Support for updating local modules when using Terragrunt

Question

Support for updating local modules when using Terragrunt

Closed this issue 6 days ago · 9 comments

Feature Overview

Currently, the system supports updating local modules when using Terraform, but it does not support updating local modules when using Terragrunt.

Why is the feature needed?

When updating local modules in Terragrunt, the changes are not detected, and the plan is not triggered.

Example Code

No response

Note

Alternatively, enabling the ability to configure dependencies on directories or files related to the target could provide a viable alternative solution.

tfaction-root.yaml

  - working_directory: foo/bar
    target: foo/bar
    extra_dependencies:
      - modules

Answer 1 · 2024-12-24T12:36:56.000Z

Thank you for reporting the issue.
I'll try to reproduce the issue.

Alternatively, enabling the ability to configure dependencies on directories or files related to the target could provide a viable alternative solution.

I think this issue is related.

#1721

Answer 2 · 2024-12-25T23:29:27.000Z

I see.

tfaction uses terraform-config-inspect to detect dependencies.

https://suzuki-shunsuke.github.io/tfaction/docs/feature/local-path-module/

But this tool can't resolve dependencies defined by Terragrunt.

https://github.com/suzuki-shunsuke/test-tfaction/blob/4de137787a1a242c27b20417908dda225a131c9c/terragrunt/terragrunt.hcl#L1-L3

terragrunt.hcl

terraform {
  source = "../module"
}

terraform-config-inspect --json terragrunt

Output:

{
  "path": "terragrunt",
  "variables": {},
  "outputs": {},
  "required_providers": {},
  "managed_resources": {},
  "data_resources": {},
  "module_calls": {}
}

Answer 3 · 2024-12-28T00:51:34.000Z

@suzuki-shunsuke Thank you for your investigation. I found that Terragrunt provides a useful command called render-json:
https://terragrunt.gruntwork.io/docs/reference/cli-options/#render-json
By using this command, we can get detailed JSON output. Here's an example:

terragrunt render-json --terragrunt-json-out /dev/stdout | jq

{
  "dependencies": null,
  "download_dir": "",
  "generate": {},
  "iam_assume_role_duration": null,
  "iam_assume_role_session_name": "",
  "iam_role": "",
  "iam_web_identity_token": "",
  "inputs": null,
  "locals": null,
  "retry_max_attempts": null,
  "retry_sleep_interval_sec": null,
  "retryable_errors": null,
  "terraform": {
    "after_hook": {},
    "before_hook": {},
    "copy_terraform_lock_file": null,
    "error_hook": {},
    "extra_arguments": {},
    "include_in_copy": null,
    "source": "../module"
  },
  "terraform_binary": "",
  "terraform_version_constraint": "",
  "terragrunt_version_constraint": ""
}

Since the JSON output includes the source of the dependent module, this might be a viable solution.

Answer 4 · 2024-12-28T02:11:49.000Z

Cool. Thank you for your suggestion!

Answer 5 · 2025-01-02T10:21:20.000Z

Could you try v1.15.0-0?

Answer 6 · 2025-01-02T12:26:53.000Z

@suzuki-shunsuke I tried with v1.15.0-0 and found an adjustment was necessary:

Environment Variables for Terragrunt Execution
- I needed to set specific environment variables during the list-target action execution.
  - In my case, since I handle SOPS files using the sops_decrypt_file function, I had to export the key to decrypt.

After making this adjustment, the detection of local module changes worked as expected!

Answer 7 · 2025-01-03T02:25:38.000Z

Thank you for your feedback. Interesting.
I have no idea to improve tfaction to handle such a case.
You could solve the problem yourself, so seems like we don't need to do something, but if you have any idea please open a new issue.

Anyway, I think v1.15.0-0 works well, so I'm going to release v1.15.0.

Answer 8 · 2025-01-03T02:30:48.000Z

🎉 https://github.com/suzuki-shunsuke/tfaction/releases/tag/v1.15.0

Answer 9 · 2025-01-03T02:37:04.000Z

@suzuki-shunsuke I’ll take some time to think about whether there’s a better way to handle cases like this. Thanks for your work on this!