529645194e
A new `Secret` property value is introduced, and plumbed across the engine. - When Unmarshalling properties /from/ RPC calls, we instruct the marshaller to retain secrets, since we now understand them in the rest of the engine. - When Marshalling properties /to/ RPC calls, we use or tracked data to understand if the other side of the connection can accept secrets. If they can, we marshall them in a similar manner to assets where we have a special object with a signiture specific for secrets and an underlying value (which is the /plaintext/ value). In cases where the other end of the connection does not understand secrets, we just drop the metadata and marshal the underlying value as we normally would. - Any secrets that are passed across the engine events boundary are presently passed as just `[secret]`. - When persisting secret values as part of a deployment, we use a rich object so that we can track the value is a secret, but right now the underlying value is not actually encrypted. |
||
---|---|---|
.. | ||
config | ||
deploy | ||
edit | ||
graph | ||
plugin | ||
provider | ||
stack | ||
testdata | ||
asset.go | ||
asset_test.go | ||
errors.go | ||
properties.go | ||
properties_diff.go | ||
properties_diff_test.go | ||
properties_test.go | ||
resource_goal.go | ||
resource_id.go | ||
resource_id_test.go | ||
resource_operation.go | ||
resource_state.go | ||
stack.go | ||
status.go | ||
urn.go | ||
urn_test.go |