search

stelligent / config-lint

Command line tool to validate configuration files
https://stelligent.github.io/config-lint/#/
MIT License
195 stars 39 forks source link

Terraform12 Parser doesn't pass nested resources properly #146

Closed phelewski closed 4 years ago

phelewski commented 4 years ago

While I was writing tests for the tf12 parser I ran into a bug where a reference to another resource (within the same file) is loading as an empty result.

Example File:

resource "aws_vpc" "test_vpc" {
  cidr_block = "10.0.0.0/16"
}

resource "aws_acm_certificate" "test_cert" {
  domain_name       = "foobar.com"
  validation_method = "DNS"

  lifecycle {
    create_before_destroy = true
  }
}

resource "aws_lb" "test_lb" {
}

resource "aws_lb_target_group" "test_lb_target_group" {
  vpc_id = aws_vpc.test_vpc.id
}

resource "aws_alb_listener" "listener_secure_https_set" {
  load_balancer_arn = aws_lb.test_lb.arn
  port              = "443"
  protocol          = "HTTPS"
  ssl_policy        = "ELBSecurityPolicy-2016-08"
  certificate_arn   = aws_acm_certificate.test_cert.arn

  default_action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.test_lb_target_group.arn
  }
}

The following arguments in the aws_alb_listener resource are empty:

1. Violation:
  Rule Message: ALB listener should use HTTPS
  Rule Id: ALB_LISTENER_HTTPS
  Resource ID: listener_secure_https_set
  Resource Type: aws_alb_listener
  Category: resource
  Status: FAILURE
  Assertion Message: certificate_arn() should be equal to foo
  Filename: testdata/builtin/terraform12/aws/alb_listener/https.tf
  Line Number: 23
  Created At: 2020-02-25T21:19:04Z
2. Violation:
  Rule Message: ALB listener should use HTTPS
  Rule Id: ALB_LISTENER_HTTPS
  Resource ID: listener_secure_https_set
  Resource Type: aws_alb_listener
  Category: resource
  Status: FAILURE
  Assertion Message: load_balancer_arn() should be equal to foo
  Filename: testdata/builtin/terraform12/aws/alb_listener/https.tf
  Line Number: 23
  Created At: 2020-02-25T21:19:04Z
3. Violation:
  Rule Message: ALB listener should use HTTPS
  Rule Id: ALB_LISTENER_HTTPS
  Resource ID: listener_secure_https_set
  Resource Type: aws_alb_listener
  Category: resource
  Status: FAILURE
  Assertion Message: Every expression fails: And expression fails: target_group_arn() should be equal to foo
  Filename: testdata/builtin/terraform12/aws/alb_listener/https.tf
  Line Number: 23
  Created At: 2020-02-25T21:19:04Z

Debugger window Screen Shot 2020-02-25 at 3 42 41 PM