Replace container registry provider with generated variant (IBM-Cloud…

…#2372)

* Replace Container Registry provider with generated version

Signed-off-by: James Hart <[email protected]>

* Update secrets baseline

Signed-off-by: James Hart <[email protected]>

* Revert "Update secrets baseline"

This reverts commit 04cc2d1.

* Make the correct update to .secrets.baseline

Signed-off-by: James Hart <[email protected]>

* Updates from generator 3.31.0 to address review comments

Signed-off-by: James Hart <[email protected]>

* update secrets baseline

Signed-off-by: James Hart <[email protected]>

* Correct the default value for retain_untagged

Signed-off-by: James Hart <[email protected]>

* Error if images_per_repo not set

Signed-off-by: James Hart <[email protected]>

* Refix hand-edit for images_per_repo not set

Signed-off-by: James Hart <[email protected]>

* Make images_per_repo mandatory in cr retention policy

Signed-off-by: James Hart <[email protected]>

* Fix error handling in cr namespace datasource

Signed-off-by: James Hart <[email protected]>

.pre-commit-config.yaml

@@ -11,7 +11,7 @@ repos:
   # You are encouraged to use static refs such as tags, instead of branch name
   #
   # Running "pre-commit autoupdate" would automatically updates rev to latest tag
-  rev: 0.13.1+ibm.32.dss
+  rev: 0.13.1+ibm.34.dss
   hooks:
     - id: detect-secrets # pragma: whitelist secret
       # Add options for detect-secrets-hook binary. You can run `detect-secrets-hook --help` to list out all possible options.

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "go.sum|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2021-05-11T14:26:53Z",
+  "generated_at": "2021-05-13T14:12:36Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -749,47 +749,47 @@
         "hashed_secret": "c5f98d8912a37f6faaaa98d0df6668062f0417df",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 107,
+        "line_number": 106,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "9184b0c38101bf24d78b2bb0d044deb1d33696fc",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 108,
+        "line_number": 107,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "c427f185ddcb2440be9b77c8e45f1cd487a2e790",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1115,
+        "line_number": 1098,
         "type": "Base64 High Entropy String",
         "verified_result": null
       },
       {
         "hashed_secret": "1f614c2eb6b3da22d89bd1b9fd47d7cb7c8fc670",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 2082,
+        "line_number": 2098,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "7abfce65b8504403afc25c9790f358d513dfbcc6",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 2095,
+        "line_number": 2111,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "0c2d85bf9a9b1579b16f220a4ea8c3d62b2e24b1",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 2131,
+        "line_number": 2147,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -927,15 +927,15 @@
         "hashed_secret": "c8b6f5ef11b9223ac35a5663975a466ebe7ebba9",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 781,
+        "line_number": 784,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "8abf4899c01104241510ba87685ad4de76b0c437",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 787,
+        "line_number": 790,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1128,22 +1128,22 @@
         "verified_result": null
       }
     ],
-    "ibm/resource_ibm_cos_bucket_test.go": [
+    "ibm/resource_ibm_cos_bucket_object.go": [
       {
-        "hashed_secret": "988ff3bd9a74260f3e32e115fdd6535aaa5c531a",
+        "hashed_secret": "b02fa7fd7ca08b5dc86c2548e40f8a21171ef977",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 446,
+        "line_number": 394,
         "type": "Secret Keyword",
         "verified_result": null
       }
     ],
-    "ibm/resource_ibm_cos_bucket_object.go": [
+    "ibm/resource_ibm_cos_bucket_test.go": [
       {
-        "hashed_secret": "b02fa7fd7ca08b5dc86c2548e40f8a21171ef977",
+        "hashed_secret": "988ff3bd9a74260f3e32e115fdd6535aaa5c531a",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 394,
+        "line_number": 446,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1676,16 +1676,6 @@
         "verified_result": null
       }
     ],
-    "website/docs/r/cr_namespace.html.markdown": [
-      {
-        "hashed_secret": "4dce1e2d29bd7c855539d30dacf1296af3790c25",
-        "is_secret": false,
-        "is_verified": false,
-        "line_number": 21,
-        "type": "Hex High Entropy String",
-        "verified_result": null
-      }
-    ],
     "website/docs/r/database.html.markdown": [
       {
         "hashed_secret": "10c28f9cf0668595d45c1090a7b4a2ae98edfa58",
@@ -1785,7 +1775,7 @@
       }
     ]
   },
-  "version": "0.13.1+ibm.33.dss",
+  "version": "0.13.1+ibm.34.dss",
   "word_list": {
     "file": null,
     "hash": null

examples/ibm-container-registry/README.md

@@ -1,14 +1,11 @@
-# Example for Container Registry resources
+# Example for ContainerRegistryV1
 
-This example illustrates how to use the Container Registry resources to create a namespace on to an account
+This example illustrates how to use the ContainerRegistryV1
 
 These types of resources are supported:
 
-* [ Namespace ](https://cloud.ibm.com/docs/Registry?topic=container-registry-cli-plugin-containerregcli#bx_cr_namespace_add)
-
-## Terraform versions
-
-Terraform 0.12. Pin module version to `~> v1.18.0`. Branch - `master`.
+* cr_namespace
+* cr_retention_policy
 
 ## Usage
 
@@ -23,31 +20,38 @@ $ terraform apply
 Run `terraform destroy` when you don't need these resources.
 
 
-## Container Registry Resources
+## ContainerRegistryV1 resources
 
-`Creating Namespace`:
+cr_namespace resource:
 
 ```hcl
-resource "ibm_cr_namespace" "namespace" {
-  name              = var.name
-  resource_group_id = data.ibm_resource_group.rg.id
+resource "cr_namespace" "cr_namespace_instance" {
+  name = var.cr_namespace_name
+  resource_group_id = data.ibm_resource_group.default_group.id
+  tags = var.cr_namespace_tags
 }
 ```
-##  Container Registry Data Source
-`List all Namespaces:`
+cr_retention_policy resource:
 
 ```hcl
+resource "cr_retention_policy" "cr_retention_policy_instance" {
+  namespace = var.cr_retention_policy_namespace
+  images_per_repo = var.cr_retention_policy_images_per_repo
+  retain_untagged = var.cr_retention_policy_retain_untagged
+}
+```
 
-data "ibm_cr_namespaces" "namespaces"{}
+## ContainerRegistryV1 Data sources
 
-```
 
-## Examples
+## Assumptions
+
+1. TODO
 
-* [ Container Registry ](./main.tf)
+## Notes
 
+1. TODO
 
-<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements
 
 | Name | Version |
@@ -58,19 +62,22 @@ data "ibm_cr_namespaces" "namespaces"{}
 
 | Name | Version |
 |------|---------|
-| ibm | n/a |
+| ibm | 1.13.1 |
 
 ## Inputs
 
-| Name | Description | Type | Required | Default |
+| Name | Description | Type | Required |
 |------|-------------|------|---------|
-| name | Name Space Name. Force New Attribute| `string` | yes | N/A |
-| resource_group_id | The Id of resource group to which the namespace has to be imported. Force New attribute | `string` | No | Default RG|
+| ibmcloud\_api\_key | IBM Cloud API key | `string` | true |
+| name | The name of the namespace. | `string` | true |
+| resource_group_id | The ID of the resource group that the namespace will be created within. | `string` | false |
+| namespace | The namespace to which the retention policy is attached. | `string` | true |
+| images_per_repo | Determines how many images will be retained for each repository when the retention policy is executed. The value -1 denotes 'Unlimited' (all images are retained). | `number` | true |
+| retain_untagged | Determines if untagged images are retained when executing the retention policy. This is false by default meaning untagged images will be deleted when the policy is executed. | `bool` | false |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
-| namespace_crn | CRN of namespace resource. |
-
-<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+| cr_namespace | cr_namespace object |
+| cr_retention_policy | cr_retention_policy object |

examples/ibm-container-registry/main.tf

@@ -1,10 +1,17 @@
 provider "ibm" {
-    region = "eu-gb"
+  ibmcloud_api_key = var.ibmcloud_api_key
 }
-data "ibm_resource_group" "rg" {
-  name = var.resource_group_name
+
+// Provision cr_namespace resource instance
+resource "ibm_cr_namespace" "cr_namespace_instance" {
+  name = var.cr_namespace_name
+  resource_group_id = data.ibm_resource_group.default_group.id
+  tags = var.cr_namespace_tags
 }
-resource "ibm_cr_namespace" "namespace" {
-  name              = var.name
-  resource_group_id = data.ibm_resource_group.rg.id
+
+// Provision cr_retention_policy resource instance
+resource "ibm_cr_retention_policy" "cr_retention_policy_instance" {
+  namespace = var.cr_retention_policy_namespace
+  images_per_repo = var.cr_retention_policy_images_per_repo
+  retain_untagged = var.cr_retention_policy_retain_untagged
 }

examples/ibm-container-registry/outputs.tf

@@ -1,3 +1,12 @@
-output "namespace_crn" {
-    value = ibm_cr_namespace.namespace.crn
-}
+// This allows cr_namespace data to be referenced by other resources and the terraform CLI
+// Modify this if only certain data should be exposed
+output "ibm_cr_namespace" {
+  value       = ibm_cr_namespace.cr_namespace_instance
+  description = "cr_namespace resource instance"
+}
+// This allows cr_retention_policy data to be referenced by other resources and the terraform CLI
+// Modify this if only certain data should be exposed
+output "ibm_cr_retention_policy" {
+  value       = ibm_cr_retention_policy.cr_retention_policy_instance
+  description = "cr_retention_policy resource instance"
+}

examples/ibm-container-registry/variables.tf

@@ -1,8 +1,38 @@
-variable "name" {
-    type= string
-    description = "Name of the Namespace that has to be created"
-}
-variable "resource_group_name" {
-    type= string
-    description = "Name of the resource group in which Namespace that has to be created"
-}
+variable "ibmcloud_api_key" {
+  description = "IBM Cloud API key"
+  type        = string
+}
+
+// Resource arguments for cr_namespace
+variable "cr_namespace_name" {
+  description = "The name of the namespace."
+  type        = string
+  default     = "name"
+}
+variable "cr_namespace_resource_group_id" {
+  description = "The ID of the resource group that the namespace will be created within."
+  type        = string
+  default     = "placeholder"
+}
+variable "cr_namespace_tags" {
+  description = "Local tags associated with cr_namespace"
+  type        = set(string)
+  default     = []
+}
+
+// Resource arguments for cr_retention_policy
+variable "cr_retention_policy_namespace" {
+  description = "The namespace to which the retention policy is attached."
+  type        = string
+  default     = "birds"
+}
+variable "cr_retention_policy_images_per_repo" {
+  description = "Determines how many images will be retained for each repository when the retention policy is executed. The value -1 denotes 'Unlimited' (all images are retained)."
+  type        = number
+  default     = 10
+}
+variable "cr_retention_policy_retain_untagged" {
+  description = "Determines if untagged images are retained when executing the retention policy. This is false by default meaning untagged images will be deleted when the policy is executed."
+  type        = bool
+  default     = false
+}

examples/ibm-container-registry/versions.tf

@@ -0,0 +1,3 @@
+terraform {
+  required_version = ">= 0.12"
+}

go.mod

@@ -7,6 +7,7 @@ require (
 	github.com/IBM-Cloud/bluemix-go v0.0.0-20210513052039-9ddb92888817
 	github.com/IBM-Cloud/power-go-client v1.0.55
 	github.com/IBM/apigateway-go-sdk v0.0.0-20200414212859-416e5948678a
+	github.com/IBM/container-registry-go-sdk v0.0.12
 	github.com/IBM/go-sdk-core v1.1.0
 	github.com/IBM/go-sdk-core/v3 v3.3.1
 	github.com/IBM/go-sdk-core/v4 v4.10.0
@@ -25,6 +26,7 @@ require (
 	github.com/apache/incubator-openwhisk-client-go v0.0.0-20171128215515-ad814bc98c32 // indirect
 	github.com/apache/openwhisk-client-go v0.0.0-20200201143223-a804fb82d105
 	github.com/apparentlymart/go-cidr v1.1.0
+	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
 	github.com/cloudfoundry/jibber_jabber v0.0.0-20151120183258-bcc4c8345a21 // indirect
 	github.com/dchest/safefile v0.0.0-20151022103144-855e8d98f185 // indirect
 	github.com/dgrijalva/jwt-go v3.2.0+incompatible
@@ -36,18 +38,19 @@ require (
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/google/uuid v1.2.0
 	github.com/hashicorp/go-uuid v1.0.2
-	github.com/hashicorp/go-version v1.2.1
+	github.com/hashicorp/go-version v1.3.0
 	github.com/hashicorp/hil v0.0.0-20200423225030-a18a1cd20038 // indirect
-	github.com/hashicorp/terraform-plugin-sdk/v2 v2.4.4
+	github.com/hashicorp/terraform-plugin-sdk/v2 v2.6.1
 	github.com/hokaccha/go-prettyjson v0.0.0-20170213120834-e6b9231a2b1c // indirect
 	github.com/kardianos/govendor v1.0.9 // indirect
+	github.com/leodido/go-urn v1.2.1 // indirect
 	github.com/minsikl/netscaler-nitro-go v0.0.0-20170827154432-5b14ce3643e3
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/renier/xmlrpc v0.0.0-20170708154548-ce4a1a486c03 // indirect
 	github.com/satori/go.uuid v1.2.0
 	github.com/softlayer/softlayer-go v0.0.0-20190814165317-b9062a914a22
 	github.ibm.com/ibmcloud/kubernetesservice-go-sdk v0.0.0-00010101000000-000000000000
-	golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
+	golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2
 	golang.org/x/tools v0.0.0-20210107193943-4ed967dd8eff // indirect
 	gotest.tools v2.2.0+incompatible
 )