data "dnsimple_certificate" fails for certs created in the same apply

[ehaselwanter]

Terraform Version

❯ terraform init -upgrade

Initializing Terraform Cloud...

Initializing provider plugins...
- Finding dnsimple/dnsimple versions matching "1.0.0"...
- Using previously-installed dnsimple/dnsimple v1.0.0

Terraform v1.4.6
on linux_amd64

Affected Resource(s)

• data dnsimple_certificate

Terraform Configuration Files

resource "dnsimple_lets_encrypt_certificate" "esx-1-dc1-cert" {
  domain_id  = dnsimple_domain.infralovers_cloud.id
  auto_renew = true
  signature_algorithm = "RSA"
  name       = "esx-1.dc1"
}

data "dnsimple_certificate" "esx-1-dc1" {
  domain = dnsimple_lets_encrypt_certificate.esx-1-dc1-cert.domain_id
  certificate_id   = "${dnsimple_lets_encrypt_certificate.esx-1-dc1-cert.id}"
}

Expected Behavior

Get the output. There should be a wait on the data with timeout so that after creation or before download if the cert is in "ordered" state

Actual Behavior

dnsimple_lets_encrypt_certificate.esx-1-dc1-cert: Creating...
dnsimple_lets_encrypt_certificate.esx-1-dc1-cert: Creation complete after 1s [name=esx-1.dc1]
data.dnsimple_certificate.esx-1-dc1: Refreshing...
╷
│ Error: failed to download DNSimple Certificate
│ 
│   with data.dnsimple_certificate.esx-1-dc1,
│   on outputs.tf line 1, in data "dnsimple_certificate" "esx-1-dc1":
│    1: data "dnsimple_certificate" "esx-1-dc1" {
│ 
│ GET
│ https://api.dnsimple.com/v2/2345/domains/324/certificates/324/download:
│ 428 Certificate not present
╵
Operation failed: failed running terraform apply (exit 1)

[DXTimer]

Thanks for bringing this to our attention. I agree that the flow could be improved with configurable timeouts on the data source. Can't commit to a timeline but we will work on this in the coming weeks.