search

aquasecurity / trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
https://aquasecurity.github.io/trivy
Apache License 2.0
23.32k stars 2.3k forks source link

feat(misconf): Improve terraform plan JSON error logging #7630

Open simar7 opened 3 weeks ago

simar7 commented 3 weeks ago

This would be especially useful when scanning Terraform Plan JSON, since we are converting it to HCL and have no way to track the location of the error.

We can add, for example, a cause field on logging that contains the source code of the location where the error occurred:

2024-09-28T09:47:17+06:00   DEBUG   [terraform parser] Parsing  module="root" file_path="main.tf"
2024-09-28T09:47:17+06:00   ERROR   [terraform parser] Error parsing file   module="root" file_path="main.tf" 
cause="\tbucket = <" err="main.tf:2,11-12: Invalid expression; Expected the start of an expression, but found an invalid expression token."

Originally posted by @nikpivkin in https://github.com/aquasecurity/trivy/discussions/7608#discussioncomment-10781373

nitrocode commented 3 days ago

I got the same error when running trivy config ./plan.json and it's my first time running trivy after using tfsec for years. Looking forward to this fix. Thank you for creating the issue.