Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug(terraform): TFPlan parser overwrittes resources with same type and name #7307

Open
ivangonzalezz opened this issue Dec 13, 2024 · 1 comment
Open

bug(terraform): TFPlan parser overwrittes resources with same type and name #7307

ivangonzalezz opened this issue Dec 13, 2024 · 1 comment
Labels
aws PR related with AWS Cloud bug Something isn't working community Community contribution terraform Terraform query

Comments

@ivangonzalezz
Copy link

This bug is an extension of #7265 , where the parser overwrites resources with the same type:

The map entry is initialized for each child module and overrides the resources from modules up the tree

kics/pkg/parser/json/tfplan.go

Line 67 in c17d26e

convNamedRes := make(map[string]KicsPlanNamedResource)

In this issue, when two resources have the same type and the same name, they are overwritten and only the last one is kept:

kics/pkg/parser/json/tfplan.go

Lines 70 to 73 in 67de28c

// fill in all the types interfaces
for _, resource := range module.Resources {
kp.Resource[resource.Type][resource.Name] = resource.AttributeValues
}

For example, the following TFPlan with two resources of type aws_s3_bucket, each of them with name this, as it's expected from the official aws_s3_bucket module:

{
    "format_version": "1.2",
    "terraform_version": "1.9.0",
    "planned_values": {
        "root_module": {
            "child_modules": [
                {
                    "resources": [
                        {
                            "resources": [
                                {
                                    "address": "module.s3.module.s3_bucket.aws_s3_bucket.this[0]",
                                    "mode": "managed",
                                    "type": "aws_s3_bucket",
                                    "name": "this",
                                    "index": 0,
                                    "provider_name": "registry.terraform.io/hashicorp/aws",
                                    "schema_version": 0,
                                    "values": {},
                                    "sensitive_values": {}
                                }
                            ],
                            "address": "module.s3.module.s3_bucket"
                        },
                        {
                            "resources": [
                                {
                                    "address": "module.s3.module.log_bucket.aws_s3_bucket.this[0]",
                                    "mode": "managed",
                                    "type": "aws_s3_bucket",
                                    "name": "this",
                                    "index": 0,
                                    "provider_name": "registry.terraform.io/hashicorp/aws",
                                    "schema_version": 0,
                                    "values": {},
                                    "sensitive_values": {}
                                }
                            ],
                            "address": "module.s3.module.log_bucket"
                        }
                    ]
                }
            ]
        }
    }
}

Maybe it could be considered to change the data model from a map identified by the resource name to a slice/array of resources.
@ivangonzalezz ivangonzalezz added bug Something isn't working community Community contribution labels Dec 13, 2024
@kicsbot
Copy link
Contributor

kicsbot commented Dec 13, 2024

Please, follow the guideline for an issue title:

For bug:

bug(<scope>): <title starting with lowercase letter>

For query:

query(<platform>): <title starting with lowercase letter>

For feature request:

feat(<scope>): <title starting with lowercase letter>

Thank you!
KICS Team

@github-actions github-actions bot added terraform Terraform query aws PR related with AWS Cloud labels Dec 13, 2024
@ivangonzalezz ivangonzalezz mentioned this issue Dec 13, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
aws PR related with AWS Cloud bug Something isn't working community Community contribution terraform Terraform query
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ivangonzalezz @kicsbot