feat: added a DA (Deployable Architecture) solution for IBM catalog (#450)

Author: imprateeksh

.catalog-onboard-pipeline.yaml

@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+offerings:
+  - name: deploy-arch-ibm-icd-postgresql
+    kind: solution
+    catalog_id: 7df1e4ca-d54c-4fd0-82ce-3d13247308cd
+    offering_id: 0298facd-3e69-43fa-87c0-4d3d0b3c887e
+    variations:
+      - name: standard
+        mark_ready: true
+        install_type: fullstack
+        scc:
+          instance_id: 1c7d5f78-9262-44c3-b779-b28fe4d88c37
+          region: us-south

.github/settings.yml

@@ -22,6 +22,6 @@ repository:
 
   # Uncomment this description property
   # and update the description to the current repo description.
-  description: "Implements a ICD Postgresql instance with tags, users, memory allocation, disk allocation, cpu allocation and context based restrictions"
+  description: "Implements an instance of the IBM Cloud Databases for PostgreSQL service."
 
-  topics: core-team, terraform, ibm-cloud, terraform-module, postgresql, supported, graduated
+  topics: core-team, terraform, ibm-cloud, terraform-module, postgresql, supported, graduated, deployable-architecture

.releaserc

@@ -9,7 +9,8 @@
       "assets": "false"
     }],
     ["@semantic-release/exec", {
-      "successCmd": "echo \"SEMVER_VERSION=${nextRelease.version}\" >> $GITHUB_ENV"
+      "successCmd": "echo \"SEMVER_VERSION=${nextRelease.version}\" >> $GITHUB_ENV",
+      "publishCmd": "./ci/trigger-catalog-onboarding-pipeline.sh --version=v${nextRelease.version}"
     }]
   ]
 }

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "go.sum|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2024-06-28T06:47:35Z",
+  "generated_at": "2024-07-24T15:38:43Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -86,6 +86,24 @@
         "type": "Secret Keyword",
         "verified_result": null
       }
+    ],
+    "solutions/standard/DA-types.md": [
+      {
+        "hashed_secret": "44cdfc3615970ada14420caaaa5c5745fca06002",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 58,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "bd0d0d73a240c29656fb8ae0dfa5f863077788dc",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 63,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
     ]
   },
   "version": "0.13.1+ibm.62.dss",

cra-config.yaml

@@ -1,12 +1,12 @@
 # More info about this file at https://github.com/terraform-ibm-modules/common-pipeline-assets/blob/main/.github/workflows/terraform-test-pipeline.md#cra-config-yaml
 version: "v1"
 CRA_TARGETS:
-  - CRA_TARGET: "examples/fscloud"
+  - CRA_TARGET: "solutions/standard"
     CRA_IGNORE_RULES_FILE: "cra-tf-validate-ignore-rules.json"
     PROFILE_ID: "0e6e7b5a-817d-4344-ab6f-e5d7a9c49520"
     CRA_ENVIRONMENT_VARIABLES:
-      TF_VAR_existing_at_instance_crn: "crn:v1:bluemix:public:logdnaat:eu-de:a/abac0df06b644a9cabc6e44f55b3880e:b1ef3365-dfbf-4d8f-8ac8-75f4f84d6f4a::"
-      TF_VAR_existing_kms_instance_guid: "e6dce284-e80f-46e1-a3c1-830f7adff7a9"
+      TF_VAR_existing_kms_instance_crn: "crn:v1:bluemix:public:hs-crypto:us-south:a/abac0df06b644a9cabc6e44f55b3880e:e6dce284-e80f-46e1-a3c1-830f7adff7a9::"
       TF_VAR_kms_key_crn: "crn:v1:bluemix:public:hs-crypto:us-south:a/abac0df06b644a9cabc6e44f55b3880e:e6dce284-e80f-46e1-a3c1-830f7adff7a9:key:76170fae-4e0c-48c3-8ebe-326059ebb533"
-      TF_VAR_region: "us-south"
-      TF_VAR_prefix: "test-postgres-fscloud"
+      TF_VAR_prefix: "test-postgres-standard"
+      TF_VAR_use_existing_resource_group: true
+      TF_VAR_resource_group_name: "geretain-test-postgres"

ibm_catalog.json

@@ -0,0 +1,267 @@
+{
+  "products": [
+    {
+      "name": "deploy-arch-ibm-icd-postgresql",
+      "label": "Databases for PostgreSQL",
+      "product_kind": "solution",
+      "tags": [
+        "ibm_created",
+        "target_terraform",
+        "terraform",
+        "data_management",
+        "solution"
+      ],
+      "keywords": [
+        "postgresql",
+        "postgres",
+        "IaC",
+        "infrastructure as code",
+        "terraform",
+        "solution",
+        "postgresql standard",
+        "database",
+        "relational"
+      ],
+      "short_description": "Creates and configures an instance of IBM Cloud Databases for PostgreSQL.",
+      "long_description": "This architecture supports creating and configuring an instance of Databases for PostgreSQL with KMS encryption.",
+      "offering_docs_url": "https://github.com/terraform-ibm-modules/terraform-ibm-icd-postgresql/blob/main/README.md",
+      "offering_icon_url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-icd-postgresql/main/images/postgresql.svg",
+      "provider_name": "IBM",
+      "features": [
+        {
+          "title": "Creates an instance of Databases for PostgreSQL",
+          "description": "Creates and configures an IBM Cloud Databases for PostgreSQL instance."
+        },
+        {
+          "title": "Supports KMS encryption",
+          "description": "Provides KMS encryption for the data that you store in the database."
+        },
+        {
+          "title": "Supports autoscaling",
+          "description": "Provides the autoscaling to allow the database to increase resources in response to usage."
+        }
+      ],
+      "flavors": [
+        {
+          "label": "Standard",
+          "name": "standard",
+          "install_type": "fullstack",
+          "working_directory": "solutions/standard",
+          "compliance": {
+            "authority": "scc-v3",
+            "profiles": [
+              {
+                "profile_name": "IBM Cloud Framework for Financial Services",
+                "profile_version": "1.6.0"
+              }
+            ]},
+          "iam_permissions": [
+            {
+              "role_crns": [
+                "crn:v1:bluemix:public:iam::::role:Administrator"
+              ],
+              "service_name": "all-account-management-services"
+            },
+            {
+              "role_crns": [
+                "crn:v1:bluemix:public:iam::::role:Editor"
+              ],
+              "service_name": "databases-for-postgresql"
+            },
+            {
+              "role_crns": [
+                "crn:v1:bluemix:public:iam::::serviceRole:Manager",
+                "crn:v1:bluemix:public:iam::::role:Editor"
+              ],
+              "service_name": "kms"
+            }
+          ],
+          "architecture": {
+            "descriptions": "This architecture creates an instance of IBM Cloud Databases for PostgreSQL instance with KMS encryption. Supports autoscaling.",
+            "features": [
+              {
+                "title": " Creates an instance of Databases for PostgreSQL",
+                "description": "This architecture creates an instance of IBM Cloud Databases for PostgreSQL with KMS encryption. It accepts or creates a resource group, and provides autoscaling rules."
+              }
+            ],
+            "diagrams": [
+              {
+                "diagram": {
+                  "caption": "Databases for PostgreSQL instance on IBM Cloud",
+                  "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-icd-postgresql/main/reference-architecture/deployable-architecture-postgresql.svg",
+                  "type": "image/svg+xml"
+                },
+                "description": "This architecture supports creating and configuring an instance of Databases for PostgreSQL instance with KMS encryption."
+              }
+            ]
+          },
+          "configuration": [
+              {
+                "key": "ibmcloud_api_key"
+              },
+              {
+                "key": "use_existing_resource_group"
+              },
+              {
+                "key": "resource_group_name"
+              },
+              {
+                "key": "prefix"
+              },
+              {
+                "key": "name"
+              },
+              {
+                "key": "region",
+                "required": true,
+                "default_value": "us-south",
+                "options": [
+                  {
+                    "displayname": "Chennai (che01)",
+                    "value": "che01"
+                  },
+                  {
+                    "displayname": "Dallas (us-south)",
+                    "value": "us-south"
+                  },
+                  {
+                    "displayname": "Frankfurt (eu-de)",
+                    "value": "eu-de"
+                  },
+                  {
+                    "displayname": "London (eu-gb)",
+                    "value": "eu-gb"
+                  },
+                  {
+                    "displayname": "Madrid (eu-es)",
+                    "value": "eu-es"
+                  },
+                  {
+                    "displayname": "Osaka (jp-osa)",
+                    "value": "jp-osa"
+                  },
+                  {
+                    "displayname": "Paris (par01)",
+                    "value": "par01"
+                  },
+                  {
+                    "displayname": "Sao Paulo (br-sao)",
+                    "value": "br-sao"
+                  },
+                  {
+                    "displayname": "Sydney (au-syd)",
+                    "value": "au-syd"
+                  },
+                  {
+                    "displayname": "Toronto (ca-tor)",
+                    "value": "ca-tor"
+                  },
+                  {
+                    "displayname": "Tokyo (jp-tok)",
+                    "value": "jp-tok"
+                  },
+                  {
+                    "displayname": "Washington (us-east)",
+                    "value": "us-east"
+                  }
+                ]
+              },
+              {
+                "key": "pg_version",
+                "required": true,
+                "options": [
+                  {
+                    "displayname": "12",
+                    "value": "12"
+                  },
+                  {
+                    "displayname": "13",
+                    "value": "13"
+                  },
+                  {
+                    "displayname": "14",
+                    "value": "14"
+                  },
+                  {
+                    "displayname": "15",
+                    "value": "15"
+                  },
+                  {
+                    "displayname": "16",
+                    "value": "16"
+                  }
+                ]
+              },
+              {
+                "key": "members"
+              },
+              {
+                "key": "member_memory_mb"
+              },
+              {
+                "key": "member_cpu_count"
+              },
+              {
+                "key": "member_disk_mb"
+              },
+              {
+                "key": "member_host_flavor"
+              },
+              {
+                "key": "configuration"
+              },
+              {
+                "key": "service_credential_names"
+              },
+              {
+                "key": "admin_pass"
+              },
+              {
+                "key": "users"
+              },
+              {
+                "key": "resource_tags"
+              },
+              {
+                "key": "access_tags"
+              },
+              {
+                "key": "ibmcloud_kms_api_key"
+              },
+              {
+                "key": "existing_kms_instance_crn"
+              },
+              {
+                "key": "existing_kms_key_crn"
+              },
+              {
+                "key": "kms_endpoint_type",
+                "options": [
+                  {
+                    "displayname": "public",
+                    "value": "public"
+                  },
+                  {
+                    "displayname": "private",
+                    "value": "private"
+                  }
+                ]
+              },
+              {
+                "key": "skip_iam_authorization_policy"
+              },
+              {
+                "key": "key_ring_name"
+              },
+              {
+                "key": "key_name"
+              },
+              {
+                "key": "auto_scaling"
+              }
+            ]
+        }
+      ]
+    }
+  ]
+}

images/postgresql.svg

@@ -58,11 +58,14 @@ No resources.
 | Name | Description |
 |------|-------------|
 | <a name="output_adminuser"></a> [adminuser](#output\_adminuser) | Database admin user name |
+| <a name="output_cbr_rule_ids"></a> [cbr\_rule\_ids](#output\_cbr\_rule\_ids) | CBR rule ids created to restrict Postgresql |
 | <a name="output_certificate_base64"></a> [certificate\_base64](#output\_certificate\_base64) | Database connection certificate |
 | <a name="output_crn"></a> [crn](#output\_crn) | Postgresql instance crn |
 | <a name="output_guid"></a> [guid](#output\_guid) | Postgresql instance guid |
 | <a name="output_hostname"></a> [hostname](#output\_hostname) | Database connection hostname |
 | <a name="output_id"></a> [id](#output\_id) | Postgresql instance id |
 | <a name="output_port"></a> [port](#output\_port) | Database connection port |
+| <a name="output_service_credentials_json"></a> [service\_credentials\_json](#output\_service\_credentials\_json) | Service credentials json map |
+| <a name="output_service_credentials_object"></a> [service\_credentials\_object](#output\_service\_credentials\_object) | Service credentials object |
 | <a name="output_version"></a> [version](#output\_version) | Postgresql instance version |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

modules/fscloud/README.md

@@ -42,3 +42,20 @@ output "certificate_base64" {
   value       = module.postgresql_db.certificate_base64
   sensitive   = true
 }
+
+output "service_credentials_json" {
+  description = "Service credentials json map"
+  value       = module.postgresql_db.service_credentials_json
+  sensitive   = true
+}
+
+output "service_credentials_object" {
+  description = "Service credentials object"
+  value       = module.postgresql_db.service_credentials_object
+  sensitive   = true
+}
+
+output "cbr_rule_ids" {
+  description = "CBR rule ids created to restrict Postgresql"
+  value       = module.postgresql_db.cbr_rule_ids
+}