From 58a9af9449f9598e6cca2e2fe4c01f2a15eb6fdb Mon Sep 17 00:00:00 2001
From: Zhenhua Hu <zhhu@microsoft.com>
Date: Wed, 30 Aug 2023 14:08:58 +0800
Subject: [PATCH] add code

---
 .../virtual_machine_extension_resource.go     |  15 ++
 ...virtual_machine_extension_resource_test.go | 138 ++++++++++++++++++
 .../r/virtual_machine_extension.html.markdown |   2 +
 3 files changed, 155 insertions(+)

diff --git a/internal/services/compute/virtual_machine_extension_resource.go b/internal/services/compute/virtual_machine_extension_resource.go
index 4d554827a8a9..95eeffe1c4ab 100644
--- a/internal/services/compute/virtual_machine_extension_resource.go
+++ b/internal/services/compute/virtual_machine_extension_resource.go
@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"time"
 
+	"github.com/hashicorp/go-azure-helpers/lang/pointer"
 	"github.com/hashicorp/terraform-provider-azurerm/helpers/tf"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/clients"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/services/compute/parse"
@@ -107,6 +108,15 @@ func resourceVirtualMachineExtension() *pluginsdk.Resource {
 
 			"protected_settings_from_key_vault": protectedSettingsFromKeyVaultSchema(true),
 
+			"provision_after_extensions": {
+				Type:     pluginsdk.TypeList,
+				Optional: true,
+				Elem: &pluginsdk.Schema{
+					Type:         pluginsdk.TypeString,
+					ValidateFunc: validation.StringIsNotEmpty,
+				},
+			},
+
 			"tags": tags.Schema(),
 		},
 	}
@@ -185,6 +195,10 @@ func resourceVirtualMachineExtensionsCreateUpdate(d *pluginsdk.ResourceData, met
 		extension.VirtualMachineExtensionProperties.ProtectedSettings = &protectedSettings
 	}
 
+	if provisionAfterExtensionsValue, exists := d.GetOk("provision_after_extensions"); exists {
+		extension.ProvisionAfterExtensions = utils.ExpandStringSlice(provisionAfterExtensionsValue.([]interface{}))
+	}
+
 	future, err := vmExtensionClient.CreateOrUpdate(ctx, id.ResourceGroup, id.VirtualMachineName, id.ExtensionName, extension)
 	if err != nil {
 		return err
@@ -239,6 +253,7 @@ func resourceVirtualMachineExtensionsRead(d *pluginsdk.ResourceData, meta interf
 		d.Set("auto_upgrade_minor_version", props.AutoUpgradeMinorVersion)
 		d.Set("automatic_upgrade_enabled", props.EnableAutomaticUpgrade)
 		d.Set("protected_settings_from_key_vault", flattenProtectedSettingsFromKeyVault(props.ProtectedSettingsFromKeyVault))
+		d.Set("provision_after_extensions", pointer.From(props.ProvisionAfterExtensions))
 
 		suppressFailure := false
 		if props.SuppressFailures != nil {
diff --git a/internal/services/compute/virtual_machine_extension_resource_test.go b/internal/services/compute/virtual_machine_extension_resource_test.go
index ac57477a77b9..9d06ad34d871 100644
--- a/internal/services/compute/virtual_machine_extension_resource_test.go
+++ b/internal/services/compute/virtual_machine_extension_resource_test.go
@@ -101,6 +101,23 @@ func TestAccVirtualMachineExtension_concurrent(t *testing.T) {
 	})
 }
 
+func TestAccVirtualMachineExtension_provisionAfterExtensions(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_virtual_machine_extension", "test")
+	r := VirtualMachineExtensionResource{}
+	secondResourceName := "azurerm_virtual_machine_extension.test2"
+
+	data.ResourceTest(t, r, []acceptance.TestStep{
+		{
+			Config: r.provisionAfterExtensions(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				acceptance.TestMatchResourceAttr(data.ResourceName, "settings", regexp.MustCompile("hostname")),
+				acceptance.TestMatchResourceAttr(secondResourceName, "settings", regexp.MustCompile("whoami")),
+			),
+		},
+	})
+}
+
 func TestAccVirtualMachineExtension_linuxDiagnostics(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_virtual_machine_extension", "test")
 	r := VirtualMachineExtensionResource{}
@@ -503,6 +520,127 @@ SETTINGS
 `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger)
 }
 
+func (VirtualMachineExtensionResource) provisionAfterExtensions(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "test" {
+  name     = "acctestRG-%d"
+  location = "%s"
+}
+
+resource "azurerm_virtual_network" "test" {
+  name                = "acctvn-%d"
+  address_space       = ["10.0.0.0/16"]
+  location            = azurerm_resource_group.test.location
+  resource_group_name = azurerm_resource_group.test.name
+}
+
+resource "azurerm_subnet" "test" {
+  name                 = "acctsub-%d"
+  resource_group_name  = azurerm_resource_group.test.name
+  virtual_network_name = azurerm_virtual_network.test.name
+  address_prefixes     = ["10.0.2.0/24"]
+}
+
+resource "azurerm_network_interface" "test" {
+  name                = "acctni-%d"
+  location            = azurerm_resource_group.test.location
+  resource_group_name = azurerm_resource_group.test.name
+
+  ip_configuration {
+    name                          = "testconfiguration1"
+    subnet_id                     = azurerm_subnet.test.id
+    private_ip_address_allocation = "Dynamic"
+  }
+}
+
+resource "azurerm_storage_account" "test" {
+  name                     = "accsa%d"
+  resource_group_name      = azurerm_resource_group.test.name
+  location                 = azurerm_resource_group.test.location
+  account_tier             = "Standard"
+  account_replication_type = "LRS"
+
+  tags = {
+    environment = "staging"
+  }
+}
+
+resource "azurerm_storage_container" "test" {
+  name                  = "vhds"
+  storage_account_name  = azurerm_storage_account.test.name
+  container_access_type = "private"
+}
+
+resource "azurerm_virtual_machine" "test" {
+  name                  = "acctvm-%d"
+  location              = azurerm_resource_group.test.location
+  resource_group_name   = azurerm_resource_group.test.name
+  network_interface_ids = [azurerm_network_interface.test.id]
+  vm_size               = "Standard_F2"
+
+  storage_image_reference {
+    publisher = "Canonical"
+    offer     = "UbuntuServer"
+    sku       = "16.04-LTS"
+    version   = "latest"
+  }
+
+  storage_os_disk {
+    name          = "myosdisk1"
+    vhd_uri       = "${azurerm_storage_account.test.primary_blob_endpoint}${azurerm_storage_container.test.name}/myosdisk1.vhd"
+    caching       = "ReadWrite"
+    create_option = "FromImage"
+  }
+
+  os_profile {
+    computer_name  = "hostname%d"
+    admin_username = "testadmin"
+    admin_password = "Password1234!"
+  }
+
+  os_profile_linux_config {
+    disable_password_authentication = false
+  }
+}
+
+resource "azurerm_virtual_machine_extension" "test" {
+  name                 = "acctvme-%d"
+  virtual_machine_id   = azurerm_virtual_machine.test.id
+  publisher            = "Microsoft.Azure.Extensions"
+  type                 = "CustomScript"
+  type_handler_version = "2.0"
+
+  settings = <<SETTINGS
+	{
+		"commandToExecute": "hostname"
+	}
+SETTINGS
+
+}
+
+resource "azurerm_virtual_machine_extension" "test2" {
+  name                 = "acctvme-%d-2"
+  virtual_machine_id   = azurerm_virtual_machine.test.id
+  publisher            = "Microsoft.OSTCExtensions"
+  type                 = "CustomScriptForLinux"
+  type_handler_version = "1.5"
+
+  provision_after_extensions = [azurerm_virtual_machine_extension.test.name]
+
+  settings = <<SETTINGS
+	{
+		"commandToExecute": "whoami"
+	}
+SETTINGS
+
+}
+`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger)
+}
+
 func (VirtualMachineExtensionResource) linuxDiagnostics(data acceptance.TestData) string {
 	return fmt.Sprintf(`
 provider "azurerm" {
diff --git a/website/docs/r/virtual_machine_extension.html.markdown b/website/docs/r/virtual_machine_extension.html.markdown
index 14c1e754162a..eb77408614ed 100644
--- a/website/docs/r/virtual_machine_extension.html.markdown
+++ b/website/docs/r/virtual_machine_extension.html.markdown
@@ -137,6 +137,8 @@ az vm extension image list --location westus -o table
 
 ~> **Note:** `protected_settings_from_key_vault` cannot be used with `protected_settings`
 
+* `provision_after_extensions` - (Optional) Specifies the collection of extension names after which this extension needs to be provisioned.
+
 * `tags` - (Optional) A mapping of tags to assign to the resource.
 
 ---