Return FunctionApp host keys as an output when creating a new one

[ahmed-magdy-maersk]

I am using: https://github.com/pulumi/pulumi-azure/blob/master/sdk/python/pulumi_azure/appservice/function_app.py to create a function app And as I want to get the host key, and save it in a keyvault secret, but as it doesn't exist in the output, I have to get it using: https://github.com/pulumi/pulumi-azure/blob/master/sdk/python/pulumi_azure/appservice/get_function_app_host_keys.py

...
...
http_function_app=appservice.FunctionApp(
    "function_app",
    https_only="true",
    identity={ "type": "SystemAssigned" },
    resource_group_name=resource_group.name,
    app_service_plan_id=http_plan.id,
    storage_account_name=http_storage_account.name,
    storage_account_access_key=http_storage_account.primary_access_key,
    version="~3",
    os_type="linux",
    app_settings={
        "FUNCTIONS_WORKER_RUNTIME": "python",
        "WEBSITE_RUN_FROM_PACKAGE": http_signed_blob_url
    }
)
get_func_app_keys = appservice.get_function_app_host_keys(name=http_function_app.name, resource_group_name=resource_group.name)
set_func_app_secret = keyvault.Secret(
    resource_name="function_app_key",
    name="test-token",
    value=get_func_app_keys.default_function_key,
    key_vault_id=eng_enablement_vault.id
)

I want it to be just:

...
...
http_function_app=appservice.FunctionApp(
    "function_app",
    https_only="true",
    identity={ "type": "SystemAssigned" },
    resource_group_name=resource_group.name,
    app_service_plan_id=http_plan.id,
    storage_account_name=http_storage_account.name,
    storage_account_access_key=http_storage_account.primary_access_key,
    version="~3",
    os_type="linux",
    app_settings={
        "FUNCTIONS_WORKER_RUNTIME": "python",
        "WEBSITE_RUN_FROM_PACKAGE": http_signed_blob_url
    }
)
set_func_app_secret = keyvault.Secret(
    resource_name="function_app_key",
    name="test-token",
    value=http_function_app.default_function_key,
    key_vault_id=eng_enablement_vault.id
)

The reason is, I create the whole resource group from scratch, so a fresh pulumi up would through this error during the planning phase

    Exception: invocation of azure:appservice/getFunctionApp:getFunctionApp returned an error: invoking azure:appservice/getFunctionApp:getFunctionApp: Error: AzureRM Function App AppSettings "function-app" (Resource Group "test-rg") was not found
    error: an unhandled error occurred: Program exited with non-zero exit code: 1

And when I comment out the: get_func_app_keys = appservice.get_function_app_host_keys(name=http_function_app.name, resource_group_name=resource_group.name) and below, then run pulumi up, and uncomment and run again it works

so I understood that the appservice.get_function_app_host_keys expects that the resource group is already created (but it is not yet at this stage), also tried setting opts.depends_on in the appservice.get_function_app_host_keys, but it doesn't accept it. So I think return the host keys as part of the function app creation would solve the problem

Thanks in advance :)

[penleychan]

We're you able to find a solution to this? Or is the only option is to run pulumi up twice, first create the function app then grab the keys?