{"id":16164050,"url":"https://github.com/cyclenerd/cloud-tools-container","last_synced_at":"2025-03-18T22:31:27.215Z","repository":{"id":72096132,"uuid":"527518639","full_name":"Cyclenerd/cloud-tools-container","owner":"Cyclenerd","description":"📦 Ready-to-use Docker container image with cloud tools (AWS CLI, Google Cloud CLI, Terraform, Packer, Ansible)","archived":false,"fork":false,"pushed_at":"2024-10-29T08:00:04.000Z","size":1427,"stargazers_count":9,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-10-29T09:19:18.951Z","etag":null,"topics":["ansible","aws","awscli","circleci","container-image","docker","docker-image","gcloud","gcloud-cli","gcloud-sdk","gcp","google-cloud","google-cloud-platform","helm","k8s","kubectl","kubernetes","open-policy-agent","packer","terraform"],"latest_commit_sha":null,"homepage":"https://hub.docker.com/r/cyclenerd/cloud-tools-container","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Cyclenerd.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"Cyclenerd"}},"created_at":"2022-08-22T10:38:41.000Z","updated_at":"2024-10-29T08:00:08.000Z","dependencies_parsed_at":"2023-12-17T22:20:10.651Z","dependency_job_id":"35192699-779f-447c-9f2e-89f271792cb4","html_url":"https://github.com/Cyclenerd/cloud-tools-container","commit_stats":null,"previous_names":["cyclenerd/cloud-tools-container"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cyclenerd%2Fcloud-tools-container","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cyclenerd%2Fcloud-tools-container/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cyclenerd%2Fcloud-tools-container/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cyclenerd%2Fcloud-tools-container/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Cyclenerd","download_url":"https://codeload.github.com/Cyclenerd/cloud-tools-container/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243955215,"owners_count":20374369,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","aws","awscli","circleci","container-image","docker","docker-image","gcloud","gcloud-cli","gcloud-sdk","gcp","google-cloud","google-cloud-platform","helm","k8s","kubectl","kubernetes","open-policy-agent","packer","terraform"],"created_at":"2024-10-10T02:45:03.235Z","updated_at":"2025-03-18T22:31:27.209Z","avatar_url":"https://github.com/Cyclenerd.png","language":"Dockerfile","funding_links":["https://github.com/sponsors/Cyclenerd"],"categories":[],"sub_categories":[],"readme":"# Cloud Tools Container\n\n[![Badge: Ansible](https://img.shields.io/badge/Ansible-%231A1918.svg?logo=ansible\u0026logoColor=white)](#readme)\n[![Badge: AWS](https://img.shields.io/badge/AWS-%23232F3E.svg?logo=amazonwebservices\u0026logoColor=white)](#readme)\n[![Badge: Bitbucket](https://img.shields.io/badge/Bitbucket-0052CC.svg?logo=bitbucket\u0026logoColor=white)](#readme)\n[![Badge: CircleCI](https://img.shields.io/badge/CircleCI-343434.svg?logo=circleci\u0026logoColor=white)](#readme)\n[![Badge: Docker](https://img.shields.io/badge/Docker-%230db7ed.svg?logo=docker\u0026logoColor=white)](#readme)\n[![Badge: Firebase](https://img.shields.io/badge/Firebase-%23DD2C00.svg?logo=firebase\u0026logoColor=white)](#readme)\n[![Badge: GitLab](https://img.shields.io/badge/GitLab-FC6D26.svg?logo=gitlab\u0026logoColor=white)](#readme)\n[![Badge: GNU Bash](https://img.shields.io/badge/GNU%20Bash-4EAA25.svg?logo=gnubash\u0026logoColor=white)](#readme)\n[![Badge: Go](https://img.shields.io/badge/Go-%2300ADD8.svg?logo=go\u0026logoColor=white)](#readme)\n[![Badge: Google Cloud](https://img.shields.io/badge/Google%20Cloud-%234285F4.svg?logo=google-cloud\u0026logoColor=white)](#readme)\n[![Badge: Hetzer Cloud](https://img.shields.io/badge/Hetzner-D50C2D.svg?logo=hetzner\u0026logoColor=white)](#readme)\n[![Badge: Kubernetes](https://img.shields.io/badge/Kubernetes-%23326ce5.svg?logo=kubernetes\u0026logoColor=white)](#readme)\n[![Badge: Packer](https://img.shields.io/badge/Packer-02A8EF.svg?logo=packer\u0026logoColor=white)](#readme)\n[![Badge: Perl](https://img.shields.io/badge/Perl-%2339457E.svg?logo=perl\u0026logoColor=white)](#readme)\n[![Badge: Python](https://img.shields.io/badge/Python-3670A0?logo=python\u0026logoColor=ffdd54)](#readme)\n[![Badge: Terraform](https://img.shields.io/badge/Terraform-%235835CC.svg?logo=terraform\u0026logoColor=white)](#readme)\n[![Badge: Ubuntu](https://img.shields.io/badge/Ubuntu-E95420.svg?logo=ubuntu\u0026logoColor=white)](#readme)\n[![Badge: Vault](https://img.shields.io/badge/Vault-FFEC6E.svg?logo=vault\u0026logoColor=black)](#readme)\n[![Badge:Last release](https://github.com/Cyclenerd/cloud-tools-container/actions/workflows/podman-release.yml/badge.svg)](https://github.com/Cyclenerd/cloud-tools-container/actions/workflows/podman-release.yml)\n[![Badge:Last release](https://img.shields.io/badge/Last%20release-2025--03--17-blue)](https://github.com/Cyclenerd/cloud-tools-container/actions/workflows/podman-release.yml)\n[![Badge: Docker pulls](https://img.shields.io/docker/pulls/cyclenerd/cloud-tools-container)](https://hub.docker.com/r/cyclenerd/cloud-tools-container)\n[![Badge: License](https://img.shields.io/github/license/cyclenerd/cloud-tools-container)](https://github.com/Cyclenerd/cloud-tools-container/blob/master/LICENSE)\n\nReady-to-use Docker container image for\nAWS CodeBuild/CodePipeline,\nBitbucket Pipelines,\nCircleCI,\nGitHub Actions,\nGitLab runner jobs and\nGoogle Cloud Build.\n\n**Image:**\n```text\ncyclenerd/cloud-tools-container:latest\n```\n\n**Multiarch support:**\n  * `amd64` : Intel or AMD 64-Bit CPU (x86-64)\n  * `arm64` : Arm-based 64-Bit CPU (i.e. Apple silicon, AWS Graviton, Ampere Altra)\n\n\u003e [!NOTE]\n\u003e This project leverages GitHub Actions (https://github.com/Cyclenerd/cloud-tools-container/actions) for streamlined automated builds and deployments.\n\u003e The Container image is rebuilt on a weekly basis, every Monday.\n\n\n## Software\n\nThis [Docker container image](https://hub.docker.com/r/cyclenerd/cloud-tools-container) is based on the **Ubuntu 24.04** release (`ubuntu:noble`).\n\nThe following software is included and tested:\n\n* [Ansible](https://docs.ansible.com/ansible/latest/getting_started/index.html) infrastructure as configuration (IaC) software tool (`ansible` and `ansible-playbook`)\n* [AWS](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html) command line interface (CLI) tools (`aws`)\n* [Firebase](https://firebase.google.com/docs/cli) command line interface (CLI) tools (`firebase`)\n* [fuego](https://github.com/sgarciac/fuego#readme) command line firestore client (`fuego`)\n* [Hetzner Cloud CLI](https://github.com/hetznercloud/cli) (`hcloud`)\n* [GCR Cleaner](https://github.com/GoogleCloudPlatform/gcr-cleaner#readme) deletes old container images on registries (`gcr-cleaner-cli`)\n* [Google Cloud](https://cloud.google.com/cli) command line interface (CLI) tools (`gcloud`, `gsutil` and `bq`)\n* [Open Policy Agent](https://www.openpolicyagent.org/) general-purpose policy engine, context-aware policy enforcement (`opa`)\n* [Packer](https://developer.hashicorp.com/packer) (`packer`)\n* [ShellCheck](https://www.shellcheck.net/) analysis and linting tool for Shell/Bash scripts (`shellcheck`)\n* [skopeo](https://github.com/containers/skopeo) command line utility that performs various operations on container images and repositories (`skopeo`)\n* [Terraform](https://developer.hashicorp.com/terraform/cli) infrastructure as configuration (IaC) software tool (`terraform`)\n  * [terraform-docs](https://github.com/terraform-docs/terraform-docs#readme) generates documentation from Terraform modules (`terraform-docs`)\n  * [Terragrunt](https://terragrunt.gruntwork.io/) thin wrapper that provides extra tools (`terragrunt`)\n  * [tflint](https://github.com/terraform-linters/tflint) linting tool for Terraform code (`tflint`)\n  * [tfsec](https://github.com/aquasecurity/tfsec#readme) analysis security scanner for Terraform code (`tfsec`)\n* Kubernetes\n  * [Helm](https://helm.sh/) package manager for Kubernetes (`helm`)\n  * [Kubernetes cluster manager](https://kubernetes.io/docs/reference/kubectl/) command line tool for communicating with a Kubernetes cluster (`kubectl`)\n* [Vault](https://developer.hashicorp.com/vault) password manager and authentication tool (`vault`)\n* [yq](https://github.com/mikefarah/yq) command-line YAML, JSON and XML processor (`yq`)\n* Base packages\n  * GNU bash 5 (`bash`)\n  * [apt-utils](https://packages.ubuntu.com/lunar/apt-utils)\n    * [Advanced Packaging Tool](https://ubuntu.com/server/docs/package-management) package manager (`apt`, `apt-get`)\n  * [build-essential](https://packages.ubuntu.com/lunar/build-essential)\n    * GNU C compiler `gcc`\n    * [make](https://www.gnu.org/software/make/) utility for directing compilation (`make`)\n  * [Common CA certificates](https://ubuntu.com/server/docs/security-trust-store)\n  * [curl](https://curl.se/docs/manpage.html) tool for transferring data with URL syntax (`curl`)\n  * [DiG](https://en.wikipedia.org/wiki/Dig_(command)) DNS lookup utility (`dig`)\n  * [FIGlet](http://www.figlet.org/) prints its input using large characters (`figlet`)\n  * [git](https://git-scm.com/) distributed revision control system (`git`)\n  * [jq](https://jqlang.github.io/jq/) JSON processor (`jq`)\n  * [Mutt](https://wiki.archlinux.org/title/Mutt) command line email client (`mutt`)\n  * [Node.js](https://nodejs.org/) JavaScript runtime environment (`node`)\n    * [npm](https://www.npmjs.com/) package manager for the JavaScript (`npm`)\n  * [OpenSSL](https://www.openssl.org/) cryptography toolkit (`openssl`)\n  * [OpenSSH](https://www.openssh.com/) remote login client (`ssh`)\n  * [Perl 5](https://www.perl.org/) programming language (`perl`)\n    * [cpanm](https://metacpan.org/dist/App-cpanminus/view/bin/cpanm) modules installer for Perl (`cpanm`)\n  * [Python 3](https://www.python.org/) programming language (`python3`)\n    * [pip](https://pypi.org/project/pip/) package installer for Python (`pip3`)\n    * [flake8](https://flake8.pycqa.org/en/latest/) code checker using pycodestyle and pyflakes (`flake8`)\n  * [Go](https://go.dev/) programming language (`go`)\n  * GNU tar archiving utility (`tar`)\n  * De-archiver for .zip files (`unzip`)\n  * Archiver for .zip files (`zip`)\n\n## Run\n\nRuns a command in the container, pulling the image if needed and starting the container.\n\n### Docker 🐳\n\nDocker run command:\n\n```shell\ndocker run cyclenerd/cloud-tools-container:latest aws --version\n```\n\n### Podman 🦭\n\nPodman run command:\n\n```shell\npodman run docker.io/cyclenerd/cloud-tools-container:latest aws --version\n```\n\n## Examples\n\nExample configurations for various CI/CD tools.\n\n### AWS CodeBuild\n\nAWS CodeBuild configuration:\n\n```json\n{\n  \"environment\": {\n    \"type\": \"LINUX_CONTAINER\",\n    \"image\": \"cyclenerd/cloud-tools-container:latest\",\n    \"computeType\": \"BUILD_GENERAL1_SMALL\"\n  },\n}\n```\n\n### Google Cloud Build\n\nGoogle Cloud Build (`cloudbuild.yaml`) configuration file:\n\n```yml\nsteps:\n  - name: 'cyclenerd/cloud-tools-container:latest'\n    entrypoint: 'gcloud'\n    args: ['--version']\n```\n\n### GitLab CI/CD\n\n#### Google Cloud Service Account Key\n\nGitLab CI/CD (`.gitlab-ci.yml`) configuration with Google Cloud Service Account Key:\n\n```yml\nvariables:\n  GOOGLE_APPLICATION_CREDENTIALS: \"/tmp/service_account_key.json\"\n\ndefault:\n  image: cyclenerd/cloud-tools-container:latest\n  before_script:\n    # Login\n    - echo \"$YOUR_GOOGLE_CLOUD_SERVICE_ACCOUNT_KEY\" \u003e \"$GOOGLE_APPLICATION_CREDENTIALS\"\n    - gcloud auth activate-service-account --key-file=\"$GOOGLE_APPLICATION_CREDENTIALS\"\n\nstages:\n  - auth\n\ngcloud-auth-list:\n  stage: auth\n  script:\n    - gcloud auth list\n```\n\n#### Google Cloud Workload Identity Federation\n\nGitLab CI/CD (`.gitlab-ci.yml`) configuration with Google Cloud [Workload Identity Federation](https://github.com/Cyclenerd/google-workload-identity-federation) login:\n\n```yml\nvariables:\n  WIF_PROVIDER: projects/1057256049272/locations/global/workloadIdentityPools/gitlab-com/providers/gitlab-com-oidc\n  SERVICE_ACCOUNT: gitlab-ci@nkn-it-wif-demo.iam.gserviceaccount.com\n  GOOGLE_CREDENTIALS: gcp_temp_cred.json\n\ndefault:\n  image: cyclenerd/cloud-tools-container:latest\n  before_script:\n    # Login\n    - echo \"${CI_JOB_JWT_V2}\" \u003e gitlab_jwt_token.txt\n    - gcloud iam workload-identity-pools create-cred-config \"${WIF_PROVIDER}\"\n      --service-account=\"${SERVICE_ACCOUNT}\"\n      --output-file=${GOOGLE_CREDENTIALS}\n      --credential-source-file=gitlab_jwt_token.txt\n    - gcloud config set auth/credential_file_override \"${GOOGLE_CREDENTIALS}\"\nstages:\n  - auth\n\ngcloud-auth-list:\n  stage: auth\n  script:\n    - gcloud auth list\n```\n\n\n### Bitbucket Pipelines\n\n#### Google Cloud Workload Identity Federation\n\nBitbucket pipeline configuration (`bitbucket-pipelines.yml`) with Google Cloud [Workload Identity Federation](https://github.com/Cyclenerd/google-workload-identity-federation) login:\n\n```yml\nimage: cyclenerd/cloud-tools-container:latest\n\npipelines:\n  default:\n    - step:\n        name: \"Workload Identity Federation\"\n        # Enable OIDC\n        oidc: true\n        max-time: 5\n        script:\n          # Set variables\n          - export WIF_PROVIDER='projects/753695557698/locations/global/workloadIdentityPools/bitbucket-org/providers/bitbucket-org-oidc'\n          - export SERVICE_ACCOUNT='bitbucket-pipeline@nkn-it-wif-demo-0.iam.gserviceaccount.com'\n          - export GOOGLE_CREDENTIALS='gcp_temp_cred.json'\n          # Configure Workload Identity Federation via a credentials file.\n          - echo ${BITBUCKET_STEP_OIDC_TOKEN} \u003e .ci_job_jwt_file\n          - gcloud iam workload-identity-pools create-cred-config \"${WIF_PROVIDER}\"\n            --service-account=\"${SERVICE_ACCOUNT}\"\n            --output-file=\"${GOOGLE_CREDENTIALS}\"\n            --credential-source-file=.ci_job_jwt_file\n          - gcloud config set auth/credential_file_override \"${GOOGLE_CREDENTIALS}\"\n          # Now you can run gcloud commands authenticated as the impersonated service account.\n```\n\n### GitHub Actions\n\nGitHub Actions configuration:\n\n```yaml\njobs:\n  cloud-tools-container:\n    runs-on: 'ubuntu-latest'\n    # Use container to run the steps in a job\n    container:\n      image: 'docker://cyclenerd/cloud-tools-container:latest'\n    steps:\n      - name: \"Terraform\"\n        run: terraform --version\n```\n\n### CircleCI\n\nCircleCI configuration:\n\n```yml\njobs:\n  cloud-tools-container:\n    docker:\n      - image: cyclenerd/cloud-tools-container:latest\n    steps:\n      - run:\n          name: Google Cloud CLI\n          command: gcloud --version\n```\n\n## Build\n\n**Multi-Platform Image (AMD64 and ARM64)**\n\nTo build a container image that can run on both AMD64 and ARM64 architectures, use the following command:\n\n```bash\npodman manifest create \"cloud-tools-container\"\npodman build . \\\n  --manifest \"cloud-tools-container\" \\\n  --platform \"linux/amd64,linux/arm64\" \\\n  --tag \"cloud-tools-container:multi\"\n```\n\n**Platform-Specific Images**\n\nCreate a container image only for Intel or AMD 64-Bit CPU (x86-64):\n\n```bash\npodman build . \\\n  --platform \"linux/amd64\" \\\n  --tag \"cloud-tools-container:amd64\"\n```\n\nCreate a container image only for Arm-based 64-Bit CPU:\n\n```bash\npodman build . \\\n  --platform \"linux/arm64\" \\\n  --tag \"cloud-tools-container:arm64\"\n```\n\n**(Alternative) Combining Images into a Multi-Platform Image**\n\nTo combine platform-specific images into one multi-platform image:\n\n```bash\npodman manifest create \"cloud-tools-container:multi\" \\\n  --amend \"cloud-tools-container:amd64\" \\\n  --amend \"cloud-tools-container:arm64\"\npodman manifest inspect \"cloud-tools-container:multi\" | jq\n```\n\n## Contributing\n\nHave a patch that will benefit this project?\nAwesome! Follow these steps to have it accepted.\n\n1. Please read [how to contribute](CONTRIBUTING.md).\n1. Fork this Git repository and make your changes.\n1. Create a Pull Request.\n1. Incorporate review feedback to your changes.\n1. Accepted!\n\n## License\n\nAll files in this repository are under the [Apache License, Version 2.0](LICENSE) unless noted otherwise.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcyclenerd%2Fcloud-tools-container","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcyclenerd%2Fcloud-tools-container","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcyclenerd%2Fcloud-tools-container/lists"}