terraform-ibm-modules
diff --git a/‎README.md‎
Lines changed: 2 additions & 1 deletion b/‎README.md‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎common-dev-assets‎ b/‎common-dev-assets‎
diff --git a/‎examples/build/README.md‎
Lines changed: 8 additions & 0 deletions b/‎examples/build/README.md‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎tests/resources/main.tf‎ renamed to ‎examples/build/main.tf‎
Lines changed: 13 additions & 14 deletions b/‎tests/resources/main.tf‎ renamed to ‎examples/build/main.tf‎
Lines changed: 13 additions & 14 deletions
diff --git a/‎examples/build/outputs.tf‎
Lines changed: 24 additions & 0 deletions b/‎examples/build/outputs.tf‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎tests/resources/provider.tf‎ renamed to ‎examples/build/provider.tf‎
Lines changed: 1 addition & 1 deletion b/‎tests/resources/provider.tf‎ renamed to ‎examples/build/provider.tf‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎tests/resources/variables.tf‎ renamed to ‎examples/build/variables.tf‎
Lines changed: 7 additions & 23 deletions b/‎tests/resources/variables.tf‎ renamed to ‎examples/build/variables.tf‎
Lines changed: 7 additions & 23 deletions
diff --git a/‎tests/resources/version.tf‎ renamed to ‎examples/build/version.tf‎
Lines changed: 2 additions & 2 deletions b/‎tests/resources/version.tf‎ renamed to ‎examples/build/version.tf‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎main.tf‎
Lines changed: 21 additions & 18 deletions b/‎main.tf‎
Lines changed: 21 additions & 18 deletions
diff --git a/‎modules/build/README.md‎
Lines changed: 13 additions & 6 deletions b/‎modules/build/README.md‎
Lines changed: 13 additions & 6 deletions
@@ -26,6 +26,7 @@ This module provisions the IBM Cloud Code Engine fully managed and serverless pl
     * [secret](./modules/secret)
 * [Examples](./examples)
     * <div style="display: inline-block;"><a href="./examples/apps">Apps example</a></div> <div style="display: inline-block; vertical-align: middle;"><a href="https://cloud.ibm.com/schematics/workspaces/create?workspace_name=ce-apps-example&repository=https://github.com/terraform-ibm-modules/terraform-ibm-code-engine/tree/main/examples/apps" target="_blank"><img src="https://cloud.ibm.com/media/docs/images/icons/Deploy_to_cloud.svg" alt="Deploy to IBM Cloud button"></a></div>
+    * <div style="display: inline-block;"><a href="./examples/build">Build example</a></div> <div style="display: inline-block; vertical-align: middle;"><a href="https://cloud.ibm.com/schematics/workspaces/create?workspace_name=ce-build-example&repository=https://github.com/terraform-ibm-modules/terraform-ibm-code-engine/tree/main/examples/build" target="_blank"><img src="https://cloud.ibm.com/media/docs/images/icons/Deploy_to_cloud.svg" alt="Deploy to IBM Cloud button"></a></div>
     * <div style="display: inline-block;"><a href="./examples/jobs">Jobs example</a></div> <div style="display: inline-block; vertical-align: middle;"><a href="https://cloud.ibm.com/schematics/workspaces/create?workspace_name=ce-jobs-example&repository=https://github.com/terraform-ibm-modules/terraform-ibm-code-engine/tree/main/examples/jobs" target="_blank"><img src="https://cloud.ibm.com/media/docs/images/icons/Deploy_to_cloud.svg" alt="Deploy to IBM Cloud button"></a></div>
 * [Contributing](#contributing)
 <!-- END OVERVIEW HOOK -->
@@ -157,7 +158,7 @@ No resources.
 |------|-------------|------|---------|:--------:|
 | <a name="input_apps"></a> [apps](#input\_apps) | A map of code engine apps to be created. | <pre>map(object({<br/>    image_reference = string<br/>    image_secret    = optional(string)<br/>    run_env_variables = optional(list(object({<br/>      type      = optional(string)<br/>      name      = optional(string)<br/>      value     = optional(string)<br/>      prefix    = optional(string)<br/>      key       = optional(string)<br/>      reference = optional(string)<br/>    })))<br/>    run_volume_mounts = optional(list(object({<br/>      mount_path = string<br/>      reference  = string<br/>      name       = optional(string)<br/>      type       = string<br/>    })))<br/>    image_port                    = optional(number)<br/>    managed_domain_mappings       = optional(string)<br/>    run_arguments                 = optional(list(string))<br/>    run_as_user                   = optional(number)<br/>    run_commands                  = optional(list(string))<br/>    run_service_account           = optional(string)<br/>    scale_concurrency             = optional(number)<br/>    scale_concurrency_target      = optional(number)<br/>    scale_cpu_limit               = optional(string)<br/>    scale_ephemeral_storage_limit = optional(string)<br/>    scale_initial_instances       = optional(number)<br/>    scale_max_instances           = optional(number)<br/>    scale_memory_limit            = optional(string)<br/>    scale_min_instances           = optional(number)<br/>    scale_request_timeout         = optional(number)<br/>    scale_down_delay              = optional(number)<br/>  }))</pre> | `{}` | no |
 | <a name="input_bindings"></a> [bindings](#input\_bindings) | A map of code engine bindings to be created. | <pre>map(object({<br/>    secret_name = string<br/>    components = list(object({<br/>      name          = string<br/>      resource_type = string<br/>    }))<br/>  }))</pre> | `{}` | no |
-| <a name="input_builds"></a> [builds](#input\_builds) | A map of code engine builds to be created. Requires 'ibmcloud\_api\_key' to be set for authentication and execution. | <pre>map(object({<br/>    output_image       = string<br/>    output_secret      = string # pragma: allowlist secret<br/>    source_url         = string<br/>    strategy_type      = string<br/>    source_context_dir = optional(string)<br/>    source_revision    = optional(string)<br/>    source_secret      = optional(string)<br/>    source_type        = optional(string)<br/>    strategy_size      = optional(string)<br/>    strategy_spec_file = optional(string)<br/>    timeout            = optional(number)<br/>  }))</pre> | `{}` | no |
+| <a name="input_builds"></a> [builds](#input\_builds) | A map of code engine builds to be created. Requires 'ibmcloud\_api\_key' to be set for authentication and execution. | <pre>map(object({<br/>    output_image                 = optional(string)<br/>    output_secret                = optional(string) # pragma: allowlist secret<br/>    source_url                   = string<br/>    strategy_type                = optional(string)<br/>    source_context_dir           = optional(string)<br/>    source_revision              = optional(string)<br/>    source_secret                = optional(string)<br/>    source_type                  = optional(string)<br/>    strategy_size                = optional(string)<br/>    strategy_spec_file           = optional(string)<br/>    timeout                      = optional(number)<br/>    region                       = optional(string)<br/>    container_registry_namespace = optional(string)<br/>    prefix                       = optional(string)<br/>  }))</pre> | `{}` | no |
 | <a name="input_cbr_rules"></a> [cbr\_rules](#input\_cbr\_rules) | The context-based restrictions rule to create. Only one rule is allowed. | <pre>list(object({<br/>    description = string<br/>    account_id  = string<br/>    rule_contexts = list(object({<br/>      attributes = optional(list(object({<br/>        name  = string<br/>        value = string<br/>    }))) }))<br/>    enforcement_mode = string<br/>    operations = optional(list(object({<br/>      api_types = list(object({<br/>        api_type_id = string<br/>      }))<br/>    })))<br/>  }))</pre> | `[]` | no |
 | <a name="input_config_maps"></a> [config\_maps](#input\_config\_maps) | A map of code engine config maps to be created. | <pre>map(object({<br/>    data = map(string)<br/>  }))</pre> | `{}` | no |
 | <a name="input_domain_mappings"></a> [domain\_mappings](#input\_domain\_mappings) | A map of code engine domain mappings to be created. | <pre>map(object({<br/>    tls_secret = string # pragma: allowlist secret<br/>    components = list(object({<br/>      name          = string<br/>      resource_type = string<br/>    }))<br/>  }))</pre> | `{}` | no |
 
@@ -0,0 +1,8 @@
+# Build example
+
+An end-to-end apps example that will provision the following:
+- A new resource group if one is not passed in.
+- Code Engine project
+- Code Engine build
+- Code Engine registry secret
+- Container registry namespace
@@ -11,21 +11,20 @@ module "resource_group" {
 }
 
 ########################################################################################################################
-# Secrets Manager resources
+# Code Engine instance
 ########################################################################################################################
 
-data "ibm_sm_public_certificate" "public_certificate" {
-  # depends_on  = [resource.ibm_sm_public_certificate.secrets_manager_public_certificate]
-  instance_id = var.existing_sm_instance_guid
-  region      = var.existing_sm_instance_region
-  secret_id   = var.existing_cert_secret_id
-}
-
-
-module "namespace" {
-  source            = "terraform-ibm-modules/container-registry/ibm"
-  version           = "2.3.5"
-  namespace_name    = "${var.prefix}-namespace"
+module "code_engine" {
+  source            = "../.."
+  ibmcloud_api_key  = var.ibmcloud_api_key
   resource_group_id = module.resource_group.resource_group_id
-  images_per_repo   = 1
+  project_name      = "${var.prefix}-project"
+  builds = {
+    "${var.prefix}-build1" = {
+      source_url                   = "https://github.com/IBM/CodeEngine"
+      container_registry_namespace = "cr-ce"
+      prefix                       = var.prefix
+      region                       = var.region
+    }
+  }
 }
@@ -0,0 +1,24 @@
+########################################################################################################################
+# Outputs
+########################################################################################################################
+
+output "resource_group_id" {
+  description = "The id of created resource group."
+  value       = module.resource_group.resource_group_id
+}
+
+output "resource_group_name" {
+  description = "The name of created resource group."
+  value       = module.resource_group.resource_group_name
+}
+
+output "project_id" {
+  description = "ID of the created code engine project."
+  value       = module.code_engine.project_id
+}
+
+output "build" {
+  description = "Configuration of the created code engine domain mapping."
+  value       = module.code_engine.build
+  sensitive   = true
+}
@@ -4,5 +4,5 @@
 
 provider "ibm" {
   ibmcloud_api_key = var.ibmcloud_api_key
-  region           = var.existing_sm_instance_region
+  region           = var.region
 }
@@ -8,36 +8,20 @@ variable "ibmcloud_api_key" {
   sensitive   = true
 }
 
+variable "region" {
+  type        = string
+  description = "Region to provision all resources created by this example"
+  default     = "us-south"
+}
+
 variable "prefix" {
   type        = string
   description = "Prefix to append to all resources created by this example"
-  default     = "ce-prj"
+  default     = "ce-build"
 }
 
 variable "resource_group" {
   type        = string
   description = "The name of an existing resource group to provision resources in to. If not set a new resource group will be created using the prefix variable"
   default     = null
 }
-
-##############################################################
-# Secret Manager
-##############################################################
-
-variable "existing_sm_instance_guid" {
-  type        = string
-  description = "An existing Secrets Manager GUID. The existing Secret Manager instance must have private certificate engine configured. If not provided an new instance will be provisioned."
-  default     = null
-}
-
-variable "existing_sm_instance_region" {
-  type        = string
-  description = "Required if value is passed into `var.existing_sm_instance_guid`."
-  default     = null
-}
-
-variable "existing_cert_secret_id" {
-  type        = string
-  description = "Required if value is passed into `var.existing_sm_instance_guid`."
-  default     = null
-}
@@ -1,12 +1,12 @@
 
 terraform {
-  required_version = ">= 1.3.0"
+  required_version = ">= 1.9.0"
   # Ensure that there is always 1 example locked into the lowest provider version of the range defined in the main
   # module's version.tf (this example), and 1 example that will always use the latest provider version (jobs examples).
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.70.0, < 2.0.0"
+      version = ">= 1.79.0, < 2.0.0"
     }
   }
 }
@@ -99,24 +99,27 @@ module "secret" {
 # Code Engine Build
 ##############################################################################
 module "build" {
-  depends_on                 = [module.secret]
-  source                     = "./modules/build"
-  for_each                   = var.builds
-  ibmcloud_api_key           = var.ibmcloud_api_key
-  existing_resource_group_id = var.resource_group_id
-  project_id                 = local.project_id
-  name                       = each.key
-  output_image               = each.value.output_image
-  output_secret              = each.value.output_secret
-  source_url                 = each.value.source_url
-  strategy_type              = each.value.strategy_type
-  source_context_dir         = each.value.source_context_dir
-  source_revision            = each.value.source_revision
-  source_secret              = each.value.source_secret
-  source_type                = each.value.source_type
-  strategy_size              = each.value.strategy_size
-  strategy_spec_file         = each.value.strategy_spec_file
-  timeout                    = each.value.timeout
+  depends_on                   = [module.secret]
+  source                       = "./modules/build"
+  for_each                     = var.builds
+  ibmcloud_api_key             = var.ibmcloud_api_key
+  existing_resource_group_id   = var.resource_group_id
+  project_id                   = local.project_id
+  name                         = each.key
+  output_image                 = each.value.output_image
+  output_secret                = each.value.output_secret
+  source_url                   = each.value.source_url
+  strategy_type                = each.value.strategy_type
+  source_context_dir           = each.value.source_context_dir
+  source_revision              = each.value.source_revision
+  source_secret                = each.value.source_secret
+  source_type                  = each.value.source_type
+  strategy_size                = each.value.strategy_size
+  strategy_spec_file           = each.value.strategy_spec_file
+  timeout                      = each.value.timeout
+  region                       = each.value.region
+  container_registry_namespace = each.value.container_registry_namespace
+  prefix                       = each.value.prefix
 }
 
 ##############################################################################
 
@@ -40,7 +40,11 @@ You need the following permissions to run this module.
 
 ### Modules
 
-No modules.
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_cr_endpoint"></a> [cr\_endpoint](#module\_cr\_endpoint) | terraform-ibm-modules/container-registry/ibm//modules/endpoint | 2.1.0 |
+| <a name="module_cr_namespace"></a> [cr\_namespace](#module\_cr\_namespace) | terraform-ibm-modules/container-registry/ibm | 2.1.0 |
+| <a name="module_secret"></a> [secret](#module\_secret) | ../../modules/secret | n/a |
 
 ### Resources
 
@@ -54,21 +58,24 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_container_registry_api_key"></a> [container\_registry\_api\_key](#input\_container\_registry\_api\_key) | The API key for the container registry in the target account. This is only used if 'output\_secret' is not set and a new registry secret needs to be created. If not provided, the IBM Cloud API key (ibmcloud\_api\_key) will be used instead. | `string` | `null` | no |
+| <a name="input_container_registry_namespace"></a> [container\_registry\_namespace](#input\_container\_registry\_namespace) | The name of the namespace to create in IBM Cloud Container Registry for organizing container images. Must be set if 'output\_image' is not set. If a prefix input variable is specified, the prefix is added to the name in the `<prefix>-<container_registry_namespace>` format. | `string` | `null` | no |
 | <a name="input_existing_resource_group_id"></a> [existing\_resource\_group\_id](#input\_existing\_resource\_group\_id) | The ID of an existing resource group where build will be provisioned. This must be the same resource group in which the code engine project was created. | `string` | n/a | yes |
 | <a name="input_ibmcloud_api_key"></a> [ibmcloud\_api\_key](#input\_ibmcloud\_api\_key) | The IBM Cloud API key. | `string` | n/a | yes |
 | <a name="input_name"></a> [name](#input\_name) | The name of the build. | `string` | n/a | yes |
-| <a name="input_output_image"></a> [output\_image](#input\_output\_image) | The name of the image. | `string` | n/a | yes |
-| <a name="input_output_secret"></a> [output\_secret](#input\_output\_secret) | The secret that is required to access the image registry. | `string` | n/a | yes |
+| <a name="input_output_image"></a> [output\_image](#input\_output\_image) | A container image can be identified by a container image reference with the following structure: registry / namespace / repository:tag. [Learn more](https://cloud.ibm.com/docs/codeengine?topic=codeengine-getting-started).<br/><br/>If not provided, the value will be derived from the 'container\_registry\_namespace' input variable, which must not be null in that case. | `string` | `null` | no |
+| <a name="input_output_secret"></a> [output\_secret](#input\_output\_secret) | The name of the Code Engine secret that contains an API key to access the IBM Cloud Container Registry.<br/>The API key stored in this secret must have push permissions for the specified container registry namespace.<br/>If this secret is not provided, a Code Engine secret named `<prefix>-<registry-access-secret>` will be created automatically. Its value will be taken from 'container\_registry\_api\_key' if set, otherwise from 'ibmcloud\_api\_key'. | `string` | `null` | no |
+| <a name="input_prefix"></a> [prefix](#input\_prefix) | Prefix appended to the container registry namespace and registry secret if created. | `string` | `null` | no |
 | <a name="input_project_id"></a> [project\_id](#input\_project\_id) | The ID of the project where build will be created. | `string` | n/a | yes |
 | <a name="input_region"></a> [region](#input\_region) | The region in which to provision the build. This must be the same region in which the code engine project was created. | `string` | `"us-south"` | no |
 | <a name="input_source_context_dir"></a> [source\_context\_dir](#input\_source\_context\_dir) | The directory in the repository that contains the buildpacks file or the Dockerfile. | `string` | `null` | no |
 | <a name="input_source_revision"></a> [source\_revision](#input\_source\_revision) | Commit, tag, or branch in the source repository to pull. | `string` | `null` | no |
-| <a name="input_source_secret"></a> [source\_secret](#input\_source\_secret) | The name of the secret that is used access the repository source. If the var.source\_type value is `local`, this field must be omitted. | `string` | `null` | no |
-| <a name="input_source_type"></a> [source\_type](#input\_source\_type) | Specifies the type of source to determine if your build source is in a repository or based on local source code. | `string` | `null` | no |
+| <a name="input_source_secret"></a> [source\_secret](#input\_source\_secret) | The name of the secret that is used access the repository source. If the var.source\_type value is `local`, this input must be omitted. | `string` | `null` | no |
+| <a name="input_source_type"></a> [source\_type](#input\_source\_type) | Specifies the type of source to determine if your build source is in a repository or based on local source code. If the value is `local`, then 'source\_secret' input must be omitted. | `string` | `null` | no |
 | <a name="input_source_url"></a> [source\_url](#input\_source\_url) | The URL of the code repository. | `string` | n/a | yes |
 | <a name="input_strategy_size"></a> [strategy\_size](#input\_strategy\_size) | The size for the build, which determines the amount of resources used. | `string` | `null` | no |
 | <a name="input_strategy_spec_file"></a> [strategy\_spec\_file](#input\_strategy\_spec\_file) | The path to the specification file that is used for build strategies for building an image. | `string` | `null` | no |
-| <a name="input_strategy_type"></a> [strategy\_type](#input\_strategy\_type) | The strategy to use for building the image. | `string` | n/a | yes |
+| <a name="input_strategy_type"></a> [strategy\_type](#input\_strategy\_type) | The strategy to use for building the image. | `string` | `"dockerfile"` | no |
 | <a name="input_timeout"></a> [timeout](#input\_timeout) | The maximum amount of time, in seconds, that can pass before the build must succeed or fail. | `number` | `600` | no |
 
 ### Outputs
Original file line number	Diff line number	Diff line change
`@@ -4,5 +4,5 @@`
`4`	`4`
`5`	`5`	`provider "ibm" {`
`6`	`6`	`ibmcloud_api_key = var.ibmcloud_api_key`
`7`		`- region = var.existing_sm_instance_region`
	`7`	`+ region = var.region`
`8`	`8`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,12 +1,12 @@`
`1`	`1`
`2`	`2`	`terraform {`
`3`		`- required_version = ">= 1.3.0"`
	`3`	`+ required_version = ">= 1.9.0"`
`4`	`4`	`# Ensure that there is always 1 example locked into the lowest provider version of the range defined in the main`
`5`	`5`	`# module's version.tf (this example), and 1 example that will always use the latest provider version (jobs examples).`
`6`	`6`	`required_providers {`
`7`	`7`	`ibm = {`
`8`	`8`	`source = "IBM-Cloud/ibm"`
`9`		`- version = ">= 1.70.0, < 2.0.0"`
	`9`	`+ version = ">= 1.79.0, < 2.0.0"`
`10`	`10`	`}`
`11`	`11`	`}`
`12`	`12`	`}`