error: undefined local variable or method `host' for #<TerraformLandscape::TerraformPlan:0x00007ff6dea84530>.

[andrewhertog]

Getting this error now with recent release of terraform aws provider version 1.33.0.

error: undefined local variable or method `host' for #<TerraformLandscape::TerraformPlan:0x00007ff6dea84530>.

Please see https://github.com/terraform-providers/terraform-provider-aws/issues/5661 for expanded details and stack trace

[jianyuan]

It's probably due to the fact that the new fixed-response config values contain valid Ruby string interpolation variables which are evaled by terraform-landscape.

• #{protocol}
• #{host}
• #{port}
• #{path}
• #{query}

Culprits:

• https://github.com/coinbase/terraform-landscape/blob/11c5de7f5c42b725e1f8083e6e9a82a2ed391871/lib/terraform_landscape/terraform_plan.rb#L181
• https://github.com/coinbase/terraform-landscape/blob/11c5de7f5c42b725e1f8083e6e9a82a2ed391871/lib/terraform_landscape/terraform_plan.rb#L220

I do question the use of evals as it poses a security concern.

References:

• https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html
• https://github.com/terraform-providers/terraform-provider-aws/pull/5430

[sds]

Totally agree about the use of eval. You can see that I explicitly ignore the security warning.

This was a quick solution to a problem, and it's clear we've outgrown it. The proper solution is to create a Treetop grammar to parse the hashrocket-style attribute declarations.

Would love help with this!

[robacarp]

Given that this isn't security software and therefore doesn't need to deal with malicious input data in the same way a search engine does, a full grammar is probably overkill. Could this be kicked down the road by simply running a quick and dirty escape on the input string, converting #{ into ${?

[dozen]

I tried submitting PR to fix this problem: #73

[sds]

Fixed in #73