bug(terraform): merge with object changes input for kics #7196
Comments
|
Hi @granular-ryanbonham , Thank you for bringing this bug to our attention we opened an internal bug and will work on it as soon as possible. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Having a merge() which contains an inline defined object seems to change the output of locals from
${local.common_tags}in the universal json format tolocal.common_tags.Expected Behavior
Parsing scanning this terraform file
Generates this json which contains the expected result of
"tags": "${local.common_tags}"{ "document": [ { "id": "d336f75d-98b9-4223-890c-96f53fade0a0", "provider": { "aws": { "default_tags": { "tags": "${local.common_tags}" }, "region": "${var.REGION}" } }, "file": "/path/provider.tf" } ] }(Which results are expected from KICS?)
Actual Behavior
Now we add a second tf file with a resource which contains a merge() of our local with another object..
provider.tf
main.tf
Note the json now says
"tags": "local.common_tags"for the provider's default_tags, which is not expected.{ "document": [ { "id": "60a116ce-2924-4d6c-b6e8-378e9f52e0b3", "resource": { "aws_security_group": { "bastion": { "name_prefix": "bastion-", "tags": "${merge(\n local.common_tags,\n {\n Customer_Facing = \"no\"\n Name = \"bastion\"\n }\n )}", "vpc_id": "${data.terraform_remote_state.scheduler.outputs.vpc_id}" } } }, "file": "/path/main.tf" }, { "file": "/path/provider.tf", "id": "3a1cbbab-6c48-403d-ad99-880ccf5662cc", "provider": { "aws": { "default_tags": { "tags": "local.common_tags" }, "region": "${var.REGION}" } } } ] }Testing has shows this is occurs when the merge() is present. It also must be in a second file, if the resource and the provider block are in the same file this doesn't occur.
The text was updated successfully, but these errors were encountered: