Terraform Plan scanning with --repo-root-for-plan-enrichment inconsistent file references in sarif/json report
#6943
Labels
Comments
kpervin
changed the title
--repo-root-for-plan-enrichment inconsistent file references in sarif report--repo-root-for-plan-enrichment inconsistent file references in sarif/json report
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the issue
When following the Terraform Plan Scanning documentation and outputting a sarif/json report using
--repo-root-for-plan-enrichment, console log outputs will show the affected file correctly while the report will reference the JSON plan file that was input.Sarif
When inspecting the
sariffile output,/runs/[]/results/[]/locations/[]/physicalLocation/artifactLocation/uriwill reference thetfplan.jsonfile rather than the actual Terraform plan file. However, the/runs/[]/results/[]/locations/[]/physicalLocation/regionstartLineandendLineare correct in referencing the Terraform configuration file and not thetfplan.json.JSON
When inspecting the
jsonfile output, we see that/results/failed_checks/[]/file_pathDOES reference the correct file as a filename (not path), but/results/failed_checks/[]/file_abs_pathand/results/failed_checks/[]/repo_file_pathwill reference thetfplan.jsonfile.The text was updated successfully, but these errors were encountered: