Private cert attribute fixes (IBM-Cloud#4641)

.secrets.baseline

@@ -3,11 +3,8 @@
     "files": "go.mod|go.sum|.*.map|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2023-06-14T09:18:54Z",
+  "generated_at": "2023-06-20T13:14:07Z",
   "plugins_used": [
-    {
-      "name": "AWSKeyDetector"
-    },
     {
       "name": "ArtifactoryDetector"
     },
@@ -21,12 +18,6 @@
     {
       "name": "BasicAuthDetector"
     },
-    {
-      "name": "BoxDetector"
-    },
-    {
-      "name": "CloudantDetector"
-    },
     {
       "ghe_instance": "github.ibm.com",
       "name": "GheDetector"
@@ -51,9 +42,6 @@
       "keyword_exclude": null,
       "name": "KeywordDetector"
     },
-    {
-      "name": "MailchimpDetector"
-    },
     {
       "name": "NpmDetector"
     },
@@ -68,12 +56,6 @@
     },
     {
       "name": "SquareOAuthDetector"
-    },
-    {
-      "name": "StripeDetector"
-    },
-    {
-      "name": "TwilioKeyDetector"
     }
   ],
   "results": {
@@ -722,23 +704,23 @@
         "hashed_secret": "731438016c5ab94431f61820f35e3ae5f8ad6004",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 341,
+        "line_number": 343,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "12da2e35d6b50c902c014f1ab9e3032650368df7",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 347,
+        "line_number": 349,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "813274ccae5b6b509379ab56982d862f7b5969b6",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1022,
+        "line_number": 1024,
         "type": "Base64 High Entropy String",
         "verified_result": null
       }
@@ -748,47 +730,47 @@
         "hashed_secret": "9184b0c38101bf24d78b2bb0d044deb1d33696fc",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 132,
+        "line_number": 133,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "c427f185ddcb2440be9b77c8e45f1cd487a2e790",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1438,
+        "line_number": 1449,
         "type": "Base64 High Entropy String",
         "verified_result": null
       },
       {
         "hashed_secret": "1f7e33de15e22de9d2eaf502df284ed25ca40018",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1506,
+        "line_number": 1517,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "1f614c2eb6b3da22d89bd1b9fd47d7cb7c8fc670",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 3357,
+        "line_number": 3404,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "7abfce65b8504403afc25c9790f358d513dfbcc6",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 3370,
+        "line_number": 3417,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "0c2d85bf9a9b1579b16f220a4ea8c3d62b2e24b1",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 3411,
+        "line_number": 3458,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -826,15 +808,15 @@
         "hashed_secret": "c8b6f5ef11b9223ac35a5663975a466ebe7ebba9",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1697,
+        "line_number": 1713,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "8abf4899c01104241510ba87685ad4de76b0c437",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1703,
+        "line_number": 1719,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -3428,15 +3410,15 @@
         "hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 251,
+        "line_number": 249,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "9beb31de125498074813c6f31c0e4df3e54a5489",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 755,
+        "line_number": 749,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -3446,15 +3428,15 @@
         "hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 280,
+        "line_number": 278,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "9beb31de125498074813c6f31c0e4df3e54a5489",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 760,
+        "line_number": 755,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -4709,38 +4691,20 @@
         "verified_result": null
       }
     ],
-    "website/docs/r/project_instance.html.markdown": [
-      {
-        "hashed_secret": "d47dcacc720a39e236679ac3e311a0d58bb6519e",
-        "is_secret": false,
-        "is_verified": false,
-        "line_number": 134,
-        "type": "Secret Keyword",
-        "verified_result": null
-      },
-      {
-        "hashed_secret": "e66e7d67fdf3c596c435fc7828b13205e4950a0f",
-        "is_secret": false,
-        "is_verified": false,
-        "line_number": 136,
-        "type": "Secret Keyword",
-        "verified_result": null
-      }
-    ],
     "website/docs/r/metrics_router_route.html.markdown": [
       {
         "hashed_secret": "d47dcacc720a39e236679ac3e311a0d58bb6519e",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 99,
+        "line_number": 152,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "e66e7d67fdf3c596c435fc7828b13205e4950a0f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 101,
+        "line_number": 154,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -4750,15 +4714,15 @@
         "hashed_secret": "d47dcacc720a39e236679ac3e311a0d58bb6519e",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 82,
+        "line_number": 124,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "e66e7d67fdf3c596c435fc7828b13205e4950a0f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 84,
+        "line_number": 126,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -4940,15 +4904,15 @@
         "hashed_secret": "d47dcacc720a39e236679ac3e311a0d58bb6519e",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 142,
+        "line_number": 145,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "e66e7d67fdf3c596c435fc7828b13205e4950a0f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 144,
+        "line_number": 147,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -5148,7 +5112,7 @@
       }
     ]
   },
-  "version": "0.13.1+ibm.61.dss",
+  "version": "0.13.1+ibm.56.dss",
   "word_list": {
     "file": null,
     "hash": null

ibm/service/secretsmanager/resource_ibm_sm_private_certificate_configuration_intermediate_ca.go

@@ -209,10 +209,8 @@ func ResourceIbmSmPrivateCertificateConfigurationIntermediateCA() *schema.Resour
 			},
 			"serial_number": &schema.Schema{
 				Type:        schema.TypeString,
-				Optional:    true,
-				ForceNew:    true,
 				Computed:    true,
-				Description: "The serial number to assign to the generated certificate. To assign a random serial number, you can omit this field.",
+				Description: "The unique serial number that was assigned to a certificate by the issuing certificate authority.",
 			},
 			"signing_method": &schema.Schema{
 				Type:        schema.TypeString,
@@ -290,19 +288,19 @@ func ResourceIbmSmPrivateCertificateConfigurationIntermediateCA() *schema.Resour
 			"ttl": &schema.Schema{
 				Type:        schema.TypeString,
 				Optional:    true,
-				Description: "The time-to-live (TTL) or lease duration to assign to generated credentials.For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can be either an integer that specifies the number of seconds, or the string representation of a duration, such as `120m` or `24h`.Minimum duration is 1 minute. Maximum is 90 days.",
+				Description: "Specifies the requested Time To Live (after which the certificate will be expired). The value can be provided provided as a string duration with time suffix (e.g. '24h') or the number of seconds as string (e.g. '86400').",
 			},
 			"max_path_length": &schema.Schema{
 				Type:        schema.TypeInt,
 				Optional:    true,
 				ForceNew:    true,
-				Description: "        The maximum path length to encode in the generated certificate. `-1` means no limit.",
+				Description: "The maximum path length to encode in the generated certificate. `-1` means no limit.",
 			},
 			"permitted_dns_domains": &schema.Schema{
 				Type:        schema.TypeList,
 				Optional:    true,
 				ForceNew:    true,
-				Description: "        The allowed DNS domains or subdomains for the certificates that are to be signed and issued by this CA certificate.",
+				Description: "The allowed DNS domains or subdomains for the certificates that are to be signed and issued by this CA certificate.",
 				Elem:        &schema.Schema{Type: schema.TypeString},
 			},
 			"use_csr_values": &schema.Schema{
@@ -738,11 +736,7 @@ func resourceIbmSmPrivateCertificateConfigurationIntermediateCAMapToConfiguratio
 		}
 		model.PostalCode = postalCode
 	}
-	if _, ok := d.GetOk("serial_number"); ok {
-		model.SerialNumber = core.StringPtr(d.Get("serial_number").(string))
-	}
 	return model, nil
-	// TODO all other config attributes
 }
 
 func resourceIbmSmPrivateCertificateConfigurationIntermediateCAPrivateCertificateCADataToMap(modelIntf secretsmanagerv2.PrivateCertificateCADataIntf) (map[string]interface{}, error) {
@@ -870,9 +864,6 @@ func resourceIbmSmConfigurationActionPrivateCertificateSignIntermediateCAMapToCo
 		}
 		model.PostalCode = postalCode
 	}
-	if _, ok := d.GetOk("serial_number"); ok {
-		model.SerialNumber = core.StringPtr(d.Get("serial_number").(string))
-	}
 
 	return model, nil
 }

ibm/service/secretsmanager/resource_ibm_sm_private_certificate_configuration_root_ca.go

@@ -220,10 +220,8 @@ func ResourceIbmSmPrivateCertificateConfigurationRootCA() *schema.Resource {
 			},
 			"serial_number": &schema.Schema{
 				Type:        schema.TypeString,
-				Optional:    true,
 				Computed:    true,
-				ForceNew:    true,
-				Description: "The serial number to assign to the generated certificate. To assign a random serial number, you can omit this field.",
+				Description: "The unique serial number that was assigned to a certificate by the issuing certificate authority.",
 			},
 			"secret_type": &schema.Schema{
 				Type:        schema.TypeString,
@@ -742,9 +740,6 @@ func resourceIbmSmPrivateCertificateConfigurationRootCAMapToConfigurationPrototy
 		}
 		model.PostalCode = postalCodeParsed
 	}
-	if _, ok := d.GetOk("serial_number"); ok {
-		model.SerialNumber = core.StringPtr(d.Get("serial_number").(string))
-	}
 
 	return model, nil
 }

ibm/service/secretsmanager/resource_ibm_sm_private_certificate_configuration_template.go

@@ -113,7 +113,8 @@ func ResourceIbmSmPrivateCertificateConfigurationTemplate() *schema.Resource {
 				Type:        schema.TypeString,
 				Optional:    true,
 				Computed:    true,
-				Description: "The serial number to assign to the generated certificate. To assign a random serial number, you can omit this field.",
+				Description: "Unused field.",
+				Deprecated:  "This field is deprecated.",
 			},
 			"certificate_authority": &schema.Schema{
 				Type:        schema.TypeString,
@@ -521,9 +522,6 @@ func resourceIbmSmPrivateCertificateConfigurationTemplateRead(context context.Co
 			return diag.FromErr(fmt.Errorf("Error setting postal_code: %s", err))
 		}
 	}
-	if err = d.Set("serial_number", configuration.SerialNumber); err != nil {
-		return diag.FromErr(fmt.Errorf("Error setting serial_number: %s", err))
-	}
 	if err = d.Set("require_cn", configuration.RequireCn); err != nil {
 		return diag.FromErr(fmt.Errorf("Error setting require_cn: %s", err))
 	}
@@ -775,11 +773,6 @@ func resourceIbmSmPrivateCertificateConfigurationTemplateUpdate(context context.
 		hasChange = true
 	}
 
-	if d.HasChange("serial_number") {
-		patchVals.SerialNumber = core.StringPtr(d.Get("serial_number").(string))
-		hasChange = true
-	}
-
 	if d.HasChange("not_before_duration") {
 		patchVals.NotBeforeDuration = core.StringPtr(d.Get("not_before_duration").(string))
 		hasChange = true
@@ -1005,9 +998,6 @@ func resourceIbmSmPrivateCertificateConfigurationTemplateMapToConfigurationProto
 		}
 		model.PostalCode = postalCode
 	}
-	if _, ok := d.GetOk("serial_number"); ok {
-		model.SerialNumber = core.StringPtr(d.Get("serial_number").(string))
-	}
 	if _, ok := d.GetOkExists("require_cn"); ok {
 		model.RequireCn = core.BoolPtr(d.Get("require_cn").(bool))
 	}