search

gruntwork-io / terragrunt

Terragrunt is a flexible orchestration tool that allows Infrastructure as Code written in OpenTofu/Terraform to scale.
https://terragrunt.gruntwork.io/
MIT License
8.01k stars 971 forks source link

Proposal: a (maybe) better way to keep track of versions #2039

Open vitorfhc opened 2 years ago

vitorfhc commented 2 years ago

The problem

Keeping the latest version of anything is hard today. Terragrunt is no different.

Let's take this example:

terraform {
    source = "git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-cluster?ref=v0.84.3"
}

Cool, we imported a module with its fixed version v0.84.3. But what if I want to easily update it? I would have to go to the code and bump it myself to another version. How can I automate that? I wish there was an easy way.

Version constraints help with that. For example, on Terraform we could do ~>0.84 and it would always update the minor version on any terraform init. Would be nice to add this feature to Terragrunt.

The proposal

How viable is it to make this feature in Terragrunt? I believe there are some ways we could implement that.

One idea would be that ~>0.84 would be equal to:

terraform {
    source = "git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-cluster?ref=v0.84"
}

I removed the patch version and now it always gets the latest patch from v0.84.

I could also do:

terraform {
    source = "git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-cluster?ref=v0"
}

And now we have the latest v0.x.y, never going above the major version, which translates to >= v0.0.0 and < v1.0.0.

This is just an idea and one way of implementing that. I would love it since I could automate easily these updates and guarantee the latest versions.

tonerdo commented 2 years ago

@vitorfhc I think this makes sense and is worth exploring

tonerdo commented 2 years ago

@vitorfhc spent some time looking into the feasibility of this and discovered that our source download functionality is handled by hashicorp/go-getter. Any updates to the behavior would have to be made there.

vitorfhc commented 2 years ago

@tonerdo interesting point. But, isn't it possible to parse the url before using go-getter?

Example:

  1. I use ref=v1.2.3 and since this is a valid SemVer with all parts specified I just pass it ahead.

  2. But, if I use ref=1.2.x we have a variant part which is the patch. Now we query that Git tags and find the latest tag, which x is the higher number.

I don't believe this is all new feature, some tools already explored this. It's acting like a middleware between getting the source url and downloading the file.

What do you think?

Edit: hashicorp/go-version

lorengordon commented 2 years ago

I just use dependabot or renovate to help me keep module versions updated.

vitorfhc commented 2 years ago

I just use dependabot or renovate to help me keep module versions updated.

Does it work nicely with terragrunt?

lorengordon commented 2 years ago

Yeah absolutely, or I wouldn't be here!