6

After a couple of months not dealing with infrastructure changes, I tried to load up our terragrunt files on a new machine and ran into a couple of errors, that I couldn't find a solution to.

Basically it seems, that the terraform.tfvars file (or any *.auto.tfvars file for that matter) get's ignored by terraform, when there's a -var or -var-file option present.

We're using a hierarchical terragrunt config to have different credential configuration for different environments, that's why there's an account.tfvars file, that contains all the data.

Everything has worked as late as August this year, so maybe there was a change that I didn't spot in the changelog?

module specific terraform.tfvars:

terragrunt = {
  include {
    path = "${find_in_parent_folders()}"
  }

  terraform {
    source = "../../../modules//cockpit"
  }
}

bucket_prefix = "cockpit-"

domain_name = "cockpit.donutapp.io"

parent terraform.tfvars:

terragrunt = {
  remote_state {
    backend = "s3"

    config {
      encrypt        = true
      bucket         = "my-${get_aws_account_id()}-tfstate"
      key            = "production/${path_relative_to_include()}/terraform.tfstate"
      region         = "us-east-1"
      dynamodb_table = "terraform-locks"
    }
  }

  terraform {
    extra_arguments "bucket" {
      commands = ["${get_terraform_commands_that_need_vars()}"]

      optional_var_files = [
        "${get_tfvars_dir()}/${find_in_parent_folders("account.tfvars", "ignore")}",
      ]

      arguments = [
        "-var",
        "terraform_bucket=my-${get_aws_account_id()}-tfstate",
      ]
    }

    extra_arguments "disable_input" {
      commands  = ["${get_terraform_commands_that_need_input()}"]
      arguments = ["-input=false"]
    }
  }
}

executed command by terragrunt:

terraform plan -var terraform_bucket=my-accountid-tfstate \
               -var-file=some-path/../account.tfvars \
               -input=false

When I add -var-file=terraform.tfvars as an argument to the terraform plan command in the .terragrunt-cache folder, it does work, so it just doesn't get loaded automatically.

Any thoughts?

Markus Mühlberger
  • 303
  • 3
  • 10
  • I'm having the same issue here, the Terraform documentation doesn't seem to address in detail how variables are loaded or what priority they are given. In my case adding the `-var-file` parameter to the plan command is a viable workaround, but may not work for everyone. – celestialorb Oct 29 '18 at 15:29
  • I had to rename terraform.tfvars to prod.auto.tfvars and then it worked. Doesn't make sense both terraform.tfvars and *.auto.tfvars supposed to work. – Mamun Dec 11 '20 at 06:15

1 Answers1

0

The above mechanisms for setting variables can be used together in any combination. If the same variable is assigned multiple values, Terraform uses the last value it finds, overriding any previous values. Note that the same variable cannot be assigned multiple values within a single source.

Terraform loads variables in the following order, with later sources taking precedence over earlier ones:

  • Environment variables
  • The terraform.tfvars file, if present.
  • The terraform.tfvars.json file, if present.
  • Any *.auto.tfvars or *.auto.tfvars.json files, processed in lexical order of their filenames.
  • Any -var and -var-file options on the command line, in the order they are provided. (This includes variables set by a Terraform Cloud workspace.)

Ref: https://www.terraform.io/docs/language/values/variables.html

Ankit Mehta
  • 444
  • 4
  • 11