Terravision fails with "Unhandled error: <class 'TypeError'>, can only concatenate str (not "bool") to str" #109
Description
Hello,
I am having a problem running Terravision against some TF that creates an EC2, VPC, subnet, routing table, internet gateway and a SG with some CIDRs in it. Basically an EC2 in AWS and the supporting stuff it needs to get online / be reachable. I also have a count argument so I can make multiple EC2s at the same time. TF also templates out an Ansible inventory via a local-file template. Don't think makes any odds, but on M1 MacBook.
Am using code cloned this morning so current version.
Environment:
pip list
Package Version
------------------------- --------
altgraph 0.17.4
certifi 2024.2.2
charset-normalizer 3.3.2
click 8.1.3
debugpy 1.5.1
gitdb 4.0.11
GitPython 3.1.31
graphviz 0.20.1
idna 3.6
ipaddr 2.2.0
lark 1.1.9
macholib 1.16.3
numpy 1.26.4
packaging 23.2
pip 24.0
pyinstaller 6.4.0
pyinstaller-hooks-contrib 2024.2
python-hcl2 4.3.0
PyYAML 6.0.1
requests 2.28.2
setuptools 65.6.3
smmap 5.0.1
tqdm 4.65.0
urllib3 1.26.18
python --version
Python 3.12.2
(venv) ➜ Terraform git:(main) ✗ tree
.
├── ansible_inventory.tpl
├── instance.tf
├── outputs.tf
├── providers.tf
├── security_group.tf
├── variables.tf
└── vpc.tf
1 directory, 7 files
I am running Terravision inside a venv so that I can manage the pip dependencies, but also get the same error when running on a raw Ubuntu docker container.
The exact error is:
./terravision draw --source ~/Dev/Project/Terraform --debug
TypeError: can only concatenate str (not "bool") to str
A full command output is here:
Preflight check..
dot command detected: /usr/bin/dot
gvpr command detected: /usr/bin/gvpr
git command detected: /usr/bin/git
terraform command detected: /usr/bin/terraform
Checking Terraform Version...
Initializing the backend...
Initializing provider plugins...
- Reusing previous version of hashicorp/aws from the dependency lock file
- Installing hashicorp/aws v5.39.1...
- Installed hashicorp/aws v5.39.1 (signed by HashiCorp)
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Terraform v1.7.4
Initalising workspace: default
Generating Terraform Plan..
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
- create
Terraform will perform the following actions:
aws_instance.EC2Workstation[0] will be created
- resource "aws_instance" "EC2Workstation" {
-
ami = "ami-0d18e50ca22537278"
-
arn = (known after apply)
-
associate_public_ip_address = true
-
availability_zone = (known after apply)
-
cpu_core_count = (known after apply)
-
cpu_threads_per_core = (known after apply)
-
disable_api_stop = (known after apply)
-
disable_api_termination = (known after apply)
-
ebs_optimized = (known after apply)
-
get_password_data = false
-
host_id = (known after apply)
-
host_resource_group_arn = (known after apply)
-
iam_instance_profile = (known after apply)
-
id = (known after apply)
-
instance_initiated_shutdown_behavior = (known after apply)
-
instance_lifecycle = (known after apply)
-
instance_state = (known after apply)
-
instance_type = "t2.medium"
-
ipv6_address_count = (known after apply)
-
ipv6_addresses = (known after apply)
-
key_name = "SSHKey"
-
monitoring = (known after apply)
-
outpost_arn = (known after apply)
-
password_data = (known after apply)
-
placement_group = (known after apply)
-
placement_partition_number = (known after apply)
-
primary_network_interface_id = (known after apply)
-
private_dns = (known after apply)
-
private_ip = (known after apply)
-
public_dns = (known after apply)
-
public_ip = (known after apply)
-
secondary_private_ips = (known after apply)
-
security_groups = (known after apply)
-
source_dest_check = true
-
spot_instance_request_id = (known after apply)
-
subnet_id = (known after apply)
-
tags = {
- "Name" = "EC2Workstation-001"
}
- "Name" = "EC2Workstation-001"
-
tags_all = {
- "Name" = "EC2Workstation-001"
}
- "Name" = "EC2Workstation-001"
-
tenancy = (known after apply)
-
user_data = (known after apply)
-
user_data_projecte64 = (known after apply)
-
user_data_replace_on_change = false
-
vpc_security_group_ids = (known after apply)
-
root_block_device {
- delete_on_termination = true
- device_name = (known after apply)
- encrypted = true
- iops = (known after apply)
- kms_key_id = (known after apply)
- tags_all = (known after apply)
- throughput = (known after apply)
- volume_id = (known after apply)
- volume_size = 8
- volume_type = (known after apply)
}
}
-
aws_internet_gateway.project_internetgateway will be created
- resource "aws_internet_gateway" "project_internetgateway" {
- arn = (known after apply)
- id = (known after apply)
- owner_id = (known after apply)
- tags = {
- "Name" = "MyInternetGateway"
}
- "Name" = "MyInternetGateway"
- tags_all = {
- "Name" = "MyInternetGateway"
}
- "Name" = "MyInternetGateway"
- vpc_id = (known after apply)
}
aws_route_table.project_route_table will be created
- resource "aws_route_table" "project_route_table" {
- arn = (known after apply)
- id = (known after apply)
- owner_id = (known after apply)
- propagating_vgws = (known after apply)
- route = [
- {
- carrier_gateway_id = ""
- cidr_block = "0.0.0.0/0"
- core_network_arn = ""
- destination_prefix_list_id = ""
- egress_only_gateway_id = ""
- gateway_id = (known after apply)
- ipv6_cidr_block = ""
- local_gateway_id = ""
- nat_gateway_id = ""
- network_interface_id = ""
- transit_gateway_id = ""
- vpc_endpoint_id = ""
- vpc_peering_connection_id = ""
},
]
- {
- tags = {
- "Name" = "project_RouteTable"
}
- "Name" = "project_RouteTable"
- tags_all = {
- "Name" = "project_RouteTable"
}
- "Name" = "project_RouteTable"
- vpc_id = (known after apply)
}
aws_route_table_association.a will be created
- resource "aws_route_table_association" "a" {
- id = (known after apply)
- route_table_id = (known after apply)
- subnet_id = (known after apply)
}
aws_security_group.SG_projectFirewalling will be created
- resource "aws_security_group" "SG_projectFirewalling" {
- arn = (known after apply)
- description = "Allow specific access for EC2 instances"
- egress = [
- {
- cidr_blocks = [
- "0.0.0.0/0",
]
- "0.0.0.0/0",
- description = ""
- from_port = 0
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "-1"
- security_groups = []
- self = false
- to_port = 0
},
]
- cidr_blocks = [
- {
- id = (known after apply)
- ingress = [
- {
- cidr_blocks = [
- "0.0.0.0/0",
]
- "0.0.0.0/0",
- description = ""
- from_port = -1
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "icmp"
- security_groups = []
- self = false
- to_port = -1
},
- cidr_blocks = [
- {
- cidr_blocks = [
- "0.0.0.0/0",
]
- "0.0.0.0/0",
- description = ""
- from_port = 443
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 443
},
- cidr_blocks = [
- {
- cidr_blocks = [
- "0.0.0.0/0",
]
- "0.0.0.0/0",
- description = ""
- from_port = 53
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 53
},
- cidr_blocks = [
- {
- cidr_blocks = [
- "0.0.0.0/0",
]
- "0.0.0.0/0",
- description = ""
- from_port = 53
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "udp"
- security_groups = []
- self = false
- to_port = 53
},
- cidr_blocks = [
- {
- cidr_blocks = [
- "0.0.0.0/0",
]
- "0.0.0.0/0",
- description = ""
- from_port = 80
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 80
},
- cidr_blocks = [
- {
- cidr_blocks = [
- "0.0.0.0/0",
]
- "0.0.0.0/0",
- description = ""
- from_port = 8443
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 8443
},
- cidr_blocks = [
- {
- cidr_blocks = [
[redacted list of CIDRs]]
] - description = ""
- from_port = 22
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 22
},
- cidr_blocks = [
- {
- cidr_blocks = [
[redacted list of CIDRs]]
] - description = ""
- from_port = 3389
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 3389
},
]
- cidr_blocks = [
- {
- name = "SG-projectFirewalling"
- name_prefix = (known after apply)
- owner_id = (known after apply)
- revoke_rules_on_delete = false
- tags_all = (known after apply)
- vpc_id = (known after apply)
}
aws_subnet.project_subnet will be created
- resource "aws_subnet" "project_subnet" {
- arn = (known after apply)
- assign_ipv6_address_on_creation = false
- availability_zone = (known after apply)
- availability_zone_id = (known after apply)
- cidr_block = "10.0.1.0/24"
- enable_dns64 = false
- enable_resource_name_dns_a_record_on_launch = false
- enable_resource_name_dns_aaaa_record_on_launch = false
- id = (known after apply)
- ipv6_cidr_block_association_id = (known after apply)
- ipv6_native = false
- map_public_ip_on_launch = true
- owner_id = (known after apply)
- private_dns_hostname_type_on_launch = (known after apply)
- tags = {
- "Name" = "project_subnet"
}
- "Name" = "project_subnet"
- tags_all = {
- "Name" = "project_subnet"
}
- "Name" = "project_subnet"
- vpc_id = (known after apply)
}
aws_vpc.project_vpc will be created
- resource "aws_vpc" "project_vpc" {
- arn = (known after apply)
- cidr_block = "10.0.0.0/16"
- default_network_acl_id = (known after apply)
- default_route_table_id = (known after apply)
- default_security_group_id = (known after apply)
- dhcp_options_id = (known after apply)
- enable_dns_hostnames = true
- enable_dns_support = true
- enable_network_address_usage_metrics = (known after apply)
- id = (known after apply)
- instance_tenancy = "default"
- ipv6_association_id = (known after apply)
- ipv6_cidr_block = (known after apply)
- ipv6_cidr_block_network_border_group = (known after apply)
- main_route_table_id = (known after apply)
- owner_id = (known after apply)
- tags = {
- "Name" = "project_vpc"
}
- "Name" = "project_vpc"
- tags_all = {
- "Name" = "project_vpc"
}
}
- "Name" = "project_vpc"
Plan: 7 to add, 0 to change, 0 to destroy.
Changes to Outputs:
- instance_names = [
- "EC2Workstation-001",
]
- "EC2Workstation-001",
- instance_public_ips = [
- (known after apply),
]
- (known after apply),
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: /tmp/tfplan.bin
To perform exactly these actions, run the following command to apply:
terraform apply "/tmp/tfplan.bin"
Analysing plan..
Unprocessed terraform graph dictionary:
{
"aws_instance.EC2Workstation1": [],1"
"aws_internet_gateway.project_internetgateway": [
"aws_route_table.project_route_table"
],
"aws_route_table.project_route_table": [
"aws_route_table_association.a"
],
"aws_route_table_association.a": [],
"aws_security_group.SG_projectFirewalling": [
"aws_instance.EC2Workstation
],
"aws_subnet.project_subnet": [
"aws_instance.EC2Workstation~1",
"aws_route_table_association.a"
],
"aws_vpc.project_vpc": [
"aws_internet_gateway.project_internetgateway",
"aws_security_group.SG_projectFirewalling",
"aws_subnet.project_subnet",
"aws_subnet.project_subnet"
]
}
Parsing Terraform Source Files..
Added Source Location: /tmp/EC2Workstation/Terraform
Parsing /tmp/EC2Workstation/Terraform/outputs.tf
Found 2 output stanza(s)
Parsing /tmp/EC2Workstation/Terraform/security_group.tf
Found 1 resource stanza(s)
Parsing /tmp/EC2Workstation/Terraform/providers.tf
Parsing /tmp/EC2Workstation/Terraform/variables.tf
Found 5 variable stanza(s)
Parsing /tmp/EC2Workstation/Terraform/instance.tf
Found 1 resource stanza(s)
Parsing /tmp/EC2Workstation/Terraform/vpc.tf
Found 5 resource stanza(s)
Processing variables..
Processing resources..
aws_security_group.SG_projectFirewalling
aws_instance.EC2Workstation
aws_vpc.project_vpc
aws_internet_gateway.project_internetgateway
aws_subnet.project_subnet
aws_route_table.project_route_table
aws_route_table_association.a
Checking for additional links between 7 resources..
aws_vpc.project_vpc --> aws_route_table.project_route_table
Unhandled error: <class 'TypeError'>, can only concatenate str (not "bool") to str, <traceback object at 0xffff91ddcbc0>
The Dockerfile if needed is also here (adapted from a PR):
Use the latest Ubuntu base image
FROM ubuntu:latest
Install Graphviz and other dependencies
RUN apt-get update && apt-get install -y
graphviz
git
python3-pip
python-is-python3
gnupg
software-properties-common
wget
&& wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | tee /usr/share/keyrings/hashicorp-archive-keyring.gpg > /dev/null
&& echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(. /etc/os-release && echo $VERSION_CODENAME) main" | tee /etc/apt/sources.list.d/hashicorp.list
&& apt-get update
&& apt-get install -y terraform
&& rm -rf /var/lib/apt/lists/*
Set the working directory to the Terravision directory
WORKDIR /app/
Install Terravision dependencies from requirements.txt
COPY . .
RUN pip install -r requirements.txt
Grant execution permission to the terravision script
RUN chmod +x terravision
Default command to be executed when the container starts
CMD ["./terravision", "draw", "--source", "/tmp/Project/Terraform"]
And the container is built and run with:
docker build . --platform=linux/arm64 --tag terravision:latest --no-cache
docker run -v $(pwd)/../Project/Terraform:/tmp/Project/Terraform/ -e AWS_ACCESS_KEY_ID="blah" -e AWS_SECRET_ACCESS_KEY="blah" -e AWS_SESSION_TOKEN="blah" terravision:latest