[Do Not Merge] add : fully configurable version #300
Conversation
Aayush-Abhyarthi
changed the title
Aayush-Abhyarthi
changed the title
There was a problem hiding this comment.
Do not use spaces in directory names. The renamed directory should be solutions/security-enforced. The label name should be Security-enforced and the programmtic variation name should be security-enforced. I think you need to check your changes against the recent updates that were made to the standard variation. Several variables were renamed, and it seems you do not have the new names.
I think the direction we are going is the the whole code in the standard (security-enforced) directory will go away, and that new Security-enforced variation will actually just call the see below commentFully configurable variation in the ibm_catalog.json but will hard code a few variables, and force require others to lock it down. Otherwise we end up with alot of code duplication for now reason. Such a change will be a full breaking major version release.
| @@ -6,7 +6,7 @@ offerings: | |||
| catalog_id: 7df1e4ca-d54c-4fd0-82ce-3d13247308cd | |||
| offering_id: 6d6ebc76-7bbd-42f5-8bc7-78f4fabd5944 | |||
| variations: | |||
| - name: standard | |||
| - name: Security-enforced | |||
There was a problem hiding this comment.
| - name: Security-enforced | |
| - name: security-enforced |
| @@ -1,7 +1,7 @@ | |||
| # More info about this file at https://github.com/terraform-ibm-modules/common-pipeline-assets/blob/main/.github/workflows/terraform-test-pipeline.md#cra-config-yaml | |||
| version: "v1" | |||
| CRA_TARGETS: | |||
| - CRA_TARGET: "solutions/standard" # Target directory for CRA scan. If not provided, the CRA Scan will not be run. | |||
| - CRA_TARGET: "solutions/Security-enforced" # Target directory for CRA scan. If not provided, the CRA Scan will not be run. | |||
There was a problem hiding this comment.
| - CRA_TARGET: "solutions/Security-enforced" # Target directory for CRA scan. If not provided, the CRA Scan will not be run. | |
| - CRA_TARGET: "solutions/security-enforced" # Target directory for CRA scan. If not provided, the CRA Scan will not be run. |
| @@ -21,7 +21,7 @@ | |||
| ], | |||
| "short_description": "Creates and configures a Secrets Manager instance.", | |||
| "long_description": "This solution is used to provision and configure an IBM Cloud Secrets Manager instance.", | |||
| "offering_docs_url": "https://github.com/terraform-ibm-modules/terraform-ibm-secrets-manager/blob/main/solutions/standard/README.md", | |||
| "offering_docs_url": "https://github.com/terraform-ibm-modules/terraform-ibm-secrets-manager/blob/main/solutions/Security-enforced/README.md", | |||
There was a problem hiding this comment.
| "offering_docs_url": "https://github.com/terraform-ibm-modules/terraform-ibm-secrets-manager/blob/main/solutions/Security-enforced/README.md", | |
| "offering_docs_url": "https://github.com/terraform-ibm-modules/terraform-ibm-secrets-manager/blob/main/solutions/security-enforced/README.md", |
| "label": "Standard", | ||
| "name": "standard", | ||
| "label": "Security-enforced", | ||
| "name": "Security-enforced", |
There was a problem hiding this comment.
| "name": "Security-enforced", | |
| "name": "security-enforced", |
| "install_type": "fullstack", | ||
| "working_directory": "solutions/standard", | ||
| "working_directory": "solutions/Security-enforced", |
There was a problem hiding this comment.
Please also change the directory name
| "working_directory": "solutions/Security-enforced", | |
| "working_directory": "solutions/security-enforced", |
| variable "prefix" { | ||
| type = string | ||
| description = "The prefix to apply to all resources created by this solution." | ||
| default = null |
|
|
||
| variable "prefix" { | ||
| type = string | ||
| description = "The prefix to apply to all resources created by this solution." |
There was a problem hiding this comment.
please update the description to match what is in https://github.ibm.com/GoldenEye/issues/issues/12841
| variable "secrets_manager_instance_name" { | ||
| type = string | ||
| description = "The name to give the Secrets Manager instance provisioned by this solution. If a prefix input variable is specified, it is added to the value in the `<prefix>-value` format." | ||
| default = "base-security-services-sm" |
There was a problem hiding this comment.
| default = "base-security-services-sm" | |
| default = "secrets-manager" |
| default = false | ||
| } | ||
|
|
||
| variable "secret_manager_tags" { |
There was a problem hiding this comment.
Access tag support will be coming in #294 so suggest to explicitly say its a resource tag:
| variable "secret_manager_tags" { | |
| variable "secret_manager_resource_tags" { |
| })) | ||
| }))) | ||
| })) | ||
| description = "(Optional, list) List of CBR rules to create. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-secrets-manager/blob/main/solutions/standard/DA-cbr_rules.md)" |
|
@Aayush-Abhyarthi We talked more about what to do with the current |
Description
https://github.ibm.com/GoldenEye/issues/issues/12575
Release required?
x.x.X)x.X.x)X.x.x)Release notes content
Run the pipeline
If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.
Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:
Checklist for reviewers
For mergers