Launch template fails with SOURCEGRAPH_EXECUTOR_PROXY_PASSWORD with symbols

[ceusebi-eb]

Generating a password like this:

resource "random_password" "executor-password" {
  length  = 48
  special = true
}

module "executors" {
  source  = "sourcegraph/executors/aws"
  version = "4.3.0"

  executor_sourcegraph_executor_proxy_password = random_password.executor-password.result
  ...
}

Can contain symbols that end up causing the instance template to fail with error:

cloud-init[10254]: /var/lib/cloud/instance/scripts/part-001: line 28: hl: unbound variable
cloud-init[10254]: Cloud-init v. 22.4.2-0ubuntu0~20.04.2 running 'modules:final' at Wed, 28 Dec 2022 20:53:22 +0000. Up 52.15 seconds.
cloud-init[10254]: 2022-12-28 20:53:22,805 - cc_scripts_user.py[WARNING]: Failed to run module scripts-user (scripts in /var/lib/cloud/instance/scripts)
cloud-init[10254]: 2022-12-28 20:53:22,805 - util.py[WARNING]: Running module scripts-user (<module 'cloudinit.config.cc_scripts_user' from '/usr/lib/python3/dist-packages/cloudinit/config/cc_scripts_user.py'>) failed
systemd[1]: cloud-final.service: Main process exited, code=exited, status=1/FAILURE
systemd[1]: cloud-final.service: Failed with result 'exit-code'.

Terraform can be configured to override the symbols set with override_special = "!#$%&*()-_=+[]{}<>:?" but it's not clear to me which symbols would clash when the SOURCEGRAPH_EXECUTOR_PROXY_PASSWORD="<password>" is rendered into the template.

We have changed our passwords since to not contain symbols and the problem is mitigated
This is one of the example passwords that failed: jE0QqAe2=[2Bm$hl&Y[!?xX(GWDm5>Eg
Module version: "4.3.0"