sops_decrypt_file files arent being listed as dependencies for projects.

[ryan-dyer-sp]

We have in our child terragrunt.hcl

include {
  path = find_in_parent_folders()
}

terraform {
  source = "../../../../../modules//secrets"

  extra_arguments "common_var" {
    commands = [for c in get_terraform_commands_that_need_vars() : c if c != "apply"]

    arguments = [
      "-var-file=${get_terragrunt_dir()}/main.tfvars"
    ]
  }
}

locals {
  secrets = try(jsondecode(sops_decrypt_file("${get_terragrunt_dir()}/../secrets.json")), {})
}

inputs = merge(
  local.secrets
)

Running

> terragrunt-atlantis-config generate --autoplan --create-workspace --create-project-name --output atlantis.yaml --workflow terragrunt --ignore-parent-terragrunt

We dont end up with the secrets.json showing up as a dependency anywhere in our atlantis.yaml.

Am I missing something?

[dmattia]

Hello! Great question.

Right now, one of the only things this library does not support are finding values passed to terragrunt functions, and the reason for this is because terragrunt does not directly expose what functions it has called. So when this library sees the parsed result of a terragrunt.hcl file, all the functions are applied already. There is a similar discussion in this issue: https://github.com/transcend-io/terragrunt-atlantis-config/issues/48

I have a WIP PR to fix this issue here: https://github.com/transcend-io/terragrunt-atlantis-config/pull/70/files, though honestly it pushes the boundaries about what I know about golang.

I'll try to work on that at some point soon, but if anyone is interested in helping out, adding support for hooking into the function calls would be extremely helpful

[crazy-matt]

This in your terragrunt.hcl might help:

locals {
  extra_atlantis_dependencies = [
    "../secrets.json",
  ]
}