tenable / terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
https://runterrascan.io
Apache License 2.0
4.77k stars 503 forks source link

non-recursive is not an option #1679

Open anavrotski opened 5 months ago

anavrotski commented 5 months ago

All these issues:

are about the same problem - if you want to use terrascan, you should change your project structure. If some folders in your project are not containing terraform files, you'll get an error. That prevents me from using this tool in the CI pipeline and even in local checks.

Is there any plans to solve this issue ?

jesusplanas commented 5 months ago

Hi, we are facing the same problem. If we use the --non-recursive parameter we always get an error like:

| Running Terrascan in directory: ./workflow_tests/terraform/basic 
| 2024-06-27T08:09:53.282Z  error   cli/run.go:141  scan run failed{error 26 0  1 error occurred:
|   * failed to build terraform allResourcesConfig
| 
| }

If we do not add the --non-recursive option also get an error like:

Running Terrascan in directory: ./workflow_tests/terraform/basic 

Scan Errors -

    IaC Type            :   terraform
    Directory           :   /home/runner/work/github-workflows/github-workflows/workflow_tests/terraform/basic
    Error Message       :   failed to build unified config. errors:
<nil>: Invalid module config directory; Module directory '/home/runner/work/github-workflows/github-workflows/workflow_tests' has no terraform config files for module naming

    -----------------------------------------------------------------------

Scan Summary -

    File/Folder         :   /home/runner/work/github-workflows/github-workflows/workflow_tests/terraform/basic
    IaC Type            :   terraform
    Scanned At          :   2024-06-27 08:14:29.561496867 +0000 UTC
    Policies Validated  :   174
    Violated Policies   :   0
    Low                 :   0
    Medium              :   0
    High                :   0

Error: Process completed with exit code 4.

This also prevents us to use the GH action or even the package installed in our local envs.

Terrascan version: v1.19.1

EliiseS commented 1 week ago

Any updates on this?