ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #6923 from paybyphone/paybyphone_sensitive_schema 

core: Adding Sensitive attribute to resource schema
This commit is contained in:
Paul Hinze 2016-05-31 11:57:54 -05:00
parent adee6c8bed 9d7fb89114
commit 5964f4a85d
6 changed files with 60 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
builtin/providers/aws/resource_aws_db_instance.go
View File

@ -44,8 +44,9 @@ func resourceAwsDbInstance() *schema.Resource {
}, },
"password": &schema.Schema{ "password": &schema.Schema{
Type: schema.TypeString, Type: schema.TypeString,
Optional: true, Optional: true,
Sensitive: true,
}, },
"engine": &schema.Schema{ "engine": &schema.Schema{

22
command/format_plan.go
View File

@ -147,26 +147,38 @@ func formatPlanModuleExpand(
v = "<computed>" v = "<computed>"
} }
newResource := "" if attrDiff.Sensitive {
v = "<sensitive>"
}
updateMsg := ""
if attrDiff.RequiresNew && rdiff.Destroy { if attrDiff.RequiresNew && rdiff.Destroy {
newResource = opts.Color.Color(" [red](forces new resource)") updateMsg = opts.Color.Color(" [red](forces new resource)")
} else if attrDiff.Sensitive && oldValues {
updateMsg = opts.Color.Color(" [yellow](attribute changed)")
} }
if oldValues { if oldValues {
var u string
if attrDiff.Sensitive {
u = "<sensitive>"
} else {
u = attrDiff.Old
}
buf.WriteString(fmt.Sprintf( buf.WriteString(fmt.Sprintf(
" %s:%s %#v => %#v%s\n", " %s:%s %#v => %#v%s\n",
attrK, attrK,
strings.Repeat(" ", keyLen-len(attrK)), strings.Repeat(" ", keyLen-len(attrK)),
attrDiff.Old, u,
v, v,
newResource)) updateMsg))
} else { } else {
buf.WriteString(fmt.Sprintf( buf.WriteString(fmt.Sprintf(
" %s:%s %#v%s\n", " %s:%s %#v%s\n",
attrK, attrK,
strings.Repeat(" ", keyLen-len(attrK)), strings.Repeat(" ", keyLen-len(attrK)),
v, v,
newResource)) updateMsg))
} }
} }

8
command/hook_ui.go
View File

@ -103,15 +103,21 @@ func (h *UiHook) PreApply(
attrDiff := d.Attributes[attrK] attrDiff := d.Attributes[attrK]
v := attrDiff.New v := attrDiff.New
u := attrDiff.Old
if attrDiff.NewComputed { if attrDiff.NewComputed {
v = "<computed>" v = "<computed>"
} }
if attrDiff.Sensitive {
u = "<sensitive>"
v = "<sensitive>"
}
attrBuf.WriteString(fmt.Sprintf( attrBuf.WriteString(fmt.Sprintf(
" %s:%s %#v => %#v\n", " %s:%s %#v => %#v\n",
attrK, attrK,
strings.Repeat(" ", keyLen-len(attrK)), strings.Repeat(" ", keyLen-len(attrK)),
attrDiff.Old, u,
v)) v))
} }

11
helper/schema/schema.go
View File

@ -147,6 +147,12 @@ type Schema struct {
// //
// ValidateFunc currently only works for primitive types. // ValidateFunc currently only works for primitive types.
ValidateFunc SchemaValidateFunc ValidateFunc SchemaValidateFunc
// Sensitive ensures that the attribute's value does not get displayed in
// logs or regular output. It should be used for passwords or other
// secret fields. Futrure versions of Terraform may encrypt these
// values.
Sensitive bool
} }
// SchemaDefaultFunc is a function called to return a default value for // SchemaDefaultFunc is a function called to return a default value for
@ -281,6 +287,11 @@ func (s *Schema) finalizeDiff(
d.RequiresNew = true d.RequiresNew = true
} }
if s.Sensitive {
// Set the Sensitive flag so output is hidden in the UI
d.Sensitive = true
}
return d return d
} }

17
terraform/diff.go
View File

@ -247,22 +247,30 @@ func (d *ModuleDiff) String() string {
attrDiff := rdiff.Attributes[attrK] attrDiff := rdiff.Attributes[attrK]
v := attrDiff.New v := attrDiff.New
u := attrDiff.Old
if attrDiff.NewComputed { if attrDiff.NewComputed {
v = "<computed>" v = "<computed>"
} }
newResource := "" if attrDiff.Sensitive {
u = "<sensitive>"
v = "<sensitive>"
}
updateMsg := ""
if attrDiff.RequiresNew { if attrDiff.RequiresNew {
newResource = " (forces new resource)" updateMsg = " (forces new resource)"
} else if attrDiff.Sensitive {
updateMsg = " (attribute changed)"
} }
buf.WriteString(fmt.Sprintf( buf.WriteString(fmt.Sprintf(
" %s:%s %#v => %#v%s\n", " %s:%s %#v => %#v%s\n",
attrK, attrK,
strings.Repeat(" ", keyLen-len(attrK)), strings.Repeat(" ", keyLen-len(attrK)),
attrDiff.Old, u,
v, v,
newResource)) updateMsg))
} }
} }
@ -284,6 +292,7 @@ type ResourceAttrDiff struct {
NewRemoved bool // True if this attribute is being removed NewRemoved bool // True if this attribute is being removed
NewExtra interface{} // Extra information for the provider NewExtra interface{} // Extra information for the provider
RequiresNew bool // True if change requires new resource RequiresNew bool // True if change requires new resource
Sensitive bool // True if the data should not be displayed in UI output
Type DiffAttrType Type DiffAttrType
} }

12
terraform/diff_test.go
View File

@ -153,6 +153,11 @@ func TestModuleDiff_String(t *testing.T) {
New: "bar", New: "bar",
RequiresNew: true, RequiresNew: true,
}, },
"secretfoo": &ResourceAttrDiff{
Old: "foo",
New: "bar",
Sensitive: true,
},
}, },
}, },
}, },
@ -607,7 +612,8 @@ func TestInstanceDiffSame(t *testing.T) {
const moduleDiffStrBasic = ` const moduleDiffStrBasic = `
CREATE: nodeA CREATE: nodeA
bar: "foo" => "<computed>" bar: "foo" => "<computed>"
foo: "foo" => "bar" foo: "foo" => "bar"
longfoo: "foo" => "bar" (forces new resource) longfoo: "foo" => "bar" (forces new resource)
secretfoo: "<sensitive>" => "<sensitive>" (attribute changed)
` `