`terrascan` fails when using Terraform + variable image name with Kubernetes
mnaser opened this issue · 0 comments
mnaser commented
- terrascan version: v1.18.3
- Operating System: macOS 13.4 (22F66)
Description
terrascan fails when running against Terraform code where the image is a variable, it fails with an error:
2023-08-31T21:58:20.991-0400 error commons/extract-container-images.go:268 error fetching containers from k8s resource: /Users/mnaser/Code/terraform-kubernetes-mysql-query/main.tf:46,21-24: Variables not allowed; Variables may not be used here.
.. and then also bombs out:
Violation Details -
Description : Apply Security Context to Your Pods and Containers
File : main.tf
Module Name : root
Plan Root : ./
Line : 24
Severity : MEDIUM
-----------------------------------------------------------------------
even if it is there :)
What I Did
mkdir -p /tmp/terrascan-repro
pushd /tmp/terrascan-repro
curl -O https://gist.githubusercontent.com/mnaser/676e7a3b664c4f6eb1cea8635a2350ad/raw/09418debf39eccc79292abee8d1588e6ac825621/main.tf
curl -O https://gist.githubusercontent.com/mnaser/676e7a3b664c4f6eb1cea8635a2350ad/raw/09418debf39eccc79292abee8d1588e6ac825621/variables.tf
❯ terrascan scan --iac-type terraform
2023-08-31T22:06:45.147-0400 error commons/extract-container-images.go:268 error fetching containers from k8s resource: /tmp/terrascan-repro/main.tf:46,21-24: Variables not allowed; Variables may not be used here.
Violation Details -
Description : Apply Security Context to Your Pods and Containers
File : main.tf
Module Name : root
Plan Root : ./
Line : 24
Severity : MEDIUM
-----------------------------------------------------------------------
Scan Summary -
File/Folder : /tmp/terrascan-repro
IaC Type : terraform
Scanned At : 2023-09-01 02:06:45.783175 +0000 UTC
Policies Validated : 42
Violated Policies : 1
Low : 0
Medium : 1
High : 0