Avoiding adding full debug output to do sensitivity. See edited snippet:
Error: Error connecting to PostgreSQL server (scheme: gcppostgres): gcppostgres: open gcppostgres://postgres:<URL-escaped plaintext password>:5432/postgres?fallback_application_name=Terraform+provider: :5432/postgres is not in the form project/region/instance/dbname
The text <URL-escaped plaintext password> instead had my actual URL-escaped DB password.
Expected Behavior
Password is obfuscated in error message.
Actual Behavior
Password shown in error message.
Steps to Reproduce
Please list the steps required to reproduce the issue, for example:
terraform plan -replace google_sql_database_instance.postgres
Hi there,
Thank you for opening an issue. Please provide the following information:
Terraform Version
1.7.5
Affected Resource(s)
Terraform Configuration Files
https://github.com/world-federation-of-advertisers/cross-media-measurement/tree/main/src/main/terraform/gcloud/cmms
Debug Output
Avoiding adding full debug output to do sensitivity. See edited snippet:
The text
<URL-escaped plaintext password>
instead had my actual URL-escaped DB password.Expected Behavior
Password is obfuscated in error message.
Actual Behavior
Password shown in error message.
Steps to Reproduce
Please list the steps required to reproduce the issue, for example:
terraform plan -replace google_sql_database_instance.postgres
References
It looks like there's an attempt at using string.Replace in https://github.com/cyrilgdn/terraform-provider-postgresql/blob/f46ec221181b09b153c7fc816e75c7030a3e8ab9/postgresql/config.go#L291, but it does not appear to take into account that the password may be URL-escaped.