search

cloudposse-archives / tfmask

Terraform utility to mask select output from `terraform plan` and `terraform apply`
https://cloudposse.com/accelerate
Apache License 2.0
202 stars 27 forks source link

Add tf 0 12 support #12

Closed eversC closed 4 years ago

eversC commented 4 years ago

Adds support for terraform v0.12

On the face of it this will look like a tonne of changes so I'll make an attempt at summarising:

In terms of testing, I've done a diff (see attached) of the outputs from running make test with tf 0.11 in the /tests directory, on the latest binary you've released Vs. a binary I've built from my branch. I think it's come out well; just a few differences where the id of the random_string.some_password is different (which is fine). tf-011-old-vs-new-diff.txt

For what it's worth, I've also run make test with tf 0.12 (see attached output). This looks okay to me but might need some sanity checking. tf012_test.txt

osterman commented 4 years ago

@eversC this looks amazing! Thanks so much for biting the bullet and helping us upgrade this.

osterman commented 4 years ago

@eversC this part looks suspect: should id there be masked?

image

osterman commented 4 years ago

fixes #6

eversC commented 4 years ago

Hi @osterman 👋 , thanks for getting back to me so quickly.

@eversC this part looks suspect: should id there be masked?

image

That looks like a bit of an oversight on my part, as it does seem id should be masked. It looks like tfmask currently exhibits that behaviour too, though, unless I'm missing something?

eversC commented 4 years ago

I made an additional commit, 2633d0e, which I believe fixes the random_string.some_password.id exposure issue.

I just updated the tfmaskValuesRegex and tfmaskResourceRegex regexes to include "id" and "random_string" respectively.

osterman commented 4 years ago

It looks like tfmask currently exhibits that behaviour too, though, unless I'm missing something?

Yea, not improbable =)