We are using gohcl.DecodeBody
to parse Terraform scripts such as this one that marks variables as sensitive
. We are not passing in an EvalContext
:
diags := gohcl.DecodeBody(file.Body, nil, &root)
However this results in a diagnostic error:
2022/12/01 10:40:51 - .envbuilderTmpDir/github.com/terraform-ibm-modules/terraform-ibm-toolkit-resource-group/variables.tf:4,3-12: Unsupported argument; An argument named "sensitive" is not expected here.
As I read the docs, I think we need to pass in an EvalContext
so the decoder can handle the sensitive attribute, but I'm not sure how to construct it. We don't really care about the sensitive attribute; we'd be fine if we could tell the decoder to ignore it. I've tried passing an empty one but I get the same error.
This error is reporting that the given schema does not declare an argument named sensitive
.
When you are using the gohcl
abstraction to decode HCL the schema is inferred automatically using reflection against the type of the value you passed in to the last argument. That means that the schema will be decided based on whatever type you've declared for your variable root
, which you didn't show in your question.
To make your program accept an argument called sensitive
inside variable blocks, you will need to identify which struct type in your program is representing variable
blocks and add an extra field to it which is tagged to represent that it represents an argument called sensitive
:
type VariableBlock struct {
// ...
Sensitive hcl.Expression `hcl:"sensitive"`
}
I chose the target type hcl.Expression
here because you mentioned in your question that you don't plan to actually make use of the sensitive
argument value. Decoding into hcl.Expression
means that gohcl
will just capture directly whatever expression was assigned to sensitive
without performing any further type checking or type conversion.
If you did want to make use of the sensitive
value in your program then you might prefer to decode into a Go bool
field instead, which would then cause gohcl
to require that the given value be a HCL boolean value and will convert it into a Go bool
value to assign into the result.
Note that Terraform itself doesn't use the gohcl
package, so you won't be able to implement all aspects of the Terraform language through that abstraction. Depending on your goals, you may find it better to use the higher-level library terraform-config-inspect, which encapsulates the HCL-related details of the Terraform language and exposes only a subset of the language at a higher level of abstraction that's more appropriate for building certain kinds of tools for working with Terraform modules.