Closed stksz closed 2 years ago
Hmm, the correct behavior would be the reverse. TFLint's module feature is meant to raise errors caused by the supplied variables in a call, not to check the static content of the module itself.
Confirmed this is not an issue with that rule. It evaluates the variable and the logic is correct. This is a bug with TFLint's propagation of issues from modules. Issues should only be propagated when their expression references a module variable:
This logic is not working correctly for plugins. Will need to spend more time debugging to find a fix.
This is a bug in the rule. In order to propagate the issue and expression associations to the host, the plugin must use the appropriate API.
The aws_s3_bucket_name
rule uses the EmitIssue
API and you can't specify the association with the expression:
https://github.com/terraform-linters/tflint-ruleset-aws/blob/v0.8.0/rules/aws_s3_bucket_name.go#L73-L77
In this case, the rule should use EmitIssueOnExpr
API.
https://github.com/terraform-linters/tflint-ruleset-aws/blob/v0.8.0/rules/aws_api_gateway_model_invalid_name.go#L55-L59
I have the following in place:
tflint-config:
Terrafrom "main-module":
The used Terraform-module:
When I now run "tflint" within the "main-modules"-directory I don't get any error even though the rule for "aws_s3_bucket_name" should produce an error as the value for "bucket_name" does not match die regex and the prefix of the rule. Changing "bucket" from within the module from "bucket = var.bucket_name" to something like "bucket = "foobar"" results in getting the expected error-message as the bucket-name does not adhere to the rule(s).
Version