feat: show config.toml and user data in Terraform plan (#754)

## Description ### What Adds a new variable `show_user_data_in_plan` which is `false` by default (there could be sensitive data leaked). * Writes the rendered `config.toml` to a file * Writes the agent's user data to a file. ### Why * By writing the rendered `config.toml` to a file we get an actual diff of the `config.toml` when we change values in our Terraform plan. In addition this would help us with the refactoring work were currently doing. * Even better ability to see the impact of changes we make. ## Migrations required NO ## Verification `show_user_data_in_plan = true` ![image](https://user-images.githubusercontent.com/17970041/225928978-cd8b31b0-9fbf-4cdb-89b3-8885a4d52f99.png) Example of `config.toml` showing a diff in plan: ![image](https://user-images.githubusercontent.com/17970041/225929105-ff04ae01-39c0-40cc-adb0-5181f5a94b46.png) --------- Co-authored-by: Matthias Kay <[email protected]> Co-authored-by: kayma <[email protected]>
cattle-ops · Mar 22, 2023 · 5b5c335 · 5b5c335
1 parent ac0ca54
commit 5b5c335
Show file tree

Hide file tree

Showing 11 changed files with 121 additions and 77 deletions.
diff --git a/.cspell.json b/.cspell.json
@@ -2,6 +2,7 @@
   "version": "0.2",
   "language": "en",
   "words": [
+    "amazonec",
     "amannn",
     "anytrue",
     "aquasecurity",
@@ -12,6 +13,8 @@
     "concat",
     "devskim",
     "dind",
+    "endfor",
+    "formatlist",
     "gitter",
     "kics",
     "jsonencode",
@@ -21,11 +24,13 @@
     "oxsecurity",
     "shuf",
     "signoff",
+    "signum",
     "substr",
     "templatefile",
     "terrascan",
     "tfenv",
     "tflint",
+    "tftpl",
     "tfsec",
     "tfvars",
     "tmpfs",

diff --git a/.gitignore b/.gitignore
@@ -38,3 +38,6 @@ builds/
 
 # Python
 venv/
+
+# Terraform rendered templates
+debug/
diff --git a/examples/runner-default/.terraform.lock.hcl b/examples/runner-default/.terraform.lock.hcl
diff --git a/examples/runner-docker/.terraform.lock.hcl b/examples/runner-docker/.terraform.lock.hcl
diff --git a/examples/runner-multi-region/.terraform.lock.hcl b/examples/runner-multi-region/.terraform.lock.hcl
diff --git a/examples/runner-multi-region/versions.tf b/examples/runner-multi-region/versions.tf
@@ -8,7 +8,7 @@ terraform {
     }
     local = {
       source  = "hashicorp/local"
-      version = "2.2.3"
+      version = "2.4.0"
     }
     null = {
       source  = "hashicorp/null"

diff --git a/examples/runner-pre-registered/.terraform.lock.hcl b/examples/runner-pre-registered/.terraform.lock.hcl
diff --git a/examples/runner-pre-registered/versions.tf b/examples/runner-pre-registered/versions.tf
@@ -8,7 +8,7 @@ terraform {
     }
     local = {
       source  = "hashicorp/local"
-      version = "2.2.3"
+      version = "2.4.0"
     }
     null = {
       source  = "hashicorp/null"

diff --git a/locals.tf b/locals.tf
@@ -91,3 +91,14 @@ locals {
 
   docker_machine_adds_name_tag = signum(sum(local.docker_machine_version_test)) <= 0
 }
+
+resource "local_file" "config_toml" {
+  content  = local.template_runner_config
+  filename = "${path.module}/debug/runner_config.toml"
+}
+
+resource "local_file" "user_data" {
+  count    = var.show_user_data_in_plan ? 1 : 0
+  content  = nonsensitive(local.template_user_data)
+  filename = "${path.module}/debug/user_data.sh"
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -38,3 +38,6 @@ builds/ @@
     # Python
     venv/
+    # Terraform rendered templates
+    debug/