Skip to content

feat: added addons #511

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 15 commits into from
Oct 21, 2025
Merged

feat: added addons #511

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
537f86f
added addons
vkuma17 Oct 7, 2025
054cdb4
Merge branch 'main' into addons
vkuma17 Oct 7, 2025
efb9a77
changes
vkuma17 Oct 15, 2025
f8c66c9
updated dependency version
vkuma17 Oct 19, 2025
d210ec6
updated network acl
vkuma17 Oct 20, 2025
4f69258
go mod tidy
vkuma17 Oct 20, 2025
7868028
Merge branch 'main' into addons
vkuma17 Oct 20, 2025
0847f4f
changes
vkuma17 Oct 20, 2025
c42b70c
Merge branch 'addons' of github.com:terraform-ibm-modules/terraform-i…
vkuma17 Oct 20, 2025
77bafaf
changes
vkuma17 Oct 20, 2025
3bec928
changes
vkuma17 Oct 20, 2025
6d996b9
updates to v3
ocofaigh Oct 20, 2025
fdbe037
fix mapping
ocofaigh Oct 20, 2025
f7cde0d
updated wrapper version
vkuma17 Oct 21, 2025
dbd807a
changes in catalog.json
vkuma17 Oct 21, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .secrets.baseline
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"files": "go.sum|^.secrets.baseline$",
"lines": null
},
"generated_at": "2025-10-04T03:51:30Z",
"generated_at": "2025-10-20T10:40:25Z",
"plugins_used": [
{
"name": "AWSKeyDetector"
Expand Down
257 changes: 228 additions & 29 deletions ibm_catalog.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,41 +59,130 @@
"dependency_version_2": true,
"dependencies": [
{
"flavors": [
"standard"
],
"id": "95fccffc-ae3b-42df-b6d9-80be5914d852-global",
"name": "deploy-arch-ibm-slz-ocp",
"version": ">=1.0.0",
"optional": true
},
{
"flavors": [
"standard"
],
"id": "9fc0fa64-27af-4fed-9dce-47b3640ba739-global",
"name": "deploy-arch-ibm-slz-vpc",
"version": ">=1.0.0",
"optional": true
},
{
"description": "Configure the VPC and subnets required to deploy VPN Server.",
"id": "9fc0fa64-27af-4fed-9dce-47b3640ba739-global",
"version": "v8.7.0",
"flavors": [
"standard"
"fully-configurable"
],
"id": "ef663980-4c71-4fac-af4f-4a510a9bcf68-global",
"name": "deploy-arch-ibm-slz-vsi",
"version": ">=1.0.0",
"optional": true
"catalog_id": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc",
"optional": true,
"on_by_default": true,
"input_mapping": [
{
"dependency_input": "prefix",
"version_input": "prefix",
"reference_version": true
},
{
"dependency_input": "existing_resource_group_name",
"version_input": "existing_resource_group_name",
"reference_version": true
},
{
"dependency_input": "region",
"version_input": "region",
"reference_version": true
},
{
"dependency_output": "subnet_ids",
"version_input": "existing_subnet_ids"
},
{
"dependency_output": "vpc_crn",
"version_input": "existing_vpc_crn"
},
{
"dependency_input": "subnets",
"version_input": "subnets",
"reference_version": true
},
{
"dependency_input": "network_acls",
"version_input": "network_acls",
"reference_version": true
}
]
},
{
"name": "deploy-arch-secrets-manager-private-cert",
"description": "Configures secrets manager instance, private certificate engine and VPN server certificate. Client certificate will not get created and will have to be created manually.",
"id": "422283a7-9cb2-4149-8093-a36a799e1d27-global",
"version": "v1.7.0",
"flavors": [
"fully-configurable"
],
"catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3",
"id": "6d6ebc76-7bbd-42f5-8bc7-78f4fabd5944-global",
"name": "deploy-arch-ibm-secrets-manager",
"version": ">=1.0.0",
"optional": true
"optional": true,
"on_by_default": true,
"ignore_auto_referencing": [
"*"
],
"input_mapping": [
{
"dependency_input": "prefix",
"version_input": "prefix",
"reference_version": true
},
{
"dependency_output": "secrets_manager_crn",
"version_input": "existing_secrets_manager_instance_crn"
},
{
"dependency_input": "prefix",
"version_input": "prefix",
"reference_version": true
},
{
"dependency_input": "secrets_manager_region",
"version_input": "region",
"reference_version": true
},
{
"dependency_input": "secrets_manager_service_plan",
"version_input": "secrets_manager_service_plan",
"reference_version": true
},
{
"dependency_input": "root_ca_name",
"version_input": "root_ca_name",
"reference_version": true
},
{
"dependency_input": "root_ca_common_name",
"version_input": "root_ca_common_name",
"reference_version": true
},
{
"dependency_input": "intermediate_ca_name",
"version_input": "intermediate_ca_name",
"reference_version": true
},
{
"dependency_input": "intermediate_ca_common_name",
"version_input": "intermediate_ca_common_name",
"reference_version": true
},
{
"dependency_input": "certificate_template_name",
"version_input": "certificate_template_name",
"reference_version": true
},
{
"dependency_input": "template_max_ttl",
"version_input": "template_max_ttl",
"reference_version": true
},
{
"version_input": "enable_certificate_auth",
"value": false
},
{
"dependency_output": "secret_crn",
"version_input": "existing_secrets_manager_cert_crn"
}
]
}
],
"configuration": [
Expand All @@ -102,10 +191,15 @@
},
{
"key": "prefix",
"required": true,
"default_value": "dev",
"random_string": {
"length": 4
},
"value_constraints": [
{
"type": "regex",
"description": "Prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It must not end with a hyphen ('-'), and cannot contain consecutive hyphens ('--'). It should not exceed 16 characters.",
"description": "Prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It must not end with a hyphen('-'), and cannot contain consecutive hyphens ('--'). It should not exceed 16 characters.",
"value": "^$|^__NULL__$|^[a-z](?!.*--)(?:[a-z0-9-]{0,14}[a-z0-9])?$"
}
]
Expand All @@ -124,16 +218,121 @@
"config_constraints": {
"identifier": "rg_name"
}
}
},
{
"key": "region",
"required": true,
"type": "string",
"custom_config": {
"config_constraints": {
"generationType": "2"
},
"grouping": "deployment",
"original_grouping": "deployment",
"type": "vpc_region"
},
"default_value": "Default",
"description": "The name of an existing resource group to provision the resources."
"description": "Region in which all resources will be deployed. [Learn More](https://terraform-ibm-modules.github.io/documentation/#/region).",
"virtual": true,
"default_value": "us-south"
},
{
"key": "subnets",
"default_value": "{\n zone-1 = [\n {\n name = \"subnet-a\"\n cidr = \"10.10.10.0/24\"\n public_gateway = true\n acl_name = \"vpc-acl\"\n no_addr_prefix = false\n }\n ],\n zone-2 = [\n {\n name = \"subnet-b\"\n cidr = \"10.20.10.0/24\"\n public_gateway = true\n acl_name = \"vpc-acl\"\n no_addr_prefix = false\n }\n ],\n zone-3 = []\n }",
"description": "List of subnets for the vpc. For each item in each array, a subnet will be created. Items can be either CIDR blocks or total ipv4 addresses. Public gateways will be enabled only in zones where a gateway has been created. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#subnets-).",
"required": false,
"virtual": true,
"custom_config": {
"grouping": "deployment",
"original_grouping": "deployment",
"type": "code_editor"
}
},
{
"key": "network_acls",
"type": "list(object)",
"default_value": "[\n {\n name = \"vpc-acl\"\n add_ibm_cloud_internal_rules = true\n add_vpc_connectivity_rules = true\n prepend_ibm_rules = true\n rules = [\n {\n name = \"allow-all-443-inbound\"\n action = \"allow\"\n direction = \"inbound\"\n tcp = {\n port_min = 443\n port_max = 443\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-all-80-inbound\"\n action = \"allow\"\n direction = \"inbound\"\n tcp = {\n port_min = 80\n port_max = 80\n source_port_min = 80\n source_port_max = 80\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-all-ingress-inbound\"\n action = \"allow\"\n direction = \"inbound\"\n tcp = {\n source_port_min = 30000\n source_port_max = 32767\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-all-443-outbound\"\n action = \"allow\"\n direction = \"outbound\"\n tcp = {\n source_port_min = 443\n source_port_max = 443\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-all-80-outbound\"\n action = \"allow\"\n direction = \"outbound\"\n tcp = {\n source_port_min = 80\n source_port_max = 80\n port_min = 80\n port_max = 80\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-all-ingress-outbound\"\n action = \"allow\"\n direction = \"outbound\"\n tcp = {\n port_min = 30000\n port_max = 32767\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-udp-80-443-inbound\"\n action = \"allow\"\n direction = \"inbound\"\n udp = {\n port_min = 80\n port_max = 443\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-udp-all-outbound\"\n action = \"allow\"\n direction = \"outbound\"\n udp = {\n port_min = 1\n port_max = 65535\n source_port_min = 1\n source_port_max = 65535\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n }\n ]\n }\n]",
"description": "The list of ACLs to create. Provide at least one rule for each ACL. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#network-acls-).",
"required": false,
"virtual": true,
"custom_config": {
"type": "code_editor",
"grouping": "deployment",
"original_grouping": "deployment"
}
},
{
"key": "secrets_manager_service_plan",
"required": true,
"virtual": true,
"type": "string",
"options": [
{
"displayname": "Standard",
"value": "standard"
},
{
"displayname": "Trial",
"value": "trial"
}
],
"default_value": "standard",
"description": "The pricing plan to use when provisioning a Secrets Manager instance. Possible values: `standard`, `trial`. You can create only one Trial instance of Secrets Manager per account. Before you can create a new Trial instance, you must delete the existing Trial instance and its reclamation. [Learn more](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-create-instance&interface=ui#upgrade-instance-standard)."
},
{
"key": "existing_secrets_manager_instance_crn"
},
{
"key": "existing_secrets_manager_cert_crn"
},
{
"key": "root_ca_name",
"type": "string",
"required": false,
"virtual": true,
"default_value": "root-ca",
"description": "The name of the Root Certificate Authority you want to create."
},
{
"key": "root_ca_common_name",
"type": "string",
"required": false,
"virtual": true,
"default_value": "example-root.com",
"description": "The common name of the Root Certificate Authority you want to create."
},
{
"key": "intermediate_ca_name",
"type": "string",
"required": false,
"virtual": true,
"default_value": "intermediate-ca",
"description": "The name of the Intermediate Certificate Authority you want to create."
},
{
"key": "intermediate_ca_common_name",
"type": "string",
"required": false,
"virtual": true,
"default_value": "example-int.com",
"description": "The common name of the Intermediate Certificate Authority you want to create."
},
{
"key": "certificate_template_name",
"type": "string",
"required": false,
"virtual": true,
"default_value": "template",
"description": "The name of the Certificate Template you want to create."
},
{
"key": "template_max_ttl",
"type": "string",
"required": false,
"virtual": true,
"default_value": "8760h",
"description": "Max TTL for the certificate template you want to create."
},
{
"key": "private_cert_engine_config_root_ca_common_name"
},
Expand Down
8 changes: 2 additions & 6 deletions solutions/fully-configurable/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,8 @@ variable "prefix" {

variable "existing_resource_group_name" {
type = string
description = "The name of an existing resource group to provision the resources. If not provided the default resource group will be used."
default = null
description = "The name of an existing resource group to provision the resources. [Learn more](https://cloud.ibm.com/docs/account?topic=account-rgs&interface=ui#create_rgs) about how to create a resource group."
default = "Default"
}

##############################################################################
Expand Down Expand Up @@ -211,10 +211,6 @@ variable "existing_subnet_ids" {
error_message = "Set 'vpn_subnet_cidr_zone_1' and 'remote_cidr input variables' if 'existing_subnet_ids' input variable is not set."
}

validation {
condition = length(var.existing_subnet_ids) > 0 ? (var.vpn_subnet_cidr_zone_1 == null && var.remote_cidr == null) : true
error_message = "'vpn_subnet_cidr_zone_1' and 'remote_cidr' input variables can not be set if a 'existing_subnet_ids' input variable is already set"
}
}

variable "client_ip_pool" {
Expand Down
2 changes: 1 addition & 1 deletion tests/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ toolchain go1.25.3
require (
github.com/gruntwork-io/terratest v0.51.0
github.com/stretchr/testify v1.11.1
github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.15
github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.17
)

require (
Expand Down
4 changes: 2 additions & 2 deletions tests/go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -296,8 +296,8 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.15 h1:vTLAB97MQ45Hfla67pIWYnb/Z5YuEzRLjQ6WN4GHWgI=
github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.15/go.mod h1:g0kmBhFk6pVoTmse42tMNCSNktiOYJHAda/pAzOIxco=
github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.17 h1:unGRxvM9OJBTsfDQg/AZCYOeJZ5TqrCsPphjWJ2wI94=
github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.17/go.mod h1:g0kmBhFk6pVoTmse42tMNCSNktiOYJHAda/pAzOIxco=
github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
github.com/tmccombs/hcl2json v0.6.4 h1:/FWnzS9JCuyZ4MNwrG4vMrFrzRgsWEOVi+1AyYUVLGw=
github.com/tmccombs/hcl2json v0.6.4/go.mod h1:+ppKlIW3H5nsAsZddXPy2iMyvld3SHxyjswOZhavRDk=
Expand Down
Loading