feat: added support to enable the secrets manager public cert engine

[iamar7]

Description

#59

Release required?

• No release
• Patch release (x.x.X)
• Minor release (x.X.x)
• Major release (X.x.x)

Release notes content

Run the pipeline

If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.

Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:

/run pipeline

Checklist for reviewers

• If relevant, a test for the change is included or updated with this PR.
• If relevant, documentation for the change is included or updated with this PR.

For mergers

• Use a conventional commit message to set the release level. Follow the guidelines.
• Include information that users need to know about the PR in the commit message. The commit message becomes part of the GitHub release notes.
• Use the Squash and merge option.

[iamar7]

/run pipeline

[iamar7]

/run pipeline

[iamar7]

/run pipeline

[iamar7]

/run pipeline

[iamar7]

/run pipeline

[Ak-sky]

/run pipeline

[Ak-sky]

/run pipeline

[iamar7]

/run pipeline

[iamar7]

/run pipeline

[iamar7]

/run pipeline

[iamar7]

/run pipeline

[iamar7]

/run pipeline

[SirSpidey]

some suggestions and comments

[SirSpidey]

Assuming Conall is correct, include,
...Applies only if secret_manager_public_engine_enabled is true.

Or if always required as he asks, include,
...Required if secret_manager_public_engine_enabled is set to true.

For the rest of the description, is it some ID for the instance or something else. Probably need more details -- perhaps about where to find it if it's not clear to most non-developers.

[SirSpidey]

do client in the Cloud catalog know what the ACME tool is? If not, add

For more information, see... and use a markdown link ([]()) to a doc topic about the tool.

[iamar7]

/run pipeline

[iamar7]

/run pipeline

[iamar7]

/run pipeline

[SirSpidey]

Looks ok to me. Conall should review for whether it meets his earlier objections.

[SirSpidey]

@iamar7 I approved, but I do have one suggestion.

[iamar7]

/run pipeline

[iamar7]

/run pipeline

[ocofaigh]

@iamar7 The tests are blocked in this repo due to IBM-Cloud/terraform-provider-ibm#5586
We can add a workaround however we are expecting a fix from the provider soon, so going to wait for that.
This feature is not a high priority so it can wait until after the fix is in.
We already document how consumers can workaround the issue: https://cloud.ibm.com/docs/security-services?topic=security-services-known-issues#ki-scc-attachments

[ocofaigh]

FYI, the pipeline is unblocked here

[iamar7]

/run pipeline

[iamar7]

/run pipeline

[ocofaigh]

As discussed internally, we are not going to expose all these new variables, but instead document how a user can achieve this by directly update the secrets manager member DA inside the stack.

I think that documentation would live in https://cloud.ibm.com/docs/security-services?topic=security-services-css-relnotes somewhere, so please work with @SirSpidey on that. Since there is no code changes needed in the repo, I'm going to close this PR.