Terraform 0.12 support #731
Conversation
| TF_VAR_instance_count=10 \ | ||
| TF_VAR_tags='{"Name":"example-app"}' \ | ||
| terraform apply | ||
| ``` |
There was a problem hiding this comment.
What happens if you already have TF_VAR_instance_type="t2.large" set, with the intention of overriding what is in the inputs?
| } | ||
|
|
||
| # This now works with Terragrunt 0.19.x and newer! | ||
| foo = get_env("FOO", "default") |
There was a problem hiding this comment.
Should this be wrapped in inputs?
|
|
||
| for key, value := range asEnvVars { | ||
| terragruntOptions.Env[key] = value | ||
| } |
There was a problem hiding this comment.
So this means we can't set the env var TF_VAR_xxx outside of terragrunt to override the inputs?
| @@ -560,120 +313,57 @@ func TestResolveEnvInterpolationConfigString(t *testing.T) { | |||
| include *IncludeConfig | |||
| terragruntOptions *options.TerragruntOptions | |||
| expectedOut string | |||
| expectedErr error | |||
| expectedErr string | |||
There was a problem hiding this comment.
Just curious: Why did you switch to checking the string?
There was a problem hiding this comment.
Before, the error was returned directly from my code, so I could check it exactly. Now, the error is wrapped by the HCL2 parser, so doing an exactly equality check is harder. Therefore, I'm just doing a string contains check for the error name.
| assert.Nil(t, actualErr, "For string '%s' include %v and options %v, unexpected error: %v", testCase.str, testCase.include, testCase.terragruntOptions, actualErr) | ||
| assert.Equal(t, testCase.expectedOut, actualOut, "For string '%s' include %v and options %v", testCase.str, testCase.include, testCase.terragruntOptions) | ||
| } | ||
| testCase := testCase |
There was a problem hiding this comment.
NIT: We usually add the boilerplate comment about this being done to bring the var into the scope of the forloop.
| } | ||
|
|
||
| # Input variables to set for your Terraform module | ||
| inputs = { |
There was a problem hiding this comment.
The block vs attr distinction is a bit confusing, but either hcl2 or terraform 0.12 impose some validation on this distinction. Just wanting to clarify here that terraform and remote_state truly are blocks, where inputs truly is an attr. Meaning this would not work (with the = denoting the attr notation):
terraform = {
# ...
}
remote_state = {
# ...
}
and notionally, because those two are actually blocks, you could have several of them in the same config, somehow?
There was a problem hiding this comment.
I found the HCL2 parser was a bit weird with these. To be able to define the attributes within these terraform and remote_state, I had to make them blocks... They really should only appear once, so I wanted to make them attributes, but I got confusing errors when I did that. Maybe attributes can't have well-defined properties within? Not sure.
There was a problem hiding this comment.
Yeah, I'm frustrated with this change in hcl2 at the moment. Not sure if you've seen it already, but there is a property you can set on the schema to treat a block as an attr. The many, many PRs linked to this issue might point to a way forward to use attrs?
There was a problem hiding this comment.
There was a problem hiding this comment.
Also just found the behavior better described here, https://www.terraform.io/docs/extend/terraform-0.12-compatibility.html#computed-resource-attributes
| ```hcl | ||
| # terragrunt.hcl | ||
|
|
||
| # terraform is a block, so make sure NOT to include an equals sign |
There was a problem hiding this comment.
Groan. I see you address this here.
|
Just added a bunch of fixes:
|
|
Oh, one more fix: Looks like with the |
cli/download_source.go
Outdated
| terragruntOptions.Logger.Printf("Downloading Terraform configurations from %s into %s", terraformSource.CanonicalSourceURL, terraformSource.DownloadDir) | ||
|
|
||
| // go-getter will not download into folders that already exist, so initially, we download into a temp folder | ||
| tmpDownloadDir, err := ioutil.TempDir("", "terragrunt-download-temp") |
There was a problem hiding this comment.
Would it make sense to respect TERRAGRUNT_DOWNLOAD_DIR here? I'm thinking about issues on Windows with long filepaths, and a workaround of exporting something like TERRAGRUNT_DOWNLOAD_DIR = "C:\.terragrunt-cache". If we first download instead to TEMP, that makes the workaround ineffective...
There was a problem hiding this comment.
Ah, that's a good point. Fixed in 65741db.
cli/download_source.go
Outdated
| // Clean up the tmp folder | ||
| if err := os.RemoveAll(tmpDownloadDir); err != nil { | ||
| return errors.WithStackTrace(err) | ||
| } |
There was a problem hiding this comment.
Why not use defer here?
|
Alright, this PR is driving me bonkers with an endless yak shave. First the bugs with Digging into it, I think this is happening in the part of the code that automatically creates the S3 bucket. What's bewildering is that, as far as I can tell from the logs, the WaitUntilS3BucketExists is returning successfully, which means the S3 |
|
Any chance it might be a credential issue? Maybe temporary keys expiring at an inopportune moment? Or perhaps credential in combination with region, where the bucket is created in one region but then the versioning logic is somehow referencing another region? |
No, I don't think it's a credentials issue, as there are a bunch of tests running in parallel, all with the same credentials, and while all the tests before/during/after |
|
And of course |
|
OK, I've put in a workaround that does the S3 bucket creation/configuration in a retry loop with some sleep between retries. Tests seem to be passing consistently now. Finally merging this! |
|
This code is now available in: https://github.com/gruntwork-io/terragrunt/releases/tag/v0.19.0 |
This PR upgrades Terragrunt to work with Terraform 0.12. Key changes:
We are migrating from having the Terragrunt configuration in
terraform.tfvarstoterragrunt.hcl. This is necessary because Terraform 0.12 is more strict about what can be interraform.tfvarsfiles, and theterragrunt = { ... }configuration block we used to work is no longer allowed.The configuration in
terragrunt.hclis largely the same as what we used to have interraform.tfvars, except (a) we no longer need theterragrunt = { ... }wrapper, (b) we now use HCL2 syntax, (c) any input variables that need to be passed to the Terraform module need to be moved into aninputs = { ... }block.HCL2 brings two major benefits: (a) first-class expressions, so not everything has to be wrapped in
${...}and (b) a better parser, so we can now use Terragrunt's built-in functions anywhere interragrunt.hcl.PR progress:
Note, this PR looks huge, but the vast majority of it is renaming all the
terraform.tfvarsfiles toterragrunt.hcland updating to 0.12 syntax with first-class expressions.Fixes #466.