Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

cli: Fix plan diff for sensitive nested attributes #30825

Merged
merged 1 commit into from
Apr 11, 2022
Merged

cli: Fix plan diff for sensitive nested attributes #30825

merged 1 commit into from
Apr 11, 2022

Conversation

alisdair
Copy link
Contributor

@alisdair alisdair commented Apr 8, 2022

When rendering diffs for resources which use nested attribute types, we must cope with collections backing those attributes which are entirely sensitive. The most common way this will be seen is through sensitive values being present in sets, which will result in the entire set being marked sensitive.

This approach fixes the crash by entirely omitting sensitive collections from the diff output. For some situations this is reasonable—for example, a list(string) which is populated by a sensitive variable should be elided from user view. In other use cases, notably set-backed nested attributes, this is likely to be counter-intuitive. Unfortunately, given how cty copes with marks on sets, I don't see any alternative at this time.

Fixes #30824.

@alisdair
cli: Fix plan diff for sensitive nested attributes
d23f099 
When rendering diffs for resources which use nested attribute types, we
must cope with collections backing those attributes which are entirely
sensitive. The most common way this will be seen is through sensitive
values being present in sets, which will result in the entire set being
marked sensitive.
@alisdair alisdair added crash cli 1.1-backport If you add this label to a PR before merging, backport-assistant will open a new PR once merged labels Apr 8, 2022
@alisdair alisdair requested a review from a team April 8, 2022 20:21
@alisdair alisdair self-assigned this Apr 8, 2022
@alisdair alisdair mentioned this pull request Apr 8, 2022
Closed
@alisdair alisdair merged commit 5117895 into main Apr 11, 2022
@alisdair alisdair deleted the alisdair/fix-nested-attr-sensitive-collections branch April 11, 2022 12:05
@github-actions
Copy link
Contributor

Reminder for the merging maintainer: if this is a user-visible change, please update the changelog on the appropriate release branch.

@teamterraform teamterraform mentioned this pull request Apr 11, 2022
Merged
@github-actions
Copy link
Contributor

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 12, 2022
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Reviewers

@jbardin jbardin jbardin approved these changes

Assignees

@alisdair alisdair

Labels
1.1-backport If you add this label to a PR before merging, backport-assistant will open a new PR once merged cli crash
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Terraform Crash - value is marked, so must be unmarked first
2 participants
@alisdair @jbardin