From 3d94f7cd0c0c3cb29d2b1141ed5c75c8dce27a5b Mon Sep 17 00:00:00 2001
From: Nikolay <nikchern@gmail.com>
Date: Mon, 11 Oct 2021 22:03:06 -0700
Subject: [PATCH 1/4] Support for OCI repository.

---
 examples/config/registry/registry-dev-1.yaml |  7 +++++++
 examples/config/registry/registry-dev-2.yaml |  7 +++++++
 examples/mod_spectro_org.tf                  |  5 +++++
 spectro-registry.tf                          | 13 +++++++++++++
 variables.tf                                 |  5 +++++
 5 files changed, 37 insertions(+)
 create mode 100644 examples/config/registry/registry-dev-1.yaml
 create mode 100644 examples/config/registry/registry-dev-2.yaml
 create mode 100644 spectro-registry.tf

diff --git a/examples/config/registry/registry-dev-1.yaml b/examples/config/registry/registry-dev-1.yaml
new file mode 100644
index 0000000..02122e4
--- /dev/null
+++ b/examples/config/registry/registry-dev-1.yaml
@@ -0,0 +1,7 @@
+name: "test-nik2"
+type: "ecr" # basic
+endpoint: "123456.dkr.ecr.us-west-1.amazonaws.com"
+is_private: true
+credential_type: "sts"
+arn: "arn:aws:iam::123456:role/stage-demo-ecr"
+external_id: "sjoinjioinM="
\ No newline at end of file
diff --git a/examples/config/registry/registry-dev-2.yaml b/examples/config/registry/registry-dev-2.yaml
new file mode 100644
index 0000000..e764b66
--- /dev/null
+++ b/examples/config/registry/registry-dev-2.yaml
@@ -0,0 +1,7 @@
+name: "test-nik3"
+type: "ecr" # basic
+endpoint: "214575254960.dkr.ecr.us-west-1.amazonaws.com"
+is_private: true
+credential_type: "sts"
+arn: "arn:aws:iam::214575254960:role/stage-demo-ecr"
+external_id: "sJg2F_qzavDE7vHJh4c0bgvoUXkKdvXCObrheKOTMzM="
\ No newline at end of file
diff --git a/examples/mod_spectro_org.tf b/examples/mod_spectro_org.tf
index 9389a6d..a065c97 100644
--- a/examples/mod_spectro_org.tf
+++ b/examples/mod_spectro_org.tf
@@ -41,6 +41,11 @@ module "SpectroOrg" {
     for k in fileset("config/project", "team-*.yaml") :
     trimsuffix(k, ".yaml") => yamldecode(templatefile("config/project/${k}", {}))
   }
+
+  registries = {
+    for k in fileset("config/registry", "registry-*.yaml") :
+    trimsuffix(k, ".yaml") => yamldecode(templatefile("config/registry/${k}", {}))
+  }
 }
 
 module "SpectroProject" {
diff --git a/spectro-registry.tf b/spectro-registry.tf
new file mode 100644
index 0000000..8559956
--- /dev/null
+++ b/spectro-registry.tf
@@ -0,0 +1,13 @@
+resource "spectrocloud_registry_oci" "oci_registry" {
+  for_each = var.registries
+
+  name  = each.value.name
+  type = "ecr"
+  endpoint = each.value.endpoint
+  is_private = true
+  credentials {
+    credential_type = "sts"
+    arn = each.value.arn
+    external_id = each.value.external_id
+  }
+}
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
index b8b666f..d70d200 100644
--- a/variables.tf
+++ b/variables.tf
@@ -22,6 +22,11 @@ variable "teams" {
   default = {}
 }
 
+variable "registries" {
+  type    = map(any)
+  default = {}
+}
+
 variable "clusters" {
   default = {}
 }

From bfdd46a336eaa72f5405f3378b76c20d0f0f1787 Mon Sep 17 00:00:00 2001
From: Nikolay <nikchern@gmail.com>
Date: Tue, 12 Oct 2021 12:41:53 -0700
Subject: [PATCH 2/4] Try cluster rolename replacement.

---
 examples/config/cluster/cluster-eks-dev.yaml | 3 ++-
 examples/config/profile/profile-infra.yaml   | 4 ++--
 examples/mod_spectro_org.tf                  | 9 +++++----
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/examples/config/cluster/cluster-eks-dev.yaml b/examples/config/cluster/cluster-eks-dev.yaml
index bd1ca88..1e5d219 100644
--- a/examples/config/cluster/cluster-eks-dev.yaml
+++ b/examples/config/cluster/cluster-eks-dev.yaml
@@ -1,5 +1,5 @@
 name: eks-dev
-cloud_account: dev-030
+cloud_account: "${ACCOUNT_DEV_NAME}"
 profiles:
   infra:
     name: profile_infra
@@ -8,6 +8,7 @@ profiles:
         version: "1.20"
         override_type: params #[values, params, template]
         params:
+          MACHINE_POOL_ROLE_NAME: MACHINE_POOL_ROLE_NAME_1
           OIDC_IDENTITY_PROVIDER_NAME: eks-oidc # parameter value in cluster profile pack values should be "%OIDC_IDENTITY_PROVIDER_NAME%"
           OIDC_CLAIM_NAME: oidc-custom-claim # parameter value in cluster profile pack values should be "%OIDC_CLAIM_NAME%"
           OIDC_ISSUER_URL: https://123456-okta.com/111111/hello # parameter value in cluster profile pack values should be "%OIDC_ISSUER_URL%"
diff --git a/examples/config/profile/profile-infra.yaml b/examples/config/profile/profile-infra.yaml
index 8f555b5..e24c194 100644
--- a/examples/config/profile/profile-infra.yaml
+++ b/examples/config/profile/profile-infra.yaml
@@ -56,8 +56,8 @@ packs:
         ## This self-managed IAM role(https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) should include the required
         ## policies - 'AmazonEKSWorkerNodePolicy','AmazonEC2ContainerRegistryReadOnly', 'AmazonSSMManagedInstanceCore' and 'AmazonEKS_CNI_Policy'
         ## NOTE: The roleName cannot have the prefix 'ng-role_' since this is reserved for spectro-generated roles
-        #managedMachinePool:
-        #roleName: {{ name of the self-managed role | format "${string}" }}
+        managedMachinePool:
+          roleName: "%MACHINE_POOL_ROLE_NAME%"
 
         ## A list of additional policies to attach to the node group role
         #roleAdditionalPolicies:
diff --git a/examples/mod_spectro_org.tf b/examples/mod_spectro_org.tf
index a065c97..e4f18df 100644
--- a/examples/mod_spectro_org.tf
+++ b/examples/mod_spectro_org.tf
@@ -1,5 +1,5 @@
 locals {
-  accounts_params = { ACCOUNT_DEV_NAME = "ehs-dev-030", ACCOUNT_PROD_NAME = "ehs-stg-004" }
+  accounts_params = { ACCOUNT_DEV_NAME = "dev-030", ACCOUNT_PROD_NAME = "prod-004" }
   bsl_params      = { BSL_NAME = "qa-sharma" }
   profile_params = {
     SPECTRO_REPO_URL       = "https://registry.spectrocloud.com",
@@ -15,7 +15,7 @@ locals {
 }
 
 module "SpectroOrg" {
-  source = "github.com/spectrocloud/terraform-spectrocloud-modules"
+  source = "../"
 
   accounts = {
     for k in fileset("config/account", "account-*.yaml") :
@@ -49,10 +49,11 @@ module "SpectroOrg" {
 }
 
 module "SpectroProject" {
-  source = "github.com/spectrocloud/terraform-spectrocloud-modules"
+  depends_on = [module.SpectroOrg]
+  source = "../"
 
   clusters = {
     for k in fileset("config/cluster", "cluster-eks-*.yaml") :
-    trimsuffix(k, ".yaml") => yamldecode(templatefile("config/cluster/${k}", {}))
+    trimsuffix(k, ".yaml") => yamldecode(templatefile("config/cluster/${k}", local.accounts_params))
   }
 }
\ No newline at end of file

From cc0d982917aaaca2cf9d27526e6ec8814f73953e Mon Sep 17 00:00:00 2001
From: Nikolay <nikchern@gmail.com>
Date: Tue, 12 Oct 2021 17:02:46 -0700
Subject: [PATCH 3/4] Add example for roleName.

---
 examples/config/cluster/cluster-eks-dev.yaml |  2 +-
 examples/config/profile/profile-addon-1.yaml |  8 --------
 examples/config/registry/registry-dev-2.yaml |  6 +++---
 examples/mod_spectro_org.tf                  |  5 ++---
 spectro-profile.tf                           | 20 +++++++++++++++++++-
 5 files changed, 25 insertions(+), 16 deletions(-)

diff --git a/examples/config/cluster/cluster-eks-dev.yaml b/examples/config/cluster/cluster-eks-dev.yaml
index 1e5d219..6f3ed03 100644
--- a/examples/config/cluster/cluster-eks-dev.yaml
+++ b/examples/config/cluster/cluster-eks-dev.yaml
@@ -50,7 +50,7 @@ profiles:
           - PROFILE_NAME: security-app
             PROFILE_SPEC_NAME: security-app
   addons:
-    - name: profile_addon
+    - name: addon-profile-1
 cloud_config:
   aws_region: us-east-1
   aws_vpc_id: vpc-0bf456fc3c7bbe
diff --git a/examples/config/profile/profile-addon-1.yaml b/examples/config/profile/profile-addon-1.yaml
index 747cc4d..9103886 100644
--- a/examples/config/profile/profile-addon-1.yaml
+++ b/examples/config/profile/profile-addon-1.yaml
@@ -324,11 +324,3 @@ packs:
             corednsPathPrefix: ""
             clientCert: ""
             clientCertKey: ""
-
-  - name: "spectro-byo-manifest"
-    type: "spectro"
-    layer: "addon"
-    server: "${ADDON_SPECTRO_REPO_URL}"
-    version: "1.0.0"
-    values: |
-      #Empty manifest.
diff --git a/examples/config/registry/registry-dev-2.yaml b/examples/config/registry/registry-dev-2.yaml
index e764b66..a768f5a 100644
--- a/examples/config/registry/registry-dev-2.yaml
+++ b/examples/config/registry/registry-dev-2.yaml
@@ -1,7 +1,7 @@
 name: "test-nik3"
 type: "ecr" # basic
-endpoint: "214575254960.dkr.ecr.us-west-1.amazonaws.com"
+endpoint: "123456.dkr.ecr.us-west-1.amazonaws.com"
 is_private: true
 credential_type: "sts"
-arn: "arn:aws:iam::214575254960:role/stage-demo-ecr"
-external_id: "sJg2F_qzavDE7vHJh4c0bgvoUXkKdvXCObrheKOTMzM="
\ No newline at end of file
+arn: "arn:aws:iam::123456:role/stage-demo-ecr"
+external_id: "sjoinjoinM="
\ No newline at end of file
diff --git a/examples/mod_spectro_org.tf b/examples/mod_spectro_org.tf
index e4f18df..f08b29f 100644
--- a/examples/mod_spectro_org.tf
+++ b/examples/mod_spectro_org.tf
@@ -15,7 +15,7 @@ locals {
 }
 
 module "SpectroOrg" {
-  source = "../"
+  source = "github.com/spectrocloud/terraform-spectrocloud-modules"
 
   accounts = {
     for k in fileset("config/account", "account-*.yaml") :
@@ -49,8 +49,7 @@ module "SpectroOrg" {
 }
 
 module "SpectroProject" {
-  depends_on = [module.SpectroOrg]
-  source = "../"
+  source = "github.com/spectrocloud/terraform-spectrocloud-modules"
 
   clusters = {
     for k in fileset("config/cluster", "cluster-eks-*.yaml") :
diff --git a/spectro-profile.tf b/spectro-profile.tf
index 2d12270..24ce707 100644
--- a/spectro-profile.tf
+++ b/spectro-profile.tf
@@ -37,7 +37,6 @@ locals {
     v.name => try(v.profiles.addons, [])
   }
 
-  packs = flatten([for v in var.profiles : [for vv in v.packs : vv]])
   cluster_profile_pack_manifests = { for v in flatten([
     for v in var.profiles : [
       for p in v.packs : {
@@ -47,6 +46,24 @@ locals {
     ]
     ]) : v.name => v.value
   }
+
+  packs = flatten([for v in var.profiles : [for vv in v.packs : vv if can(vv.version)]])
+  pack_names    = [for v in local.packs : v.name]
+  pack_versions = [for v in local.packs : v.version]
+
+  count     = length(local.pack_names)
+  pack_uids = [for index, v in local.packs : data.spectrocloud_pack.data_packs[index].id]
+  pack_mapping = zipmap(
+  [for i, v in local.packs : join("", [v.name, "-", v.version])],
+  [for v in local.pack_uids : v]
+  )
+}
+
+data "spectrocloud_pack" "data_packs" {
+  count = length(local.pack_names)
+
+  name    = local.pack_names[count.index]
+  version = local.pack_versions[count.index]
 }
 
 data "spectrocloud_cluster_profile" "this" {
@@ -68,6 +85,7 @@ resource "spectrocloud_cluster_profile" "profile_resource" {
       name   = pack.value.name
       type   = try(pack.value.type, "spectro")
       tag    = try(pack.value.version, "")
+      uid    = lookup(local.pack_mapping, join("", [pack.value.name, "-", try(pack.value.version, "")]), "uid")
       values = try(pack.value.values, "")
 
       dynamic "manifest" {

From 16075e79c72567cf18c4b48dff7a8e22707cdf2c Mon Sep 17 00:00:00 2001
From: Nikolay <nikchern@gmail.com>
Date: Tue, 12 Oct 2021 22:05:14 -0700
Subject: [PATCH 4/4] Put cloud type and credential type as variables.

---
 examples/mod_spectro_org.tf |  1 +
 spectro-profile.tf          |  6 +++---
 spectro-registry.tf         | 12 ++++++------
 3 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/examples/mod_spectro_org.tf b/examples/mod_spectro_org.tf
index f08b29f..ccb5d34 100644
--- a/examples/mod_spectro_org.tf
+++ b/examples/mod_spectro_org.tf
@@ -49,6 +49,7 @@ module "SpectroOrg" {
 }
 
 module "SpectroProject" {
+  depends_on = [module.SpectroOrg]
   source = "github.com/spectrocloud/terraform-spectrocloud-modules"
 
   clusters = {
diff --git a/spectro-profile.tf b/spectro-profile.tf
index 24ce707..99ab046 100644
--- a/spectro-profile.tf
+++ b/spectro-profile.tf
@@ -47,15 +47,15 @@ locals {
     ]) : v.name => v.value
   }
 
-  packs = flatten([for v in var.profiles : [for vv in v.packs : vv if can(vv.version)]])
+  packs         = flatten([for v in var.profiles : [for vv in v.packs : vv if can(vv.version)]])
   pack_names    = [for v in local.packs : v.name]
   pack_versions = [for v in local.packs : v.version]
 
   count     = length(local.pack_names)
   pack_uids = [for index, v in local.packs : data.spectrocloud_pack.data_packs[index].id]
   pack_mapping = zipmap(
-  [for i, v in local.packs : join("", [v.name, "-", v.version])],
-  [for v in local.pack_uids : v]
+    [for i, v in local.packs : join("", [v.name, "-", v.version])],
+    [for v in local.pack_uids : v]
   )
 }
 
diff --git a/spectro-registry.tf b/spectro-registry.tf
index 8559956..92cf038 100644
--- a/spectro-registry.tf
+++ b/spectro-registry.tf
@@ -1,13 +1,13 @@
 resource "spectrocloud_registry_oci" "oci_registry" {
   for_each = var.registries
 
-  name  = each.value.name
-  type = "ecr"
-  endpoint = each.value.endpoint
+  name       = each.value.name
+  type       = each.value.type
+  endpoint   = each.value.endpoint
   is_private = true
   credentials {
-    credential_type = "sts"
-    arn = each.value.arn
-    external_id = each.value.external_id
+    credential_type = each.value.credential_type
+    arn             = each.value.arn
+    external_id     = each.value.external_id
   }
 }
\ No newline at end of file