@hcrhall @rberlind I’d appreciate some help, i’m stock here
I got the above error when i run sentinel apply. here is how my directory looks like
├── compliance
here is my mock data i copied and paste in my mock-plan.sentinel: terraform-sentinel-policies/aws/test/enforce-mandatory-tags/mock-tfplan-pass.sentinel at main · hashicorp/terraform-sentinel-policies · GitHub
policy: terraform-sentinel-policies/aws/enforce-mandatory-tags.sentinel at main · hashicorp/terraform-sentinel-policies · GitHub
the error points to line 15 of the tfplan-functions,sentinel: terraform-sentinel-policies/common-functions/tfplan-functions/tfplan-functions.sentinel at main · hashicorp/terraform-sentinel-policies · GitHub
“”/compliance/tfplan-functions/tfplan-functions.sentinel:15:1: Error configuring import “tfplan/v2”: error loading plan data: invalid character ‘e’ in literal true (expecting ‘r’)“”
// -------------------------------------------------------------
// -------------------------------------------------------------
import “module” “aws_functions” {
import “module” “tfplan-functions” {
// -------------------------------------------------------------
test {
Hi @maxcellayim588 , what version of Sentinel are you running. There was a similar error to the one you have noted in 0.24.0, which was fixed in 0.24.1. I recommend removing the .sentinel directory cache before you re-run apply also.
@cam-stitt i’m using 0.24.1
@cam-stitt i added a step in my my .gitlab-ci.yaml file to remove .sentinel, but i still have the same error
/compliance/tfplan-functions/tfplan-functions.sentinel:15:1: Error configuring import “tfplan/v2”: error loading plan data: invalid character ‘e’ in literal true (expecting ‘r’)
@maxcellayim237 can you try and change plan_path to point to the plan.json instead of the mock plan? The plugin expects a JSON document.
Alternatively, if you would like to use mock data, you will need to change your configuration to the following:
mock “tfplan/v2” {
module {
source = “../../terraform/mock-plan.sentinel”
}
}
@hcrhall that fix the error. but gave another error.
Installing modules…
Module installation complete No plugins changed since last install No static imports changed since last install Installing policies… Policy installation complete Execution trace. The information below will show the values of all the rules evaluated. Note that some rules may be missing if short-circuit logic was taken. Note that for collection types and long strings, output may be truncated; re-run “sentinel apply” with the -json flag to see the full contents of these values.
mandatory-tag-policy.sentinel - Runtime error while running the policy: mandatory-tag-policy.sentinel:10:1: import “aws-functions” is not available
├── compliance
import “aws-functions” is not available
The configuration that you have provided shows that the source paths are local files and start with .../ instead of ../
It might be worth changing these and see how you get on.
@hcrhall works perfect as expected with mock fail and morck pass data. give the expected result for each scenario
@hcrhall after running
i’m trying to point the tfplan.json which contain the output of my terraform plan in the sentinel.hcl file, it errors
import “plugin” “tfplan/v2” {
sentinel.hcl:9,1-28: Plugin source not provided; plugin “tfplan/v2” is missing the required “source” attribute.
when i use:
import “plugin” “tfplan/v2” {
/…/…/terraform/tfplan.json: no such file or directory
i just want to understand how will i apply sentinel directly to to the output of my terraform plan
hcrhall
January 31, 2024, 1:06am
12
@maxcellayim237 the error you have provided is expected as source is not a valid config argument for the tfplan/v2 plugin. It expects plan_path.
Just as a reminder I have a working example that you can reference when you get stuck: sentinel-in-ci/compliance/config/sentinel.hcl at main · terraworx/sentinel-in-ci · GitHub
