feat: Improve DA user experience <br> - fixed DA documented permissions<br> - dependencies configuration, description and content update in catalog configuration<br> - disable_outbound_traffic_protection -> allow_outbound_traffic<br> - disable_public_endpoint -> allow_public_access_to_cluster<br> - ocp_version -> openshift_version<br> - refers to OCP DA public tile instead of community registry tile<br> - updated reference architecture diagrams<br> - added outputs for quickstart DA variation(#42)

* fix: Modified region and IAM Permissions

* Updated variable.tf,catalog,pr_test.go

* Updated address prefix

* SKIP UPGRADE TEST

* Updated Permission

* Addressed review comments

* Updated notes

* Updated catalog

* Updated permissio and description

* Update ibm_catalog.json

Co-authored-by: prateek <prateek.sharma13@ibm.com>

* Update ibm_catalog.json

Co-authored-by: prateek <prateek.sharma13@ibm.com>

* Addressed review comments

* Resolved conflicts

* Update description

* Update catalog,output.tf,catalog,variable.tf

* Updated permission

* added sccwp and app config in diagram

* Updated variable name

* fix :Precommit errors

* Addressed comments

* Updated diagram

* fix: Updated new offering id and catalog id,done some changes features desc

* fix: Updated architecture description

* Update ibm_catalog.json

Co-authored-by: Shikha Maheshwari <maheshwari.shikha@gmail.com>

* fix: Updated desc,caption and diagram

* Updated description

* Updated vpc features

* fix: Added secrets_manager_service_plan in top tile

* fix: Updated dependency input

---------

Co-authored-by: Arya Girish K <arya.girish.k@ibm.com>
Co-authored-by: prateek <prateek.sharma13@ibm.com>
Co-authored-by: Shikha Maheshwari <maheshwari.shikha@gmail.com>

Author: 4 people

ibm_catalog.json

@@ -7,9 +7,15 @@ locals {
 # tflint-ignore: all
 variable "prefix" {
   type        = string
-  description = "The prefix to be added to all resources created by this solution. To skip using a prefix, set this value to null or an empty string. The prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It should not exceed 16 characters, must not end with a hyphen('-'), and cannot contain consecutive hyphens ('--'). Example: `prod-0205-ocpai`. [Learn more](https://terraform-ibm-modules.github.io/documentation/#/prefix.md)"
   nullable    = true
+  description = "The prefix to be added to all resources created by this solution. To skip using a prefix, set this value to null or an empty string. The prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It should not exceed 16 characters, must not end with a hyphen('-'), and can not contain consecutive hyphens ('--'). Example: prod-0205-ocpai. [Learn more](https://terraform-ibm-modules.github.io/documentation/#/prefix.md)."
+
   validation {
+    # - null and empty string is allowed
+    # - Must not contain consecutive hyphens (--): length(regexall("--", var.prefix)) == 0
+    # - Starts with a lowercase letter: [a-z]
+    # - Contains only lowercase letters (a–z), digits (0–9), and hyphens (-)
+    # - Must not end with a hyphen (-): [a-z0-9]
     condition = (var.prefix == null || var.prefix == "" ? true :
       alltrue([
         can(regex("^[a-z][-a-z0-9]*[a-z0-9]$", var.prefix)),
@@ -18,8 +24,10 @@ variable "prefix" {
     )
     error_message = "Prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It must not end with a hyphen('-'), and cannot contain consecutive hyphens ('--')."
   }
+
   validation {
-    condition     = length(var.prefix) <= 16
+    # must not exceed 16 characters in length
+    condition     = var.prefix == null || var.prefix == "" ? true : length(var.prefix) <= 16
     error_message = "Prefix must not exceed 16 characters."
   }
 }
@@ -32,9 +40,9 @@ variable "existing_resource_group_name" {
 }
 
 # tflint-ignore: all
-variable "ocp_version" {
+variable "openshift_version" {
   type        = string
-  description = "Version of the OCP cluster to provision."
+  description = "Version of the OpenShift cluster to provision."
   default     = "4.17"
 }
 
@@ -80,14 +88,14 @@ variable "default_worker_pool_operating_system" {
     error_message = "Invalid operating system. Allowed values are: 'REDHAT_8_64', 'RHCOS', 'RHEL_9_64'."
   }
   validation {
-    condition     = tonumber(var.ocp_version) < 4.18 || var.default_worker_pool_operating_system == "RHCOS"
+    condition     = tonumber(var.openshift_version) < 4.18 || var.default_worker_pool_operating_system == "RHCOS"
     error_message = "Invalid operating system. For OpenShift version 4.18 or higher, the worker node operating system must be 'RHCOS'. [Learn more](https://cloud.ibm.com/docs/openshift?topic=openshift-ai-addon-install&interface=ui#ai-min)"
   }
 }
 
 # tflint-ignore: all
 variable "subnets" {
-  description = "List of subnets for the VPC. For each item in each array, a subnet will be created. Items can be either CIDR blocks or total ipv4 addressess. Public gateways will be enabled only in zones where a gateway has been created. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#subnets-)."
+  description = "List of subnets for the VPC. For each item in each array, a subnet will be created. Items can be either CIDR blocks or total ipv4 addresses. Public gateways will be enabled only in zones where a gateway has been created. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#subnets-)."
   type = object({
     zone-1 = list(object({
       name           = string
@@ -193,7 +201,7 @@ variable "additional_worker_pools" {
 
   validation {
     condition = alltrue([
-      for pool in var.additional_worker_pools : tonumber(var.ocp_version) < 4.18 || pool.operating_system == "RHCOS"
+      for pool in var.additional_worker_pools : tonumber(var.openshift_version) < 4.18 || pool.operating_system == "RHCOS"
     ])
     error_message = "Invalid operating system. For OpenShift version 4.18 or higher, the worker node operating system must be 'RHCOS'. [Learn more](https://cloud.ibm.com/docs/openshift?topic=openshift-ai-addon-install&interface=ui#ai-min)"
   }

reference-architecture/deployable-architecture-ocp-ai-cluster-qs.svg

@@ -98,7 +98,7 @@ module "ocp_base" {
   cluster_name                        = local.cluster_name
   resource_group_id                   = module.resource_group.resource_group_id
   region                              = var.region
-  ocp_version                         = var.ocp_version
+  ocp_version                         = var.openshift_version
   ocp_entitlement                     = var.ocp_entitlement
   vpc_id                              = module.vpc.vpc_id
   vpc_subnets                         = module.vpc.subnet_detail_map

reference-architecture/deployable-architecture-ocp-ai-cluster.svg

@@ -6,3 +6,53 @@ output "cluster_name" {
   value       = module.ocp_base.cluster_name
   description = "The name of the provisioned OpenShift cluster."
 }
+
+output "cluster_id" {
+  value       = module.ocp_base.cluster_id
+  description = "The unique identifier assigned to the provisioned OpenShift cluster."
+}
+
+output "cluster_crn" {
+  description = "The Cloud Resource Name (CRN) of the provisioned OpenShift cluster."
+  value       = module.ocp_base.cluster_crn
+}
+
+output "vpc_name" {
+  description = "The name of the Virtual Private Cloud (VPC) in which the cluster is deployed."
+  value       = module.vpc.vpc_name
+}
+
+output "vpc_id" {
+  description = "The ID of the Virtual Private Cloud (VPC) in which the cluster is deployed."
+  value       = module.ocp_base.vpc_id
+}
+
+output "region" {
+  description = "The IBM Cloud region where the cluster is deployed."
+  value       = module.ocp_base.region
+}
+
+output "cos_crn" {
+  description = "The Cloud Resource Name (CRN) of the Object Storage instance associated with the cluster."
+  value       = module.ocp_base.cos_crn
+}
+
+output "resource_group_id" {
+  description = "The ID of the resource group where the cluster is deployed."
+  value       = module.ocp_base.resource_group_id
+}
+
+output "public_service_endpoint_url" {
+  description = "The public service endpoint URL for accessing the cluster over the internet."
+  value       = module.ocp_base.public_service_endpoint_url
+}
+
+output "master_url" {
+  description = "The API endpoint URL for the Kubernetes master node of the cluster."
+  value       = module.ocp_base.master_url
+}
+
+output "master_status" {
+  description = "The current status of the Kubernetes master node in the cluster."
+  value       = module.ocp_base.master_status
+}

solutions/fully-configurable/variables.tf

@@ -14,7 +14,7 @@ variable "existing_resource_group_name" {
   default     = null
 }
 variable "provider_visibility" {
-  description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
+  description = "Set the visibility value for the IBM terraform provider. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
   type        = string
   default     = "private"
 
@@ -25,9 +25,15 @@ variable "provider_visibility" {
 }
 variable "prefix" {
   type        = string
-  description = "The prefix to be added to all resources created by this solution. To skip using a prefix, set this value to null or an empty string. The prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It should not exceed 16 characters, must not end with a hyphen('-'), and cannot contain consecutive hyphens ('--'). Example: `prod-0205-ocpqs`."
   nullable    = true
+  description = "The prefix to be added to all resources created by this solution. To skip using a prefix, set this value to null or an empty string. The prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It should not exceed 16 characters, must not end with a hyphen('-'), and can not contain consecutive hyphens ('--'). Example: prod-0205-ocpai. [Learn more](https://terraform-ibm-modules.github.io/documentation/#/prefix.md)."
+
   validation {
+    # - null and empty string is allowed
+    # - Must not contain consecutive hyphens (--): length(regexall("--", var.prefix)) == 0
+    # - Starts with a lowercase letter: [a-z]
+    # - Contains only lowercase letters (a–z), digits (0–9), and hyphens (-)
+    # - Must not end with a hyphen (-): [a-z0-9]
     condition = (var.prefix == null || var.prefix == "" ? true :
       alltrue([
         can(regex("^[a-z][-a-z0-9]*[a-z0-9]$", var.prefix)),
@@ -36,31 +42,34 @@ variable "prefix" {
     )
     error_message = "Prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It must not end with a hyphen('-'), and cannot contain consecutive hyphens ('--')."
   }
+
   validation {
-    condition     = length(var.prefix) <= 16
+    # must not exceed 16 characters in length
+    condition     = var.prefix == null || var.prefix == "" ? true : length(var.prefix) <= 16
     error_message = "Prefix must not exceed 16 characters."
   }
 }
+
 variable "region" {
   type        = string
   description = "Region in which all the resources will be deployed. [Learn More](https://terraform-ibm-modules.github.io/documentation/#/region)."
-  default     = "au-syd"
+  default     = "jp-tok"
 }
-variable "ocp_version" {
+variable "openshift_version" {
   type        = string
   description = "The version of the OpenShift cluster."
   default     = "4.17"
 
   validation {
     condition = anytrue([
-      var.ocp_version == null,
-      var.ocp_version == "default",
-      var.ocp_version == "4.18",
-      var.ocp_version == "4.15",
-      var.ocp_version == "4.16",
-      var.ocp_version == "4.17",
+      var.openshift_version == null,
+      var.openshift_version == "default",
+      var.openshift_version == "4.18",
+      var.openshift_version == "4.15",
+      var.openshift_version == "4.16",
+      var.openshift_version == "4.17",
     ])
-    error_message = "The specified ocp_version is not of the valid versions."
+    error_message = "The specified openshift_version is not of the valid versions."
   }
 }
 variable "cluster_name" {
@@ -71,7 +80,7 @@ variable "cluster_name" {
 variable "address_prefix" {
   description = "The IP range that will be defined for the VPC for a certain location. Use only with manual address prefixes."
   type        = string
-  default     = "10.245.0.0/24"
+  default     = "10.10.10.0/24"
 }
 
 variable "ocp_entitlement" {
@@ -119,7 +128,7 @@ variable "default_worker_pool_operating_system" {
     error_message = "Invalid operating system. Allowed values are: 'REDHAT_8_64', 'RHCOS', 'RHEL_9_64'."
   }
   validation {
-    condition     = tonumber(var.ocp_version) < 4.18 || var.default_worker_pool_operating_system == "RHCOS"
+    condition     = tonumber(var.openshift_version) < 4.18 || var.default_worker_pool_operating_system == "RHCOS"
     error_message = "Invalid operating system. For OpenShift version 4.18 or higher, the worker node operating system must be 'RHCOS'. [Learn more](https://cloud.ibm.com/docs/openshift?topic=openshift-ai-addon-install&interface=ui#ai-min)"
   }
 }
@@ -213,7 +222,7 @@ variable "additional_worker_pools" {
 
   validation {
     condition = alltrue([
-      for pool in var.additional_worker_pools : tonumber(var.ocp_version) < 4.18 || pool.operating_system == "RHCOS"
+      for pool in var.additional_worker_pools : tonumber(var.openshift_version) < 4.18 || pool.operating_system == "RHCOS"
     ])
     error_message = "Invalid operating system. For OpenShift version 4.18 or higher, the worker node operating system must be 'RHCOS'. [Learn more](https://cloud.ibm.com/docs/openshift?topic=openshift-ai-addon-install&interface=ui#ai-min)"
   }

solutions/quickstart/main.tf

@@ -2,7 +2,10 @@
 package test
 
 import (
+	"crypto/rand"
+	"fmt"
 	"log"
+	"math/big"
 	"os"
 	"testing"
 
@@ -21,6 +24,12 @@ const quickStartTerraformDir = "solutions/quickstart"
 // Define a struct with fields that match the structure of the YAML data
 const yamlLocation = "../common-dev-assets/common-go-assets/common-permanent-resources.yaml"
 
+var validClusterRegions = []string{
+	"br-sao",
+	"eu-gb",
+	"jp-tok",
+}
+
 var permanentResources map[string]interface{}
 
 // TestMain will be run before any parallel tests, used to read data from yaml for use with tests
@@ -44,22 +53,31 @@ func setupOptions(t *testing.T, prefix string, dir string) *testhelper.TestOptio
 }
 
 func setupQuickstartOptions(t *testing.T, prefix string) *testschematic.TestSchematicOptions {
+	rand, err := rand.Int(rand.Reader, big.NewInt(int64(len(validClusterRegions))))
+	if err != nil {
+		fmt.Println("Error generating random number:", err)
+		return nil
+	}
+	region := validClusterRegions[rand.Int64()]
 	options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{
 		Testing: t,
 		Prefix:  prefix,
 		TarIncludePatterns: []string{
 			"*.tf",
 			quickStartTerraformDir + "/*.tf",
 		},
+
 		TemplateFolder:         quickStartTerraformDir,
 		Tags:                   []string{"test-schematic"},
 		DeleteWorkspaceOnFail:  false,
 		WaitJobCompleteMinutes: 360,
+		Region:                 region,
 	})
 	options.TerraformVars = []testschematic.TestSchematicTerraformVar{
 		{Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true},
 		{Name: "prefix", Value: options.Prefix, DataType: "string"},
 		{Name: "existing_resource_group_name", Value: resourceGroup, DataType: "string"},
+		{Name: "region", Value: region, DataType: "string"},
 	}
 	return options
 }