Menu
I am relatively new with creating custom github action workflows. I am trying to utilize Terragrunt with Terraform to automate my CICD workflow using Github Actions which provisions resources in a GCP account.
I have gotten a Terraform Github Actions to work but I am now trying to expand it to a modular approach using Terragrunt wrapped around Terraform. I have tested my terragrunt script locally and I have no issues. But I am having trouble setting up the Terragrunt Github Actions workflow.yaml
Where do I find the "uses" repo for Terragrunt to setup Terragrunt. I searched Hasicorp's github repo's and they only list Terraform. I have only found older workflows only for AWS for Terragrunt.
Here is my current workflow.yaml:
name: 'Terragrunt CI'
on:
push:
branches:
- main
pull_request:
jobs:
Terragrunt:
name: 'Terragrunt'
runs-on: ubuntu-latest
# Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
defaults:
run:
shell: bash
steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout
uses: actions/checkout@v2
# Install the latest version of Terragrunt CLI and configure the Terragrunt CLI configuration file with a Terragrunt Cloud user API token
- name: Setup Terragrunt
uses: #**TBD-hashicorp/setup-Terragrunt@v1**
# Initialize a new or existing Terragrunt working directory by creating initial files, loading any remote state, downloading modules, etc.
- name: Terragrunt Init
run: terragrunt init --terragrunt-non-interactive
env:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
# Generates an execution plan for Terragrunt
- name: Terragrunt Plan
run: terragrunt run-all plan --terragrunt-non-interactive
env:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
# On push to main, build or change infrastructure according to Terragrunt configuration files
# Note: It is recommended to set up a required "strict" status check in your repository for "Terragrunt Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks
- name: Terragrunt Apply
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: terragrunt apply-all --terragrunt-non-interactive
env:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
788
asked Oct 28 '25 22:10
Confirmed, this workflow confirmed works.
name: 'Terragrunt CI'
on:
push:
branches:
- main
pull_request:
jobs:
Terragrunt:
name: 'Terragrunt'
runs-on: ubuntu-latest
# Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
defaults:
run:
shell: bash
steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout
uses: actions/checkout@v2
# Install the latest version of Terragrunt CLI and configure the Terragrunt CLI configuration file with a Terragrunt Cloud user API token
- name: Setup Terraform v1.2.6
uses: hashicorp/setup-Terraform@v1
with:
terraform_version: 1.2.6
terraform_wrapper: true
- name: Setup Terraform version
run: terraform --version
- name: Setup Terraform wrapper path
run: which terraform
- name: Setup Terragrunt v0.38.4
run: |
sudo wget -q -O /bin/terragrunt "https://github.com/gruntwork-io/terragrunt/releases/download/v0.38.4/terragrunt_linux_amd64"
sudo chmod +x /bin/terragrunt
terragrunt -v
# Initialize a new or existing Terragrunt working directory by creating initial files, loading any remote state, downloading modules, etc.
- name: Terragrunt Init
run: terragrunt init --terragrunt-non-interactive
env:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
# Generates an execution plan for Terragrunt
- name: Terragrunt Plan
run: terragrunt run-all plan --terragrunt-non-interactive
env:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
# On push to main, build or change infrastructure according to Terragrunt configuration files
# Note: It is recommended to set up a required "strict" status check in your repository for "Terragrunt Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks
- name: Terragrunt Apply
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: terragrunt run-all apply --terragrunt-non-interactive
env:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
It should be possible to use this action https://github.com/autero1/action-terragrunt now.
This section must be added to the corresponding action therefore:
- name: Setup Terragrunt
uses: autero1/[email protected]
with:
terragrunt_version: 0.21.13
token: ${{ secrets.GITHUB_TOKEN }}
and respective a full config like this:
name: 'Terragrunt CI'
on:
push:
branches:
- main
pull_request:
jobs:
Terragrunt:
name: 'Terragrunt'
runs-on: ubuntu-latest
steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout
uses: actions/checkout@v4
# Install the latest version of Terragrunt CLI and configure the Terragrunt CLI configuration file with a Terragrunt Cloud user API token
- name: Setup Terraform v1.2.6
uses: hashicorp/setup-Terraform@v1
with:
terraform_version: 1.2.6
terraform_wrapper: true
- name: Setup Terraform version
run: terraform --version
- name: Setup Terraform wrapper path
run: which terraform
- name: Setup Terragrunt version 0.21.13
uses: autero1/[email protected]
with:
terragrunt_version: 0.21.13
token: ${{ secrets.GITHUB_TOKEN }}
# Initialize a new or existing Terragrunt working directory by creating initial files, loading any remote state, downloading modules, etc.
- name: Terragrunt Init
run: terragrunt init --terragrunt-non-interactive
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
