Mission 3585 qas

released/discovery_center/mission_3585/README.md → released/discovery_center/mission_3585/step1/README.md

@@ -1,8 +1,8 @@
-# Discovery Center mission - Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App
+# Discovery Center mission - Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App (Step 1)
 
 ## Overview
 
-This sample shows how to set up your SAP BTP account for the Discovery Center Mission - [Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App](https://discovery-center.cloud.sap/missiondetail/3585/)
+Step 1 of this sample shows how to set up your SAP BTP account for the Discovery Center Mission - [Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App](https://discovery-center.cloud.sap/missiondetail/3585/)
 
 ## Content of setup
 
@@ -23,25 +23,20 @@ Make sure that you are familiar with SAP BTP and know both the [Get Started with
 
 To deploy the resources you must:
 
-1. Create a file `secret.auto.tfvars` and maintain the credentials for the BTP provider
+1. Set the environment variables BTP_USERNAME and BTP_PASSWORD to pass credentials to the BTP provider to authenticate and interact with your BTP environments. 
 
-   ```hcl
-   user_email = "<Email address of your BTP user>"
-   password = "<Password of your BTP user>"
-   ```
-   as an alternative you can set these credentials also as environment variables
-
    ```bash
-   export user_email ='<Email address of your BTP user>'
-   export password ='<Password of your BTP user>'
+   export BTP_USERNAME=<your_username>
+   export BTP_PASSWORD=<your_password>
    ```
 
-3. Change the variables in the `sample.tfvars` file to meet your requirements
+2. Change the variables in the `sample.tfvars` file to meet your requirements
 
-   > The minimal set of parameters you should specify (besides user_email and password) is global account (i.e. its subdomain) and the used custom_idp and all user assignments
+   > The minimal set of parameters you should specify (besides user email and password) is global account (i.e. its subdomain) and the used custom_idp and all user assignments
 
    > ⚠ NOTE: You should pay attention **specifically** to the users defined in the samples.tfvars whether they already exist in your SAP BTP accounts. Otherwise, you might get error messages like, e.g., `Error: The user could not be found: jane.doe@test.com`.
 
+3. The outputs of this `step1` will be needed for the `step2` of this use case. In case you want to create a file with the content of the variables, you should set the variable `create_tfvars_file_for_next_step` to `true`. This will create a `terraform.tfvars` file in the `step2` folder.
 
 4. Initialize your workspace:
 
@@ -60,3 +55,11 @@ To deploy the resources you must:
    ```bash
    terraform apply -var-file="sample.tfvars"
    ```
+
+## When finished
+
+You probably want to remove the assets after trying them out to avoid unnecessary costs. To do so execute the following command:
+
+```bash
+terraform destroy -var-file="sample.tfvars"
+```

released/discovery_center/mission_3585/main.tf → released/discovery_center/mission_3585/step1/main.tf

@@ -27,7 +27,7 @@ data "btp_subaccount_environments" "all" {
 # (this replaces the previous null_resource)
 # ------------------------------------------------------------------------------------------------------
 resource "terraform_data" "replacement" {
-  input = length(var.cf_environment_label) > 0 ? var.cf_environment_label : [for env in data.btp_subaccount_environments.all.values : env if env.service_name == "cloudfoundry" && env.environment_type == "cloudfoundry"][0].landscape_label
+  input = length(var.cf_landscape_label) > 0 ? var.cf_landscape_label : [for env in data.btp_subaccount_environments.all.values : env if env.service_name == "cloudfoundry" && env.environment_type == "cloudfoundry"][0].landscape_label
 }
 # ------------------------------------------------------------------------------------------------------
 # Create the Cloud Foundry environment instance
@@ -45,6 +45,18 @@ resource "btp_subaccount_environment_instance" "cf" {
   })
 }
 
+###############################################################################################
+# Prepare CF
+###############################################################################################
+# Entitle subaccount for usage of cf runtime
+
+resource "btp_subaccount_entitlement" "cf_runtime" {
+  subaccount_id = btp_subaccount.dc_mission.id
+  service_name  = "APPLICATION_RUNTIME"
+  plan_name     = "MEMORY"
+  amount        = 1
+}
+
 # ------------------------------------------------------------------------------------------------------
 # SERVICES
 # ------------------------------------------------------------------------------------------------------
@@ -206,3 +218,24 @@ resource "btp_subaccount_role_collection_assignment" "cicd_developers" {
   user_name            = each.value
   depends_on           = [btp_subaccount_subscription.cicd_app]
 }
+
+
+# ------------------------------------------------------------------------------------------------------
+# Create tfvars file for step 2 (if variable `create_tfvars_file_for_step2` is set to true)
+# ------------------------------------------------------------------------------------------------------
+resource "local_file" "output_vars_step1" {
+  count    = var.create_tfvars_file_for_next_step ? 1 : 0
+  content  = <<-EOT
+      cf_api_url           = "${jsondecode(btp_subaccount_environment_instance.cf.labels)["API Endpoint"]}"
+
+      cf_org_id            = "${jsondecode(btp_subaccount_environment_instance.cf.labels)["Org ID"]}"
+
+      cf_origin            = "${var.cf_origin}"
+
+      cf_space_name        = "${var.cf_space_name}"
+
+      cf_org_admins        = ${jsonencode(var.cf_org_admins)}
+
+      EOT
+  filename = "../step2/terraform.tfvars"
+}

released/discovery_center/mission_3585/outputs.tf → released/discovery_center/mission_3585/step1/outputs.tf

@@ -3,21 +3,21 @@ output "globalaccount" {
   description = "The Global Account subdomain."
 }
 
-output "cli_server_url" {
-  value       = var.cli_server_url
-  description = "The BTP CLI server URL."
-}
-
 output "subaccount_id" {
   value       = btp_subaccount.dc_mission.id
   description = "The Global Account subdomain id."
 }
 
-output "cf_api_endpoint" {
+output "cf_api_url" {
   value       = jsondecode(btp_subaccount_environment_instance.cf.labels)["API Endpoint"]
   description = "The Cloudfoundry API endpoint."
 }
 
+output "cf_landscape_label" {
+  value       = terraform_data.replacement.output
+  description = "The Cloudfoundry landscape label."
+}
+
 output "cf_org_id" {
   value       = jsondecode(btp_subaccount_environment_instance.cf.labels)["Org ID"]
   description = "The Cloudfoundry org id."

released/discovery_center/mission_3585/provider.tf → released/discovery_center/mission_3585/step1/provider.tf

@@ -8,6 +8,9 @@ terraform {
 }
 
 provider "btp" {
+  # Comment out the idp in case you need it to connect to your global account
+  # -------------------------------------------------------------------------
+  # idp            = var.custom_idp
   globalaccount  = var.globalaccount
   cli_server_url = var.cli_server_url
 }

released/discovery_center/mission_3585/sample.tfvars → released/discovery_center/mission_3585/step1/sample.tfvars

@@ -26,3 +26,6 @@ cicd_developers = ["another.user@test.com", "you@test.com"]
 
 bas_admins     = ["another.user@test.com", "you@test.com"]
 bas_developers = ["another.user@test.com", "you@test.com"]
+
+# Create variables file for step 2 (disabled by default)
+create_tfvars_file_for_next_step = true

released/discovery_center/mission_3585/variables.tf → released/discovery_center/mission_3585/step1/variables.tf

@@ -32,17 +32,6 @@ variable "subaccount_admins" {
   }
 }
 
-variable "cf_org_admins" {
-  type        = list(string)
-  description = "List of users to set as Cloudfoundry org administrators."
-
-  # add validation to check if admins contains a list of valid email addresses
-  validation {
-    condition     = length([for email in var.cf_org_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_org_admins)
-    error_message = "Please enter a valid email address for the CF Org admins."
-  }
-}
-
 variable "launchpad_admins" {
   type        = list(string)
   description = "Defines the colleagues who are Launchpad Admins."
@@ -98,14 +87,45 @@ variable "cicd_admins" {
   }
 }
 
-variable "cf_environment_label" {
+variable "cf_org_admins" {
+  type        = list(string)
+  description = "List of users to set as Cloudfoundry org administrators."
+
+  # add validation to check if admins contains a list of valid email addresses
+  validation {
+    condition     = length([for email in var.cf_org_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_org_admins)
+    error_message = "Please enter a valid email address for the CF Org admins."
+  }
+}
+
+variable "cf_origin" {
   type        = string
-  description = "In case there are multiple environments available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available."
+  description = "Defines the origin key of the identity provider"
+  default     = "sap.ids"
+  # The value for the cf_origin can be defined
+  # but are normally set to "sap.ids", "sap.default" or "sap.custom"
+}
+
+variable "cf_landscape_label" {
+  type        = string
+  description = "In case there are multiple landscapes available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available."
   default     = ""
 }
 
+variable "cf_space_name" {
+  type        = string
+  description = "The Cloud Foundry space name to use"
+  default     = "dev"
+}
+
 variable "custom_idp" {
   type        = string
   description = "The custom identity provider for the subaccount."
   default     = "sap.ids"
 }
+
+variable "create_tfvars_file_for_next_step" {
+  type        = bool
+  description = "Switch to enable the creation of the tfvars file for step 2."
+  default     = false
+}

released/discovery_center/mission_3585/step2/README.md

@@ -0,0 +1,58 @@
+# Discovery Center mission - Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App (Step 2)
+
+## Overview
+
+Step 2 of this sample shows how to Cloud Foundry environment for the Discovery Center Mission - [Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App](https://discovery-center.cloud.sap/missiondetail/3585/)
+
+## Content of setup
+
+This setup step comprises the following resources:
+
+- Creation of a Cloud Foundry space
+- Cloud Foundry role assignments to users
+
+## Deploying the resources
+
+Make sure that you are familiar with SAP BTP and know both the [Get Started with btp-terraform-samples](https://github.com/SAP-samples/btp-terraform-samples/blob/main/GET_STARTED.md) and the [Get Started with the Terraform Provider for BTP](https://developers.sap.com/tutorials/btp-terraform-get-started.html)
+
+To deploy the resources you must:
+
+1. Set the environment variables CF_USER and CF_PASSWORD to pass credentials to the Cloud Foundry provider to authenticate and interact with your Cloud Foundry environment instance. 
+
+   ```bash
+   export CF_USER=<your_username>
+   export CF_PASSWORD=<your_password>
+   ```
+
+2. Change the variables in the `sample.tfvars` file to meet your requirements
+
+   > The minimal set of parameters you should specify (besides user_email and password) is Cloud Foundry API URL and all Cloud Foundry user assignments
+
+   > ⚠ NOTE: You should pay attention **specifically** to the users defined in the samples.tfvars whether they already exist in your SAP BTP accounts. Otherwise, you might get error messages like, e.g., `Error: The user could not be found: jane.doe@test.com`.
+
+
+3. Initialize your workspace:
+
+   ```bash
+   terraform init
+   ```
+
+4. You can check what Terraform plans to apply based on your configuration:
+
+   ```bash
+   terraform plan -var-file="sample.tfvars"
+   ```
+
+5. Apply your configuration to provision the resources:
+
+   ```bash
+   terraform apply -var-file="sample.tfvars"
+   ```
+
+## When finished
+
+You probably want to remove the assets after trying them out to avoid unnecessary costs. To do so execute the following command:
+
+```bash
+terraform destroy -var-file="sample.tfvars"
+```

released/discovery_center/mission_3585/step2/main.tf

@@ -0,0 +1,32 @@
+# ------------------------------------------------------------------------------------------------------
+# Create the Cloud Foundry space
+# ------------------------------------------------------------------------------------------------------
+resource "cloudfoundry_space" "space" {
+  name = var.cf_space_name
+  org  = var.cf_org_id
+}
+
+# ------------------------------------------------------------------------------------------------------
+#  USERS AND ROLES
+# ------------------------------------------------------------------------------------------------------
+#
+# ------------------------------------------------------------------------------------------------------
+# Assign CF Org roles to the admin users
+# ------------------------------------------------------------------------------------------------------
+# Define Org User role
+resource "cloudfoundry_org_role" "organization_user" {
+  for_each = toset("${var.cf_org_admins}")
+  username = each.value
+  type     = "organization_user"
+  org      = var.cf_org_id
+  origin   = var.cf_origin
+}
+# Define Org Manager role
+resource "cloudfoundry_org_role" "organization_manager" {
+  for_each   = toset("${var.cf_org_admins}")
+  username   = each.value
+  type       = "organization_manager"
+  org        = var.cf_org_id
+  origin     = var.cf_origin
+  depends_on = [cloudfoundry_org_role.organization_user]
+}

released/discovery_center/mission_3585/step2/provider.tf

@@ -0,0 +1,15 @@
+###
+# Define the required providers for this module
+###
+terraform {
+  required_providers {
+    cloudfoundry = {
+      source  = "SAP/cloudfoundry"
+      version = "0.2.1-beta"
+    }
+  }
+}
+
+provider "cloudfoundry" {
+  api_url = var.cf_api_url
+}

released/discovery_center/mission_3585/step2/sample.tfvars

@@ -0,0 +1,8 @@
+# ------------------------------------------------------------------------------------------------------
+# Provider configuration (this file will be either created automatically in step 1 or manually in step 2)
+# ------------------------------------------------------------------------------------------------------
+cf_origin     = "sap.ids"
+cf_api_url    = "https://api.cf.us10.hana.ondemand.com"
+cf_org_id     = "your_cf_org_id"
+cf_space_name = "dev"
+cf_org_admins = ["another.user@test.com"]

released/discovery_center/mission_3585/step2/variables.tf

@@ -0,0 +1,34 @@
+variable "cf_api_url" {
+  type        = string
+  description = "The API URL of the Cloud Foundry environment instance."
+}
+
+variable "cf_org_admins" {
+  type        = list(string)
+  description = "List of users to set as Cloudfoundry org administrators."
+
+  # add validation to check if admins contains a list of valid email addresses
+  validation {
+    condition     = length([for email in var.cf_org_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_org_admins)
+    error_message = "Please enter a valid email address for the CF Org admins."
+  }
+}
+
+variable "cf_org_id" {
+  type        = string
+  description = "The Cloud Foundry Org ID to use."
+}
+
+variable "cf_origin" {
+  type        = string
+  description = "Defines the origin key of the identity provider"
+  default     = "sap.ids"
+  # The value for the cf_origin can be defined
+  # but are normally set to "sap.ids", "sap.default" or "sap.custom"
+}
+
+variable "cf_space_name" {
+  type        = string
+  description = "The Cloud Foundry Space name to use."
+  default     = "dev"
+}