diff --git a/boms/infrastructure/ibmcloud/openshift-fs/170-ibm-fs-openshift-gitops.yaml b/boms/infrastructure/ibmcloud/openshift-fs/170-ibm-fs-openshift-gitops.yaml
deleted file mode 100644
index 03811198..00000000
--- a/boms/infrastructure/ibmcloud/openshift-fs/170-ibm-fs-openshift-gitops.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-apiVersion: cloud.ibm.com/v1alpha1
-kind: BillOfMaterial
-metadata:
-  name: 170-ibm-fs-openshift-gitops
-  labels:
-    type: infrastructure
-    code: '170'
-  annotations:
-    displayName: OpenShift GitOps (ArgoCD)
-    description: Provision GitOps (ArgoCD) on OpenShift
-    vpn/required: "true"
-spec:
-  modules:
-    - name: ocp-login
-      variables:
-        - name: server_url
-          required: true
-        - name: login_user
-          value: apikey
-        - name: login_password
-          alias: ibmcloud_api_key
-          scope: global
-    - name: namespace
-      alias: tools_namespace
-      default: true
-      variables:
-        - name: name
-          value: tools
-    - name: cluster-config
-      alias: config
-      variables:
-        - name: banner_text
-          value: Workload
-        - name: banner_background_color
-          value: red
-    - name: openshift-cicd
-  variables:
-    - name: config_banner_text
-    - name: tools_name
-      value: tools
-    - name: sealed-secret_name
-      value: sealed-secrets
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/000-ibm-fs-account-setup/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/000-ibm-fs-account-setup/terraform/terragrunt.hcl
new file mode 100644
index 00000000..e147285f
--- /dev/null
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/000-ibm-fs-account-setup/terraform/terragrunt.hcl
@@ -0,0 +1,3 @@
+include "root" {
+  path = find_in_parent_folders()
+}
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/100-ibm-fs-shared-services/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/100-ibm-fs-shared-services/terraform/terragrunt.hcl
new file mode 100644
index 00000000..8bb060ac
--- /dev/null
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/100-ibm-fs-shared-services/terraform/terragrunt.hcl
@@ -0,0 +1,7 @@
+include "root" {
+  path = find_in_parent_folders()
+}
+
+dependencies {
+  paths = ["../000-ibm-fs-account-setup"]
+}
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/110-ibm-fs-edge-vpc/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/110-ibm-fs-edge-vpc/terraform/terragrunt.hcl
new file mode 100644
index 00000000..2066f077
--- /dev/null
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/110-ibm-fs-edge-vpc/terraform/terragrunt.hcl
@@ -0,0 +1,7 @@
+include "root" {
+  path = find_in_parent_folders()
+}
+
+dependencies {
+  paths = ["../100-ibm-fs-shared-services"]
+}
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/120-ibm-fs-management-vpc/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/120-ibm-fs-management-vpc/terraform/terragrunt.hcl
new file mode 100644
index 00000000..1b3a3c11
--- /dev/null
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/120-ibm-fs-management-vpc/terraform/terragrunt.hcl
@@ -0,0 +1,7 @@
+include "root" {
+  path = find_in_parent_folders()
+}
+
+dependencies {
+  paths = ["../110-ibm-fs-edge-vpc"]
+}
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/130-ibm-fs-management-vpc-openshift/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/130-ibm-fs-management-vpc-openshift/terraform/terragrunt.hcl
new file mode 100644
index 00000000..1b3a3c11
--- /dev/null
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/130-ibm-fs-management-vpc-openshift/terraform/terragrunt.hcl
@@ -0,0 +1,7 @@
+include "root" {
+  path = find_in_parent_folders()
+}
+
+dependencies {
+  paths = ["../110-ibm-fs-edge-vpc"]
+}
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/140-ibm-fs-workload-vpc/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/140-ibm-fs-workload-vpc/terraform/terragrunt.hcl
new file mode 100644
index 00000000..cf67cb17
--- /dev/null
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/140-ibm-fs-workload-vpc/terraform/terragrunt.hcl
@@ -0,0 +1,7 @@
+include "root" {
+  path = find_in_parent_folders()
+}
+
+dependencies {
+  paths = ["../120-ibm-fs-management-vpc"]
+}
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/150-ibm-fs-workload-vpc-openshift/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/150-ibm-fs-workload-vpc-openshift/terraform/terragrunt.hcl
new file mode 100644
index 00000000..dc43cb39
--- /dev/null
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/150-ibm-fs-workload-vpc-openshift/terraform/terragrunt.hcl
@@ -0,0 +1,7 @@
+include "root" {
+  path = find_in_parent_folders()
+}
+
+dependencies {
+  paths = ["../130-ibm-fs-management-vpc-openshift"]
+}
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl
new file mode 100644
index 00000000..dc43cb39
--- /dev/null
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/160-ibm-fs-openshift-dev-tools/terraform/terragrunt.hcl
@@ -0,0 +1,7 @@
+include "root" {
+  path = find_in_parent_folders()
+}
+
+dependencies {
+  paths = ["../130-ibm-fs-management-vpc-openshift"]
+}
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl
new file mode 100644
index 00000000..e229f963
--- /dev/null
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/165-ibm-fs-openshift-workload/terraform/terragrunt.hcl
@@ -0,0 +1,7 @@
+include "root" {
+  path = find_in_parent_folders()
+}
+
+dependencies {
+  paths = ["../150-ibm-fs-workload-vpc-openshift"]
+}
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh b/boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh
new file mode 120000
index 00000000..ed4d1efd
--- /dev/null
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/check-vpn.sh
@@ -0,0 +1 @@
+../../../../../common-files/check-vpn.sh
\ No newline at end of file
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/credentials.template b/boms/infrastructure/ibmcloud/openshift-fs/files/credentials.template
index b9686ca8..d1f7d308 100644
--- a/boms/infrastructure/ibmcloud/openshift-fs/files/credentials.template
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/credentials.template
@@ -1,4 +1,5 @@
 # Add the values for the Credentials to access the IBM Cloud
 # Instructions to access this information can be found in the README.MD
 # This is a template file and the ./launch.sh script looks for a file based on this template named credentials.properties
-ibmcloud.api.key=""
+# NOTE: Do not use quotes around the values
+TF_VAR_ibmcloud_api_key=
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/setup-workspace.sh b/boms/infrastructure/ibmcloud/openshift-fs/files/setup-workspace.sh
index a1ba986d..c3b16ca6 100755
--- a/boms/infrastructure/ibmcloud/openshift-fs/files/setup-workspace.sh
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/setup-workspace.sh
@@ -83,7 +83,11 @@ fi
 # Help Scripts for applying and destroying
 cp "${SCRIPT_DIR}/apply-all.sh" "${WORKSPACE_DIR}/apply-all.sh"
 cp "${SCRIPT_DIR}/destroy-all.sh" "${WORKSPACE_DIR}/destroy-all.sh"
-cp "${SCRIPT_DIR}/terragrunt.hcl" "${WORKSPACE_DIR}/terragrunt.hcl"
+cp "${SCRIPT_DIR}/check-vpn.sh" "${WORKSPACE_DIR}/check-vpn.sh"
+
+if [[ -f "${SCRIPT_DIR}/terragrunt.hcl" ]]; then
+  cp "${SCRIPT_DIR}/terragrunt.hcl" "${WORKSPACE_DIR}/terragrunt.hcl"
+fi
 
 ALL_ARCH="000|100|110|120|130|140|150|160|165"
 
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/files/terragrunt.hcl b/boms/infrastructure/ibmcloud/openshift-fs/files/terragrunt.hcl
new file mode 100644
index 00000000..715deb13
--- /dev/null
+++ b/boms/infrastructure/ibmcloud/openshift-fs/files/terragrunt.hcl
@@ -0,0 +1,10 @@
+skip = true
+
+terraform {
+  source = "."
+
+  before_hook "vpn" {
+    commands     = ["apply", "plan", "destroy"]
+    execute      = ["${get_parent_terragrunt_dir()}/check-vpn.sh"]
+  }
+}
diff --git a/boms/infrastructure/ibmcloud/openshift-fs/generate.sh b/boms/infrastructure/ibmcloud/openshift-fs/generate.sh
index a906fce4..ae061210 100755
--- a/boms/infrastructure/ibmcloud/openshift-fs/generate.sh
+++ b/boms/infrastructure/ibmcloud/openshift-fs/generate.sh
@@ -3,8 +3,7 @@
 # IBM Ecosystem Lab Team
 # Install iascable and run this script to produce an target public source repository
 
-GENERATE_TARGET="$1"
-GENERATE_DESTINATION="$2"
+GENERATE_DESTINATION="$1"
 
 if ! command -v iascable 1> /dev/null 2> /dev/null; then
   echo "iascable cli not found" >&2
@@ -21,41 +20,23 @@ if [[ "${IASCABLE_MAJOR_VERSION}" -le 2 ]] && [[ "${IASCABLE_MINOR_VERSION}" -le
   exit 1
 fi
 
-if [[ -z "$GENERATE_TARGET" ]]
-then
-      GENERATE_TARGET="all"
-fi
-
 if [[ -z "${GENERATE_DESTINATION}" ]]; then
   GENERATE_DESTINATION="../../../../automation-fscloud"
 fi
 
 mkdir -p "${GENERATE_DESTINATION}"
 
-case "$GENERATE_TARGET" in
-  "all" | "infra" | "infrastructure" | "i")
-    iascable build \
-      -i ./000-ibm-fs-account-setup.yaml \
-      -i ./100-ibm-fs-shared-services.yaml \
-      -i ./110-ibm-fs-edge-vpc.yaml \
-      -i ./120-ibm-fs-management-vpc.yaml \
-      -i ./130-ibm-fs-management-vpc-openshift.yaml \
-      -i ./140-ibm-fs-workload-vpc.yaml \
-      -i ./150-ibm-fs-workload-vpc-openshift.yaml \
-      -o "${GENERATE_DESTINATION}"
-  ;;
-esac
-
-
-case "$GENERATE_TARGET" in
-  "all" | "software" | "s")
-    iascable build \
-      -i ./160-ibm-fs-openshift-dev-tools.yaml \
-      -i ./165-ibm-fs-openshift-workload.yaml \
-      -i ./170-ibm-fs-openshift-gitops.yaml \
-      -o "${GENERATE_DESTINATION}"
-  ;;
-esac
+iascable build \
+  -i ./000-ibm-fs-account-setup.yaml \
+  -i ./100-ibm-fs-shared-services.yaml \
+  -i ./110-ibm-fs-edge-vpc.yaml \
+  -i ./120-ibm-fs-management-vpc.yaml \
+  -i ./130-ibm-fs-management-vpc-openshift.yaml \
+  -i ./140-ibm-fs-workload-vpc.yaml \
+  -i ./150-ibm-fs-workload-vpc-openshift.yaml \
+  -i ./160-ibm-fs-openshift-dev-tools.yaml \
+  -i ./165-ibm-fs-openshift-workload.yaml \
+  -o "${GENERATE_DESTINATION}"
 
 cp -R -L ./files/* "${GENERATE_DESTINATION}"
 
diff --git a/common-files/apply-all.sh b/common-files/apply-all.sh
index f2161b36..6dbf8075 100755
--- a/common-files/apply-all.sh
+++ b/common-files/apply-all.sh
@@ -1,49 +1,26 @@
 #!/usr/bin/env bash
 
-#if command -v terragrunt 1> /dev/null 2> /dev/null; then
-#  echo "y" | terragrunt run-all apply || exit 1
-#  exit
-#fi
+SCRIPT_DIR=$(cd $(dirname $0); pwd -P)
 
-CI="$1"
+if command -v terragrunt 1> /dev/null 2> /dev/null; then
+  echo "y" | terragrunt run-all apply || exit 1
+  exit
+fi
 
 find . -type d -maxdepth 1 | grep -vE "[.]/[.].*" | grep -vE "^[.]$" | grep -v workspace | sort | \
   while read dir;
 do
   name=$(echo "$dir" | sed -E "s~[.]/(.*)~\1~g")
 
-  VPN_REQUIRED=$(grep "vpn/required" ./${name}/bom.yaml | sed -E "s~[^:]+: [\"'](.*)[\"']~\1~g")
+  cd "${name}"
 
-  if [[ "${VPN_REQUIRED}" == "true" ]]; then
-    RUNNING_PROCESSES=$(ps -ef)
-    VPN_RUNNING=$(echo "${RUNNING_PROCESSES}" | grep "openvpn --config")
-
-    if [[ -n "${VPN_RUNNING}" ]]; then
-      echo "VPN required but it is already running"
-    elif command -v openvpn 1> /dev/null 2> /dev/null; then
-      OVPN_FILE=$(find . -name "*.ovpn" | head -1)
-
-      if [[ -z "${OVPN_FILE}" ]]; then
-        echo "VPN profile not found. Skipping ${name}"
-        continue
-      fi
-
-      echo "Connecting to vpn with profile: ${OVPN_FILE}"
-      sudo openvpn --config "${OVPN_FILE}" &
-    elif [[ -n "${CI}" ]]; then
-      echo "VPN connection required but unable to create the connection. Skipping..."
-      continue
-    else
-      echo "Please connect to your vpn instance using the .ovpn profile within the 110-ibm-fs-edge-vpc directory and press ENTER to proceed."
-      read throwaway
-    fi
+  if [[ -f "${SCRIPT_DIR}/check-vpn.sh" ]]; then
+    "${SCRIPT_DIR}/check-vpn.sh"
   fi
 
   echo "***** Applying ${name} *****"
 
-  cd "${name}" && \
-    terraform init && \
+  terraform init && \
     terraform apply -auto-approve && \
-    cd - 1> /dev/null || \
     exit 1
 done
diff --git a/common-files/check-vpn.sh b/common-files/check-vpn.sh
new file mode 100755
index 00000000..e18b40e4
--- /dev/null
+++ b/common-files/check-vpn.sh
@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+
+ROOT_DIRECTORY=$(cd $(dirname "$0"); pwd -P)
+BOM_DIRECTORY="${PWD}"
+
+VPN_REQUIRED=$(grep "vpn/required" "${BOM_DIRECTORY}/bom.yaml" | sed -E "s~[^:]+: [\"'](.*)[\"']~\1~g")
+
+if [[ "${VPN_REQUIRED}" == "true" ]]; then
+  RUNNING_PROCESSES=$(ps -ef)
+  VPN_RUNNING=$(echo "${RUNNING_PROCESSES}" | grep "openvpn --config")
+
+  if [[ -n "${VPN_RUNNING}" ]]; then
+    echo "VPN required but it is already running"
+  elif command -v openvpn 1> /dev/null 2> /dev/null; then
+    OVPN_FILE=$(find "${ROOT_DIRECTORY}" -name "*.ovpn" | head -1)
+
+    if [[ -z "${OVPN_FILE}" ]]; then
+      echo "VPN profile not found."
+      exit 1
+    fi
+
+    echo "Connecting to vpn with profile: ${OVPN_FILE}"
+    if [[ "${UID}" -eq 0 ]]; then
+      openvpn --config "${OVPN_FILE}" &
+    else
+      sudo openvpn --config "${OVPN_FILE}" &
+    fi
+  else
+    echo "VPN connection required but unable to create the connection automatically. Please connect to your vpn instance using the .ovpn profile within the 110-ibm-fs-edge-vpc directory and re-run apply-all.sh."
+    exit 1
+  fi
+else
+  echo "VPN not required"
+fi
diff --git a/common-files/destroy-all.sh b/common-files/destroy-all.sh
index 69e18b96..8f7e7c04 100755
--- a/common-files/destroy-all.sh
+++ b/common-files/destroy-all.sh
@@ -1,11 +1,11 @@
 #!/usr/bin/env bash
 
-#if command -v terragrunt 1> /dev/null 2> /dev/null; then
-#  echo "y" | terragrunt run-all destroy || exit 1
-#  exit
-#fi
+SCRIPT_DIR=$(cd $(dirname $0); pwd -P)
 
-CI="$1"
+if command -v terragrunt 1> /dev/null 2> /dev/null; then
+  echo "y" | terragrunt run-all destroy || exit 1
+  exit
+fi
 
 find . -type d -maxdepth 1 | grep -vE "[.]/[.].*" | grep -vE "^[.]$" | grep -v workspace | sort -r | \
   while read dir;
@@ -20,22 +20,7 @@ do
   VPN_REQUIRED=$(grep "vpn/required" ./${name}/bom.yaml | sed -E "s~[^:]+: \"(.*)\"~\1~g")
 
   if [[ "${VPN_REQUIRED}" == "true" ]]; then
-    RUNNING_PROCESSES=$(ps -ef)
-    VPN_RUNNING=$(echo "${RUNNING_PROCESSES}" | grep "openvpn --config")
-
-    if [[ -n "${VPN_RUNNING}" ]]; then
-      echo "VPN required but it is already running"
-    elif command -v openvpn 1> /dev/null 2> /dev/null; then
-      OVPN_FILE=$(find . -name "*.ovpn" | head -1)
-      echo "Connecting to vpn with profile: ${OVPN_FILE}"
-      sudo openvpn --config "${OVPN_FILE}" &
-    elif [[ -n "${CI}" ]]; then
-      echo "VPN connection required but unable to create the connection. Skipping..."
-      continue
-    else
-      echo "Please connect to your vpn instance using the .ovpn profile within the 110-ibm-fs-edge-vpc directory and press ENTER to proceed."
-      read throwaway
-    fi
+    "${SCRIPT_DIR}/start-vpn.sh"
   fi
 
   echo "***** Destroying ${name} *****"
diff --git a/common-files/launch.sh b/common-files/launch.sh
index d9205a29..dd6a50df 100755
--- a/common-files/launch.sh
+++ b/common-files/launch.sh
@@ -35,7 +35,7 @@ then
   fi
 fi
 
-DOCKER_IMAGE="quay.io/cloudnativetoolkit/cli-tools:v1.1-v1.8.1"
+DOCKER_IMAGE="quay.io/cloudnativetoolkit/cli-tools:v1.1-v1.8.2"
 
 SUFFIX=$(echo $(basename ${SCRIPT_DIR}) | base64 | sed -E "s/[^a-zA-Z0-9_.-]//g" | sed -E "s/.*(.{5})/\1/g")
 CONTAINER_NAME="cli-tools-${SUFFIX}"