search

terraform-compliance / cli

a lightweight, security focused, BDD test framework against terraform.
https://terraform-compliance.com
MIT License
1.35k stars 151 forks source link

Exception thrown in main.py at line 150 #605

Closed jekwesco closed 2 years ago

jekwesco commented 2 years ago

Description

Trying to run terraform-compliance GitHub action and getting an exception being thrown. Simple Azure PoC with a simple Terraform config and just trying to use the tests that are in user-friendly-features.

To Reproduce

GitHub Action yaml. Passing in the plan file via upload/download archive.

jobs:
  scan:
    # The type of runner that the job will run on 
    runs-on: ubuntu-latest

    # Steps represent a sequence of tasks 
    # that will be executed as part of the job
    steps:
      - name: Download Plan File
        uses: actions/download-artifact@v3
        with:
          name: ${{inputs.plan_to_scan}}
      - name: Show files
        run: |
          pwd
          ls -l    
      - name: terraform-compliance
        uses: terraform-compliance/github_action@main
        with:
          plan: plan.out.json
          features: git:https://github.com/terraform-compliance/user-friendly-features.git

Feature File:

Only using user-friendly-features git repo

Plan File:

{
    "format_version": "1.0",
    "terraform_version": "1.1.7",
    "planned_values": {
        "root_module": {
            "resources": [
                {
                    "address": "azurerm_resource_group.example",
                    "mode": "managed",
                    "type": "azurerm_resource_group",
                    "name": "example",
                    "provider_name": "registry.terraform.io/hashicorp/azurerm",
                    "schema_version": 0,
                    "values": {
                        "location": "eastus",
                        "name": "tf-action-test-delete1",
                        "tags": null,
                        "timeouts": null
                    },
                    "sensitive_values": {}
                }
            ]
        }
    },
    "resource_drift": [
        {
            "address": "azurerm_resource_group.example",
            "mode": "managed",
            "type": "azurerm_resource_group",
            "name": "example",
            "provider_name": "registry.terraform.io/hashicorp/azurerm",
            "change": {
                "actions": [
                    "delete"
                ],
                "before": {
                    "id": "<removed>/tf-action-test-delete1",
                    "location": "eastus",
                    "name": "tf-action-test-delete1",
                    "tags": null,
                    "timeouts": null
                },
                "after": null,
                "after_unknown": {},
                "before_sensitive": {},
                "after_sensitive": false
            }
        }
    ],
    "resource_changes": [
        {
            "address": "azurerm_resource_group.example",
            "mode": "managed",
            "type": "azurerm_resource_group",
            "name": "example",
            "provider_name": "registry.terraform.io/hashicorp/azurerm",
            "change": {
                "actions": [
                    "create"
                ],
                "before": null,
                "after": {
                    "location": "eastus",
                    "name": "tf-action-test-delete1",
                    "tags": null,
                    "timeouts": null
                },
                "after_unknown": {
                    "id": true
                },
                "before_sensitive": false,
                "after_sensitive": {}
            }
        }
    ],
    "configuration": {
        "provider_config": {
            "azurerm": {
                "name": "azurerm",
                "expressions": {
                    "features": [
                        {}
                    ]
                }
            }
        },
        "root_module": {
            "resources": [
                {
                    "address": "azurerm_resource_group.example",
                    "mode": "managed",
                    "type": "azurerm_resource_group",
                    "name": "example",
                    "provider_config_key": "azurerm",
                    "expressions": {
                        "location": {
                            "constant_value": "East US"
                        },
                        "name": {
                            "constant_value": "tf-action-test-delete1"
                        }
                    },
                    "schema_version": 0
                }
            ]
        }
    }
}

Sample Terraform Code:

# Create a resource group
resource "azurerm_resource_group" "example" {
  name     = "tf-action-test-delete1"
  location = "East US"
}

terraform {
  #required_providers {
  #azurerm = "~> 2.91.0"
  backend "remote" {
    hostname     = "app.terraform.io"
    organization = "wescodist"

    workspaces {
      name = "devsecops-sandbox"
      #name = "iot-sandbox"
      #prefix = "sp-sandbox"
    }
  }
}

provider "azurerm" {
  features {}
  #skip_provider_registration = "true"
}
}

Used terraform-compliance Parameters:

only -p/-f

Running via Docker:

GitHub Actions

Error Output:

terraform-compliance v1.3.31 initiated

Error in sys.excepthook: Using remote git repository: git:https://github.com/terraform-compliance/user-friendly-features.git

Features : /home/runner/work/tf-sonarcube-community-edition/tf-sonarcube-community-edition/git:https:/github.com/terraform-compliance/user-friendly-features.git/ Plan File : /home/runner/work/tf-sonarcube-community-edition/tf-sonarcube-community-edition/plan.out.json

  • Running in non-interactive mode.

Running tests.

list index out of range ! ERROR: local variable 'result' referenced before assignment Traceback (most recent call last): File "/home/runner/.local/lib/python3.8/site-packages/radish/errororacle.py", line 72, in catch_unhandled_exception handle_exception(exc_value) File "/home/runner/.local/lib/python3.8/site-packages/terraform_compliance/extensions/override_radish_hookerrors.py", line 67, in handle_exception write_failure(Failure(exception)) File "/home/runner/.local/lib/python3.8/site-packages/radish/utils.py", line 39, in init traceback_info = traceback.extract_tb(sys.exc_info()[2])[-1] IndexError: list index out of range

Original exception was: Traceback (most recent call last): File "/usr/local/bin/terraform-compliance", line 8, in sys.exit(cli()) File "/home/runner/.local/lib/python3.8/site-packages/terraform_compliance/main.py", line 150, in cli return result UnboundLocalError: local variable 'result' referenced before assignment Error: Process completed with exit code 1.

Expected Behavior:

No exception? :)

Tested Versions:

eerkunt commented 2 years ago

This problem should be fixed along with #608

jekwesco commented 2 years ago

Hey @eerkunt this seems to be fixed. Sorry for taking so long to verify. Thanks!