Release 0.1.5 (#8)

* Release 0.1.4

* doc: Updated Contributing

* doc: Updated License file

* doc: Updated Security File

* doc: Updated Readme with help and security

* doc: Cleaned up readme

* chore: modules names updated

* chore: release notes and version bump

---------

Signed-off-by: Andre Correa <[email protected]>
Co-authored-by: Josh Hammer <[email protected]>

Author: andrecorreaneto

CONTRIBUTING.md

@@ -0,0 +1,55 @@
+# Contributing to this repository
+
+We welcome your contributions! There are multiple ways to contribute.
+
+## Opening issues
+
+For bugs or enhancement requests, please file a GitHub issue unless it's
+security related. When filing a bug remember that the better written the bug is,
+the more likely it is to be fixed. If you think you've found a security
+vulnerability, do not raise a GitHub issue and follow the instructions in our
+[security policy](./SECURITY.md).
+
+## Contributing code
+
+We welcome your code contributions. Before submitting code via a pull request,
+you will need to have signed the [Oracle Contributor Agreement][OCA] (OCA) and
+your commits need to include the following line using the name and e-mail
+address you used to sign the OCA:
+
+```text
+Signed-off-by: Your Name <[email protected]>
+```
+
+This can be automatically added to pull requests by committing with `--sign-off`
+or `-s`, e.g.
+
+```text
+git commit --signoff
+```
+
+Only pull requests from committers that can be verified as having signed the OCA
+can be accepted.
+
+## Pull request process
+
+1. Ensure there is an issue created to track and discuss the fix or enhancement
+   you intend to submit.
+1. Fork this repository.
+1. Create a branch in your fork to implement the changes. We recommend using
+   the issue number as part of your branch name, e.g. `1234-fixes`.
+1. Ensure that any documentation is updated with the changes that are required
+   by your change.
+1. Ensure that any samples are updated if the base image has been changed.
+1. Submit the pull request. *Do not leave the pull request blank*. Explain exactly
+   what your changes are meant to do and provide simple steps on how to validate.
+   your changes. Ensure that you reference the issue you created as well.
+1. We will assign the pull request to 2-3 people for review before it is merged.
+
+## Code of conduct
+
+Follow the [Golden Rule](https://en.wikipedia.org/wiki/Golden_Rule). If you'd
+like more specific guidelines, see the [Contributor Covenant Code of Conduct][COC].
+
+[OCA]: https://oca.opensource.oracle.com
+[COC]: https://www.contributor-covenant.org/version/1/4/code-of-conduct/

LICENSE.txt

@@ -0,0 +1,35 @@
+Copyright (c) 2023 Oracle and/or its affiliates.
+
+The Universal Permissive License (UPL), Version 1.0
+
+Subject to the condition set forth below, permission is hereby granted to any
+person obtaining a copy of this software, associated documentation and/or data
+(collectively the "Software"), free of charge and under any and all copyright
+rights in the Software, and any and all patent rights owned or freely
+licensable by each licensor hereunder covering either (i) the unmodified
+Software as contributed to or provided by such licensor, or (ii) the Larger
+Works (as defined below), to deal in both
+
+(a) the Software, and
+(b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+one is included with the Software (each a "Larger Work" to which the Software
+is contributed by such licensors),
+
+without restriction, including without limitation the rights to copy, create
+derivative works of, display, perform, and distribute the Software and make,
+use, sell, offer for sale, import, export, have made, and have sold the
+Software and the Larger Work(s), and to sublicense the foregoing rights on
+either these or other terms.
+
+This license is subject to the following condition:
+The above copyright notice and either this complete permission notice or at
+a minimum a reference to the UPL must be included in all copies or
+substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1,11 +1,11 @@
-# OCI Secure Workload Modules
+# OCI Landing Zones Secure Workload Modules
 
 ![Landing Zone logo](./landing_zone_300.png)
 
 This repository contains Terraform modules for managing workload resources in OCI (Oracle Cloud Infrastructure). By workload we mean resources that are typically deployed within a landing zone, and may trigger OCI consumption. By secure we mean they are designed to cover the key security features available in the OCI platform. When appropriate, the modules align with CIS OCI Foundations Benchmark recommendations.
 
 The following modules are available:
-- [CIS Compute & Storage](./cis-compute-storage/)
+- [Compute](./cis-compute-storage/) - supporting Compute, Block Volumes, File Storage, Compute Clusters and Cluster Networks.
 - [OKE (Oracle Kubernetes Engine)](./cis-oke/)
 
 Helper modules:
@@ -28,15 +28,24 @@ The modules in this collection are designed for flexibility, are straightforward
 
 Using these modules does not require a user extensive knowledge of Terraform or OCI resource types usage. Users declare a JSON object describing the OCI resources according to each module’s specification and minimal Terraform code to invoke the modules. The modules generate outputs that can be consumed by other modules as inputs, allowing for the creation of independently managed operational stacks to automate your entire OCI infrastructure.
 
+## Help
+
+Open an issue in this repository.
+
 ## Contributing
-See [CONTRIBUTING.md](./CONTRIBUTING.md).
+
+This project welcomes contributions from the community. Before submitting a pull request, please [review our contribution guide](./CONTRIBUTING.md).
+
+## Security
+
+Please consult the [security guide](./SECURITY.md) for our responsible security vulnerability disclosure process.
 
 ## License
-Copyright (c) 2023, Oracle and/or its affiliates.
 
-Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+Copyright (c) 2023,2024 Oracle and/or its affiliates.
 
-See [LICENSE](./LICENSE) for more details.
+Released under the Universal Permissive License v1.0 as shown at
+<https://oss.oracle.com/licenses/upl/>.
 
 ## Known Issues
 None.

RELEASE-NOTES.md

@@ -1,3 +1,7 @@
+# July 25, 2024 Release Notes - 0.1.5
+## Updates    
+1. Aligned README.md structure to Oracle's GitHub organizations requirements.
+
 # May 15, 2024 Release Notes - 0.1.4
 
 ## New

SECURITY.md

@@ -0,0 +1,38 @@
+# Reporting security vulnerabilities
+
+Oracle values the independent security research community and believes that
+responsible disclosure of security vulnerabilities helps us ensure the security
+and privacy of all our users.
+
+Please do NOT raise a GitHub Issue to report a security vulnerability. If you
+believe you have found a security vulnerability, please submit a report to
+[[email protected]][1] preferably with a proof of concept. Please review
+some additional information on [how to report security vulnerabilities to Oracle][2].
+We encourage people who contact Oracle Security to use email encryption using
+[our encryption key][3].
+
+We ask that you do not use other channels or contact the project maintainers
+directly.
+
+Non-vulnerability related security issues including ideas for new or improved
+security features are welcome on GitHub Issues.
+
+## Security updates, alerts and bulletins
+
+Security updates will be released on a regular cadence. Many of our projects
+will typically release security fixes in conjunction with the
+Oracle Critical Patch Update program. Additional
+information, including past advisories, is available on our [security alerts][4]
+page.
+
+## Security-related information
+
+We will provide security related information such as a threat model, considerations
+for secure use, or any known security issues in our documentation. Please note
+that labs and sample code are intended to demonstrate a concept and may not be
+sufficiently hardened for production use.
+
+[1]: mailto:[email protected]
+[2]: https://www.oracle.com/corporate/security-practices/assurance/vulnerability/reporting.html
+[3]: https://www.oracle.com/security-alerts/encryptionkey.html
+[4]: https://www.oracle.com/security-alerts/

cis-compute-storage/README.md

@@ -1,8 +1,8 @@
-# Oracle Cloud Infrastructure (OCI) Terraform CIS Compute & Storage (Block Volumes and File System Storage) Module
+# OCI Landing Zones Compute Module
 
 ![Landing Zone logo](../landing_zone_300.png)
 
-This module manages Compute instances, Block Volume and File System Storage in Oracle Cloud Infrastructure (OCI). These resources and their associated resources can be deployed together in the same configuration or separately. The module enforces Center for Internet Security (CIS) Benchmark recommendations for all supported resource types and provides features for strong cyber resilience posture, including cross-region replication and storage backups. Additionally, the module supports bringing in external dependencies that managed resources depend on, including compartments, subnets, network security groups, encryption keys, and others. 
+This module manages Compute instances, Block Volume, File System Storage, Compute Clusters, and Cluster Networks in Oracle Cloud Infrastructure (OCI). These resources and their associated resources can be deployed together in the same configuration or separately. The module enforces Center for Internet Security (CIS) Benchmark recommendations when appropriate and provides features for strong cyber resilience posture, including cross-region replication and storage backups. Additionally, the module supports bringing in external dependencies that managed resources depend on, including compartments, subnets, network security groups, encryption keys, and others. 
 
 Check [module specification](./SPEC.md) for a full description of module requirements, supported variables, managed resources and outputs.
 

cis-compute-storage/examples/cluster-networks/README.md

@@ -1,7 +1,7 @@
-# CIS Cluster Network Example
+# OCI Landing Zones Compute Module - Cluster Network Example
 
 ## Introduction
-This example shows how to deploy an RDMA cluster network in OCI using the [cis-compute-storage module](../../). It deploys one Compute instance, one cluster instance configuration, and one cluster network with the characteristics described below. Refer to [input.auto.tfvars.template](./input.auto.tfvars.template) for the variables configuration.
+This example shows how to deploy an RDMA cluster network in OCI using the [OCI Landing Zones Compute module](../../README.md). It deploys one Compute instance, one cluster instance configuration, and one cluster network with the characteristics described below. Refer to [input.auto.tfvars.template](./input.auto.tfvars.template) for the variables configuration.
 
 A [cluster network](https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/managingclusternetworks.htm) is a pool of high performance computing (HPC) instances that are connected with a high-bandwidth, ultra low-latency network. They're designed for highly demanding parallel computing jobs.
 

cis-compute-storage/examples/compute-block-volume/README.md

@@ -1,7 +1,7 @@
-# CIS OCI Compute/Storage Example - Compute instances and Block volumes
+# OCI Landing Zones Compute Module - Compute Instances and Block Volumes Example
 
 ## Introduction
-This example shows how to deploy Compute instances and Block volumes in OCI using the [cis-compute-storage module](../../). It deploys three Compute instances and two Block volumes with the following characteristics:
+This example shows how to deploy Compute instances and Block volumes in OCI using the [OCI Landing Zones Compute module](../../README.md). It deploys three Compute instances and two Block volumes with the following characteristics:
 - All instances are deployed in the same compartment and same subnet, defined by *default_compartment_id* and *default_subnet_id* attributes.
 - All instances boot volumes are encrypted with a customer-managed key defined by *default_kms_key_id* attribute.
 - All instances can be accessed over SSH with the private key corresponding to the public key defined by *default_ssh_public_key_path* attribute.

cis-compute-storage/examples/compute-clusters/README.md

@@ -1,7 +1,7 @@
-# OCI Compute Cluster Example
+# OCI Landing Zones Compute Module - Compute Cluster Example
 
 ## Introduction
-This example shows how to deploy RDMA cluster networks in OCI using the [cis-compute-storage module](../../). It deploys one Compute instance, one cluster instance configuration, and one cluster network with the characteristics described below. Refer to [input.auto.tfvars.template](./input.auto.tfvars.template) for the variables configuration.
+This example shows how to deploy Compute clusters in OCI using the [OCI Landing Zones Compute module](../../README.md). It deploys one Compute instance, one cluster instance configuration, and one cluster network with the characteristics described below. Refer to [input.auto.tfvars.template](./input.auto.tfvars.template) for the variables configuration.
 
 A [Compute cluster](https://docs.oracle.com/iaas/Content/Compute/Tasks/compute-clusters.htm) is a remote direct memory access (RDMA) network group. You can create high performance computing (HPC) instances in the network and manage them individually.
 

cis-compute-storage/examples/compute-only-multiple-vnics/README.md

@@ -1,8 +1,8 @@
-# CIS OCI Compute Example - Compute with Multiple VNICs and Multiple IP Addresses
+# OCI Landing Zones Compute Module - Compute with Multiple VNICs and Multiple IP Addresses Example
 
 ## Introduction
 
-This example shows how to deploy Compute instances in OCI using the [cis-compute-storage module](../../). It deploys one Compute instance with the following characteristics:
+This example shows how to deploy Compute instances in OCI using the [OCI Landing Zones Compute module](../../README.md). It deploys one Compute instance with the following characteristics:
 - The instances is deployed in the compartment and subnet defined by *default_compartment_id* and *default_subnet_id* attributes.
 - The instance can be accessed over SSH with the private key corresponding to the public key defined by *default_ssh_public_key_path* attribute.
 - The instances is placed in the network security groups defined by *networking.network_security_groups* attribute.