Go to file
Martin Atkins 8f233cde4c cli: Diagnostics can include collections with sensitive elements
We previously had a shallow IsMarked call in compactValueStr's caller but
then a more-conservative deep ContainsMarked call inside compactValueStr
with a different resulting message. As well as causing an inconsistency
in messages, this was also a bit confusing because it made it seem like
a non-sensitive collection containing a sensitive element value was wholly
sensitive, making the debug information in the diagnostic messages not
trustworthy for debugging certain varieties of problem.

I originally considered just removing the redundant check in
compactValueStr here, but ultimately I decided to keep it as a sort of
defense in depth in case a future refactoring disconnects these two
checks. This should also serve as a prompt to someone making later changes
to compactValueStr to think about the implications of sensitive values
in there, which otherwise wouldn't be mentioned at all.

Disclosing information about a collection containing sensitive values is
safe here because compactValueStr only discloses information about the
value's type and element keys, and neither of those can be sensitive in
isolation. (Constructing a map with sensitive keys reduces to a sensitive
overall map.)
2021-04-19 11:58:49 -07:00
.circleci remove unsupported platforms from tests 2021-03-30 11:10:03 -04:00
.github update to match new default branch name (#27909) 2021-02-24 13:36:47 -05:00
addrs Improve ModuleInstance String() performance (#28246) 2021-04-05 08:44:27 -04:00
backend backend/remote: Add IsLocalOperations 2021-04-16 11:43:57 -04:00
builtin remote provisioners require a connection config 2021-02-24 13:25:58 -05:00
command cli: Diagnostics can include collections with sensitive elements 2021-04-19 11:58:49 -07:00
communicator Grammar nit: "setup" as a verb should be spelled "set up" 2021-01-26 20:39:11 +01:00
configs resolve provider types when building the config 2021-04-16 12:37:50 -04:00
dag tiny optimisations of dag.Set 2021-04-09 22:59:30 +03:00
docs update destroying doc to show show more CBD detail 2021-03-23 11:21:43 -04:00
e2e command/cliconfig: Allow development overrides for providers 2020-10-16 14:31:15 -07:00
experiments Conclude provider sensitivity experiment 2021-03-10 12:10:26 -05:00
httpclient Merge pull request #22272 from hashicorp/f-httpclient-ua 2019-08-12 20:20:03 +01:00
instances instances: staticcheck 2020-12-02 13:59:19 -05:00
internal Accept TF_LOG=json to enable TRACE logs in JSON format 2021-03-16 14:59:15 -07:00
lang lang/funcs: "one" function 2021-04-12 15:32:03 -07:00
moduledeps remove LegacyProvider (#26433) 2020-10-05 08:33:49 -04:00
plans plans/planfile: Add required-replace and sensitive 2021-03-25 14:42:34 -04:00
plugin use WholeContainingBody instead of Sourceless 2021-04-06 15:15:52 -04:00
plugin6 providers.Interface: rename ValidateDataSourceConfig to ValidateDataResourceConfig (#27874) 2021-02-24 12:04:28 -05:00
providers providers.Interface: rename ValidateDataSourceConfig to ValidateDataResourceConfig (#27874) 2021-02-24 12:04:28 -05:00
provisioners provisioners: Add Factory type and FactoryFixed helper 2018-10-16 19:14:11 -07:00
registry registry: staticcheck 2020-12-02 13:59:19 -05:00
repl Mildwonkey/providers interface renaming (#27805) 2021-02-18 10:13:43 -05:00
scripts Remove revision from version command 2021-01-12 16:35:30 -05:00
states fix ResourceInstanceObject.DeepCopy 2021-03-25 17:39:53 -04:00
terraform wrong operation during destroy plan walk 2021-04-19 12:35:10 -04:00
tfdiags add addresses to diagnostics 2021-04-06 15:15:52 -04:00
tools terraform-bundle: return an error if "versions" argument is omitted (#28158) 2021-03-22 10:51:03 -04:00
version Cleanup after v0.15.0-alpha20210210 release 2021-02-10 18:00:31 +00:00
website website: v0.15 upgrade guide had invalid example for tomap(...) 2021-04-19 10:20:03 -07:00
.gitignore ignoring the vendor folder 2020-10-27 19:07:32 +01:00
.go-version build: Use Go 1.16.2 2021-03-17 10:27:37 -07:00
.hashibot.hcl Restore issue migrator 2020-10-09 15:41:15 -04:00
.tfdev Remove revision from version command 2021-01-12 16:35:30 -05:00
BUGPROCESS.md Update BUGPROCESS.md 2020-12-10 12:15:39 -05:00
CHANGELOG.md Update CHANGELOG.md 2021-02-24 10:09:08 -08:00
CODEOWNERS Updating codeowners with our deprecated status for tool-specific provisioners 2020-09-29 14:19:56 -04:00
Dockerfile switch to hashicorp docker mirror 2020-10-29 22:37:11 -04:00
LICENSE Adding license 2014-07-28 13:54:06 -04:00
Makefile Remove website-test task from Makefile 2021-01-13 17:35:54 -08:00
README.md update to match new default branch name (#27909) 2021-02-24 13:36:47 -05:00
checkpoint.go Remove config.go and update things using its aliases 2020-01-13 16:50:05 -05:00
codecov.yml update to match new default branch name (#27909) 2021-02-24 13:36:47 -05:00
commands.go command: Experimental "terraform test" command 2021-02-22 14:21:45 -08:00
go.mod bump go-getter to 1.5.2 (#28189) 2021-04-05 09:01:47 -04:00
go.sum bump go-getter to 1.5.2 (#28189) 2021-04-05 09:01:47 -04:00
help.go Update links to CLI docs in code comments, messages, and readme 2021-01-22 12:22:21 -08:00
main.go don't error when processing autocomplete commands 2021-03-31 13:28:08 -04:00
main_test.go don't error when processing autocomplete commands 2021-03-31 13:28:08 -04:00
plugins.go Remove config.go and update things using its aliases 2020-01-13 16:50:05 -05:00
provider_source.go Correct the spelling of heirarchy/hierarchy throughout 2021-02-05 15:07:04 +00:00
signal_unix.go Forward SIGTERM and handle that as an interrupt 2016-12-08 12:20:25 -05:00
signal_windows.go Forward SIGTERM and handle that as an interrupt 2016-12-08 12:20:25 -05:00
version.go Remove revision from version command 2021-01-12 16:35:30 -05:00

README.md

Terraform

Terraform

Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.

The key features of Terraform are:

  • Infrastructure as Code: Infrastructure is described using a high-level configuration syntax. This allows a blueprint of your datacenter to be versioned and treated as you would any other code. Additionally, infrastructure can be shared and re-used.

  • Execution Plans: Terraform has a "planning" step where it generates an execution plan. The execution plan shows what Terraform will do when you call apply. This lets you avoid any surprises when Terraform manipulates infrastructure.

  • Resource Graph: Terraform builds a graph of all your resources, and parallelizes the creation and modification of any non-dependent resources. Because of this, Terraform builds infrastructure as efficiently as possible, and operators get insight into dependencies in their infrastructure.

  • Change Automation: Complex changesets can be applied to your infrastructure with minimal human interaction. With the previously mentioned execution plan and resource graph, you know exactly what Terraform will change and in what order, avoiding many possible human errors.

For more information, see the introduction section of the Terraform website.

Getting Started & Documentation

Documentation is available on the Terraform website:

If you're new to Terraform and want to get started creating infrastructure, please check out our Getting Started guides on HashiCorp's learning platform. There are also additional guides to continue your learning.

Show off your Terraform knowledge by passing a certification exam. Visit the certification page for information about exams and find study materials on HashiCorp's learning platform.

Developing Terraform

This repository contains only Terraform core, which includes the command line interface and the main graph engine. Providers are implemented as plugins, and Terraform can automatically download providers that are published on the Terraform Registry. HashiCorp develops some providers, and others are developed by other organizations. For more information, see Extending Terraform.

To learn more about compiling Terraform and contributing suggested changes, please refer to the contributing guide.

To learn more about how we handle bug reports, please read the bug triage guide.

License

Mozilla Public License v2.0