Issue 1840 Add custom_hostname wait_for_active_status

[charmingnewt]

As shown in #1840, it can be problematic to create required validation records in the same terraform apply run because the custom_hostname resource completes creation before the required validation records are present on the resource.

This pull adds a wait_for_active_status flag similar to the flag introduced in #1567.

I was NOT able to run the acceptance tests because I do not have a suitable Cloudflare account to do so. However I did test this with my currently blocked configuration and it resolved the issues I was seeing.

Closes #1840

[github-actions]

changelog detected ✅

[jacobbednarz]

this is a good start, thank you. i've left some nitpick wording changes in the PR. once they are handled, you will need to run make docs locally and commit the documentation updates too (the schema automatically generates these)

[jacobbednarz]

i've gone back and had a look at the initial issue however i don't think this actually addresses the problem raised.

in the initial ticket, ownership_verification and ownership_verification_http are both set from the initial creation call however, the initial issue is trying to use the ssl.validation_records object for validation which this PR will never check so i'm unsure how this PR is fixing your issue.

@nickysemenza are you able to confirm which config block should be checked for the manual validation records? perhaps the original issue is just using the wrong fields.

[charmingnewt]

interesting. it seemed from my testing that the ssl.validation_records were set once the hostname hit active status. this PR worked well for me with my local testing. i'll attach a sample tf file that i was testing with. i'll admit i'm largely unfamiliar with the underlying cloudflare api so if there is a better way to accomplish this i'll take that up instead.

main.tf.txt
testing_results.txt

[nickysemenza]

the SSL sub-object will get its validation_records set once it transitions from initializing->pending_validation (which, if the parent hostname passes validation on the first try, will likely happen around the same time as the hostname transitioning from pending -> active. (The ssl validation records require a call to the certificate authority to happen in the background) wheras the custom hostname validation records are generated in-house).

So as for the issue described in #1840, waiting until resource.cloudflare_custom_hostname.test.ssl.0.validation_records.0.txt_value has a value can be accomplished by waiting until ssl.status== "pending_validation" or something along those lines - perhaps wait_for_ssl_pending_validation would be more appropriate?

see https://developers.cloudflare.com/ssl/reference/certificate-statuses/ and https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/domain-support/hostname-verification/#verification-statuses for references on statuses

[charmingnewt]

thanks for the info - i've adjusted the pr to reflect that input

[jacobbednarz]

acceptance tests are passing

TF_ACC=1 go test $(go list ./...) -v -run "^TestAccCloudflareCustomHostname_" -count 1 -parallel 1 -timeout 120m -parallel 1
?       github.com/cloudflare/terraform-provider-cloudflare     [no test files]
=== RUN   TestAccCloudflareCustomHostname_Basic
=== PAUSE TestAccCloudflareCustomHostname_Basic
=== RUN   TestAccCloudflareCustomHostname_WaitForActive
=== PAUSE TestAccCloudflareCustomHostname_WaitForActive
=== RUN   TestAccCloudflareCustomHostname_WithCustomOriginServer
=== PAUSE TestAccCloudflareCustomHostname_WithCustomOriginServer
=== RUN   TestAccCloudflareCustomHostname_WithHTTPValidation
=== PAUSE TestAccCloudflareCustomHostname_WithHTTPValidation
=== RUN   TestAccCloudflareCustomHostname_WithCustomSSLSettings
=== PAUSE TestAccCloudflareCustomHostname_WithCustomSSLSettings
=== RUN   TestAccCloudflareCustomHostname_Update
=== PAUSE TestAccCloudflareCustomHostname_Update
=== RUN   TestAccCloudflareCustomHostname_WithNoSSL
=== PAUSE TestAccCloudflareCustomHostname_WithNoSSL
=== RUN   TestAccCloudflareCustomHostname_UpdatingZoneForcesNewResource
=== PAUSE TestAccCloudflareCustomHostname_UpdatingZoneForcesNewResource
=== RUN   TestAccCloudflareCustomHostname_Import
=== PAUSE TestAccCloudflareCustomHostname_Import
=== CONT  TestAccCloudflareCustomHostname_Basic
--- PASS: TestAccCloudflareCustomHostname_Basic (8.25s)
=== CONT  TestAccCloudflareCustomHostname_Update
--- PASS: TestAccCloudflareCustomHostname_Update (14.25s)
=== CONT  TestAccCloudflareCustomHostname_Import
--- PASS: TestAccCloudflareCustomHostname_Import (10.16s)
=== CONT  TestAccCloudflareCustomHostname_UpdatingZoneForcesNewResource
--- PASS: TestAccCloudflareCustomHostname_UpdatingZoneForcesNewResource (15.28s)
=== CONT  TestAccCloudflareCustomHostname_WithNoSSL
--- PASS: TestAccCloudflareCustomHostname_WithNoSSL (7.64s)
=== CONT  TestAccCloudflareCustomHostname_WithHTTPValidation
--- PASS: TestAccCloudflareCustomHostname_WithHTTPValidation (7.60s)
=== CONT  TestAccCloudflareCustomHostname_WithCustomSSLSettings
--- PASS: TestAccCloudflareCustomHostname_WithCustomSSLSettings (12.76s)
=== CONT  TestAccCloudflareCustomHostname_WithCustomOriginServer
--- PASS: TestAccCloudflareCustomHostname_WithCustomOriginServer (8.60s)
=== CONT  TestAccCloudflareCustomHostname_WaitForActive
--- PASS: TestAccCloudflareCustomHostname_WaitForActive (10.60s)
PASS
ok      github.com/cloudflare/terraform-provider-cloudflare/internal/provider   95.440s

[jacobbednarz]

thanks for this one @will-bluem-olo! we appreciate the effort you've put into this one -- your first contribution at that! 🎉

[github-actions]

This functionality has been released in v3.26.0 of the Terraform Cloudflare Provider.

Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!