From 91fdd1d420c1e0925dacadd31eae0da40c6705e5 Mon Sep 17 00:00:00 2001
From: Janis Hahn <janis.hahn@stackit.cloud>
Date: Tue, 15 Jul 2025 20:54:48 +0200
Subject: [PATCH] sna + projects

---
 example/main.tf      | 41 ++++++++++++++++++++++++-----------------
 example/test.tfvars  | 32 +++++++++++++++++++++++++++++---
 example/variables.tf | 39 ++++++++++++++++++++++++++++++---------
 project/main.tf      | 33 +++++----------------------------
 project/outputs.tf   |  4 ++++
 project/sna.tf       | 27 ---------------------------
 project/variables.tf | 10 ++++++++--
 ske/main.tf          |  1 -
 ske/variables.tf     |  7 -------
 9 files changed, 100 insertions(+), 94 deletions(-)
 create mode 100644 project/outputs.tf
 delete mode 100644 project/sna.tf

diff --git a/example/main.tf b/example/main.tf
index 1316f62..68ee7bb 100644
--- a/example/main.tf
+++ b/example/main.tf
@@ -1,14 +1,32 @@
-module "stackit_ske_cluster" {
-  source = "../ske" # Pfad zu deinem Modul-Ordner
+resource "stackit_network_area" "project_sna" {
+  organization_id  = var.organization_id
+  name             = var.SNA_name
+  network_ranges   = var.SNA_network_ranges
+  transfer_network = var.SNA_transfer_network
+}
 
-  # Erforderliche Variablen
-  project_id = var.project_id
+module "projects" {
+  source = "../project"
+
+  projects        = var.Projects_map
+  organization_id = var.organization_id
+  sna_id          = stackit_network_area.project_sna.network_area_id
+}
+
+locals {
+  project_ids = { for k, v in module.projects.created_projects : k => v.project_id }
+}
+
+module "stackit_ske_cluster" {
+  source = "../ske" 
+
+  # required variables
+  project_id = local.project_ids[var.ske_target_project_key]
   name       = var.name
   node_pools = var.node_pools
 
-  # Optionale Variablen
+  # optional variables
   kubernetes_version_min      = var.kubernetes_version_min
-  allow_privileged_containers = var.allow_privileged_containers
   hibernations                = var.hibernations
   maintenance                 = var.maintenance
   extensions                  = var.extensions
@@ -16,14 +34,3 @@ module "stackit_ske_cluster" {
   default_region              = var.default_region
 }
 
-/*
-module "stackit_ske_cluster" {
-  source = "../ske"
-
-  project_id               = var.project_id
-  name                     = var.name
-  kubernetes_version_min   = var.kubernetes_version_min
-  node_pools               = var.node_pools
-  hibernations             = var.hibernations
-}
-*/
\ No newline at end of file
diff --git a/example/test.tfvars b/example/test.tfvars
index da28541..93a2653 100644
--- a/example/test.tfvars
+++ b/example/test.tfvars
@@ -1,4 +1,29 @@
+# ------------------
 
+organization_id = "03a34540-3c1a-4794-b2c6-7111ecf824ef"
+
+Projects_map = {
+  "projekt-alpha" = {
+    name        = "tf_modules_test_1"
+    owner_email = "janis.hahn@stackit.cloud"
+  },
+  "projekt-beta" = {
+    name        = "tf_modules_test_2"
+    owner_email = "janis.hahn@stackit.cloud"
+  }
+}
+
+SNA_name = "sna-tf_modules_test"
+
+SNA_network_ranges = [
+  { prefix = "192.168.10.0/24" }
+]
+
+SNA_transfer_network = "172.16.0.0/24"
+
+name = "cluster"
+
+ske_target_project_key = "projekt-alpha" # projekt-alpha or projekt-beta ... or other from above to ensure scalability 
 
 node_pools = [
   {
@@ -21,9 +46,7 @@ node_pools = [
   }
 ]
 
-kubernetes_version_min = "1.29"
-
-allow_privileged_containers = false
+kubernetes_version_min = "1.32.5"
 
 hibernations = [
    {
@@ -55,3 +78,6 @@ extensions = {
   }
 }
 
+network = {
+  id = "bae113a7-cc47-4b1e-8abd-3cdacdd53f28"
+}
diff --git a/example/variables.tf b/example/variables.tf
index 65fc872..2e45481 100644
--- a/example/variables.tf
+++ b/example/variables.tf
@@ -1,9 +1,10 @@
-variable "project_id" {
-  description = "STACKIT Cloud project ID"
+# SNA & Projects variables
+variable "organization_id" {
+  description = "Die Container-ID deiner STACKIT Organisation."
   type        = string
-  default     = "6f9528aa-27c8-4e97-a0f7-51bbf3be417c"
 }
 
+variable "ske_target_project_key" { type = string }
 variable "service_account_key_path" {
   type        = string
   default = "/home/hahnjan/.stackit/sa.json"
@@ -14,6 +15,32 @@ variable "default_region" {
   default = "eu01"
 }
 
+variable "SNA_name" {
+  description = "Name der zu erstellenden Service Network Area."
+  type        = string
+}
+
+variable "SNA_network_ranges" {
+  description = "Liste der Netzwerk-CIDRs für die SNA."
+  type        = list(object({ prefix = string }))
+}
+
+variable "SNA_transfer_network" {
+  description = "Das Transfer-Netzwerk für die SNA (z.B. 172.16.9.0/24)."
+  type        = string
+}
+
+variable "Projects_map" {
+  description = "Eine Map von Projekten, die erstellt werden sollen."
+  type = map(object({
+    name        = string
+    owner_email = string
+  }))
+}
+
+
+# SKE variables
+
 variable "name" {
   description = "Ein Präfix für den Namen des SKE-Clusters."
   type        = string
@@ -51,12 +78,6 @@ variable "kubernetes_version_min" {
   default     = null
 }
 
-variable "allow_privileged_containers" {
-  description = "Flag to specify if privileged mode for containers is enabled or not."
-  type        = bool
-  default     = null
-}
-
 variable "hibernations" {
   description = "A list of hibernation schedules for the cluster."
   type = list(object({
diff --git a/project/main.tf b/project/main.tf
index 58176f0..b975d4d 100644
--- a/project/main.tf
+++ b/project/main.tf
@@ -1,34 +1,11 @@
-variable "projects" {
-  type = map(object({
-    name        = string
-    owner_email = string
-  }))
-  default = {
-    project1 = {
-      name        = "project-alpha"
-      owner_email = "michael.sodan@stackit.cloud"
-    }
-    project2 = {
-      name        = "project-beta"
-      owner_email = "michael.sodan@stackit.cloud"
-    }
-  }
-}
+resource "stackit_resourcemanager_project" "project" {
+  for_each = var.projects
 
-resource "stackit_resourcemanager_project" "projects" {
-  for_each            = var.projects
-  parent_container_id = var.organization_id # Nutzt jetzt die übergebene Variable
+  parent_container_id = var.organization_id
   name                = each.value.name
   owner_email         = each.value.owner_email
-  # labels = { ... } # Vorerst entfernt, da stackit_network_area nicht definiert war
-}
 
-output "project_info" {
-  value = {
-    for k, project in stackit_resourcemanager_project.projects : k => {
-      project_id   = project.project_id
-      container_id = project.container_id
-    }
+  labels = {
+    "networkArea" = var.sna_id
   }
 }
-
diff --git a/project/outputs.tf b/project/outputs.tf
new file mode 100644
index 0000000..6aac267
--- /dev/null
+++ b/project/outputs.tf
@@ -0,0 +1,4 @@
+output "created_projects" {
+  description = "Eine Map aller erstellten STACKIT Projekte."
+  value       = stackit_resourcemanager_project.project
+}
\ No newline at end of file
diff --git a/project/sna.tf b/project/sna.tf
deleted file mode 100644
index 711c80d..0000000
--- a/project/sna.tf
+++ /dev/null
@@ -1,27 +0,0 @@
-/* resource "time_sleep" "wait_before_destroy" {
-  destroy_duration = "60s"
-}
-*/
-
-resource "stackit_network_area" "sna" {
-  organization_id = var.organization_id
-  name            = "bego_sna"
-  network_ranges = [
-    {
-      prefix = "10.220.0.0/16"
-    }
-  ]
-  transfer_network = "var.sna_net"
-  //depends_on = [time_sleep.wait_before_destroy]
-}
-
-/* resource "stackit_network_area_route" "sna_route1" {
-  organization_id = var.organization_id
-  network_area_id = stackit_network_area.sna.network_area_id
-  prefix          = "10.220.99.0/24"
-  next_hop        = "10.220.0.0"
-  labels = {
-    "key" = "value"
-  }
-}
-*/
diff --git a/project/variables.tf b/project/variables.tf
index 6a8400f..6ff8c04 100644
--- a/project/variables.tf
+++ b/project/variables.tf
@@ -2,9 +2,15 @@ variable "organization_id" {
   description = "Empfängt die Container-ID der Organisation vom Root-Modul."
   type        = string
 }
+variable "projects" {
+  type = map(object({
+    name        = string
+    owner_email = string
+  }))
+}
 
-variable "sna_net" {
-  description = "SNA Transfer Network"
+variable "sna_id" {
+  description = "Empfängt die ID der Network Area vom Root-Modul."
   type        = string
 }
 
diff --git a/ske/main.tf b/ske/main.tf
index db7d8ed..1cda6b9 100644
--- a/ske/main.tf
+++ b/ske/main.tf
@@ -3,7 +3,6 @@ resource "stackit_ske_cluster" "this" {
   name       = var.name
   node_pools = var.node_pools
   kubernetes_version_min      = var.kubernetes_version_min
-  allow_privileged_containers = var.allow_privileged_containers
   hibernations                = var.hibernations
   maintenance                 = var.maintenance
   extensions                  = var.extensions
diff --git a/ske/variables.tf b/ske/variables.tf
index dd9aa96..2f70fc6 100644
--- a/ske/variables.tf
+++ b/ske/variables.tf
@@ -40,12 +40,6 @@ variable "kubernetes_version_min" {
   default     = null
 }
 
-variable "allow_privileged_containers" {
-  description = "Flag to specify if privileged mode for containers is enabled or not."
-  type        = bool
-  default     = null
-}
-
 variable "hibernations" {
   description = "A list of hibernation schedules for the cluster."
   type = list(object({
@@ -66,7 +60,6 @@ variable "maintenance" {
   })
   default = null
 }
-
 variable "extensions" {
   description = "A single extensions block."
   type = object({