Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Getting exceptions with tfparse 0.6.13 #228

Open
JonZeolla opened this issue Dec 23, 2024 · 2 comments
Open

Getting exceptions with tfparse 0.6.13 #228

JonZeolla opened this issue Dec 23, 2024 · 2 comments

Comments

@JonZeolla
Copy link
Contributor

This issue is new as of 0.6.13; I think it's related to the trivy update from v0.50.1 to v0.58.0 in this PR but I can't prove it yet.

Error

goroutine 17 [running, locked to thread]:
github.com/zclconf/go-cty/cty.Value.AsString({{{0x7f474917ba70?, 0xc0001141e1?}}, {0x0?, 0x0?}})
/tmp/tmpc9zo0uqm/pkg/mod/github.com/zclconf/[email protected]/cty/value_ops.go:1390 +0x10b
github.com/aquasecurity/trivy/pkg/iac/terraform.postProcessValues(0xc000c7c380, 0xc000d81860)
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/terraform/presets.go:52 +0x393
github.com/aquasecurity/trivy/pkg/iac/terraform.(*Block).Values(0xc000c7c380)
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/terraform/block.go:580 +0x185
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).getResources(0xc000818280)
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/scanners/terraform/parser/evaluator.go:581 +0x18e
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateStep(0xc000818280)
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/scanners/terraform/parser/evaluator.go:99 +0x17b
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateSteps(0xc000818280)
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/scanners/terraform/parser/evaluator.go:246 +0x152
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).EvaluateAll(0xc000818280, {0x7f474917b680, 0x7f4749fbb280})
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/scanners/terraform/parser/evaluator.go:135 +0x1eb
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateSubmodule(0xc000900a00, {0x7f474917b680, 0x7f4749fbb280}, 0xc000953740)
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/scanners/terraform/parser/evaluator.go:228 +0x1bb
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateSubmodules(0xc000900a00, {0x7f474917b680, 0x7f4749fbb280}, 0xc00092ca50)
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/scanners/terraform/parser/evaluator.go:164 +0x43f
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).EvaluateAll(0xc000900a00, {0x7f474917b680, 0x7f4749fbb280})
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/scanners/terraform/parser/evaluator.go:142 +0x294
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateSubmodule(0xc0005c08c0, {0x7f474917b680, 0x7f4749fbb280}, 0xc000928300)
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/scanners/terraform/parser/evaluator.go:228 +0x1bb
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateSubmodules(0xc0005c08c0, {0x7f474917b680, 0x7f4749fbb280}, 0xc0005ae570)
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/scanners/terraform/parser/evaluator.go:164 +0x43f
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).EvaluateAll(0xc0005c08c0, {0x7f474917b680, 0x7f4749fbb280})
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/scanners/terraform/parser/evaluator.go:142 +0x294
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*Parser).EvaluateAll(0xc0004666c0, {0x7f474917b680, 0x7f4749fbb280})
/tmp/tmpc9zo0uqm/pkg/mod/github.com/cloud-custodian/[email protected]/pkg/iac/scanners/terraform/parser/parser.go:342 +0x90
github.com/cloud-custodian/tfparse/gotfparse/pkg/converter.NewTerraformConverter({0xc00006c0c0, 0x59}, {0xc000622140, 0x2, 0x7f4748e46b60?})
/tmp/tmpc9zo0uqm/src/github.com/cloud-custodian/tfparse/gotfparse/gotfparse/pkg/converter/converter.go:372 +0x187
main.Parse(0x0?, 0x0, 0x0, 0x0, 0x1a79a90, 0x0, 0x7fffd9ec1530)
/tmp/tmpc9zo0uqm/src/github.com/cloud-custodian/tfparse/gotfparse/gotfparse/cmd/tfparse/main.go:46 +0x5bc
@ajkerrigan
Copy link
Member

Thanks for the report - would you be able to share the Terraform module you're scanning when you hit this error? Following the stack trace there it looks like it might be dying while trying to patch the arn of an aws_s3_bucket block here.

But using tfparse 0.6.13 with a test module that has s3 buckets defined, I'm seeing the arn outputs I expect. Wonder if there's a specific type of bucket name that's causing it trouble, or if I'm looking in the wrong spot 🧐 .

@JonZeolla
Copy link
Contributor Author

Thanks for taking a look. I will look into this a bit more. Unfortunately it's in one of my more sensitive and more complex modules which use many other modules. I did try to get a MRE but haven't had a chance to nail it down yet.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JonZeolla @ajkerrigan