From f901077eec72a29aa2e81945d104af424b5ff46b Mon Sep 17 00:00:00 2001
From: wuzhuanhong <wuzhuanhong1@outlook.com>
Date: Fri, 30 May 2025 16:10:23 +0800
Subject: [PATCH] docs(coc/example): adjust examples under coc

---
 examples/coc/script/README.md                |  88 +++++++++-
 examples/coc/script/main.tf                  |  31 ++--
 examples/coc/script/providers.tf             |  14 ++
 examples/coc/script/terraform.tfvars         |  22 +++
 examples/coc/script/variables.tf             |  59 ++++++-
 examples/coc/script_execute/README.md        | 120 ++++++++++++-
 examples/coc/script_execute/main.tf          | 102 ++++++++---
 examples/coc/script_execute/providers.tf     |  14 ++
 examples/coc/script_execute/terraform.tfvars |  29 ++++
 examples/coc/script_execute/variables.tf     | 170 ++++++++++++++++++-
 10 files changed, 596 insertions(+), 53 deletions(-)
 create mode 100644 examples/coc/script/providers.tf
 create mode 100644 examples/coc/script/terraform.tfvars
 create mode 100644 examples/coc/script_execute/providers.tf
 create mode 100644 examples/coc/script_execute/terraform.tfvars

diff --git a/examples/coc/script/README.md b/examples/coc/script/README.md
index 6f51246a653..8b0bd6a6837 100644
--- a/examples/coc/script/README.md
+++ b/examples/coc/script/README.md
@@ -1,3 +1,87 @@
-# Create COC script
+# Create a COC script
 
-In this example, we will create a COC script.
+This example provides best practice code for using Terraform to create a COC script in HuaweiCloud.
+
+## Prerequisites
+
+* A HuaweiCloud account
+* Terraform installed
+* HuaweiCloud access key and secret key (AK/SK)
+
+## Required Variables
+
+The following variables need to be configured:
+
+### Authentication Variables
+
+* `region_name` - The region where the COC script is located
+* `access_key`  - The access key of the IAM user
+* `secret_key`  - The secret key of the IAM user
+
+### Resource Variables
+
+#### Required Variables
+
+* `coc_script_name` - The name of the script
+* `coc_script_description` - The description of the script
+* `coc_script_risk_level` - The risk level of the script
+* `coc_script_version` - The version of the script
+* `coc_script_type` - The type of the script
+* `coc_script_content` - The content of the script
+* `coc_script_parameters` - The parameter list of the script
+  + `name` - The name of the parameter
+  + `value` - The value of the parameter
+  + `description` - The description of the parameter
+  + `sensitive` - Whether the parameter is sensitive
+
+## Usage
+
+* Copy this example script to your `main.tf`.
+
+* Create a `terraform.tfvars` file and fill in the required variables:
+
+  ```hcl
+  coc_script_name        = "your_coc_script_name"
+  coc_script_description = "your_coc_script_description"
+  coc_script_risk_level  = "your_coc_script_risk_level"
+  coc_script_version     = "your_coc_script_version"
+  coc_script_type        = "your_coc_script_type"
+  coc_script_content     = "your_coc_script_content"
+  coc_script_parameters  = "your_coc_script_parameters"
+  ```
+
+* Initialize Terraform:
+
+  ```bash
+  $ terraform init
+  ```
+
+* Review the Terraform plan:
+
+  ```bash
+  $ terraform plan
+  ```
+
+* Apply the configuration:
+
+  ```bash
+  $ terraform apply
+  ```
+
+* To clean up the resources:
+
+  ```bash
+  $ terraform destroy
+  ```
+
+## Note
+
+* Make sure to keep your credentials secure and never commit them to version control
+* All resources will be created in the specified region
+
+## Requirements
+
+| Name | Version |
+|---|---|
+| terraform | >= 0.12.0 |
+| huaweicloud | >= 1.58.0 |
diff --git a/examples/coc/script/main.tf b/examples/coc/script/main.tf
index cc024d5dd7f..6792aef9c56 100644
--- a/examples/coc/script/main.tf
+++ b/examples/coc/script/main.tf
@@ -1,24 +1,19 @@
 resource "huaweicloud_coc_script" "test" {
   name        = var.script_name
-  description = "coc script description"
-  risk_level  = "LOW"
-  version     = "1.0.0"
-  type        = "SHELL"
+  description = var.script_description
+  risk_level  = var.script_risk_level
+  version     = var.script_version
+  type        = var.script_type
+  content     = var.script_content
 
-  content = <<EOF
-#! /bin/bash
-echo "hello world!"
-EOF
+  dynamic "parameters" {
+    for_each = var.script_parameters
 
-  parameters {
-    name        = "name"
-    value       = "world"
-    description = "the first parameter"
-  }
-  parameters {
-    name        = "company"
-    value       = "Huawei"
-    description = "the second parameter"
-    sensitive   = true
+    content {
+      name        = parameters.value.name
+      value       = parameters.value.value
+      description = parameters.value.description
+      sensitive   = parameters.value.sensitive
+    }
   }
 }
diff --git a/examples/coc/script/providers.tf b/examples/coc/script/providers.tf
new file mode 100644
index 00000000000..847c9ff1952
--- /dev/null
+++ b/examples/coc/script/providers.tf
@@ -0,0 +1,14 @@
+terraform {
+  required_providers {
+    huaweicloud = {
+      source  = "huaweicloud/huaweicloud"
+      version = ">=1.58.0"
+    }
+  }
+}
+
+provider "huaweicloud" {
+  region     = var.region_name
+  access_key = var.access_key
+  secret_key = var.secret_key
+}
diff --git a/examples/coc/script/terraform.tfvars b/examples/coc/script/terraform.tfvars
new file mode 100644
index 00000000000..8372e55d162
--- /dev/null
+++ b/examples/coc/script/terraform.tfvars
@@ -0,0 +1,22 @@
+script_name        = "tf_coc_script"
+script_description = "Created by terraform script"
+script_risk_level  = "LOW"
+script_version     = "1.0.0"
+script_type        = "SHELL"
+script_content     = <<EOF
+#! /bin/bash
+echo "hello world!"
+EOF
+script_parameters = [
+  {
+    name        = "name"
+    value       = "world"
+    description = "the first parameter"
+  },
+  {
+    name        = "company"
+    value       = "Huawei"
+    description = "the second parameter"
+    sensitive   = true
+  }
+]
diff --git a/examples/coc/script/variables.tf b/examples/coc/script/variables.tf
index 744a203ab94..5b9a1af1d48 100644
--- a/examples/coc/script/variables.tf
+++ b/examples/coc/script/variables.tf
@@ -1,4 +1,59 @@
+# Variable definitions for authentication
+variable "region_name" {
+  description = "The region where the COC script is located"
+  type        = string
+}
+
+variable "access_key" {
+  description = "The access key of the IAM user"
+  type        = string
+}
+
+variable "secret_key" {
+  description = "The secret key of the IAM user"
+  type        = string
+}
+
+# Variable definitions for resources/data sources
 variable "script_name" {
-  description = "The name of the COC script"
-  default     = "tf_coc_script_name"
+  description = "The name of the script"
+  type        = string
+}
+
+variable "script_description" {
+  description = "The description of the script"
+  type        = string
+}
+
+variable "script_risk_level" {
+  description = "The risk level of the script"
+  type        = string
+}
+
+variable "script_version" {
+  description = "The version of the script"
+  type        = string
+}
+
+variable "script_type" {
+  description = "The type of the script"
+  type        = string
+}
+
+variable "script_content" {
+  description = "The content of the script"
+  type        = string
+}
+
+variable "script_parameters" {
+  description = "The parameter list of the script"
+  type = list(object({
+    name        = string
+    value       = string
+    description = string
+    sensitive   = optional(bool)
+  }))
+
+  nullable = false
 }
+
diff --git a/examples/coc/script_execute/README.md b/examples/coc/script_execute/README.md
index 131ed91bfd6..b9159087500 100644
--- a/examples/coc/script_execute/README.md
+++ b/examples/coc/script_execute/README.md
@@ -1,3 +1,119 @@
-# Execute COC script
+# Create a COC script and execute it
 
-In this example, we will execute a COC script.
+This example provides best practice code for using Terraform to create a COC script and execute it in HuaweiCloud.
+
+## Prerequisites
+
+* A HuaweiCloud account
+* Terraform installed
+* HuaweiCloud access key and secret key (AK/SK)
+
+## Required Variables
+
+The following variables need to be configured:
+
+### Authentication Variables
+
+* `region_name` - The region where the COC script is located
+* `access_key`  - The access key of the IAM user
+* `secret_key`  - The secret key of the IAM user
+
+### Resource Variables
+
+#### Required Variables
+
+* `vpc_name` - The name of the VPC
+* `subnet_name` - The name of the subnet
+* `security_group_name` - The name of the security group
+* `instance_name` - The name of the ECS instance
+* `instance_user_data` - The user data for installing UniAgent on the ECS instance
+* `script_name` - The name of the script
+* `script_description` - The description of the script
+* `script_risk_level` - The risk level of the script
+* `script_version` - The version of the script
+* `script_type` - The type of the script
+* `script_content` - The content of the script
+* `script_parameters` - The parameter list of the script.
+  + `name` - The name of the parameter
+  + `value` - The value of the parameter
+  + `description` - The description of the parameter
+  + `sensitive` - Whether the parameter is sensitive
+* `script_execute_timeout` - The maximum time to execute the script in seconds
+* `script_execute_execute_user` - The user to execute the script
+* `script_execute_parameters` - The parameter list of the script execution.
+  + `name` - The name of the parameter
+  + `value` - The value of the parameter
+
+#### Optional Variables
+
+* `availability_zone` - The availability zone to which the ECS instance and network belong (default: "")
+* `instance_flavor_id` - The flavor ID of the ECS instance (default: "")
+* `instance_flavor_performance_type` - The performance type of the ECS instance flavor (default: "normal")
+* `instance_flavor_cpu_core_count` - The number of the ECS instance flavor CPU cores (default: 4)
+* `instance_flavor_memory_size` - The memory size of the ECS instance flavor (default: 8)
+* `instance_image_id` - The image ID of the ECS instance (default: "")
+* `instance_image_os_type` - The OS type of the ECS instance flavor (default: "Ubuntu")
+* `instance_image_visibility` - The visibility of the ECS instance flavor (default: "public")
+* `vpc_cidr` - The CIDR block of the VPC (default: "192.168.0.0/16")
+* `subnet_cidr` - The CIDR block of the subnet (default: "")
+* `subnet_gateway_ip` - The gateway IP of the subnet (default: "")
+
+## Usage
+
+* Copy this example script to your `main.tf`.
+
+* Create a `terraform.tfvars` file and fill in the required variables:
+
+  ```hcl
+  vpc_name                    = "your_vpc_name"
+  subnet_name                 = "your_subnet_name"
+  security_group_name         = "your_security_group_name"
+  instance_name               = "your_instance_name"
+  instance_user_data          = "your_user_data"
+  script_name                 = "your_script_name"
+  script_description          = "your_script_description"
+  script_risk_level           = "your_script_risk_level"
+  script_version              = "your_script_version"
+  script_type                 = "your_script_type"
+  script_content              = "your_script_content"
+  script_parameters           = "your_script_parameters"
+  script_execute_timeout      = "your_script_execute_timeout"
+  script_execute_execute_user = "your_script_execute_execute_user"
+  script_execute_parameters   = "your_script_execute_parameters"
+  ```
+
+* Initialize Terraform:
+
+  ```bash
+  $ terraform init
+  ```
+
+* Review the Terraform plan:
+
+  ```bash
+  $ terraform plan
+  ```
+
+* Apply the configuration:
+
+  ```bash
+  $ terraform apply
+  ```
+
+* To clean up the resources:
+
+  ```bash
+  $ terraform destroy
+  ```
+
+## Note
+
+* Make sure to keep your credentials secure and never commit them to version control
+* All resources will be created in the specified region
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.0 |
+| huaweicloud | >= 1.58.0 |
diff --git a/examples/coc/script_execute/main.tf b/examples/coc/script_execute/main.tf
index be593222a1f..5615f9012f0 100644
--- a/examples/coc/script_execute/main.tf
+++ b/examples/coc/script_execute/main.tf
@@ -1,34 +1,88 @@
+data "huaweicloud_availability_zones" "test" {
+  count = var.availability_zone == "" ? 1 : 0
+}
+
+data "huaweicloud_compute_flavors" "test" {
+  count = var.instance_flavor_id == "" ? 1 : 0
+
+  availability_zone = var.availability_zone == "" ? try(data.huaweicloud_availability_zones.test[0].names[0], "") : var.availability_zone
+  performance_type  = var.instance_flavor_performance_type
+  cpu_core_count    = var.instance_flavor_cpu_core_count
+  memory_size       = var.instance_flavor_memory_size
+}
+
+data "huaweicloud_images_images" "test" {
+  count = var.instance_image_id == "" ? 1 : 0
+
+  flavor_id  = var.instance_flavor_id == "" ? try(data.huaweicloud_compute_flavors.test[0].ids[0], "") : var.instance_flavor_id
+  os         = var.instance_image_os_type
+  visibility = var.instance_image_visibility
+}
+
+resource "huaweicloud_vpc" "test" {
+  name = var.vpc_name
+  cidr = var.vpc_cidr
+}
+
+resource "huaweicloud_vpc_subnet" "test" {
+  vpc_id            = huaweicloud_vpc.test.id
+  name              = var.subnet_name
+  cidr              = var.subnet_cidr == "" ? cidrsubnet(huaweicloud_vpc.test.cidr, 8, 0) : var.subnet_cidr
+  gateway_ip        = var.subnet_gateway_ip == "" ? cidrhost(cidrsubnet(huaweicloud_vpc.test.cidr, 8, 0), 1) : var.subnet_gateway_ip
+  availability_zone = var.availability_zone == "" ? try(data.huaweicloud_availability_zones.test[0].names[0], null) : var.availability_zone
+}
+
+# The default security group rules cannot be deleted, otherwise the UniAgent installation will fail.
+resource "huaweicloud_networking_secgroup" "test" {
+  name = var.security_group_name
+}
+
+# Create an ECS instance and install UniAgent
+resource "huaweicloud_compute_instance" "test" {
+  name               = var.instance_name
+  availability_zone  = var.availability_zone == "" ? try(data.huaweicloud_availability_zones.test[0].names[0], "") : var.availability_zone
+  flavor_id          = var.instance_flavor_id == "" ? try(data.huaweicloud_compute_flavors.test[0].flavors[0].id, "") : var.instance_flavor_id
+  image_id           = var.instance_image_id == "" ? try(data.huaweicloud_images_images.test[0].images[0].id, "") : var.instance_image_id
+  security_group_ids = [huaweicloud_networking_secgroup.test.id]
+  user_data          = var.instance_user_data
+
+  network {
+    uuid = huaweicloud_vpc_subnet.test.id
+  }
+}
+
 resource "huaweicloud_coc_script" "test" {
   name        = var.script_name
-  description = "coc script description"
-  risk_level  = "LOW"
-  version     = "1.0.0"
-  type        = "SHELL"
-
-  content = <<EOF
-#! /bin/bash
-echo "hello world!"
-EOF
-
-  parameters {
-    name        = "name"
-    value       = "world"
-    description = "the parameter"
+  description = var.script_description
+  risk_level  = var.script_risk_level
+  version     = var.script_version
+  type        = var.script_type
+  content     = var.script_content
+
+  dynamic "parameters" {
+    for_each = var.script_parameters
+
+    content {
+      name        = parameters.value.name
+      value       = parameters.value.value
+      description = parameters.value.description
+      sensitive   = parameters.value.sensitive
+    }
   }
 }
 
 resource "huaweicloud_coc_script_execute" "test" {
   script_id    = huaweicloud_coc_script.test.id
-  instance_id  = var.script_execute_name
-  timeout      = 600
-  execute_user = "root"
+  instance_id  = huaweicloud_compute_instance.test.id
+  timeout      = var.script_execute_timeout
+  execute_user = var.script_execute_execute_user
 
-  parameters {
-    name  = "name"
-    value = "somebody"
-  }
-  parameters {
-    name  = "company"
-    value = "HuaweiCloud"
+  dynamic "parameters" {
+    for_each = var.script_execute_parameters
+
+    content {
+      name  = parameters.value.name
+      value = parameters.value.value
+    }
   }
 }
diff --git a/examples/coc/script_execute/providers.tf b/examples/coc/script_execute/providers.tf
new file mode 100644
index 00000000000..847c9ff1952
--- /dev/null
+++ b/examples/coc/script_execute/providers.tf
@@ -0,0 +1,14 @@
+terraform {
+  required_providers {
+    huaweicloud = {
+      source  = "huaweicloud/huaweicloud"
+      version = ">=1.58.0"
+    }
+  }
+}
+
+provider "huaweicloud" {
+  region     = var.region_name
+  access_key = var.access_key
+  secret_key = var.secret_key
+}
diff --git a/examples/coc/script_execute/terraform.tfvars b/examples/coc/script_execute/terraform.tfvars
new file mode 100644
index 00000000000..535f2dfd06c
--- /dev/null
+++ b/examples/coc/script_execute/terraform.tfvars
@@ -0,0 +1,29 @@
+vpc_name            = "tf_test_coc_script_execute_vpc"
+subnet_name         = "tf_test_coc_script_execute_subnet"
+security_group_name = "tf_test_coc_script_execute_secgroup"
+instance_name       = "tf_test_coc_script_execute"
+instance_user_data  = "your_user_data" # Please replace it with the command you actually used to install icagent
+script_name         = "tf_coc_script_execute"
+script_description  = "Created by terraform script"
+script_risk_level   = "LOW"
+script_version      = "1.0.0"
+script_type         = "SHELL"
+script_content      = <<EOF
+#! /bin/bash
+echo "hello world!"
+EOF
+script_parameters = [
+  {
+    name        = "name"
+    value       = "world"
+    description = "the parameter"
+  }
+]
+script_execute_timeout      = 600
+script_execute_execute_user = "root"
+script_execute_parameters = [
+  {
+    name  = "name"
+    value = "somebody"
+  }
+]
diff --git a/examples/coc/script_execute/variables.tf b/examples/coc/script_execute/variables.tf
index 78ad7a256a7..0416bbd2a4c 100644
--- a/examples/coc/script_execute/variables.tf
+++ b/examples/coc/script_execute/variables.tf
@@ -1,9 +1,169 @@
+# Variable definitions for authentication
+variable "region_name" {
+  description = "The region where the COC script is located"
+  type        = string
+}
+
+variable "access_key" {
+  description = "The access key of the IAM user"
+  type        = string
+}
+
+variable "secret_key" {
+  description = "The secret key of the IAM user"
+  type        = string
+}
+
+# Variable definitions for resources/data sources
+variable "availability_zone" {
+  description = "The availability zone to which the ECS instance and network belong"
+  type        = string
+  default     = ""
+}
+
+variable "instance_flavor_id" {
+  description = "The flavor ID of the ECS instance"
+  type        = string
+  default     = ""
+}
+
+variable "instance_flavor_performance_type" {
+  description = "The performance type of the ECS instance flavor"
+  type        = string
+  default     = "normal"
+}
+
+variable "instance_flavor_cpu_core_count" {
+  description = "The number of the ECS instance flavor CPU cores"
+  type        = number
+  default     = 4
+}
+
+variable "instance_flavor_memory_size" {
+  description = "The number of the ECS instance flavor memories"
+  type        = number
+  default     = 8
+}
+
+variable "instance_image_id" {
+  description = "The image ID of the ECS instance"
+  type        = string
+  default     = ""
+}
+
+variable "instance_image_os_type" {
+  description = "The OS type of the ECS instance flavor"
+  type        = string
+  default     = "Ubuntu"
+}
+
+variable "instance_image_visibility" {
+  description = "The visibility of the ECS instance flavor"
+  type        = string
+  default     = "public"
+}
+
+variable "vpc_name" {
+  description = "The name of the VPC"
+  type        = string
+}
+
+variable "vpc_cidr" {
+  description = "The CIDR block of the VPC"
+  type        = string
+  default     = "192.168.0.0/16"
+}
+
+variable "subnet_name" {
+  description = "The name of the subnet"
+  type        = string
+}
+
+variable "subnet_cidr" {
+  description = "The CIDR block of the subnet"
+  type        = string
+  default     = ""
+}
+
+variable "subnet_gateway_ip" {
+  description = "The gateway IP of the subnet"
+  type        = string
+  default     = ""
+}
+
+variable "security_group_name" {
+  description = "The name of the security group"
+  type        = string
+}
+
+variable "instance_name" {
+  type        = string
+  description = "The name of the ECS instance"
+}
+
+variable "instance_user_data" {
+  type        = string
+  description = "The user data for installing UniAgent on the ECS instance"
+}
+
 variable "script_name" {
-  description = "The name of the COC script"
-  default     = "tf_coc_script_name"
+  description = "The name of the script"
+  type        = string
+}
+
+variable "script_description" {
+  description = "The description of the script"
+  type        = string
+}
+
+variable "script_risk_level" {
+  description = "The description of the script"
+  type        = string
 }
 
-variable "script_execute_name" {
-  description = "The COC script execute name"
-  default     = "tf_script_execute_name"
+variable "script_version" {
+  description = "The description of the script"
+  type        = string
+}
+
+variable "script_type" {
+  description = "The risk level of the script"
+  type        = string
+}
+
+variable "script_content" {
+  description = "The content of the script"
+  type        = string
+}
+
+variable "script_parameters" {
+  description = "The parameter list of the script"
+  type = list(object({
+    name        = string
+    value       = string
+    description = string
+    sensitive   = optional(bool)
+  }))
+
+  nullable = false
+}
+
+variable "script_execute_timeout" {
+  description = "The maximum time to execute the script in seconds"
+  type        = number
+}
+
+variable "script_execute_execute_user" {
+  description = "The user to execute the script"
+  type        = string
+}
+
+variable "script_execute_parameters" {
+  description = "The parameter list of the script execution"
+  type = list(object({
+    name  = string
+    value = string
+  }))
+
+  nullable = false
 }