You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
| <aname="input_cc_kp_resource_group"></a> [cc\_kp\_resource\_group](#input\_cc\_kp\_resource\_group)| The resource group containing the Key Protect instance for your secrets. |`string`|`""`| no |
121
125
| <aname="input_cc_link_to_doi_toolchain"></a> [cc\_link\_to\_doi\_toolchain](#input\_cc\_link\_to\_doi\_toolchain)| Enable a link to a DevOps Insights instance in another toolchain, true or false. |`bool`|`true`| no |
122
126
| <aname="input_cc_opt_in_auto_close"></a> [cc\_opt\_in\_auto\_close](#input\_cc\_opt\_in\_auto\_close)| Enables auto-closing of issues coming from vulnerabilities, once the vulnerability is no longer detected by the CC pipeline run. |`string`|`"1"`| no |
127
+
| <aname="input_cc_opt_in_cra_auto_remediation"></a> [cc\_opt\_in\_cra\_auto\_remediation](#input\_cc\_opt\_in\_cra\_auto\_remediation)| Enables auto-remediation for your pipeline. Set to `true` to enable. |`bool`|`false`| no |
128
+
| <aname="input_cc_opt_in_cra_auto_remediation_enabled_repos"></a> [cc\_opt\_in\_cra\_auto\_remediation\_enabled\_repos](#input\_cc\_opt\_in\_cra\_auto\_remediation\_enabled\_repos)| Specifies specific repos where you want to enable auto-remediation. |`string`|`""`| no |
129
+
| <aname="input_cc_opt_in_cra_auto_remediation_force"></a> [cc\_opt\_in\_cra\_auto\_remediation\_force](#input\_cc\_opt\_in\_cra\_auto\_remediation\_force)| Forces a major package update as part of the pull request that is opened. |`bool`|`false`| no |
123
130
| <aname="input_cc_opt_in_dynamic_api_scan"></a> [cc\_opt\_in\_dynamic\_api\_scan](#input\_cc\_opt\_in\_dynamic\_api\_scan)| To enable the OWASP Zap API scan. '1' enable or '0' disable. |`string`|`""`| no |
124
131
| <aname="input_cc_opt_in_dynamic_scan"></a> [cc\_opt\_in\_dynamic\_scan](#input\_cc\_opt\_in\_dynamic\_scan)| To enable the OWASP Zap scan. '1' enable or '0' disable. |`string`|`""`| no |
125
132
| <aname="input_cc_opt_in_dynamic_ui_scan"></a> [cc\_opt\_in\_dynamic\_ui\_scan](#input\_cc\_opt\_in\_dynamic\_ui\_scan)| To enable the OWASP Zap UI scan. '1' enable or '0' disable. |`string`|`""`| no |
@@ -308,7 +315,7 @@ No resources.
308
315
| <aname="input_ci_cluster_region"></a> [ci\_cluster\_region](#input\_ci\_cluster\_region)| Region of the Kubernetes cluster where the application is deployed. Use the short form of the regions. For example `us-south`. |`string`|`""`| no |
309
316
| <aname="input_ci_cluster_resource_group"></a> [ci\_cluster\_resource\_group](#input\_ci\_cluster\_resource\_group)| The cluster resource group. |`string`|`""`| no |
310
317
| <aname="input_ci_code_engine_build_strategy"></a> [ci\_code\_engine\_build\_strategy](#input\_ci\_code\_engine\_build\_strategy)| The build strategy for the Code Engine entity. Default strategy is 'dockerfile'. Set as 'buildpacks' for 'buildpacks' build. |`string`|`""`| no |
311
-
| <aname="input_ci_code_engine_entity_type"></a> [ci\_code\_engine\_entity\_type](#input\_ci\_code\_engine\_entity\_type)| Type of Code Engine entity to create/update as part of deployment. Default type is 'application'. Set as 'job' for 'job' type. |`string`|`""`| no |
318
+
| <aname="input_ci_code_engine_entity_type"></a> [ci\_code\_engine\_entity\_type](#input\_ci\_code\_engine\_entity\_type)|Deprecated: See Code Engine variant and `ci_code_engine_deployment_type`. Type of Code Engine entity to create/update as part of deployment. Default type is 'application'. Set as 'job' for 'job' type. |`string`|`""`| no |
312
319
| <aname="input_ci_code_engine_project"></a> [ci\_code\_engine\_project](#input\_ci\_code\_engine\_project)| The name of the Code Engine project to use (or create). |`string`|`"DevSecOps_CE"`| no |
313
320
| <aname="input_ci_code_engine_region"></a> [ci\_code\_engine\_region](#input\_ci\_code\_engine\_region)| The region to create/lookup for the Code Engine project. |`string`|`"ibm:yp:us-south"`| no |
314
321
| <aname="input_ci_code_engine_resource_group"></a> [ci\_code\_engine\_resource\_group](#input\_ci\_code\_engine\_resource\_group)| The resource group of the Code Engine project. |`string`|`"Default"`| no |
@@ -417,7 +424,7 @@ No resources.
417
424
| <aname="input_ci_trigger_timed_pruner_name"></a> [ci\_trigger\_timed\_pruner\_name](#input\_ci\_trigger\_timed\_pruner\_name)| The name of the timed Pruner trigger. |`string`|`"Evidence Pruner Timed Trigger"`| no |
418
425
| <aname="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name)| Name of the Kubernetes cluster where the application is deployed. This sets the same cluster for both CI and CD toolchains. See `ci_cluster_name` and `cd_cluster_name` to set different clusters. By default , the cluster namespace for CI will be set to `dev` and CD to `prod`. These can be changed using `ci_cluster_namespace` and `cd_cluster_namespace`. |`string`|`"mycluster-free"`| no |
419
426
| <aname="input_compliance_base_image"></a> [compliance\_base\_image](#input\_compliance\_base\_image)| Pipeline baseimage to run most of the built-in pipeline code. |`string`|`""`| no |
420
-
| <aname="input_compliance_pipeline_branch"></a> [compliance\_pipeline\_branch](#input\_compliance\_pipeline\_branch)| The Compliance Pipeline branch. |`string`|`"open-v9"`| no |
427
+
| <aname="input_compliance_pipeline_branch"></a> [compliance\_pipeline\_branch](#input\_compliance\_pipeline\_branch)| The Compliance Pipeline branch. |`string`|`"open-v10"`| no |
421
428
| <aname="input_cos_api_key_secret_name"></a> [cos\_api\_key\_secret\_name](#input\_cos\_api\_key\_secret\_name)| To enable the use of COS, a secret name to a COS API key secret in the secret provider is required. In addition `cos_endpoint` and `cos_bucket_name` must be set. This setting sets the same API key for the COS settings in the CI, CD, and CC toolchains. See `ci_cos_api_key_secret_name`, `cd_cos_api_key_secret_name`, and `cc_cos_api_key_secret_name` to set separately. |`string`|`"cos-api-key"`| no |
422
429
| <aname="input_cos_bucket_name"></a> [cos\_bucket\_name](#input\_cos\_bucket\_name)| Set the name of your COS bucket. This applies the same COS bucket name for the CI, CD, and CC toolchains. See `ci_cos_bucket_name`, `cd_cos_bucket_name`, and `cc_cos_bucket_name` to set separately. |`string`|`""`| no |
423
430
| <aname="input_cos_endpoint"></a> [cos\_endpoint](#input\_cos\_endpoint)| Set the Cloud Object Storage endpoint for accessing your COS bucket. This setting sets the same endpoint for COS in the CI, CD, and CC toolchains. See `ci_cos_endpoint`, `cd_cos_endpoint`, and `cc_cos_endpoint` to set the endpoints separately. |`string`|`""`| no |
@@ -455,15 +462,15 @@ No resources.
455
462
| <aname="input_kp_location"></a> [kp\_location](#input\_kp\_location)| The region location of the Key Protect instance. This applies to the CI, CD and CC Key Protect integrations. See `ci_kp_location`, `cd_kp_location`, and `cc_kp_location` to set separately. |`string`|`"us-south"`| no |
456
463
| <aname="input_kp_name"></a> [kp\_name](#input\_kp\_name)| Name of the Key Protect instance where the secrets are stored. This applies to the CI, CD and CC Key Protect integrations. See `ci_kp_name`, `cd_kp_name`, and `cc_kp_name` to set separately. |`string`|`"kp-compliance-secrets"`| no |
457
464
| <aname="input_kp_resource_group"></a> [kp\_resource\_group](#input\_kp\_resource\_group)| The resource group containing the Key Protect instance. This applies to the CI, CD and CC Key Protect integrations. See `ci_kp_resource_group`, `cd_kp_resource_group`, and `cc_kp_resource_group` to set separately. |`string`|`"Default"`| no |
458
-
| <aname="input_peer_review_compliance"></a> [peer\_review\_compliance](#input\_peer\_review\_compliance)| Set to `0` to disable. Set to `1` to enable peer review evidence collection. This parameter will apply to the CI, CD and CC pipelines. Can be set individually with `ci_peer_review_compliance`, `cd_peer_review_compliance`, `cc_peer_review_compliance`. |`string`|`""`| no |
465
+
| <aname="input_peer_review_compliance"></a> [peer\_review\_compliance](#input\_peer\_review\_compliance)| Set to `0` to disable. Set to `1` to enable peer review evidence collection. This parameter will apply to the CI, CD and CC pipelines. Can be set individually with `ci_peer_review_compliance`, `cd_peer_review_compliance`, `cc_peer_review_compliance`. |`string`|`"1"`| no |
459
466
| <aname="input_registry_namespace"></a> [registry\_namespace](#input\_registry\_namespace)| A unique namespace within the IBM Cloud Container Registry region where the application image is stored. |`string`|`""`| no |
460
467
| <aname="input_repo_git_token_secret_name"></a> [repo\_git\_token\_secret\_name](#input\_repo\_git\_token\_secret\_name)| Name of the Git token secret in the secret provider. Specifying a secret name for the Git Token automatically sets the authentication type to `pat`. |`string`|`""`| no |
461
468
| <aname="input_repo_group"></a> [repo\_group](#input\_repo\_group)| Specify Git user or group for your application. This must be set if the repository authentication type is `pat` (personal access token). |`string`|`""`| no |
462
469
| <aname="input_repo_secret_group"></a> [repo\_secret\_group](#input\_repo\_secret\_group)| Secret group in Secrets Manager that contains the secret for the repo. This variable will set the same secret group for all the repositories. Can be overriden on a per secret group basis. Only applies when using Secrets Manager. |`string`|`""`| no |
463
470
| <aname="input_repositories_prefix"></a> [repositories\_prefix](#input\_repositories\_prefix)| Prefix name for the cloned compliance repos. |`string`|`"compliance"`| no |
464
471
| <aname="input_scc_attachment_id"></a> [scc\_attachment\_id](#input\_scc\_attachment\_id)| An attachment ID. An attachment is configured under a profile to define how a scan will be run. To find the attachment ID, in the browser, in the attachments list, click on the attachment link, and a panel appears with a button to copy the attachment ID. This parameter is only relevant when the `scc_use_profile_attachment` parameter is enabled. |`string`|`""`| no |
465
472
| <aname="input_scc_instance_crn"></a> [scc\_instance\_crn](#input\_scc\_instance\_crn)| The Security and Compliance Center service instance CRN (Cloud Resource Name). This parameter is only relevant when the `scc_use_profile_attachment` parameter is enabled. The value must match the regular expression. |`string`|`""`| no |
466
-
| <aname="input_scc_profile_name"></a> [scc\_profile\_name](#input\_scc\_profile\_name)| The name of a Security and Compliance Center profile. Use the `IBM Cloud for Financial Services` profile, which contains the DevSecOps Toolchain rules. Or use a user-authored customized profile that has been configured to contain those rules. This parameter is only relevant when the `scc_use_profile_attachment` parameter is enabled. |`string`|`""`| no |
473
+
| <aname="input_scc_profile_name"></a> [scc\_profile\_name](#input\_scc\_profile\_name)| The name of a Security and Compliance Center profile. Use the `IBM Cloud Framework for Financial Services` profile, which contains the DevSecOps Toolchain rules. Or use a user-authored customized profile that has been configured to contain those rules. This parameter is only relevant when the `scc_use_profile_attachment` parameter is enabled. |`string`|`""`| no |
467
474
| <aname="input_scc_profile_version"></a> [scc\_profile\_version](#input\_scc\_profile\_version)| The version of a Security and Compliance Center profile, in SemVer format, like `0.0.0`. This parameter is only relevant when the `scc_use_profile_attachment` parameter is enabled. |`string`|`""`| no |
468
475
| <aname="input_scc_scc_api_key_secret_group"></a> [scc\_scc\_api\_key\_secret\_group](#input\_scc\_scc\_api\_key\_secret\_group)| Secret group prefix for the Security and Compliance tool secret. Defaults to `sm_secret_group` if not set. Only used with `Secrets Manager`. |`string`|`""`| no |
469
476
| <aname="input_scc_scc_api_key_secret_name"></a> [scc\_scc\_api\_key\_secret\_name](#input\_scc\_scc\_api\_key\_secret\_name)| The Security and Compliance Center api-key secret in the secret provider. |`string`|`"scc-api-key"`| no |
0 commit comments