Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No rules are processed in GitlabCI #925

Closed
bernardhalas opened this issue Jul 8, 2021 · 2 comments
Closed

No rules are processed in GitlabCI #925

bernardhalas opened this issue Jul 8, 2021 · 2 comments

Comments

@bernardhalas
Copy link

bernardhalas commented Jul 8, 2021
edited
Loading

  • terrascan version: 1.8.0
  • Operating System: Ubuntu 20.04

Description

Terrascan doesn't process any rules when running via Gitlab's CI. Local processing against the same repo works well.

What I Did

Running locally works fine (my terraform files are in the ./terraform directory):

docker run -v ${PWD}:/project --rm -it --entrypoint /bin/sh accurics/terrascan:1.8.0 -c "/go/bin/terrascan scan -i terraform /project/terraform"
...
Policies Validated  :   757
...

However from the Gitlab's CI I get:

...
Policies Validated  :	0

My .gitlab-ci.yaml configuration follows:

terrascan:
  stage: linting
  image:
    name: accurics/terrascan:1.8.0
    entrypoint: ["/bin/sh", "-c"]
  script:
  - pwd
  - ls -al
  - ls -al ./terraform
  - /go/bin/terrascan scan -i terraform ./terraform
  - /go/bin/terrascan scan -i terraform -d ./terraform
  - /go/bin/terrascan scan -i terraform terraform
  - /go/bin/terrascan scan -i terraform -d terraform

As you can see, I've added extra comands above (pwd, ls) to make sure I'm in the correct working dir. And I also executed the terrascan scan command against various interpretations of the same destination path. All showing the same result: 0 policies validated.
@kanchwala-yusuf
Copy link
Contributor

kanchwala-yusuf commented Jul 8, 2021
edited
Loading

Hi @bernardhalas ,
Thank you for using terrascan!

I have a quick question:
How is the volume being attached to the terrascan container at ./terraform directory? I cannot see a section in .gitlab-ci.yaml shared above. Just want to make sure the code is being added into the terrascan container, just the way it is being attached with -v option when you are running it locally.

@bernardhalas
Copy link
Author

Thank you for a quick response @kanchwala-yusuf

Thanks to your input I found out that I wrongly mounted the folder in the docker run command. I've fixed this and updated the intial report. This doesn't explain the difference though.

docker run -v ${PWD}:/project --rm -it --entrypoint /bin/sh accurics/terrascan:1.8.0 -c "/go/bin/terrascan scan -i terraform /project/terraform

I assume the reason why there were 0 rules processed is because OCI cloud provider isn't supported and hence no rules could be applied. Therefore I'm closing this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bernardhalas @kanchwala-yusuf