2018-12-19 20:08:25 +01:00
|
|
|
package jsonstate
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
2019-01-03 21:08:03 +01:00
|
|
|
"fmt"
|
2019-01-12 00:13:55 +01:00
|
|
|
"sort"
|
2018-12-19 20:08:25 +01:00
|
|
|
|
2019-01-03 21:08:03 +01:00
|
|
|
"github.com/zclconf/go-cty/cty"
|
|
|
|
ctyjson "github.com/zclconf/go-cty/cty/json"
|
|
|
|
|
2021-05-17 21:00:50 +02:00
|
|
|
"github.com/hashicorp/terraform/internal/addrs"
|
2021-06-24 23:53:43 +02:00
|
|
|
"github.com/hashicorp/terraform/internal/lang/marks"
|
2021-05-17 21:43:35 +02:00
|
|
|
"github.com/hashicorp/terraform/internal/states"
|
|
|
|
"github.com/hashicorp/terraform/internal/states/statefile"
|
2021-05-17 21:46:19 +02:00
|
|
|
"github.com/hashicorp/terraform/internal/terraform"
|
2018-12-19 20:08:25 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
// FormatVersion represents the version of the json format and will be
|
|
|
|
// incremented for any change to this format that requires changes to a
|
|
|
|
// consuming parser.
|
2021-06-14 15:19:13 +02:00
|
|
|
const FormatVersion = "0.2"
|
2018-12-19 20:08:25 +01:00
|
|
|
|
|
|
|
// state is the top-level representation of the json format of a terraform
|
|
|
|
// state.
|
|
|
|
type state struct {
|
2019-03-14 22:52:07 +01:00
|
|
|
FormatVersion string `json:"format_version,omitempty"`
|
|
|
|
TerraformVersion string `json:"terraform_version,omitempty"`
|
|
|
|
Values *stateValues `json:"values,omitempty"`
|
2018-12-19 20:08:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// stateValues is the common representation of resolved values for both the prior
|
|
|
|
// state (which is always complete) and the planned new state.
|
|
|
|
type stateValues struct {
|
2019-01-03 21:08:03 +01:00
|
|
|
Outputs map[string]output `json:"outputs,omitempty"`
|
|
|
|
RootModule module `json:"root_module,omitempty"`
|
2018-12-19 20:08:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
type output struct {
|
2019-01-09 17:59:11 +01:00
|
|
|
Sensitive bool `json:"sensitive"`
|
2019-01-03 21:08:03 +01:00
|
|
|
Value json.RawMessage `json:"value,omitempty"`
|
2018-12-19 20:08:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// module is the representation of a module in state. This can be the root module
|
|
|
|
// or a child module
|
|
|
|
type module struct {
|
2019-01-25 18:17:40 +01:00
|
|
|
// Resources are sorted in a user-friendly order that is undefined at this
|
|
|
|
// time, but consistent.
|
2019-01-03 21:08:03 +01:00
|
|
|
Resources []resource `json:"resources,omitempty"`
|
2018-12-19 20:08:25 +01:00
|
|
|
|
|
|
|
// Address is the absolute module address, omitted for the root module
|
|
|
|
Address string `json:"address,omitempty"`
|
|
|
|
|
|
|
|
// Each module object can optionally have its own nested "child_modules",
|
|
|
|
// recursively describing the full module tree.
|
|
|
|
ChildModules []module `json:"child_modules,omitempty"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// Resource is the representation of a resource in the state.
|
|
|
|
type resource struct {
|
|
|
|
// Address is the absolute resource address
|
2019-01-03 21:08:03 +01:00
|
|
|
Address string `json:"address,omitempty"`
|
2018-12-19 20:08:25 +01:00
|
|
|
|
|
|
|
// Mode can be "managed" or "data"
|
2019-01-03 21:08:03 +01:00
|
|
|
Mode string `json:"mode,omitempty"`
|
2018-12-19 20:08:25 +01:00
|
|
|
|
2019-01-03 21:08:03 +01:00
|
|
|
Type string `json:"type,omitempty"`
|
|
|
|
Name string `json:"name,omitempty"`
|
2018-12-19 20:08:25 +01:00
|
|
|
|
|
|
|
// Index is omitted for a resource not using `count` or `for_each`.
|
2019-01-03 21:08:03 +01:00
|
|
|
Index addrs.InstanceKey `json:"index,omitempty"`
|
2018-12-19 20:08:25 +01:00
|
|
|
|
|
|
|
// ProviderName allows the property "type" to be interpreted unambiguously
|
|
|
|
// in the unusual situation where a provider offers a resource type whose
|
|
|
|
// name does not start with its own name, such as the "googlebeta" provider
|
|
|
|
// offering "google_compute_instance".
|
|
|
|
ProviderName string `json:"provider_name"`
|
|
|
|
|
|
|
|
// SchemaVersion indicates which version of the resource type schema the
|
|
|
|
// "values" property conforms to.
|
2019-02-01 22:47:18 +01:00
|
|
|
SchemaVersion uint64 `json:"schema_version"`
|
2018-12-19 20:08:25 +01:00
|
|
|
|
2019-01-03 21:08:03 +01:00
|
|
|
// AttributeValues is the JSON representation of the attribute values of the
|
2018-12-19 20:08:25 +01:00
|
|
|
// resource, whose structure depends on the resource type schema. Any
|
|
|
|
// unknown values are omitted or set to null, making them indistinguishable
|
|
|
|
// from absent values.
|
2019-01-03 21:08:03 +01:00
|
|
|
AttributeValues attributeValues `json:"values,omitempty"`
|
2019-02-11 22:17:03 +01:00
|
|
|
|
2021-06-14 15:19:13 +02:00
|
|
|
// SensitiveValues is similar to AttributeValues, but with all sensitive
|
|
|
|
// values replaced with true, and all non-sensitive leaf values omitted.
|
|
|
|
SensitiveValues json.RawMessage `json:"sensitive_values,omitempty"`
|
|
|
|
|
2019-02-11 22:17:03 +01:00
|
|
|
// DependsOn contains a list of the resource's dependencies. The entries are
|
|
|
|
// addresses relative to the containing module.
|
|
|
|
DependsOn []string `json:"depends_on,omitempty"`
|
|
|
|
|
|
|
|
// Tainted is true if the resource is tainted in terraform state.
|
|
|
|
Tainted bool `json:"tainted,omitempty"`
|
2019-10-08 19:42:34 +02:00
|
|
|
|
|
|
|
// Deposed is set if the resource is deposed in terraform state.
|
|
|
|
DeposedKey string `json:"deposed_key,omitempty"`
|
2018-12-19 20:08:25 +01:00
|
|
|
}
|
|
|
|
|
2019-01-03 21:08:03 +01:00
|
|
|
// attributeValues is the JSON representation of the attribute values of the
|
|
|
|
// resource, whose structure depends on the resource type schema.
|
|
|
|
type attributeValues map[string]interface{}
|
|
|
|
|
2020-10-28 20:11:45 +01:00
|
|
|
func marshalAttributeValues(value cty.Value) attributeValues {
|
|
|
|
// unmark our value to show all values
|
|
|
|
value, _ = value.UnmarkDeep()
|
|
|
|
|
2019-11-25 21:01:38 +01:00
|
|
|
if value == cty.NilVal || value.IsNull() {
|
2019-01-09 17:59:11 +01:00
|
|
|
return nil
|
|
|
|
}
|
2019-11-25 21:01:38 +01:00
|
|
|
|
2019-01-03 21:08:03 +01:00
|
|
|
ret := make(attributeValues)
|
|
|
|
|
|
|
|
it := value.ElementIterator()
|
|
|
|
for it.Next() {
|
|
|
|
k, v := it.Element()
|
mildwonkey/b-show-state (#20032)
* command/show: properly marshal attribute values to json
marshalAttributeValues in jsonstate and jsonplan packages was returning
a cty.Value, which json/encoding could not marshal. These functions now
convert those cty.Values into json.RawMessages.
* command/jsonplan: planned values should include resources that are not changing
* command/jsonplan: return a filtered list of proposed 'after' attributes
Previously, proposed 'after' attributes were not being shown if the
attributes were not WhollyKnown. jsonplan now iterates through all the
`after` attributes, omitting those which are not wholly known.
The same was roughly true for after_unknown, and that structure is now
correctly populated. In the future we may choose to filter the
after_unknown structure to _only_ display unknown attributes, instead of
all attributes.
* command/jsonconfig: use a unique key for providers so that aliased
providers don't get munged together
This now uses the same "provider" key from configs.Module, e.g.
`providername.provideralias`.
* command/jsonplan: unknownAsBool needs to iterate through objects that are not wholly known
* command/jsonplan: properly display actions as strings according to the RFC,
instead of a plans.Action string.
For example:
a plans.Action string DeleteThenCreate should be displayed as ["delete",
"create"]
Tests have been updated to reflect this.
* command/jsonplan: return "null" for unknown list items.
The length of a list could be meaningful on its own, so we will turn
unknowns into "null". The same is less likely true for maps and objects,
so we will continue to omit unknown values from those.
2019-01-23 20:46:53 +01:00
|
|
|
vJSON, _ := ctyjson.Marshal(v, v.Type())
|
|
|
|
ret[k.AsString()] = json.RawMessage(vJSON)
|
2019-01-03 21:08:03 +01:00
|
|
|
}
|
|
|
|
return ret
|
2018-12-19 20:08:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// newState() returns a minimally-initialized state
|
|
|
|
func newState() *state {
|
|
|
|
return &state{
|
|
|
|
FormatVersion: FormatVersion,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
mildwonkey/b-show-state (#20032)
* command/show: properly marshal attribute values to json
marshalAttributeValues in jsonstate and jsonplan packages was returning
a cty.Value, which json/encoding could not marshal. These functions now
convert those cty.Values into json.RawMessages.
* command/jsonplan: planned values should include resources that are not changing
* command/jsonplan: return a filtered list of proposed 'after' attributes
Previously, proposed 'after' attributes were not being shown if the
attributes were not WhollyKnown. jsonplan now iterates through all the
`after` attributes, omitting those which are not wholly known.
The same was roughly true for after_unknown, and that structure is now
correctly populated. In the future we may choose to filter the
after_unknown structure to _only_ display unknown attributes, instead of
all attributes.
* command/jsonconfig: use a unique key for providers so that aliased
providers don't get munged together
This now uses the same "provider" key from configs.Module, e.g.
`providername.provideralias`.
* command/jsonplan: unknownAsBool needs to iterate through objects that are not wholly known
* command/jsonplan: properly display actions as strings according to the RFC,
instead of a plans.Action string.
For example:
a plans.Action string DeleteThenCreate should be displayed as ["delete",
"create"]
Tests have been updated to reflect this.
* command/jsonplan: return "null" for unknown list items.
The length of a list could be meaningful on its own, so we will turn
unknowns into "null". The same is less likely true for maps and objects,
so we will continue to omit unknown values from those.
2019-01-23 20:46:53 +01:00
|
|
|
// Marshal returns the json encoding of a terraform state.
|
2019-01-25 00:28:53 +01:00
|
|
|
func Marshal(sf *statefile.File, schemas *terraform.Schemas) ([]byte, error) {
|
2019-03-14 22:52:07 +01:00
|
|
|
output := newState()
|
|
|
|
|
2019-01-25 00:28:53 +01:00
|
|
|
if sf == nil || sf.State.Empty() {
|
2019-03-14 22:52:07 +01:00
|
|
|
ret, err := json.Marshal(output)
|
|
|
|
return ret, err
|
2018-12-19 20:08:25 +01:00
|
|
|
}
|
|
|
|
|
2019-01-29 00:53:53 +01:00
|
|
|
if sf.TerraformVersion != nil {
|
|
|
|
output.TerraformVersion = sf.TerraformVersion.String()
|
|
|
|
}
|
2019-03-14 22:52:07 +01:00
|
|
|
|
2019-01-03 21:08:03 +01:00
|
|
|
// output.StateValues
|
2019-01-25 00:28:53 +01:00
|
|
|
err := output.marshalStateValues(sf.State, schemas)
|
2019-01-03 21:08:03 +01:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2019-03-11 15:29:36 +01:00
|
|
|
ret, err := json.Marshal(output)
|
2018-12-19 20:08:25 +01:00
|
|
|
return ret, err
|
|
|
|
}
|
2019-01-03 21:08:03 +01:00
|
|
|
|
|
|
|
func (jsonstate *state) marshalStateValues(s *states.State, schemas *terraform.Schemas) error {
|
|
|
|
var sv stateValues
|
|
|
|
var err error
|
|
|
|
|
|
|
|
// only marshal the root module outputs
|
|
|
|
sv.Outputs, err = marshalOutputs(s.RootModule().OutputValues)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// use the state and module map to build up the module structure
|
|
|
|
sv.RootModule, err = marshalRootModule(s, schemas)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-03-14 22:52:07 +01:00
|
|
|
jsonstate.Values = &sv
|
2019-01-03 21:08:03 +01:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func marshalOutputs(outputs map[string]*states.OutputValue) (map[string]output, error) {
|
|
|
|
if outputs == nil {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
ret := make(map[string]output)
|
|
|
|
for k, v := range outputs {
|
|
|
|
ov, err := ctyjson.Marshal(v.Value, v.Value.Type())
|
|
|
|
if err != nil {
|
|
|
|
return ret, err
|
|
|
|
}
|
|
|
|
ret[k] = output{
|
|
|
|
Value: ov,
|
|
|
|
Sensitive: v.Sensitive,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func marshalRootModule(s *states.State, schemas *terraform.Schemas) (module, error) {
|
|
|
|
var ret module
|
|
|
|
var err error
|
|
|
|
|
|
|
|
ret.Address = ""
|
2021-06-14 15:19:13 +02:00
|
|
|
rs, err := marshalResources(s.RootModule().Resources, addrs.RootModuleInstance, schemas)
|
2019-01-03 21:08:03 +01:00
|
|
|
if err != nil {
|
|
|
|
return ret, err
|
|
|
|
}
|
2021-06-14 15:19:13 +02:00
|
|
|
ret.Resources = rs
|
2019-01-03 21:08:03 +01:00
|
|
|
|
2021-01-11 18:31:20 +01:00
|
|
|
// build a map of module -> set[child module addresses]
|
|
|
|
moduleChildSet := make(map[string]map[string]struct{})
|
2019-01-03 21:08:03 +01:00
|
|
|
for _, mod := range s.Modules {
|
|
|
|
if mod.Addr.IsRoot() {
|
|
|
|
continue
|
|
|
|
} else {
|
2021-01-11 18:31:20 +01:00
|
|
|
for childAddr := mod.Addr; !childAddr.IsRoot(); childAddr = childAddr.Parent() {
|
|
|
|
if _, ok := moduleChildSet[childAddr.Parent().String()]; !ok {
|
|
|
|
moduleChildSet[childAddr.Parent().String()] = map[string]struct{}{}
|
|
|
|
}
|
|
|
|
moduleChildSet[childAddr.Parent().String()][childAddr.String()] = struct{}{}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// transform the previous map into map of module -> [child module addresses]
|
|
|
|
moduleMap := make(map[string][]addrs.ModuleInstance)
|
|
|
|
for parent, children := range moduleChildSet {
|
|
|
|
for child := range children {
|
|
|
|
childModuleInstance, diags := addrs.ParseModuleInstanceStr(child)
|
|
|
|
if diags.HasErrors() {
|
|
|
|
return ret, diags.Err()
|
|
|
|
}
|
|
|
|
moduleMap[parent] = append(moduleMap[parent], childModuleInstance)
|
2019-01-03 21:08:03 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// use the state and module map to build up the module structure
|
|
|
|
ret.ChildModules, err = marshalModules(s, schemas, moduleMap[""], moduleMap)
|
|
|
|
return ret, err
|
|
|
|
}
|
|
|
|
|
2020-03-09 20:57:14 +01:00
|
|
|
// marshalModules is an ungainly recursive function to build a module structure
|
|
|
|
// out of terraform state.
|
2019-01-03 21:08:03 +01:00
|
|
|
func marshalModules(
|
|
|
|
s *states.State,
|
|
|
|
schemas *terraform.Schemas,
|
|
|
|
modules []addrs.ModuleInstance,
|
|
|
|
moduleMap map[string][]addrs.ModuleInstance,
|
|
|
|
) ([]module, error) {
|
|
|
|
var ret []module
|
|
|
|
for _, child := range modules {
|
|
|
|
// cm for child module, naming things is hard.
|
2021-01-11 18:31:20 +01:00
|
|
|
cm := module{Address: child.String()}
|
|
|
|
|
|
|
|
// the module may be resourceless and contain only submodules, it will then be nil here
|
|
|
|
stateMod := s.Module(child)
|
|
|
|
if stateMod != nil {
|
|
|
|
rs, err := marshalResources(stateMod.Resources, stateMod.Addr, schemas)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
cm.Resources = rs
|
2019-01-03 21:08:03 +01:00
|
|
|
}
|
2021-01-11 18:31:20 +01:00
|
|
|
|
2019-01-03 21:08:03 +01:00
|
|
|
if moduleMap[child.String()] != nil {
|
|
|
|
moreChildModules, err := marshalModules(s, schemas, moduleMap[child.String()], moduleMap)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
cm.ChildModules = moreChildModules
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = append(ret, cm)
|
|
|
|
}
|
|
|
|
|
2020-03-09 20:57:14 +01:00
|
|
|
// sort the child modules by address for consistency.
|
|
|
|
sort.Slice(ret, func(i, j int) bool {
|
|
|
|
return ret[i].Address < ret[j].Address
|
|
|
|
})
|
|
|
|
|
2019-01-03 21:08:03 +01:00
|
|
|
return ret, nil
|
|
|
|
}
|
|
|
|
|
2020-03-05 14:13:45 +01:00
|
|
|
func marshalResources(resources map[string]*states.Resource, module addrs.ModuleInstance, schemas *terraform.Schemas) ([]resource, error) {
|
2019-01-03 21:08:03 +01:00
|
|
|
var ret []resource
|
|
|
|
|
|
|
|
for _, r := range resources {
|
|
|
|
for k, ri := range r.Instances {
|
|
|
|
|
2020-03-16 21:50:48 +01:00
|
|
|
resAddr := r.Addr.Resource
|
|
|
|
|
2019-10-08 19:42:34 +02:00
|
|
|
current := resource{
|
2020-03-16 21:50:48 +01:00
|
|
|
Address: r.Addr.Instance(k).String(),
|
2020-04-25 03:36:44 +02:00
|
|
|
Index: k,
|
2020-03-16 21:50:48 +01:00
|
|
|
Type: resAddr.Type,
|
|
|
|
Name: resAddr.Name,
|
2020-04-02 18:58:44 +02:00
|
|
|
ProviderName: r.ProviderConfig.Provider.String(),
|
2019-01-03 21:08:03 +01:00
|
|
|
}
|
|
|
|
|
2020-03-16 21:50:48 +01:00
|
|
|
switch resAddr.Mode {
|
2019-01-03 21:08:03 +01:00
|
|
|
case addrs.ManagedResourceMode:
|
2019-10-08 19:42:34 +02:00
|
|
|
current.Mode = "managed"
|
2019-01-03 21:08:03 +01:00
|
|
|
case addrs.DataResourceMode:
|
2019-10-08 19:42:34 +02:00
|
|
|
current.Mode = "data"
|
2019-01-03 21:08:03 +01:00
|
|
|
default:
|
|
|
|
return ret, fmt.Errorf("resource %s has an unsupported mode %s",
|
2020-03-16 21:50:48 +01:00
|
|
|
resAddr.String(),
|
|
|
|
resAddr.Mode.String(),
|
2019-01-03 21:08:03 +01:00
|
|
|
)
|
|
|
|
}
|
|
|
|
|
2021-02-23 16:19:24 +01:00
|
|
|
schema, version := schemas.ResourceTypeConfig(
|
2020-02-13 21:32:58 +01:00
|
|
|
r.ProviderConfig.Provider,
|
2020-03-16 21:50:48 +01:00
|
|
|
resAddr.Mode,
|
|
|
|
resAddr.Type,
|
2019-01-03 21:08:03 +01:00
|
|
|
)
|
|
|
|
|
2019-10-08 19:42:34 +02:00
|
|
|
// It is possible that the only instance is deposed
|
|
|
|
if ri.Current != nil {
|
2021-02-23 16:19:24 +01:00
|
|
|
if version != ri.Current.SchemaVersion {
|
|
|
|
return nil, fmt.Errorf("schema version %d for %s in state does not match version %d from the provider", ri.Current.SchemaVersion, resAddr, version)
|
|
|
|
}
|
|
|
|
|
2019-10-08 19:42:34 +02:00
|
|
|
current.SchemaVersion = ri.Current.SchemaVersion
|
2019-01-03 21:08:03 +01:00
|
|
|
|
2019-10-08 19:42:34 +02:00
|
|
|
if schema == nil {
|
2020-04-03 00:45:19 +02:00
|
|
|
return nil, fmt.Errorf("no schema found for %s (in provider %s)", resAddr.String(), r.ProviderConfig.Provider)
|
2019-10-08 19:42:34 +02:00
|
|
|
}
|
|
|
|
riObj, err := ri.Current.Decode(schema.ImpliedType())
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2020-10-28 20:11:45 +01:00
|
|
|
current.AttributeValues = marshalAttributeValues(riObj.Value)
|
2019-01-03 21:08:03 +01:00
|
|
|
|
2021-06-14 15:19:13 +02:00
|
|
|
// Mark the resource instance value with any marks stored in AttrSensitivePaths so we can build the SensitiveValues object
|
|
|
|
markedVal := riObj.Value.MarkWithPaths(ri.Current.AttrSensitivePaths)
|
|
|
|
s := SensitiveAsBool(markedVal)
|
|
|
|
v, err := ctyjson.Marshal(s, s.Type())
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
current.SensitiveValues = v
|
|
|
|
|
2019-10-08 19:42:34 +02:00
|
|
|
if len(riObj.Dependencies) > 0 {
|
|
|
|
dependencies := make([]string, len(riObj.Dependencies))
|
|
|
|
for i, v := range riObj.Dependencies {
|
|
|
|
dependencies[i] = v.String()
|
|
|
|
}
|
|
|
|
current.DependsOn = dependencies
|
2019-02-11 22:17:03 +01:00
|
|
|
}
|
|
|
|
|
2019-10-08 19:42:34 +02:00
|
|
|
if riObj.Status == states.ObjectTainted {
|
|
|
|
current.Tainted = true
|
|
|
|
}
|
|
|
|
ret = append(ret, current)
|
2019-02-11 22:17:03 +01:00
|
|
|
}
|
|
|
|
|
2019-10-08 19:42:34 +02:00
|
|
|
for deposedKey, rios := range ri.Deposed {
|
|
|
|
// copy the base fields from the current instance
|
|
|
|
deposed := resource{
|
|
|
|
Address: current.Address,
|
|
|
|
Type: current.Type,
|
|
|
|
Name: current.Name,
|
|
|
|
ProviderName: current.ProviderName,
|
|
|
|
Mode: current.Mode,
|
|
|
|
Index: current.Index,
|
|
|
|
}
|
|
|
|
|
|
|
|
riObj, err := rios.Decode(schema.ImpliedType())
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2020-10-28 20:11:45 +01:00
|
|
|
deposed.AttributeValues = marshalAttributeValues(riObj.Value)
|
2019-01-03 21:08:03 +01:00
|
|
|
|
2021-06-14 15:19:13 +02:00
|
|
|
// Mark the resource instance value with any marks stored in AttrSensitivePaths so we can build the SensitiveValues object
|
|
|
|
markedVal := riObj.Value.MarkWithPaths(rios.AttrSensitivePaths)
|
|
|
|
s := SensitiveAsBool(markedVal)
|
|
|
|
v, err := ctyjson.Marshal(s, s.Type())
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
deposed.SensitiveValues = v
|
|
|
|
|
2019-10-08 19:42:34 +02:00
|
|
|
if len(riObj.Dependencies) > 0 {
|
|
|
|
dependencies := make([]string, len(riObj.Dependencies))
|
|
|
|
for i, v := range riObj.Dependencies {
|
|
|
|
dependencies[i] = v.String()
|
|
|
|
}
|
|
|
|
deposed.DependsOn = dependencies
|
|
|
|
}
|
|
|
|
|
|
|
|
if riObj.Status == states.ObjectTainted {
|
|
|
|
deposed.Tainted = true
|
|
|
|
}
|
|
|
|
deposed.DeposedKey = deposedKey.String()
|
|
|
|
ret = append(ret, deposed)
|
|
|
|
}
|
|
|
|
}
|
2019-01-03 21:08:03 +01:00
|
|
|
}
|
|
|
|
|
2019-01-12 00:13:55 +01:00
|
|
|
sort.Slice(ret, func(i, j int) bool {
|
|
|
|
return ret[i].Address < ret[j].Address
|
|
|
|
})
|
|
|
|
|
2019-01-03 21:08:03 +01:00
|
|
|
return ret, nil
|
|
|
|
}
|
2021-06-14 15:19:13 +02:00
|
|
|
|
|
|
|
func SensitiveAsBool(val cty.Value) cty.Value {
|
2021-06-24 23:53:43 +02:00
|
|
|
if val.HasMark(marks.Sensitive) {
|
2021-06-14 15:19:13 +02:00
|
|
|
return cty.True
|
|
|
|
}
|
|
|
|
|
|
|
|
ty := val.Type()
|
|
|
|
switch {
|
|
|
|
case val.IsNull(), ty.IsPrimitiveType(), ty.Equals(cty.DynamicPseudoType):
|
|
|
|
return cty.False
|
|
|
|
case ty.IsListType() || ty.IsTupleType() || ty.IsSetType():
|
|
|
|
if !val.IsKnown() {
|
|
|
|
// If the collection is unknown we can't say anything about the
|
|
|
|
// sensitivity of its contents
|
|
|
|
return cty.EmptyTupleVal
|
|
|
|
}
|
|
|
|
length := val.LengthInt()
|
|
|
|
if length == 0 {
|
|
|
|
// If there are no elements then we can't have sensitive values
|
|
|
|
return cty.EmptyTupleVal
|
|
|
|
}
|
|
|
|
vals := make([]cty.Value, 0, length)
|
|
|
|
it := val.ElementIterator()
|
|
|
|
for it.Next() {
|
|
|
|
_, v := it.Element()
|
|
|
|
vals = append(vals, SensitiveAsBool(v))
|
|
|
|
}
|
|
|
|
// The above transform may have changed the types of some of the
|
|
|
|
// elements, so we'll always use a tuple here in case we've now made
|
|
|
|
// different elements have different types. Our ultimate goal is to
|
|
|
|
// marshal to JSON anyway, and all of these sequence types are
|
|
|
|
// indistinguishable in JSON.
|
|
|
|
return cty.TupleVal(vals)
|
|
|
|
case ty.IsMapType() || ty.IsObjectType():
|
|
|
|
if !val.IsKnown() {
|
|
|
|
// If the map/object is unknown we can't say anything about the
|
|
|
|
// sensitivity of its attributes
|
|
|
|
return cty.EmptyObjectVal
|
|
|
|
}
|
|
|
|
var length int
|
|
|
|
switch {
|
|
|
|
case ty.IsMapType():
|
|
|
|
length = val.LengthInt()
|
|
|
|
default:
|
|
|
|
length = len(val.Type().AttributeTypes())
|
|
|
|
}
|
|
|
|
if length == 0 {
|
|
|
|
// If there are no elements then we can't have sensitive values
|
|
|
|
return cty.EmptyObjectVal
|
|
|
|
}
|
|
|
|
vals := make(map[string]cty.Value)
|
|
|
|
it := val.ElementIterator()
|
|
|
|
for it.Next() {
|
|
|
|
k, v := it.Element()
|
|
|
|
s := SensitiveAsBool(v)
|
|
|
|
// Omit all of the "false"s for non-sensitive values for more
|
|
|
|
// compact serialization
|
|
|
|
if !s.RawEquals(cty.False) {
|
|
|
|
vals[k.AsString()] = s
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// The above transform may have changed the types of some of the
|
|
|
|
// elements, so we'll always use an object here in case we've now made
|
|
|
|
// different elements have different types. Our ultimate goal is to
|
|
|
|
// marshal to JSON anyway, and all of these mapping types are
|
|
|
|
// indistinguishable in JSON.
|
|
|
|
return cty.ObjectVal(vals)
|
|
|
|
default:
|
|
|
|
// Should never happen, since the above should cover all types
|
|
|
|
panic(fmt.Sprintf("sensitiveAsBool cannot handle %#v", val))
|
|
|
|
}
|
|
|
|
}
|