unable to control {optional,required}_var_file precedence

[jhoblitt]

Consider the following terraform.tfvars:

terragrunt = {
  terraform {
    extra_arguments "common_tfvars" {
      commands = ["${get_terraform_commands_that_need_vars()}"]
      optional_var_files = [
        "${get_tfvars_dir()}/${find_in_parent_folders("common.tfvars", "ignore")}"
      ]
    }
  }
}
domain_name = "foo.example.org"

where common.tfvars is

domain_name = "bar.example.org"

tg will construct the tf command line such that terraform.tfvars is implicit while optional_var_files is explicitly declared as -var-file .... This seems to result in any variable declared from a {required,optional}_var_files as having precedence over the "local" terraform.tfvars and the resolved value of domain_name ends up being bar.example.org. This is exactly the opposite behavior of what I would expect -- specifically, that vars further down the hierarchy override the values of those closer to the root. I believe this could be resolved by explicitly declaring the "local" terraform.tfvars with -var-file which appears only after any {required,optiona}l_var_files. Eg.,

 terrafrom apply -var-file .../common.tfvars -var-file .../terraform.tfvars

As this would be a change to existing semantics, perhaps it could be controlled by a flag in the terragrunt {} block?

I suspect this is related #132 but ultimately an orthogonal concern.

[brikis98]

This is part of Terraform's design. As per the docs:

Definition files passed using the -var-file flag will always be evaluated after those in the working directory.

[jhoblitt]

@brikis98 I am aware that terraform has documented precedence rules for var evaluation. This feature request is completely about how terragrunt is explicitly and implicitly passing vars to terraform.

[brikis98]

I'm a bit worried about doing something that is 100% counter to the logic built-into Terraform. If you want terraform.tfvars to go last, you can probably specify the file explicitly using optional_var_files.

[d601]

I'm affected by this issue as well. My use case is that I have a common GCP region/zone declared in a shared hcl file, but then in a couple of modules I want to override this. Since I've put all my module variables in an inputs = {} block inside each terragrunt.hcl, optional_var_files = ["${get_terragrunt_dir()}/terragrunt.hcl"] doesn't work right out of the box, unfortunately..

[yorinasub17]

If you are using terragrunt.hcl for your inputs, you need to merge them into the inputs attribute of the running config using read_terragrunt_config. E.g., in our example, see how we read in a bunch of common vars in the folder tree (https://github.com/gruntwork-io/terragrunt-infrastructure-live-example/blob/master/terragrunt.hcl#L9), and then merge them in: https://github.com/gruntwork-io/terragrunt-infrastructure-live-example/blob/master/terragrunt.hcl#L60

With merge, overriding is done by passing in the dict later in the args. E.g., if override.hcl contains values to override the zone defined in common.hcl:

locals {
  common_vars = read_terragrunt_config(find_in_parent_folder("common.hcl"))
  override_vars = read_terragrunt_config(find_in_parent_folder("override.hcl"))
}
inputs = merge(local.common_vars.inputs, local.override_vars.inputs)

[yorinasub17]

Closing as stale and a workaround is provided. If there are any follow up questions here, please open a new issue. Thanks!