fix: crn parser

main.tf

@@ -64,14 +64,14 @@ resource "ibm_sm_public_certificate_configuration_dns_cis" "public_dns_config" {
 
 data "ibm_sm_arbitrary_secret" "ibm_secrets_manager_secret" {
   provider    = ibm.secret-store
-  count       = var.private_key_secrets_manager_instance_guid != null ? 1 : 0
+  count       = var.acme_letsencrypt_private_key == null ? 1 : 0
   region      = var.private_key_secrets_manager_region != null ? var.private_key_secrets_manager_region : var.region
   instance_id = var.private_key_secrets_manager_instance_guid
   secret_id   = var.private_key_secrets_manager_secret_id
 }
 
 locals {
-  acme_letsencrypt_private_key = var.private_key_secrets_manager_instance_guid != null ? data.ibm_sm_arbitrary_secret.ibm_secrets_manager_secret[0].payload : var.acme_letsencrypt_private_key
+  acme_letsencrypt_private_key = var.acme_letsencrypt_private_key == null ? data.ibm_sm_arbitrary_secret.ibm_secrets_manager_secret[0].payload : var.acme_letsencrypt_private_key
 }
 
 # CA config - LetsEncrypt

solutions/fully-configurable/main.tf

@@ -3,7 +3,8 @@
 ########################################################################################################################
 
 locals {
-  prefix = var.prefix != null ? trimspace(var.prefix) != "" ? "${var.prefix}-" : "" : ""
+  prefix                              = var.prefix != null ? trimspace(var.prefix) != "" ? "${var.prefix}-" : "" : ""
+  parse_acme_lets_encrypt_private_key = var.acme_letsencrypt_private_key_secrets_manager_secret_crn != null ? 1 : 0
 }
 
 module "secrets_manager_crn_parser" {
@@ -13,6 +14,7 @@ module "secrets_manager_crn_parser" {
 }
 
 module "secret_crn_parser" {
+  count   = local.parse_acme_lets_encrypt_private_key
   source  = "terraform-ibm-modules/common-utilities/ibm//modules/crn-parser"
   version = "1.1.0"
   crn     = var.acme_letsencrypt_private_key_secrets_manager_secret_crn
@@ -22,8 +24,8 @@ locals {
   existing_secrets_manager_guid   = module.secrets_manager_crn_parser.service_instance
   existing_secrets_manager_region = module.secrets_manager_crn_parser.region
 
-  secret_region = module.secret_crn_parser.region
-  secret_id     = module.secret_crn_parser.resource
+  secret_region = local.parse_acme_lets_encrypt_private_key == 0 ? null : module.secret_crn_parser[0].region
+  secret_id     = local.parse_acme_lets_encrypt_private_key == 0 ? null : module.secret_crn_parser[0].resource
 }
 
 module "secrets_manager_public_cert_engine" {

tests/pr_test.go

@@ -150,7 +150,7 @@ func TestRunSolutionsFullyConfigurableUpgradeSchematics(t *testing.T) {
 		{Name: "prefix", Value: options.Prefix, DataType: "string"},
 		{Name: "existing_secrets_manager_crn", Value: permanentResources["secretsManagerCRN"], DataType: "string"},
 		{Name: "acme_letsencrypt_private_key_secrets_manager_secret_crn", Value: permanentResources["acme_letsencrypt_private_key_secret_crn"], DataType: "string"},
-		{Name: "dns_config_name", Value: "cert-dns", DataType: "string"},
+		{Name: "dns_config_name", Value: "cer-dns", DataType: "string"},
 		{Name: "internet_services_crn", Value: permanentResources["cisInstanceId"], DataType: "string"},
 		{Name: "skip_iam_authorization_policy", Value: true, DataType: "bool"}, // A permanent cis-sm auth policy already exists in the account
 	}