fix: additional optional web proxy and os vendor

Author: sean-freeman

ibmcloud_powervs/host_provision/build_execution.tf

@@ -1,7 +1,7 @@
 
 # Execute all scripts pushed to target
 
-resource "null_resource" "execute_os_scripts" {
+resource "null_resource" "execute_os_scripts_generic" {
 
   depends_on = [
     null_resource.build_script_os_prepare,
@@ -16,9 +16,135 @@ resource "null_resource" "execute_os_scripts" {
       "echo 'Show HOME directory for reference Shell scripts were transferred'",
       "ls -lha $HOME",
       "chmod +x $HOME/terraform_*",
-      "$HOME/terraform_os_prep.sh",
-      "$HOME/terraform_web_proxy_noninteractive.sh",
-      "$HOME/terraform_os_subscriptions.sh",
+      "$HOME/terraform_os_prep.sh"
+    ]
+  }
+
+  # Specify the ssh connection
+  connection {
+    # The Bastion host ssh connection is established first, and then the host connection will be made from there.
+    # Checking Host Key is false when not using bastion_host_key
+    type         = "ssh"
+    user         = "root"
+    host         = ibm_pi_instance.host_via_certified_profile.pi_network[0].ip_address
+    private_key  = var.module_var_host_private_ssh_key
+    bastion_host = var.module_var_bastion_ip
+    #bastion_host_key = 
+    bastion_port        = var.module_var_bastion_ssh_port
+    bastion_user        = var.module_var_bastion_user
+    bastion_private_key = var.module_var_bastion_private_ssh_key
+
+    # Required when using RHEL 8.x because /tmp is set with noexec
+    # Path must already exist and must not use Bash shell special variable, e.g. cannot use $HOME/terraform/tmp/
+    # https://www.terraform.io/language/resources/provisioners/connection#executing-scripts-using-ssh-scp
+    script_path = "/root/terraform_tmp_remote_exec_inline.sh"
+  }
+
+}
+
+
+resource "null_resource" "execute_os_scripts_web_proxy" {
+
+  depends_on = [
+    null_resource.build_script_os_prepare,
+    null_resource.build_script_web_proxy_noninteractive,
+    null_resource.os_subscription_files,
+    null_resource.dns_resolv_files,
+    null_resource.execute_os_scripts_generic
+  ]
+
+  count = var.module_var_web_proxy_enable ? 1 : 0
+
+  # Execute, including all files provisioned by Terraform into $HOME
+  provisioner "remote-exec" {
+    inline = [
+      "$HOME/terraform_web_proxy_noninteractive.sh"
+    ]
+  }
+
+
+  # Specify the ssh connection
+  connection {
+    # The Bastion host ssh connection is established first, and then the host connection will be made from there.
+    # Checking Host Key is false when not using bastion_host_key
+    type         = "ssh"
+    user         = "root"
+    host         = ibm_pi_instance.host_via_certified_profile.pi_network[0].ip_address
+    private_key  = var.module_var_host_private_ssh_key
+    bastion_host = var.module_var_bastion_ip
+    #bastion_host_key = 
+    bastion_port        = var.module_var_bastion_ssh_port
+    bastion_user        = var.module_var_bastion_user
+    bastion_private_key = var.module_var_bastion_private_ssh_key
+
+    # Required when using RHEL 8.x because /tmp is set with noexec
+    # Path must already exist and must not use Bash shell special variable, e.g. cannot use $HOME/terraform/tmp/
+    # https://www.terraform.io/language/resources/provisioners/connection#executing-scripts-using-ssh-scp
+    script_path = "/root/terraform_tmp_remote_exec_inline.sh"
+  }
+
+}
+
+
+resource "null_resource" "execute_os_scripts_os_vendor" {
+
+  depends_on = [
+    null_resource.build_script_os_prepare,
+    null_resource.build_script_web_proxy_noninteractive,
+    null_resource.os_subscription_files,
+    null_resource.dns_resolv_files,
+    null_resource.execute_os_scripts_generic,
+    null_resource.execute_os_scripts_web_proxy
+  ]
+
+  count = var.module_var_os_vendor_enable ? 1 : 0
+
+  # Execute, including all files provisioned by Terraform into $HOME
+  provisioner "remote-exec" {
+    inline = [
+      "$HOME/terraform_os_subscriptions.sh"
+    ]
+  }
+
+
+  # Specify the ssh connection
+  connection {
+    # The Bastion host ssh connection is established first, and then the host connection will be made from there.
+    # Checking Host Key is false when not using bastion_host_key
+    type         = "ssh"
+    user         = "root"
+    host         = ibm_pi_instance.host_via_certified_profile.pi_network[0].ip_address
+    private_key  = var.module_var_host_private_ssh_key
+    bastion_host = var.module_var_bastion_ip
+    #bastion_host_key = 
+    bastion_port        = var.module_var_bastion_ssh_port
+    bastion_user        = var.module_var_bastion_user
+    bastion_private_key = var.module_var_bastion_private_ssh_key
+
+    # Required when using RHEL 8.x because /tmp is set with noexec
+    # Path must already exist and must not use Bash shell special variable, e.g. cannot use $HOME/terraform/tmp/
+    # https://www.terraform.io/language/resources/provisioners/connection#executing-scripts-using-ssh-scp
+    script_path = "/root/terraform_tmp_remote_exec_inline.sh"
+  }
+
+}
+
+
+resource "null_resource" "execute_os_scripts_dns" {
+
+  depends_on = [
+    null_resource.build_script_os_prepare,
+    null_resource.build_script_web_proxy_noninteractive,
+    null_resource.os_subscription_files,
+    null_resource.dns_resolv_files,
+    null_resource.execute_os_scripts_generic,
+    null_resource.execute_os_scripts_web_proxy,
+    null_resource.execute_os_scripts_os_vendor
+  ]
+
+  # Execute, including all files provisioned by Terraform into $HOME
+  provisioner "remote-exec" {
+    inline = [
       "echo 'Change DNS in resolv.conf'",
       "if [ -f /tmp/resolv.conf ]; then mv /etc/resolv.conf /etc/resolv.conf.backup && mv /tmp/resolv.conf /etc/ ; fi",
       "chmod 644 /etc/resolv.conf",

ibmcloud_powervs/host_provision/build_os_subscriptions.tf

@@ -3,6 +3,8 @@
 
 resource "null_resource" "os_subscription_files" {
 
+  count = var.module_var_os_vendor_enable ? 1 : 0
+
   # Path must already exist and must not use Bash shell special variable, e.g. cannot use $HOME/file.sh
   # "By default, OpenSSH's scp implementation runs in the remote user's home directory and so you can specify a relative path to upload into that home directory"
   # https://www.terraform.io/language/resources/provisioners/file#destination-paths

ibmcloud_powervs/host_provision/build_web_proxy_noninteractive.tf

@@ -1,6 +1,8 @@
 
 resource "null_resource" "build_script_web_proxy_noninteractive" {
 
+  count = var.module_var_web_proxy_enable ? 1 : 0
+
   # Specify the ssh connection
   connection {
     # The Bastion host ssh connection is established first, and then the host connection will be made from there.

ibmcloud_powervs/host_provision/module_variables.tf

@@ -48,13 +48,18 @@ variable "module_var_dns_services_instance" {}
 
 variable "module_var_dns_proxy_ip" {}
 
-variable "module_var_web_proxy_url" {}
 
+variable "module_var_web_proxy_enable" {
+  default = true
+}
+variable "module_var_web_proxy_url" {}
 variable "module_var_web_proxy_exclusion" {}
 
 
+variable "module_var_os_vendor_enable" {
+  default = true
+}
 variable "module_var_os_vendor_account_user" {}
-
 variable "module_var_os_vendor_account_user_passcode" {}
 
 variable "module_var_storage_definition" {}

ibmpowervc/host_provision/build_execution.tf

@@ -43,6 +43,8 @@ resource "null_resource" "execute_os_scripts_web_proxy" {
     null_resource.execute_os_scripts_generic
   ]
 
+  count = var.module_var_web_proxy_enable ? 1 : 0
+
   connection {
     type        = "ssh"
     user        = "root"
@@ -75,6 +77,8 @@ resource "null_resource" "execute_os_scripts_os_vendor" {
     null_resource.execute_os_scripts_web_proxy
   ]
 
+  count = var.module_var_os_vendor_enable ? 1 : 0
+
   connection {
     type        = "ssh"
     user        = "root"