Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Phase two #9483

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Phase two #9483

wants to merge 2 commits into from

Conversation

markgov
Copy link
Contributor

@markgov markgov commented Mar 6, 2025

A reference to the issue / Description of it

Adding default tagging to provider files

How does this PR fix the problem?

{Please write here}

How has this been tested?

Please describe the tests that you ran and provide instructions to reproduce.

{Please write here}

Deployment Plan / Instructions

Will this deployment impact the platform and / or services on it?

{Please write here}

Checklist (check x in [ ] of list items)

  • I have performed a self-review of my own code
  • All checks have passed
  • I have made corresponding changes to the documentation
  • Plan and discussed how it should be deployed to PROD (If needed)

Additional comments (if any)

{Please write here}

@markgov markgov requested a review from a team as a code owner March 6, 2025 10:09
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Mar 6, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/analytical-platform
terraform/environments/apex
terraform/environments/bichard7
terraform/environments/ccms-ebs-upgrade
terraform/environments/ccms-ebs
terraform/environments/cdpt-chaps

Running Trivy in terraform/environments/analytical-platform
2025-03-06T10:11:36Z INFO [vulndb] Need to update DB
2025-03-06T10:11:36Z INFO [vulndb] Downloading vulnerability DB...
2025-03-06T10:11:36Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-03-06T10:11:39Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-03-06T10:11:39Z INFO [vuln] Vulnerability scanning is enabled
2025-03-06T10:11:39Z INFO [misconfig] Misconfiguration scanning is enabled
2025-03-06T10:11:39Z INFO [misconfig] Need to update the built-in checks
2025-03-06T10:11:39Z INFO [misconfig] Downloading the built-in checks...
163.77 KiB / 163.77 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-03-06T10:11:39Z INFO [secret] Secret scanning is enabled
2025-03-06T10:11:39Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:11:39Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:11:40Z INFO [terraform scanner] Scanning root module file_path="."
2025-03-06T10:11:40Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-03-06T10:11:40Z INFO Number of language-specific files num=0
2025-03-06T10:11:40Z INFO Detected config files num=1
trivy_exitcode=0

Running Trivy in terraform/environments/apex
2025-03-06T10:11:40Z INFO [vuln] Vulnerability scanning is enabled
2025-03-06T10:11:40Z INFO [misconfig] Misconfiguration scanning is enabled
2025-03-06T10:11:40Z INFO [secret] Secret scanning is enabled
2025-03-06T10:11:40Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:11:40Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:11:41Z INFO [terraform scanner] Scanning root module file_path="."
2025-03-06T10:11:41Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-03-06T10:11:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:11:41Z INFO Number of language-specific files num=0
2025-03-06T10:11:41Z INFO Detected config files num=1
trivy_exitcode=0

Running Trivy in terraform/environments/bichard7
2025-03-06T10:11:41Z INFO [vuln] Vulnerability scanning is enabled
2025-03-06T10:11:41Z INFO [misconfig] Misconfiguration scanning is enabled
2025-03-06T10:11:41Z INFO [secret] Secret scanning is enabled
2025-03-06T10:11:41Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:11:41Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:11:42Z INFO [terraform scanner] Scanning root module file_path="."
2025-03-06T10:11:42Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-03-06T10:11:42Z INFO Number of language-specific files num=0
2025-03-06T10:11:42Z INFO Detected config files num=1
trivy_exitcode=0

Running Trivy in terraform/environments/ccms-ebs-upgrade
2025-03-06T10:11:42Z INFO [vuln] Vulnerability scanning is enabled
2025-03-06T10:11:42Z INFO [misconfig] Misconfiguration scanning is enabled
2025-03-06T10:11:42Z INFO [secret] Secret scanning is enabled
2025-03-06T10:11:42Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:11:42Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:11:43Z INFO [terraform scanner] Scanning root module file_path="."
2025-03-06T10:11:43Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-03-06T10:11:43Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:11:44Z INFO Number of language-specific files num=0
2025-03-06T10:11:44Z INFO Detected config files num=1
trivy_exitcode=0

Running Trivy in terraform/environments/ccms-ebs
2025-03-06T10:11:44Z INFO [vuln] Vulnerability scanning is enabled
2025-03-06T10:11:44Z INFO [misconfig] Misconfiguration scanning is enabled
2025-03-06T10:11:44Z INFO [secret] Secret scanning is enabled
2025-03-06T10:11:44Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:11:44Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:11:45Z INFO [terraform scanner] Scanning root module file_path="."
2025-03-06T10:11:45Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-03-06T10:11:45Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:11:45Z INFO Number of language-specific files num=0
2025-03-06T10:11:45Z INFO Detected config files num=1
trivy_exitcode=0

Running Trivy in terraform/environments/cdpt-chaps
2025-03-06T10:11:45Z INFO [vuln] Vulnerability scanning is enabled
2025-03-06T10:11:45Z INFO [misconfig] Misconfiguration scanning is enabled
2025-03-06T10:11:45Z INFO [secret] Secret scanning is enabled
2025-03-06T10:11:45Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:11:45Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:11:46Z INFO [terraform scanner] Scanning root module file_path="."
2025-03-06T10:11:46Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-03-06T10:11:46Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:11:46Z INFO Number of language-specific files num=0
2025-03-06T10:11:46Z INFO Detected config files num=1
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform
terraform/environments/apex
terraform/environments/bichard7
terraform/environments/ccms-ebs-upgrade
terraform/environments/ccms-ebs
terraform/environments/cdpt-chaps

*****************************

Running Checkov in terraform/environments/analytical-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 5, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/apex
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 5, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/bichard7
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 5, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/ccms-ebs-upgrade
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 5, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/ccms-ebs
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 5, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/cdpt-chaps
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 5, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/analytical-platform
terraform/environments/apex
terraform/environments/bichard7
terraform/environments/ccms-ebs-upgrade
terraform/environments/ccms-ebs
terraform/environments/cdpt-chaps

*****************************

Running tflint in terraform/environments/analytical-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/apex
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/bichard7
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/ccms-ebs-upgrade
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/ccms-ebs
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/cdpt-chaps
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform
terraform/environments/apex
terraform/environments/bichard7
terraform/environments/ccms-ebs-upgrade
terraform/environments/ccms-ebs
terraform/environments/cdpt-chaps

*****************************

Running Trivy in terraform/environments/analytical-platform
2025-03-06T10:11:36Z	INFO	[vulndb] Need to update DB
2025-03-06T10:11:36Z	INFO	[vulndb] Downloading vulnerability DB...
2025-03-06T10:11:36Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-03-06T10:11:39Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-03-06T10:11:39Z	INFO	[vuln] Vulnerability scanning is enabled
2025-03-06T10:11:39Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-03-06T10:11:39Z	INFO	[misconfig] Need to update the built-in checks
2025-03-06T10:11:39Z	INFO	[misconfig] Downloading the built-in checks...
163.77 KiB / 163.77 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-03-06T10:11:39Z	INFO	[secret] Secret scanning is enabled
2025-03-06T10:11:39Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:11:39Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:11:40Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-03-06T10:11:40Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-03-06T10:11:40Z	INFO	Number of language-specific files	num=0
2025-03-06T10:11:40Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/apex
2025-03-06T10:11:40Z	INFO	[vuln] Vulnerability scanning is enabled
2025-03-06T10:11:40Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-03-06T10:11:40Z	INFO	[secret] Secret scanning is enabled
2025-03-06T10:11:40Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:11:40Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:11:41Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-03-06T10:11:41Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-03-06T10:11:41Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:11:41Z	INFO	Number of language-specific files	num=0
2025-03-06T10:11:41Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/bichard7
2025-03-06T10:11:41Z	INFO	[vuln] Vulnerability scanning is enabled
2025-03-06T10:11:41Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-03-06T10:11:41Z	INFO	[secret] Secret scanning is enabled
2025-03-06T10:11:41Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:11:41Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:11:42Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-03-06T10:11:42Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-03-06T10:11:42Z	INFO	Number of language-specific files	num=0
2025-03-06T10:11:42Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/ccms-ebs-upgrade
2025-03-06T10:11:42Z	INFO	[vuln] Vulnerability scanning is enabled
2025-03-06T10:11:42Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-03-06T10:11:42Z	INFO	[secret] Secret scanning is enabled
2025-03-06T10:11:42Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:11:42Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:11:43Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-03-06T10:11:43Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-03-06T10:11:43Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:11:44Z	INFO	Number of language-specific files	num=0
2025-03-06T10:11:44Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/ccms-ebs
2025-03-06T10:11:44Z	INFO	[vuln] Vulnerability scanning is enabled
2025-03-06T10:11:44Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-03-06T10:11:44Z	INFO	[secret] Secret scanning is enabled
2025-03-06T10:11:44Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:11:44Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:11:45Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-03-06T10:11:45Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-03-06T10:11:45Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:11:45Z	INFO	Number of language-specific files	num=0
2025-03-06T10:11:45Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/cdpt-chaps
2025-03-06T10:11:45Z	INFO	[vuln] Vulnerability scanning is enabled
2025-03-06T10:11:45Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-03-06T10:11:45Z	INFO	[secret] Secret scanning is enabled
2025-03-06T10:11:45Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:11:45Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:11:46Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-03-06T10:11:46Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-03-06T10:11:46Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:11:46Z	INFO	Number of language-specific files	num=0
2025-03-06T10:11:46Z	INFO	Detected config files	num=1
trivy_exitcode=0

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Mar 6, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/analytical-platform
terraform/environments/apex
terraform/environments/bichard7
terraform/environments/ccms-ebs-upgrade
terraform/environments/ccms-ebs
terraform/environments/cdpt-chaps

Running Trivy in terraform/environments/analytical-platform
2025-03-06T10:35:08Z INFO [vulndb] Need to update DB
2025-03-06T10:35:08Z INFO [vulndb] Downloading vulnerability DB...
2025-03-06T10:35:08Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-03-06T10:35:10Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-03-06T10:35:10Z INFO [vuln] Vulnerability scanning is enabled
2025-03-06T10:35:10Z INFO [misconfig] Misconfiguration scanning is enabled
2025-03-06T10:35:10Z INFO [misconfig] Need to update the built-in checks
2025-03-06T10:35:10Z INFO [misconfig] Downloading the built-in checks...
163.77 KiB / 163.77 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-03-06T10:35:11Z INFO [secret] Secret scanning is enabled
2025-03-06T10:35:11Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:35:11Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:35:12Z INFO [terraform scanner] Scanning root module file_path="."
2025-03-06T10:35:12Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-03-06T10:35:12Z INFO Number of language-specific files num=0
2025-03-06T10:35:12Z INFO Detected config files num=1
trivy_exitcode=0

Running Trivy in terraform/environments/apex
2025-03-06T10:35:12Z INFO [vuln] Vulnerability scanning is enabled
2025-03-06T10:35:12Z INFO [misconfig] Misconfiguration scanning is enabled
2025-03-06T10:35:12Z INFO [secret] Secret scanning is enabled
2025-03-06T10:35:12Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:35:12Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:35:13Z INFO [terraform scanner] Scanning root module file_path="."
2025-03-06T10:35:13Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-03-06T10:35:13Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:35:13Z INFO Number of language-specific files num=0
2025-03-06T10:35:13Z INFO Detected config files num=1
trivy_exitcode=0

Running Trivy in terraform/environments/bichard7
2025-03-06T10:35:13Z INFO [vuln] Vulnerability scanning is enabled
2025-03-06T10:35:13Z INFO [misconfig] Misconfiguration scanning is enabled
2025-03-06T10:35:13Z INFO [secret] Secret scanning is enabled
2025-03-06T10:35:13Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:35:13Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:35:14Z INFO [terraform scanner] Scanning root module file_path="."
2025-03-06T10:35:14Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-03-06T10:35:14Z INFO Number of language-specific files num=0
2025-03-06T10:35:14Z INFO Detected config files num=1
trivy_exitcode=0

Running Trivy in terraform/environments/ccms-ebs-upgrade
2025-03-06T10:35:14Z INFO [vuln] Vulnerability scanning is enabled
2025-03-06T10:35:14Z INFO [misconfig] Misconfiguration scanning is enabled
2025-03-06T10:35:14Z INFO [secret] Secret scanning is enabled
2025-03-06T10:35:14Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:35:14Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:35:15Z INFO [terraform scanner] Scanning root module file_path="."
2025-03-06T10:35:15Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-03-06T10:35:15Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:35:15Z INFO Number of language-specific files num=0
2025-03-06T10:35:15Z INFO Detected config files num=1
trivy_exitcode=0

Running Trivy in terraform/environments/ccms-ebs
2025-03-06T10:35:16Z INFO [vuln] Vulnerability scanning is enabled
2025-03-06T10:35:16Z INFO [misconfig] Misconfiguration scanning is enabled
2025-03-06T10:35:16Z INFO [secret] Secret scanning is enabled
2025-03-06T10:35:16Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:35:16Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:35:17Z INFO [terraform scanner] Scanning root module file_path="."
2025-03-06T10:35:17Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-03-06T10:35:17Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:35:17Z INFO Number of language-specific files num=0
2025-03-06T10:35:17Z INFO Detected config files num=1
trivy_exitcode=0

Running Trivy in terraform/environments/cdpt-chaps
2025-03-06T10:35:17Z INFO [vuln] Vulnerability scanning is enabled
2025-03-06T10:35:17Z INFO [misconfig] Misconfiguration scanning is enabled
2025-03-06T10:35:17Z INFO [secret] Secret scanning is enabled
2025-03-06T10:35:17Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:35:17Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:35:18Z INFO [terraform scanner] Scanning root module file_path="."
2025-03-06T10:35:18Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-03-06T10:35:18Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:35:18Z INFO Number of language-specific files num=0
2025-03-06T10:35:18Z INFO Detected config files num=1
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform
terraform/environments/apex
terraform/environments/bichard7
terraform/environments/ccms-ebs-upgrade
terraform/environments/ccms-ebs
terraform/environments/cdpt-chaps

*****************************

Running Checkov in terraform/environments/analytical-platform
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 5, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/apex
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 5, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/bichard7
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 5, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/ccms-ebs-upgrade
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 5, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/ccms-ebs
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 5, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/cdpt-chaps
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 5, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/analytical-platform
terraform/environments/apex
terraform/environments/bichard7
terraform/environments/ccms-ebs-upgrade
terraform/environments/ccms-ebs
terraform/environments/cdpt-chaps

*****************************

Running tflint in terraform/environments/analytical-platform
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/apex
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/bichard7
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/ccms-ebs-upgrade
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/ccms-ebs
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/cdpt-chaps
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform
terraform/environments/apex
terraform/environments/bichard7
terraform/environments/ccms-ebs-upgrade
terraform/environments/ccms-ebs
terraform/environments/cdpt-chaps

*****************************

Running Trivy in terraform/environments/analytical-platform
2025-03-06T10:35:08Z	INFO	[vulndb] Need to update DB
2025-03-06T10:35:08Z	INFO	[vulndb] Downloading vulnerability DB...
2025-03-06T10:35:08Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-03-06T10:35:10Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-03-06T10:35:10Z	INFO	[vuln] Vulnerability scanning is enabled
2025-03-06T10:35:10Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-03-06T10:35:10Z	INFO	[misconfig] Need to update the built-in checks
2025-03-06T10:35:10Z	INFO	[misconfig] Downloading the built-in checks...
163.77 KiB / 163.77 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-03-06T10:35:11Z	INFO	[secret] Secret scanning is enabled
2025-03-06T10:35:11Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:35:11Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:35:12Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-03-06T10:35:12Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-03-06T10:35:12Z	INFO	Number of language-specific files	num=0
2025-03-06T10:35:12Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/apex
2025-03-06T10:35:12Z	INFO	[vuln] Vulnerability scanning is enabled
2025-03-06T10:35:12Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-03-06T10:35:12Z	INFO	[secret] Secret scanning is enabled
2025-03-06T10:35:12Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:35:12Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:35:13Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-03-06T10:35:13Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-03-06T10:35:13Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:35:13Z	INFO	Number of language-specific files	num=0
2025-03-06T10:35:13Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/bichard7
2025-03-06T10:35:13Z	INFO	[vuln] Vulnerability scanning is enabled
2025-03-06T10:35:13Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-03-06T10:35:13Z	INFO	[secret] Secret scanning is enabled
2025-03-06T10:35:13Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:35:13Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:35:14Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-03-06T10:35:14Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-03-06T10:35:14Z	INFO	Number of language-specific files	num=0
2025-03-06T10:35:14Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/ccms-ebs-upgrade
2025-03-06T10:35:14Z	INFO	[vuln] Vulnerability scanning is enabled
2025-03-06T10:35:14Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-03-06T10:35:14Z	INFO	[secret] Secret scanning is enabled
2025-03-06T10:35:14Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:35:14Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:35:15Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-03-06T10:35:15Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-03-06T10:35:15Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:35:15Z	INFO	Number of language-specific files	num=0
2025-03-06T10:35:15Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/ccms-ebs
2025-03-06T10:35:16Z	INFO	[vuln] Vulnerability scanning is enabled
2025-03-06T10:35:16Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-03-06T10:35:16Z	INFO	[secret] Secret scanning is enabled
2025-03-06T10:35:16Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:35:16Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:35:17Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-03-06T10:35:17Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-03-06T10:35:17Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:35:17Z	INFO	Number of language-specific files	num=0
2025-03-06T10:35:17Z	INFO	Detected config files	num=1
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/cdpt-chaps
2025-03-06T10:35:17Z	INFO	[vuln] Vulnerability scanning is enabled
2025-03-06T10:35:17Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-03-06T10:35:17Z	INFO	[secret] Secret scanning is enabled
2025-03-06T10:35:17Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-03-06T10:35:17Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-03-06T10:35:18Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-03-06T10:35:18Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-03-06T10:35:18Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-03-06T10:35:18Z	INFO	Number of language-specific files	num=0
2025-03-06T10:35:18Z	INFO	Detected config files	num=1
trivy_exitcode=0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@markgov