search

bridgecrewio / checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
https://www.checkov.io/
Apache License 2.0
7.1k stars 1.12k forks source link

Parsing error when using terraform `null` provider #781

Closed maximmi closed 3 years ago

maximmi commented 3 years ago

Describe the bug Parsing fails when processing terraform required_providers with null provider.

To Reproduce Steps to reproduce the behavior:

  1. Have a versions.tf file in your module with null provider:

    terraform {
required_version = ">= 0.12.26"

required_providers {
null = {
  source  = "hashicorp/null"
  version = ">= 2.0"
}
}
}
  2. Run checkov in docker: docker run -t -e LOG_LEVEL=DEBUG -v $(pwd):/tf bridgecrew/checkov:latest -d /tf
  3. See error 
    
DEBUG:checkov.terraform.parser:failed while parsing file <DirEntry 'versions.tf'>
Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/lark/parsers/lalr_parser.py", line 62, in get_action
return states[state][token.type]
KeyError: 'NULL'

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.8/site-packages/checkov/terraform/parser.py", line 706, in _load_or_die_quietly return _clean_bad_definitions(hcl2.load(f)) File "/usr/local/lib/python3.8/site-packages/hcl2/api.py", line 9, in load return loads(file.read()) File "/usr/local/lib/python3.8/site-packages/hcl2/api.py", line 18, in loads return hcl2.parse(text + "\n") File "/usr/local/lib/python3.8/site-packages/lark/lark.py", line 311, in parse return self.parser.parse(text, start=start) File "/usr/local/lib/python3.8/site-packages/lark/parser_frontends.py", line 89, in parse return self._parse(token_stream, start, [sps] if sps is not NotImplemented else []) File "/usr/local/lib/python3.8/site-packages/lark/parser_frontends.py", line 54, in _parse return self.parser.parse(input, start, args) File "/usr/local/lib/python3.8/site-packages/lark/parsers/lalr_parser.py", line 36, in parse return self.parser.parse(*args) File "/usr/local/lib/python3.8/site-packages/lark/parsers/lalr_parser.py", line 86, in parse action, arg = get_action(token) File "/usr/local/lib/python3.8/site-packages/lark/parsers/lalr_parser.py", line 65, in get_action raise UnexpectedToken(token, expected, state=state) lark.exceptions.UnexpectedToken: Unexpected token Token(NULL, 'null') at line 9, column 5. Expected one of:

Expected behavior No parsing errors

Desktop (please complete the following information):

Additional context

       _               _
   ___| |__   ___  ___| | _______   __
  / __| '_ \ / _ \/ __| |/ / _ \ \ / /
 | (__| | | |  __/ (__|   < (_) \ V /
  \___|_| |_|\___|\___|_|\_\___/ \_/

By bridgecrew.io | version: 1.0.696

terraform scan results:

Passed checks: 20, Failed checks: 0, Skipped checks: 0, Parsing errors: 1
schosterbarak commented 3 years ago

looks like an upstream issue in https://github.com/amplify-education/python-hcl2. @arielkru have an idea how to solve this one?