The dwmkerr/terraform-ci Dockerfile provides a useful baseline image for run Terraform related CI tasks.
You can use this image to run CI pipelines which build infrastructure. There is a more detailed article describing this approach on the way, which uses a CI build for dwmkerr/terraform-aws-openshift as an example.
The image is based on Debian Stretch (specifically the official debian:stretch image).
This image contains a number of tools which are useful when working with Terraform.
All baseline Debian stretch tools, as well as tools needed by CircleCI 2 images, and some useful utilities:
makewgetgitsshtargzipunzipca-certificatescurlshellcheck
Terraform, Terraform Lint and Checkov:
terraform(0.13)tflint(0.18)checkov(latest)
Cloud CLIs which are for Terraform Backends
aws(1.16)az(latest)
The code is structured like this:
Dockerfile # the important thing, the actual dockerfile
makefile # commands to build, test deploy etc
test.sh # a simple test script
package.json # used for versioning only
The makefile contains commands to build, test and deploy. Parameters can be passed as environment variables or through the command-line.
| Command | Notes |
|---|---|
make build |
Builds the image dwmkerr/terraform-ci:latest and dwmkerr/terraform-ci:<version>. The version is loaded from package.json. |
make test |
Runs the test scripts. |
make deploy |
Deploys the images to the docker hub. If you are not logged in, you're gonna have a bad time. |
The tests are simple bash scripts which check for basic capabilities which relate to the image. Essentially, this means they'll test the tools are installed.
To create a release:
- Merge your work to master
- Use
npm run releaseto bump and update the changelog - Push and deploy
git push --follow-tags
A package.json file is used to store the version number, however the project has no other dependencies on Node.js than this part of the release process. It is just allows for convenient management of a CHANGELOG.md file and the version by using standard-version.