core: protect against count.index in modules

Modules should get a validation error just like outputs do.

refs #1528

config/config.go

@@ -290,6 +290,14 @@ func (c *Config) Validate() error {
 			raw[k] = strVal
 		}
 
+		// Check for invalid count variables
+		for _, v := range m.RawConfig.Variables {
+			if _, ok := v.(*CountVariable); ok {
+				errs = append(errs, fmt.Errorf(
+					"%s: count variables are only valid within resources", m.Name))
+			}
+		}
+
 		// Update the raw configuration to only contain the string values
 		m.RawConfig, err = NewRawConfig(raw)
 		if err != nil {

config/config_test.go

@@ -63,10 +63,17 @@ func TestConfigValidate_countInt(t *testing.T) {
 
 func TestConfigValidate_countBadContext(t *testing.T) {
 	c := testConfig(t, "validate-count-bad-context")
-	expected := "count variables are only valid within resources"
+
 	err := c.Validate()
-	if !strings.Contains(err.Error(), expected) {
-		t.Fatalf("expected: %q,\nto contain: %q", err, expected)
+
+	expected := []string{
+		"no_count_in_output: count variables are only valid within resources",
+		"no_count_in_module: count variables are only valid within resources",
+	}
+	for _, exp := range expected {
+		if !strings.Contains(err.Error(), exp) {
+			t.Fatalf("expected: %q,\nto contain: %q", err, exp)
+		}
 	}
 }
 

config/test-fixtures/validate-count-bad-context/main.tf

@@ -1,6 +1,11 @@
 resource "aws_instance" "foo" {
 }
 
-output "notgood" {
+output "no_count_in_output" {
   value = "${count.index}"
 }
+
+module "no_count_in_module" {
+  source = "./child"
+  somevar = "${count.index}"
+}