terraform/command/jsonplan/plan.go

838 lines
27 KiB
Go

package jsonplan
import (
"encoding/json"
"fmt"
"sort"
"github.com/zclconf/go-cty/cty"
ctyjson "github.com/zclconf/go-cty/cty/json"
"github.com/hashicorp/terraform/command/jsonconfig"
"github.com/hashicorp/terraform/command/jsonstate"
"github.com/hashicorp/terraform/configs"
"github.com/hashicorp/terraform/internal/addrs"
"github.com/hashicorp/terraform/plans"
"github.com/hashicorp/terraform/states"
"github.com/hashicorp/terraform/states/statefile"
"github.com/hashicorp/terraform/terraform"
"github.com/hashicorp/terraform/version"
)
// FormatVersion represents the version of the json format and will be
// incremented for any change to this format that requires changes to a
// consuming parser.
const FormatVersion = "0.1"
// Plan is the top-level representation of the json format of a plan. It includes
// the complete config and current state.
type plan struct {
FormatVersion string `json:"format_version,omitempty"`
TerraformVersion string `json:"terraform_version,omitempty"`
Variables variables `json:"variables,omitempty"`
PlannedValues stateValues `json:"planned_values,omitempty"`
// ResourceDrift and ResourceChanges are sorted in a user-friendly order
// that is undefined at this time, but consistent.
ResourceDrift []resourceChange `json:"resource_drift,omitempty"`
ResourceChanges []resourceChange `json:"resource_changes,omitempty"`
OutputChanges map[string]change `json:"output_changes,omitempty"`
PriorState json.RawMessage `json:"prior_state,omitempty"`
Config json.RawMessage `json:"configuration,omitempty"`
}
func newPlan() *plan {
return &plan{
FormatVersion: FormatVersion,
}
}
// Change is the representation of a proposed change for an object.
type change struct {
// Actions are the actions that will be taken on the object selected by the
// properties below. Valid actions values are:
// ["no-op"]
// ["create"]
// ["read"]
// ["update"]
// ["delete", "create"]
// ["create", "delete"]
// ["delete"]
// The two "replace" actions are represented in this way to allow callers to
// e.g. just scan the list for "delete" to recognize all three situations
// where the object will be deleted, allowing for any new deletion
// combinations that might be added in future.
Actions []string `json:"actions,omitempty"`
// Before and After are representations of the object value both before and
// after the action. For ["create"] and ["delete"] actions, either "before"
// or "after" is unset (respectively). For ["no-op"], the before and after
// values are identical. The "after" value will be incomplete if there are
// values within it that won't be known until after apply.
Before json.RawMessage `json:"before,omitempty"`
After json.RawMessage `json:"after,omitempty"`
// AfterUnknown is an object value with similar structure to After, but
// with all unknown leaf values replaced with true, and all known leaf
// values omitted. This can be combined with After to reconstruct a full
// value after the action, including values which will only be known after
// apply.
AfterUnknown json.RawMessage `json:"after_unknown,omitempty"`
// BeforeSensitive and AfterSensitive are object values with similar
// structure to Before and After, but with all sensitive leaf values
// replaced with true, and all non-sensitive leaf values omitted. These
// objects should be combined with Before and After to prevent accidental
// display of sensitive values in user interfaces.
BeforeSensitive json.RawMessage `json:"before_sensitive,omitempty"`
AfterSensitive json.RawMessage `json:"after_sensitive,omitempty"`
// ReplacePaths is an array of arrays representing a set of paths into the
// object value which resulted in the action being "replace". This will be
// omitted if the action is not replace, or if no paths caused the
// replacement (for example, if the resource was tainted). Each path
// consists of one or more steps, each of which will be a number or a
// string.
ReplacePaths json.RawMessage `json:"replace_paths,omitempty"`
}
type output struct {
Sensitive bool `json:"sensitive"`
Value json.RawMessage `json:"value,omitempty"`
}
// variables is the JSON representation of the variables provided to the current
// plan.
type variables map[string]*variable
type variable struct {
Value json.RawMessage `json:"value,omitempty"`
}
// Marshal returns the json encoding of a terraform plan.
func Marshal(
config *configs.Config,
p *plans.Plan,
sf *statefile.File,
schemas *terraform.Schemas,
) ([]byte, error) {
output := newPlan()
output.TerraformVersion = version.String()
err := output.marshalPlanVariables(p.VariableValues, schemas)
if err != nil {
return nil, fmt.Errorf("error in marshalPlanVariables: %s", err)
}
// output.PlannedValues
err = output.marshalPlannedValues(p.Changes, schemas)
if err != nil {
return nil, fmt.Errorf("error in marshalPlannedValues: %s", err)
}
// output.ResourceDrift
err = output.marshalResourceDrift(p.PrevRunState, p.PriorState, schemas)
if err != nil {
return nil, fmt.Errorf("error in marshalResourceDrift: %s", err)
}
// output.ResourceChanges
err = output.marshalResourceChanges(p.Changes, schemas)
if err != nil {
return nil, fmt.Errorf("error in marshalResourceChanges: %s", err)
}
// output.OutputChanges
err = output.marshalOutputChanges(p.Changes)
if err != nil {
return nil, fmt.Errorf("error in marshaling output changes: %s", err)
}
// output.PriorState
if sf != nil && !sf.State.Empty() {
output.PriorState, err = jsonstate.Marshal(sf, schemas)
if err != nil {
return nil, fmt.Errorf("error marshaling prior state: %s", err)
}
}
// output.Config
output.Config, err = jsonconfig.Marshal(config, schemas)
if err != nil {
return nil, fmt.Errorf("error marshaling config: %s", err)
}
ret, err := json.Marshal(output)
return ret, err
}
func (p *plan) marshalPlanVariables(vars map[string]plans.DynamicValue, schemas *terraform.Schemas) error {
if len(vars) == 0 {
return nil
}
p.Variables = make(variables, len(vars))
for k, v := range vars {
val, err := v.Decode(cty.DynamicPseudoType)
if err != nil {
return err
}
valJSON, err := ctyjson.Marshal(val, val.Type())
if err != nil {
return err
}
p.Variables[k] = &variable{
Value: valJSON,
}
}
return nil
}
func (p *plan) marshalResourceDrift(oldState, newState *states.State, schemas *terraform.Schemas) error {
// Our goal here is to build a data structure of the same shape as we use
// to describe planned resource changes, but in this case we'll be
// taking the old and new values from different state snapshots rather
// than from a real "Changes" object.
//
// In doing this we make an assumption that drift detection can only
// ever show objects as updated or removed, and will never show anything
// as created because we only refresh objects we were already tracking
// after the previous run. This means we can use oldState as our baseline
// for what resource instances we might include, and check for each item
// whether it's present in newState. If we ever have some mechanism to
// detect "additive drift" later then we'll need to take a different
// approach here, but we have no plans for that at the time of writing.
//
// We also assume that both states have had all managed resource objects
// upgraded to match the current schemas given in schemas, so we shouldn't
// need to contend with oldState having old-shaped objects even if the
// user changed provider versions since the last run.
if newState.ManagedResourcesEqual(oldState) {
// Nothing to do, because we only detect and report drift for managed
// resource instances.
return nil
}
for _, ms := range oldState.Modules {
for _, rs := range ms.Resources {
if rs.Addr.Resource.Mode != addrs.ManagedResourceMode {
// Drift reporting is only for managed resources
continue
}
provider := rs.ProviderConfig.Provider
for key, oldIS := range rs.Instances {
if oldIS.Current == nil {
// Not interested in instances that only have deposed objects
continue
}
addr := rs.Addr.Instance(key)
newIS := newState.ResourceInstance(addr)
schema, _ := schemas.ResourceTypeConfig(
provider,
addr.Resource.Resource.Mode,
addr.Resource.Resource.Type,
)
if schema == nil {
return fmt.Errorf("no schema found for %s (in provider %s)", addr, provider)
}
ty := schema.ImpliedType()
oldObj, err := oldIS.Current.Decode(ty)
if err != nil {
return fmt.Errorf("failed to decode previous run data for %s: %s", addr, err)
}
var newObj *states.ResourceInstanceObject
if newIS != nil && newIS.Current != nil {
newObj, err = newIS.Current.Decode(ty)
if err != nil {
return fmt.Errorf("failed to decode refreshed data for %s: %s", addr, err)
}
}
var oldVal, newVal cty.Value
oldVal = oldObj.Value
if newObj != nil {
newVal = newObj.Value
} else {
newVal = cty.NullVal(ty)
}
oldSensitive := sensitiveAsBool(oldVal)
newSensitive := sensitiveAsBool(newVal)
oldVal, _ = oldVal.UnmarkDeep()
newVal, _ = newVal.UnmarkDeep()
var before, after []byte
var beforeSensitive, afterSensitive []byte
before, err = ctyjson.Marshal(oldVal, oldVal.Type())
if err != nil {
return fmt.Errorf("failed to encode previous run data for %s as JSON: %s", addr, err)
}
after, err = ctyjson.Marshal(newVal, oldVal.Type())
if err != nil {
return fmt.Errorf("failed to encode refreshed data for %s as JSON: %s", addr, err)
}
beforeSensitive, err = ctyjson.Marshal(oldSensitive, oldSensitive.Type())
if err != nil {
return fmt.Errorf("failed to encode previous run data sensitivity for %s as JSON: %s", addr, err)
}
afterSensitive, err = ctyjson.Marshal(newSensitive, newSensitive.Type())
if err != nil {
return fmt.Errorf("failed to encode refreshed data sensitivity for %s as JSON: %s", addr, err)
}
// We can only detect updates and deletes as drift.
action := plans.Update
if newVal.IsNull() {
action = plans.Delete
}
change := resourceChange{
ModuleAddress: addr.Module.String(),
Mode: "managed", // drift reporting is only for managed resources
Name: addr.Resource.Resource.Name,
Type: addr.Resource.Resource.Type,
ProviderName: provider.String(),
Change: change{
Actions: actionString(action.String()),
Before: json.RawMessage(before),
BeforeSensitive: json.RawMessage(beforeSensitive),
After: json.RawMessage(after),
AfterSensitive: json.RawMessage(afterSensitive),
// AfterUnknown is never populated here because
// values in a state are always fully known.
},
}
p.ResourceDrift = append(p.ResourceDrift, change)
}
}
}
sort.Slice(p.ResourceChanges, func(i, j int) bool {
return p.ResourceChanges[i].Address < p.ResourceChanges[j].Address
})
return nil
}
func (p *plan) marshalResourceChanges(changes *plans.Changes, schemas *terraform.Schemas) error {
if changes == nil {
// Nothing to do!
return nil
}
for _, rc := range changes.Resources {
var r resourceChange
addr := rc.Addr
r.Address = addr.String()
dataSource := addr.Resource.Resource.Mode == addrs.DataResourceMode
// We create "delete" actions for data resources so we can clean up
// their entries in state, but this is an implementation detail that
// users shouldn't see.
if dataSource && rc.Action == plans.Delete {
continue
}
schema, _ := schemas.ResourceTypeConfig(
rc.ProviderAddr.Provider,
addr.Resource.Resource.Mode,
addr.Resource.Resource.Type,
)
if schema == nil {
return fmt.Errorf("no schema found for %s (in provider %s)", r.Address, rc.ProviderAddr.Provider)
}
changeV, err := rc.Decode(schema.ImpliedType())
if err != nil {
return err
}
// We drop the marks from the change, as decoding is only an
// intermediate step to re-encode the values as json
changeV.Before, _ = changeV.Before.UnmarkDeep()
changeV.After, _ = changeV.After.UnmarkDeep()
var before, after []byte
var beforeSensitive, afterSensitive []byte
var afterUnknown cty.Value
if changeV.Before != cty.NilVal {
before, err = ctyjson.Marshal(changeV.Before, changeV.Before.Type())
if err != nil {
return err
}
marks := rc.BeforeValMarks
if schema.ContainsSensitive() {
marks = append(marks, schema.ValueMarks(changeV.Before, nil)...)
}
bs := sensitiveAsBool(changeV.Before.MarkWithPaths(marks))
beforeSensitive, err = ctyjson.Marshal(bs, bs.Type())
if err != nil {
return err
}
}
if changeV.After != cty.NilVal {
if changeV.After.IsWhollyKnown() {
after, err = ctyjson.Marshal(changeV.After, changeV.After.Type())
if err != nil {
return err
}
afterUnknown = cty.EmptyObjectVal
} else {
filteredAfter := omitUnknowns(changeV.After)
if filteredAfter.IsNull() {
after = nil
} else {
after, err = ctyjson.Marshal(filteredAfter, filteredAfter.Type())
if err != nil {
return err
}
}
afterUnknown = unknownAsBool(changeV.After)
}
marks := rc.AfterValMarks
if schema.ContainsSensitive() {
marks = append(marks, schema.ValueMarks(changeV.After, nil)...)
}
as := sensitiveAsBool(changeV.After.MarkWithPaths(marks))
afterSensitive, err = ctyjson.Marshal(as, as.Type())
if err != nil {
return err
}
}
a, err := ctyjson.Marshal(afterUnknown, afterUnknown.Type())
if err != nil {
return err
}
replacePaths, err := encodePaths(rc.RequiredReplace)
if err != nil {
return err
}
r.Change = change{
Actions: actionString(rc.Action.String()),
Before: json.RawMessage(before),
After: json.RawMessage(after),
AfterUnknown: a,
BeforeSensitive: json.RawMessage(beforeSensitive),
AfterSensitive: json.RawMessage(afterSensitive),
ReplacePaths: replacePaths,
}
if rc.DeposedKey != states.NotDeposed {
r.Deposed = rc.DeposedKey.String()
}
key := addr.Resource.Key
if key != nil {
r.Index = key
}
switch addr.Resource.Resource.Mode {
case addrs.ManagedResourceMode:
r.Mode = "managed"
case addrs.DataResourceMode:
r.Mode = "data"
default:
return fmt.Errorf("resource %s has an unsupported mode %s", r.Address, addr.Resource.Resource.Mode.String())
}
r.ModuleAddress = addr.Module.String()
r.Name = addr.Resource.Resource.Name
r.Type = addr.Resource.Resource.Type
r.ProviderName = rc.ProviderAddr.Provider.String()
switch rc.ActionReason {
case plans.ResourceInstanceChangeNoReason:
r.ActionReason = "" // will be omitted in output
case plans.ResourceInstanceReplaceBecauseCannotUpdate:
r.ActionReason = "replace_because_cannot_update"
case plans.ResourceInstanceReplaceBecauseTainted:
r.ActionReason = "replace_because_tainted"
case plans.ResourceInstanceReplaceByRequest:
r.ActionReason = "replace_by_request"
default:
return fmt.Errorf("resource %s has an unsupported action reason %s", r.Address, rc.ActionReason)
}
p.ResourceChanges = append(p.ResourceChanges, r)
}
sort.Slice(p.ResourceChanges, func(i, j int) bool {
return p.ResourceChanges[i].Address < p.ResourceChanges[j].Address
})
return nil
}
func (p *plan) marshalOutputChanges(changes *plans.Changes) error {
if changes == nil {
// Nothing to do!
return nil
}
p.OutputChanges = make(map[string]change, len(changes.Outputs))
for _, oc := range changes.Outputs {
changeV, err := oc.Decode()
if err != nil {
return err
}
// We drop the marks from the change, as decoding is only an
// intermediate step to re-encode the values as json
changeV.Before, _ = changeV.Before.UnmarkDeep()
changeV.After, _ = changeV.After.UnmarkDeep()
var before, after []byte
afterUnknown := cty.False
if changeV.Before != cty.NilVal {
before, err = ctyjson.Marshal(changeV.Before, changeV.Before.Type())
if err != nil {
return err
}
}
if changeV.After != cty.NilVal {
if changeV.After.IsWhollyKnown() {
after, err = ctyjson.Marshal(changeV.After, changeV.After.Type())
if err != nil {
return err
}
} else {
afterUnknown = cty.True
}
}
// The only information we have in the plan about output sensitivity is
// a boolean which is true if the output was or is marked sensitive. As
// a result, BeforeSensitive and AfterSensitive will be identical, and
// either false or true.
outputSensitive := cty.False
if oc.Sensitive {
outputSensitive = cty.True
}
sensitive, err := ctyjson.Marshal(outputSensitive, outputSensitive.Type())
if err != nil {
return err
}
a, _ := ctyjson.Marshal(afterUnknown, afterUnknown.Type())
c := change{
Actions: actionString(oc.Action.String()),
Before: json.RawMessage(before),
After: json.RawMessage(after),
AfterUnknown: a,
BeforeSensitive: json.RawMessage(sensitive),
AfterSensitive: json.RawMessage(sensitive),
}
p.OutputChanges[oc.Addr.OutputValue.Name] = c
}
return nil
}
func (p *plan) marshalPlannedValues(changes *plans.Changes, schemas *terraform.Schemas) error {
// marshal the planned changes into a module
plan, err := marshalPlannedValues(changes, schemas)
if err != nil {
return err
}
p.PlannedValues.RootModule = plan
// marshalPlannedOutputs
outputs, err := marshalPlannedOutputs(changes)
if err != nil {
return err
}
p.PlannedValues.Outputs = outputs
return nil
}
// omitUnknowns recursively walks the src cty.Value and returns a new cty.Value,
// omitting any unknowns.
//
// The result also normalizes some types: all sequence types are turned into
// tuple types and all mapping types are converted to object types, since we
// assume the result of this is just going to be serialized as JSON (and thus
// lose those distinctions) anyway.
func omitUnknowns(val cty.Value) cty.Value {
ty := val.Type()
switch {
case val.IsNull():
return val
case !val.IsKnown():
return cty.NilVal
case ty.IsPrimitiveType():
return val
case ty.IsListType() || ty.IsTupleType() || ty.IsSetType():
var vals []cty.Value
it := val.ElementIterator()
for it.Next() {
_, v := it.Element()
newVal := omitUnknowns(v)
if newVal != cty.NilVal {
vals = append(vals, newVal)
} else if newVal == cty.NilVal && ty.IsListType() {
// list length may be significant, so we will turn unknowns into nulls
vals = append(vals, cty.NullVal(v.Type()))
}
}
// We use tuple types always here, because the work we did above
// may have caused the individual elements to have different types,
// and we're doing this work to produce JSON anyway and JSON marshalling
// represents all of these sequence types as an array.
return cty.TupleVal(vals)
case ty.IsMapType() || ty.IsObjectType():
vals := make(map[string]cty.Value)
it := val.ElementIterator()
for it.Next() {
k, v := it.Element()
newVal := omitUnknowns(v)
if newVal != cty.NilVal {
vals[k.AsString()] = newVal
}
}
// We use object types always here, because the work we did above
// may have caused the individual elements to have different types,
// and we're doing this work to produce JSON anyway and JSON marshalling
// represents both of these mapping types as an object.
return cty.ObjectVal(vals)
default:
// Should never happen, since the above should cover all types
panic(fmt.Sprintf("omitUnknowns cannot handle %#v", val))
}
}
// recursively iterate through a cty.Value, replacing unknown values (including
// null) with cty.True and known values with cty.False.
//
// The result also normalizes some types: all sequence types are turned into
// tuple types and all mapping types are converted to object types, since we
// assume the result of this is just going to be serialized as JSON (and thus
// lose those distinctions) anyway.
//
// For map/object values, all known attribute values will be omitted instead of
// returning false, as this results in a more compact serialization.
func unknownAsBool(val cty.Value) cty.Value {
ty := val.Type()
switch {
case val.IsNull():
return cty.False
case !val.IsKnown():
if ty.IsPrimitiveType() || ty.Equals(cty.DynamicPseudoType) {
return cty.True
}
fallthrough
case ty.IsPrimitiveType():
return cty.BoolVal(!val.IsKnown())
case ty.IsListType() || ty.IsTupleType() || ty.IsSetType():
length := val.LengthInt()
if length == 0 {
// If there are no elements then we can't have unknowns
return cty.EmptyTupleVal
}
vals := make([]cty.Value, 0, length)
it := val.ElementIterator()
for it.Next() {
_, v := it.Element()
vals = append(vals, unknownAsBool(v))
}
// The above transform may have changed the types of some of the
// elements, so we'll always use a tuple here in case we've now made
// different elements have different types. Our ultimate goal is to
// marshal to JSON anyway, and all of these sequence types are
// indistinguishable in JSON.
return cty.TupleVal(vals)
case ty.IsMapType() || ty.IsObjectType():
var length int
switch {
case ty.IsMapType():
length = val.LengthInt()
default:
length = len(val.Type().AttributeTypes())
}
if length == 0 {
// If there are no elements then we can't have unknowns
return cty.EmptyObjectVal
}
vals := make(map[string]cty.Value)
it := val.ElementIterator()
for it.Next() {
k, v := it.Element()
vAsBool := unknownAsBool(v)
// Omit all of the "false"s for known values for more compact
// serialization
if !vAsBool.RawEquals(cty.False) {
vals[k.AsString()] = unknownAsBool(v)
}
}
// The above transform may have changed the types of some of the
// elements, so we'll always use an object here in case we've now made
// different elements have different types. Our ultimate goal is to
// marshal to JSON anyway, and all of these mapping types are
// indistinguishable in JSON.
return cty.ObjectVal(vals)
default:
// Should never happen, since the above should cover all types
panic(fmt.Sprintf("unknownAsBool cannot handle %#v", val))
}
}
// recursively iterate through a marked cty.Value, replacing sensitive values
// with cty.True and non-sensitive values with cty.False.
//
// The result also normalizes some types: all sequence types are turned into
// tuple types and all mapping types are converted to object types, since we
// assume the result of this is just going to be serialized as JSON (and thus
// lose those distinctions) anyway.
//
// For map/object values, all non-sensitive attribute values will be omitted
// instead of returning false, as this results in a more compact serialization.
func sensitiveAsBool(val cty.Value) cty.Value {
if val.HasMark("sensitive") {
return cty.True
}
ty := val.Type()
switch {
case val.IsNull(), ty.IsPrimitiveType(), ty.Equals(cty.DynamicPseudoType):
return cty.False
case ty.IsListType() || ty.IsTupleType() || ty.IsSetType():
if !val.IsKnown() {
// If the collection is unknown we can't say anything about the
// sensitivity of its contents
return cty.EmptyTupleVal
}
length := val.LengthInt()
if length == 0 {
// If there are no elements then we can't have sensitive values
return cty.EmptyTupleVal
}
vals := make([]cty.Value, 0, length)
it := val.ElementIterator()
for it.Next() {
_, v := it.Element()
vals = append(vals, sensitiveAsBool(v))
}
// The above transform may have changed the types of some of the
// elements, so we'll always use a tuple here in case we've now made
// different elements have different types. Our ultimate goal is to
// marshal to JSON anyway, and all of these sequence types are
// indistinguishable in JSON.
return cty.TupleVal(vals)
case ty.IsMapType() || ty.IsObjectType():
if !val.IsKnown() {
// If the map/object is unknown we can't say anything about the
// sensitivity of its attributes
return cty.EmptyObjectVal
}
var length int
switch {
case ty.IsMapType():
length = val.LengthInt()
default:
length = len(val.Type().AttributeTypes())
}
if length == 0 {
// If there are no elements then we can't have sensitive values
return cty.EmptyObjectVal
}
vals := make(map[string]cty.Value)
it := val.ElementIterator()
for it.Next() {
k, v := it.Element()
s := sensitiveAsBool(v)
// Omit all of the "false"s for non-sensitive values for more
// compact serialization
if !s.RawEquals(cty.False) {
vals[k.AsString()] = s
}
}
// The above transform may have changed the types of some of the
// elements, so we'll always use an object here in case we've now made
// different elements have different types. Our ultimate goal is to
// marshal to JSON anyway, and all of these mapping types are
// indistinguishable in JSON.
return cty.ObjectVal(vals)
default:
// Should never happen, since the above should cover all types
panic(fmt.Sprintf("sensitiveAsBool cannot handle %#v", val))
}
}
func actionString(action string) []string {
switch {
case action == "NoOp":
return []string{"no-op"}
case action == "Create":
return []string{"create"}
case action == "Delete":
return []string{"delete"}
case action == "Update":
return []string{"update"}
case action == "CreateThenDelete":
return []string{"create", "delete"}
case action == "Read":
return []string{"read"}
case action == "DeleteThenCreate":
return []string{"delete", "create"}
default:
return []string{action}
}
}
// encodePaths lossily encodes a cty.PathSet into an array of arrays of step
// values, such as:
//
// [["length"],["triggers",0,"value"]]
//
// The lossiness is that we cannot distinguish between an IndexStep with string
// key and a GetAttr step. This is fine with JSON output, because JSON's type
// system means that those two steps are equivalent anyway: both are object
// indexes.
//
// JavaScript (or similar dynamic language) consumers of these values can
// recursively apply the steps to a given object using an index operation for
// each step.
func encodePaths(pathSet cty.PathSet) (json.RawMessage, error) {
if pathSet.Empty() {
return nil, nil
}
pathList := pathSet.List()
jsonPaths := make([]json.RawMessage, 0, len(pathList))
for _, path := range pathList {
steps := make([]json.RawMessage, 0, len(path))
for _, step := range path {
switch s := step.(type) {
case cty.IndexStep:
key, err := ctyjson.Marshal(s.Key, s.Key.Type())
if err != nil {
return nil, fmt.Errorf("Failed to marshal index step key %#v: %s", s.Key, err)
}
steps = append(steps, key)
case cty.GetAttrStep:
name, err := json.Marshal(s.Name)
if err != nil {
return nil, fmt.Errorf("Failed to marshal get attr step name %#v: %s", s.Name, err)
}
steps = append(steps, name)
default:
return nil, fmt.Errorf("Unsupported path step %#v (%t)", step, step)
}
}
jsonPath, err := json.Marshal(steps)
if err != nil {
return nil, err
}
jsonPaths = append(jsonPaths, jsonPath)
}
return json.Marshal(jsonPaths)
}