Add Code Engine allowed outbound destinations (#5884)

* Add Code Engine allowed outbound destinations * resolve conflict with secrets baseline --------- Co-authored-by: HARINI KANTAREDDY <hkantare@in.ibm.com>
IBM-Cloud · Jan 2, 2025 · 2a556df · 2a556df
1 parent c0945a2
commit 2a556df
Show file tree

Hide file tree

Showing 32 changed files with 2,675 additions and 1,187 deletions.
diff --git a/.secrets.baseline b/.secrets.baseline
@@ -3,7 +3,7 @@
     "files": "go.mod|go.sum|.*.map|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2024-12-08T16:17:06Z",
+  "generated_at": "2024-12-18T16:42:49Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -444,15 +444,15 @@
         "hashed_secret": "dc61ac50e6f36d09340d8ca062da1f0d4215004f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 170,
+        "line_number": 198,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "470851178a9e3a16c35bc88232c21d04c555e5ca",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 242,
+        "line_number": 270,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -900,15 +900,15 @@
         "hashed_secret": "c8b6f5ef11b9223ac35a5663975a466ebe7ebba9",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 2297,
+        "line_number": 2301,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "8abf4899c01104241510ba87685ad4de76b0c437",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 2303,
+        "line_number": 2307,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1826,7 +1826,7 @@
         "hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 442,
+        "line_number": 453,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1836,7 +1836,7 @@
         "hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 215,
+        "line_number": 224,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1864,7 +1864,7 @@
         "hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 229,
+        "line_number": 233,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1874,7 +1874,7 @@
         "hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 275,
+        "line_number": 283,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1894,15 +1894,22 @@
         "hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 737,
+        "line_number": 741,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "3c956707ac29b4a200e47fceffa923341eed7e4f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 972,
+        "line_number": 1006,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "b5366a2d2ac98dae978423083f8b09e5cddc705d",
+        "is_verified": false,
+        "line_number": 1327,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1912,23 +1919,30 @@
         "hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 400,
+        "line_number": 408,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "e8dc1fe90828a509bfa71eeccb5234a9bedb10e2",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 516,
+        "line_number": 536,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "d4ee3538b3b38ad8931e35bbe9db217fbd6687c1",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 531,
+        "line_number": 551,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "b5366a2d2ac98dae978423083f8b09e5cddc705d",
+        "is_verified": false,
+        "line_number": 663,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1956,23 +1970,23 @@
         "hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 503,
+        "line_number": 508,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "a99bf28e18370eb20e9cc79a1e7f8c379075f69c",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 652,
+        "line_number": 680,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "b5366a2d2ac98dae978423083f8b09e5cddc705d",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 720,
+        "line_number": 850,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1982,15 +1996,22 @@
         "hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 478,
+        "line_number": 482,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "3c956707ac29b4a200e47fceffa923341eed7e4f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 646,
+        "line_number": 670,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "b5366a2d2ac98dae978423083f8b09e5cddc705d",
+        "is_verified": false,
+        "line_number": 885,
         "type": "Secret Keyword",
         "verified_result": null
       }

diff --git a/examples/ibm-code-engine/README.md b/examples/ibm-code-engine/README.md
@@ -3,6 +3,7 @@
 These examples illustrate how to use the resources and data sources associated with Code Engine.
 
 The following resources are supported:
+* ibm_code_engine_allowed_outbound_destination
 * ibm_code_engine_app
 * ibm_code_engine_binding
 * ibm_code_engine_build
@@ -14,6 +15,7 @@ The following resources are supported:
 * ibm_code_engine_secret
 
 The following data sources are supported:
+* ibm_code_engine_allowed_outbound_destination
 * ibm_code_engine_app
 * ibm_code_engine_binding
 * ibm_code_engine_build
@@ -66,6 +68,32 @@ resource "ibm_code_engine_project" "code_engine_project_instance" {
 | resource_type | The type of the project. |
 | status | The current state of the project. For example, when the project is created and is ready for use, the status of the project is `active`. |
 
+### Resource: ibm_code_engine_allowed_outbound_destination
+
+```hcl
+resource "ibm_code_engine_allowed_outbound_destination" "code_engine_allowed_outbound_destination_instance" {
+  project_id = var.code_engine_allowed_outbound_destination_project_id
+  type       = var.code_engine_allowed_outbound_destination_type
+  cidr_block = var.code_engine_allowed_outbound_destination_cidr_block
+  name       = var.code_engine_allowed_outbound_destination_name
+}
+```
+
+#### Inputs
+
+| Name | Description | Type | Required |
+|------|-------------|------|---------|
+| project_id | The ID of the project. | `string` | true |
+| type | Specify the type of the allowed outbound destination. Allowed types are: 'cidr_block'. | `string` | true |
+| cidr_block | The IPv4 address range. | `string` | false |
+| name | The name of the CIDR block. | `string` | false |
+
+#### Outputs
+
+| Name | Description |
+|------|-------------|
+| entity_tag | The version of the allowed outbound destination, which is used to achieve optimistic locking. |
+
 ### Resource: ibm_code_engine_app
 
 ```hcl
@@ -158,7 +186,7 @@ resource "ibm_code_engine_binding" "code_engine_binding_instance" {
 | href | When you provision a new binding,  a URL is created identifying the location of the instance. |
 | resource_type | The type of the binding. |
 | status | The current status of the binding. |
-| code_engine_binding_id | The ID of the binding. |
+| binding_id | The ID of the binding. |
 
 ### Resource: ibm_code_engine_build
 
@@ -276,9 +304,9 @@ resource "ibm_code_engine_domain_mapping" "code_engine_domain_mapping_instance"
 
 ```hcl
 resource "ibm_code_engine_function" "code_engine_function_instance" {
-  project_id = var.code_engine_function_project_id
-  name = var.code_engine_function_name
-  runtime = var.code_engine_function_runtime
+  project_id     = var.code_engine_function_project_id
+  name           = var.code_engine_function_name
+  runtime        = var.code_engine_function_runtime
   code_reference = var.code_engine_function_code_reference
 }
 ```
@@ -430,6 +458,30 @@ data "ibm_code_engine_project" "code_engine_project_instance" {
 | resource_type | The type of the project. |
 | status | The current state of the project. For example, when the project is created and is ready for use, the status of the project is active. |
 
+### Data source: ibm_code_engine_allowed_outbound_destination
+
+```hcl
+data "ibm_code_engine_allowed_outbound_destination" "code_engine_allowed_outbound_destination_instance" {
+  project_id = var.data_code_engine_allowed_outbound_destination_project_id
+  name       = var.data_code_engine_allowed_outbound_destination_name
+}
+```
+
+#### Inputs
+
+| Name | Description | Type | Required |
+|------|-------------|------|---------|
+| project_id | The ID of the project. | `string` | true |
+| name | The name of your allowed outbound destination. | `string` | true |
+
+#### Outputs
+
+| Name | Description |
+|------|-------------|
+| entity_tag | The version of the allowed outbound destination, which is used to achieve optimistic locking. |
+| type | Specify the type of the allowed outbound destination. Allowed types are: 'cidr_block'. |
+| cidr_block | The IPv4 address range. |
+
 ### Data source: ibm_code_engine_app
 
 ```hcl
@@ -488,8 +540,8 @@ data "ibm_code_engine_app" "code_engine_app_instance" {
 
 ```hcl
 data "ibm_code_engine_binding" "code_engine_binding_instance" {
-  project_id             = var.data_code_engine_binding_project_id
-  code_engine_binding_id = var.data_code_engine_binding_code_engine_binding_id
+  project_id = var.data_code_engine_binding_project_id
+  binding_id = var.data_code_engine_binding_code_engine_binding_id
 }
 ```
 
@@ -498,7 +550,7 @@ data "ibm_code_engine_binding" "code_engine_binding_instance" {
 | Name | Description | Type | Required |
 |------|-------------|------|---------|
 | project_id | The ID of the project. | `string` | true |
-| code_engine_binding_id | The id of your binding. | `string` | true |
+| binding_id | The id of your binding. | `string` | true |
 
 #### Outputs
 

diff --git a/examples/ibm-code-engine/main.tf b/examples/ibm-code-engine/main.tf
@@ -125,6 +125,14 @@ resource "ibm_code_engine_function" "code_engine_function_instance" {
   code_reference = local.function_code_reference
 }
 
+// Provision code_engine_allowed_outbound_destination resource instance
+resource "ibm_code_engine_allowed_outbound_destination" "code_engine_allowed_outbound_destination_instance" {
+  project_id = ibm_code_engine_project.code_engine_project_instance.project_id
+  type       = "cidr_block"
+  name       =  var.code_engine_allowed_outbound_destination_name
+  cidr_block =  var.code_engine_allowed_outbound_destination_cidr_block
+}
+
 //////////////////
 // Data sources
 
@@ -181,6 +189,12 @@ data "ibm_code_engine_function" "code_engine_function_data" {
   name       = var.code_engine_function_name
 }
 
+// Create code_engine_allowed_outbound_destination data source
+data "ibm_code_engine_allowed_outbound_destination" "code_engine_allowed_outbound_destination_data" {
+  project_id = data.ibm_code_engine_project.code_engine_project_data.project_id
+  name       = var.code_engine_allowed_outbound_destination_name
+}
+
 //////////////////
 // Locals
 locals {

diff --git a/examples/ibm-code-engine/outputs.tf b/examples/ibm-code-engine/outputs.tf
@@ -54,3 +54,9 @@ output "ibm_code_engine_function" {
   value       = ibm_code_engine_function.code_engine_function_instance
   description = "code_engine_function resource instance"
 }
+// This allows code_engine_allowed_outbound_destination data to be referenced by other resources and the terraform CLI
+// Modify this if only certain data should be exposed
+output "ibm_code_engine_allowed_outbound_destination" {
+  value       = ibm_code_engine_allowed_outbound_destination.code_engine_allowed_outbound_destination_instance
+  description = "code_engine_allowed_outbound_destination resource instance"
+}
diff --git a/examples/ibm-code-engine/variables.tf b/examples/ibm-code-engine/variables.tf
@@ -156,6 +156,18 @@ variable "code_engine_secret_tls_crt_file_path" {
   type        = string
 }
 
+// Resource arguments for code_engine_allowed_outbound_destination
+variable "code_engine_allowed_outbound_destination_name" {
+  description = "The name of the allowed outbound destination."
+  type        = string
+  default     = "my-allowed-outbound-destination"
+}
+variable "code_engine_allowed_outbound_destination_cidr_block" {
+  description = "The IPv4 address range of the allowed outbound destination."
+  type        = string
+  default     = "192.68.3.0/24"
+}
+
 // Data source arguments for code_engine_project
 variable "code_engine_project_id" {
   description = "The ID of the project."

diff --git a/go.mod b/go.mod
@@ -14,15 +14,15 @@ require (
 	github.com/IBM/cloud-databases-go-sdk v0.7.1
 	github.com/IBM/cloud-db2-go-sdk v0.0.0-20241206113855-40a65de39906
 	github.com/IBM/cloudant-go-sdk v0.8.0
-	github.com/IBM/code-engine-go-sdk v0.0.0-20240808131715-b9d168602dac
+	github.com/IBM/code-engine-go-sdk v0.0.0-20241217191651-e1821f8c58c3
 	github.com/IBM/configuration-aggregator-go-sdk v0.0.2
 	github.com/IBM/container-registry-go-sdk v1.1.0
 	github.com/IBM/continuous-delivery-go-sdk/v2 v2.0.2
 	github.com/IBM/event-notifications-go-admin-sdk v0.12.0
 	github.com/IBM/eventstreams-go-sdk v1.4.0
 	github.com/IBM/go-sdk-core v1.1.0
 	github.com/IBM/go-sdk-core/v3 v3.2.4
-	github.com/IBM/go-sdk-core/v5 v5.18.1
+	github.com/IBM/go-sdk-core/v5 v5.18.3
 	github.com/IBM/ibm-backup-recovery-sdk-go v1.0.1
 	github.com/IBM/ibm-cos-sdk-go v1.12.0
 	github.com/IBM/ibm-cos-sdk-go-config/v2 v2.2.0
@@ -207,7 +207,7 @@ require (
 	go.uber.org/ratelimit v0.2.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
 	golang.org/x/mod v0.21.0 // indirect
-	golang.org/x/net v0.31.0 // indirect
+	golang.org/x/net v0.32.0 // indirect
 	golang.org/x/oauth2 v0.22.0 // indirect
 	golang.org/x/sync v0.10.0 // indirect
 	golang.org/x/sys v0.28.0 // indirect