3774 stc mission

in-development/mission_3774_sap_task_center/README.md

@@ -0,0 +1,82 @@
+# Discovery Center mission - Establish a Central Inbox with SAP Task Center
+
+## Overview
+
+This sample shows how to setup your SAP BTP account for the Discovery Center Mission - [Establish a Central Inbox with SAP Task Center](https://discovery-center.cloud.sap/index.html#/missiondetail/3774/)
+
+## Content of setup
+
+The setup comprises the following resources:
+
+- Creation of the SAP BTP subaccount
+- Entitlements of services
+- Subscriptions to applications
+- Creation of service instance
+- Role collection assignments to users
+
+## Deploying the resources
+
+Make sure that you are familiar with SAP BTP and know both the [Get Started with btp-terraform-samples](https://github.com/SAP-samples/btp-terraform-samples/blob/main/GET_STARTED.md) and the [Get Started with the Terraform Provider for BTP](https://developers.sap.com/tutorials/btp-terraform-get-started.html)
+
+To deploy the resources you must:
+
+1. Set the environment variables BTP_USERNAME and BTP_PASSWORD to pass credentials to the BTP provider to authenticate and interact with your BTP environments. 
+
+   ```bash
+   export BTP_USERNAME=<your_username>
+   export BTP_PASSWORD=<your_password>
+   ```
+
+2. Change the variables in the `common_sample.tfvars` file to meet your requirements
+
+   > The minimal set of parameters you should specify (beside user_email and password) is globalaccount (i.e. its subdomain) and the used custom_idp.
+
+3. Switch to the `1_main_config` folder
+
+4. Change the variables in `sample.tfvars` file to meet your requirements
+
+   > ⚠ NOTE: You should pay attention **specifically** to the users defined in the samples.tfvars whether they already exist in your SAP BTP accounts. Otherwise you might get error messages like e.g. `Error: The user could not be found: jane.doe@test.com`.
+
+
+5. Initialize the workspace for step 1:
+
+   ```bash
+   terraform init
+   ```
+
+6. You can check what Terraform plans to apply for step 1 based on your configuration:
+
+   ```bash
+   terraform plan -var-file="../common_sample.tfvars" -var-file="sample.tfvars"
+   ```
+
+7. Apply your configuration for step 1 to provision the resources:
+
+   ```bash
+   terraform apply  -var-file="../common_sample.tfvars" -var-file="sample.tfvars"
+   ```
+
+8. Switch to the `2_disable_default_login` folder. The configuration in this folder disables the default IdP of the subaccount created in step 1 for user logon.
+
+9. Change the variables in `sample.tfvars` file to meet your requirements
+
+   > ⚠ NOTE: You must copy the `subaccount_id` from the output of step 1 and use it for step 2.
+
+
+5. Initialize the workspace for step 2:
+
+   ```bash
+   terraform init
+   ```
+
+6. You can check what Terraform plans to apply for step 2 based on your configuration:
+
+   ```bash
+   terraform plan -var-file="../common_sample.tfvars" -var-file="sample.tfvars"
+   ```
+
+7. Apply your configuration for step 2 to provision the resources:
+
+   ```bash
+   terraform apply  -var-file="../common_sample.tfvars" -var-file="sample.tfvars"
+   ```

in-development/mission_3774_sap_task_center/locals.tf

@@ -0,0 +1,4 @@
+locals {
+  service_name__sap_task_center = "one-inbox-service"
+  service_name__build_workzone = "SAPLaunchpad"
+}

in-development/mission_3774_sap_task_center/main.tf

@@ -0,0 +1,134 @@
+# ------------------------------------------------------------------------------------------------------
+# Setup of names in accordance to naming convention
+# ------------------------------------------------------------------------------------------------------
+resource "random_uuid" "uuid" {}
+
+locals {
+  random_uuid               = random_uuid.uuid.result
+  project_subaccount_domain = "discoverycenter-tf-sap-ms-${local.random_uuid}"
+  project_subaccount_cf_org = substr(replace("${local.project_subaccount_domain}", "-", ""), 0, 32)
+}
+
+# ------------------------------------------------------------------------------------------------------
+# Creation of subaccount
+# ------------------------------------------------------------------------------------------------------
+resource "btp_subaccount" "project" {
+  name      = var.subaccount_name
+  subdomain = local.project_subaccount_domain
+  region    = lower(var.region)
+}
+
+# ------------------------------------------------------------------------------------------------------
+# Assignment of users as sub account administrators
+# ------------------------------------------------------------------------------------------------------
+resource "btp_subaccount_role_collection_assignment" "subaccount-admins" {
+  for_each             = toset("${var.subaccount_admins}")
+  subaccount_id        = btp_subaccount.project.id
+  role_collection_name = "Subaccount Administrator"
+  user_name            = each.value
+}
+
+# ------------------------------------------------------------------------------------------------------
+# Assignment of users as sub account service administrators
+# ------------------------------------------------------------------------------------------------------
+resource "btp_subaccount_role_collection_assignment" "subaccount-service-admins" {
+  for_each             = toset("${var.subaccount_service_admins}")
+  subaccount_id        = btp_subaccount.project.id
+  role_collection_name = "Subaccount Service Administrator"
+  user_name            = each.value
+}
+
+###############################################################################################
+# Creates a cloud foundry environment in a given account
+###############################################################################################
+// and the dedicted target landscape cf-us10
+resource "btp_subaccount_environment_instance" "cloudfoundry" {
+  subaccount_id    = btp_subaccount.project.id
+  name             = var.cf_org_name
+  environment_type = "cloudfoundry"
+  service_name     = "cloudfoundry"
+  landscape_label  = null_resource.cache_target_environment.triggers.label
+  plan_name        = "standard"
+  parameters = jsonencode({
+    instance_name = var.cf_org_name
+  })
+}
+
+###############################################################################################
+# Create the Cloud Foundry space
+###############################################################################################
+resource "cloudfoundry_space" "space" {
+  name = var.cf_space_name
+  org  = btp_subaccount_environment_instance.cloudfoundry.platform_id
+}
+
+###############################################################################################
+# assign user as space manager
+###############################################################################################
+resource "cloudfoundry_space_role" "cfsr_space_manager" {
+  username = var.cfsr_space_manager
+  type     = "space_manager"
+  space    = cloudfoundry_space.space.id
+  origin   = "sap.ids"
+}
+
+
+###############################################################################################
+# assign user as space developer
+###############################################################################################
+resource "cloudfoundry_space_role" "cfsr_space_developer" {
+  username = var.cfsr_space_developer
+  type     = "space_developer"
+  space    = cloudfoundry_space.space.id
+  origin   = "sap.ids"
+}
+
+###############################################################################################
+# Artificial timeout for entitlement propagation to CF Marketplace
+###############################################################################################
+resource "time_sleep" "wait_a_few_seconds" {
+  depends_on      = [resource.cloudfoundry_space.space]
+  create_duration = "30s"
+}
+
+###############################################################################################
+# Prepare and setup app: SAP Build Workzone, standard edition
+###############################################################################################
+# Entitle subaccount for usage of app  destination SAP Build Workzone, standard edition
+resource "btp_subaccount_entitlement" "build_workzone" {
+  subaccount_id = data.btp_subaccount.project.id
+  service_name  = local.service_name__build_workzone
+  plan_name     = var.service_plan__build_workzone
+  amount        = var.service_plan__build_workzone == "free" ? 1 : null
+}
+
+# Create app subscription to SAP Build Workzone, standard edition (depends on entitlement)
+resource "btp_subaccount_subscription" "build_workzone" {
+  subaccount_id = data.btp_subaccount.project.id
+  app_name      = local.service_name__build_workzone
+  plan_name     = var.service_plan__build_workzone
+  depends_on    = [btp_subaccount_entitlement.build_workzone]
+}
+
+###############################################################################################
+# Prepare and setup app: SAP Task Center
+###############################################################################################
+
+// Create service instance for taskcenter (one-inbox-service)
+data "cloudfoundry_service" "srvc_taskcenter" {
+  name       = "one-inbox-service"
+  depends_on = [time_sleep.wait_a_few_seconds]
+}
+
+resource "cloudfoundry_service_instance" "si_taskcenter" {
+  name         = "sap-taskcenter"
+  type         = "managed"
+  space        = cloudfoundry_space.space.id
+  service_plan = data.cloudfoundry_service.srvc_taskcenter.service_plans["standard"]
+  depends_on   = [cloudfoundry_space_role.cfsr_space_admin, cloudfoundry_space_role.cfsr_space_developer]
+  parameters = jsonencode({
+	              "authorities": [],
+                "defaultCollectionQueryFilter": "own"
+
+  })
+}

in-development/mission_3774_sap_task_center/outputs.tf

@@ -0,0 +1,9 @@
+output "subaccount_id" {
+  value       = btp_subaccount.project.id
+  description = "The ID of the project subaccount."
+}
+
+output "subaccount_name" {
+  value       = btp_subaccount.project.name
+  description = "The name of the project subaccount."
+}

in-development/mission_3774_sap_task_center/provider.tf

@@ -0,0 +1,18 @@
+terraform {
+  required_providers {
+    btp = {
+      source = "sap/btp"
+    }
+    cloudfoundry = {
+      source = "SAP/cloudfoundry"
+      version = "0.2.1-beta"
+    }
+  }
+}
+# Please checkout documentation on how best to authenticate against SAP BTP
+# via the Terraform provider for SAP BTP
+provider "btp" {
+  globalaccount  = var.globalaccount
+  cli_server_url = var.cli_server_url
+
+}

in-development/mission_3774_sap_task_center/sample.tfvars

@@ -0,0 +1,14 @@
+# ------------------------------------------------------------------------------------------------------
+# Provider configuration
+# ------------------------------------------------------------------------------------------------------
+# Your global account subdomain
+globalaccount        = "youraccount"
+region               = "us10"
+subaccount_name      = "Discovery Center mission - Establish a Central Inbox with SAP Task Center"
+cf_environment_label = "cf-us10"
+
+# ------------------------------------------------------------------------------------------------------
+# Project specific configuration (please adapt!)
+# ------------------------------------------------------------------------------------------------------
+subaccount_admins         = ["jane.doe@test.com", "john.doe@test.com"]
+subaccount_service_admins = ["jane.doe@test.com", "john.doe@test.com"]

in-development/mission_3774_sap_task_center/variables.tf

@@ -0,0 +1,87 @@
+######################################################################
+# Customer account setup
+######################################################################
+# subaccount
+variable "globalaccount" {
+  type        = string
+  description = "The globalaccount subdomain."
+  default     = "yourglobalaccount"
+}
+# CLI server URL
+variable "cli_server_url" {
+  type        = string
+  description = "Defines the CLI server URL"
+  default     = "https://cli.btp.cloud.sap"
+}
+
+# subaccount
+variable "subaccount_name" {
+  type        = string
+  description = "The subaccount name."
+  default     = "UC - Establish a Central Inbox with SAP Task Center"
+}
+# Region
+variable "region" {
+  type        = string
+  description = "The region where the project account shall be created in."
+  default     = "us10"
+}
+# Cloudfoundry environment label
+variable "cf_environment_label" {
+  type        = string
+  description = "The Cloudfoundry environment label"
+  default     = "cf-us10"
+}
+
+variable "subaccount_admins" {
+  type        = list(string)
+  description = "Defines the colleagues who are added to each subaccount as subaccount administrators."
+  default     = ["jane.doe@test.com", "john.doe@test.com"]
+}
+
+variable "subaccount_service_admins" {
+  type        = list(string)
+  description = "Defines the colleagues who are added to each subaccount as subaccount service administrators."
+  default     = ["jane.doe@test.com", "john.doe@test.com"]
+}
+
+variable "custom_idp" {
+  type        = string
+  description = "Defines the custom IdP"
+  default     = ""
+}
+
+variable "environment_label" {
+  type        = string
+  description = "In case there are multiple environments available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available."
+  default     = "cf-us10"
+}
+
+variable "cf_org_name" {
+  type        = string
+  description = "Name of the Cloud Foundry org."
+  default     = "mission-3774-sap-task-center"
+
+  validation {
+    condition     = can(regex("^.{1,255}$", var.cf_org_name))
+    error_message = "The Cloud Foundry org name must not be emtpy and not exceed 255 characters."
+  }
+}
+
+variable "cf_space_name" {
+  type        = string
+  description = "Name of the Cloud Foundry space."
+  default     = "DEV"
+}
+
+variable "cfsr_space_manager" {
+  type        = string
+  description = "Defines the user who are added as space manager."
+  default     = "john.doe@test.com"
+}
+
+variable "cfsr_space_developer" {
+  type        = string
+  description = "Defines the user who are added as space developer."
+  default     = "john.doe@test.com"
+}