terragruntArchived
23 messages
Terragrunt discussions
Archive: https://archive.sweetops.com/terragrunt/
Brij Sover 5 years ago
does anyone know how one is able to run cli commands using
but I get the following error
seems its not recognizing the command 🤔
after_hook? Im trying the following after_hook "after_hook" {
commands = ["apply"]
execute = ["aws", "s3 ls"]
}but I get the following error
[terragrunt] 2020/06/01 10:03:21 Detected 1 Hooks
[terragrunt] 2020/06/01 10:03:21 Executing hook: after_hook
[terragrunt] 2020/06/01 10:03:21 Running command: aws s3 ls
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:
aws help
aws <command> help
aws <command> <subcommand> help
aws: error: argument command: Invalid choice, valid choices are:seems its not recognizing the command 🤔
lorenover 5 years ago
because you ran
aws "s3 ls" and not aws s3 ls ... after_hook "after_hook" {
commands = ["apply"]
execute = ["aws", "s3", "ls"]
}
Adrianover 5 years ago
Someone else with this issue?
https://github.com/gruntwork-io/terragrunt/issues/1035#issuecomment-638837106
https://github.com/gruntwork-io/terragrunt/issues/1035#issuecomment-638837106
muhahaover 5 years ago(edited)
Is possible to get path ( absolute ) if I am using
For example:
I need relative path like
In fact
terragrunt --terragrunt-working-dir $mydir ?For example:
Terragrunt is triggered from /tmp/ and is using --terragrunt-working-dir foo/bar/projectI need relative path like
foo/bar/projectIn fact
foo/bar/project is located in /tmp, but on other enviroments, this path may be differentAdrianover 5 years ago
Where do you put your provider settings?
also this setting?
What the best way and how do you handle this? I've created terragrunt.tf in each module with both of this settings. Is this correct way? Previously I was using hook to copy main_providers.tf
provider "aws" {
region = var.aws_region
# Make it faster by skipping something
skip_get_ec2_platforms = true
skip_metadata_api_check = true
skip_region_validation = true
skip_credentials_validation = true
}also this setting?
terraform {
backend "s3" {}
}What the best way and how do you handle this? I've created terragrunt.tf in each module with both of this settings. Is this correct way? Previously I was using hook to copy main_providers.tf
provider "aws" {
region = var.aws_region
# Make it faster by skipping something
skip_get_ec2_platforms = true
skip_metadata_api_check = true
skip_region_validation = true
skip_credentials_validation = true
}
provider "aws" {
alias = "virginia"
region = "us-east-1"
}
terraform {
backend "s3" {}
required_version = ">= 0.12.0"
}
variable "aws_region" {
type = string
default = "eu-central-1"
description = "AWS region to use for all resources"
}Adrianover 5 years ago
What’s do you think about that type of approach to put this data in input section of HCL file?
custom_task_policy_statement = [
{
actions = [
"s3:GetObject",
"s3:ListBucketVersions",
"s3:ListBucket",
"s3:GetObjectTagging",
"s3:GetBucketVersioning",
"s3:GetBucketAcl",
"s3:GetBucketCORS",
"s3:GetBucketLocation",
"s3:GetObjectVersion",
"s3:PutObject",
"s3:GetAccountPublicAccessBlock",
"s3:ListAllMyBuckets",
"s3:HeadBucket"
]
effect = "Allow"
resources = [
dependency.s3.outputs.this_s3_bucket_arn,
"${dependency.s3.outputs.this_s3_bucket_arn}/*"
]
},
{
actions = [
"kms:DescribeKey",
"kms:GenerateDataKey*",
"kms:Encrypt",
"kms:ReEncrypt*",
"kms:Decrypt"
]
effect = "Allow"
resources = [dependency.kms.outputs.key_arn]
}
]Brij Sover 5 years ago
Hey all, I was wondering if theres any way to combine tags from the child into the parent hcl? For example, I’ve got the following in the my parent hcl file
and in my child hcl file I have
any ideas 🤔
locals {
env = element(split("/", local.relative_path), 1)
base_tags = {
"accountid" = get_aws_account_id(),
"environment" = local.env,
}
}and in my child hcl file I have
locals {
# This loads base tags from parent hcl and adds additional ones
# Ideally I want to do the opposite - define some tags here, and combine
# them in the parent hcl so that we have access to the full set of tags there
# to use for s3_bucket_tags and dynamodb_table_tags
# I'm not sure if/how that's possible
# See <https://terragrunt.gruntwork.io/docs/features/locals/>
# Their solution with yaml doesn't help us because 2 of the 3 base tags are
# dynamically computed
base_config = read_terragrunt_config(find_in_parent_folders())
tags = merge(local.base_config.locals.base_tags, {
"abc" = "0123"
"dept" = "engineering"
})
}any ideas 🤔
muhahaover 5 years ago(edited)
Guys, I need help:
How can I set region in
• its not possible to set it via locals
• maybe with env_vars ?
Thanks
/project1/terragrunt.hcl file contains ( its main file ):include {
path = find_in_parent_folders("templates/aws.hcl")
}/templates/aws.hcl file contains:terraform {}
remote_state {
disable_init = tobool(get_env("TERRAGRUNT_DISABLE_INIT", "false"))
backend = "s3"
config = {
bucket = "${local.bucket}"
region = "${local.backend_region}"
key = "${get_env("PPATH")}/terraform.tfstate"
encrypt = true
dynamodb_table = "${local.dynamodb_table}"
}
}
locals {
bucket = "${get_env("bucket")}"
backend_region = "${get_env("backend_region")}"
dynamodb_table = "${get_env("dynamodb_table")}"
}
generate "provider" {
path = "provider.tf"
if_exists = "overwrite"
contents = <<EOF
provider "aws" {
version = "2.67.0"
region = ???
}
EOF
}
generate "backend" {
path = "backend.tf"
if_exists = "overwrite"
contents = <<EOF
terraform {
backend "s3" {}
}
EOFHow can I set region in
/project1/terragrunt.hc with minimum effort?• its not possible to set it via locals
• maybe with env_vars ?
Thanks
Davidover 5 years ago
Yeah, the
I would suggest using
locals block their is scoped to that terragrunt file, while the provider block inside the generate block is injected as a terraform file, so you can't directly use any locals there.I would suggest using
templatefile, and injecting in get_env("backend_region") in the region = ??? spotmuhahaover 5 years ago
templatefile ? which one? I dont follow 😕
Davidover 5 years ago
No worries! I was suggesting you use this function here: https://www.terraform.io/docs/configuration/functions/templatefile.html
So I'd add a
and then in your
The other option is to just not specify region at all in your provider, and terraform will default to the
So I'd add a
/templates/provider.tf file with contents:provider "aws" {
version = "2.67.0"
region = ${REGION}
}and then in your
/templates/aws.hcl file I would change the generate block to be:generate "provider" {
path = "provider.tf"
if_exists = "overwrite"
contents = templatefile("./provider.tf", {
REGION = get_env("backend_region")
})
}The other option is to just not specify region at all in your provider, and terraform will default to the
AWS_REGION env varmuhahaover 5 years ago
No, thats not a problem.. I dont want to preset region with ENV var, I just want pure gitops, but it should not be hardcoded in template, which is shared ...
So something like this:
So something like this:
/project1/terragrunt.hcl file contains ( its main file ):include {
path = find_in_parent_folders("templates/aws.hcl")
}
locals {
region = "eu-central-0"
}/templates/aws.hcl file contains:terraform {}
remote_state {
disable_init = tobool(get_env("TERRAGRUNT_DISABLE_INIT", "false"))
backend = "s3"
config = {
bucket = "${local.bucket}"
region = "${local.backend_region}"
key = "${get_env("PPATH")}/terraform.tfstate"
encrypt = true
dynamodb_table = "${local.dynamodb_table}"
}
}
locals {
bucket = "hardcoded"
backend_region = "hardcoded"
dynamodb_table = "hardcoded"
}
generate "provider" {
path = "provider.tf"
if_exists = "overwrite"
contents = <<EOF
provider "aws" {
version = "2.67.0"
region = ${local.region}"
}
EOF
}
generate "backend" {
path = "backend.tf"
if_exists = "overwrite"
contents = <<EOF
terraform {
backend "s3" {}
}
EOFDavidover 5 years ago
Ah, that is not possible. Terragrunt scopes locals to just the file you are working in, unfortunately. I'm not sure if there's a bug or not for it, but you can't to parent -> child or child -> parent locals through
include blocks if I remember rightmuhahaover 5 years ago
😞
lorenover 5 years ago
it feels backwards from the terragrunt paradigm to try to pass values from the child config to the parent config
lorenover 5 years ago
you can do things like define common values in a .yml file and read them with
yamldecode(), or keep them in a "common" terragrunt config and use read_terragrunt_config() ... https://terragrunt.gruntwork.io/docs/reference/built-in-functions/#read_terragrunt_configlorenover 5 years ago
i still think you have the paradigm backwards, and need to flip things around. what you are calling a "template" is what terragrunt refers to as a "parent", and the relationship works the other way around
lorenover 5 years ago
at least, for the "include" functionality
lorenover 5 years ago
i'm not really sure how to do what you want, exactly how you want it. i'm just pointing you towards the tools that might get you to an equivalent setup. but it probably requires rethinking your approach
muhahaover 5 years ago
tools?
lorenover 5 years ago(edited)
functions as tools, in this case
Tim Birkettover 5 years ago(edited)
I'm using
terragrunt heavily at the moment but one thing is eluding me... During development of modules I pin to a branch and sometimes branches of Terraform modules under that. Currently, I'm deleting the .terragrunt-cache before every apply which is a bit frustrating, is there anyway to force the changes to be pulled in rather than deleting the cached modules every time I want to apply changes? Maybe there's soe magic option I've missed, re-running an "init" doesn't pull the newest changes to a branch in either 🤔