diff --git a/CHANGELOG.md b/CHANGELOG.md index b7ff8221b..6d85e0523 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -27,6 +27,10 @@ Given a version number `MAJOR.MINOR.PATCH`, we increment the: - Add support for dot (`.`) in the tag syntax. - Now you can add tags like `v1.0.0-abc_xyz` +### Changed + +- The **Outputs Sharing** feature now has no default value for the `sensitive` field of `input` and `output` blocks. + ## v0.10.8 ### Fixed diff --git a/config/sharing_backend.go b/config/sharing_backend.go index 75e8ec100..b4346971f 100644 --- a/config/sharing_backend.go +++ b/config/sharing_backend.go @@ -20,7 +20,7 @@ type ( Backend string FromStackID string value hhcl.Expression - Sensitive bool + Sensitive *bool mock hhcl.Expression } @@ -34,7 +34,7 @@ type ( Description string Backend string Value hhcl.Expression - Sensitive bool + Sensitive *bool } // Outputs is a list of outputs. @@ -44,11 +44,10 @@ type ( // EvalInput evaluates an input block using the provided evaluation context. func EvalInput(evalctx *eval.Context, input hcl.Input) (Input, error) { evaluatedInput := Input{ - Range: input.Range, - Name: input.Name, // TODO(i4k): validate name. - Sensitive: true, - value: input.Value, - mock: input.Mock, + Range: input.Range, + Name: input.Name, // TODO(i4k): validate name. + value: input.Value, + mock: input.Mock, } var err error errs := errors.L() @@ -59,7 +58,10 @@ func EvalInput(evalctx *eval.Context, input hcl.Input) (Input, error) { errs.Append(validateID(evaluatedInput.FromStackID, "input.from_stack_id")) if input.Sensitive != nil { - evaluatedInput.Sensitive, err = evalBool(evalctx, input.Sensitive, "input.sensitive") + val, err := evalBool(evalctx, input.Sensitive, "input.sensitive") + if err == nil { + evaluatedInput.Sensitive = &val + } errs.Append(err) } if err := errs.AsError(); err != nil { @@ -93,9 +95,8 @@ func (i *Input) Mock(evalctx *eval.Context) (cty.Value, bool, error) { // EvalOutput evaluates an output block using the provided evaluation context. func EvalOutput(evalctx *eval.Context, output hcl.Output) (Output, error) { evaluatedOutput := Output{ - Name: output.Name, - Sensitive: true, - Value: output.Value, + Name: output.Name, + Value: output.Value, } var err error errs := errors.L() @@ -104,7 +105,10 @@ func EvalOutput(evalctx *eval.Context, output hcl.Output) (Output, error) { errs.Append(err) } if output.Sensitive != nil { - evaluatedOutput.Sensitive, err = evalBool(evalctx, output.Sensitive, "output.sensitive") + val, err := evalBool(evalctx, output.Sensitive, "output.sensitive") + if err == nil { + evaluatedOutput.Sensitive = &val + } errs.Append(err) } evaluatedOutput.Backend, err = evalString(evalctx, output.Backend, "output.backend") diff --git a/config/sharing_backend_test.go b/config/sharing_backend_test.go index f74fa9e10..5e82491ff 100644 --- a/config/sharing_backend_test.go +++ b/config/sharing_backend_test.go @@ -35,7 +35,9 @@ func TestEvalSharingBackendInput(t *testing.T) { wantErr error wantValueErr error } - t.Helper() + t.Parallel() + falsy := false + truthy := true for _, tc := range []testcase{ { name: "invalid backend attribute", @@ -77,7 +79,30 @@ func TestEvalSharingBackendInput(t *testing.T) { wantErr: errors.E(`"input.from_stack_id" "id cannot contain spaces" doesn't match "^[a-zA-Z0-9_-]{1,64}$"`), }, { - name: "complete working input", + name: "complete working input - sensitive=(unset)", + globals: map[string]cty.Value{ + "my_backend": cty.StringVal("my-backend"), + "other_stack": cty.StringVal("other-stack"), + "val": cty.StringVal("from-global"), + }, + config: Input( + Labels("var_name"), + Expr("value", `"${outputs.var_name}-${global.val}"`), + Expr("from_stack_id", `global.other_stack`), + Expr("backend", `global.my_backend`), + ), + outputs: map[string]cty.Value{ + "var_name": cty.StringVal("test"), + }, + want: config.Input{ + Name: "var_name", + FromStackID: "other-stack", + Backend: "my-backend", + }, + wantValue: cty.StringVal("test-from-global"), + }, + { + name: "complete working input - sensitive=false", globals: map[string]cty.Value{ "my_backend": cty.StringVal("my-backend"), "other_stack": cty.StringVal("other-stack"), @@ -98,7 +123,33 @@ func TestEvalSharingBackendInput(t *testing.T) { Name: "var_name", FromStackID: "other-stack", Backend: "my-backend", - Sensitive: false, + Sensitive: &falsy, + }, + wantValue: cty.StringVal("test-from-global"), + }, + { + name: "complete working input - sensitive=true", + globals: map[string]cty.Value{ + "my_backend": cty.StringVal("my-backend"), + "other_stack": cty.StringVal("other-stack"), + "val": cty.StringVal("from-global"), + "is_secret": cty.BoolVal(true), + }, + config: Input( + Labels("var_name"), + Expr("value", `"${outputs.var_name}-${global.val}"`), + Expr("from_stack_id", `global.other_stack`), + Expr("backend", `global.my_backend`), + Expr("sensitive", `global.is_secret`), + ), + outputs: map[string]cty.Value{ + "var_name": cty.StringVal("test"), + }, + want: config.Input{ + Name: "var_name", + FromStackID: "other-stack", + Backend: "my-backend", + Sensitive: &truthy, }, wantValue: cty.StringVal("test-from-global"), }, @@ -171,7 +222,8 @@ func TestEvalSharingBackendOutput(t *testing.T) { wantValue string wantErr error } - t.Helper() + t.Parallel() + falsy := false for _, tc := range []testcase{ { name: "invalid backend attribute", @@ -200,7 +252,7 @@ func TestEvalSharingBackendOutput(t *testing.T) { Name: "var_name", Description: "my output description", Backend: "my-backend", - Sensitive: false, + Sensitive: &falsy, }, wantValue: `module.test.var_name`, }, diff --git a/generate/generate_sharing_test.go b/generate/generate_sharing_test.go index cc7d5a362..9e40586ff 100644 --- a/generate/generate_sharing_test.go +++ b/generate/generate_sharing_test.go @@ -50,7 +50,7 @@ func TestGenerateSharing(t *testing.T) { }, }, { - name: "single input generated", + name: "single input generated - sensitive=(unset)", layout: []string{ "s:stacks/stack-1", "s:stacks/stack-2", @@ -87,7 +87,60 @@ func TestGenerateSharing(t *testing.T) { Block("variable", Labels("var_name"), Expr("type", "any"), - Bool("sensitive", true), + ), + ), + }, + }, + }, + wantReport: generate.Report{ + Successes: []generate.Result{ + { + Dir: project.NewPath("/stacks/stack-1"), + Created: []string{"test.tf"}, + }, + }, + }, + }, + { + name: "single input generated - sensitive=false", + layout: []string{ + "s:stacks/stack-1", + "s:stacks/stack-2", + }, + configs: []hclconfig{ + { + path: "/", + add: enableSharingExperiment, + }, + { + path: "/", + add: Block("sharing_backend", + Labels("name"), + Expr("type", "terraform"), + Expr("command", `["echo"]`), + Str("filename", "test.tf"), + ), + }, + { + path: "/stacks/stack-1", + add: Input( + Labels("var_name"), + Str("backend", "name"), + Expr("value", "outputs.var_name"), + Str("from_stack_id", "abc"), + Bool("sensitive", false), + ), + }, + }, + want: []generatedFile{ + { + dir: "/stacks/stack-1", + files: map[string]fmt.Stringer{ + "test.tf": Doc( + Block("variable", + Labels("var_name"), + Expr("type", "any"), + Bool("sensitive", false), ), ), }, @@ -157,7 +210,6 @@ func TestGenerateSharing(t *testing.T) { Block("variable", Labels("var_name2"), Expr("type", "any"), - Bool("sensitive", true), ), ), }, @@ -173,7 +225,7 @@ func TestGenerateSharing(t *testing.T) { }, }, { - name: "single output generated", + name: "single output generated - sensitive=(unset)", layout: []string{ "s:stacks/stack-1", "s:stacks/stack-2", @@ -210,7 +262,6 @@ func TestGenerateSharing(t *testing.T) { Block("output", Labels("var_name"), Expr("value", "module.something"), - Bool("sensitive", true), ), ), }, @@ -252,7 +303,6 @@ func TestGenerateSharing(t *testing.T) { Labels("var_name1"), Str("backend", "name"), Expr("value", "module.something1"), - Bool("sensitive", false), ), }, { @@ -274,7 +324,6 @@ func TestGenerateSharing(t *testing.T) { Block("output", Labels("var_name1"), Expr("value", "module.something1"), - Bool("sensitive", false), ), Block("output", Labels("var_name2"), @@ -363,6 +412,7 @@ func TestGenerateSharing(t *testing.T) { Labels("var_output4"), Str("backend", "name"), Expr("value", "module.something4"), + Bool("sensitive", false), ), Input( Labels("var_input4"), @@ -386,7 +436,6 @@ func TestGenerateSharing(t *testing.T) { Block("variable", Labels("var_input2"), Expr("type", "any"), - Bool("sensitive", true), ), Block("variable", Labels("var_input3"), @@ -396,27 +445,23 @@ func TestGenerateSharing(t *testing.T) { Block("variable", Labels("var_input4"), Expr("type", "any"), - Bool("sensitive", true), ), Block("output", Labels("var_output1"), Expr("value", "module.something1"), - Bool("sensitive", true), ), Block("output", Labels("var_output2"), Expr("value", "module.something2"), - Bool("sensitive", true), ), Block("output", Labels("var_output3"), Expr("value", "module.something3"), - Bool("sensitive", true), ), Block("output", Labels("var_output4"), Expr("value", "module.something4"), - Bool("sensitive", true), + Bool("sensitive", false), ), ), }, @@ -467,7 +512,6 @@ func TestSharingOrphanedFilesAreDeleted(t *testing.T) { expectedOutput := genhcl.Header(genhcl.DefaultComment) + Block("output", Labels("name"), Expr("value", "module.test"), - Bool("sensitive", true), ).String() + "\n" gotOutput := s.RootEntry().ReadFile("s1/sharing.tf") assert.EqualStrings(t, expectedOutput, string(gotOutput)) @@ -475,7 +519,6 @@ func TestSharingOrphanedFilesAreDeleted(t *testing.T) { expectedInput := genhcl.Header(genhcl.DefaultComment) + Block("variable", Labels("name"), Expr("type", "any"), - Bool("sensitive", true), ).String() + "\n" gotInput := s.RootEntry().ReadFile("s2/sharing.tf") assert.EqualStrings(t, expectedInput, string(gotInput)) diff --git a/generate/sharing/sharing_backend.go b/generate/sharing/sharing_backend.go index de35d0c24..68964eea1 100644 --- a/generate/sharing/sharing_backend.go +++ b/generate/sharing/sharing_backend.go @@ -43,7 +43,9 @@ func PrepareFile(root *config.Root, filename string, inputs config.Inputs, outpu Bytes: []byte("any"), }, }) - blockBody.SetAttributeValue("sensitive", cty.BoolVal(in.Sensitive)) + if in.Sensitive != nil { + blockBody.SetAttributeValue("sensitive", cty.BoolVal(*in.Sensitive)) + } body.AppendBlock(varBlock) } for _, out := range outputs { @@ -53,7 +55,9 @@ func PrepareFile(root *config.Root, filename string, inputs config.Inputs, outpu outBlock := hclwrite.NewBlock("output", []string{out.Name}) blockBody := outBlock.Body() blockBody.SetAttributeRaw("value", ast.TokensForExpression(out.Value)) - blockBody.SetAttributeValue("sensitive", cty.BoolVal(out.Sensitive)) + if out.Sensitive != nil { + blockBody.SetAttributeValue("sensitive", cty.BoolVal(*out.Sensitive)) + } body.AppendBlock(outBlock) }