Terraform Static Code Analysis - scheduled scan of all directories is failing

[ewastempel]

Expected Behavior

The daily SCA scan of all directories should run clean, like in this instance from about a week ago.

Errors:

Error: Invalid index

  on terraform/environments/core-vpc/transit-gateway-attachment.tf line 35, in module "vpc_attachment":
  35:   for_each = toset(keys(local.vpcs[terraform.workspace]))

with local.vpcs as object with 5 attributes,
     terraform.workspace as "default".

The given key does not identify an element in this collection value.

Actual Behavior

The daily SCA scan of all directories fails for tflint in the modernisation-platform/terraform/environments/core-vpc directory, like in this instance from today,

Steps to Reproduce the Problem

The workflow runs daily on schedule, see the failing alert generated daily in slack.

NOTE, the scheduled workflow run clean a week ago, so this is a new bug.

Version

for a failing workflow: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1 tflint version installed on docker image in github-actions: 0.50.0

for a successful workflow: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1 tflint version installed on docker image in github-actions: 0.49.0

Modules

No response

Account

No response

[ewastempel]

Tflint version 0.50.0 had breaking changes and introduced a bug in our terraform code, as now by default tf modules are run if they are local. It can be turned off by setting --call-module-type=none, but the changes to allow it, must be made in the github-actions code, before this can be implemented in our GH workflows.

[ewastempel]

Created a PR to fix the issue in the github-actions repo: https://github.com/ministryofjustice/github-actions/pull/226