tflint-ruleset-terraform icon indicating copy to clipboard operation
tflint-ruleset-terraform copied to clipboard

Published 20 hours ago verified publisher icon terraform-linters

Inconsistent results when evaluating multiple required_providers with override files

Open ccp-void opened this issue 1 year ago • 2 comments

Summary

There seems to be an issue with tflint when there exists multiple terraform blocks which terraform merges according to the override files feature. In my case I'm using Terragrunt and have a backend.tf, versions.tf and a versions_override.tf file when tflint is executed. When these three files exist with the example content tflint seems to suffer from a race condition or some other inconsistency in how it evaluates/merges the override file.

This issue manifests itself in that tflint will only intermittently report a linting error. Note how in the output provided I run tflint 7 times in a row in the shell, without any changes to the code in between, resulting in 2 out of those 7 executions reporting an error.

Command

tflint

Terraform Configuration

backend.tf

# Generated by Terragrunt. Sig: nIlQXj57tbuaRZEa
terraform {
  backend "s3" {
    bucket         = "bucket"
    dynamodb_table = "tf-locks"
    encrypt        = true
    key            = "path/to/tf.tfstate"
    region         = "us-east-1"
  }
}

provider.tf

# Generated by Terragrunt. Sig: nIlQXj57tbuaRZEa
provider "aws" {
  region              = "us-east-1"
  allowed_account_ids = ["111111111111"]
}

versions.tf

terraform {
  required_providers {
    kubectl = {
      source  = "gavinbunney/kubectl"
      version = ">= 1.14.0"
    }
  }
}

versions_override.tf

# Generated by Terragrunt. Sig: nIlQXj57tbuaRZEa
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = ">= 5.64.0"
    }
  }
  required_version = ">= 0.19"
}

TFLint Configuration

plugin "terraform" {
  enabled = true
  preset  = "recommended"
  version = "0.9.1"
  source  = "github.com/terraform-linters/tflint-ruleset-terraform"
}

plugin "aws" {
  enabled = true
  version = "0.32.0"
  source  = "github.com/terraform-linters/tflint-ruleset-aws"
}

config {
  module = true
}

Output

/tmp/tf                                                                                             
❯ tflint

/tmp/tf                                                                                             
❯ tflint

/tmp/tf                                                                                             
❯ tflint

/tmp/tf                                                                                             
❯ tflint
1 issue(s) found:

Warning: Missing version constraint for provider "aws" in `required_providers` (terraform_required_providers)

  on provider.tf line 2:
   2: provider "aws" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.8.0/docs/rules/terraform_required_providers.md

/tmp/tf                                                                                             
❯ tflint

/tmp/tf                                                                                             
❯ tflint

/tmp/tf                                                                                             
❯ tflint
1 issue(s) found:

Warning: Missing version constraint for provider "aws" in `required_providers` (terraform_required_providers)

  on provider.tf line 2:
   2: provider "aws" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.8.0/docs/rules/terraform_required_providers.md

TFLint Version

0.52.0, 0.53.0

Terraform Version

1.9.4

Operating System

  • [X] Linux
  • [ ] macOS
  • [ ] Windows

ccp-void avatar Aug 27 '24 07:08 ccp-void