Improve terraform property escaping

Author: maor-rozenfeld

packages/blocks/terraform/src/lib/hcledit-cli.ts

@@ -92,7 +92,10 @@ export async function updateResourceProperties(
   template: string,
   resourceType: string,
   resourceName: string,
-  modifications: { propertyName: string; propertyValue: string }[],
+  modifications: {
+    propertyName: string;
+    propertyValue: string | number | boolean;
+  }[],
 ): Promise<string> {
   validateIdentifier(resourceType, 'Resource type');
   validateIdentifier(resourceName, 'Resource name');
@@ -110,7 +113,9 @@ export async function updateResourceProperties(
     const updates = [];
     for (const modification of modifications) {
       const propertyName = modification.propertyName;
-      const propertyValue = sanitizePropertyValue(modification.propertyValue);
+      const propertyValue = escapeAttributeValue(
+        modification.propertyValue,
+      ).replace(/"/g, '\\"');
 
       const attributeCommand = await getAttributeCommand(
         filePath,
@@ -247,20 +252,3 @@ async function executeHclEditCommand(
 ): Promise<CommandResult> {
   return await executeCommand('/bin/bash', ['-c', `hcledit ${parameters}`]);
 }
-
-function sanitizePropertyValue(propertyValue: string): string {
-  // In the future we may need to check the type.
-  // We currently only support number boolean and string
-
-  propertyValue = propertyValue.trim();
-
-  if (
-    Number.isInteger(Number(propertyValue)) ||
-    propertyValue === 'false' ||
-    propertyValue === 'true'
-  ) {
-    return propertyValue;
-  }
-
-  return `\\"${propertyValue}\\"`;
-}

packages/blocks/terraform/test/hcledit-cli.test.ts

@@ -214,6 +214,35 @@ describe('Update Resource Properties', () => {
     );
   });
 
+  test('should preserve numeric and boolean property values', async () => {
+    const modifications = [
+      { propertyName: 'enable_feature', propertyValue: true },
+      { propertyName: 'max_count', propertyValue: 3 },
+    ];
+
+    mockExecuteCommand
+      .mockResolvedValueOnce({ exitCode: 1, stdOut: '', stdError: 'missing' })
+      .mockResolvedValueOnce({ exitCode: 0, stdOut: 'current', stdError: '' })
+      .mockResolvedValueOnce({ exitCode: 0, stdOut: 'result', stdError: '' });
+
+    const result = await updateResourceProperties(
+      testTemplate,
+      'aws_instance',
+      'example',
+      modifications,
+    );
+
+    expect(result).toContain('result');
+    expect(mockExecuteCommand).toHaveBeenCalledTimes(3);
+    const executedCommand = mockExecuteCommand.mock.calls[2][1][1];
+    expect(executedCommand).toContain(
+      `attribute append resource.aws_instance.example.enable_feature 'true'`,
+    );
+    expect(executedCommand).toContain(
+      `attribute set resource.aws_instance.example.max_count '3'`,
+    );
+  });
+
   test.each<{
     description: string;
     resourceType: string;