Merge #11673

11673: Fix illegal cast in resource constructors when secret-wrapping input arguments. r=AaronFriel a=AaronFriel

Fixes #11664 after new SDK gen. Will require an update to pulumi-aws using this branch or a new release.

Codegen for wrapping input properties as secrets performed an incorrect cast, as seen in Pulumi's AWS classic SDK.

Using the sample program and the resource constructor described in #11664 as our test case, from `pulumi-aws/sdk/v5/go/aws/secretmanager/secretVersion.go`:

```go
      func NewSecretVersion(ctx *pulumi.Context,
        name string, args *SecretVersionArgs, opts ...pulumi.ResourceOption) (*SecretVersion, error)
        if args == nil {
          return nil, errors.New("missing one or more required arguments")
        }

        if args.SecretId == nil {
          return nil, errors.New("invalid value for required argument 'SecretId'")
        }
        if args.SecretBinary != nil {
82:        args.SecretBinary = pulumi.ToSecret(args.SecretBinary).(pulumi.StringPtrOutput)
        }
        if args.SecretString != nil {
85:        args.SecretString = pulumi.ToSecret(args.SecretString).(pulumi.StringPtrOutput)
        }
```

`args.SecretBinary` is of type `pulumi.StringPtrInput` and `pulumi.ToSecret` returns `pulumi.Output` returns its input as an Output-wrapped value marked secret.

As `StringPtrInput` is an interface accepting multiple input types, the return value would be either `pulumi.StringOutput` `pulumi.StringPtrOutput`. These are both concrete types, and casting to the incorrect one would panic.

Fortunately we can cast back to the input type, as verified by building the new codegen and testing the Pulumi program in #11664.

The new codegen below converts an input type `T` to `pulumi.Output`, then casts back to `T`.

```go
      func NewSecretVersion(ctx *pulumi.Context,
        // ...
        if args.SecretBinary != nil {
82:             args.SecretBinary = pulumi.ToSecret(args.SecretBinary).(pulumi.StringPtrInput)
        }
        if args.SecretString != nil {
85:             args.SecretString = pulumi.ToSecret(args.SecretString).(pulumi.StringPtrInput)
        }
```


Co-authored-by: Aaron Friel <mayreply@aaronfriel.com>

changelog/pending/20221217--sdkgen-go--illegal-cast-in-resource-constructors-when-secret-wrapping-input-arguments.yaml

@@ -0,0 +1,4 @@
+changes:
+- type: fix
+  scope: sdkgen/go
+  description: Illegal cast in resource constructors when secret-wrapping input arguments.

pkg/codegen/go/gen.go

@@ -1763,7 +1763,8 @@ func (pkg *pkgContext) genResource(w io.Writer, r *schema.Resource, generateReso
 	// Setup secrets
 	for _, p := range secretInputProps {
 		fmt.Fprintf(w, "\tif args.%s != nil {\n", pkg.fieldName(r, p))
-		fmt.Fprintf(w, "\t\targs.%[1]s = pulumi.ToSecret(args.%[1]s).(%[2]s)\n", pkg.fieldName(r, p), pkg.outputType(p.Type))
+
+		fmt.Fprintf(w, "\t\targs.%[1]s = pulumi.ToSecret(args.%[1]s).(%[2]s)\n", pkg.fieldName(r, p), pkg.typeString(p.Type))
 		fmt.Fprintf(w, "\t}\n")
 	}
 	if len(secretProps) > 0 {