Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add tflint.ErrSensitive #174

Merged
merged 1 commit into from
Jul 31, 2022
Merged

Add tflint.ErrSensitive #174

merged 1 commit into from
Jul 31, 2022

Conversation

wata727
Copy link
Member

@wata727 wata727 commented Jul 31, 2022

See also terraform-linters/tflint#1457

This PR add a new error type, tflint.ErrSensitive. This error occurs when the result of an expression evaluated by EvaluateExpr contains sensitive values.

Whether or not you want to inspect sensitive values is debatable. But in many cases, it's more valuable to prevent unintentional disclosure, such as accidentally inspecting it as a string and printing it to the console.

Based on this determination, TFLint returns tflint.ErrSensitive if it contains sensitive values. The SDK treats the error to be ignored with EnsureNoErrors in the same way as with ErrUnevaluable.

Compatibility note: If an ErrSensitive occurs in an older SDK version, this error will not be ignored, just treated as an error. However, this is almost identical to the "value has marks, so it cannot be serialized" error.

@wata727 wata727 merged commit e7ddb76 into master Jul 31, 2022
@wata727 wata727 deleted the add_sensitive_error branch July 31, 2022 08:51
@wata727 wata727 mentioned this pull request Sep 4, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@wata727