chore(deps): update terraform-module and ci dependencies (#52)

vbontempi · web-flow · commit 5c2fa2bc6cce · 2025-04-05T09:14:01.000+01:00
diff --git a/common-dev-assets b/common-dev-assets
@@ -1 +1 @@
-Subproject commit 746dc8bdcd148e0a1eff04fdfc2da774dba4a784
+Subproject commit 6e39f79e1389a1ec3bbe57215573e7d4e6dd98f1
diff --git a/examples/all-combined/README.md b/examples/all-combined/README.md
@@ -78,3 +78,7 @@ The example is split into separated templates related with their specific scope:
 The test is currently using the existing SecretManager region to deploy the VPC and the cluster if this value is not null. Instead if null it follows what set through `var.region`
 
 This logic is achieved through the local `sm_region` variable that is then used to create resources.
+
+### Note for the example maintainers
+
+The test leverages on a set of secrets existing on IBM Cloud Secrets Manager instance to pull the secrets values and to configure them through External Secrets operator: the secrets for the imported certificate (public certificate stored in `geretain-eso-test-importedcert-public-certificate`, intermediate certificate store in `geretain-eso-test-importedcert-intermediate-certificate` and private key stored in `geretain-eso-test-importedcert-private-key`) expire periodically, in the case these secrets expire the new values can be retrieved from the secret named `geretain-eso-public-certificate-for-imported-ones` which contains the three different components (it is a public certificate generated for a test CN) and it is configured to be automatically rotated by Secrets Manager.
diff --git a/examples/all-combined/main.tf b/examples/all-combined/main.tf
@@ -186,7 +186,7 @@ module "network_acl" {
 # OCP CLUSTER creation
 module "ocp_base" {
   source               = "terraform-ibm-modules/base-ocp-vpc/ibm"
-  version              = "3.41.7"
+  version              = "3.43.2"
   cluster_name         = "${var.prefix}-vpc"
   resource_group_id    = module.resource_group.resource_group_id
   region               = var.region
diff --git a/examples/all-combined/privatecertificate.tf b/examples/all-combined/privatecertificate.tf
@@ -13,7 +13,7 @@ locals {
 # private certificate engine
 module "secrets_manager_private_secret_engine" {
   source                    = "terraform-ibm-modules/secrets-manager-private-cert-engine/ibm"
-  version                   = "1.3.5"
+  version                   = "1.3.6"
   secrets_manager_guid      = local.sm_guid
   region                    = local.sm_region
   root_ca_name              = var.pvt_ca_name != null ? var.pvt_ca_name : "pvt-${var.prefix}-project-root-ca"
@@ -30,7 +30,7 @@ module "secrets_manager_private_secret_engine" {
 module "secrets_manager_private_certificate" {
   depends_on             = [module.secrets_manager_private_secret_engine]
   source                 = "terraform-ibm-modules/secrets-manager-private-cert/ibm"
-  version                = "1.3.2"
+  version                = "1.3.3"
   cert_name              = "${var.prefix}-sm-private-cert"
   cert_description       = "Private certificate for ${local.pvt_cert_common_name}"
   cert_secrets_group_id  = module.secrets_manager_group.secret_group_id
diff --git a/examples/all-combined/secretsmanager.tf b/examples/all-combined/secretsmanager.tf
@@ -76,7 +76,7 @@ module "iam_secrets_engine" {
 # create secrets group for secrets
 module "secrets_manager_group" {
   source                   = "terraform-ibm-modules/secrets-manager-secret-group/ibm"
-  version                  = "1.2.3"
+  version                  = "1.3.2"
   region                   = local.sm_region
   secrets_manager_guid     = local.sm_guid
   secret_group_name        = "${var.prefix}-secret-group"                   #checkov:skip=CKV_SECRET_6: does not require high entropy string as is static value
@@ -89,7 +89,7 @@ module "secrets_manager_group" {
 # additional secrets manager secret group for service level secrets
 module "secrets_manager_group_acct" {
   source               = "terraform-ibm-modules/secrets-manager-secret-group/ibm"
-  version              = "1.2.3"
+  version              = "1.3.2"
   count                = var.existing_sm_instance_guid == null ? 0 : 1
   region               = local.sm_region
   secrets_manager_guid = local.sm_guid
diff --git a/examples/all-combined/tpauth_cluster_sstore.tf b/examples/all-combined/tpauth_cluster_sstore.tf
@@ -7,7 +7,7 @@
 # creating a secrets group for clustersecretstore with trustedprofile auth
 module "tp_clusterstore_secrets_manager_group" {
   source                   = "terraform-ibm-modules/secrets-manager-secret-group/ibm"
-  version                  = "1.2.3"
+  version                  = "1.3.2"
   region                   = local.sm_region
   secrets_manager_guid     = local.sm_guid
   secret_group_name        = "${var.prefix}-cpstore-tp-secret-group"                                           #checkov:skip=CKV_SECRET_6: does not require high entropy string as is static value
diff --git a/examples/all-combined/tpauth_namespaced_sstore.tf b/examples/all-combined/tpauth_namespaced_sstore.tf
@@ -40,7 +40,7 @@ module "eso_tp_namespace_secretstores" {
 # creating a secrets group for each namespace to be used for namespaced secretstores with trustedprofile auth
 module "tp_secrets_manager_groups" {
   source                   = "terraform-ibm-modules/secrets-manager-secret-group/ibm"
-  version                  = "1.2.3"
+  version                  = "1.3.2"
   count                    = length(var.es_namespaces_tp)
   region                   = local.sm_region
   secrets_manager_guid     = local.sm_guid
@@ -140,7 +140,7 @@ module "eso_tp_namespace_secretstore_multisg" {
 # creating two secrets groups for a single namespace to test trusted profile policy on multiple secrets groups
 module "tp_secrets_manager_group_multi_1" {
   source                   = "terraform-ibm-modules/secrets-manager-secret-group/ibm"
-  version                  = "1.2.3"
+  version                  = "1.3.2"
   region                   = local.sm_region
   secrets_manager_guid     = local.sm_guid
   secret_group_name        = "${var.prefix}-tp-secret-group-multisg-1"                                                                #checkov:skip=CKV_SECRET_6: does not require high entropy string as is static value
@@ -152,7 +152,7 @@ module "tp_secrets_manager_group_multi_1" {
 
 module "tp_secrets_manager_group_multi_2" {
   source                   = "terraform-ibm-modules/secrets-manager-secret-group/ibm"
-  version                  = "1.2.3"
+  version                  = "1.3.2"
   region                   = local.sm_region
   secrets_manager_guid     = local.sm_guid
   secret_group_name        = "${var.prefix}-tp-secret-group-multisg-21"                                                               #checkov:skip=CKV_SECRET_6: does not require high entropy string as is static value
@@ -285,7 +285,7 @@ module "eso_tp_namespace_secretstore_nosecgroup" {
 # creating secrets group for a single namespace to test trusted profile policy without any secret group in the TP policy
 module "tp_secrets_manager_group_not_for_policy" {
   source                   = "terraform-ibm-modules/secrets-manager-secret-group/ibm"
-  version                  = "1.2.3"
+  version                  = "1.3.2"
   region                   = local.sm_region
   secrets_manager_guid     = local.sm_guid
   secret_group_name        = "${var.prefix}-tp-secret-group-not-for-policy"                                                        #checkov:skip=CKV_SECRET_6: does not require high entropy string as is static value
diff --git a/examples/basic/main.tf b/examples/basic/main.tf
@@ -209,7 +209,7 @@ module "network_acl" {
 # OCP CLUSTER creation
 module "ocp_base" {
   source               = "terraform-ibm-modules/base-ocp-vpc/ibm"
-  version              = "3.41.7"
+  version              = "3.43.2"
   cluster_name         = "${var.prefix}-vpc"
   resource_group_id    = module.resource_group.resource_group_id
   region               = var.region
@@ -278,7 +278,7 @@ resource "ibm_resource_instance" "secrets_manager" {
 # Additional Secrets-Manager Secret-Group for SERVICE level secrets
 module "secrets_manager_group_acct" {
   source               = "terraform-ibm-modules/secrets-manager-secret-group/ibm"
-  version              = "1.2.3"
+  version              = "1.3.2"
   count                = var.existing_sm_instance_guid == null ? 0 : 1
   region               = local.sm_region
   secrets_manager_guid = local.sm_guid
diff --git a/examples/trusted-profiles-authentication/main.tf b/examples/trusted-profiles-authentication/main.tf
@@ -60,7 +60,7 @@ resource "ibm_resource_instance" "secrets_manager" {
 
 module "secrets_manager_groups" {
   source               = "terraform-ibm-modules/secrets-manager-secret-group/ibm"
-  version              = "1.2.3"
+  version              = "1.3.2"
   count                = length(kubernetes_namespace.examples)
   region               = local.sm_region
   secrets_manager_guid = local.sm_guid
diff --git a/tests/go.mod b/tests/go.mod
@@ -2,12 +2,12 @@ module github.com/terraform-ibm-modules/terraform-ibm-external-secrets-operator
 
 go 1.23.0
 
-toolchain go1.24.1
+toolchain go1.24.2
 
 require (
 	github.com/gruntwork-io/terratest v0.48.2
 	github.com/stretchr/testify v1.10.0
-	github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.47.1
+	github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.48.0
 	gopkg.in/yaml.v3 v3.0.1
 	k8s.io/apimachinery v0.32.3
 )
diff --git a/tests/go.sum b/tests/go.sum
@@ -453,8 +453,8 @@ github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXl
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
 github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.47.1 h1:tNFE95ARyd8tTjP0zSmIJIFKBf7Kdl8Cuwp5NZ1xqUo=
-github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.47.1/go.mod h1:be/us5lpuIvNmni1CXR0nJcAiFJkvluQDM0iFe960s8=
+github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.48.0 h1:2tFyY8LHyhOx7+8YBRACcJL7H9ORqdShEvtyook7wjc=
+github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.48.0/go.mod h1:be/us5lpuIvNmni1CXR0nJcAiFJkvluQDM0iFe960s8=
 github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
 github.com/tmccombs/hcl2json v0.6.4 h1:/FWnzS9JCuyZ4MNwrG4vMrFrzRgsWEOVi+1AyYUVLGw=
 github.com/tmccombs/hcl2json v0.6.4/go.mod h1:+ppKlIW3H5nsAsZddXPy2iMyvld3SHxyjswOZhavRDk=
diff --git a/tests/pr_test.go b/tests/pr_test.go
@@ -348,7 +348,7 @@ func TestReloaderOperational(t *testing.T) {
 										}
 
 										if newPodName != "" {
-											break
+											break Loop
 										}
 									}
 								}
