Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Checkov fails to parse tf.json sources and returns an error to the console
See original GitHub issueDescribe the bug
When executing checkov against a directory with tf.json sources, an error is produced with the following message
_ _
___| |__ ___ ___| | _______ __
/ __| '_ \ / _ \/ __| |/ / _ \ \ / /
| (__| | | | __/ (__| < (_) \ V /
\___|_| |_|\___|\___|_|\_\___/ \_/
By bridgecrew.io | version: 1.0.716
terraform scan results:
Passed checks: 0, Failed checks: 0, Skipped checks: 0, Parsing errors: 1
Error parsing file /Users/marco.ferrer/my-project/cdk.tf.json
The contents of cdk.tf.json are as follows
{
"variable": {
"environment": {
"type": "string"
},
"aws_region": {
"default": "us-east-1",
"type": "string"
},
"aws_profile": {
"type": "string"
}
},
"terraform": {
"required_providers": {
"aws": {
"version": "~> 2.70.0",
"source": "aws"
}
}
},
"provider": {
"aws": [
{
"profile": "${var.aws_profile}",
"region": "${var.aws_region}",
"alias": "default"
},
{
"profile": "external",
"region": "us-west-1",
"skip_requesting_account_id": true,
"alias": "external"
}
]
},
"resource": {
"aws_secretsmanager_secret": {
"local-secret": {
"name": "internal-secret",
"provider": "aws.default"
},
"external-secret": {
"name": "external-secret",
"provider": "aws.external"
}
}
}
}
To Reproduce Steps to reproduce the behavior:
- Create a new directory
- Within this directory, create a new file with the suffix
.tf.json - Populate the file with the json example from above or any other valid
tf.jsondefinition - Execute
checkov -d ./path/to/your/new/directory - Review cli output for the parsing error
Expected behavior
The expected result is for the modules sources to be properly parsed and the built-in checkov rules asserted over the content
of the tf.json sources.
Desktop (please complete the following information):
- OS: macOSX 10.15.5
- Checkov Version 1.0.716 and earlier
Issue Analytics
- State:
- Created 3 years ago
- Comments:9 (5 by maintainers)
Top Results From Across the Web
checkov hanging after crash of lexer scanning terraform #2717
When running checkov against terraform formatted in a particular way a crash occurs in a child process and the checkov process hangs forever....
Read more >Receiving a parsing error while using Checkov - Stack Overflow
The parsing error occurs since checkov tries to scan the json plan file assuming it's cloudformation json and fails.
Read more >Terraform – Index - Wilson Mar
This tutorial is a step-by-step hands-on deep yet succinct introduction to learn to use HashiCorp's Terraform to build, change, and version ...
Read more >CLI Command Reference - checkov
With this option, Checkov will attempt to filter the runners based on the file type. For example, if you specify a “.tf” file,...
Read more >checkov - PyPI
It performs Software Composition Analysis (SCA) scanning which is a scan of open source packages and images for Common Vulnerabilities and Exposures (CVEs)....
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@robeden - It seems to have resolved all my issues, thanks 😃
~@chrisbloe - tfvars problems should be fixed as of a couple days ago (see #865).~
Well, maybe not given the type of error being reported. I think that’s a separate issue from this ticket, so you might want to post a sanitized data sample here or in another ticket, if possible.