Skip to content

terragrunt

GitHub stars autofix GitHub release (latest SemVer) GitHub last commit GitHub commit activity GitHub contributors

terragrunt documentation

terragrunt - GitHub

Configuration in MegaLinter

Variable Description Default value
TERRAFORM_TERRAGRUNT_ARGUMENTS User custom arguments to add in linter CLI call
Ex: -s --foo "bar"
TERRAFORM_TERRAGRUNT_COMMAND_REMOVE_ARGUMENTS User custom arguments to remove from command line before calling the linter
Ex: -s --foo "bar"
TERRAFORM_TERRAGRUNT_FILTER_REGEX_INCLUDE Custom regex including filter
Ex: (src\|lib)
Include every file
TERRAFORM_TERRAGRUNT_FILTER_REGEX_EXCLUDE Custom regex excluding filter
Ex: (test\|examples)
Exclude no file
TERRAFORM_TERRAGRUNT_CLI_LINT_MODE Override default CLI lint mode
- file: Calls the linter for each file
- project: Call the linter from the root of the project
file
TERRAFORM_TERRAGRUNT_FILE_EXTENSIONS Allowed file extensions. "*" matches any extension, "" matches empty extension. Empty list excludes all files
Ex: [".py", ""]
[".hcl"]
TERRAFORM_TERRAGRUNT_FILE_NAMES_REGEX File name regex filters. Regular expression list for filtering files by their base names using regex full match. Empty list includes all files
Ex: ["Dockerfile(-.+)?", "Jenkinsfile"]
Include every file
TERRAFORM_TERRAGRUNT_PRE_COMMANDS List of bash commands to run before the linter None
TERRAFORM_TERRAGRUNT_POST_COMMANDS List of bash commands to run after the linter None
TERRAFORM_TERRAGRUNT_UNSECURED_ENV_VARIABLES List of env variables explicitly not filtered before calling TERRAFORM_TERRAGRUNT and its pre/post commands None
TERRAFORM_TERRAGRUNT_CONFIG_FILE terragrunt configuration file nameUse LINTER_DEFAULT to let the linter find it terragrunt.hcl
TERRAFORM_TERRAGRUNT_RULES_PATH Path where to find linter configuration file Workspace folder, then MegaLinter default rules
TERRAFORM_TERRAGRUNT_DISABLE_ERRORS Run linter but consider errors as warnings false
TERRAFORM_TERRAGRUNT_DISABLE_ERRORS_IF_LESS_THAN Maximum number of errors allowed 0
TERRAFORM_TERRAGRUNT_CLI_EXECUTABLE Override CLI executable ['terragrunt']

MegaLinter Flavours

This linter is available in the following flavours

Flavor Description Embedded linters Info
all Default MegaLinter Flavor 117 Docker Image Size (tag) Docker Pulls
cupcake MegaLinter for the most commonly used languages 85 Docker Image Size (tag) Docker Pulls
security Optimized for security 24 Docker Image Size (tag) Docker Pulls
terraform Optimized for TERRAFORM based projects 55 Docker Image Size (tag) Docker Pulls

Behind the scenes

How are identified applicable files

  • File extensions: .hcl
  • File name don't ends with: .tflint.hcl

How the linting is performed

  • terragrunt is called one time by identified file (file CLI lint mode)

Example calls

terragrunt hclfmt --terragrunt-check --terragrunt-hclfmt-file myfile.hcl
terragrunt hclfmt --terragrunt-check --terragrunt-config terragrunt.hcl --terragrunt-hclfmt-file myfile.hcl

Help content

NAME:
   terragrunt - Terragrunt is a thin wrapper for Terraform that provides extra tools for working with multiple
                Terraform modules, remote state, and locking. For documentation, see https://github.com/gruntwork-io/terragrunt/.

USAGE:
   terragrunt <command> [options]

COMMANDS:
   aws-provider-patch     Overwrite settings on nested AWS providers to work around a Terraform bug (issue #13018).
   graph-dependencies     Prints the terragrunt dependency graph to stdout.
   hclfmt                 Recursively find hcl files and rewrite them into a canonical format.
   output-module-groups   Output groups of modules ordered by command (apply or destroy) as a list of list in JSON (useful for CI use cases).
   render-json            Render the final terragrunt config, with all variables, includes, and functions resolved, as json.
   run-all                Run a terraform command against a 'stack' by running the specified command in each subfolder.
   terragrunt-info        Emits limited terragrunt state on stdout and exits.
   validate-inputs        Checks if the terragrunt configured inputs align with the terraform defined variables.
   *                      Terragrunt forwards all other commands directly to Terraform

GLOBAL OPTIONS:
   --terragrunt-config value                        The path to the Terragrunt config file. Default is terragrunt.hcl. [$TERRAGRUNT_CONFIG]
   --terragrunt-debug                               Write terragrunt-debug.tfvars to working folder to help root-cause issues. [$TERRAGRUNT_DEBUG]
   --terragrunt-disable-bucket-update               When this flag is set Terragrunt will not update the remote state bucket. [$TERRAGRUNT_DISABLE_BUCKET_UPDATE]
   --terragrunt-disable-command-validation          When this flag is set, Terragrunt will not validate the terraform command. [$TERRAGRUNT_DISABLE_COMMAND_VALIDATION]
   --terragrunt-download-dir value                  The path where to download Terraform code. Default is .terragrunt-cache in the working directory. [$TERRAGRUNT_DOWNLOAD]
   --terragrunt-exclude-dir value                   Unix-style glob of directories to exclude when running *-all commands. [$TERRAGRUNT_EXCLUDE_DIR]
   --terragrunt-fail-on-state-bucket-creation       When this flag is set Terragrunt will fail if the remote state bucket needs to be created. [$TERRAGRUNT_FAIL_ON_STATE_BUCKET_CREATION]
   --terragrunt-fetch-dependency-output-from-state  The option fetchs dependency output directly from the state file instead of init dependencies and running terraform on them. [$TERRAGRUNT_FETCH_DEPENDENCY_OUTPUT_FROM_STATE]
   --terragrunt-iam-assume-role-duration value      Session duration for IAM Assume Role session. Can also be set via the TERRAGRUNT_IAM_ASSUME_ROLE_DURATION environment variable. [$TERRAGRUNT_IAM_ASSUME_ROLE_DURATION]
   --terragrunt-iam-assume-role-session-name value  Name for the IAM Assummed Role session. Can also be set via TERRAGRUNT_IAM_ASSUME_ROLE_SESSION_NAME environment variable. [$TERRAGRUNT_IAM_ASSUME_ROLE_SESSION_NAME]
   --terragrunt-iam-role value                      Assume the specified IAM role before executing Terraform. Can also be set via the TERRAGRUNT_IAM_ROLE environment variable. [$TERRAGRUNT_IAM_ROLE]
   --terragrunt-ignore-dependency-errors            *-all commands continue processing components even if a dependency fails.
   --terragrunt-ignore-dependency-order             *-all commands will be run disregarding the dependencies
   --terragrunt-ignore-external-dependencies        *-all commands will not attempt to include external dependencies
   --terragrunt-include-dir value                   Unix-style glob of directories to include when running *-all commands
   --terragrunt-include-external-dependencies       *-all commands will include external dependencies [$TERRAGRUNT_INCLUDE_EXTERNAL_DEPENDENCIES]
   --terragrunt-include-module-prefix               When this flag is set output from Terraform sub-commands is prefixed with module path. [$TERRAGRUNT_INCLUDE_MODULE_PREFIX]
   --terragrunt-log-level value                     Sets the logging level for Terragrunt. Supported levels: panic, fatal, error, warn, info, debug, trace. (default: info) [$TERRAGRUNT_LOG_LEVEL]
   --terragrunt-modules-that-include value          If flag is set, 'run-all' will only run the command against Terragrunt modules that include the specified file.
   --terragrunt-no-auto-approve -auto-approve       Don't automatically append -auto-approve to the underlying Terraform commands run with 'run-all'. (default: true) [$TERRAGRUNT_NO_AUTO_APPROVE]
   --terragrunt-no-auto-init                        Don't automatically run 'terraform init' during other terragrunt commands. You must run 'terragrunt init' manually. (default: true) [$TERRAGRUNT_NO_AUTO_INIT]
   --terragrunt-no-auto-retry                       Don't automatically re-run command in case of transient errors. (default: true) [$TERRAGRUNT_NO_AUTO_RETRY]
   --terragrunt-no-color                            If specified, Terragrunt output won't contain any color. [$TERRAGRUNT_NO_COLOR]
   --terragrunt-non-interactive                     Assume "yes" for all prompts. [$TERRAGRUNT_NON_INTERACTIVE]
   --terragrunt-parallelism value                   *-all commands parallelism set to at most N modules (default: 2147483647) [$TERRAGRUNT_PARALLELISM]
   --terragrunt-source value                        Download Terraform configurations from the specified source into a temporary folder, and run Terraform in that temporary folder. [$TERRAGRUNT_SOURCE]
   --terragrunt-source-map value                    Replace any source URL (including the source URL of a config pulled in with dependency blocks) that has root source with dest. [$TERRAGRUNT_SOURCE_MAP]
   --terragrunt-source-update                       Delete the contents of the temporary folder to clear out any old, cached source code before downloading new source code into it. [$TERRAGRUNT_SOURCE_UPDATE]
   --terragrunt-strict-include                      If flag is set, only modules under the directories passed in with '--terragrunt-include-dir' will be included.
   --terragrunt-tfpath value                        Path to the Terraform binary. Default is terraform (on PATH). (default: terraform) [$TERRAGRUNT_TFPATH]
   --terragrunt-use-partial-parse-config-cache      Enables caching of includes during partial parsing operations. Will also be used for the --terragrunt-iam-role option if provided. [$TERRAGRUNT_USE_PARTIAL_PARSE_CONFIG_CACHE]
   --terragrunt-working-dir value                   The path to the Terraform templates. Default is current directory. [$TERRAGRUNT_WORKING_DIR]
   --help, -h                                       Show help
   --version, -v                                    Show terragrunt version

VERSION: v0.53.0

AUTHOR: Gruntwork <www.gruntwork.io>

Installation on mega-linter Docker image

  • Dockerfile commands :
FROM alpine/terragrunt:latest as terragrunt
COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/