terraform-ibm-modules · maheshwarishikha · Jan 15, 2025 · Jan 10, 2025 · Jan 10, 2025 · Jan 10, 2025
@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+offerings:
+  - name: deploy-arch-ibm-watsonx-ai
+    kind: solution
+    catalog_id: 7df1e4ca-d54c-4fd0-82ce-3d13247308cd
+    offering_id: 85b7c3d8-c947-408c-896c-52b375ceb1c0
+    variations:
+      - name: standard
+        mark_ready: true
+        install_type: fullstack
+        scc:
+          instance_id: 1c7d5f78-9262-44c3-b779-b28fe4d88c37
+          region: us-south
@@ -10,6 +10,9 @@
     }],
     ["@semantic-release/exec", {
       "successCmd": "echo \"SEMVER_VERSION=${nextRelease.version}\" >> $GITHUB_ENV"
+    }],
+    ["@semantic-release/exec",{
+      "publishCmd": "./ci/trigger-catalog-onboarding-pipeline.sh --version=v${nextRelease.version}"
     }]
   ]
 }
@@ -136,17 +136,17 @@ statement instead the previous block.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_cos_instance_crn"></a> [cos\_instance\_crn](#input\_cos\_instance\_crn) | The CRN of the Cloud Object Storage instance. | `string` | n/a | yes |
-| <a name="input_cos_kms_key_crn"></a> [cos\_kms\_key\_crn](#input\_cos\_kms\_key\_crn) | The CRN of a KMS key. It is used to encrypt the COS buckets used by the watsonx projects. | `string` | `null` | no |
+| <a name="input_cos_kms_key_crn"></a> [cos\_kms\_key\_crn](#input\_cos\_kms\_key\_crn) | The CRN of a KMS (Key Protect) key. It is used to encrypt the COS buckets used by the watsonx.ai projects. | `string` | `null` | no |
 | <a name="input_create_watsonx_ai_project"></a> [create\_watsonx\_ai\_project](#input\_create\_watsonx\_ai\_project) | Whether to create and configure a starter watsonx.ai project. | `bool` | `true` | no |
-| <a name="input_enable_cos_kms_encryption"></a> [enable\_cos\_kms\_encryption](#input\_enable\_cos\_kms\_encryption) | Flag to enable COS KMS encryption. If set to true, a value must be passed for `existing_cos_kms_key_crn`. | `bool` | `false` | no |
-| <a name="input_existing_ai_runtime_instance_crn"></a> [existing\_ai\_runtime\_instance\_crn](#input\_existing\_ai\_runtime\_instance\_crn) | The CRN of an existing watsonx.ai Runtime instance. If not provided, a new instance will be provisioned. | `string` | `null` | no |
+| <a name="input_enable_cos_kms_encryption"></a> [enable\_cos\_kms\_encryption](#input\_enable\_cos\_kms\_encryption) | Flag to enable COS KMS encryption. If set to true, a value must be passed for `cos_kms_key_crn`. | `bool` | `false` | no |
+| <a name="input_existing_watsonx_ai_runtime_instance_crn"></a> [existing\_watsonx\_ai\_runtime\_instance\_crn](#input\_existing\_watsonx\_ai\_runtime\_instance\_crn) | The CRN of an existing watsonx.ai Runtime instance. If not provided, a new instance will be provisioned. | `string` | `null` | no |
 | <a name="input_existing_watsonx_ai_studio_instance_crn"></a> [existing\_watsonx\_ai\_studio\_instance\_crn](#input\_existing\_watsonx\_ai\_studio\_instance\_crn) | The CRN of an existing watsonx.ai Studio instance. If not provided, a new instance will be provisioned. | `string` | `null` | no |
 | <a name="input_mark_as_sensitive"></a> [mark\_as\_sensitive](#input\_mark\_as\_sensitive) | Set to true to allow the watsonx.ai project to be created with 'Mark as sensitive' flag. It enforces access restriction and prevents data from being moved out of the project. | `bool` | `false` | no |
 | <a name="input_prefix"></a> [prefix](#input\_prefix) | Prefix to add to all watsonx.ai resources created by this module. | `string` | n/a | yes |
 | <a name="input_project_description"></a> [project\_description](#input\_project\_description) | A description of the watsonx.ai project that is created. | `string` | `"Watsonx project created by the watsonx.ai module."` | no |
 | <a name="input_project_name"></a> [project\_name](#input\_project\_name) | The name of the watsonx.ai project. | `string` | `"demo"` | no |
 | <a name="input_project_tags"></a> [project\_tags](#input\_project\_tags) | A list of tags associated with the watsonx.ai project. Each tag consists of a string containing up to 255 characters. These tags can include spaces, letters, numbers, underscores, dashes, as well as the symbols # and @. | `list(string)` | <pre>[<br/>  "watsonx-ai"<br/>]</pre> | no |
-| <a name="input_region"></a> [region](#input\_region) | Region where the watsonx resources will be provisioned. | `string` | `"us-south"` | no |
+| <a name="input_region"></a> [region](#input\_region) | Region where the watsonx.ai resources will be provisioned. | `string` | `"us-south"` | no |
 | <a name="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id) | The resource group ID where the watsonx services will be provisioned. Required when creating a new instance. | `string` | `null` | no |
 | <a name="input_resource_tags"></a> [resource\_tags](#input\_resource\_tags) | Optional list of tags to describe the service instances created by the module. | `list(string)` | `[]` | no |
 | <a name="input_skip_iam_authorization_policy"></a> [skip\_iam\_authorization\_policy](#input\_skip\_iam\_authorization\_policy) | Whether to create an IAM authorization policy that permits the Object Storage instance to read the encryption key from the KMS instance. An authorization policy must exist before an encrypted bucket can be created. Set to `true` to avoid creating the policy. | `bool` | `false` | no |

@@ -0,0 +1,231 @@
+{
+    "products": [
+      {
+        "name": "deploy-arch-ibm-watsonx-ai",
+        "label": "watsonx.ai",
+        "product_kind": "solution",
+        "tags": [
+          "ibm_created",
+          "target_terraform",
+          "terraform",
+          "ai",
+          "solution"
+        ],
+        "keywords": [
+          "watsonx ai",
+          "watsonx.ai",
+          "watsonx.ai project",
+          "IaC",
+          "infrastructure as code",
+          "terraform",
+          "solution",
+          "ai"
+        ],
+        "short_description": "Creates and configures IBM watsonx.ai Project",
+        "long_description": "This architecture supports creating and configuring the instances of watsonx.ai Studio, watsonx.ai Runtime and creates a KMS encrypted watsonx.ai Project.",
+        "offering_docs_url": "https://github.com/terraform-ibm-modules/terraform-ibm-watsonx-ai/blob/main/README.md",
+        "offering_icon_url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-watsonx-ai/main/images/watsonx-ai-da.svg",
+        "provider_name": "IBM",
+        "features": [
+          {
+            "title": "Creates an instance of IBM watsonx.ai Studio",
+            "description": "Creates and configures an IBM watsonx.ai Studio instance."
+          },
+          {
+            "title": "Creates an instance of IBM watsonx.ai Runtime",
+            "description": "Creates and configures an IBM watsonx.ai Runtime instance."
+          },
+          {
+            "title": "Configures the watsonx profile for IBM Cloud user",
+            "description": "Configures the watsonx profile for IBM Cloud user."
+          },
+          {
+            "title": "Creates a KMS encryption enabled IBM watsonx.ai project",
+            "description": "Create and configures a KMS encryption enabled IBM watsonx.ai project."
+          }
+        ],
+        "flavors": [
+          {
+            "label": "Standard",
+            "name": "standard",
+            "install_type": "fullstack",
+            "working_directory": "solutions/standard",
+            "compliance": {
+              "authority": "scc-v3",
+              "profiles": [
+                {
+                  "profile_name": "IBM Cloud Framework for AI Security Guardrails 2.0",
+                  "profile_version": "1.1.0"
+                }
+              ]},
+            "iam_permissions": [
+              {
+                "role_crns": [
+                  "crn:v1:bluemix:public:iam::::role:Editor"
+                ],
+                "service_name": "all-account-management-services"
+              },
+              {
+                "role_crns": [
+                  "crn:v1:bluemix:public:iam::::role:Editor"
+                ],
+                "service_name": "data-science-experience"
+              },
+              {
+                "role_crns": [
+                  "crn:v1:bluemix:public:iam::::role:Editor"
+                ],
+                "service_name": "pm-20"
+              },
+              {
+                "role_crns": [
+                  "crn:v1:bluemix:public:iam::::serviceRole:Manager",
+                  "crn:v1:bluemix:public:iam::::role:Editor"
+                ],
+                "service_name": "cloud-object-storage"
+              }
+            ],
+            "architecture": {
+              "descriptions": "This architecture creates and configures an IBM watsonx.ai Project.",
+              "features": [
+                {
+                    "title": "Creates an instance of IBM watsonx.ai Studio",
+                    "description": "Creates and configures an IBM watsonx.ai Studio instance."
+                },
+                {
+                    "title": "Creates an instance of IBM watsonx.ai Runtime",
+                    "description": "Creates and configures an IBM watsonx.ai Runtime instance."
+                },
+                {
+                    "title": "Configures the watsonx profile for IBM Cloud user",
+                    "description": "Configures the watsonx profile for IBM Cloud user."
+                },
+                {
+                    "title": "Creates a KMS encryption enabled IBM watsonx.ai project",
+                    "description": "Create and configures a KMS encryption enabled IBM watsonx.ai project."
+                }
+              ],
+              "diagrams": [
+                {
+                  "diagram": {
+                    "caption": "watsonx.ai on IBM Cloud",
+                    "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-watsonx-ai/main/reference-architecture/watsonx-ai-da.svg",
+                    "type": "image/svg+xml"
+                  },
+                  "description": "This architecture creates and configures an IBM watsonx.ai Project."
+                }
+              ]
+            },
+            "configuration": [
+                {
+                  "key": "ibmcloud_api_key",
+                  "required": true,
+                  "type": "password"
+                },
+                {
+                    "key": "provider_visibility",
+                    "options": [
+                      {
+                        "displayname": "private",
+                        "value": "private"
+                      },
+                      {
+                        "displayname": "public",
+                        "value": "public"
+                      },
+                      {
+                        "displayname": "public-and-private",
+                        "value": "public-and-private"
+                      }
+                    ]
+                },
+                {
+                  "key": "use_existing_resource_group"
+                },
+                {
+                  "key": "resource_group_name"
+                },
+                {
+                  "key": "prefix",
+                  "required": true
+                },
+                {
+                  "key": "region",
+                  "required": true,
+                  "default_value": "us-south",
+                  "options": [
+                    {
+                      "displayname": "Dallas (us-south)",
+                      "value": "us-south"
+                    }
+                  ]
+                },
+                {
+                    "key": "existing_kms_instance_crn",
+                    "required": true
+                },
+                {
+                    "key": "existing_cos_kms_key_crn"
+                },
+                {
+                  "key": "watsonx_ai_studio_plan",
+                  "default_value": "professional-v1",
+                  "options": [
+                    {
+                      "displayname": "Lite",
+                      "value": "free-v1"
+                    },
+                    {
+                      "displayname": "Professional",
+                      "value": "professional-v1"
+                    }
+                  ]
+                },
+                {
+                  "key": "watsonx_ai_studio_instance_name"
+                },
+                {
+                  "key": "watsonx_ai_runtime_instance_name"
+                },
+                {
+                    "key": "watsonx_ai_runtime_plan",
+                    "default_value": "v2-professional",
+                    "options": [
+                      {
+                        "displayname": "Lite",
+                        "value": "lite"
+                      },
+                      {
+                        "displayname": "Essentials",
+                        "value": "v2-professional"
+                      },
+                      {
+                        "displayname": "Standard",
+                        "value": "v2-standard"
+                      }
+                    ]
+                },
+                {
+                  "key": "watsonx_ai_runtime_service_endpoints",
+                  "default_value": "public-and-private",
+                  "options": [
+                    {
+                      "displayname": "Public Network",
+                      "value": "public"
+                    },
+                    {
+                      "displayname": "Private Network",
+                      "value": "private"
+                    },
+                    {
+                      "displayname": "Both Public & Private Network",
+                      "value": "public-and-private"
+                    }
+                  ]
+                }
+              ]
+          }
+        ]
+      }
+    ]
+  }
@@ -40,20 +40,20 @@ resource "ibm_resource_instance" "watsonx_ai_studio_instance" {
 # ****************************
 
 locals {
-  watsonx_ai_runtime_crn           = var.existing_ai_runtime_instance_crn != null ? data.ibm_resource_instance.existing_watsonx_ai_runtime_instance[0].crn : resource.ibm_resource_instance.watsonx_ai_runtime_instance[0].crn
-  watsonx_ai_runtime_guid          = var.existing_ai_runtime_instance_crn != null ? data.ibm_resource_instance.existing_watsonx_ai_runtime_instance[0].guid : resource.ibm_resource_instance.watsonx_ai_runtime_instance[0].guid
-  watsonx_ai_runtime_name          = var.existing_ai_runtime_instance_crn != null ? data.ibm_resource_instance.existing_watsonx_ai_runtime_instance[0].resource_name : resource.ibm_resource_instance.watsonx_ai_runtime_instance[0].resource_name
-  watsonx_ai_runtime_plan_id       = var.existing_ai_runtime_instance_crn != null ? null : resource.ibm_resource_instance.watsonx_ai_runtime_instance[0].resource_plan_id
-  watsonx_ai_runtime_dashboard_url = var.existing_ai_runtime_instance_crn != null ? null : resource.ibm_resource_instance.watsonx_ai_runtime_instance[0].dashboard_url
+  watsonx_ai_runtime_crn           = var.existing_watsonx_ai_runtime_instance_crn != null ? data.ibm_resource_instance.existing_watsonx_ai_runtime_instance[0].crn : resource.ibm_resource_instance.watsonx_ai_runtime_instance[0].crn
+  watsonx_ai_runtime_guid          = var.existing_watsonx_ai_runtime_instance_crn != null ? data.ibm_resource_instance.existing_watsonx_ai_runtime_instance[0].guid : resource.ibm_resource_instance.watsonx_ai_runtime_instance[0].guid
+  watsonx_ai_runtime_name          = var.existing_watsonx_ai_runtime_instance_crn != null ? data.ibm_resource_instance.existing_watsonx_ai_runtime_instance[0].resource_name : resource.ibm_resource_instance.watsonx_ai_runtime_instance[0].resource_name
+  watsonx_ai_runtime_plan_id       = var.existing_watsonx_ai_runtime_instance_crn != null ? null : resource.ibm_resource_instance.watsonx_ai_runtime_instance[0].resource_plan_id
+  watsonx_ai_runtime_dashboard_url = var.existing_watsonx_ai_runtime_instance_crn != null ? null : resource.ibm_resource_instance.watsonx_ai_runtime_instance[0].dashboard_url
 }
 
 data "ibm_resource_instance" "existing_watsonx_ai_runtime_instance" {
-  count      = var.existing_ai_runtime_instance_crn != null ? 1 : 0
-  identifier = var.existing_ai_runtime_instance_crn
+  count      = var.existing_watsonx_ai_runtime_instance_crn != null ? 1 : 0
+  identifier = var.existing_watsonx_ai_runtime_instance_crn
 }
 
 resource "ibm_resource_instance" "watsonx_ai_runtime_instance" {
-  count             = var.existing_ai_runtime_instance_crn != null ? 0 : 1
+  count             = var.existing_watsonx_ai_runtime_instance_crn != null ? 0 : 1
   name              = var.prefix != null ? "${var.prefix}-${var.watsonx_ai_runtime_instance_name}" : var.watsonx_ai_runtime_instance_name
   service           = "pm-20"
   plan              = var.watsonx_ai_runtime_plan
@@ -108,7 +108,7 @@ module "configure_project" {
   source                    = "./modules/configure_project"
   depends_on                = [module.storage_delegation]
   count                     = var.create_watsonx_ai_project ? 1 : 0
-  project_name              = "${var.prefix}-${var.project_name}"
+  project_name              = var.prefix != null ? "${var.prefix}-${var.project_name}" : var.project_name
   project_description       = var.project_description
   project_tags              = var.project_tags
   mark_as_sensitive         = var.mark_as_sensitive

@@ -1,4 +1,18 @@
 {
   "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": ["github>terraform-ibm-modules/common-dev-assets:commonRenovateConfig"]
+  "extends": ["github>terraform-ibm-modules/common-dev-assets:commonRenovateConfig"],
+  "packageRules": [
+    {
+      "description": "Allow the locked in provider version to be updated to the latest for deployable architectures",
+      "enabled": true,
+      "matchFileNames": ["solutions/**"],
+      "matchManagers": ["terraform"],
+      "matchDepTypes": ["required_provider"],
+      "rangeStrategy": "bump",
+      "semanticCommitType": "fix",
+      "group": true,
+      "groupName": "required_provider",
+      "commitMessageExtra": "to latest for the deployable architecture solution"
+    }
+  ]
 }
@@ -0,0 +1,15 @@
+# IBM watsonx.ai deployable architecture
+
+This deployable architecture supports provisioning the following resources:
+
+- A new resource group if one is not passed in.
+- A watsonx.ai Studio instance.
+- A watsonx.ai Runtime instance.
+- A Cloud Object Storage instance.
+- A new key-ring and key in the KMS(Key Protect) instance, if an existing key is not provided.
+- Configure the watsonx profile for IBM Cloud user.
+- Create a KMS encryption enabled IBM watsonx.ai project.
+
+![watsonx-ai-deployable-architecture](../../reference-architecture/watsonx-ai-da.svg)
+
+:exclamation: **Important:** This solution is not intended to be called by other modules because it contains a provider configuration and is not compatible with the `for_each`, `count`, and `depends_on` arguments. For more information, see [Providers Within Modules](https://developer.hashicorp.com/terraform/language/modules/develop/providers).
@@ -0,0 +1,6 @@
+{
+  "ibmcloud_api_key": $VALIDATION_APIKEY,
+  "region": "us-south",
+  "resource_tags": $TAGS,
+  "resource_group_name": $PREFIX
+}