feat: add error throwing in case of absolut path for stack (#4055)

* Added throwing of error if path is absolute path

* Tests update

* CLI options update

* Add stack dir check

* Add checking of relative path

* Markdown update

Author: denis256

config/stack.go

@@ -273,10 +273,29 @@ func processComponent(ctx context.Context, opts *options.TerragruntOptions, cmp
 		return errors.Errorf("failed to adjust source %s: %v", cmp.source, err)
 	}
 
-	dest := cmp.path
-	// if destination is not an absolute path, join with target directory
-	if !filepath.IsAbs(cmp.path) {
-		dest = filepath.Join(cmp.targetDir, cmp.path)
+	if filepath.IsAbs(cmp.path) {
+		return errors.Errorf("path %s must be relative", cmp.path)
+	}
+
+	// building destination path based on target directory
+	dest := filepath.Join(cmp.targetDir, cmp.path)
+
+	// validate destination path is within the stack directory
+	// get the absolute path of the destination directory
+	absDest, err := filepath.Abs(dest)
+	if err != nil {
+		return errors.Errorf("failed to get absolute path for destination '%s': %v", cmp.name, err)
+	}
+
+	// get the absolute path of the stack directory
+	absStackDir, err := filepath.Abs(cmp.targetDir)
+	if err != nil {
+		return errors.Errorf("failed to get absolute path for stack directory '%s': %v", cmp.name, err)
+	}
+
+	// validate that the destination path is within the stack directory
+	if !strings.HasPrefix(absDest, absStackDir) {
+		return errors.Errorf("destination path '%s' is outside of the stack directory '%s'", absDest, absStackDir)
 	}
 
 	if cmp.noStack {

docs-starlight/src/data/commands/stack/generate.mdx

@@ -76,4 +76,9 @@ terragrunt stack generate --parallelism 4
 ```
 
 Automatic Discovery: The command automatically discovers all `terragrunt.stack.hcl` files within the directory structure and generates them in parallel.
+
+</Aside>
+
+<Aside type="caution">
+Path Restrictions: If an absolute path is provided as an argument, `generate` will throw an error. Only relative paths within the working directory are supported.
 </Aside>

docs/_docs/04_reference/02-cli-options.md

@@ -343,11 +343,13 @@ Will create the following directory structure:
 - Parallel Execution: Stack generation runs concurrently to improve performance. The number of parallel tasks is determined by the `GOMAXPROCS` environment variable and can be explicitly controlled using the `--parallelism` flag:
 
 ```bash
-  terragrunt stack generate --parallelism 4
+terragrunt stack generate --parallelism 4
 ```
 
 - Automatic Discovery: The command automatically discovers all `terragrunt.stack.hcl` files within the directory structure and generates them in parallel.
 
+- Path Restrictions: If an absolute path is provided as an argument, the command will throw an error. Only relative paths within the working directory are supported.
+
 #### stack run
 
 The `stack run *` command allows users to execute IaC commands across all units defined in a `terragrunt.stack.hcl` file.

…/absolute-path/live/terragrunt.stack.hcl …/absolute-path/live/terragrunt.stack.hcltest/fixtures/stacks/absolute-path/live/terragrunt.stack.hcl renamed to test/fixtures/stacks/errors/absolute-path/live/terragrunt.stack.hcl test/fixtures/stacks/absolute-path/live/terragrunt.stack.hcl renamed to test/fixtures/stacks/errors/absolute-path/live/terragrunt.stack.hcl

@@ -0,0 +1,5 @@
+
+unit "app1" {
+	source = "../units/app1"
+	path   = "../project1/app1"
+}

…s/stacks/absolute-path/units/app/main.tf …s/errors/absolute-path/units/app/main.tftest/fixtures/stacks/absolute-path/units/app/main.tf renamed to test/fixtures/stacks/errors/absolute-path/units/app/main.tf test/fixtures/stacks/absolute-path/units/app/main.tf renamed to test/fixtures/stacks/errors/absolute-path/units/app/main.tf

@@ -0,0 +1,3 @@
+terraform {
+  source = "."
+}