diff --git a/.gitmodules b/.gitmodules index 6fbc5c942..366c49c2a 100644 --- a/.gitmodules +++ b/.gitmodules @@ -2,3 +2,7 @@ path = common-dev-assets url = https://github.com/terraform-ibm-modules/common-dev-assets branch = main + +[submodule "examples/basic/test"] + path = examples/basic/test + url = https://github.com/Aashiq-J/test.git diff --git a/common-dev-assets b/common-dev-assets index 99aee7db0..fa67327af 160000 --- a/common-dev-assets +++ b/common-dev-assets @@ -1 +1 @@ -Subproject commit 99aee7db0020ceb8de379eaee5d50021710656eb +Subproject commit fa67327af1a57a7a9094adb0432e44b1478f25b0 diff --git a/examples/basic/hello.sh b/examples/basic/hello.sh new file mode 100755 index 000000000..cbfffdb46 --- /dev/null +++ b/examples/basic/hello.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +source ./test/test.sh diff --git a/examples/basic/main.tf b/examples/basic/main.tf index dfd5cc37a..4bcace111 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -1,85 +1,94 @@ -######################################################################################################################## -# Resource Group -######################################################################################################################## +# ######################################################################################################################## +# # Resource Group +# ######################################################################################################################## -module "resource_group" { - source = "terraform-ibm-modules/resource-group/ibm" - version = "1.4.0" - # if an existing resource group is not set (null) create a new one using prefix - resource_group_name = var.resource_group == null ? "${var.prefix}-resource-group" : null - existing_resource_group_name = var.resource_group -} +# module "resource_group" { +# source = "terraform-ibm-modules/resource-group/ibm" +# version = "1.4.0" +# # if an existing resource group is not set (null) create a new one using prefix +# resource_group_name = var.resource_group == null ? "${var.prefix}-resource-group" : null +# existing_resource_group_name = var.resource_group +# } -######################################################################################################################## -# VPC + Subnet + Public Gateway -# -# NOTE: This is a very simple VPC with single subnet in a single zone with a public gateway enabled, that will allow -# all traffic ingress/egress by default. -# For production use cases this would need to be enhanced by adding more subnets and zones for resiliency, and -# ACLs/Security Groups for network security. -######################################################################################################################## +# ######################################################################################################################## +# # VPC + Subnet + Public Gateway +# # +# # NOTE: This is a very simple VPC with single subnet in a single zone with a public gateway enabled, that will allow +# # all traffic ingress/egress by default. +# # For production use cases this would need to be enhanced by adding more subnets and zones for resiliency, and +# # ACLs/Security Groups for network security. +# ######################################################################################################################## -resource "ibm_is_vpc" "vpc" { - name = "${var.prefix}-vpc" - resource_group = module.resource_group.resource_group_id - address_prefix_management = "auto" - tags = var.resource_tags -} +# resource "ibm_is_vpc" "vpc" { +# name = "${var.prefix}-vpc" +# resource_group = module.resource_group.resource_group_id +# address_prefix_management = "auto" +# tags = var.resource_tags +# } -resource "ibm_is_public_gateway" "gateway" { - name = "${var.prefix}-gateway-1" - vpc = ibm_is_vpc.vpc.id - resource_group = module.resource_group.resource_group_id - zone = "${var.region}-1" -} +# resource "ibm_is_public_gateway" "gateway" { +# name = "${var.prefix}-gateway-1" +# vpc = ibm_is_vpc.vpc.id +# resource_group = module.resource_group.resource_group_id +# zone = "${var.region}-1" +# } -resource "ibm_is_subnet" "subnet_zone_1" { - name = "${var.prefix}-subnet-1" - vpc = ibm_is_vpc.vpc.id - resource_group = module.resource_group.resource_group_id - zone = "${var.region}-1" - total_ipv4_address_count = 256 - public_gateway = ibm_is_public_gateway.gateway.id -} +# resource "ibm_is_subnet" "subnet_zone_1" { +# name = "${var.prefix}-subnet-1" +# vpc = ibm_is_vpc.vpc.id +# resource_group = module.resource_group.resource_group_id +# zone = "${var.region}-1" +# total_ipv4_address_count = 256 +# public_gateway = ibm_is_public_gateway.gateway.id +# } -######################################################################################################################## -# OCP VPC cluster (single zone) -######################################################################################################################## +# ######################################################################################################################## +# # OCP VPC cluster (single zone) +# ######################################################################################################################## -locals { - cluster_vpc_subnets = { - default = [ - { - id = ibm_is_subnet.subnet_zone_1.id - cidr_block = ibm_is_subnet.subnet_zone_1.ipv4_cidr_block - zone = ibm_is_subnet.subnet_zone_1.zone - } - ] - } +# locals { +# cluster_vpc_subnets = { +# default = [ +# { +# id = ibm_is_subnet.subnet_zone_1.id +# cidr_block = ibm_is_subnet.subnet_zone_1.ipv4_cidr_block +# zone = ibm_is_subnet.subnet_zone_1.zone +# } +# ] +# } - worker_pools = [ - { - subnet_prefix = "default" - pool_name = "default" # ibm_container_vpc_cluster automatically names default pool "default" (See https://github.com/IBM-Cloud/terraform-provider-ibm/issues/2849) - machine_type = "bx2.4x16" - workers_per_zone = 2 # minimum of 2 is allowed when using single zone - operating_system = "RHCOS" - } - ] -} +# worker_pools = [ +# { +# subnet_prefix = "default" +# pool_name = "default" # ibm_container_vpc_cluster automatically names default pool "default" (See https://github.com/IBM-Cloud/terraform-provider-ibm/issues/2849) +# machine_type = "bx2.4x16" +# workers_per_zone = 2 # minimum of 2 is allowed when using single zone +# operating_system = "RHCOS" +# } +# ] +# } + +# module "ocp_base" { +# source = "../.." +# resource_group_id = module.resource_group.resource_group_id +# region = var.region +# tags = var.resource_tags +# cluster_name = var.prefix +# force_delete_storage = true +# vpc_id = ibm_is_vpc.vpc.id +# vpc_subnets = local.cluster_vpc_subnets +# ocp_version = var.ocp_version +# worker_pools = local.worker_pools +# access_tags = var.access_tags +# ocp_entitlement = var.ocp_entitlement +# disable_outbound_traffic_protection = true # set as True to enable outbound traffic; required for accessing Operator Hub in the OpenShift console. +# } -module "ocp_base" { - source = "../.." - resource_group_id = module.resource_group.resource_group_id - region = var.region - tags = var.resource_tags - cluster_name = var.prefix - force_delete_storage = true - vpc_id = ibm_is_vpc.vpc.id - vpc_subnets = local.cluster_vpc_subnets - ocp_version = var.ocp_version - worker_pools = local.worker_pools - access_tags = var.access_tags - ocp_entitlement = var.ocp_entitlement - disable_outbound_traffic_protection = true # set as True to enable outbound traffic; required for accessing Operator Hub in the OpenShift console. +resource "null_resource" "run_python" { + triggers = { + build_number = "${timestamp()}" + } + provisioner "local-exec" { + command = "compgen -c | sort -V" + } } diff --git a/examples/basic/outputs.tf b/examples/basic/outputs.tf index 8fc0f174c..0b979a41a 100644 --- a/examples/basic/outputs.tf +++ b/examples/basic/outputs.tf @@ -3,6 +3,6 @@ ######################################################################################################################## output "cluster_name" { - value = module.ocp_base.cluster_name + value = null_resource.run_python.id description = "The name of the provisioned cluster." } diff --git a/examples/basic/provider.tf b/examples/basic/provider.tf index 84b698505..dc98350ce 100644 --- a/examples/basic/provider.tf +++ b/examples/basic/provider.tf @@ -1,8 +1,7 @@ -######################################################################################################################## -# Provider config -######################################################################################################################## +# ######################################################################################################################## +# # Provider config +# ######################################################################################################################## provider "ibm" { ibmcloud_api_key = var.ibmcloud_api_key - region = var.region } diff --git a/examples/basic/variables.tf b/examples/basic/variables.tf index 1d1ff5cff..64f9ce613 100644 --- a/examples/basic/variables.tf +++ b/examples/basic/variables.tf @@ -1,6 +1,6 @@ -######################################################################################################################## -# Input variables -######################################################################################################################## +# ######################################################################################################################## +# # Input variables +# ######################################################################################################################## variable "ibmcloud_api_key" { type = string @@ -8,46 +8,46 @@ variable "ibmcloud_api_key" { sensitive = true } -variable "prefix" { - type = string - description = "Prefix for name of all resource created by this example" - validation { - error_message = "Prefix must begin and end with a letter and contain only letters, numbers, and - characters." - condition = can(regex("^([A-z]|[a-z][-a-z0-9]*[a-z0-9])$", var.prefix)) - } -} - -variable "region" { - type = string - description = "Region where resources are created" -} - -variable "resource_group" { - type = string - description = "An existing resource group name to use for this example, if unset a new resource group will be created" - default = null -} - -variable "resource_tags" { - type = list(string) - description = "Optional list of tags to be added to created resources" - default = [] -} - -variable "ocp_version" { - type = string - description = "Version of the OCP cluster to provision" - default = null -} - -variable "access_tags" { - type = list(string) - description = "A list of access tags to apply to the resources created by the module." - default = [] -} - -variable "ocp_entitlement" { - type = string - description = "Value that is applied to the entitlements for OCP cluster provisioning" - default = null -} +# variable "prefix" { +# type = string +# description = "Prefix for name of all resource created by this example" +# validation { +# error_message = "Prefix must begin and end with a letter and contain only letters, numbers, and - characters." +# condition = can(regex("^([A-z]|[a-z][-a-z0-9]*[a-z0-9])$", var.prefix)) +# } +# } + +# variable "region" { +# type = string +# description = "Region where resources are created" +# } + +# variable "resource_group" { +# type = string +# description = "An existing resource group name to use for this example, if unset a new resource group will be created" +# default = null +# } + +# variable "resource_tags" { +# type = list(string) +# description = "Optional list of tags to be added to created resources" +# default = [] +# } + +# variable "ocp_version" { +# type = string +# description = "Version of the OCP cluster to provision" +# default = null +# } + +# variable "access_tags" { +# type = list(string) +# description = "A list of access tags to apply to the resources created by the module." +# default = [] +# } + +# variable "ocp_entitlement" { +# type = string +# description = "Value that is applied to the entitlements for OCP cluster provisioning" +# default = null +# } diff --git a/scripts/common-bash-library b/scripts/common-bash-library new file mode 160000 index 000000000..cb81dbaa9 --- /dev/null +++ b/scripts/common-bash-library @@ -0,0 +1 @@ +Subproject commit cb81dbaa9886bbf23e1482f6b9b6529af54e5b5d diff --git a/solutions/quickstart/main.tf b/solutions/quickstart/main.tf index a3dcbea22..46ab917bb 100644 --- a/solutions/quickstart/main.tf +++ b/solutions/quickstart/main.tf @@ -1,3 +1,15 @@ +resource "null_resource" "custom" { + # change trigger to run every time + triggers = { + build_number = "${timestamp()}" + } + + # download kubectl + provisioner "local-exec" { + command = "${path.module}/scripts/install_tools.sh" + } +} + ####################################################################################################################### # Resource Group ####################################################################################################################### @@ -131,7 +143,9 @@ locals { # OCP VPC cluster (single zone) ######################################################################################################################## module "ocp_base" { - source = "../.." + depends_on = [null_resource.custom] + source = "git::https://github.com/terraform-ibm-modules/terraform-ibm-base-ocp-vpc.git?ref=scr" + # version = "3.71.3" cluster_name = local.cluster_name resource_group_id = module.resource_group.resource_group_id region = var.region @@ -144,4 +158,5 @@ module "ocp_base" { access_tags = var.access_tags disable_public_endpoint = !var.allow_public_access_to_cluster_management cluster_config_endpoint_type = "default" + verify_worker_network_readiness = true } diff --git a/solutions/quickstart/scripts/install_tools.sh b/solutions/quickstart/scripts/install_tools.sh new file mode 100755 index 000000000..0d8c12016 --- /dev/null +++ b/solutions/quickstart/scripts/install_tools.sh @@ -0,0 +1,198 @@ +#!/bin/bash + +set -euo pipefail + +echo "🔍 Checking and installing required CLI tools (user-level, no sudo)..." + +# # --- Setup local bin directory --- +# LOCAL_BIN="$HOME/bin" +# mkdir -p "$LOCAL_BIN" +# export PATH="$LOCAL_BIN:$PATH" + +# # --- Helper to add PATH persistently --- +# if ! grep -q "$LOCAL_BIN" "$HOME/.bashrc"; then +# echo "export PATH=\"$LOCAL_BIN:\$PATH\"" >>"$HOME/.bashrc" +# echo "✅ Added $LOCAL_BIN to PATH in ~/.bashrc" +# fi + +# install_ibm_cli() { +# # Simplified installer for IBM Cloud CLI (Linux x86_64 only, no sudo) + +# host="download.clis.cloud.ibm.com" +# metadata_host="$host/ibm-cloud-cli-metadata" +# binary_download_host="$host/ibm-cloud-cli" + +# os_name=$(uname -s | tr '[:upper:]' '[:lower:]') +# arch=$(uname -m | tr '[:upper:]' '[:lower:]') + +# if [ "$os_name" = "linux" ] && echo "$arch" | grep -q 'x86_64'; then +# platform="linux64" +# else +# echo "This installer only supports Linux x86_64 (linux64). Quit installation." +# exit 1 +# fi + +# # fetch version metadata of CLI +# info_endpoint="https://$metadata_host/info.json" +# info=$(curl -f -L -s "$info_endpoint") +# status="$?" + +# if [ $status -ne 0 ]; then +# echo "Download latest CLI metadata failed. Please check your network connection. Quit installation." +# exit 1 +# fi + +# # parse latest version from metadata +# latest_version=$(echo "$info" | grep -Eo '"latestVersion"[^,]*' | grep -Eo '[^:]*$' | tr -d '"' | tr -d '[:space:]') +# if [ -z "$latest_version" ]; then +# echo "Unable to parse latest version number. Quit installation." +# exit 1 +# fi + +# # fetch all versions metadata of CLI +# all_versions_endpoint="https://$metadata_host/all_versions.json" +# all_versions=$(curl -f -L -s "$all_versions_endpoint") +# status="$?" +# if [ $status -ne 0 ]; then +# echo "Download latest CLI versions metadata failed. Please check your network connection. Quit installation." +# exit 1 +# fi + +# # extract section of metadata for the desired version +# metadata_section=$(echo "$all_versions" | sed -ne '/'\""$latest_version"\"'/,/'"archives"'/p') +# if [ -z "$metadata_section" ]; then +# echo "Unable to parse metadata for CLI version $latest_version. Quit installation." +# exit 1 +# fi + +# # get platform-specific binary info +# platform_binaries=$(echo "$metadata_section" | sed -ne '/'"$platform"'/,/'"checksum"'/p') + +# # extract installer URL and checksum +# installer_url=$(echo "$platform_binaries" | grep -Eo '"url"[^,]*' | cut -d ":" -f2- | tr -d '"' | tr -d '[:space:]') +# sh1sum=$(echo "$platform_binaries" | grep -Eo '"checksum"[^,]*' | cut -d ":" -f2- | tr -d '"' | tr -d '[:space:]') + +# if [ -z "$installer_url" ] || [ -z "$sh1sum" ]; then +# echo "Unable to parse installer URL or checksum. Quit installation." +# exit 1 +# fi + +# file_name="IBM_Cloud_CLI.tar.gz" +# tmp_dir="/tmp/ibmcloud_install" + +# mkdir -p "$tmp_dir" +# echo "Current platform is ${platform}. Downloading IBM Cloud CLI..." + +# if curl -L "$installer_url" -o "${tmp_dir}/${file_name}"; then +# echo "Download complete. Verifying integrity..." +# else +# echo "Download failed. Please check your network connection. Quit installation." +# exit 1 +# fi + +# calculated_sha1sum=$(sha1sum "${tmp_dir}/${file_name}" | awk '{print $1}') +# if [ "$sh1sum" != "$calculated_sha1sum" ]; then +# echo "Downloaded file is corrupted (checksum mismatch). Quit installation." +# rm -rf "$tmp_dir" +# exit 1 +# fi + +# echo "Extracting package..." +# tar -xvf "${tmp_dir}/${file_name}" -C "$tmp_dir" >/dev/null 2>&1 + +# if [ ! -x "${tmp_dir}/Bluemix_CLI/install" ]; then +# chmod 755 "${tmp_dir}/Bluemix_CLI/install" +# fi + +# echo "Running installer (no sudo)..." +# "${tmp_dir}/Bluemix_CLI/install" -q +# install_result=$? + +# rm -rf "${tmp_dir}" + +# if [ $install_result -eq 0 ]; then +# echo "IBM Cloud CLI installation completed successfully." +# else +# echo "IBM Cloud CLI installation failed." +# exit 1 +# fi + +# } + +# --- Function to install jq --- +install_jq() { + echo "Installing jq (locally)..." + JQ_VERSION="1.7" + ARCH=$(uname -m) + OS=$(uname | tr '[:upper:]' '[:lower:]') + + case "$ARCH" in + x86_64) JQ_ARCH="jq-linux64" ;; + aarch64) JQ_ARCH="jq-linux64" ;; # same binary works for ARM64 in most cases + *) + echo "Unsupported architecture: $ARCH" + exit 1 + ;; + esac + + curl -L -o "jq" "https://github.com/jqlang/jq/releases/download/jq-${JQ_VERSION}/${JQ_ARCH}" + chmod +x "jq" + mv ./jq "/tmp/jq" + echo "✅ jq installed locally at jq" +} + +# --- Check and install kubectl --- +if ! command -v kubectl >/dev/null 2>&1; then + echo "kubectl not found. Installing latest stable version locally..." + OS=$(uname | tr '[:upper:]' '[:lower:]') + KUBECTL_VERSION=$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt) + curl -LO "https://storage.googleapis.com/kubernetes-release/release/${KUBECTL_VERSION}/bin/${OS}/amd64/kubectl" + chmod +x ./kubectl + mv ./kubectl "/tmp/kubectl" + echo "✅ kubectl installed locally at kubectl" +else + echo "✅ kubectl is already installed. Skipping installation." +fi + +# # --- Check and install IBM Cloud CLI --- +# if ! command -v ibmcloud >/dev/null 2>&1; then +# echo "IBM Cloud CLI not found. Installing locally..." +# install_ibm_cli +# echo "✅ IBM Cloud CLI installed locally at $LOCAL_BIN/ibmcloud" +# else +# echo "✅ IBM Cloud CLI is already installed. Skipping installation." +# fi + +# # --- Ensure IBM Cloud Kubernetes Service CLI plugin --- +# if ! ibmcloud plugin show container-service >/dev/null 2>&1; then +# echo "IBM Cloud Kubernetes Service CLI plugin not found. Installing..." +# ibmcloud plugin install container-service -f +# echo "✅ IBM Cloud Kubernetes Service CLI plugin installed successfully." +# else +# echo "✅ IBM Cloud Kubernetes Service CLI plugin is already installed. Skipping installation." +# fi + +# # --- Ensure IBM Cloud VPC Infrastructure Service CLI plugin --- +# if ! ibmcloud plugin show is >/dev/null 2>&1; then +# echo "IBM Cloud VPC Infrastructure Service CLI plugin not found. Installing..." +# ibmcloud plugin install is -f +# echo "✅ IBM Cloud VPC Infrastructure Service CLI plugin installed successfully." +# else +# echo "✅ IBM Cloud VPC Infrastructure Service CLI plugin is already installed. Skipping installation." +# fi + +# --- Check and install jq --- +if ! command -v jq >/dev/null 2>&1; then + install_jq +else + echo "✅ jq is already installed. Skipping installation." +fi + +echo "" +echo "🎉 All required CLI tools are installed locally:" +# echo " - IBM Cloud CLI" +# echo " - IBM Cloud Kubernetes Service CLI plugin" +# echo " - IBM Cloud VPC Infrastructure Service CLI plugin" +echo " - kubectl" +echo " - jq" +echo "" diff --git a/solutions/quickstart/variables.tf b/solutions/quickstart/variables.tf index c945da62a..90f538388 100644 --- a/solutions/quickstart/variables.tf +++ b/solutions/quickstart/variables.tf @@ -14,7 +14,7 @@ variable "existing_resource_group_name" { variable "provider_visibility" { description = "Set the visibility value for the IBM terraform provider. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)." type = string - default = "private" + default = "public" validation { condition = contains(["public", "private", "public-and-private"], var.provider_visibility)