From 74558e8a1b59a6d44c3635dd3dec9124729e42ea Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Thu, 27 Jun 2024 06:32:27 +0000 Subject: [PATCH 01/18] initial commit --- .../step_1/main.tf | 39 +++++++++++++------ .../step_1/outputs.tf | 4 +- .../step_1/sample.tfvars | 1 - .../step_1/variables.tf | 9 +---- 4 files changed, 31 insertions(+), 22 deletions(-) diff --git a/in-development/mission_3774_sap_task_center/step_1/main.tf b/in-development/mission_3774_sap_task_center/step_1/main.tf index daa5afb7..1c579d52 100644 --- a/in-development/mission_3774_sap_task_center/step_1/main.tf +++ b/in-development/mission_3774_sap_task_center/step_1/main.tf @@ -11,7 +11,7 @@ locals { ############################################################################################### # Creation of subaccount ############################################################################################### -resource "btp_subaccount" "project" { +resource "btp_subaccount" "dc_mission" { name = var.subaccount_name subdomain = local.project_subaccount_domain region = lower(var.region) @@ -21,7 +21,7 @@ resource "btp_subaccount" "project" { # ------------------------------------------------------------------------------------------------------ resource "btp_subaccount_role_collection_assignment" "subaccount-admins" { for_each = toset("${var.subaccount_admins}") - subaccount_id = btp_subaccount.project.id + subaccount_id = btp_subaccount.dc_mission.id role_collection_name = "Subaccount Administrator" user_name = each.value } @@ -30,20 +30,37 @@ resource "btp_subaccount_role_collection_assignment" "subaccount-admins" { # ------------------------------------------------------------------------------------------------------ resource "btp_subaccount_role_collection_assignment" "subaccount-service-admins" { for_each = toset("${var.subaccount_service_admins}") - subaccount_id = btp_subaccount.project.id + subaccount_id = btp_subaccount.dc_mission.id role_collection_name = "Subaccount Service Administrator" user_name = each.value } -###################################################################### + + +# ------------------------------------------------------------------------------------------------------ +# CLOUDFOUNDRY PREPARATION +# ------------------------------------------------------------------------------------------------------ +# +# Fetch all available environments for the subaccount +data "btp_subaccount_environments" "all" { + subaccount_id = btp_subaccount.dc_mission.id +} +# ------------------------------------------------------------------------------------------------------ +# Take the landscape label from the first CF environment if no environment label is provided +# (this replaces the previous null_resource) +# ------------------------------------------------------------------------------------------------------ +resource "terraform_data" "replacement" { + input = length(var.cf_environment_label) > 0 ? var.cf_environment_label : [for env in data.btp_subaccount_environments.all.values : env if env.service_name == "cloudfoundry" && env.environment_type == "cloudfoundry"][0].landscape_label +} +# ------------------------------------------------------------------------------------------------------ # Creation of Cloud Foundry environment -###################################################################### +# ------------------------------------------------------------------------------------------------------ resource "btp_subaccount_environment_instance" "cloudfoundry" { - subaccount_id = btp_subaccount.project.id + subaccount_id = btp_subaccount.dc_mission.id name = local.project_subaccount_cf_org environment_type = "cloudfoundry" service_name = "cloudfoundry" plan_name = "standard" - landscape_label = var.cf_environment_label + landscape_label = terraform_data.replacement.output parameters = jsonencode({ instance_name = local.project_subaccount_cf_org }) @@ -53,14 +70,14 @@ resource "btp_subaccount_environment_instance" "cloudfoundry" { ############################################################################################### # Entitle subaccount for usage of app destination SAP Build Workzone, standard edition resource "btp_subaccount_entitlement" "build_workzone" { - subaccount_id = btp_subaccount.project.id + subaccount_id = btp_subaccount.dc_mission.id service_name = local.service_name__build_workzone plan_name = var.service_plan__build_workzone amount = var.service_plan__build_workzone == "free" ? 1 : null } # Create app subscription to SAP Build Workzone, standard edition (depends on entitlement) resource "btp_subaccount_subscription" "build_workzone" { - subaccount_id = btp_subaccount.project.id + subaccount_id = btp_subaccount.dc_mission.id app_name = local.service_name__build_workzone plan_name = var.service_plan__build_workzone depends_on = [btp_subaccount_entitlement.build_workzone] @@ -70,7 +87,7 @@ resource "btp_subaccount_subscription" "build_workzone" { ############################################################################################### # Entitle subaccount for usage of app destination SAP Task Center resource "btp_subaccount_entitlement" "taskcenter" { - subaccount_id = btp_subaccount.project.id + subaccount_id = btp_subaccount.dc_mission.id service_name = local.service_name__sap_task_center plan_name = "standard" } @@ -79,7 +96,7 @@ resource "btp_subaccount_entitlement" "taskcenter" { # ------------------------------------------------------------------------------------------------------ resource "btp_subaccount_role_collection_assignment" "launchpad-admins" { for_each = toset("${var.launchpad_admins}") - subaccount_id = btp_subaccount.project.id + subaccount_id = btp_subaccount.dc_mission.id role_collection_name = "Launchpad_Admin" user_name = each.value depends_on = [btp_subaccount_subscription.build_workzone] diff --git a/in-development/mission_3774_sap_task_center/step_1/outputs.tf b/in-development/mission_3774_sap_task_center/step_1/outputs.tf index c4a40ade..0f08f4f1 100644 --- a/in-development/mission_3774_sap_task_center/step_1/outputs.tf +++ b/in-development/mission_3774_sap_task_center/step_1/outputs.tf @@ -1,6 +1,6 @@ output "subaccount_id" { - value = btp_subaccount.project.id - description = "The ID of the project subaccount." + value = btp_subaccount.dc_mission.id + description = "The ID of the subaccount." } output "cf_org_name" { diff --git a/in-development/mission_3774_sap_task_center/step_1/sample.tfvars b/in-development/mission_3774_sap_task_center/step_1/sample.tfvars index 990c5897..baea564d 100644 --- a/in-development/mission_3774_sap_task_center/step_1/sample.tfvars +++ b/in-development/mission_3774_sap_task_center/step_1/sample.tfvars @@ -5,7 +5,6 @@ globalaccount = "yourglobalaccount" region = "datacenter" subaccount_name = "subaccount_name" -cf_environment_label = "cf_environment_label" # ------------------------------------------------------------------------------------------------------ # Project specific configuration (please adapt!) diff --git a/in-development/mission_3774_sap_task_center/step_1/variables.tf b/in-development/mission_3774_sap_task_center/step_1/variables.tf index 7572ae87..0aec21b6 100644 --- a/in-development/mission_3774_sap_task_center/step_1/variables.tf +++ b/in-development/mission_3774_sap_task_center/step_1/variables.tf @@ -30,12 +30,6 @@ variable "region" { description = "The region where the project account shall be created in." default = "us10" } -# Cloudfoundry environment label -variable "cf_environment_label" { - type = string - description = "The Cloudfoundry environment label" - default = "cf-us10" -} variable "subaccount_admins" { type = list(string) @@ -61,10 +55,9 @@ variable "custom_idp" { default = "" } -variable "environment_label" { +variable "cf_environment_label" { type = string description = "In case there are multiple environments available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available." - default = "cf-us10" } variable "cf_org_name" { From ccfa603addf20e80dd17f7b983af987ce7341cf6 Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Thu, 27 Jun 2024 07:55:53 +0000 Subject: [PATCH 02/18] add files from folder in_development --- .../mission_3774/step_1/README.md | 48 +++++++ .../mission_3774/step_1/locals.tf | 4 + .../mission_3774/step_1/main.tf | 103 +++++++++++++++ .../mission_3774/step_1/outputs.tf | 24 ++++ .../mission_3774/step_1/provider.tf | 14 +++ .../mission_3774/step_1/sample.tfvars | 16 +++ .../mission_3774/step_1/variables.tf | 82 ++++++++++++ .../mission_3774/step_2/README.md | 44 +++++++ .../mission_3774/step_2/main.tf | 108 ++++++++++++++++ .../mission_3774/step_2/provider.tf | 21 ++++ .../mission_3774/step_2/sample.tfvars | 20 +++ .../mission_3774/step_2/variables.tf | 119 ++++++++++++++++++ 12 files changed, 603 insertions(+) create mode 100644 released/discovery_center/mission_3774/step_1/README.md create mode 100644 released/discovery_center/mission_3774/step_1/locals.tf create mode 100644 released/discovery_center/mission_3774/step_1/main.tf create mode 100644 released/discovery_center/mission_3774/step_1/outputs.tf create mode 100644 released/discovery_center/mission_3774/step_1/provider.tf create mode 100644 released/discovery_center/mission_3774/step_1/sample.tfvars create mode 100644 released/discovery_center/mission_3774/step_1/variables.tf create mode 100644 released/discovery_center/mission_3774/step_2/README.md create mode 100644 released/discovery_center/mission_3774/step_2/main.tf create mode 100644 released/discovery_center/mission_3774/step_2/provider.tf create mode 100644 released/discovery_center/mission_3774/step_2/sample.tfvars create mode 100644 released/discovery_center/mission_3774/step_2/variables.tf diff --git a/released/discovery_center/mission_3774/step_1/README.md b/released/discovery_center/mission_3774/step_1/README.md new file mode 100644 index 00000000..1b327508 --- /dev/null +++ b/released/discovery_center/mission_3774/step_1/README.md @@ -0,0 +1,48 @@ +# Sample Setup of an SAP Task Center on SAP BTP - Step 1 + +## Overview + +This directory contains the setup of SAP Task Center from scratch namely a new subaccount including the relevant entitlements, a Cloud Foundry environment and a Cloud Foundry space. + +This directory contains the configuration the first step of the setup namely: + +- a new subaccount +- the entitlements for SAP Task Center +- the subscription for SAP Build Workzone, standard edition +- the Cloud Foundry environment +- The trust setup to the custom IdP +- Assignment of users to the role collections + +## Deploying the resources + +To deploy the resources of step 1 execute the following commands: + +1. Initialize your workspace: + + ```bash + terraform init + ``` + +1. Assign the variable values in a `*.tfvars` file e.g., the global account subdomain + +1. You can check what Terraform plans to apply based on your configuration: + + ```bash + terraform plan -var-file=".tfvars" + ``` + +1. Apply your configuration to provision the resources: + + ```bash + terraform apply -var-file=".tfvars" + ``` + +> **Note** - Some variables of the output of the first step are needed as input for the second step. + +## When finished + +You probably want to remove the assets after trying them out to avoid unnecessary costs. To do so execute the following command: + +```bash +terraform destroy -var-file=".tfvars" +``` \ No newline at end of file diff --git a/released/discovery_center/mission_3774/step_1/locals.tf b/released/discovery_center/mission_3774/step_1/locals.tf new file mode 100644 index 00000000..23462039 --- /dev/null +++ b/released/discovery_center/mission_3774/step_1/locals.tf @@ -0,0 +1,4 @@ +locals { + service_name__sap_task_center = "one-inbox-service" + service_name__build_workzone = "SAPLaunchpad" +} \ No newline at end of file diff --git a/released/discovery_center/mission_3774/step_1/main.tf b/released/discovery_center/mission_3774/step_1/main.tf new file mode 100644 index 00000000..1c579d52 --- /dev/null +++ b/released/discovery_center/mission_3774/step_1/main.tf @@ -0,0 +1,103 @@ +############################################################################################### +# Setup of names in accordance to naming convention +############################################################################################### +resource "random_uuid" "uuid" {} + +locals { + random_uuid = random_uuid.uuid.result + project_subaccount_domain = lower(replace("mission-3774-${local.random_uuid}", "_", "-")) + project_subaccount_cf_org = substr(replace("${local.project_subaccount_domain}", "-", ""), 0, 32) +} +############################################################################################### +# Creation of subaccount +############################################################################################### +resource "btp_subaccount" "dc_mission" { + name = var.subaccount_name + subdomain = local.project_subaccount_domain + region = lower(var.region) +} +# ------------------------------------------------------------------------------------------------------ +# Assignment of users as sub account administrators +# ------------------------------------------------------------------------------------------------------ +resource "btp_subaccount_role_collection_assignment" "subaccount-admins" { + for_each = toset("${var.subaccount_admins}") + subaccount_id = btp_subaccount.dc_mission.id + role_collection_name = "Subaccount Administrator" + user_name = each.value +} +# ------------------------------------------------------------------------------------------------------ +# Assignment of users as sub account service administrators +# ------------------------------------------------------------------------------------------------------ +resource "btp_subaccount_role_collection_assignment" "subaccount-service-admins" { + for_each = toset("${var.subaccount_service_admins}") + subaccount_id = btp_subaccount.dc_mission.id + role_collection_name = "Subaccount Service Administrator" + user_name = each.value +} + + +# ------------------------------------------------------------------------------------------------------ +# CLOUDFOUNDRY PREPARATION +# ------------------------------------------------------------------------------------------------------ +# +# Fetch all available environments for the subaccount +data "btp_subaccount_environments" "all" { + subaccount_id = btp_subaccount.dc_mission.id +} +# ------------------------------------------------------------------------------------------------------ +# Take the landscape label from the first CF environment if no environment label is provided +# (this replaces the previous null_resource) +# ------------------------------------------------------------------------------------------------------ +resource "terraform_data" "replacement" { + input = length(var.cf_environment_label) > 0 ? var.cf_environment_label : [for env in data.btp_subaccount_environments.all.values : env if env.service_name == "cloudfoundry" && env.environment_type == "cloudfoundry"][0].landscape_label +} +# ------------------------------------------------------------------------------------------------------ +# Creation of Cloud Foundry environment +# ------------------------------------------------------------------------------------------------------ +resource "btp_subaccount_environment_instance" "cloudfoundry" { + subaccount_id = btp_subaccount.dc_mission.id + name = local.project_subaccount_cf_org + environment_type = "cloudfoundry" + service_name = "cloudfoundry" + plan_name = "standard" + landscape_label = terraform_data.replacement.output + parameters = jsonencode({ + instance_name = local.project_subaccount_cf_org + }) +} +############################################################################################### +# Prepare and setup app: SAP Build Workzone, standard edition +############################################################################################### +# Entitle subaccount for usage of app destination SAP Build Workzone, standard edition +resource "btp_subaccount_entitlement" "build_workzone" { + subaccount_id = btp_subaccount.dc_mission.id + service_name = local.service_name__build_workzone + plan_name = var.service_plan__build_workzone + amount = var.service_plan__build_workzone == "free" ? 1 : null +} +# Create app subscription to SAP Build Workzone, standard edition (depends on entitlement) +resource "btp_subaccount_subscription" "build_workzone" { + subaccount_id = btp_subaccount.dc_mission.id + app_name = local.service_name__build_workzone + plan_name = var.service_plan__build_workzone + depends_on = [btp_subaccount_entitlement.build_workzone] +} +############################################################################################### +# Prepare and setup app: SAP Task Center +############################################################################################### +# Entitle subaccount for usage of app destination SAP Task Center +resource "btp_subaccount_entitlement" "taskcenter" { + subaccount_id = btp_subaccount.dc_mission.id + service_name = local.service_name__sap_task_center + plan_name = "standard" +} +# ------------------------------------------------------------------------------------------------------ +# Assignment of users as launchpad administrators +# ------------------------------------------------------------------------------------------------------ +resource "btp_subaccount_role_collection_assignment" "launchpad-admins" { + for_each = toset("${var.launchpad_admins}") + subaccount_id = btp_subaccount.dc_mission.id + role_collection_name = "Launchpad_Admin" + user_name = each.value + depends_on = [btp_subaccount_subscription.build_workzone] +} diff --git a/released/discovery_center/mission_3774/step_1/outputs.tf b/released/discovery_center/mission_3774/step_1/outputs.tf new file mode 100644 index 00000000..0f08f4f1 --- /dev/null +++ b/released/discovery_center/mission_3774/step_1/outputs.tf @@ -0,0 +1,24 @@ +output "subaccount_id" { + value = btp_subaccount.dc_mission.id + description = "The ID of the subaccount." +} + +output "cf_org_name" { + value = local.project_subaccount_cf_org + description = "The name of the project subaccount." +} + +output "cf_org_id" { + value = btp_subaccount_environment_instance.cloudfoundry.landscape_label + description = "The ID of the Cloud Foundry environment." +} + +output "cf_api_endpoint" { + value = jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["API Endpoint"] + description = "API endpoint of the Cloud Foundry environment." +} + +output "cf_landscape_label" { + value = btp_subaccount_environment_instance.cloudfoundry.platform_id + description = "The landscape label of the Cloud Foundry environment." +} \ No newline at end of file diff --git a/released/discovery_center/mission_3774/step_1/provider.tf b/released/discovery_center/mission_3774/step_1/provider.tf new file mode 100644 index 00000000..1c7b0ab1 --- /dev/null +++ b/released/discovery_center/mission_3774/step_1/provider.tf @@ -0,0 +1,14 @@ +### +# Define the required providers for this module +### +terraform { + required_providers { + btp = { + source = "sap/btp" + } + } +} +provider "btp" { + globalaccount = var.globalaccount + cli_server_url = var.cli_server_url +} diff --git a/released/discovery_center/mission_3774/step_1/sample.tfvars b/released/discovery_center/mission_3774/step_1/sample.tfvars new file mode 100644 index 00000000..baea564d --- /dev/null +++ b/released/discovery_center/mission_3774/step_1/sample.tfvars @@ -0,0 +1,16 @@ +# ------------------------------------------------------------------------------------------------------ +# Provider configuration +# ------------------------------------------------------------------------------------------------------ +# Your global account subdomain +globalaccount = "yourglobalaccount" +region = "datacenter" +subaccount_name = "subaccount_name" + +# ------------------------------------------------------------------------------------------------------ +# Project specific configuration (please adapt!) +# ------------------------------------------------------------------------------------------------------ + +subaccount_admins = ["jane.doe@test.com", "john.doe@test.com"] +subaccount_service_admins = ["jane.doe@test.com", "john.doe@test.com"] +custom_idp = "your custom idp" +launchpad_admins = ["jane.doe@test.com", "john.doe@test.com"] \ No newline at end of file diff --git a/released/discovery_center/mission_3774/step_1/variables.tf b/released/discovery_center/mission_3774/step_1/variables.tf new file mode 100644 index 00000000..0aec21b6 --- /dev/null +++ b/released/discovery_center/mission_3774/step_1/variables.tf @@ -0,0 +1,82 @@ +###################################################################### +# Customer account setup +###################################################################### +variable "globalaccount" { + type = string + description = "Defines the global account" + default = "yourglobalaccount" +} + +variable "cli_server_url" { + type = string + description = "Defines the CLI server URL" + default = "https://cli.btp.cloud.sap" +} + +# subaccount +variable "subaccount_name" { + type = string + description = "The subaccount name." + default = "UC - Establish a Central Inbox with SAP Task Center" +} +variable "subaccount_id" { + type = string + description = "The subaccount ID." + default = "" +} +# Region +variable "region" { + type = string + description = "The region where the project account shall be created in." + default = "us10" +} + +variable "subaccount_admins" { + type = list(string) + description = "Defines the colleagues who are added to each subaccount as subaccount administrators." + default = ["jane.doe@test.com", "john.doe@test.com"] +} + +variable "subaccount_service_admins" { + type = list(string) + description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." + default = ["jane.doe@test.com", "john.doe@test.com"] +} + +variable "launchpad_admins" { + type = list(string) + description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." + default = ["jane.doe@test.com", "john.doe@test.com"] +} + +variable "custom_idp" { + type = string + description = "Defines the custom IdP" + default = "" +} + +variable "cf_environment_label" { + type = string + description = "In case there are multiple environments available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available." +} + +variable "cf_org_name" { + type = string + description = "Name of the Cloud Foundry org." + default = "mission-3774-sap-task-center" + + validation { + condition = can(regex("^.{1,255}$", var.cf_org_name)) + error_message = "The Cloud Foundry org name must not be emtpy and not exceed 255 characters." + } +} + +variable "service_plan__build_workzone" { + type = string + description = "The plan for build_workzone subscription" + default = "free" + validation { + condition = contains(["free", "standard"], var.service_plan__build_workzone) + error_message = "Invalid value for service_plan__build_workzone. Only 'free' and 'standard' are allowed." + } +} diff --git a/released/discovery_center/mission_3774/step_2/README.md b/released/discovery_center/mission_3774/step_2/README.md new file mode 100644 index 00000000..6c36090a --- /dev/null +++ b/released/discovery_center/mission_3774/step_2/README.md @@ -0,0 +1,44 @@ +# Sample Setup of an SAP Task Center on SAP BTP - Step 2 + +## Overview + +This directory contains the setup of SAP Task Center from scratch namely a new subaccount including the relevant entitlements, a Cloud Foundry environment and a Cloud Foundry space. + +This directory contains the configuration the first step of the setup namely: + +- Creation of service instance for SAP Task Center +- Creation of the service key for the service instance + +## Deploying the resources + +To deploy the resources of step 1 execute the following commands: + +1. Initialize your workspace: + + ```bash + terraform init + ``` + +1. Assign the variable values in a `*.tfvars` file e.g., the global account subdomain + +1. You can check what Terraform plans to apply based on your configuration: + + ```bash + terraform plan -var-file=".tfvars" + ``` + +1. Apply your configuration to provision the resources: + + ```bash + terraform apply -var-file=".tfvars" + ``` + +> **Note** - Some variables of the output of the first step are needed as input for the second step. + +## When finished + +You probably want to remove the assets after trying them out to avoid unnecessary costs. To do so execute the following command: + +```bash +terraform destroy -var-file=".tfvars" +``` \ No newline at end of file diff --git a/released/discovery_center/mission_3774/step_2/main.tf b/released/discovery_center/mission_3774/step_2/main.tf new file mode 100644 index 00000000..cf357cf3 --- /dev/null +++ b/released/discovery_center/mission_3774/step_2/main.tf @@ -0,0 +1,108 @@ +############################################################################################### +# Create the Cloud Foundry space +############################################################################################### +resource "cloudfoundry_space" "space" { + name = var.cf_space_name + org = var.cf_org_id # +} + +############################################################################################### +# assign user as space manager +############################################################################################### +resource "cloudfoundry_space_role" "cf_space_manager" { + username = var.cf_space_manager + type = "space_manager" + space = cloudfoundry_space.space.id + origin = "sap.ids" +} + + +############################################################################################### +# assign user as space developer +############################################################################################### +resource "cloudfoundry_space_role" "cf_space_developer" { + username = var.cf_space_developer + type = "space_developer" + space = cloudfoundry_space.space.id +} + +############################################################################################### +# Create service instance for taskcenter (one-inbox-service) +############################################################################################### +data "cloudfoundry_service" "srvc_taskcenter" { + name = "one-inbox-service" + # depends_on = [time_sleep.wait_a_few_seconds] +} + +resource "cloudfoundry_service_instance" "si_taskcenter" { + name = "sap-taskcenter" + type = "managed" + space = cloudfoundry_space.space.id + service_plan = data.cloudfoundry_service.srvc_taskcenter.service_plans["standard"] + depends_on = [cloudfoundry_space_role.cf_space_manager, cloudfoundry_space_role.cf_space_developer] + parameters = jsonencode({ + "authorities" : [], + "defaultCollectionQueryFilter" : "own" + + }) +} + +############################################################################################### +# Create service key +############################################################################################### +resource "random_id" "service_key_stc" { + byte_length = 12 +} +resource "cloudfoundry_service_credential_binding" "sap-taskcenter" { + type = "key" + name = join("_", ["defaultKey", random_id.service_key_stc.hex]) + service_instance = cloudfoundry_service_instance.si_taskcenter.id +} + +############################################################################################### +# Prepare and setup service: destination +############################################################################################### +# Entitle subaccount for usage of service destination +resource "btp_subaccount_entitlement" "destination" { + subaccount_id = var.subaccount_id + service_name = "destination" + plan_name = "lite" +} + +# Get serviceplan_id for stc-service with plan_name "default" +data "btp_subaccount_service_plan" "destination" { + subaccount_id = var.subaccount_id + offering_name = "destination" + name = "lite" + depends_on = [btp_subaccount_entitlement.destination] +} +# Create service instance +resource "btp_subaccount_service_instance" "destination" { + subaccount_id = var.subaccount_id + serviceplan_id = data.btp_subaccount_service_plan.destination.id + name = "destination" + depends_on = [data.btp_subaccount_service_plan.destination] + parameters = jsonencode({ + HTML5Runtime_enabled = true + init_data = { + subaccount = { + existing_destinations_policy = "update" + destinations = [ + { + Description = "[Do not delete] SAP Task Center - Dummy destination" + Type = "HTTP" + # clientId = "${jsondecode(cloudfoundry_service_credential_binding.sap-taskcenter)["uaa"]["clientid"]}" + # clientSecret = "${jsondecode(cloudfoundry_service_credential_binding.sap-taskcenter)["uaa"]["clientsecret"]}" + "HTML5.DynamicDestination" = true + Authentication = "OAuth2JWTBearer" + Name = "stc-destination" + # tokenServiceURL = "${jsondecode(cloudfoundry_service_credential_binding.sap-taskcenter)["uaa"]["url"]}" + ProxyType = "Internet" + # URL = "${jsondecode(cloudfoundry_service_credential_binding.sap-taskcenter.credentials)["url"]}" + tokenServiceURLType = "Dedicated" + } + ] + } + } + }) +} \ No newline at end of file diff --git a/released/discovery_center/mission_3774/step_2/provider.tf b/released/discovery_center/mission_3774/step_2/provider.tf new file mode 100644 index 00000000..d97e6e97 --- /dev/null +++ b/released/discovery_center/mission_3774/step_2/provider.tf @@ -0,0 +1,21 @@ +### +# Define the required providers for this module +### +terraform { + required_providers { + btp = { + source = "sap/btp" + } + cloudfoundry = { + source = "SAP/cloudfoundry" + version = "0.2.1-beta" + } + } +} +provider "btp" { + globalaccount = var.globalaccount + cli_server_url = var.cli_server_url +} +provider "cloudfoundry" { + api_url = var.cf_api_url +} diff --git a/released/discovery_center/mission_3774/step_2/sample.tfvars b/released/discovery_center/mission_3774/step_2/sample.tfvars new file mode 100644 index 00000000..08947faa --- /dev/null +++ b/released/discovery_center/mission_3774/step_2/sample.tfvars @@ -0,0 +1,20 @@ +# ------------------------------------------------------------------------------------------------------ +# Provider configuration +# ------------------------------------------------------------------------------------------------------ +# Your global account subdomain +globalaccount = "yourglobalaccount" +region = "datacenter" +subaccount_name = "subaccount_name" +cf_environment_label = "cf_environment_label" +cf_api_url = "cf api url" + +# ------------------------------------------------------------------------------------------------------ +# Project specific configuration (please adapt!) +# ------------------------------------------------------------------------------------------------------ + +cfsr_space_manager = "john.doe@test.com" +subaccount_admins = ["jane.doe@test.com", "john.doe@test.com"] +subaccount_service_admins = ["jane.doe@test.com", "john.doe@test.com"] +cfsr_space_developer = "john.doe@test.com" +custom_idp = "caias.accounts.ondemand.com" +launchpad_admins = ["jane.doe@test.com", "john.doe@test.com"] \ No newline at end of file diff --git a/released/discovery_center/mission_3774/step_2/variables.tf b/released/discovery_center/mission_3774/step_2/variables.tf new file mode 100644 index 00000000..3a04cb92 --- /dev/null +++ b/released/discovery_center/mission_3774/step_2/variables.tf @@ -0,0 +1,119 @@ +###################################################################### +# Customer account setup +###################################################################### +variable "globalaccount" { + type = string + description = "Defines the global account" + default = "yourglobalaccount" +} + +variable "cli_server_url" { + type = string + description = "Defines the CLI server URL" + default = "https://cli.btp.cloud.sap" +} + +variable "cf_api_url" { + type = string + description = "Defines the CLI server URL" + default = "https://api.cf.us10.hana.ondemand.com/" +} + + +# subaccount +variable "subaccount_name" { + type = string + description = "The subaccount name." + default = "UC - Establish a Central Inbox with SAP Task Center" +} +variable "subaccount_id" { + type = string + description = "The subaccount ID." + default = "" +} +# Region +variable "region" { + type = string + description = "The region where the project account shall be created in." + default = "us10" +} +# Cloudfoundry environment label +variable "cf_environment_label" { + type = string + description = "The Cloudfoundry environment label" + default = "cf-us10" +} + +variable "subaccount_admins" { + type = list(string) + description = "Defines the colleagues who are added to each subaccount as subaccount administrators." + default = ["jane.doe@test.com", "john.doe@test.com"] +} + +variable "subaccount_service_admins" { + type = list(string) + description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." + default = ["jane.doe@test.com", "john.doe@test.com"] +} + +variable "launchpad_admins" { + type = list(string) + description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." + default = ["jane.doe@test.com", "john.doe@test.com"] +} + +variable "custom_idp" { + type = string + description = "Defines the custom IdP" + default = "" +} + +variable "environment_label" { + type = string + description = "In case there are multiple environments available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available." + default = "cf-us10" +} + +variable "cf_org_id" { + type = string + description = "The Cloud Foundry Org ID from the Cloud Foundry environment instance." +} + +variable "cf_org_name" { + type = string + description = "Name of the Cloud Foundry org." + default = "mission-3774-sap-task-center" + + validation { + condition = can(regex("^.{1,255}$", var.cf_org_name)) + error_message = "The Cloud Foundry org name must not be emtpy and not exceed 255 characters." + } +} + +variable "cf_space_name" { + type = string + description = "Name of the Cloud Foundry space." + default = "dev" +} + +variable "cf_space_manager" { + type = string + description = "Defines the user who are added as space manager." + default = "john.doe@test.com" +} + +variable "cf_space_developer" { + type = string + description = "Defines the user who are added as space developer." + default = "john.doe@test.com" +} + +variable "service_plan__build_workzone" { + type = string + description = "The plan for build_workzone subscription" + default = "free" + validation { + condition = contains(["free", "standard"], var.service_plan__build_workzone) + error_message = "Invalid value for service_plan__build_workzone. Only 'free' and 'standard' are allowed." + } +} From d6ee249a07f11931648eb36d0651df20e0f566da Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Thu, 27 Jun 2024 13:25:42 +0000 Subject: [PATCH 03/18] fine tune step1 --- .../step_1/main.tf | 1 - .../mission_3774/step_1/locals.tf | 4 -- .../mission_3774/step_1/main.tf | 58 ++++++++++++++----- .../mission_3774/step_1/outputs.tf | 21 +++---- .../mission_3774/step_1/provider.tf | 3 +- .../mission_3774/step_1/sample.tfvars | 21 ++++--- .../mission_3774/step_1/variables.tf | 49 ++++++++++++++-- .../mission_3774/step_2/main.tf | 9 +-- .../mission_3774/step_2/variables.tf | 35 +++++++---- 9 files changed, 139 insertions(+), 62 deletions(-) delete mode 100644 released/discovery_center/mission_3774/step_1/locals.tf diff --git a/in-development/mission_3774_sap_task_center/step_1/main.tf b/in-development/mission_3774_sap_task_center/step_1/main.tf index 1c579d52..9cbf4f1f 100644 --- a/in-development/mission_3774_sap_task_center/step_1/main.tf +++ b/in-development/mission_3774_sap_task_center/step_1/main.tf @@ -35,7 +35,6 @@ resource "btp_subaccount_role_collection_assignment" "subaccount-service-admins" user_name = each.value } - # ------------------------------------------------------------------------------------------------------ # CLOUDFOUNDRY PREPARATION # ------------------------------------------------------------------------------------------------------ diff --git a/released/discovery_center/mission_3774/step_1/locals.tf b/released/discovery_center/mission_3774/step_1/locals.tf deleted file mode 100644 index 23462039..00000000 --- a/released/discovery_center/mission_3774/step_1/locals.tf +++ /dev/null @@ -1,4 +0,0 @@ -locals { - service_name__sap_task_center = "one-inbox-service" - service_name__build_workzone = "SAPLaunchpad" -} \ No newline at end of file diff --git a/released/discovery_center/mission_3774/step_1/main.tf b/released/discovery_center/mission_3774/step_1/main.tf index 1c579d52..a63ca7ac 100644 --- a/released/discovery_center/mission_3774/step_1/main.tf +++ b/released/discovery_center/mission_3774/step_1/main.tf @@ -1,19 +1,20 @@ -############################################################################################### +# ------------------------------------------------------------------------------------------------------ # Setup of names in accordance to naming convention -############################################################################################### +# ------------------------------------------------------------------------------------------------------ resource "random_uuid" "uuid" {} locals { random_uuid = random_uuid.uuid.result - project_subaccount_domain = lower(replace("mission-3774-${local.random_uuid}", "_", "-")) - project_subaccount_cf_org = substr(replace("${local.project_subaccount_domain}", "-", ""), 0, 32) + subaccount_domain = lower(replace("mission-3774-${local.random_uuid}", "_", "-")) + subaccount_cf_org = substr(replace("${local.subaccount_domain}", "-", ""), 0, 32) } -############################################################################################### + +# ------------------------------------------------------------------------------------------------------ # Creation of subaccount -############################################################################################### +# ------------------------------------------------------------------------------------------------------ resource "btp_subaccount" "dc_mission" { name = var.subaccount_name - subdomain = local.project_subaccount_domain + subdomain = local.subaccount_domain region = lower(var.region) } # ------------------------------------------------------------------------------------------------------ @@ -56,30 +57,31 @@ resource "terraform_data" "replacement" { # ------------------------------------------------------------------------------------------------------ resource "btp_subaccount_environment_instance" "cloudfoundry" { subaccount_id = btp_subaccount.dc_mission.id - name = local.project_subaccount_cf_org + name = local.subaccount_cf_org environment_type = "cloudfoundry" service_name = "cloudfoundry" plan_name = "standard" landscape_label = terraform_data.replacement.output parameters = jsonencode({ - instance_name = local.project_subaccount_cf_org + instance_name = local.subaccount_cf_org }) } + ############################################################################################### # Prepare and setup app: SAP Build Workzone, standard edition ############################################################################################### # Entitle subaccount for usage of app destination SAP Build Workzone, standard edition resource "btp_subaccount_entitlement" "build_workzone" { subaccount_id = btp_subaccount.dc_mission.id - service_name = local.service_name__build_workzone - plan_name = var.service_plan__build_workzone - amount = var.service_plan__build_workzone == "free" ? 1 : null + service_name = "SAPLaunchpad" + plan_name = var.qas_service_plan__build_workzone + amount = var.qas_service_plan__build_workzone == "free" ? 1 : null } # Create app subscription to SAP Build Workzone, standard edition (depends on entitlement) resource "btp_subaccount_subscription" "build_workzone" { subaccount_id = btp_subaccount.dc_mission.id - app_name = local.service_name__build_workzone - plan_name = var.service_plan__build_workzone + app_name = "SAPLaunchpad" + plan_name = var.qas_service_plan__build_workzone depends_on = [btp_subaccount_entitlement.build_workzone] } ############################################################################################### @@ -88,7 +90,7 @@ resource "btp_subaccount_subscription" "build_workzone" { # Entitle subaccount for usage of app destination SAP Task Center resource "btp_subaccount_entitlement" "taskcenter" { subaccount_id = btp_subaccount.dc_mission.id - service_name = local.service_name__sap_task_center + service_name = "one-inbox-service" plan_name = "standard" } # ------------------------------------------------------------------------------------------------------ @@ -101,3 +103,29 @@ resource "btp_subaccount_role_collection_assignment" "launchpad-admins" { user_name = each.value depends_on = [btp_subaccount_subscription.build_workzone] } + + +# ------------------------------------------------------------------------------------------------------ +# Create tfvars file for step 2 (if variable `create_tfvars_file_for_step2` is set to true) +# ------------------------------------------------------------------------------------------------------ +resource "local_file" "output_vars_step1" { + count = var.create_tfvars_file_for_step2 ? 1 : 0 + content = <<-EOT + globalaccount = "${var.globalaccount}" + cli_server_url = ${jsonencode(var.cli_server_url)} + + subaccount_id = "${btp_subaccount.dc_mission.id}" + + cf_api_endpoint = "${jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["API Endpoint"]}" + cf_org_id = "${jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org ID"]}" + cf_org_name = "${jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org Name"]}" + + custom_idp = "${var.custom_idp}" + + cf_org_admins = ${jsonencode(var.cf_org_admins)} + cf_space_developer = ${jsonencode(var.cf_space_developer)} + cf_space_manager = ${jsonencode(var.cf_space_manager)} + + EOT + filename = "../step2/terraform.tfvars" +} diff --git a/released/discovery_center/mission_3774/step_1/outputs.tf b/released/discovery_center/mission_3774/step_1/outputs.tf index 0f08f4f1..28ef29a2 100644 --- a/released/discovery_center/mission_3774/step_1/outputs.tf +++ b/released/discovery_center/mission_3774/step_1/outputs.tf @@ -3,22 +3,17 @@ output "subaccount_id" { description = "The ID of the subaccount." } -output "cf_org_name" { - value = local.project_subaccount_cf_org - description = "The name of the project subaccount." +output "cf_api_endpoint" { + value = jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["API Endpoint"] + description = "The Cloudfoundry API endpoint." } output "cf_org_id" { - value = btp_subaccount_environment_instance.cloudfoundry.landscape_label - description = "The ID of the Cloud Foundry environment." + value = jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org ID"] + description = "The Cloudfoundry org id." } -output "cf_api_endpoint" { - value = jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["API Endpoint"] - description = "API endpoint of the Cloud Foundry environment." +output "cf_org_name" { + value = jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org Name"] + description = "The Cloudfoundry org name." } - -output "cf_landscape_label" { - value = btp_subaccount_environment_instance.cloudfoundry.platform_id - description = "The landscape label of the Cloud Foundry environment." -} \ No newline at end of file diff --git a/released/discovery_center/mission_3774/step_1/provider.tf b/released/discovery_center/mission_3774/step_1/provider.tf index 1c7b0ab1..56bc6cfb 100644 --- a/released/discovery_center/mission_3774/step_1/provider.tf +++ b/released/discovery_center/mission_3774/step_1/provider.tf @@ -4,7 +4,8 @@ terraform { required_providers { btp = { - source = "sap/btp" + source = "sap/btp" + version = "~> 1.4.0" } } } diff --git a/released/discovery_center/mission_3774/step_1/sample.tfvars b/released/discovery_center/mission_3774/step_1/sample.tfvars index baea564d..811ad2e1 100644 --- a/released/discovery_center/mission_3774/step_1/sample.tfvars +++ b/released/discovery_center/mission_3774/step_1/sample.tfvars @@ -2,15 +2,22 @@ # Provider configuration # ------------------------------------------------------------------------------------------------------ # Your global account subdomain -globalaccount = "yourglobalaccount" -region = "datacenter" -subaccount_name = "subaccount_name" +globalaccount = "yourglobalaccount" +region = "datacenter" +subaccount_name = "subaccount_name" + +qas_service_plan__build_workzone = "free" # ------------------------------------------------------------------------------------------------------ # Project specific configuration (please adapt!) # ------------------------------------------------------------------------------------------------------ -subaccount_admins = ["jane.doe@test.com", "john.doe@test.com"] -subaccount_service_admins = ["jane.doe@test.com", "john.doe@test.com"] -custom_idp = "your custom idp" -launchpad_admins = ["jane.doe@test.com", "john.doe@test.com"] \ No newline at end of file +subaccount_admins = ["another.user@test.com"] +subaccount_service_admins = ["another.user@test.com"] + +cf_org_admins = ["another.user@test.com"] +cf_space_manager = ["another.user@test.com", "you@test.com"] +cf_space_developer = ["another.user@test.com", "you@test.com"] + +custom_idp = "your custom idp" +launchpad_admins = ["another.user@test.com", "you@test.com"] \ No newline at end of file diff --git a/released/discovery_center/mission_3774/step_1/variables.tf b/released/discovery_center/mission_3774/step_1/variables.tf index 0aec21b6..5f9b380f 100644 --- a/released/discovery_center/mission_3774/step_1/variables.tf +++ b/released/discovery_center/mission_3774/step_1/variables.tf @@ -17,7 +17,7 @@ variable "cli_server_url" { variable "subaccount_name" { type = string description = "The subaccount name." - default = "UC - Establish a Central Inbox with SAP Task Center" + default = "SAP Discovery Center Mission 3774 - Central Inbox with SAP Task Center" } variable "subaccount_id" { type = string @@ -52,12 +52,12 @@ variable "launchpad_admins" { variable "custom_idp" { type = string description = "Defines the custom IdP" - default = "" } variable "cf_environment_label" { type = string description = "In case there are multiple environments available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available." + default = "" } variable "cf_org_name" { @@ -71,12 +71,51 @@ variable "cf_org_name" { } } -variable "service_plan__build_workzone" { +variable "cf_org_admins" { + type = list(string) + description = "List of users to set as Cloudfoundry org administrators." + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.cf_org_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_org_admins) + error_message = "Please enter a valid email address for the CF Org admins." + } +} + +variable "cf_space_manager" { + type = list(string) + description = "Defines the colleagues who are added to a CF space as space manager." + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.cf_space_manager : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_manager) + error_message = "Please enter a valid email address for the CF space managers." + } +} + +variable "cf_space_developer" { + type = list(string) + description = "Defines the colleagues who are added to a CF space as space developer." + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.cf_space_developer : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_developer) + error_message = "Please enter a valid email address for the CF space developers." + } +} + +variable "qas_service_plan__build_workzone" { type = string description = "The plan for build_workzone subscription" default = "free" validation { - condition = contains(["free", "standard"], var.service_plan__build_workzone) - error_message = "Invalid value for service_plan__build_workzone. Only 'free' and 'standard' are allowed." + condition = contains(["free", "standard"], var.qas_service_plan__build_workzone) + error_message = "Invalid value for qas_service_plan__build_workzone. Only 'free' and 'standard' are allowed." } } + +variable "create_tfvars_file_for_step2" { + type = bool + description = "Switch to enable the creation of the tfvars file for step 2." + default = false +} \ No newline at end of file diff --git a/released/discovery_center/mission_3774/step_2/main.tf b/released/discovery_center/mission_3774/step_2/main.tf index cf357cf3..c4f337cf 100644 --- a/released/discovery_center/mission_3774/step_2/main.tf +++ b/released/discovery_center/mission_3774/step_2/main.tf @@ -31,7 +31,6 @@ resource "cloudfoundry_space_role" "cf_space_developer" { ############################################################################################### data "cloudfoundry_service" "srvc_taskcenter" { name = "one-inbox-service" - # depends_on = [time_sleep.wait_a_few_seconds] } resource "cloudfoundry_service_instance" "si_taskcenter" { @@ -43,19 +42,17 @@ resource "cloudfoundry_service_instance" "si_taskcenter" { parameters = jsonencode({ "authorities" : [], "defaultCollectionQueryFilter" : "own" - }) } ############################################################################################### # Create service key ############################################################################################### -resource "random_id" "service_key_stc" { - byte_length = 12 -} +resource "random_uuid" "service_key_stc" {} + resource "cloudfoundry_service_credential_binding" "sap-taskcenter" { type = "key" - name = join("_", ["defaultKey", random_id.service_key_stc.hex]) + name = join("_", ["defaultKey", random_uuid.service_key_stc.hex]) service_instance = cloudfoundry_service_instance.si_taskcenter.id } diff --git a/released/discovery_center/mission_3774/step_2/variables.tf b/released/discovery_center/mission_3774/step_2/variables.tf index 3a04cb92..e9b54bb7 100644 --- a/released/discovery_center/mission_3774/step_2/variables.tf +++ b/released/discovery_center/mission_3774/step_2/variables.tf @@ -90,22 +90,37 @@ variable "cf_org_name" { } } -variable "cf_space_name" { - type = string - description = "Name of the Cloud Foundry space." - default = "dev" +variable "cf_org_admins" { + type = list(string) + description = "List of users to set as Cloudfoundry org administrators." + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.cf_org_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_org_admins) + error_message = "Please enter a valid email address for the CF Org admins." + } } variable "cf_space_manager" { - type = string - description = "Defines the user who are added as space manager." - default = "john.doe@test.com" + type = list(string) + description = "Defines the colleagues who are added to a CF space as space manager." + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.cf_space_manager : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_manager) + error_message = "Please enter a valid email address for the CF space managers." + } } variable "cf_space_developer" { - type = string - description = "Defines the user who are added as space developer." - default = "john.doe@test.com" + type = list(string) + description = "Defines the colleagues who are added to a CF space as space developer." + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.cf_space_developer : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_developer) + error_message = "Please enter a valid email address for the CF space developers." + } } variable "service_plan__build_workzone" { From 50175e78c7695c1d87ef2458a549405db60fbbec Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Thu, 27 Jun 2024 14:23:14 +0000 Subject: [PATCH 04/18] rename folders --- .../discovery_center/mission_3774/{step_1 => step1}/README.md | 0 released/discovery_center/mission_3774/{step_1 => step1}/main.tf | 0 .../discovery_center/mission_3774/{step_1 => step1}/outputs.tf | 0 .../discovery_center/mission_3774/{step_1 => step1}/provider.tf | 0 .../discovery_center/mission_3774/{step_1 => step1}/sample.tfvars | 0 .../discovery_center/mission_3774/{step_1 => step1}/variables.tf | 0 .../discovery_center/mission_3774/{step_2 => step2}/README.md | 0 released/discovery_center/mission_3774/{step_2 => step2}/main.tf | 0 .../discovery_center/mission_3774/{step_2 => step2}/provider.tf | 0 .../discovery_center/mission_3774/{step_2 => step2}/sample.tfvars | 0 .../discovery_center/mission_3774/{step_2 => step2}/variables.tf | 0 11 files changed, 0 insertions(+), 0 deletions(-) rename released/discovery_center/mission_3774/{step_1 => step1}/README.md (100%) rename released/discovery_center/mission_3774/{step_1 => step1}/main.tf (100%) rename released/discovery_center/mission_3774/{step_1 => step1}/outputs.tf (100%) rename released/discovery_center/mission_3774/{step_1 => step1}/provider.tf (100%) rename released/discovery_center/mission_3774/{step_1 => step1}/sample.tfvars (100%) rename released/discovery_center/mission_3774/{step_1 => step1}/variables.tf (100%) rename released/discovery_center/mission_3774/{step_2 => step2}/README.md (100%) rename released/discovery_center/mission_3774/{step_2 => step2}/main.tf (100%) rename released/discovery_center/mission_3774/{step_2 => step2}/provider.tf (100%) rename released/discovery_center/mission_3774/{step_2 => step2}/sample.tfvars (100%) rename released/discovery_center/mission_3774/{step_2 => step2}/variables.tf (100%) diff --git a/released/discovery_center/mission_3774/step_1/README.md b/released/discovery_center/mission_3774/step1/README.md similarity index 100% rename from released/discovery_center/mission_3774/step_1/README.md rename to released/discovery_center/mission_3774/step1/README.md diff --git a/released/discovery_center/mission_3774/step_1/main.tf b/released/discovery_center/mission_3774/step1/main.tf similarity index 100% rename from released/discovery_center/mission_3774/step_1/main.tf rename to released/discovery_center/mission_3774/step1/main.tf diff --git a/released/discovery_center/mission_3774/step_1/outputs.tf b/released/discovery_center/mission_3774/step1/outputs.tf similarity index 100% rename from released/discovery_center/mission_3774/step_1/outputs.tf rename to released/discovery_center/mission_3774/step1/outputs.tf diff --git a/released/discovery_center/mission_3774/step_1/provider.tf b/released/discovery_center/mission_3774/step1/provider.tf similarity index 100% rename from released/discovery_center/mission_3774/step_1/provider.tf rename to released/discovery_center/mission_3774/step1/provider.tf diff --git a/released/discovery_center/mission_3774/step_1/sample.tfvars b/released/discovery_center/mission_3774/step1/sample.tfvars similarity index 100% rename from released/discovery_center/mission_3774/step_1/sample.tfvars rename to released/discovery_center/mission_3774/step1/sample.tfvars diff --git a/released/discovery_center/mission_3774/step_1/variables.tf b/released/discovery_center/mission_3774/step1/variables.tf similarity index 100% rename from released/discovery_center/mission_3774/step_1/variables.tf rename to released/discovery_center/mission_3774/step1/variables.tf diff --git a/released/discovery_center/mission_3774/step_2/README.md b/released/discovery_center/mission_3774/step2/README.md similarity index 100% rename from released/discovery_center/mission_3774/step_2/README.md rename to released/discovery_center/mission_3774/step2/README.md diff --git a/released/discovery_center/mission_3774/step_2/main.tf b/released/discovery_center/mission_3774/step2/main.tf similarity index 100% rename from released/discovery_center/mission_3774/step_2/main.tf rename to released/discovery_center/mission_3774/step2/main.tf diff --git a/released/discovery_center/mission_3774/step_2/provider.tf b/released/discovery_center/mission_3774/step2/provider.tf similarity index 100% rename from released/discovery_center/mission_3774/step_2/provider.tf rename to released/discovery_center/mission_3774/step2/provider.tf diff --git a/released/discovery_center/mission_3774/step_2/sample.tfvars b/released/discovery_center/mission_3774/step2/sample.tfvars similarity index 100% rename from released/discovery_center/mission_3774/step_2/sample.tfvars rename to released/discovery_center/mission_3774/step2/sample.tfvars diff --git a/released/discovery_center/mission_3774/step_2/variables.tf b/released/discovery_center/mission_3774/step2/variables.tf similarity index 100% rename from released/discovery_center/mission_3774/step_2/variables.tf rename to released/discovery_center/mission_3774/step2/variables.tf From efb45459aae3d25951a925d21ab3210e68113970 Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Thu, 27 Jun 2024 15:59:07 +0000 Subject: [PATCH 05/18] update connection between step1 and step2 --- .../mission_3774/step1/main.tf | 10 ++- .../mission_3774/step1/sample.tfvars | 8 +-- .../mission_3774/step1/variables.tf | 23 +++++-- .../mission_3774/step2/main.tf | 64 +++++++++++++------ .../mission_3774/step2/provider.tf | 2 +- .../mission_3774/step2/variables.tf | 23 +++++-- .../sap_build_code/step1/variables.tf | 5 ++ 7 files changed, 97 insertions(+), 38 deletions(-) diff --git a/released/discovery_center/mission_3774/step1/main.tf b/released/discovery_center/mission_3774/step1/main.tf index a63ca7ac..74fef89a 100644 --- a/released/discovery_center/mission_3774/step1/main.tf +++ b/released/discovery_center/mission_3774/step1/main.tf @@ -4,7 +4,7 @@ resource "random_uuid" "uuid" {} locals { - random_uuid = random_uuid.uuid.result + random_uuid = random_uuid.uuid.result subaccount_domain = lower(replace("mission-3774-${local.random_uuid}", "_", "-")) subaccount_cf_org = substr(replace("${local.subaccount_domain}", "-", ""), 0, 32) } @@ -65,6 +65,7 @@ resource "btp_subaccount_environment_instance" "cloudfoundry" { parameters = jsonencode({ instance_name = local.subaccount_cf_org }) + depends_on = [btp_subaccount_subscription.build_workzone] } ############################################################################################### @@ -117,14 +118,17 @@ resource "local_file" "output_vars_step1" { subaccount_id = "${btp_subaccount.dc_mission.id}" cf_api_endpoint = "${jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["API Endpoint"]}" + cf_org_id = "${jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org ID"]}" cf_org_name = "${jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org Name"]}" custom_idp = "${var.custom_idp}" + cf_space_name = "${var.cf_space_name}" + cf_org_admins = ${jsonencode(var.cf_org_admins)} - cf_space_developer = ${jsonencode(var.cf_space_developer)} - cf_space_manager = ${jsonencode(var.cf_space_manager)} + cf_space_developers = ${jsonencode(var.cf_space_developers)} + cf_space_managers = ${jsonencode(var.cf_space_managers)} EOT filename = "../step2/terraform.tfvars" diff --git a/released/discovery_center/mission_3774/step1/sample.tfvars b/released/discovery_center/mission_3774/step1/sample.tfvars index 811ad2e1..071476cd 100644 --- a/released/discovery_center/mission_3774/step1/sample.tfvars +++ b/released/discovery_center/mission_3774/step1/sample.tfvars @@ -15,9 +15,9 @@ qas_service_plan__build_workzone = "free" subaccount_admins = ["another.user@test.com"] subaccount_service_admins = ["another.user@test.com"] -cf_org_admins = ["another.user@test.com"] -cf_space_manager = ["another.user@test.com", "you@test.com"] -cf_space_developer = ["another.user@test.com", "you@test.com"] +cf_org_admins = ["another.user@test.com"] +cf_space_managers = ["another.user@test.com", "you@test.com"] +cf_space_developers = ["another.user@test.com", "you@test.com"] -custom_idp = "your custom idp" +custom_idp = "sap.ids" launchpad_admins = ["another.user@test.com", "you@test.com"] \ No newline at end of file diff --git a/released/discovery_center/mission_3774/step1/variables.tf b/released/discovery_center/mission_3774/step1/variables.tf index 5f9b380f..5f66e951 100644 --- a/released/discovery_center/mission_3774/step1/variables.tf +++ b/released/discovery_center/mission_3774/step1/variables.tf @@ -52,12 +52,13 @@ variable "launchpad_admins" { variable "custom_idp" { type = string description = "Defines the custom IdP" + default = "sap.ids" } variable "cf_environment_label" { type = string description = "In case there are multiple environments available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available." - default = "" + default = "" } variable "cf_org_name" { @@ -82,24 +83,36 @@ variable "cf_org_admins" { } } -variable "cf_space_manager" { +variable "cf_space_name" { + type = string + description = "Name of the Cloud Foundry space." + default = "dev" + + validation { + condition = can(regex("^.{1,255}$", var.cf_space_name)) + error_message = "The Cloud Foundry space name must not be emtpy and not exceed 255 characters." + } + +} + +variable "cf_space_managers" { type = list(string) description = "Defines the colleagues who are added to a CF space as space manager." # add validation to check if admins contains a list of valid email addresses validation { - condition = length([for email in var.cf_space_manager : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_manager) + condition = length([for email in var.cf_space_managers : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_managers) error_message = "Please enter a valid email address for the CF space managers." } } -variable "cf_space_developer" { +variable "cf_space_developers" { type = list(string) description = "Defines the colleagues who are added to a CF space as space developer." # add validation to check if admins contains a list of valid email addresses validation { - condition = length([for email in var.cf_space_developer : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_developer) + condition = length([for email in var.cf_space_developers : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_developers) error_message = "Please enter a valid email address for the CF space developers." } } diff --git a/released/discovery_center/mission_3774/step2/main.tf b/released/discovery_center/mission_3774/step2/main.tf index c4f337cf..b02a0ccc 100644 --- a/released/discovery_center/mission_3774/step2/main.tf +++ b/released/discovery_center/mission_3774/step2/main.tf @@ -6,24 +6,52 @@ resource "cloudfoundry_space" "space" { org = var.cf_org_id # } -############################################################################################### -# assign user as space manager -############################################################################################### -resource "cloudfoundry_space_role" "cf_space_manager" { - username = var.cf_space_manager - type = "space_manager" - space = cloudfoundry_space.space.id - origin = "sap.ids" -} +# ------------------------------------------------------------------------------------------------------ +# USERS AND ROLES +# ------------------------------------------------------------------------------------------------------ +# +# ------------------------------------------------------------------------------------------------------ +# Assign CF Org roles to the admin users +# ------------------------------------------------------------------------------------------------------ +# Define Org User role +resource "cloudfoundry_org_role" "organization_user" { + for_each = toset("${var.cf_org_admins}") + username = each.value + type = "organization_user" + org = var.cf_org_id + origin = var.custom_idp +} +# Define Org Manager role +resource "cloudfoundry_org_role" "organization_manager" { + for_each = toset("${var.cf_org_admins}") + username = each.value + type = "organization_manager" + org = var.cf_org_id + origin = var.custom_idp + depends_on = [cloudfoundry_org_role.organization_user] +} -############################################################################################### -# assign user as space developer -############################################################################################### -resource "cloudfoundry_space_role" "cf_space_developer" { - username = var.cf_space_developer - type = "space_developer" - space = cloudfoundry_space.space.id +# ------------------------------------------------------------------------------------------------------ +# Assign CF space roles to the users +# ------------------------------------------------------------------------------------------------------ +# Define Space Manager role +resource "cloudfoundry_space_role" "space_managers" { + for_each = toset("${var.cf_space_managers}") + username = each.value + type = "space_manager" + space = cloudfoundry_space.space.id + origin = var.custom_idp + depends_on = [cloudfoundry_org_role.organization_manager] +} +# Define Space Developer role +resource "cloudfoundry_space_role" "space_developers" { + for_each = toset("${var.cf_space_developers}") + username = each.value + type = "space_developer" + space = cloudfoundry_space.space.id + origin = var.custom_idp + depends_on = [cloudfoundry_org_role.organization_manager] } ############################################################################################### @@ -38,7 +66,7 @@ resource "cloudfoundry_service_instance" "si_taskcenter" { type = "managed" space = cloudfoundry_space.space.id service_plan = data.cloudfoundry_service.srvc_taskcenter.service_plans["standard"] - depends_on = [cloudfoundry_space_role.cf_space_manager, cloudfoundry_space_role.cf_space_developer] + depends_on = [cloudfoundry_space_role.space_managers, cloudfoundry_space_role.space_developers] parameters = jsonencode({ "authorities" : [], "defaultCollectionQueryFilter" : "own" @@ -52,7 +80,7 @@ resource "random_uuid" "service_key_stc" {} resource "cloudfoundry_service_credential_binding" "sap-taskcenter" { type = "key" - name = join("_", ["defaultKey", random_uuid.service_key_stc.hex]) + name = join("_", ["defaultKey", random_uuid.service_key_stc.result]) service_instance = cloudfoundry_service_instance.si_taskcenter.id } diff --git a/released/discovery_center/mission_3774/step2/provider.tf b/released/discovery_center/mission_3774/step2/provider.tf index d97e6e97..d43ba5fa 100644 --- a/released/discovery_center/mission_3774/step2/provider.tf +++ b/released/discovery_center/mission_3774/step2/provider.tf @@ -17,5 +17,5 @@ provider "btp" { cli_server_url = var.cli_server_url } provider "cloudfoundry" { - api_url = var.cf_api_url + api_url = var.cf_api_endpoint } diff --git a/released/discovery_center/mission_3774/step2/variables.tf b/released/discovery_center/mission_3774/step2/variables.tf index e9b54bb7..4d957c23 100644 --- a/released/discovery_center/mission_3774/step2/variables.tf +++ b/released/discovery_center/mission_3774/step2/variables.tf @@ -13,12 +13,21 @@ variable "cli_server_url" { default = "https://cli.btp.cloud.sap" } -variable "cf_api_url" { +variable "cf_api_endpoint" { type = string - description = "Defines the CLI server URL" - default = "https://api.cf.us10.hana.ondemand.com/" + description = "The Cloud Foundry API endpoint from the Cloud Foundry environment instance." } +variable "cf_space_name" { + type = string + description = "Name of the Cloud Foundry space." + default = "dev" + + validation { + condition = can(regex("^.{1,255}$", var.cf_space_name)) + error_message = "The Cloud Foundry space name must not be emtpy and not exceed 255 characters." + } +} # subaccount variable "subaccount_name" { @@ -101,24 +110,24 @@ variable "cf_org_admins" { } } -variable "cf_space_manager" { +variable "cf_space_managers" { type = list(string) description = "Defines the colleagues who are added to a CF space as space manager." # add validation to check if admins contains a list of valid email addresses validation { - condition = length([for email in var.cf_space_manager : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_manager) + condition = length([for email in var.cf_space_managers : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_managers) error_message = "Please enter a valid email address for the CF space managers." } } -variable "cf_space_developer" { +variable "cf_space_developers" { type = list(string) description = "Defines the colleagues who are added to a CF space as space developer." # add validation to check if admins contains a list of valid email addresses validation { - condition = length([for email in var.cf_space_developer : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_developer) + condition = length([for email in var.cf_space_developers : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_developers) error_message = "Please enter a valid email address for the CF space developers." } } diff --git a/released/usecases/services_apps/sap_build_code/step1/variables.tf b/released/usecases/services_apps/sap_build_code/step1/variables.tf index 90e007f0..7d04e88b 100644 --- a/released/usecases/services_apps/sap_build_code/step1/variables.tf +++ b/released/usecases/services_apps/sap_build_code/step1/variables.tf @@ -21,6 +21,11 @@ variable "cli_server_url" { default = "https://cli.btp.cloud.sap" } +variable "cf_api_endpoint" { + type = string + description = "The Cloud Foundry API endpoint from the Cloud Foundry environment instance." +} + variable "region" { type = string description = "The region where the subaccount shall be created in." From a1936b9366cfa545a2f24e8b7eadccc55c83c4f5 Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Thu, 27 Jun 2024 16:19:15 +0000 Subject: [PATCH 06/18] code clean-up --- .../mission_3774/step1/main.tf | 7 +++--- .../mission_3774/step2/main.tf | 22 +++++++++---------- 2 files changed, 13 insertions(+), 16 deletions(-) diff --git a/released/discovery_center/mission_3774/step1/main.tf b/released/discovery_center/mission_3774/step1/main.tf index 74fef89a..683eb983 100644 --- a/released/discovery_center/mission_3774/step1/main.tf +++ b/released/discovery_center/mission_3774/step1/main.tf @@ -21,7 +21,7 @@ resource "btp_subaccount" "dc_mission" { # Assignment of users as sub account administrators # ------------------------------------------------------------------------------------------------------ resource "btp_subaccount_role_collection_assignment" "subaccount-admins" { - for_each = toset("${var.subaccount_admins}") + for_each = toset(var.subaccount_admins) subaccount_id = btp_subaccount.dc_mission.id role_collection_name = "Subaccount Administrator" user_name = each.value @@ -30,7 +30,7 @@ resource "btp_subaccount_role_collection_assignment" "subaccount-admins" { # Assignment of users as sub account service administrators # ------------------------------------------------------------------------------------------------------ resource "btp_subaccount_role_collection_assignment" "subaccount-service-admins" { - for_each = toset("${var.subaccount_service_admins}") + for_each = toset(var.subaccount_service_admins) subaccount_id = btp_subaccount.dc_mission.id role_collection_name = "Subaccount Service Administrator" user_name = each.value @@ -98,14 +98,13 @@ resource "btp_subaccount_entitlement" "taskcenter" { # Assignment of users as launchpad administrators # ------------------------------------------------------------------------------------------------------ resource "btp_subaccount_role_collection_assignment" "launchpad-admins" { - for_each = toset("${var.launchpad_admins}") + for_each = toset(var.launchpad_admins) subaccount_id = btp_subaccount.dc_mission.id role_collection_name = "Launchpad_Admin" user_name = each.value depends_on = [btp_subaccount_subscription.build_workzone] } - # ------------------------------------------------------------------------------------------------------ # Create tfvars file for step 2 (if variable `create_tfvars_file_for_step2` is set to true) # ------------------------------------------------------------------------------------------------------ diff --git a/released/discovery_center/mission_3774/step2/main.tf b/released/discovery_center/mission_3774/step2/main.tf index b02a0ccc..cbc9b2ca 100644 --- a/released/discovery_center/mission_3774/step2/main.tf +++ b/released/discovery_center/mission_3774/step2/main.tf @@ -1,12 +1,11 @@ -############################################################################################### +# ------------------------------------------------------------------------------------------------------ # Create the Cloud Foundry space -############################################################################################### +# ------------------------------------------------------------------------------------------------------ resource "cloudfoundry_space" "space" { name = var.cf_space_name org = var.cf_org_id # } - # ------------------------------------------------------------------------------------------------------ # USERS AND ROLES # ------------------------------------------------------------------------------------------------------ @@ -37,7 +36,7 @@ resource "cloudfoundry_org_role" "organization_manager" { # ------------------------------------------------------------------------------------------------------ # Define Space Manager role resource "cloudfoundry_space_role" "space_managers" { - for_each = toset("${var.cf_space_managers}") + for_each = toset(var.cf_space_managers) username = each.value type = "space_manager" space = cloudfoundry_space.space.id @@ -46,7 +45,7 @@ resource "cloudfoundry_space_role" "space_managers" { } # Define Space Developer role resource "cloudfoundry_space_role" "space_developers" { - for_each = toset("${var.cf_space_developers}") + for_each = toset(var.cf_space_developers) username = each.value type = "space_developer" space = cloudfoundry_space.space.id @@ -54,9 +53,9 @@ resource "cloudfoundry_space_role" "space_developers" { depends_on = [cloudfoundry_org_role.organization_manager] } -############################################################################################### +# ------------------------------------------------------------------------------------------------------ # Create service instance for taskcenter (one-inbox-service) -############################################################################################### +# ------------------------------------------------------------------------------------------------------ data "cloudfoundry_service" "srvc_taskcenter" { name = "one-inbox-service" } @@ -73,9 +72,9 @@ resource "cloudfoundry_service_instance" "si_taskcenter" { }) } -############################################################################################### +# ------------------------------------------------------------------------------------------------------ # Create service key -############################################################################################### +# ------------------------------------------------------------------------------------------------------ resource "random_uuid" "service_key_stc" {} resource "cloudfoundry_service_credential_binding" "sap-taskcenter" { @@ -84,16 +83,15 @@ resource "cloudfoundry_service_credential_binding" "sap-taskcenter" { service_instance = cloudfoundry_service_instance.si_taskcenter.id } -############################################################################################### +# ------------------------------------------------------------------------------------------------------ # Prepare and setup service: destination -############################################################################################### +# ------------------------------------------------------------------------------------------------------ # Entitle subaccount for usage of service destination resource "btp_subaccount_entitlement" "destination" { subaccount_id = var.subaccount_id service_name = "destination" plan_name = "lite" } - # Get serviceplan_id for stc-service with plan_name "default" data "btp_subaccount_service_plan" "destination" { subaccount_id = var.subaccount_id From b9ddce9c3e26e8ea5b1432a5a2c16f31d5fc2986 Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Thu, 27 Jun 2024 16:57:03 +0000 Subject: [PATCH 07/18] update format --- .../mission_3774_sap_task_center/step_1/sample.tfvars | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/in-development/mission_3774_sap_task_center/step_1/sample.tfvars b/in-development/mission_3774_sap_task_center/step_1/sample.tfvars index baea564d..c72ecfb3 100644 --- a/in-development/mission_3774_sap_task_center/step_1/sample.tfvars +++ b/in-development/mission_3774_sap_task_center/step_1/sample.tfvars @@ -2,9 +2,9 @@ # Provider configuration # ------------------------------------------------------------------------------------------------------ # Your global account subdomain -globalaccount = "yourglobalaccount" -region = "datacenter" -subaccount_name = "subaccount_name" +globalaccount = "yourglobalaccount" +region = "datacenter" +subaccount_name = "subaccount_name" # ------------------------------------------------------------------------------------------------------ # Project specific configuration (please adapt!) From 6ba78b8c8bbd620ccc9910b1f9968e5197160f17 Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Fri, 28 Jun 2024 05:43:49 +0000 Subject: [PATCH 08/18] update format --- released/discovery_center/mission_3774/step1/variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/released/discovery_center/mission_3774/step1/variables.tf b/released/discovery_center/mission_3774/step1/variables.tf index 5f66e951..0a74419a 100644 --- a/released/discovery_center/mission_3774/step1/variables.tf +++ b/released/discovery_center/mission_3774/step1/variables.tf @@ -52,7 +52,7 @@ variable "launchpad_admins" { variable "custom_idp" { type = string description = "Defines the custom IdP" - default = "sap.ids" + default = "sap.ids" } variable "cf_environment_label" { From cd8d2279d474a54a91a604ed2b90a423cb9b073f Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Fri, 28 Jun 2024 07:12:28 +0000 Subject: [PATCH 09/18] fix issue with custom_idp and origin --- released/discovery_center/mission_3774/step1/main.tf | 12 ++++++++++++ .../discovery_center/mission_3774/step1/variables.tf | 6 ++++++ released/discovery_center/mission_3774/step2/main.tf | 8 ++++---- .../discovery_center/mission_3774/step2/variables.tf | 8 +++++++- 4 files changed, 29 insertions(+), 5 deletions(-) diff --git a/released/discovery_center/mission_3774/step1/main.tf b/released/discovery_center/mission_3774/step1/main.tf index 683eb983..7c051b6b 100644 --- a/released/discovery_center/mission_3774/step1/main.tf +++ b/released/discovery_center/mission_3774/step1/main.tf @@ -17,6 +17,17 @@ resource "btp_subaccount" "dc_mission" { subdomain = local.subaccount_domain region = lower(var.region) } + +# ------------------------------------------------------------------------------------------------------ +# Assign custom IDP to sub account (if custom_idp is set) +# ------------------------------------------------------------------------------------------------------ +resource "btp_subaccount_trust_configuration" "fully_customized" { + # Only create trust configuration if custom_idp has been set + count = var.custom_idp == null ? 1 : 0 + subaccount_id = btp_subaccount.dc_mission.id + identity_provider = var.custom_idp +} + # ------------------------------------------------------------------------------------------------------ # Assignment of users as sub account administrators # ------------------------------------------------------------------------------------------------------ @@ -122,6 +133,7 @@ resource "local_file" "output_vars_step1" { cf_org_name = "${jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org Name"]}" custom_idp = "${var.custom_idp}" + origin = "${var.origin}" cf_space_name = "${var.cf_space_name}" diff --git a/released/discovery_center/mission_3774/step1/variables.tf b/released/discovery_center/mission_3774/step1/variables.tf index 0a74419a..61d00418 100644 --- a/released/discovery_center/mission_3774/step1/variables.tf +++ b/released/discovery_center/mission_3774/step1/variables.tf @@ -52,6 +52,12 @@ variable "launchpad_admins" { variable "custom_idp" { type = string description = "Defines the custom IdP" + default = null +} + +variable "origin" { + type = string + description = "Defines the origin of the custom idp" default = "sap.ids" } diff --git a/released/discovery_center/mission_3774/step2/main.tf b/released/discovery_center/mission_3774/step2/main.tf index cbc9b2ca..a4de64fe 100644 --- a/released/discovery_center/mission_3774/step2/main.tf +++ b/released/discovery_center/mission_3774/step2/main.tf @@ -19,7 +19,7 @@ resource "cloudfoundry_org_role" "organization_user" { username = each.value type = "organization_user" org = var.cf_org_id - origin = var.custom_idp + origin = var.origin } # Define Org Manager role resource "cloudfoundry_org_role" "organization_manager" { @@ -27,7 +27,7 @@ resource "cloudfoundry_org_role" "organization_manager" { username = each.value type = "organization_manager" org = var.cf_org_id - origin = var.custom_idp + origin = var.origin depends_on = [cloudfoundry_org_role.organization_user] } @@ -40,7 +40,7 @@ resource "cloudfoundry_space_role" "space_managers" { username = each.value type = "space_manager" space = cloudfoundry_space.space.id - origin = var.custom_idp + origin = var.origin depends_on = [cloudfoundry_org_role.organization_manager] } # Define Space Developer role @@ -49,7 +49,7 @@ resource "cloudfoundry_space_role" "space_developers" { username = each.value type = "space_developer" space = cloudfoundry_space.space.id - origin = var.custom_idp + origin = var.origin depends_on = [cloudfoundry_org_role.organization_manager] } diff --git a/released/discovery_center/mission_3774/step2/variables.tf b/released/discovery_center/mission_3774/step2/variables.tf index 4d957c23..a3d6d963 100644 --- a/released/discovery_center/mission_3774/step2/variables.tf +++ b/released/discovery_center/mission_3774/step2/variables.tf @@ -74,7 +74,13 @@ variable "launchpad_admins" { variable "custom_idp" { type = string description = "Defines the custom IdP" - default = "" + default = null +} + +variable "origin" { + type = string + description = "Defines the origin of the custom idp" + default = "sap.ids" } variable "environment_label" { From 6f1143b0f617d6f13e186b824279958efbbe8df6 Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Fri, 28 Jun 2024 07:18:36 +0000 Subject: [PATCH 10/18] rename origin to origin_key --- released/discovery_center/mission_3774/step1/main.tf | 2 +- .../discovery_center/mission_3774/step1/variables.tf | 4 ++-- released/discovery_center/mission_3774/step2/main.tf | 10 +++++----- .../discovery_center/mission_3774/step2/variables.tf | 4 ++-- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/released/discovery_center/mission_3774/step1/main.tf b/released/discovery_center/mission_3774/step1/main.tf index 7c051b6b..1f6b41c2 100644 --- a/released/discovery_center/mission_3774/step1/main.tf +++ b/released/discovery_center/mission_3774/step1/main.tf @@ -133,7 +133,7 @@ resource "local_file" "output_vars_step1" { cf_org_name = "${jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org Name"]}" custom_idp = "${var.custom_idp}" - origin = "${var.origin}" + origin_key = "${var.origin_key}" cf_space_name = "${var.cf_space_name}" diff --git a/released/discovery_center/mission_3774/step1/variables.tf b/released/discovery_center/mission_3774/step1/variables.tf index 61d00418..e69f5028 100644 --- a/released/discovery_center/mission_3774/step1/variables.tf +++ b/released/discovery_center/mission_3774/step1/variables.tf @@ -55,9 +55,9 @@ variable "custom_idp" { default = null } -variable "origin" { +variable "origin_key" { type = string - description = "Defines the origin of the custom idp" + description = "Defines the origin key of the identity provider" default = "sap.ids" } diff --git a/released/discovery_center/mission_3774/step2/main.tf b/released/discovery_center/mission_3774/step2/main.tf index a4de64fe..14fa20cc 100644 --- a/released/discovery_center/mission_3774/step2/main.tf +++ b/released/discovery_center/mission_3774/step2/main.tf @@ -3,7 +3,7 @@ # ------------------------------------------------------------------------------------------------------ resource "cloudfoundry_space" "space" { name = var.cf_space_name - org = var.cf_org_id # + org = var.cf_org_id } # ------------------------------------------------------------------------------------------------------ @@ -19,7 +19,7 @@ resource "cloudfoundry_org_role" "organization_user" { username = each.value type = "organization_user" org = var.cf_org_id - origin = var.origin + origin = var.origin_key } # Define Org Manager role resource "cloudfoundry_org_role" "organization_manager" { @@ -27,7 +27,7 @@ resource "cloudfoundry_org_role" "organization_manager" { username = each.value type = "organization_manager" org = var.cf_org_id - origin = var.origin + origin = var.origin_key depends_on = [cloudfoundry_org_role.organization_user] } @@ -40,7 +40,7 @@ resource "cloudfoundry_space_role" "space_managers" { username = each.value type = "space_manager" space = cloudfoundry_space.space.id - origin = var.origin + origin = var.origin_key depends_on = [cloudfoundry_org_role.organization_manager] } # Define Space Developer role @@ -49,7 +49,7 @@ resource "cloudfoundry_space_role" "space_developers" { username = each.value type = "space_developer" space = cloudfoundry_space.space.id - origin = var.origin + origin = var.origin_key depends_on = [cloudfoundry_org_role.organization_manager] } diff --git a/released/discovery_center/mission_3774/step2/variables.tf b/released/discovery_center/mission_3774/step2/variables.tf index a3d6d963..f7dd8954 100644 --- a/released/discovery_center/mission_3774/step2/variables.tf +++ b/released/discovery_center/mission_3774/step2/variables.tf @@ -77,9 +77,9 @@ variable "custom_idp" { default = null } -variable "origin" { +variable "origin_key" { type = string - description = "Defines the origin of the custom idp" + description = "Defines the origin key of the identity provider" default = "sap.ids" } From d16c3148617f26d3737c5f209df09ec2573c43e7 Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Fri, 28 Jun 2024 07:20:31 +0000 Subject: [PATCH 11/18] remove default for custom_idp --- released/discovery_center/mission_3774/step1/variables.tf | 1 - released/discovery_center/mission_3774/step2/variables.tf | 1 - 2 files changed, 2 deletions(-) diff --git a/released/discovery_center/mission_3774/step1/variables.tf b/released/discovery_center/mission_3774/step1/variables.tf index e69f5028..254e6f97 100644 --- a/released/discovery_center/mission_3774/step1/variables.tf +++ b/released/discovery_center/mission_3774/step1/variables.tf @@ -52,7 +52,6 @@ variable "launchpad_admins" { variable "custom_idp" { type = string description = "Defines the custom IdP" - default = null } variable "origin_key" { diff --git a/released/discovery_center/mission_3774/step2/variables.tf b/released/discovery_center/mission_3774/step2/variables.tf index f7dd8954..c5d0b39d 100644 --- a/released/discovery_center/mission_3774/step2/variables.tf +++ b/released/discovery_center/mission_3774/step2/variables.tf @@ -74,7 +74,6 @@ variable "launchpad_admins" { variable "custom_idp" { type = string description = "Defines the custom IdP" - default = null } variable "origin_key" { From c996d9d7a22d76e861b0dbbac43b049b74cd9c8c Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Fri, 28 Jun 2024 07:34:12 +0000 Subject: [PATCH 12/18] add description to origin_key and update email address variables --- .../mission_3774/step1/variables.tf | 20 +++++++++++++++++++ .../mission_3774/step2/variables.tf | 20 +++++++++++++++++++ 2 files changed, 40 insertions(+) diff --git a/released/discovery_center/mission_3774/step1/variables.tf b/released/discovery_center/mission_3774/step1/variables.tf index 254e6f97..a3ac7730 100644 --- a/released/discovery_center/mission_3774/step1/variables.tf +++ b/released/discovery_center/mission_3774/step1/variables.tf @@ -35,18 +35,36 @@ variable "subaccount_admins" { type = list(string) description = "Defines the colleagues who are added to each subaccount as subaccount administrators." default = ["jane.doe@test.com", "john.doe@test.com"] + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.subaccount_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.subaccount_admins) + error_message = "Please enter a valid email address for the CF space managers." + } } variable "subaccount_service_admins" { type = list(string) description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." default = ["jane.doe@test.com", "john.doe@test.com"] + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.subaccount_service_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.subaccount_service_admins) + error_message = "Please enter a valid email address for the CF space managers." + } } variable "launchpad_admins" { type = list(string) description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." default = ["jane.doe@test.com", "john.doe@test.com"] + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.launchpad_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.launchpad_admins) + error_message = "Please enter a valid email address for the CF space managers." + } } variable "custom_idp" { @@ -57,6 +75,8 @@ variable "custom_idp" { variable "origin_key" { type = string description = "Defines the origin key of the identity provider" + # The value for the origin_key can be defined + # but are normally set to "sap.ids", "sap.default" or "sap.custom" default = "sap.ids" } diff --git a/released/discovery_center/mission_3774/step2/variables.tf b/released/discovery_center/mission_3774/step2/variables.tf index c5d0b39d..406ff180 100644 --- a/released/discovery_center/mission_3774/step2/variables.tf +++ b/released/discovery_center/mission_3774/step2/variables.tf @@ -57,18 +57,36 @@ variable "subaccount_admins" { type = list(string) description = "Defines the colleagues who are added to each subaccount as subaccount administrators." default = ["jane.doe@test.com", "john.doe@test.com"] + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.subaccount_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.subaccount_admins) + error_message = "Please enter a valid email address." + } } variable "subaccount_service_admins" { type = list(string) description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." default = ["jane.doe@test.com", "john.doe@test.com"] + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.subaccount_service_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.subaccount_service_admins) + error_message = "Please enter a valid email address." + } } variable "launchpad_admins" { type = list(string) description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." default = ["jane.doe@test.com", "john.doe@test.com"] + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.launchpad_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.launchpad_admins) + error_message = "Please enter a valid email address." + } } variable "custom_idp" { @@ -79,6 +97,8 @@ variable "custom_idp" { variable "origin_key" { type = string description = "Defines the origin key of the identity provider" + # The value for the origin_key can be defined + # but are normally set to "sap.ids", "sap.default" or "sap.custom" default = "sap.ids" } From 612b8afb5d284ef33c002e34c5753d87f41fd258 Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Fri, 28 Jun 2024 08:57:54 +0000 Subject: [PATCH 13/18] update comments --- released/discovery_center/mission_3774/step1/variables.tf | 2 +- released/discovery_center/mission_3774/step2/variables.tf | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/released/discovery_center/mission_3774/step1/variables.tf b/released/discovery_center/mission_3774/step1/variables.tf index a3ac7730..b14c8244 100644 --- a/released/discovery_center/mission_3774/step1/variables.tf +++ b/released/discovery_center/mission_3774/step1/variables.tf @@ -75,9 +75,9 @@ variable "custom_idp" { variable "origin_key" { type = string description = "Defines the origin key of the identity provider" + default = "sap.ids" # The value for the origin_key can be defined # but are normally set to "sap.ids", "sap.default" or "sap.custom" - default = "sap.ids" } variable "cf_environment_label" { diff --git a/released/discovery_center/mission_3774/step2/variables.tf b/released/discovery_center/mission_3774/step2/variables.tf index 406ff180..3f91b3b6 100644 --- a/released/discovery_center/mission_3774/step2/variables.tf +++ b/released/discovery_center/mission_3774/step2/variables.tf @@ -62,7 +62,7 @@ variable "subaccount_admins" { validation { condition = length([for email in var.subaccount_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.subaccount_admins) error_message = "Please enter a valid email address." - } + } } variable "subaccount_service_admins" { @@ -74,7 +74,7 @@ variable "subaccount_service_admins" { validation { condition = length([for email in var.subaccount_service_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.subaccount_service_admins) error_message = "Please enter a valid email address." - } + } } variable "launchpad_admins" { @@ -86,7 +86,7 @@ variable "launchpad_admins" { validation { condition = length([for email in var.launchpad_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.launchpad_admins) error_message = "Please enter a valid email address." - } + } } variable "custom_idp" { @@ -97,9 +97,9 @@ variable "custom_idp" { variable "origin_key" { type = string description = "Defines the origin key of the identity provider" + default = "sap.ids" # The value for the origin_key can be defined # but are normally set to "sap.ids", "sap.default" or "sap.custom" - default = "sap.ids" } variable "environment_label" { From ec8ae1087f7ff125b9249364f847b6572e2e5bdb Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Fri, 28 Jun 2024 10:00:39 +0000 Subject: [PATCH 14/18] udpate handling of custom_idp --- released/discovery_center/mission_3774/step1/main.tf | 3 +-- released/discovery_center/mission_3774/step1/variables.tf | 1 + released/discovery_center/mission_3774/step2/variables.tf | 5 ----- 3 files changed, 2 insertions(+), 7 deletions(-) diff --git a/released/discovery_center/mission_3774/step1/main.tf b/released/discovery_center/mission_3774/step1/main.tf index 1f6b41c2..e4bdb0bf 100644 --- a/released/discovery_center/mission_3774/step1/main.tf +++ b/released/discovery_center/mission_3774/step1/main.tf @@ -23,7 +23,7 @@ resource "btp_subaccount" "dc_mission" { # ------------------------------------------------------------------------------------------------------ resource "btp_subaccount_trust_configuration" "fully_customized" { # Only create trust configuration if custom_idp has been set - count = var.custom_idp == null ? 1 : 0 + count = var.custom_idp == "" ? 0 : 1 subaccount_id = btp_subaccount.dc_mission.id identity_provider = var.custom_idp } @@ -132,7 +132,6 @@ resource "local_file" "output_vars_step1" { cf_org_id = "${jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org ID"]}" cf_org_name = "${jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org Name"]}" - custom_idp = "${var.custom_idp}" origin_key = "${var.origin_key}" cf_space_name = "${var.cf_space_name}" diff --git a/released/discovery_center/mission_3774/step1/variables.tf b/released/discovery_center/mission_3774/step1/variables.tf index b14c8244..53072ab9 100644 --- a/released/discovery_center/mission_3774/step1/variables.tf +++ b/released/discovery_center/mission_3774/step1/variables.tf @@ -70,6 +70,7 @@ variable "launchpad_admins" { variable "custom_idp" { type = string description = "Defines the custom IdP" + default = "" } variable "origin_key" { diff --git a/released/discovery_center/mission_3774/step2/variables.tf b/released/discovery_center/mission_3774/step2/variables.tf index 3f91b3b6..57d6c3e0 100644 --- a/released/discovery_center/mission_3774/step2/variables.tf +++ b/released/discovery_center/mission_3774/step2/variables.tf @@ -89,11 +89,6 @@ variable "launchpad_admins" { } } -variable "custom_idp" { - type = string - description = "Defines the custom IdP" -} - variable "origin_key" { type = string description = "Defines the origin key of the identity provider" From e7357b40ce9dae1d7016797bca784b1f42cef692 Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Fri, 28 Jun 2024 10:02:43 +0000 Subject: [PATCH 15/18] update format --- released/discovery_center/mission_3774/step1/variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/released/discovery_center/mission_3774/step1/variables.tf b/released/discovery_center/mission_3774/step1/variables.tf index 53072ab9..41f92a17 100644 --- a/released/discovery_center/mission_3774/step1/variables.tf +++ b/released/discovery_center/mission_3774/step1/variables.tf @@ -70,7 +70,7 @@ variable "launchpad_admins" { variable "custom_idp" { type = string description = "Defines the custom IdP" - default = "" + default = "" } variable "origin_key" { From 14509dd914b5ea05bfdb32cd92c8b77fbb3ce213 Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Fri, 28 Jun 2024 10:21:06 +0000 Subject: [PATCH 16/18] remove mission in development --- .../mission_3774_sap_task_center/README.md | 89 ------------- .../step_1/README.md | 48 ------- .../step_1/locals.tf | 4 - .../step_1/main.tf | 102 --------------- .../step_1/outputs.tf | 24 ---- .../step_1/provider.tf | 14 --- .../step_1/sample.tfvars | 16 --- .../step_1/variables.tf | 82 ------------ .../step_2/README.md | 44 ------- .../step_2/main.tf | 108 ---------------- .../step_2/provider.tf | 21 ---- .../step_2/sample.tfvars | 20 --- .../step_2/variables.tf | 119 ------------------ 13 files changed, 691 deletions(-) delete mode 100644 in-development/mission_3774_sap_task_center/README.md delete mode 100644 in-development/mission_3774_sap_task_center/step_1/README.md delete mode 100644 in-development/mission_3774_sap_task_center/step_1/locals.tf delete mode 100644 in-development/mission_3774_sap_task_center/step_1/main.tf delete mode 100644 in-development/mission_3774_sap_task_center/step_1/outputs.tf delete mode 100644 in-development/mission_3774_sap_task_center/step_1/provider.tf delete mode 100644 in-development/mission_3774_sap_task_center/step_1/sample.tfvars delete mode 100644 in-development/mission_3774_sap_task_center/step_1/variables.tf delete mode 100644 in-development/mission_3774_sap_task_center/step_2/README.md delete mode 100644 in-development/mission_3774_sap_task_center/step_2/main.tf delete mode 100644 in-development/mission_3774_sap_task_center/step_2/provider.tf delete mode 100644 in-development/mission_3774_sap_task_center/step_2/sample.tfvars delete mode 100644 in-development/mission_3774_sap_task_center/step_2/variables.tf diff --git a/in-development/mission_3774_sap_task_center/README.md b/in-development/mission_3774_sap_task_center/README.md deleted file mode 100644 index 76e612ae..00000000 --- a/in-development/mission_3774_sap_task_center/README.md +++ /dev/null @@ -1,89 +0,0 @@ -# Discovery Center mission - Establish a Central Inbox with SAP Task Center - -## Overview - -This sample shows how to setup your SAP BTP account for the Discovery Center Mission - [Establish a Central Inbox with SAP Task Center](https://discovery-center.cloud.sap/index.html#/missiondetail/3774/) - - -## Content of setup - -The setup comprises the following resources: - -- Creation of the SAP BTP subaccount -- Entitlements of services -- Subscriptions to applications -- Creation of service instance -- Role collection assignments to users - -## Deploying the resources - -Make sure that you are familiar with SAP BTP and know both the [Get Started with btp-terraform-samples](https://github.com/SAP-samples/btp-terraform-samples/blob/main/GET_STARTED.md) and the [Get Started with the Terraform Provider for BTP](https://developers.sap.com/tutorials/btp-terraform-get-started.html) - -To deploy the resources you must: - -1. Set the environment variables BTP_USERNAME and BTP_PASSWORD to pass credentials to the BTP provider to authenticate and interact with your BTP environments. - - ```bash - export BTP_USERNAME= - export BTP_PASSWORD= - ``` - -2. Set the environment variables CF_USERNAME and CF_PASSWORD to pass credentials to the CF provider to authenticate and interact with your CF environment. - - ```bash - export CF_USER= - export CF_PASSWORD= - ``` - -3. Change the variables in the `common_sample.tfvars` file to meet your requirements - - > The minimal set of parameters you should specify (beside user_email and password) is globalaccount (i.e. its subdomain) and the used custom_idp. - - -4. Change the variables in `sample.tfvars` file to meet your requirements - - > ⚠ NOTE: You should pay attention **specifically** to the users defined in the samples.tfvars whether they already exist in your SAP BTP accounts. Otherwise you might get error messages like e.g. `Error: The user could not be found: jane.doe@test.com`. - - -5. Initialize the workspace for step 1: - - ```bash - terraform init - ``` - -6. You can check what Terraform plans to apply for step 1 based on your configuration: - - ```bash - terraform plan -var-file="../common_sample.tfvars" -var-file="sample.tfvars" - ``` - -7. Apply your configuration for step 1 to provision the resources: - - ```bash - terraform apply -var-file="../common_sample.tfvars" -var-file="sample.tfvars" - ``` - -8. Switch to the `2_disable_default_login` folder. The configuration in this folder disables the default IdP of the subaccount created in step 1 for user logon. - -9. Change the variables in `sample.tfvars` file to meet your requirements - - > ⚠ NOTE: You must copy the `subaccount_id` from the output of step 1 and use it for step 2. - - -5. Initialize the workspace for step 2: - - ```bash - terraform init - ``` - -6. You can check what Terraform plans to apply for step 2 based on your configuration: - - ```bash - terraform plan -var-file="../common_sample.tfvars" -var-file="sample.tfvars" - ``` - -7. Apply your configuration for step 2 to provision the resources: - - ```bash - terraform apply -var-file="../common_sample.tfvars" -var-file="sample.tfvars" - ``` diff --git a/in-development/mission_3774_sap_task_center/step_1/README.md b/in-development/mission_3774_sap_task_center/step_1/README.md deleted file mode 100644 index 1b327508..00000000 --- a/in-development/mission_3774_sap_task_center/step_1/README.md +++ /dev/null @@ -1,48 +0,0 @@ -# Sample Setup of an SAP Task Center on SAP BTP - Step 1 - -## Overview - -This directory contains the setup of SAP Task Center from scratch namely a new subaccount including the relevant entitlements, a Cloud Foundry environment and a Cloud Foundry space. - -This directory contains the configuration the first step of the setup namely: - -- a new subaccount -- the entitlements for SAP Task Center -- the subscription for SAP Build Workzone, standard edition -- the Cloud Foundry environment -- The trust setup to the custom IdP -- Assignment of users to the role collections - -## Deploying the resources - -To deploy the resources of step 1 execute the following commands: - -1. Initialize your workspace: - - ```bash - terraform init - ``` - -1. Assign the variable values in a `*.tfvars` file e.g., the global account subdomain - -1. You can check what Terraform plans to apply based on your configuration: - - ```bash - terraform plan -var-file=".tfvars" - ``` - -1. Apply your configuration to provision the resources: - - ```bash - terraform apply -var-file=".tfvars" - ``` - -> **Note** - Some variables of the output of the first step are needed as input for the second step. - -## When finished - -You probably want to remove the assets after trying them out to avoid unnecessary costs. To do so execute the following command: - -```bash -terraform destroy -var-file=".tfvars" -``` \ No newline at end of file diff --git a/in-development/mission_3774_sap_task_center/step_1/locals.tf b/in-development/mission_3774_sap_task_center/step_1/locals.tf deleted file mode 100644 index 23462039..00000000 --- a/in-development/mission_3774_sap_task_center/step_1/locals.tf +++ /dev/null @@ -1,4 +0,0 @@ -locals { - service_name__sap_task_center = "one-inbox-service" - service_name__build_workzone = "SAPLaunchpad" -} \ No newline at end of file diff --git a/in-development/mission_3774_sap_task_center/step_1/main.tf b/in-development/mission_3774_sap_task_center/step_1/main.tf deleted file mode 100644 index 9cbf4f1f..00000000 --- a/in-development/mission_3774_sap_task_center/step_1/main.tf +++ /dev/null @@ -1,102 +0,0 @@ -############################################################################################### -# Setup of names in accordance to naming convention -############################################################################################### -resource "random_uuid" "uuid" {} - -locals { - random_uuid = random_uuid.uuid.result - project_subaccount_domain = lower(replace("mission-3774-${local.random_uuid}", "_", "-")) - project_subaccount_cf_org = substr(replace("${local.project_subaccount_domain}", "-", ""), 0, 32) -} -############################################################################################### -# Creation of subaccount -############################################################################################### -resource "btp_subaccount" "dc_mission" { - name = var.subaccount_name - subdomain = local.project_subaccount_domain - region = lower(var.region) -} -# ------------------------------------------------------------------------------------------------------ -# Assignment of users as sub account administrators -# ------------------------------------------------------------------------------------------------------ -resource "btp_subaccount_role_collection_assignment" "subaccount-admins" { - for_each = toset("${var.subaccount_admins}") - subaccount_id = btp_subaccount.dc_mission.id - role_collection_name = "Subaccount Administrator" - user_name = each.value -} -# ------------------------------------------------------------------------------------------------------ -# Assignment of users as sub account service administrators -# ------------------------------------------------------------------------------------------------------ -resource "btp_subaccount_role_collection_assignment" "subaccount-service-admins" { - for_each = toset("${var.subaccount_service_admins}") - subaccount_id = btp_subaccount.dc_mission.id - role_collection_name = "Subaccount Service Administrator" - user_name = each.value -} - -# ------------------------------------------------------------------------------------------------------ -# CLOUDFOUNDRY PREPARATION -# ------------------------------------------------------------------------------------------------------ -# -# Fetch all available environments for the subaccount -data "btp_subaccount_environments" "all" { - subaccount_id = btp_subaccount.dc_mission.id -} -# ------------------------------------------------------------------------------------------------------ -# Take the landscape label from the first CF environment if no environment label is provided -# (this replaces the previous null_resource) -# ------------------------------------------------------------------------------------------------------ -resource "terraform_data" "replacement" { - input = length(var.cf_environment_label) > 0 ? var.cf_environment_label : [for env in data.btp_subaccount_environments.all.values : env if env.service_name == "cloudfoundry" && env.environment_type == "cloudfoundry"][0].landscape_label -} -# ------------------------------------------------------------------------------------------------------ -# Creation of Cloud Foundry environment -# ------------------------------------------------------------------------------------------------------ -resource "btp_subaccount_environment_instance" "cloudfoundry" { - subaccount_id = btp_subaccount.dc_mission.id - name = local.project_subaccount_cf_org - environment_type = "cloudfoundry" - service_name = "cloudfoundry" - plan_name = "standard" - landscape_label = terraform_data.replacement.output - parameters = jsonencode({ - instance_name = local.project_subaccount_cf_org - }) -} -############################################################################################### -# Prepare and setup app: SAP Build Workzone, standard edition -############################################################################################### -# Entitle subaccount for usage of app destination SAP Build Workzone, standard edition -resource "btp_subaccount_entitlement" "build_workzone" { - subaccount_id = btp_subaccount.dc_mission.id - service_name = local.service_name__build_workzone - plan_name = var.service_plan__build_workzone - amount = var.service_plan__build_workzone == "free" ? 1 : null -} -# Create app subscription to SAP Build Workzone, standard edition (depends on entitlement) -resource "btp_subaccount_subscription" "build_workzone" { - subaccount_id = btp_subaccount.dc_mission.id - app_name = local.service_name__build_workzone - plan_name = var.service_plan__build_workzone - depends_on = [btp_subaccount_entitlement.build_workzone] -} -############################################################################################### -# Prepare and setup app: SAP Task Center -############################################################################################### -# Entitle subaccount for usage of app destination SAP Task Center -resource "btp_subaccount_entitlement" "taskcenter" { - subaccount_id = btp_subaccount.dc_mission.id - service_name = local.service_name__sap_task_center - plan_name = "standard" -} -# ------------------------------------------------------------------------------------------------------ -# Assignment of users as launchpad administrators -# ------------------------------------------------------------------------------------------------------ -resource "btp_subaccount_role_collection_assignment" "launchpad-admins" { - for_each = toset("${var.launchpad_admins}") - subaccount_id = btp_subaccount.dc_mission.id - role_collection_name = "Launchpad_Admin" - user_name = each.value - depends_on = [btp_subaccount_subscription.build_workzone] -} diff --git a/in-development/mission_3774_sap_task_center/step_1/outputs.tf b/in-development/mission_3774_sap_task_center/step_1/outputs.tf deleted file mode 100644 index 0f08f4f1..00000000 --- a/in-development/mission_3774_sap_task_center/step_1/outputs.tf +++ /dev/null @@ -1,24 +0,0 @@ -output "subaccount_id" { - value = btp_subaccount.dc_mission.id - description = "The ID of the subaccount." -} - -output "cf_org_name" { - value = local.project_subaccount_cf_org - description = "The name of the project subaccount." -} - -output "cf_org_id" { - value = btp_subaccount_environment_instance.cloudfoundry.landscape_label - description = "The ID of the Cloud Foundry environment." -} - -output "cf_api_endpoint" { - value = jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["API Endpoint"] - description = "API endpoint of the Cloud Foundry environment." -} - -output "cf_landscape_label" { - value = btp_subaccount_environment_instance.cloudfoundry.platform_id - description = "The landscape label of the Cloud Foundry environment." -} \ No newline at end of file diff --git a/in-development/mission_3774_sap_task_center/step_1/provider.tf b/in-development/mission_3774_sap_task_center/step_1/provider.tf deleted file mode 100644 index 1c7b0ab1..00000000 --- a/in-development/mission_3774_sap_task_center/step_1/provider.tf +++ /dev/null @@ -1,14 +0,0 @@ -### -# Define the required providers for this module -### -terraform { - required_providers { - btp = { - source = "sap/btp" - } - } -} -provider "btp" { - globalaccount = var.globalaccount - cli_server_url = var.cli_server_url -} diff --git a/in-development/mission_3774_sap_task_center/step_1/sample.tfvars b/in-development/mission_3774_sap_task_center/step_1/sample.tfvars deleted file mode 100644 index c72ecfb3..00000000 --- a/in-development/mission_3774_sap_task_center/step_1/sample.tfvars +++ /dev/null @@ -1,16 +0,0 @@ -# ------------------------------------------------------------------------------------------------------ -# Provider configuration -# ------------------------------------------------------------------------------------------------------ -# Your global account subdomain -globalaccount = "yourglobalaccount" -region = "datacenter" -subaccount_name = "subaccount_name" - -# ------------------------------------------------------------------------------------------------------ -# Project specific configuration (please adapt!) -# ------------------------------------------------------------------------------------------------------ - -subaccount_admins = ["jane.doe@test.com", "john.doe@test.com"] -subaccount_service_admins = ["jane.doe@test.com", "john.doe@test.com"] -custom_idp = "your custom idp" -launchpad_admins = ["jane.doe@test.com", "john.doe@test.com"] \ No newline at end of file diff --git a/in-development/mission_3774_sap_task_center/step_1/variables.tf b/in-development/mission_3774_sap_task_center/step_1/variables.tf deleted file mode 100644 index 0aec21b6..00000000 --- a/in-development/mission_3774_sap_task_center/step_1/variables.tf +++ /dev/null @@ -1,82 +0,0 @@ -###################################################################### -# Customer account setup -###################################################################### -variable "globalaccount" { - type = string - description = "Defines the global account" - default = "yourglobalaccount" -} - -variable "cli_server_url" { - type = string - description = "Defines the CLI server URL" - default = "https://cli.btp.cloud.sap" -} - -# subaccount -variable "subaccount_name" { - type = string - description = "The subaccount name." - default = "UC - Establish a Central Inbox with SAP Task Center" -} -variable "subaccount_id" { - type = string - description = "The subaccount ID." - default = "" -} -# Region -variable "region" { - type = string - description = "The region where the project account shall be created in." - default = "us10" -} - -variable "subaccount_admins" { - type = list(string) - description = "Defines the colleagues who are added to each subaccount as subaccount administrators." - default = ["jane.doe@test.com", "john.doe@test.com"] -} - -variable "subaccount_service_admins" { - type = list(string) - description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." - default = ["jane.doe@test.com", "john.doe@test.com"] -} - -variable "launchpad_admins" { - type = list(string) - description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." - default = ["jane.doe@test.com", "john.doe@test.com"] -} - -variable "custom_idp" { - type = string - description = "Defines the custom IdP" - default = "" -} - -variable "cf_environment_label" { - type = string - description = "In case there are multiple environments available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available." -} - -variable "cf_org_name" { - type = string - description = "Name of the Cloud Foundry org." - default = "mission-3774-sap-task-center" - - validation { - condition = can(regex("^.{1,255}$", var.cf_org_name)) - error_message = "The Cloud Foundry org name must not be emtpy and not exceed 255 characters." - } -} - -variable "service_plan__build_workzone" { - type = string - description = "The plan for build_workzone subscription" - default = "free" - validation { - condition = contains(["free", "standard"], var.service_plan__build_workzone) - error_message = "Invalid value for service_plan__build_workzone. Only 'free' and 'standard' are allowed." - } -} diff --git a/in-development/mission_3774_sap_task_center/step_2/README.md b/in-development/mission_3774_sap_task_center/step_2/README.md deleted file mode 100644 index 6c36090a..00000000 --- a/in-development/mission_3774_sap_task_center/step_2/README.md +++ /dev/null @@ -1,44 +0,0 @@ -# Sample Setup of an SAP Task Center on SAP BTP - Step 2 - -## Overview - -This directory contains the setup of SAP Task Center from scratch namely a new subaccount including the relevant entitlements, a Cloud Foundry environment and a Cloud Foundry space. - -This directory contains the configuration the first step of the setup namely: - -- Creation of service instance for SAP Task Center -- Creation of the service key for the service instance - -## Deploying the resources - -To deploy the resources of step 1 execute the following commands: - -1. Initialize your workspace: - - ```bash - terraform init - ``` - -1. Assign the variable values in a `*.tfvars` file e.g., the global account subdomain - -1. You can check what Terraform plans to apply based on your configuration: - - ```bash - terraform plan -var-file=".tfvars" - ``` - -1. Apply your configuration to provision the resources: - - ```bash - terraform apply -var-file=".tfvars" - ``` - -> **Note** - Some variables of the output of the first step are needed as input for the second step. - -## When finished - -You probably want to remove the assets after trying them out to avoid unnecessary costs. To do so execute the following command: - -```bash -terraform destroy -var-file=".tfvars" -``` \ No newline at end of file diff --git a/in-development/mission_3774_sap_task_center/step_2/main.tf b/in-development/mission_3774_sap_task_center/step_2/main.tf deleted file mode 100644 index cf357cf3..00000000 --- a/in-development/mission_3774_sap_task_center/step_2/main.tf +++ /dev/null @@ -1,108 +0,0 @@ -############################################################################################### -# Create the Cloud Foundry space -############################################################################################### -resource "cloudfoundry_space" "space" { - name = var.cf_space_name - org = var.cf_org_id # -} - -############################################################################################### -# assign user as space manager -############################################################################################### -resource "cloudfoundry_space_role" "cf_space_manager" { - username = var.cf_space_manager - type = "space_manager" - space = cloudfoundry_space.space.id - origin = "sap.ids" -} - - -############################################################################################### -# assign user as space developer -############################################################################################### -resource "cloudfoundry_space_role" "cf_space_developer" { - username = var.cf_space_developer - type = "space_developer" - space = cloudfoundry_space.space.id -} - -############################################################################################### -# Create service instance for taskcenter (one-inbox-service) -############################################################################################### -data "cloudfoundry_service" "srvc_taskcenter" { - name = "one-inbox-service" - # depends_on = [time_sleep.wait_a_few_seconds] -} - -resource "cloudfoundry_service_instance" "si_taskcenter" { - name = "sap-taskcenter" - type = "managed" - space = cloudfoundry_space.space.id - service_plan = data.cloudfoundry_service.srvc_taskcenter.service_plans["standard"] - depends_on = [cloudfoundry_space_role.cf_space_manager, cloudfoundry_space_role.cf_space_developer] - parameters = jsonencode({ - "authorities" : [], - "defaultCollectionQueryFilter" : "own" - - }) -} - -############################################################################################### -# Create service key -############################################################################################### -resource "random_id" "service_key_stc" { - byte_length = 12 -} -resource "cloudfoundry_service_credential_binding" "sap-taskcenter" { - type = "key" - name = join("_", ["defaultKey", random_id.service_key_stc.hex]) - service_instance = cloudfoundry_service_instance.si_taskcenter.id -} - -############################################################################################### -# Prepare and setup service: destination -############################################################################################### -# Entitle subaccount for usage of service destination -resource "btp_subaccount_entitlement" "destination" { - subaccount_id = var.subaccount_id - service_name = "destination" - plan_name = "lite" -} - -# Get serviceplan_id for stc-service with plan_name "default" -data "btp_subaccount_service_plan" "destination" { - subaccount_id = var.subaccount_id - offering_name = "destination" - name = "lite" - depends_on = [btp_subaccount_entitlement.destination] -} -# Create service instance -resource "btp_subaccount_service_instance" "destination" { - subaccount_id = var.subaccount_id - serviceplan_id = data.btp_subaccount_service_plan.destination.id - name = "destination" - depends_on = [data.btp_subaccount_service_plan.destination] - parameters = jsonencode({ - HTML5Runtime_enabled = true - init_data = { - subaccount = { - existing_destinations_policy = "update" - destinations = [ - { - Description = "[Do not delete] SAP Task Center - Dummy destination" - Type = "HTTP" - # clientId = "${jsondecode(cloudfoundry_service_credential_binding.sap-taskcenter)["uaa"]["clientid"]}" - # clientSecret = "${jsondecode(cloudfoundry_service_credential_binding.sap-taskcenter)["uaa"]["clientsecret"]}" - "HTML5.DynamicDestination" = true - Authentication = "OAuth2JWTBearer" - Name = "stc-destination" - # tokenServiceURL = "${jsondecode(cloudfoundry_service_credential_binding.sap-taskcenter)["uaa"]["url"]}" - ProxyType = "Internet" - # URL = "${jsondecode(cloudfoundry_service_credential_binding.sap-taskcenter.credentials)["url"]}" - tokenServiceURLType = "Dedicated" - } - ] - } - } - }) -} \ No newline at end of file diff --git a/in-development/mission_3774_sap_task_center/step_2/provider.tf b/in-development/mission_3774_sap_task_center/step_2/provider.tf deleted file mode 100644 index d97e6e97..00000000 --- a/in-development/mission_3774_sap_task_center/step_2/provider.tf +++ /dev/null @@ -1,21 +0,0 @@ -### -# Define the required providers for this module -### -terraform { - required_providers { - btp = { - source = "sap/btp" - } - cloudfoundry = { - source = "SAP/cloudfoundry" - version = "0.2.1-beta" - } - } -} -provider "btp" { - globalaccount = var.globalaccount - cli_server_url = var.cli_server_url -} -provider "cloudfoundry" { - api_url = var.cf_api_url -} diff --git a/in-development/mission_3774_sap_task_center/step_2/sample.tfvars b/in-development/mission_3774_sap_task_center/step_2/sample.tfvars deleted file mode 100644 index 08947faa..00000000 --- a/in-development/mission_3774_sap_task_center/step_2/sample.tfvars +++ /dev/null @@ -1,20 +0,0 @@ -# ------------------------------------------------------------------------------------------------------ -# Provider configuration -# ------------------------------------------------------------------------------------------------------ -# Your global account subdomain -globalaccount = "yourglobalaccount" -region = "datacenter" -subaccount_name = "subaccount_name" -cf_environment_label = "cf_environment_label" -cf_api_url = "cf api url" - -# ------------------------------------------------------------------------------------------------------ -# Project specific configuration (please adapt!) -# ------------------------------------------------------------------------------------------------------ - -cfsr_space_manager = "john.doe@test.com" -subaccount_admins = ["jane.doe@test.com", "john.doe@test.com"] -subaccount_service_admins = ["jane.doe@test.com", "john.doe@test.com"] -cfsr_space_developer = "john.doe@test.com" -custom_idp = "caias.accounts.ondemand.com" -launchpad_admins = ["jane.doe@test.com", "john.doe@test.com"] \ No newline at end of file diff --git a/in-development/mission_3774_sap_task_center/step_2/variables.tf b/in-development/mission_3774_sap_task_center/step_2/variables.tf deleted file mode 100644 index 3a04cb92..00000000 --- a/in-development/mission_3774_sap_task_center/step_2/variables.tf +++ /dev/null @@ -1,119 +0,0 @@ -###################################################################### -# Customer account setup -###################################################################### -variable "globalaccount" { - type = string - description = "Defines the global account" - default = "yourglobalaccount" -} - -variable "cli_server_url" { - type = string - description = "Defines the CLI server URL" - default = "https://cli.btp.cloud.sap" -} - -variable "cf_api_url" { - type = string - description = "Defines the CLI server URL" - default = "https://api.cf.us10.hana.ondemand.com/" -} - - -# subaccount -variable "subaccount_name" { - type = string - description = "The subaccount name." - default = "UC - Establish a Central Inbox with SAP Task Center" -} -variable "subaccount_id" { - type = string - description = "The subaccount ID." - default = "" -} -# Region -variable "region" { - type = string - description = "The region where the project account shall be created in." - default = "us10" -} -# Cloudfoundry environment label -variable "cf_environment_label" { - type = string - description = "The Cloudfoundry environment label" - default = "cf-us10" -} - -variable "subaccount_admins" { - type = list(string) - description = "Defines the colleagues who are added to each subaccount as subaccount administrators." - default = ["jane.doe@test.com", "john.doe@test.com"] -} - -variable "subaccount_service_admins" { - type = list(string) - description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." - default = ["jane.doe@test.com", "john.doe@test.com"] -} - -variable "launchpad_admins" { - type = list(string) - description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." - default = ["jane.doe@test.com", "john.doe@test.com"] -} - -variable "custom_idp" { - type = string - description = "Defines the custom IdP" - default = "" -} - -variable "environment_label" { - type = string - description = "In case there are multiple environments available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available." - default = "cf-us10" -} - -variable "cf_org_id" { - type = string - description = "The Cloud Foundry Org ID from the Cloud Foundry environment instance." -} - -variable "cf_org_name" { - type = string - description = "Name of the Cloud Foundry org." - default = "mission-3774-sap-task-center" - - validation { - condition = can(regex("^.{1,255}$", var.cf_org_name)) - error_message = "The Cloud Foundry org name must not be emtpy and not exceed 255 characters." - } -} - -variable "cf_space_name" { - type = string - description = "Name of the Cloud Foundry space." - default = "dev" -} - -variable "cf_space_manager" { - type = string - description = "Defines the user who are added as space manager." - default = "john.doe@test.com" -} - -variable "cf_space_developer" { - type = string - description = "Defines the user who are added as space developer." - default = "john.doe@test.com" -} - -variable "service_plan__build_workzone" { - type = string - description = "The plan for build_workzone subscription" - default = "free" - validation { - condition = contains(["free", "standard"], var.service_plan__build_workzone) - error_message = "Invalid value for service_plan__build_workzone. Only 'free' and 'standard' are allowed." - } -} From d4e5f5c94e05c7598bf49bd735e70adcfa5c44a0 Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Fri, 28 Jun 2024 10:29:58 +0000 Subject: [PATCH 17/18] adress review feedback --- .../mission_3774/step2/main.tf | 2 +- .../mission_3774/step2/sample.tfvars | 28 ++++++++----------- 2 files changed, 13 insertions(+), 17 deletions(-) diff --git a/released/discovery_center/mission_3774/step2/main.tf b/released/discovery_center/mission_3774/step2/main.tf index 14fa20cc..08c2fa4b 100644 --- a/released/discovery_center/mission_3774/step2/main.tf +++ b/released/discovery_center/mission_3774/step2/main.tf @@ -65,11 +65,11 @@ resource "cloudfoundry_service_instance" "si_taskcenter" { type = "managed" space = cloudfoundry_space.space.id service_plan = data.cloudfoundry_service.srvc_taskcenter.service_plans["standard"] - depends_on = [cloudfoundry_space_role.space_managers, cloudfoundry_space_role.space_developers] parameters = jsonencode({ "authorities" : [], "defaultCollectionQueryFilter" : "own" }) + depends_on = [cloudfoundry_space_role.space_managers, cloudfoundry_space_role.space_developers] } # ------------------------------------------------------------------------------------------------------ diff --git a/released/discovery_center/mission_3774/step2/sample.tfvars b/released/discovery_center/mission_3774/step2/sample.tfvars index 08947faa..cdbd2494 100644 --- a/released/discovery_center/mission_3774/step2/sample.tfvars +++ b/released/discovery_center/mission_3774/step2/sample.tfvars @@ -1,20 +1,16 @@ # ------------------------------------------------------------------------------------------------------ -# Provider configuration +# Provider configuration (this file will be either created automatically in step 1 or manually in step 2) # ------------------------------------------------------------------------------------------------------ -# Your global account subdomain -globalaccount = "yourglobalaccount" -region = "datacenter" -subaccount_name = "subaccount_name" -cf_environment_label = "cf_environment_label" -cf_api_url = "cf api url" +globalaccount = "yourglobalaccount" +cli_server_url = "https://cli.btp.cloud.sap" +subaccount_id = "yoursubacountid" +origin_key = "sap.ids" -# ------------------------------------------------------------------------------------------------------ -# Project specific configuration (please adapt!) -# ------------------------------------------------------------------------------------------------------ +cf_api_endpoint = "https://api.cf.us10.hana.ondemand.com" +cf_org_id = "your_cf_org_id" +cf_org_name = "your_cf_org_name" +cf_space_name = "dev" -cfsr_space_manager = "john.doe@test.com" -subaccount_admins = ["jane.doe@test.com", "john.doe@test.com"] -subaccount_service_admins = ["jane.doe@test.com", "john.doe@test.com"] -cfsr_space_developer = "john.doe@test.com" -custom_idp = "caias.accounts.ondemand.com" -launchpad_admins = ["jane.doe@test.com", "john.doe@test.com"] \ No newline at end of file +cf_org_admins = ["another.user@test.com"] +cf_space_developers = ["another.user@test.com", "you@test.com"] +cf_space_managers = ["another.user@test.com", "you@test.com"] From a31f12f70e762f9def9fc1d3229caa6e2d85e8e5 Mon Sep 17 00:00:00 2001 From: Rui Nogueira Date: Fri, 28 Jun 2024 10:33:11 +0000 Subject: [PATCH 18/18] remove unwanted change in different use case --- .../usecases/services_apps/sap_build_code/step1/variables.tf | 5 ----- 1 file changed, 5 deletions(-) diff --git a/released/usecases/services_apps/sap_build_code/step1/variables.tf b/released/usecases/services_apps/sap_build_code/step1/variables.tf index 7d04e88b..90e007f0 100644 --- a/released/usecases/services_apps/sap_build_code/step1/variables.tf +++ b/released/usecases/services_apps/sap_build_code/step1/variables.tf @@ -21,11 +21,6 @@ variable "cli_server_url" { default = "https://cli.btp.cloud.sap" } -variable "cf_api_endpoint" { - type = string - description = "The Cloud Foundry API endpoint from the Cloud Foundry environment instance." -} - variable "region" { type = string description = "The region where the subaccount shall be created in."