feat: added dynamic_keyvault_certificates to caf_solution

[nusrath432]

Issue-ID: 447

PR Checklist

---

• I have updated the documentation accordingly.
• I have added tests to cover my changes.
• All new and existing tests passed.
• My code follows the code style of this project.
• I ran lint checks locally prior to submission.
• Have you checked to ensure there aren't other open Pull Requests for the same update/change?

Description

dynamic_keyvault_certificates have been added to v.5.6.1 modules.

Does this introduce a breaking change

• YES
• NO

Testing

Define a *.tfvars as:

dynamic_keyvault_certificates = {
  my_kv_name = {
    dynamic_certificate_pem = {
      secret_name = "my-secret-name"
      contents    = "<base64 encoded pem>"
    }
  }
}

[LaurentLesle]

Why do you add the module "dynamic_keyvault_certificates" in the caf solution?

I would assume it can be be handled in the aztfmod module directly.

The only reason we put the dynamic_keyvault_secrets into caf_solution is to prevent circular references and to be able to include in a secret value any output attribute of the aztfmod module. Looks like it is not required for the certificates.

[nusrath432]

@LaurentLesle I was just following the pattern. If not here, can you identify the location within the modules where this should be implemented, please.

[LaurentLesle]

The reason dynamic secrets was done that way was to have the option to inject as a keyvault secret's value any output object's attribute from the aztfmod module. Based on my deeper review of your PR is looks like it is only the outcome of the self_signed cert that you may want to add as a certificate value. In that case it can be handled within the module and terraform will deal with the dependencies.

Either you propose an update or I can submit a PR and share it with you for review