Terraform init for module dependency

[nlamirault]

i'm using Google cloud-nat module, and i've got this error message :

Run triat/terraform-security-scan@master
/usr/bin/docker run --name bb10d76de538682b4ee688b88191960063ad_70b068 --label 54bb10 --workdir /github/workspace --rm -e GITHUB_TOKEN -e INPUT_TFSEC_ACTIONS_WORKING_DIR -e INPUT_TFSEC_ACTIONS_COMMENT -e INPUT_TFSEC_EXCLUDE -e INPUT_TFSEC_VERSION -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/portefaix/portefaix":"/github/workspace" 54bb10:d76de538682b4ee688b88191960063ad
go: finding github.com/tfsec/tfsec v0.36.4
go: downloading github.com/tfsec/tfsec v0.36.4
go: extracting github.com/tfsec/tfsec v0.36.4
go: downloading github.com/liamg/clinch v1.3.0
go: downloading github.com/spf13/cobra v1.0.0
go: downloading github.com/zclconf/go-cty v1.5.1
go: downloading github.com/owenrumney/go-sarif v0.0.5
go: downloading github.com/liamg/tml v0.2.0
go: downloading github.com/zclconf/go-cty-yaml v1.0.1
go: downloading github.com/hashicorp/hcl v1.0.0
go: extracting github.com/owenrumney/go-sarif v0.0.5
go: extracting github.com/spf13/cobra v1.0.0
go: extracting github.com/zclconf/go-cty-yaml v1.0.1
go: extracting github.com/zclconf/go-cty v1.5.1
go: extracting github.com/hashicorp/hcl v1.0.0
go: downloading github.com/inconshreveable/mousetrap v1.0.0
go: extracting github.com/liamg/tml v0.2.0
go: downloading golang.org/x/text v0.3.2
go: downloading github.com/spf13/pflag v1.0.3
go: downloading github.com/hashicorp/terraform v0.12.28
go: downloading github.com/apparentlymart/go-textseg v1.0.0
go: extracting github.com/inconshreveable/mousetrap v1.0.0
go: downloading github.com/hashicorp/hcl/v2 v2.7.0
go: extracting github.com/spf13/pflag v1.0.3
go: extracting github.com/apparentlymart/go-textseg v1.0.0
go: extracting github.com/liamg/clinch v1.3.0
go: downloading github.com/apparentlymart/go-textseg/v12 v12.0.0
go: downloading golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37
go: extracting github.com/apparentlymart/go-textseg/v12 v12.0.0
go: extracting github.com/hashicorp/hcl/v2 v2.7.0
go: extracting golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37
go: downloading github.com/agext/levenshtein v1.2.2
go: extracting github.com/agext/levenshtein v1.2.2
go: extracting github.com/hashicorp/terraform v0.12.28
go: downloading github.com/mitchellh/go-wordwrap v1.0.0
go: extracting github.com/mitchellh/go-wordwrap v1.0.0
go: downloading golang.org/x/sys v0.0.0-20190804053845-51ab0e2deafa
go: extracting golang.org/x/sys v0.0.0-20190804053845-51ab0e2deafa
go: extracting golang.org/x/text v0.3.2
go: downloading github.com/bmatcuk/doublestar v1.1.5
go: downloading github.com/mitchellh/go-homedir v1.1.0
go: downloading github.com/google/uuid v1.1.1
go: downloading github.com/apparentlymart/go-cidr v1.0.1
go: downloading github.com/hashicorp/go-uuid v1.0.1
go: extracting github.com/mitchellh/go-homedir v1.1.0
go: extracting github.com/google/uuid v1.1.1
go: extracting github.com/bmatcuk/doublestar v1.1.5
go: extracting github.com/hashicorp/go-uuid v1.0.1
go: extracting github.com/apparentlymart/go-cidr v1.0.1
go: finding golang.org/x/text v0.3.4
go: finding github.com/apparentlymart/go-textseg/v12 v12.0.0
go: finding github.com/google/uuid v1.1.2
go: finding github.com/apparentlymart/go-cidr v1.1.0
go: finding golang.org/x/crypto latest
go: finding github.com/agext/levenshtein v1.2.3
go: finding golang.org/x/sys latest
go: finding github.com/bmatcuk/doublestar v1.3.3
go: finding github.com/hashicorp/go-uuid v1.0.2
go: finding github.com/hashicorp/hcl/v2 v2.7.0
go: finding github.com/mitchellh/go-homedir v1.1.0
go: finding github.com/hashicorp/terraform v0.13.5
go: finding github.com/zclconf/go-cty v1.7.0
go: finding github.com/zclconf/go-cty-yaml v1.0.2
go: finding github.com/mitchellh/go-wordwrap v1.0.1
go: finding github.com/spf13/cobra v1.1.1
go: finding github.com/spf13/pflag v1.0.5
go: finding github.com/inconshreveable/mousetrap v1.0.0
go: finding github.com/liamg/tml v0.3.0
go: finding github.com/owenrumney/go-sarif v0.0.5
go: finding github.com/liamg/clinch v1.5.1
go: downloading github.com/spf13/cobra v1.1.1
go: downloading github.com/liamg/tml v0.3.0
go: downloading github.com/zclconf/go-cty v1.7.0
go: downloading github.com/agext/levenshtein v1.2.3
go: downloading github.com/zclconf/go-cty-yaml v1.0.2
go: downloading github.com/mitchellh/go-wordwrap v1.0.1
go: downloading github.com/hashicorp/terraform v0.13.5
go: downloading github.com/liamg/clinch v1.5.1
go: extracting github.com/zclconf/go-cty-yaml v1.0.2
go: extracting github.com/spf13/cobra v1.1.1
go: extracting github.com/mitchellh/go-wordwrap v1.0.1
go: extracting github.com/liamg/tml v0.3.0
go: downloading github.com/spf13/pflag v1.0.5
go: extracting github.com/agext/levenshtein v1.2.3
go: extracting github.com/zclconf/go-cty v1.7.0
go: extracting github.com/spf13/pflag v1.0.5
go: downloading golang.org/x/text v0.3.4
go: extracting github.com/liamg/clinch v1.5.1
go: downloading golang.org/x/crypto v0.0.0-20201116153603-4be66e5b6582
go: extracting github.com/hashicorp/terraform v0.13.5
go: extracting golang.org/x/crypto v0.0.0-20201116153603-4be66e5b6582
go: downloading golang.org/x/term v0.0.0-20201113234701-d7a72108b828
go: extracting golang.org/x/term v0.0.0-20201113234701-d7a72108b828
go: downloading golang.org/x/sys v0.0.0-20201116161645-c061ba923fbb
go: extracting golang.org/x/text v0.3.4
go: extracting golang.org/x/sys v0.0.0-20201116161645-c061ba923fbb
go: downloading github.com/bmatcuk/doublestar v1.3.3
go: downloading github.com/google/uuid v1.1.2
go: downloading github.com/apparentlymart/go-cidr v1.1.0
go: downloading github.com/hashicorp/go-uuid v1.0.2
go: extracting github.com/google/uuid v1.1.2
go: extracting github.com/hashicorp/go-uuid v1.0.2
go: extracting github.com/bmatcuk/doublestar v1.3.3
go: extracting github.com/apparentlymart/go-cidr v1.1.0
go: finding golang.org/x/term latest
WARNING: Failed to load module: missing module with source 'terraform-google-modules/cloud-nat/google' -  try to 'terraform init' first

  disk i/o             1.233921ms
  parsing HCL          13.9µs
  evaluating values    175.503µs
  running checks       167.803µs
  files loaded         5

No problems detected!
0s
0s

How can if fix that ? Thanks.

[triat]

Hello @nlamirault,

This is not really an error that you see with this line: WARNING: Failed to load module: missing module with source 'terraform-google-modules/cloud-nat/google' - try to 'terraform init' first

As it says it is a warning and it says that you haven't loaded the module for cloud-nat/google. This would need to be set up in a step before the terraform-security-scan

Is it more clear to you?

[nlamirault]

OK. It is possbile to perform a terraform init using the Action ? @triat

gcp_gke:
    name: gcp-gke
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2

      - name: Terraform security scan master
        uses: triat/terraform-security-scan@master
        with:
          tfsec_actions_working_dir: 'iac/gcp/gke'
        run: |
          terraform init .....
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

[triat]

Right now, it isn't possible. We could think about having something like that but I wonder if this could trigger other issues.