Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support for cnspec scan terraform excluding .terraform directory #605

Closed
crcsmnky opened this issue Jun 2, 2023 · 1 comment · Fixed by mondoohq/cnquery#2746
Closed

support for cnspec scan terraform excluding .terraform directory #605

crcsmnky opened this issue Jun 2, 2023 · 1 comment · Fixed by mondoohq/cnquery#2746
Assignees
@chris-rock

Comments

@crcsmnky
Copy link

crcsmnky commented Jun 2, 2023
edited
Loading

Is your feature request related to a problem? Please describe.
When running cnspec scan terraform as part of our Atlantis pipeline, scans seem to be causing delays when trying to run other Terraform plans because of access to the .terraform directory

Describe the solution you'd like
A cnspec flag to explicitly exclude the .terraform directory when scanning HCL

Describe alternatives you've considered
None

Additional context
Steps to reproduce behavior using cnspec shell (edited CLI output for brevity):

cp example.tf /tmp/cnspec-test
cd /tmp/cnspec-test

cnspec shell terraform .

cnspec> terraform.modules
terraform.modules: []
cnspec> exit

terraform init

cnspec shell terraform .

cnspec> terraform.modules
terraform.modules: [
  0: terraform.module key=""
  1: terraform.module key="pubsub"
]

example.tf:

module "pubsub" {
  source  = "terraform-google-modules/pubsub/google"
  version = "~> 5.0"

  project_id = "my-project-id"
  topic      = "cft-tf-pubsub-topic"

  topic_labels = {
    foo_label = "foo_value"
    bar_label = "bar_value"
  }

  pull_subscriptions = [
    {
      name                         = "pull"
      ack_deadline_seconds         = 10
      enable_exactly_once_delivery = true
    },
  ]
}
@arlimus arlimus self-assigned this Nov 20, 2023
@chris-rock chris-rock assigned chris-rock and unassigned arlimus Dec 4, 2023
@chris-rock chris-rock mentioned this issue Dec 12, 2023
Merged
@chris-rock
Copy link
Member

fixed via mondoohq/cnquery#2746 and released in latest cnspec + terraform provider

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@chris-rock chris-rock

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

⭐️ allow users to ignore .terraform directory mondoohq/cnquery
3 participants
@crcsmnky @chris-rock @arlimus