Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sensitive errors if specified in multiple levels of variables #27095

Closed
douglaswth opened this issue Dec 3, 2020 · 5 comments · Fixed by #27131
Closed

Sensitive errors if specified in multiple levels of variables #27095

douglaswth opened this issue Dec 3, 2020 · 5 comments · Fixed by #27131
Assignees
@pselle
Labels
bug confirmed a Terraform Core team member has reproduced this issue v0.14 Issues (primarily bugs) reported against v0.14 releases
Milestone
v0.14.x

Comments

@douglaswth
Copy link

Terraform Version

Terraform v0.14.0
+ provider registry.terraform.io/hashicorp/aws v3.19.0
+ provider registry.terraform.io/hashicorp/external v1.2.0
+ provider registry.terraform.io/hashicorp/random v3.0.0

Terraform Configuration Files

main.tf:

variable "secret" {
  type      = string
  sensitive = true
}

module "module" {
  source = "./module"
  secret = var.secret
}

module/main.tf:

variable "secret" {
  type      = string
  sensitive = true
}

resource "local_file" "secret" {
  content         = var.secret
  filename        = "${path.module}/secret.txt"
  file_permission = "0600"
}

Debug Output

https://gist.github.com/douglaswth/daf02c0a31f51b21db3d945bb2ccba39

Expected Behavior

Either terraform plan or terraform apply should show the expected changes.

Actual Behavior

Instead, both commands error with the following message:

Error: .content: value has marks, so it cannot be serialized

Steps to Reproduce

  1. export TF_VAR_secret=secret
  2. terraform init
  3. terraform apply

References
@douglaswth douglaswth added bug new new issue not yet triaged labels Dec 3, 2020
@danieldreier danieldreier added the v0.14 Issues (primarily bugs) reported against v0.14 releases label Dec 3, 2020
@douglaswth douglaswth mentioned this issue Dec 3, 2020
Closed
@danieldreier
Copy link
Contributor

I've reproduced this issue and copied the reproduction case to https://github.com/danieldreier/terraform-issue-reproductions/tree/master/27095. Thanks for reporting this with a clear, simple reproduction case @douglaswth!

@danieldreier danieldreier added confirmed a Terraform Core team member has reproduced this issue and removed new new issue not yet triaged labels Dec 3, 2020
@alisdair alisdair added this to the v0.14.x milestone Dec 3, 2020
@pselle pselle self-assigned this Dec 3, 2020
@pselle pselle mentioned this issue Dec 3, 2020
Merged
@teamterraform teamterraform mentioned this issue Dec 4, 2020
Merged
@nick4fake
Copy link

@danieldreier Is there a way to create a minor release for this one? Unfortunately there are no ways to use terraform 0.14 with GKE module due to this bug.

@pselle
Copy link
Contributor

pselle commented Dec 8, 2020
edited

@nick4fake This is going out in the 0.14.1 version, which will be releasing today. And it should only impact users using sensitive on variables, so it should not be blocking any 0.14 migrations. If it somehow is, please share more information and replication in a new issue.

@nick4fake
Copy link

Unfortunately I still see "value has marks, so it cannot be serialized" issue, so probably will open a separate ticket.

@nick4fake nick4fake mentioned this issue Dec 8, 2020
Closed
@ghost
Copy link

ghost commented Jan 4, 2021

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@hashicorp hashicorp locked as resolved and limited conversation to collaborators Jan 4, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@pselle pselle

Labels
bug confirmed a Terraform Core team member has reproduced this issue v0.14 Issues (primarily bugs) reported against v0.14 releases
Projects
None yet
Milestone
v0.14.x
Development

Successfully merging a pull request may close this issue.

Avoid double-marking variables hashicorp/terraform
5 participants
@alisdair @douglaswth @pselle @nick4fake @danieldreier