2020-12-19 00:46:30 +01:00
|
|
|
package funcs
|
|
|
|
|
|
|
|
import (
|
2021-06-23 22:24:58 +02:00
|
|
|
"github.com/hashicorp/terraform/internal/lang/marks"
|
2020-12-19 00:46:30 +01:00
|
|
|
"github.com/zclconf/go-cty/cty"
|
|
|
|
"github.com/zclconf/go-cty/cty/function"
|
|
|
|
)
|
|
|
|
|
|
|
|
// SensitiveFunc returns a value identical to its argument except that
|
|
|
|
// Terraform will consider it to be sensitive.
|
|
|
|
var SensitiveFunc = function.New(&function.Spec{
|
|
|
|
Params: []function.Parameter{
|
|
|
|
{
|
|
|
|
Name: "value",
|
|
|
|
Type: cty.DynamicPseudoType,
|
|
|
|
AllowUnknown: true,
|
|
|
|
AllowNull: true,
|
|
|
|
AllowMarked: true,
|
|
|
|
AllowDynamicType: true,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Type: func(args []cty.Value) (cty.Type, error) {
|
|
|
|
// This function only affects the value's marks, so the result
|
|
|
|
// type is always the same as the argument type.
|
|
|
|
return args[0].Type(), nil
|
|
|
|
},
|
|
|
|
Impl: func(args []cty.Value, retType cty.Type) (ret cty.Value, err error) {
|
|
|
|
val, _ := args[0].Unmark()
|
2021-06-23 22:24:58 +02:00
|
|
|
return val.Mark(marks.Sensitive), nil
|
2020-12-19 00:46:30 +01:00
|
|
|
},
|
|
|
|
})
|
|
|
|
|
|
|
|
// NonsensitiveFunc takes a sensitive value and returns the same value without
|
|
|
|
// the sensitive marking, effectively exposing the value.
|
|
|
|
var NonsensitiveFunc = function.New(&function.Spec{
|
|
|
|
Params: []function.Parameter{
|
|
|
|
{
|
|
|
|
Name: "value",
|
|
|
|
Type: cty.DynamicPseudoType,
|
|
|
|
AllowUnknown: true,
|
|
|
|
AllowNull: true,
|
|
|
|
AllowMarked: true,
|
|
|
|
AllowDynamicType: true,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Type: func(args []cty.Value) (cty.Type, error) {
|
|
|
|
// This function only affects the value's marks, so the result
|
|
|
|
// type is always the same as the argument type.
|
|
|
|
return args[0].Type(), nil
|
|
|
|
},
|
|
|
|
Impl: func(args []cty.Value, retType cty.Type) (ret cty.Value, err error) {
|
2021-06-23 22:24:58 +02:00
|
|
|
if args[0].IsKnown() && !args[0].HasMark(marks.Sensitive) {
|
2020-12-19 00:46:30 +01:00
|
|
|
return cty.DynamicVal, function.NewArgErrorf(0, "the given value is not sensitive, so this call is redundant")
|
|
|
|
}
|
2021-06-23 22:24:58 +02:00
|
|
|
v, m := args[0].Unmark()
|
|
|
|
delete(m, marks.Sensitive) // remove the sensitive marking
|
|
|
|
return v.WithMarks(m), nil
|
2020-12-19 00:46:30 +01:00
|
|
|
},
|
|
|
|
})
|
|
|
|
|
|
|
|
func Sensitive(v cty.Value) (cty.Value, error) {
|
|
|
|
return SensitiveFunc.Call([]cty.Value{v})
|
|
|
|
}
|
|
|
|
|
|
|
|
func Nonsensitive(v cty.Value) (cty.Value, error) {
|
|
|
|
return NonsensitiveFunc.Call([]cty.Value{v})
|
|
|
|
}
|