Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Using a container image avoids use external tools #36

Open
leinad87 opened this issue Nov 8, 2023 · 8 comments
Open

Using a container image avoids use external tools #36

leinad87 opened this issue Nov 8, 2023 · 8 comments
Labels
bug Something isn't working

Comments

@leinad87
Copy link

leinad87 commented Nov 8, 2023

It is common that terragrunt/terraform requires external tools like az cli or aws cli, however the docker image does not have them (and probably shouldn't).

This is at this job that checkouts code, log into azure and tries to run terragrunt:

  plan:
    runs-on: ubuntu-latest
    needs: [ checks ]
    steps:
      - name: 'Checkout'
        uses: actions/checkout@main

      - name: Azure Login
        uses: azure/login@v1
        with:
          creds: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ vars.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ vars.AZURE_TENANT_ID }}"}'

      - name: Plan
        uses: gruntwork-io/terragrunt-action@v1
        with:
          tf_version: ${{ env.tf_version }}
          tg_version: ${{ env.tg_version }}
          tg_dir: ${{ env.working_dir }}
          tg_command: 'run-all plan'

Eror: Error building ARM Config: please ensure you have installed Azure CLI version 2.0.79 or newer. Error parsing json result from the Azure CLI: launching Azure CLI: exec: "az": executable file not found in $PATH.
@leinad87 leinad87 added the bug Something isn't working label Nov 8, 2023
@michw
Copy link

michw commented Nov 8, 2023
edited
Loading

It is possible to run custom pre exec job with:

- name: Plan
  uses: gruntwork-io/[email protected]
  env:
    INPUT_PRE_EXEC_0: 'curl -sLO https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip && unzip -q awscli-exe-linux-x86_64.zip && ./aws/install'
  with:
    tf_version: ${{ env.tf_version }}
    tg_version: ${{ env.tg_version }}
    tg_dir: ${{ env.working_dir }}
    tg_command: 'run-all plan'

Readme

@denis256 With (now deleted) v1.0.11 I couldn't install repository packages with apt, b/c of the user change in Dockerfile. If you plan to release user change feature again (highly appreciated), please consider adding smth like

diff --git a/terragrunt/Dockerfile b/terragrunt/Dockerfile
index 095959f..33480c4 100644
--- a/terragrunt/Dockerfile
+++ b/terragrunt/Dockerfile
@@ -13,11 +13,13 @@ RUN apt-get update && apt-get install -y \
     jq \
     unzip \
     wget \
+    sudo \
     && rm -rf /var/lib/apt/lists/*
 
 # Create runner user
 RUN addgroup --system --gid 127 docker
 RUN useradd --system -u 1001 -g 127 -ms /bin/bash runner
+RUN echo "runner ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/runner
 USER runner
 
 RUN mkdir -p /home/runner/.ssh

Thank you!

@leinad87
Copy link
Author

leinad87 commented Nov 8, 2023

Thank you, I didn't know about that option, but does it make sense? I'm using terragrunt-action to minimize coding and avoid installing manually terragrunt and terraform, but I can't use Azure action to install az cli.

PD: This is not a bug anymore, this is more a proposal

@BenediktSchuh1324
Copy link

BenediktSchuh1324 commented Nov 20, 2023
edited
Loading

I am running into a simmilar issue. Implementing a setup terragrunt would help a lot because we would have the control what context is used.
One other Problem is that authenticating with gcloud before applying terragrunt

@CsBigDataHub
Copy link

Similar issue with me as well.

@can-axelspringer
Copy link

I got permission denied for the following.

mkdir: cannot create directory '/usr/local/aws-cli': Permission denied

- name: Plan
  uses: gruntwork-io/[email protected]
  env:
    INPUT_PRE_EXEC_0: 'curl -sLO https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip && unzip -q awscli-exe-linux-x86_64.zip && ./aws/install'
  with:
    tf_version: ${{ env.tf_version }}
    tg_version: ${{ env.tg_version }}
    tg_dir: ${{ env.working_dir }}
    tg_command: 'run-all plan'

@SakharamS
Copy link

Adding INPUT_PRE_EXEC_0 still results in the same error. Has anyone found the solution?

@denis256
Copy link
Member

denis256 commented Nov 3, 2024

in my projects, I use sudo ...

        env:
          INPUT_PRE_EXEC_0: 'sudo curl -sLO https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip && sudo unzip -q awscli-exe-linux-x86_64.zip && sudo ./aws/install'
          INPUT_PRE_EXEC_1: 'aws --version'

https://github.com/denis256/terragrunt-tests/blob/master/.github/workflows/basic-test-install-tools.yml#L35

@Pluggi
Copy link

Pluggi commented Dec 13, 2024

@denis256

IMO, the core issue is that the action is using Docker to execute the commands, so that mise is available to install terragrunt/terraform.
This is a big requirement for such a small thing and actually causes a lot of problems as presented in this issue.

How would you feel about removing the docker requirement and instead just install via curl, so that the action is more interoperable?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@Pluggi @leinad87 @denis256 @michw @CsBigDataHub @BenediktSchuh1324 @SakharamS @can-axelspringer