/n9-terragrunt-action

A GitHub Action for installing and running Terragrunt

Primary LanguageGoApache License 2.0Apache-2.0

terragrunt-action

A GitHub Action for installing and running Terragrunt

Inputs

Supported GitHub action inputs:

Input Name Description Required Example values
tf_version Terraform version to be used in Action execution true if tofu_version is not supplied 1.4.6
tofu_version OpenTofu version to be used in Action execution true if tf_version is not supplied 1.6.0
tg_version Terragrunt version to be user in Action execution true 0.50.8
tg_dir Directory in which Terragrunt will be invoked true work
tg_command Terragrunt command to execute true plan/apply
tg_comment Add comment to Pull request with execution output false 0/1
tg_add_approve Automatically add "-auto-approve" to commands, enabled by default false 0/1

Environment Variables

Supported environment variables:

Input Name Description
GITHUB_TOKEN GitHub token used to add comment to Pull request
TF_LOG Log level for Terraform
TF_VAR_name Define custom variable name as inputs
INPUT_PRE_EXEC_number Environment variable is utilized to provide custom commands that will be executed before running Terragrunt
INPUT_POST_EXEC_number Environment variable is utilized to provide custom commands that will be executed after running Terragrunt

Outputs

Outputs of GitHub action:

Input Name Description
tg_action_exit_code Terragrunt exit code
tg_action_output Terragrunt output as plain text

Usage

Example definition of Github Action workflow:

name: 'Terragrunt GitHub Actions'
on:
  - pull_request

env:
  tf_version: '1.5.7'
  tg_version: '0.53.2'
  working_dir: 'project'

jobs:
  checks:
    runs-on: ubuntu-latest
    steps:
      - name: 'Checkout'
        uses: actions/checkout@main

      - name: Check terragrunt HCL
        uses: gruntwork-io/terragrunt-action@v2
        with:
          tf_version: ${{ env.tf_version }}
          tg_version: ${{ env.tg_version }}
          tg_dir: ${{ env.working_dir }}
          tg_command: 'hclfmt --terragrunt-check --terragrunt-diff'

  plan:
    runs-on: ubuntu-latest
    needs: [ checks ]
    steps:
      - name: 'Checkout'
        uses: actions/checkout@main

      - name: Plan
        uses: gruntwork-io/terragrunt-action@v2
        with:
          tf_version: ${{ env.tf_version }}
          tg_version: ${{ env.tg_version }}
          tg_dir: ${{ env.working_dir }}
          tg_command: 'plan'

  deploy:
    runs-on: ubuntu-latest
    needs: [ plan ]
    environment: 'prod'
    if: github.ref == 'refs/heads/main'
    steps:
      - name: 'Checkout'
        uses: actions/checkout@main

      - name: Deploy
        uses: gruntwork-io/terragrunt-action@v2
        with:
          tf_version: ${{ env.tf_version }}
          tg_version: ${{ env.tg_version }}
          tg_dir: ${{ env.working_dir }}
          tg_command: 'apply'

Example of passing custom code before running Terragrunt:

...
- name: Plan
  uses: gruntwork-io/terragrunt-action@v2
  env:
    # configure git to use custom token to clone repository.
    INPUT_PRE_EXEC_1: |
      git config --global url."https://user:${{secrets.PAT_TOKEN}}@github.com".insteadOf "https://github.com"
    # print git configuration
    INPUT_PRE_EXEC_2: |
      git config --global --list
  with:
    tg_command: 'plan'
...

Example of using GitHub cache for Terraform plugins (providers):

...
env:
  tf_version: 1.5.7
  tg_version: 0.53.2
  working_dir: project
  TF_PLUGIN_CACHE_DIR: ${{ github.workspace }}/.terraform.d/plugin-cache

jobs:
  plan:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@main

      - name: Create Terraform Plugin Cache Dir
        run: mkdir -p $TF_PLUGIN_CACHE_DIR

      - name: Terraform Plugin Cache
        uses: actions/cache@v4.0.1
        with:
          path: ${{ env.TF_PLUGIN_CACHE_DIR }}
          key: ${{ runner.os }}-terraform-plugin-cache-${{ hashFiles('**/.terraform.lock.hcl') }}

      - name: Plan
        uses: gruntwork-io/terragrunt-action@v2
        env:
          TF_PLUGIN_CACHE_DIR: /github/workspace/.terraform.d/plugin-cache
        with:
          tf_version: ${{ env.tf_version }}
          tg_version: ${{ env.tg_version }}
          tg_dir: ${{ env.working_dir }}
          tg_command: plan
...