#terragrunt (2022-06)
Terragrunt discussions
Archive: https://archive.sweetops.com/terragrunt/
2022-06-03
How to migrate to Terraform cloud with Terragrunt Code base (and S3 bucket is backend)?
There must be some work around/guide. Anyone would like to point?
2022-06-06
Is there a way to preserve project names in atlantis.yaml file when using terragrunt-atlantis-config ?
Terragrunt is creating atlantis.yaml file as below. I would like to append name: staging
- autoplan:
enabled: true
when_modified:
- '*.hcl'
- '*.tf*'
- ../terragrunt.hcl
- ../terraform.tfvars
- private.tfvars
dir: staging/monitoring
workflow: default
Does the --create-project-name flag do what you’re thinking? The name field would be autogenerated from the project directory like: https://github.com/transcend-io/terragrunt-atlantis-config/blob/c3df0de38c4b024809d85a3a30e6c35c284aa399/cmd/generate.go#L420-L424
@David I have pre-workflow_hook as this
- run: "/usr/local/bin/terragrunt-atlantis-config generate --output atlantis.yaml --autoplan --parallel --create-project-name" It looks like it is not creating name in the atlantis.yaml file!
what version of terragrunt-atlatis-config are you using?
2022-06-10
2022-06-16
I was reading this blog post about using TFC and Terragrunt, and it contains an invalid link that I can’t really find anymore
We have all the details you need to configure Terragrunt with TFC and TFE in the guide, including details on how to configure the remote backend, how to send variable inputs to TFC, and more.
^^^ above link does not work, I feel I’m missing some important configuration as when I run terragrunt plan the plan in TFC does not contain value of my variables, before adding the remote configuration terragrunt was able to pass the values without issues
Anyone knows where is this guide now?
I believe it is maybe this page? https://docs.gruntwork.io/guides/working-with-code/tfc-integration/
ohh, that one might be, thanks @loren will take a look does this also solve your query @Amit Karpe?
yes
Thanks @loren
2022-06-24
I have Terragrunt integration with Atlantis. I have a common variable that I want to pulldown during atlantis plan When running terragrunt plan I can see that it is getting the value of the variable. However terraform plan is not getting the variable value (which make sense). What is the best way to get this common variable value during atlantis plan?
terragrunt.hcl
locals {
common_vars = read_terragrunt_config("../../_globalenv/common_variables.hcl")
}
include root {
path = find_in_parent_folders()
}
inputs = {
platform_ips = local.common_vars.locals.platform_ips
}
@David appreciate if you can shed some light on this as I’m using terragrunt-atlantis-config
2022-06-29
Is it possible to run a before/after hook only once instead of running it for each terragrunt config files when running run-all plan? Ex: AWS authentication is running multiple times
Using IDP Account staging to access OneLogin <https://api.us.onelogin.com>
Using IDP Account staging to access OneLogin <https://api.us.onelogin.com>
Using IDP Account staging to access OneLogin <https://api.us.onelogin.com>
Using IDP Account staging to access OneLogin <https://api.us.onelogin.com>
personally i wouldn’t put authentication in a hook. just do it first, before terragrunt
but i don’t know how to do what you actually asked. maybe change the hook to test if credentials are present. the hook still runs, but the test keeps it from doing the thing twice
What is the drawback for putting auth in a hook?
there are lots of ways to authenticate! running on ec2, or codebuild, or batch, etc, could be using a service role instead
i usually rely on the .aws/config to manage the authentication
My use case is, running terragrunt on workstation
yeah, so put the authentication in your ~/.aws/config, using credential_process
That doesn’t work for us. We need to authenticate with SSO which is short lived
that’s exactly what credential_process is for
i use okta, and aws-okta-processor:
[profile terraform]
region = us-east-1
credential_process = aws-okta-processor authenticate --user <me> --organization <org> --application <app> --role <arn>
ok, let me take a look at that
i assume you are using OneLogin for SSO, based on the message you posted, and it must also have a similar cli tool for you to run it in a terragrunt hook. so seems like a good candidate for credential_process instead