search

turbot / steampipe

Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.
https://steampipe.io
GNU Affero General Public License v3.0
6.84k stars 264 forks source link

steampipe check never returns if single control with error #2378

Closed e-gineer closed 1 year ago

e-gineer commented 2 years ago

I built a little test mod, with a broken query that returns Ok instead of ok for the control status:

mod "myawscompl" {
  title = "my aws compliance"
  require {
    mod "github.com/turbot/steampipe-mod-aws-compliance" {
      version = "latest"
    }
  }
}

control "my_cis_v140_2_1_1" {
  title = "2.1.1 Ensure all S3 buckets employ encryption-at-rest"
  query = query.my_s3_bucket_default_encryption_enabled
}

query "my_s3_bucket_default_encryption_enabled" {
  sql = <<EOQ
    select
      -- Required Columns
      arn as resource,
      case
        when server_side_encryption_configuration is not null then 'Ok'
        else 'Alarm'
      end status,
      case
        when server_side_encryption_configuration is not null then name || ' default encryption enabled.'
        else name || ' default encryption disabled.'
      end reason,
      -- Additional Dimensions
      region,
      account_id
    from
      aws_s3_bucket
    where
      region = 'us-east-1'
  EOQ
}

Install dependencies:

steampipe mod install

But when running it hangs:

/tmp/crap $ steampipe --version
steampipe version 0.16.1-rc.1
/tmp/crap $ steampipe check control.my_cis_v140_2_1_1
⠸ Running 1 control. (0 complete, 0 running, 0 pending, 1 error)

Pressing Ctrl-C reveals the error:

/tmp/crap $ steampipe check control.my_cis_v140_2_1_1

+ 2.1.1 Ensure all S3 buckets employ encryption-at-rest ........................................................................................................................... 1 / 1 [          ]

  ERROR: invalid control status 'Ok'

Summary

OK .................................................................................................................................................................................... 0 [          ]
SKIP .................................................................................................................................................................................. 0 [          ]
INFO .................................................................................................................................................................................. 0 [          ]
ALARM ................................................................................................................................................................................. 0 [          ]
ERROR ................................................................................................................................................................................. 1 [==========]

TOTAL ............................................................................................................................................................................. 1 / 1 [==========]

/tmp/crap $

Totally silly case ... but it shouldn't hang.

github-actions[bot] commented 1 year ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

pskrbasu commented 1 year ago

Tested in 0.21.0-beta.0. Does not hang. Returns the error ERROR: invalid control status 'Alarm'