Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

helm_release metadata not cloaked when key contains "." character - revived #1004

Closed
clydetealium opened this issue Dec 7, 2022 · 2 comments

Comments

@clydetealium
Copy link

clydetealium commented Dec 7, 2022

Terraform, Provider, Kubernetes and Helm Versions

Terraform version: v0.13.6
Provider version: 2.3.0
Kubernetes version: 1.22

Affected Resource(s)

  • helm_release

Terraform Configuration Files

resource "helm_release" "example" {
  name = "redis"

  repository = "https://charts.bitnami.com/bitnami"
  chart      = "redis"

  set {
    name  = "replica.replicaCount"
    value = 0
  }

  set_sensitive {
    name  = "auth.password"
    value = "foo"
  }

  set_sensitive {
    name  = "foo\\.bar"
    value = "baz"
  }
}

Steps to Reproduce

  1. terraform apply
  2. terraform destroy

Expected Behavior

Apply succeeds. In the plan output for the destroy, the value for the foo.bar key under the metadata attribute is marked as sensitive:

  # helm_release.example will be destroyed
  - resource "helm_release" "example" {
...
      - metadata                   = [
          - {
... 
             - values      = jsonencode(
                    {
...
                      - foo.bar = "(sensitive value)"

Actual Behavior

Apply succeeds. In the plan output for the destroy, the value for the foo.bar key under the metadata attribute is shown in original plain text (not marked sensitive):

  # helm_release.example will be destroyed
  - resource "helm_release" "example" {
...
      - metadata                   = [
          - {
... 
             - values      = jsonencode(
                    {
...
                      - foo.bar = "baz"

Important Factoids

References

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment
@clydetealium
Copy link
Author

Not stale

Copy link

Marking this issue as stale due to inactivity. If this issue receives no comments in the next 30 days it will automatically be closed. If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. This helps our maintainers find and focus on the active issues. Maintainers may also remove the stale label at their discretion. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants