An opinionated, cross-platform DevOps tool installer and dotfile manager. Downloads and installs 61 pre-built CLI binaries (no package manager required) and manages shell/editor configuration via symlinks. One command to bootstrap a fully-configured development workstation.
Powered by eget for reliable binary downloads from GitHub releases.
- Why devops-starter?
- Quick Install
- Build from Source
- Usage
- Configuration
- How Installation Works
- Tool Catalog
- Dotfiles
- Project Structure
- Development
- Contributing
- License
Setting up a new machine (or a CI runner) with a consistent DevOps toolchain is tedious: different package managers, outdated repos, manual binary downloads, and scattered dotfiles.
devops-starter solves this by:
- Using eget to download tools directly from upstream releases -- no Homebrew, apt, or pacman needed.
- Verifying downloads with SHA256 checksums (via eget or built-in verification).
- Running downloads concurrently with progress bars.
- Managing dotfiles (shell, git, tmux, starship, Neovim) via symlinks with automatic backup.
- Providing a single YAML config to control everything.
curl -fsSL https://raw.githubusercontent.com/omargallob/devops-starter/main/scripts/install.sh | shThis detects your OS and architecture, downloads the correct binary, and places it in ~/.local/bin.
Make sure ~/.local/bin is in your $PATH.
- Go 1.26+
- (Optional) Bazel 9 (installed via Bazelisk) for hermetic builds
make build # compile for current platform
make test # run tests with race detector
make lint # golangci-lint + shellcheck
make install # build and copy to ~/.local/bin
make help # list all available targetsbazel build //cmd/devops-starter
bazel test //...
make bazel-release # cross-compile all platforms# Interactive wizard: groups, install dir, dotfiles
devops-starter setup
# Non-interactive (uses existing config or defaults)
devops-starter setup --non-interactiveSee docs/setup.md for a detailed walkthrough of each wizard screen.
# Install all enabled tools for your platform
devops-starter install
# Preview without installing
devops-starter install --dry-run
# Install only a specific group
devops-starter install --only kubernetes# Show all tools with installation status
devops-starter list# Adopt a specific tool already on your system
devops-starter adopt kubectl helm
# Adopt all detected system tools
devops-starter adopt --all-detected# Remove managed binaries (reverts to system version if available)
devops-starter remove terraform packer# Launch interactive full-screen TUI showing tool state
devops-starter status
# Plain text output (CI-friendly)
devops-starter status --no-tui
# Detect actual installed versions
devops-starter status --verifyThe TUI features:
- Full-screen layout that adapts to terminal size
- Category-based navigation with install/remove/verify actions
- Status bar showing the running version and update availability
- Automatic update check (non-blocking) against GitHub Releases
# Create symlinks from repo dotfiles to $HOME
devops-starter dotfiles link
# Remove symlinks managed by devops-starter
devops-starter dotfiles unlink
# Show current symlink status
devops-starter dotfiles status
# Specify a custom dotfiles source directory
devops-starter dotfiles link --source /path/to/dotfiles# Verify PATH, git, curl, and platform detection
devops-starter doctor# Create default config at ~/.config/devops-starter/config.yaml
devops-starter config init
# Show current configuration
devops-starter config show| Flag | Description |
|---|---|
--config <path> |
Use a custom config file |
--dry-run |
Preview actions without executing |
--yes, -y |
Skip confirmation prompts |
The config file lives at ~/.config/devops-starter/config.yaml (respects $XDG_CONFIG_HOME).
# Where binaries are installed (must be in $PATH)
install_dir: ~/.local/bin
# Enable or disable tool groups
groups:
languages: true
containers: true
kubernetes: true
infra: true
cloud: true
rust_tools: true
utilities: true
# Per-tool overrides
overrides:
terraform:
version: "1.7.5" # Pin a specific version
aws-cli:
disabled: true # Skip this tool entirelyRun devops-starter config init to generate the default config.
devops-starter uses eget under the hood to handle binary downloads, archive extraction, and platform detection. eget is automatically bootstrapped on first run if not already present.
Every tool in the catalog has an InstallMode that determines how it is installed:
| Mode | Description | Used by |
|---|---|---|
eget |
Downloads from a GitHub release using eget <owner/repo>. eget automatically detects the correct asset for your OS/architecture and extracts the binary. |
53 tools (k9s, fzf, ripgrep, lazygit, gh, etc.) |
eget-url |
Downloads from a direct URL using eget <url>. Used for tools hosted outside GitHub releases but still downloadable as a single archive or binary. |
8 tools (kubectl, helm, terraform, vault, consul, packer, age, firebase-cli) |
custom |
Uses a legacy download/extract pipeline for tools that require post-install scripts or produce multiple binaries. | 5 tools (aws-cli, azure-cli, gcloud-cli, docker, pulumi) |
mise |
Delegates entirely to mise for language runtime management. | Dynamic (from .mise.toml: go, python, node, etc.) |
For tools using eget mode, the installer runs:
eget <owner/repo> --tag v<version> --to <install-dir> [--asset <pattern>] [--file <binary>] [-q]
eget handles:
- Matching the correct release asset for your OS and architecture
- Downloading with HTTPS
- Extracting tar.gz, tar.xz, zip archives (or placing raw binaries)
- Finding the correct binary inside nested archive directories
For tools not on GitHub (HashiCorp CDN, dl.k8s.io, etc.), the URL is resolved via a Go template and passed to eget:
eget <resolved-url> --to <install-dir> [--file <binary>] [-q]
For the 5 tools requiring special handling (post-install scripts, multi-binary archives), devops-starter falls back to its built-in pipeline: download, verify checksum, extract archive, run post-install command.
When adding a tool to the registry, set the appropriate InstallMode:
// GitHub release (most common)
&tooldef.Tool{
Name: "mytool",
Version: "1.2.3",
InstallMode: tooldef.InstallModeEget,
Repo: "owner/mytool",
Asset: "*linux*", // optional: narrow asset selection
}
// Direct URL (non-GitHub CDN)
&tooldef.Tool{
Name: "mytool",
Version: "1.2.3",
InstallMode: tooldef.InstallModeEgetURL,
Format: tooldef.FormatZip,
URLTemplate: "https://releases.example.com/mytool/{{.Version}}/mytool_{{.OS}}_{{.Arch}}.zip",
}See CONTRIBUTING.md for the full guide.
61 tools across 7 groups:
| Group | Tools |
|---|---|
| languages | mise, + all runtimes from .mise.toml (e.g., go, python, node) |
| containers | docker, docker-compose, nerdctl |
| kubernetes | kubectl, helm, kustomize, k9s, kubectx, kubens, stern, argocd, flux, istioctl, cilium, kind, kubeseal, velero |
| infra | terraform, opentofu, pulumi, packer, vault, consul |
| cloud | aws-cli, eksctl |
| rust-tools | bat, eza, fd, ripgrep, delta, zoxide, starship, tokei, hyperfine, procs, bottom, gitui, dust, bandwhich, sd, tealdeer, xh, yazi, atuin, zellij, just, watchexec |
| utilities | jq, yq, fzf, direnv, age, sops, gh, trivy, lazygit, shellcheck, shfmt, task, neovim |
Most tools provide pre-built binaries for all four platforms. Exceptions:
| Tool | linux/amd64 | linux/arm64 | darwin/amd64 | darwin/arm64 |
|---|---|---|---|---|
| bat | yes | yes | yes | - |
| dust | yes | yes | yes | - |
| tokei | yes | yes | yes | - |
| procs | - | - | yes | yes |
| neovim | yes | - | yes | yes |
| trivy | yes | yes | yes | yes |
All other tools support linux/amd64, linux/arm64, darwin/amd64, and darwin/arm64.
Want a tool added? See CONTRIBUTING.md for how to add tools to the registry.
The dotfiles/ directory contains managed configuration files:
| Directory | Contents |
|---|---|
zsh/ |
.zshrc, .zprofile |
bash/ |
.bashrc, .bash_profile |
shared/ |
Common aliases, environment variables, functions (sourced by both shells) |
git/ |
.gitconfig (delta pager, histogram diff, rebase-on-pull), .gitignore_global |
tmux/ |
.tmux.conf (Ctrl+a prefix, vim-style navigation) |
starship/ |
starship.toml (DevOps-focused prompt with k8s, AWS, terraform context) |
nvim/ |
init.lua + lazy.nvim plugin setup |
Shell configs replace common coreutils with Rust alternatives (ls->eza, cat->bat, grep->rg, find->fd) and initialise starship, zoxide, direnv, atuin, and mise.
When linking, existing files are backed up to ~/.dotfiles.bak before being replaced with symlinks.
cmd/devops-starter/ Entry point (main package)
internal/
cli/ Cobra commands: setup, install, list, adopt, remove, status, dotfiles, doctor, config
config/ YAML configuration loading/saving
dotfiles/ Symlink manager with backup/restore
installer/ Install orchestration: eget backend, bootstrap, and legacy custom pipeline
platform/ OS/arch/distro detection
registry/ Tool definitions organised by group (with InstallMode annotations)
state/ Persistent state store for managed tools
tui/ Bubbletea interactive UI (full-screen, status bar, update check)
updater/ Async update checker (GitHub Releases API)
pkg/tooldef/ Public types: Tool, Platform, Group, ArchiveFormat, InstallMode
configs/ Default config template
docs/ Documentation (setup wizard walkthrough, etc.)
dotfiles/ Managed dotfiles (shell, git, tmux, starship, nvim)
scripts/ Bootstrap install script
oci/ Container test image definitions (Ubuntu, Arch)
platforms/ Bazel cross-compilation platform configs
bazel/ Custom Bazel rules (shellcheck, golangci-lint) and macros
.github/workflows/ CI, release, and PR title enforcement workflows
make help # list all targets
make check # fmt + vet + lint + test (full local validation)
make test-coverage # tests with coverage report
make release # cross-compile release binaries
make gazelle # regenerate Bazel BUILD files
make setup # install dev tools and pre-commit hooksSee CONTRIBUTING.md for the full development guide and ARCHITECTURE.md for design decisions.
Contributions are welcome. Please read CONTRIBUTING.md before submitting a PR.
MIT - Copyright (c) 2026 Omar Gallo