Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type EncryptionConfig ¶
type EncryptionConfig struct { KeyProviderConfigs []KeyProviderConfig `hcl:"key_provider,block"` MethodConfigs []MethodConfig `hcl:"method,block"` State *EnforceableTargetConfig `hcl:"state,block"` Plan *EnforceableTargetConfig `hcl:"plan,block"` Remote *RemoteConfig `hcl:"remote_state_data_sources,block"` // Not preserved through merge operations DeclRange hcl.Range }
EncryptionConfig describes the terraform.encryption HCL block you can use to configure the state and plan encryption. The individual fields of this struct match the HCL structure directly.
func DecodeConfig ¶
func DecodeConfig(body hcl.Body, rng hcl.Range) (*EncryptionConfig, hcl.Diagnostics)
DecodeConfig takes a hcl.Body and decodes it into a Config struct. This method is here as an example for how someone using this library might want to decode a configuration. if they were not using gohcl directly. Right now for real world use this is only intended to be used in tests, until we publish this publicly.
func LoadConfigFromString ¶
func LoadConfigFromString(sourceName string, rawInput string) (*EncryptionConfig, hcl.Diagnostics)
LoadConfigFromString loads a configuration from a string. The sourceName is used to identify the source of the configuration in error messages. This method serves as an example for how someone using this library might want to load a configuration. if they were not using gohcl directly. However! Right now, this method should only be used in tests, as OpenTofu should be using gohcl to parse the configuration.
func MergeConfigs ¶
func MergeConfigs(cfg *EncryptionConfig, override *EncryptionConfig) *EncryptionConfig
MergeConfigs merges two Configs together, with the override taking precedence.
func (*EncryptionConfig) GetKeyProvider ¶
func (c *EncryptionConfig) GetKeyProvider(kpType, kpName string) (KeyProviderConfig, bool)
GetKeyProvider takes type and name arguments to find a respective KeyProviderConfig in the list.
func (*EncryptionConfig) Merge ¶
func (c *EncryptionConfig) Merge(override *EncryptionConfig) *EncryptionConfig
Merge returns a merged configuration with the current config and the specified override combined, the override taking precedence.
type EnforceableTargetConfig ¶
type EnforceableTargetConfig struct { Enforced bool `hcl:"enforced,optional"` Method hcl.Expression `hcl:"method,optional"` Fallback *TargetConfig `hcl:"fallback,block"` }
EnforceableTargetConfig is an extension of the TargetConfig that supports the enforced form.
Note: This struct is copied because gohcl does not support embedding.
func (EnforceableTargetConfig) AsTargetConfig ¶
func (e EnforceableTargetConfig) AsTargetConfig() *TargetConfig
AsTargetConfig converts the struct into its parent TargetConfig.
type KeyProviderConfig ¶
type KeyProviderConfig struct { // EncryptedMetadataAlias contains the key to identify the metadata by. EncryptedMetadataAlias string `hcl:"encrypted_metadata_alias,optional"` Type string `hcl:"type,label"` Name string `hcl:"name,label"` Body hcl.Body `hcl:",remain"` }
KeyProviderConfig describes the terraform.encryption.key_provider.* block you can use to declare a key provider for encryption. The Body field will contain the remaining undeclared fields the key provider can consume.
func (KeyProviderConfig) Addr ¶
func (k KeyProviderConfig) Addr() (keyprovider.Addr, hcl.Diagnostics)
Addr returns a keyprovider.Addr from the current configuration.
type MethodConfig ¶
type MethodConfig struct { Type string `hcl:"type,label"` Name string `hcl:"name,label"` Body hcl.Body `hcl:",remain"` }
MethodConfig describes the terraform.encryption.method.* block you can use to declare the encryption method. The Body field will contain the remaining undeclared fields the method can consume.
func (MethodConfig) Addr ¶
func (m MethodConfig) Addr() (method.Addr, hcl.Diagnostics)
type NamedTargetConfig ¶
type NamedTargetConfig struct { Name string `hcl:"name,label"` Method hcl.Expression `hcl:"method,optional"` Fallback *TargetConfig `hcl:"fallback,block"` }
NamedTargetConfig is an extension of the TargetConfig that describes a terraform.encryption.remote.remote_state_data.* block.
Note: This struct is copied because gohcl does not support embedding.
func (NamedTargetConfig) AsTargetConfig ¶
func (n NamedTargetConfig) AsTargetConfig() *TargetConfig
AsTargetConfig converts the struct into its parent TargetConfig.
type RemoteConfig ¶
type RemoteConfig struct { Default *TargetConfig `hcl:"default,block"` Targets []NamedTargetConfig `hcl:"remote_state_data_source,block"` }
RemoteConfig describes the terraform.encryption.remote block you can use to declare encryption for remote state data sources.
type TargetConfig ¶
type TargetConfig struct { Method hcl.Expression `hcl:"method,optional"` Fallback *TargetConfig `hcl:"fallback,block"` }
TargetConfig describes the target.encryption.state, target.encryption.plan, etc blocks.