azurerm_container_app - Set resource id right after resource is created

[magodo]

Community Note

• Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
• Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for PR followers and do not help prioritize for review

Description

Creating the azurerm_container_app is an async operation, especially that the LRO part includes pulling container images, which can fail if configured incorrectly.

This PR is to move up the resource set in TF right after the "sync" part of the creation succeeded and the resource record created in Azure. The benefit is that even if the LRO part later failed, users won't have to manually import and delete the resource themselves.

PR Checklist

• I have followed the guidelines in our Contributing Documentation.
• I have checked to ensure there aren't other open Pull Requests for the same update/change.
• I have checked if my changes close any open issues. If so please include appropriate closing keywords below.
• I have updated/added Documentation as required written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.
• I have used a meaningful PR title to help maintainers and other users understand this change and help prevent duplicate work.
  For example: “resource_name_here - description of change e.g. adding property new_property_name_here”

Changes to existing Resource / Data Source

• I have added an explanation of what my changes do and why I'd like you to include them (This may be covered by linking to an issue above, but may benefit from additional explanation).
• I have written new tests for my resource or datasource changes & updated any relevent documentation.
• I have successfully run tests with my changes locally. If not, please provide details on testing challenges that prevented you running the tests.
• (For changes that include a state migration only). I have manually tested the migration path between relevant versions of the provider.

Testing

• My submission includes Test coverage as described in the Contribution Guide and the tests pass. (if this is not possible for any reason, please include details of why you did or could not add test coverage)

Change Log

Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.

• azurerm_container_app - Set resource id right after resource is created [GH-00000]

This is a (please select all that apply):

• Bug Fix
• New Feature (ie adding a service, resource, or data source)
• Enhancement
• Breaking Change

Related Issue(s)

Fixes #28511

Note

If this PR changes meaningfully during the course of review please update the title and description as required.

[zandernelson]

Any chance this can be reviewed soon? This is blocking us from using AzureRM to provision container apps and forcing us to use AzAPI instead.

[mbfrahry]

Hey @magodo, I don't believe we want to take this approach. Our view is that polling must succeed before we set a resource into state otherwise, we don't know what the state of the resource is or how to get out of a bad situation.

We are looking at adding a way to skip import checking to allow for people to get out of this type of situation but that's still a ways out. Until then, this is something we want to accept into the provider.

[magodo]

@mbfrahry For most (tracked) resources in ARM, if not 100%, they are guaranteed to be recorded in ARM (meaning you can GET it) once the initial PUT succeeded. If the polling failed, it means the resource isn't provisioning successfully, while the precense remains. I think it is a perfect fit of the "tainted" resource concept, meaning we shall recreate the resource since there is no obvious way to fix the resource in that state.

Regarding skip import checking, if I understand correct, it means we'll skip the existance check. I think that will bring even more severe issues?