gruntwork-io · ThisGuyCodes · Nov 3, 2025 · Oct 30, 2025 · Oct 31, 2025 · Oct 31, 2025
@@ -1,6 +1,7 @@
 repos:
   - repo: https://github.com/gruntwork-io/pre-commit
-    rev:  v0.1.29
+    rev: v0.1.29
     hooks:
       - id: tofu-fmt
+        exclude: test/fixtures/hclvalidate/valid/.*
       - id: goimports
@@ -1,12 +1,12 @@
 ---
 name: inputs
-description: Validate that all variables are set by the module a unit provisions.
+description: Validate that all variables a module requires are set.
 type: bool
 env:
   - TG_INPUTS
 ---
 
-When enabled, Terragrunt will validate that all variables are set by the module a unit provisions.
+When enabled, Terragrunt will validate that all variables a module (provisioned by a unit) requires are set.
 
 Example:
 

@@ -0,0 +1,4 @@
+locals {
+  first  = local.second
+  second = local.first
+}
@@ -0,0 +1 @@
+// intentionally blank
@@ -0,0 +1,4 @@
+# This terraform code is intentionally invalid
+output "out" {
+  value = local.nonexistent
+}
@@ -0,0 +1 @@
+// intentionally blank
@@ -0,0 +1,2 @@
+variable "input" {
+}
@@ -0,0 +1,3 @@
+inputs = {
+  input = "value"
+}
@@ -0,0 +1,8 @@
+locals {
+  variable_source = "github.com/foo/bar"
+}
+
+module "module" {
+  source  = local.variable_source
+  version = "0.0.0"
+}
@@ -0,0 +1 @@
+// intentionally blank
@@ -0,0 +1,8 @@
+locals {
+  variable_version = "0.0.0"
+}
+
+module "module" {
+  source  = "github.com/foo/bar"
+  version = local.variable_version
+}
@@ -0,0 +1 @@
+// intentionally blank
@@ -614,6 +614,47 @@ func TestTerragruntExcludesFile(t *testing.T) {
 	}
 }
 
+func TestHclvalidateValidConfig(t *testing.T) {
+	t.Parallel()
+
+	t.Run("using --all", func(t *testing.T) {
+		t.Parallel()
+		helpers.CleanupTerraformFolder(t, testFixtureHclvalidate)
+		tmpEnvPath := helpers.CopyEnvironment(t, testFixtureHclvalidate)
+		rootPath := util.JoinPath(tmpEnvPath, testFixtureHclvalidate)
+
+		_, _, err := helpers.RunTerragruntCommandWithOutput(t, "terragrunt hcl validate --all --strict --inputs --working-dir "+filepath.Join(rootPath, "valid"))
+		require.NoError(t, err)
+	})
+
+	t.Run("validate each individually", func(t *testing.T) {
+		t.Parallel()
+
+		helpers.CleanupTerraformFolder(t, testFixtureHclvalidate)
+		tmpEnvPath := helpers.CopyEnvironment(t, testFixtureHclvalidate)
+		rootPath := util.JoinPath(tmpEnvPath, testFixtureHclvalidate, "valid")
+
+		// Test each subdirectory individually
+		entries, err := os.ReadDir(rootPath)
+		require.NoError(t, err)
+
+		for _, entry := range entries {
+			if !entry.IsDir() {
+				continue
+			}
+
+			subPath := filepath.Join(rootPath, entry.Name())
+
+			t.Run(entry.Name(), func(t *testing.T) {
+				t.Parallel()
+
+				_, _, err := helpers.RunTerragruntCommandWithOutput(t, "terragrunt hcl validate --strict --inputs --working-dir "+subPath)
+				require.NoError(t, err)
+			})
+		}
+	})
+}
+
 func TestHclvalidateDiagnostic(t *testing.T) {
 	t.Parallel()
 

@@ -1,8 +1,13 @@
 package tf
 
 import (
+	"os"
+	"path/filepath"
+	"slices"
+
 	"github.com/gruntwork-io/terragrunt/internal/errors"
-	"github.com/hashicorp/terraform-config-inspect/tfconfig"
+	"github.com/hashicorp/hcl/v2"
+	"github.com/hashicorp/hcl/v2/hclparse"
 )
 
 const (
@@ -130,21 +135,69 @@ var (
 // ModuleVariables will return all the variables defined in the downloaded terraform modules, taking into
 // account all the generated sources. This function will return the required and optional variables separately.
 func ModuleVariables(modulePath string) ([]string, []string, error) {
-	module, diags := tfconfig.LoadModule(modulePath)
-	if diags.HasErrors() {
-		return nil, nil, errors.New(diags)
+	parser := hclparse.NewParser()
+
+	files, err := os.ReadDir(modulePath)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hclFiles := []*hcl.File{}
+	allDiags := hcl.Diagnostics{}
+
+	for _, file := range files {
+		if file.IsDir() {
+			continue
+		}
+
+		parseFunc := parser.ParseHCLFile
+
+		suffix := filepath.Ext(file.Name())
+
+		if suffix == ".json" {
+			parseFunc = parser.ParseJSONFile
+		}
+
+		if !(slices.Contains([]string{".tf", ".tofu", ".json"}, suffix)) {
+			continue
+		}
+
+		file, parseDiags := parseFunc(filepath.Join(modulePath, file.Name()))
+
+		hclFiles = append(hclFiles, file)
+		allDiags = append(allDiags, parseDiags...)
+	}
+
+	body := hcl.MergeFiles(hclFiles)
+
+	varsSchema := &hcl.BodySchema{
+		Blocks: []hcl.BlockHeaderSchema{
+			{
+				Type:       "variable",
+				LabelNames: []string{"name"},
+			},
+		},
 	}
 
-	required := []string{}
-	optional := []string{}
+	varsContent, _, contentDiags := body.PartialContent(varsSchema)
+	allDiags = append(allDiags, contentDiags...)
+	optional, required := []string{}, []string{}
+
+	for _, b := range varsContent.Blocks {
+		name := b.Labels[0]
+		attributes, attrDiags := b.Body.JustAttributes()
 
-	for _, variable := range module.Variables {
-		if variable.Required {
-			required = append(required, variable.Name)
+		allDiags = append(allDiags, attrDiags...)
+		if _, ok := attributes["default"]; ok {
+			optional = append(optional, name)
 		} else {
-			optional = append(optional, variable.Name)
+			required = append(required, name)
 		}
 	}
 
+	if allDiags.HasErrors() {
+		return nil, nil, errors.New(allDiags)
+	}
+
 	return required, optional, nil
 }