terrascan
terrascan copied to clipboard
tenable
Skip No Terraform Config Files Error
terrascan version: 1.14.0 Operating System: Linux (ubuntu 20.04)
Description: Hoping to have a flag to skip/ignore the error code regarding not having terraform config files within a directory. I am using Azure DevOps and because of the "4" error code, the pipeline does not proceed despite having no pressing violations/other errors. Still want to be able to pick up on other errors in configuration.
What I Did: terrascan scan -t azure -i terraform --skip-rules="AC_AZURE_XXXX" --show-passed -v -o junit-xml > $(System.DefaultWorkingDirectory)/TerrascanReport/Terrascan-Report.xml
It was only when I passed the command through the console (no -o flag) that I saw the reason for the error: directory '/xxx/scripts' has no terraform config files
Desired Outcome: There are two situations where it would be helpful to have a flag to ignore the above error:
-directories that contain directories with and without terraform files (i.e. within /xxx there is a /xxx/scripts and /xxx/terraformfiles)
-directories that contain terraform files recursively (ie /modules/moduleA/terraformfiles currently gets an error because technically the moduleA directory is not a terraform file. All the files were scanned for violations but it still counted as an error).
Thank you.
This error is here: https://github.com/tenable/terrascan/blob/master/pkg/iac-providers/terraform/commons/load-dir.go#L135
It also appears here (non-recursive): https://github.com/tenable/terrascan/blob/master/pkg/iac-providers/terraform/commons/load-dir.go#L261
The non-recursive version probably needs this error, otherwise it doesn't make sense - to scan a folder non-recursively and not find any files.
However, in the recursive version, it is unreasonable to expect this.
Update: thanks! did not see PR before.
Hello, I'm a little confused by those links. Is there a way to change the behavior of the error? What do you recommend as next steps here @tolidano
