Versions
SonarQube: 9.9.0.65466
Scanner: 4.8.0.2856
Deployment
Helm chart: 8.0.0
Goal
Scan terraform IaC
Tried
Running analysis on GitLab repo with terraform IaC that is used in active deployments
Error
We receive ~10 parser errors related to variable names with underscores (either the variable name is _
or begins with _
). This is perfectly valid terraform code and as I mentioned earlier we are actively using this exact code to deploy our infrastructure.
Variable name is _
:
ERROR: Unable to parse file: file:///builds/sonarqube-testing/cicd/modules/cicd-sa/gitlabs.tf. Parse error at position 13:0
ERROR: Cannot parse 'cicd/modules/cicd-sa/gitlabs.tf': Parse error at line 13 column 38:
3: for_each = {
4: dev-0 = false
5: production = true
6: }
7:
8: project = each.key == "production" ? "REDACTED" : "REDACTED-${each.key}"
9: allow_production_writes = each.value
10: }
11:
12: locals {
13: dev-readers-gitlab = flatten([for _, instance in module.gitlabs : instance.dev.readers])
^
14: dev-writers-gitlab = flatten([for _, instance in module.gitlabs : instance.dev.writers])
15: prod-readers-gitlab = flatten([for _, instance in module.gitlabs : instance.production.readers])
16: prod-writers-gitlab = flatten([for _, instance in module.gitlabs : instance.production.writers])
17: }
18:
Variable name begins with _
:
ERROR: Unable to parse file: file:///builds/sonarqube-testing/redacted/monolith/k8s.tf. Parse error at position 2:0
ERROR: Cannot parse 'redacted/monolith/k8s.tf': Parse error at line 2 column 3:
1: locals {
2: _namespaces = var.danger_prepare_for_shutdown ? {} : {
^
3: "redacted" = {}
4: "redacted-failures" = {}
5: "redacted-qc" = {}
6: "redacted-operator" = {}
7: "redacted-publisher" = {}
8: "redacted-demo-spreadsheet" = {}
9: }
10:
11: namespaces = {
12: for namespace, _ in local._namespaces :