You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Using a local composed with variables or other local raises this error: eval_conflict_error: object keys must be unique
The issue was discovered by using a module creating a s3 bucket. But we are using the module several times in the same repository to create the buckets in different region. And the name of the bucket is composed of different variables provided in the call.
How you're running Regula
I'm using Regula >= v2.9.2 as a Rego library with OPA >= v0.43.1.
Operating System
Mac OS
Steps to reproduce
Step 1 - Create these TF files with these contents:
$ regula run .
FATAL rules/tf/aws/cloudtrail/s3_access_logging.rego:42: eval_conflict_error: object keys must be unique
Step 3 - More test by running different version of regula
$ V="2.9.1 2.9.2 2.9.3 2.10.0"
$ forvin$V;doecho"---> $v"; docker run -v $PWD:/tf -it fugue/regula:v$v run /tf;echo"";done
---> 2.9.1
FG_R00099: S3 bucket server-side encryption should be enabled [High]
https://docs.fugue.co/FG_R00099.html
[1]: module.ireland.aws_s3_bucket.activity_log
in /tf/module/activity_log/s3.tf.tf:18:1
included at /tf/main.tf:72:12
[2]: module.virginia.aws_s3_bucket.activity_log
in /tf/module/activity_log/s3.tf.tf:18:1
included at /tf/main.tf:84:12
[...]
---> 2.9.2
FATAL rules/tf/aws/cloudtrail/s3_access_logging.rego:42: eval_conflict_error: object keys must be unique
---> 2.9.3
FATAL rules/tf/aws/cloudtrail/s3_access_logging.rego:42: eval_conflict_error: object keys must be unique
---> 2.10.0
FATAL rules/tf/aws/cloudtrail/s3_access_logging.rego:42: eval_conflict_error: object keys must be unique
Describe the bug
Using a local composed with variables or other local raises this error: eval_conflict_error: object keys must be unique
The issue was discovered by using a module creating a s3 bucket. But we are using the module several times in the same repository to create the buckets in different region. And the name of the bucket is composed of different variables provided in the call.
How you're running Regula
Operating System
Mac OS
Steps to reproduce
$ regula run . FATAL rules/tf/aws/cloudtrail/s3_access_logging.rego:42: eval_conflict_error: object keys must be unique
To understand the issue, I dug in the code and I think it is in this file rego/lib/aws/s3/s3_library.rego:57. This is the comparaison page between 2.9.1 and 2.9.2: v2.9.1...v2.9.2#diff-fde3629b9cf39db0cd719504defac97929251ea07446d63cea2142b8074c41f3
Thank you in advance for looking at this
Rasmey
The text was updated successfully, but these errors were encountered: