cyclenerd/cloud-tools-container
📦 Ready-to-use image with cloud tools (AWS CLI, Google Cloud CLI, Terraform, Packer, Ansible)
986
Ready-to-use Docker container image for AWS CodeBuild/CodePipeline, Bitbucket Pipelines, CircleCI, GitHub Actions, GitLab runner jobs and Google Cloud Build.
Image:
cyclenerd/cloud-tools-container:latest
Multiarch support:
amd64
: Intel or AMD 64-Bit CPU (x86-64)arm64
: Arm-based 64-Bit CPU (i.e. Apple silicon, AWS Graviton, Ampere Altra)This project uses GitHub Actions for automated builds and deployments. The image is regularly rebuilt on the 15th of each month.
This Docker container image is based on the Ubuntu 24.04 release (ubuntu:noble
).
The following software is included and tested:
ansible
and ansible-playbook
)aws
)firebase
)fuego
)hcloud
)gcr-cleaner-cli
)gcloud
, gsutil
and bq
)opa
)packer
)shellcheck
)skopeo
)terraform
)
terraform-docs
)terragrunt
)tflint
)tfsec
)helm
)kubectl
)vault
)bash
)apt
, apt-get
)gcc
make
)curl
)dig
)figlet
)git
)jq
)mutt
)node
)
npm
)openssl
)ssh
)perl
)
cpanm
)python3
)
pip3
)go
)tar
)unzip
)zip
)Runs a command in the container, pulling the image if needed and starting the container.
Docker run command:
docker run cyclenerd/cloud-tools-container:latest aws --version
Podman run command:
podman run docker.io/cyclenerd/cloud-tools-container:latest aws --version
Example configurations for various CI/CD tools.
AWS CodeBuild configuration:
{
"environment": {
"type": "LINUX_CONTAINER",
"image": "cyclenerd/cloud-tools-container:latest",
"computeType": "BUILD_GENERAL1_SMALL"
},
}
Google Cloud Build (cloudbuild.yaml
) configuration file:
steps:
- name: 'cyclenerd/cloud-tools-container:latest'
entrypoint: 'gcloud'
args: ['--version']
Google Cloud Service Account Key
GitLab CI/CD (.gitlab-ci.yml
) configuration with Google Cloud Service Account Key:
variables:
GOOGLE_APPLICATION_CREDENTIALS: "/tmp/service_account_key.json"
default:
image: cyclenerd/cloud-tools-container:latest
before_script:
# Login
- echo "$YOUR_GOOGLE_CLOUD_SERVICE_ACCOUNT_KEY" > "$GOOGLE_APPLICATION_CREDENTIALS"
- gcloud auth activate-service-account --key-file="$GOOGLE_APPLICATION_CREDENTIALS"
stages:
- auth
gcloud-auth-list:
stage: auth
script:
- gcloud auth list
Google Cloud Workload Identity Federation
GitLab CI/CD (.gitlab-ci.yml
) configuration with Google Cloud Workload Identity Federation login:
variables:
WIF_PROVIDER: projects/1057256049272/locations/global/workloadIdentityPools/gitlab-com/providers/gitlab-com-oidc
SERVICE_ACCOUNT: gitlab-ci@nkn-it-wif-demo.iam.gserviceaccount.com
GOOGLE_CREDENTIALS: gcp_temp_cred.json
default:
image: cyclenerd/cloud-tools-container:latest
before_script:
# Login
- echo "${CI_JOB_JWT_V2}" > gitlab_jwt_token.txt
- gcloud iam workload-identity-pools create-cred-config "${WIF_PROVIDER}"
--service-account="${SERVICE_ACCOUNT}"
--output-file=${GOOGLE_CREDENTIALS}
--credential-source-file=gitlab_jwt_token.txt
- gcloud config set auth/credential_file_override "${GOOGLE_CREDENTIALS}"
stages:
- auth
gcloud-auth-list:
stage: auth
script:
- gcloud auth list
Google Cloud Workload Identity Federation
Bitbucket pipeline configuration (bitbucket-pipelines.yml
) with Google Cloud Workload Identity Federation login:
image: cyclenerd/cloud-tools-container:latest
pipelines:
default:
- step:
name: "Workload Identity Federation"
# Enable OIDC
oidc: true
max-time: 5
script:
# Set variables
- export WIF_PROVIDER='projects/753695557698/locations/global/workloadIdentityPools/bitbucket-org/providers/bitbucket-org-oidc'
- export SERVICE_ACCOUNT='bitbucket-pipeline@nkn-it-wif-demo-0.iam.gserviceaccount.com'
- export GOOGLE_CREDENTIALS='gcp_temp_cred.json'
# Configure Workload Identity Federation via a credentials file.
- echo ${BITBUCKET_STEP_OIDC_TOKEN} > .ci_job_jwt_file
- gcloud iam workload-identity-pools create-cred-config "${WIF_PROVIDER}"
--service-account="${SERVICE_ACCOUNT}"
--output-file="${GOOGLE_CREDENTIALS}"
--credential-source-file=.ci_job_jwt_file
- gcloud config set auth/credential_file_override "${GOOGLE_CREDENTIALS}"
# Now you can run gcloud commands authenticated as the impersonated service account.
GitHub Actions configuration:
jobs:
cloud-tools-container:
runs-on: 'ubuntu-latest'
# Use container to run the steps in a job
container:
image: 'docker://cyclenerd/cloud-tools-container:latest'
steps:
- name: "Terraform"
run: terraform --version
CircleCI configuration:
jobs:
cloud-tools-container:
docker:
- image: cyclenerd/cloud-tools-container:latest
steps:
- run:
name: Google Cloud CLI
command: gcloud --version
docker pull cyclenerd/cloud-tools-container