bug: Check with module defaults #53
Comments
|
hey @dsfrederic - tfsec uses the default values specified for variables when doing scanning unless the |
|
Hey @owenrumney, this doesn't seem to work either... This is the result So as you can see tfsec didn't pickup the default value. repository: https://github.com/cgk-ds-be/terraform-azurerm-datalake |
|
I understand now - my bad. So it looks like you've found a short fall in the tfsec-pr-commenter. I suspect what is happening is that resulting failure doesn't match up to the line that changed in the hunk of the PR. Its a legit bug and one I'm surprised hasn't hit more people. Leave it with me Also, I'm going to move this to github.com/aquasecurity/tfsec-pr-commenter-action for tracking |
owenrumney
changed the title
|
@owenrumney Actually this might not be a bug. It seems like TFSec doesn't check this parameter.
I was thinking it was the same security check as this one: https://aquasecurity.github.io/tfsec/v1.8.0/checks/azure/storage/no-public-access/ My apologies! |
|
I think it's a side bug too. Pretty much as soon as I saw it I figured it wouldn't work |
|
I just saw you're using the VSCode Plugin - this makes me very happy @dsfrederic 🎉 |
|
Of course! It's awesome! 🚀 |
Is your feature request related to a problem? Please describe.
I'd want to run TfSec before publishing my TF module. It seems like tfsec is not validating the code with default values filled in.
Describe the solution you'd like
Run TFSec with module defaults
Describe alternatives you've considered
Add TFVars file with the same default values?
Additional context
The text was updated successfully, but these errors were encountered: