Skip to main content
Use separate Digger config files and workflows to scope drift detection to only the projects you want. The drift config file is just a regular digger.yml that lists a subset of projects you want checked (e.g., only devel or only prod).
This is a workaround: there is no explicit per-project drift filter yet. You scope by pointing the workflow to a dedicated Digger config file that contains only the desired projects/blocks.
See also: Drift Detection

1) Create a dedicated Digger config for the scope

First, create a minimal digger.yml that lists only the projects you want to check for drift. This file is the same shape as your main config; it simply contains a subset. Plain Terraform example (explicit projects list): 
# digger-drift-dev.yml
projects:
  - name: app-dev-a
    dir: terraform/aws_devel/app-a
    workflow: default
  - name: app-dev-b
    dir: terraform/aws_devel/app-b
    workflow: default
Terragrunt example (generate blocks under a specific root): 
# digger-drift-dev.yml
generate_projects:
  blocks:
    - block_name: aws_devel
      terragrunt: true
      root_dir: terraform/aws_devel/
      workflow: default

2) Reference that file from a drift workflow

Create a dedicated workflow that sets mode: drift-detection and points to your file via digger-filename: 
name: Drift (dev)

on:
  workflow_dispatch:

jobs:
  detect-drift:
    runs-on: ubuntu-latest
    steps:
      - uses: diggerhq/digger@vLatest
        with:
          mode: drift-detection
          digger-filename: digger-drift-dev.yml
          # add any usual setup you need (e.g., setup-aws, credentials)

3) Repeat per environment

For prod, pre, demo, etc., create corresponding files (e.g., digger-drift-prod.yml) that list only those projects/blocks, and a matching workflow that uses the respective digger-filename. This approach limits drift runs to the intended subset while keeping your main digger.yml unchanged.
I