Skip to content

Commit

Permalink
Reflect 0.15 sensitivity fields in plan & config (#32)
Browse files Browse the repository at this point in the history
  • Loading branch information
radeksimko authored Apr 1, 2021
1 parent 6e41686 commit dd1a819
Show file tree
Hide file tree
Showing 4 changed files with 168 additions and 0 deletions.
3 changes: 3 additions & 0 deletions config.go
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,9 @@ type ConfigVariable struct {

// The defined text description of the variable.
Description string `json:"description,omitempty"`

// Whether the variable is marked as sensitive
Sensitive bool `json:"sensitive,omitempty"`
}

// ConfigProvisioner describes a provisioner declared in a resource
Expand Down
8 changes: 8 additions & 0 deletions plan.go
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,14 @@ type Change struct {
// If the value cannot be found in this map, then its value should
// be available within After, so long as the operation supports it.
AfterUnknown interface{} `json:"after_unknown,omitempty"`

// BeforeSensitive and AfterSensitive are object values with similar
// structure to Before and After, but with all sensitive leaf values
// replaced with true, and all non-sensitive leaf values omitted. These
// objects should be combined with Before and After to prevent accidental
// display of sensitive values in user interfaces.
BeforeSensitive interface{} `json:"before_sensitive,omitempty"`
AfterSensitive interface{} `json:"after_sensitive,omitempty"`
}

// PlanVariable is a top-level variable in the Terraform plan.
Expand Down
40 changes: 40 additions & 0 deletions plan_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ import (
"encoding/json"
"os"
"testing"

"github.com/google/go-cmp/cmp"
)

func TestPlanValidate(t *testing.T) {
Expand All @@ -22,3 +24,41 @@ func TestPlanValidate(t *testing.T) {
t.Fatal(err)
}
}

func TestPlan_015(t *testing.T) {
f, err := os.Open("testdata/basic/plan-0.15.json")
if err != nil {
t.Fatal(err)
}
defer f.Close()

var plan *Plan
if err := json.NewDecoder(f).Decode(&plan); err != nil {
t.Fatal(err)
}

if err := plan.Validate(); err != nil {
t.Fatal(err)
}

expectedChange := &Change{
Actions: Actions{"create"},
After: map[string]interface{}{"ami": "boop"},
AfterUnknown: map[string]interface{}{"id": true},
BeforeSensitive: false,
AfterSensitive: map[string]interface{}{"ami": true},
}
if diff := cmp.Diff(expectedChange, plan.ResourceChanges[0].Change); diff != "" {
t.Fatalf("unexpected change: %s", diff)
}

expectedVariable := map[string]*ConfigVariable{
"test_var": {
Default: "boop",
Sensitive: true,
},
}
if diff := cmp.Diff(expectedVariable, plan.Config.RootModule.Variables); diff != "" {
t.Fatalf("unexpected variables: %s", diff)
}
}
117 changes: 117 additions & 0 deletions testdata/basic/plan-0.15.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,117 @@
{
"format_version": "0.1",
"variables": {
"test_var": {
"value": "boop"
}
},
"planned_values": {
"outputs": {
"test": {
"sensitive": true,
"value": "boop"
}
},
"root_module": {
"resources": [
{
"address": "test_instance.test",
"mode": "managed",
"type": "test_instance",
"name": "test",
"provider_name": "registry.terraform.io/hashicorp/test",
"schema_version": 0,
"values": {
"ami": "boop"
}
}
]
}
},
"resource_changes": [
{
"address": "test_instance.test",
"mode": "managed",
"type": "test_instance",
"provider_name": "registry.terraform.io/hashicorp/test",
"name": "test",
"change": {
"actions": [
"create"
],
"before": null,
"after": {
"ami": "boop"
},
"after_unknown": {
"id": true
},
"after_sensitive": {
"ami": true
},
"before_sensitive": false
}
}
],
"output_changes": {
"test": {
"actions": [
"create"
],
"before": null,
"after": "boop",
"after_unknown": false,
"before_sensitive": true,
"after_sensitive": true
}
},
"prior_state": {
"format_version": "0.1",
"values": {
"outputs": {
"test": {
"sensitive": true,
"value": "boop"
}
},
"root_module": {}
}
},
"configuration": {
"root_module": {
"outputs": {
"test": {
"expression": {
"references": [
"test_instance.test"
]
},
"sensitive": true
}
},
"resources": [
{
"address": "test_instance.test",
"mode": "managed",
"type": "test_instance",
"name": "test",
"provider_config_key": "test",
"schema_version": 0,
"expressions": {
"ami": {
"references": [
"var.test_var"
]
}
}
}
],
"variables": {
"test_var": {
"default": "boop",
"sensitive": true
}
}
}
}
}

0 comments on commit dd1a819

Please sign in to comment.