Adding cluster shield

[ctolon22]

Description

Including Cluster Shield:

• When enabled Cluster Shield replaces KSPM-Collector and Cluster Scanner
• Cluster Shield also enables Admission Controller (for collecting Kubernetes events)
• Cluster Shield is disabled by default

Release required?

• No release
• Patch release (x.x.X)
• [X ] Minor release (x.X.x)
• Major release (X.x.x)

Release notes content

Run the pipeline

If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.

Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:

/run pipeline

Checklist for reviewers

• If relevant, a test for the change is included or updated with this PR.
• If relevant, documentation for the change is included or updated with this PR.

For mergers

• Use a conventional commit message to set the release level. Follow the guidelines.
• Include information that users need to know about the PR in the commit message. The commit message becomes part of the GitHub release notes.
• Use the Squash and merge option.

[ocofaigh]

see comments

[ocofaigh]

@ctolon22 sorry about the delay - PR looks good. Can you rebase it with main branch before I trigger pipeline please?

[ocofaigh]

/run pipeline

[ocofaigh]

/run pipeline

[ocofaigh]

Failed with:

2024/12/06 10:48:26 Terraform apply |       "Result": {
 2024/12/06 10:48:26 Terraform apply |           "details": "{\"status_code\":500,\"name\":\"InternalServerError\",\"message\":{\"message\":\"Internal Server Error: An internal error occurred and your request could not be processed: If this problem persists, please contact IBM Cloud Key Protect\",\"name\":\"InternalServerError\",\"status_code\":500,\"transaction_id\":\"\"},\"description\":\"Internal Server Error: An internal error occurred and your request could not be processed: If this problem persists, please contact IBM Cloud Key Protect\"}",
 2024/12/06 10:48:26 Terraform apply |           "error_code": "RC-ServiceBrokerErrorResponse",
 2024/12/06 10:48:26 Terraform apply |           "message": "Please contact the Service Provider for this error. [500, Internal Server Error] Internal Server Error: An internal error occurred and your request could not be processed: If this problem persists, please contact IBM Cloud Key Protect",
 2024/12/06 10:48:26 Terraform apply |           "status_code": 502,
 2024/12/06 10:48:26 Terraform apply |           "transaction_id": "626c-43d5af5fba313105"
 2024/12/06 10:48:26 Terraform apply |       },
 2024/12/06 10:48:26 Terraform apply |       "RawResult": null

Unrelated to changes in this PR, so will retry

[ocofaigh]

/run pipeline

[ocofaigh]

/run pipeline

[ocofaigh]

The upgrade test is failing because we updated the name in the basic example:

Actions: [delete create]
        	            	DIFF:
        	            	  Before: 
        	            		{"id":"scc-wp-a-basic-upg-nafk9q-scc-wp-agent","metadata":"SECURE_VALUE_HIDDEN_HASH:-2b3aad35444fb54e4edcff8c1db1452ed995dd6c245223d9ce1dc26f","name":"scc-wp-a-basic-upg-nafk9q-scc-wp-agent","set":"SECURE_VALUE_HIDDEN_HASH:-274e0257d6c229029042f3fa43e35b0a628c34e3477cad2fc9386902"}
        	            	  After: 
        	            		{"name":"scc-wp-a-basic-upg-nafk9q","set":"SECURE_VALUE_HIDDEN_HASH:-4a9214e2d4c066370d13ff0a982c9cae9fb6c5652d75d3761a36c763"}

That name is the name of the helm release, so hence by doing that it wants to do a helm delete and a new helm install using the new name. This is expected due to the change we made, so we need to skip the upgrade test.

[ocofaigh]

/run pipeline

[ocofaigh]

The pipeline passed - but I’m just thinking do we want to expose cluster_shield_deploy in the DA too? Since the DA is in the same repo now it should probably be added as part of this PR too..
DA code is in solutions/standard. Also when adding new variables, they need to go into ibm_catalog.json too so they can be ordered in a specific order

[ocofaigh]

/run pipeline