Hi everyone, I am struggling to understand how to ...
# help
Hi everyone, I am struggling to understand how to integrate Infracost with GitHub App + Terragrunt. I have installed the GitHub App but I am unsure whether I need to install the Infracost GitHub Action or rather just the CLI? If I need the Action, do I still need to provide an API key (given I have installed the App)? Thanks for helping me out here.
Hi @great-grass-31108, you just need to install the GH App and add your repos - no need for an API key or GH Actions. You can then email hello@infracost.io your org ID (from Org Settings) and we’ll review and write config files for your repos so you don’t need to do anything else 🙂 We’re working on auto-detect improvements in the CLI so it can discover projects within terragrunt repos itself too, that should reduce the need for config files.
Thanks, Ali. To be honest, I doubt my organisation will buy the cloud service, currently I am planning only on using it in the GitHub Actions CI. Would it still make sense to bother with the config file? I tried it in my repo locally and it seems to detect all stack components correctly if I provide the path to the terragrunt.hcl file from where we are running
run-all plan
commands. GitHub Actions workflow however complained about a missing command:
line 1: infracost: command not found
so I wondered if I am supposed to install the CLI.
The GH App also free similar to the GH Actions integration, but just easier as it’s one-click installation vs updating individual GH Action yamls. Saying that, if you’re using https://github.com/infracost/actions/ then you shouldn’t need to install the CLI as the
does that. Config files are only needed if the auto-detect doesn’t work, so if you’re already seeing your terragrunt projects when you run the CLI locally, then no need for config files!
so with the GH App, I don't need the GH Action, but I need the CLI which would be installed by the GH Action?
My main concern is not about adding the GH Action to my workflow, I would simply prefer to avoid the handling of API secrets whenever possible.
Correct, when you use the GH App, there is no secret or CLI to install, your repo sends events to Infracost Cloud and the CLI is run on our hosted runners (so we update the CLI when we release new versions etc). With GH Actions, you have to store the Infracost API key in the GH secrets then pass that into the GH Actions via a the input - and the CLI runs on github action runners.
Copy code
          api-key: ${{ secrets.INFRACOST_API_KEY }}