Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Terrascan failing with 0 errors #4159

Open
mstavreski opened this issue Oct 18, 2024 · 7 comments
Open

Terrascan failing with 0 errors #4159

mstavreski opened this issue Oct 18, 2024 · 7 comments
Labels
bug Something isn't working

Comments

@mstavreski
Copy link

mstavreski commented Oct 18, 2024

Describe the bug
We are running Megalinter on our Terraform code and all of our linters are coming up with 0 errors and passing except for Terrascan which is still failing despite showing 0 errors

Is there a solution/workaround for this?

[SARIF Reporter] Generated TERRAFORM_TERRASCAN report: /tmp/lint/megalinter-reports/sarif/TERRAFORM_TERRASCAN.sarif
Unable to get total errors from SARIF output.

:x: Linted [TERRAFORM] files with [terrascan]: Found 0 error(s) - (11.43s)

- Using [terrascan v1.18.11] https://megalinter.io/7.13.0/descriptors/terraform_terrascan

- MegaLinter key: [TERRAFORM_TERRASCAN]

- Rules config: identified by [terrascan]

[Pre][TERRAFORM_TERRASCAN] run: [terrascan] in cwd [/]

[Pre][TERRAFORM_TERRASCAN] result:

Terrascan

Screenshot 2024-10-18 at 1 03 36 PM

@mstavreski mstavreski added the bug Something isn't working label Oct 18, 2024
@nvuillam
Copy link
Member

@mstavreski MegaLinter v7 is not maintained anymore, please can you upgrade to MegaLinter v8.1.0 to see if the problem still happens ?

@mstavreski
Copy link
Author

Hi @nvuillam, I have upgraded to v8.1.0 and I'm still getting the same error:

❌ Linted [TERRAFORM] files with [terrascan]: Found 0 error(s) - (12.07s)
- Using [terrascan v1.19.9] https://megalinter.io/8.1.0/descriptors/terraform_terrascan
- MegaLinter key: [TERRAFORM_TERRASCAN]
- Rules config: identified by [terrascan]
--Error detail:

@nvuillam
Copy link
Member

nvuillam commented Oct 21, 2024

@mstavreski what is the output if you run the job with additional variables ?

LOG_LEVEL: DEBUG
OUTPUT_DETAIL: detailed

@mstavreski
Copy link
Author

Hi @nvuillam I have ran it again with the specified variables and this is the output:

{
    "$schema": "https: //json.schemastore.org/sarif-2.1.0-rtm.5.json",
    "runs": [
        {
            "invocations": [
                {
                    "executionSuccessful": True,
                    "toolExecutionNotifications": [
                        {
                            "level": "warning",
                            "message": {
                                "text": "diagnostic errors while loading terraform config dir "/tmp/lint/modules/app-topic-specs". error from terraform:\n/tmp/lint/modules/app-topic-specs/variables.tf:14,29-42: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:17,38-50: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:18,38-54: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:19,38-51: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:20,38-58: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:21,38-50: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:22,38-60: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:23,38-55: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:24,38-49: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "diagnostic errors while loading terraform config dir "/tmp/lint/modules/private-network-attachment". error from terraform:\n/tmp/lint/modules/private-network-attachment/variables.tf:29,31-43: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "diagnostic errors while loading terraform config dir "/tmp/lint/modules/private-networking". error from terraform:\n/tmp/lint/modules/private-networking/variables.tf:27,31-43: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "diagnostic errors while loading terraform config dir "/tmp/lint/modules/schema". error from terraform:\n/tmp/lint/modules/schema/variables.tf:14,22-35: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:15,22-42: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:16,22-38: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:24,22-34: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:25,22-44: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:26,22-38: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "diagnostic errors while loading terraform config dir "/tmp/lint/platform/dev". error from terraform:\n/tmp/lint/platform/dev/variables.tf:31,31-43: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "diagnostic errors while loading terraform config dir "/tmp/lint/platform/prod". error from terraform:\n/tmp/lint/platform/prod/variables.tf:31,31-43: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "diagnostic errors while loading terraform config dir "/tmp/lint/platform/sit". error from terraform:\n/tmp/lint/platform/sit/variables.tf:31,31-43: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "diagnostic errors while loading terraform config dir "/tmp/lint/platform/uat". error from terraform:\n/tmp/lint/platform/uat/variables.tf:31,31-43: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "diagnostic errors while loading terraform config dir "/tmp/lint/templates/application". error from terraform:\n/tmp/lint/templates/application/variables.tf:22,36-48: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/templates/application/variables.tf:23,36-52: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/templates/application/variables.tf:24,36-49: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/templates/application/variables.tf:25,36-56: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/templates/application/variables.tf:26,36-48: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/templates/application/variables.tf:27,36-58: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/templates/application/variables.tf:28,36-53: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/templates/application/variables.tf:29,36-47: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "directory "/tmp/lint" has no terraform config files"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "directory "/tmp/lint/megalinter-reports" has no terraform config files"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "directory "/tmp/lint/megalinter-reports/linters_logs" has no terraform config files"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "directory "/tmp/lint/megalinter-reports/sarif" has no terraform config files"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "directory "/tmp/lint/modules" has no terraform config files"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "directory "/tmp/lint/pipelines" has no terraform config files"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "directory "/tmp/lint/platform" has no terraform config files"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "directory "/tmp/lint/templates" has no terraform config files"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "failed to build unified config. errors:\n/tmp/lint/modules/app-topic-specs/variables.tf:14,29-42: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:17,38-50: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:18,38-54: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:19,38-51: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:20,38-58: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:21,38-50: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:22,38-60: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:23,38-55: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/app-topic-specs/variables.tf:24,38-49: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:14,22-35: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:15,22-42: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:16,22-38: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:24,22-34: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:25,22-44: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:26,22-38: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "failed to build unified config. errors:\n/tmp/lint/modules/private-network-attachment/variables.tf:29,31-43: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "failed to build unified config. errors:\n/tmp/lint/modules/private-networking/variables.tf:27,31-43: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "failed to build unified config. errors:\n/tmp/lint/modules/private-networking/variables.tf:27,31-43: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "failed to build unified config. errors:\n/tmp/lint/modules/private-networking/variables.tf:27,31-43: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "failed to build unified config. errors:\n/tmp/lint/modules/private-networking/variables.tf:27,31-43: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        },
                        {
                            "level": "warning",
                            "message": {
                                "text": "failed to build unified config. errors:\n/tmp/lint/modules/schema/variables.tf:14,22-35: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:15,22-42: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:16,22-38: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:24,22-34: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:25,22-44: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n/tmp/lint/modules/schema/variables.tf:26,22-38: Invalid type specification; Optional attribute modifier expects only one argument: the attribute type.\n"
                            }
                        }
                    ]
                }
            ],
            "properties": {
                "megalinter": {
                    "docUrl": "https://megalinter.io/8.1.0/descriptors/terraform_terrascan",
                    "linterKey": "TERRAFORM_TERRASCAN",
                    "linterVersion": "1.19.9"
                }
            },
            "results": [],
            "tool": {
                "driver": {
                    "informationUri": "https://github.com/tenable/terrascan",
                    "name": "terrascan (MegaLinter TERRAFORM_TERRASCAN)",
                    "rules": [],
                    "version": "1.19.9"
                }
            }
        }
    ],
    "version": "2.1.0"
}

Its returning some warnings, but to my knowledge it shouldn't be failing on warnings?

@mstavreski
Copy link
Author

Hello @nvuillam , just following up on this. Is there any fix for it?

@nvuillam
Copy link
Member

@mstavreski not yet... available tile is hard to find these days ^^
But it's still on my backlog :)

@nvuillam
Copy link
Member

nvuillam commented Nov 10, 2024

@mstavreski after a little investigation, my assumptions are:

  • terrascan returns 1 if there are warnings
  • MegaLinter does not count items in toolExecutionNotifications, that's why you see 0 errors (I could make the update, but i'm not sure that we want to consider such warnings as real issues, do you confirm ?)

The key is to find how to make terrascan return 0 if there are only toolExecutionNotifications warnings

Please can you see that with terrascan maintainers ? https://github.com/tenable/terrascan

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants