add edits to notification policy

Reviewed-on: #9
Reviewed-by: Stanislav_Kopp <stanislav.kopp@mail.schwarz>

dns/providers.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     stackit = {
       source  = "stackitcloud/stackit"
-      version = "~> 0.61.0"
+      version = "~> 0.68.0"
     }
   }
 }

grafana/contact-point-gchat/main.tf

@@ -1,5 +1,6 @@
 resource "grafana_contact_point" "this" {
   name = var.contact_point_name
+  disable_provenance = true
 
   googlechat {
     url     = var.gchat_url

grafana/notification-policy/main.tf

@@ -1,6 +1,7 @@
 resource "grafana_notification_policy" "this" {
   contact_point = var.default_contact_point_uid
   group_by      = var.group_by
+  disable_provenance = true
 
   dynamic "policy" {
     for_each = var.folder_policies          

mongodb/mongodb.tf

@@ -19,30 +19,3 @@ resource "stackit_mongodbflex_user" "this" {
   roles       = var.mongodb_user_roles
   database    = var.mongodb_user_database
 }
-
-# // Configure Secret Manager Provider
-# provider "vault" {
-#   address          = "https://prod.sm.eu01.stackit.cloud"
-#   skip_child_token = true
-#   auth_login_userpass {
-#     username = var.secret_manager_username
-#     password = var.secret_manager_password
-#   }
-# }
-
-# // Store MongoDB Credentials in Secret Manager
-# resource "vault_kv_secret_v2" "mongodb_cred_save" {
-#   mount               = var.secret_manager_instance_id
-#   name                = var.mongodb_secrets_path
-#   cas                 = 1
-#   delete_all_versions = true
-#   data_json = jsonencode(
-#     {
-#       username = stackit_mongodbflex_user.mongodb_user.username,
-#       password = stackit_mongodbflex_user.mongodb_user.password,
-#       host     = stackit_mongodbflex_user.mongodb_user.host,
-#       port     = stackit_mongodbflex_user.mongodb_user.port,
-#       uri      = stackit_mongodbflex_user.mongodb_user.uri
-#     }
-#   )
-# }

mongodb/providers.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     stackit = {
       source  = "stackitcloud/stackit"
-      version = "~> 0.50.0"
+      version = "~> 0.68.0"
     }
   }
 }

mongodb/variables.tf

@@ -30,7 +30,9 @@ variable "mongodb_instance_flavor" {
 variable "mongodb_instance_options" {
   description = "options for mongodb"
   type = object({
-    type = string
+    type                       = string
+    snapshot_retention_days    = number
+    point_in_time_window_hours = number
   })
 }
 

objectstorage/providers.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     stackit = {
       source  = "stackitcloud/stackit"
-      version = "~> 0.50.0"
+      version = "~> 0.68.0"
     }
   }
 }

observability/providers.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     stackit = {
       source  = "stackitcloud/stackit"
-      version = "~> 0.50.0"
+      version = "~> 0.68.0"
     }
     grafana = {
       source = "grafana/grafana"

postgres/outputs.tf

@@ -2,40 +2,19 @@
 output "postgres_instance_id" {
   value = stackit_postgresflex_instance.this.instance_id
 }
- 
- # Postgres Database Output
- output "postgres_database_id" {
-   value = stackit_postgresflex_database.this.database_id
- }
 
-# Postgres User Output
-output "postgres_host" {
-  value = stackit_postgresflex_user.this.host
-}
-
-output "postgres_password" {
-  value     = stackit_postgresflex_user.this.password
+# Postgres Credential Output
+output "postgres_credentials" {
+  value = {
+    for k, u in stackit_postgresflex_user.this :
+    k => {
+      host     = u.host
+      username = u.username
+      password = u.password
+      port     = u.port
+      db_name  = stackit_postgresflex_database.this[u.username].name
+      uri      = u.uri
+    }
+  }
   sensitive = true
-}
-
-output "postgres_user" {
-  value = stackit_postgresflex_user.this.username
-}
-
-output "postgres_port" {
-  value = stackit_postgresflex_user.this.port
-}
-
-output "postgres_db_name" {
-  value = stackit_postgresflex_database.this.name
-}
-
-output "postgres_uri" {
-  value     = stackit_postgresflex_user.this.uri
-  sensitive = true
-}
-
-output "postgres_user_id" {
-  value = stackit_postgresflex_user.this.user_id
-}
-
+}

postgres/postgres.tf

@@ -12,18 +12,24 @@ resource "stackit_postgresflex_instance" "this" {
 
 // Postgres User 
 resource "stackit_postgresflex_user" "this" {
+  for_each = {
+    for db in var.postgres_databases : db.user_name => db
+  }
   depends_on = [ stackit_postgresflex_instance.this ]
   project_id  = var.stackit_project_id
   instance_id = stackit_postgresflex_instance.this.instance_id
-  username    = var.postgres_db_user_name
-  roles       = var.postgres_db_user_roles
+  username    = each.value.user_name
+  roles       = each.value.user_roles
 }
 
 // Postgres Database
 resource "stackit_postgresflex_database" "this" {
-  depends_on = [ stackit_postgresflex_user.this ]
+  for_each = {
+    for db in var.postgres_databases : db.db_name => db
+  }
+  depends_on = [stackit_postgresflex_user.this]
   project_id  = var.stackit_project_id
   instance_id = stackit_postgresflex_instance.this.instance_id
-  name        = var.postgres_db_name
-  owner       = var.postgres_db_user_name
-}
+  name        = each.value.db_name
+  owner       = each.value.user_name
+}

postgres/providers.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     stackit = {
       source  = "stackitcloud/stackit"
-      version = "~> 0.50.0"
+      version = "~> 0.68.0"
     }
   }
 }

postgres/readme.md

@@ -0,0 +1,67 @@
+# Module for creating Postgres Flex Instance with Databases and Users
+
+## Example
+
+```main.tf
+
+# Postgres Flex Instance
+module "postgres-flex" {
+  source                                = "git::https://commerce-platform.git.onstackit.cloud/commerce-platform-public/terraform-modules//postgres?ref=main
+  stackit_project_id                    = local.stackit_project_id
+  postgres_instance_name                = "example-db"
+  postgres_instance_replicas            = 1
+  postgres_instance_storage             = {
+    class = "premium-perf2-stackit"
+    size = 5
+  }
+
+  postgres_instance_flavor              = {
+    cpu = 2
+    ram = 4
+  }
+
+  postgres_instance_acl                 = [
+    "193.148.160.0/19",
+    "45.129.40.0/21"
+  ]
+
+  postgres_instance_backup_schedule     = "00 02 * * *"
+  postgres_instance_version             = "17"
+  postgres_instance_region              = "eu01"
+
+  postgres_databases = [
+  {
+    db_name  = "database-a"
+    user_name  = "user-a"
+    user_roles = ["createdb", "login"]
+  },
+  {
+    db_name  = "database-b"
+    user_name  = "user-b"
+    user_roles = ["createdb", "login"]
+  },
+  ]
+}
+
+# safe credentials 
+module "postgres-credentials-sm-a" {
+  source                     = "git::https://commerce-platform.git.onstackit.cloud/commerce-platform-public/terraform-modules//create-secret?ref=main"
+  secret_manager_instance_id = local.secret_manager_instance_id
+  secret_manager_username    = var.secret_manager_username
+  secret_manager_password    = var.secret_manager_password
+
+  secrets_path = "service-a/postgres"
+  secret_data  = module.postgres-flex.postgres_credentials["user-a"]
+}
+
+module "postgres-credentials-sm-b" {
+  source                     = "git::https://commerce-platform.git.onstackit.cloud/commerce-platform-public/terraform-modules//create-secret?ref=main"
+  secret_manager_instance_id = local.secret_manager_instance_id
+  secret_manager_username    = var.secret_manager_username
+  secret_manager_password    = var.secret_manager_password
+
+  secrets_path = "service-b/postgres"
+  secret_data  = module.postgres-flex.postgres_credentials["user-b"]
+}
+
+```

postgres/variables.tf

@@ -10,11 +10,6 @@ variable "postgres_instance_name" {
   type        = string
 }
 
-# variable "postegres_instance_id" {
-#   description = "postgres instance id"
-#   type = string  
-# }
-
 variable "postgres_instance_replicas" {
   description = "number of replicas for postgres instance"
   type        = number
@@ -58,19 +53,12 @@ variable "postgres_instance_region" {
   type        = string
 }
 
-# Postgres User Configs
-variable "postgres_db_user_name" {
-  description = "username and owner for postgres db"
-  type        = string
-}
-
-variable "postgres_db_user_roles" {
-  description = "List of database access levels for the user. Supported values are: login, createdb."
-  type        = list(string)
-}
-
-# Postgres Database Configs
-variable "postgres_db_name" {
-  description = "db name inside the instance"
-  type        = string
+# Postgres User and DB Configs
+variable "postgres_databases" {
+  description   = "list of users and databases"
+  type          = list(object({
+    db_name     = string       # db name inside the instance
+    user_name   = string       # username and owner for postgres db
+    user_roles  = list(string) # List of database access levels for the user. Supported values are: login, createdb.
+  }))
 }

rabbitmq/providers.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     stackit = {
       source  = "stackitcloud/stackit"
-      version = "~> 0.50.0"
+      version = "~> 0.68.0"
     }
   }
 }

redis/providers.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     stackit = {
       source  = "stackitcloud/stackit"
-      version = "~> 0.50.0"
+      version = "~> 0.68.0"
 
     }
   }

ske-cluster/README.md

@@ -16,6 +16,7 @@ module "ske-cluster" {
       machine_type       = "c1.2"
       minimum            = "2"
       maximum            = "3"
+      os_version_min     = "4230.2.0"
       availability_zones = ["eu01-3"]
     }
   ]

ske-cluster/providers.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     stackit = {
       source  = "stackitcloud/stackit"
-      version = "~> 0.62.0"
+      version = "~> 0.68.0"
     }
   }
 }

ske-cluster/variables.tf

@@ -15,6 +15,7 @@ variable "ske_node_pools" {
     machine_type       = string
     minimum            = number
     maximum            = number
+    os_version_min     = string
     availability_zones = list(string)
   }))
 }