diff --git a/pkg/iac-providers/terraform/commons/variable-references.go b/pkg/iac-providers/terraform/commons/variable-references.go index 56443bc9d..c77023631 100644 --- a/pkg/iac-providers/terraform/commons/variable-references.go +++ b/pkg/iac-providers/terraform/commons/variable-references.go @@ -148,9 +148,9 @@ func (r *RefResolver) ResolveVarRefFromParentModuleCall(varRef string) interface if reflect.TypeOf(val).Kind() == reflect.String { valStr := val.(string) resolvedVal := strings.Replace(varRef, varExpr, valStr, 1) - if varRef == resolvedVal { + if strings.Contains(valStr, varExpr) { zap.S().Debugf("resolved str variable ref refers to self: '%v'", varRef) - return varRef + return resolvedVal } zap.S().Debugf("resolved str variable ref: '%v', value: '%v'", varRef, string(resolvedVal)) return r.ResolveStrRef(resolvedVal) diff --git a/pkg/iac-providers/terraform/v14/load-dir_test.go b/pkg/iac-providers/terraform/v14/load-dir_test.go index 2121d1b38..5b9b81eec 100644 --- a/pkg/iac-providers/terraform/v14/load-dir_test.go +++ b/pkg/iac-providers/terraform/v14/load-dir_test.go @@ -119,6 +119,13 @@ func TestLoadIacDir(t *testing.T) { tfv14: TfV14{}, wantErr: nil, }, + { + name: "recursive loop while resolving variables", + tfConfigDir: filepath.Join(testDataDir, "recursive-loop"), + tfJSONFile: filepath.Join(tfJSONDir, "recursive-loop.json"), + tfv14: TfV14{}, + wantErr: nil, + }, } for _, tt := range table2 { diff --git a/pkg/iac-providers/terraform/v14/testdata/recursive-loop/bug.tf b/pkg/iac-providers/terraform/v14/testdata/recursive-loop/bug.tf new file mode 100644 index 000000000..249b94510 --- /dev/null +++ b/pkg/iac-providers/terraform/v14/testdata/recursive-loop/bug.tf @@ -0,0 +1,9 @@ +variable "filename" { + type = string +} + +module "dummy" { + source = "./dummy" + + filename = "${path.module}/${var.filename}" +} \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v14/testdata/recursive-loop/dummy/main.tf b/pkg/iac-providers/terraform/v14/testdata/recursive-loop/dummy/main.tf new file mode 100644 index 000000000..4e4bc2d72 --- /dev/null +++ b/pkg/iac-providers/terraform/v14/testdata/recursive-loop/dummy/main.tf @@ -0,0 +1,12 @@ +variable "filename" { + type = string +} + +resource "null_resource" "example" { + container_definitions = templatefile( + var.filename, + { + foo = "bar" + } + ) +} \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop.json new file mode 100644 index 000000000..0917e30d2 --- /dev/null +++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop.json @@ -0,0 +1,15 @@ +{ + "null_resource": [ + { + "id": "null_resource.example", + "name": "example", + "source": "dummy/main.tf", + "line": 5, + "type": "null_resource", + "config": { + "container_definitions": "${templatefile(\n ${path.module}/${var.filename},\n {\n foo = \"bar\"\n }\n )}" + }, + "skip_rules": null + } + ] + } \ No newline at end of file