azurerm_app_service_custom_hostname_binding: support for the ssl_state and thumbprint properties

[joakimhellum]

Depends on #4192 (because it uses the azurerm_app_service_certificate resource in the test).
Fixes #1136 (together with #4192).

Not sure about preferred method to generate certificates for tests (private key, self-signed certificate and then the PFX). Have added a test that uses Key Vault to achieve this. Any advice is appreciated.

[tombuildsstuff]

LGTM - thanks for this @joakimhellum-in

[tombuildsstuff]

Taking a look at the failing Travis tests here this is because this is based on top of master from when git.apache.org was being used as a dependency source; so this should be safe to ignore 👍

[tombuildsstuff]

hey @joakimhellum-in

Sorry it's taken a while to get to the tests for this - I've run them and they look good:

$ ARM_TEST_APP_SERVICE=**** ARM_TEST_DOMAIN=**** acctests azurerm TestAccAzureRMAppServiceCustomHostnameBinding
=== RUN   TestAccAzureRMAppServiceCustomHostnameBinding
=== RUN   TestAccAzureRMAppServiceCustomHostnameBinding/basic
=== RUN   TestAccAzureRMAppServiceCustomHostnameBinding/basic/multiple
=== RUN   TestAccAzureRMAppServiceCustomHostnameBinding/basic/requiresImport
=== RUN   TestAccAzureRMAppServiceCustomHostnameBinding/basic/ssl
=== RUN   TestAccAzureRMAppServiceCustomHostnameBinding/basic/basic
--- PASS: TestAccAzureRMAppServiceCustomHostnameBinding (447.88s)
    --- PASS: TestAccAzureRMAppServiceCustomHostnameBinding/basic (447.88s)
        --- SKIP: TestAccAzureRMAppServiceCustomHostnameBinding/basic/multiple (0.00s)
            resource_arm_app_service_custom_hostname_binding_test.go:112: Skipping as "ARM_ALT_TEST_DOMAIN" is not specified
        --- SKIP: TestAccAzureRMAppServiceCustomHostnameBinding/basic/requiresImport (0.00s)
            resource_arm_app_service_custom_hostname_binding_test.go:81: Skipping since resources aren't required to be imported
        --- PASS: TestAccAzureRMAppServiceCustomHostnameBinding/basic/ssl (293.02s)
        --- PASS: TestAccAzureRMAppServiceCustomHostnameBinding/basic/basic (154.86s)
PASS
ok  	github.com/terraform-providers/terraform-provider-azurerm/azurerm	447.924s

Thanks!

[ghost]

This has been released in version 1.35.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 1.35.0"
}
# ... other configuration ...

[phekmat]

@tombuildsstuff this actually breaks existing usage of the hostname binding where the certs are being updated out-of-band (e.g. via Let's Encrypt and build automation). Do you think the provider should handle this scenario (possibly by ignoring the diff if ssl_state and/or thumbprint aren't specified)?

edit to add: It's easy to work around with ignore_changes, I'm just wondering if the provider should handle it since it seems like typical usage.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!