Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TERRAFORM_TERRASCAN_CONFIG_FILE doesn't work #5762

Closed
5 tasks done
yuritur opened this issue Jun 11, 2024 · 4 comments
Closed
5 tasks done

TERRAFORM_TERRASCAN_CONFIG_FILE doesn't work #5762

yuritur opened this issue Jun 11, 2024 · 4 comments
Labels
bug Something isn't working

Comments

@yuritur
Copy link

yuritur commented Jun 11, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Are you using the latest Super-linter version available?

  • I am using the latest Super-linter version.

  • I can reproduce the issue running Super-linter using complete version identifier (example: vX.Y.Z), and not just with a partial one (example: vX)

  • I am using the super-linter/super-linter action or container image, and not the deprecated github/super-linter action or container image.

Are you resonably sure that it's a Super-linter issue, and not an issue related to a tool that Super-linter runs?

  • I think that this is a Super-linter issue.

Current Behavior

If you set TERRAFORM_TERRASCAN_CONFIG_FILE to some **/*.toml path, it doesn't work.

Expected Behavior

It should work without issues and take rules from TERRAFORM_TERRASCAN_CONFIG_FILE.

Super-Linter version

v6.6.0

Relevant log output

  2024-06-11 21:22:54 [FATAL]     -> TERRAFORM_TERRASCAN_LINTER_RULES rules file (/action/lib/.automation/infra/terrascan.toml) doesn't exist.

Steps To Reproduce

  1. Set TERRAFORM_TERRASCAN_CONFIG_FILE to some unusual terrascan.toml path.
  2. Run super linter

Anything else?

Most likely, you have old or legacy TERRAFORM_TERRASCAN_LINTER_RULES parameter, which should be replaced by TERRAFORM_TERRASCAN_CONFIG_FILE.

super-linter/lib/functions/linterCommands.sh

Line 127 in 5b5d2f7

LINTER_COMMANDS_ARRAY_TERRAFORM_TERRASCAN=(terrascan scan -i terraform -t all -c "${TERRAFORM_TERRASCAN_LINTER_RULES}" -f)

@yuritur yuritur added the bug Something isn't working label Jun 11, 2024
@ferrarimarco
Copy link
Collaborator

Hi!

Can you post your super-linter configuration?

Anything else?

Most likely, you have old or legacy TERRAFORM_TERRASCAN_LINTER_RULES parameter, which should be replaced by TERRAFORM_TERRASCAN_CONFIG_FILE.

super-linter/lib/functions/linterCommands.sh

Line 127 in 5b5d2f7

LINTER_COMMANDS_ARRAY_TERRAFORM_TERRASCAN=(terrascan scan -i terraform -t all -c "${TERRAFORM_TERRASCAN_LINTER_RULES}" -f)

I don't think so. The TERRAFORM_TERRASCAN_LINTER_RULES is automatically created by Super-linter. Its value is the full path to the terrascan configuration file.

@yuritur
Copy link
Author

yuritur commented Jun 14, 2024

@ferrarimarco

      - name: Run Lint
        uses: super-linter/super-linter/slim@v6.6.0
        env:
          # enforce linting of all files
          VALIDATE_ALL_CODEBASE: true
          GITHUB_TOKEN: ${{ secrets.SUPER_LINTER_GH_TOKEN }}

          # Remove Python linting, because we use more specific rules in another GitHub Actions workflow.
          VALIDATE_PYTHON_MYPY: false
          VALIDATE_PYTHON_PYLINT: false
          VALIDATE_PYTHON_RUFF: false
          VALIDATE_PYTHON_ISORT: false

          TERRAFORM_TERRASCAN_CONFIG_FILE: "infra/terrascan.toml"

I added parameter as explained here.

Maybe I missed something, but I see that this parameter is only used here:

super-linter/lib/linter.sh

Line 245 in 5b5d2f7

TERRAFORM_TERRASCAN_FILE_NAME="${TERRAFORM_TERRASCAN_CONFIG_FILE:-terrascan.toml}"

And TERRAFORM_TERRASCAN_FILE_NAME is never used in any other part of the code.

@ferrarimarco
Copy link
Collaborator

ferrarimarco commented Jun 15, 2024
edited
Loading 

      TERRAFORM_TERRASCAN_CONFIG_FILE: "infra/terrascan.toml"

This is the issue. As you can see from the README, the definition of that variable is (I added emphasis):

Filename for terrascan configuration (ex: terrascan.toml)

All those variables to set configuration file names are, in fact, for just the file name, not the path, and are relative to LINTER_RULES_PATH, that is set to .github/linters by default. That's why Super-linter expects that your Terrascan configuration file is in /action/lib/.automation/infra/terrascan.toml

Maybe I missed something, but I see that this parameter is only used here:

super-linter/lib/linter.sh

Line 245 in 5b5d2f7

TERRAFORM_TERRASCAN_FILE_NAME="${TERRAFORM_TERRASCAN_CONFIG_FILE:-terrascan.toml}"

And TERRAFORM_TERRASCAN_FILE_NAME is never used in any other part of the code.

It is 😄. You don't find that specific string because Super-linter dynamically builds variables. See https://github.com/super-linter/super-linter/blob/main/lib/functions/linterRules.sh if you're interested about the implementation details.

To fix your issue, I would unset TERRAFORM_TERRASCAN_CONFIG_FILE because your Terrascan file name is terrascan.toml (the default), and set LINTER_RULES_PATH to where your linter configuration files are in your repository.

@yuritur
Copy link
Author

yuritur commented Jun 17, 2024
edited
Loading

@ferrarimarco Thanks for your help!
My bad, I'll be more attentive to the documentation next time!

@yuritur yuritur closed this as completed Jun 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ferrarimarco @yuritur