Skip to content

fix: expose provider visibility #1025

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 12 commits into
base: main
Choose a base branch
from
+203 −5
Open

fix: expose provider visibility #1025

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
62b03f8
Expose provider visibility
piyush117 Aug 5, 2025
01426e2
SKIP UPGRADE TEST
piyush117 Aug 5, 2025
84544f5
SKIP UPGRADE TEST
piyush117 Aug 5, 2025
8a67efe
SKIP UPGRADE TEST
piyush117 Aug 5, 2025
6a4fb56
Merge branch 'main' into 11323-expose-provider-visibility
Ak-sky Sep 2, 2025
afd06c9
Merge branch 'main' into 11323-expose-provider-visibility
piyush117 Sep 3, 2025
a20ef51
Merge branch 'main' into 11323-expose-provider-visibility
piyush117 Sep 9, 2025
27dddd4
Merge branch 'main' of github.com:terraform-ibm-modules/terraform-ibm…
piyush117 Sep 18, 2025
630a017
Merge branch 'main' into 11323-expose-provider-visibility
Ak-sky Sep 25, 2025
65ca658
Merge branch 'main' into 11323-expose-provider-visibility
Ak-sky Oct 7, 2025
e736b52
Merge branch 'main' of github.com:terraform-ibm-modules/terraform-ibm…
piyush117 Oct 8, 2025
ade4141
Merge branch '11323-expose-provider-visibility' of github.com:terrafo…
piyush117 Oct 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions cra-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,16 +7,19 @@ CRA_TARGETS:
CRA_ENVIRONMENT_VARIABLES:
TF_VAR_prefix: "slz-vpc"
TF_VAR_region: "us-south"
TF_VAR_provider_visibility: "public"
- CRA_TARGET: "patterns/vsi"
CRA_IGNORE_RULES_FILE: "cra-tf-validate-ignore-rules.json"
PROFILE_ID: "fe96bd4d-9b37-40f2-b39f-a62760e326a3" # SCC profile ID (currently set to 'IBM Cloud Framework for Financial Services' '1.7.0' profile).
CRA_ENVIRONMENT_VARIABLES:
TF_VAR_prefix: "slz-vsi"
TF_VAR_region: "us-south"
TF_VAR_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/hfNI5cNjimtcVgNA1acGmi1iv7PTjKcF8D+8DqffkGMsY6vU7KtB1mASwVU8GMGLzU2qvGmXwHSANYqPOraEitgI06zhq5VXVvtjOR41IJjP+ssjHIbql+EDzls2yJuZd2g4Wmk5NKTzJFNYsvIaCGUYCSMUPT9bepUqIOyjsrCEiHGLaphF5W2V/hj1+1NEZqV3ozhmHmtff2tIb6+VQpd/dl61RKuF74rywd1krmBOe4kbPzfYRqiRKV0rl0bPuyL+FV3Zv5gdzRRLNQiOxapv9uSkCal3W0umpSQyBYtj6BhGxeKrBKVgXgdq7byStRFSlREaKIg+tkekieqNZbBArgSYoNACZilxrzzC6u0KuWtllldy1CwCtFEdBlSPnHwnD/XhAs6FVuoh5tmw+FLtVyg8UyMgSvVr1Vcya9uAOCLLiihsgAB5xqqcJaXcfk+zkWn7rUJ9F+R3CZs9rgEvBbHpFAKJqcMsInZ+G0Jt0s6kIpAPr/plcfrK2bcwG/L9Kbuedf31dmHAylKqfMpdqm2YoSXOs5Y7Wh6KV/1VhL/u0++hxGt6APjvpY0BTlvsw7fmBSPniHkC8fF6bEzP0blCRcI3SB7P/glrZqM5UptBoEI5a8LBv5G4YsVolRepj6FjwlPvfgBbLF5AXxFtZTk07UW7CRauO5xbJw=="
TF_VAR_provider_visibility: "public"
- CRA_TARGET: "patterns/roks"
CRA_IGNORE_RULES_FILE: "cra-tf-validate-ignore-rules.json"
PROFILE_ID: "fe96bd4d-9b37-40f2-b39f-a62760e326a3" # SCC profile ID (currently set to 'IBM Cloud Framework for Financial Services' '1.7.0' profile).
CRA_ENVIRONMENT_VARIABLES:
TF_VAR_prefix: "slz-roks"
TF_VAR_region: "us-south"
TF_VAR_provider_visibility: "public"
108 changes: 108 additions & 0 deletions ibm_catalog.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,24 @@
},
"key": "override_json_string"
},
{
"key": "provider_visibility",
"hidden":true,
"options": [
{
"displayname": "private",
"value": "private"
},
{
"displayname": "public",
"value": "public"
},
{
"displayname": "public-and-private",
"value": "public-and-private"
}
]
},
{
"custom_config": {
"grouping": "deployment",
Expand Down Expand Up @@ -241,6 +259,24 @@
}
]
},
{
"key": "provider_visibility",
"hidden":true,
"options": [
{
"displayname": "private",
"value": "private"
},
{
"displayname": "public",
"value": "public"
},
{
"displayname": "public-and-private",
"value": "public-and-private"
}
]
},
{
"key": "ibmcloud_api_key"
},
Expand Down Expand Up @@ -632,6 +668,24 @@
}
]
},
{
"key": "provider_visibility",
"hidden":true,
"options": [
{
"displayname": "private",
"value": "private"
},
{
"displayname": "public",
"value": "public"
},
{
"displayname": "public-and-private",
"value": "public-and-private"
}
]
},
{
"custom_config": {
"config_constraints": {
Expand Down Expand Up @@ -848,6 +902,24 @@
"key": "region",
"required": true
},
{
"key": "provider_visibility",
"hidden":true,
"options": [
{
"displayname": "private",
"value": "private"
},
{
"displayname": "public",
"value": "public"
},
{
"displayname": "public-and-private",
"value": "public-and-private"
}
]
},
{
"key": "ibmcloud_api_key"
},
Expand Down Expand Up @@ -1256,6 +1328,24 @@
"required": true,
"type": "string"
},
{
"key": "provider_visibility",
"hidden":true,
"options": [
{
"displayname": "private",
"value": "private"
},
{
"displayname": "public",
"value": "public"
},
{
"displayname": "public-and-private",
"value": "public-and-private"
}
]
},
{
"key": "ibmcloud_api_key"
},
Expand Down Expand Up @@ -1586,6 +1676,24 @@
"key": "region",
"required": true
},
{
"key": "provider_visibility",
"hidden":true,
"options": [
{
"displayname": "private",
"value": "private"
},
{
"displayname": "public",
"value": "public"
},
{
"displayname": "public-and-private",
"value": "public-and-private"
}
]
},
{
"key": "kube_version",
"type": "string",
Expand Down
1 change: 1 addition & 0 deletions patterns/mixed/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ provider "ibm" {
ibmcloud_api_key = var.ibmcloud_api_key
region = var.region
ibmcloud_timeout = 60
visibility = var.provider_visibility
}

##############################################################################
Expand Down
10 changes: 10 additions & 0 deletions patterns/mixed/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,16 @@ variable "ibmcloud_api_key" {
sensitive = true
}

variable "provider_visibility" {
description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
type = string
default = "private"
validation {
condition = contains(["public", "private", "public-and-private"], var.provider_visibility)
error_message = "Invalid visibility option. Allowed values are 'public', 'private', or 'public-and-private'."
}
}

variable "prefix" {
description = "A unique identifier for resources that is prepended to resources that are provisioned. Must begin with a lowercase letter and end with a lowercase letter or number. Must be 16 or fewer characters."
type = string
Expand Down
1 change: 1 addition & 0 deletions patterns/roks-quickstart/provider.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
provider "ibm" {
ibmcloud_api_key = var.ibmcloud_api_key
region = var.region
visibility = var.provider_visibility
}
10 changes: 10 additions & 0 deletions patterns/roks-quickstart/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,16 @@ variable "ibmcloud_api_key" {
sensitive = true
}

variable "provider_visibility" {
description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
type = string
default = "private"
validation {
condition = contains(["public", "private", "public-and-private"], var.provider_visibility)
error_message = "Invalid visibility option. Allowed values are 'public', 'private', or 'public-and-private'."
}
}

variable "prefix" {
description = "A unique identifier for resources that is prepended to resources that are provisioned. Must begin with a lowercase letter and end with a lowercase letter or number. Must be 13 or fewer characters."
type = string
Expand Down
1 change: 1 addition & 0 deletions patterns/roks/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ provider "ibm" {
ibmcloud_api_key = var.ibmcloud_api_key
region = var.region
ibmcloud_timeout = 60
visibility = var.provider_visibility
}

##############################################################################
Expand Down
10 changes: 10 additions & 0 deletions patterns/roks/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,16 @@ variable "ibmcloud_api_key" {
sensitive = true
}

variable "provider_visibility" {
description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
type = string
default = "private"
validation {
condition = contains(["public", "private", "public-and-private"], var.provider_visibility)
error_message = "Invalid visibility option. Allowed values are 'public', 'private', or 'public-and-private'."
}
}

variable "prefix" {
description = "A unique identifier for resources that is prepended to resources that are provisioned. Must begin with a lowercase letter and end with a lowercase letter or number. Must be 13 or fewer characters."
type = string
Expand Down
1 change: 1 addition & 0 deletions patterns/vpc/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ provider "ibm" {
ibmcloud_api_key = var.ibmcloud_api_key
region = var.region
ibmcloud_timeout = 60
visibility = var.provider_visibility
}

##############################################################################
Expand Down
10 changes: 10 additions & 0 deletions patterns/vpc/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,16 @@ variable "ibmcloud_api_key" {
sensitive = true
}

variable "provider_visibility" {
description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
type = string
default = "private"
validation {
condition = contains(["public", "private", "public-and-private"], var.provider_visibility)
error_message = "Invalid visibility option. Allowed values are 'public', 'private', or 'public-and-private'."
}
}

variable "prefix" {
description = "A unique identifier for resources that is prepended to resources that are provisioned. Must begin with a lowercase letter and end with a lowercase letter or number. Must be 16 or fewer characters."
type = string
Expand Down
1 change: 1 addition & 0 deletions patterns/vsi-extension/provider.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
provider "ibm" {
ibmcloud_api_key = var.ibmcloud_api_key
region = var.region
visibility = var.provider_visibility
}
10 changes: 10 additions & 0 deletions patterns/vsi-extension/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,16 @@ variable "ibmcloud_api_key" {
sensitive = true
}

variable "provider_visibility" {
description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
type = string
default = "private"
validation {
condition = contains(["public", "private", "public-and-private"], var.provider_visibility)
error_message = "Invalid visibility option. Allowed values are 'public', 'private', or 'public-and-private'."
}
}

variable "region" {
description = "The region of the landing zone VPC."
type = string
Expand Down
1 change: 1 addition & 0 deletions patterns/vsi-quickstart/provider.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
provider "ibm" {
ibmcloud_api_key = var.ibmcloud_api_key
region = var.region
visibility = var.provider_visibility
}
10 changes: 10 additions & 0 deletions patterns/vsi-quickstart/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,16 @@ variable "ibmcloud_api_key" {
sensitive = true
}

variable "provider_visibility" {
description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
type = string
default = "private"
validation {
condition = contains(["public", "private", "public-and-private"], var.provider_visibility)
error_message = "Invalid visibility option. Allowed values are 'public', 'private', or 'public-and-private'."
}
}

variable "prefix" {
description = "A unique identifier for resources that is prepended to resources that are provisioned. Must begin with a lowercase letter and end with a lowercase letter or number. Must be 16 or fewer characters."
type = string
Expand Down
1 change: 1 addition & 0 deletions patterns/vsi/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ provider "ibm" {
ibmcloud_api_key = var.ibmcloud_api_key
region = var.region
ibmcloud_timeout = 60
visibility = var.provider_visibility
}

##############################################################################
Expand Down
10 changes: 10 additions & 0 deletions patterns/vsi/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,16 @@ variable "ibmcloud_api_key" {
sensitive = true
}

variable "provider_visibility" {
description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
type = string
default = "private"
validation {
condition = contains(["public", "private", "public-and-private"], var.provider_visibility)
error_message = "Invalid visibility option. Allowed values are 'public', 'private', or 'public-and-private'."
}
}

variable "prefix" {
description = "A unique identifier for resources that is prepended to resources that are provisioned. Must begin with a lowercase letter and end with a lowercase letter or number. Must be 16 or fewer characters."
type = string
Expand Down
2 changes: 2 additions & 0 deletions tests/other_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ func TestRunRoksPatternWithHPCS(t *testing.T) {
options.TerraformVars["hs_crypto_instance_name"] = permanentResources["hpcs_name_south"]
options.TerraformVars["hs_crypto_resource_group"] = permanentResources["hpcs_rg_south"]
options.TerraformVars["skip_kms_block_storage_s2s_auth_policy"] = true
options.TerraformVars["provider_visibility"] = "public"
// If "jp-osa" was the best region selected, default to us-south instead.
// "jp-osa" is currently not allowing hs-crypto be used for encrypting buckets in that region.
currentRegion, ok := options.TerraformVars["region"]
Expand All @@ -37,6 +38,7 @@ func TestRunVSIPatternWithHPCS(t *testing.T) {
options.TerraformVars["hs_crypto_instance_name"] = permanentResources["hpcs_name_south"]
options.TerraformVars["hs_crypto_resource_group"] = permanentResources["hpcs_rg_south"]
options.TerraformVars["skip_kms_block_storage_s2s_auth_policy"] = true
options.TerraformVars["provider_visibility"] = "public"
// If "jp-osa" was the best region selected, default to us-south instead.
// "jp-osa" is currently not allowing hs-crypto be used for encrypting buckets in that region.
currentRegion, ok := options.TerraformVars["region"]
Expand Down
Loading