{"id":19805973,"url":"https://github.com/cycloidio/docker-cycloid-toolkit","last_synced_at":"2025-08-18T18:04:29.620Z","repository":{"id":37084608,"uuid":"223174739","full_name":"cycloidio/docker-cycloid-toolkit","owner":"cycloidio","description":"Docker image which contain tools and a scripts for cycloid.io","archived":false,"fork":false,"pushed_at":"2025-08-12T12:11:45.000Z","size":245,"stargazers_count":1,"open_issues_count":4,"forks_count":0,"subscribers_count":6,"default_branch":"develop","last_synced_at":"2025-08-12T14:27:28.791Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cycloidio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-11-21T12:58:54.000Z","updated_at":"2025-08-12T12:11:48.000Z","dependencies_parsed_at":"2024-07-08T16:11:31.598Z","dependency_job_id":"c7dbf40e-5acd-4e38-a7d8-e95b5ae9de92","html_url":"https://github.com/cycloidio/docker-cycloid-toolkit","commit_stats":{"total_commits":166,"total_committers":12,"mean_commits":"13.833333333333334","dds":0.3975903614457831,"last_synced_commit":"62acd3ef09e250a35a04ecee08b3771c65c0ccd0"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/cycloidio/docker-cycloid-toolkit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cycloidio%2Fdocker-cycloid-toolkit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cycloidio%2Fdocker-cycloid-toolkit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cycloidio%2Fdocker-cycloid-toolkit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cycloidio%2Fdocker-cycloid-toolkit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cycloidio","download_url":"https://codeload.github.com/cycloidio/docker-cycloid-toolkit/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cycloidio%2Fdocker-cycloid-toolkit/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":271035378,"owners_count":24688396,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-18T02:00:08.743Z","response_time":89,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-12T09:06:03.620Z","updated_at":"2025-08-18T18:04:29.607Z","avatar_url":"https://github.com/cycloidio.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Cycloid toolkit\n\n**Automated build for latest tag**\n\nDocker image which contain tools and a scripts for cycloid.io deployment pipeline.\n\n**azure-latest**\n\nDue to https://github.com/Azure/azure-cli/issues/22955, the azure cli is not included in the basic toolkit image.\nWe currently provide a build of the toolkit with azure cli under the `azure-latest` tag.\n\nBuild note for this image:\n\n```bash\ndocker build -t cycloid/cycloid-toolkit:azure-latest -f Dockerfile.azure .\ndocker push cycloid/cycloid-toolkit:azure-latest\n```\n\n**gcp-latest**\n\nDue to the same reason as Azure image size, we currently provide a build of the toolkit with gcp cli under the `gcp-latest` tag.\n\nBuild note for this image:\n\n```bash\ndocker build -t cycloid/cycloid-toolkit:gcp-latest -f Dockerfile.gcp .\ndocker push cycloid/cycloid-toolkit:gcp-latest\n```\n\n# Commands\n\n## ansible-runner\n\nThis script use env vars configuration to run ansible playbook with ssh proxy on a bastion.\n\n./scripts/ansible-runner\n * `(SSH_PRIVATE_KEY)`: SSH key to use to connect on servers\n * `(SSH_PRIVATE_KEYS)`: SSH key array to use to connect on servers. Example: [\"PRIVATE_KEY\",\"PRIVATE_KEY\"]\n * `(BASTION_URL)`: [DEPRECATED] SSH URL of the bastion server. Example: `admin@myserver.com`\n * `(SSH_JUMP_URL)`: SSH ProxyJump URL used with `ssh ProxyJump`. Example: `user1@Bastion1,user2@Bastion2`\n * `(TAGS)`: Only run plays and tasks tagged with these values\n * `(SKIP_TAGS)`: Only run plays and tasks whose tags do not match these values\n * `(EXTRA_ANSIBLE_ARGS)`: Additional ansible-playbook arguments\n * `(EXTRA_ANSIBLE_VARS)`: Ansible extra-vars, set additional variables, json dict format.\n * `(ANSIBLE_REMOTE_USER)`: Ansible remote user. Default: `admin`. Use `empty` to disable ansible user (usefull with AWS SSM).\n * `(ANSIBLE_LIMIT_HOSTS)`: Select a subset of the inventory\n * `(ANSIBLE_GALAXY_EXTRA_ARGS)`: Additional ansible-galaxy arguments\n * `(ANSIBLE_VAULT_PASSWORD)`: Vault password if you use [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html) files\n * `(ANSIBLE_FORCE_GALAXY)`: Force to run Ansible galaxy to updated eventual cached ansible roles. Default: `false`.\n * `(ANSIBLE_PLAYBOOK_NAME)`: Name of the ansible playbook to run. Default: `site.yml`.\n * `(ANSIBLE_PLAYBOOK_PATH)`: Path of the ansible playbook to run. Default: `ansible-playbook`.\n * `(ANSIBLE_FAIL_WHEN_NO_HOST)`: Fail when no host is found. Default: `false`.\n * `(DEBUG)`: Run in debug mode\n\nansible-common:\n * `(ANSIBLE_STDOUT_CALLBACK)`: Callback plugin used for ansible output. Example: `default` can be used to see debug messages. Default: `actionable`.\n\nAWS ec2 inventory:\n * `(AWS_INVENTORY)`: If the Amazon EC2 dynamic inventory need to be used or no, can be eiter `true`, `false` or `auto`. `auto` checks if `AWS_ACCESS_KEY_ID` is set or not. Default: `auto`.\n * Cloud access used by Amazon EC2 dynamic inventory\n - `(CY_AWS_CRED)`: Use Cycloid AWS credential\n or\n - `(AWS_ACCESS_KEY_ID)`: Used by Amazon EC2 dynamic inventory\n - `(AWS_SECRET_ACCESS_KEY)`: Used by Amazon EC2 dynamic inventory\n * `(AWS_EC2_COMPOSE_ANSIBLE_HOST)`: Can be either `public_ip_address` for public ip address or `private_ip_address`, see [ansible_doc](https://docs.ansible.com/ansible/latest/collections/amazon/aw s/aws_ec2_inventory.html) or run ansible-runner-inventory to see available choices. Default: `private_ip_address`\n\nAzure azure_rm inventory:\n * `(AZURE_INVENTORY)`: If the Azure dynamic inventory need to be used or no, can be eiter `true`, `false` or `auto`. `auto` checks if `AZURE_SUBSCRIPTION_ID` is set or not. Default: `auto`.\n * Cloud access used by Azurerm dynamic inventory\n - `(CY_AZURE_CRED)`: Use Cycloid Azure credential\n or\n - `(AZURE_SUBSCRIPTION_ID)`: Used by Azure dynamic inventory\n - `(AZURE_TENANT_ID)`: Used by Azure dynamic inventory\n - `(AZURE_CLIENT_ID)`: Used by Azure dynamic inventory\n - `(AZURE_SECRET)`: Used by Azure dynamic inventory\n * `(AZURE_USE_PRIVATE_IP)`: Can be either `True` or `False`, see [azure_rm.py](https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/azure_rm.py). Default: `True`.\n * `(ANSIBLE_PLUGIN_AZURE_PLAIN_HOST_NAMES)`: By default this plugin will use globally unique host names. This option allows you to override that, and use the name that matches the old inventory script naming.. Default: `False`.\n note: Ansible `azure_rm` plugin is used for ansible `\u003e= 2.8` else `azure_rm.py` script will be used\n\nGCP gcp_compute inventory:\n * `(GCP_INVENTORY)`: If the GCP dynamic inventory needs to be used or not, can be either `true`, `false` or `auto`. `auto` checks if `GCP_SERVICE_ACCOUNT_CONTENTS` is set or not. Default: `auto`.\n * Cloud access used by Google compute dynamic inventory\n - `(CY_GCP_CRED)`: Use Cycloid GCP credential\n or\n - `(GCP_SERVICE_ACCOUNT_CONTENTS)`: Used by GCP dynamic inventory. The GCP Service Account in JSON format.\n * `(GCP_USE_PRIVATE_IP)`: Can be either `True` or `False`. Default: `True`.\n\nVMware Guest inventory:\n * `(VMWARE_VM_INVENTORY)`: If the VMware Guest inventory needs to be used or not, can be either `true`, `false` or `auto`. `auto` checks if `VMWARE_SERVER` is set or not. Default: `auto`.\n * Cloud access used by VMware inventory\n - `(CY_VMWARE_CRED)`: Use Cycloid VMWARE credential\n or\n - `(VMWARE_USERNAME)`: Used by VMware Guest inventory. Name of vSphere user.\n - `(VMWARE_PASSWORD)`: Used by VMware Guest inventory. Password of vSphere user.\n * `(VMWARE_SERVER)`: Used by VMware Guest inventory. Name or IP address of vCenter server.\n * `(VMWARE_PORT)`: Used by VMware Guest inventory. Service port of vCenter server. Default: 443\n\nExample of pipeline configuration :\n\n**YAML anchors**\n\n```YAML\nshared:\n - \u0026run-ansible-from-bastion\n config:\n platform: linux\n image_resource:\n type: registry-image\n source:\n repository: cycloid/cycloid-toolkit\n tag: latest\n run:\n path: /usr/bin/ansible-runner\n caches:\n - path: ansible-playbook/roles\n inputs:\n - name: ansible-playbook\n path: ansible-playbook\n```\n\n**usage**\n\n```YAML\n - task: run-ansible\n \u003c\u003c: *run-ansible-from-bastion\n params:\n SSH_JUMP_URL: ((bastion_url))\n SSH_PRIVATE_KEY: ((bastion_ssh.ssh_key))\n SSH_PRIVATE_KEYS:\n - ((user1_ssh.ssh_key))\n - ((user2_ssh.ssh_key))\n ANSIBLE_VAULT_PASSWORD: ((ansible))\n AWS_ACCESS_KEY_ID: ((aws_access_key))\n AWS_SECRET_ACCESS_KEY: ((aws_secret_key))\n EXTRA_ANSIBLE_ARGS: \"--limit tag_role_front\"\n AWS_DEFAULT_REGION: eu-west-1\n ANSIBLE_PLAYBOOK_PATH: ansible-playbook\n ANSIBLE_PLAYBOOK_NAME: ((customer)).yml\n EXTRA_ANSIBLE_VARS:\n customer: ((customer))\n project: ((project))\n env: ((env))\n TAGS:\n - deploy\n```\n\n## ansible-runner-inventory\n\nThis script use env vars configuration to run ansible-inventory command. Purpose is to help troubleshooting Ansible inventory issues\nkeeping all features and automatic inventory load from ansible-common.sh\n\n./scripts/ansible-runner-inventory\n * `(ANSIBLE_PLAYBOOK_PATH)`: Path of the ansible playbook to run. Default: `ansible-playbook`.\n\nExample of pipeline configuration :\n\n**YAML anchors**\n\n```YAML\nshared:\n - \u0026run-ansible-inventory\n config:\n platform: linux\n image_resource:\n type: registry-image\n source:\n repository: cycloid/cycloid-toolkit\n tag: latest\n run:\n path: /usr/bin/ansible-runner-inventory\n inputs:\n - name: ansible-playbook\n path: ansible-playbook\n```\n\n**usage**\n\n```YAML\n - task: run-ansible\n \u003c\u003c: *run-ansible-inventory\n params:\n AWS_ACCESS_KEY_ID: ((aws_access_key))\n AWS_SECRET_ACCESS_KEY: ((aws_secret_key))\n ANSIBLE_PLAYBOOK_PATH: ansible-playbook\n```\n\n## aws-ami-cleaner\n\nProvide a way to clean old Amazon AMI. Usually usefull whan you often build new AMI for your ASG.\n\nExample of pipeline configuration :\n\n**YAML anchors**\n\n```YAML\nshared:\n - \u0026aws-ami-cleaner\n task: aws-ami-cleaner\n config:\n platform: linux\n image_resource:\n type: registry-image\n source:\n repository: cycloid/cycloid-toolkit\n tag: latest\n run:\n path: /usr/bin/aws-ami-cleaner\n params:\n AWS_ACCESS_KEY_ID: ((aws_access_key))\n AWS_SECRET_ACCESS_KEY: ((aws_secret_key))\n AWS_NAME_PATTERNS: \u003e\n [\n \"projcet1_front_prod\",\n \"project1_batch_prod\"\n ]\n```\n\n**usage**\n\n```\n - *aws-ami-cleaner\n```\n\n\n## aws-ecr-cleaner\n\nProvide a way to clean old docker images from ECR. Usually usefull whan you often build new image for your ecs.\n\nExample of pipeline configuration :\n\n**YAML anchors**\n\n```YAML\nshared:\n - \u0026aws-ecr-cleaner\n task: aws-ecr-cleaner\n config:\n platform: linux\n image_resource:\n type: registry-image\n source:\n repository: cycloid/cycloid-toolkit\n tag: latest\n run:\n path: /usr/bin/aws-ecr-cleaner\n params:\n AWS_ACCESS_KEY_ID: ((aws_access_key))\n AWS_SECRET_ACCESS_KEY: ((aws_secret_key))\n REGION: ((aws_default_region))\n DRYRUN: False\n IMAGES_TO_KEEP: 2\n REPOSITORIES_FILTER: 'foo bar'\n # For a global clean with exclude:\n IGNORE_TAGS_REGEX: 'dev|staging|prod|latest-'\n # For a clean on specific tag/env\n FILTER_TAGS_REGEX: '^dev-'\n```\n\n**usage**\n\n```\n - *aws-ecr-cleaner\n```\n\n\n## vault-approle-login\n\nThis script use env vars configuration to get a vault token using approle auth.\nThe token is inserted in a tf variable file.\n\nExample of pipeline configuration :\n\n**YAML anchors**\n\n```YAML\nshared:\n - \u0026vault-approle-login\n task: vault-approle-login\n config:\n platform: linux\n image_resource:\n type: registry-image\n source:\n repository: cycloid/cycloid-toolkit\n tag: latest\n run:\n path: /usr/bin/vault-approle-login\n outputs:\n - name: vault-token\n path: vault-token\n params:\n VAULT_ROLEID: ((vault.role_id))\n VAULT_SECRETID: ((vault.secret_id))\n```\n\n**usage**\n\n```\n - *vault-approle-login\n```\n\n## extract-terraform-outputs\n\nThis script is mostly expected to be used by the `merge-stack-and-config` script.\nIts purpose is to export all terraform outputs as both a YAML and shell script files in addition to loading them as environment variables in the current shell execution scope.\n\n./scripts/extract-terraform-outputs\n * `(TERRAFORM_METADATA_FILE)` Defaults to `terraform/metadata` and fallback to TERRAFORM_DEFAULT_METADATA_FILE.'\n * `(TERRAFORM_DEFAULT_METADATA_FILE)` Defaults to `tfstate/metadata`.'\n * `(OUTPUT_ANSIBLE_VAR_FILE)` Ansible variables file. Defaults to `output-var/all`. You might want to use `ansible-playbook/group_vars/all`.'\n * `(OUTPUT_ENV_VAR_FILE)` Shell environment variables file. Defaults to `output-var/env`. Special chars in variable name are replaced by \"_\"'\n * `(OUTPUT_VAR_PATH)` base path used for all *_VAR_FILE. Defaults to `output-var`.'\n\n\n## merge-stack-and-config\n\nThis script use env vars configuration to merge stack and config for Cycloid.io.\n\n**YAML anchors**\n\n```YAML\nshared:\n - \u0026merge-stack-and-config\n platform: linux\n image_resource:\n type: registry-image\n source:\n repository: cycloid/cycloid-toolkit\n tag: latest\n run:\n path: /usr/bin/merge-stack-and-config\n outputs:\n - name: merged-stack\n path: \"merged-stack\"\n\n```\n\n**usage**\n\n```YAML\n - task: merge-stack-and-config\n config:\n \u003c\u003c: *merge-stack-and-config\n inputs:\n - name: ((project))-config-ansible\n path: \"config\"\n - name: ((project))-stack-ansible\n path: \"stack\"\n # Provide terraform outputs to add them as ansible vars\n - name: ((project))-terraform-apply\n path: \"terraform\"\n params:\n CONFIG_PATH: ((project))/ansible\n STACK_PATH: stack-((project))/ansible\n```\n\n\n# Build and test a local image\n\n```bash\nexport IMAGE_NAME=\"cycloid/cycloid-toolkit:develop\"\nexport PYTHON_VERSION=3\nexport ANSIBLE_VERSION=10.*\ndocker build -t $IMAGE_NAME --build-arg=PYTHON_VERSION=\"$PYTHON_VERSION\" --build-arg=ANSIBLE_VERSION=\"$ANSIBLE_VERSION\" .\n\nvirtualenv -p python3 --clear .env\nsource .env/bin/activate\npip install unittest2 docker\npython tests.py -v\n```\n\n\n# Push new image tag\n\nTags are currently based on ansible version installed in the docker image.\n\n\u003e **If you update ansible version, push a new image tag**\n\n```\nsudo docker build . -t cycloid/cycloid-toolkit:v2.9\nsudo docker push cycloid/cycloid-toolkit:v2.9\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcycloidio%2Fdocker-cycloid-toolkit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcycloidio%2Fdocker-cycloid-toolkit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcycloidio%2Fdocker-cycloid-toolkit/lists"}