search

gruntwork-io / terragrunt-action

A GitHub Action for installing and running Terragrunt
Apache License 2.0
107 stars 41 forks source link

Using actions/cache@v4 with terragrunt-action@v2 #51

Closed alexiskat closed 7 months ago

alexiskat commented 7 months ago

I am trying to see if there is a way that the cache created by actions/cache can be used by terragrunt-action. The cache gets created and the providers are added to it. I have enable TF_LOGS and set it to DEBUG. From the logs, and I am not 100% on this but it dose not look like to me that terragrunt-action is using the cache.

Below are the relevant parts of my github actions workflow:

env:
  #TF variables
  TF_VERSION: "1.7.3"
  TF_LOG: "DEBUG"
  TF_PLUGIN_CACHE_DIR: ${{ github.workspace }}/.terraform.d/plugin-cache
  #TG variables
  TG_VERSION: "0.55.2"

....

runs-on: ubuntu-latest
    needs: [Checks]
    steps:
      - name: "GitHub Checkout"
        uses: actions/checkout@v4

      - name: Create Terraform Plugin Cache Dir
        shell: bash
        run: |
          mkdir --parents $TF_PLUGIN_CACHE_DIR

      - name: Cache Terraform
        uses: actions/cache@v4
        with:
          path: |
            ${{ env.TF_PLUGIN_CACHE_DIR }}
          key: ${{ runner.os }}-terraform-${{ hashFiles('**/.terraform.lock.hcl') }}

      - name: init
        uses: gruntwork-io/terragrunt-action@v2
        with:
          tf_version: ${{ env.TF_VERSION }}
          tg_version: ${{ env.TG_VERSION }}
          tg_dir: ${{ env.ACC_INFRA_WORKING_DIR }}
          tg_command: "init"

From the logs I can see the environment variable TF_PLUGIN_CACHE_DIR been passed in: /usr/bin/docker run --name f0191245dff1528abf4f4996c5660fdc0095a8_441fac --label f01912 --workdir /github/workspace --rm -e "TF_VERSION" -e "TF_LOG" -e "TF_PLUGIN_CACHE_DIR" -e "TG_VERSION" -e

but then see the following in the logs which makes me think that the cache is not been used:


2024-03-12T11:32:35.662Z [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2024-03-12T11:32:35.662Z [DEBUG] ignoring non-existing provider search directory terraform.d/plugins
2024-03-12T11:32:35.662Z [DEBUG] ignoring non-existing provider search directory /github/home/.terraform.d/plugins
2024-03-12T11:32:35.662Z [DEBUG] ignoring non-existing provider search directory /github/home/.local/share/terraform/plugins
2024-03-12T11:32:35.662Z [DEBUG] ignoring non-existing provider search directory /usr/local/share/terraform/plugins
2024-03-12T11:32:35.663Z [DEBUG] ignoring non-existing provider search directory /usr/share/terraform/plugins```

Any help or advice on this would be great.
cbugneac-nex commented 7 months ago

@alexiskat managed to get it working like this.

PS: You need to pass correct TF_PLUGIN_CACHE_DIR value inside the action container as the cache dir is mounted inside as /github/workspace/.terraform.d/plugin-cache. Also we don't save lock HCL files in repo so using providers.tf in computing cache key.

name: Validate PR

on:
  pull_request:

env:
  tf_version: 1.5.3
  tg_version: 0.48.0
  working_dir: environments
  TF_PLUGIN_CACHE_DIR: ${{ github.workspace }}/.terraform.d/plugin-cache

jobs:
  plan:
    permissions:
      id-token: write       # Required for requesting the token from STS
      contents: read        # Required for actions/checkout
      pull-requests: write  # Required for writing comments
    runs-on: ubuntu-22.04
    strategy:
      matrix:
        component: [rbac, monitors, dashboards, integrations, log_configuration]
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Create Terraform Plugin Cache Dir
        run: mkdir --parents $TF_PLUGIN_CACHE_DIR

      - name: Terraform Plugin Cache
        uses: actions/cache@v4.0.1
        with:
          path: ${{ env.TF_PLUGIN_CACHE_DIR }}
          key: ${{ runner.os }}-terraform-plugin-cache-${{ hashFiles('**/providers.tf') }}

      - name: Plan
        uses: gruntwork-io/terragrunt-action@v2.0.2
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          TF_PLUGIN_CACHE_DIR: /github/workspace/.terraform.d/plugin-cache
          TF_PLUGIN_CACHE_MAY_BREAK_DEPENDENCY_LOCK_FILE:  "true"
        with:
          tf_version: ${{ env.tf_version }}
          tg_version: ${{ env.tg_version }}
          tg_dir: ${{ env.working_dir }}/sandbox/${{ matrix.component }}
          tg_command: plan
          tg_comment: 1
          tg_add_approve: 0

This is proof in debug messages:

image

I hope it helps.