Copy lock file only when needed

[ben-z]

Description

Terragrunt copies lock files into the working directory every time Terraform is initialized. This is inconsistent with the Terraform behaviour where the lock file is only written to when changed.

This is important when the working directory is on a readonly filesystem. I work with an organization that does this to prevent unintentional code changes during provisioning.

This PR makes it so that copying the lock file is avoided when the file has no changes.

TODOs

Read the Gruntwork contribution guidelines.

• Update the docs.
• Run the relevant tests successfully, including pre-commit checks.
• Include release notes. If this PR is backward incompatible, include a migration guide.

Release Notes (draft)

Added / Removed / Updated [X].

Updated the lock file copy mechanism to avoid copying when the lock file is unchanged. Useful for using a readonly working directory.

Summary by CodeRabbit

• Refactor

  • Enhanced file handling operations with improved error management, path validation, and content comparison to avoid unnecessary copying and increase reliability.

• Tests

  • Added comprehensive test cases covering various scenarios to ensure consistent and stable file copy behavior.

[denis256]

[INFO] Initializing environment for https://github.com/gruntwork-io/pre-commit.
Terraform fmt............................................................Passed
goimports................................................................Failed
- hook id: goimports
- files were modified by this hook

util/file.go
util/file.go

[ben-z]

@denis256 I had some trailing whitespaces. Fixed in the latest commit by running pre-commit run --all-files:

terragrunt/.circleci/config.yml

Line 105 in e5081e1

pre-commit run --all-files

[denis256]

util/file.go:613:5: stringXbytes: suggestion: bytes.Equal(sourceContents, destinationContents) (gocritic)
        if string(sourceContents) == string(destinationContents) {

[ben-z]

Resolved in b3b9287

[denis256]

Failed integration tests:

TestRenderJSONConfig
TestLocalDownload
TestLocalDownloadWithHiddenFolder
TestLocalDownloadWithRelativePath
TestLocalWithBackend
TestRemoteDownload
TestRemoteDownloadWithRelativePath
TestRemoteDownloadOverride
TestRemoteWithBackend
TestExcludeDirs
TestIncludeDirs
TestIncludeDirsDependencyConsistencyRegression
TestTerraformRegistryFetchingRootModule
TestTerraformRegistryFetchingRootShorthandModule
TestTerraformRegistryFetchingSubdirModule
TestTerraformRegistryFetchingSubdirWithReferenceModule
TestTerragruntInitHookWithSourceNoBackend
TestTerragruntInitHookWithSourceWithBackend
TestTerragruntCatchErrorsInTerraformExecution
TestTerragruntStdOut

[denis256]

Will be also helpful to add an integration test which will track that the lock copy works as expected.

[ben-z]

Will be also helpful to add an integration test which will track that the lock copy works as expected.

I added some unit tests. Integration tests seem a lot more involved and I'm not super familiar with Go. Are unit tests sufficient?

[github-actions]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for submitting this pull request.

[ben-z]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for submitting this pull request.

cc @denis256

[github-actions]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for submitting this pull request.

[coderabbitai]

📝 Walkthrough

Walkthrough

This pull request refines the CopyLockFile function by computing absolute file paths for the source and destination, checking for identical paths, verifying the existence of the source file, and comparing contents before copying the file with preserved permissions. Additionally, a comprehensive test suite has been added to ensure the function behaves correctly under various scenarios including missing files and content mismatches. The config package's CopyLockFile function was refactored to delegate to the updated utility implementation.

Changes

File(s)	Change Summary
util/file.go	Updated CopyLockFile to compute absolute paths, check if source and destination are identical, verify file existence, compare file contents, and copy only when needed while preserving permissions.
util/file_test.go	Added TestCopyLockFile to cover scenarios such as identical paths, absent source file, creation of destination file, identical content, and differing content; utilizes subtests with assertions and silenced logging.
config/util.go	Refactored CopyLockFile to call util.CopyLockFile instead of manually handling file paths and copying; removed unused imports.

Sequence Diagram(s)

sequenceDiagram
    participant Caller
    participant CopyLockFile
    participant FileSystem
    participant Logger

    Caller->>CopyLockFile: Call CopyLockFile(src, dest)
    CopyLockFile->>FileSystem: Compute absolute paths for src & dest
    alt Paths are identical
        CopyLockFile->>Logger: Log identical path message
        CopyLockFile-->>Caller: Return early
    else
        CopyLockFile->>FileSystem: Check source file existence
        alt Source file not found
            CopyLockFile->>Logger: Log missing source
            CopyLockFile-->>Caller: Return early
        else
            CopyLockFile->>FileSystem: Read source file
            CopyLockFile->>FileSystem: Check destination file existence
            alt Destination file not found
                CopyLockFile->>Logger: Log action to copy file
                CopyLockFile->>FileSystem: Copy file preserving permissions
            else
                CopyLockFile->>FileSystem: Read destination file
                alt Contents are identical
                    CopyLockFile->>Logger: Log no copy needed
                    CopyLockFile-->>Caller: Return early
                else
                    CopyLockFile->>FileSystem: Copy file preserving permissions
                end
            end
        end
    end

Loading

Poem

In code we trust, improvements shine bright,
Paths become clear with absolute light.
Checks ensure each file is in the right space,
Logs and tests bring a smile to its face.
A little tweak, a thoughtful trace, all in good dev pace!

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 golangci-lint (1.64.8)

Error: you are using a configuration file for golangci-lint v2 with golangci-lint v1: please use golangci-lint v2
Failed executing command with error: you are using a configuration file for golangci-lint v2 with golangci-lint v1: please use golangci-lint v2

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

util/file_test.go (1)

5-6: Consider using os package instead of ioutil.
Although ioutil still works, it’s encouraged in modern Go to use os.ReadFile and os.WriteFile directly for new code. This helps ensure consistency and avoids reliance on soon-to-be fully deprecated APIs.

Here’s a sample diff showing how you might replace ioutil calls:

-import (
-    "io/ioutil"
-    ...
-)
+import (
+    "os"
+    ...
+)

-err := ioutil.WriteFile(sourceLockFilePath, []byte("lock file contents"), 0644)
+err := os.WriteFile(sourceLockFilePath, []byte("lock file contents"), 0644)

-contents, err := ioutil.ReadFile(destinationLockFilePath)
+contents, err := os.ReadFile(destinationLockFilePath)

util/file.go (1)

588-629: Consider concurrency safety if multiple processes run at the same time.
If there’s a chance of parallel execution, we could add locking or concurrency checks. That might prevent partial overwrites or race conditions.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b47b57a and 889aca5.

📒 Files selected for processing (2)

• util/file.go (2 hunks)
• util/file_test.go (3 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Pull Request has non-contributor approval

🔇 Additional comments (3)

util/file_test.go (1)

344-454: Great coverage of lock file copying scenarios.
All your sub-tests nicely verify key conditions like missing files, unchanged contents, etc. This thorough approach helps ensure reliability.

util/file.go (2)

4-4: Thanks for switching to bytes.Equal.
Comparing byte slices directly is more idiomatic and efficient than converting to strings.

---

588-629: Solid implementation aligned with the PR objective.
The CopyLockFile function checks path equality, file existence, and content differences before copying. This avoids unnecessary writes, which matches Terraform’s approach and resolves read-only filesystem concerns.

[github-actions]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for submitting this pull request.

[ben-z]

@denis256 we've been running these changes in production since this PR opened. Is there any chance these changes will get merged?

[yhakbar]

@denis256 we've been running these changes in production since this PR opened. Is there any chance these changes will get merged?

@ben-z , this branch has conflicts with main. Do you mind rebasing? We'll do our best to review promptly once it's ahead of main.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
terragrunt-docs	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jun 5, 2025 9:12pm

[ben-z]

@yhakbar updated the branch with the latest main. Thanks!

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 889aca5 and 4183db7.

📒 Files selected for processing (1)

• config/util.go (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

`**/*.go`: Review the Go code for quality and correctness. Make sure that the Go code follows best practices, is performant, and is easy to understand and maintain.

**/*.go: Review the Go code for quality and correctness. Make sure that the Go code follows best practices, is performant, and is easy to understand and maintain.

• config/util.go

🧬 Code Graph Analysis (1)

config/util.go (1)

util/file.go (1)

• CopyLockFile (754-798)

🔇 Additional comments (1)

config/util.go (1)

14-14: LGTM - Clean delegation to utility function.

The refactoring successfully delegates the lock file copying logic to the utility function, which implements the enhanced behavior described in the PR objectives (avoiding unnecessary copying when file contents are identical).

[coderabbitai]

🛠️ Refactor suggestion

Consider removing or utilizing the unused opts parameter.

The opts *options.TerragruntOptions parameter is not being passed to the utility function. This could indicate either:

1. The parameter is no longer needed and should be removed from the function signature
2. Some functionality from the options should still be utilized

Please verify that all necessary functionality is preserved and consider cleaning up the function signature if the parameter is truly unused.

If the opts parameter is no longer needed, apply this diff to clean up the function signature:

-func CopyLockFile(l log.Logger, opts *options.TerragruntOptions, sourceFolder, destinationFolder string) error {
+func CopyLockFile(l log.Logger, sourceFolder, destinationFolder string) error {
 	return util.CopyLockFile(sourceFolder, destinationFolder, l)
 }

Alternatively, if the options are still needed for some functionality, please ensure they are properly utilized in the delegation.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	func CopyLockFile(l log.Logger, opts *options.TerragruntOptions, sourceFolder, destinationFolder string) error {
	sourceLockFilePath := util.JoinPath(sourceFolder, tf.TerraformLockFile)
	destinationLockFilePath := util.JoinPath(destinationFolder, tf.TerraformLockFile)
	if util.FileExists(sourceLockFilePath) {
	l.Debugf("Copying lock file from %s to %s", sourceLockFilePath, destinationFolder)
	return util.CopyFile(sourceLockFilePath, destinationLockFilePath)
	}
	return nil
	return util.CopyLockFile(sourceFolder, destinationFolder, l)
	}
	func CopyLockFile(l log.Logger, sourceFolder, destinationFolder string) error {
	return util.CopyLockFile(sourceFolder, destinationFolder, l)
	}

🤖 Prompt for AI Agents

In config/util.go around lines 13 to 15, the function CopyLockFile has an unused
parameter opts of type *options.TerragruntOptions. Review whether this parameter
is necessary for the function's operation; if it is not needed, remove opts from
the function signature and all calls to this function. If opts is required for
some functionality, update the call to util.CopyLockFile to include or utilize
opts appropriately to preserve intended behavior.