fix: addressed PR comments

Author: vbontempi

ibm_catalog.json

@@ -102,6 +102,9 @@
                 "key": "existing_secrets_manager_crn",
                 "required": true
               },
+              {
+                "key": "sm_ibmcloud_api_key"
+              },
               {
                 "key": "eso_namespace"
               },

solutions/fully-configurable/main.tf

@@ -17,10 +17,11 @@ module "crn_parser_sm" {
 }
 
 locals {
-  cluster_id     = module.crn_parser_cluster.service_instance
-  cluster_region = module.crn_parser_cluster.region
-  sm_region      = module.crn_parser_sm.region
-  sm_guid        = module.crn_parser_sm.service_instance
+  cluster_id          = module.crn_parser_cluster.service_instance
+  cluster_region      = module.crn_parser_cluster.region
+  sm_region           = module.crn_parser_sm.region
+  sm_guid             = module.crn_parser_sm.service_instance
+  sm_ibmcloud_api_key = var.sm_ibmcloud_api_key == null ? var.ibmcloud_api_key : var.sm_ibmcloud_api_key
 }
 
 data "ibm_container_cluster_config" "cluster_config" {

solutions/fully-configurable/provider.tf

@@ -5,7 +5,7 @@ provider "ibm" {
 }
 
 provider "ibm" {
-  ibmcloud_api_key = var.ibmcloud_api_key
+  ibmcloud_api_key = local.sm_ibmcloud_api_key
   visibility       = var.provider_visibility
   region           = local.sm_region
   alias            = "ibm-sm"

solutions/fully-configurable/variables.tf

@@ -8,6 +8,11 @@ variable "ibmcloud_api_key" {
   sensitive   = true
 }
 
+variable "sm_ibmcloud_api_key" {
+  type        = string
+  description = "APIkey to authenticate on Secrets Manager instance. If null the ibmcloud_api_key will be used."
+}
+
 variable "provider_visibility" {
   description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
   type        = string
@@ -311,36 +316,36 @@ variable "eso_secretsstores_configuration" {
     cluster_secrets_stores = map(object({
       namespace                              = string
       create_namespace                       = bool
-      existing_serviceid_id                  = string
-      serviceid_name                         = string
-      serviceid_description                  = string
-      existing_account_secrets_group_id      = string
-      account_secrets_group_name             = string
-      account_secrets_group_description      = string
-      trusted_profile_name                   = string # if both the trusted_profile_name and the serviceid_name/existing_serviceid_id are set, the trusted_profile_name will be used
-      trusted_profile_description            = string
-      existing_service_secrets_group_id_list = list(string)
-      service_secrets_groups_list = list(object({
+      existing_serviceid_id                  = optional(string, null)
+      serviceid_name                         = optional(string, null)
+      serviceid_description                  = optional(string, null)
+      existing_account_secrets_group_id      = optional(string, null)
+      account_secrets_group_name             = optional(string, null)
+      account_secrets_group_description      = optional(string, null)
+      trusted_profile_name                   = optional(string, null) # if both the trusted_profile_name and the serviceid_name/existing_serviceid_id are set, the trusted_profile_name will be used
+      trusted_profile_description            = optional(string, null)
+      existing_service_secrets_group_id_list = optional(list(string), [])
+      service_secrets_groups_list = optional(list(object({
         name        = string
         description = string
-      }))
+      })), [])
     }))
     secrets_stores = map(object({
       create_namespace                       = bool
-      namespace                              = string
-      existing_serviceid_id                  = string
-      serviceid_name                         = string
-      serviceid_description                  = string
-      existing_account_secrets_group_id      = string
-      account_secrets_group_name             = string
-      account_secrets_group_description      = string
-      trusted_profile_name                   = string # if both the trusted_profile_name and the serviceid_name/existing_serviceid_id are set, the trusted_profile_name will be used
-      trusted_profile_description            = string
-      existing_service_secrets_group_id_list = list(string)
-      service_secrets_groups_list = list(object({
+      namespace                              = optional(string, null)
+      existing_serviceid_id                  = optional(string, null)
+      serviceid_name                         = optional(string, null)
+      serviceid_description                  = optional(string, null)
+      existing_account_secrets_group_id      = optional(string, null)
+      account_secrets_group_name             = optional(string, null)
+      account_secrets_group_description      = optional(string, null)
+      trusted_profile_name                   = optional(string, null) # if both the trusted_profile_name and the serviceid_name/existing_serviceid_id are set, the trusted_profile_name will be used
+      trusted_profile_description            = optional(string, null)
+      existing_service_secrets_group_id_list = optional(list(string), [])
+      service_secrets_groups_list = optional(list(object({
         name        = string
         description = string
-      }))
+      })), [])
     }))
   })
   default = {

tests/pr_test.go

@@ -625,12 +625,12 @@ func getFullConfigSolutionTestVariables(mainOptions *testschematic.TestSchematic
 		"cluster_secrets_stores": map[string]any{
 
 			"css-1": map[string]any{
-				"namespace":                              "eso-namespace-cs1",
-				"create_namespace":                       true,
-				"existing_serviceid_id":                  "",
-				"serviceid_name":                         "esoda-test-css-1-serviceid",
-				"serviceid_description":                  "esoda-test-css-1-serviceid description",
-				"existing_account_secrets_group_id":      "",
+				"namespace":        "eso-namespace-cs1",
+				"create_namespace": true,
+				// "existing_serviceid_id":                  "",
+				"serviceid_name":        "esoda-test-css-1-serviceid",
+				"serviceid_description": "esoda-test-css-1-serviceid description",
+				// "existing_account_secrets_group_id":      "",
 				"account_secrets_group_name":             "esoda-test-cs-accsg-1",
 				"account_secrets_group_description":      "esoda-test-cs-accsg-1 description",
 				"trusted_profile_name":                   "",
@@ -648,16 +648,16 @@ func getFullConfigSolutionTestVariables(mainOptions *testschematic.TestSchematic
 				},
 			},
 			"css-2": map[string]any{
-				"namespace":                              "eso-namespace-cs2",
-				"create_namespace":                       true,
-				"existing_serviceid_id":                  "",
-				"serviceid_name":                         "esoda-test-css-3-serviceid",
-				"serviceid_description":                  "esoda-test-css-3-serviceid description",
-				"existing_account_secrets_group_id":      "",
-				"account_secrets_group_name":             "esoda-test-cs-accsg-3",
-				"account_secrets_group_description":      "esoda-test-cs-accsg-3 description",
-				"trusted_profile_name":                   "",
-				"trusted_profile_description":            "",
+				"namespace":                         "eso-namespace-cs2",
+				"create_namespace":                  true,
+				"existing_serviceid_id":             "",
+				"serviceid_name":                    "esoda-test-css-3-serviceid",
+				"serviceid_description":             "esoda-test-css-3-serviceid description",
+				"existing_account_secrets_group_id": "",
+				"account_secrets_group_name":        "esoda-test-cs-accsg-3",
+				"account_secrets_group_description": "esoda-test-cs-accsg-3 description",
+				// "trusted_profile_name":                   "",
+				// "trusted_profile_description":            "",
 				"existing_service_secrets_group_id_list": []string{},
 				"service_secrets_groups_list": []map[string]any{
 					{
@@ -674,16 +674,16 @@ func getFullConfigSolutionTestVariables(mainOptions *testschematic.TestSchematic
 		"secrets_stores": map[string]any{
 
 			"ss-1": map[string]any{
-				"namespace":                              "eso-namespace-ss1",
-				"create_namespace":                       true,
-				"existing_serviceid_id":                  "",
-				"serviceid_name":                         "esoda-test-ss-1-serviceid",
-				"serviceid_description":                  "esoda-test-ss-1-serviceid description",
-				"existing_account_secrets_group_id":      "",
-				"account_secrets_group_name":             "esoda-test-ss-accsg-1",
-				"account_secrets_group_description":      "esoda-test-ss-accsg-1 description",
-				"trusted_profile_name":                   "",
-				"trusted_profile_description":            "",
+				"namespace":                         "eso-namespace-ss1",
+				"create_namespace":                  true,
+				"existing_serviceid_id":             "",
+				"serviceid_name":                    "esoda-test-ss-1-serviceid",
+				"serviceid_description":             "esoda-test-ss-1-serviceid description",
+				"existing_account_secrets_group_id": "",
+				"account_secrets_group_name":        "esoda-test-ss-accsg-1",
+				"account_secrets_group_description": "esoda-test-ss-accsg-1 description",
+				// "trusted_profile_name":                   "",
+				// "trusted_profile_description":            "",
 				"existing_service_secrets_group_id_list": []string{},
 				"service_secrets_groups_list": []map[string]any{
 					{
@@ -697,12 +697,12 @@ func getFullConfigSolutionTestVariables(mainOptions *testschematic.TestSchematic
 				},
 			},
 			"ss-2": map[string]any{
-				"namespace":                              "eso-namespace-ss2",
-				"create_namespace":                       true,
-				"existing_serviceid_id":                  "",
-				"serviceid_name":                         "esoda-test-ss-2-serviceid",
-				"serviceid_description":                  "esoda-test-ss-2-serviceid description",
-				"existing_account_secrets_group_id":      "",
+				"namespace":        "eso-namespace-ss2",
+				"create_namespace": true,
+				// "existing_serviceid_id":                  "",
+				"serviceid_name":        "esoda-test-ss-2-serviceid",
+				"serviceid_description": "esoda-test-ss-2-serviceid description",
+				// "existing_account_secrets_group_id":      "",
 				"account_secrets_group_name":             "esoda-test-ss-accsg-2",
 				"account_secrets_group_description":      "esoda-test-ss-accsg-2 description",
 				"trusted_profile_name":                   "",
@@ -724,6 +724,8 @@ func getFullConfigSolutionTestVariables(mainOptions *testschematic.TestSchematic
 
 	logger.Log(mainOptions.Testing, "setupSolutionSchematicOptions - Using mainOptions.Prefix: ", mainOptions.Prefix)
 
+	logger.Log(mainOptions.Testing, "TEST TO REMOVE: ", mainOptions.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"])
+
 	vars := []testschematic.TestSchematicTerraformVar{
 		{Name: "ibmcloud_api_key", Value: mainOptions.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true},
 		{Name: "prefix", Value: mainOptions.Prefix, DataType: "string"},