From 23dffee568f431113ce196d6a03279bb9db58db4 Mon Sep 17 00:00:00 2001 From: Keith Clawson Date: Fri, 11 Mar 2022 18:00:22 -0800 Subject: [PATCH 1/3] Always use token in backend config when provided --- internal/backend/remote/backend.go | 31 +++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/internal/backend/remote/backend.go b/internal/backend/remote/backend.go index 4635fa6f26..131a9a9039 100644 --- a/internal/backend/remote/backend.go +++ b/internal/backend/remote/backend.go @@ -256,24 +256,25 @@ func (b *Remote) Configure(obj cty.Value) tfdiags.Diagnostics { return diags } - // Retrieve the token for this host as configured in the credentials - // section of the CLI Config File. - token, err := b.token() - if err != nil { - diags = diags.Append(tfdiags.AttributeValue( - tfdiags.Error, - strings.ToUpper(err.Error()[:1])+err.Error()[1:], - "", // no description is needed here, the error is clear - cty.Path{cty.GetAttrStep{Name: "hostname"}}, - )) - return diags + // Get the token from the config. + var token string + if val := obj.GetAttr("token"); !val.IsNull() { + token = val.AsString() } - // Get the token from the config if no token was configured for this - // host in credentials section of the CLI Config File. + // Retrieve the token for this host as configured in the credentials + // section of the CLI Config File if no token was configured for this + // host in the config. if token == "" { - if val := obj.GetAttr("token"); !val.IsNull() { - token = val.AsString() + token, err = b.token() + if err != nil { + diags = diags.Append(tfdiags.AttributeValue( + tfdiags.Error, + strings.ToUpper(err.Error()[:1])+err.Error()[1:], + "", // no description is needed here, the error is clear + cty.Path{cty.GetAttrStep{Name: "hostname"}}, + )) + return diags } } From 5ded48e081ae202626e1f5386b34d2c854d7a5a9 Mon Sep 17 00:00:00 2001 From: Sebastian Rivera Date: Fri, 22 Apr 2022 14:09:20 -0400 Subject: [PATCH 2/3] Give token in cloud config higher precedence than CLI config file --- internal/cloud/backend.go | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/internal/cloud/backend.go b/internal/cloud/backend.go index 9a01af33f0..6f64a9476c 100644 --- a/internal/cloud/backend.go +++ b/internal/cloud/backend.go @@ -214,24 +214,24 @@ func (b *Cloud) Configure(obj cty.Value) tfdiags.Diagnostics { return diags } - // Retrieve the token for this host as configured in the credentials - // section of the CLI Config File. - token, err := b.token() - if err != nil { - diags = diags.Append(tfdiags.AttributeValue( - tfdiags.Error, - strings.ToUpper(err.Error()[:1])+err.Error()[1:], - "", // no description is needed here, the error is clear - cty.Path{cty.GetAttrStep{Name: "hostname"}}, - )) - return diags + // First we'll retrieve the token from the configuration + var token string + if val := obj.GetAttr("token"); !val.IsNull() { + token = val.AsString() } - // Get the token from the config if no token was configured for this - // host in credentials section of the CLI Config File. + // Get the token from the CLI Config File in the credentials section + // if no token was not set in the configuration if token == "" { - if val := obj.GetAttr("token"); !val.IsNull() { - token = val.AsString() + token, err = b.token() + if err != nil { + diags = diags.Append(tfdiags.AttributeValue( + tfdiags.Error, + strings.ToUpper(err.Error()[:1])+err.Error()[1:], + "", // no description is needed here, the error is clear + cty.Path{cty.GetAttrStep{Name: "hostname"}}, + )) + return diags } } From c7bdd28e4c2ecc8bbcf5795108d925e909485c15 Mon Sep 17 00:00:00 2001 From: Sebastian Rivera Date: Tue, 26 Apr 2022 10:03:07 -0400 Subject: [PATCH 3/3] CHANGELOG: Token config priority --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c33c7825c4..eeb4c19a65 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -42,6 +42,7 @@ BUG FIXES: * When rendering a diff, Terraform now quotes the name of any object attribute whose string representation is not a valid identifier. ([#30766](https://github.com/hashicorp/terraform/issues/30766)) * Terraform will prioritize local terraform variables over remote terraform variables in operations such as `import`, `plan`, `refresh` and `apply` for workspaces in local execution mode. This behavior applies to both `remote` backend and the `cloud` integration configuration. ([#29972](https://github.com/hashicorp/terraform/issues/29972)) * `terraform show -json`: JSON plan output now correctly maps aliased providers to their configurations, and includes the full provider source address alongside the short provider name. ([#30138](https://github.com/hashicorp/terraform/issues/30138)) +* The local token configuration now has higher priority than the token specified in a CLI configuration. ([#30664](https://github.com/hashicorp/terraform/issues/30664)) UPGRADE NOTES: