mirror of
https://github.com/gruntwork-io/terragrunt-action
synced 2026-02-08 14:46:44 +01:00
No description
- Go 46.1%
- Shell 44.2%
- HCL 9.7%
|
|
||
|---|---|---|
| .circleci | ||
| .github | ||
| src | ||
| test | ||
| .gitignore | ||
| .pre-commit-config.yaml | ||
| action.yml | ||
| LICENSE | ||
| README.md | ||
terragrunt-action
A GitHub Action for installing and running Terragrunt and OpenTofu.
Minimum Supported Version
The current minimum supported version of Terragrunt is 0.77.22.
Inputs
Supported GitHub action inputs:
| Input Name | Description | Required | Example values |
|---|---|---|---|
| tg_version | Terragrunt version to be used in Action execution | true if no mise.toml file present |
0.50.8 |
| tofu_version | OpenTofu version to be used in Action execution | true if tf_path is not provided and the file mise.toml is not present |
1.6.0 |
| tf_path | Path to Terraform binary (use to explicitly choose tofu/terraform) | false |
/usr/bin/tofu |
| tg_dir | Directory in which Terragrunt will be invoked | false |
work |
| tg_command | Terragrunt command to execute | false |
plan/apply |
| tg_comment | Add comment to Pull request with execution output | false |
0/1 |
| tg_add_approve | Automatically add "-auto-approve" to commands, enabled by default | false |
0/1 |
| github_token | GitHub token for API authentication to avoid rate limits | false |
${{ github.token }} |
Tool Version Management
This action supports two ways to specify tool versions:
-
Using
mise.tomlfile (recommended): Create amise.tomlor.mise.tomlfile in your repository root to configure mise:[tools] terragrunt = "0.82.3" opentofu = "1.10.1" -
Using action inputs: Specify versions directly in the action inputs when no
mise.tomlfile is present.
Environment Variables
Supported environment variables:
| Input Name | Description |
|---|---|
| GITHUB_TOKEN | GitHub token used to add comment to Pull request |
| TF_LOG | Log level for Terraform |
| TF_VAR_name | Define custom variable name as inputs |
| INPUT_PRE_EXEC_number | Environment variable is utilized to provide custom commands that will be executed before running Terragrunt |
| INPUT_POST_EXEC_number | Environment variable is utilized to provide custom commands that will be executed after running Terragrunt |
Outputs
Outputs of GitHub action:
| Input Name | Description |
|---|---|
| tg_action_exit_code | Terragrunt exit code |
| tg_action_output | Terragrunt output as plain text |
Usage
Example 1: As an installation action (without command execution)
You can use this action to simply install Terragrunt and OpenTofu/Terraform, then run terragrunt commands in subsequent steps:
name: 'Terragrunt GitHub Actions'
on:
- pull_request
jobs:
terragrunt:
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/checkout@v4
# Assuming you have a mise.toml file in your repository.
- name: Install Terragrunt and OpenTofu
uses: gruntwork-io/terragrunt-action@v3
# Note: no tg_command specified, so terragrunt won't be executed
# If you don't have a mise.toml file in your repository, you can specify tool version directly.
# - name: Install Terragrunt and OpenTofu
# uses: gruntwork-io/terragrunt-action@v3
# with:
# tg_version: '0.82.2'
# tofu_version: '1.10.1'
- name: Run terragrunt plan
run: |
cd infrastructure/
terragrunt plan
- name: Run terragrunt apply
if: github.ref == 'refs/heads/main'
run: |
cd infrastructure/
terragrunt run --all --non-interactive apply
Example 2: Using mise.toml file (recommended)
Create a mise.toml file in your repository root:
[tools]
terragrunt = "0.82.2"
opentofu = "1.10.1"
Then use the action without specifying versions:
name: 'Terragrunt GitHub Actions'
on:
- pull_request
env:
working_dir: 'project'
jobs:
checks:
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/checkout@v4
- name: Check terragrunt HCL
uses: gruntwork-io/terragrunt-action@v3
with:
tg_dir: ${{ env.working_dir }}
tg_command: 'hcl fmt --check --diff'
plan:
runs-on: ubuntu-latest
needs: [ checks ]
steps:
- name: 'Checkout'
uses: actions/checkout@v4
- name: Plan
uses: gruntwork-io/terragrunt-action@v3
with:
tg_dir: ${{ env.working_dir }}
tg_command: 'plan'
deploy:
runs-on: ubuntu-latest
needs: [ plan ]
environment: 'prod'
if: github.ref == 'refs/heads/main'
steps:
- name: 'Checkout'
uses: actions/checkout@v4
- name: Deploy
uses: gruntwork-io/terragrunt-action@v3
with:
tg_dir: ${{ env.working_dir }}
tg_command: 'apply'
Example 2: Using action inputs for tool versions
name: 'Terragrunt GitHub Actions'
on:
- pull_request
env:
tg_version: '0.82.2'
tofu_version: '1.10.1'
working_dir: 'project'
jobs:
checks:
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/checkout@v4
- name: Check terragrunt HCL
uses: gruntwork-io/terragrunt-action@v3
with:
tofu_version: ${{ env.tofu_version }}
tg_version: ${{ env.tg_version }}
tg_dir: ${{ env.working_dir }}
tg_command: 'hcl fmt --check --diff'
plan:
runs-on: ubuntu-latest
needs: [ checks ]
steps:
- name: 'Checkout'
uses: actions/checkout@main
- name: Plan
uses: gruntwork-io/terragrunt-action@v3
with:
tofu_version: ${{ env.tofu_version }}
tg_version: ${{ env.tg_version }}
tg_dir: ${{ env.working_dir }}
tg_command: 'plan'
deploy:
runs-on: ubuntu-latest
needs: [ plan ]
environment: 'prod'
if: github.ref == 'refs/heads/main'
steps:
- name: 'Checkout'
uses: actions/checkout@v4
- name: Deploy
uses: gruntwork-io/terragrunt-action@v3
with:
tofu_version: ${{ env.tofu_version }}
tg_version: ${{ env.tg_version }}
tg_dir: ${{ env.working_dir }}
tg_command: 'apply'
Example 4: Using tf_path to specify Terraform binary
- name: Deploy with explicit terraform binary
uses: gruntwork-io/terragrunt-action@v3
with:
tf_path: "terraform" # Explicitly use terraform even if both tofu and terraform are installed.
tg_dir: ${{ env.working_dir }}
tg_command: 'apply'
Example 5: Passing custom code before running Terragrunt
...
- name: Plan
uses: gruntwork-io/terragrunt-action@v3
env:
# configure git to use custom token to clone repository.
INPUT_PRE_EXEC_1: |
git config --global url."https://user:${{secrets.PAT_TOKEN}}@github.com".insteadOf "https://github.com"
# print git configuration
INPUT_PRE_EXEC_2: |
git config --global --list
with:
tg_command: 'plan'
...
Example 6: Using GitHub cache for OpenTofu plugins (providers)
...
env:
tg_version: 0.82.2
tofu_version: 1.10.1
working_dir: project
TF_PLUGIN_CACHE_DIR: ${{ github.workspace }}/.terraform.d/plugin-cache
jobs:
plan:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Create OpenTofu Plugin Cache Dir
run: mkdir -p $TF_PLUGIN_CACHE_DIR
- name: OpenTofu Plugin Cache
uses: actions/cache@v4
with:
path: ${{ env.TF_PLUGIN_CACHE_DIR }}
key: ${{ runner.os }}-terraform-plugin-cache-${{ hashFiles('**/.terraform.lock.hcl') }}
- name: Plan
uses: gruntwork-io/terragrunt-action@v3
env:
TF_PLUGIN_CACHE_DIR: ${{ env.TF_PLUGIN_CACHE_DIR }}
with:
tofu_version: ${{ env.tofu_version }}
tg_version: ${{ env.tg_version }}
tg_dir: ${{ env.working_dir }}
tg_command: plan
...