Skip to content

Latest commit

 

History

History
218 lines (154 loc) · 7.07 KB

README.md

File metadata and controls

218 lines (154 loc) · 7.07 KB

logo

infratools

Container image with infra tools (terraform, terragrunt, aws cli, helm, kubectl...). Useful for CI/CD.

Table of Contents generated with mtoc

example

Badges

Build and scan 🕷️📦 Hadolint License Latest Tag

DockerHub Badge

About

How many times do you need a container image with tools like terraform, helm, kubectl, aws cli, terragrunt... among many others? Aren't you tired of having to maintain all of them in each repository, instead of having one "general" one that can be used in multiple repos?

Available tags: https://hub.docker.com/r/containerscrew/infratools/tags

Architecture

Arch Supported Tested
amd64
arm64

Main tools

Tool Available
Terraform
Terragrunt
Kubectl
Helm
AWS CLI
tftools
tfenv
ohmyzsh

Take a look to all the available installed tools inside the Dockerfile

Tip

You can change terraform version dynamically using tfenv or setting .terraform-version file in your repository.

Versioning

Installing python libraries

If you try to install python libraries using `pip3`, you will see the following error:
Error:

× This environment is externally managed
╰─>
    The system-wide python installation should be maintained using the system
    package manager (apk) only.
If the package in question is not packaged already (and hence installable via
"apk add py3-somepackage"), please consider installing it inside a virtual
environment, e.g.:

python3 -m venv /path/to/venv
. /path/to/venv/bin/activate
pip install mypackage

To exit the virtual environment, run:

deactivate

The virtual environment is not deleted, and can be re-entered by re-sourcing
the activate file.

To automatically manage virtual environments, consider using pipx (from the
pipx package).

note: If you believe this is a mistake, please contact your Python installation or OS distribution provider. You can override this, at the risk of breaking your Python installation or OS, by passing --break-system-packages. hint: See PEP 668 for the detailed specification.

Use pipx to install python packages/libraries

Install library + deps:

pipx install boto3 --include-deps

Install a package:

pipx install your-package-name # visit pypip

Use venv

python3 -m venv /path/to/venv
. /path/to/venv/bin/activate
pip3 install mypackage

Force installation with pip3

pip3 install boto3 --break-system-packages

Global gitconfig for internal git servers with self signed certificate

If using custom git repository with self signed certificate, just edit in your ~/.gitconfig:

[http "https://gitlab.server.internal"]
  ##################################
  # Self Signed Server Certificate #
  ##################################

  sslCAInfo = /path/to/your/certificate.crt
  #sslCAPath = /path/to/selfCA/
  sslVerify = true # or set to false if you trust

Lint

make hadolint

Image security scan with Trivy

This image uses trivy github action as a tool for security scanning.

Take a look to the official repo of Trivy.

Local trivy scan

Install trivy

make build-image
make trivy-scan # trivy image docker.io/containerscrew/infratools:test

Local dev

make local-build
make local-run
# Or all in one
make local-build-run

Use other version(tag) if needed (edit the Makefile).

Using run.sh script (Recommended)

Create a copy of the script run.sh in your repository and run it.

./run.sh
Usage: ./run.sh [-i (info)] [-u (update)] [-a (attach)]

With this script, you can run the container or attach to an existing, update the container to the latest tag version, or get the current version of the container.

Important

Running this script, ZSH history will be saved in /code repository to allow persistent command history. So, If you don't want to push the .zsh_history to git, add the file to .gitignore in the repo you are using.

TODO

  • Add other dynamic version switchers for other tools (tgswitch, kubectl...)
  • Seperate pipeline for build release + build in other branch

CHANGELOG

CHANGELOG.md

LICENSE

LICENSE