terraform-to-secrets: Search for secrets in resource outputs

[dav3r]

🗣 Description

This PR updates terraform-to-secrets so that it also searches for tagged secrets in resource outputs, such as with Terraform remote states.

💭 Motivation and Context

In some cases, a secret is needed that was not created by the local Terraform code. An example of this is the Terraform test user in nessus-packer, which requires the id of the "third-party" bucket created in cool-accounts/images. If we tag the bucket appropriately (in cool-accounts/images, then the code in this PR allows that secret to be discovered.

🧪 Testing

To test this, I tagged the "third-party" bucket in Staging like so:

  tags = merge(var.tags,
    {
      "GitHub_Secret_Name"             = "THIRD_PARTY_BUCKET_${upper(local.this_account_type)}",
      "GitHub_Secret_Terraform_Lookup" = "id"
    }
  )

Then, I applied that change in Staging and verified that terraform-to-secrets was able to successfully detect the bucket name (id) as a secret.

📷 Screenshots (if appropriate)

🚥 Types of Changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (causes existing functionality to change)

✅ Checklist

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my changes.
• All new and existing tests passed.

[felddy]

I like it! I have one design change I'd like you to noodle. 🍜

[felddy]

AWwww yeaaaahhh booiy! This is not just warming my cockles! 🥰

APPROVED WITH PREJUDICE! ✅

[jsf9k]

Nice. The generator is the way to go.