diff --git a/examples/upgrade/main.tf b/examples/upgrade/main.tf index 5a318658f..ce15571b2 100644 --- a/examples/upgrade/main.tf +++ b/examples/upgrade/main.tf @@ -4,21 +4,48 @@ module "sonar_upgrader"{ source = "./modules/sonar_upgrader_python" agentless_gws = [ { - "ip" = "10.0.1.1" + "ip" = "10.0.1.231" "ssh_user" = "ec2-user" - "ssh_private_key_file_path" = "/home/ssh_key1.pem" + "ssh_private_key_file_path" = "/Users/linda.nasredin/cnc_workspace/dsfkit/examples/poc/sonar_basic_deployment/ssh_keys/dsf_ssh_key-default" "proxy" = { - "ip" = "200.1.1.1" + "ip" = "52.8.79.39" "ssh_user" = "ec2-user" - "ssh_private_key_file_path" = "/home/ssh_key2.pem" + "ssh_private_key_file_path" = "/Users/linda.nasredin/cnc_workspace/dsfkit/examples/poc/sonar_basic_deployment/ssh_keys/dsf_ssh_key-default" + } + }, + { + "ip" = "10.0.1.223" + "ssh_user" = "ec2-user" + "ssh_private_key_file_path" = "/Users/linda.nasredin/cnc_workspace/dsfkit/examples/poc/sonar_basic_deployment/ssh_keys/dsf_ssh_key-default" + "proxy" = { + "ip" = "52.8.79.39" + "ssh_user" = "ec2-user" + "ssh_private_key_file_path" = "/Users/linda.nasredin/cnc_workspace/dsfkit/examples/poc/sonar_basic_deployment/ssh_keys/dsf_ssh_key-default" + } + }, + { + "ip" = "10.0.1.109" + "ssh_user" = "ec2-user" + "ssh_private_key_file_path" = "/Users/linda.nasredin/cnc_workspace/dsfkit/examples/poc/sonar_basic_deployment/ssh_keys/dsf_ssh_key-default" + "proxy" = { + "ip" = "52.8.79.39" + "ssh_user" = "ec2-user" + "ssh_private_key_file_path" = "/Users/linda.nasredin/cnc_workspace/dsfkit/examples/poc/sonar_basic_deployment/ssh_keys/dsf_ssh_key-default" } } ] + dsf_hubs = [ + { + "ip" = "52.8.79.39" + "ssh_user" = "ec2-user" + "ssh_private_key_file_path" = "/Users/linda.nasredin/cnc_workspace/dsfkit/examples/poc/sonar_basic_deployment/ssh_keys/dsf_ssh_key-default" + } + ] - target_version = "4.12.0.10.0" + target_version = "4.13.0.10.0-rc5" # options run_preflight_validations = true run_postflight_validations = true - custom_validations_scripts = ["validation1", "validation2"] - run_upgrade = false + custom_validations_scripts = ["validation1"] + run_upgrade = true } diff --git a/examples/upgrade/outputs.tf b/examples/upgrade/outputs.tf deleted file mode 100644 index a3e440979..000000000 --- a/examples/upgrade/outputs.tf +++ /dev/null @@ -1,72 +0,0 @@ -# output "dsf_agentless_gw" { -# value = { -# for idx, val in module.agentless_gw : "agentless-gw-${idx}" => -# { -# private_ip = try(val.private_ip, null) -# private_dns = try(val.private_dns, null) -# jsonar_uid = try(val.jsonar_uid, null) -# display_name = try(val.display_name, null) -# role_arn = try(val.iam_role, null) -# ssh_command = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${module.key_pair.private_key_file_path} -W %h:%p ${module.hub.ssh_user}@${module.hub.public_ip}' -i ${module.key_pair.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null) -# } -# } -# } - -# output "dsf_hub" { -# value = { -# public_ip = try(module.hub.public_ip, null) -# public_dns = try(module.hub.public_dns, null) -# private_ip = try(module.hub.private_ip, null) -# private_dns = try(module.hub.private_dns, null) -# jsonar_uid = try(module.hub.jsonar_uid, null) -# display_name = try(module.hub.display_name, null) -# role_arn = try(module.hub.iam_role, null) -# ssh_command = try("ssh -i ${module.key_pair.private_key_file_path} ${module.hub.ssh_user}@${module.hub.public_dns}", null) -# } -# } - -# output "web_console_dsf_hub" { -# value = { -# public_url = try(join("", ["https://", module.hub.public_dns, ":8443/"]), null) -# private_url = try(join("", ["https://", module.hub.private_dns, ":8443/"]), null) -# admin_password = nonsensitive(local.password) -# } -# } - -# output "deployment_name" { -# value = local.deployment_name_salted -# } - -# output "dsf_private_ssh_key" { -# sensitive = true -# value = try(module.key_pair.private_key_content, null) -# } - -# output "dsf_private_ssh_key_file_path" { -# value = module.key_pair.private_key_file_path -# } - -# output "dsf_hub_web_console_url" { -# value = try(join("", ["https://", module.hub.public_dns, ":8443/"]), null) -# } - -# output "mysql_db_details" { -# value = try(module.rds_mysql, null) -# } - -# output "mssql_db_details" { -# value = try(module.rds_mssql, null) -# } - -# output "generated_network" { -# value = try({ -# vpc = module.vpc[0].vpc_id -# public_subnets = module.vpc[0].public_subnets -# private_subnets = module.vpc[0].private_subnets -# }, null) -# } - -# output "tokens" { -# value = module.hub.access_tokens -# sensitive = true -# } \ No newline at end of file diff --git a/examples/upgrade/variables.tf b/examples/upgrade/variables.tf deleted file mode 100644 index 2ba513160..000000000 --- a/examples/upgrade/variables.tf +++ /dev/null @@ -1,129 +0,0 @@ -# variable "deployment_name" { -# type = string -# default = "imperva-dsf" -# description = "Deployment name for some of the created resources. Please note that when running the deployment with a custom 'deployment_name' variable, you should ensure that the corresponding condition in the AWS permissions of the user who runs the deployment reflects the new custom variable." -# } - -# variable "sonar_version" { -# type = string -# default = "4.11" -# description = "The Sonar version to install. Supported versions are: ['4.11']" -# validation { -# condition = var.sonar_version == "4.11" -# error_message = "This example supports Sonar version 4.11" -# } -# } - -# variable "gw_count" { -# type = number -# default = 1 -# description = "Number of DSF Agentless Gateways" -# } - -# variable "password" { -# sensitive = true -# type = string -# default = null # Random -# description = "Password for all users and components including internal communication (Agentless Gateways and Hub) and also to DSF Hub web console (Randomly generated if not set)" -# } - -# variable "web_console_cidr" { -# type = list(string) -# default = ["0.0.0.0/0"] -# description = "DSF Hub web console IPs range. Please specify IPs in the following format - [\"x.x.x.x/x\", \"y.y.y.y/y\"]. The default configuration opens the DSF Hub web console as a public website. It is recommended to specify a more restricted IP and CIDR range." -# } - -# variable "database_cidr" { -# type = list(string) -# default = null # workstation ip -# description = "CIDR blocks allowing dummy database access" -# } - -# variable "workstation_cidr" { -# type = list(string) -# default = null -# description = "IP ranges from which SSH/API access will be allowed to setup the deployment. If not set, the public IP of the computer where the Terraform is run is used. Format - [\"x.x.x.x/x\", \"y.y.y.y/y\"]" -# } - -# variable "additional_install_parameters" { -# default = "" -# description = "Additional params for installation tarball. More info in https://docs.imperva.com/bundle/v4.10-sonar-installation-and-setup-guide/page/80035.htm" -# } - -# variable "vpc_ip_range" { -# type = string -# default = "10.0.0.0/16" -# description = "VPC cidr range" -# } - -# variable "private_subnets" { -# type = list(string) -# default = ["10.0.1.0/24", "10.0.2.0/24"] -# description = "VPC private subnet cidr range" -# } - -# variable "public_subnets" { -# type = list(string) -# default = ["10.0.101.0/24", "10.0.102.0/24"] -# description = "VPC public subnet cidr range" -# } - -# variable "subnet_ids" { -# type = object({ -# hub_subnet_id = string -# gw_subnet_id = string -# db_subnet_ids = list(string) -# }) -# default = null -# description = "The IDs of an existing subnets to deploy resources in. Keep empty if you wish to provision new VPC and subnets. db_subnet_ids can be an empty list only if no databases should be provisioned" -# validation { -# condition = var.subnet_ids == null || try(var.subnet_ids.hub_subnet_id != null && var.subnet_ids.gw_subnet_id != null && var.subnet_ids.db_subnet_ids != null, false) -# error_message = "Value must either be null or specified for all" -# } -# } -variable "deployment_name" { - type = string - default = "imperva-dsf" - description = "Deployment name for some of the created resources. Please note that when running the deployment with a custom 'deployment_name' variable, you should ensure that the corresponding condition in the AWS permissions of the user who runs the deployment reflects the new custom variable." -} - - -# variable "hub_ebs_details" { -# type = object({ -# disk_size = number -# provisioned_iops = number -# throughput = number -# }) -# description = "DSF Hub compute instance volume attributes. More info in sizing doc - https://docs.imperva.com/bundle/v4.10-sonar-installation-and-setup-guide/page/78729.htm" -# default = { -# disk_size = 250 -# provisioned_iops = 0 -# throughput = 125 -# } -# } - -# variable "gw_group_ebs_details" { -# type = object({ -# disk_size = number -# provisioned_iops = number -# throughput = number -# }) -# description = "DSF Agentless Gateway compute instance volume attributes. More info in sizing doc - https://docs.imperva.com/bundle/v4.10-sonar-installation-and-setup-guide/page/78729.htm" -# default = { -# disk_size = 150 -# provisioned_iops = 0 -# throughput = 125 -# } -# } - -# variable "db_types_to_onboard" { -# type = list(string) -# default = ["RDS MySQL"] -# description = "DB types to onboard, available types are - 'RDS MySQL', 'RDS MsSQL' with data" -# validation { -# condition = alltrue([ -# for db_type in var.db_types_to_onboard : contains(["RDS MySQL", "RDS MsSQL"], db_type) -# ]) -# error_message = "Valid values should contain at least one of the following: 'RDS MySQL', 'RDS MsSQL'." -# } -# } \ No newline at end of file