Merge pull request #7 from topfreegames/feat/aws-cli-v2

Update binaries and uses aws-cli v2

Dockerfile

@@ -1,23 +1,23 @@
-FROM alpine:3.12.0
+FROM frolvlad/alpine-glibc:alpine-3.12
 
 LABEL maintainer="Wildlife Studios"
 
 ARG BASH_VERSION=5.0.17-r0
 ARG CURL_VERSION=7.69.1-r3
 ARG GREP_VERSION=3.4-r0
 ARG GIT_VERSION=2.26.2-r0
-ARG PYTHON_VERSION=3.8.5-r0
 ARG JQ_VERSION=1.6-r1
+ARG MAKE_VERSION=4.3-r0
+ARG PYTHON_VERSION=3.8.5-r0
 ARG PY3_PIP_VERSION=20.1.1-r0
 ARG ZIP_VERSION=3.0-r8
 
-ARG VAULT_VERSION=1.3.4
+ARG VAULT_VERSION=1.6.0
+ARG CONFTEST_VERSION=0.22.0
 ARG TFENV_VERSION=1.1.1
-ARG AWSCLI_VERSION=1.18.27
-ARG MAKE_VERSION=4.3-r0
-ARG KUBECTL_VERSION=v1.18.5
-ARG OPA_VERSION=v0.25.2
-ARG CONFTEST_VERSION=0.21.0
+ARG KUBECTL_VERSION=v1.20.0
+ARG TERRAGRUNT=v0.27.1
+
 
 # Base dependencies
 RUN apk update && \
@@ -44,18 +44,32 @@ RUN curl -fsSL -o /usr/local/bin/opa https://github.com/open-policy-agent/opa/re
       opa version
 
 # conftest
-RUN wget https://github.com/open-policy-agent/conftest/releases/download/v${CONFTEST_VERSION}/conftest_${CONFTEST_VERSION}_Linux_x86_64.tar.gz && \
-      tar xzf conftest_${CONFTEST_VERSION}_Linux_x86_64.tar.gz -C /usr/bin/ && \
-      rm conftest_${CONFTEST_VERSION}_Linux_x86_64.tar.gz && \
-      conftest --version
+RUN curl -L https://github.com/open-policy-agent/conftest/releases/download/v0.22.0/conftest_0.22.0_Linux_x86_64.tar.gz --output - | \
+      tar -xzf - -C /usr/local/bin
 
 # tfenv (terraform)
 RUN git clone -b ${TFENV_VERSION} --single-branch --depth 1 \
       https://github.com/topfreegames/tfenv.git /opt/tfenv && \
       ln -s /opt/tfenv/bin/* /usr/local/bin
 
-# AWS CLI
-RUN pip3 install awscli==${AWSCLI_VERSION}
+# Terragrunt
+ADD https://github.com/gruntwork-io/terragrunt/releases/download/${TERRAGRUNT}/terragrunt_linux_amd64 /usr/local/bin/terragrunt
+RUN chmod +x /usr/local/bin/terragrunt
+
+# AWS CLI v1
+
+RUN pip3 install awscli
+
+# AWS CLI v2
+RUN curl -L https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip --output - | \
+      busybox unzip -d /tmp/ - && \
+      chmod +x -R /tmp/aws && \
+      ./tmp/aws/install -i /usr/local/aws-cli-v2 -b /usr/local/bin/aws-cli-v2 && \
+      rm -rf ./tmp/aws
+
+RUN echo "if [ ! -z \${AWSCLIV2} ]; then rm -f /usr/bin/aws; ln -s /usr/local/bin/aws-cli-v2/aws /usr/bin/aws; fi" >> ~/.shrc
+RUN echo "if [ ! -z \${AWSCLIV2} ]; then rm -f /usr/bin/aws; ln -s /usr/local/bin/aws-cli-v2/aws /usr/bin/aws; fi" >> ~/.bashrc
+ENV ENV="/root/.shrc"
 
 # Kubectl
 ADD https://storage.googleapis.com/kubernetes-release/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl /bin/kubectl

README.md

@@ -1,23 +1,36 @@
-[![Repository on Quay](https://quay.io/repository/tfgco/iac-ci/status "Repository on Quay")](https://quay.io/repository/tfgco/iac-ci)
+[![Build status](https://github.com/topfreegames/iac-docker-image/workflows/Publish%20new%20Docker%20image/badge.svg
+)](https://github.com/topfreegames/iac-docker-image/actions)
+[![Docker Repository on Docker Hub](https://img.shields.io/badge/Docker%20Hub-ready-%23099cec)](https://hub.docker.com/r/tfgco/iac-ci)
+[![Docker Repository on Quay](https://img.shields.io/badge/Quay.io-ready-%23BE0000)](https://quay.io/repository/tfgco/iac-ci)
 
-[![Docker Repository on Docker Hub](https://img.shields.io/docker/v/tfgco/iac-ci?label=docker%20hub "Docker Repository on Docker Hub")](https://hub.docker.com/r/tfgco/iac-ci)
+# Infrastructe as Code Image
 
-# Base image used for our IaC CI pipeline
+Image used in our Infrastructe as Code pipelines.
 
-This image is based on alpine linux and includes:
+- `awscli`
+- `bash`
+- `curl`
+- `conftest`
+- `grep`
+- `git`
+- `jq`
+- `kubectl`
+- `make`
+- `python3`
+- `pip43`
+- `terragrunt`
+- `tfenv`
+- `vault`
+- `zip`
 
-- bash
-- curl
-- git
-- vault
-- tfenv (terraform)
-- awscli
-- make
-- jq
-- kubectl
-- opa
-- conftest
+## AWSCLI notes
 
+This image uses awscli v1 by default. To enable usage of awscli v2 set the AWSCLIV2 environment variable to any value.  
+
+## Latest versions
+
+[![Normal Docker Image Size](https://img.shields.io/docker/v/tfgco/iac-ci/latest?label=normal%20version&color=blue)](https://hub.docker.com/r/tfgco/iac-ci)
+[![Normal Docker Image Size](https://img.shields.io/docker/image-size/tfgco/iac-ci/latest?label=normal%20image%20size&color=lightgray)](https://hub.docker.com/r/tfgco/iac-ci)
 ## Hosted at
 
 Quay: https://quay.io/repository/tfgco/iac-ci

workflows/docker-build-push.yml

@@ -0,0 +1,45 @@
+name: Publish new Docker image
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  dockerhub-build-push:
+    name: DockerHub Build and Push
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+    - name: Get the current release version 
+      id: vars
+      run: echo ::set-output name=tag::$(echo ${GITHUB_REF:10})
+    - name: Build the Docker image
+      run: docker build . --file Dockerfile --tag tfgco/iac-ci:latest
+    - name: Login to DockerHub Registry
+      run: echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
+    - name: Push the latest Docker image
+      run: docker push tfgco/iac-ci:latest
+    - name: Tag the release Docker image
+      run: docker tag tfgco/iac-ci:latest tfgco/iac-ci:${{steps.vars.outputs.tag}} 
+    - name: Push the tagged release Docker image
+      run: docker push tfgco/iac-ci:${{steps.vars.outputs.tag}} 
+  quayio-build-push:
+    name: Quay.io Build and Push
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+    - name: Get the current release version 
+      id: vars
+      run: echo ::set-output name=tag::$(echo ${GITHUB_REF:10})
+    - name: Build the Docker image
+      run: docker build . --file Dockerfile --tag quay.io/tfgco/iac-ci:latest
+    - name: Login to Quay.io Registry
+      run: echo ${{ secrets.QUAYIO_TOKEN }} | docker login -u ${{ secrets.QUAYIO_USERNAME }} --password-stdin quay.io
+    - name: Push the latest Docker image
+      run: docker push quay.io/tfgco/iac-ci:latest
+    - name: Tag the release Docker image
+      run: docker tag quay.io/tfgco/iac-ci:latest quay.io/tfgco/iac-ci:${{steps.vars.outputs.tag}} 
+    - name: Push the tagged release Docker image
+      run: docker push quay.io/tfgco/iac-ci:${{steps.vars.outputs.tag}}