Implementation of a terraform provider to support working with IBM Cloud Hyper Protect Virtual Server for IBM Cloud VPC.
- Installation of terraform for your platform
- OpenSSL binary (not LibreSSL), the path to the binary can be configured via the
OPENSSL_BINenvironment variable
The terraform provider exposes a set of resources that help assemble the user_data section for a contract:
Use this resource to create a tgz archive of your docker-compose folder. You can access the base64 encoded content via the rendered property.
resource "hpcr_tgz" "compose" {
folder = var.FOLDER
}Use this resource to encrypt a string, per default the implementation uses encryption key of the latest HPCR image.
resource "hpcr_text_encrypted" "workload" {
text = yamlencode({
"compose" : {
"archive" : resource.hpcr_tgz.compose.rendered
}
})
}The typical usecase is to encrypt the workload and the env section separately and to pass in the yml encoded contract as an input.
Use this datasource to find the matching HPCR stock image.
data "ibm_is_images" "hyper_protect_images" {
visibility = "public"
status = "available"
}
data "hpcr_image" "selected_image" {
images= jsonencode(data.ibm_is_images.hyper_protect_images.images)
}This data source accepts a list of available VPC image (e.g. from the VPC is_images datasource). The list needs to be serialized to JSON.
Optionally the datasource takes a spec parameter that can be used as a version constraint.
The result of the lookup can be accessed via the following attributes:
image: ID of the selected imageversion: semantic version string of the selected image (e.g.1.0.8)
The repository uses semantic-release. Please author the commit messages accordingly.