4441_trial: Polishing the QAS enabled Mission

released/discovery_center/mission_4441_trial/README.md

@@ -2,7 +2,23 @@
 
 ## Overview
 
-This sample shows how to create a landscape for the Discovery Center Mission - [Get Started with SAP Build Code and Joule using Generative AI](https://discovery-center.cloud.sap/missiondetail/4441/) for a Trial account.
+This sample shows how to setup your SAP BTP account for the Discovery Center Mission - [Get Started with SAP Build Code and Joule using Generative AI](https://discovery-center.cloud.sap/missiondetail/4441/) for your trial account.
+
+The respective setup of an Enterprise account is described in [SAP-samples/btp-terraform-samples/tree/main/released/discovery_center/mission_4441/README.md](https://github.com/SAP-samples/btp-terraform-samples/blob/main/released/discovery_center/mission_4441/full_setup_enterprise/step1/README.md)
+
+## Important: Trial Account Prerequisites
+Contrary to an Enterprise account (where the setup will happen in a newly created subaccount, where entitlements are added), we make the assumption that in your trial account there is already a subaccount (by default named 'trial') with all the required service entitlements and not already in use!
+
+In a newly created trial account this is already true and you are good to go immediately with this setup. 
+
+But if you have already used services and/or setup subscriptions in your trial account, you have to make sure that you free up these resources to start with this setup here (i.e. delete the corresponding services/subscriptions used for this Discover Center Mission setup). Otherwise the setup would fail!
+
+For this mission setup the following resources (services, subscriptions, etc.) are used: 
+
+- SAP Build Code (Subscription)
+
+You could delete these resources in your [BTP Trial Cockpit](https://cockpit.btp.cloud.sap/trial) on the corresponding trial subaccount pages
+- Services > Instances and Subscriptions
 
 ## Content of setup
 
@@ -15,7 +31,7 @@ The setup comprises the following resources:
 
 ## Deploying the resources
 
-Make sure that you are familiar with SAP BTP and know both the [Get Started with btp-terraform-samples](https://github.com/SAP-samples/btp-terraform-samples/blob/main/GET_STARTED.md) and the [Get Started with the Terraform Provider for BTP](https://developers.sap.com/tutorials/btp-terraform-get-started.html)
+Make sure that (1.) your trial account fulfills the above described important trial prerequisites and (2.) you are familiar with SAP BTP and know both the [Get Started with btp-terraform-samples](https://github.com/SAP-samples/btp-terraform-samples/blob/main/GET_STARTED.md) and the [Get Started with the Terraform Provider for BTP](https://developers.sap.com/tutorials/btp-terraform-get-started.html)
 
 To deploy the resources you must:
 

released/discovery_center/mission_4441_trial/main.tf

@@ -1,49 +1,76 @@
 # ------------------------------------------------------------------------------------------------------
-# SUBACCOUNT SETUP
+# Subaccount setup for DC mission 4441 (trial)
 # ------------------------------------------------------------------------------------------------------
-data "btp_subaccounts" "all" {}
+# Setup subaccount domain (to ensure uniqueness in BTP global account)
+resource "random_uuid" "uuid" {}
 
-resource "terraform_data" "dc_mission_subaccount" {
-  input = [for subaccount in data.btp_subaccounts.all.values : subaccount if subaccount.name == "trial"][0]
+locals {
+  random_uuid       = random_uuid.uuid.result
+  subaccount_domain = "dcmission4441trial${local.random_uuid}"
 }
 
+# ------------------------------------------------------------------------------------------------------
+# Creation of subaccount
+# ------------------------------------------------------------------------------------------------------
+resource "btp_subaccount" "dc_mission" {
+  count = var.subaccount_id == "" ? 1 : 0
+
+  name      = var.subaccount_name
+  subdomain = local.subaccount_domain
+  region    = var.region
+}
+
+data "btp_subaccount" "dc_mission" {
+  id = var.subaccount_id != "" ? var.subaccount_id : btp_subaccount.dc_mission[0].id
+}
+
+
 # ------------------------------------------------------------------------------------------------------
 # APP SUBSCRIPTIONS
 # ------------------------------------------------------------------------------------------------------
 #
+locals {
+  service_name__build_code = "build-code"
+}
 # ------------------------------------------------------------------------------------------------------
-# Setup build-code
+# Setup build-code (SAP Build Code)
 # ------------------------------------------------------------------------------------------------------
 # Entitle
 resource "btp_subaccount_entitlement" "build_code" {
-  subaccount_id = terraform_data.dc_mission_subaccount.output.id
-  service_name  = "build-code"
-  plan_name     = "free"
+  subaccount_id = data.btp_subaccount.dc_mission.id
+  service_name  = local.service_name__build_code
+  plan_name     = var.service_plan__build_code
   amount        = 1
 }
 # Subscribe
 resource "btp_subaccount_subscription" "build_code" {
-  subaccount_id = terraform_data.dc_mission_subaccount.output.id
-  app_name      = "build-code"
-  plan_name     = "free"
+  subaccount_id = data.btp_subaccount.dc_mission.id
+  app_name      = local.service_name__build_code
+  plan_name     = var.service_plan__build_code
   depends_on    = [btp_subaccount_entitlement.build_code]
 }
 
 # ------------------------------------------------------------------------------------------------------
 #  USERS AND ROLES
 # ------------------------------------------------------------------------------------------------------
 #
+locals {
+  build_code_admins     = var.build_code_admins
+  build_code_developers = var.build_code_developers
+}
+
 # Get all available subaccount roles
 data "btp_subaccount_roles" "all" {
-  subaccount_id = terraform_data.dc_mission_subaccount.output.id
+  subaccount_id = data.btp_subaccount.dc_mission.id
   depends_on    = [btp_subaccount_subscription.build_code]
 }
+
 # ------------------------------------------------------------------------------------------------------
 # Assign role collection for Build Code Administrator
 # ------------------------------------------------------------------------------------------------------
 # Assign roles to the role collection "Build Code Administrator"
 resource "btp_subaccount_role_collection" "build_code_administrator" {
-  subaccount_id = terraform_data.dc_mission_subaccount.output.id
+  subaccount_id = data.btp_subaccount.dc_mission.id
   name          = "Build Code Administrator"
   description   = "The role collection for an administrator on SAP Build Code"
 
@@ -58,9 +85,10 @@ resource "btp_subaccount_role_collection" "build_code_administrator" {
 # Assign users to the role collection "Build Code Administrator"
 resource "btp_subaccount_role_collection_assignment" "build_code_administrator" {
   for_each             = toset("${var.build_code_admins}")
-  subaccount_id        = terraform_data.dc_mission_subaccount.output.id
+  subaccount_id        = data.btp_subaccount.dc_mission.id
   role_collection_name = "Build Code Administrator"
   user_name            = each.value
+  origin               = "sap.default"
   depends_on           = [btp_subaccount_role_collection.build_code_administrator]
 }
 
@@ -69,7 +97,7 @@ resource "btp_subaccount_role_collection_assignment" "build_code_administrator"
 # ------------------------------------------------------------------------------------------------------
 # Create role collection "Build Code Developer"  
 resource "btp_subaccount_role_collection" "build_code_developer" {
-  subaccount_id = terraform_data.dc_mission_subaccount.output.id
+  subaccount_id = data.btp_subaccount.dc_mission.id
   name          = "Build Code Developer"
   description   = "The role collection for a developer on SAP Build Code"
 
@@ -84,8 +112,9 @@ resource "btp_subaccount_role_collection" "build_code_developer" {
 # Assign users to the role collection "Build Code Developer"
 resource "btp_subaccount_role_collection_assignment" "build_code_developer" {
   for_each             = toset("${var.build_code_developers}")
-  subaccount_id        = terraform_data.dc_mission_subaccount.output.id
+  subaccount_id        = data.btp_subaccount.dc_mission.id
   role_collection_name = "Build Code Developer"
   user_name            = each.value
+  origin               = "sap.default"
   depends_on           = [btp_subaccount_role_collection.build_code_developer]
 }

released/discovery_center/mission_4441_trial/outputs.tf

@@ -1,16 +1,6 @@
-output "globalaccount" {
-  value       = var.globalaccount
-  description = "The Global Account subdomain."
-}
-
-output "cli_server_url" {
-  value       = var.cli_server_url
-  description = "The BTP CLI server URL."
-}
-
 output "subaccount_id" {
-  value       = terraform_data.dc_mission_subaccount.output.id
-  description = "The Global Account subdomain id."
+  value       = data.btp_subaccount.dc_mission.id
+  description = "The ID of the subaccount where dc mission is set up."
 }
 
 output "build_code_subscription_url" {

released/discovery_center/mission_4441_trial/sample.tfvars

@@ -1,14 +1,16 @@
 # ------------------------------------------------------------------------------------------------------
-# Provider configuration
+# Account settings
 # ------------------------------------------------------------------------------------------------------
 # Your global account subdomain
-globalaccount = "xxxxxxxxtrial-ga"
+globalaccount = "<your-globalaccount-subdomain>" // <xxxxxxxx>trial-ga
 
-# The CLI server URL (needs to be set to null if you are using the default CLI server)
-cli_server_url = null
+# Region for your trial subaccount
+region = "us10"
+
+subaccount_id = "<your trial Subaccount ID>"
 
 # ------------------------------------------------------------------------------------------------------
-# USER ROLES
+# Use case specific role assignments
 # ------------------------------------------------------------------------------------------------------
 build_code_admins     = ["another.user@test.com", "you@test.com"]
-build_code_developers = ["another.user@test.com", "you@test.com"]
+build_code_developers = ["another.user@test.com", "you@test.com"]

released/discovery_center/mission_4441_trial/variables.tf

@@ -1,43 +1,56 @@
+# ------------------------------------------------------------------------------------------------------
+# Account variables
+# ------------------------------------------------------------------------------------------------------
 variable "globalaccount" {
   type        = string
   description = "The globalaccount subdomain where the sub account shall be created."
 }
 
-variable "subaccount_id" {
+variable "cli_server_url" {
   type        = string
-  description = "The subaccount ID."
-  default     = ""
+  description = "The BTP CLI server URL."
+  default     = "https://cli.btp.cloud.sap"
+}
+
+variable "region" {
+  type        = string
+  description = "The region where the subaccount shall be created in."
+  default     = "us10"
 }
 
 variable "subaccount_name" {
   type        = string
   description = "The subaccount name."
-  default     = "My SAP Build Code subaccount."
+  default     = "My SAP DC mission subaccount."
 }
 
-variable "cli_server_url" {
+variable "subaccount_id" {
   type        = string
-  description = "The BTP CLI server URL."
-  default     = "https://cli.btp.cloud.sap"
+  description = "The subaccount ID."
+  default     = ""
+}
+
+# ------------------------------------------------------------------------------------------------------
+# app subscription plans
+# ------------------------------------------------------------------------------------------------------
+variable "service_plan__build_code" {
+  type        = string
+  description = "The plan for service 'SAP Build Code' with technical name 'build-code'"
+  default     = "free"
+  validation {
+    condition     = contains(["free"], var.service_plan__build_code)
+    error_message = "Invalid value for service_plan__build_code. Only 'free' is allowed."
+  }
 }
 
+# ------------------------------------------------------------------------------------------------------
+# User lists
+# ------------------------------------------------------------------------------------------------------
 variable "build_code_admins" {
   type        = list(string)
   description = "Defines the colleagues who are admins for SAP Build Code."
-
-  # add validation to check if admins contains a list of valid email addresses
-  validation {
-    condition     = length([for email in var.build_code_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.build_code_admins)
-    error_message = "Please enter a valid email address for the Build Code admins."
-  }
 }
 variable "build_code_developers" {
   type        = list(string)
   description = "Defines the colleagues who are developers for SAP Build Code."
-
-  # add validation to check if admins contains a list of valid email addresses
-  validation {
-    condition     = length([for email in var.build_code_developers : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.build_code_developers)
-    error_message = "Please enter a valid email address for the Build Code developers."
-  }
 }