search

coinbase / terraform-landscape

Improve Terraform's plan output to be easier to read and understand
Apache License 2.0
1.59k stars 116 forks source link

JSON diffs not being displayed in alpine docker image #51

Closed rifelpet closed 6 years ago

rifelpet commented 6 years ago

I'm seeing a bizarre issue with landscape on the official ruby alpine docker image but not the ruby debian docker image. The JSON diffs are blank. gem versions are otherwise identical so I'm not sure exactly why this is happening

Alpine:

$ docker run -it ruby:2.3-alpine sh
/ # gem install -q terraform_landscape -v 0.1.17
Successfully installed colorize-0.8.1
Successfully installed highline-1.7.10
Successfully installed commander-4.4.4
Successfully installed diffy-3.2.0
Successfully installed polyglot-0.3.5
Successfully installed treetop-1.6.10
Successfully installed terraform_landscape-0.1.17
7 gems installed
/ # gem list

*** LOCAL GEMS ***

bigdecimal (default: 1.2.8)
bundler (default: 1.16.1)
colorize (0.8.1)
commander (4.4.4)
did_you_mean (1.0.0)
diffy (3.2.0)
highline (1.7.10)
io-console (default: 0.4.5)
json (default: 1.8.3.1)
minitest (5.8.5)
net-telnet (0.1.1)
polyglot (0.3.5)
power_assert (0.2.6)
psych (default: 2.1.0.1)
rake (10.4.2)
rdoc (default: 4.2.1)
rubygems-update (2.7.6)
terraform_landscape (0.1.17)
test-unit (3.1.5)
treetop (1.6.10)
/ # cat << EOF | landscape
   ~ aws_iam_role.myrole
       assume_role_policy: "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::1234567890:root\"},\"Action\":\"sts:AssumeRole\"}]}" => "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"\",\n      \"Effect\": \"Allow\",\n      \"Action\": \"sts:AssumeRole\",\n      \"Principal\": {\n        \"AWS\": [\n          \"arn:aws:iam::1234567890:root\",\n          \"arn:aws:iam::2345678901:root\"\n   ],\n        \"Service\": [\n          \"lambda.amazonaws.com\",\n          \"ec2.amazonaws.com\"\n        ]\n      }\n    }\n  ]\n}"
EOF
~ aws_iam_role.myrole
    assume_role_policy:

Debian:

$ docker run -it --rm ruby:2.3 sh
# gem install -q terraform_landscape -v 0.1.17
Successfully installed colorize-0.8.1
Successfully installed highline-1.7.10
Successfully installed commander-4.4.4
Successfully installed diffy-3.2.0
Successfully installed polyglot-0.3.5
Successfully installed treetop-1.6.10
Successfully installed terraform_landscape-0.1.17
7 gems installed
# gem list

*** LOCAL GEMS ***

bigdecimal (default: 1.2.8)
bundler (default: 1.16.1)
colorize (0.8.1)
commander (4.4.4)
did_you_mean (1.0.0)
diffy (3.2.0)
highline (1.7.10)
io-console (default: 0.4.5)
json (default: 1.8.3.1)
minitest (5.8.5)
net-telnet (0.1.1)
polyglot (0.3.5)
power_assert (0.2.6)
psych (default: 2.1.0.1)
rake (10.4.2)
rdoc (default: 4.2.1)
rubygems-update (2.7.6)
terraform_landscape (0.1.17)
test-unit (3.1.5)
treetop (1.6.10)
# cat << EOF | landscape
   ~ aws_iam_role.myrole
       assume_role_policy: "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::1234567890:root\"},\"Action\":\"sts:AssumeRole\"}]}" => "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"\",\n      \"Effect\": \"Allow\",\n      \"Action\": \"sts:AssumeRole\",\n      \"Principal\": {\n        \"AWS\": [\n          \"arn:aws:iam::1234567890:root\",\n          \"arn:aws:iam::2345678901:root\"\n        ],\n        \"Service\": [\n          \"lambda.amazonaws.com\",\n          \"ec2.amazonaws.com\"\n        ]\n      }\n    }\n  ]\n}"
EOF
~ aws_iam_role.myrole
    assume_role_policy:   {
                             "Version": "2012-10-17",
                             "Statement": [
                               {
                          +      "Sid": "",
                                 "Effect": "Allow",
                          +      "Action": "sts:AssumeRole",
                                 "Principal": {
                          -        "AWS": "arn:aws:iam::1234567890:root"
                          -      },
                          -      "Action": "sts:AssumeRole"
                          +        "AWS": [
                          +          "arn:aws:iam::1234567890:root",
                          +          "arn:aws:iam::2345678901:root"
                          +        ],
                          +        "Service": [
                          +          "lambda.amazonaws.com",
                          +          "ec2.amazonaws.com"
                          +        ]
                          +      }
                               }
                             ]
                           }

You can copy that cat << EOF heredoc yourself to try it out. Any idea what is causing this?

sds commented 6 years ago

Hey @rifelpet, thanks for the report.

The problem lies with the Diffy gem. The diff command it constructs includes an argument -U 5 (indicating we want to include 5 lines of context). The diff that ships with the Alpine Docker image in question doesn't handle these arguments correctly:

diff: invalid number ' 5'

The solution to this is in an open PR on the project. I would encourage you to reach out to the maintainer of that project to fix!

I'm going to close this as it is an issue outside of our control, and seems like a nuanced enough situation to not warrant significant effort on our part to fix. Thanks!

rifelpet commented 6 years ago

@sds Thanks for looking into this! Installing a non-busybox diff with apk add --no-cache diffutils fixed the problem for me and is a sufficient workaround until that PR gets merged.

$ docker run -it --rm ruby:2.3-alpine sh
/ # gem install -q terraform_landscape -v 0.1.17
Successfully installed colorize-0.8.1
Successfully installed highline-1.7.10
Successfully installed commander-4.4.4
Successfully installed diffy-3.2.0
Successfully installed polyglot-0.3.5
Successfully installed treetop-1.6.10
Successfully installed terraform_landscape-0.1.17
7 gems installed
/ # cat << EOF | landscape
>    ~ aws_iam_role.myrole
>        assume_role_policy: "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::1234567890:root\"},\"Action\":\"sts:AssumeRole\"
}]}" => "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"\",\n      \"Effect\": \"Allow\",\n      \"Action\": \"sts:AssumeRole\",\n      \"Principal\"
: {\n        \"AWS\": [\n          \"arn:aws:iam::1234567890:root\",\n          \"arn:aws:iam::2345678901:root\"\n   ],\n        \"Service\": [\n          \"lambda.amazonaws.com\",\
n          \"ec2.amazonaws.com\"\n        ]\n      }\n    }\n  ]\n}"
> EOF
~ aws_iam_role.myrole
    assume_role_policy:

/ # apk add --no-cache diffutils
fetch http://dl-cdn.alpinelinux.org/alpine/v3.4/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.4/community/x86_64/APKINDEX.tar.gz
(1/1) Installing diffutils (3.3-r0)
Executing busybox-1.24.2-r14.trigger
OK: 22 MiB in 30 packages
/ # cat << EOF | landscape
>    ~ aws_iam_role.myrole
>        assume_role_policy: "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::1234567890:root\"},\"Action\":\"sts:AssumeRole\"
}]}" => "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"\",\n      \"Effect\": \"Allow\",\n      \"Action\": \"sts:AssumeRole\",\n      \"Principal\"
: {\n        \"AWS\": [\n          \"arn:aws:iam::1234567890:root\",\n          \"arn:aws:iam::2345678901:root\"\n   ],\n        \"Service\": [\n          \"lambda.amazonaws.com\",\
n          \"ec2.amazonaws.com\"\n        ]\n      }\n    }\n  ]\n}"
> EOF
~ aws_iam_role.myrole
    assume_role_policy:   {
                             "Version": "2012-10-17",
                             "Statement": [
                               {
                          +      "Sid": "",
                                 "Effect": "Allow",
                          +      "Action": "sts:AssumeRole",
                                 "Principal": {
                          -        "AWS": "arn:aws:iam::1234567890:root"
                          -      },
                          -      "Action": "sts:AssumeRole"
                          +        "AWS": [
                          +          "arn:aws:iam::1234567890:root",
                          +          "arn:aws:iam::2345678901:root"
                          +        ],
                          +        "Service": [
                          +          "lambda.amazonaws.com",
                          +          "ec2.amazonaws.com"
                          +        ]
                          +      }
                               }
                             ]
                           }