Panic: cannot refine an unknown value of an unknown type
ahmad-hamade opened this issue · comments
Summary
TFLint started crashing after we upgraded from 0.46.1 to 0.47.0
Command
tflint --config=/infra/.tflint.hcl -f compact
Terraform Configuration
module "eks_common_01" {
source = "terraform-aws-modules/eks/aws"
version = "~> 19.15"
cluster_name = "${var.prefix}-${var.environment_name}-${var.aws_region}-common-01-eks"
iam_role_name = "${var.environment_name}-common-01"
cluster_version = "1.26"
cluster_endpoint_private_access = true
cluster_endpoint_public_access = true
cluster_addons = {
coredns = {
resolve_conflicts = "OVERWRITE"
}
kube-proxy = {
resolve_conflicts = "OVERWRITE"
}
vpc-cni = {
resolve_conflicts = "OVERWRITE"
}
}
create_kms_key = true
kms_key_administrators = data.aws_iam_roles.admin_roles.arns
kms_key_enable_default_policy = true
cloudwatch_log_group_retention_in_days = var.cloudwatch_log_retention_days
cluster_encryption_config = {
resources = ["secrets"]
}
vpc_id = module.vpc.vpc_id
subnet_ids = module.vpc.private_subnets
eks_managed_node_group_defaults = {
ami_type = "AL2_x86_64"
disk_size = 50
instance_types = var.eks_common_01_config.instance_types
}
# Create nodegroup for each az
eks_managed_node_groups = {
for index, subnet_id in module.vpc.private_subnets :
"${var.environment_name}-common-01-node-${index}" => {
min_size = var.eks_common_01_config.worker_min_size_per_az
max_size = var.eks_common_01_config.worker_max_size_per_az
desired_size = var.eks_common_01_config.worker_min_size_per_az
instance_types = var.eks_common_01_config.instance_types
capacity_type = var.eks_common_01_config.capacity_type
tags = var.tags
subnet_ids = [subnet_id]
}
}
manage_aws_auth_configmap = false
tags = var.tags
}TFLint Configuration
config {
module = true
force = false
disabled_by_default = false
}
plugin "terraform" {
enabled = true
preset = "all"
version = "0.4.0"
source = "github.com/terraform-linters/tflint-ruleset-terraform"
}
plugin "aws" {
enabled = true
version = "0.26.0"
source = "github.com/terraform-linters/tflint-ruleset-aws"
}Output
Panic: cannot refine an unknown value of an unknown type
-> 0: main.main.func1: /main.go(25)
-> 1: runtime.gopanic: /panic.go(884)
-> 2: github.com/zclconf/go-cty/cty.Value.Refine: /unknown_refinement.go(47)
-> 3: github.com/zclconf/go-cty/cty.Value.RefineNotNull: /unknown_refinement.go(123)
-> 4: github.com/hashicorp/hcl/v2/ext/typeexpr.(*Defaults).apply: /defaults.go(99)
-> 5: github.com/hashicorp/hcl/v2/ext/typeexpr.(*Defaults).Apply: /defaults.go(45)
-> 6: github.com/terraform-linters/tflint/terraform.(*evaluationData).GetInputVariable: /evaluator.go(204)
-> 7: github.com/terraform-linters/tflint/terraform/lang.(*Scope).evalContext: /eval.go(141)
-> 8: github.com/terraform-linters/tflint/terraform/lang.(*Scope).EvalContext: /eval.go(81)
-> 9: github.com/terraform-linters/tflint/terraform/lang.(*Scope).ExpandBlock: /eval.go(25)
-> 10: github.com/terraform-linters/tflint/terraform.(*Evaluator).ExpandBlock: /evaluator.go(101)
-> 11: github.com/terraform-linters/tflint/terraform.(*Module).PartialContent: /module.go(132)
-> 12: github.com/terraform-linters/tflint/tflint.NewModuleRunners: /runner.go(110)
-> 13: github.com/terraform-linters/tflint/tflint.NewModuleRunners: /runner.go(163)
-> 14: github.com/terraform-linters/tflint/cmd.(*CLI).setupRunners: /inspect.go(251)
-> 15: github.com/terraform-linters/tflint/cmd.(*CLI).inspectModule: /inspect.go(127)
-> 16: github.com/terraform-linters/tflint/cmd.(*CLI).inspect.func1: /inspect.go(54)
-> 17: github.com/terraform-linters/tflint/cmd.(*CLI).withinChangedDir: /cli.go(190)
-> 18: github.com/terraform-linters/tflint/cmd.(*CLI).inspect: /inspect.go(35)
-> 19: github.com/terraform-linters/tflint/cmd.(*CLI).Run: /cli.go(106)
-> 20: main.main: /main.go(38)
-> 21: runtime.main: /proc.go(250)
-> 22: runtime.goexit: /asm_amd64.s(1598)
TFLint crashed... :(
Please attach an output log, describe the situation and version that occurred and post an issue to https://github.com/terraform-linters/tflint/issues
Error: Process completed with exit code 1.TFLint Version
0.47.0
Terraform Version
1.5.2
Operating System
- Linux
- macOS
- Windows
Please note, the issue is reported only when I use a custom terraform module that has the following values:
external_dns = {
enabled = true
domain_names = keys(module.base_dns_zone.route53_zone_name)
domain_name_arns = values(module.base_dns_zone.route53_zone_zone_arn) # <---- this line is what causing the problem
}If I omit the value for domain_name_arns property then tflint works just fine.
Below is the external_dns variable definition:
variable "external_dns" {
type = object({
enabled = bool
domain_names = list(string)
domain_name_arns = optional(list(string), [])
helm_version = optional(string, "1.13.0")
})
description = "External DNS configuration"
default = null
}
Thank you for reporting this. This seems like a bug.
In TFLint an expression like module.base_dns_zone.route53_zone_zone_arn always resolves to an unknown value of an unknown type.
Line 189 in dcc49ce
Next, HCL v2.17, which is used in TFLint v0.47, introduces the concept of refinements. This seems to apply implicit refinements when default values such as optional(list(string), []) are applied.
Unfortunately refinements for unknown values of unknown types don't seem to be supported.
https://github.com/zclconf/go-cty/blob/v1.13.3/cty/unknown_refinement.go#L46-L47
I'm not sure how to fix this, but it might be a good idea to fix the HCL to not apply the refinement in case of unknown values of unknown types.
The current workaround is to downgrade to TFLint v0.46.1.
The upstream bug is fixed in hashicorp/hcl#625
This issue is expected to be resolved by updating to the latest HCL version (unreleased).
Thank you @wata727 for the fix.
I can confirm the issue is resolved in tflint v0.48.0.