chore(deps): update terraform-module (#137)

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "go.sum|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2023-12-11T07:11:22Z",
+  "generated_at": "2023-12-12T07:11:22Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"

examples/basic/main.tf

@@ -4,7 +4,7 @@
 
 module "resource_group" {
   source  = "terraform-ibm-modules/resource-group/ibm"
-  version = "1.1.5"
+  version = "1.1.6"
   # if an existing resource group is not set (null) create a new one using prefix
   resource_group_name          = var.resource_group == null ? "${var.prefix}-resource-group" : null
   existing_resource_group_name = var.resource_group
@@ -70,9 +70,8 @@ locals {
 module "ocp_base" {
   count                = var.is_openshift && var.is_vpc_cluster ? 1 : 0
   source               = "terraform-ibm-modules/base-ocp-vpc/ibm"
-  version              = "3.25.0"
+  version              = "3.31.1"
   cluster_name         = var.prefix
-  ibmcloud_api_key     = var.ibmcloud_api_key
   resource_group_id    = module.resource_group.resource_group_id
   region               = var.region
   force_delete_storage = true
@@ -155,7 +154,7 @@ resource "ibm_network_vlan" "private_vlan" {
 
 module "scc_wp" {
   source            = "terraform-ibm-modules/scc-workload-protection/ibm"
-  version           = "v1.3.0"
+  version           = "v1.4.0"
   name              = "${var.prefix}-scc-wp"
   region            = var.region
   resource_group_id = module.resource_group.resource_group_id

examples/secure/main.tf

@@ -3,7 +3,7 @@
 ##############################################################################
 module "resource_group" {
   source  = "terraform-ibm-modules/resource-group/ibm"
-  version = "1.1.5"
+  version = "1.1.6"
   # if an existing resource group is not set (null) create a new one using prefix
   resource_group_name          = var.resource_group == null ? "${var.prefix}-resource-group" : null
   existing_resource_group_name = var.resource_group
@@ -15,7 +15,7 @@ module "resource_group" {
 
 module "kp_all_inclusive" {
   source                    = "terraform-ibm-modules/kms-all-inclusive/ibm"
-  version                   = "4.14.1"
+  version                   = "4.15.13"
   key_protect_instance_name = "${var.prefix}-kp-instance"
   resource_group_id         = module.resource_group.resource_group_id
   region                    = var.region
@@ -71,9 +71,8 @@ locals {
 
 module "ocp_base" {
   source                       = "terraform-ibm-modules/base-ocp-vpc/ibm"
-  version                      = "3.25.0"
+  version                      = "3.31.1"
   cluster_name                 = var.prefix
-  ibmcloud_api_key             = var.ibmcloud_api_key
   resource_group_id            = module.resource_group.resource_group_id
   region                       = var.region
   force_delete_storage         = true
@@ -82,13 +81,15 @@ module "ocp_base" {
   vpc_id                       = module.slz_vpc.vpc_id
   vpc_subnets                  = local.cluster_vpc_subnets
   worker_pools                 = local.worker_pools
-  ocp_version                  = "4.14"
   tags                         = var.resource_tags
   kms_config = {
     instance_id = module.kp_all_inclusive.kms_guid
     crk_id      = module.kp_all_inclusive.keys["ocp.${var.prefix}-cluster-key"].key_id
   }
   access_tags = var.access_tags
+  # workaround for the issue https://github.ibm.com/GoldenEye/issues/issues/10743
+  # when the issue is fixed on IKS so the destruction of default workers pool is correctly managed on the provider/clusters service the workaround should be removed
+  import_default_worker_pool_on_create = false
 }
 
 #############################################################################
@@ -97,7 +98,7 @@ module "ocp_base" {
 
 module "slz_vpc" {
   source                                 = "terraform-ibm-modules/landing-zone-vpc/ibm"
-  version                                = "7.18.2"
+  version                                = "7.19.0"
   resource_group_id                      = module.resource_group.resource_group_id
   region                                 = var.region
   name                                   = "wp-vpc"
@@ -124,7 +125,7 @@ module "slz_vpc" {
 
 module "scc_wp" {
   source            = "terraform-ibm-modules/scc-workload-protection/ibm"
-  version           = "v1.3.0"
+  version           = "v1.4.0"
   name              = "${var.prefix}-scc-wp"
   region            = var.region
   resource_group_id = module.resource_group.resource_group_id

tests/pr_test.go

@@ -17,6 +17,12 @@ var ignoreUpdates = []string{
 	"module.scc_wp_agent.helm_release.scc_wp_agent",
 }
 
+var ImplicitDestroyOCP = []string{
+	// workaround for the issue https://github.ibm.com/GoldenEye/issues/issues/10743
+	// when the issue is fixed on IKS, so the destruction of default workers pool is correctly managed on provider/clusters service the next two entries should be removed
+	"'module.ocp_base[0].ibm_container_vpc_worker_pool.pool[\"default\"]'",
+}
+
 func setupOptions(t *testing.T, prefix string, dir string) *testhelper.TestOptions {
 	options := testhelper.TestOptionsDefaultWithVars(&testhelper.TestOptions{
 		Testing:      t,
@@ -35,6 +41,7 @@ func TestRunBasicExample(t *testing.T) {
 	t.Parallel()
 
 	options := setupOptions(t, "scc-wp-a-basic", basicExampleDir)
+	options.ImplicitDestroy = ImplicitDestroyOCP
 
 	output, err := options.RunTestConsistency()
 	assert.Nil(t, err, "This should not have errored")
@@ -45,6 +52,7 @@ func TestRunBasicUpgradeExample(t *testing.T) {
 	t.Parallel()
 
 	options := setupOptions(t, "scc-wp-a-basic-upg", basicExampleDir)
+	options.ImplicitDestroy = ImplicitDestroyOCP
 
 	output, err := options.RunTestUpgrade()
 	if !options.UpgradeTestSkipped {