Merge pull request #212 from SumoLogic/hpal_kr_support

himanshu219 · web-flow · commit 010140cbaddf · 2024-09-18T11:43:23.000+05:30
SUMO-247510 - Updated terraform version and added kr
diff --git a/.github/workflows/app-components-tf-test.yml b/.github/workflows/app-components-tf-test.yml
@@ -0,0 +1,50 @@
+name: "App Components TF template tests"
+on:
+  pull_request:
+    paths:
+      - 'application-components/**'
+
+jobs:
+
+  ValidateTF:
+    runs-on: ubuntu-latest
+    name: "Validatation (format & syntax)"
+    defaults:
+      run:
+        working-directory: ./application-components
+    steps:
+    - uses: actions/checkout@v4
+      name: Checkout source code
+
+    - uses: hashicorp/setup-terraform@v3
+      name: Setup Terraform
+
+    - name: Terraform fmt
+      id: fmt
+      run: terraform fmt -check -recursive -diff
+      continue-on-error: true
+
+    - name: Terraform Init
+      id: init
+      run: terraform init
+
+    - name: Terraform Validate
+      id: validate
+      run: terraform validate
+
+  TFSecurityChecks:
+    name: "Security Checks (checkov)"
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+
+      - uses: bridgecrewio/checkov-action@master
+        with:
+          directory: 'application-components/'
+          quiet: true
+          framework: terraform
+          output_format: cli
+          output_bc_ids: false
+          download_external_modules: true
+          skip_check: CKV_TF_1,CKV_TF_2
diff --git a/.github/workflows/awso-cf-test.yml b/.github/workflows/awso-cf-test.yml
@@ -1,5 +1,8 @@
-name: "CF template tests"
-on: [workflow_dispatch, pull_request]
+name: "AWSO CF template tests"
+on:
+  pull_request:
+    paths:
+      - 'aws-observability/**'
 
 jobs:
   ValidateLinting:
@@ -14,7 +17,7 @@ jobs:
 
       - name: Print the Cloud Formation Linter Version & run Linter.
         run: |
-          cfn-lint aws-observability/**/*.yaml --ignore-templates aws-observability/**/*TestTemplate.yaml --ignore-checks W3011
+          cfn-lint aws-observability/**/*.yaml --ignore-templates aws-observability/**/*TestTemplate.yaml --ignore-checks W3011,E8001
 
   CFSecurityChecksCheckovt:
     name: "Security Checks (checkov)"
@@ -47,4 +50,4 @@ jobs:
       - name: Validate with cfn_nag
         run: |
           cfn_nag_scan -i aws-observability --ignore-fatal aws-observability/**/TestTemplate.yaml
-        continue-on-error: true
+        continue-on-error: true
diff --git a/.github/workflows/awso-tf-test.yml b/.github/workflows/awso-tf-test.yml
@@ -1,5 +1,8 @@
-name: "TF template tests"
-on: [workflow_dispatch, pull_request]
+name: "AWSO TF template tests"
+on:
+  pull_request:
+    paths:
+      - 'aws-observability-terraform/**'
 
 jobs:
 
diff --git a/.github/workflows/sdo-tf-test.yml b/.github/workflows/sdo-tf-test.yml
@@ -0,0 +1,60 @@
+name: "SDO TF template tests"
+on:
+  pull_request:
+    paths:
+      - 'software-development-optimization-terraform/**'
+
+jobs:
+
+  ValidateTF:
+    runs-on: ubuntu-latest
+    name: "Validatation (format & syntax)"
+    defaults:
+      run:
+        working-directory: ./software-development-optimization-terraform
+    steps:
+    - uses: actions/checkout@v4
+      name: Checkout source code
+
+    - uses: hashicorp/setup-terraform@v3
+      name: Setup Terraform
+      with:
+        terraform_version: "0.12.31"
+
+    - name: Download and extract the terraform-provider-jira plugin version 0.1.11
+      run: |
+        curl -LO https://github.com/fourplusone/terraform-provider-jira/releases/download/v0.1.11/terraform-provider-jira_linux_amd64.zip && mkdir -p ~/.terraform.d/plugins/linux_amd64 && unzip terraform-provider-jira_linux_amd64.zip -d ~/.terraform.d/plugins/linux_amd64/ && rm terraform-provider-jira_linux_amd64.zip
+
+    - name: Download and install the terraform-provider-restapi plugin version 1.12.0
+      run: |
+        curl -LO https://github.com/Mastercard/terraform-provider-restapi/releases/download/v1.12.0/terraform-provider-restapi_v1.12.0-linux-amd64 && chmod +x terraform-provider-restapi_v1.12.0-linux-amd64 && mv terraform-provider-restapi_v1.12.0-linux-amd64 ~/.terraform.d/plugins/linux_amd64/terraform-provider-restapi
+
+    - name: Terraform fmt
+      id: fmt
+      run: terraform fmt -check -recursive -diff
+      continue-on-error: true
+
+    - name: Terraform Init
+      id: init
+      run: terraform init
+
+    - name: Terraform Validate
+      id: validate
+      run: terraform validate
+
+  TFSecurityChecks:
+    name: "Security Checks (checkov)"
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+
+      - uses: bridgecrewio/checkov-action@master
+        with:
+          directory: 'software-development-optimization-terraform/'
+          quiet: true
+          framework: terraform
+          output_format: cli
+          output_bc_ids: false
+          download_external_modules: true
+          skip_check: CKV_TF_1,CKV_TF_2
diff --git a/.github/workflows/slo-tf-test.yml b/.github/workflows/slo-tf-test.yml
@@ -0,0 +1,50 @@
+name: "SLO Packages TF template tests"
+on:
+  pull_request:
+    paths:
+      - 'slo_packages/**'
+
+jobs:
+
+  ValidateTF:
+    runs-on: ubuntu-latest
+    name: "Validatation (format & syntax)"
+    defaults:
+      run:
+        working-directory: ./slo_packages
+    steps:
+    - uses: actions/checkout@v4
+      name: Checkout source code
+
+    - uses: hashicorp/setup-terraform@v3
+      name: Setup Terraform
+
+    - name: Terraform fmt
+      id: fmt
+      run: terraform fmt -check -recursive -diff
+      continue-on-error: true
+
+    - name: Terraform Init
+      id: init
+      run: terraform init
+
+    - name: Terraform Validate
+      id: validate
+      run: terraform validate
+
+  TFSecurityChecks:
+    name: "Security Checks (checkov)"
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+
+      - uses: bridgecrewio/checkov-action@master
+        with:
+          directory: 'slo_packages/'
+          quiet: true
+          framework: terraform
+          output_format: cli
+          output_bc_ids: false
+          download_external_modules: true
+          skip_check: CKV_TF_1,CKV_TF_2
diff --git a/application-components/RESOURCES.md b/application-components/RESOURCES.md
@@ -243,7 +243,7 @@
 | <a name="input_sqlserver_monitor_folder"></a> [sqlserver\_monitor\_folder](#input\_sqlserver\_monitor\_folder) | Folder where sqlserver monitors will be created. | `string` | `"SQL Server"` | no |
 | <a name="input_sumologic_access_id"></a> [sumologic\_access\_id](#input\_sumologic\_access\_id) | Sumo Logic Access ID. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key | `string` | n/a | yes |
 | <a name="input_sumologic_access_key"></a> [sumologic\_access\_key](#input\_sumologic\_access\_key) | Sumo Logic Access Key. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key | `string` | n/a | yes |
-| <a name="input_sumologic_environment"></a> [sumologic\_environment](#input\_sumologic\_environment) | Enter au, ca, de, eu, jp, us2, in, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security | `string` | n/a | yes |
+| <a name="input_sumologic_environment"></a> [sumologic\_environment](#input\_sumologic\_environment) | Enter au, ca, de, eu, jp, us2, in, fed, kr or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security | `string` | n/a | yes |
 | <a name="input_sumologic_organization_id"></a> [sumologic\_organization\_id](#input\_sumologic\_organization\_id) | You can find your org on the Preferences page in the Sumo Logic UI. For more information, see the Preferences Page topic. Your org ID will be used to configure the IAM Role for Sumo Logic AWS Sources."<br>            For more details, visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page | `string` | n/a | yes |
 
 ## Outputs
diff --git a/application-components/common_component.tf b/application-components/common_component.tf
@@ -12,6 +12,21 @@ resource "sumologic_field" "environment" {
 }
 
 
+resource "sumologic_field" "pod_labels_environment" {
+  count      = length(local.all_components_values) > 0 && local.has_any_kubernetes_deployments ? 1 : 0
+  data_type  = "String"
+  field_name = "pod_labels_environment"
+  state      = "Enabled"
+}
+
+
+resource "sumologic_field" "pod_labels_component" {
+  count      = length(local.all_components_values) > 0 && local.has_any_kubernetes_deployments ? 1 : 0
+  data_type  = "String"
+  field_name = "pod_labels_component"
+  state      = "Enabled"
+}
+
 # ********************** Application Components App ********************** #
 locals {
   application_component_app_id          = "22aa033e-5a36-4a20-b07d-810096e18050"
diff --git a/application-components/db_component.tf b/application-components/db_component.tf
@@ -62,7 +62,7 @@ resource "sumologic_field" "pod_labels_db_cluster_port" {
 # ********************** Database component FERs ********************** #
 
 resource "sumologic_field_extraction_rule" "SumoLogicFieldExtractionRulesForDatabase" {
-  depends_on       = [sumologic_field.db_cluster, sumologic_field.db_system, sumologic_field.db_cluster_address, sumologic_field.db_cluster_port, sumologic_field.pod_labels_db_cluster, sumologic_field.pod_labels_db_system, sumologic_field.pod_labels_db_cluster_address, sumologic_field.pod_labels_db_cluster_port]
+  depends_on       = [sumologic_field.db_cluster, sumologic_field.db_system, sumologic_field.db_cluster_address, sumologic_field.db_cluster_port, sumologic_field.pod_labels_db_cluster, sumologic_field.pod_labels_db_system, sumologic_field.pod_labels_db_cluster_address, sumologic_field.pod_labels_db_cluster_port,sumologic_field.component,sumologic_field.environment, sumologic_field.pod_labels_environment, sumologic_field.pod_labels_component]
   count            = length(local.all_components_values) > 0 && local.has_any_kubernetes_deployments ? 1 : 0
   enabled          = true
   name             = local.database_fer_name
diff --git a/application-components/fields.sh b/application-components/fields.sh
@@ -2,7 +2,7 @@
 
 # ----------------------------------------------------------------------------------------------------------------------------------------------------------
 # This script imports the existing fields and FERs (required by aws observability solution) if field(s) and FER(s) are already present in the user's Sumo Logic account.
-# For SUMOLOGIC_ENV, provide one from the list : au, ca, de, eu, jp, us2, in, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security"
+# For SUMOLOGIC_ENV, provide one from the list : au, ca, de, eu, jp, us2, in, kr, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security"
 # Before using this script, set following environment variables using below commands:
 # export SUMOLOGIC_ENV=""
 # export SUMOLOGIC_ACCESSID=""
@@ -16,8 +16,8 @@ if ! foobar_loc="$(type -p "jq")" || [[ -z $foobar_loc ]]; then
 fi
 
 # Validate Sumo Logic environment/deployment.
-if ! [[ "$SUMOLOGIC_ENV" =~ ^(au|ca|de|eu|jp|us2|in|fed|us1)$ ]]; then
-    echo "$SUMOLOGIC_ENV is invalid Sumo Logic deployment. For SUMOLOGIC_ENV, provide one from list : au, ca, de, eu, jp, us2, in, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security"
+if ! [[ "$SUMOLOGIC_ENV" =~ ^(au|ca|de|eu|jp|us2|in|fed|kr|us1)$ ]]; then
+    echo "$SUMOLOGIC_ENV is invalid Sumo Logic deployment. For SUMOLOGIC_ENV, provide one from list : au, ca, de, eu, jp, us2, in, fed, kr or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security"
     exit 1
 fi
 
diff --git a/application-components/main.auto.tfvars b/application-components/main.auto.tfvars
@@ -3,7 +3,7 @@
 
 ####### SUMOLOGIC CONFIGURATION #######
 
-sumologic_environment     = ""   # Please replace <YOUR SUMO DEPLOYMENT> (including brackets) with au, ca, de, eu, jp, us2, in, fed or us1.
+sumologic_environment     = ""   # Please replace <YOUR SUMO DEPLOYMENT> (including brackets) with au, ca, de, eu, jp, us2, in, fed, kr or us1.
 sumologic_access_id       = ""   # Please replace <YOUR SUMO ACCESS ID> (including brackets) with your Sumo Logic Access ID.
 sumologic_access_key      = ""   # Please replace <YOUR SUMO ACCESS KEY> (including brackets) with your Sumo Logic Access KEY.
 sumologic_organization_id = ""   # Please replace <YOUR SUMO ORG ID> (including brackets) with your Sumo Logic Organization ID.
diff --git a/application-components/variables.tf b/application-components/variables.tf
@@ -2,7 +2,7 @@
 
 variable "sumologic_environment" {
   type        = string
-  description = "Enter au, ca, de, eu, jp, us2, in, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security"
+  description = "Enter au, ca, de, eu, jp, us2, in, kr, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security"
 
   validation {
     condition = contains([
@@ -16,8 +16,9 @@ variable "sumologic_environment" {
       "us1",
       "us2",
       "in",
+      "kr",
     "fed"], var.sumologic_environment)
-    error_message = "The value must be one of au, ca, de, eu, jp, us1, us2, in, or fed."
+    error_message = "The value must be one of au, ca, de, eu, jp, us1, us2, in, kr or fed."
   }
 }
 
diff --git a/application-components/versions.tf b/application-components/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
 
     sumologic = {
-      version = ">= 2.19.0"
+      version = ">= 2.31.3, < 3.0.0"
       source  = "SumoLogic/sumologic"
     }
     time = {
diff --git a/slo_packages/aws/README.md b/slo_packages/aws/README.md
@@ -27,7 +27,7 @@ Required in the aws_slo.auto.tfvars file.
 |------|-------------|------|---------|:--------:|
 | <a name="input_access_id"></a> [access\_id](#access\_id) | Sumo Logic Access ID. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key | `string` | n/a | yes |
 | <a name="input_access_key"></a> [access\_key](#access\_key) | Sumo Logic Access Key. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key | `string` | n/a | yes |
-| <a name="input_environment"></a> [environment](#environment) | Enter au, ca, de, eu, jp, us2, in, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security | `string` | n/a | yes |
+| <a name="input_environment"></a> [environment](#environment) | Enter au, ca, de, eu, jp, us2, in, kr, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security | `string` | n/a | yes |
 | <a name="input_folder"></a> [folder](#folder) | Indicates the SLO installation folder. | `string` | `"AWS"` | no |
 | <a name="input_aws_elb_data_filter"></a> [aws\_elb\_data\_filter](#aws\_elb\_data\_filter) | AWS ELB Data Filter. For eg: account=prod | `string` | `""` | yes |
 | <a name="input_time_zone"></a> [time\_zone](#time\_zone) | Time zone for the SLO compliance. Follow the format in the IANA Time Zone Database. | `string` | `"Asia/Kolkata"` | yes |
@@ -133,4 +133,4 @@ Raise issues at [Issues](https://github.com/SumoLogic/sumologic-solution-templat
 
 * Fork the project on [Github](https://github.com/SumoLogic/sumologic-solution-templates).
 * Make your feature addition or fix bug, write tests and commit.
-* Create a pull request with one of the maintainer as Reviewer.
+* Create a pull request with one of the maintainer as Reviewer.
diff --git a/slo_packages/aws/variables.tf b/slo_packages/aws/variables.tf
@@ -20,8 +20,8 @@ variable "environment" {
   validation {
     condition = contains([
       "US1",
-    "us1","US2","us2","AU","au","CA","ca","DE","de","EU","eu","FED","fed","JP","jp","IN","in"], var.environment)
-    error_message = "Argument \"environment\" must be one of \"us1\",\"us2\",\"au\",\"ca\",\"de\",\"eu\",\"fed\",\"jp\",\"in\"."
+    "us1","US2","us2","AU","au","CA","ca","DE","de","EU","eu","FED","fed","JP","jp","IN","in", "KR", "kr"], var.environment)
+    error_message = "Argument \"environment\" must be one of \"us1\",\"us2\",\"au\",\"ca\",\"de\",\"eu\",\"fed\",\"jp\",\"kr\",\"in\"."
   }
 }
 variable "folder" {
@@ -129,4 +129,4 @@ variable "time_zone" {
 variable "aws_elb_data_filter" {
   type = string
   description = "AWS ELB Data Filter. For eg: account=prod"
-}
+}
diff --git a/slo_packages/aws/versions.tf b/slo_packages/aws/versions.tf
@@ -3,8 +3,8 @@ terraform {
 
   required_providers {
     sumologic = {
-      version = "~> 2.16.2"
+      version = ">= 2.31.3, < 3.0.0"
       source = "SumoLogic/sumologic"
     }
   }
-}
+}
diff --git a/software-development-optimization-terraform/Dockerfile b/software-development-optimization-terraform/Dockerfile
@@ -27,12 +27,13 @@ RUN curl -LO https://github.com/fourplusone/terraform-provider-jira/releases/dow
     && rm terraform-provider-jira_linux_amd64.zip 
 
 # Download and install the terraform-provider-restapi plugin
-RUN curl -LO https://github.com/Mastercard/terraform-provider-restapi/releases/download/v1.8.0/terraform-provider-restapi_v1.8.0-linux-amd64 \
-    && chmod +x terraform-provider-restapi_v1.8.0-linux-amd64 \
-    && mv terraform-provider-restapi_v1.8.0-linux-amd64 /usr/local/bin/terraform-provider-restapi
+RUN curl -LO https://github.com/Mastercard/terraform-provider-restapi/releases/download/v1.12.0/terraform-provider-restapi_v1.12.0-linux-amd64 \
+    && chmod +x terraform-provider-restapi_v1.12.0-linux-amd64 \
+    && mv terraform-provider-restapi_v1.12.0-linux-amd64 /usr/local/bin/terraform-provider-restapi
 
 # Set the working directory
 WORKDIR /sdo
+COPY . /sdo
 
 # Set an entry point for convenience (you can customize this)
 ENTRYPOINT ["bash"]
diff --git a/software-development-optimization-terraform/providers.tf b/software-development-optimization-terraform/providers.tf
@@ -7,7 +7,7 @@ terraform {
     #   jira = "~> 0.1.11"
     github    = "~> 2.8"
     pagerduty = "~> 2.3"
-    sumologic = "~> 2.1.0"
+    sumologic = ">= 2.31.3, < 3.0.0"
     gitlab    = "3.6.0"
   }
-}
+}
diff --git a/software-development-optimization-terraform/scripts/set-sumologic-access-keys.sh b/software-development-optimization-terraform/scripts/set-sumologic-access-keys.sh
@@ -16,7 +16,7 @@ sumologic_access_key=""
 read -r sumologic_access_key
 ./scripts/update_sdo_variable sumo_access_key $sumologic_access_key
 
-echo -n "Sumo Logic Deployment Region [US1, US2, JP, IN, FED, EU, DE CA, AU]: "
+echo -n "Sumo Logic Deployment Region [US1, US2, JP, KR, IN, FED, EU, DE, CA, AU]: "
 sumologic_deployment_region=""
 read -r sumologic_deployment_region
 # Make sure we only have to deal with lowercase region values
@@ -33,6 +33,9 @@ case $sumologic_deployment_region  in
   "jp")
     sumologic_api_endpoint="https://api.jp.sumologic.com/api/"
     ;;
+  "kr")
+    sumologic_api_endpoint="https://api.kr.sumologic.com/api/"
+    ;;
   "in")
     sumologic_api_endpoint="https://api.in.sumologic.com/api/"
     ;;
diff --git a/software-development-optimization-terraform/variables.tf b/software-development-optimization-terraform/variables.tf
