Closed jwoudenberg closed 1 month ago
Thank you for reporting the issue. I understand that you would like to have sensitive variables hidden in the error output. I am in favor of implementing this. In GitHub Actions, this would already be done by GitHub but it looks like Terraform Cloud is not doing this.
My suggestion is to have sensitive variables replaced by *****
.
For this, the packer provider needs to know which variables are sensitive. In order to do that, I would consider adding another attribute sensitive_variables
which would do the same as variables
but this way the provider knows how to deal with them when outputting errors.
Also, thanks a lot for using the provider, I appreciate your feedback!
I've added support for a separate sensitive_variables
. However, please make sure you also specify sensitive = true
in your packer file. See https://developer.hashicorp.com/packer/guides/hcl/variables#defining-variables-and-locals
Describe the bug I've a packer file with a couple of sensitive variables. I'm using this provider to run it in terraform cloud. When the packer specification contains an error the terraform cloud build fails, as expected. The error displayed in terraform cloud UI shows the packer command invoked, listing all the
-var key=val
arguments, including sensitive values.To Reproduce
Expected behavior Packer variables marked as sensitive do are not visible in terraform output.
Screenshots Screenshot leading up to the section containing the sensitive
-var
key/value pairs:Additional information (please complete the following information):
Additional context Thank you for this project, it's been super straight-forward to use!