feat(confidential-compute-sgx): SGX / TDX support for confidential co…

…mpute mode and secure boot enablement
ibm-vpc · Jun 12, 2024 · bf19ea4 · bf19ea4
1 parent 9359e9e
commit bf19ea4
Show file tree

Hide file tree

Showing 43 changed files with 4,012 additions and 795 deletions.
diff --git a/examples/ibm-is-ng/main.tf b/examples/ibm-is-ng/main.tf
@@ -199,8 +199,9 @@ resource "ibm_is_vpn_gateway" "VPNGateway1" {
   subnet = ibm_is_subnet.subnet1.id
 }
 
-resource "ibm_is_vpn_gateway_connection" "VPNGatewayConnection1" {
-  name          = "vpnconn1"
+// Deprecated: peer_address, local_cidrs, peer_cidrs
+resource "ibm_is_vpn_gateway_connection" "VPNGatewayConnection1_deprecated" {
+  name          = "vpnconn1-deprecated"
   vpn_gateway   = ibm_is_vpn_gateway.VPNGateway1.id
   peer_address  = ibm_is_vpn_gateway.VPNGateway1.public_ip_address
   preshared_key = "VPNDemoPassword"
@@ -209,6 +210,21 @@ resource "ibm_is_vpn_gateway_connection" "VPNGatewayConnection1" {
   ipsec_policy  = ibm_is_ipsec_policy.example.id
 }
 
+resource "ibm_is_vpn_gateway_connection" "VPNGatewayConnection1" {
+  name          = "vpnconn1"
+  vpn_gateway   = ibm_is_vpn_gateway.VPNGateway1.id
+  peer_address  = ibm_is_vpn_gateway.VPNGateway1.public_ip_address
+  preshared_key = "VPNDemoPassword"
+  peer {
+    address    = ibm_is_vpn_gateway.testacc_VPNGateway1.public_ip_address != "0.0.0.0" ? ibm_is_vpn_gateway.testacc_VPNGateway1.public_ip_address : ibm_is_vpn_gateway.testacc_VPNGateway1.public_ip_address2
+    peer_cidrs = [ibm_is_subnet.subnet2.ipv4_cidr_block]
+  }
+  local {
+    cidrs = [ibm_is_subnet.subnet1.ipv4_cidr_block]
+  }
+  ipsec_policy = ibm_is_ipsec_policy.example.id
+}
+
 resource "ibm_is_ssh_key" "sshkey" {
   name       = "ssh1"
   public_key = file(var.ssh_public_key)
@@ -1592,7 +1608,7 @@ resource "ibm_is_reservation" "example" {
     term = "one_year"
   }
   profile {
-    name = "ba2-2x8"
+    name          = "ba2-2x8"
     resource_type = "instance_profile"
   }
   zone = "us-east-3"

diff --git a/examples/ibm-is-ng/provider.tf b/examples/ibm-is-ng/provider.tf
@@ -3,7 +3,7 @@ variable "ibmcloud_api_key" {
 }
 
 provider "ibm" {
-  ibmcloud_api_key      = var.ibmcloud_api_key
-  region                = "us-south"
+  ibmcloud_api_key = var.ibmcloud_api_key
+  region           = "us-south"
 }
 
diff --git a/go.mod b/go.mod
@@ -32,7 +32,7 @@ require (
 	github.com/IBM/schematics-go-sdk v0.2.3
 	github.com/IBM/secrets-manager-go-sdk/v2 v2.0.4
 	github.com/IBM/vpc-beta-go-sdk v0.6.0
-	github.com/IBM/vpc-go-sdk v0.50.0
+	github.com/IBM/vpc-go-sdk v0.52.0
 	github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5
 	github.com/akamai/AkamaiOPEN-edgegrid-golang v1.2.2
 	github.com/akamai/AkamaiOPEN-edgegrid-golang/v5 v5.0.0
@@ -77,7 +77,6 @@ require (
 require (
 	cloud.google.com/go/kms v1.10.1 // indirect
 	cloud.google.com/go/monitoring v1.13.0 // indirect
-	github.com/Bowery/prompt v0.0.0-20190916142128-fa8279994f75 // indirect
 	github.com/Logicalis/asn1 v0.0.0-20190312173541-d60463189a56 // indirect
 	github.com/PromonLogicalis/asn1 v0.0.0-20190312173541-d60463189a56 // indirect
 	github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 // indirect
@@ -96,7 +95,6 @@ require (
 	github.com/coreos/pkg v0.0.0-20220810130054-c7d1c02cb6cf // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a // indirect
-	github.com/dchest/safefile v0.0.0-20151022103144-855e8d98f185 // indirect
 	github.com/dgrijalva/jwt-go v3.2.0+incompatible // indirect
 	github.com/eapache/go-resiliency v1.4.0 // indirect
 	github.com/eapache/go-xerial-snappy v0.0.0-20230731223053-c322873962e3 // indirect
@@ -129,7 +127,6 @@ require (
 	github.com/google/gnostic v0.6.9 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-checkpoint v0.5.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
@@ -170,7 +167,6 @@ require (
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/kardianos/govendor v1.0.9 // indirect
 	github.com/klauspost/compress v1.16.7 // indirect
 	github.com/kube-object-storage/lib-bucket-provisioner v0.0.0-20221122204822-d1a8c34382f1 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
@@ -182,8 +178,6 @@ require (
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.0 // indirect
-	github.com/mitchellh/gox v1.0.1 // indirect
-	github.com/mitchellh/iochan v1.0.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
 	github.com/moby/spdystream v0.2.0 // indirect
@@ -224,9 +218,6 @@ require (
 	golang.org/x/term v0.19.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
-	golang.org/x/tools v0.16.1 // indirect
-	golang.org/x/tools/cmd/cover v0.1.0-deprecated // indirect
-	golang.org/x/tools/go/vcs v0.1.0-deprecated // indirect
 	gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 // indirect
@@ -250,7 +241,6 @@ replace github.com/dgrijalva/jwt-go v3.2.0+incompatible => github.com/golang-jwt
 // add sdk changes.
 replace github.com/portworx/sched-ops v0.0.0-20200831185134-3e8010dc7056 => github.com/portworx/sched-ops v0.20.4-openstorage-rc3 // required by rook v1.7
 
-
 exclude (
 	github.com/kubernetes-incubator/external-storage v0.20.4-openstorage-rc2
 	k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible