gruntwork-io · omattsson · Jun 1, 2025 · Jun 10, 2025 · Jun 10, 2025 · Jun 10, 2025
@@ -3,10 +3,12 @@ package migrate
 
 import (
 	"context"
+	"fmt"
 
 	"github.com/gruntwork-io/terragrunt/config"
 	"github.com/gruntwork-io/terragrunt/configstack"
 	"github.com/gruntwork-io/terragrunt/internal/errors"
+	"github.com/gruntwork-io/terragrunt/internal/remotestate"
 	"github.com/gruntwork-io/terragrunt/internal/remotestate/backend"
 	"github.com/gruntwork-io/terragrunt/options"
 	"github.com/gruntwork-io/terragrunt/pkg/log"
@@ -45,6 +47,16 @@ func Run(ctx context.Context, l log.Logger, srcPath, dstPath string, opts *optio
 		return errors.Errorf("dst unit not found at %s", dstPath)
 	}
 
+	// Ensure experiment flags are propagated to module options
+	srcModule.TerragruntOptions.Experiments = opts.Experiments
+	dstModule.TerragruntOptions.Experiments = opts.Experiments
+
+	l.Debugf("Migration: Source experiments: %v", srcModule.TerragruntOptions.Experiments)
+	l.Debugf("Migration: Destination experiments: %v", dstModule.TerragruntOptions.Experiments)
+
+	// Re-register backends with updated experiment flags
+	remotestate.RegisterBackends(srcModule.TerragruntOptions)
+
 	srcRemoteState, err := config.ParseRemoteState(ctx, l, srcModule.TerragruntOptions)
 	if err != nil || srcRemoteState == nil {
 		return err
@@ -55,6 +67,13 @@ func Run(ctx context.Context, l log.Logger, srcPath, dstPath string, opts *optio
 		return err
 	}
 
+	// Update backends to use newly registered backends (e.g., Azure backend after experiment flag is set)
+	srcRemoteState.UpdateBackend()
+	dstRemoteState.UpdateBackend()
+
+	l.Debugf("Migration: Source backend: %s (type: %T)", srcRemoteState.BackendName, srcRemoteState)
+	l.Debugf("Migration: Destination backend: %s (type: %T)", dstRemoteState.BackendName, dstRemoteState)
+
 	if !opts.ForceBackendMigrate {
 		enabled, err := srcRemoteState.IsVersionControlEnabled(ctx, l, srcModule.TerragruntOptions)
 		if err != nil && !errors.As(err, new(backend.BucketDoesNotExistError)) {
@@ -66,5 +85,13 @@ func Run(ctx context.Context, l log.Logger, srcPath, dstPath string, opts *optio
 		}
 	}
 
-	return srcRemoteState.Migrate(ctx, l, srcModule.TerragruntOptions, dstModule.TerragruntOptions, dstRemoteState)
+	err = srcRemoteState.Migrate(ctx, l, srcModule.TerragruntOptions, dstModule.TerragruntOptions, dstRemoteState)
+	if err != nil {
+		return err
+	}
+
+	l.Infof("Successfully migrated remote state from %s to %s", srcPath, dstPath)
+	fmt.Printf("Backend migration completed successfully from %s to %s\n", srcPath, dstPath)
+
+	return nil
 }
@@ -0,0 +1,42 @@
+package migrate_test
+
+import (
+	"testing"
+
+	"github.com/gruntwork-io/terragrunt/cli/commands/backend/migrate"
+	"github.com/gruntwork-io/terragrunt/options"
+	"github.com/gruntwork-io/terragrunt/test/helpers/logger"
+	"github.com/stretchr/testify/require"
+)
+
+func TestMigrateOutputMessage(t *testing.T) {
+	t.Parallel()
+
+	// Create a simple test to verify the migration function includes output messages
+	// This test doesn't require actual Azure resources
+
+	// Create test options
+	opts, err := options.NewTerragruntOptionsForTest("")
+	require.NoError(t, err)
+
+	// Create a logger
+	testLogger := logger.CreateLogger()
+
+	ctx := t.Context()
+
+	// Note: This test would normally fail because we don't have valid paths,
+	// but we're mainly testing that the message structure is correct
+	// In a real scenario, we'd mock the dependencies
+
+	srcPath := "/tmp/test-src"
+	dstPath := "/tmp/test-dst"
+
+	// This will fail early due to missing files, but we can at least verify
+	// that the function structure and imports are correct
+	err = migrate.Run(ctx, testLogger, srcPath, dstPath, opts)
+
+	// We expect an error due to missing files, but the function should be callable
+	require.Error(t, err)
+
+	t.Logf("Migration function callable and returns expected error for invalid paths")
+}
@@ -260,6 +260,11 @@ func NewFlags(l log.Logger, opts *options.TerragruntOptions, prefix flags.Prefix
 			Action: func(_ *cli.Context, val []string) error {
 				opts.Experiments.NotifyCompletedExperiments(l)
 
+				// Re-register backends after experiments are enabled
+				// This is needed because RegisterBackends is called during options initialization
+				// before CLI flags are processed, so experimental backends need to be registered again
+				options.RunHooks(opts)
+
 				return nil
 			},
 		},

@@ -360,15 +360,15 @@ func (cfg *TerragruntConfig) WriteTo(w io.Writer) (int64, error) {
 
 		remoteStateBody.SetAttributeValue("backend", remoteStateAsCty.GetAttr("backend"))
 
-		if cfg.RemoteState.Config.DisableInit {
+		if cfg.RemoteState.DisableInit {
 			remoteStateBody.SetAttributeValue("disable_init", remoteStateAsCty.GetAttr("disable_init"))
 		}
 
-		if cfg.RemoteState.Config.DisableDependencyOptimization {
+		if cfg.RemoteState.DisableDependencyOptimization {
 			remoteStateBody.SetAttributeValue("disable_dependency_optimization", remoteStateAsCty.GetAttr("disable_dependency_optimization"))
 		}
 
-		if cfg.RemoteState.Config.BackendConfig != nil {
+		if cfg.RemoteState.BackendConfig != nil {
 			remoteStateBody.SetAttributeValue("config", remoteStateAsCty.GetAttr("config"))
 		}
 

@@ -600,32 +600,32 @@ func terraformConfigAsCty(config *TerraformConfig) (cty.Value, error) {
 // serialize the struct because `config` and `encryption` are arbitrary
 // interfaces whose type we do not know, so we have to do a hack to go through json.
 func RemoteStateAsCty(remote *remotestate.RemoteState) (cty.Value, error) {
-	if remote == nil || remote.Config == nil {
+	if remote == nil {
 		return cty.NilVal, nil
 	}
 
-	config := remote.Config
+	// Use remote directly since the struct is now flattened
 
 	output := map[string]cty.Value{}
-	output["backend"] = gostringToCty(config.BackendName)
-	output["disable_init"] = goboolToCty(config.DisableInit)
-	output["disable_dependency_optimization"] = goboolToCty(config.DisableDependencyOptimization)
+	output["backend"] = gostringToCty(remote.BackendName)
+	output["disable_init"] = goboolToCty(remote.DisableInit)
+	output["disable_dependency_optimization"] = goboolToCty(remote.DisableDependencyOptimization)
 
-	generateCty, err := goTypeToCty(config.Generate)
+	generateCty, err := goTypeToCty(remote.Generate)
 	if err != nil {
 		return cty.NilVal, err
 	}
 
 	output["generate"] = generateCty
 
-	ctyJSONVal, err := convertToCtyWithJSON(config.BackendConfig)
+	ctyJSONVal, err := convertToCtyWithJSON(remote.BackendConfig)
 	if err != nil {
 		return cty.NilVal, err
 	}
 
 	output["config"] = ctyJSONVal
 
-	ctyJSONVal, err = convertToCtyWithJSON(config.Encryption)
+	ctyJSONVal, err = convertToCtyWithJSON(remote.Encryption)
 	if err != nil {
 		return cty.NilVal, err
 	}

@@ -1857,9 +1857,9 @@ inputs = {
 	// assert.Equal(t, terragruntConfig.Catalog.URLs, rereadConfig.Catalog.URLs)
 
 	assert.Equal(t, terragruntConfig.RemoteState.BackendName, rereadConfig.RemoteState.BackendName)
-	assert.Equal(t, terragruntConfig.RemoteState.Config.DisableInit, rereadConfig.RemoteState.Config.DisableInit)
-	assert.Equal(t, terragruntConfig.RemoteState.Config.DisableDependencyOptimization, rereadConfig.RemoteState.Config.DisableDependencyOptimization)
-	assert.Equal(t, terragruntConfig.RemoteState.Config.BackendConfig, rereadConfig.RemoteState.Config.BackendConfig)
+	assert.Equal(t, terragruntConfig.RemoteState.DisableInit, rereadConfig.RemoteState.DisableInit)
+	assert.Equal(t, terragruntConfig.RemoteState.DisableDependencyOptimization, rereadConfig.RemoteState.DisableDependencyOptimization)
+	assert.Equal(t, terragruntConfig.RemoteState.BackendConfig, rereadConfig.RemoteState.BackendConfig)
 
 	// We don't test dependencies here because they require filesystem operations.
 	// assert.Equal(t, terragruntConfig.Dependencies.Paths, rereadConfig.Dependencies.Paths)

@@ -3,6 +3,7 @@ package config
 import (
 	"bufio"
 	"bytes"
+	"context"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -14,12 +15,14 @@ import (
 	"github.com/aws/aws-sdk-go/aws/awserr"
 
 	"github.com/gruntwork-io/terragrunt/awshelper"
+	"github.com/gruntwork-io/terragrunt/internal/azure/azurehelper"
 	"github.com/gruntwork-io/terragrunt/internal/cache"
 	"github.com/gruntwork-io/terragrunt/internal/experiment"
 	"github.com/gruntwork-io/terragrunt/internal/remotestate"
 	"github.com/gruntwork-io/terragrunt/internal/report"
 	"github.com/gruntwork-io/terragrunt/pkg/log"
 
+	"github.com/gruntwork-io/terragrunt/internal/remotestate/backend/azurerm"
 	s3backend "github.com/gruntwork-io/terragrunt/internal/remotestate/backend/s3"
 
 	"github.com/aws/aws-sdk-go/aws"
@@ -950,18 +953,38 @@ func getTerragruntOutputJSONFromRemoteState(
 				targetTGOptions,
 				remoteState,
 			)
+
 			if err != nil {
 				return nil, err
 			}
 
 			l.Debugf("Retrieved output from %s as json: %s using s3 bucket", targetTGOptions.TerragruntConfigPath, jsonBytes)
 
 			return jsonBytes, nil
+
+		case azurerm.BackendName:
+			l.Debugf("Fetching dependency outputs directly from Azure Storage backend for %s", targetTGOptions.TerragruntConfigPath)
+			jsonBytes, err := getTerragruntOutputJSONFromRemoteStateAzurerm(
+				l,
+				targetTGOptions,
+				remoteState,
+			)
+
+			if err != nil {
+				return nil, err
+			}
+
+			l.Debugf("Successfully retrieved outputs from Azure Storage state for %s", targetTGOptions.TerragruntConfigPath)
+
+			return jsonBytes, nil
+
 		default:
-			l.Errorf("FetchDependencyOutputFromState is not supported for backend %s, falling back to normal method", backend)
+			// For unsupported backends, we want to continue with the regular output path
+			l.Debugf("Backend %s does not support direct state output fetching, falling back to terragrunt output", backend)
 		}
 	}
 
+	// If direct fetching is not supported or disabled, fallback to the standard output path
 	// Generate the backend configuration in the working dir. If no generate config is set on the remote state block,
 	// set a temporary generate config so we can generate the backend code.
 	if remoteState.Generate == nil {
@@ -1056,6 +1079,70 @@ func getTerragruntOutputJSONFromRemoteStateS3(l log.Logger, opts *options.Terrag
 	return jsonOutputs, nil
 }
 
+// getTerragruntOutputJSONFromRemoteStateAzurerm pulls the output directly from an Azure storage without calling Terraform
+func getTerragruntOutputJSONFromRemoteStateAzurerm(l log.Logger, opts *options.TerragruntOptions, remoteState *remotestate.RemoteState) (outputsJSON []byte, err error) {
+	ctx := context.Background()
+	// Validation should be done immediately after each type assertion
+	storageAccount, okStorage := remoteState.BackendConfig["storage_account_name"].(string)
+	if !okStorage {
+		return
+	}
+
+	containerName, okContainer := remoteState.BackendConfig["container_name"].(string)
+	if !okContainer {
+		return
+	}
+
+	key, okKey := remoteState.BackendConfig["key"].(string)
+	if !okKey {
+		return
+	}
+
+	l.Debugf("Attempting to fetch outputs directly from Azure Storage account %s, container %s, blob %s", storageAccount, containerName, key)
+
+	client, err := azurehelper.CreateBlobServiceClient(ctx, l, opts, remoteState.BackendConfig)
+	if err != nil {
+		return
+	}
+
+	resp, err := client.GetObject(ctx, &azurehelper.GetObjectInput{
+		Container: &containerName,
+		Key:       &key,
+	})
+	if err != nil {
+		return nil, fmt.Errorf("error downloading state file: %w", err)
+	}
+
+	// Ensure response body is closed after we're done
+	defer func() {
+		if cerr := resp.Body.Close(); cerr != nil && err == nil {
+			err = fmt.Errorf("error closing response body: %w", cerr)
+		}
+	}()
+
+	data, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("error reading state file: %w", err)
+	}
+
+	var state struct {
+		Outputs map[string]interface{} `json:"outputs"`
+	}
+
+	if err := json.Unmarshal(data, &state); err != nil {
+		return nil, fmt.Errorf("error parsing state file JSON: %w", err)
+	}
+
+	outputsJSON, err = json.Marshal(state.Outputs)
+	if err != nil {
+		return nil, fmt.Errorf("error encoding outputs as JSON: %w", err)
+	}
+
+	l.Debugf("Successfully parsed outputs from Azure Storage state file")
+
+	return
+}
+
 // setupTerragruntOptionsForBareTerraform sets up a new TerragruntOptions struct that can be used to run terraform
 // without going through the full RunTerragrunt operation.
 func setupTerragruntOptionsForBareTerraform(ctx *ParsingContext, l log.Logger, workingDir string, configPath string, iamRoleOpts options.IAMRoleOptions) (*options.TerragruntOptions, error) {