From 6fd4263f599ff3318cc2095dde03a312bb617511 Mon Sep 17 00:00:00 2001 From: Roma Ryzhyi <110890299+ajax-ryzhyi-r@users.noreply.github.com> Date: Thu, 10 Aug 2023 21:35:43 +0300 Subject: [PATCH] fix: Fix terraform_wrapper_module_for_each hook heredoc vars defaults (#554) --- hooks/terraform_wrapper_module_for_each.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/hooks/terraform_wrapper_module_for_each.sh b/hooks/terraform_wrapper_module_for_each.sh index 522c329b3..9bbdd1ff2 100755 --- a/hooks/terraform_wrapper_module_for_each.sh +++ b/hooks/terraform_wrapper_module_for_each.sh @@ -323,11 +323,11 @@ EOF # Get names of module variables in all terraform files # shellcheck disable=SC2207 - module_vars=($(echo "$all_tf_content" | hcledit block list | { grep variable. || true; } | cut -d'.' -f 2)) + module_vars=($(echo "$all_tf_content" | hcledit block list | { grep variable. | cut -d'.' -f 2 || true; })) # Get names of module outputs in all terraform files # shellcheck disable=SC2207 - module_outputs=($(echo "$all_tf_content" | hcledit block list | { grep output. || true; } | cut -d'.' -f 2)) + module_outputs=($(echo "$all_tf_content" | hcledit block list | { grep output. | cut -d'.' -f 2 || true; })) # Looking for sensitive output local wrapper_output_sensitive="# sensitive = false # No sensitive module output found" @@ -360,6 +360,13 @@ EOF # https://github.com/terraform-aws-modules/terraform-aws-security-group/blob/0bd31aa88339194efff470d3b3f58705bd008db0/rules.tf#L8 # As a result, wrappers in terraform-aws-security-group module are missing values of the rules variable and is not useful. :( var_value="try(each.value.${module_var}, var.defaults.${module_var}, {})" + elif [[ $var_default == \<\<* ]]; then + # Heredoc style default values produce HCL parsing error: + # 'Unterminated template string; No closing marker was found for the string.' + # Because closing marker must be alone on it's own line: + # https://developer.hashicorp.com/terraform/language/expressions/strings#heredoc-strings + var_value="try(each.value.${module_var}, var.defaults.${module_var}, $var_default + )" else var_value="try(each.value.${module_var}, var.defaults.${module_var}, $var_default)" fi