From 54f88461379e4b01c6dcbbbd5a920171eb8c0c07 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Tue, 11 Nov 2025 13:31:15 +0530 Subject: [PATCH 01/30] add get primary metadata region --- common-dev-assets | 2 +- modules/get_primary_metadata_region/README.md | 1 + modules/get_primary_metadata_region/main.tf | 36 +++++++++++ .../get_primary_metadata_region/outputs.tf | 8 +++ .../get_primary_metadata_region/provider.tf | 4 ++ .../scripts/get_primary_metadata_region.sh | 59 +++++++++++++++++++ .../get_primary_metadata_region/variables.tf | 21 +++++++ .../get_primary_metadata_region/version.tf | 21 +++++++ 8 files changed, 151 insertions(+), 1 deletion(-) create mode 100644 modules/get_primary_metadata_region/README.md create mode 100644 modules/get_primary_metadata_region/main.tf create mode 100644 modules/get_primary_metadata_region/outputs.tf create mode 100644 modules/get_primary_metadata_region/provider.tf create mode 100755 modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh create mode 100644 modules/get_primary_metadata_region/variables.tf create mode 100644 modules/get_primary_metadata_region/version.tf diff --git a/common-dev-assets b/common-dev-assets index 3cfd2b6..bb64279 160000 --- a/common-dev-assets +++ b/common-dev-assets @@ -1 +1 @@ -Subproject commit 3cfd2b622d864175e7979de6885a65b4fb4ab6db +Subproject commit bb64279162cdd0eecd962220d538fd8f41e922e7 diff --git a/modules/get_primary_metadata_region/README.md b/modules/get_primary_metadata_region/README.md new file mode 100644 index 0000000..8d2170b --- /dev/null +++ b/modules/get_primary_metadata_region/README.md @@ -0,0 +1 @@ +# Metrics Router module diff --git a/modules/get_primary_metadata_region/main.tf b/modules/get_primary_metadata_region/main.tf new file mode 100644 index 0000000..a35568d --- /dev/null +++ b/modules/get_primary_metadata_region/main.tf @@ -0,0 +1,36 @@ +######################################################################## +# IBM Cloud Metric Routing +######################################################################### + +# data "ibm_iam_auth_token" "tokendata" { +# } +# +resource "time_sleep" "wait_iam_token" { + # depends_on = [data.ibm_iam_auth_token.tokendata] + create_duration = "5s" +} + +# resource "null_resource" "primary_metadata_region" { +# # depends_on = [time_sleep.wait_iam_token] +# provisioner "local-exec" { +# command = "bash ${path.module}/scripts/get_primary_metadata_region.sh" +# environment = { +# ibmcloud_api_key = var.ibmcloud_api_key +# REGION = var.region +# USE_PRIVATE_ENDPOINT = var.use_private_endpoint +# } +# } +# } + +data "external" "get_primary_metadata_region" { + depends_on = [time_sleep.wait_iam_token] + program = ["bash", "${path.module}/scripts/get_primary_metadata_region.sh"] + + query = { + IBM_API_KEY = var.ibmcloud_api_key + region = var.region + use_private_endpoint = var.use_private_endpoint + } +} + + diff --git a/modules/get_primary_metadata_region/outputs.tf b/modules/get_primary_metadata_region/outputs.tf new file mode 100644 index 0000000..93bac9a --- /dev/null +++ b/modules/get_primary_metadata_region/outputs.tf @@ -0,0 +1,8 @@ +######################################################################## +# Metric Routing Account Settings +######################################################################### + +output "primary_metadata_region" { + value = nonsensitive(data.external.get_primary_metadata_region.result.primary_metadata_region) + description = "Primary metadata region for IBM Cloud Metrics Router" +} diff --git a/modules/get_primary_metadata_region/provider.tf b/modules/get_primary_metadata_region/provider.tf new file mode 100644 index 0000000..df45ef5 --- /dev/null +++ b/modules/get_primary_metadata_region/provider.tf @@ -0,0 +1,4 @@ +provider "ibm" { + ibmcloud_api_key = var.ibmcloud_api_key + region = var.region +} diff --git a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh new file mode 100755 index 0000000..5aa7c7e --- /dev/null +++ b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh @@ -0,0 +1,59 @@ +#!/bin/bash +set -euo pipefail + +input=$(cat) +IBM_API_KEY=$(echo "$input" | jq -r '.IBM_API_KEY') +REGION=$(echo "$input" | jq -r '.region') +USE_PRIVATE_ENDPOINT=$(echo "$input" | jq -r '.use_private_endpoint') + + +if [[ -z "$IBM_API_KEY" || "$IBM_API_KEY" == "null" ]]; then + echo "Error: IBM_API_KEY is missing" >&2 + exit 1 +fi + +if [[ -z "$REGION" || "$REGION" == "null" ]]; then + echo "Error: region is missing" >&2 + exit 1 +fi + +IAM_TOKEN=$(curl -s -X POST "https://iam.cloud.ibm.com/identity/token" \ + -H "Content-Type: application/x-www-form-urlencoded" \ + -d "grant_type=urn:ibm:params:oauth:grant-type:apikey&apikey=${IBM_API_KEY}" \ + | jq -r '.access_token') + +if [[ -z "$IAM_TOKEN" || "$IAM_TOKEN" == "null" ]]; then + echo "Error: Failed to obtain IAM token" >&2 + exit 1 +fi + +if [[ "$USE_PRIVATE_ENDPOINT" == "true" ]]; then + BASE_URL="https://${REGION}.metrics-router.private.cloud.ibm.com" +else + BASE_URL="https://${REGION}.metrics-router.cloud.ibm.com" +fi + +URL="${BASE_URL}/api/v3/settings" + +max_retries=5 +retry_delay=3 + +for ((i=1; i<=max_retries; i++)); do + response=$(curl -s -X GET "$URL" -H "Authorization: Bearer ${IAM_TOKEN}" || true) + if echo "$response" | jq -e '.primary_metadata_region' >/dev/null; then + break + fi + echo "Attempt $i failed, retrying in ${retry_delay}s..." >&2 + sleep "$retry_delay" +done + +# Extract region value +primary_region=$(echo "$response" | jq -r '.primary_metadata_region // empty') + +if [[ -z "$primary_region" ]]; then + echo "Error: primary_metadata_region not found in response" >&2 + exit 1 +fi + +# Output valid JSON for Terraform +jq -n --arg primary_region "$primary_region" '{primary_metadata_region: $primary_region}' diff --git a/modules/get_primary_metadata_region/variables.tf b/modules/get_primary_metadata_region/variables.tf new file mode 100644 index 0000000..f8abec2 --- /dev/null +++ b/modules/get_primary_metadata_region/variables.tf @@ -0,0 +1,21 @@ +############################################################################## +# Input Variables +############################################################################## + +variable "ibmcloud_api_key" { + description = "The IBM Cloud API Key." + type = string + sensitive = true +} + +variable "region" { + description = "The IBM Cloud region." + type = string + default = "us-south" +} + +variable "use_private_endpoint" { + type = bool + description = "Make true to hit the private endpoint." + default = false +} diff --git a/modules/get_primary_metadata_region/version.tf b/modules/get_primary_metadata_region/version.tf new file mode 100644 index 0000000..156eae5 --- /dev/null +++ b/modules/get_primary_metadata_region/version.tf @@ -0,0 +1,21 @@ +terraform { + required_version = ">= 1.9.0" + required_providers { + time = { + source = "hashicorp/time" + version = ">= 0.9.1, < 1.0.0" + } + external = { + source = "hashicorp/external" + version = "2.3.5" + } + ibm = { + source = "ibm-cloud/ibm" + version = ">= 1.78.2, < 2.0.0" + } + null = { + source = "hashicorp/null" + version = ">= 3.2.1, < 4.0.0" + } + } +} From a43b8acd244b7d46c0640fd48bc3485e9a634146 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Tue, 11 Nov 2025 13:53:18 +0530 Subject: [PATCH 02/30] update DA --- solutions/fully-configurable/main.tf | 9 ++++++++- solutions/fully-configurable/variables.tf | 6 ++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/solutions/fully-configurable/main.tf b/solutions/fully-configurable/main.tf index 04f9d8e..4bc802b 100644 --- a/solutions/fully-configurable/main.tf +++ b/solutions/fully-configurable/main.tf @@ -72,5 +72,12 @@ module "metrics_routing" { ] metrics_router_routes = length(var.metrics_router_routes) != 0 ? var.metrics_router_routes : local.default_metrics_router_route - metrics_router_settings = var.enable_primary_metadata_region ? { primary_metadata_region = var.region } : null + metrics_router_settings = module.primary_metadata_region.primary_metadata_region != null ? null : { primary_metadata_region = var.region } +} + +module "primary_metadata_region" { + source = "../../modules/get_primary_metadata_region" + ibmcloud_api_key = var.ibmcloud_api_key + region = var.region + use_private_endpoint = var.use_private_endpoint } diff --git a/solutions/fully-configurable/variables.tf b/solutions/fully-configurable/variables.tf index 8974a89..130b3b8 100644 --- a/solutions/fully-configurable/variables.tf +++ b/solutions/fully-configurable/variables.tf @@ -120,6 +120,12 @@ variable "enable_platform_metrics" { # Metrics Routing ######################################################################################################################## +variable "use_private_endpoint" { + type = bool + description = "Make true to hit the private endpoint." + default = false +} + variable "metrics_routing_target_name" { type = string description = "The name of the IBM Cloud Metrics Routing target where metrics are collected. If the prefix variable is passed, the name of the target is prefixed to the value in the `-value` format." From b3015505617cb5b6135ea1dddb245359fee5046a Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Tue, 11 Nov 2025 14:09:19 +0530 Subject: [PATCH 03/30] update main --- modules/get_primary_metadata_region/main.tf | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/modules/get_primary_metadata_region/main.tf b/modules/get_primary_metadata_region/main.tf index a35568d..b47d407 100644 --- a/modules/get_primary_metadata_region/main.tf +++ b/modules/get_primary_metadata_region/main.tf @@ -2,26 +2,10 @@ # IBM Cloud Metric Routing ######################################################################### -# data "ibm_iam_auth_token" "tokendata" { -# } -# resource "time_sleep" "wait_iam_token" { - # depends_on = [data.ibm_iam_auth_token.tokendata] create_duration = "5s" } -# resource "null_resource" "primary_metadata_region" { -# # depends_on = [time_sleep.wait_iam_token] -# provisioner "local-exec" { -# command = "bash ${path.module}/scripts/get_primary_metadata_region.sh" -# environment = { -# ibmcloud_api_key = var.ibmcloud_api_key -# REGION = var.region -# USE_PRIVATE_ENDPOINT = var.use_private_endpoint -# } -# } -# } - data "external" "get_primary_metadata_region" { depends_on = [time_sleep.wait_iam_token] program = ["bash", "${path.module}/scripts/get_primary_metadata_region.sh"] From 8fac738399acfef0b7165b7f0b66e181c83daac5 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Wed, 12 Nov 2025 20:24:35 +0530 Subject: [PATCH 04/30] resolve comments --- modules/get_primary_metadata_region/README.md | 59 ++++++++++++++++++- modules/get_primary_metadata_region/main.tf | 11 +--- .../get_primary_metadata_region/outputs.tf | 4 +- .../get_primary_metadata_region/provider.tf | 4 -- .../scripts/get_primary_metadata_region.sh | 33 +++++++---- .../get_primary_metadata_region/variables.tf | 4 +- .../get_primary_metadata_region/version.tf | 16 ++--- solutions/fully-configurable/main.tf | 2 +- solutions/fully-configurable/variables.tf | 2 +- 9 files changed, 91 insertions(+), 44 deletions(-) delete mode 100644 modules/get_primary_metadata_region/provider.tf diff --git a/modules/get_primary_metadata_region/README.md b/modules/get_primary_metadata_region/README.md index 8d2170b..b5c47a8 100644 --- a/modules/get_primary_metadata_region/README.md +++ b/modules/get_primary_metadata_region/README.md @@ -1 +1,58 @@ -# Metrics Router module +# Primary Metadata Region + +This module retrieves the `primary_metadata_region` value from the IBM Cloud Metrics Settings for a given region. + +### Prerequisites + +This module utilizes an external script that relies on the following command-line tools being installed on the system where Terraform is executed: + +- `jq`: A lightweight and flexible command-line JSON processor. It is required for parsing the input provided by the Terraform external data source. +- `curl`: A tool to transfer data with URLs, required for making API calls to the IBM Cloud Enterprise Management API. + +## Usage + +```hcl +module "metrics_router" { + source = ""terraform-ibm-modules/cloud-monitoring/ibm//modules/get_primary_metadata_region"" + + ibmcloud_api_key = "XXXXXXXXXXXXXXXXXXXXXXXX" + region = "us-south" + use_private_endpoint = false +} +``` + + +### Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.9.0 | +| [external](#requirement\_external) | 2.3.5 | +| [ibm](#requirement\_ibm) | >= 1.78.2, < 2.0.0 | +| [null](#requirement\_null) | >= 3.2.1, < 4.0.0 | +| [time](#requirement\_time) | >= 0.9.1, < 1.0.0 | + +### Modules + +No modules. + +### Resources + +| Name | Type | +|------|------| +| [external_external.get_primary_metadata_region](https://registry.terraform.io/providers/hashicorp/external/2.3.5/docs/data-sources/external) | data source | + +### Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [ibmcloud\_api\_key](#input\_ibmcloud\_api\_key) | The IBM Cloud API Key. | `string` | n/a | yes | +| [region](#input\_region) | The IBM Cloud region. | `string` | `"us-south"` | no | +| [use\_private\_endpoint](#input\_use\_private\_endpoint) | Make true to hit the private endpoint. | `bool` | `false` | no | + +### Outputs + +| Name | Description | +|------|-------------| +| [primary\_metadata\_region](#output\_primary\_metadata\_region) | The current primary metadata region set for IBM Cloud Metrics Routing. | + diff --git a/modules/get_primary_metadata_region/main.tf b/modules/get_primary_metadata_region/main.tf index b47d407..e0bdf4e 100644 --- a/modules/get_primary_metadata_region/main.tf +++ b/modules/get_primary_metadata_region/main.tf @@ -1,14 +1,9 @@ ######################################################################## -# IBM Cloud Metric Routing +# Metrics Routing Primary Metadata Region ######################################################################### -resource "time_sleep" "wait_iam_token" { - create_duration = "5s" -} - data "external" "get_primary_metadata_region" { - depends_on = [time_sleep.wait_iam_token] - program = ["bash", "${path.module}/scripts/get_primary_metadata_region.sh"] + program = ["bash", "${path.module}/scripts/get_primary_metadata_region.sh"] query = { IBM_API_KEY = var.ibmcloud_api_key @@ -16,5 +11,3 @@ data "external" "get_primary_metadata_region" { use_private_endpoint = var.use_private_endpoint } } - - diff --git a/modules/get_primary_metadata_region/outputs.tf b/modules/get_primary_metadata_region/outputs.tf index 93bac9a..4a78b7a 100644 --- a/modules/get_primary_metadata_region/outputs.tf +++ b/modules/get_primary_metadata_region/outputs.tf @@ -1,8 +1,8 @@ ######################################################################## -# Metric Routing Account Settings +# Output ######################################################################### output "primary_metadata_region" { value = nonsensitive(data.external.get_primary_metadata_region.result.primary_metadata_region) - description = "Primary metadata region for IBM Cloud Metrics Router" + description = "The current primary metadata region set for IBM Cloud Metrics Routing." } diff --git a/modules/get_primary_metadata_region/provider.tf b/modules/get_primary_metadata_region/provider.tf deleted file mode 100644 index df45ef5..0000000 --- a/modules/get_primary_metadata_region/provider.tf +++ /dev/null @@ -1,4 +0,0 @@ -provider "ibm" { - ibmcloud_api_key = var.ibmcloud_api_key - region = var.region -} diff --git a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh index 5aa7c7e..083b73b 100755 --- a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh +++ b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh @@ -6,7 +6,6 @@ IBM_API_KEY=$(echo "$input" | jq -r '.IBM_API_KEY') REGION=$(echo "$input" | jq -r '.region') USE_PRIVATE_ENDPOINT=$(echo "$input" | jq -r '.use_private_endpoint') - if [[ -z "$IBM_API_KEY" || "$IBM_API_KEY" == "null" ]]; then echo "Error: IBM_API_KEY is missing" >&2 exit 1 @@ -17,7 +16,26 @@ if [[ -z "$REGION" || "$REGION" == "null" ]]; then exit 1 fi -IAM_TOKEN=$(curl -s -X POST "https://iam.cloud.ibm.com/identity/token" \ +get_iam_endpoint() { + IAM_ENDPOINT="${IBM_IAM_ENDPOINT:-https://iam.cloud.ibm.com}" + IAM_ENDPOINT=${IAM_ENDPOINT#https://} +} + +get_metrics_router_endpoint() { + metrics_endpoint="${IBM_CLOUD_METRICS_ENDPOINT:-metrics-router.cloud.ibm.com}" + + if [[ "$USE_PRIVATE_ENDPOINT" == "true" ]]; then + BASE_URL="https://private.${REGION}.${metrics_endpoint}" + else + BASE_URL="https://${REGION}.${metrics_endpoint}" + fi +} + +get_iam_endpoint +get_metrics_router_endpoint + +# Obtain IAM token +IAM_TOKEN=$(curl -s -X POST "https://${IAM_ENDPOINT}/identity/token" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "grant_type=urn:ibm:params:oauth:grant-type:apikey&apikey=${IBM_API_KEY}" \ | jq -r '.access_token') @@ -27,12 +45,6 @@ if [[ -z "$IAM_TOKEN" || "$IAM_TOKEN" == "null" ]]; then exit 1 fi -if [[ "$USE_PRIVATE_ENDPOINT" == "true" ]]; then - BASE_URL="https://${REGION}.metrics-router.private.cloud.ibm.com" -else - BASE_URL="https://${REGION}.metrics-router.cloud.ibm.com" -fi - URL="${BASE_URL}/api/v3/settings" max_retries=5 @@ -47,13 +59,10 @@ for ((i=1; i<=max_retries; i++)); do sleep "$retry_delay" done -# Extract region value primary_region=$(echo "$response" | jq -r '.primary_metadata_region // empty') if [[ -z "$primary_region" ]]; then - echo "Error: primary_metadata_region not found in response" >&2 - exit 1 + echo "Warning: primary_metadata_region is empty" >&2 fi -# Output valid JSON for Terraform jq -n --arg primary_region "$primary_region" '{primary_metadata_region: $primary_region}' diff --git a/modules/get_primary_metadata_region/variables.tf b/modules/get_primary_metadata_region/variables.tf index f8abec2..46f7f50 100644 --- a/modules/get_primary_metadata_region/variables.tf +++ b/modules/get_primary_metadata_region/variables.tf @@ -9,13 +9,13 @@ variable "ibmcloud_api_key" { } variable "region" { - description = "The IBM Cloud region." + description = "The IBM Cloud Metrics Routing region." type = string default = "us-south" } variable "use_private_endpoint" { type = bool - description = "Make true to hit the private endpoint." + description = "Set to true to use the private endpoints instead of public endpoints for IBM Cloud Metrics Routing service. When true, the script queries the private Metrics Routing endpoint for the given region. [Learn more](https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-endpoints)" default = false } diff --git a/modules/get_primary_metadata_region/version.tf b/modules/get_primary_metadata_region/version.tf index 156eae5..309726d 100644 --- a/modules/get_primary_metadata_region/version.tf +++ b/modules/get_primary_metadata_region/version.tf @@ -1,21 +1,13 @@ terraform { required_version = ">= 1.9.0" required_providers { - time = { - source = "hashicorp/time" - version = ">= 0.9.1, < 1.0.0" - } - external = { - source = "hashicorp/external" - version = "2.3.5" - } ibm = { source = "ibm-cloud/ibm" - version = ">= 1.78.2, < 2.0.0" + version = ">= 1.69.2, < 2.0.0" } - null = { - source = "hashicorp/null" - version = ">= 3.2.1, < 4.0.0" + external = { + source = "hashicorp/external" + version = ">= 2.3.5, <3.0.0" } } } diff --git a/solutions/fully-configurable/main.tf b/solutions/fully-configurable/main.tf index 4bc802b..e165f82 100644 --- a/solutions/fully-configurable/main.tf +++ b/solutions/fully-configurable/main.tf @@ -72,7 +72,7 @@ module "metrics_routing" { ] metrics_router_routes = length(var.metrics_router_routes) != 0 ? var.metrics_router_routes : local.default_metrics_router_route - metrics_router_settings = module.primary_metadata_region.primary_metadata_region != null ? null : { primary_metadata_region = var.region } + metrics_router_settings = length(module.primary_metadata_region.primary_metadata_region) != 0 ? null : { primary_metadata_region = var.region } } module "primary_metadata_region" { diff --git a/solutions/fully-configurable/variables.tf b/solutions/fully-configurable/variables.tf index 130b3b8..f5b71f6 100644 --- a/solutions/fully-configurable/variables.tf +++ b/solutions/fully-configurable/variables.tf @@ -122,7 +122,7 @@ variable "enable_platform_metrics" { variable "use_private_endpoint" { type = bool - description = "Make true to hit the private endpoint." + description = "Set to true to use the private endpoints instead of public endpoints for IBM Cloud Metrics Routing service. When true, the script queries the private Metrics Routing endpoint for the given region. [Learn more](https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-endpoints)" default = false } From 122c9e5220160d6c9756621bb88341fa5945f9af Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Wed, 12 Nov 2025 20:41:33 +0530 Subject: [PATCH 05/30] resolve pc and update description --- ibm_catalog.json | 2 +- modules/get_primary_metadata_region/README.md | 17 +++++++---------- modules/get_primary_metadata_region/version.tf | 4 ---- solutions/fully-configurable/variables.tf | 6 ------ 4 files changed, 8 insertions(+), 21 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index 131b39b..8b118f2 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -216,7 +216,7 @@ ] }, { - "key": "enable_primary_metadata_region" + "key": "use_private_endpoint" }, { "key": "metrics_routing_route_name" diff --git a/modules/get_primary_metadata_region/README.md b/modules/get_primary_metadata_region/README.md index b5c47a8..ac7af55 100644 --- a/modules/get_primary_metadata_region/README.md +++ b/modules/get_primary_metadata_region/README.md @@ -1,6 +1,6 @@ # Primary Metadata Region -This module retrieves the `primary_metadata_region` value from the IBM Cloud Metrics Settings for a given region. +This module retrieves the `primary_metadata_region` value from the IBM Cloud Metrics Routing Account Settings. ### Prerequisites @@ -13,9 +13,9 @@ This module utilizes an external script that relies on the following command-lin ```hcl module "metrics_router" { - source = ""terraform-ibm-modules/cloud-monitoring/ibm//modules/get_primary_metadata_region"" + source = "terraform-ibm-modules/cloud-monitoring/ibm//modules/get_primary_metadata_region" - ibmcloud_api_key = "XXXXXXXXXXXXXXXXXXXXXXXX" + ibmcloud_api_key = "XXXXXXXXXXXXXXXXXXXXXXXX" # pragma: allowlist secret region = "us-south" use_private_endpoint = false } @@ -27,10 +27,7 @@ module "metrics_router" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.9.0 | -| [external](#requirement\_external) | 2.3.5 | -| [ibm](#requirement\_ibm) | >= 1.78.2, < 2.0.0 | -| [null](#requirement\_null) | >= 3.2.1, < 4.0.0 | -| [time](#requirement\_time) | >= 0.9.1, < 1.0.0 | +| [external](#requirement\_external) | >= 2.3.5, <3.0.0 | ### Modules @@ -40,15 +37,15 @@ No modules. | Name | Type | |------|------| -| [external_external.get_primary_metadata_region](https://registry.terraform.io/providers/hashicorp/external/2.3.5/docs/data-sources/external) | data source | +| [external_external.get_primary_metadata_region](https://registry.terraform.io/providers/hashicorp/external/latest/docs/data-sources/external) | data source | ### Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [ibmcloud\_api\_key](#input\_ibmcloud\_api\_key) | The IBM Cloud API Key. | `string` | n/a | yes | -| [region](#input\_region) | The IBM Cloud region. | `string` | `"us-south"` | no | -| [use\_private\_endpoint](#input\_use\_private\_endpoint) | Make true to hit the private endpoint. | `bool` | `false` | no | +| [region](#input\_region) | The IBM Cloud Metrics Routing region. | `string` | `"us-south"` | no | +| [use\_private\_endpoint](#input\_use\_private\_endpoint) | Set to true to use the private endpoints instead of public endpoints for IBM Cloud Metrics Routing service. When true, the script queries the private Metrics Routing endpoint for the given region. [Learn more](https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-endpoints) | `bool` | `false` | no | ### Outputs diff --git a/modules/get_primary_metadata_region/version.tf b/modules/get_primary_metadata_region/version.tf index 309726d..d919e02 100644 --- a/modules/get_primary_metadata_region/version.tf +++ b/modules/get_primary_metadata_region/version.tf @@ -1,10 +1,6 @@ terraform { required_version = ">= 1.9.0" required_providers { - ibm = { - source = "ibm-cloud/ibm" - version = ">= 1.69.2, < 2.0.0" - } external = { source = "hashicorp/external" version = ">= 2.3.5, <3.0.0" diff --git a/solutions/fully-configurable/variables.tf b/solutions/fully-configurable/variables.tf index f5b71f6..97138ab 100644 --- a/solutions/fully-configurable/variables.tf +++ b/solutions/fully-configurable/variables.tf @@ -144,12 +144,6 @@ variable "enable_metrics_routing_to_cloud_monitoring" { default = true } -variable "enable_primary_metadata_region" { - type = bool - description = "When set to `true`, sets `primary_metadata_region` to `region`, storing Metrics Router metadata in that region. When `false`, no region is set and the default global region is used. For new accounts, creating targets and routes will fail until primary_metadata_region is set, so it is recommended to default enable_primary_metadata_region to true. [Learn more](https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-getting-started#configuring_account_settings)." - default = true -} - variable "metrics_router_routes" { type = list(object({ name = string From 0fd4610c59c9714c09b6cb279d4d3287916efa53 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Wed, 12 Nov 2025 20:42:59 +0530 Subject: [PATCH 06/30] update script --- .../scripts/get_primary_metadata_region.sh | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh index 083b73b..3dcf232 100755 --- a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh +++ b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh @@ -6,16 +6,6 @@ IBM_API_KEY=$(echo "$input" | jq -r '.IBM_API_KEY') REGION=$(echo "$input" | jq -r '.region') USE_PRIVATE_ENDPOINT=$(echo "$input" | jq -r '.use_private_endpoint') -if [[ -z "$IBM_API_KEY" || "$IBM_API_KEY" == "null" ]]; then - echo "Error: IBM_API_KEY is missing" >&2 - exit 1 -fi - -if [[ -z "$REGION" || "$REGION" == "null" ]]; then - echo "Error: region is missing" >&2 - exit 1 -fi - get_iam_endpoint() { IAM_ENDPOINT="${IBM_IAM_ENDPOINT:-https://iam.cloud.ibm.com}" IAM_ENDPOINT=${IAM_ENDPOINT#https://} From ba89546b61b419493b5f90e25582b0d6eb54a3c1 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Thu, 13 Nov 2025 14:37:46 +0530 Subject: [PATCH 07/30] update script to handle custome endpoint --- .../scripts/get_primary_metadata_region.sh | 25 +++++++++++++------ 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh index 3dcf232..e112fb1 100755 --- a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh +++ b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh @@ -1,5 +1,5 @@ #!/bin/bash -set -euo pipefail +set -eo pipefail input=$(cat) IBM_API_KEY=$(echo "$input" | jq -r '.IBM_API_KEY') @@ -7,17 +7,28 @@ REGION=$(echo "$input" | jq -r '.region') USE_PRIVATE_ENDPOINT=$(echo "$input" | jq -r '.use_private_endpoint') get_iam_endpoint() { - IAM_ENDPOINT="${IBM_IAM_ENDPOINT:-https://iam.cloud.ibm.com}" - IAM_ENDPOINT=${IAM_ENDPOINT#https://} + endpoint="${IBM_IAM_ENDPOINT:-https://iam.cloud.ibm.com}" + endpoint="${endpoint#https://}" + + if [ "$USE_PRIVATE_ENDPOINT" = true ] && [ "$endpoint" = "iam.cloud.ibm.com" ]; then + IAM_ENDPOINT="private.${endpoint}" + else + IAM_ENDPOINT="${endpoint}" + fi } get_metrics_router_endpoint() { - metrics_endpoint="${IBM_CLOUD_METRICS_ENDPOINT:-metrics-router.cloud.ibm.com}" + metrics_endpoint="${IBMCLOUD_METRICS_ROUTING_API_ENDPOINT:-metrics-router.cloud.ibm.com}" + metrics_endpoint="${metrics_endpoint#https://}" - if [[ "$USE_PRIVATE_ENDPOINT" == "true" ]]; then - BASE_URL="https://private.${REGION}.${metrics_endpoint}" + if [ "$metrics_endpoint" = "metrics-router.cloud.ibm.com" ]; then + if [ "$USE_PRIVATE_ENDPOINT" = true ]; then + BASE_URL="https://private.${REGION}.${metrics_endpoint}" + else + BASE_URL="https://${REGION}.${metrics_endpoint}" + fi else - BASE_URL="https://${REGION}.${metrics_endpoint}" + BASE_URL="https://${metrics_endpoint}" fi } From d453c4c1d710d3f9eb21723996ff72d35893642e Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Thu, 13 Nov 2025 14:58:01 +0530 Subject: [PATCH 08/30] update readme --- modules/get_primary_metadata_region/README.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/modules/get_primary_metadata_region/README.md b/modules/get_primary_metadata_region/README.md index ac7af55..a3d32cf 100644 --- a/modules/get_primary_metadata_region/README.md +++ b/modules/get_primary_metadata_region/README.md @@ -9,6 +9,17 @@ This module utilizes an external script that relies on the following command-lin - `jq`: A lightweight and flexible command-line JSON processor. It is required for parsing the input provided by the Terraform external data source. - `curl`: A tool to transfer data with URLs, required for making API calls to the IBM Cloud Enterprise Management API. +### Customizing default cloud service endpoints + +The user must export the endpoint as an environment variable in order to use custom cloud service endpoints with this module. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints#getting-started-with-custom-service-endpoints). + +**Important** The only supported method for customizing cloud service endpoints is to export the environment variables endpoint; be sure to export the value for `IBM_IAM_ENDPOINT` and `IBMCLOUD_METRICS_ROUTING_API_ENDPOINT`. For example, + +``` +export IBM_IAM_ENDPOINT="" +export IBMCLOUD_METRICS_ROUTING_API_ENDPOINT="" +``` + ## Usage ```hcl From 348010d5efd39025a5f6b2e87793128eca3d28d4 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Mon, 17 Nov 2025 14:27:01 +0530 Subject: [PATCH 09/30] resolve comments --- modules/get_primary_metadata_region/main.tf | 7 ++++-- .../get_primary_metadata_region/outputs.tf | 2 +- .../scripts/get_primary_metadata_region.sh | 25 ++++++++++--------- 3 files changed, 19 insertions(+), 15 deletions(-) diff --git a/modules/get_primary_metadata_region/main.tf b/modules/get_primary_metadata_region/main.tf index e0bdf4e..aa66d33 100644 --- a/modules/get_primary_metadata_region/main.tf +++ b/modules/get_primary_metadata_region/main.tf @@ -3,10 +3,13 @@ ######################################################################### data "external" "get_primary_metadata_region" { - program = ["bash", "${path.module}/scripts/get_primary_metadata_region.sh"] + program = [ + "bash", + "-c", + "IBM_API_KEY='${var.ibmcloud_api_key}' ${path.module}/scripts/get_primary_metadata_region.sh" + ] query = { - IBM_API_KEY = var.ibmcloud_api_key region = var.region use_private_endpoint = var.use_private_endpoint } diff --git a/modules/get_primary_metadata_region/outputs.tf b/modules/get_primary_metadata_region/outputs.tf index 4a78b7a..f8eab29 100644 --- a/modules/get_primary_metadata_region/outputs.tf +++ b/modules/get_primary_metadata_region/outputs.tf @@ -3,6 +3,6 @@ ######################################################################### output "primary_metadata_region" { - value = nonsensitive(data.external.get_primary_metadata_region.result.primary_metadata_region) + value = data.external.get_primary_metadata_region.result.primary_metadata_region description = "The current primary metadata region set for IBM Cloud Metrics Routing." } diff --git a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh index e112fb1..bfbaa46 100755 --- a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh +++ b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh @@ -1,19 +1,21 @@ #!/bin/bash set -eo pipefail +API_KEY="$IBM_API_KEY" + + input=$(cat) -IBM_API_KEY=$(echo "$input" | jq -r '.IBM_API_KEY') REGION=$(echo "$input" | jq -r '.region') USE_PRIVATE_ENDPOINT=$(echo "$input" | jq -r '.use_private_endpoint') get_iam_endpoint() { - endpoint="${IBM_IAM_ENDPOINT:-https://iam.cloud.ibm.com}" + endpoint="${IBMCLOUD_IAM_API_ENDPOINT:-https://iam.cloud.ibm.com}" endpoint="${endpoint#https://}" if [ "$USE_PRIVATE_ENDPOINT" = true ] && [ "$endpoint" = "iam.cloud.ibm.com" ]; then - IAM_ENDPOINT="private.${endpoint}" + IBMCLOUD_IAM_API_ENDPOINT="private.${endpoint}" else - IAM_ENDPOINT="${endpoint}" + IBMCLOUD_IAM_API_ENDPOINT="${endpoint}" fi } @@ -35,16 +37,15 @@ get_metrics_router_endpoint() { get_iam_endpoint get_metrics_router_endpoint -# Obtain IAM token -IAM_TOKEN=$(curl -s -X POST "https://${IAM_ENDPOINT}/identity/token" \ - -H "Content-Type: application/x-www-form-urlencoded" \ - -d "grant_type=urn:ibm:params:oauth:grant-type:apikey&apikey=${IBM_API_KEY}" \ - | jq -r '.access_token') +iam_response=$(curl --retry 3 -s -X POST "https://${IBMCLOUD_IAM_API_ENDPOINT}/identity/token" --header 'Content-Type: application/x-www-form-urlencoded' --header 'Accept: application/json' --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' --data-urlencode "apikey=$API_KEY") # pragma: allowlist secret +error_message=$(echo "${iam_response}" | jq 'has("errorMessage")') -if [[ -z "$IAM_TOKEN" || "$IAM_TOKEN" == "null" ]]; then - echo "Error: Failed to obtain IAM token" >&2 - exit 1 +if [[ "${error_message}" != false ]]; then + echo "${iam_response}" | jq '.errorMessage' >&2 + echo "Could not obtain an IAM access token" >&2 + exit 1 fi +IAM_TOKEN=$(echo "${iam_response}" | jq -r '.access_token') URL="${BASE_URL}/api/v3/settings" From 25c0686e847deea3e3d62144e63bc8ea8dbde37d Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Mon, 17 Nov 2025 14:31:25 +0530 Subject: [PATCH 10/30] update readme --- modules/get_primary_metadata_region/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/get_primary_metadata_region/README.md b/modules/get_primary_metadata_region/README.md index a3d32cf..d15a83b 100644 --- a/modules/get_primary_metadata_region/README.md +++ b/modules/get_primary_metadata_region/README.md @@ -13,7 +13,7 @@ This module utilizes an external script that relies on the following command-lin The user must export the endpoint as an environment variable in order to use custom cloud service endpoints with this module. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints#getting-started-with-custom-service-endpoints). -**Important** The only supported method for customizing cloud service endpoints is to export the environment variables endpoint; be sure to export the value for `IBM_IAM_ENDPOINT` and `IBMCLOUD_METRICS_ROUTING_API_ENDPOINT`. For example, +**Important** The only supported method for customizing cloud service endpoints is to export the environment variables endpoint; be sure to export the value for `IBMCLOUD_IAM_API_ENDPOINT` and `IBMCLOUD_METRICS_ROUTING_API_ENDPOINT`. For example, ``` export IBM_IAM_ENDPOINT="" From 27bc9a24551f5524e9347d091c0c5b5ee21d6058 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Mon, 17 Nov 2025 21:19:28 +0530 Subject: [PATCH 11/30] update tests --- tests/pr_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/pr_test.go b/tests/pr_test.go index 50894f5..8e824ef 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -50,6 +50,7 @@ func setupOptions(t *testing.T, prefix string) *testschematic.TestSchematicOptio TarIncludePatterns: []string{ "*.tf", "modules/metrics_routing" + "/*.tf", + "modules/get_primary_metadata_region" + "/*.tf", fullyConfigurableDADir + "/*.tf", }, TemplateFolder: fullyConfigurableDADir, @@ -111,6 +112,7 @@ func TestRunAccountSettingsDA(t *testing.T) { Testing: t, TarIncludePatterns: []string{ "modules/metrics_routing" + "/*.tf", + "modules/get_primary_metadata_region" + "/*.tf", accountSettingsDADir + "/*.tf", }, TemplateFolder: accountSettingsDADir, From cf97a21de6ac2f0b40e2803a24dfdf4fec4781ee Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Tue, 18 Nov 2025 04:54:11 +0530 Subject: [PATCH 12/30] update test --- tests/pr_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/pr_test.go b/tests/pr_test.go index 8e824ef..17a09d1 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -113,6 +113,7 @@ func TestRunAccountSettingsDA(t *testing.T) { TarIncludePatterns: []string{ "modules/metrics_routing" + "/*.tf", "modules/get_primary_metadata_region" + "/*.tf", + "modules/get_primary_metadata_region/scripts" + "/*.sh", accountSettingsDADir + "/*.tf", }, TemplateFolder: accountSettingsDADir, From d5042cfae44c16a514b044f1fc8a55c228073d71 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Tue, 18 Nov 2025 05:07:43 +0530 Subject: [PATCH 13/30] update test --- tests/pr_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/pr_test.go b/tests/pr_test.go index 17a09d1..aa346de 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -51,6 +51,7 @@ func setupOptions(t *testing.T, prefix string) *testschematic.TestSchematicOptio "*.tf", "modules/metrics_routing" + "/*.tf", "modules/get_primary_metadata_region" + "/*.tf", + "modules/get_primary_metadata_region/scripts" + "/*.sh", fullyConfigurableDADir + "/*.tf", }, TemplateFolder: fullyConfigurableDADir, From 8d7357d9cc5ca4c3771a997540085838bcf7bd3d Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Tue, 18 Nov 2025 06:24:06 +0530 Subject: [PATCH 14/30] SKIP UPGRADE TEST From 872ac2bfaf20d8c25714762e956347416dc6de5b Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Wed, 19 Nov 2025 13:25:13 +0530 Subject: [PATCH 15/30] resolve comments --- modules/get_primary_metadata_region/main.tf | 7 ++----- .../scripts/get_primary_metadata_region.sh | 4 +--- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/modules/get_primary_metadata_region/main.tf b/modules/get_primary_metadata_region/main.tf index aa66d33..e0bdf4e 100644 --- a/modules/get_primary_metadata_region/main.tf +++ b/modules/get_primary_metadata_region/main.tf @@ -3,13 +3,10 @@ ######################################################################### data "external" "get_primary_metadata_region" { - program = [ - "bash", - "-c", - "IBM_API_KEY='${var.ibmcloud_api_key}' ${path.module}/scripts/get_primary_metadata_region.sh" - ] + program = ["bash", "${path.module}/scripts/get_primary_metadata_region.sh"] query = { + IBM_API_KEY = var.ibmcloud_api_key region = var.region use_private_endpoint = var.use_private_endpoint } diff --git a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh index bfbaa46..1065094 100755 --- a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh +++ b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh @@ -1,12 +1,10 @@ #!/bin/bash set -eo pipefail -API_KEY="$IBM_API_KEY" - - input=$(cat) REGION=$(echo "$input" | jq -r '.region') USE_PRIVATE_ENDPOINT=$(echo "$input" | jq -r '.use_private_endpoint') +API_KEY=$(echo "$input" | jq -r '.IBM_API_KEY') get_iam_endpoint() { endpoint="${IBMCLOUD_IAM_API_ENDPOINT:-https://iam.cloud.ibm.com}" From c1ac16a03cd1973de194e3c2997b058c92e8c2ec Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Mon, 24 Nov 2025 15:07:25 +0530 Subject: [PATCH 16/30] resolve comments --- modules/get_primary_metadata_region/main.tf | 2 +- .../scripts/get_primary_metadata_region.sh | 68 ---------- .../scripts/primary_metadata_region.py | 117 ++++++++++++++++++ 3 files changed, 118 insertions(+), 69 deletions(-) delete mode 100755 modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh create mode 100755 modules/get_primary_metadata_region/scripts/primary_metadata_region.py diff --git a/modules/get_primary_metadata_region/main.tf b/modules/get_primary_metadata_region/main.tf index e0bdf4e..1ce5ef2 100644 --- a/modules/get_primary_metadata_region/main.tf +++ b/modules/get_primary_metadata_region/main.tf @@ -3,7 +3,7 @@ ######################################################################### data "external" "get_primary_metadata_region" { - program = ["bash", "${path.module}/scripts/get_primary_metadata_region.sh"] + program = ["python3", "${path.module}/scripts/primary_metadata_region.py"] query = { IBM_API_KEY = var.ibmcloud_api_key diff --git a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh b/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh deleted file mode 100755 index 1065094..0000000 --- a/modules/get_primary_metadata_region/scripts/get_primary_metadata_region.sh +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash -set -eo pipefail - -input=$(cat) -REGION=$(echo "$input" | jq -r '.region') -USE_PRIVATE_ENDPOINT=$(echo "$input" | jq -r '.use_private_endpoint') -API_KEY=$(echo "$input" | jq -r '.IBM_API_KEY') - -get_iam_endpoint() { - endpoint="${IBMCLOUD_IAM_API_ENDPOINT:-https://iam.cloud.ibm.com}" - endpoint="${endpoint#https://}" - - if [ "$USE_PRIVATE_ENDPOINT" = true ] && [ "$endpoint" = "iam.cloud.ibm.com" ]; then - IBMCLOUD_IAM_API_ENDPOINT="private.${endpoint}" - else - IBMCLOUD_IAM_API_ENDPOINT="${endpoint}" - fi -} - -get_metrics_router_endpoint() { - metrics_endpoint="${IBMCLOUD_METRICS_ROUTING_API_ENDPOINT:-metrics-router.cloud.ibm.com}" - metrics_endpoint="${metrics_endpoint#https://}" - - if [ "$metrics_endpoint" = "metrics-router.cloud.ibm.com" ]; then - if [ "$USE_PRIVATE_ENDPOINT" = true ]; then - BASE_URL="https://private.${REGION}.${metrics_endpoint}" - else - BASE_URL="https://${REGION}.${metrics_endpoint}" - fi - else - BASE_URL="https://${metrics_endpoint}" - fi -} - -get_iam_endpoint -get_metrics_router_endpoint - -iam_response=$(curl --retry 3 -s -X POST "https://${IBMCLOUD_IAM_API_ENDPOINT}/identity/token" --header 'Content-Type: application/x-www-form-urlencoded' --header 'Accept: application/json' --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' --data-urlencode "apikey=$API_KEY") # pragma: allowlist secret -error_message=$(echo "${iam_response}" | jq 'has("errorMessage")') - -if [[ "${error_message}" != false ]]; then - echo "${iam_response}" | jq '.errorMessage' >&2 - echo "Could not obtain an IAM access token" >&2 - exit 1 -fi -IAM_TOKEN=$(echo "${iam_response}" | jq -r '.access_token') - -URL="${BASE_URL}/api/v3/settings" - -max_retries=5 -retry_delay=3 - -for ((i=1; i<=max_retries; i++)); do - response=$(curl -s -X GET "$URL" -H "Authorization: Bearer ${IAM_TOKEN}" || true) - if echo "$response" | jq -e '.primary_metadata_region' >/dev/null; then - break - fi - echo "Attempt $i failed, retrying in ${retry_delay}s..." >&2 - sleep "$retry_delay" -done - -primary_region=$(echo "$response" | jq -r '.primary_metadata_region // empty') - -if [[ -z "$primary_region" ]]; then - echo "Warning: primary_metadata_region is empty" >&2 -fi - -jq -n --arg primary_region "$primary_region" '{primary_metadata_region: $primary_region}' diff --git a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py new file mode 100755 index 0000000..6bc4440 --- /dev/null +++ b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py @@ -0,0 +1,117 @@ +import json +import os +import sys +import time +import requests + +def load_input(): + try: + return json.load(sys.stdin) + except Exception as e: + log_error(f"Failed to parse JSON input: {e}") + sys.exit(1) + +def log_error(message): + print(message, file=sys.stderr) + +def resolve_iam_endpoint(use_private): + endpoint = os.getenv("IBMCLOUD_IAM_API_ENDPOINT", "https://iam.cloud.ibm.com") + endpoint = endpoint.replace("https://", "") + + if use_private and endpoint == "iam.cloud.ibm.com": + return f"private.{endpoint}" + return endpoint + + +def resolve_metrics_router_endpoint(region, use_private): + metrics_endpoint = os.getenv( + "IBMCLOUD_METRICS_ROUTING_API_ENDPOINT", + "metrics-router.cloud.ibm.com" + ) + metrics_endpoint = metrics_endpoint.replace("https://", "") + + if metrics_endpoint == "metrics-router.cloud.ibm.com": + if use_private: + return f"https://private.{region}.{metrics_endpoint}" + else: + return f"https://{region}.{metrics_endpoint}" + + return f"https://{metrics_endpoint}" + +def fetch_iam_token(iam_endpoint, api_key): + url = f"https://{iam_endpoint}/identity/token" + + payload = { + "grant_type": "urn:ibm:params:oauth:grant-type:apikey", + "apikey": api_key + } + + try: + resp = requests.post( + url, + data=payload, + headers={ + "Content-Type": "application/x-www-form-urlencoded", + "Accept": "application/json" + }, + timeout=10 + ) + + iam_json = resp.json() + + except Exception as e: + log_error(f"Error fetching IAM token: {e}") + sys.exit(1) + + if "errorMessage" in iam_json: + log_error(iam_json["errorMessage"]) + log_error("Could not obtain an IAM access token") + sys.exit(1) + + token = iam_json.get("access_token") + if not token: + log_error("IAM token missing from response") + sys.exit(1) + + return token + +def fetch_primary_metadata_region(base_url, iam_token): + url = f"{base_url}/api/v3/settings" + headers = {"Authorization": f"Bearer {iam_token}"} + + max_retries = 5 + retry_delay = 3 + + for attempt in range(1, max_retries + 1): + try: + resp = requests.get(url, headers=headers, timeout=10) + data = resp.json() + except Exception: + data = {} + + if "primary_metadata_region" in data: + return data["primary_metadata_region"] + + log_error(f"Attempt {attempt} failed, retrying in {retry_delay}s...") + time.sleep(retry_delay) + + log_error("`primary_metadata_region` is empty or could not be fetched") + return "" + +def main(): + input_data = load_input() + + region = input_data.get("region") + use_private_endpoint = bool(input_data.get("use_private_endpoint")) + api_key = input_data.get("IBM_API_KEY") + + iam_endpoint = resolve_iam_endpoint(use_private_endpoint) + base_url = resolve_metrics_router_endpoint(region, use_private_endpoint) + + iam_token = fetch_iam_token(iam_endpoint, api_key) + primary_region = fetch_primary_metadata_region(base_url, iam_token) + + print(json.dumps({"primary_metadata_region": primary_region})) + +if __name__ == "__main__": + main() From 0216d12b9a446ef1eb9e36c0395782c12ea0369e Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Mon, 24 Nov 2025 16:17:19 +0530 Subject: [PATCH 17/30] update script and resolve pc --- .../scripts/primary_metadata_region.py | 28 ++++++++++++------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py index 6bc4440..4812e06 100755 --- a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py +++ b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py @@ -1,9 +1,12 @@ +#!/usr/bin/env python3 import json import os import sys import time + import requests + def load_input(): try: return json.load(sys.stdin) @@ -11,9 +14,11 @@ def load_input(): log_error(f"Failed to parse JSON input: {e}") sys.exit(1) + def log_error(message): print(message, file=sys.stderr) + def resolve_iam_endpoint(use_private): endpoint = os.getenv("IBMCLOUD_IAM_API_ENDPOINT", "https://iam.cloud.ibm.com") endpoint = endpoint.replace("https://", "") @@ -25,8 +30,7 @@ def resolve_iam_endpoint(use_private): def resolve_metrics_router_endpoint(region, use_private): metrics_endpoint = os.getenv( - "IBMCLOUD_METRICS_ROUTING_API_ENDPOINT", - "metrics-router.cloud.ibm.com" + "IBMCLOUD_METRICS_ROUTING_API_ENDPOINT", "metrics-router.cloud.ibm.com" ) metrics_endpoint = metrics_endpoint.replace("https://", "") @@ -38,12 +42,13 @@ def resolve_metrics_router_endpoint(region, use_private): return f"https://{metrics_endpoint}" + def fetch_iam_token(iam_endpoint, api_key): url = f"https://{iam_endpoint}/identity/token" payload = { "grant_type": "urn:ibm:params:oauth:grant-type:apikey", - "apikey": api_key + "apikey": api_key, } try: @@ -52,9 +57,9 @@ def fetch_iam_token(iam_endpoint, api_key): data=payload, headers={ "Content-Type": "application/x-www-form-urlencoded", - "Accept": "application/json" + "Accept": "application/json", }, - timeout=10 + timeout=10, ) iam_json = resp.json() @@ -75,6 +80,7 @@ def fetch_iam_token(iam_endpoint, api_key): return token + def fetch_primary_metadata_region(base_url, iam_token): url = f"{base_url}/api/v3/settings" headers = {"Authorization": f"Bearer {iam_token}"} @@ -95,15 +101,16 @@ def fetch_primary_metadata_region(base_url, iam_token): log_error(f"Attempt {attempt} failed, retrying in {retry_delay}s...") time.sleep(retry_delay) - log_error("`primary_metadata_region` is empty or could not be fetched") - return "" + log_error("`primary_metadata_region` could not be fetched after 5 attempts.") + sys.exit(1) + def main(): input_data = load_input() - region = input_data.get("region") - use_private_endpoint = bool(input_data.get("use_private_endpoint")) - api_key = input_data.get("IBM_API_KEY") + region = input_data["region"] + api_key = input_data["IBM_API_KEY"] + use_private_endpoint = json.loads(input_data["use_private_endpoint"]) iam_endpoint = resolve_iam_endpoint(use_private_endpoint) base_url = resolve_metrics_router_endpoint(region, use_private_endpoint) @@ -113,5 +120,6 @@ def main(): print(json.dumps({"primary_metadata_region": primary_region})) + if __name__ == "__main__": main() From 4d987dd549dba6d469c800bd7675be714ef991c7 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Wed, 26 Nov 2025 14:19:52 +0530 Subject: [PATCH 18/30] update script and add cda --- common-dev-assets | 2 +- .../scripts/primary_metadata_region.py | 10 +++++++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/common-dev-assets b/common-dev-assets index 6e83549..81eca72 160000 --- a/common-dev-assets +++ b/common-dev-assets @@ -1 +1 @@ -Subproject commit 6e83549924fb8d8ae4933ba269baee0926a6f623 +Subproject commit 81eca72442c82d8fe4b67fe175e6979d058426e9 diff --git a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py index 4812e06..474ebb7 100755 --- a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py +++ b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py @@ -23,9 +23,13 @@ def resolve_iam_endpoint(use_private): endpoint = os.getenv("IBMCLOUD_IAM_API_ENDPOINT", "https://iam.cloud.ibm.com") endpoint = endpoint.replace("https://", "") - if use_private and endpoint == "iam.cloud.ibm.com": - return f"private.{endpoint}" - return endpoint + if endpoint == "iam.cloud.ibm.com": + if use_private + return f"private.{endpoint}" + else: + return f"{endpoint}" + + return f"https://{endpoint}" def resolve_metrics_router_endpoint(region, use_private): From 0bd87d62ad1d770967aaf6f20496abb2ba00e577 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Wed, 26 Nov 2025 14:23:52 +0530 Subject: [PATCH 19/30] update cdev --- common-dev-assets | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common-dev-assets b/common-dev-assets index 81eca72..191c3ec 160000 --- a/common-dev-assets +++ b/common-dev-assets @@ -1 +1 @@ -Subproject commit 81eca72442c82d8fe4b67fe175e6979d058426e9 +Subproject commit 191c3ec328a8bc402b28104c9ed5249ee5fafab3 From deddcef8dfb55b875ecdcc110180a639c0d8598a Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Thu, 27 Nov 2025 09:09:40 +0000 Subject: [PATCH 20/30] update script and tests --- .../scripts/primary_metadata_region.py | 6 +-- tests/go.mod | 23 ++++----- tests/go.sum | 51 ++++++++++--------- tests/other_test.go | 6 +-- tests/pr_test.go | 4 +- 5 files changed, 45 insertions(+), 45 deletions(-) diff --git a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py index 474ebb7..dc499f3 100755 --- a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py +++ b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py @@ -24,12 +24,12 @@ def resolve_iam_endpoint(use_private): endpoint = endpoint.replace("https://", "") if endpoint == "iam.cloud.ibm.com": - if use_private + if use_private: return f"private.{endpoint}" else: return f"{endpoint}" - - return f"https://{endpoint}" + + return f"{endpoint}" def resolve_metrics_router_endpoint(region, use_private): diff --git a/tests/go.mod b/tests/go.mod index 9c539a4..419f42a 100644 --- a/tests/go.mod +++ b/tests/go.mod @@ -6,7 +6,7 @@ toolchain go1.25.4 require ( github.com/stretchr/testify v1.11.1 - github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.21 + github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.31 ) require ( @@ -23,7 +23,6 @@ require ( github.com/ProtonMail/go-crypto v1.1.6 // indirect github.com/agext/levenshtein v1.2.3 // indirect github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect - github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect github.com/cloudflare/circl v1.6.1 // indirect github.com/cyphar/filepath-securejoin v0.4.1 // indirect @@ -37,13 +36,13 @@ require ( github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/analysis v0.23.0 // indirect - github.com/go-openapi/errors v0.22.3 // indirect + github.com/go-openapi/errors v0.22.4 // indirect github.com/go-openapi/jsonpointer v0.21.1 // indirect github.com/go-openapi/jsonreference v0.21.0 // indirect github.com/go-openapi/loads v0.22.0 // indirect github.com/go-openapi/runtime v0.28.0 // indirect github.com/go-openapi/spec v0.21.0 // indirect - github.com/go-openapi/strfmt v0.24.0 // indirect + github.com/go-openapi/strfmt v0.25.0 // indirect github.com/go-openapi/swag v0.23.1 // indirect github.com/go-openapi/validate v0.24.0 // indirect github.com/go-playground/locales v0.14.1 // indirect @@ -53,7 +52,7 @@ require ( github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect github.com/google/go-cmp v0.7.0 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/gruntwork-io/terratest v0.52.0 // indirect + github.com/gruntwork-io/terratest v0.53.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-getter/v2 v2.2.3 // indirect @@ -85,19 +84,19 @@ require ( github.com/ulikunitz/xz v0.5.11 // indirect github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/zclconf/go-cty v1.16.4 // indirect - go.mongodb.org/mongo-driver v1.17.4 // indirect + go.mongodb.org/mongo-driver v1.17.6 // indirect go.opentelemetry.io/auto/sdk v1.1.0 // indirect go.opentelemetry.io/otel v1.35.0 // indirect go.opentelemetry.io/otel/metric v1.35.0 // indirect go.opentelemetry.io/otel/trace v1.35.0 // indirect go.yaml.in/yaml/v2 v2.4.2 // indirect - golang.org/x/crypto v0.43.0 // indirect - golang.org/x/mod v0.28.0 // indirect - golang.org/x/net v0.45.0 // indirect + golang.org/x/crypto v0.44.0 // indirect + golang.org/x/mod v0.29.0 // indirect + golang.org/x/net v0.46.0 // indirect golang.org/x/sync v0.18.0 // indirect - golang.org/x/sys v0.37.0 // indirect - golang.org/x/text v0.30.0 // indirect - golang.org/x/tools v0.37.0 // indirect + golang.org/x/sys v0.38.0 // indirect + golang.org/x/text v0.31.0 // indirect + golang.org/x/tools v0.38.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/tests/go.sum b/tests/go.sum index 3e86d8a..59ae9b2 100644 --- a/tests/go.sum +++ b/tests/go.sum @@ -33,7 +33,6 @@ github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmms github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= -github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= @@ -84,8 +83,8 @@ github.com/go-openapi/analysis v0.23.0 h1:aGday7OWupfMs+LbmLZG4k0MYXIANxcuBTYUC0 github.com/go-openapi/analysis v0.23.0/go.mod h1:9mz9ZWaSlV8TvjQHLl2mUW2PbZtemkE8yA5v22ohupo= github.com/go-openapi/errors v0.19.8/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/errors v0.20.3/go.mod h1:Z3FlZ4I8jEGxjUK+bugx3on2mIAk4txuAOhlsB1FSgk= -github.com/go-openapi/errors v0.22.3 h1:k6Hxa5Jg1TUyZnOwV2Lh81j8ayNw5VVYLvKrp4zFKFs= -github.com/go-openapi/errors v0.22.3/go.mod h1:+WvbaBBULWCOna//9B9TbLNGSFOfF8lY9dw4hGiEiKQ= +github.com/go-openapi/errors v0.22.4 h1:oi2K9mHTOb5DPW2Zjdzs/NIvwi2N3fARKaTJLdNabaM= +github.com/go-openapi/errors v0.22.4/go.mod h1:z9S8ASTUqx7+CP1Q8dD8ewGH/1JWFFLX/2PmAYNQLgk= github.com/go-openapi/jsonpointer v0.21.1 h1:whnzv/pNXtK2FbX/W9yJfRmE2gsmkfahjMKB0fZvcic= github.com/go-openapi/jsonpointer v0.21.1/go.mod h1:50I1STOfbY1ycR8jGz8DaMeLCdXiI6aDteEdRNNzpdk= github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= @@ -98,10 +97,12 @@ github.com/go-openapi/spec v0.21.0 h1:LTVzPc3p/RzRnkQqLRndbAzjY0d0BCL72A6j3CdL9Z github.com/go-openapi/spec v0.21.0/go.mod h1:78u6VdPw81XU44qEWGhtr982gJ5BWg2c0I5XwVMotYk= github.com/go-openapi/strfmt v0.21.1/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k= github.com/go-openapi/strfmt v0.21.7/go.mod h1:adeGTkxE44sPyLk0JV235VQAO/ZXUr8KAzYjclFs3ew= -github.com/go-openapi/strfmt v0.24.0 h1:dDsopqbI3wrrlIzeXRbqMihRNnjzGC+ez4NQaAAJLuc= -github.com/go-openapi/strfmt v0.24.0/go.mod h1:Lnn1Bk9rZjXxU9VMADbEEOo7D7CDyKGLsSKekhFr7s4= +github.com/go-openapi/strfmt v0.25.0 h1:7R0RX7mbKLa9EYCTHRcCuIPcaqlyQiWNPTXwClK0saQ= +github.com/go-openapi/strfmt v0.25.0/go.mod h1:nNXct7OzbwrMY9+5tLX4I21pzcmE6ccMGXl3jFdPfn8= github.com/go-openapi/swag v0.23.1 h1:lpsStH0n2ittzTnbaSloVZLuB5+fvSY/+hnagBjSNZU= github.com/go-openapi/swag v0.23.1/go.mod h1:STZs8TbRvEQQKUA+JZNAm3EWlgaOBGpyFDqQnDHMef0= +github.com/go-openapi/testify/v2 v2.0.2 h1:X999g3jeLcoY8qctY/c/Z8iBHTbwLz7R2WXd6Ub6wls= +github.com/go-openapi/testify/v2 v2.0.2/go.mod h1:HCPmvFFnheKK2BuwSA0TbbdxJ3I16pjwMkYkP4Ywn54= github.com/go-openapi/validate v0.24.0 h1:LdfDKwNbpB6Vn40xhTdNZAnfLECL81w+VX3BumrGD58= github.com/go-openapi/validate v0.24.0/go.mod h1:iyeX1sEufmv3nPbBdX3ieNviWnOZaJ1+zquzJEf2BAQ= github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= @@ -149,8 +150,8 @@ github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/gruntwork-io/terratest v0.52.0 h1:7+I3FqEImowIajZ9Qyo5ngr7n2AUINJko6x+KzlWNjU= -github.com/gruntwork-io/terratest v0.52.0/go.mod h1:y2Evi+Ac04QpzF3mbRPqrBjipDN7gjqlw6+OZoy2vX4= +github.com/gruntwork-io/terratest v0.53.0 h1:r5U3nfrQCTGvnlJIIh6R5g8z8dwRcjNESYO/wYyOXsI= +github.com/gruntwork-io/terratest v0.53.0/go.mod h1:y2Evi+Ac04QpzF3mbRPqrBjipDN7gjqlw6+OZoy2vX4= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -296,8 +297,8 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= -github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.21 h1:u+m413fTNcv8pM8q3xZUZCnNPh6/Ax9TtGEPC9XCswU= -github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.21/go.mod h1:uBNM9I6XCkIJXhWPwPIyKWOWTxWMJvR34XPoCpbcpos= +github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.31 h1:2ZslGjNvCrqTSmnqkbpsDLIchvO4hyBYCJvA28B35Ec= +github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.31/go.mod h1:9X9hk3QCx9h/5mmoWUwDT2ORmgvyr1tURcgDtiqlC2Q= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tmccombs/hcl2json v0.6.4 h1:/FWnzS9JCuyZ4MNwrG4vMrFrzRgsWEOVi+1AyYUVLGw= github.com/tmccombs/hcl2json v0.6.4/go.mod h1:+ppKlIW3H5nsAsZddXPy2iMyvld3SHxyjswOZhavRDk= @@ -320,8 +321,8 @@ github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940 h1:4r45xpDWB6 github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940/go.mod h1:CmBdvvj3nqzfzJ6nTCIwDTPZ56aVGvDrmztiO5g3qrM= go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= go.mongodb.org/mongo-driver v1.11.3/go.mod h1:PTSz5yu21bkT/wXpkS7WR5f0ddqw5quethTUn9WM+2g= -go.mongodb.org/mongo-driver v1.17.4 h1:jUorfmVzljjr0FLzYQsGP8cgN/qzzxlY9Vh0C9KFXVw= -go.mongodb.org/mongo-driver v1.17.4/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ= +go.mongodb.org/mongo-driver v1.17.6 h1:87JUG1wZfWsr6rIz3ZmpH90rL5tea7O3IHuSwHUpsss= +go.mongodb.org/mongo-driver v1.17.6/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ= go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= go.opentelemetry.io/otel v1.35.0 h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ= @@ -346,8 +347,8 @@ golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98y golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/crypto v0.43.0 h1:dduJYIi3A3KOfdGOHX8AVZ/jGiyPa3IbBozJ5kNuE04= -golang.org/x/crypto v0.43.0/go.mod h1:BFbav4mRNlXJL4wNeejLpWxB7wMbc79PdRGhWKncxR0= +golang.org/x/crypto v0.44.0 h1:A97SsFvM3AIwEEmTBiaxPPTYpDC47w720rdiiUvgoAU= +golang.org/x/crypto v0.44.0/go.mod h1:013i+Nw79BMiQiMsOPcVCB5ZIJbYkerPrGnOa00tvmc= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= @@ -358,8 +359,8 @@ golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U= -golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI= +golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= +golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= @@ -387,8 +388,8 @@ golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= -golang.org/x/net v0.45.0 h1:RLBg5JKixCy82FtLJpeNlVM0nrSqpCRYzVU1n8kj0tM= -golang.org/x/net v0.45.0/go.mod h1:ECOoLqd5U3Lhyeyo/QDCEVQ4sNgYsqvCZ722XogGieY= +golang.org/x/net v0.46.0 h1:giFlY12I07fugqwPuWJi68oOnpfqFnJIJzaIIm2JVV4= +golang.org/x/net v0.46.0/go.mod h1:Q9BGdFy1y4nkUwiLvT5qtyhAnEHgnQ/zd8PfU6nc210= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -437,8 +438,8 @@ golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.37.0 h1:fdNQudmxPjkdUTPnLn5mdQv7Zwvbvpaxqs831goi9kQ= -golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc= +golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -453,8 +454,8 @@ golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= -golang.org/x/term v0.36.0 h1:zMPR+aF8gfksFprF/Nc/rd1wRS1EI6nDBGyWAvDzx2Q= -golang.org/x/term v0.36.0/go.mod h1:Qu394IJq6V6dCBRgwqshf3mPF85AqzYEzofzRdZkWss= +golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU= +golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -471,8 +472,8 @@ golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.30.0 h1:yznKA/E9zq54KzlzBEAWn1NXSQ8DIp/NYMy88xJjl4k= -golang.org/x/text v0.30.0/go.mod h1:yDdHFIX9t+tORqspjENWgzaCVXgk0yYnYuSZ8UzzBVM= +golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM= +golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190531172133-b3315ee88b7d/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -488,8 +489,8 @@ golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= -golang.org/x/tools v0.37.0 h1:DVSRzp7FwePZW356yEAChSdNcQo6Nsp+fex1SUW09lE= -golang.org/x/tools v0.37.0/go.mod h1:MBN5QPQtLMHVdvsbtarmTNukZDdgwdwlO5qGacAzF0w= +golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ= +golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/tests/other_test.go b/tests/other_test.go index 5fd6fb4..9f1f6a1 100644 --- a/tests/other_test.go +++ b/tests/other_test.go @@ -2,10 +2,10 @@ package test import ( - "math/rand" "testing" "github.com/stretchr/testify/assert" + "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/common" "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testhelper" "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testschematic" ) @@ -20,7 +20,7 @@ func setupExamplesOptions(t *testing.T, prefix string, dir string) *testhelper.T TerraformDir: dir, Prefix: prefix, ResourceGroup: resourceGroup, - Region: validRegions[rand.Intn(len(validRegions))], + Region: validRegions[common.CryptoIntn(len(validRegions))], }) return options @@ -45,7 +45,7 @@ func TestRunAdvancedExampleInSchematics(t *testing.T) { options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{ Testing: t, Prefix: "icm-adv", - Region: validRegions[rand.Intn(len(validRegions))], + Region: validRegions[common.CryptoIntn(len(validRegions))], TarIncludePatterns: []string{ "*.tf", "modules/metrics_routing" + "/*.tf", diff --git a/tests/pr_test.go b/tests/pr_test.go index aa346de..d99d4d8 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -2,10 +2,10 @@ package test import ( - "math/rand" "testing" "github.com/stretchr/testify/assert" + "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/common" "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testhelper" "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testschematic" ) @@ -37,7 +37,7 @@ Common setup options for fully configurable DA variation */ func setupOptions(t *testing.T, prefix string) *testschematic.TestSchematicOptions { - region := validRegions[rand.Intn(len(validRegions))] + region := validRegions[common.CryptoIntn(len(validRegions))] plan := "graduated-tier" // when region is 'eu-fr2' take opportunity to test 'graduated-tier-sysdig-secure-plus-monitor' plan From a6491c8fbc1a1cbef36c09357ad63272eb8618ba Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Thu, 27 Nov 2025 15:33:59 +0530 Subject: [PATCH 21/30] update script --- modules/get_primary_metadata_region/README.md | 19 +++--- modules/get_primary_metadata_region/main.tf | 4 +- .../scripts/primary_metadata_region.py | 58 +------------------ .../get_primary_metadata_region/variables.tf | 10 ++-- .../get_primary_metadata_region/version.tf | 5 ++ solutions/fully-configurable/main.tf | 1 - tests/pr_test.go | 4 +- 7 files changed, 24 insertions(+), 77 deletions(-) diff --git a/modules/get_primary_metadata_region/README.md b/modules/get_primary_metadata_region/README.md index d15a83b..47a8520 100644 --- a/modules/get_primary_metadata_region/README.md +++ b/modules/get_primary_metadata_region/README.md @@ -2,31 +2,26 @@ This module retrieves the `primary_metadata_region` value from the IBM Cloud Metrics Routing Account Settings. -### Prerequisites - -This module utilizes an external script that relies on the following command-line tools being installed on the system where Terraform is executed: - -- `jq`: A lightweight and flexible command-line JSON processor. It is required for parsing the input provided by the Terraform external data source. -- `curl`: A tool to transfer data with URLs, required for making API calls to the IBM Cloud Enterprise Management API. - ### Customizing default cloud service endpoints The user must export the endpoint as an environment variable in order to use custom cloud service endpoints with this module. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints#getting-started-with-custom-service-endpoints). -**Important** The only supported method for customizing cloud service endpoints is to export the environment variables endpoint; be sure to export the value for `IBMCLOUD_IAM_API_ENDPOINT` and `IBMCLOUD_METRICS_ROUTING_API_ENDPOINT`. For example, +**Important** The only supported method for customizing cloud service endpoints is to export the environment variables endpoint; be sure to export the value for `IBMCLOUD_METRICS_ROUTING_API_ENDPOINT`. For example, ``` -export IBM_IAM_ENDPOINT="" export IBMCLOUD_METRICS_ROUTING_API_ENDPOINT="" ``` ## Usage ```hcl + +provider "ibm" { + ibmcloud_api_key = "XXXXXXXXXXXXXXXXXXXXXXXX" # pragma: allowlist secret +} + module "metrics_router" { source = "terraform-ibm-modules/cloud-monitoring/ibm//modules/get_primary_metadata_region" - - ibmcloud_api_key = "XXXXXXXXXXXXXXXXXXXXXXXX" # pragma: allowlist secret region = "us-south" use_private_endpoint = false } @@ -39,6 +34,7 @@ module "metrics_router" { |------|---------| | [terraform](#requirement\_terraform) | >= 1.9.0 | | [external](#requirement\_external) | >= 2.3.5, <3.0.0 | +| [ibm](#requirement\_ibm) | >= 1.69.2, < 2.0.0 | ### Modules @@ -49,6 +45,7 @@ No modules. | Name | Type | |------|------| | [external_external.get_primary_metadata_region](https://registry.terraform.io/providers/hashicorp/external/latest/docs/data-sources/external) | data source | +| [ibm_iam_auth_token.token](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/data-sources/iam_auth_token) | data source | ### Inputs diff --git a/modules/get_primary_metadata_region/main.tf b/modules/get_primary_metadata_region/main.tf index 1ce5ef2..87011b6 100644 --- a/modules/get_primary_metadata_region/main.tf +++ b/modules/get_primary_metadata_region/main.tf @@ -2,11 +2,13 @@ # Metrics Routing Primary Metadata Region ######################################################################### +data "ibm_iam_auth_token" "token" {} + data "external" "get_primary_metadata_region" { program = ["python3", "${path.module}/scripts/primary_metadata_region.py"] query = { - IBM_API_KEY = var.ibmcloud_api_key + iam_access_token = data.ibm_iam_auth_token.token.iam_access_token region = var.region use_private_endpoint = var.use_private_endpoint } diff --git a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py index dc499f3..bbc991a 100755 --- a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py +++ b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py @@ -19,19 +19,6 @@ def log_error(message): print(message, file=sys.stderr) -def resolve_iam_endpoint(use_private): - endpoint = os.getenv("IBMCLOUD_IAM_API_ENDPOINT", "https://iam.cloud.ibm.com") - endpoint = endpoint.replace("https://", "") - - if endpoint == "iam.cloud.ibm.com": - if use_private: - return f"private.{endpoint}" - else: - return f"{endpoint}" - - return f"{endpoint}" - - def resolve_metrics_router_endpoint(region, use_private): metrics_endpoint = os.getenv( "IBMCLOUD_METRICS_ROUTING_API_ENDPOINT", "metrics-router.cloud.ibm.com" @@ -47,47 +34,9 @@ def resolve_metrics_router_endpoint(region, use_private): return f"https://{metrics_endpoint}" -def fetch_iam_token(iam_endpoint, api_key): - url = f"https://{iam_endpoint}/identity/token" - - payload = { - "grant_type": "urn:ibm:params:oauth:grant-type:apikey", - "apikey": api_key, - } - - try: - resp = requests.post( - url, - data=payload, - headers={ - "Content-Type": "application/x-www-form-urlencoded", - "Accept": "application/json", - }, - timeout=10, - ) - - iam_json = resp.json() - - except Exception as e: - log_error(f"Error fetching IAM token: {e}") - sys.exit(1) - - if "errorMessage" in iam_json: - log_error(iam_json["errorMessage"]) - log_error("Could not obtain an IAM access token") - sys.exit(1) - - token = iam_json.get("access_token") - if not token: - log_error("IAM token missing from response") - sys.exit(1) - - return token - - def fetch_primary_metadata_region(base_url, iam_token): url = f"{base_url}/api/v3/settings" - headers = {"Authorization": f"Bearer {iam_token}"} + headers = {"Authorization": f"{iam_token}"} max_retries = 5 retry_delay = 3 @@ -113,13 +62,10 @@ def main(): input_data = load_input() region = input_data["region"] - api_key = input_data["IBM_API_KEY"] + iam_token = input_data["iam_access_token"] use_private_endpoint = json.loads(input_data["use_private_endpoint"]) - iam_endpoint = resolve_iam_endpoint(use_private_endpoint) base_url = resolve_metrics_router_endpoint(region, use_private_endpoint) - - iam_token = fetch_iam_token(iam_endpoint, api_key) primary_region = fetch_primary_metadata_region(base_url, iam_token) print(json.dumps({"primary_metadata_region": primary_region})) diff --git a/modules/get_primary_metadata_region/variables.tf b/modules/get_primary_metadata_region/variables.tf index 46f7f50..09f2a85 100644 --- a/modules/get_primary_metadata_region/variables.tf +++ b/modules/get_primary_metadata_region/variables.tf @@ -2,11 +2,11 @@ # Input Variables ############################################################################## -variable "ibmcloud_api_key" { - description = "The IBM Cloud API Key." - type = string - sensitive = true -} +# variable "ibmcloud_api_key" { +# description = "The IBM Cloud API Key." +# type = string +# sensitive = true +# } variable "region" { description = "The IBM Cloud Metrics Routing region." diff --git a/modules/get_primary_metadata_region/version.tf b/modules/get_primary_metadata_region/version.tf index d919e02..32babb0 100644 --- a/modules/get_primary_metadata_region/version.tf +++ b/modules/get_primary_metadata_region/version.tf @@ -1,6 +1,11 @@ terraform { required_version = ">= 1.9.0" required_providers { + # Use "greater than or equal to" range in modules + ibm = { + source = "ibm-cloud/ibm" + version = ">= 1.69.2, < 2.0.0" + } external = { source = "hashicorp/external" version = ">= 2.3.5, <3.0.0" diff --git a/solutions/fully-configurable/main.tf b/solutions/fully-configurable/main.tf index 9439f69..092a632 100644 --- a/solutions/fully-configurable/main.tf +++ b/solutions/fully-configurable/main.tf @@ -77,7 +77,6 @@ module "metrics_routing" { module "primary_metadata_region" { source = "../../modules/get_primary_metadata_region" - ibmcloud_api_key = var.ibmcloud_api_key region = var.region use_private_endpoint = var.use_private_endpoint } diff --git a/tests/pr_test.go b/tests/pr_test.go index d99d4d8..0a866d2 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -51,7 +51,7 @@ func setupOptions(t *testing.T, prefix string) *testschematic.TestSchematicOptio "*.tf", "modules/metrics_routing" + "/*.tf", "modules/get_primary_metadata_region" + "/*.tf", - "modules/get_primary_metadata_region/scripts" + "/*.sh", + "modules/get_primary_metadata_region/scripts" + "/*.py", fullyConfigurableDADir + "/*.tf", }, TemplateFolder: fullyConfigurableDADir, @@ -113,8 +113,6 @@ func TestRunAccountSettingsDA(t *testing.T) { Testing: t, TarIncludePatterns: []string{ "modules/metrics_routing" + "/*.tf", - "modules/get_primary_metadata_region" + "/*.tf", - "modules/get_primary_metadata_region/scripts" + "/*.sh", accountSettingsDADir + "/*.tf", }, TemplateFolder: accountSettingsDADir, From d7e59651873305c4145795241c0ee878fd360292 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Thu, 27 Nov 2025 15:36:57 +0530 Subject: [PATCH 22/30] remove commented code --- modules/get_primary_metadata_region/variables.tf | 6 ------ 1 file changed, 6 deletions(-) diff --git a/modules/get_primary_metadata_region/variables.tf b/modules/get_primary_metadata_region/variables.tf index 09f2a85..b038cff 100644 --- a/modules/get_primary_metadata_region/variables.tf +++ b/modules/get_primary_metadata_region/variables.tf @@ -2,12 +2,6 @@ # Input Variables ############################################################################## -# variable "ibmcloud_api_key" { -# description = "The IBM Cloud API Key." -# type = string -# sensitive = true -# } - variable "region" { description = "The IBM Cloud Metrics Routing region." type = string From dcbce8181661abe16ebb5cdaee58f9137efdda23 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Thu, 27 Nov 2025 10:24:06 +0000 Subject: [PATCH 23/30] resolve pc --- modules/get_primary_metadata_region/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/get_primary_metadata_region/README.md b/modules/get_primary_metadata_region/README.md index 47a8520..21add7a 100644 --- a/modules/get_primary_metadata_region/README.md +++ b/modules/get_primary_metadata_region/README.md @@ -51,7 +51,6 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [ibmcloud\_api\_key](#input\_ibmcloud\_api\_key) | The IBM Cloud API Key. | `string` | n/a | yes | | [region](#input\_region) | The IBM Cloud Metrics Routing region. | `string` | `"us-south"` | no | | [use\_private\_endpoint](#input\_use\_private\_endpoint) | Set to true to use the private endpoints instead of public endpoints for IBM Cloud Metrics Routing service. When true, the script queries the private Metrics Routing endpoint for the given region. [Learn more](https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-endpoints) | `bool` | `false` | no | From db446f33d46f96e68fc187927509281e496bbc0f Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Fri, 28 Nov 2025 17:08:37 +0530 Subject: [PATCH 24/30] add debug logs --- .../scripts/primary_metadata_region.py | 30 +++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py index bbc991a..998ce8d 100755 --- a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py +++ b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py @@ -6,10 +6,17 @@ import requests +def dbg(msg): + print(f"[DEBUG] {msg}", file=sys.stderr) + def load_input(): try: - return json.load(sys.stdin) + raw = sys.stdin.read() + dbg(f"Raw input read from stdin: {raw}") + data = json.loads(raw) + dbg(f"Parsed input: {data}") + return data except Exception as e: log_error(f"Failed to parse JSON input: {e}") sys.exit(1) @@ -20,23 +27,31 @@ def log_error(message): def resolve_metrics_router_endpoint(region, use_private): + dbg(f"Running the function to get the metrics router endpoint(region={region}, use_private={use_private})") metrics_endpoint = os.getenv( "IBMCLOUD_METRICS_ROUTING_API_ENDPOINT", "metrics-router.cloud.ibm.com" ) metrics_endpoint = metrics_endpoint.replace("https://", "") + dbg(f"The final endpoint: {metrics_endpoint}") + if metrics_endpoint == "metrics-router.cloud.ibm.com": if use_private: + dbg(f"Using private endpoint: {metrics_endpoint}") return f"https://private.{region}.{metrics_endpoint}" else: + dbg(f"Using public endpoint: {metrics_endpoint}") return f"https://{region}.{metrics_endpoint}" + dbg(f"Final endpoint is: https://{metrics_endpoint}") return f"https://{metrics_endpoint}" def fetch_primary_metadata_region(base_url, iam_token): url = f"{base_url}/api/v3/settings" + dbg(f"url is: {url}") headers = {"Authorization": f"{iam_token}"} + dbg(f"header is: {headers}") max_retries = 5 retry_delay = 3 @@ -44,11 +59,15 @@ def fetch_primary_metadata_region(base_url, iam_token): for attempt in range(1, max_retries + 1): try: resp = requests.get(url, headers=headers, timeout=10) + dbg(f"HTTP {resp.status_code} response: {resp.text}") data = resp.json() - except Exception: + dbg(f"Parsed JSON: {data}") + except Exception as e: + dbg(f"Exception during request: {e}") data = {} if "primary_metadata_region" in data: + dbg(f"Found primary_metadata_region: {data['primary_metadata_region']}") return data["primary_metadata_region"] log_error(f"Attempt {attempt} failed, retrying in {retry_delay}s...") @@ -60,16 +79,23 @@ def fetch_primary_metadata_region(base_url, iam_token): def main(): input_data = load_input() + dbg(f"input data is : {input_data}") region = input_data["region"] + dbg(f"region is : {input_data}") iam_token = input_data["iam_access_token"] use_private_endpoint = json.loads(input_data["use_private_endpoint"]) + dbg(f"private endpoint or not is : {use_private_endpoint}") base_url = resolve_metrics_router_endpoint(region, use_private_endpoint) + dbg(f"Base URL: {base_url}") primary_region = fetch_primary_metadata_region(base_url, iam_token) + dbg(f"Primary metadata region: {primary_region}") print(json.dumps({"primary_metadata_region": primary_region})) + if __name__ == "__main__": + dbg("Script started") main() From 00f101dbda8e8c421bdd8c980e694f5388d0c1bb Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Fri, 28 Nov 2025 17:14:22 +0530 Subject: [PATCH 25/30] update script --- .../scripts/primary_metadata_region.py | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py index 998ce8d..3d0f036 100755 --- a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py +++ b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py @@ -51,7 +51,6 @@ def fetch_primary_metadata_region(base_url, iam_token): url = f"{base_url}/api/v3/settings" dbg(f"url is: {url}") headers = {"Authorization": f"{iam_token}"} - dbg(f"header is: {headers}") max_retries = 5 retry_delay = 3 From f7c9d65cc412cd6d551d48baa30b5457ca691620 Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Fri, 28 Nov 2025 17:15:25 +0530 Subject: [PATCH 26/30] update script --- .../scripts/primary_metadata_region.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py index 3d0f036..c70e4f9 100755 --- a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py +++ b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py @@ -13,9 +13,7 @@ def dbg(msg): def load_input(): try: raw = sys.stdin.read() - dbg(f"Raw input read from stdin: {raw}") data = json.loads(raw) - dbg(f"Parsed input: {data}") return data except Exception as e: log_error(f"Failed to parse JSON input: {e}") From 69ae78671f501f8ff2b57ed0503abb7a3ce8c46d Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Fri, 28 Nov 2025 18:44:51 +0530 Subject: [PATCH 27/30] update script --- .../scripts/primary_metadata_region.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py index c70e4f9..a6bf911 100755 --- a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py +++ b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py @@ -27,7 +27,7 @@ def log_error(message): def resolve_metrics_router_endpoint(region, use_private): dbg(f"Running the function to get the metrics router endpoint(region={region}, use_private={use_private})") metrics_endpoint = os.getenv( - "IBMCLOUD_METRICS_ROUTING_API_ENDPOINT", "metrics-router.cloud.ibm.com" + 'IBMCLOUD_METRICS_ROUTING_API_ENDPOINT', 'metrics-router.cloud.ibm.com' ) metrics_endpoint = metrics_endpoint.replace("https://", "") @@ -76,10 +76,9 @@ def fetch_primary_metadata_region(base_url, iam_token): def main(): input_data = load_input() - dbg(f"input data is : {input_data}") region = input_data["region"] - dbg(f"region is : {input_data}") + dbg(f"region is : {region}") iam_token = input_data["iam_access_token"] use_private_endpoint = json.loads(input_data["use_private_endpoint"]) dbg(f"private endpoint or not is : {use_private_endpoint}") From 145dbb7027edfd9c0c9b4fe242aa3b51d13abc6b Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Fri, 28 Nov 2025 18:52:16 +0530 Subject: [PATCH 28/30] update script --- .../scripts/primary_metadata_region.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py index a6bf911..ee68c15 100755 --- a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py +++ b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py @@ -26,9 +26,12 @@ def log_error(message): def resolve_metrics_router_endpoint(region, use_private): dbg(f"Running the function to get the metrics router endpoint(region={region}, use_private={use_private})") - metrics_endpoint = os.getenv( - 'IBMCLOUD_METRICS_ROUTING_API_ENDPOINT', 'metrics-router.cloud.ibm.com' - ) + + metrics_endpoint = os.getenv("IBMCLOUD_METRICS_ROUTING_API_ENDPOINT") + dbg(f"environment input is: {metrics_endpoint}") + + if not metrics_endpoint: + metrics_endpoint = "metrics-router.cloud.ibm.com" metrics_endpoint = metrics_endpoint.replace("https://", "") dbg(f"The final endpoint: {metrics_endpoint}") From de2a40b33cb7be0a35855d5a04e01c671df2cf4b Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Mon, 1 Dec 2025 05:59:04 +0530 Subject: [PATCH 29/30] remove debugger --- .../scripts/primary_metadata_region.py | 26 +------------------ 1 file changed, 1 insertion(+), 25 deletions(-) diff --git a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py index ee68c15..63b93cd 100755 --- a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py +++ b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py @@ -6,9 +6,6 @@ import requests -def dbg(msg): - print(f"[DEBUG] {msg}", file=sys.stderr) - def load_input(): try: @@ -19,38 +16,28 @@ def load_input(): log_error(f"Failed to parse JSON input: {e}") sys.exit(1) - def log_error(message): print(message, file=sys.stderr) - def resolve_metrics_router_endpoint(region, use_private): - dbg(f"Running the function to get the metrics router endpoint(region={region}, use_private={use_private})") metrics_endpoint = os.getenv("IBMCLOUD_METRICS_ROUTING_API_ENDPOINT") - dbg(f"environment input is: {metrics_endpoint}") if not metrics_endpoint: metrics_endpoint = "metrics-router.cloud.ibm.com" metrics_endpoint = metrics_endpoint.replace("https://", "") - dbg(f"The final endpoint: {metrics_endpoint}") - if metrics_endpoint == "metrics-router.cloud.ibm.com": if use_private: - dbg(f"Using private endpoint: {metrics_endpoint}") return f"https://private.{region}.{metrics_endpoint}" else: - dbg(f"Using public endpoint: {metrics_endpoint}") return f"https://{region}.{metrics_endpoint}" - dbg(f"Final endpoint is: https://{metrics_endpoint}") return f"https://{metrics_endpoint}" def fetch_primary_metadata_region(base_url, iam_token): url = f"{base_url}/api/v3/settings" - dbg(f"url is: {url}") headers = {"Authorization": f"{iam_token}"} max_retries = 5 @@ -59,15 +46,11 @@ def fetch_primary_metadata_region(base_url, iam_token): for attempt in range(1, max_retries + 1): try: resp = requests.get(url, headers=headers, timeout=10) - dbg(f"HTTP {resp.status_code} response: {resp.text}") data = resp.json() - dbg(f"Parsed JSON: {data}") - except Exception as e: - dbg(f"Exception during request: {e}") + except Exception: data = {} if "primary_metadata_region" in data: - dbg(f"Found primary_metadata_region: {data['primary_metadata_region']}") return data["primary_metadata_region"] log_error(f"Attempt {attempt} failed, retrying in {retry_delay}s...") @@ -81,20 +64,13 @@ def main(): input_data = load_input() region = input_data["region"] - dbg(f"region is : {region}") iam_token = input_data["iam_access_token"] use_private_endpoint = json.loads(input_data["use_private_endpoint"]) - dbg(f"private endpoint or not is : {use_private_endpoint}") base_url = resolve_metrics_router_endpoint(region, use_private_endpoint) - dbg(f"Base URL: {base_url}") primary_region = fetch_primary_metadata_region(base_url, iam_token) - dbg(f"Primary metadata region: {primary_region}") print(json.dumps({"primary_metadata_region": primary_region})) - - if __name__ == "__main__": - dbg("Script started") main() From e42b25a007b555cef899048de91857af22d2e8df Mon Sep 17 00:00:00 2001 From: Md Anam Raihan Date: Mon, 1 Dec 2025 07:42:34 +0000 Subject: [PATCH 30/30] run pc --- .../scripts/primary_metadata_region.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py index 63b93cd..c1fe836 100755 --- a/modules/get_primary_metadata_region/scripts/primary_metadata_region.py +++ b/modules/get_primary_metadata_region/scripts/primary_metadata_region.py @@ -16,11 +16,12 @@ def load_input(): log_error(f"Failed to parse JSON input: {e}") sys.exit(1) + def log_error(message): print(message, file=sys.stderr) + def resolve_metrics_router_endpoint(region, use_private): - metrics_endpoint = os.getenv("IBMCLOUD_METRICS_ROUTING_API_ENDPOINT") if not metrics_endpoint: @@ -71,6 +72,7 @@ def main(): primary_region = fetch_primary_metadata_region(base_url, iam_token) print(json.dumps({"primary_metadata_region": primary_region})) - + + if __name__ == "__main__": main()