fix: resolve comments

Aayush-Abhyarthi · Aayush-Abhyarthi · commit 04a023aae16a · 2025-03-10T00:21:08.000+05:30
diff --git a/README.md b/README.md
@@ -56,7 +56,7 @@ You need the following permissions to run this module.
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.9.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
 | <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | >= 1.70.0, <2.0.0 |
 | <a name="requirement_time"></a> [time](#requirement\_time) | >= 0.9.1 |
 
diff --git a/common-dev-assets b/common-dev-assets
@@ -1 +1 @@
-Subproject commit 8c7a97cb00b128503d2c81380be904b6d196cc02
+Subproject commit a2d762758724de82bde73e879b4be7fea51ebf95
diff --git a/examples/backup-restore/version.tf b/examples/backup-restore/version.tf
@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.9.0"
+  required_version = ">= 1.3.0"
   required_providers {
     # Pin to the lowest provider version of the range defined in the main module's version.tf to ensure lowest version still works
     ibm = {
diff --git a/examples/basic/version.tf b/examples/basic/version.tf
@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.9.0"
+  required_version = ">= 1.3.0"
   required_providers {
     # Pin to the lowest provider version of the range defined in the main module's version.tf to ensure lowest version still works
     ibm = {
diff --git a/examples/complete/version.tf b/examples/complete/version.tf
@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.9.0"
+  required_version = ">= 1.3.0"
   required_providers {
     # Pin to the lowest provider version of the range defined in the main module's version.tf to ensure lowest version still works
     ibm = {
diff --git a/examples/fscloud/version.tf b/examples/fscloud/version.tf
@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.9.0"
+  required_version = ">= 1.3.0"
   required_providers {
     # Use latest version of provider in non-basic examples to verify latest version works with module
     ibm = {
diff --git a/ibm_catalog.json b/ibm_catalog.json
@@ -325,13 +325,13 @@
               "key": "admin_pass_secrets_manager_secret_name"
             },
             {
-              "key": "cbr_rules"
+              "key": "use_existing_admin_pass_secrets_manager_secret_group"
             },
             {
-              "key": "existing_db_instance_crn"
+              "key": "cbr_rules"
             },
             {
-              "key": "use_existing_admin_pass_secrets_manager_secret_group"
+              "key": "existing_rabbitmq_instance_crn"
             }
           ]
         }
diff --git a/solutions/standard/main.tf b/solutions/standard/main.tf
@@ -18,17 +18,17 @@ module "resource_group" {
 
 locals {
   # tflint-ignore: terraform_unused_declarations
-  validate_kms_1 = var.existing_db_instance_crn != null ? true : var.use_ibm_owned_encryption_key && (var.existing_kms_instance_crn != null || var.existing_kms_key_crn != null || var.existing_backup_kms_key_crn != null) ? tobool("When setting values for 'existing_kms_instance_crn', 'existing_kms_key_crn' or 'existing_backup_kms_key_crn', the 'use_ibm_owned_encryption_key' input must be set to false.") : true
+  validate_kms_1 = var.existing_rabbitmq_instance_crn != null ? true : var.use_ibm_owned_encryption_key && (var.existing_kms_instance_crn != null || var.existing_kms_key_crn != null || var.existing_backup_kms_key_crn != null) ? tobool("When setting values for 'existing_kms_instance_crn', 'existing_kms_key_crn' or 'existing_backup_kms_key_crn', the 'use_ibm_owned_encryption_key' input must be set to false.") : true
   # tflint-ignore: terraform_unused_declarations
-  validate_kms_2 = var.existing_db_instance_crn != null ? true : !var.use_ibm_owned_encryption_key && (var.existing_kms_instance_crn == null && var.existing_kms_key_crn == null) ? tobool("When 'use_ibm_owned_encryption_key' is false, a value is required for either 'existing_kms_instance_crn' (to create a new key), or 'existing_kms_key_crn' to use an existing key.") : true
+  validate_kms_2 = var.existing_rabbitmq_instance_crn != null ? true : !var.use_ibm_owned_encryption_key && (var.existing_kms_instance_crn == null && var.existing_kms_key_crn == null) ? tobool("When 'use_ibm_owned_encryption_key' is false, a value is required for either 'existing_kms_instance_crn' (to create a new key), or 'existing_kms_key_crn' to use an existing key.") : true
 }
 
 #######################################################################################################################
 # KMS encryption key
 #######################################################################################################################
 
 locals {
-  create_new_kms_key     = var.existing_db_instance_crn == null && !var.use_ibm_owned_encryption_key && var.existing_kms_key_crn == null ? true : false # no need to create any KMS resources if passing an existing key, or using IBM owned keys
+  create_new_kms_key     = var.existing_rabbitmq_instance_crn == null && !var.use_ibm_owned_encryption_key && var.existing_kms_key_crn == null ? true : false # no need to create any KMS resources if passing an existing key, or using IBM owned keys
   rabbitmq_key_name      = var.prefix != null ? "${var.prefix}-${var.key_name}" : var.key_name
   rabbitmq_key_ring_name = var.prefix != null ? "${var.prefix}-${var.key_ring_name}" : var.key_ring_name
 }
@@ -99,24 +99,24 @@ data "ibm_iam_account_settings" "iam_account_settings" {
 
 locals {
   account_id                                  = data.ibm_iam_account_settings.iam_account_settings.account_id
-  create_cross_account_kms_auth_policy        = var.existing_db_instance_crn == null && !var.skip_rabbitmq_kms_auth_policy && var.ibmcloud_kms_api_key != null && !var.use_ibm_owned_encryption_key
-  create_cross_account_backup_kms_auth_policy = var.existing_db_instance_crn == null && !var.skip_rabbitmq_kms_auth_policy && var.ibmcloud_kms_api_key != null && !var.use_ibm_owned_encryption_key && var.existing_backup_kms_key_crn != null
+  create_cross_account_kms_auth_policy        = var.existing_rabbitmq_instance_crn == null && !var.skip_rabbitmq_kms_auth_policy && var.ibmcloud_kms_api_key != null && !var.use_ibm_owned_encryption_key
+  create_cross_account_backup_kms_auth_policy = var.existing_rabbitmq_instance_crn == null && !var.skip_rabbitmq_kms_auth_policy && var.ibmcloud_kms_api_key != null && !var.use_ibm_owned_encryption_key && var.existing_backup_kms_key_crn != null
 
   # If KMS encryption enabled (and existing ES instance is not being passed), parse details from the existing key if being passed, otherwise get it from the key that the DA creates
-  kms_account_id    = var.existing_db_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_kms_key_crn != null ? module.kms_key_crn_parser[0].account_id : module.kms_instance_crn_parser[0].account_id
-  kms_service       = var.existing_db_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_kms_key_crn != null ? module.kms_key_crn_parser[0].service_name : module.kms_instance_crn_parser[0].service_name
-  kms_instance_guid = var.existing_db_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_kms_key_crn != null ? module.kms_key_crn_parser[0].service_instance : module.kms_instance_crn_parser[0].service_instance
-  kms_key_crn       = var.existing_db_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_kms_key_crn != null ? var.existing_kms_key_crn : module.kms[0].keys[format("%s.%s", local.rabbitmq_key_ring_name, local.rabbitmq_key_name)].crn
-  kms_key_id        = var.existing_db_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_kms_key_crn != null ? module.kms_key_crn_parser[0].resource : module.kms[0].keys[format("%s.%s", local.rabbitmq_key_ring_name, local.rabbitmq_key_name)].key_id
-  kms_region        = var.existing_db_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_kms_key_crn != null ? module.kms_key_crn_parser[0].region : module.kms_instance_crn_parser[0].region
+  kms_account_id    = var.existing_rabbitmq_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_kms_key_crn != null ? module.kms_key_crn_parser[0].account_id : module.kms_instance_crn_parser[0].account_id
+  kms_service       = var.existing_rabbitmq_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_kms_key_crn != null ? module.kms_key_crn_parser[0].service_name : module.kms_instance_crn_parser[0].service_name
+  kms_instance_guid = var.existing_rabbitmq_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_kms_key_crn != null ? module.kms_key_crn_parser[0].service_instance : module.kms_instance_crn_parser[0].service_instance
+  kms_key_crn       = var.existing_rabbitmq_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_kms_key_crn != null ? var.existing_kms_key_crn : module.kms[0].keys[format("%s.%s", local.rabbitmq_key_ring_name, local.rabbitmq_key_name)].crn
+  kms_key_id        = var.existing_rabbitmq_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_kms_key_crn != null ? module.kms_key_crn_parser[0].resource : module.kms[0].keys[format("%s.%s", local.rabbitmq_key_ring_name, local.rabbitmq_key_name)].key_id
+  kms_region        = var.existing_rabbitmq_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_kms_key_crn != null ? module.kms_key_crn_parser[0].region : module.kms_instance_crn_parser[0].region
 
   # If creating KMS cross account policy for backups, parse backup key details from passed in key CRN
   backup_kms_account_id    = local.create_cross_account_backup_kms_auth_policy ? module.kms_backup_key_crn_parser[0].account_id : local.kms_account_id
   backup_kms_service       = local.create_cross_account_backup_kms_auth_policy ? module.kms_backup_key_crn_parser[0].service_name : local.kms_service
   backup_kms_instance_guid = local.create_cross_account_backup_kms_auth_policy ? module.kms_backup_key_crn_parser[0].service_instance : local.kms_instance_guid
   backup_kms_key_id        = local.create_cross_account_backup_kms_auth_policy ? module.kms_backup_key_crn_parser[0].resource : local.kms_key_id
 
-  backup_kms_key_crn = var.existing_db_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_backup_kms_key_crn
+  backup_kms_key_crn = var.existing_rabbitmq_instance_crn != null || var.use_ibm_owned_encryption_key ? null : var.existing_backup_kms_key_crn
   # Always use same key for backups unless user explicially passed a value for 'existing_backup_kms_key_crn'
   use_same_kms_key_for_backups = var.existing_backup_kms_key_crn == null ? true : false
 }
@@ -246,31 +246,31 @@ locals {
 
 # Look up existing instance details if user passes one
 module "rabbitmq_instance_crn_parser" {
-  count   = var.existing_db_instance_crn != null ? 1 : 0
+  count   = var.existing_rabbitmq_instance_crn != null ? 1 : 0
   source  = "terraform-ibm-modules/common-utilities/ibm//modules/crn-parser"
   version = "1.1.0"
-  crn     = var.existing_db_instance_crn
+  crn     = var.existing_rabbitmq_instance_crn
 }
 
 # Existing instance local vars
 locals {
-  existing_rabbitmq_guid   = var.existing_db_instance_crn != null ? module.rabbitmq_instance_crn_parser[0].service_instance : null
-  existing_rabbitmq_region = var.existing_db_instance_crn != null ? module.rabbitmq_instance_crn_parser[0].region : null
+  existing_rabbitmq_guid   = var.existing_rabbitmq_instance_crn != null ? module.rabbitmq_instance_crn_parser[0].service_instance : null
+  existing_rabbitmq_region = var.existing_rabbitmq_instance_crn != null ? module.rabbitmq_instance_crn_parser[0].region : null
 
   # Validate the region input matches region detected in existing instance CRN (approach based on https://github.com/hashicorp/terraform/issues/25609#issuecomment-1057614400)
   # tflint-ignore: terraform_unused_declarations
-  validate_existing_instance_region = var.existing_db_instance_crn != null && var.region != local.existing_rabbitmq_region ? tobool("The region detected in the 'existing_db_instance_crn' value must match the value of the 'region' input variable when passing an existing instance.") : true
+  validate_existing_instance_region = var.existing_rabbitmq_instance_crn != null && var.region != local.existing_rabbitmq_region ? tobool("The region detected in the 'existing_rabbitmq_instance_crn' value must match the value of the 'region' input variable when passing an existing instance.") : true
 }
 
 # Do a data lookup on the resource GUID to get more info that is needed for the 'ibm_database' data lookup below
 data "ibm_resource_instance" "existing_instance_resource" {
-  count      = var.existing_db_instance_crn != null ? 1 : 0
+  count      = var.existing_rabbitmq_instance_crn != null ? 1 : 0
   identifier = local.existing_rabbitmq_guid
 }
 
 # Lookup details of existing instance
 data "ibm_database" "existing_db_instance" {
-  count             = var.existing_db_instance_crn != null ? 1 : 0
+  count             = var.existing_rabbitmq_instance_crn != null ? 1 : 0
   name              = data.ibm_resource_instance.existing_instance_resource[0].name
   resource_group_id = data.ibm_resource_instance.existing_instance_resource[0].resource_group_id
   location          = var.region
@@ -279,7 +279,7 @@ data "ibm_database" "existing_db_instance" {
 
 # Lookup existing instance connection details
 data "ibm_database_connection" "existing_connection" {
-  count         = var.existing_db_instance_crn != null ? 1 : 0
+  count         = var.existing_rabbitmq_instance_crn != null ? 1 : 0
   endpoint_type = "private"
   deployment_id = data.ibm_database.existing_db_instance[0].id
   user_id       = data.ibm_database.existing_db_instance[0].adminuser
@@ -288,7 +288,7 @@ data "ibm_database_connection" "existing_connection" {
 
 # Create new instance
 module "rabbitmq" {
-  count                             = var.existing_db_instance_crn != null ? 0 : 1
+  count                             = var.existing_rabbitmq_instance_crn != null ? 0 : 1
   source                            = "../../modules/fscloud"
   depends_on                        = [time_sleep.wait_for_authorization_policy, time_sleep.wait_for_backup_kms_authorization_policy]
   resource_group_id                 = module.resource_group.resource_group_id
@@ -317,12 +317,12 @@ module "rabbitmq" {
 }
 
 locals {
-  rabbitmq_guid     = var.existing_db_instance_crn != null ? data.ibm_database.existing_db_instance[0].guid : module.rabbitmq[0].guid
-  rabbitmq_id       = var.existing_db_instance_crn != null ? data.ibm_database.existing_db_instance[0].id : module.rabbitmq[0].id
-  rabbitmq_version  = var.existing_db_instance_crn != null ? data.ibm_database.existing_db_instance[0].version : module.rabbitmq[0].version
-  rabbitmq_crn      = var.existing_db_instance_crn != null ? var.existing_db_instance_crn : module.rabbitmq[0].crn
-  rabbitmq_hostname = var.existing_db_instance_crn != null ? data.ibm_database_connection.existing_connection[0].https[0].hosts[0].hostname : module.rabbitmq[0].hostname
-  rabbitmq_port     = var.existing_db_instance_crn != null ? data.ibm_database_connection.existing_connection[0].https[0].hosts[0].port : module.rabbitmq[0].port
+  rabbitmq_guid     = var.existing_rabbitmq_instance_crn != null ? data.ibm_database.existing_db_instance[0].guid : module.rabbitmq[0].guid
+  rabbitmq_id       = var.existing_rabbitmq_instance_crn != null ? data.ibm_database.existing_db_instance[0].id : module.rabbitmq[0].id
+  rabbitmq_version  = var.existing_rabbitmq_instance_crn != null ? data.ibm_database.existing_db_instance[0].version : module.rabbitmq[0].version
+  rabbitmq_crn      = var.existing_rabbitmq_instance_crn != null ? var.existing_rabbitmq_instance_crn : module.rabbitmq[0].crn
+  rabbitmq_hostname = var.existing_rabbitmq_instance_crn != null ? data.ibm_database_connection.existing_connection[0].https[0].hosts[0].hostname : module.rabbitmq[0].hostname
+  rabbitmq_port     = var.existing_rabbitmq_instance_crn != null ? data.ibm_database_connection.existing_connection[0].https[0].hosts[0].port : module.rabbitmq[0].port
 }
 
 #######################################################################################################################
diff --git a/solutions/standard/outputs.tf b/solutions/standard/outputs.tf
@@ -24,13 +24,13 @@ output "crn" {
 
 output "service_credentials_json" {
   description = "Service credentials json map"
-  value       = var.existing_db_instance_crn != null ? null : module.rabbitmq[0].service_credentials_json
+  value       = var.existing_rabbitmq_instance_crn != null ? null : module.rabbitmq[0].service_credentials_json
   sensitive   = true
 }
 
 output "service_credentials_object" {
   description = "Service credentials object"
-  value       = var.existing_db_instance_crn != null ? null : module.rabbitmq[0].service_credentials_object
+  value       = var.existing_rabbitmq_instance_crn != null ? null : module.rabbitmq[0].service_credentials_object
   sensitive   = true
 }
 
diff --git a/solutions/standard/variables.tf b/solutions/standard/variables.tf
@@ -42,7 +42,7 @@ variable "rabbitmq_version" {
   default     = null
 }
 
-variable "existing_db_instance_crn" {
+variable "existing_rabbitmq_instance_crn" {
   type        = string
   default     = null
   description = "The CRN of an existing Messages for RabbitMQ instance. If no value is specified, a new instance is created."
diff --git a/solutions/standard/version.tf b/solutions/standard/version.tf
@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.9.0"
+  required_version = ">= 1.3.0"
   # Lock DA into an exact provider version - renovate automation will keep it updated
   required_providers {
     ibm = {
diff --git a/tests/pr_test.go b/tests/pr_test.go
@@ -236,7 +236,7 @@ func TestRunExistingInstance(t *testing.T) {
 	if existErr != nil {
 		assert.True(t, existErr == nil, "Init and Apply of temp existing resource failed")
 	} else {
-		logger.Log(t, " existing_db_instance_crn: ", terraform.Output(t, existingTerraformOptions, "rabbitmq_crn"))
+		logger.Log(t, " existing_rabbitmq_instance_crn: ", terraform.Output(t, existingTerraformOptions, "rabbitmq_crn"))
 		options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{
 			Testing: t,
 			TarIncludePatterns: []string{
@@ -256,7 +256,7 @@ func TestRunExistingInstance(t *testing.T) {
 
 		options.TerraformVars = []testschematic.TestSchematicTerraformVar{
 			{Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true},
-			{Name: "existing_db_instance_crn", Value: terraform.Output(t, existingTerraformOptions, "rabbitmq_crn"), DataType: "string"},
+			{Name: "existing_rabbitmq_instance_crn", Value: terraform.Output(t, existingTerraformOptions, "rabbitmq_crn"), DataType: "string"},
 			{Name: "resource_group_name", Value: fmt.Sprintf("%s-resource-group", prefix), DataType: "string"},
 			{Name: "region", Value: region, DataType: "string"},
 			{Name: "use_existing_resource_group", Value: true, DataType: "bool"},
diff --git a/version.tf b/version.tf
@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.9.0"
+  required_version = ">= 1.3.0"
   # Add any required providers below and uncomment
   required_providers {
     ibm = {

Original file line number	Diff line number	Diff line change
`@@ -325,13 +325,13 @@`
`325`	`325`	`"key": "admin_pass_secrets_manager_secret_name"`
`326`	`326`	`},`
`327`	`327`	`{`
`328`		`- "key": "cbr_rules"`
	`328`	`+ "key": "use_existing_admin_pass_secrets_manager_secret_group"`
`329`	`329`	`},`
`330`	`330`	`{`
`331`		`- "key": "existing_db_instance_crn"`
	`331`	`+ "key": "cbr_rules"`
`332`	`332`	`},`
`333`	`333`	`{`
`334`		`- "key": "use_existing_admin_pass_secrets_manager_secret_group"`
	`334`	`+ "key": "existing_rabbitmq_instance_crn"`
`335`	`335`	`}`
`336`	`336`	`]`
`337`	`337`	`}`
Original file line number	Diff line number	Diff line change
`@@ -24,13 +24,13 @@ output "crn" {`
`24`	`24`
`25`	`25`	`output "service_credentials_json" {`
`26`	`26`	`description = "Service credentials json map"`
`27`		`- value = var.existing_db_instance_crn != null ? null : module.rabbitmq[0].service_credentials_json`
	`27`	`+ value = var.existing_rabbitmq_instance_crn != null ? null : module.rabbitmq[0].service_credentials_json`
`28`	`28`	`sensitive = true`
`29`	`29`	`}`
`30`	`30`
`31`	`31`	`output "service_credentials_object" {`
`32`	`32`	`description = "Service credentials object"`
`33`		`- value = var.existing_db_instance_crn != null ? null : module.rabbitmq[0].service_credentials_object`
	`33`	`+ value = var.existing_rabbitmq_instance_crn != null ? null : module.rabbitmq[0].service_credentials_object`
`34`	`34`	`sensitive = true`
`35`	`35`	`}`
`36`	`36`
Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,7 @@ variable "rabbitmq_version" {`
`42`	`42`	`default = null`
`43`	`43`	`}`
`44`	`44`
`45`		`-variable "existing_db_instance_crn" {`
	`45`	`+variable "existing_rabbitmq_instance_crn" {`
`46`	`46`	`type = string`
`47`	`47`	`default = null`
`48`	`48`	`description = "The CRN of an existing Messages for RabbitMQ instance. If no value is specified, a new instance is created."`