Skip to content

Commit

Permalink
Add support sensitive variables in TestRunner (#337)
Browse files Browse the repository at this point in the history
  • Loading branch information
wata727 authored Jul 28, 2024
1 parent 63caa05 commit c00f251
Show file tree
Hide file tree
Showing 2 changed files with 74 additions and 1 deletion.
14 changes: 14 additions & 0 deletions helper/runner.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,12 @@ import (
"reflect"

"github.com/hashicorp/hcl/v2"
"github.com/hashicorp/hcl/v2/gohcl"
"github.com/hashicorp/hcl/v2/hclsyntax"
"github.com/terraform-linters/tflint-plugin-sdk/hclext"
"github.com/terraform-linters/tflint-plugin-sdk/internal"
"github.com/terraform-linters/tflint-plugin-sdk/terraform/addrs"
"github.com/terraform-linters/tflint-plugin-sdk/terraform/lang/marks"
"github.com/terraform-linters/tflint-plugin-sdk/tflint"
"github.com/zclconf/go-cty/cty"
"github.com/zclconf/go-cty/cty/convert"
Expand Down Expand Up @@ -410,6 +412,9 @@ func decodeVariableBlock(block *hcl.Block) (*Variable, hcl.Diagnostics) {
{
Name: "default",
},
{
Name: "sensitive",
},
},
})
if diags.HasErrors() {
Expand All @@ -424,6 +429,15 @@ func decodeVariableBlock(block *hcl.Block) (*Variable, hcl.Diagnostics) {

v.Default = val
}
if attr, exists := content.Attributes["sensitive"]; exists {
var sensitive bool
diags := gohcl.DecodeExpression(attr.Expr, nil, &sensitive)
if diags.HasErrors() {
return v, diags
}

v.Default = v.Default.Mark(marks.Sensitive)
}

return v, nil
}
Expand Down
61 changes: 60 additions & 1 deletion helper/runner_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (
"github.com/hashicorp/hcl/v2/hclsyntax"
"github.com/terraform-linters/tflint-plugin-sdk/hclext"
"github.com/terraform-linters/tflint-plugin-sdk/tflint"
"github.com/zclconf/go-cty/cty"
)

func Test_GetResourceContent(t *testing.T) {
Expand Down Expand Up @@ -536,7 +537,7 @@ func Test_DecodeRuleConfig_config_not_found(t *testing.T) {
}
}

func Test_EvaluateExpr(t *testing.T) {
func Test_EvaluateExpr_string(t *testing.T) {
tests := []struct {
Name string
Src string
Expand Down Expand Up @@ -601,6 +602,64 @@ resource "aws_instance" "foo" {
}
}

func Test_EvaluateExpr_value(t *testing.T) {
tests := []struct {
Name string
Src string
Want string
}{
{
Name: "sensitive variable",
Src: `
variable "instance_type" {
type = string
default = "secret"
sensitive = true
}
resource "aws_instance" "foo" {
instance_type = var.instance_type
}`,
Want: `cty.StringVal("secret").Mark(marks.Sensitive)`,
},
}

for _, test := range tests {
t.Run(test.Name, func(t *testing.T) {
runner := TestRunner(t, map[string]string{"main.tf": test.Src})

resources, err := runner.GetResourceContent("aws_instance", &hclext.BodySchema{
Attributes: []hclext.AttributeSchema{{Name: "instance_type"}},
}, nil)
if err != nil {
t.Fatal(err)
}

for _, resource := range resources.Blocks {
// raw value
var instanceType cty.Value
if err := runner.EvaluateExpr(resource.Body.Attributes["instance_type"].Expr, &instanceType, nil); err != nil {
t.Fatal(err)
}

if instanceType.GoString() != test.Want {
t.Fatalf(`"%s" is expected, but got "%s"`, test.Want, instanceType.GoString())
}

// callback
if err := runner.EvaluateExpr(resource.Body.Attributes["instance_type"].Expr, func(val cty.Value) error {
if instanceType.GoString() != test.Want {
t.Fatalf(`"%s" is expected, but got "%s"`, test.Want, instanceType.GoString())
}
return nil
}, nil); err != nil {
t.Fatal(err)
}
}
})
}
}

type dummyRule struct {
tflint.DefaultRule
}
Expand Down

0 comments on commit c00f251

Please sign in to comment.