jprdonnelly/opentf
1
0
Fork 0
mirror of https://github.com/opentffoundation/opentf.git synced 2025-12-21 02:37:43 -05:00
Code Issues Packages Projects Releases Wiki Activity
33,142 Commits 232 Branches 78 Tags
enabled-nested-variable
Commit Graph

30 Commits

Author SHA1 Message Date
ian
b7bcc13ea5 encryption/keyprovider/aws_kms: Use APNInfo instead of UserAgent 2025-10-17 12:08:51 -07:00
Larry Bordowitz
bcbfebce3d Implement the Azure Key Provider 
This uses the same auth package as the newly-rewritten Azure State
Backend, so many of the properties and environment variables are the
same. I have put this through both the compliance test as well as built
the binary and run some end-to-end tests, and found that it
appropriately uses the Azure key as expected.

Signed-off-by: Larry Bordowitz <laurence.bordowitz@gmail.com>
 2025-09-29 06:19:02 -04:00
Diógenes Fernandes
a88a1f004e Normalize HCL config paths in TestComplianceBinary/* tests on Windows (#3222) 
Signed-off-by: Diogenes Fernandes <diofeher@gmail.com>
 2025-09-04 13:59:50 -03:00
Diógenes Fernandes
044374f75a convert .json files from using CRLF to LF (#3212) 
Signed-off-by: Diogenes Fernandes <diofeher@gmail.com>
 2025-08-29 14:03:08 -03:00
Martin Atkins
a1ba3e24aa tofu: EvalContext expression evaluation takes context.Context (#2937) 
Signed-off-by: Martin Atkins <mart@degeneration.co.uk>
 2025-06-19 10:46:31 +01:00
Christian Mesh
13c1ca768b Fix lint issues in ./internal/encryption (#2782) 
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
 2025-05-09 14:06:42 -07:00
Christian Mesh
b2bf39802a Implement the first part of RFC 20250303-linter-policy (#2577) 
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
 2025-03-10 13:16:27 -04:00
Mikel Olasagasti Uranga
66765bdab3 Fix: Ensure constant format strings in fmt and printf calls 
Go 1.24 introduces stricter checks for format string validation.
This commit fixes instances where non-constant format strings were
used in calls to functions like `fmt.Errorf`, `fmt.Printf`, and similar.

Changes include:
- Replacing dynamically constructed strings passed as format strings
with constant format strings.
- Refactoring `fmt.Sprintf` calls to ensure the format string matches
the number of arguments provided.
- Simplifying redundant formatting and ensuring compliance with Go
1.24's stricter `vet` tool checks.

This update ensures compatibility with Go 1.24 and prevents potential
runtime errors caused by misinterpreted dynamic format strings.

Resolves #2389

Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
Co-authored-by: Martin Atkins <mart@degeneration.co.uk>
Signed-off-by: Martin Atkins <mart@degeneration.co.uk>
 2025-02-26 11:33:43 -08:00
Alexander Scheel
c66319a56b Remove experimental marker from OpenBao transit (#2536) 
Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>
 2025-02-21 10:00:13 -05:00
Andrei Ciobanu
a3276028ad Upgrade aws sdk to a version that will give us access to s3 conditional writes arguments (#2528) 
Signed-off-by: yottta <andrei.ciobanu@opentofu.org>
 2025-02-18 15:58:17 +02:00
AbstractionFactory
60fdd359d5 Fixes #2337: External encryption method (#2367) 
Signed-off-by: AbstractionFactory <179820029+abstractionfactory@users.noreply.github.com>
 2025-01-31 12:13:18 -05:00
AbstractionFactory
5a6d2d3e98 Fixes #2022: Running external commands as a key provider (#2023) 
Signed-off-by: AbstractionFactory <179820029+abstractionfactory@users.noreply.github.com>
Signed-off-by: ollevche <ollevche@gmail.com>
Co-authored-by: Oleksandr Levchenkov <ollevche@gmail.com>
 2025-01-08 12:08:30 -05:00
AbstractionFactory
9d842aa920 Fixes #1605: Customizable metadata key on encryption key providers (#2080) 
Signed-off-by: AbstractionFactory <179820029+abstractionfactory@users.noreply.github.com>
 2024-10-30 19:52:23 +01:00
Nathan Baulch
ea558d9d4b Fix typos (#1905) 
Signed-off-by: Nathan Baulch <nathan.baulch@gmail.com>
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
Co-authored-by: Christian Mesh <christianmesh1@gmail.com>
 2024-08-29 13:20:33 -04:00
Christian Mesh
3c45c30249 Move varhcl (body variable inspection) into hcl fork (#1919) 
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
 2024-08-23 10:01:07 -04:00
Oleksandr Levchenkov
19b5287b8f allow static evaluations in encryption configuration (#1728) 
Signed-off-by: ollevche <ollevche@gmail.com>
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
Signed-off-by: Oleksandr Levchenkov <ollevche@gmail.com>
Co-authored-by: Christian Mesh <christianmesh1@gmail.com>
 2024-06-24 10:18:16 -04:00
Oleksandr Levchenkov
5a161c8bcc add automated copyright header check (#1696) 
Signed-off-by: ollevche <ollevche@gmail.com>
Signed-off-by: Oleksandr Levchenkov <ollevche@gmail.com>
 2024-06-03 16:49:36 +03:00
Oleksandr Levchenkov
e1e182987b add OpenBao as key provider for state encryption (#1436) 
Signed-off-by: ollevche <ollevche@gmail.com>
 2024-04-08 13:38:17 +01:00
Ashwin Annamalai
046beee664 Change numbers to make tests work in i386 (#1454) 
Signed-off-by: Ashwin Annamalai <4549937+IgnorantSapient@users.noreply.github.com>
 2024-04-01 15:13:26 -04:00
Oleksandr Levchenkov
641751f163 remove GCP KMS key reading from env (#1440) 
Signed-off-by: ollevche <ollevche@gmail.com>
 2024-03-28 07:43:54 -04:00
Christian Mesh
230fc89a28 GCP KMS for Key Provider for Encryption (#1392) 
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
 2024-03-18 15:54:20 -04:00
James Humphries
73f5fbf4bc Added aws_kms key provider compliance tests (#1395) 
Signed-off-by: James Humphries <james@james-humphries.co.uk>
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
Co-authored-by: Christian Mesh <christianmesh1@gmail.com>
 2024-03-18 14:48:19 -04:00
Janos
8c99c75229 [State Encryption] Compliance tests (#1377) 
Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com>
 2024-03-14 15:53:40 +01:00
Christian Mesh
07a9185767 Initial implementation of aws_kms encryption.key_provider (#1349) 
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
Signed-off-by: James Humphries <james@james-humphries.co.uk>
Co-authored-by: James Humphries <james@james-humphries.co.uk>
 2024-03-13 13:19:20 -04:00
Christian Mesh
586c45fe5a Refactor encryption configuration (#1387) 
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
 2024-03-13 10:58:52 -04:00
Janos
4c4d9bca67 Fixed crash on encryption use (#1384) 
Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com>
 2024-03-13 12:00:31 +01:00
Janos
a18e643a8d PBKDF2 passphrase key provider (#1310) 
Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com>
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
Co-authored-by: Christian Mesh <christianmesh1@gmail.com>
Co-authored-by: James Humphries <jamesh@spacelift.io>
 2024-03-11 14:24:31 +01:00
Christian Mesh
cef62ea738 Update to encryption key provider interface (#1351) 
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
 2024-03-08 07:55:08 -05:00
Janos
fa638907f1 Fixes #1169: AES-GCM implementation (#1291) 
Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com>
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
Signed-off-by: James Humphries <James@james-humphries.co.uk>
Co-authored-by: James Humphries <jamesh@spacelift.io>
Co-authored-by: Serdar Dalgıç <serdardalgic@users.noreply.github.com>
Co-authored-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
Co-authored-by: Christian Mesh <christianmesh1@gmail.com>
 2024-03-07 10:24:37 +00:00
James Humphries
cbab4bee83 State Encryption Documentation and Partial Implementation (#1227) 
Signed-off-by: StephanHCB <sbs_github_u43a@packetloss.de>
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com>
Signed-off-by: James Humphries <james@james-humphries.co.uk>
Co-authored-by: StephanHCB <sbs_github_u43a@packetloss.de>
Co-authored-by: Janos <86970079+janosdebugs@users.noreply.github.com>
Co-authored-by: Christian Mesh <christianmesh1@gmail.com>
 2024-02-16 14:59:19 +00:00