Skip to content

Commit

Permalink
feat: add dockerfiles and workflows to publish them
Browse files Browse the repository at this point in the history
  • Loading branch information
willianantunes committed Aug 19, 2024
1 parent 8a7997d commit 0d8ee88
Show file tree
Hide file tree
Showing 6 changed files with 177 additions and 0 deletions.
32 changes: 32 additions & 0 deletions .github/workflows/publish-image-packer.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: Build and publish packer
on:
push:
branches:
- main
paths:
- 'Dockerfile.packer'

jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Project checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
push: true
file: Dockerfile.packer
tags: |
${{ github.repository }}-packer:latest
${{ github.repository }}-packer:${{ github.sha }}
32 changes: 32 additions & 0 deletions .github/workflows/publish-image-terraform.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: Build and publish terraform
on:
push:
branches:
- main
paths:
- 'Dockerfile.terraform'

jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Project checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64
push: true
file: Dockerfile.terraform
tags: |
${{ github.repository }}:latest
${{ github.repository }}:${{ github.sha }}
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
certs
28 changes: 28 additions & 0 deletions Dockerfile.packer
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
FROM ubuntu:20.04

RUN apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y openvpn \
wget \
unzip \
curl \
sshpass \
openssh-client \
python3-pip \
git \
apt-transport-https \
software-properties-common

# https://learn.microsoft.com/en-us/powershell/scripting/install/install-ubuntu?view=powershell-7.4
RUN wget -q https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb && \
dpkg -i packages-microsoft-prod.deb && \
rm packages-microsoft-prod.deb && \
apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y powershell

RUN curl -sL https://aka.ms/InstallAzureCLIDeb | bash

# https://developer.hashicorp.com/packer/install#linux
RUN curl -fsSL -o packer.zip https://releases.hashicorp.com/packer/1.10.2/packer_1.10.2_linux_amd64.zip && \
unzip -q packer.zip && rm packer.zip && \
install -m 0755 packer /usr/bin/packer

WORKDIR /app
49 changes: 49 additions & 0 deletions Dockerfile.terraform
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
FROM docker:latest

RUN apk add --no-cache bash vim openvpn wget unzip curl sshpass openssh-client python3 py3-pip git github-cli jq groff mandoc

# https://stackoverflow.com/a/77334728/3899136
RUN echo "[global]" >> /etc/pip.conf && echo "break-system-packages = true" >> /etc/pip.conf
RUN pip3 install awscli

# Latest Terraform version
ARG TERRAFORM_VERSION=1.9.4
RUN ARCH=$(uname -m) && \
if [ "$ARCH" = "x86_64" ]; then \
TERRAFORM_ARCH="amd64"; \
elif [ "$ARCH" = "aarch64" ]; then \
TERRAFORM_ARCH="arm64"; \
else \
echo "Unsupported architecture: $ARCH"; exit 1; \
fi && \
wget https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_${TERRAFORM_ARCH}.zip && \
unzip terraform_${TERRAFORM_VERSION}_linux_${TERRAFORM_ARCH}.zip -d /usr/local/bin/ && \
rm terraform_${TERRAFORM_VERSION}_linux_${TERRAFORM_ARCH}.zip

# Azure CLI
# https://learn.microsoft.com/en-us/cli/azure/install-azure-cli-linux?pivots=script
# https://github.com/Azure/azure-cli/issues/24872
RUN apk add --no-cache -q --virtual=build gcc musl-dev python3-dev libffi-dev openssl-dev cargo make \
&& pip install --no-cache-dir azure-cli -q \
&& apk del --purge build

# Install kubelogin
RUN az aks install-cli

# Terrascan is a static code analyzer for Infrastructure as Code.
# https://github.com/tenable/terrascan/tree/3bf466ddffb5993290a09730450addc3e6f036da?tab=readme-ov-file#quick-start
RUN curl -L "$(curl -s https://api.github.com/repos/tenable/terrascan/releases/latest | grep -o -E "https://.+?_Linux_x86_64.tar.gz")" > terrascan.tar.gz && \
tar -xf terrascan.tar.gz terrascan && rm terrascan.tar.gz && \
install terrascan /usr/local/bin && rm terrascan

# tfsec uses static analysis of your terraform code to spot potential misconfigurations
RUN ARCH=$(uname -m) && \
if [ "$ARCH" = "x86_64" ]; then \
curl -s https://raw.githubusercontent.com/aquasecurity/tfsec/master/scripts/install_linux.sh | sed 's/ --quiet//g' | bash; \
else \
echo "tfsec installation skipped for architecture: $ARCH"; \
fi

RUN apk add --no-cache postgresql-client

WORKDIR /app
35 changes: 35 additions & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
services:
docker:
image: docker:latest
privileged: true
network_mode: host
ports:
- "2375-2376"
volumes:
- ./certs:/certs
development:
build:
context: .
dockerfile: Dockerfile.terraform
privileged: true
network_mode: host
extra_hosts:
- "docker:127.0.0.1"
depends_on:
docker:
condition: service_started
volumes:
- ./:/app
- ./certs:/certs
environment:
# Variables required to connect to the Docker daemon
- DOCKER_HOST=tcp://docker:2376
- DOCKER_TLS_VERIFY=1
- DOCKER_CERT_PATH=/certs/client
packer:
build:
context: .
dockerfile: Dockerfile.packer
network_mode: host
volumes:
- ./:/app

0 comments on commit 0d8ee88

Please sign in to comment.