 @@ "pi_ibmi_rds_users": null, "pi_user_data": null, "pi_pin_policy": "none", - "pi_license_repository_capacity": null + "pi_license_repository_capacity": null, + "index": 0 } ], "power_volumes": [ @@ -296,7 +305,8 @@ "pi_affinity_instance": "oracle", "pi_volume_pool": null, "pi_affinity_volume": null, - "count": null + "count": null, + "index": 0 }, { "name": "oracle-db-2", @@ -316,7 +326,8 @@ "pi_affinity_instance": "oracle", "pi_volume_pool": null, "pi_affinity_volume": null, - "count": null + "count": null, + "index": 1 } ], "resource_groups": [ @@ -353,6 +364,17 @@ "scope_description": null, "enable": false }, + "scc_v2": { + "enable": false, + "resource_group": null, + "region": null, + "account_id": "${var.account_id}", + "profile_attachments": [], + "name": null, + "use_cos": false, + "cos": null, + "bucket": null + }, "secrets_manager": [], "security_groups": [ { @@ -1447,7 +1469,7 @@ { "kms": "kms", "encryption_key": "vsi-volume-key", - "image": "ibm-ubuntu-22-04-1-minimal-amd64-1", + "image": "ibm-ubuntu-22-04-4-minimal-amd64-1", "profile": "cx2-4x8", "name": "management-server", "security_groups": ["management-vsi"], @@ -1460,7 +1482,7 @@ "user_data": null, "network_interfaces": [], "volumes": [], - "image_name": null, + "image_name": "Ubuntu Linux 22.04 LTS Jammy Jellyfish Minimal Install (amd64) [ibm-ubuntu-22-04-4-minimal-amd64-1]", "enable_floating_ip": false, "primary_interface_ip_spoofing": false, "use_variable_names": false, @@ -1476,8 +1498,7 @@ { "kms": "kms", "encryption_key": "vsi-volume-key", - "image": "ibm-ubuntu-22-04-3-minimal-amd64-1", - "image_name": "Ubuntu Linux 22.04 LTS Jammy Jellyfish Minimal Install (amd64) [ibm-ubuntu-22-04-3-minimal-amd64-1]", + "image": "ibm-ubuntu-22-04-4-minimal-amd64-1", "profile": "bx2-2x8", "name": "workload-server", "security_groups": ["workload-vpe"], @@ -1490,6 +1511,7 @@ "network_interfaces": [], "subnets": ["vsi-zone-1", "vsi-zone-2", "vsi-zone-3"], "volumes": [], + "image_name": "Ubuntu Linux 22.04 LTS Jammy Jellyfish Minimal Install (amd64) [ibm-ubuntu-22-04-4-minimal-amd64-1]", "subnet": "", "enable_floating_ip": false, "primary_interface_ip_spoofing": false, @@ -1499,5 +1521,6 @@ "reserved_ips": [[""], [""], [""]], "enable_static_ips": false } - ] + ], + "vtl": [] } diff --git a/client/src/lib/docs/templates/power-poc-quick-start.json b/client/src/lib/docs/templates/power-poc-quick-start.json index ebceffa5..5aed9a8f 100644 --- a/client/src/lib/docs/templates/power-poc-quick-start.json +++ b/client/src/lib/docs/templates/power-poc-quick-start.json @@ -10,7 +10,7 @@ "enable_power_vs": true, "enable_classic": false, "power_vs_zones": ["dal10"], - "craig_version": "1.14.1", + "craig_version": "1.15.6", "power_vs_high_availability": false, "template": "Power VS POC", "fs_cloud": false, @@ -99,8 +99,8 @@ "endpoints": "private", "platform_logs": false, "resource_group": "service-rg", - "cos": "savefiles", - "bucket": "aix", + "cos": "a-tracker", + "bucket": "a-tracker", "name": "logdna", "archive": false }, @@ -157,7 +157,7 @@ }, { "use_data": false, - "use_random_suffix": false, + "use_random_suffix": true, "name": "a-tracker", "resource_group": "service-rg", "plan": "standard", @@ -168,7 +168,7 @@ "storage_class": "standard", "kms_key": "atracker-key", "force_delete": false, - "use_random_suffix": false, + "use_random_suffix": true, "endpoint": null, "activity_tracking": false, "read_data_events": false, @@ -185,7 +185,7 @@ "name": "a-tracker-cos", "role": "Writer", "enable_hmac": false, - "use_random_suffix": false + "use_random_suffix": true } ] } @@ -223,12 +223,12 @@ "cloud_connections": [], "images": [ { - "creationDate": "2023-03-07T11:21:01.000Z", + "creationDate": "2024-03-20T19:06:59.000Z", "description": "", - "href": "/pcloud/v1/cloud-instances/d839ff9f75e2465a81707aa69ee9a9b7/stock-images/142d55ca-d24c-4114-a2f9-4174e96ed96e", - "imageID": "142d55ca-d24c-4114-a2f9-4174e96ed96e", - "lastUpdateDate": "2023-03-14T16:27:52.000Z", - "name": "7300-01-01", + "href": "/pcloud/v1/cloud-instances/d839ff9f75e2465a81707aa69ee9a9b7/stock-images/f557c9a5-c5e4-4b96-9e30-4e9589e9fad8", + "imageID": "f557c9a5-c5e4-4b96-9e30-4e9589e9fad8", + "lastUpdateDate": "2024-03-20T19:50:48.000Z", + "name": "7300-02-01", "specifications": { "architecture": "ppc64", "containerFormat": "bare", @@ -239,7 +239,7 @@ "operatingSystem": "aix" }, "state": "active", - "storagePool": "Tier3-Flash-1", + "storagePool": "General-Flash-50", "storageType": "tier3", "workspace": "dal10", "zone": "dal10", @@ -267,11 +267,11 @@ "workspace": "dal10", "zone": "dal10", "workspace_use_data": false, - "depends_on": ["${ibm_pi_image.power_image_dal10_7300_01_01}"] + "depends_on": ["${ibm_pi_image.power_image_dal10_7300_02_01}"] } ], "attachments": [], - "imageNames": ["7300-01-01", "IBMi-75-03-2984-1"], + "imageNames": ["7300-02-01", "IBMi-75-03-2984-1"], "use_data": false } ], @@ -279,7 +279,7 @@ { "name": "aixtarget", "workspace": "dal10", - "image": "7300-01-01", + "image": "7300-02-01", "network": [ { "name": "pvm", diff --git a/client/src/lib/docs/templates/power-sap-hana.json b/client/src/lib/docs/templates/power-sap-hana.json index 4fe1b58a..45279e1f 100644 --- a/client/src/lib/docs/templates/power-sap-hana.json +++ b/client/src/lib/docs/templates/power-sap-hana.json @@ -11,7 +11,7 @@ "dynamic_subnets": false, "enable_power_vs": true, "power_vs_zones": ["dal10"], - "craig_version": "1.12.0", + "craig_version": "1.15.6", "power_vs_high_availability": false, "template": "Power VS SAP Hana", "no_vpn_secrets_manager_auth": false, @@ -52,9 +52,12 @@ "cbr_zones": [], "cis": [], "cis_glbs": [], + "classic_bare_metal": [], "classic_gateways": [], + "classic_security_groups": [], "classic_ssh_keys": [], "classic_vlans": [], + "classic_vsi": [], "clusters": [], "dns": [], "event_streams": [], @@ -280,53 +283,6 @@ ], "cloud_connections": [], "images": [ - { - "creationDate": "2023-02-14T18:39:48.000Z", - "description": "", - "href": "/pcloud/v1/cloud-instances/d839ff9f75e2465a81707aa69ee9a9b7/stock-images/a857bbbd-6fee-4bf7-816d-04fb4cdbf65e", - "imageID": "a857bbbd-6fee-4bf7-816d-04fb4cdbf65e", - "lastUpdateDate": "2023-02-14T22:29:20.000Z", - "name": "7100-05-09", - "specifications": { - "architecture": "ppc64", - "containerFormat": "bare", - "diskFormat": "raw", - "endianness": "big-endian", - "hypervisorType": "phyp", - "operatingSystem": "aix" - }, - "state": "active", - "storagePool": "Tier3-Flash-1", - "storageType": "tier3", - "workspace": "secure-powervs", - "zone": "dal10", - "workspace_use_data": false - }, - { - "creationDate": "2023-09-16T18:38:33.000Z", - "description": "", - "href": "/pcloud/v1/cloud-instances/d839ff9f75e2465a81707aa69ee9a9b7/stock-images/69866375-0cec-4db9-93e9-a55c63c13d6e", - "imageID": "69866375-0cec-4db9-93e9-a55c63c13d6e", - "lastUpdateDate": "2023-09-16T21:38:22.000Z", - "name": "IBMi-71-11-2924-8", - "specifications": { - "architecture": "ppc64", - "containerFormat": "bare", - "diskFormat": "raw", - "endianness": "big-endian", - "hypervisorType": "phyp", - "operatingSystem": "ibmi" - }, - "state": "active", - "storagePool": "Tier3-Flash-1", - "storageType": "tier3", - "workspace": "secure-powervs", - "zone": "dal10", - "workspace_use_data": false, - "depends_on": [ - "${ibm_pi_image.power_image_secure_powervs_7100_05_09}" - ] - }, { "creationDate": "2024-01-30T12:46:02.000Z", "description": "", @@ -348,10 +304,7 @@ "storageType": "tier3", "workspace": "secure-powervs", "zone": "dal10", - "workspace_use_data": false, - "depends_on": [ - "${ibm_pi_image.power_image_secure_powervs_ibmi_71_11_2924_8}" - ] + "workspace_use_data": false }, { "creationDate": "2024-01-30T14:31:23.000Z", @@ -926,8 +879,6 @@ ], "attachments": [], "imageNames": [ - "7100-05-09", - "IBMi-71-11-2924-8", "RHEL8-SP4-SAP-BYOL", "RHEL8-SP4-SAP-NETWEAVER-BYOL", "RHEL8-SP6", @@ -2776,8 +2727,8 @@ "code": null }, "tcp": { - "port_min": "22", - "port_max": "22", + "port_min": 22, + "port_max": 22, "source_port_min": null, "source_port_max": null }, @@ -2810,8 +2761,8 @@ "tcp": { "port_min": null, "port_max": null, - "source_port_min": "22", - "source_port_max": "22" + "source_port_min": 22, + "source_port_max": 22 }, "udp": { "port_min": null, diff --git a/client/src/lib/docs/templates/quick-start-power.json b/client/src/lib/docs/templates/quick-start-power.json index 4b6f3f55..82ab6511 100644 --- a/client/src/lib/docs/templates/quick-start-power.json +++ b/client/src/lib/docs/templates/quick-start-power.json @@ -10,13 +10,14 @@ "enable_power_vs": true, "enable_classic": false, "power_vs_zones": ["dal12"], - "craig_version": "1.12.0", + "craig_version": "1.15.6", "power_vs_high_availability": false, "fs_cloud": false, "no_vpn_secrets_manager_auth": false, "power_vs_ha_zone_1": null, "power_vs_ha_zone_2": null, - "manual_power_vsi_naming": false + "manual_power_vsi_naming": false, + "template": "Power VS Quick Start" }, "access_groups": [], "appid": [], @@ -36,12 +37,19 @@ }, "cbr_rules": [], "cbr_zones": [], + "cis": [], + "cis_glbs": [], + "classic_bare_metal": [], + "classic_gateways": [], + "classic_security_groups": [], "classic_ssh_keys": [], "classic_vlans": [], + "classic_vsi": [], "clusters": [], "dns": [], "event_streams": [], "f5_vsi": [], + "fortigate_vnf": [], "iam_account_settings": { "enable": false, "mfa": null, @@ -169,15 +177,15 @@ "cloud_connections": [], "images": [ { - "name": "7100-05-09", + "name": "7300-02-01", "workspace": "workspace", "zone": "dal12", - "pi_image_id": "35eca797-6599-4597-af1f-d2eb5e292dfc", + "pi_image_id": "dd13124c-1212-4b25-a2aa-17dabc040eaa", "workspace_use_data": false } ], "attachments": [], - "imageNames": ["7100-05-09"], + "imageNames": ["7300-02-01"], "use_data": false } ], @@ -207,6 +215,17 @@ "scope_description": null, "enable": false }, + "scc_v2": { + "enable": false, + "resource_group": null, + "region": null, + "account_id": "${var.account_id}", + "profile_attachments": [], + "name": null, + "use_cos": false, + "cos": null, + "bucket": null + }, "secrets_manager": [], "security_groups": [ { @@ -795,8 +814,8 @@ { "kms": "kms", "encryption_key": "key", - "image": "ibm-redhat-9-2-minimal-amd64-1", - "image_name": "Red Hat Enterprise Linux 9.x - Minimal Install (amd64) [ibm-redhat-9-2-minimal-amd64-1]", + "image": "ibm-redhat-9-4-minimal-amd64-1", + "image_name": "Red Hat Enterprise Linux 9.x - Minimal Install (amd64) [ibm-redhat-9-4-minimal-amd64-1]", "profile": "bx2-4x16", "name": "example-deployment", "security_groups": ["management-vsi"], @@ -818,5 +837,6 @@ "reserved_ips": [[""]], "enable_static_ips": false } - ] + ], + "vtl": [] } diff --git a/client/src/lib/docs/templates/vpn-as-a-service.json b/client/src/lib/docs/templates/vpn-as-a-service.json index 39af4489..673f65c1 100644 --- a/client/src/lib/docs/templates/vpn-as-a-service.json +++ b/client/src/lib/docs/templates/vpn-as-a-service.json @@ -9,15 +9,16 @@ "fs_cloud": false, "dynamic_subnets": false, "enable_power_vs": true, - "craig_version": "1.12.0", "power_vs_zones": ["dal12", "dal10", "us-south"], + "craig_version": "1.15.6", "advanced_subnets": true, "power_vs_high_availability": false, "no_vpn_secrets_manager_auth": false, "enable_classic": false, "power_vs_ha_zone_1": null, "power_vs_ha_zone_2": null, - "manual_power_vsi_naming": false + "manual_power_vsi_naming": false, + "template": "VPN as a Service" }, "access_groups": [], "appid": [], @@ -37,12 +38,19 @@ }, "cbr_rules": [], "cbr_zones": [], + "cis": [], + "cis_glbs": [], + "classic_bare_metal": [], + "classic_gateways": [], + "classic_security_groups": [], "classic_ssh_keys": [], "classic_vlans": [], + "classic_vsi": [], "clusters": [], "dns": [], "event_streams": [], "f5_vsi": [], + "fortigate_vnf": [], "iam_account_settings": { "enable": false, "mfa": null, @@ -127,15 +135,15 @@ "cloud_connections": [], "images": [ { - "name": "7200-05-03", + "name": "7300-02-01", "workspace": "vpnaas", "zone": "dal12", - "pi_image_id": "ab5777c4-60ef-45a1-90aa-4a144dbe3104", + "pi_image_id": "dd13124c-1212-4b25-a2aa-17dabc040eaa", "workspace_use_data": false } ], "attachments": [], - "imageNames": ["7200-05-03"], + "imageNames": ["7300-02-01"], "use_data": false } ], @@ -187,6 +195,17 @@ "scope_description": null, "enable": false }, + "scc_v2": { + "enable": false, + "resource_group": null, + "region": null, + "account_id": "${var.account_id}", + "profile_attachments": [], + "name": null, + "use_cos": false, + "cos": null, + "bucket": null + }, "secrets_manager": [ { "name": "secrets-manager", @@ -195,7 +214,7 @@ "kms": "kms", "secrets": [], "use_data": false, - "plan": "standard" + "plan": "trial" } ], "security_groups": [ @@ -509,8 +528,8 @@ "vpn_servers": [ { "name": "client-to-site", - "certificate_crn": "CHEATER", - "method": "certificate", + "certificate_crn": null, + "method": "INSECURE", "client_ca_crn": null, "client_ip_pool": "192.168.8.0/22", "enable_split_tunneling": false, @@ -531,10 +550,9 @@ "subnets": ["vpn-server-zone-1"], "additional_prefixes": ["192.168.8.0/22"], "zone": 1, - "bring_your_own_cert": false, - "DANGER_developer_certificate": true, "secrets_manager": "secrets-manager" } ], - "vsi": [] + "vsi": [], + "vtl": [] } diff --git a/client/src/lib/forms/overview.js b/client/src/lib/forms/overview.js index 510fa4f8..f64056d1 100644 --- a/client/src/lib/forms/overview.js +++ b/client/src/lib/forms/overview.js @@ -42,6 +42,7 @@ function getServices(craig, services) { serviceMap[rgName].push({ name: service.name, type: resourceType, + data: service, overrideType: resourceType === "icd" ? "cloud_databases" : undefined, }); @@ -65,6 +66,7 @@ function getServices(craig, services) { serviceMap[serviceRg].push({ name: observabilityService, type: observabilityService, + data: craig.store.json[observabilityService], }); } }); diff --git a/client/src/lib/json-to-iac/security-groups.js b/client/src/lib/json-to-iac/security-groups.js index c5c96e83..2204bbf6 100644 --- a/client/src/lib/json-to-iac/security-groups.js +++ b/client/src/lib/json-to-iac/security-groups.js @@ -27,15 +27,15 @@ function ibmIsSecurityGroup(sg, config) { data: sg.use_data ? { name: sg.name, - vpc: vpcRef(sg.vpc).replace( - // if vpcs and use data replace opening with data. - "${", - "${data." - ), } : { name: kebabName([sg.vpc, sg.name, "sg"]), - vpc: vpcRef(sg.vpc), + vpc: vpcRef(sg.vpc).replace( + "${", + getObjectFromArray(config.vpcs, "name", sg.vpc).use_data + ? "${data." + : "${" + ), resource_group: `\${var.${snakeCase(sg.resource_group)}_id}`, tags: getTags(config), }, diff --git a/client/src/lib/json-to-iac/vpc.js b/client/src/lib/json-to-iac/vpc.js index 7ca9245e..28dc481e 100644 --- a/client/src/lib/json-to-iac/vpc.js +++ b/client/src/lib/json-to-iac/vpc.js @@ -6,6 +6,7 @@ const { contains, revision, isEmpty, + distinct, } = require("lazy-z"); const { rgIdRef, @@ -524,10 +525,8 @@ function vpcModuleJson(vpc, rgs, config) { tags: config._options.tags, }; rgs.forEach((rg) => { - moduleObject[vpcModule][snakeCase(rg) + "_id"] = rgIdRef( - vpc.resource_group, - config - ); + if (rg) + moduleObject[vpcModule][snakeCase(rg) + "_id"] = rgIdRef(rg, config); }); return moduleObject; } @@ -621,12 +620,16 @@ function vpcModuleTf(files, config) { allRgs.push(subnet.resource_group); } }); + config.security_groups.forEach((sg) => { + allRgs.push(sg.resource_group); + }); - allRgs.forEach((rg) => { - variables[snakeCase(rg) + "_id"] = { - description: "ID for the resource group " + rg, - type: "${string}", - }; + distinct(allRgs).forEach((rg) => { + if (rg) + variables[snakeCase(rg) + "_id"] = { + description: "ID for the resource group " + rg, + type: "${string}", + }; }); files[vpcModule] = { diff --git a/client/src/lib/json-to-iac/vpn-server.js b/client/src/lib/json-to-iac/vpn-server.js index 127891b1..36e9313d 100644 --- a/client/src/lib/json-to-iac/vpn-server.js +++ b/client/src/lib/json-to-iac/vpn-server.js @@ -51,7 +51,7 @@ function ibmIsVpnServer(server, craig) { certificate_crn: overrideCert || server.certificate_crn, client_authentication: [ { - method: contains(["byo", "INSECURE"], server.method) + method: contains(["byo", "INSECURE", "both"], server.method) ? "certificate" : server.method, }, @@ -83,7 +83,7 @@ function ibmIsVpnServer(server, craig) { }); if ( server.method === "certificate" || - contains(["byo", "INSECURE"], server.method) + contains(["byo", "INSECURE", "both"], server.method) ) { serverData.client_authentication[0].client_ca_crn = overrideCert && server.method === "certificate" @@ -94,6 +94,14 @@ function ibmIsVpnServer(server, craig) { } else { serverData.client_authentication[0].identity_provider = "iam"; } + + if (server.method === "both") { + serverData.client_authentication.push({ + method: "username", + identity_provider: "iam", + }); + } + return { name: snakeCase(`${server.vpc} vpn server ${server.name}`), data: serverData, diff --git a/client/src/lib/state/power-vs/power-vs-workspace-schema.js b/client/src/lib/state/power-vs/power-vs-workspace-schema.js index acdcc3c3..e73a95f0 100644 --- a/client/src/lib/state/power-vs/power-vs-workspace-schema.js +++ b/client/src/lib/state/power-vs/power-vs-workspace-schema.js @@ -28,6 +28,12 @@ function powerVsWorkspaceSchema() { ? stateData.name : `${componentProps.craig.store.json._options.prefix}-power-workspace-${stateData.name}`; }, + onStateChange: function (stateData) { + if (stateData.use_data) { + stateData.imageNames = []; + stateData.images = []; + } + }, }), resource_group: resourceGroupsField(), zone: { diff --git a/client/src/lib/state/reusable-fields.js b/client/src/lib/state/reusable-fields.js index 56f78ffc..c089bfa7 100644 --- a/client/src/lib/state/reusable-fields.js +++ b/client/src/lib/state/reusable-fields.js @@ -529,6 +529,7 @@ function nameField(jsonField, options) { readOnly: options?.readOnly, tooltip: options?.tooltip, disabledText: options?.invalidText, + onStateChange: options?.onStateChange, }; } diff --git a/client/src/lib/state/vpn-servers.js b/client/src/lib/state/vpn-servers.js index c1db135f..043aedb6 100644 --- a/client/src/lib/state/vpn-servers.js +++ b/client/src/lib/state/vpn-servers.js @@ -252,20 +252,25 @@ function initVpnState(store) { "Select an authentication method" ), groups: [ + "Username and Certificate", "Certificate", "Username", "Bring Your Own Certificate", "INSECURE - Developer Certificate", ], onRender(stateData) { - return stateData.method === "INSECURE" + return stateData.method === "both" + ? "Username and Certificate" + : stateData.method === "INSECURE" ? "INSECURE - Developer Certificate" : stateData.method === "byo" ? "Bring Your Own Certificate" : titleCase(stateData.method); }, onInputChange(stateData) { - return stateData.method === "INSECURE - Developer Certificate" + return stateData.method === "Username and Certificate" + ? "both" + : stateData.method === "INSECURE - Developer Certificate" ? "INSECURE" : stateData.method === "Bring Your Own Certificate" ? "byo" diff --git a/client/src/lib/validate.js b/client/src/lib/validate.js index 221424c9..4e8cc7be 100644 --- a/client/src/lib/validate.js +++ b/client/src/lib/validate.js @@ -375,7 +375,6 @@ const validate = function (json) { // for each address prefix network.address_prefixes.forEach((prefix) => { nullVpcNameTest("Address Prefix", prefix, "name", "name"); - validationTest("Address Prefix", prefix, "zone", "zone"); // mark zone required }); // for each acl network.acls.forEach((acl) => { diff --git a/package-lock.json b/package-lock.json index c68553fb..67a1136d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "craig", - "version": "1.15.5", + "version": "1.15.6", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "craig", - "version": "1.15.5", + "version": "1.15.6", "license": "ISC", "dependencies": { "axios": "^1.6.3", diff --git a/package.json b/package.json index b5e7839b..febcda56 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "craig", - "version": "1.15.5", + "version": "1.15.6", "description": "gui for generating ibm cloud infrastructure resources", "main": "index.js", "scripts": { diff --git a/unit-tests/api/craig-api.test.js b/unit-tests/api/craig-api.test.js index 4d3875ad..125b2796 100644 --- a/unit-tests/api/craig-api.test.js +++ b/unit-tests/api/craig-api.test.js @@ -39,7 +39,7 @@ describe("craig api", () => { { name: "craig", data: "" }, { name: "craig/main.tf", - data: '##############################################################################\n# IBM Cloud Provider\n##############################################################################\n\nprovider "ibm" {\n ibmcloud_api_key = var.ibmcloud_api_key\n region = var.region\n ibmcloud_timeout = 60\n}\n\n##############################################################################\n\n##############################################################################\n# Management VPC Module\n##############################################################################\n\nmodule "management_vpc" {\n source = "./management_vpc"\n region = var.region\n prefix = var.prefix\n management_rg_id = ibm_resource_group.management_rg.id\n tags = [\n "hello",\n "world"\n ]\n}\n\n##############################################################################\n\n##############################################################################\n# Workload VPC Module\n##############################################################################\n\nmodule "workload_vpc" {\n source = "./workload_vpc"\n region = var.region\n prefix = var.prefix\n workload_rg_id = ibm_resource_group.workload_rg.id\n tags = [\n "hello",\n "world"\n ]\n}\n\n##############################################################################\n', + data: '##############################################################################\n# IBM Cloud Provider\n##############################################################################\n\nprovider "ibm" {\n ibmcloud_api_key = var.ibmcloud_api_key\n region = var.region\n ibmcloud_timeout = 60\n}\n\n##############################################################################\n\n##############################################################################\n# Management VPC Module\n##############################################################################\n\nmodule "management_vpc" {\n source = "./management_vpc"\n region = var.region\n prefix = var.prefix\n management_rg_id = ibm_resource_group.management_rg.id\n workload_rg_id = ibm_resource_group.workload_rg.id\n tags = [\n "hello",\n "world"\n ]\n}\n\n##############################################################################\n\n##############################################################################\n# Workload VPC Module\n##############################################################################\n\nmodule "workload_vpc" {\n source = "./workload_vpc"\n region = var.region\n prefix = var.prefix\n workload_rg_id = ibm_resource_group.workload_rg.id\n management_rg_id = ibm_resource_group.management_rg.id\n tags = [\n "hello",\n "world"\n ]\n}\n\n##############################################################################\n', }, { name: "craig/flow_logs.tf", @@ -117,7 +117,7 @@ describe("craig api", () => { }, { name: "craig/management_vpc/variables.tf", - data: '##############################################################################\n# Management VPC Variables\n##############################################################################\n\nvariable "tags" {\n description = "List of tags"\n type = list(string)\n}\n\nvariable "region" {\n description = "IBM Cloud Region where resources will be provisioned"\n type = string\n}\n\nvariable "prefix" {\n description = "Name prefix that will be prepended to named resources"\n type = string\n}\n\nvariable "management_rg_id" {\n description = "ID for the resource group management-rg"\n type = string\n}\n\n##############################################################################\n', + data: '##############################################################################\n# Management VPC Variables\n##############################################################################\n\nvariable "tags" {\n description = "List of tags"\n type = list(string)\n}\n\nvariable "region" {\n description = "IBM Cloud Region where resources will be provisioned"\n type = string\n}\n\nvariable "prefix" {\n description = "Name prefix that will be prepended to named resources"\n type = string\n}\n\nvariable "management_rg_id" {\n description = "ID for the resource group management-rg"\n type = string\n}\n\nvariable "workload_rg_id" {\n description = "ID for the resource group workload-rg"\n type = string\n}\n\n##############################################################################\n', }, { name: "craig/management_vpc/acl_management_management.tf", @@ -147,7 +147,7 @@ describe("craig api", () => { }, { name: "craig/workload_vpc/variables.tf", - data: '##############################################################################\n# Workload VPC Variables\n##############################################################################\n\nvariable "tags" {\n description = "List of tags"\n type = list(string)\n}\n\nvariable "region" {\n description = "IBM Cloud Region where resources will be provisioned"\n type = string\n}\n\nvariable "prefix" {\n description = "Name prefix that will be prepended to named resources"\n type = string\n}\n\nvariable "workload_rg_id" {\n description = "ID for the resource group workload-rg"\n type = string\n}\n\n##############################################################################\n', + data: '##############################################################################\n# Workload VPC Variables\n##############################################################################\n\nvariable "tags" {\n description = "List of tags"\n type = list(string)\n}\n\nvariable "region" {\n description = "IBM Cloud Region where resources will be provisioned"\n type = string\n}\n\nvariable "prefix" {\n description = "Name prefix that will be prepended to named resources"\n type = string\n}\n\nvariable "workload_rg_id" {\n description = "ID for the resource group workload-rg"\n type = string\n}\n\nvariable "management_rg_id" {\n description = "ID for the resource group management-rg"\n type = string\n}\n\n##############################################################################\n', }, { name: "craig/workload_vpc/acl_workload_workload.tf", diff --git a/unit-tests/data-files/config-to-files/modules-slz-network-files.json b/unit-tests/data-files/config-to-files/modules-slz-network-files.json index 60aa9114..3ca7b4d2 100644 --- a/unit-tests/data-files/config-to-files/modules-slz-network-files.json +++ b/unit-tests/data-files/config-to-files/modules-slz-network-files.json @@ -5,10 +5,10 @@ "outputs.tf": "##############################################################################\n# Management VPC Outputs\n##############################################################################\n\noutput \"name\" {\n value = ibm_is_vpc.management_vpc.name\n}\n\noutput \"id\" {\n value = ibm_is_vpc.management_vpc.id\n}\n\noutput \"crn\" {\n value = ibm_is_vpc.management_vpc.crn\n}\n\noutput \"vsi_zone_1_name\" {\n value = ibm_is_subnet.management_vsi_zone_1.name\n}\n\noutput \"vsi_zone_1_id\" {\n value = ibm_is_subnet.management_vsi_zone_1.id\n}\n\noutput \"vsi_zone_1_crn\" {\n value = ibm_is_subnet.management_vsi_zone_1.crn\n}\n\noutput \"vpn_zone_1_name\" {\n value = ibm_is_subnet.management_vpn_zone_1.name\n}\n\noutput \"vpn_zone_1_id\" {\n value = ibm_is_subnet.management_vpn_zone_1.id\n}\n\noutput \"vpn_zone_1_crn\" {\n value = ibm_is_subnet.management_vpn_zone_1.crn\n}\n\noutput \"vsi_zone_2_name\" {\n value = ibm_is_subnet.management_vsi_zone_2.name\n}\n\noutput \"vsi_zone_2_id\" {\n value = ibm_is_subnet.management_vsi_zone_2.id\n}\n\noutput \"vsi_zone_2_crn\" {\n value = ibm_is_subnet.management_vsi_zone_2.crn\n}\n\noutput \"vsi_zone_3_name\" {\n value = ibm_is_subnet.management_vsi_zone_3.name\n}\n\noutput \"vsi_zone_3_id\" {\n value = ibm_is_subnet.management_vsi_zone_3.id\n}\n\noutput \"vsi_zone_3_crn\" {\n value = ibm_is_subnet.management_vsi_zone_3.crn\n}\n\noutput \"vpe_zone_1_name\" {\n value = ibm_is_subnet.management_vpe_zone_1.name\n}\n\noutput \"vpe_zone_1_id\" {\n value = ibm_is_subnet.management_vpe_zone_1.id\n}\n\noutput \"vpe_zone_1_crn\" {\n value = ibm_is_subnet.management_vpe_zone_1.crn\n}\n\noutput \"vpe_zone_2_name\" {\n value = ibm_is_subnet.management_vpe_zone_2.name\n}\n\noutput \"vpe_zone_2_id\" {\n value = ibm_is_subnet.management_vpe_zone_2.id\n}\n\noutput \"vpe_zone_2_crn\" {\n value = ibm_is_subnet.management_vpe_zone_2.crn\n}\n\noutput \"vpe_zone_3_name\" {\n value = ibm_is_subnet.management_vpe_zone_3.name\n}\n\noutput \"vpe_zone_3_id\" {\n value = ibm_is_subnet.management_vpe_zone_3.id\n}\n\noutput \"vpe_zone_3_crn\" {\n value = ibm_is_subnet.management_vpe_zone_3.crn\n}\n\noutput \"management_vpe_sg_name\" {\n value = ibm_is_security_group.management_vpc_management_vpe_sg_sg.name\n}\n\noutput \"management_vpe_sg_id\" {\n value = ibm_is_security_group.management_vpc_management_vpe_sg_sg.id\n}\n\n##############################################################################\n", "rt_routing_table.tf": "##############################################################################\n# Routing Table Routing Table\n##############################################################################\n\nresource \"ibm_is_vpc_routing_table\" \"management_vpc_routing_table_table\" {\n name = \"${var.prefix}-management-vpc-routing-table-table\"\n vpc = ibm_is_vpc.management_vpc.id\n route_direct_link_ingress = true\n route_transit_gateway_ingress = true\n route_vpc_zone_ingress = true\n}\n\nresource \"ibm_is_vpc_routing_table_route\" \"management_vpc_routing_table_table_test_route_route\" {\n vpc = ibm_is_vpc.management_vpc.id\n routing_table = ibm_is_vpc_routing_table.management_vpc_routing_table_table.routing_table\n zone = \"${var.region}-1\"\n name = \"${var.prefix}-management-routing-table-test-route-route\"\n destination = \"1.2.3.4/5\"\n action = \"delegate\"\n next_hop = \"0.0.0.0\"\n}\n\n##############################################################################\n", "sg_management_vpe_sg.tf": "##############################################################################\n# Security Group Management VPE Sg\n##############################################################################\n\nresource \"ibm_is_security_group\" \"management_vpc_management_vpe_sg_sg\" {\n name = \"${var.prefix}-management-management-vpe-sg-sg\"\n vpc = ibm_is_vpc.management_vpc.id\n resource_group = var.slz_management_rg_id\n tags = [\n \"slz\",\n \"landing-zone\"\n ]\n}\n\nresource \"ibm_is_security_group_rule\" \"management_vpc_management_vpe_sg_sg_rule_allow_ibm_inbound\" {\n group = ibm_is_security_group.management_vpc_management_vpe_sg_sg.id\n remote = \"161.26.0.0/16\"\n direction = \"inbound\"\n}\n\nresource \"ibm_is_security_group_rule\" \"management_vpc_management_vpe_sg_sg_rule_allow_vpc_inbound\" {\n group = ibm_is_security_group.management_vpc_management_vpe_sg_sg.id\n remote = \"10.0.0.0/8\"\n direction = \"inbound\"\n}\n\nresource \"ibm_is_security_group_rule\" \"management_vpc_management_vpe_sg_sg_rule_allow_vpc_outbound\" {\n group = ibm_is_security_group.management_vpc_management_vpe_sg_sg.id\n remote = \"10.0.0.0/8\"\n direction = \"outbound\"\n}\n\nresource \"ibm_is_security_group_rule\" \"management_vpc_management_vpe_sg_sg_rule_allow_ibm_tcp_53_outbound\" {\n group = ibm_is_security_group.management_vpc_management_vpe_sg_sg.id\n remote = \"161.26.0.0/16\"\n direction = \"outbound\"\n tcp {\n port_min = 53\n port_max = 53\n }\n}\n\nresource \"ibm_is_security_group_rule\" \"management_vpc_management_vpe_sg_sg_rule_allow_ibm_tcp_80_outbound\" {\n group = ibm_is_security_group.management_vpc_management_vpe_sg_sg.id\n remote = \"161.26.0.0/16\"\n direction = \"outbound\"\n tcp {\n port_min = 80\n port_max = 80\n }\n}\n\nresource \"ibm_is_security_group_rule\" \"management_vpc_management_vpe_sg_sg_rule_allow_ibm_tcp_443_outbound\" {\n group = ibm_is_security_group.management_vpc_management_vpe_sg_sg.id\n remote = \"161.26.0.0/16\"\n direction = \"outbound\"\n tcp {\n port_min = 443\n port_max = 443\n }\n}\n\n##############################################################################\n", - "variables.tf": "##############################################################################\n# Management VPC Variables\n##############################################################################\n\nvariable \"tags\" {\n description = \"List of tags\"\n type = list(string)\n}\n\nvariable \"region\" {\n description = \"IBM Cloud Region where resources will be provisioned\"\n type = string\n}\n\nvariable \"prefix\" {\n description = \"Name prefix that will be prepended to named resources\"\n type = string\n}\n\nvariable \"slz_management_rg_id\" {\n description = \"ID for the resource group slz-management-rg\"\n type = string\n}\n\n##############################################################################\n", + "variables.tf": "##############################################################################\n# Management VPC Variables\n##############################################################################\n\nvariable \"tags\" {\n description = \"List of tags\"\n type = list(string)\n}\n\nvariable \"region\" {\n description = \"IBM Cloud Region where resources will be provisioned\"\n type = string\n}\n\nvariable \"prefix\" {\n description = \"Name prefix that will be prepended to named resources\"\n type = string\n}\n\nvariable \"slz_management_rg_id\" {\n description = \"ID for the resource group slz-management-rg\"\n type = string\n}\n\nvariable \"slz_workload_rg_id\" {\n description = \"ID for the resource group slz-workload-rg\"\n type = string\n}\n\n##############################################################################\n", "versions.tf": "##############################################################################\n# Terraform Providers\n##############################################################################\n\nterraform {\n required_providers {\n ibm = {\n source = \"IBM-Cloud/ibm\"\n version = \"~>1.63.0\"\n }\n }\n required_version = \">=1.5\"\n}\n\n##############################################################################\n" }, - "main.tf": "##############################################################################\n# IBM Cloud Provider\n##############################################################################\n\nprovider \"ibm\" {\n ibmcloud_api_key = var.ibmcloud_api_key\n region = var.region\n ibmcloud_timeout = 60\n}\n\n##############################################################################\n\n##############################################################################\n# Management VPC Module\n##############################################################################\n\nmodule \"management_vpc\" {\n source = \"./management_vpc\"\n region = var.region\n prefix = var.prefix\n slz_management_rg_id = ibm_resource_group.slz_management_rg.id\n tags = [\n \"slz\",\n \"landing-zone\"\n ]\n}\n\n##############################################################################\n\n##############################################################################\n# Workload VPC Module\n##############################################################################\n\nmodule \"workload_vpc\" {\n source = \"./workload_vpc\"\n region = var.region\n prefix = var.prefix\n slz_workload_rg_id = ibm_resource_group.slz_workload_rg.id\n tags = [\n \"slz\",\n \"landing-zone\"\n ]\n}\n\n##############################################################################\n", + "main.tf": "##############################################################################\n# IBM Cloud Provider\n##############################################################################\n\nprovider \"ibm\" {\n ibmcloud_api_key = var.ibmcloud_api_key\n region = var.region\n ibmcloud_timeout = 60\n}\n\n##############################################################################\n\n##############################################################################\n# Management VPC Module\n##############################################################################\n\nmodule \"management_vpc\" {\n source = \"./management_vpc\"\n region = var.region\n prefix = var.prefix\n slz_management_rg_id = ibm_resource_group.slz_management_rg.id\n slz_workload_rg_id = ibm_resource_group.slz_workload_rg.id\n tags = [\n \"slz\",\n \"landing-zone\"\n ]\n}\n\n##############################################################################\n\n##############################################################################\n# Workload VPC Module\n##############################################################################\n\nmodule \"workload_vpc\" {\n source = \"./workload_vpc\"\n region = var.region\n prefix = var.prefix\n slz_workload_rg_id = ibm_resource_group.slz_workload_rg.id\n slz_management_rg_id = ibm_resource_group.slz_management_rg.id\n tags = [\n \"slz\",\n \"landing-zone\"\n ]\n}\n\n##############################################################################\n", "flow_logs.tf": "##############################################################################\n# Flow Logs Resources\n##############################################################################\n\nresource \"ibm_iam_authorization_policy\" \"flow_logs_to_cos_object_storage_policy\" {\n source_service_name = \"is\"\n source_resource_type = \"flow-log-collector\"\n description = \"Allow flow logs write access cloud object storage instance\"\n target_service_name = \"cloud-object-storage\"\n target_resource_instance_id = ibm_resource_instance.cos_object_storage.guid\n roles = [\n \"Writer\"\n ]\n}\n\nresource \"ibm_is_flow_log\" \"management_flow_log_collector\" {\n name = \"${var.prefix}-management-vpc-logs\"\n target = module.management_vpc.id\n active = true\n storage_bucket = ibm_cos_bucket.cos_object_storage_management_bucket_bucket.bucket_name\n resource_group = ibm_resource_group.slz_management_rg.id\n tags = [\n \"slz\",\n \"landing-zone\"\n ]\n depends_on = [\n ibm_iam_authorization_policy.flow_logs_to_cos_object_storage_policy\n ]\n}\n\nresource \"ibm_is_flow_log\" \"workload_flow_log_collector\" {\n name = \"${var.prefix}-workload-vpc-logs\"\n target = module.workload_vpc.id\n active = true\n storage_bucket = ibm_cos_bucket.cos_object_storage_management_bucket_bucket.bucket_name\n resource_group = ibm_resource_group.slz_workload_rg.id\n tags = [\n \"slz\",\n \"landing-zone\"\n ]\n depends_on = [\n ibm_iam_authorization_policy.flow_logs_to_cos_object_storage_policy\n ]\n}\n\n##############################################################################\n", "transit_gateways.tf": "##############################################################################\n# Transit Gateway Transit Gateway\n##############################################################################\n\nresource \"ibm_tg_gateway\" \"transit_gateway\" {\n name = \"${var.prefix}-transit-gateway\"\n location = var.region\n global = false\n resource_group = ibm_resource_group.slz_service_rg.id\n timeouts {\n create = \"30m\"\n delete = \"30m\"\n }\n}\n\nresource \"ibm_tg_connection\" \"transit_gateway_to_management_connection\" {\n gateway = ibm_tg_gateway.transit_gateway.id\n network_type = \"vpc\"\n name = \"${var.prefix}-transit-gateway-management-hub-connection\"\n network_id = module.management_vpc.crn\n timeouts {\n create = \"30m\"\n delete = \"30m\"\n }\n}\n\nresource \"ibm_tg_connection\" \"transit_gateway_to_workload_connection\" {\n gateway = ibm_tg_gateway.transit_gateway.id\n network_type = \"vpc\"\n name = \"${var.prefix}-transit-gateway-workload-hub-connection\"\n network_id = module.workload_vpc.crn\n timeouts {\n create = \"30m\"\n delete = \"30m\"\n }\n}\n\n##############################################################################\n", "virtual_private_endpoints.tf": "##############################################################################\n# Management VPE Resources\n##############################################################################\n\nresource \"ibm_is_subnet_reserved_ip\" \"management_vpc_vpe_zone_1_subnet_vpe_ip_cos_vpe_gw\" {\n subnet = module.management_vpc.vpe_zone_1_id\n}\n\nresource \"ibm_is_subnet_reserved_ip\" \"management_vpc_vpe_zone_2_subnet_vpe_ip_cos_vpe_gw\" {\n subnet = module.management_vpc.vpe_zone_2_id\n}\n\nresource \"ibm_is_subnet_reserved_ip\" \"management_vpc_vpe_zone_3_subnet_vpe_ip_cos_vpe_gw\" {\n subnet = module.management_vpc.vpe_zone_3_id\n}\n\nresource \"ibm_is_virtual_endpoint_gateway\" \"management_vpc_cos_vpe_gateway\" {\n name = \"${var.prefix}-management-cos-vpe-gw\"\n vpc = module.management_vpc.id\n resource_group = ibm_resource_group.slz_management_rg.id\n tags = [\n \"slz\",\n \"landing-zone\"\n ]\n security_groups = [\n module.management_vpc.management_vpe_sg_id\n ]\n target {\n crn = \"crn:v1:bluemix:public:cloud-object-storage:global:::endpoint:s3.direct.${var.region}.cloud-object-storage.appdomain.cloud\"\n resource_type = \"provider_cloud_service\"\n }\n}\n\nresource \"ibm_is_virtual_endpoint_gateway_ip\" \"management_vpc_cos_gw_vpe_zone_1_gateway_ip\" {\n gateway = ibm_is_virtual_endpoint_gateway.management_vpc_cos_vpe_gateway.id\n reserved_ip = ibm_is_subnet_reserved_ip.management_vpc_vpe_zone_1_subnet_vpe_ip_cos_vpe_gw.reserved_ip\n}\n\nresource \"ibm_is_virtual_endpoint_gateway_ip\" \"management_vpc_cos_gw_vpe_zone_2_gateway_ip\" {\n gateway = ibm_is_virtual_endpoint_gateway.management_vpc_cos_vpe_gateway.id\n reserved_ip = ibm_is_subnet_reserved_ip.management_vpc_vpe_zone_2_subnet_vpe_ip_cos_vpe_gw.reserved_ip\n}\n\nresource \"ibm_is_virtual_endpoint_gateway_ip\" \"management_vpc_cos_gw_vpe_zone_3_gateway_ip\" {\n gateway = ibm_is_virtual_endpoint_gateway.management_vpc_cos_vpe_gateway.id\n reserved_ip = ibm_is_subnet_reserved_ip.management_vpc_vpe_zone_3_subnet_vpe_ip_cos_vpe_gw.reserved_ip\n}\n\n##############################################################################\n\n##############################################################################\n# Workload VPE Resources\n##############################################################################\n\nresource \"ibm_is_subnet_reserved_ip\" \"workload_vpc_vpe_zone_1_subnet_vpe_ip_cos_vpe_gw\" {\n subnet = module.workload_vpc.vpe_zone_1_id\n}\n\nresource \"ibm_is_subnet_reserved_ip\" \"workload_vpc_vpe_zone_2_subnet_vpe_ip_cos_vpe_gw\" {\n subnet = module.workload_vpc.vpe_zone_2_id\n}\n\nresource \"ibm_is_subnet_reserved_ip\" \"workload_vpc_vpe_zone_3_subnet_vpe_ip_cos_vpe_gw\" {\n subnet = module.workload_vpc.vpe_zone_3_id\n}\n\nresource \"ibm_is_virtual_endpoint_gateway\" \"workload_vpc_cos_vpe_gateway\" {\n name = \"${var.prefix}-workload-cos-vpe-gw\"\n vpc = module.workload_vpc.id\n resource_group = ibm_resource_group.slz_workload_rg.id\n tags = [\n \"slz\",\n \"landing-zone\"\n ]\n security_groups = [\n module.workload_vpc.workload_vpe_sg_id\n ]\n target {\n crn = \"crn:v1:bluemix:public:cloud-object-storage:global:::endpoint:s3.direct.${var.region}.cloud-object-storage.appdomain.cloud\"\n resource_type = \"provider_cloud_service\"\n }\n}\n\nresource \"ibm_is_virtual_endpoint_gateway_ip\" \"workload_vpc_cos_gw_vpe_zone_1_gateway_ip\" {\n gateway = ibm_is_virtual_endpoint_gateway.workload_vpc_cos_vpe_gateway.id\n reserved_ip = ibm_is_subnet_reserved_ip.workload_vpc_vpe_zone_1_subnet_vpe_ip_cos_vpe_gw.reserved_ip\n}\n\nresource \"ibm_is_virtual_endpoint_gateway_ip\" \"workload_vpc_cos_gw_vpe_zone_2_gateway_ip\" {\n gateway = ibm_is_virtual_endpoint_gateway.workload_vpc_cos_vpe_gateway.id\n reserved_ip = ibm_is_subnet_reserved_ip.workload_vpc_vpe_zone_2_subnet_vpe_ip_cos_vpe_gw.reserved_ip\n}\n\nresource \"ibm_is_virtual_endpoint_gateway_ip\" \"workload_vpc_cos_gw_vpe_zone_3_gateway_ip\" {\n gateway = ibm_is_virtual_endpoint_gateway.workload_vpc_cos_vpe_gateway.id\n reserved_ip = ibm_is_subnet_reserved_ip.workload_vpc_vpe_zone_3_subnet_vpe_ip_cos_vpe_gw.reserved_ip\n}\n\n##############################################################################\n", diff --git a/unit-tests/forms/overview.test.js b/unit-tests/forms/overview.test.js index 9dc6363e..a70691ca 100644 --- a/unit-tests/forms/overview.test.js +++ b/unit-tests/forms/overview.test.js @@ -35,16 +35,114 @@ describe("overview", () => { name: "kms", type: "key_management", overrideType: undefined, + data: { + name: "kms", + resource_group: "service-rg", + use_hs_crypto: false, + authorize_vpc_reader_role: true, + use_data: false, + keys: [ + { + key_ring: "ring", + name: "key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "atracker-key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "vsi-volume-key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "roks-key", + root_key: true, + force_delete: null, + endpoint: null, + rotation: 1, + dual_auth_delete: false, + }, + ], + }, }, { name: "atracker-cos", type: "object_storage", overrideType: undefined, + data: { + buckets: [ + { + endpoint: "public", + force_delete: true, + kms_key: "atracker-key", + name: "atracker-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + ], + keys: [ + { + name: "cos-bind-key", + role: "Writer", + enable_hmac: false, + use_random_suffix: true, + }, + ], + name: "atracker-cos", + plan: "standard", + resource_group: "service-rg", + use_data: false, + use_random_suffix: true, + kms: "kms", + }, }, { name: "cos", type: "object_storage", overrideType: undefined, + data: { + buckets: [ + { + endpoint: "public", + force_delete: true, + kms_key: "key", + name: "management-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + { + endpoint: "public", + force_delete: true, + kms_key: "key", + name: "workload-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + ], + use_random_suffix: true, + keys: [], + name: "cos", + plan: "standard", + resource_group: "service-rg", + use_data: false, + kms: "kms", + }, }, ], "workload-rg": [], @@ -84,28 +182,141 @@ describe("overview", () => { name: "kms", type: "key_management", overrideType: undefined, + data: { + name: "kms", + resource_group: null, + use_hs_crypto: false, + authorize_vpc_reader_role: true, + use_data: false, + keys: [ + { + key_ring: "ring", + name: "key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "atracker-key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "vsi-volume-key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "roks-key", + root_key: true, + force_delete: null, + endpoint: null, + rotation: 1, + dual_auth_delete: false, + }, + ], + }, }, ], "management-rg": [], "service-rg": [ { name: "default", - overrideType: "cloud_databases", type: "icd", + data: { + name: "default", + resource_group: "service-rg", + kms: null, + encryption_key: null, + }, + overrideType: "cloud_databases", }, { name: "atracker-cos", type: "object_storage", overrideType: undefined, + data: { + buckets: [ + { + endpoint: "public", + force_delete: true, + kms_key: "atracker-key", + name: "atracker-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + ], + keys: [ + { + name: "cos-bind-key", + role: "Writer", + enable_hmac: false, + use_random_suffix: true, + }, + ], + name: "atracker-cos", + plan: "standard", + resource_group: "service-rg", + use_data: false, + use_random_suffix: true, + kms: "kms", + }, }, { name: "cos", type: "object_storage", overrideType: undefined, + data: { + buckets: [ + { + endpoint: "public", + force_delete: true, + kms_key: "key", + name: "management-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + { + endpoint: "public", + force_delete: true, + kms_key: "key", + name: "workload-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + ], + use_random_suffix: true, + keys: [], + name: "cos", + plan: "standard", + resource_group: "service-rg", + use_data: false, + kms: "kms", + }, }, { name: "logdna", type: "logdna", + data: { + enabled: true, + plan: "lite", + endpoints: "private", + platform_logs: false, + resource_group: "service-rg", + cos: "atracker-cos", + bucket: "atracker-bucket", + }, }, ], "workload-rg": [], @@ -146,28 +357,141 @@ describe("overview", () => { name: "kms", type: "key_management", overrideType: undefined, + data: { + name: "kms", + resource_group: null, + use_hs_crypto: false, + authorize_vpc_reader_role: true, + use_data: false, + keys: [ + { + key_ring: "ring", + name: "key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "atracker-key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "vsi-volume-key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "roks-key", + root_key: true, + force_delete: null, + endpoint: null, + rotation: 1, + dual_auth_delete: false, + }, + ], + }, }, { name: "logdna", type: "logdna", + data: { + enabled: true, + plan: "lite", + endpoints: "private", + platform_logs: false, + resource_group: null, + cos: "atracker-cos", + bucket: "atracker-bucket", + }, }, ], "management-rg": [], "service-rg": [ { name: "default", - overrideType: "cloud_databases", type: "icd", + data: { + name: "default", + resource_group: "service-rg", + kms: null, + encryption_key: null, + }, + overrideType: "cloud_databases", }, { name: "atracker-cos", type: "object_storage", overrideType: undefined, + data: { + buckets: [ + { + endpoint: "public", + force_delete: true, + kms_key: "atracker-key", + name: "atracker-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + ], + keys: [ + { + name: "cos-bind-key", + role: "Writer", + enable_hmac: false, + use_random_suffix: true, + }, + ], + name: "atracker-cos", + plan: "standard", + resource_group: "service-rg", + use_data: false, + use_random_suffix: true, + kms: "kms", + }, }, { name: "cos", type: "object_storage", overrideType: undefined, + data: { + buckets: [ + { + endpoint: "public", + force_delete: true, + kms_key: "key", + name: "management-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + { + endpoint: "public", + force_delete: true, + kms_key: "key", + name: "workload-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + ], + use_random_suffix: true, + keys: [], + name: "cos", + plan: "standard", + resource_group: "service-rg", + use_data: false, + kms: "kms", + }, }, ], "workload-rg": [], @@ -209,32 +533,156 @@ describe("overview", () => { name: "kms", type: "key_management", overrideType: undefined, + data: { + name: "kms", + resource_group: null, + use_hs_crypto: false, + authorize_vpc_reader_role: true, + use_data: false, + keys: [ + { + key_ring: "ring", + name: "key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "atracker-key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "vsi-volume-key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "roks-key", + root_key: true, + force_delete: null, + endpoint: null, + rotation: 1, + dual_auth_delete: false, + }, + ], + }, }, { name: "logdna", type: "logdna", + data: { + enabled: true, + plan: "lite", + endpoints: "private", + platform_logs: false, + resource_group: null, + cos: "atracker-cos", + bucket: "atracker-bucket", + }, }, { name: "atracker", type: "atracker", + data: { + enabled: true, + type: "cos", + name: "atracker", + target_name: "atracker-cos", + bucket: "atracker-bucket", + add_route: true, + cos_key: "cos-bind-key", + locations: ["global", "us-south"], + instance: true, + }, }, ], "management-rg": [], "service-rg": [ { name: "default", - overrideType: "cloud_databases", type: "icd", + data: { + name: "default", + resource_group: "service-rg", + kms: null, + encryption_key: null, + }, + overrideType: "cloud_databases", }, { name: "atracker-cos", type: "object_storage", overrideType: undefined, + data: { + buckets: [ + { + endpoint: "public", + force_delete: true, + kms_key: "atracker-key", + name: "atracker-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + ], + keys: [ + { + name: "cos-bind-key", + role: "Writer", + enable_hmac: false, + use_random_suffix: true, + }, + ], + name: "atracker-cos", + plan: "standard", + resource_group: "service-rg", + use_data: false, + use_random_suffix: true, + kms: "kms", + }, }, { name: "cos", type: "object_storage", overrideType: undefined, + data: { + buckets: [ + { + endpoint: "public", + force_delete: true, + kms_key: "key", + name: "management-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + { + endpoint: "public", + force_delete: true, + kms_key: "key", + name: "workload-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + ], + use_random_suffix: true, + keys: [], + name: "cos", + plan: "standard", + resource_group: "service-rg", + use_data: false, + kms: "kms", + }, }, ], "workload-rg": [], @@ -277,41 +725,174 @@ describe("overview", () => { name: "kms", type: "key_management", overrideType: undefined, + data: { + name: "kms", + resource_group: null, + use_hs_crypto: false, + authorize_vpc_reader_role: true, + use_data: false, + keys: [ + { + key_ring: "ring", + name: "key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "atracker-key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "vsi-volume-key", + root_key: true, + force_delete: true, + endpoint: "public", + rotation: 1, + dual_auth_delete: false, + }, + { + key_ring: "ring", + name: "roks-key", + root_key: true, + force_delete: null, + endpoint: null, + rotation: 1, + dual_auth_delete: false, + }, + ], + }, }, { name: "logdna", type: "logdna", + data: { + enabled: true, + plan: "lite", + endpoints: "private", + platform_logs: false, + resource_group: null, + cos: "atracker-cos", + bucket: "atracker-bucket", + }, }, { name: "atracker", type: "atracker", + data: { + enabled: true, + type: "cos", + name: "atracker", + target_name: "atracker-cos", + bucket: "atracker-bucket", + add_route: true, + cos_key: "cos-bind-key", + locations: ["global", "us-south"], + instance: true, + }, }, { name: "scc_v2", type: "scc_v2", + data: { + enable: true, + resource_group: null, + region: "", + account_id: "${var.account_id}", + profile_attachments: [], + }, }, ], "management-rg": [], "service-rg": [ { name: "default", - overrideType: "cloud_databases", type: "icd", + overrideType: undefined, + data: { + name: "default", + resource_group: "service-rg", + kms: null, + encryption_key: null, + }, + overrideType: "cloud_databases", }, { name: "atracker-cos", type: "object_storage", overrideType: undefined, + data: { + buckets: [ + { + endpoint: "public", + force_delete: true, + kms_key: "atracker-key", + name: "atracker-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + ], + keys: [ + { + name: "cos-bind-key", + role: "Writer", + enable_hmac: false, + use_random_suffix: true, + }, + ], + name: "atracker-cos", + plan: "standard", + resource_group: "service-rg", + use_data: false, + use_random_suffix: true, + kms: "kms", + }, }, { name: "cos", type: "object_storage", overrideType: undefined, + data: { + buckets: [ + { + endpoint: "public", + force_delete: true, + kms_key: "key", + name: "management-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + { + endpoint: "public", + force_delete: true, + kms_key: "key", + name: "workload-bucket", + storage_class: "standard", + use_random_suffix: true, + }, + ], + use_random_suffix: true, + keys: [], + name: "cos", + plan: "standard", + resource_group: "service-rg", + use_data: false, + kms: "kms", + }, }, ], "workload-rg": [], }, }; + assert.deepEqual( actualData, expectedData, diff --git a/unit-tests/forms/wizard.test.js b/unit-tests/forms/wizard.test.js index c96d4d6d..ed35d061 100644 --- a/unit-tests/forms/wizard.test.js +++ b/unit-tests/forms/wizard.test.js @@ -57,7 +57,7 @@ describe("setup wizard", () => { enable_power_vs: false, enable_classic: false, power_vs_zones: [], - craig_version: "1.15.5", + craig_version: "1.15.6", power_vs_high_availability: false, no_vpn_secrets_manager_auth: false, }, @@ -975,7 +975,7 @@ describe("setup wizard", () => { enable_power_vs: false, enable_classic: false, power_vs_zones: [], - craig_version: "1.15.5", + craig_version: "1.15.6", power_vs_high_availability: false, no_vpn_secrets_manager_auth: false, }, @@ -1892,7 +1892,7 @@ describe("setup wizard", () => { enable_power_vs: false, enable_classic: false, power_vs_zones: [], - craig_version: "1.15.5", + craig_version: "1.15.6", power_vs_high_availability: false, no_vpn_secrets_manager_auth: false, }, @@ -2403,7 +2403,7 @@ describe("setup wizard", () => { enable_power_vs: false, enable_classic: false, power_vs_zones: [], - craig_version: "1.15.5", + craig_version: "1.15.6", power_vs_high_availability: false, no_vpn_secrets_manager_auth: false, }, @@ -2905,7 +2905,7 @@ describe("setup wizard", () => { enable_power_vs: false, enable_classic: false, power_vs_zones: [], - craig_version: "1.15.5", + craig_version: "1.15.6", power_vs_high_availability: false, no_vpn_secrets_manager_auth: false, }, @@ -3484,7 +3484,7 @@ describe("setup wizard", () => { enable_power_vs: false, enable_classic: false, power_vs_zones: [], - craig_version: "1.15.5", + craig_version: "1.15.6", no_vpn_secrets_manager_auth: false, }, resource_groups: [ @@ -3654,7 +3654,7 @@ describe("setup wizard", () => { enable_power_vs: false, enable_classic: false, power_vs_zones: [], - craig_version: "1.15.5", + craig_version: "1.15.6", power_vs_high_availability: false, no_vpn_secrets_manager_auth: false, }, @@ -4225,7 +4225,7 @@ describe("setup wizard", () => { enable_power_vs: false, enable_classic: false, power_vs_zones: [], - craig_version: "1.15.5", + craig_version: "1.15.6", power_vs_high_availability: false, no_vpn_secrets_manager_auth: false, }, @@ -4770,7 +4770,7 @@ describe("setup wizard", () => { enable_power_vs: false, enable_classic: false, power_vs_zones: [], - craig_version: "1.15.5", + craig_version: "1.15.6", power_vs_high_availability: false, no_vpn_secrets_manager_auth: false, }, @@ -5320,7 +5320,7 @@ describe("setup wizard", () => { enable_classic: false, enable_classic: false, power_vs_zones: [], - craig_version: "1.15.5", + craig_version: "1.15.6", no_vpn_secrets_manager_auth: false, }, resource_groups: [ @@ -5812,7 +5812,7 @@ describe("setup wizard", () => { enable_power_vs: true, enable_classic: false, power_vs_zones: ["dal10"], - craig_version: "1.15.5", + craig_version: "1.15.6", power_vs_high_availability: false, no_vpn_secrets_manager_auth: false, }, @@ -6314,7 +6314,7 @@ describe("setup wizard", () => { enable_power_vs: true, enable_classic: false, power_vs_zones: ["dal10"], - craig_version: "1.15.5", + craig_version: "1.15.6", power_vs_high_availability: false, no_vpn_secrets_manager_auth: false, }, diff --git a/unit-tests/json-to-iac/config-to-files-json.test.js b/unit-tests/json-to-iac/config-to-files-json.test.js index e5a9f4ec..f033f84d 100644 --- a/unit-tests/json-to-iac/config-to-files-json.test.js +++ b/unit-tests/json-to-iac/config-to-files-json.test.js @@ -1120,6 +1120,11 @@ variable "edge_id" { type = string } +variable "slz_workload_rg_id" { + description = "ID for the resource group slz-workload-rg" + type = string +} + ############################################################################## `, "it should return correct data" diff --git a/unit-tests/json-to-iac/security-groups.test.js b/unit-tests/json-to-iac/security-groups.test.js index 5aa457d1..ab837fa9 100644 --- a/unit-tests/json-to-iac/security-groups.test.js +++ b/unit-tests/json-to-iac/security-groups.test.js @@ -8,7 +8,7 @@ const slzNetwork = require("../data-files/slz-network.json"); describe("security groups", () => { describe("formatSecurityGroup", () => { - it("should format a security group", () => { + it("should format a security group with vpc from data", () => { let actualData = formatSecurityGroup( { vpc: "management", @@ -106,12 +106,18 @@ describe("security groups", () => { use_data: false, }, ], + vpcs: [ + { + name: "management", + use_data: true, + }, + ], } ); let expectedData = ` resource "ibm_is_security_group" "management_vpc_management_vpe_sg_sg" { name = "\${var.prefix}-management-management-vpe-sg-sg" - vpc = ibm_is_vpc.management_vpc.id + vpc = data.ibm_is_vpc.management_vpc.id resource_group = var.slz_management_rg_id tags = [ "hello", @@ -350,7 +356,6 @@ resource "ibm_is_security_group" "management_vpc_management_vpe_sg_sg" { let expectedData = ` data "ibm_is_security_group" "management_vpc_management_vpe_sg_sg" { name = "management-vpe-sg" - vpc = data.ibm_is_vpc.management_vpc.id } `; assert.deepEqual(actualData, expectedData, "it should return correct tf"); diff --git a/unit-tests/json-to-iac/vpc.test.js b/unit-tests/json-to-iac/vpc.test.js index e7d26a92..18dbe04f 100644 --- a/unit-tests/json-to-iac/vpc.test.js +++ b/unit-tests/json-to-iac/vpc.test.js @@ -4839,7 +4839,7 @@ resource "ibm_is_subnet" "customer_a_subnet_tier_zone_2" { "acl_customer_a_subnet_acl.tf": '##############################################################################\n# Customer A Subnet Acl ACL\n##############################################################################\n\nresource "ibm_is_network_acl" "customer_a_subnet_acl_acl" {\n name = "${var.prefix}-customer-a-subnet-acl-acl"\n vpc = data.ibm_is_vpc.customer_a_vpc.id\n resource_group = var.craig_rg_id\n tags = [\n "hello",\n "world"\n ]\n rules {\n source = "0.0.0.0"\n action = "allow"\n destination = "0.0.0.0"\n direction = "inbound"\n name = "allow-all-inbound"\n }\n rules {\n source = "0.0.0.0"\n action = "allow"\n destination = "0.0.0.0"\n direction = "outbound"\n name = "allow-all-outbound"\n }\n}\n\n##############################################################################\n', "sg_vsi_sg.tf": - '##############################################################################\n# Security Group VSI Sg\n##############################################################################\n\nresource "ibm_is_security_group" "customer_a_vpc_vsi_sg_sg" {\n name = "${var.prefix}-customer-a-vsi-sg-sg"\n vpc = ibm_is_vpc.customer_a_vpc.id\n resource_group = var.craig_rg_id\n tags = [\n "hello",\n "world"\n ]\n}\n\nresource "ibm_is_security_group_rule" "customer_a_vpc_vsi_sg_sg_rule_ssh" {\n group = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n remote = "0.0.0.0"\n direction = "inbound"\n tcp {\n port_min = 22\n port_max = 22\n }\n}\n\nresource "ibm_is_security_group_rule" "customer_a_vpc_vsi_sg_sg_rule_ping" {\n group = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n remote = "0.0.0.0"\n direction = "inbound"\n icmp {\n type = 8\n code = 8\n }\n}\n\n##############################################################################\n', + '##############################################################################\n# Security Group VSI Sg\n##############################################################################\n\nresource "ibm_is_security_group" "customer_a_vpc_vsi_sg_sg" {\n name = "${var.prefix}-customer-a-vsi-sg-sg"\n vpc = data.ibm_is_vpc.customer_a_vpc.id\n resource_group = var.craig_rg_id\n tags = [\n "hello",\n "world"\n ]\n}\n\nresource "ibm_is_security_group_rule" "customer_a_vpc_vsi_sg_sg_rule_ssh" {\n group = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n remote = "0.0.0.0"\n direction = "inbound"\n tcp {\n port_min = 22\n port_max = 22\n }\n}\n\nresource "ibm_is_security_group_rule" "customer_a_vpc_vsi_sg_sg_rule_ping" {\n group = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n remote = "0.0.0.0"\n direction = "inbound"\n icmp {\n type = 8\n code = 8\n }\n}\n\n##############################################################################\n', "outputs.tf": '##############################################################################\n# Customer AVPC Outputs\n##############################################################################\n\noutput "name" {\n value = data.ibm_is_vpc.customer_a_vpc.name\n}\n\noutput "id" {\n value = data.ibm_is_vpc.customer_a_vpc.id\n}\n\noutput "crn" {\n value = data.ibm_is_vpc.customer_a_vpc.crn\n}\n\noutput "subnet_tier_zone_1_name" {\n value = ibm_is_subnet.customer_a_subnet_tier_zone_1.name\n}\n\noutput "subnet_tier_zone_1_id" {\n value = ibm_is_subnet.customer_a_subnet_tier_zone_1.id\n}\n\noutput "subnet_tier_zone_1_crn" {\n value = ibm_is_subnet.customer_a_subnet_tier_zone_1.crn\n}\n\noutput "subnet_tier_zone_2_name" {\n value = ibm_is_subnet.customer_a_subnet_tier_zone_2.name\n}\n\noutput "subnet_tier_zone_2_id" {\n value = ibm_is_subnet.customer_a_subnet_tier_zone_2.id\n}\n\noutput "subnet_tier_zone_2_crn" {\n value = ibm_is_subnet.customer_a_subnet_tier_zone_2.crn\n}\n\noutput "vsi_sg_name" {\n value = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.name\n}\n\noutput "vsi_sg_id" {\n value = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n}\n\n##############################################################################\n', }, @@ -5259,7 +5259,7 @@ resource "ibm_is_subnet" "customer_a_subnet_tier_zone_2" { "acl_customer_a_subnet_acl.tf": '##############################################################################\n# Customer A Subnet Acl ACL\n##############################################################################\n\nresource "ibm_is_network_acl" "customer_a_subnet_acl_acl" {\n name = "${var.prefix}-customer-a-subnet-acl-acl"\n vpc = data.ibm_is_vpc.customer_a_vpc.id\n resource_group = var.craig_rg_id\n tags = [\n "hello",\n "world"\n ]\n rules {\n source = "0.0.0.0"\n action = "allow"\n destination = "0.0.0.0"\n direction = "inbound"\n name = "allow-all-inbound"\n }\n rules {\n source = "0.0.0.0"\n action = "allow"\n destination = "0.0.0.0"\n direction = "outbound"\n name = "allow-all-outbound"\n }\n}\n\n##############################################################################\n', "sg_vsi_sg.tf": - '##############################################################################\n# Security Group VSI Sg\n##############################################################################\n\ndata "ibm_is_security_group" "customer_a_vpc_vsi_sg_sg" {\n name = "vsi-sg"\n vpc = data.ibm_is_vpc.customer_a_vpc.id\n}\n\nresource "ibm_is_security_group_rule" "customer_a_vpc_vsi_sg_sg_rule_ssh" {\n group = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n remote = "0.0.0.0"\n direction = "inbound"\n tcp {\n port_min = 22\n port_max = 22\n }\n}\n\nresource "ibm_is_security_group_rule" "customer_a_vpc_vsi_sg_sg_rule_ping" {\n group = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n remote = "0.0.0.0"\n direction = "inbound"\n icmp {\n type = 8\n code = 8\n }\n}\n\n##############################################################################\n', + '##############################################################################\n# Security Group VSI Sg\n##############################################################################\n\ndata "ibm_is_security_group" "customer_a_vpc_vsi_sg_sg" {\n name = "vsi-sg"\n}\n\nresource "ibm_is_security_group_rule" "customer_a_vpc_vsi_sg_sg_rule_ssh" {\n group = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n remote = "0.0.0.0"\n direction = "inbound"\n tcp {\n port_min = 22\n port_max = 22\n }\n}\n\nresource "ibm_is_security_group_rule" "customer_a_vpc_vsi_sg_sg_rule_ping" {\n group = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n remote = "0.0.0.0"\n direction = "inbound"\n icmp {\n type = 8\n code = 8\n }\n}\n\n##############################################################################\n', "outputs.tf": '##############################################################################\n# Customer AVPC Outputs\n##############################################################################\n\noutput "name" {\n value = data.ibm_is_vpc.customer_a_vpc.name\n}\n\noutput "id" {\n value = data.ibm_is_vpc.customer_a_vpc.id\n}\n\noutput "crn" {\n value = data.ibm_is_vpc.customer_a_vpc.crn\n}\n\noutput "subnet_tier_zone_1_name" {\n value = ibm_is_subnet.customer_a_subnet_tier_zone_1.name\n}\n\noutput "subnet_tier_zone_1_id" {\n value = ibm_is_subnet.customer_a_subnet_tier_zone_1.id\n}\n\noutput "subnet_tier_zone_1_crn" {\n value = ibm_is_subnet.customer_a_subnet_tier_zone_1.crn\n}\n\noutput "subnet_tier_zone_2_name" {\n value = ibm_is_subnet.customer_a_subnet_tier_zone_2.name\n}\n\noutput "subnet_tier_zone_2_id" {\n value = ibm_is_subnet.customer_a_subnet_tier_zone_2.id\n}\n\noutput "subnet_tier_zone_2_crn" {\n value = ibm_is_subnet.customer_a_subnet_tier_zone_2.crn\n}\n\noutput "vsi_sg_name" {\n value = data.ibm_is_security_group.customer_a_vpc_vsi_sg_sg.name\n}\n\noutput "vsi_sg_id" {\n value = data.ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n}\n\n##############################################################################\n', }, @@ -5643,7 +5643,7 @@ resource "ibm_is_subnet" "customer_a_subnet_tier_zone_2" { "acl_customer_a_subnet_acl.tf": '##############################################################################\n# Customer A Subnet Acl ACL\n##############################################################################\n\nresource "ibm_is_network_acl" "customer_a_subnet_acl_acl" {\n name = "${var.prefix}-customer-a-subnet-acl-acl"\n vpc = data.ibm_is_vpc.customer_a_vpc.id\n resource_group = var.craig_rg_id\n tags = [\n "hello",\n "world"\n ]\n rules {\n source = "0.0.0.0"\n action = "allow"\n destination = "0.0.0.0"\n direction = "inbound"\n name = "allow-all-inbound"\n }\n rules {\n source = "0.0.0.0"\n action = "allow"\n destination = "0.0.0.0"\n direction = "outbound"\n name = "allow-all-outbound"\n }\n}\n\n##############################################################################\n', "sg_vsi_sg.tf": - '##############################################################################\n# Security Group VSI Sg\n##############################################################################\n\ndata "ibm_is_security_group" "customer_a_vpc_vsi_sg_sg" {\n name = "vsi-sg"\n vpc = data.ibm_is_vpc.customer_a_vpc.id\n}\n\nresource "ibm_is_security_group_rule" "customer_a_vpc_vsi_sg_sg_rule_ssh" {\n group = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n remote = "0.0.0.0"\n direction = "inbound"\n tcp {\n port_min = 22\n port_max = 22\n }\n}\n\nresource "ibm_is_security_group_rule" "customer_a_vpc_vsi_sg_sg_rule_ping" {\n group = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n remote = "0.0.0.0"\n direction = "inbound"\n icmp {\n type = 8\n code = 8\n }\n}\n\n##############################################################################\n', + '##############################################################################\n# Security Group VSI Sg\n##############################################################################\n\ndata "ibm_is_security_group" "customer_a_vpc_vsi_sg_sg" {\n name = "vsi-sg"\n}\n\nresource "ibm_is_security_group_rule" "customer_a_vpc_vsi_sg_sg_rule_ssh" {\n group = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n remote = "0.0.0.0"\n direction = "inbound"\n tcp {\n port_min = 22\n port_max = 22\n }\n}\n\nresource "ibm_is_security_group_rule" "customer_a_vpc_vsi_sg_sg_rule_ping" {\n group = ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n remote = "0.0.0.0"\n direction = "inbound"\n icmp {\n type = 8\n code = 8\n }\n}\n\n##############################################################################\n', "outputs.tf": '##############################################################################\n# Customer AVPC Outputs\n##############################################################################\n\noutput "name" {\n value = data.ibm_is_vpc.customer_a_vpc.name\n}\n\noutput "id" {\n value = data.ibm_is_vpc.customer_a_vpc.id\n}\n\noutput "crn" {\n value = data.ibm_is_vpc.customer_a_vpc.crn\n}\n\noutput "subnet_tier_zone_1_name" {\n value = data.ibm_is_subnet.customer_a_subnet_tier_zone_1.name\n}\n\noutput "subnet_tier_zone_1_id" {\n value = data.ibm_is_subnet.customer_a_subnet_tier_zone_1.id\n}\n\noutput "subnet_tier_zone_1_crn" {\n value = data.ibm_is_subnet.customer_a_subnet_tier_zone_1.crn\n}\n\noutput "vsi_sg_name" {\n value = data.ibm_is_security_group.customer_a_vpc_vsi_sg_sg.name\n}\n\noutput "vsi_sg_id" {\n value = data.ibm_is_security_group.customer_a_vpc_vsi_sg_sg.id\n}\n\n##############################################################################\n', }, @@ -5652,6 +5652,127 @@ resource "ibm_is_subnet" "customer_a_subnet_tier_zone_2" { }; assert.deepEqual(actualData, expectedData, "should return correct data"); }); + it("should return craig terraform for one vpc with only one data subnet and vpc from data and data rg", () => { + let actualData = {}; + vpcModuleTf(actualData, { + _options: { + prefix: "iac", + region: "us-south", + tags: ["hello", "world"], + zones: 3, + endpoints: "private", + account_id: null, + fs_cloud: false, + enable_classic: false, + dynamic_subnets: true, + enable_power_vs: false, + craig_version: "1.15.6", + power_vs_zones: [], + power_vs_high_availability: false, + no_vpn_secrets_manager_auth: false, + power_vs_ha_zone_1: null, + power_vs_ha_zone_2: null, + manual_power_vsi_naming: false, + template: "Empty Project", + }, + resource_groups: [ + { + use_prefix: true, + name: "powervs-coe", + use_data: true, + }, + ], + routing_tables: [], + scc: { + credential_description: null, + id: null, + passphrase: null, + name: "", + location: "us", + collector_description: null, + is_public: false, + scope_description: null, + enable: false, + }, + secrets_manager: [], + security_groups: [ + { + resource_group: "powervs-coe", + rules: [], + vpc: "smatzek", + subnets: [], + ssh_keys: [], + use_data: false, + name: "vpn-server", + }, + ], + ssh_keys: [], + sysdig: { + enabled: false, + plan: "graduated-tier", + resource_group: null, + name: "sysdig", + platform_logs: false, + }, + teleport_vsi: [], + transit_gateways: [], + virtual_private_endpoints: [], + vpcs: [ + { + name: "smatzek", + resource_group: null, + classic_access: null, + manual_address_prefix_management: false, + default_network_acl_name: null, + default_security_group_name: null, + default_routing_table_name: null, + public_gateways: [], + acls: [], + subnetTiers: [], + use_data: true, + bucket: "$disabled", + publicGateways: [], + cos: null, + subnets: [], + address_prefixes: [], + }, + ], + vpn_gateways: [], + vsi: [], + vtl: [], + classic_gateways: [], + cis: [], + scc_v2: { + enable: false, + resource_group: null, + region: "", + account_id: "${var.account_id}", + profile_attachments: [], + }, + cis_glbs: [], + fortigate_vnf: [], + classic_security_groups: [], + classic_vsi: [], + classic_bare_metal: [], + }); + let expectedData = { + "main.tf": `############################################################################## +# Smatzek VPC Module +############################################################################## + +module "smatzek_vpc" { + source = "./smatzek_vpc" + region = var.region + prefix = var.prefix + powervs_coe_id = data.ibm_resource_group.powervs_coe.id\n tags = [\n "hello",\n "world"\n ]\n}\n\n############################################################################## +`, + }; + assert.deepEqual( + actualData["main.tf"], + expectedData["main.tf"], + "should return correct data" + ); + }); it("should return craig terraform for edge network in module", () => { let actualData = {}; vpcModuleTf(actualData, { @@ -8428,6 +8549,7 @@ resource "ibm_is_subnet" "edge_vpn_2_zone_3" { let actualData = vpcModuleJson( { name: "test-case", + resource_group: null, }, [], { @@ -8453,5 +8575,35 @@ resource "ibm_is_subnet" "edge_vpn_2_zone_3" { "it should return correctly formatted module" ); }); + it("should return correct module for imported vpc with no rg", () => { + let actualData = vpcModuleJson( + { + name: "test-case", + resource_group: null, + }, + [null], + { + _options: { + tags: [], + }, + } + ); + let expectedData = { + test_case_vpc: { + "//": { + metadata: { uniqueId: "test_case_vpc", path: "./test_case_vpc" }, + }, + source: "./test_case_vpc", + region: "${var.region}", + prefix: "${var.prefix}", + tags: [], + }, + }; + assert.deepEqual( + actualData, + expectedData, + "it should return correctly formatted module" + ); + }); }); }); diff --git a/unit-tests/json-to-iac/vpn-server.test.js b/unit-tests/json-to-iac/vpn-server.test.js index 91345ed4..9d4d7bf8 100644 --- a/unit-tests/json-to-iac/vpn-server.test.js +++ b/unit-tests/json-to-iac/vpn-server.test.js @@ -244,6 +244,58 @@ resource "ibm_is_vpn_server" "management_vpn_server_abc" { module.management_vpc.management_vpe_sg_id ] } +`; + assert.deepEqual(actualData, expectedData, "should return correct data"); + }); + it("should return correct tf for vpn server using certificate and username password", () => { + let actualData = formatVpnServer( + { + name: "abc", + certificate_crn: "xyz", + method: "both", + client_ca_crn: "hij", + client_ip_pool: "xyz", + client_dns_server_ips: "optional", + client_idle_timeout: 2000, + enable_split_tunneling: true, + port: 255, + protocol: "udp", + resource_group: "slz-management-rg", + security_groups: ["management-vpe-sg"], + subnets: ["vsi-zone-1"], + vpc: "management", + routes: [], + }, + slzNetwork + ); + let expectedData = ` +resource "ibm_is_vpn_server" "management_vpn_server_abc" { + certificate_crn = "xyz" + client_idle_timeout = 2000 + client_ip_pool = "xyz" + enable_split_tunneling = true + name = "\${var.prefix}-management-abc-server" + port = 255 + protocol = "udp" + resource_group = ibm_resource_group.slz_management_rg.id + client_authentication { + method = "certificate" + client_ca_crn = "hij" + } + client_authentication { + method = "username" + identity_provider = "iam" + } + client_dns_server_ips = [ + "optional" + ] + subnets = [ + module.management_vpc.vsi_zone_1_id + ] + security_groups = [ + module.management_vpc.management_vpe_sg_id + ] +} `; assert.deepEqual(actualData, expectedData, "should return correct data"); }); diff --git a/unit-tests/state/power-vs.test.js b/unit-tests/state/power-vs.test.js index 553ff938..709bd56c 100644 --- a/unit-tests/state/power-vs.test.js +++ b/unit-tests/state/power-vs.test.js @@ -440,7 +440,7 @@ describe("power-vs", () => { }); }); describe("power.schema", () => { - describe("craig.power.name.helperText", () => { + describe("power.name.helperText", () => { it("should return correct helper text for name when use data", () => { assert.deepEqual( craig.power.name.helperText({ use_data: true, name: "name" }), @@ -469,6 +469,27 @@ describe("power-vs", () => { ); }); }); + describe("power.name.onStateChange", () => { + it("should clear images when changing name of imported workspace", () => { + let data = { use_data: true }; + let expectedData = { + use_data: true, + imageNames: [], + images: [], + }; + craig.power.name.onStateChange(data); + assert.deepEqual(data, expectedData, "it should clear images"); + }); + it("should not clear images when changing name of CRAIG created workspace", () => { + let data = { use_data: false, imageNames: ["testImage"] }; + let expectedData = { + use_data: false, + imageNames: ["testImage"], + }; + craig.power.name.onStateChange(data); + assert.deepEqual(data, expectedData, "it should not clear images"); + }); + }); describe("power.zone", () => { describe("power.zone.onStateChange", () => { it("should set images when changing zone", () => { diff --git a/unit-tests/state/schema.test.js b/unit-tests/state/schema.test.js index c2555cc6..366cc5cb 100644 --- a/unit-tests/state/schema.test.js +++ b/unit-tests/state/schema.test.js @@ -1926,7 +1926,7 @@ describe("automate schema generation", () => { method: { type: "string", default: null, - groups: ["certificate", "username", "byo", "INSECURE"], + groups: ["both", "certificate", "username", "byo", "INSECURE"], }, certificate_crn: { type: "string", default: null }, client_ca_crn: { type: "string", default: null }, diff --git a/unit-tests/state/vpn-servers.test.js b/unit-tests/state/vpn-servers.test.js index 4cd74502..b116c554 100644 --- a/unit-tests/state/vpn-servers.test.js +++ b/unit-tests/state/vpn-servers.test.js @@ -399,6 +399,11 @@ describe("vpn_servers", () => { "INSECURE - Developer Certificate", "it should return correct method" ); + assert.deepEqual( + craig.vpn_servers.method.onRender({ method: "both" }), + "Username and Certificate", + "it should return correct method" + ); assert.deepEqual( craig.vpn_servers.method.onRender({ method: "byo" }), "Bring Your Own Certificate", @@ -418,6 +423,13 @@ describe("vpn_servers", () => { "INSECURE", "it should return correct method" ); + assert.deepEqual( + craig.vpn_servers.method.onInputChange({ + method: "Username and Certificate", + }), + "both", + "it should return correct method" + ); assert.deepEqual( craig.vpn_servers.method.onInputChange({ method: "Bring Your Own Certificate",