Closed IAXES closed 1 month ago
After additional testing, it seems that aws
and github
providers, for example, are indeed being sourced from the local provider cache (can't get my private provider working this way, though).
However, all providers seem to be ignoring the direct.exclude
statements, and are still attempting to query versions
from the remote registries, preventing the air-gap use case from working (i.e. if local provider cache is properly populated, but remote version check fails, then the overall terragrunt run-all apply
operation also fails early-on).
So, I think the public-versus-private provider topic I raised is a non issue. Instead, this seems to be entirely a function of Terragrunt and/or Terraform reaching out to remote provider registries when we don't want the tools to do this (either due to a misconfig on my end, or some feature/code-change needed to support air-gap deployments).
I've also tried going as far as using the dev_overrides
feature in the provider_installation
block, but no luck. It seems like the entire issue hinges on "honor direct.exclude
and disable_checkpoint = true
statements in ~/.terraformrc
" in order for an air-gapped use case to work.
Resolved in v0.63.3 release.
Describe the bug
I am attempting to
terragrunt run-all plan
in an air-gapped/offline-only/private-intranet use case. I basically need to use a private/proprietary module, along with the publicgithub
provider to communicate with a private GitHub Enterprise Server (GHES) stack. This work is somewhat similar to what is described in https://github.com/gruntwork-io/terragrunt/issues/3117.I'm able to get the provider cache to work with various modules I can pull from
registry.terraform.io
, but not with private modules. For example, I have a private module,cheeseburger/pickle/3.0.0
, hosted on a private (slow) server,terraform.food.lan
. Since the private server is slow and unreliable, I'm attempting to manually install the provider into the cache. However, all attempts to get the private module to be sourced via my Terragrunt provider cache fail with the following error:Steps To Reproduce
First, I setup the Terragrunt provider cache in my shell:
I create a
~/.terraformrc
file like so:For additional context, my respective provider cache folders are located at the following paths (and that, with the exception of this use case where I'm trying to manually install a private provider into the Terragrunt provider cache, both Terragrunt and vanilla Terraform provider caches appear to be working as expected):
~/.cache/terragrunt/providers
~/.terraform.d/plugins
Expected behavior
I expected
terragrunt run-all plan
to conclude normally (i.e. to successful completion), but without requiring any access to the private server,terraform.food.lan
.Nice to haves
Versions
terragrunt version v0.59.6
Terraform v1.9.1 on linux_arm64
$> uname -a Linux darkstar 6.8.0-36-generic #36-Ubuntu SMP PREEMPT_DYNAMIC Mon Jun 10 13:20:23 UTC 2024 aarch64 aarch64 aarch64 GNU/Linux