Add DC mission 4441 (SAP Build Code)

released/discovery_center/mission_4441/step1/README.md

@@ -0,0 +1,64 @@
+# Discovery Center Mission: Get Started with SAP Build Code and Joule using Generative AI (4441)
+
+## Overview
+
+This sample shows how to create a landscape for the Discovery Center Mission - [Get Started with SAP Build Code and Joule using Generative AI](https://discovery-center.cloud.sap/missiondetail/4441/)
+
+## Content of setup
+
+The setup comprises the following resources:
+
+- Creation of the SAP BTP subaccount
+- Entitlements of services
+- Subscriptions to applications
+- Role collection assignments to users
+- Management of users and roles on org and space level
+
+## Deploying the resources
+
+Make sure that you are familiar with SAP BTP and know both the [Get Started with btp-terraform-samples](https://github.com/SAP-samples/btp-terraform-samples/blob/main/GET_STARTED.md) and the [Get Started with the Terraform Provider for BTP](https://developers.sap.com/tutorials/btp-terraform-get-started.html)
+
+To deploy the resources you must:
+
+1. Set your credentials as environment variables
+
+   ```bash
+   export BTP_USERNAME ='<Email address of your BTP user>'
+   export BTP_PASSWORD ='<Password of your BTP user>'
+   export CF_USER ='<Email address of your BTP user>'
+   export BTP_PASSWORD ='<Password of your BTP user>'   
+   ```
+
+2. Change the variables in the `sample.tfvars` file to meet your requirements
+
+   > The minimal set of parameters you should specify (besides user_email and password) is global account (i.e. its subdomain) and the used custom_idp and all user assignments
+
+   > ⚠ NOTE: You should pay attention **specifically** to the users defined in the samples.tfvars whether they already exist in your SAP BTP accounts. Otherwise, you might get error messages like, e.g., `Error: The user could not be found: jane.doe@test.com`.
+
+
+3. Initialize your workspace:
+
+   ```bash
+   terraform init
+   ```
+
+4. You can check what Terraform plans to apply based on your configuration:
+
+   ```bash
+   terraform plan -var-file="sample.tfvars"
+   ```
+
+5. Apply your configuration to provision the resources:
+
+   ```bash
+   terraform apply -var-file="sample.tfvars"
+   ```
+   ```
+
+## In the end
+
+You probably want to remove the assets after trying them out to avoid unnecessary costs. To do so execute the following command:
+
+```bash
+terraform destroy -var-file="sample.tfvars"
+```

released/discovery_center/mission_4441/step1/outputs.tf

@@ -0,0 +1,55 @@
+output "globalaccount" {
+  value       = var.globalaccount
+  description = "The Global Account subdomain."
+}
+
+output "cli_server_url" {
+  value       = var.cli_server_url
+  description = "The BTP CLI server URL."
+}
+
+output "subaccount_id" {
+  value       = btp_subaccount.dc_mission.id
+  description = "The Global Account subdomain id."
+}
+
+output "cf_api_endpoint" {
+  value       = jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["API Endpoint"]
+  description = "The Cloudfoundry API endpoint."
+}
+
+
+output "cf_landscape_label" {
+  value       = terraform_data.cf_landscape_label.output
+  description = "The Cloudfoundry landscape label."
+}
+
+output "cf_org_id" {
+  value       = jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org ID"]
+  description = "The Cloudfoundry org id."
+}
+
+output "cf_org_name" {
+  value       = jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org Name"]
+  description = "The Cloudfoundry org name."
+}
+
+output "custom_idp" {
+  value       = var.custom_idp
+  description = "The custom identity provider."
+}
+
+output "cf_org_admins" {
+  value       = var.cf_org_admins
+  description = "List of users to set as Cloudfoundry org administrators."
+}
+
+output "cf_space_developers" {
+  value       = var.cf_space_developers
+  description = "List of users to set as Cloudfoundry space developers."
+}
+
+output "cf_space_managers" {
+  value       = var.cf_space_managers
+  description = "List of users to set as Cloudfoundry space managers."
+}

released/discovery_center/mission_4441/step1/provider.tf

@@ -0,0 +1,13 @@
+terraform {
+  required_providers {
+    btp = {
+      source  = "SAP/btp"
+      version = "~> 1.4.0"
+    }
+  }
+}
+
+provider "btp" {
+  globalaccount  = var.globalaccount
+  cli_server_url = var.cli_server_url
+}

released/discovery_center/mission_4441/step1/sample.tfvars

@@ -0,0 +1,29 @@
+# ------------------------------------------------------------------------------------------------------
+# Provider configuration
+# ------------------------------------------------------------------------------------------------------
+# Your global account subdomain
+globalaccount = "xxxxxxxx-xxxxxxx-xxxxxxx-xxxxxxxx-xxxxxx"
+
+# The CLI server URL (needs to be set to null if you are using the default CLI server)
+cli_server_url = null
+
+# Region for your subaccount
+region = "us10"
+
+# Name of your sub account
+subaccount_name = "SAP Discovery Center Mission 4441 (SAP Build Code)"
+
+# ------------------------------------------------------------------------------------------------------
+# Create tfvars file for the step 2
+# ------------------------------------------------------------------------------------------------------
+create_tfvars_file_for_step2 = true
+
+# ------------------------------------------------------------------------------------------------------
+# USER ROLES
+# ------------------------------------------------------------------------------------------------------
+subaccount_admins     = ["another.user@test.com"]
+cf_org_admins         = ["another.user@test.com"]
+cf_space_manager      = ["another.user@test.com", "you@test.com"]
+cf_space_developer    = ["another.user@test.com", "you@test.com"]
+build_code_admins     = ["another.user@test.com", "you@test.com"]
+build_code_developers = ["another.user@test.com", "you@test.com"]

released/discovery_center/mission_4441/step1/variables.tf

@@ -0,0 +1,167 @@
+variable "globalaccount" {
+  type        = string
+  description = "The globalaccount subdomain where the sub account shall be created."
+}
+
+variable "subaccount_id" {
+  type        = string
+  description = "The subaccount ID."
+  default     = ""
+}
+
+variable "subaccount_name" {
+  type        = string
+  description = "The subaccount name."
+  default     = "My SAP Build Code subaccount."
+}
+
+variable "cli_server_url" {
+  type        = string
+  description = "The BTP CLI server URL."
+  default     = "https://cli.btp.cloud.sap"
+}
+
+variable "custom_idp" {
+  type        = string
+  description = "Defines the custom IdP"
+  default     = ""
+}
+
+variable "origin" {
+  type        = string
+  description = "Defines the origin key of the identity provider"
+  default     = "sap.ids"
+  # The value for the origin_key can be defined
+  # but are normally set to "sap.ids", "sap.default" or "sap.custom"
+}
+
+
+variable "cf_org_name" {
+  type        = string
+  description = "Name of the Cloud Foundry org."
+  default     = "mission-4441-sap-build-code"
+
+  validation {
+    condition     = can(regex("^.{1,255}$", var.cf_org_name))
+    error_message = "The Cloud Foundry org name must not be emtpy and not exceed 255 characters."
+  }
+}
+
+
+
+
+variable "cf_space_name" {
+  type        = string
+  description = "Name of the Cloud Foundry space."
+  default     = "dev"
+
+  validation {
+    condition     = can(regex("^.{1,255}$", var.cf_space_name))
+    error_message = "The Cloud Foundry space name must not be emtpy and not exceed 255 characters."
+  }
+}
+
+variable "region" {
+  type        = string
+  description = "The region where the subaccount shall be created in."
+  default     = "us10"
+}
+
+variable "subaccount_admins" {
+  type        = list(string)
+  description = "Defines the colleagues who are added to each subaccount as emergency administrators."
+
+  # add validation to check if admins contains a list of valid email addresses
+  validation {
+    condition     = length([for email in var.subaccount_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.subaccount_admins)
+    error_message = "Please enter a valid email address for the subaccount admins."
+  }
+}
+
+variable "subaccount_service_admins" {
+  type        = list(string)
+  description = "Defines the colleagues who are added to each subaccount as subaccount service administrators."
+  default     = ["jane.doe@test.com", "john.doe@test.com"]
+
+  # add validation to check if admins contains a list of valid email addresses
+  validation {
+    condition     = length([for email in var.subaccount_service_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.subaccount_service_admins)
+    error_message = "Please enter a valid email address for the CF space managers."
+  }
+}
+
+variable "cf_org_admins" {
+  type        = list(string)
+  description = "List of users to set as Cloudfoundry org administrators."
+
+  # add validation to check if admins contains a list of valid email addresses
+  validation {
+    condition     = length([for email in var.cf_org_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_org_admins)
+    error_message = "Please enter a valid email address for the CF Org admins."
+  }
+}
+
+variable "cf_space_managers" {
+  type        = list(string)
+  description = "Defines the colleagues who are added to a CF space as space manager."
+
+  # add validation to check if admins contains a list of valid email addresses
+  validation {
+    condition     = length([for email in var.cf_space_managers : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_managers)
+    error_message = "Please enter a valid email address for the CF space managers."
+  }
+}
+
+variable "cf_space_developers" {
+  type        = list(string)
+  description = "Defines the colleagues who are added to a CF space as space developer."
+
+  # add validation to check if admins contains a list of valid email addresses
+  validation {
+    condition     = length([for email in var.cf_space_developers : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cf_space_developers)
+    error_message = "Please enter a valid email address for the CF space developers."
+  }
+}
+
+
+
+variable "build_code_admins" {
+  type        = list(string)
+  description = "Defines the colleagues who are admins for SAP Build Code."
+
+  # add validation to check if admins contains a list of valid email addresses
+  validation {
+    condition     = length([for email in var.build_code_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.build_code_admins)
+    error_message = "Please enter a valid email address for the Build Code admins."
+  }
+}
+variable "build_code_developers" {
+  type        = list(string)
+  description = "Defines the colleagues who are developers for SAP Build Code."
+
+  # add validation to check if admins contains a list of valid email addresses
+  validation {
+    condition     = length([for email in var.build_code_developers : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.build_code_developers)
+    error_message = "Please enter a valid email address for the Build Code developers."
+  }
+}
+
+variable "cf_landscape_label" {
+  type        = string
+  description = "In case there are multiple environments available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available."
+  default     = ""
+}
+
+variable "origin_key" {
+  type        = string
+  description = "Defines the origin key of the identity provider"
+  default     = "sap.ids"
+  # The value for the origin_key can be defined
+  # but are normally set to "sap.ids", "sap.default" or "sap.custom"
+}
+
+variable "create_tfvars_file_for_step2" {
+  type        = bool
+  description = "Switch to enable the creation of the tfvars file for step 2."
+  default     = false
+}

released/discovery_center/mission_4441/step2/README.md

@@ -0,0 +1,55 @@
+# Setting up a subaccount with the SAP Build Code deployed - Step 2
+
+## Overview
+
+This script shows how to create a SAP BTP subaccount with `SAP Build Code` deployed. Step 2 comprises all activities that depend on the Cloud Foundry environment created in step 1.
+
+## Deploying the resources
+
+To deploy the resources you must:
+
+1. If you did not create a `tfvars` file in step 1 (via the variable `create_tfvars_file_for_step2`) you must manually Take the output of step 1 and transfer it in a `tfvars` file e.g. `sample.tfvars` file to meet your requirements. Of course you can also further adjust the generated `tfvars` file from step 1.
+
+2. If not already done in step 1, initialize your workspace:
+
+   ```bash
+   terraform init
+   ```
+
+3. You can check what Terraform plans to apply based on your configuration. If you use the generated `tfvars` file from step 1 you do not need need to explicitly add the filename to the command:
+
+   ```bash
+   terraform plan 
+   ```
+
+   In case you manually created the `tfvars` file you need to add the filename to the command:
+
+   ```bash
+   terraform plan -var-file="sample.tfvars" 
+   ```
+
+4. According to the variants of step 3. apply your configuration to provision the resources either via:
+
+   ```bash
+   terraform apply
+   ```
+
+   or via:
+
+   ```bash
+   terraform apply -var-file="sample.tfvars"
+   ```
+
+## In the end
+
+You probably want to remove the assets after trying them out to avoid unnecessary costs. To do so execute the command fitting your setup:
+
+```bash
+terraform destroy 
+```
+
+or:
+
+```bash
+terraform destroy -var-file="sample.tfvars" 
+```