Schematics agent init

.github/CODEOWNERS

@@ -1,2 +1,2 @@
 # Primary owner should be listed first in list of global owners, followed by any secondary owners
-*       @SirSpidey @ocofaigh
+*       @rajatagarwal-ibm @toddgiguere

.github/settings.yml

@@ -15,14 +15,14 @@ repository:
   # By changing this field, you rename the repository.
 
   # Uncomment this name property and set the name to the current repo name.
-  # name: ""
+  name: "terraform-ibm-schematics-agent"
 
   # The description is displayed under the repository name on the
   # organization page and in the 'About' section of the repository.
 
   # Uncomment this description property
   # and update the description to the current repo description.
-  # description: ""
+  description: "Creates a Schematics Agent and deploys it on the existing cluster."
 
   # Use a comma-separated list of topics to set on the repo (ensure not to use any caps in the topic string).
-  topics: terraform, ibm-cloud, terraform-module
+  topics: terraform, ibm-cloud, terraform-module, core-team, supported, stable

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "go.sum|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2023-12-09T06:39:44Z",
+  "generated_at": "2024-03-19T21:31:43Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -76,7 +76,18 @@
       "name": "TwilioKeyDetector"
     }
   ],
-  "results": {},
+  "results": {
+    "README.md": [
+      {
+        "hashed_secret": "ff9ee043d85595eb255c05dfe32ece02a53efbb2",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 55,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ]
+  },
   "version": "0.13.1+ibm.62.dss",
   "word_list": {
     "file": null,

README.md

@@ -1,28 +1,29 @@
 <!-- Update the title -->
-# Terraform Modules Template Project
+# Terraform Schematics Agent Module
 
 <!--
 Update status and "latest release" badges:
   1. For the status options, see https://terraform-ibm-modules.github.io/documentation/#/badge-status
   2. Update the "latest release" badge to point to the correct module's repo. Replace "terraform-ibm-module-template" in two places.
 -->
-[![Incubating (Not yet consumable)](https://img.shields.io/badge/status-Incubating%20(Not%20yet%20consumable)-red)](https://terraform-ibm-modules.github.io/documentation/#/badge-status)
-[![latest release](https://img.shields.io/github/v/release/terraform-ibm-modules/terraform-ibm-module-template?logo=GitHub&sort=semver)](https://github.com/terraform-ibm-modules/terraform-ibm-module-template/releases/latest)
+[![Stable (With quality checks)](https://img.shields.io/badge/Status-Stable%20(With%20quality%20checks)-green)](https://terraform-ibm-modules.github.io/documentation/#/badge-status)
+[![latest release](https://img.shields.io/github/v/release/terraform-ibm-modules/terraform-ibm-schematics-agent?logo=GitHub&sort=semver)](https://github.com/terraform-ibm-modules/terraform-ibm-schematics-agent/releases/latest)
 [![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white)](https://github.com/pre-commit/pre-commit)
 [![Renovate enabled](https://img.shields.io/badge/renovate-enabled-brightgreen.svg)](https://renovatebot.com/)
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
 
 <!-- Add a description of module(s) in this repo -->
-TODO: Replace me with description of the module(s) in this repo
+Creates an IBM Schematics Agent.
+
+More information about the IBM Schematics Agent can be found [here](https://cloud.ibm.com/docs/schematics?topic=schematics-deploy-agent-overview&interface=ui)
 
 
 <!-- Below content is automatically populated via pre-commit hook -->
 <!-- BEGIN OVERVIEW HOOK -->
 ## Overview
 * [terraform-ibm-schematics-agent](#terraform-ibm-schematics-agent)
 * [Examples](./examples)
-    * [Basic example](./examples/basic)
-    * [Complete example](./examples/complete)
+    * [Kubernetes example](./examples/kubernetes)
 * [Contributing](#contributing)
 <!-- END OVERVIEW HOOK -->
 
@@ -50,6 +51,27 @@ unless real values don't help users know what to change.
 
 ```hcl
 
+provider "ibm" {
+  ibmcloud_api_key = "XXXXXXXXXX"
+  region           = "us-south"
+}
+module "schematics_agent" {
+  source                    = "terraform-ibm-modules/schematics-agent/ibm"
+  version                   = "latest" # Replace "latest" with a release version to lock into a specific release
+  infra_type                = "ibm_kubernetes" # ibm_kubernetes, ibm_openshift, ibm_satellite.
+  cluster_id                = "<cluster-id>"
+  cluster_resource_group_id = "xxXXxxXXxXxXXXXxxXxxxXXXXxXXXXX"
+  cos_instance_name         = "<cos-instance-name>"
+  cos_bucket_name           = "<cos-bucket-name>"
+  cos_bucket_region         = "<cos-bucket-region>"
+  agent_location            = "us-south"
+  agent_description         = "schematics agent description"
+  agent_name                = "k8s-schematics-agent"
+  agent_resource_group_id   = "xxXXxxXXxXxXXXXxxXxxxXXXXxXXXXX"
+  schematics_location       = "us-south" # Allowed values are `us-south`, `us-east`, `eu-gb`, `eu-de`.
+  agent_version             = "<agent-version>"
+}
+
 ```
 
 ### Required IAM access policies
@@ -89,22 +111,45 @@ statement instead the previous block.
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0, <1.7.0 |
+| <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | >= 1.49.0, < 2.0.0 |
 
 ### Modules
 
 No modules.
 
 ### Resources
 
-No resources.
+| Name | Type |
+|------|------|
+| [ibm_schematics_agent.schematics_agent_instance](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/schematics_agent) | resource |
+| [ibm_schematics_agent_deploy.schematics_agent_deploy](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/schematics_agent_deploy) | resource |
 
 ### Inputs
 
-No inputs.
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_agent_description"></a> [agent\_description](#input\_agent\_description) | The schematics agent description. | `string` | `null` | no |
+| <a name="input_agent_location"></a> [agent\_location](#input\_agent\_location) | The location where the schematics agent is deployed in the user environment. | `string` | `"us-south"` | no |
+| <a name="input_agent_name"></a> [agent\_name](#input\_agent\_name) | The schematics agent name. | `string` | n/a | yes |
+| <a name="input_agent_resource_group_id"></a> [agent\_resource\_group\_id](#input\_agent\_resource\_group\_id) | The resource group ID of the schematics resource group. | `string` | n/a | yes |
+| <a name="input_agent_version"></a> [agent\_version](#input\_agent\_version) | The schematics agent version. | `string` | `"1.0.1-beta"` | no |
+| <a name="input_cluster_id"></a> [cluster\_id](#input\_cluster\_id) | ID of the target cluster where the schematics agent will be installed. | `string` | n/a | yes |
+| <a name="input_cluster_resource_group_id"></a> [cluster\_resource\_group\_id](#input\_cluster\_resource\_group\_id) | Resource group ID of the target cluster where the schematics agent will be installed. | `string` | n/a | yes |
+| <a name="input_cos_bucket_name"></a> [cos\_bucket\_name](#input\_cos\_bucket\_name) | The COS bucket name to store the schematics agent logs. | `string` | n/a | yes |
+| <a name="input_cos_bucket_region"></a> [cos\_bucket\_region](#input\_cos\_bucket\_region) | The COS bucket region. | `string` | n/a | yes |
+| <a name="input_cos_instance_name"></a> [cos\_instance\_name](#input\_cos\_instance\_name) | The COS instance name where the bucket is created for the schematics agent logs. | `string` | n/a | yes |
+| <a name="input_infra_type"></a> [infra\_type](#input\_infra\_type) | Type of target agent infrastructure. Allowed values: `ibm_kubernetes`, `ibm_openshift` and `ibm_satellite`. | `string` | `"ibm_kubernetes"` | no |
+| <a name="input_schematics_location"></a> [schematics\_location](#input\_schematics\_location) | List of locations supported by IBM Cloud Schematics service. Allowed values are `us-south`, `us-east`, `eu-gb`, `eu-de`. | `string` | `"us-south"` | no |
 
 ### Outputs
 
-No outputs.
+| Name | Description |
+|------|-------------|
+| <a name="output_agent_crn"></a> [agent\_crn](#output\_agent\_crn) | Schematics agent CRN. |
+| <a name="output_agent_id"></a> [agent\_id](#output\_agent\_id) | Schematics agent ID. |
+| <a name="output_log_url"></a> [log\_url](#output\_log\_url) | URL to the full schematics agent deployment job logs. |
+| <a name="output_status_code"></a> [status\_code](#output\_status\_code) | Final result of the schematics agent deployment job. |
+| <a name="output_status_message"></a> [status\_message](#output\_status\_message) | The outcome of the schematics agent deployment job, in a formatted log string. |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
 <!-- Leave this section as is so that your module has a link to local development environment set up steps for contributors to follow -->

cra-config.yaml

@@ -1,7 +1,7 @@
 # More info about this file at https://github.com/terraform-ibm-modules/common-pipeline-assets/blob/main/.github/workflows/terraform-test-pipeline.md#cra-config-yaml
 version: "v1"
 CRA_TARGETS:
-  - CRA_TARGET: "examples/complete" # Target directory for CRA scan. If not provided, the CRA Scan will not be run.
+  - CRA_TARGET: "examples/kubernetes" # Target directory for CRA scan. If not provided, the CRA Scan will not be run.
     CRA_IGNORE_RULES_FILE: "cra-tf-validate-ignore-rules.json" # CRA Ignore file to use. If not provided, it checks the repo root directory for `cra-tf-validate-ignore-rules.json`
     PROFILE_ID: "0e6e7b5a-817d-4344-ab6f-e5d7a9c49520" # SCC profile ID (currently set to the FSCloud 1.4.0 profile).
     # SCC_INSTANCE_ID: "" # The SCC instance ID to use to download profile for CRA scan. If not provided, a default global value will be used.

cra-tf-validate-ignore-rules.json

@@ -1,3 +1,16 @@
 {
-    "scc_rules": []
+    "scc_rules": [
+        {
+            "scc_rule_id": "rule-8cbd597c-7471-42bd-9c88-36b2696456e9",
+            "description:": "Check whether Cloud Object Storage network access is restricted to a specific IP range",
+            "ignore_reason": "This module does not create any Cloud object storage and it is used in an example for testing purpose.",
+            "is_valid": false
+        },
+        {
+            "scc_rule_id": "rule-c97259ee-336d-4c5f-b436-1868107a9558",
+            "description:": "Check whether Cloud Object Storage is enabled with customer-managed encryption and Keep Your Own Key (KYOK)",
+            "ignore_reason": "This module does not create any Cloud object storage and it is used in an example for testing purpose.",
+            "is_valid": false
+        }
+    ]
 }

examples/kubernetes/README.md

@@ -0,0 +1,8 @@
+# Kubernetes example
+
+An end-to-end example that will provision the following:
+* A new resource group if one is not passed in.
+* A COS instance and a bucket.
+* A new VPC with 1 subnet.
+* An IBM VPC Gen2 Kubernetes cluster with 3 worker nodes and flavor "bx2.4x16".
+* Creates and deploy the Schematics' agent on the Kubernetes cluster.