All #awesome-ci Docker images
ansible • ansible-lint • awesome-ci • black • checkmake • eslint • file-lint • gofmt • goimports • golint • jsonlint • phpcbf • phpcs • php-cs-fixer • pycodestyle • pylint • terraform-docs • terragrunt • terragrunt-fmt • yamllint
All #awesome-ci Makefiles
Visit cytopia/makefiles for seamless project integration, minimum required best-practice code linting and CI.
View Dockerfile on GitHub.
Tiny Alpine-based multistage-build dockerized version of Ansible[1] in many different flavours. The image is built nightly against multiple stable versions and pushed to Dockerhub.
[1] Official project: https://github.com/ansible/ansible
The following Ansible Docker images are as small as possible and only contain Ansible itself.
Docker tag | Build from |
---|---|
latest |
Latest stable Ansible version |
2.8 |
Latest stable Ansible 2.8.x version |
2.7 |
Latest stable Ansible 2.7.x version |
2.6 |
Latest stable Ansible 2.6.x version |
2.5 |
Latest stable Ansible 2.5.x version |
2.4 |
Latest stable Ansible 2.4.x version |
2.3 |
Latest stable Ansible 2.3.x version |
The following Ansible Docker images contain everything from Ansible base
and additionally: bash
, git
, gpg
, jq
and ssh
.
Docker tag | Build from |
---|---|
latest-tools |
Latest stable Ansible version |
2.8-tools |
Latest stable Ansible 2.8.x version |
2.7-tools |
Latest stable Ansible 2.7.x version |
2.6-tools |
Latest stable Ansible 2.6.x version |
2.5-tools |
Latest stable Ansible 2.5.x version |
2.4-tools |
Latest stable Ansible 2.4.x version |
2.3-tools |
Latest stable Ansible 2.3.x version |
The following Ansible Docker images contain everything from Ansible tools
and additionally: aws-cli
, boto
, boto3
and botocore
.
Docker tag | Build from |
---|---|
latest-aws |
Latest stable Ansible version |
2.8-aws |
Latest stable Ansible 2.8.x version |
2.7-aws |
Latest stable Ansible 2.7.x version |
2.6-aws |
Latest stable Ansible 2.6.x version |
2.5-aws |
Latest stable Ansible 2.5.x version |
2.4-aws |
Latest stable Ansible 2.4.x version |
2.3-aws |
Latest stable Ansible 2.3.x version |
The following Ansible Docker images contain everything from Ansible aws
and additionally: openshift
and kubectl
.
Docker tag | Build from |
---|---|
latest-awsk8s |
Latest stable Ansible version |
2.8-awsk8s |
Latest stable Ansible 2.8.x version |
2.7-awsk8s |
Latest stable Ansible 2.7.x version |
2.6-awsk8s |
Latest stable Ansible 2.6.x version |
2.5-awsk8s |
Latest stable Ansible 2.5.x version |
2.4-awsk8s |
Latest stable Ansible 2.4.x version |
2.3-awsk8s |
Latest stable Ansible 2.3.x version |
The following Ansible Docker images contain everything from Ansible awsk8s
and additionally: kops
in its latest patch level version.
Docker tag | Build from |
---|---|
latest-awskops1.12 |
Latest stable Ansible version |
2.8-awskops1.12 |
Latest stable Ansible 2.8.x version |
2.7-awskops1.12 |
Latest stable Ansible 2.7.x version |
2.6-awskops1.12 |
Latest stable Ansible 2.6.x version |
2.5-awskops1.12 |
Latest stable Ansible 2.5.x version |
2.4-awskops1.12 |
Latest stable Ansible 2.4.x version |
2.3-awskops1.12 |
Latest stable Ansible 2.3.x version |
Docker tag | Build from |
---|---|
latest-awskops1.11 |
Latest stable Ansible version |
2.8-awskops1.11 |
Latest stable Ansible 2.8.x version |
2.7-awskops1.11 |
Latest stable Ansible 2.7.x version |
2.6-awskops1.11 |
Latest stable Ansible 2.6.x version |
2.5-awskops1.11 |
Latest stable Ansible 2.5.x version |
2.4-awskops1.11 |
Latest stable Ansible 2.4.x version |
2.3-awskops1.11 |
Latest stable Ansible 2.3.x version |
Docker tag | Build from |
---|---|
latest-awskops1.10 |
Latest stable Ansible version |
2.8-awskops1.10 |
Latest stable Ansible 2.8.x version |
2.7-awskops1.10 |
Latest stable Ansible 2.7.x version |
2.6-awskops1.10 |
Latest stable Ansible 2.6.x version |
2.5-awskops1.10 |
Latest stable Ansible 2.5.x version |
2.4-awskops1.10 |
Latest stable Ansible 2.4.x version |
2.3-awskops1.10 |
Latest stable Ansible 2.3.x version |
Docker tag | Build from |
---|---|
latest-awskops1.9 |
Latest stable Ansible version |
2.8-awskops1.9 |
Latest stable Ansible 2.8.x version |
2.7-awskops1.9 |
Latest stable Ansible 2.7.x version |
2.6-awskops1.9 |
Latest stable Ansible 2.6.x version |
2.5-awskops1.9 |
Latest stable Ansible 2.5.x version |
2.4-awskops1.9 |
Latest stable Ansible 2.4.x version |
2.3-awskops1.9 |
Latest stable Ansible 2.3.x version |
Docker tag | Build from |
---|---|
latest-awskops1.8 |
Latest stable Ansible version |
2.8-awskops1.8 |
Latest stable Ansible 2.8.x version |
2.7-awskops1.8 |
Latest stable Ansible 2.7.x version |
2.6-awskops1.8 |
Latest stable Ansible 2.6.x version |
2.5-awskops1.8 |
Latest stable Ansible 2.5.x version |
2.4-awskops1.8 |
Latest stable Ansible 2.4.x version |
2.3-awskops1.8 |
Latest stable Ansible 2.3.x version |
The following Ansible Docker images contain everything from Ansible awsk8s
and additionally: helm
in its latest patch level version.
Docker tag | Build from |
---|---|
latest-awshelm2.14 |
Latest stable Ansible version |
2.8-awshelm2.14 |
Latest stable Ansible 2.8.x version |
2.7-awshelm2.14 |
Latest stable Ansible 2.7.x version |
2.6-awshelm2.14 |
Latest stable Ansible 2.6.x version |
2.5-awshelm2.14 |
Latest stable Ansible 2.5.x version |
2.4-awshelm2.14 |
Latest stable Ansible 2.4.x version |
2.3-awshelm2.14 |
Latest stable Ansible 2.3.x version |
Docker tag | Build from |
---|---|
latest-awshelm2.13 |
Latest stable Ansible version |
2.8-awshelm2.13 |
Latest stable Ansible 2.8.x version |
2.7-awshelm2.13 |
Latest stable Ansible 2.7.x version |
2.6-awshelm2.13 |
Latest stable Ansible 2.6.x version |
2.5-awshelm2.13 |
Latest stable Ansible 2.5.x version |
2.4-awshelm2.13 |
Latest stable Ansible 2.4.x version |
2.3-awshelm2.13 |
Latest stable Ansible 2.3.x version |
Docker tag | Build from |
---|---|
latest-awshelm2.12 |
Latest stable Ansible version |
2.8-awshelm2.12 |
Latest stable Ansible 2.8.x version |
2.7-awshelm2.12 |
Latest stable Ansible 2.7.x version |
2.6-awshelm2.12 |
Latest stable Ansible 2.6.x version |
2.5-awshelm2.12 |
Latest stable Ansible 2.5.x version |
2.4-awshelm2.12 |
Latest stable Ansible 2.4.x version |
2.3-awshelm2.12 |
Latest stable Ansible 2.3.x version |
Docker tag | Build from |
---|---|
latest-awshelm2.11 |
Latest stable Ansible version |
2.8-awshelm2.11 |
Latest stable Ansible 2.8.x version |
2.7-awshelm2.11 |
Latest stable Ansible 2.7.x version |
2.6-awshelm2.11 |
Latest stable Ansible 2.6.x version |
2.5-awshelm2.11 |
Latest stable Ansible 2.5.x version |
2.4-awshelm2.11 |
Latest stable Ansible 2.4.x version |
2.3-awshelm2.11 |
Latest stable Ansible 2.3.x version |
Environment variables are available for all flavours except for Ansible base
.
Variable | Default | Allowed values | Description |
---|---|---|---|
USER |
`` | ansible |
Set this to ansible to have everything run inside the container by the user ansible instead of root |
UID |
1000 |
integer | If your local uid is not 1000 set it to your uid to syncronize file/dir permissions during mounting |
GID |
1000 |
integer | If your local gid is not 1000 set it to your gid to syncronize file/dir permissions during mounting |
The working directory inside the Docker container is /data/
and should be mounted locally to
the root of your project where your Ansible playbooks are.
docker run --rm -v $(pwd):/data cytopia/ansible ansible-playbook playbook.yml
# Use 'ansible' user inside Docker container
docker run --rm \
-e USER=ansible \
-v $(pwd):/data \
cytopia/ansible:latest-tools ansible-playbook playbook.yml
# Use 'ansible' user inside Docker container
# Use custom uid/gid for 'ansible' user inside Docker container
docker run --rm \
-e USER=ansible \
-e MY_UID=1000 \
-e MY_GID=1000 \
-v $(pwd):/data \
cytopia/ansible:latest-tools ansible-playbook playbook.yml
# Ensure to set same uid/gid as on your local system for Docker user
# to prevent permission issues during docker mounts
docker run --rm \
-e USER=ansible \
-e MY_UID=1000 \
-e MY_GID=1000 \
-v ${HOME}/.ssh/:/home/ansible/.ssh/:ro \
-v $(pwd):/data \
cytopia/ansible:latest-tools ansible-playbook playbook.yml
# Ensure to set same uid/gid as on your local system for Docker user
# to prevent permission issues during docker mounts
docker run --rm \
-e USER=ansible \
-e MY_UID=1000 \
-e MY_GID=1000 \
-v ${HOME}/.gnupg/:/home/ansible/.gnupg/ \
-v $(pwd):/data \
cytopia/ansible:latest-tools ansible-playbook playbook.yml
# Ensure to set same uid/gid as on your local system for Docker user
# to prevent permission issues during docker mounts
docker run --rm \
-e USER=ansible \
-e MY_UID=1000 \
-e MY_GID=1000 \
-v $(pwd):/data \
cytopia/ansible:latest-tools ansible-galaxy install -r requirements.yml
# Basic
docker run --rm \
-e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID \
-e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY \
-v $(pwd):/data \
cytopia/ansible:latest-aws ansible-playbook playbook.yml
# With AWS Session Token
docker run --rm \
-e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID \
-e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY \
-e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN \
-v $(pwd):/data \
cytopia/ansible:latest-aws ansible-playbook playbook.yml
# With ~/.aws/ config and credentials directories mounted (read/only)
# If you want to make explicit use of aws profiles, use this variant
# Ensure to set same uid/gid as on your local system for Docker user
# to prevent permission issues during docker mounts
docker run --rm \
-e USER=ansible \
-e MY_UID=1000 \
-e MY_GID=1000 \
-v ${HOME}/.aws/config:/home/ansible/.aws/config:ro \
-v ${HOME}/.aws/credentials:/home/ansible/.aws/credentials:ro \
-v $(pwd):/data \
cytopia/ansible:latest-aws ansible-playbook playbook.yml
Imagine your Ansible vault uses a script to gpg encrypt the passphrase for team members against multiple gpg keys. Using Docker will not allow you to have a popup open where you can enter the gpg key password. To circumvent this, you will need to initialize the gpg key password and then run Ansible.
The following Ansible vault script which can be shows how this is setup:
#!/bin/sh
# Read password from argument
if [ "${#}" -gt "0" ]; then
gpg --pinentry-mode loopback --passphrase "${1}" --decrypt vault/pass.gpg
# Ask for password or use keyring (does not work inside Docker)
else
gpg --batch --use-agent --decrypt vault/pass.gpg
fi
With this in mind the Ansible call would look as follows
# Ensure to set same uid/gid as on your local system for Docker user
# to prevent permission issues during docker mounts
docker run --rm \
-e USER=ansible \
-e MY_UID=1000 \
-e MY_GID=1000 \
-v ${HOME}/.aws/config:/home/ansible/.aws/config:ro \
-v ${HOME}/.aws/credentials:/home/ansible/.aws/credentials:ro \
-v ${HOME}/.gnupg/:/home/ansible/.gnupg/ \
-v $(pwd):/data \
cytopia/ansible:latest-aws \
sh -c './vault/open_vault.sh '''THE_GPG_PASSWORD_HERE'''; ansible-playbook playbook.yml'
- Note 1: the quoting for the GPG password is required in case you are using a
!
as part of the passwort - Note 2: every
$
sign in your GPG password will require 3 backslashes in front of it:\\\$
As the command is getting pretty long, you could wrap it into a Makefile.
ifneq (,)
.error This Makefile requires GNU Make.
endif
.PHONY: dry run
CURRENT_DIR = $(dir $(abspath $(lastword $(MAKEFILE_LIST))))
ANSIBLE = 2.8
UID = 1000
GID = 1000
dry:
ifndef GPG_PASS
docker run --rm \
-e USER=ansible \
-e MY_UID=$(UID) \
-e MY_GID=$(GID) \
-v $${HOME}/.aws/config:/home/ansible/.aws/config:ro \
-v $${HOME}/.aws/credentials:/home/ansible/.aws/credentials:ro \
-v $${HOME}/.gnupg/:/home/ansible/.gnupg/ \
-v $(CURRENT_DIR):/data \
cytopia/ansible:$(ANSIBLE)-aws ansible-playbook playbook.yml --check
else
docker run --rm \
-e USER=ansible \
-e MY_UID=$(UID) \
-e MY_GID=$(GID) \
-v $${HOME}/.aws/config:/home/ansible/.aws/config:ro \
-v $${HOME}/.aws/credentials:/home/ansible/.aws/credentials:ro \
-v $${HOME}/.gnupg/:/home/ansible/.gnupg/ \
-v $(CURRENT_DIR):/data \
cytopia/ansible:$(ANSIBLE)-aws \
sh -c './vault/open_vault.sh '''$(GPG_PASS)'''; ansible-playbook playbook.yml --check'
endif
run:
ifndef GPG_PASS
docker run --rm \
-e USER=ansible \
-e MY_UID=$(UID) \
-e MY_GID=$(GID) \
-v $${HOME}/.aws/config:/home/ansible/.aws/config:ro \
-v $${HOME}/.aws/credentials:/home/ansible/.aws/credentials:ro \
-v $${HOME}/.gnupg/:/home/ansible/.gnupg/ \
-v $(CURRENT_DIR):/data \
cytopia/ansible:$(ANSIBLE)-aws ansible-playbook playbook.yml
else
docker run --rm \
-e USER=ansible \
-e MY_UID=$(UID) \
-e MY_GID=$(GID) \
-v $${HOME}/.aws/config:/home/ansible/.aws/config:ro \
-v $${HOME}/.aws/credentials:/home/ansible/.aws/credentials:ro \
-v $${HOME}/.gnupg/:/home/ansible/.gnupg/ \
-v $(CURRENT_DIR):/data \
cytopia/ansible:$(ANSIBLE)-aws \
sh -c './vault/open_vault.sh '''$(GPG_PASS)'''; ansible-playbook playbook.yml'
endif
Then you can call it easily:
# With GPG password
make dry GPG_PASS='THE_GPG_PASSWORD_HERE'
make run GPG_PASS='THE_GPG_PASSWORD_HERE'
# Without GPG password
make dry
make run
# With different Ansible version
make dry ANSIBLE=2.6
make run ANSIBLE=2.6
# With different uid/gid
make dry UID=1001 GID=1001
make run UID=1001 GID=1001
- Note: every
$
sign in your GPG password will require 3 backslashes in front of it:\\\$
Related #awesome-ci projects
Save yourself from installing lot's of dependencies and pick a dockerized version of your favourite linter below for reproducible local or remote CI tests:
GitHub | DockerHub | Type | Description |
---|---|---|---|
awesome-ci | Basic | Tools for git, file and static source code analysis | |
file-lint | Basic | Baisc source code analysis | |
jsonlint | Basic | Lint JSON files [1] | |
yamllint | Basic | Lint Yaml files | |
ansible | Ansible | Multiple versions and flavours of Ansible | |
ansible-lint | Ansible | Lint Ansible | |
gofmt | Go | Format Go source code [1] | |
goimports | Go | Format Go source code [1] | |
golint | Go | Lint Go code | |
eslint | Javascript | Lint Javascript code | |
checkmake | Make | Lint Makefiles | |
phpcbf | PHP | PHP Code Beautifier and Fixer | |
phpcs | PHP | PHP Code Sniffer | |
php-cs-fixer | PHP | PHP Coding Standards Fixer | |
black | Python | The uncompromising Python code formatter | |
pycodestyle | Python | Python style guide checker | |
pylint | Python | Python source code, bug and quality checker | |
terraform-docs | Terraform | Terraform doc generator (TF 0.12 ready) [1] | |
terragrunt | Terraform | Terragrunt and Terraform | |
terragrunt-fmt | Terraform | terraform fmt for Terragrunt files [1] |
[1] Uses a shell wrapper to add enhanced functionality not available by original project.
Visit cytopia/makefiles for dependency-less, seamless project integration and minimum required best-practice code linting for CI. The provided Makefiles will only require GNU Make and Docker itself removing the need to install anything else.
Copyright (c) 2019 cytopia