bug(terraform): Trivy does not load a module from the parent directory

[nikpivkin]

The path “../” becomes “..” after cleaning, causing the MapFS check that the path lies outside FS to fail.

Files:

❯ cat main.tf
resource "aws_s3_bucket" "name" {
  bucket = "root"
}%
                                                                                   
❯ cat test/main.tf
module "test" {
    # source = "../"
    source = "./.."
}% 

Project structure

❯ tree
.
├── main.tf
└── test
    └── main.tf

Output:

2024-09-18T14:01:39+06:00       DEBUG   [terraform evaluator] Locating non-initialized module   source="./.."
2024-09-18T14:01:39+06:00       DEBUG   [module resolver] Resolving module      name="module.test" source="./.."
2024-09-18T14:01:39+06:00       DEBUG   [module resolver] Module resolved locally       name="module.test" file_path=".."
2024-09-18T14:01:39+06:00       DEBUG   [module resolver] Module resolved       file_path=".."
2024-09-18T14:01:39+06:00       DEBUG   [terraform evaluator] Module resolved   block="module.test" source="./.." prefix="" file_path=".."
2024-09-18T14:01:39+06:00       DEBUG   [terraform parser] Parsing FS   module="test" file_path=".."
2024-09-18T14:01:39+06:00       ERROR   [terraform evaluator] Failed to load module. Maybe try 'terraform init'?      err="file does not exist"
2024-09-18T14:01:39+06:00       DEBUG   [terraform evaluator] Starting post-submodules evaluation...
2024-09-18T14:01:39+06:00       DEBUG   [terraform evaluator] Starting iteration        iteration=0
2024-09-18T14:01:39+06:00       DEBUG   [terraform evaluator] Starting iteration        iteration=1
2024-09-18T14:01:39+06:00       DEBUG   [terraform evaluator] Context unchanged iteration=1
2024-09-18T14:01:39+06:00       DEBUG   [terraform evaluator] Module evaluation complete.
2024-09-18T14:01:39+06:00       DEBUG   [terraform parser] Finished parsing module      module="root"
2024-09-18T14:01:39+06:00       DEBUG   [terraform executor] Adapting modules...
2024-09-18T14:01:39+06:00       DEBUG   [terraform executor] Adapted module(s) into state data. count=1
2024-09-18T14:01:39+06:00       DEBUG   [terraform executor] Using max routines count=7
2024-09-18T14:01:39+06:00       DEBUG   [terraform executor] Initialized Go check(s).   count=775
2024-09-18T14:01:39+06:00       DEBUG   [rego] Scannning inputs count=1
2024-09-18T14:01:39+06:00       DEBUG   [terraform executor] Finished applying rules.
2024-09-18T14:01:39+06:00       DEBUG   [terraform executor] Applying ignores...
2024-09-18T14:01:39+06:00       DEBUG   OS is not detected.
2024-09-18T14:01:39+06:00       INFO    Detected config files   num=1
2024-09-18T14:01:39+06:00       DEBUG   Scanned config file     file_path="."
2024-09-18T14:01:39+06:00       DEBUG   [vex] VEX filtering is disabled

[knqyf263]

The path “../” becomes “...” after cleaning

Could you elaborate on that? I tested, but didn't see ....
https://go.dev/play/p/T4TSbibNtoS

[nikpivkin]

Oops, I think I put an extra period. Fixed the description.