azurerm_api_management_certificate - allow key vault certificates

[MattiasAng]

Dependency on #11146

Fixes #10138

Creating this pull request even though dependency is not merged yet since I want feedback on if implementation is OK. Unfortunately Microsoft is not so consistent with which ID of User Assigned Managed Identity they want on resources.

[katbyte]

Thanks for the pr @MattiasAng - overall looks good but i've left a couple comments inline to address

[MattiasAng]

@manicminer @katbyte This should be good now that API management version is updated.

[katbyte]

Thanks @MattiasAng - looks like we have a crash during the tests thou

[katbyte]

doses it make sense to put these into a key_vault block?

[MattiasAng]

It makes sense, especially since that is how the request to API is done, but in my opinion for small resources like this it reduces the complexity if all properties are on top-level and we can handle conflicts between properties.
I don't see a lot of changes coming to this resource in the future after this is implemented.

Let me know if you want it changed.

[katbyte]

Test ended in panic.

------- Stdout: -------
=== RUN   TestAccApiManagementBackend_allProperties
=== PAUSE TestAccApiManagementBackend_allProperties
=== CONT  TestAccApiManagementBackend_allProperties

------- Stderr: -------
2021/04/29 19:53:14 [DEBUG] not using binary driver name, it's no longer needed
2021/04/29 19:53:15 [DEBUG] not using binary driver name, it's no longer needed
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x8 pc=0x4447195]

goroutine 765 [running]:
github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/apimanagement.resourceApiManagementCertificateRead(0xc0020bde30, 0x55fe540, 0xc00028a300, 0x0, 0x0)
	/opt/teamcity-agent/work/a73be106926a7472/azurerm/internal/services/apimanagement/api_management_certificate_resource.go:200 +0x755
github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/apimanagement.resourceApiManagementCertificateCreateUpdate(0xc0020bde30, 0x55fe540, 0xc00028a300, 0x0, 0x0)
	/opt/teamcity-agent/work/a73be106926a7472/azurerm/internal/services/apimanagement/api_management_certificate_resource.go:161 +0x836
github.com/hashicorp/terraform-plugin-sdk/helper/schema.(*Resource).Apply(0xc00147c320, 0xc0012a4190, 0xc002164c20, 0x55fe540, 0xc00028a300, 0x562db01, 0xc002418c38, 0xc001572180)
	/opt/teamcity-agent/work/a73be106926a7472/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/resource.go:320 +0x375
github.com/hashicorp/terraform-plugin-sdk/helper/schema.(*Provider).Apply(0xc000b93800, 0xc00134ba38, 0xc0012a4190, 0xc002164c20, 0xc0021dcbc8, 0xc0014eed70, 0x5630de0)
	/opt/teamcity-agent/work/a73be106926a7472/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/provider.go:294 +0x99
github.com/hashicorp/terraform-plugin-sdk/internal/helper/plugin.(*GRPCProviderServer).ApplyResourceChange(0xc001a94700, 0x65875d0, 0xc002530e40, 0xc0020bd960, 0xc001a94700, 0xc002530e40, 0xc002804ba0)
	/opt/teamcity-agent/work/a73be106926a7472/vendor/github.com/hashicorp/terraform-plugin-sdk/internal/helper/plugin/grpc_provider.go:895 +0x8a5
github.com/hashicorp/terraform-plugin-sdk/internal/tfplugin5._Provider_ApplyResourceChange_Handler(0x5b09400, 0xc001a94700, 0x65875d0, 0xc002530e40, 0xc0033bc960, 0x0, 0x65875d0, 0xc002530e40, 0xc0021ee000, 0x1f0e)
	/opt/teamcity-agent/work/a73be106926a7472/vendor/github.com/hashicorp/terraform-plugin-sdk/internal/tfplugin5/tfplugin5.pb.go:3305 +0x214
google.golang.org/grpc.(*Server).processUnaryRPC(0xc001c72700, 0x65ce0b8, 0xc0030b8180, 0xc00139da00, 0xc003299f20, 0x99c76e0, 0x0, 0x0, 0x0)
	/opt/teamcity-agent/work/a73be106926a7472/vendor/google.golang.org/grpc/server.go:1194 +0x52b
google.golang.org/grpc.(*Server).handleStream(0xc001c72700, 0x65ce0b8, 0xc0030b8180, 0xc00139da00, 0x0)
	/opt/teamcity-agent/work/a73be106926a7472/vendor/google.golang.org/grpc/server.go:1517 +0xd0c
google.golang.org/grpc.(*Server).serveStreams.func1.2(0xc0011a6040, 0xc001c72700, 0x65ce0b8, 0xc0030b8180, 0xc00139da00)
	/opt/teamcity-agent/work/a73be106926a7472/vendor/google.golang.org/grpc/server.go:859 +0xab
created by google.golang.org/grpc.(*Server).serveStreams.func1

[MattiasAng]

Sorry, only ran keyvault tests, should be good now. See reply on your question inline.

--- PASS: TestAccApiManagementCertificate_basic (2846.87s)
--- PASS: TestAccApiManagementCertificate_basicKeyVaultUserIdentity (3032.96s)
--- PASS: TestAccApiManagementCertificate_basicKeyVaultUpdate (3074.11s)
--- PASS: TestAccApiManagementCertificate_basicKeyVaultSystemIdentity (3205.09s)
--- PASS: TestAccApiManagementCertificate_requiresImport (3391.28s)

[katbyte]

Thanks @MattiasAng - LGTM 👍

[ghost]

This has been released in version 2.58.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 2.58.0"
}
# ... other configuration ...

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.