search

terraform-linters / tflint-ruleset-terraform

TFLint ruleset for Terraform Language
Mozilla Public License 2.0
65 stars 24 forks source link

tflint throws terraform_unused_declarations when data is used within a concat() block #107

Closed TechnicallyJoe closed 1 year ago

TechnicallyJoe commented 1 year ago

Summary

even though both azuread_users.owners & azuread_client_config.current are used in concat() block, tflint throws a terraform_unused_declarations warning.

Command

tflint --recursive

Terraform Configuration

data "azuread_client_config" "current" {}

# get owners object ids
data "azuread_users" "owners" {
  user_principal_name = var.owners
}

# create access group
resource "azuread_group" "blabla" {
  display_name            = var.project_name
  owners                  = concat(azuread_users.owners.object_ids, azuread_client_config.current.object_id)
  description             = local.rbac_aad_admin_grp_description
  security_enabled        = true
  visibility              = "Private"
  prevent_duplicate_names = true
}

TFLint Configuration

# Default ruleset: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/main/docs/rules/README.md

plugin "azurerm" {
  enabled = true
  version = "0.23.0"
  source  = "github.com/terraform-linters/tflint-ruleset-azurerm"
}

# Ensure that a module complies with the Terraform Standard Module Structure
rule "terraform_standard_module_structure" {
  enabled = true
}

# Disallow deprecated (0.11-style) interpolation
rule "terraform_deprecated_interpolation" {
  enabled = true
}

# Enforces naming conventions
rule "terraform_naming_convention" {
  enabled = true
  format  = "snake_case"
}

# Enforce the use of description on all variables
rule "terraform_documented_variables" {
  enabled = true
}

# Enforce the use of description on all outputs
rule "terraform_documented_outputs" {
  enabled = true
}

# Disallow // comments in favor of #
rule "terraform_comment_syntax" {
  enabled = true
}

Output

tflint --recursive                                                                                                                       
2 issue(s) found:                                                                                                                        

Warning: [Fixable] data "azuread_client_config" "current" is declared but not used (terraform_unused_declarations)                       

  on full_rbac\role_based_access_control.tf line 4:                                                                                      
   4: data "azuread_client_config" "current" {}                                                                                          

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.4.0/docs/rules/terraform_unused_declarations.md         

Warning: [Fixable] data "azuread_users" "owners" is declared but not used (terraform_unused_declarations)                                

  on full_rbac\role_based_access_control.tf line 7:                                                                                      
   7: data "azuread_users" "owners" {                                                                                                    

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.4.0/docs/rules/terraform_unused_declarations.md

TFLint Version

0.47.0

Terraform Version

1.5.0

Operating System

bendrucker commented 1 year ago

The output is correct and unrelated to use of concat. You are referencing resources that don't exist. You should always be running your configuration through terraform validate to make sure it's structurally valid, typically before running TFLint.