terragrunt

terragrunt documentation

Version in MegaLinter: 0.48.4
Visit Official Web Site
See How to configure terragrunt rules

Configuration in MegaLinter

Enable terragrunt by adding TERRAFORM_TERRAGRUNT in ENABLE_LINTERS variable
Disable terragrunt by adding TERRAFORM_TERRAGRUNT in DISABLE_LINTERS variable

Enable autofixes by adding TERRAFORM_TERRAGRUNT in APPLY_FIXES variable

Variable	Description	Default value
TERRAFORM_TERRAGRUNT_ARGUMENTS	User custom arguments to add in linter CLI call Ex: `-s --foo "bar"`
TERRAFORM_TERRAGRUNT_FILTER_REGEX_INCLUDE	Custom regex including filter Ex: `(src\\|lib)`	Include every file
TERRAFORM_TERRAGRUNT_FILTER_REGEX_EXCLUDE	Custom regex excluding filter Ex: `(test\\|examples)`	Exclude no file
TERRAFORM_TERRAGRUNT_CLI_LINT_MODE	Override default CLI lint mode - `file`: Calls the linter for each file - `project`: Call the linter from the root of the project	`file`
TERRAFORM_TERRAGRUNT_FILE_EXTENSIONS	Allowed file extensions. `"*"` matches any extension, `""` matches empty extension. Empty list excludes all files Ex: `[".py", ""]`	`[".hcl"]`
TERRAFORM_TERRAGRUNT_FILE_NAMES_REGEX	File name regex filters. Regular expression list for filtering files by their base names using regex full match. Empty list includes all files Ex: `["Dockerfile(-.+)?", "Jenkinsfile"]`	Include every file
TERRAFORM_TERRAGRUNT_PRE_COMMANDS	List of bash commands to run before the linter	None
TERRAFORM_TERRAGRUNT_POST_COMMANDS	List of bash commands to run after the linter	None
TERRAFORM_TERRAGRUNT_UNSECURED_ENV_VARIABLES	List of env variables explicitly not filtered before calling TERRAFORM_TERRAGRUNT and its pre/post commands	None
TERRAFORM_TERRAGRUNT_CONFIG_FILE	terragrunt configuration file nameUse `LINTER_DEFAULT` to let the linter find it	`terragrunt.hcl`
TERRAFORM_TERRAGRUNT_RULES_PATH	Path where to find linter configuration file	Workspace folder, then MegaLinter default rules
TERRAFORM_TERRAGRUNT_DISABLE_ERRORS	Run linter but consider errors as warnings	`false`
TERRAFORM_TERRAGRUNT_DISABLE_ERRORS_IF_LESS_THAN	Maximum number of errors allowed	`0`
TERRAFORM_TERRAGRUNT_CLI_EXECUTABLE	Override CLI executable	`['terragrunt']`

MegaLinter Flavours

This linter is available in the following flavours

Flavor	Description	Embedded linters
all	Default MegaLinter Flavor	117
cupcake	MegaLinter for the most commonly used languages	85
security	Optimized for security	24
terraform	Optimized for TERRAFORM based projects	55

Behind the scenes

How are identified applicable files

File extensions: .hcl
File name don't ends with: .tflint.hcl

How the linting is performed

terragrunt is called one time by identified file (file CLI lint mode)

Example calls

terragrunt hclfmt --terragrunt-check --terragrunt-hclfmt-file myfile.hcl

terragrunt hclfmt --terragrunt-check --terragrunt-config terragrunt.hcl --terragrunt-hclfmt-file myfile.hcl

Help content

DESCRIPTION:
   terragrunt - Terragrunt is a thin wrapper for Terraform that provides extra tools for working with multiple
   Terraform modules, remote state, and locking. For documentation, see https://github.com/gruntwork-io/terragrunt/.

USAGE:
   terragrunt <COMMAND> [GLOBAL OPTIONS]

COMMANDS:
   run-all               Run a terraform command against a 'stack' by running the specified command in each subfolder. E.g., to run 'terragrunt apply' in each subfolder, use 'terragrunt run-all apply'.
   terragrunt-info       Emits limited terragrunt state on stdout and exits
   validate-inputs       Checks if the terragrunt configured inputs align with the terraform defined variables.
   graph-dependencies    Prints the terragrunt dependency graph to stdout
   hclfmt                Recursively find hcl files and rewrite them into a canonical format.
   aws-provider-patch    Overwrite settings on nested AWS providers to work around a Terraform bug (issue #13018)
   render-json           Render the final terragrunt config, with all variables, includes, and functions resolved, as json. This is useful for enforcing policies using static analysis tools like Open Policy Agent, or for debugging your terragrunt config.
   *                     Terragrunt forwards all other commands directly to Terraform

GLOBAL OPTIONS:
   terragrunt-config                            Path to the Terragrunt config file. Default is terragrunt.hcl.
   terragrunt-tfpath                            Path to the Terraform binary. Default is terraform (on PATH).
   terragrunt-no-auto-init                      Don't automatically run 'terraform init' during other terragrunt commands. You must run 'terragrunt init' manually.
   terragrunt-no-auto-retry                     Don't automatically re-run command in case of transient errors.
   terragrunt-non-interactive                   Assume "yes" for all prompts.
   terragrunt-working-dir                       The path to the Terraform templates. Default is current directory.
   terragrunt-download-dir                      The path where to download Terraform code. Default is .terragrunt-cache in the working directory.
   terragrunt-source                            Download Terraform configurations from the specified source into a temporary folder, and run Terraform in that temporary folder.
   terragrunt-source-update                     Delete the contents of the temporary folder to clear out any old, cached source code before downloading new source code into it.
   terragrunt-iam-role                          Assume the specified IAM role before executing Terraform. Can also be set via the TERRAGRUNT_IAM_ROLE environment variable.
   terragrunt-iam-assume-role-duration          Session duration for IAM Assume Role session. Can also be set via the TERRAGRUNT_IAM_ASSUME_ROLE_DURATION environment variable.
   terragrunt-iam-assume-role-session-name      Name for the IAM Assummed Role session. Can also be set via TERRAGRUNT_IAM_ASSUME_ROLE_SESSION_NAME environment variable.
   terragrunt-ignore-dependency-errors          *-all commands continue processing components even if a dependency fails.
   terragrunt-ignore-dependency-order           *-all commands will be run disregarding the dependencies
   terragrunt-ignore-external-dependencies      *-all commands will not attempt to include external dependencies
   terragrunt-include-external-dependencies     *-all commands will include external dependencies
   terragrunt-parallelism <N>                   *-all commands parallelism set to at most N modules
   terragrunt-exclude-dir                       Unix-style glob of directories to exclude when running *-all commands
   terragrunt-include-dir                       Unix-style glob of directories to include when running *-all commands
   terragrunt-check                             Enable check mode in the hclfmt command.
   terragrunt-hclfmt-file                       The path to a single hcl file that the hclfmt command should run on.
   terragrunt-override-attr                     A key=value attribute to override in a provider block as part of the aws-provider-patch command. May be specified multiple times.
   terragrunt-debug                             Write terragrunt-debug.tfvars to working folder to help root-cause issues.
   terragrunt-log-level                         Sets the logging level for Terragrunt. Supported levels: panic, fatal, error, warn (default), info, debug, trace.
   terragrunt-strict-validate                   Sets strict mode for the validate-inputs command. By default, strict mode is off. When this flag is passed, strict mode is turned on. When strict mode is turned off, the validate-inputs command will only return an error if required inputs are missing from all input sources (env vars, var files, etc). When strict mode is turned on, an error will be returned if required inputs are missing OR if unused variables are passed to Terragrunt.
   terragrunt-json-out                          The file path that terragrunt should use when rendering the terragrunt.hcl config as json. Only used in the render-json command. Defaults to terragrunt_rendered.json.
   terragrunt-use-partial-parse-config-cache    Enables caching of includes during partial parsing operations. Will also be used for the --terragrunt-iam-role option if provided.
   terragrunt-include-module-prefix             When this flag is set output from Terraform sub-commands is prefixed with module path.
   terragrunt-fail-on-state-bucket-creation     When this flag is set Terragrunt will fail if the remote state bucket needs to be created.
   terragrunt-disable-bucket-update             When this flag is set Terragrunt will not update the remote state bucket.

VERSION:
   v0.48.4

AUTHOR(S):
   Gruntwork <www.gruntwork.io>

Installation on mega-linter Docker image

Dockerfile commands :

FROM alpine/terragrunt:latest as terragrunt
COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/