denis256 notes and projects

Terragrunt landed 29 commits this past week. The bulk of the work falls into two buckets: a systematic purge of third party Go dependencies in favor of the standard library, and a significant expansion of the content addressable storage (CAS) layer to support non git sources. Several panic fixes also shipped that affect real user workflows.

Dependency purge: fewer third party packages, more stdlib

The most visible theme this week is a cleanup campaign removing several direct Go dependencies. The maintainers dropped go-errors, replacing its usage across the codebase with the standard errors and fmt packages. The diff in internal/awshelper/config.go shows the pattern: errors.Errorf(...) calls became fmt.Errorf(...), and errors.New(err) wrappers became plain err returns. Straightforward, and it removes one more import that Go 1.13+ made redundant years ago.

The same treatment hit other packages:

• go-commons was removed
• go-homedir was dropped in favor of os.UserHomeDir()
• fatih/structs was removed
• Color output consolidated on lipgloss, eliminating whatever was there before

The go.mod file was touched by 9 of 29 commits this week. That tells you how aggressive this cleanup round is. Fewer dependencies means a smaller attack surface, faster builds, and less vendor churn to track.

CAS now handles S3, GCS, HTTP, and Mercurial sources

Until now, the CAS layer only cached git sources. The commit supporting all getters in CAS extends it to cover http(s), s3, gcs, hg, and smb sources through the go-getter protocol.

The architecture is clean. A new SourceResolver interface does a cheap remote probe (HTTP HEAD, S3 GetObjectAttributes, GCS metadata, hg identify) to get a cache key without downloading bytes. On a hit, the cached tree is linked directly. On a miss, a full fetch happens and the content hash keys the result.

New files to look at:

• internal/cas/source.go and internal/cas/venv.go for the resolver and virtual environment abstractions
• internal/getter/casgetter.go which now wires in the generic dispatch via WithDefaultGenericDispatch

The telemetry span changed too: cas_clone is now cas_fetch_source with scheme, url, and a cache_hit boolean. If you query traces for cas_clone, update your filters.

A followup commit removed cas.WithFS as part of cleaning up the API surface after the refactor.

Optional version in tfr:// registry URLs

This is a quality of life improvement that fixes a long standing request (issue #2572). The commit making version optional in tfr:// URLs means you no longer need to pin ?version=x.y.z in your module source. When omitted, Terragrunt queries the registry’s “List Available Versions” endpoint and picks the latest.

The implementation lives in internal/getter/tfr.go with a new resolveVersion method. A new GetLatestModuleVersion helper in tfrhelpers.go handles the registry API call. Empty ?version= values are explicitly rejected so there is no ambiguity.

Before:

source = "tfr://registry.terraform.io/hashicorp/consul/aws?version=0.1.0"

After (version is now optional):

source = "tfr://registry.terraform.io/hashicorp/consul/aws"

Panic fixes and stability work

Three separate panic fixes landed this week, each covering a different code path:

• Panics in startswith, endswith, strcontains, and run_cmd HCL functions when called with unexpected argument types. Fuzz testing found these.
• Panic in the ignore signal handler when rendering config as cty values. The fix added nil checks in pkg/config/config_as_cty.go.
• Infinite recursion in download_dir copy when the download directory was nested inside the working directory. The fix in internal/util/file.go added proper path resolution before the copy loop.

Separately, the TF binary version caching fix addressed a bug where Terragrunt would cache the wrong binary version when both tofu and terraform were on PATH. The cache key in internal/runner/run/version_check.go now incorporates both binaries.

Stack HCL functions and interactive catalog scaffold

Two feature commits round out the week. The fix allowing all HCL functions in terragrunt.stack.hcl removed the restriction that stack files could only use a subset of Terragrunt functions. The autoinclude function now works in stack files, and the old stdlibFuncs filter was fully removed. The evaluation logic moved to pkg/config/early_stack_eval.go.

The interactive TUI for catalog scaffold adds a form based UI when scaffolding from the module catalog. This is behind the catalog-redesign experiment flag. The bulk of the implementation (nearly 2000 lines) lives in internal/cli/commands/catalog/tui/redesign/form.go.

What to watch

• The CAS telemetry rename from cas_clone to cas_fetch_source will break existing trace queries and dashboards. Update those before upgrading.
• The dependency cleanup is not done. Expect more go.mod churn in the next few weeks as the team continues trimming.
• The tfr:// version resolution hits the registry on every plan if you omit the version. For CI pipelines where reproducibility matters, keep pinning explicitly.