diff --git a/CHANGELOG.md b/CHANGELOG.md index e8da4d93a..d2777ae0e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ IMPROVEMENTS: * core: Add a function to find the index of an element in a list. [GH-2704] * core: Print all outputs when `terraform output` is called with no arguments [GH-2920] * core: In plan output summary, count resource replacement as Add/Remove instead of Change [GH-3173] + * core: Add interpolation functions for base64 encoding and decoding. [GH-3325] * provider/aws: Add `instance_initiated_shutdown_behavior` to AWS Instance [GH-2887] * provider/aws: Support IAM role names (previously just ARNs) in `aws_ecs_service.iam_role` [GH-3061] * provider/aws: Add update method to RDS Subnet groups, can modify subnets without recreating [GH-3053] diff --git a/config/interpolate_funcs.go b/config/interpolate_funcs.go index bbe2b8434..4778f1ec6 100644 --- a/config/interpolate_funcs.go +++ b/config/interpolate_funcs.go @@ -2,6 +2,7 @@ package config import ( "bytes" + "encoding/base64" "errors" "fmt" "io/ioutil" @@ -29,6 +30,8 @@ func init() { "length": interpolationFuncLength(), "replace": interpolationFuncReplace(), "split": interpolationFuncSplit(), + "base64enc": interpolationFuncBase64Encode(), + "base64dec": interpolationFuncBase64Decode(), } } @@ -392,3 +395,33 @@ func interpolationFuncValues(vs map[string]ast.Variable) ast.Function { }, } } + +// interpolationFuncBase64Encode implements the "base64enc" function that allows +// Base64 encoding. +func interpolationFuncBase64Encode() ast.Function { + return ast.Function{ + ArgTypes: []ast.Type{ast.TypeString}, + ReturnType: ast.TypeString, + Callback: func(args []interface{}) (interface{}, error) { + s := args[0].(string) + return base64.StdEncoding.EncodeToString([]byte(s)), nil + }, + } +} + +// interpolationFuncBase64Decode implements the "base64dec" function that allows +// Base64 decoding. +func interpolationFuncBase64Decode() ast.Function { + return ast.Function{ + ArgTypes: []ast.Type{ast.TypeString}, + ReturnType: ast.TypeString, + Callback: func(args []interface{}) (interface{}, error) { + s := args[0].(string) + sDec, err := base64.StdEncoding.DecodeString(s) + if err != nil { + return "", fmt.Errorf("failed to decode base64 data '%s'", s) + } + return string(sDec), nil + }, + } +} diff --git a/config/interpolate_funcs_test.go b/config/interpolate_funcs_test.go index 05f84c201..773f92c99 100644 --- a/config/interpolate_funcs_test.go +++ b/config/interpolate_funcs_test.go @@ -584,6 +584,39 @@ func TestInterpolateFuncElement(t *testing.T) { }) } +func TestInterpolateFuncBase64Encode(t *testing.T) { + testFunction(t, testFunctionConfig{ + Cases: []testFunctionCase{ + // Regular base64 encoding + { + `${base64enc("abc123!?$*&()'-=@~")}`, + "YWJjMTIzIT8kKiYoKSctPUB+", + false, + }, + }, + }) +} + +func TestInterpolateFuncBase64Decode(t *testing.T) { + testFunction(t, testFunctionConfig{ + Cases: []testFunctionCase{ + // Regular base64 decoding + { + `${base64dec("YWJjMTIzIT8kKiYoKSctPUB+")}`, + "abc123!?$*&()'-=@~", + false, + }, + + // Invalid base64 data decoding + { + `${base64dec("this-is-an-invalid-base64-data")}`, + nil, + true, + }, + }, + }) +} + type testFunctionConfig struct { Cases []testFunctionCase Vars map[string]ast.Variable diff --git a/website/source/docs/configuration/interpolation.html.md b/website/source/docs/configuration/interpolation.html.md index f4730acd6..ff47202d8 100644 --- a/website/source/docs/configuration/interpolation.html.md +++ b/website/source/docs/configuration/interpolation.html.md @@ -74,6 +74,12 @@ are documented below. The supported built-in functions are: + * `base64dec(string)` - Given a base64-encoded string, decodes it and + returns the original string. + + * `base64enc(string)` - Returns a base64-encoded representation of the + given string. + * `concat(list1, list2)` - Combines two or more lists into a single list. Example: `concat(aws_instance.db.*.tags.Name, aws_instance.web.*.tags.Name)`