From e26aa6f4b7606f351e78649cb912a5f9c489a4b5 Mon Sep 17 00:00:00 2001
From: Avi Ribchinsky <avir@il.ibm.com>
Date: Mon, 11 Mar 2024 20:15:21 +0200
Subject: [PATCH 1/2] patch: API enhancements

---
 go.mod                                              |  2 +-
 go.sum                                              |  4 ++--
 .../data_source_ibm_sm_iam_credentials_secret.go    | 10 ++++++++++
 ...source_ibm_sm_iam_credentials_secret_metadata.go | 11 +++++++++++
 ...data_source_ibm_sm_service_credentials_secret.go | 11 +++++++++++
 ...ce_ibm_sm_service_credentials_secret_metadata.go | 11 +++++++++++
 .../resource_ibm_sm_iam_credentials_secret.go       | 11 +++++++++++
 .../resource_ibm_sm_service_credentials_secret.go   | 13 ++++++++++++-
 .../docs/d/sm_iam_credentials_secret.html.markdown  |  1 +
 ...sm_iam_credentials_secret_metadata.html.markdown |  1 +
 .../d/sm_service_credentials_secret.html.markdown   |  1 +
 ...ervice_credentials_secret_metadata.html.markdown |  1 +
 .../docs/r/sm_iam_credentials_secret.html.markdown  |  3 ++-
 .../r/sm_service_credentials_secret.html.markdown   |  3 ++-
 14 files changed, 77 insertions(+), 6 deletions(-)

diff --git a/go.mod b/go.mod
index 18eb2088e4..1d1d6681fc 100644
--- a/go.mod
+++ b/go.mod
@@ -29,7 +29,7 @@ require (
 	github.com/IBM/push-notifications-go-sdk v0.0.0-20210310100607-5790b96c47f5
 	github.com/IBM/scc-go-sdk/v5 v5.1.5
 	github.com/IBM/schematics-go-sdk v0.2.3
-	github.com/IBM/secrets-manager-go-sdk/v2 v2.0.3
+	github.com/IBM/secrets-manager-go-sdk/v2 v2.0.4
 	github.com/IBM/vpc-beta-go-sdk v0.6.0
 	github.com/IBM/vpc-go-sdk v0.48.0
 	github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5
diff --git a/go.sum b/go.sum
index 24b59c33a0..85363cdfb4 100644
--- a/go.sum
+++ b/go.sum
@@ -170,8 +170,8 @@ github.com/IBM/scc-go-sdk/v5 v5.1.5 h1:c17/7CfUjjgHXQe1fIY3GVsahqij1vDu9/dKPak8T
 github.com/IBM/scc-go-sdk/v5 v5.1.5/go.mod h1:YtAVlzq10bwR82QX4ZavhDIwa1s85RuVO9N/KmXVcuk=
 github.com/IBM/schematics-go-sdk v0.2.3 h1:lgTt0Sbudii3cuSk1YSQgrtiZAXDbBABAoVj3eQuBrU=
 github.com/IBM/schematics-go-sdk v0.2.3/go.mod h1:Tw2OSAPdpC69AxcwoyqcYYaGTTW6YpERF9uNEU+BFRQ=
-github.com/IBM/secrets-manager-go-sdk/v2 v2.0.3 h1:28x9ksuRllUbDHmbwk15snNZgaEDc+BtY5Ey8oMqKn8=
-github.com/IBM/secrets-manager-go-sdk/v2 v2.0.3/go.mod h1:5gq8D8uWOIbqOm1uztay6lpOysgJaxxEsaVZLWGWb40=
+github.com/IBM/secrets-manager-go-sdk/v2 v2.0.4 h1:xa9e+POVqaXxXHXkSMCOVAbKdUNEu86jQmo5hcpd+L4=
+github.com/IBM/secrets-manager-go-sdk/v2 v2.0.4/go.mod h1:5gq8D8uWOIbqOm1uztay6lpOysgJaxxEsaVZLWGWb40=
 github.com/IBM/vpc-beta-go-sdk v0.6.0 h1:wfM3AcW3zOM3xsRtZ+EA6+sESlGUjQ6Yf4n5QQyz4uc=
 github.com/IBM/vpc-beta-go-sdk v0.6.0/go.mod h1:fzHDAQIqH/5yJmYsKodKHLcqxMDT+yfH6vZjdiw8CQA=
 github.com/IBM/vpc-go-sdk v0.48.0 h1:4yeSxVX9mizsIW2F0rsVI47rZoNKBrZ1QK9RwwRas9Q=
diff --git a/ibm/service/secretsmanager/data_source_ibm_sm_iam_credentials_secret.go b/ibm/service/secretsmanager/data_source_ibm_sm_iam_credentials_secret.go
index bce495303b..2fc4b0929a 100644
--- a/ibm/service/secretsmanager/data_source_ibm_sm_iam_credentials_secret.go
+++ b/ibm/service/secretsmanager/data_source_ibm_sm_iam_credentials_secret.go
@@ -120,6 +120,11 @@ func DataSourceIbmSmIamCredentialsSecret() *schema.Resource {
 				Computed:    true,
 				Description: "The time-to-live (TTL) or lease duration to assign to generated credentials.For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can be either an integer that specifies the number of seconds, or the string representation of a duration, such as `120m` or `24h`.Minimum duration is 1 minute. Maximum is 90 days.",
 			},
+			"expiration_date": &schema.Schema{
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The date a secret is expired. The date format follows RFC 3339.",
+			},
 			"access_groups": &schema.Schema{
 				Type:        schema.TypeList,
 				Computed:    true,
@@ -307,6 +312,11 @@ func dataSourceIbmSmIamCredentialsSecretRead(context context.Context, d *schema.
 		return diag.FromErr(fmt.Errorf("Error setting api_key: %s", err))
 	}
 
+	if iAMCredentialsSecret.ExpirationDate != nil {
+		if err = d.Set("expiration_date", DateTimeToRFC3339(iAMCredentialsSecret.ExpirationDate)); err != nil {
+			return diag.FromErr(fmt.Errorf("Error setting expiration_date: %s", err))
+		}
+	}
 	return nil
 }
 
diff --git a/ibm/service/secretsmanager/data_source_ibm_sm_iam_credentials_secret_metadata.go b/ibm/service/secretsmanager/data_source_ibm_sm_iam_credentials_secret_metadata.go
index f58be6333d..e4193e2ee6 100644
--- a/ibm/service/secretsmanager/data_source_ibm_sm_iam_credentials_secret_metadata.go
+++ b/ibm/service/secretsmanager/data_source_ibm_sm_iam_credentials_secret_metadata.go
@@ -112,6 +112,11 @@ func DataSourceIbmSmIamCredentialsSecretMetadata() *schema.Resource {
 				Computed:    true,
 				Description: "The time-to-live (TTL) or lease duration to assign to generated credentials.For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can be either an integer that specifies the number of seconds, or the string representation of a duration, such as `120m` or `24h`.Minimum duration is 1 minute. Maximum is 90 days.",
 			},
+			"expiration_date": &schema.Schema{
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The date a secret is expired. The date format follows RFC 3339.",
+			},
 			"access_groups": &schema.Schema{
 				Type:        schema.TypeList,
 				Computed:    true,
@@ -302,6 +307,12 @@ func dataSourceIbmSmIamCredentialsSecretMetadataRead(context context.Context, d
 		return diag.FromErr(fmt.Errorf("Error setting next_rotation_date: %s", err))
 	}
 
+	if iAMCredentialsSecretMetadata.ExpirationDate != nil {
+		if err = d.Set("expiration_date", DateTimeToRFC3339(iAMCredentialsSecretMetadata.ExpirationDate)); err != nil {
+			return diag.FromErr(fmt.Errorf("Error setting expiration_date: %s", err))
+		}
+	}
+
 	return nil
 }
 
diff --git a/ibm/service/secretsmanager/data_source_ibm_sm_service_credentials_secret.go b/ibm/service/secretsmanager/data_source_ibm_sm_service_credentials_secret.go
index c9f1158134..ac195ad03f 100644
--- a/ibm/service/secretsmanager/data_source_ibm_sm_service_credentials_secret.go
+++ b/ibm/service/secretsmanager/data_source_ibm_sm_service_credentials_secret.go
@@ -118,6 +118,11 @@ func DataSourceIbmSmServiceCredentialsSecret() *schema.Resource {
 				Computed:    true,
 				Description: "The time-to-live (TTL) or lease duration to assign to generated credentials.",
 			},
+			"expiration_date": &schema.Schema{
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The date a secret is expired. The date format follows RFC 3339.",
+			},
 			"rotation": &schema.Schema{
 				Type:        schema.TypeList,
 				Computed:    true,
@@ -398,6 +403,12 @@ func dataSourceIbmSmServiceCredentialsSecretRead(context context.Context, d *sch
 		}
 	}
 
+	if ServiceCredentialsSecret.ExpirationDate != nil {
+		if err = d.Set("expiration_date", DateTimeToRFC3339(ServiceCredentialsSecret.ExpirationDate)); err != nil {
+			return diag.FromErr(fmt.Errorf("Error setting expiration_date: %s", err))
+		}
+	}
+
 	return nil
 }
 
diff --git a/ibm/service/secretsmanager/data_source_ibm_sm_service_credentials_secret_metadata.go b/ibm/service/secretsmanager/data_source_ibm_sm_service_credentials_secret_metadata.go
index 9b28662a5a..af85181e3a 100644
--- a/ibm/service/secretsmanager/data_source_ibm_sm_service_credentials_secret_metadata.go
+++ b/ibm/service/secretsmanager/data_source_ibm_sm_service_credentials_secret_metadata.go
@@ -107,6 +107,11 @@ func DataSourceIbmSmServiceCredentialsSecretMetadata() *schema.Resource {
 				Computed:    true,
 				Description: "The time-to-live (TTL) or lease duration to assign to generated credentials.",
 			},
+			"expiration_date": &schema.Schema{
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The date a secret is expired. The date format follows RFC 3339.",
+			},
 			"rotation": &schema.Schema{
 				Type:        schema.TypeList,
 				Computed:    true,
@@ -386,6 +391,12 @@ func dataSourceIbmSmServiceCredentialsSecretMetadataRead(context context.Context
 		}
 	}
 
+	if ServiceCredentialsSecretMetadata.ExpirationDate != nil {
+		if err = d.Set("expiration_date", DateTimeToRFC3339(ServiceCredentialsSecretMetadata.ExpirationDate)); err != nil {
+			return diag.FromErr(fmt.Errorf("Error setting expiration_date: %s", err))
+		}
+	}
+
 	return nil
 }
 
diff --git a/ibm/service/secretsmanager/resource_ibm_sm_iam_credentials_secret.go b/ibm/service/secretsmanager/resource_ibm_sm_iam_credentials_secret.go
index e729325efb..a0fef420ab 100644
--- a/ibm/service/secretsmanager/resource_ibm_sm_iam_credentials_secret.go
+++ b/ibm/service/secretsmanager/resource_ibm_sm_iam_credentials_secret.go
@@ -65,6 +65,11 @@ func ResourceIbmSmIamCredentialsSecret() *schema.Resource {
 				ValidateFunc: StringIsIntBetween(60, 7776000),
 				Description:  "The time-to-live (TTL) or lease duration to assign to generated credentials.For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value is an integer that specifies the number of seconds .Minimum duration is 1 minute. Maximum is 90 days.",
 			},
+			"expiration_date": &schema.Schema{
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The date a secret is expired. The date format follows RFC 3339.",
+			},
 			"access_groups": &schema.Schema{
 				Type:        schema.TypeList,
 				Optional:    true,
@@ -425,6 +430,12 @@ func resourceIbmSmIamCredentialsSecretRead(context context.Context, d *schema.Re
 		}
 	}
 
+	if secret.ExpirationDate != nil {
+		if err = d.Set("expiration_date", DateTimeToRFC3339(secret.ExpirationDate)); err != nil {
+			return diag.FromErr(fmt.Errorf("Error setting expiration_date: %s", err))
+		}
+	}
+
 	return nil
 }
 
diff --git a/ibm/service/secretsmanager/resource_ibm_sm_service_credentials_secret.go b/ibm/service/secretsmanager/resource_ibm_sm_service_credentials_secret.go
index a48a3d2636..9b4b5d43a5 100644
--- a/ibm/service/secretsmanager/resource_ibm_sm_service_credentials_secret.go
+++ b/ibm/service/secretsmanager/resource_ibm_sm_service_credentials_secret.go
@@ -276,9 +276,14 @@ func ResourceIbmSmServiceCredentialsSecret() *schema.Resource {
 			},
 			"ttl": &schema.Schema{
 				Type:        schema.TypeString,
-				Required:    true,
+				Optional:    true,
 				Description: "The time-to-live (TTL) or lease duration to assign to generated credentials.",
 			},
+			"expiration_date": &schema.Schema{
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The date a secret is expired. The date format follows RFC 3339.",
+			},
 			"updated_at": &schema.Schema{
 				Type:        schema.TypeString,
 				Computed:    true,
@@ -464,6 +469,12 @@ func resourceIbmSmServiceCredentialsSecretRead(context context.Context, d *schem
 		}
 	}
 
+	if secret.ExpirationDate != nil {
+		if err = d.Set("expiration_date", DateTimeToRFC3339(secret.ExpirationDate)); err != nil {
+			return diag.FromErr(fmt.Errorf("Error setting expiration_date: %s", err))
+		}
+	}
+
 	return nil
 }
 
diff --git a/website/docs/d/sm_iam_credentials_secret.html.markdown b/website/docs/d/sm_iam_credentials_secret.html.markdown
index 79fe4ce3c0..1f13bd8b32 100644
--- a/website/docs/d/sm_iam_credentials_secret.html.markdown
+++ b/website/docs/d/sm_iam_credentials_secret.html.markdown
@@ -121,3 +121,4 @@ Nested scheme for **rotation**:
 * `versions_total` - (Integer) The number of versions of the secret.
   * Constraints: The maximum value is `50`. The minimum value is `0`.
 
+* `expiration_date` - (String) The date a secret is expired. The date format follows RFC 3339.
diff --git a/website/docs/d/sm_iam_credentials_secret_metadata.html.markdown b/website/docs/d/sm_iam_credentials_secret_metadata.html.markdown
index 1db8123221..711b48fd7b 100644
--- a/website/docs/d/sm_iam_credentials_secret_metadata.html.markdown
+++ b/website/docs/d/sm_iam_credentials_secret_metadata.html.markdown
@@ -102,3 +102,4 @@ Nested scheme for **rotation**:
 * `versions_total` - (Integer) The number of versions of the secret.
   * Constraints: The maximum value is `50`. The minimum value is `0`.
 
+* `expiration_date` - (String) The date a secret is expired. The date format follows RFC 3339.
\ No newline at end of file
diff --git a/website/docs/d/sm_service_credentials_secret.html.markdown b/website/docs/d/sm_service_credentials_secret.html.markdown
index bef56d1469..b69a19b09e 100644
--- a/website/docs/d/sm_service_credentials_secret.html.markdown
+++ b/website/docs/d/sm_service_credentials_secret.html.markdown
@@ -154,3 +154,4 @@ In addition to all argument references listed, you can access the following attr
 * `versions_total` - (Integer) The number of versions of the secret.
     * Constraints: The maximum value is `50`. The minimum value is `0`.
 
+* `expiration_date` - (String) The date a secret is expired. The date format follows RFC 3339.
diff --git a/website/docs/d/sm_service_credentials_secret_metadata.html.markdown b/website/docs/d/sm_service_credentials_secret_metadata.html.markdown
index 94b9d8d648..004e867c44 100644
--- a/website/docs/d/sm_service_credentials_secret_metadata.html.markdown
+++ b/website/docs/d/sm_service_credentials_secret_metadata.html.markdown
@@ -111,3 +111,4 @@ In addition to all argument references listed, you can access the following attr
 * `versions_total` - (Integer) The number of versions of the secret.
     * Constraints: The maximum value is `50`. The minimum value is `0`.
 
+* `expiration_date` - (String) The date a secret is expired. The date format follows RFC 3339.
diff --git a/website/docs/r/sm_iam_credentials_secret.html.markdown b/website/docs/r/sm_iam_credentials_secret.html.markdown
index 3c108eb82c..b457b8a40d 100644
--- a/website/docs/r/sm_iam_credentials_secret.html.markdown
+++ b/website/docs/r/sm_iam_credentials_secret.html.markdown
@@ -90,7 +90,8 @@ In addition to all argument references listed, you can access the following attr
     * Constraints: Allowable values are: `arbitrary`, `imported_cert`, `public_cert`, `iam_credentials`, `kv`, `username_password`, `private_cert`.
 * `updated_at` - (String) The date when a resource was recently modified. The date format follows RFC 3339.
 * `versions_total` - (Integer) The number of versions of the secret.
-  * Constraints: The maximum value is `50`. The minimum value is `0`.
+    * Constraints: The maximum value is `50`. The minimum value is `0`.
+* `expiration_date` - (String) The date a secret is expired. The date format follows RFC 3339.
 
 ## Provider Configuration
 
diff --git a/website/docs/r/sm_service_credentials_secret.html.markdown b/website/docs/r/sm_service_credentials_secret.html.markdown
index 12b43a166b..12e808bcdc 100644
--- a/website/docs/r/sm_service_credentials_secret.html.markdown
+++ b/website/docs/r/sm_service_credentials_secret.html.markdown
@@ -155,7 +155,8 @@ In addition to all argument references listed, you can access the following attr
     * Constraints: Allowable values are: `arbitrary`, `imported_cert`, `public_cert`, `iam_credentials`, `kv`, `username_password`, `private_cert`.
 * `updated_at` - (String) The date when a resource was recently modified. The date format follows RFC 3339.
 * `versions_total` - (Integer) The number of versions of the secret.
-  * Constraints: The maximum value is `50`. The minimum value is `0`.
+    * Constraints: The maximum value is `50`. The minimum value is `0`.
+* `expiration_date` - (String) The date a secret is expired. The date format follows RFC 3339.
 
 ## Provider Configuration
 

From 4ad4fbe7604eb03dd5853d30634b136b9e3d5219 Mon Sep 17 00:00:00 2001
From: Avi Ribchinsky <avir@il.ibm.com>
Date: Wed, 13 Mar 2024 13:52:37 +0200
Subject: [PATCH 2/2] patch: API enhancements

---
 .../secretsmanager/resource_ibm_sm_service_credentials_secret.go | 1 +
 .../resource_ibm_sm_service_credentials_secret_test.go           | 1 +
 2 files changed, 2 insertions(+)

diff --git a/ibm/service/secretsmanager/resource_ibm_sm_service_credentials_secret.go b/ibm/service/secretsmanager/resource_ibm_sm_service_credentials_secret.go
index 9b4b5d43a5..d2f0b337a9 100644
--- a/ibm/service/secretsmanager/resource_ibm_sm_service_credentials_secret.go
+++ b/ibm/service/secretsmanager/resource_ibm_sm_service_credentials_secret.go
@@ -277,6 +277,7 @@ func ResourceIbmSmServiceCredentialsSecret() *schema.Resource {
 			"ttl": &schema.Schema{
 				Type:        schema.TypeString,
 				Optional:    true,
+				Computed:    true,
 				Description: "The time-to-live (TTL) or lease duration to assign to generated credentials.",
 			},
 			"expiration_date": &schema.Schema{
diff --git a/ibm/service/secretsmanager/resource_ibm_sm_service_credentials_secret_test.go b/ibm/service/secretsmanager/resource_ibm_sm_service_credentials_secret_test.go
index 7de340208c..f5995d79aa 100644
--- a/ibm/service/secretsmanager/resource_ibm_sm_service_credentials_secret_test.go
+++ b/ibm/service/secretsmanager/resource_ibm_sm_service_credentials_secret_test.go
@@ -76,6 +76,7 @@ func TestAccIbmSmServiceCredentialsSecretAllArgs(t *testing.T) {
 					resource.TestCheckResourceAttrSet(resourceName, "next_rotation_date"),
 					resource.TestCheckResourceAttr(resourceName, "state", "1"),
 					resource.TestCheckResourceAttr(resourceName, "versions_total", "1"),
+					resource.TestCheckResourceAttr(resourceName, "ttl", serviceCredentialsTtl),
 				),
 			},
 			resource.TestStep{