amd64
and aarch64/arm64
images!ot-
)!Docker image with Terraform or Terragrunt, together with Terragrunt, Go, Python, Make, Docker, Git, and all needed components to easily manage cloud infrastructure for CI/CD environments as a runner image.
Including cloud CLIs and SDKs for Amazon Web Services, Microsoft Azure, Google Cloud Platform and YandexCloud.
Best used as runner image for CI/CD in automation, as well as a consistent local run environment.
Please note focus of those images is to maintain availability of current versions of Terraform, OpenTofu and Terragrunt, not CLIs or other dependencies.
Hence, images are updated when new version of Terraform, OpenTofu or Terragrunt is released. Furthermore, versioning labels of images contain versions of said software to emphasize it.
Source code is available at devops-infra/docker-terragrunt.
Dockerfile was based on two images made
by cytopia: docker-terragrunt
and docker-terragrunt-fmt
.
Original README files are included in this
repository: docker-terragrunt
and docker-terragrunt-fmt
. This project grew much bigger than the original ones and is intended to be a framework for cloud
Infrastructure-as-a-Code.
Tag of the image tells which version of Terraform and Terragrunt it contains and which public cloud provider CLI it's bundled with or not (see second table below).
Current release full tag version value |
---|
tf-1.9.5-ot-1.8.1-tg-0.67.1 |
Registry | Example full image name | Image name | Image version | Terraform version | OpenTofu version | Terragrunt version |
---|---|---|---|---|---|---|
Docker Hub | devopsinfra/docker-terragrunt:tf-1.9.5-tg-0.67.1 |
docker-terragrunt |
tf-1.9.5-tg-0.67.1 |
1.9.5 |
N/A |
0.67.1 |
Docker Hub | devopsinfra/docker-terragrunt:ot-1.8.1-tg-0.67.1 |
docker-terragrunt |
ot-1.8.1-tg-0.67.1 |
N/A |
1.8.1 |
0.67.1 |
GitHub Packages | ghcr.io/devops-infra/docker-terragrunt/docker-terragrunt:tf-1.9.5-tg-0.67.1 |
docker-terragrunt |
tf-1.9.5-tg-0.67.1 |
1.9.5 |
N/A |
0.67.1 |
GitHub Packages | ghcr.io/devops-infra/docker-terragrunt/docker-terragrunt:ot-1.8.1-tg-0.67.1 |
docker-terragrunt |
ot-1.8.1-tg-0.67.1 |
N/A |
1.8.1 |
0.67.1 |
Tag of the image tells also which cloud API/SDK is included in the image.
Image name | AWS | Azure | GCP | OT | TF | Description | Size |
---|---|---|---|---|---|---|---|
docker-terragrunt:slim-tf-1.9.5-tg-0.67.1 |
❌ | ❌ | ❌ | ❌ | ✅ | Lightweight version with TF, TG and bare dependencies | |
docker-terragrunt:slim-ot-1.8.1-tg-0.67.1 |
❌ | ❌ | ❌ | ✅ | ❌ | Lightweight version with OT, TG and bare dependencies | |
docker-terragrunt:tf-1.9.5-tg-0.67.1 |
❌ | ❌ | ❌ | ❌ | ✅ | Normal version, with TF. Having Go, Python, Make, etc. | |
docker-terragrunt:ot-1.8.1-tg-0.67.1 |
❌ | ❌ | ❌ | ✅ | ❌ | Normal version, with OT. Having Go, Python, Make, etc. | |
docker-terragrunt:aws-tf-1.9.5-tg-0.67.1 |
✅ | ❌ | ❌ | ❌ | ✅ | Normal version with AWS CLI, with TF. | |
docker-terragrunt:aws-ot-1.8.1-tg-0.67.1 |
✅ | ❌ | ❌ | ✅ | ❌ | Normal version with AWS CLI, with OT. | |
docker-terragrunt:azure-tf-1.9.5-tg-0.67.1 |
❌ | ✅ | ❌ | ❌ | ✅ | Normal version with Azure CLI, with TF. | |
docker-terragrunt:azure-ot-1.8.1-tg-0.67.1 |
❌ | ✅ | ❌ | ✅ | ❌ | Normal version with Azure CLI, with OT. | |
docker-terragrunt:aws-azure-tf-1.9.5-tg-0.67.1 |
✅ | ✅ | ❌ | ❌ | ✅ | Normal version with AWS and Azure CLIs, with TF. | |
docker-terragrunt:aws-azure-ot-1.8.1-tg-0.67.1 |
✅ | ✅ | ❌ | ✅ | ❌ | Normal version with AWS and Azure CLIs, with OT. | |
docker-terragrunt:gcp-tf-1.9.5-tg-0.67.1 |
❌ | ❌ | ✅ | ❌ | ✅ | Normal version with GCP CLI, with TF. | |
docker-terragrunt:gcp-ot-1.8.1-tg-0.67.1 |
❌ | ❌ | ✅ | ✅ | ❌ | Normal version with GCP CLI, with OT. | |
docker-terragrunt:aws-gcp-tf-1.9.5-tg-0.67.1 |
✅ | ❌ | ✅ | ❌ | ✅ | Normal version with AWS and GCP CLIs, with TF. | |
docker-terragrunt:aws-gcp-ot-1.8.1-tg-0.67.1 |
✅ | ❌ | ✅ | ✅ | ❌ | Normal version with AWS and GCP CLIs, with OT. | |
docker-terragrunt:azure-gcp-tf-1.9.5-tg-0.67.1 |
❌ | ✅ | ✅ | ❌ | ✅ | Normal version with Azure and GCP CLIs, with TF. | |
docker-terragrunt:azure-gcp-ot-1.8.1-tg-0.67.1 |
❌ | ✅ | ✅ | ✅ | ❌ | Normal version with Azure and GCP CLIs, with OT. | |
docker-terragrunt:aws-azure-gcp-tf-1.9.5-tg-0.67.1 |
✅ | ✅ | ✅ | ❌ | ✅ | Normal version with AWS, Azure and GCP CLIs, with TF. | |
docker-terragrunt:aws-azure-gcp-ot-1.8.1-tg-0.67.1 |
✅ | ✅ | ✅ | ✅ | ❌ | Normal version with AWS, Azure and GCP CLIs, with OT. | |
docker-terragrunt:yc-tf-1.9.5-tg-0.67.1 |
❌ | ❌ | ❌ | ❌ | ✅ | Normal version with YandexCloud CLI, with TF. | |
docker-terragrunt:yc-ot-1.8.1-tg-0.67.1 |
❌ | ❌ | ❌ | ✅ | ❌ | Normal version with YandexCloud CLI, with OT. |
/data
, e.g. --volume $(pwd):/data
.--env AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN}
or --volume ~/.aws/credentials:/root/.aws/credentials
.--privileged --volume /var/run/docker.sock:/var/run/docker.sock
..gitconfig
and/or SSH key (if needed),--volume ~/.gitconfig:/root/.gitconfig --volume ~/.ssh/id_rsa_github:/root/.ssh/id_rsa
.gitconfig
to mountUse https with Personal Access Token:
[url "https://{GITHUB_TOKEN}@github.com/"]
insteadOf = https://github.com/
[url "https://{GITHUB_TOKEN}@github.com/"]
insteadOf = git+ssh://github.com/
[url "https://{GITHUB_TOKEN}@github.com/"]
insteadOf = git@github.com:
Use https instead of git/ssh:
[url "https://github.com/"]
insteadOf = git+ssh://github.com/
[url "https://github.com/"]
insteadOf = git@github.com:
Use ssh instead of https:
[url "ssh://git@github.com/"]
insteadOf = https://github.com/
[url "ssh://git@github.com/"]
insteadOf = git@github.com:
docker run --rm \
--user $(id -u):$(id -g) \
--volume $(pwd):/data \
devopsinfra/docker-terragrunt:latest format-hcl
docker run --rm \
--tty --interactive \
--env AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION} \
--env AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
--env AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
--env AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \
--user $(id -u):$(id -g) \
--volume $(pwd):/data \
devopsinfra/docker-terragrunt:aws-latest terraform plan
~/.gitconfig
file with PAT.docker run --rm \
--tty --interactive \
--user $(id -u):$(id -g) \
--volume $(pwd):/data \
--volume ~/.gitconfig:/root/.gitconfig \
devopsinfra/docker-terragrunt:aws-latest terragrunt apply --terragrunt-working-dir some/module
docker run --rm \
--tty --interactive \
--user $(id -u):$(id -g) \
--volume $(pwd):/data \
devopsinfra/docker-terragrunt:aws-latest make build
Script name | Is included in PATH | Purpose | Source/Documentation |
---|---|---|---|
format-hcl |
Yes | For formatting all HCL files (.hcl , .tf and .tfvars ) into format suggested by Hashicorp. |
devops-infra |
terragrunt-fmt.sh |
No | Dependency for format-hcl |
cytopia |
show-versions.sh |
Yes | Main CMD target for Docker image, just to show all installed binaries versions. | devops-infra |
Some are conditional, depending on the selected flavour, marked with *
Name | Type | Description | Source/Documentation |
---|---|---|---|
*awscli** | Binary | For interacting with AWS via terminal. | https://github.com/aws/aws-cli |
*azure-cli** | Binary | For interacting with Azure via terminal. | https://github.com/Azure/azure-cli |
bc | Binary | For numeric operations. | https://www.gnu.org/software/bc/bc.html |
*boto3** | Python library | For interacting with AWS via Python. | https://github.com/boto/boto3 |
cloudflare | Python library | For Cloudflare API operations | https://github.com/cloudflare/python-cloudflare |
curl | Binary | For interacting with ElasticSearch and Kibana. | https://curl.haxx.se/ |
docker | Binary | For running another container, e.g. for deploying Lambdas with LambCI's docker-lambda. | https://github.com/docker/docker-ce |
git | Binary | For interacting with Github repositories. | https://git-scm.com/ |
go | Binary | For using Golang, e.g. easy install of additional libraries/binaries. | https://go.dev/ |
*google-cloud-sdk** | Binary | For interacting with GCP via terminal. | https://cloud.google.com/sdk |
gnupg | Binary | For GPG operations. | https://gnupg.org/ |
graphviz | Binary | For generating graphic files from dot graphs, like terraform graph . |
https://graphviz.org/ |
hub | Binary | For interacting with Github APIs. | https://github.com/github/hub |
jq | Binary | For parsing JSON outputs of awscli. | https://stedolan.github.io/jq/ |
hcledit | Binary | For reading and writing HCL files. | https://github.com/minamijoyo/hcledit |
make | Binary | For using Makefile instead of scripts in deployment process. |
https://www.gnu.org/software/make/ |
ncurses | Binary | For expanding Makefile with some colors. |
https://invisible-island.net/ncurses/announce.html |
openssh | Binary | For allowing outgoing SSH connections. | https://www.openssh.com/ |
openssl | Binary | For calculating BASE64SHA256 hash of Lambda packages. Assures updating Lambdas only when package hash changed. | https://github.com/openssl/openssl |
opentofu | Binary | As open-source alternative to Terraform. | https://github.com/opentofu/opentofu |
PyGithub | Python library | For interacting with GitHub API. | https://github.com/PyGithub/PyGithub |
python-hcl2 | Python library | For reading HCL files in Python. | https://github.com/amplify-education/python-hcl2 |
python3 | Binary | For running more complex scripts during deployment process. | https://www.python.org/ |
requests | Python library | For sending HTTP requests, for example integration with Slack | https://github.com/psf/requests |
slack_sdk | Python library | For integration with Slack applications/bots, e.g. creating channels for notifications | https://github.com/slackapi/python-slack-sdk |
sops | Binary | For encrypting config files for Terragrunt's sops_decrypt_file . |
https://github.com/mozilla/sops/ |
terraform | Binary | For managing IaC. Dependency for Terragrunt. | https://github.com/hashicorp/terraform |
terragrunt | Binary | For managing IaC. Wrapper over Terraform. | https://github.com/gruntwork-io/terragrunt |
tflint | Binary | For linting Terraform files. | https://github.com/terraform-linters/tflint |
unzip | Binary | For extracting packages. | http://infozip.sourceforge.net/ |
yc | Binary | For interaction with Yandex Cloud via terminal. | https://cloud.yandex.com/en/docs/cli |
zip | Binary | For creating packages for Lambdas. | http://infozip.sourceforge.net/ |
Thanks goes to these wonderful people (emoji key):
Krzysztof Szyper 💻 📦 🚧 |
cytopia 🤔 💻 |
Marko Djukic 💻 |
Phileas Lebada 🤔 |
Matthew Smedberg 💻 |
Dmitri 🐛 💻 |
This project follows the all-contributors specification. Contributions of any kind welcome!