opencredo
diff --git a/‎.travis.yml‎
Lines changed: 1 addition & 1 deletion b/‎.travis.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎CHANGELOG.md‎
Lines changed: 5 additions & 6 deletions b/‎CHANGELOG.md‎
Lines changed: 5 additions & 6 deletions
diff --git a/‎README.md‎
Lines changed: 12 additions & 5 deletions b/‎README.md‎
Lines changed: 12 additions & 5 deletions
diff --git a/‎commands.go‎
Lines changed: 74 additions & 68 deletions b/‎commands.go‎
Lines changed: 74 additions & 68 deletions
diff --git a/‎examples/mask/README.md‎
Lines changed: 41 additions & 52 deletions b/‎examples/mask/README.md‎
Lines changed: 41 additions & 52 deletions
diff --git a/‎examples/mask/terraform.tf‎
Lines changed: 10 additions & 4 deletions b/‎examples/mask/terraform.tf‎
Lines changed: 10 additions & 4 deletions
diff --git a/‎examples/mask/terraform.tfvars‎
Lines changed: 21 additions & 6 deletions b/‎examples/mask/terraform.tfvars‎
Lines changed: 21 additions & 6 deletions
diff --git a/‎examples/mask/variables.tf‎
Lines changed: 2 additions & 0 deletions b/‎examples/mask/variables.tf‎
Lines changed: 2 additions & 0 deletions
@@ -1,7 +1,7 @@
 language: go
 sudo: false
 go:
-- 1.6
+- 1.7.3
 matrix:
   allow_failures:
   - go: tip
 
@@ -1,17 +1,16 @@
 ## 0.4.2 (Unreleased)
+* [PR-9](https://github.com/opencredo/terrahelp/pull/9) Cater for terraform 0.7.x list and map variables (resolves [#8](https://github.com/opencredo/terrahelp/issues/8))
+* Updated examples and command line docs
+* Builds against Go 1.7.3
+* Confirmed testing against Vault 0.5.2
 
 ## 0.4.1
 * Add new `vault-cli` provider to use the `vault` command line tool rather than talking to the vault API.
 
 ## 0.4.0
 **Note: This release contains breaking changes!!**
 
-Terrahelp will now ignore stdin input if a `-file` flag is present.
-
-**The `-file` flag will no longer default to terraform.tfstate and terraform.tfstate.backup.**
-[PR-6](https://github.com/opencredo/terrahelp/pull/6)
-
-This is part of resolving [#5](https://github.com/opencredo/terrahelp/issues/5)
+* [PR-6](https://github.com/opencredo/terrahelp/pull/6) Terrahelp will now ignore stdin input if a `-file` flag is present. The `-file` flag will no longer default to terraform.tfstate and terraform.tfstate.backup (part of resolving [#5](https://github.com/opencredo/terrahelp/issues/5))
 
 ## 0.3.1
 
 
@@ -71,25 +71,32 @@ Not here yet ...
 
 To set up your Go environment - look [here](https://golang.org/doc/code.html).
 
-You must have Go > 1.6 installed.
+Install Go (Terrahelp is currently built against 1.7.3)
 
     mkdir -p "$GOPATH/src/github.com/opencredo/"
     git clone https://github.com/opencredo/terrahelp.git "$GOPATH/src/github.com/opencredo/terrahelp"
     cd "$GOPATH/src/github.com/opencredo/terrahelp"
 
-Build it
+*Dependencies*
+
+Terrahelp uses [govendor](https://github.com/kardianos/govendor) to manage it's dependencies, and currently also checks them into Git to enable a seamless build experience. However should you wish to change / upgrade any of these, you can get govendor, and then run the appropriate commands (e.g sync, fetch etc)
+
+    go get -u github.com/kardianos/govendor
+    govendor sync
+
+*Build it*
 
     go install
 
-Test it
+*Test it*
 
     go test -v ./...
 
-Run it:
+*Run it:*
 
     terrahelp -v 
 
-Want to cross compile it:
+*Want to cross compile it?*
 
     env GOOS=darwin GOARCH=amd64 go build -o=terrahelp-darwin-amd64
     env GOOS=linux GOARCH=amd64 go build -o=terrahelp-linux-amd64
 
@@ -1,84 +1,74 @@
 ## Terrahelp example - masking sensitive data 
 
-This example contains a very simple terraform setup composed entirely of 
-local resources (e.g. template resource) and exists in order to demonstrate how
-you can do masking of sensitive data which may be output from varius terraform
-commands.
+This example contains a very simple terraform setup composed entirely of local resources (e.g. template resource) and exists in order to demonstrate how you can do masking of sensitive data which may be output from varius terraform commands.
 
-This example is completely safe to run and will not land up costing you any 
-money in a cloud provider!
+This example is completely safe to run and will not land up costing you any money in a cloud provider! It currently demonstrates a terraform 0.7.7 based setup which includes the new lists and maps functionality.
 
-The CLI itself offers a more comprehensive view of the various options available, 
-so please use this if you need more info.
+The CLI itself offers a more comprehensive view of the various options available, so please use this if you need more info.
 
 ### Simple inline masking of terraform output
 
-This example will demonstrate how you can use the `mask` command in order to mask
-sensitive data which may be exposed when performing terraform actions.
+This example will demonstrate how you can use the `mask` command in order to mask sensitive data which may be exposed when performing terraform actions.
 
 * Run a `terraform plan` as normal
 
         terraform plan
         
 * Inspect the result which should look something like below:        
 
-        Refreshing Terraform state prior to plan...
+        Refreshing Terraform state in-memory prior to plan...
+        The refreshed state will be used to calculate this plan, but
+        will not be persisted to local or remote state storage.
 
-        The Terraform execution plan has been generated and is shown below.
-        Resources are shown in alphabetical order for quick scanning. Green resources
-        will be created (or destroyed and then created if an existing resource
-        exists), yellow resources are being changed in-place, and red resources
-        will be destroyed.
+        ...
 
-        Note: You didn't specify an "-out" parameter to save this plan, so when
-        "apply" is called, Terraform can't guarantee this is what will execute.
+        <= data.template_file.example
+            rendered:  "<computed>"
+            template:  "\nmsg1 = ${msg1}\nmsg2 = ${msg2}\nmsg3 = ${msg3}\nmsg4 = ${msg4}\nmsg5 = ${msg5}\nmsg6 = ${msg6}\nmsg7 = ${msg7}"
+            vars.%:    "7"
+            vars.msg1: "sensitive-value-1-AK#%DJGHS*G"
+            vars.msg2: "normal value 1"
+            vars.msg3: "sensitive-value-3-//dfhs//"
+            vars.msg4: "sensitive-value-4 with equals sign i.e. ff=yy"
+            vars.msg5: "sensitive-list-val-1"
+            vars.msg6: "sensitive-flatmap-val-foo"
+            vars.msg7: "sensitive-flatmap-val"
 
-        + template_file.example
-            rendered:  "" => "<computed>"
-            template:  "" => "\nmsg1 = ${msg1}\nmsg2 = ${msg2}\nmsg3 = ${msg3}"
-            vars.#:    "" => "3"
-            vars.msg1: "" => "sensitive-value-1-AK#%DJGHS*G"
-            vars.msg2: "" => "normal value 1"
-            vars.msg3: "" => "sensitive-value-3-//dfhs//"
 
-        
-        Plan: 1 to add, 0 to change, 0 to destroy.
+        Plan: 0 to add, 0 to change, 0 to destroy.
+                
+
 
 * Run the same command, but pipe the output through the `terrahelp mask` command. 
 
         terraform plan | terrahelp mask  
 
 * The result should now look something like below:
 
-        Refreshing Terraform state prior to plan...
+        Refreshing Terraform state in-memory prior to plan...
+        The refreshed state will be used to calculate this plan, but
+        will not be persisted to local or remote state storage.
         
+        ...
         
-        The Terraform execution plan has been generated and is shown below.
-        Resources are shown in alphabetical order for quick scanning. Green resources
-        will be created (or destroyed and then created if an existing resource
-        exists), yellow resources are being changed in-place, and red resources
-        will be destroyed.
-        
-        Note: You didn't specify an "-out" parameter to save this plan, so when
-        "apply" is called, Terraform can't guarantee this is what will execute.
-        
-        + template_file.example
-            rendered:  "" => "<computed>"
-            template:  "" => "\nmsg1 = ${msg1}\nmsg2 = ${msg2}\nmsg3 = ${msg3}"
-            vars.#:    "" => "3"
-            vars.msg1: "" => "******"
-            vars.msg2: "" => "normal value 1"
-            vars.msg3: "" => "******"
+        <= data.template_file.example
+            rendered:  "<computed>"
+            template:  "\nmsg1 = ${msg1}\nmsg2 = ${msg2}\nmsg3 = ${msg3}\nmsg4 = ${msg4}\nmsg5 = ${msg5}\nmsg6 = ${msg6}\nmsg7 = ${msg7}"
+            vars.%:    "7"
+            vars.msg1: "******"
+            vars.msg2: "normal value 1"
+            vars.msg3: "******"
+            vars.msg4: "******"
+            vars.msg5: "******"
+            vars.msg6: "******"
+            vars.msg7: "******"
         
         
-        Plan: 1 to add, 0 to change, 0 to destroy.
+        Plan: 0 to add, 0 to change, 0 to destroy.
 
-To change the mask character and/or length, you can use the `-maskchar` and `-numchars`
-flags, e.g. `terraform plan | terrahelp mask -maskchar=# -numchars=3`
+To change the mask character and/or length, you can use the `-maskchar` and `-numchars` flags, e.g. `terraform plan | terrahelp mask -maskchar=# -numchars=3`
 
-By default, the mask command will also attempt to detect whether any previous sensitive data
-may be exposed, and if so will mask this as well. This may happen for example when changing the
-value of one sensitive value to another e.g.
+By default, the mask command will also attempt to detect whether any previous sensitive data may be exposed, and if so will mask this as well. This may happen for example when changing the value of one sensitive value to another e.g.
 
         + template_file.example
             rendered:  "" => "<computed>"
@@ -101,6 +91,5 @@ In which case the resulting mask will look as follows
 If you want to suppress this default behaviour you can use the `-prev=false`
 
 ### How does it work out what is considered sensitive?
-At present, `terrahelp` relies on using the `terraform.tfvars` file as the mechanism to
-indicate which values should be considered sensitive, and thus masked out when detected.  
+At present, `terrahelp` relies on using the `terraform.tfvars` file as the mechanism to indicate which values should be considered sensitive, and thus masked out when detected.  
 
@@ -1,21 +1,27 @@
-# Something basic
+# -------------------------------------------------
+#      Example terraform file based on 0.7.7
+# -------------------------------------------------
 provider "aws" {
   access_key = "${var.pretend_aws_access_key}"
   secret_key = "${var.pretend_aws_secret_key}"
   region = "us-east-1"
 }
 
-resource "template_file" "example" {
-  template = "\nmsg1 = ${msg1}\nmsg2 = ${msg2}\nmsg3 = ${msg3}"
+data "template_file" "example" {
+  template = "\nmsg1 = ${msg1}\nmsg2 = ${msg2}\nmsg3 = ${msg3}\nmsg4 = ${msg4}\nmsg5 = ${msg5}\nmsg6 = ${msg6}\nmsg7 = ${msg7}"
   vars {
     msg1 = "${var.tf_sensitive_key_1}"
     msg2 = "${var.tf_normal_key_1}"
     msg3 = "${var.tf_sensitive_key_3}"
+    msg4 = "${var.tf_sensitive_key_4}"
+    msg5 = "${var.tf_sensitive_list_vals[0]}"
+    msg6 = "${var.tf_sensitive_flatmap_vals["foo"]}"
+    msg7 = "${var.tf_sensitive_flatmap_vals["overlap"]}"
   }
 }
 
 output "rendered" {
-  value = "${template_file.example.rendered}"
+  value = "${data.template_file.example.rendered}"
 }
 
 output "normal_val_2" {
 
@@ -1,9 +1,10 @@
-# ------------------------------------------------------------------
-#    NOTE: terraform.tfvars should ordinarily NEVER be checked into
-#          version control. This file is only here because it is
-#          part of demonstrating sample functionality, it does not
-#          actually contain anything sensitive.
-# -------------------------------------------------------------------
+# -------------------------------------------------
+#      Example terraform.tfvars file based on 0.7.7
+#      Note: this is only for testing / example purposes
+#            this file should NEVER really be checked into
+#            version control
+# -------------------------------------------------
+# Some comment
 pretend_aws_access_key     = "madeup-aws-access-key-PEJFNS"
 pretend_aws_secret_key     = "madeup-aws-secret-key-KGSDGH"
 tf_sensitive_key_1         = "sensitive-value-1-AK#%DJGHS*G"
@@ -14,3 +15,17 @@ tf_sensitive_key_3         = "sensitive-value-3-//dfhs//"
 tf_sensitive_key_4         = "sensitive-value-4 with equals sign i.e. ff=yy"
 # tf_sensitive_key_5         = "encrypted-value-5"
 tf_sensitive_key_6         = "sensitive-value-6"
+
+# new list and maps (terraform 0.7.x and higher)
+tf_sensitive_list_vals = [
+  "sensitive-list-val-1",
+  "sensitive-list-val-2",
+  "sensitive-list-val"
+]
+
+tf_sensitive_flatmap_vals = {
+  foo       = "sensitive-flatmap-val-foo"
+  bax       = "sensitive-flatmap-val-bax"
+  "bob"     = "sensitive-flatmap-val-bob"
+  "overlap" = "sensitive-flatmap-val"
+}
@@ -9,6 +9,8 @@ variable "tf_sensitive_key_3"     {}
 variable "tf_sensitive_key_4"     {}
 variable "tf_sensitive_key_6"     {}
 
+variable "tf_sensitive_list_vals"       { type = "list" }
+variable "tf_sensitive_flatmap_vals"    { type = "map"  }
 
 # ----------------------------------------------------------------
 # Non sensitive variable defaults