github gruntwork-io/terragrunt v1.0.2
on GitHub

11 hours ago

๐Ÿ› Bug Fixes

shared_credentials_files and other list/map backend config values were serialized incorrectly

Setting shared_credentials_files (or any other list-valued key) in the remote_state.config block produced a broken -backend-config argument: 

-backend-config=shared_credentials_files=[/a/creds /b/creds]

OpenTofu and Terraform both failed to parse this. The same problem affected map-valued keys. Lists and maps are now written as single-line HCL (["/a/creds","/b/creds"] and {key="value"}), and strings inside them are quoted so embedded quotes, newlines, and tabs survive the round trip.

Thanks to @Rahul-Kumar-prog for contributing this fix!

Panic in get_repo_root() when OpenTelemetry tracing is enabled with TRACEPARENT

Running terragrunt stack generate (or any command that invoked shell commands like git rev-parse) with OpenTelemetry trace exporting enabled (TG_TELEMETRY_TRACE_EXPORTER=http) caused a nil pointer panic: 

Call to function "get_repo_root" failed: panic in function implementation:
runtime error: invalid memory address or nil pointer dereference

The root cause of the panic was fixed, and telemetry codepaths have been hardened against future panics.

stack output now respects the exclude block

terragrunt stack output previously ignored the exclude block on units, attempting to fetch outputs (including directly from S3 state when using --dependency-fetch-output-from-state) for units that should have been excluded.

The fix uses Terragrunt discovery to identify excluded units before reading outputs. Excluded units are now omitted from the stack output entirely, consistent with how they are handled during stack run.

To exclude a unit from stack output, add "output" to the actions list in the exclude block: 

exclude {
  if      = true
  actions = ["plan", "apply", "destroy", "output"]
}

Special action values "all" and "all_except_output" are also supported.

๐Ÿงช Experiments Added

catalog-redesign โ€” Reworked terragrunt catalog TUI

A new catalog-redesign experiment reworks the design of the terragrunt catalog TUI.

terragrunt catalog now launches the TUI right away and runs discovery in the background instead of waiting for discovery to complete before launching the TUI. As a consequence, terragrunt catalog users with large catalogs should see significant speed improvements as they launch the terragrunt catalog TUI.

Modules now stream into the list view of the catalog as they are discovered, so you'll be able to select and use a module even if your entire catalog hasn't been discovered yet.

If catalog.urls is not configured in root.hcl, terragrunt catalog no longer errors. A welcome screen explains how to populate the catalog and can open the catalog documentation on a keypress. In addition, terraform.source values from existing units are automatically included in the set of URLs used for discovery, so users with existing units get a populated catalog pointing to other modules that can be pulled from the same module source without any additional configuration.

This experiment is subject to change, and core elements of the design are being iterated on rapidly.

To try it out, run: 

terragrunt catalog --experiment catalog-redesign

To learn more, see the experiment documentation.

๐Ÿงช Experiments Updated

stack-dependencies โ€” Cross-stack dependency support and autoinclude improvements

The stack-dependencies experiment now supports cross-stack and nested-stack dependency patterns, expanding the autoinclude block capabilities in terragrunt.stack.hcl files.

New features:

  • stack.<name>.path references for depending on an entire stack. The DAG expands the stack into its constituent units so that all units in the stack complete before the dependent unit runs
  • stack.<name>.<unit_name>.path references for depending on a specific unit within a nested stack (fine-grained cross-stack dependencies)
  • dependency blocks targeting stack directories โ€” aggregated outputs from all units in the stack are accessible as dependency.stack_name.outputs.unit_name.output_key
  • Partial evaluation of local.* in autoinclude โ€” expressions mixing local.* and dependency.* are partially evaluated during stack generation: locals resolve to literals while dependency references are preserved for evaluation when the unit is applied

Dependency on an entire stack: 

stack "infra" {
  source = "../catalog/stacks/infra"
  path   = "infra"
}

unit "app" {
  source = "../catalog/units/app"
  path   = "app"

  autoinclude {
    dependency "infra" {
      config_path = stack.infra.path
    }

    inputs = {
      vpc_id = dependency.infra.outputs.vpc.vpc_id
    }
  }
}

Dependency on a unit within a nested stack: 

stack "networking" {
  source = "../catalog/stacks/networking"
  path   = "networking"
}

unit "app" {
  source = "../catalog/units/app"
  path   = "app"

  autoinclude {
    dependency "vpc" {
      config_path = stack.networking.vpc.path
    }

    inputs = {
      vpc_id = dependency.vpc.outputs.vpc_id
    }
  }
}
terragrunt run --all --experiment stack-dependencies -- plan

To learn more, see the experiment documentation.

โš™๏ธ Process Updates

Install script now supports tip and test builds

The install script can now install tip builds and on-demand test builds. Three new flags are available:

  • --tip installs the latest tip build from main
  • --test installs an on-demand test build
  • --commit <sha> installs a build for a specific commit

Downloads are verified against GPG/Cosign signatures and SHA256 checksums before installation.

Tip build notifications on referenced issues

When a tip build is produced on main for a merged PR, Terragrunt now posts a comment on any issues that PR references, linking to the build and including instructions for installing and testing it.

What's Changed

New Contributors

Full Changelog: v1.0.1...v1.0.2

Check out latest releases or
releases around gruntwork-io/terragrunt v1.0.2

Don't miss a new terragrunt release

NewReleases is sending notifications on new releases.

Get notifications