package hclsecret_test import ( "fmt" "github.com/hashicorp/hcl/v2" "github.com/hashicorp/hcl/v2/hclsimple" "github.com/zclconf/go-cty/cty/function" "git.maze.io/go/secret/hclsecret" ) type mockProvider struct { out []byte err error } func (p mockProvider) GetSecret(string) ([]byte, error) { return p.out, p.err } func ExampleFunction() { // p would be your initialized secret.Provider p := mockProvider{[]byte("it works!"), nil} // Our stand-in configuration file b := []byte(` database { username = "root" password = secret("password") } `) // Our stand-in configuration struct type databaseConfig struct { Username string `hcl:"username"` Password string `hcl:"password"` } var config struct { Database databaseConfig `hcl:"database,block"` } // HCL evaluation context ctx := &hcl.EvalContext{ Functions: map[string]function.Function{ "secret": hclsecret.Function(p), }, } if err := hclsimple.Decode("example.hcl", []byte(b), ctx, &config); err != nil { panic(err) } fmt.Println(config.Database.Password) // Output: it works! }