fix: use can(index()) to handle null proxy_client_password_auth_type @wavemoran (#85)
## Summarycontains()throwsInvalid function argumentwhen passed anullvalue, even when short-circuit evaluation with== null ||is expected — Terraform evaluates both sides of||before applying the condition- Replace
contains(list, var)withcan(index(list, var))so null (or unset) values returnfalsecleanly without erroring - Fixes the regression introduced in #72 for users who do not set
proxy_client_password_auth_type
Problem
When proxy_client_password_auth_type is not set (default null), Terraform raises:
Error: Invalid function argument
on variables.tf line 541, in variable "proxy_client_password_auth_type":
condition = var.proxy_client_password_auth_type == null || contains([...], var.proxy_client_password_auth_type)
Invalid value for "value" parameter: argument must not be null.
Fix
# Before
condition = var.proxy_client_password_auth_type == null || contains([...], var.proxy_client_password_auth_type)
# After
condition = var.proxy_client_password_auth_type == null || can(index([...], var.proxy_client_password_auth_type))Per the Terraform can function docs: can evaluates the given expression and returns true if it succeeds, or false if it returns any error — including the error index raises when the value is not found or is null. This is the recommended pattern for validation conditions.
References
- Introduced by: #72
- Terraform
canfunction: https://developer.hashicorp.com/terraform/language/functions/can - Terraform custom conditions: https://developer.hashicorp.com/terraform/language/expressions/custom-conditions
🤖 Generated with Claude Code
Summary by CodeRabbit
-
Bug Fixes
- Improved validation for the proxy client password authentication setting so valid values are handled more reliably, including null values.
-
Chores
- Updated an infrastructure module reference to use a pinned remote source.