From 1f4defda7e5acd05708a217ebcd6dc6571a0b515 Mon Sep 17 00:00:00 2001
From: Rajat Agrawal <rajatatibm@gmail.com>
Date: Fri, 21 Jul 2023 08:03:16 +0100
Subject: [PATCH] feat: connectivity example

---
 examples/connectivity/README.md    |   0
 examples/connectivity/main.tf      | 109 +++++++++++++++++++++++++++++
 examples/connectivity/outputs.tf   |   0
 examples/connectivity/provider.tf  |   4 ++
 examples/connectivity/variables.tf |  41 +++++++++++
 examples/connectivity/version.tf   |  17 +++++
 6 files changed, 171 insertions(+)
 create mode 100644 examples/connectivity/README.md
 create mode 100644 examples/connectivity/main.tf
 create mode 100644 examples/connectivity/outputs.tf
 create mode 100644 examples/connectivity/provider.tf
 create mode 100644 examples/connectivity/variables.tf
 create mode 100644 examples/connectivity/version.tf

diff --git a/examples/connectivity/README.md b/examples/connectivity/README.md
new file mode 100644
index 00000000..e69de29b
diff --git a/examples/connectivity/main.tf b/examples/connectivity/main.tf
new file mode 100644
index 00000000..5933c8ab
--- /dev/null
+++ b/examples/connectivity/main.tf
@@ -0,0 +1,109 @@
+##############################################################################
+# Resource Group
+##############################################################################
+
+module "resource_group" {
+  source  = "terraform-ibm-modules/resource-group/ibm"
+  version = "1.0.5"
+  # if an existing resource group is not set (null) create a new one using prefix
+  resource_group_name          = var.resource_group == null ? "${var.prefix}-resource-group" : null
+  existing_resource_group_name = var.resource_group
+}
+
+##############################################################################
+# ICD postgresql database
+##############################################################################
+
+module "postgresql_db" {
+  source            = "../.."
+  resource_group_id = module.resource_group.resource_group_id
+  name              = "${var.prefix}-postgres"
+  pg_version        = var.pg_version
+  region            = var.region
+  resource_tags     = var.resource_tags
+  access_tags       = var.access_tags
+}
+
+resource "ibm_is_vpc" "example_vpc" {
+  name           = "${var.prefix}-vpc"
+  resource_group = module.resource_group.resource_group_id
+  tags           = var.resource_tags
+}
+
+##############################################################################
+# Create new SSH key
+##############################################################################
+
+resource "tls_private_key" "tls_key" {
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
+resource "ibm_is_ssh_key" "ssh_key" {
+  name       = "${var.prefix}-ssh-key"
+  public_key = tls_private_key.tls_key.public_key_openssh
+}
+
+##############################################################################
+# VSI
+##############################################################################
+
+resource "ibm_is_instance" "vsi" {
+  name           = "${var.prefix}-vsi"
+  image          = "r006-1366d3e6-bf5b-49a0-b69a-8efd93cc225f"
+  profile        = "cx2-2x4"
+  resource_group = module.resource_group.resource_group_id
+  vpc            = ibm_is_vpc.example_vpc.id
+  zone           = "us-south-1"
+  keys           = [ibm_is_ssh_key.ssh_key.id]
+  lifecycle {
+    ignore_changes = [
+      image
+    ]
+  }
+
+  primary_network_interface {
+    subnet               = ibm_is_vpc.example_vpc.subnets[0].id
+    primary_ipv4_address = "10.240.0.6" # will be deprecated. Use primary_ip.[0].address
+    allow_ip_spoofing    = true
+  }
+
+  boot_volume {
+    encryption = "crn:v1:bluemix:public:kms:us-south:a/dffc98a0f1f0f95f6613b3b752286b87:e4a29d1a-2ef0-42a6-8fd2-350deb1c647e:key:5437653b-c4b1-447f-9646-b2a2a4cd6179"
+  }
+
+  network_interfaces {
+    subnet            = ibm_is_vpc.example_vpc.subnets[0].id
+    allow_ip_spoofing = false
+  }
+
+  # User can configure timeouts
+  timeouts {
+    create = "15m"
+    update = "15m"
+    delete = "15m"
+  }
+}
+
+resource "ibm_is_floating_ip" "vsi_fip" {
+  name        = "${var.prefix}-fip"
+  target      = ibm_is_instance.vsi.primary_network_interface[0].id
+  access_tags = var.access_tags
+}
+
+resource "null_resource" "db_connection" {
+  depends_on = [ibm_is_instance.vsi]
+
+  provisioner "remote-exec" {
+    inline = [
+      "sudo apt-get install -y postgresql-client",
+      "psql -h ${module.postgresql_db.hostname} -p ${module.postgresql_db.port}"
+    ]
+    connection {
+      type        = "ssh"
+      host        = ibm_is_floating_ip.vsi_fip.address
+      user        = "admin"
+      private_key = tls_private_key.tls_key.private_key_pem
+    }
+  }
+}
diff --git a/examples/connectivity/outputs.tf b/examples/connectivity/outputs.tf
new file mode 100644
index 00000000..e69de29b
diff --git a/examples/connectivity/provider.tf b/examples/connectivity/provider.tf
new file mode 100644
index 00000000..df45ef50
--- /dev/null
+++ b/examples/connectivity/provider.tf
@@ -0,0 +1,4 @@
+provider "ibm" {
+  ibmcloud_api_key = var.ibmcloud_api_key
+  region           = var.region
+}
diff --git a/examples/connectivity/variables.tf b/examples/connectivity/variables.tf
new file mode 100644
index 00000000..66838a19
--- /dev/null
+++ b/examples/connectivity/variables.tf
@@ -0,0 +1,41 @@
+variable "ibmcloud_api_key" {
+  type        = string
+  description = "The IBM Cloud API Key"
+  sensitive   = true
+}
+
+variable "region" {
+  type        = string
+  description = "Region to provision all resources created by this example."
+  default     = "us-south"
+}
+
+variable "prefix" {
+  type        = string
+  description = "Prefix to append to all resources created by this example"
+  default     = "pg-con"
+}
+
+variable "pg_version" {
+  description = "Version of the postgresql instance. If no value passed, the current ICD preferred version is used."
+  type        = string
+  default     = null
+}
+
+variable "resource_group" {
+  type        = string
+  description = "An existing resource group name to use for this example, if unset a new resource group will be created"
+  default     = null
+}
+
+variable "resource_tags" {
+  type        = list(string)
+  description = "Optional list of tags to be added to created resources"
+  default     = []
+}
+
+variable "access_tags" {
+  type        = list(string)
+  description = "A list of access tags to apply to the PostgreSQL instance created by the module, see https://cloud.ibm.com/docs/account?topic=account-access-tags-tutorial for more details"
+  default     = []
+}
diff --git a/examples/connectivity/version.tf b/examples/connectivity/version.tf
new file mode 100644
index 00000000..875e2dd2
--- /dev/null
+++ b/examples/connectivity/version.tf
@@ -0,0 +1,17 @@
+terraform {
+  required_version = ">= 1.3.0"
+  required_providers {
+    # Pin to the lowest provider version of the range defined in the main module's version.tf to ensure lowest version still works
+    ibm = {
+      source  = "IBM-Cloud/ibm"
+      version = "1.54.0"
+    }
+    tls = {
+      source  = "hashicorp/tls"
+      version = ">= 4.0.4"
+    }
+    null = {
+      version = ">= 3.2.1"
+    }
+  }
+}