kics icon indicating copy to clipboard operation
kics copied to clipboard
verified publisher icon Checkmarx

bug(terraform): scans hanging when .terraform dir is present

Open LironJit opened this issue 1 year ago • 3 comments

Hey :) When a .terraform directory is present, for example in the root level of a directory, and KICS is ran against this repository, the scan freezes / hangs.

Reproduced with KICS 2.0.1 and KICS 2.1.3, using a Mac M1 Pro, happens on an GitHub runners with Ubuntu 22.04 as well To reproduce, create a .terraform directory (it can be empty), and a .tf file (any content, even "hi") Run KICS via kics scan --path . or alternatively kics scan --type terraform --path . Before executing the queries the scan hangs. Behavior persists even with --exclude-paths=.terraform.

image

With --verbose and --excldue-paths=.terraform/ image

LironJit avatar Dec 04 '24 16:12 LironJit

Same here!


b04b05491568:/src# kics version
Keeping Infrastructure as Code Secure v2.1.6

maiconbaum avatar Mar 26 '25 05:03 maiconbaum

Seeing this as well

kics version
Keeping Infrastructure as Code Secure 2.1.10

DavidTurk avatar Jun 06 '25 15:06 DavidTurk

Same on v2.1.14, using as pre-commit hook.

# If this hangs, try deleting .terraform directory - https://github.com/Checkmarx/kics/issues/7300
- repo: https://github.com/Checkmarx/kics
  rev: v2.1.14
  hooks:
    - id: kics-scan
      verbose: true
      args:
        - --exclude-queries
        - e592a0c5-5bdb-414c-9066-5dba7cdea370

IrmantasMarozas avatar Oct 08 '25 10:10 IrmantasMarozas