Skip to content

Commit

Permalink
azurerm_key_vault_certificate: fix createCertificate lost `http.R…
Browse files Browse the repository at this point in the history 
…esponse` which is used to check if should recover this certificate (#23204)

* fix recover certificate, update error log and update acctest for recovery certificate

* fix typo

* lint comment fix
  • Loading branch information
@wuxu92
wuxu92 authored Sep 21, 2023
1 parent 8078e1b commit 4dc3b03
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 10 deletions.
14 changes: 8 additions & 6 deletions internal/services/keyvault/key_vault_certificate_resource.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -438,9 +438,11 @@ func createCertificate(d *pluginsdk.ResourceData, meta interface{}) (keyvault.Ce
Tags: tags.Expand(t),
}

_, err = client.CreateCertificate(ctx, *keyVaultBaseUrl, name, parameters)
result, err := client.CreateCertificate(ctx, *keyVaultBaseUrl, name, parameters)
if err != nil {
return keyvault.CertificateBundle{}, err
return keyvault.CertificateBundle{
Response: result.Response,
}, err
}

log.Printf("[DEBUG] Waiting for Key Vault Certificate %q in Vault %q to be provisioned", name, *keyVaultBaseUrl)
Expand Down Expand Up @@ -513,11 +515,11 @@ func resourceKeyVaultCertificateCreate(d *pluginsdk.ResourceData, meta interface
if err != nil {
if meta.(*clients.Client).Features.KeyVault.RecoverSoftDeletedCerts && utils.ResponseWasConflict(newCert.Response) {
if err = recoverDeletedCertificate(ctx, d, meta, *keyVaultBaseUrl, name); err != nil {
return err
return fmt.Errorf("recover deleted certificate: %+v", err)
}
newCert, err = client.ImportCertificate(ctx, *keyVaultBaseUrl, name, importParameters)
if err != nil {
return err
return fmt.Errorf("update recovered certificate: %+v", err)
}
} else {
return err
Expand All @@ -529,12 +531,12 @@ func resourceKeyVaultCertificateCreate(d *pluginsdk.ResourceData, meta interface
if err != nil {
if meta.(*clients.Client).Features.KeyVault.RecoverSoftDeletedCerts && utils.ResponseWasConflict(newCert.Response) {
if err = recoverDeletedCertificate(ctx, d, meta, *keyVaultBaseUrl, name); err != nil {
return err
return fmt.Errorf("recover deleted certificate: %+v", err)
}
// after we recovered the existing certificate we still have to apply our changes
newCert, err = createCertificate(d, meta)
if err != nil {
return err
return fmt.Errorf("update recovered certificate: %+v", err)
}
} else {
return err
Expand Down
21 changes: 17 additions & 4 deletions internal/services/keyvault/key_vault_certificate_resource_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,8 +138,7 @@ func TestAccKeyVaultCertificate_softDeleteRecovery(t *testing.T) {
),
},
{
Config: r.softDeleteRecovery(data, false),
Destroy: true,
Config: r.softDeleteCertificate(data, false),
},
{
Config: r.softDeleteRecovery(data, true),
Expand Down Expand Up @@ -1171,17 +1170,31 @@ resource "azurerm_key_vault_certificate" "test" {
`, r.template(data), data.RandomString)
}

func (r KeyVaultCertificateResource) softDeleteRecovery(data acceptance.TestData, purge bool) string {
func (r KeyVaultCertificateResource) softDeleteCertificate(data acceptance.TestData, purge bool) string {
return fmt.Sprintf(`
provider "azurerm" {
features {
key_vault {
purge_soft_delete_on_destroy = "%t"
purge_soft_deleted_certificates_on_destroy = %t
recover_soft_deleted_key_vaults = true
}
}
}
%s`, purge, r.template(data))
}

func (r KeyVaultCertificateResource) softDeleteRecovery(data acceptance.TestData, purge bool) string {
return fmt.Sprintf(`
provider "azurerm" {
features {
key_vault {
purge_soft_deleted_certificates_on_destroy = %t
recover_soft_deleted_key_vaults = true
}
}
}
%s
resource "azurerm_key_vault_certificate" "test" {
Expand Down

0 comments on commit 4dc3b03

Please sign in to comment.