terragrunt
terragrunt documentation
- Version in MegaLinter: 0.53.0
- Visit Official Web Site
- See How to configure terragrunt rules
Configuration in MegaLinter
- Enable terragrunt by adding
TERRAFORM_TERRAGRUNT
in ENABLE_LINTERS variable - Disable terragrunt by adding
TERRAFORM_TERRAGRUNT
in DISABLE_LINTERS variable
- Enable autofixes by adding
TERRAFORM_TERRAGRUNT
in APPLY_FIXES variable
Variable | Description | Default value |
---|---|---|
TERRAFORM_TERRAGRUNT_ARGUMENTS | User custom arguments to add in linter CLI call Ex: -s --foo "bar" |
|
TERRAFORM_TERRAGRUNT_COMMAND_REMOVE_ARGUMENTS | User custom arguments to remove from command line before calling the linter Ex: -s --foo "bar" |
|
TERRAFORM_TERRAGRUNT_FILTER_REGEX_INCLUDE | Custom regex including filter Ex: (src\|lib) |
Include every file |
TERRAFORM_TERRAGRUNT_FILTER_REGEX_EXCLUDE | Custom regex excluding filter Ex: (test\|examples) |
Exclude no file |
TERRAFORM_TERRAGRUNT_CLI_LINT_MODE | Override default CLI lint mode - file : Calls the linter for each file- project : Call the linter from the root of the project |
file |
TERRAFORM_TERRAGRUNT_FILE_EXTENSIONS | Allowed file extensions. "*" matches any extension, "" matches empty extension. Empty list excludes all filesEx: [".py", ""] |
[".hcl"] |
TERRAFORM_TERRAGRUNT_FILE_NAMES_REGEX | File name regex filters. Regular expression list for filtering files by their base names using regex full match. Empty list includes all files Ex: ["Dockerfile(-.+)?", "Jenkinsfile"] |
Include every file |
TERRAFORM_TERRAGRUNT_PRE_COMMANDS | List of bash commands to run before the linter | None |
TERRAFORM_TERRAGRUNT_POST_COMMANDS | List of bash commands to run after the linter | None |
TERRAFORM_TERRAGRUNT_UNSECURED_ENV_VARIABLES | List of env variables explicitly not filtered before calling TERRAFORM_TERRAGRUNT and its pre/post commands | None |
TERRAFORM_TERRAGRUNT_CONFIG_FILE | terragrunt configuration file nameUse LINTER_DEFAULT to let the linter find it |
terragrunt.hcl |
TERRAFORM_TERRAGRUNT_RULES_PATH | Path where to find linter configuration file | Workspace folder, then MegaLinter default rules |
TERRAFORM_TERRAGRUNT_DISABLE_ERRORS | Run linter but consider errors as warnings | false |
TERRAFORM_TERRAGRUNT_DISABLE_ERRORS_IF_LESS_THAN | Maximum number of errors allowed | 0 |
TERRAFORM_TERRAGRUNT_CLI_EXECUTABLE | Override CLI executable | ['terragrunt'] |
MegaLinter Flavours
This linter is available in the following flavours
Flavor | Description | Embedded linters | Info | |
---|---|---|---|---|
all | Default MegaLinter Flavor | 117 | ||
cupcake | MegaLinter for the most commonly used languages | 85 | ||
security | Optimized for security | 24 | ||
terraform | Optimized for TERRAFORM based projects | 55 |
Behind the scenes
How are identified applicable files
- File extensions:
.hcl
- File name don't ends with:
.tflint.hcl
How the linting is performed
- terragrunt is called one time by identified file (
file
CLI lint mode)
Example calls
terragrunt hclfmt --terragrunt-check --terragrunt-hclfmt-file myfile.hcl
terragrunt hclfmt --terragrunt-check --terragrunt-config terragrunt.hcl --terragrunt-hclfmt-file myfile.hcl
Help content
NAME:
terragrunt - Terragrunt is a thin wrapper for Terraform that provides extra tools for working with multiple
Terraform modules, remote state, and locking. For documentation, see https://github.com/gruntwork-io/terragrunt/.
USAGE:
terragrunt <command> [options]
COMMANDS:
aws-provider-patch Overwrite settings on nested AWS providers to work around a Terraform bug (issue #13018).
graph-dependencies Prints the terragrunt dependency graph to stdout.
hclfmt Recursively find hcl files and rewrite them into a canonical format.
output-module-groups Output groups of modules ordered by command (apply or destroy) as a list of list in JSON (useful for CI use cases).
render-json Render the final terragrunt config, with all variables, includes, and functions resolved, as json.
run-all Run a terraform command against a 'stack' by running the specified command in each subfolder.
terragrunt-info Emits limited terragrunt state on stdout and exits.
validate-inputs Checks if the terragrunt configured inputs align with the terraform defined variables.
* Terragrunt forwards all other commands directly to Terraform
GLOBAL OPTIONS:
--terragrunt-config value The path to the Terragrunt config file. Default is terragrunt.hcl. [$TERRAGRUNT_CONFIG]
--terragrunt-debug Write terragrunt-debug.tfvars to working folder to help root-cause issues. [$TERRAGRUNT_DEBUG]
--terragrunt-disable-bucket-update When this flag is set Terragrunt will not update the remote state bucket. [$TERRAGRUNT_DISABLE_BUCKET_UPDATE]
--terragrunt-disable-command-validation When this flag is set, Terragrunt will not validate the terraform command. [$TERRAGRUNT_DISABLE_COMMAND_VALIDATION]
--terragrunt-download-dir value The path where to download Terraform code. Default is .terragrunt-cache in the working directory. [$TERRAGRUNT_DOWNLOAD]
--terragrunt-exclude-dir value Unix-style glob of directories to exclude when running *-all commands. [$TERRAGRUNT_EXCLUDE_DIR]
--terragrunt-fail-on-state-bucket-creation When this flag is set Terragrunt will fail if the remote state bucket needs to be created. [$TERRAGRUNT_FAIL_ON_STATE_BUCKET_CREATION]
--terragrunt-fetch-dependency-output-from-state The option fetchs dependency output directly from the state file instead of init dependencies and running terraform on them. [$TERRAGRUNT_FETCH_DEPENDENCY_OUTPUT_FROM_STATE]
--terragrunt-iam-assume-role-duration value Session duration for IAM Assume Role session. Can also be set via the TERRAGRUNT_IAM_ASSUME_ROLE_DURATION environment variable. [$TERRAGRUNT_IAM_ASSUME_ROLE_DURATION]
--terragrunt-iam-assume-role-session-name value Name for the IAM Assummed Role session. Can also be set via TERRAGRUNT_IAM_ASSUME_ROLE_SESSION_NAME environment variable. [$TERRAGRUNT_IAM_ASSUME_ROLE_SESSION_NAME]
--terragrunt-iam-role value Assume the specified IAM role before executing Terraform. Can also be set via the TERRAGRUNT_IAM_ROLE environment variable. [$TERRAGRUNT_IAM_ROLE]
--terragrunt-ignore-dependency-errors *-all commands continue processing components even if a dependency fails.
--terragrunt-ignore-dependency-order *-all commands will be run disregarding the dependencies
--terragrunt-ignore-external-dependencies *-all commands will not attempt to include external dependencies
--terragrunt-include-dir value Unix-style glob of directories to include when running *-all commands
--terragrunt-include-external-dependencies *-all commands will include external dependencies [$TERRAGRUNT_INCLUDE_EXTERNAL_DEPENDENCIES]
--terragrunt-include-module-prefix When this flag is set output from Terraform sub-commands is prefixed with module path. [$TERRAGRUNT_INCLUDE_MODULE_PREFIX]
--terragrunt-log-level value Sets the logging level for Terragrunt. Supported levels: panic, fatal, error, warn, info, debug, trace. (default: info) [$TERRAGRUNT_LOG_LEVEL]
--terragrunt-modules-that-include value If flag is set, 'run-all' will only run the command against Terragrunt modules that include the specified file.
--terragrunt-no-auto-approve -auto-approve Don't automatically append -auto-approve to the underlying Terraform commands run with 'run-all'. (default: true) [$TERRAGRUNT_NO_AUTO_APPROVE]
--terragrunt-no-auto-init Don't automatically run 'terraform init' during other terragrunt commands. You must run 'terragrunt init' manually. (default: true) [$TERRAGRUNT_NO_AUTO_INIT]
--terragrunt-no-auto-retry Don't automatically re-run command in case of transient errors. (default: true) [$TERRAGRUNT_NO_AUTO_RETRY]
--terragrunt-no-color If specified, Terragrunt output won't contain any color. [$TERRAGRUNT_NO_COLOR]
--terragrunt-non-interactive Assume "yes" for all prompts. [$TERRAGRUNT_NON_INTERACTIVE]
--terragrunt-parallelism value *-all commands parallelism set to at most N modules (default: 2147483647) [$TERRAGRUNT_PARALLELISM]
--terragrunt-source value Download Terraform configurations from the specified source into a temporary folder, and run Terraform in that temporary folder. [$TERRAGRUNT_SOURCE]
--terragrunt-source-map value Replace any source URL (including the source URL of a config pulled in with dependency blocks) that has root source with dest. [$TERRAGRUNT_SOURCE_MAP]
--terragrunt-source-update Delete the contents of the temporary folder to clear out any old, cached source code before downloading new source code into it. [$TERRAGRUNT_SOURCE_UPDATE]
--terragrunt-strict-include If flag is set, only modules under the directories passed in with '--terragrunt-include-dir' will be included.
--terragrunt-tfpath value Path to the Terraform binary. Default is terraform (on PATH). (default: terraform) [$TERRAGRUNT_TFPATH]
--terragrunt-use-partial-parse-config-cache Enables caching of includes during partial parsing operations. Will also be used for the --terragrunt-iam-role option if provided. [$TERRAGRUNT_USE_PARTIAL_PARSE_CONFIG_CACHE]
--terragrunt-working-dir value The path to the Terraform templates. Default is current directory. [$TERRAGRUNT_WORKING_DIR]
--help, -h Show help
--version, -v Show terragrunt version
VERSION: v0.53.0
AUTHOR: Gruntwork <www.gruntwork.io>
Installation on mega-linter Docker image
- Dockerfile commands :
FROM alpine/terragrunt:latest as terragrunt
COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/