如何将Terragrunt用于Github动作

Question

我在创建自定义github操作工作流方面相对较新。我正在尝试利用Terragrunt和Terraform来使用Github操作来自动化我的CICD工作流程，它在GCP帐户中提供资源。我已经得到了一个Terraform操作，但我现在正在尝试将其扩展到一个模块化方法，使用Terragrunt包在Terraform周围。我已经在本地测试了我的terragrunt脚本，我没有问题。但我在设置Terragrunt Github workflow.yaml时遇到了麻烦

我在哪里找到"uses“回购为Terragrunt设置Terragrunt。我搜查了Hasicorp的github回购公司，他们只列出了Terraform。我只为Terragrunt找到了只适用于AWS的旧工作流。

这是我现在的workflow.yaml

name: 'Terragrunt CI'

on:
  push:
    branches:
    - main
  pull_request:

jobs:
  Terragrunt:
    name: 'Terragrunt'
    runs-on: ubuntu-latest

    # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
    defaults:
      run:
        shell: bash

    steps:
    # Checkout the repository to the GitHub Actions runner
    - name: Checkout
      uses: actions/checkout@v2

    # Install the latest version of Terragrunt CLI and configure the Terragrunt CLI configuration file with a Terragrunt Cloud user API token
    - name: Setup Terragrunt
      uses: #**TBD-hashicorp/setup-Terragrunt@v1**


    # Initialize a new or existing Terragrunt working directory by creating initial files, loading any remote state, downloading modules, etc.
    - name: Terragrunt Init
      run: terragrunt init --terragrunt-non-interactive
      env:
        GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}

    # Generates an execution plan for Terragrunt
    - name: Terragrunt Plan
      run: terragrunt run-all plan --terragrunt-non-interactive
      env:
        GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}

      # On push to main, build or change infrastructure according to Terragrunt configuration files
      # Note: It is recommended to set up a required "strict" status check in your repository for "Terragrunt Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks
    - name: Terragrunt Apply
      if: github.ref == 'refs/heads/main' && github.event_name == 'push'
      run: terragrunt apply-all --terragrunt-non-interactive
      env:
        GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}

Answer 1

确认，此工作流程确认工程。

name: 'Terragrunt CI'

on:
  push:
    branches:
    - main
  pull_request:

jobs:
  Terragrunt:
    name: 'Terragrunt'
    runs-on: ubuntu-latest

    # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
    defaults:
      run:
        shell: bash

    steps:
    # Checkout the repository to the GitHub Actions runner
    - name: Checkout
      uses: actions/checkout@v2

    # Install the latest version of Terragrunt CLI and configure the Terragrunt CLI configuration file with a Terragrunt Cloud user API token
    - name: Setup Terraform v1.2.6
      uses: hashicorp/setup-Terraform@v1
      with:
        terraform_version: 1.2.6
        terraform_wrapper: true
    - name: Setup Terraform version
      run: terraform --version
    - name: Setup Terraform wrapper path
      run: which terraform

    - name: Setup Terragrunt v0.38.4
      run: |
        sudo wget -q -O /bin/terragrunt "https://github.com/gruntwork-io/terragrunt/releases/download/v0.38.4/terragrunt_linux_amd64"
        sudo chmod +x /bin/terragrunt
        terragrunt -v

    # Initialize a new or existing Terragrunt working directory by creating initial files, loading any remote state, downloading modules, etc.
    - name: Terragrunt Init
      run: terragrunt init --terragrunt-non-interactive
      env:
        GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}

    # Generates an execution plan for Terragrunt
    - name: Terragrunt Plan
      run: terragrunt run-all plan --terragrunt-non-interactive
      env:
        GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}

      # On push to main, build or change infrastructure according to Terragrunt configuration files
      # Note: It is recommended to set up a required "strict" status check in your repository for "Terragrunt Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks
    - name: Terragrunt Apply
      if: github.ref == 'refs/heads/main' && github.event_name == 'push'
      run: terragrunt run-all apply --terragrunt-non-interactive
      env:
        GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}