Skip to content

test: update test parameters to create a new cert for domain #175

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 14 commits into from
Apr 1, 2025
Merged

test: update test parameters to create a new cert for domain #175

merged 14 commits into from
Apr 1, 2025

Conversation

akocbek
Copy link
Contributor

@akocbek akocbek commented Mar 31, 2025
edited
Loading

Description

test need to be updated to always create cert for domain because the problem is with a rate limit https://github.com/terraform-ibm-modules/terraform-ibm-code-engine/blob/main/examples/apps/main.tf#L21

because of Invalid API type ''crn:v1:bluemix:public:context-based-restrictions::::api-type:, we also need to update CBR type

Error: ---
│ id: terraform-4126840a
│ summary: 'CreateRuleWithContext failed: Invalid API type ''crn:v1:bluemix:public:context-based-restrictions::::api-type:''.
│   Valid API types for service ''codeengine'' are: crn:v1:bluemix:public:context-based-restrictions::::api-type:control-plane,
│   crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:, crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:resource-management'
│ severity: error
│ resource: ibm_cbr_rule
│ operation: create
│ component:
│   name: github.com/IBM-Cloud/terraform-provider-ibm
│   version: 1.76.3
│ ---
│ 
│ 
│   with module.code_engine.module.project[0].module.cbr_rules[0].ibm_cbr_rule.cbr_rule,
│   on .terraform/modules/code_engine.project.cbr_rules/modules/cbr-rule-module/main.tf line 7, in resource "ibm_cbr_rule" "cbr_rule":
│    7: resource "ibm_cbr_rule" "cbr_rule" {
│ 
╵}

Release required?

  • No release
  • Patch release (x.x.X)
  • Minor release (x.X.x)
  • Major release (X.x.x)
Release notes content

Run the pipeline

If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.

Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:

/run pipeline

Checklist for reviewers

  • If relevant, a test for the change is included or updated with this PR.
  • If relevant, documentation for the change is included or updated with this PR.

For mergers

  • Use a conventional commit message to set the release level. Follow the guidelines.
  • Include information that users need to know about the PR in the commit message. The commit message becomes part of the GitHub release notes.
  • Use the Squash and merge option.

@akocbek akocbek requested a review from shemau as a code owner March 31, 2025 12:31
@akocbek
Copy link
Contributor Author

akocbek commented Mar 31, 2025

/run pipeline

@akocbek
Copy link
Contributor Author

akocbek commented Mar 31, 2025

/run pipeline

@akocbek
Copy link
Contributor Author

akocbek commented Mar 31, 2025

/run pipeline

@akocbek
Copy link
Contributor Author

akocbek commented Mar 31, 2025 

Messages:   	Failed to create plan: %!(EXTRA retry.FatalError=FatalError{Underlying: error while running command: exit status 1; ╷
        	            	│ Error: ---
        	            	│ id: terraform-700f7be0
        	            	│ summary: 'GetProjectWithContext failed: Insufficient permissions to perform this operation.
        	            	│   Contact the account owner to update the user access.'
        	            	│ severity: error
        	            	│ resource: ibm_code_engine_project
        	            	│ operation: read
        	            	│ component:
        	            	│   name: github.com/IBM-Cloud/terraform-provider-ibm
        	            	│   version: 1.76.3
        	            	│ ---
        	            	│ 
        	            	│ 
        	            	│   with module.code_engine.module.project[0].ibm_code_engine_project.ce_project,
        	            	│   on ../../modules/project/main.tf line 7, in resource "ibm_code_engine_project" "ce_project":
        	            	│    7: resource "ibm_code_engine_project" "ce_project" {
        	            	│ 
        	            	╵})

@akocbek
Copy link
Contributor Author

akocbek commented Mar 31, 2025

/run pipeline

1 similar comment
@akocbek
Copy link
Contributor Author

akocbek commented Mar 31, 2025

/run pipeline

@akocbek
Copy link
Contributor Author

akocbek commented Mar 31, 2025

/run pipeline

@akocbek
Copy link
Contributor Author

akocbek commented Mar 31, 2025

/run pipeline

@akocbek
Copy link
Contributor Author

akocbek commented Mar 31, 2025

/run pipeline

@akocbek
Copy link
Contributor Author

akocbek commented Mar 31, 2025

/run pipeline

@akocbek
Copy link
Contributor Author

akocbek commented Apr 1, 2025

/run pipeline

ocofaigh
ocofaigh requested changes Apr 1, 2025
View reviewed changes
Copy link
Contributor

@ocofaigh ocofaigh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Your CBR rule says that only private endpoints can be used. So you probably need to set provider visibility to private in the example, or else remove the rule

@akocbek
Copy link
Contributor Author

akocbek commented Apr 1, 2025

/run pipeline

ocofaigh
ocofaigh reviewed Apr 1, 2025
View reviewed changes
examples/apps/main.tf Outdated
attributes = [
{
"name" : "endpointType",
"value" : "public"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we just omit endpointType ? This rule would mean private is not allowed, and thats not really a good practise. Alternatively you could allow private and public, or else just allow private and change provider visibility to private in the example

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

per slack discussion, we chose to use a provider visibility (private) in the example

@akocbek
Copy link
Contributor Author

akocbek commented Apr 1, 2025

/run pipeline

@akocbek
Copy link
Contributor Author

akocbek commented Apr 1, 2025

/run pipeline

@akocbek
Copy link
Contributor Author

akocbek commented Apr 1, 2025

/run pipeline

ocofaigh
ocofaigh reviewed Apr 1, 2025
View reviewed changes
examples/apps/variables.tf Outdated
@@ -109,3 +109,14 @@ variable "acme_letsencrypt_private_key" {
default = null
sensitive = true
}

variable "provider_visibility" {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would not expose this in the example because if someone changes it to public, it breaks right? since you have a CBR rule that mandates private

@akocbek
Copy link
Contributor Author

akocbek commented Apr 1, 2025

/run pipeline

1 similar comment
@akocbek
Copy link
Contributor Author

akocbek commented Apr 1, 2025

/run pipeline

@akocbek
Copy link
Contributor Author

akocbek commented Apr 1, 2025

/run pipeline

@ocofaigh ocofaigh merged commit ac64319 into main Apr 1, 2025
2 checks passed
@ocofaigh ocofaigh deleted the fix_domain_mapping branch April 1, 2025 14:26
@terraform-ibm-modules-ops
Copy link
Contributor

🎉 This PR is included in version 3.2.4 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ocofaigh ocofaigh ocofaigh approved these changes

@shemau shemau Awaiting requested review from shemau shemau is a code owner

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@akocbek @terraform-ibm-modules-ops @ocofaigh @akocbekIBM