Docker image with Terraform, Terragrunt, Python, Make, Docker, Git, and all needed components to easily manage cloud infrastructure.
Docker image is available at DockerHub under devopsinfra/docker-terragrunt.
Tag of Docker image tells which version of Terraform and Terragrunt it contains and which public cloud provider CLI it's bundled with or not (see below).
For example:
devopsinfra/docker-terragrunt:tf-0.14.4-tg-0.26.7means it's Terraform v0.14.4 and Terragrunt v0.26.7 without additional CLI.devopsinfra/docker-terragrunt:aws-tf-0.14.4-tg-0.26.7means it's Terraform v0.14.4 and Terragrunt v0.26.7 with AWS CLI.
Source code is available at devopsinfra/docker-terragrunt.
Dockerfile is based on two images made by cytopia: docker-terragrunt and docker-terragrunt-fmt.
Original README files are included in this repository: docker-terragrunt and docker-terragrunt-fmt.
This project grew much bigger than the original ones and is intended to be a framework for cloud Infrastructure-as-a-Code.
Please note focus of those images is to maintain availability of cutting edge versions of Terraform and Terragrunt, not CLIs or other dependencies.
Hence, images are updated when new version of Terraform or Terragrunt is released.
Furthermore, versioning labels of images contain versions of said software to emphasize it. See below.
| Image name | Terraform version | Terragrunt version | Cloud API/SDK |
|---|---|---|---|
devopsinfra/docker-terragrunt:latestdevopsinfra/docker-terragrunt:tf-0.14.4-tg-0.26.7 |
v0.14.4 | v0.26.7 | N/A |
devopsinfra/docker-terragrunt:aws-latestdevopsinfra/docker-terragrunt:aws-tf-0.14.4-tg-0.26.7 |
v0.14.4 | v0.26.7 | awscli - For interacting with AWS infrastructure, e.g. for publishing Lambda packages to S3. boto3 - Python library for interacting with AWS infrastructure in scripts. |
Without public cloud provider CLIs
Use for example devopsinfra/docker-terragrunt:latest.
Amazon Web Services
Use for example devopsinfra/docker-terragrunt:aws-latest.
Google Cloud Platform - TO BE ADDED
Use for example devopsinfra/docker-terragrunt:gcp-latest.
Microsoft Azure - TO BE ADDED
Use for example devopsinfra/docker-terragrunt:azure-latest.
- Mount working directory under
/data, e.g.--volume $(pwd):/data. - Pass cloud provider's credentials as additional file or environment variables, e.g.
--env AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN}or--volume ~/.aws/credentials:/root/.aws/credentials. - Run different Docker container inside this one by sharing the socket, e.g.
--volume /var/run/docker.sock:/var/run/docker.sock. - Access private GitHub repos by SSH (
git::[email protected]:my/private-repo.git) by sharing private key, e.g.--volume ~/.ssh/id_rsa_github_key:/root/.ssh/id_rsa.
For example:
# Format all HCL files in current directory. Including subdirectories.
docker run --rm \
--user $(id -u):$(id -g) \
--volume $(pwd):/data \
devopsinfra/docker-terragrunt:latest format-hcl
# Plan terraform deployment in AWS for files in current directory.
docker run --rm \
--tty --interactive \
--env AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION} \
--env AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
--env AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
--env AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \
--user $(id -u):$(id -g) \
--volume $(pwd):/data \
devopsinfra/docker-terragrunt:aws-latest terraform plan
# Apply terragrunt deployment in subdirectory. With SSH access to GitHub using a private key.
docker run --rm \
--tty --interactive \
--user $(id -u):$(id -g) \
--volume $(pwd):/data \
--volume ~/.ssh/id_rsa_github_integration:/root/.ssh/id_rsa \
devopsinfra/docker-terragrunt:aws-latest terragrunt apply --terragrunt-working-dir some/module
# Run a Makefile target as orchestration script.
docker run --rm \
--tty --interactive \
--user $(id -u):$(id -g) \
--volume $(pwd):/data \
devopsinfra/docker-terragrunt:aws-latest make build| Script name | Is included in PATH | Purpose | Source/Documentation |
|---|---|---|---|
format-hcl |
Yes | For formatting all HCL files (.hcl, .tf and .tfvars) into format suggested by Hashicorp. |
devops-infra |
terragrunt-fmt.sh |
No | Dependency for format-hcl |
cytopia |
| Name | Type | Description | Source/Documentation |
|---|---|---|---|
| bash | Binary | For color output from terraform andterragrunt. Assures also access to some builtins. |
https://www.gnu.org/software/bash/ |
| curl | Binary | For interacting with ElasticSearch and Kibana. | https://curl.haxx.se/ |
| docker | Binary | For running another container, e.g. for deploying Lambdas with LambCI's docker-lambda. | https://github.com/docker/docker-ce |
| git | Binary | For interacting with Github repositories. | https://git-scm.com/ |
| jq | Binary | For parsing JSON outputs of awscli. | https://stedolan.github.io/jq/ |
| hcledit | Binary | For reading and writing HCL files. | https://github.com/minamijoyo/hcledit |
| make | Binary | For using Makefile instead of scripts in deployment process. |
https://www.gnu.org/software/make/ |
| ncurses | Binary | For expanding Makefile with some colors. |
https://invisible-island.net/ncurses/announce.html |
| openssh | Binary | For allowing outgoing SSH connections. | https://www.openssh.com/ |
| openssl | Binary | For calculating BASE64SHA256 hash of Lambda packages. Assures updating Lambdas only when package hash changed. | https://github.com/openssl/openssl |
| ply | Python library | Dependency for pyhcl. | https://github.com/dabeaz/ply |
| pyhcl | Python library | For easily parsing of any files in HCL format, whether it's .hcl, .tfvars or .tf. |
https://github.com/virtuald/pyhcl |
| python3 | Binary | For running more complex scripts during deployment process. | https://www.python.org/ |
| requests | Python library | For sending HTTP requests, for example integration with Slack | https://github.com/psf/requests |
| sops | Binary | For encrypting config files for Terragrunt's sops_decrypt_file. |
https://github.com/mozilla/sops/ |
| terraform | Binary | For managing IaC. Dependency for Terragrunt. | https://github.com/hashicorp/terraform |
| terragrunt | Binary | For managing IaC. Wrapper over Terraform. | https://github.com/gruntwork-io/terragrunt |
| tflint | Binary | For linting Terraform files. | https://github.com/terraform-linters/tflint |
| zip | Binary | For creating packages for Lambdas. | http://infozip.sourceforge.net/ |