Terravision fails with "Unhandled error: <class 'TypeError'>, can only concatenate str (not "bool") to str"

[BaffledJimmy]

Hello,

I am having a problem running Terravision against some TF that creates an EC2, VPC, subnet, routing table, internet gateway and a SG with some CIDRs in it. Basically an EC2 in AWS and the supporting stuff it needs to get online / be reachable. I also have a count argument so I can make multiple EC2s at the same time. TF also templates out an Ansible inventory via a local-file template. Don't think makes any odds, but on M1 MacBook.

Am using code cloned this morning so current version.
Environment:

pip list
Package                   Version
------------------------- --------
altgraph                  0.17.4
certifi                   2024.2.2
charset-normalizer        3.3.2
click                     8.1.3
debugpy                   1.5.1
gitdb                     4.0.11
GitPython                 3.1.31
graphviz                  0.20.1
idna                      3.6
ipaddr                    2.2.0
lark                      1.1.9
macholib                  1.16.3
numpy                     1.26.4
packaging                 23.2
pip                       24.0
pyinstaller               6.4.0
pyinstaller-hooks-contrib 2024.2
python-hcl2               4.3.0
PyYAML                    6.0.1
requests                  2.28.2
setuptools                65.6.3
smmap                     5.0.1
tqdm                      4.65.0
urllib3                   1.26.18


 python --version
Python 3.12.2

(venv) ➜ Terraform git:(main) ✗ tree
.
├── ansible_inventory.tpl
├── instance.tf
├── outputs.tf
├── providers.tf
├── security_group.tf
├── variables.tf
└── vpc.tf

1 directory, 7 files

I am running Terravision inside a venv so that I can manage the pip dependencies, but also get the same error when running on a raw Ubuntu docker container.

The exact error is:

./terravision draw --source ~/Dev/Project/Terraform --debug

TypeError: can only concatenate str (not "bool") to str

A full command output is here:

Preflight check..
dot command detected: /usr/bin/dot
gvpr command detected: /usr/bin/gvpr
git command detected: /usr/bin/git
terraform command detected: /usr/bin/terraform

Checking Terraform Version...

Initializing the backend...

Initializing provider plugins...

• Reusing previous version of hashicorp/aws from the dependency lock file
• Installing hashicorp/aws v5.39.1...
• Installed hashicorp/aws v5.39.1 (signed by HashiCorp)

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Terraform v1.7.4

Initalising workspace: default

Generating Terraform Plan..

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:

• create

Terraform will perform the following actions:

aws_instance.EC2Workstation[0] will be created

• resource "aws_instance" "EC2Workstation" {

  • ami = "ami-0d18e50ca22537278"

  • arn = (known after apply)

  • associate_public_ip_address = true

  • availability_zone = (known after apply)

  • cpu_core_count = (known after apply)

  • cpu_threads_per_core = (known after apply)

  • disable_api_stop = (known after apply)

  • disable_api_termination = (known after apply)

  • ebs_optimized = (known after apply)

  • get_password_data = false

  • host_id = (known after apply)

  • host_resource_group_arn = (known after apply)

  • iam_instance_profile = (known after apply)

  • id = (known after apply)

  • instance_initiated_shutdown_behavior = (known after apply)

  • instance_lifecycle = (known after apply)

  • instance_state = (known after apply)

  • instance_type = "t2.medium"

  • ipv6_address_count = (known after apply)

  • ipv6_addresses = (known after apply)

  • key_name = "SSHKey"

  • monitoring = (known after apply)

  • outpost_arn = (known after apply)

  • password_data = (known after apply)

  • placement_group = (known after apply)

  • placement_partition_number = (known after apply)

  • primary_network_interface_id = (known after apply)

  • private_dns = (known after apply)

  • private_ip = (known after apply)

  • public_dns = (known after apply)

  • public_ip = (known after apply)

  • secondary_private_ips = (known after apply)

  • security_groups = (known after apply)

  • source_dest_check = true

  • spot_instance_request_id = (known after apply)

  • subnet_id = (known after apply)

  • tags = {

    • "Name" = "EC2Workstation-001"
      }

  • tags_all = {

    • "Name" = "EC2Workstation-001"
      }

  • tenancy = (known after apply)

  • user_data = (known after apply)

  • user_data_projecte64 = (known after apply)

  • user_data_replace_on_change = false

  • vpc_security_group_ids = (known after apply)

  • root_block_device {

    • delete_on_termination = true
    • device_name = (known after apply)
    • encrypted = true
    • iops = (known after apply)
    • kms_key_id = (known after apply)
    • tags_all = (known after apply)
    • throughput = (known after apply)
    • volume_id = (known after apply)
    • volume_size = 8
    • volume_type = (known after apply)
      }
      }

aws_internet_gateway.project_internetgateway will be created

• resource "aws_internet_gateway" "project_internetgateway" {
  • arn = (known after apply)
  • id = (known after apply)
  • owner_id = (known after apply)
  • tags = {
    • "Name" = "MyInternetGateway"
      }
  • tags_all = {
    • "Name" = "MyInternetGateway"
      }
  • vpc_id = (known after apply)
    }

aws_route_table.project_route_table will be created

• resource "aws_route_table" "project_route_table" {
  • arn = (known after apply)
  • id = (known after apply)
  • owner_id = (known after apply)
  • propagating_vgws = (known after apply)
  • route = [
    • {
      • carrier_gateway_id = ""
      • cidr_block = "0.0.0.0/0"
      • core_network_arn = ""
      • destination_prefix_list_id = ""
      • egress_only_gateway_id = ""
      • gateway_id = (known after apply)
      • ipv6_cidr_block = ""
      • local_gateway_id = ""
      • nat_gateway_id = ""
      • network_interface_id = ""
      • transit_gateway_id = ""
      • vpc_endpoint_id = ""
      • vpc_peering_connection_id = ""
        },
        ]
  • tags = {
    • "Name" = "project_RouteTable"
      }
  • tags_all = {
    • "Name" = "project_RouteTable"
      }
  • vpc_id = (known after apply)
    }

aws_route_table_association.a will be created

• resource "aws_route_table_association" "a" {
  • id = (known after apply)
  • route_table_id = (known after apply)
  • subnet_id = (known after apply)
    }

aws_security_group.SG_projectFirewalling will be created

• resource "aws_security_group" "SG_projectFirewalling" {
  • arn = (known after apply)
  • description = "Allow specific access for EC2 instances"
  • egress = [
    • {
      • cidr_blocks = [
        • "0.0.0.0/0",
          ]
      • description = ""
      • from_port = 0
      • ipv6_cidr_blocks = []
      • prefix_list_ids = []
      • protocol = "-1"
      • security_groups = []
      • self = false
      • to_port = 0
        },
        ]
  • id = (known after apply)
  • ingress = [
    • {
      • cidr_blocks = [
        • "0.0.0.0/0",
          ]
      • description = ""
      • from_port = -1
      • ipv6_cidr_blocks = []
      • prefix_list_ids = []
      • protocol = "icmp"
      • security_groups = []
      • self = false
      • to_port = -1
        },
    • {
      • cidr_blocks = [
        • "0.0.0.0/0",
          ]
      • description = ""
      • from_port = 443
      • ipv6_cidr_blocks = []
      • prefix_list_ids = []
      • protocol = "tcp"
      • security_groups = []
      • self = false
      • to_port = 443
        },
    • {
      • cidr_blocks = [
        • "0.0.0.0/0",
          ]
      • description = ""
      • from_port = 53
      • ipv6_cidr_blocks = []
      • prefix_list_ids = []
      • protocol = "tcp"
      • security_groups = []
      • self = false
      • to_port = 53
        },
    • {
      • cidr_blocks = [
        • "0.0.0.0/0",
          ]
      • description = ""
      • from_port = 53
      • ipv6_cidr_blocks = []
      • prefix_list_ids = []
      • protocol = "udp"
      • security_groups = []
      • self = false
      • to_port = 53
        },
    • {
      • cidr_blocks = [
        • "0.0.0.0/0",
          ]
      • description = ""
      • from_port = 80
      • ipv6_cidr_blocks = []
      • prefix_list_ids = []
      • protocol = "tcp"
      • security_groups = []
      • self = false
      • to_port = 80
        },
    • {
      • cidr_blocks = [
        • "0.0.0.0/0",
          ]
      • description = ""
      • from_port = 8443
      • ipv6_cidr_blocks = []
      • prefix_list_ids = []
      • protocol = "tcp"
      • security_groups = []
      • self = false
      • to_port = 8443
        },
    • {
      • cidr_blocks = [
        [redacted list of CIDRs]]
        ]
      • description = ""
      • from_port = 22
      • ipv6_cidr_blocks = []
      • prefix_list_ids = []
      • protocol = "tcp"
      • security_groups = []
      • self = false
      • to_port = 22
        },
    • {
      • cidr_blocks = [
        [redacted list of CIDRs]]
        ]
      • description = ""
      • from_port = 3389
      • ipv6_cidr_blocks = []
      • prefix_list_ids = []
      • protocol = "tcp"
      • security_groups = []
      • self = false
      • to_port = 3389
        },
        ]
  • name = "SG-projectFirewalling"
  • name_prefix = (known after apply)
  • owner_id = (known after apply)
  • revoke_rules_on_delete = false
  • tags_all = (known after apply)
  • vpc_id = (known after apply)
    }

aws_subnet.project_subnet will be created

• resource "aws_subnet" "project_subnet" {
  • arn = (known after apply)
  • assign_ipv6_address_on_creation = false
  • availability_zone = (known after apply)
  • availability_zone_id = (known after apply)
  • cidr_block = "10.0.1.0/24"
  • enable_dns64 = false
  • enable_resource_name_dns_a_record_on_launch = false
  • enable_resource_name_dns_aaaa_record_on_launch = false
  • id = (known after apply)
  • ipv6_cidr_block_association_id = (known after apply)
  • ipv6_native = false
  • map_public_ip_on_launch = true
  • owner_id = (known after apply)
  • private_dns_hostname_type_on_launch = (known after apply)
  • tags = {
    • "Name" = "project_subnet"
      }
  • tags_all = {
    • "Name" = "project_subnet"
      }
  • vpc_id = (known after apply)
    }

aws_vpc.project_vpc will be created

• resource "aws_vpc" "project_vpc" {
  • arn = (known after apply)
  • cidr_block = "10.0.0.0/16"
  • default_network_acl_id = (known after apply)
  • default_route_table_id = (known after apply)
  • default_security_group_id = (known after apply)
  • dhcp_options_id = (known after apply)
  • enable_dns_hostnames = true
  • enable_dns_support = true
  • enable_network_address_usage_metrics = (known after apply)
  • id = (known after apply)
  • instance_tenancy = "default"
  • ipv6_association_id = (known after apply)
  • ipv6_cidr_block = (known after apply)
  • ipv6_cidr_block_network_border_group = (known after apply)
  • main_route_table_id = (known after apply)
  • owner_id = (known after apply)
  • tags = {
    • "Name" = "project_vpc"
      }
  • tags_all = {
    • "Name" = "project_vpc"
      }
      }

Plan: 7 to add, 0 to change, 0 to destroy.

Changes to Outputs:

• instance_names = [
  • "EC2Workstation-001",
    ]
• instance_public_ips = [
  • (known after apply),
    ]

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: /tmp/tfplan.bin

To perform exactly these actions, run the following command to apply:
terraform apply "/tmp/tfplan.bin"

Analysing plan..

Unprocessed terraform graph dictionary:

{
"aws_instance.EC2Workstation1": [],
"aws_internet_gateway.project_internetgateway": [
"aws_route_table.project_route_table"
],
"aws_route_table.project_route_table": [
"aws_route_table_association.a"
],
"aws_route_table_association.a": [],
"aws_security_group.SG_projectFirewalling": [
"aws_instance.EC2Workstation1"
],
"aws_subnet.project_subnet": [
"aws_instance.EC2Workstation~1",
"aws_route_table_association.a"
],
"aws_vpc.project_vpc": [
"aws_internet_gateway.project_internetgateway",
"aws_security_group.SG_projectFirewalling",
"aws_subnet.project_subnet",
"aws_subnet.project_subnet"
]
}

Parsing Terraform Source Files..
Added Source Location: /tmp/EC2Workstation/Terraform
Parsing /tmp/EC2Workstation/Terraform/outputs.tf
Found 2 output stanza(s)
Parsing /tmp/EC2Workstation/Terraform/security_group.tf
Found 1 resource stanza(s)
Parsing /tmp/EC2Workstation/Terraform/providers.tf
Parsing /tmp/EC2Workstation/Terraform/variables.tf
Found 5 variable stanza(s)
Parsing /tmp/EC2Workstation/Terraform/instance.tf
Found 1 resource stanza(s)
Parsing /tmp/EC2Workstation/Terraform/vpc.tf
Found 5 resource stanza(s)

Processing variables..

Processing resources..
aws_security_group.SG_projectFirewalling
aws_instance.EC2Workstation
aws_vpc.project_vpc
aws_internet_gateway.project_internetgateway
aws_subnet.project_subnet
aws_route_table.project_route_table
aws_route_table_association.a

Checking for additional links between 7 resources..
aws_vpc.project_vpc --> aws_route_table.project_route_table

Unhandled error: <class 'TypeError'>, can only concatenate str (not "bool") to str, <traceback object at 0xffff91ddcbc0>

The Dockerfile if needed is also here (adapted from a PR):

Use the latest Ubuntu base image

FROM ubuntu:latest

Install Graphviz and other dependencies

RUN apt-get update && apt-get install -y
graphviz
git
python3-pip
python-is-python3
gnupg
software-properties-common
wget
&& wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | tee /usr/share/keyrings/hashicorp-archive-keyring.gpg > /dev/null
&& echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(. /etc/os-release && echo $VERSION_CODENAME) main" | tee /etc/apt/sources.list.d/hashicorp.list
&& apt-get update
&& apt-get install -y terraform
&& rm -rf /var/lib/apt/lists/*

Set the working directory to the Terravision directory

WORKDIR /app/

Install Terravision dependencies from requirements.txt

COPY . .
RUN pip install -r requirements.txt

Grant execution permission to the terravision script

RUN chmod +x terravision

Default command to be executed when the container starts

CMD ["./terravision", "draw", "--source", "/tmp/Project/Terraform"]

And the container is built and run with:

docker build . --platform=linux/arm64 --tag terravision:latest --no-cache
docker run -v $(pwd)/../Project/Terraform:/tmp/Project/Terraform/ -e AWS_ACCESS_KEY_ID="blah" -e AWS_SECRET_ACCESS_KEY="blah" -e AWS_SESSION_TOKEN="blah" terravision:latest

[PaulRoze]

I got the same issue 😞

Checking for additional links between 16 resources..
Unhandled error: <class 'TypeError'>, can only concatenate str (not "bool") to str, <traceback object at 0x11f9f3980>