Tofu crashes when variable is marked as sensitive and used in locals block assignment #655
Description
OpenTofu Version
OpenTofu v1.6.0-alpha1
on darwin_arm64
+ provider registry.opentofu.org/cloudfoundry-community/cloudfoundry v0.51.3
+ provider registry.opentofu.org/grafana/grafana v2.3.3
+ provider registry.opentofu.org/hashicorp/archive v2.4.0
+ provider registry.opentofu.org/hashicorp/local v2.4.0
+ provider registry.opentofu.org/hashicorp/random v3.5.1
+ provider registry.opentofu.org/loafoe/htpasswd v1.0.4
+ provider registry.opentofu.org/philips-software/hsdp v0.44.4
+ provider registry.terraform.io/cloudfoundry-community/cloudfoundry v0.51.3
+ provider registry.terraform.io/hashicorp/random v3.5.1
+ provider registry.terraform.io/loafoe/htpasswd v1.0.4
+ provider registry.terraform.io/philips-software/hsdp v0.44.0OpenTofu Configuration Files
variable "oauth2_client_password" {
type = string
default = ""
sensitive = true # Setting this to false prevents crash
}
locals {
self_managed_client = var.iam_application_id != ""
oauth2_client_password = local.self_managed_client ? random_password.client_password[0].result : var.oauth2_client_password
}Debug Output
!!!!!!!!!!!!!!!!!!!!!!!!!!! OPENTOFU CRASH !!!!!!!!!!!!!!!!!!!!!!!!!!!!
value is marked, so must be unmarked first
goroutine 1814 [running]:
runtime/debug.Stack()
runtime/debug/stack.go:24 +0x64
runtime/debug.PrintStack()
runtime/debug/stack.go:16 +0x1c
github.com/opentofu/opentofu/internal/logging.PanicHandler()
github.com/opentofu/opentofu/internal/logging/panic.go:58 +0x170
panic({0x1028bd520, 0x102dbcd50})
runtime/panic.go:890 +0x258
github.com/zclconf/go-cty/cty.Value.assertUnmarked(...)
github.com/zclconf/go-cty@v1.13.2/cty/marks.go:141
github.com/zclconf/go-cty/cty.Value.AsString({{{0x102de7ea0?, 0x1400011ed39?}}, {0x102abfee0?, 0x14001ac5938?}})
github.com/zclconf/go-cty@v1.13.2/cty/value_ops.go:1385 +0x50
github.com/zclconf/go-cty/cty.Value.Range({{{0x102de7ea0?, 0x1400011ed39?}}, {0x102abfee0?, 0x14001ac5938?}})
github.com/zclconf/go-cty@v1.13.2/cty/value_range.go:53 +0x29c
github.com/hashicorp/hcl/v2/hclsyntax.(*ConditionalExpr).Value(0x140002318f0, 0x14001ac5920)
github.com/hashicorp/hcl/v2@v2.17.0/hclsyntax/expression.go:746 +0xa70
github.com/opentofu/opentofu/internal/lang.(*Scope).EvalExpr(0x14001e98750, {0x102de6af0?, 0x140002318f0}, {{0x102de7ed8?, 0x1042d1080?}})
github.com/opentofu/opentofu/internal/lang/eval.go:175 +0x17c
github.com/opentofu/opentofu/internal/tofu.(*BuiltinEvalContext).EvaluateExpr(0x14001a3dec8?, {0x102de6af0, 0x140002318f0}, {{0x102de7ed8?, 0x1042d1080?}}, {0x0?, 0x0?})
github.com/opentofu/opentofu/internal/tofu/eval_context_builtin.go:289 +0x84
github.com/opentofu/opentofu/internal/tofu.(*NodeLocal).Execute(0x0?, {0x102dfe698, 0x14000eb9dc0}, 0xb0?)
github.com/opentofu/opentofu/internal/tofu/node_local.go:158 +0x468
github.com/opentofu/opentofu/internal/tofu.(*ContextGraphWalker).Execute(0x1400135ea20, {0x102dfe698, 0x14000eb9dc0}, {0x10c3f9d58, 0x14001893e90})
github.com/opentofu/opentofu/internal/tofu/graph_walk_context.go:143 +0xa8
github.com/opentofu/opentofu/internal/tofu.(*Graph).walk.func1({0x102bbaa80, 0x14001893e90})
github.com/opentofu/opentofu/internal/tofu/graph.go:78 +0x238
github.com/opentofu/opentofu/internal/dag.(*Walker).walkVertex(0x14000a0c000, {0x102bbaa80, 0x14001893e90}, 0x140016fe2c0)
github.com/opentofu/opentofu/internal/dag/walk.go:384 +0x2dc
created by github.com/opentofu/opentofu/internal/dag.(*Walker).Update
github.com/opentofu/opentofu/internal/dag/walk.go:307 +0xb7c
Expected Behavior
Tofu doesn't crash
Actual Behavior
Tofu crashes
Steps to Reproduce
tofu inittofu plan
Additional Context
The project is much larger but was able to isolate the crashing condition in the HCL code included here.
When setting the variable to sensitive = false the crash does not happen.
References
No response