Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

core: Fix sensitive value/attribute conflict #28245

Merged
merged 1 commit into from
Mar 31, 2021
Merged

core: Fix sensitive value/attribute conflict #28245

merged 1 commit into from
Mar 31, 2021

Conversation

alisdair
Copy link
Contributor

When applying sensitivity marks to resources, we previously would first mark any provider-denoted sensitive attributes, then apply the set of planned-change sensitive value marks. This would cause a panic if a provider marked an iterable value as sensitive, because it is invalid to call MarkWithPaths against a marked iterable value.

Instead, we now merge the marks from the provider schema and the planned change into a single set, and apply them with one call. The included test panics without this change.

Fixes #28244. See also hashicorp/terraform-provider-aws#18485.

@alisdair
core: Fix sensitive value/attribute conflict
c54c186 
When applying sensitivity marks to resources, we previously would first
mark any provider-denoted sensitive attributes, then apply the set of
planned-change sensitive value marks. This would cause a panic if a
provider marked an iterable value as sensitive, because it is invalid to
call `MarkWithPaths` against a marked iterable value.

Instead, we now merge the marks from the provider schema and the planned
change into a single set, and apply them with one call. The included
test panics without this change.
@alisdair alisdair added core crash 0.15-backport If you add this label to a PR before merging, backport-assistant will open a new PR once merged labels Mar 30, 2021
@alisdair alisdair requested a review from a team March 30, 2021 19:58
@alisdair alisdair self-assigned this Mar 30, 2021
@codecov
Copy link

codecov bot commented Mar 30, 2021

Codecov Report

Merging #28245 (c54c186) into main (7ab4f1f) will increase coverage by 0.00%.
The diff coverage is 100.00%.

Impacted Files Coverage Δ
terraform/evaluate.go 52.98% <100.00%> (+0.09%) ⬆️

@alisdair alisdair merged commit d37c3c5 into main Mar 31, 2021
@alisdair alisdair deleted the alisdair/fix-sensitive-value-sensitive-attribute-conflict branch March 31, 2021 13:29
@teamterraform teamterraform mentioned this pull request Mar 31, 2021
Merged
@ghost
Copy link

ghost commented May 1, 2021

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked as resolved and limited conversation to collaborators May 1, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@pselle pselle pselle left review comments

@jbardin jbardin jbardin approved these changes

Assignees

@alisdair alisdair

Labels
0.15-backport If you add this label to a PR before merging, backport-assistant will open a new PR once merged core crash
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Panic in Terraform 0.15.0-beta2 with sensitive attributes/arguments
3 participants
@alisdair @jbardin @pselle