diff --git a/.docker/Dockerfile b/.docker/Dockerfile index 8f8d0db..f2f4541 100644 --- a/.docker/Dockerfile +++ b/.docker/Dockerfile @@ -2,25 +2,25 @@ FROM phusion/baseimage:jammy-1.0.4 ##################################### -ENV LANG C.UTF-8 -ENV LC_ALL en_US.UTF-8 -ENV DEBIAN_FRONTEND noninteractive +ENV LANG=C.UTF-8 +ENV LC_ALL=en_US.UTF-8 +ENV DEBIAN_FRONTEND=noninteractive ### -ENV PHP_VERSION 8.3.10 -ENV PACKER_VERSION 1.11.2 -ENV TERRAFORM_VERSION 1.9.0 -ENV ANSIBLE_VERSION 10.3.0 -ENV LINT_VERSION 4.1.0 -ENV KUBECTL_VERSION 1.31.0 -ENV HELM_VERSION 3.15.1 -ENV AZURE_CLI_VERSION 2.63.0-1~jammy -ENV AWS_CLI_VERSION 2.17.33 -ENV K9s_Version 0.32.5 -ENV GCLOUD_VERSION 489.0.0 -ENV KUI_Version 13.1.4 -ENV KUBECTX_VERSION 0.9.4 -ENV KUBENS_VERSION 0.9.4 +ENV PHP_VERSION=8.3.10 +ENV PACKER_VERSION=1.11.2 +ENV TERRAFORM_VERSION=1.9.5 +ENV ANSIBLE_VERSION=10.3.0 +ENV LINT_VERSION=4.1.0 +ENV KUBECTL_VERSION=1.31.0 +ENV HELM_VERSION=3.15.4 +ENV AZURE_CLI_VERSION=2.64.0-1~jammy +ENV AWS_CLI_VERSION=2.17.43 +ENV K9s_Version=0.32.5 +ENV GCLOUD_VERSION=490.0.0 +ENV KUI_Version=13.1.4 +ENV KUBECTX_VERSION=0.9.4 +ENV KUBENS_VERSION=0.9.4 #################################### @@ -38,8 +38,8 @@ RUN mkdir -p /home/ubuntu/.ssh RUN chmod 755 /home/ubuntu/.ssh RUN chown -R ubuntu:ubuntu /home/ubuntu RUN chmod 755 /home/ubuntu -ENV BOOT2DOCKER_ID 501 -ENV BOOT2DOCKER_GID 20 +ENV BOOT2DOCKER_ID=501 +ENV BOOT2DOCKER_GID=20 # Tweaks to give write permissions to the app RUN usermod -u ${BOOT2DOCKER_ID} ubuntu && \ usermod -G staff ubuntu @@ -76,16 +76,14 @@ RUN apt install -y \ # ZSH -ADD ./etc/install-zsh.sh /root/install-zsh.sh -ADD ./etc/install-zsh.sh /home/ubuntu/install-zsh.sh +ADD .docker/etc/install-zsh.sh /root/install-zsh.sh +ADD .docker/etc/install-zsh.sh /home/ubuntu/install-zsh.sh RUN chmod +x /root/install-zsh.sh RUN chmod +x /home/ubuntu/install-zsh.sh RUN sh /root/install-zsh.sh RUN su - ubuntu -c "sh /home/ubuntu/install-zsh.sh" RUN rm /root/.zshrc && chsh -s `which zsh` && chsh -s `which zsh` ubuntu && chmod -R 755 /usr/local/share/zsh* -RUN mkdir -p ~/.oh-my-zsh/custom/plugins/copydir -RUN curl -L https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/plugins/copypath/copypath.plugin.zsh -o ~/.oh-my-zsh/custom/plugins/copydir/copydir.plugin.zsh ##Python with Packages RUN pip install ansible==${ANSIBLE_VERSION} \ @@ -138,13 +136,9 @@ RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-${AWS_CLI_VERSION mv /usr/local/bin/aws /bin #gcloud -RUN cd /tmp && \ - wget https://storage.googleapis.com/cloud-sdk-release/google-cloud-cli-${GCLOUD_VERSION}-linux-arm.tar.gz && \ - tar -xvzf google-cloud-cli-${GCLOUD_VERSION}-linux-arm.tar.gz && \ - mv google-cloud-sdk /usr/local/gcloud && \ - /usr/local/gcloud/install.sh --quiet && \ - rm /tmp/google-cloud-cli-${GCLOUD_VERSION}-linux-arm.tar.gz -ENV PATH $PATH:/usr/local/gcloud/google-cloud-sdk/bin +RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list && \ + curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor -o /usr/share/keyrings/cloud.google.gpg && \ + apt-get update -y && apt-get install google-cloud-cli=${GCLOUD_VERSION}-0 -y #k9s RUN curl -LO https://github.com/derailed/k9s/releases/latest/download/k9s_Linux_amd64.tar.gz && \ diff --git a/.github/workflows/docker-scanner.yaml b/.github/workflows/docker-scanner.yaml index 5c4c9c8..6396b7a 100644 --- a/.github/workflows/docker-scanner.yaml +++ b/.github/workflows/docker-scanner.yaml @@ -7,12 +7,17 @@ permissions: statuses: write on: - workflow_dispatch: + pull_request: + types: + - opened + - synchronize + - reopened jobs: docker-scanner: - uses: clouddrove/github-shared-workflows/.github/workflows/docker-scanner.yml@1.2.7 + uses: clouddrove/github-shared-workflows/.github/workflows/docker-scanner.yml@1.2.8 with: severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL" - dockerfile-path: "./docker/Dockerfile" + dockerfile-path: "./.docker/Dockerfile" security-upload: "true" + block_action: "true" diff --git a/.github/workflows/enigma-docker.yml b/.github/workflows/enigma-docker.yml new file mode 100644 index 0000000..a566fba --- /dev/null +++ b/.github/workflows/enigma-docker.yml @@ -0,0 +1,45 @@ +name: Enigma Docker Build and Publish. +on: + push: + tags: [ v* ] + +jobs: + docker-build-publish: + runs-on: ubuntu-latest + permissions: + contents: 'read' + id-token: 'write' + env: + DOCKER_IMAGE: devops-machine + DOCKER_TAG: ghcr.io/${{ github.repository }}:${{ github.ref_name }} + PROVIDER: github + + steps: + - name: Checkout code + uses: actions/checkout@v4.1.7 + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Build Docker Image + uses: clouddrove/enigma@v0.0.7 + with: + command: bake + DOCKER_IMAGE: ${{ env.DOCKER_IMAGE }} + DOCKER_TAG: ${{ env.DOCKER_TAG }} + DOCKERFILE_PATH: .docker/Dockerfile + GITHUB_USERNAME: ${{ github.actor }} + TOKEN: ${{ secrets.GITHUB }} + + - name: Publish Docker Image + uses: clouddrove/enigma@v0.0.7 + with: + command: publish + DOCKER_IMAGE: ${{ env.DOCKER_IMAGE }} + DOCKER_TAG: ${{ env.DOCKER_TAG }} + DOCKERFILE_PATH: .docker/Dockerfile + GITHUB_USERNAME: ${{ github.actor }} + TOKEN: ${{ secrets.GITHUB }} diff --git a/.github/workflows/sanity-check.yaml b/.github/workflows/sanity-check.yaml new file mode 100644 index 0000000..175c579 --- /dev/null +++ b/.github/workflows/sanity-check.yaml @@ -0,0 +1,84 @@ +name: Sanity Checks + +on: + pull_request: + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3.6.1 + + - name: Build the application image + run: docker build -t clouddrove/devops:0.0.${{ github.run_number }} -f .docker/Dockerfile . + + - name: Bring container up and running + run: docker run --name devops -d clouddrove/devops:0.0.${{ github.run_number }} + + - name: Wait for container to boot up + run: sleep 10 + + - name: Sanity check + run: | + mismatches="" + + # Terraform + LATEST_TERRAFORM_VERSION=$(curl -s https://checkpoint-api.hashicorp.com/v1/check/terraform | jq -r .current_version) + INSTALLED_TERRAFORM_VERSION=$(docker exec devops terraform version -json | jq -r .terraform_version) + if [ "$LATEST_TERRAFORM_VERSION" != "$INSTALLED_TERRAFORM_VERSION" ]; then + mismatches="$mismatches\nTerraform version mismatch: expected $LATEST_TERRAFORM_VERSION, got $INSTALLED_TERRAFORM_VERSION" + fi + + # Azure CLI + LATEST_AZURE_VERSION=$(curl -s https://api.github.com/repos/Azure/azure-cli/releases/latest | jq -r .tag_name | cut -d '-' -f 3) + INSTALLED_AZURE_VERSION=$(docker exec devops az version | jq -r '."azure-cli"') + if [ "$LATEST_AZURE_VERSION" != "$INSTALLED_AZURE_VERSION" ]; then + mismatches="$mismatches\nAzure CLI version mismatch: expected $LATEST_AZURE_VERSION, got $INSTALLED_AZURE_VERSION" + fi + + # AWS CLI + curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --bin-dir /usr/local/bin --install-dir /usr/local/aws-cli --update + LATEST_AWS_VERSION=$(aws --version 2>&1 | awk '{print $1}' | cut -d/ -f2) + INSTALLED_AWS_VERSION=$(docker exec devops aws --version 2>&1 | awk '{print $1}' | cut -d/ -f2) + if [ "$LATEST_AWS_VERSION" != "$INSTALLED_AWS_VERSION" ]; then + mismatches="$mismatches\nAWS CLI version mismatch: expected $LATEST_AWS_VERSION, got $INSTALLED_AWS_VERSION" + fi + + # Kubectl + LATEST_KUBECTL_VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt | cut -c 2-) + INSTALLED_KUBECTL_VERSION=$(docker exec devops kubectl version --client -o json | jq -r '.clientVersion.gitVersion' | cut -c 2-) + if [ "$LATEST_KUBECTL_VERSION" != "$INSTALLED_KUBECTL_VERSION" ]; then + mismatches="$mismatches\nKubectl version mismatch: expected $LATEST_KUBECTL_VERSION, got $INSTALLED_KUBECTL_VERSION" + fi + + # Helm + LATEST_HELM_VERSION=$(curl -s https://api.github.com/repos/helm/helm/releases/latest | jq -r .tag_name | cut -c 2-) + INSTALLED_HELM_VERSION=$(docker exec devops helm version --template="{{ .Version }}" | cut -c 2-) + if [ "$LATEST_HELM_VERSION" != "$INSTALLED_HELM_VERSION" ]; then + mismatches="$mismatches\nHelm version mismatch: expected $LATEST_HELM_VERSION, got $INSTALLED_HELM_VERSION" + fi + + # Google Cloud SDK (gcloud) + curl -O https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-cli-linux-x86_64.tar.gz + tar -xf google-cloud-cli-linux-x86_64.tar.gz + ./google-cloud-sdk/install.sh --quiet + export PATH=$PATH:$PWD/google-cloud-sdk/bin + LATEST_GCLOUD_VERSION=$(gcloud --version | grep -oP '(?<=Google Cloud SDK )\S+') + INSTALLED_GCLOUD_VERSION=$(docker exec devops gcloud --version | grep -oP '(?<=Google Cloud SDK )\S+') + echo "Google Cloud SDK versions - Latest: $LATEST_GCLOUD_VERSION, Installed: $INSTALLED_GCLOUD_VERSION" + if [ "$LATEST_GCLOUD_VERSION" != "$INSTALLED_GCLOUD_VERSION" ]; then + mismatches="$mismatches\nGoogle Cloud SDK version mismatch: expected $LATEST_GCLOUD_VERSION, got $INSTALLED_GCLOUD_VERSION" + fi + + # Print mismatches and fail if any + if [ -n "$mismatches" ]; then + echo -e "Version mismatches found:$mismatches" + exit 1 + fi \ No newline at end of file diff --git a/README.md b/README.md index ca0ebf2..0e987d1 100644 --- a/README.md +++ b/README.md @@ -1,69 +1,154 @@ - - + +![Banner](https://github.com/clouddrove/terraform-module-template/assets/119565952/67a8a1af-2eb7-40b7-ae07-c94cde9ce062)

- DevOps Machine + DevOps Machine

-

DevOps machine using docker

-
+

+ A comprehensive Docker-based DevOps environment equipped with essential tools like Terraform, Ansible, Helm, and more. +

+ +

+ + + + + + + + + + + + +

+ +--- + +This repository offers a comprehensive Docker-based environment configured with a robust set of DevOps tools, including Terraform, Ansible, Helm, and many more. This environment is designed to streamline DevOps workflows, automate tasks, and enhance productivity.. + +## πŸš€ Features + +- **Docker-Based Environment**: + - Run all tools within an isolated Docker container. +- **Phusion/baseimage (jammy-1.0.4)** +- **SSH access enabled** +- **Custom user 'ubuntu' with sudo privileges.** +- **ZSH shell with Oh My Zsh framework and all necessary plugins.** +- **Added aliase for tools command in aliases.conf file.** +- **Mounted volumes in docker-compose file for persistence data.** +- **Added extra shell configuration in extra.conf** +- **Various development and operations and pre-installed tools with the latest version.** +- **Pre-installed Tools**: + - **Terraform**: v1.9.5 + - **Ansible**: v10.3.0 + - **Helm**: v3.15.1 + - **Packer**: v1.11.2 + - **Kubectl**: v1.31.0 + - **AWS CLI**: v2.17.33 + - **Azure CLI**: v2.63.0 + - **GCloud CLI**: v490.0.0 + - **K9s**: v0.32.5 + - **TFSwitch**: v1.7.0 + - **OpenTofu**: v1.8.0 + - **Kubectx**: v0.9.4 + - **Kubens**: v0.9.4 + - **ZSH**: Pre-configured with Oh My ZSH + +## Setup DevOps Machine + +## Prerequisites +- Docker and Docker Compose are installed on your host machine. +- Make utility. + +## πŸ›  Installation + +1. Clone the repository: + ```bash + git clone https://github.com/clouddrove/devops-machine.git + cd devops-machin +## πŸ›  Build A Docker Image + +1. Copy and paste this command (Dockerfile is located in .docker directory): + ```bash + docker build -t your-image-name -f .docker/Dockerfile . +## πŸ”§ Running the DevOps Machine -[![CircleCI](https://circleci.com/gh/anmolnagpal/devops-machine/tree/master.svg?style=svg)](https://circleci.com/gh/anmolnagpal/devops-machine/tree/master) +1. To start the DevOps machine, use the following command: -## 1- Prepare machine: + ```bash + make up +2. To access the DevOps Machine Run this command: -##### 1.0 - Install Docker + - Login with user: ubuntu + - No password required. -if you have it installed you can skip this step otherwise run this command: + ```bash + make ssh +## ✨ Contributors -``` -brew install docker docker-compose -``` +Big thanks to our contributors for elevating our project with their dedication and expertise! But, we do not wish to stop there, would like to invite contributions from the community in improving these projects and making them more versatile for better reach. Remember, every bit of contribution is immensely valuable, as, together, we are moving in only 1 direction, i.e. forward. -## 2- Prepare the Workspace: + + + +
+
-##### 2.0 - to create the workspace directory run the following command + If you're considering contributing to our project, here are a few quick guidelines that we have been following (Got a suggestion? We are all ears!): -``` -mkdir ~/workspace -cd ~/workspace -``` -now lets clone the devops-machine repository -``` -git clone https://github.com/anmolnagpal/devops-machine -cd devops-machine -``` -Make sure that you are at master branch & have updated code -``` -git checkout master && git pull origin master -``` -## 3- Start machine: +- **Fork the Repository:** Create a new branch for your feature or bug fix. +- **Coding Standards:** You know the drill. +- **Clear Commit Messages:** Write clear and concise commit messages to facilitate understanding. +- **Thorough Testing:** Test your changes thoroughly before submitting a pull request. +- **Documentation Updates:** Include relevant documentation updates if your changes impact it. -##### 3.0 - Now lets bring the devops machine up +## Feedback +Spot a bug or have thoughts to share with us? Let's squash it together! Log it in our [issue tracker](https://github.com/clouddrove/enigma/issues), feel free to drop us an email at [hello@clouddrove.com](mailto:hello@clouddrove.com). -``` -make up -``` +Show some love with a β˜… on [our GitHub](https://github.com/clouddrove/enigma)! if our work has brightened your day! – your feedback fuels our journey! -##### 3.1 - Lets do the ssh into the devops machinea and start automation the things ;) +## :rocket: Our Accomplishment -``` -make ssh -``` -## β˜‘ Tools Added +We have [*100+ Terraform modules*][terraform_modules] πŸ™Œ. You could consider them finished, but, with enthusiasts like yourself, we are able to ever improve them, so we call our status - improvement in progress. -- [X] PHP -- [X] Packer -- [X] Python -- [X] Ansible -- [X] Terraform -- [X] Helm -- [X] Kubectl +- [Terraform Module Registry:](https://registry.terraform.io/namespaces/clouddrove) Discover our Terraform modules here. -## β˜‘ TODO +- [Terraform Modules for AWS/Azure Modules:](https://github.com/clouddrove/toc) Explore our comprehensive Table of Contents for easy navigation through our documentation for modules pertaining to AWS, Azure & GCP. -- [ ] Add other devops tools +- [Terraform Modules for Digital Ocean:](https://github.com/terraform-do-modules/toc) Check out our specialized Terraform modules for Digital Ocean. -## πŸ‘¬ Contribution +## Join Our Slack Community -- Open pull request with improvements -- Reach out with any feedback [![Twitter URL](https://img.shields.io/twitter/url/https/twitter.com/anmol_nagpal.svg?style=social&label=Follow%20anmolnagpal)](https://twitter.com/anmol_nagpal) +Join our vibrant open-source slack community and embark on an ever-evolving journey with CloudDrove; helping you in moving upwards in your career path. +Join our vibrant Open Source Slack Community and embark on a learning journey with CloudDrove. Grow with us in the world of DevOps and set your career on a path of consistency. + +πŸŒπŸ’¬What you'll get after joining this Slack community: + +- πŸš€ Encouragement to upgrade your best version. +- 🌈 Learning companionship with our DevOps squad. +- 🌱 Relentless growth with daily updates on new advancements in technologies. + +Join our tech elites [Join Now][slack] πŸš€ + +## Explore Our Blogs + + Click [here][blog] :books: :star2: + +## Tap into our capabilities +We provide a platform for organizations to engage with experienced top-tier DevOps & Cloud services. Tap into our pool of certified engineers and architects to elevate your DevOps and Cloud Solutions. + +At [CloudDrove][website], has extensive experience in designing, building & migrating environments, securing, consulting, monitoring, optimizing, automating, and maintaining complex and large modern systems. With remarkable client footprints in American & European corridors, our certified architects & engineers are ready to serve you as per your requirements & schedule. Write to us at [business@clouddrove.com](mailto:business@clouddrove.com). + +

We are The Cloud Experts!

+
+

We ❀️ Open Source and you can check out our other modules to get help with your new Cloud ideas.

+ + [website]: https://clouddrove.com + [blog]: https://blog.clouddrove.com + [slack]: https://www.launchpass.com/devops-talks + [github]: https://github.com/clouddrove + [linkedin]: https://cpco.io/linkedin + [twitter]: https://twitter.com/clouddrove/ + [email]: https://clouddrove.com/contact-us.html + [terraform_modules]: https://github.com/clouddrove?utf8=%E2%9C%93&q=terraform-&type=&language= \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index db0ccfb..47dd918 100755 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,5 +1,3 @@ -version: '2.1' - services: devops: container_name: devops