Environment variable not working

[kinihun]

I'm attempting to add local_file which I use to create a file containing secrets. Attempt to update the tflask using environemtn variable is failing.

typing the values below export TFMASK_VALUES_REGEX="(?i)^.(oauth|secret|token|password|key|result|cert|certificate).$" export TFMASK_RESOURCES_REGEX="(?i)^(random_id|local_file).*$"`

results in env values as shown below

TFMASK_VALUES_REGEX=(?i)^.*(oauth|secret|token|password|key|result|cert|certificate).*$ TFMASK_RESOURCES_REGEX=(?i)^(random_id|local_file).*$

However I see no effect.

[osterman]

@kinihun this is not enough information for us to reproduce. Please attach the sample output plan/apply output (of course obscure your sensitive data). Then we can ensure the use-case is handled. There's no canonical format for the output of terraform secrets. We handle specific patterns of output.

Here's what we currently test for.

https://github.com/cloudposse/tfmask/tree/master/tests

[vigffx]

Ive tried the tests locally on my machine and it does not work too. using the standard defaults.

[GMartinez-Sisti]

I think this only works when values are changing.

With this variable: export TFMASK_VALUES_REGEX='(?i)^(.*(oauth|secret|token|password|key|result|endpoint).*)$'

This matches (changing values): endpoint: "aaaaa" => "bbbb"

But this doesn't (new value): endpoint: "aaaaa"

I think the problem is that only the second option is comtemplated here: https://github.com/cloudposse/tfmask/blob/master/main.go#L41