feat: Add terragrunt_providers_lock hook
#632
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
wzooff
changed the title
terragrunt_providers_lock hookterragrunt_providers_lock hook
yermulnik
reviewed
Feb 21, 2024
hooks/terragrunt_providers_lock.sh
Outdated
There was a problem hiding this comment.
I'm also wondering whether it is worth of 1) re-using tf providers lock per-dir function from tf providers lock hook since tg provider lock just relays this to underlying terraform and hence avoid sort of code duplication and 2) (re-)implementing the same check for lockfile integrity (to check hashes for all requested platforms) as what was implemented to tf providers lock recently (https://github.com/antonbabenko/pre-commit-terraform/blob/master/hooks/terraform_providers_lock.sh#L32)? 🤔
There was a problem hiding this comment.
I also noticed that all three terragrunt hook scripts are the same file except few lines of code. Just different terragrunt commands. So room for improvement for sure.
As I know in v2.0 we'll get a bit cleaner code and hope till then @Tensho will provide feedback on actual usage
Co-authored-by: George L. Yermulnik <[email protected]>
This reverts commit 3c974c4.
|
Thank you for the rapid contribution 🙇 Can we have this feature merged and refactor all the code related to Terragrunt realms later? |
yermulnik
reviewed
Feb 22, 2024
There was a problem hiding this comment.
LGTM apart from this thread: #632 (comment)
Let's see what @MaxymVlasov will say in this regards (and maybe Max will have other comments).
|
After git clone [email protected]:wzooff/cats-dogs-infra.git
cd cats-dogs-infra/dogs/test/cluster
pre-commit install
rm .terraform.lock.hcl
git add -A
pre-commit run -aAll these errors in outputs, it's expected? [INFO] Initializing environment for https://github.com/wzooff/pre-commit-terraform.
Terragrunt providers lock................................................Failed
- hook id: terragrunt_providers_lock
- exit code: 1
ERRO[0000] Did not find any Terraform files (*.tf) in /tmp/cats-dogs-infra/cats/prod/cluster
ERRO[0000] Unable to determine underlying exit code, so Terragrunt will exit with error code 1
ERRO[0000] Did not find any Terraform files (*.tf) in /tmp/cats-dogs-infra/cats/test/storage/s3
ERRO[0000] Unable to determine underlying exit code, so Terragrunt will exit with error code 1
INFO[0000] Downloading Terraform configurations from git::ssh://[email protected]/terraform-aws-modules/terraform-aws-s3-bucket.git?ref=3.7.0 into /tmp/cats-dogs-infra/dogs-ua/test/storage/s3/.terragrunt-cache/wOb2gGSOIRhzEnVBnIOKou4IY40/9PaYfi3-KkZZxN2E0HJDpIPM9XI
- Fetching hashicorp/null 3.2.2 for darwin_arm64...
- Retrieved hashicorp/null 3.2.2 for darwin_arm64 (signed by HashiCorp)
- Fetching hashicorp/null 3.2.2 for darwin_amd64...
- Retrieved hashicorp/null 3.2.2 for darwin_amd64 (signed by HashiCorp)
- Fetching hashicorp/null 3.2.2 for linux_amd64...
ERRO[0002] downloading source url git::ssh://[email protected]/terraform-aws-modules/terraform-aws-s3-bucket.git?ref=3.7.0
1 error occurred:
* error downloading 'ssh://[email protected]/terraform-aws-modules/terraform-aws-s3-bucket.git?ref=3.7.0': /usr/bin/git exited with 1: error: pathspec '3.7.0' did not match any file(s) known to git
ERRO[0002] Unable to determine underlying exit code, so Terragrunt will exit with error code 1
- Retrieved hashicorp/null 3.2.2 for linux_amd64 (signed by HashiCorp)
- Obtained hashicorp/null checksums for darwin_arm64; This was a new provider and the checksums for this platform are now tracked in the lock file
- Obtained hashicorp/null checksums for darwin_amd64; This was a new provider and the checksums for this platform are now tracked in the lock file
- Obtained hashicorp/null checksums for linux_amd64; This was a new provider and the checksums for this platform are now tracked in the lock file
Success! Terraform has updated the lock file.
Review the changes in .terraform.lock.hcl and then commit to your
version control system to retain the new checksums.
ERRO[0000] Did not find any Terraform files (*.tf) in /tmp/cats-dogs-infra/cats/test/cluster
ERRO[0000] Unable to determine underlying exit code, so Terragrunt will exit with error code 1
ERRO[0000] Did not find any Terraform files (*.tf) in /tmp/cats-dogs-infra/dogs-ua/test/cluster
ERRO[0000] Unable to determine underlying exit code, so Terragrunt will exit with error code 1
ERRO[0000] Did not find any Terraform files (*.tf) in /tmp/cats-dogs-infra/cats/prod/storage/s3
ERRO[0000] Unable to determine underlying exit code, so Terragrunt will exit with error code 1
ERRO[0000] Did not find any Terraform files (*.tf) in /tmp/cats-dogs-infra/dogs/test/storage/s3
ERRO[0000] Unable to determine underlying exit code, so Terragrunt will exit with error code 1 |
@Tensho If you're in an urgency you can temporary point your local |
|
Okay, one of the errors comes from the invalid example module version should be But still in place➜ pre-commit run -a
Terragrunt providers lock................................................Failed
- hook id: terragrunt_providers_lock
- exit code: 1
ERRO[0000] Did not find any Terraform files (*.tf) in /tmp/cats-dogs-infra/cats/prod/cluster
ERRO[0000] Unable to determine underlying exit code, so Terragrunt will exit with error code 1
ERRO[0000] Did not find any Terraform files (*.tf) in /tmp/cats-dogs-infra/cats/test/storage/s3
ERRO[0000] Unable to determine underlying exit code, so Terragrunt will exit with error code 1
- Fetching hashicorp/null 3.2.2 for darwin_arm64...
- Fetching hashicorp/aws 5.37.0 for darwin_arm64...
- Retrieved hashicorp/null 3.2.2 for darwin_arm64 (signed by HashiCorp)
- Fetching hashicorp/null 3.2.2 for darwin_amd64...
- Retrieved hashicorp/null 3.2.2 for darwin_amd64 (signed by HashiCorp)
- Fetching hashicorp/null 3.2.2 for linux_amd64...
- Retrieved hashicorp/null 3.2.2 for linux_amd64 (signed by HashiCorp)
- Obtained hashicorp/null checksums for darwin_arm64; This was a new provider and the checksums for this platform are now tracked in the lock file
- Obtained hashicorp/null checksums for darwin_amd64; This was a new provider and the checksums for this platform are now tracked in the lock file
- Obtained hashicorp/null checksums for linux_amd64; This was a new provider and the checksums for this platform are now tracked in the lock file
Success! Terraform has updated the lock file.
Review the changes in .terraform.lock.hcl and then commit to your
version control system to retain the new checksums.
- Retrieved hashicorp/aws 5.37.0 for darwin_arm64 (signed by HashiCorp)
- Fetching hashicorp/aws 5.37.0 for darwin_amd64...
- Retrieved hashicorp/aws 5.37.0 for darwin_amd64 (signed by HashiCorp)
- Fetching hashicorp/aws 5.37.0 for linux_amd64...
- Retrieved hashicorp/aws 5.37.0 for linux_amd64 (signed by HashiCorp)
- Obtained hashicorp/aws checksums for darwin_arm64; Additional checksums for this platform are now tracked in the lock file
- Obtained hashicorp/aws checksums for darwin_amd64; Additional checksums for this platform are now tracked in the lock file
- Obtained hashicorp/aws checksums for linux_amd64; All checksums for this platform were already tracked in the lock file
Success! Terraform has updated the lock file.
Review the changes in .terraform.lock.hcl and then commit to your
version control system to retain the new checksums.
ERRO[0000] Did not find any Terraform files (*.tf) in /tmp/cats-dogs-infra/dogs-ua/test/cluster
ERRO[0000] Unable to determine underlying exit code, so Terragrunt will exit with error code 1
ERRO[0000] Did not find any Terraform files (*.tf) in /tmp/cats-dogs-infra/cats/test/cluster
ERRO[0000] Unable to determine underlying exit code, so Terragrunt will exit with error code 1
ERRO[0000] Did not find any Terraform files (*.tf) in /tmp/cats-dogs-infra/dogs/test/storage/s3
ERRO[0000] Unable to determine underlying exit code, so Terragrunt will exit with error code 1
ERRO[0000] Did not find any Terraform files (*.tf) in /tmp/cats-dogs-infra/cats/prod/storage/s3
ERRO[0000] Unable to determine underlying exit code, so Terragrunt will exit with error code 1When it should looks like ➜ terragrunt run-all providers lock
INFO[0000] The stack at /tmp/cats-dogs-infra will be processed in the following order for command providers:
Group 1
- Module /tmp/cats-dogs-infra/dogs-ua/test/storage/s3
- Module /tmp/cats-dogs-infra/dogs/test/cluster
INFO[0000] Downloading Terraform configurations from git::ssh://[email protected]/terraform-aws-modules/terraform-aws-s3-bucket.git?ref=v3.7.0 into /tmp/cats-dogs-infra/dogs-ua/test/storage/s3/.terragrunt-cache/wOb2gGSOIRhzEnVBnIOKou4IY40/9PaYfi3-KkZZxN2E0HJDpIPM9XI prefix=[/tmp/cats-dogs-infra/dogs-ua/test/storage/s3]
- Fetching hashicorp/null 3.2.2 for linux_amd64...
- Retrieved hashicorp/null 3.2.2 for linux_amd64 (signed by HashiCorp)
- Obtained hashicorp/null checksums for linux_amd64; All checksums for this platform were already tracked in the lock file
Success! Terraform has validated the lock file and found no need for changes.
- Fetching hashicorp/aws 5.37.0 for linux_amd64...
- Retrieved hashicorp/aws 5.37.0 for linux_amd64 (signed by HashiCorp)
- Obtained hashicorp/aws checksums for linux_amd64; All checksums for this platform were already tracked in the lock file
Success! Terraform has validated the lock file and found no need for changes. |
|
You can test it locally without committing changes by # run inside cats-dogs-infra/
/usr/bin/bash <path-to-wzoof-repo>/hooks/terragrunt_providers_lock.sh dogs-ua/test/cluster/. |
|
I'm afraid that this repo not ready for running hooks in all folders :) coz there a lot of modules that require proper aws creds. It's for playing with gha |
|
@MaxymVlasov try now. I've made all modules dummy in the repo My results➜ cats-dogs-infra git:(main) ✗ pre-commit run --all-files
Terragrunt providers lock................................................Passed
➜ cats-dogs-infra git:(main) ✗ git status
On branch main
Your branch is up to date with 'origin/main'.
Untracked files:
(use "git add <file>..." to include in what will be committed)
cats/prod/cluster/.terraform.lock.hcl
cats/prod/storage/s3/.terraform.lock.hcl
cats/test/cluster/.terraform.lock.hcl
cats/test/storage/s3/.terraform.lock.hcl
dogs-ua/test/cluster/.terraform.lock.hcl
dogs-ua/test/storage/s3/.terraform.lock.hcl
dogs/test/storage/s3/.terraform.lock.hcl
nothing added to commit but untracked files present (use "git add" to track)➜ cats-dogs-infra git:(main) ✗ terragrunt run-all providers lock
INFO[0000] The stack at /Users/wzooff/projects/cats-dogs-infra will be processed in the following order for command providers:
Group 1
- Module /Users/wzooff/projects/cats-dogs-infra/cats/prod/cluster
- Module /Users/wzooff/projects/cats-dogs-infra/cats/prod/storage/s3
- Module /Users/wzooff/projects/cats-dogs-infra/cats/test/cluster
- Module /Users/wzooff/projects/cats-dogs-infra/cats/test/storage/s3
- Module /Users/wzooff/projects/cats-dogs-infra/dogs-ua/test/cluster
- Module /Users/wzooff/projects/cats-dogs-infra/dogs-ua/test/storage/s3
- Module /Users/wzooff/projects/cats-dogs-infra/dogs/test/cluster
- Module /Users/wzooff/projects/cats-dogs-infra/dogs/test/storage/s3
- Fetching hashicorp/null 3.2.2 for darwin_arm64...
- Fetching hashicorp/null 3.2.2 for darwin_arm64...
- Fetching hashicorp/null 3.2.2 for darwin_arm64...
- Fetching hashicorp/null 3.2.2 for darwin_arm64...
- Fetching hashicorp/null 3.2.2 for darwin_arm64...
- Fetching hashicorp/null 3.2.2 for darwin_arm64...
- Fetching hashicorp/null 3.2.2 for darwin_arm64...
- Fetching hashicorp/null 3.2.2 for darwin_arm64...
- Retrieved hashicorp/null 3.2.2 for darwin_arm64 (signed by HashiCorp)
- Obtained hashicorp/null checksums for darwin_arm64; All checksums for this platform were already tracked in the lock file
Success! Terraform has validated the lock file and found no need for changes.
- Retrieved hashicorp/null 3.2.2 for darwin_arm64 (signed by HashiCorp)
- Obtained hashicorp/null checksums for darwin_arm64; All checksums for this platform were already tracked in the lock file
Success! Terraform has validated the lock file and found no need for changes.
- Retrieved hashicorp/null 3.2.2 for darwin_arm64 (signed by HashiCorp)
- Obtained hashicorp/null checksums for darwin_arm64; All checksums for this platform were already tracked in the lock file
Success! Terraform has validated the lock file and found no need for changes.
- Retrieved hashicorp/null 3.2.2 for darwin_arm64 (signed by HashiCorp)
- Obtained hashicorp/null checksums for darwin_arm64; All checksums for this platform were already tracked in the lock file
Success! Terraform has validated the lock file and found no need for changes.
- Retrieved hashicorp/null 3.2.2 for darwin_arm64 (signed by HashiCorp)
- Obtained hashicorp/null checksums for darwin_arm64; All checksums for this platform were already tracked in the lock file
Success! Terraform has validated the lock file and found no need for changes.
- Retrieved hashicorp/null 3.2.2 for darwin_arm64 (signed by HashiCorp)
- Obtained hashicorp/null checksums for darwin_arm64; All checksums for this platform were already tracked in the lock file
Success! Terraform has validated the lock file and found no need for changes.
- Retrieved hashicorp/null 3.2.2 for darwin_arm64 (signed by HashiCorp)
- Obtained hashicorp/null checksums for darwin_arm64; All checksums for this platform were already tracked in the lock file
Success! Terraform has validated the lock file and found no need for changes.
- Retrieved hashicorp/null 3.2.2 for darwin_arm64 (signed by HashiCorp)
- Obtained hashicorp/null checksums for darwin_arm64; All checksums for this platform were already tracked in the lock file
Success! Terraform has validated the lock file and found no need for changes. |
MaxymVlasov
approved these changes
Feb 22, 2024
MaxymVlasov
reviewed
Feb 22, 2024
antonbabenko
pushed a commit
that referenced
this pull request
Feb 22, 2024
# [1.88.0](v1.87.1...v1.88.0) (2024-02-22) ### Features * Add `terragrunt_providers_lock` hook ([#632](#632)) ([77940fd](77940fd))
|
This PR is included in version 1.88.0 🎉 |
MaxymVlasov
added this to the Features implementing and cleanup without breaking changes milestone
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Put an
xinto the box if that apply:Description of your changes
Add hook that generates
.terrafrom.lock.hclusing theterragrunt providers lockcommandFixes #630
How can we test changes
Clone dummy repo
Hook pointed to the latest commit in this PR
You can
.terraform.lock.hlcfile and try to commitmodules/dummy/main.tfand set required version fornullto3.2.2and then editdogs/test/cluster/terragrunt.hclname attribute (simulates version bump for module)All above will trigger lock file regeneration.