Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Terraform module hotfixes according to the linter's suggestions. #2

Open
wants to merge 2 commits into
base: terraform-05b
Choose a base branch
from
Open

Terraform module hotfixes according to the linter's suggestions. #2

wants to merge 2 commits into from

Conversation

a-prokopyev-resume
Copy link
Owner

Запустил линтеры 06:55 root@workstation /Homework/07-terraform-new/04 6:# > /utils/iac/lint_terraform.sh ./src:

06:55 root@workstation /Homework/07-terraform-new/04 6:# > /utils/iac/lint_terraform.sh ./src
6 issue(s) found:

Warning: Module source "git::https://github.com/udjin10/yandex_compute_instance.git?ref=main" uses a default branch as ref (main) (terraform_module_pinned_source)

  on main.tf line 14:
  14:   source          = "git::https://github.com/udjin10/yandex_compute_instance.git?ref=main"

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_module_pinned_source.md

Warning: Missing version constraint for provider "template" in `required_providers` (terraform_required_providers)

  on main.tf line 42:
  42: data "template_file" "cloudinit" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_required_providers.md

Warning: [Fixable] variable "vpc_name" is declared but not used (terraform_unused_declarations)

  on variables.tf line 28:
  28: variable "vpc_name" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_unused_declarations.md

Warning: [Fixable] variable "vm_db_name" is declared but not used (terraform_unused_declarations)

  on variables.tf line 44:
  44: variable "vm_db_name" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_unused_declarations.md

Warning: [Fixable] local.ssh_user is declared but not used (terraform_unused_declarations)

  on variables.tf line 63:
  63:   ssh_user="ubuntu"

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_unused_declarations.md

Warning: [Fixable] Interpolation-only expressions are deprecated in Terraform v0.12.14 (terraform_deprecated_interpolation)

  on variables.tf line 64:
  64:   ssh_public_key = "${file(".ssh/ed25519.pub")}"

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_deprecated_interpolation.md

2023-11-24 01:55:47,452 [MainThread  ] [WARNI]  Failed to download module git::https://github.com/udjin10/yandex_compute_instance.git?ref=main:None (for external modules, the --download-external-modules flag is required)


       _               _              
   ___| |__   ___  ___| | _______   __
  / __| '_ \ / _ \/ __| |/ / _ \ \ / /
 | (__| | | |  __/ (__|   < (_) \ V / 
  \___|_| |_|\___|\___|_|\_\___/ \_/  
                                      

Check: CKV_TF_1: "Ensure Terraform module sources use a commit hash"
        FAILED for resource: udjin10-module
        File: /main.tf:13-30
        Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/supply-chain-policies/terraform-policies/ensure-terraform-module-sources-use-git-url-with-commit-hash-revision

                13 | module "udjin10-module" {
                14 |   source          = "git::https://github.com/udjin10/yandex_compute_instance.git?ref=main"
                15 |   env_name        = "develop"
                16 |   network_id      = module.my_vpc.result.network_id
                17 |   subnet_zones    = [ var.default_zone ]
                18 |   subnet_ids      = [ module.my_vpc.result.subnet_id ]
                19 |   instance_name   = var.vm_web_name
                20 |   instance_count  = 1
                21 |   image_family    = var.vm_image_family 
                22 |   platform        = "standard-v2"
                23 |   public_ip       = true
                24 | 
                25 |   metadata = {
                26 |       user-data          = data.template_file.cloudinit.rendered
                27 |       serial-port-enable = 1
                28 |   }
                29 | 
                30 | }

Сделал следующие исправления:

  • Добавил хэш код последнего коммита remote модуля: ?ref=95c286e
  • Удалил неиспользуемые переменные
  • Зафиксировал версии используемых провайдеров:
    yandex = {
      source = "yandex-cloud/yandex"
      version = "~>0.44.0"
    }
    local = {
      source = "hashicorp/local"
      version = "~> 2.0"
    }
    template = {
      source = "hashicorp/local"
      version = "~> 2.2"
    }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@a-prokopyev-resume