feat: added the ability to optionally add a prefix to all resources created by the DA using the new prefix input variable (#99)

iamar7 · web-flow · commit 23c254243ba7 · 2024-04-17T16:16:11.000+01:00
diff --git a/solutions/standard/main.tf b/solutions/standard/main.tf
@@ -5,15 +5,17 @@
 module "resource_group" {
   source                       = "terraform-ibm-modules/resource-group/ibm"
   version                      = "1.1.4"
-  resource_group_name          = var.existing_resource_group == false ? var.resource_group_name : null
+  resource_group_name          = var.existing_resource_group == false ? (var.prefix != null ? "${var.prefix}-${var.resource_group_name}" : var.resource_group_name) : null
   existing_resource_group_name = var.existing_resource_group == true ? var.resource_group_name : null
 }
 
 #######################################################################################################################
 # KMS Key
 #######################################################################################################################
 locals {
-  kms_key_crn = var.existing_sm_kms_key_crn != null ? var.existing_sm_kms_key_crn : module.kms[0].keys[format("%s.%s", var.kms_key_ring_name, var.kms_key_name)].crn
+  kms_key_crn       = var.existing_sm_kms_key_crn != null ? var.existing_sm_kms_key_crn : module.kms[0].keys[format("%s.%s", local.kms_key_ring_name, local.kms_key_name)].crn
+  kms_key_ring_name = var.prefix != null ? "${var.prefix}-${var.kms_key_ring_name}" : var.kms_key_ring_name
+  kms_key_name      = var.prefix != null ? "${var.prefix}-${var.kms_key_name}" : var.kms_key_name
 }
 # KMS root key for Secrets Manager secret encryption
 module "kms" {
@@ -30,12 +32,12 @@ module "kms" {
   key_endpoint_type           = var.kms_endpoint_type
   keys = [
     {
-      key_ring_name         = var.kms_key_ring_name
+      key_ring_name         = local.kms_key_ring_name
       existing_key_ring     = false
       force_delete_key_ring = true
       keys = [
         {
-          key_name                 = var.kms_key_name
+          key_name                 = local.kms_key_name
           standard_key             = false
           rotation_interval_month  = 3
           dual_auth_delete_enabled = false
@@ -54,7 +56,7 @@ module "secrets_manager" {
   source               = "../.."
   resource_group_id    = module.resource_group.resource_group_id
   region               = var.region
-  secrets_manager_name = var.secrets_manager_instance_name
+  secrets_manager_name = var.prefix != null ? "${var.prefix}-${var.secrets_manager_instance_name}" : var.secrets_manager_instance_name
   sm_service_plan      = var.service_plan
   allowed_network      = var.allowed_network
   sm_tags              = var.secret_manager_tags
@@ -76,7 +78,7 @@ module "iam_secrets_engine" {
   source               = "terraform-ibm-modules/secrets-manager-iam-engine/ibm"
   version              = "1.1.0"
   region               = var.region
-  iam_engine_name      = var.iam_engine_name
+  iam_engine_name      = var.prefix != null ? "${var.prefix}-${var.iam_engine_name}" : var.iam_engine_name
   secrets_manager_guid = module.secrets_manager.secrets_manager_guid
   endpoint_type        = var.allowed_network == "private-only" ? "private" : "public"
 }
diff --git a/solutions/standard/variables.tf b/solutions/standard/variables.tf
@@ -16,7 +16,7 @@ variable "existing_resource_group" {
 
 variable "resource_group_name" {
   type        = string
-  description = "The name of a new or an existing resource group in which to provision Secrets Manager resources to."
+  description = "The name of a new or an existing resource group in which to provision Secrets Manager resources to. If prefix input variable is passed then it will get prefixed infront of the value in the format of '<prefix>-value'"
 }
 
 variable "region" {
@@ -25,13 +25,19 @@ variable "region" {
   default     = "us-south"
 }
 
+variable "prefix" {
+  type        = string
+  description = "(Optional) Prefix to append to all resources created by this solution."
+  default     = null
+}
+
 ########################################################################################################################
 # Secrets Manager
 ########################################################################################################################
 
 variable "secrets_manager_instance_name" {
   type        = string
-  description = "The name to give the Secrets Manager instance that will be provisioned by this solution."
+  description = "The name to give the Secrets Manager instance that will be provisioned by this solution. If prefix input variable is passed then it will get prefixed infront of the value in the format of '<prefix>-value'"
   default     = "base-security-services-sm"
 }
 
@@ -69,7 +75,7 @@ variable "iam_engine_enabled" {
 
 variable "iam_engine_name" {
   type        = string
-  description = "The name of the IAM Engine used to configure an IBM Secrets Manager IAM credentials engine."
+  description = "The name of the IAM Engine used to configure an IBM Secrets Manager IAM credentials engine. If prefix input variable is passed then it will get prefixed infront of the value in the format of '<prefix>-value'"
   default     = "base-sm-iam-engine"
 }
 
@@ -118,13 +124,13 @@ variable "kms_endpoint_type" {
 variable "kms_key_ring_name" {
   type        = string
   default     = "sm-cos-key-ring"
-  description = "The name to give to the new KMS key ring that will be used to store the KMS key to enable advanced, customer-managed encryption for your Secrets Manager secrets. Only required if not supplying an existing KMS root key CRN."
+  description = "The name to give to the new KMS key ring that will be used to store the KMS key to enable advanced, customer-managed encryption for your Secrets Manager secrets. Only required if not supplying an existing KMS root key CRN. If prefix input variable is passed then it will get prefixed infront of the value in the format of '<prefix>-value'"
 }
 
 variable "kms_key_name" {
   type        = string
   default     = "sm-cos-key"
-  description = "The name to give to the new KMS root key that will be used to enable advanced, customer-managed encryption for your Secrets Manager secrets. Only required if not supplying an existing KMS root key CRN."
+  description = "The name to give to the new KMS root key that will be used to enable advanced, customer-managed encryption for your Secrets Manager secrets. Only required if not supplying an existing KMS root key CRN. If prefix input variable is passed then it will get prefixed infront of the value in the format of '<prefix>-value'"
 }
 
 ########################################################################################################################
diff --git a/tests/pr_test.go b/tests/pr_test.go
@@ -128,6 +128,7 @@ func TestRunDASolutionSchematics(t *testing.T) {
 
 	options.TerraformVars = []testschematic.TestSchematicTerraformVar{
 		{Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true},
+		{Name: "prefix", Value: options.Prefix, DataType: "string"},
 		{Name: "region", Value: options.Region, DataType: "string"},
 		{Name: "resource_group_name", Value: options.Prefix, DataType: "string"},
 		{Name: "service_plan", Value: "trial", DataType: "string"},
