Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/terraform-ibm-modules/terraform-ibm-code-engine
Provisions and configures IBM Cloud Code Engine.
https://github.com/terraform-ibm-modules/terraform-ibm-code-engine
code-engine core-team deployable-architecture ibm-cloud stable supported terraform terraform-module
Last synced: about 1 month ago
JSON representation
Provisions and configures IBM Cloud Code Engine.
- Host: GitHub
- URL: https://github.com/terraform-ibm-modules/terraform-ibm-code-engine
- Owner: terraform-ibm-modules
- License: apache-2.0
- Created: 2024-02-26T13:51:22.000Z (11 months ago)
- Default Branch: main
- Last Pushed: 2024-10-29T11:40:55.000Z (2 months ago)
- Last Synced: 2024-10-29T13:27:12.603Z (2 months ago)
- Topics: code-engine, core-team, deployable-architecture, ibm-cloud, stable, supported, terraform, terraform-module
- Language: HCL
- Size: 381 KB
- Stars: 1
- Watchers: 17
- Forks: 1
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# Terraform Code Engine Module
[-green)](https://terraform-ibm-modules.github.io/documentation/#/badge-status)
[](https://github.com/terraform-ibm-modules/terraform-ibm-code-engine/releases/latest)
[](https://github.com/pre-commit/pre-commit)
[](https://renovatebot.com/)
[](https://github.com/semantic-release/semantic-release)
This module provisions the IBM Cloud Code Engine fully managed and serverless platform. It supports deployment of containerized workloads, including web apps, batch jobs, builds, config maps, bindings, domain mappings, or secrets. For more information, see [About Code Engine](https://cloud.ibm.com/docs/codeengine?topic=codeengine-getting-started)
## Overview
* [terraform-ibm-code-engine](#terraform-ibm-code-engine)
* [Submodules](./modules)
* [app](./modules/app)
* [binding](./modules/binding)
* [build](./modules/build)
* [config_map](./modules/config_map)
* [domain_mapping](./modules/domain_mapping)
* [job](./modules/job)
* [project](./modules/project)
* [secret](./modules/secret)
* [Examples](./examples)
* [Apps example](./examples/apps)
* [Jobs example](./examples/jobs)
* [Contributing](#contributing)
## terraform-ibm-code-engine
### Known limitations
Currently, IBM provider supports basic functionalities, such as create/delete/update code engine projects, apps, jobs, builds and etc.
Known limitations are:
- No support to create/delete/update code engine functions. https://github.com/IBM-Cloud/terraform-provider-ibm/issues/5230
- No support to create/delete/update code engine subscriptions. https://github.com/IBM-Cloud/terraform-provider-ibm/issues/5231
- Apply twice keeps on showing changes for `ibm_code_engine_app` and `ibm_code_engine_job` terraform resource https://github.com/IBM-Cloud/terraform-provider-ibm/issues/4719
- CLI/API service binding implementation/interface is different from terraform implementation. For example, CLI or UI code engine has a support to create access secret, service credential and all bindings automatically, while `code_engine_binding_instance` terraform resource requires that access secret exists before the binding is created. The second discrepancy between implementations is that terraform `code_engine_binding_instance` terraform resource requires `prefix` while using CLI or UI `prefix` is an optional parameter. https://github.com/IBM-Cloud/terraform-provider-ibm/issues/5229
- Visibility for application can not be set. While CLI uses `--visibility=private` flag to set the visibility, terraform provider doesn't support it. https://github.com/IBM-Cloud/terraform-provider-ibm/issues/5228
- Apply twice throwns an error for `ibm_code_engine_secret` terraform resource https://github.com/IBM-Cloud/terraform-provider-ibm/issues/5232
### Usage
```hcl
module "code_engine" {
source = "terraform-ibm-modules/code-engine/ibm"
version = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
project_name = "your-project-name"
apps = {
"your-app-name-1" = {
image_reference = "container_registry_url"
run_env_variables = [{
type = "literal"
name = "env_name"
value = "env_value"
}]
},
"your-app-name-2" = {
image_reference = "container_registry_url"
}
}
jobs = {
"your-job-name" = {
image_reference = "container_registry_url"
run_env_variables = [{
type = "literal"
name = "env_name"
value = "env_value"
}]
}
}
config_maps = {
"your-config-name" = {
data = { "key_1" : "value_1", "key_2" : "value_2" }
}
}
secrets = {
"your-secret-name" = {
format = "generic"
data = { "key_1" : "value_1", "key_2" : "value_2" }
}
}
builds = {
"your-build-name" = {
output_image = "container_registry_url"
output_secret = "secret-name" # pragma: allowlist secret
source_url = "https://github.com/IBM/CodeEngine"
strategy_type = "dockerfile"
}
}
}
```
### Required IAM access policies
You need the following permissions to run this module.
- Account Management
- **Resource Group** service
- `Viewer` platform access
- IAM Services
- **Code Engine** service
- `Editor` platform access
- `Writer` service access
### Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.3.0 |
| [ibm](#requirement\_ibm) | >= 1.63.0, <2.0.0 |
### Modules
| Name | Source | Version |
|------|--------|---------|
| [app](#module\_app) | ./modules/app | n/a |
| [binding](#module\_binding) | ./modules/binding | n/a |
| [build](#module\_build) | ./modules/build | n/a |
| [config\_map](#module\_config\_map) | ./modules/config_map | n/a |
| [domain\_mapping](#module\_domain\_mapping) | ./modules/domain_mapping | n/a |
| [job](#module\_job) | ./modules/job | n/a |
| [project](#module\_project) | ./modules/project | n/a |
| [secret](#module\_secret) | ./modules/secret | n/a |
### Resources
No resources.
### Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [apps](#input\_apps) | A map of code engine apps to be created. |
map(object({
image_reference = string
image_secret = optional(string)
run_env_variables = optional(list(object({
type = optional(string)
name = optional(string)
value = optional(string)
prefix = optional(string)
key = optional(string)
reference = optional(string)
})))
run_volume_mounts = optional(list(object({
mount_path = string
reference = string
name = optional(string)
type = string
})))
image_port = optional(number)
managed_domain_mappings = optional(string)
run_arguments = optional(list(string))
run_as_user = optional(number)
run_commands = optional(list(string))
run_service_account = optional(string)
scale_concurrency = optional(number)
scale_concurrency_target = optional(number)
scale_cpu_limit = optional(string)
scale_ephemeral_storage_limit = optional(string)
scale_initial_instances = optional(number)
scale_max_instances = optional(number)
scale_memory_limit = optional(string)
scale_min_instances = optional(number)
scale_request_timeout = optional(number)
})) | `{}` | no |
| [bindings](#input\_bindings) | A map of code engine bindings to be created. | map(object({
secret_name = string
components = list(object({
name = string
resource_type = string
}))
})) | `{}` | no |
| [builds](#input\_builds) | A map of code engine builds to be created. | map(object({
output_image = string
output_secret = string # pragma: allowlist secret
source_url = string
strategy_type = string
source_context_dir = optional(string)
source_revision = optional(string)
source_secret = optional(string)
source_type = optional(string)
strategy_size = optional(string)
strategy_spec_file = optional(string)
timeout = optional(number)
})) | `{}` | no |
| [config\_maps](#input\_config\_maps) | A map of code engine config maps to be created. | map(object({
data = map(string)
})) | `{}` | no |
| [domain\_mappings](#input\_domain\_mappings) | A map of code engine domain mappings to be created. | map(object({
tls_secret = string # pragma: allowlist secret
components = list(object({
name = string
resource_type = string
}))
})) | `{}` | no |
| [existing\_project\_id](#input\_existing\_project\_id) | The ID of the existing project to which code engine resources will be added. It is required if var.project\_name is null. | `string` | `null` | no |
| [jobs](#input\_jobs) | A map of code engine jobs to be created. | map(object({
image_reference = string
image_secret = optional(string)
run_env_variables = optional(list(object({
type = optional(string)
name = optional(string)
value = optional(string)
prefix = optional(string)
key = optional(string)
reference = optional(string)
})))
run_volume_mounts = optional(list(object({
mount_path = string
reference = string
name = optional(string)
type = string
})))
run_arguments = optional(list(string))
run_as_user = optional(number)
run_commands = optional(list(string))
run_mode = optional(string)
run_service_account = optional(string)
scale_array_spec = optional(string)
scale_cpu_limit = optional(string)
scale_ephemeral_storage_limit = optional(string)
scale_max_execution_time = optional(number)
scale_memory_limit = optional(string)
scale_retry_limit = optional(number)
})) | `{}` | no |
| [project\_name](#input\_project\_name) | The name of the project to which code engine resources will be added. It is required if var.existing\_project\_id is null. | `string` | `null` | no |
| [resource\_group\_id](#input\_resource\_group\_id) | ID of the resource group to use when creating resources. | `string` | n/a | yes |
| [secrets](#input\_secrets) | A map of code engine secrets to be created. | map(object({
format = string
data = map(string)
# Issue with provider, service_access is not supported at the moment. https://github.com/IBM-Cloud/terraform-provider-ibm/issues/5232
# service_access = optional(list(object({
# resource_key = list(object({
# id = optional(string)
# }))
# role = list(object({
# crn = optional(string)
# }))
# service_instance = list(object({
# id = optional(string)
# }))
# })))
})) | `{}` | no |
### Outputs
| Name | Description |
|------|-------------|
| [app](#output\_app) | Configuration of the created code engine app. |
| [binding](#output\_binding) | Configuration of the created code engine binding. |
| [build](#output\_build) | Configuration of the created code engine build. |
| [config\_map](#output\_config\_map) | Configuration of the created code engine config map. |
| [domain\_mapping](#output\_domain\_mapping) | Configuration of the created code engine domain maping. |
| [job](#output\_job) | Configuration of the created code engine job. |
| [project\_id](#output\_project\_id) | ID of the created code engine project. |
| [secret](#output\_secret) | Configuration of the created code engine secret. |
## Contributing
You can report issues and request features for this module in GitHub issues in the module repo. See [Report an issue or request a feature](https://github.com/terraform-ibm-modules/.github/blob/main/.github/SUPPORT.md).
To set up your local development environment, see [Local development setup](https://terraform-ibm-modules.github.io/documentation/#/local-dev-setup) in the project documentation.