Skip to content

Instantly share code, notes, and snippets.

@davidjeddy

davidjeddy/IAC tool install

Last active October 24, 2022 08:22
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save davidjeddy/3f85e47ba81da6de58187638ce03c1b1 to your computer and use it in GitHub Desktop.
Save davidjeddy/3f85e47ba81da6de58187638ce03c1b1 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
IAC tool install
#!/bin/bash -e
# Tested on
# Ubuntu 18.x, 20.x, 22.x, YMMV
# Need testers for
# Test on RHEL/CentOS/
# usage install.sh PLATFORM ARCH
# example install.sh
# example install.sh linux arm32
# example install.sh darwin amd64
# vars
ARCH="${2}"
PLATFORM="${1}"
# source https://github.com/infracost/infracost/releases
INFRACOST_VER=0.10.13
# source https://github.com/hashicorp/packer/releases
PKR_VER=1.8.3
# https://github.com/hashicorp/terraform/releases
TF_VER=1.3.3
# https://github.com/aquasecurity/tfsec/releases
TFSEC_VER=1.28.0
# https://github.com/gruntwork-io/terragrunt/releases
TG_VER=0.39.2
# https://github.com/tenable/terrascan/releases
TRSCAN=1.16.0
PROJECT_ROOT=$(pwd)
# argument defaults
if [[ "${1}" == "" ]]
then
PLATFORM="linux"
fi
if [[ "${2}" == "" ]]
then
ARCH="amd64"
fi
# logic
if [[ $(which apt) ]]
then
printf "INFO: Updating and installing system tools via apt."
sudo apt-get update -y
sudo apt-get install -y \
awscli \
ca-certificates \
curl \
git \
gnupg \
golang-go \
jq \
lsb-release \
unzip
sudo apt install -y software-properties-common
sudo add-apt-repository ppa:deadsnakes/ppa -y
sudo apt-get install -y python3
sudo apt-get install -y python3-pip
# for docker re/install
sudo apt-get remove -y \
docker \
docker.io \
containerd \
runc
elif [[ $(which yum) ]]
then
printf "INFO: Updating and installing system tools via yum."
sudo yum update -y
sudo yum install -y \
awscli \
git \
golang-go \
jq \
unzip \
yum-utils
sudo yum install -y python3
sudo yum install -y python3-pip
sudo yum-config-manager \
--add-repo \
https://download.docker.com/linux/rhel/docker-ce.repo
# for docker re/install
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-engine \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
podman \
runc
else
printf "INFO: Unable to determine system package manager, exiting."
exit 1
fi
printf "INFO: Switching to .tmp/."
mkdir -p .tmp || true
cd .tmp/ || exit
# tool install
if [[ ! $(which checkov) ]]
then
python3 -m pip install -U checkov #to install or upgrade checkov)
fi
# Todo Currently Docker is installed via OS package manager, can we do it via binaries like the other tools?
if [[ ! $(which docker) && $(which apt) ]]
then
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update -y
sudo apt-get install -y \
docker-ce \
docker-ce-cli \
containerd.io \
docker-compose-plugin
elif [[ ! $(which docker) && $(which yum) ]]
then
sudo yum install-y \
containerd.io \
docker-ce \
docker-ce-cli\
docker-compose-plugin
fi
if [[ ! $(which tfenv) ]]
then
printf "INFO: Installing tfenv."
git clone https://github.com/tfutils/tfenv.git ~/.tfenv
printf "INFO: export PATH=\"%s/.tfenv/bin:%s\"" "$HOME" "$PATH" >> ~/.bash_profile
sudo ln -sfn ~/.tfenv/bin/* /usr/local/bin
printf "INFO: Installing Terraform via tfenv ."
tfenv install ${TF_VER}
echo "${TF_VER}" > ~/.tfenv/version
fi
if [[ ! $(which tgenv) ]]
then
printf "INFO: Installing tgenv."
git clone https://github.com/cunymatthieu/tgenv.git ~/.tgenv
sudo ln -s ~/.tgenv/bin/* /usr/local/bin
printf "INFO: Installing Terragrunt via tgenv."
tgenv install ${TG_VER}
tgenv use ${TG_VER}
fi
if [[ ! $(which packer) ]]
then
printf "INFO: Installing Packer."
curl -L "https://releases.hashicorp.com/packer/${PKR_VER}/packer_${PKR_VER}_${PLATFORM}_${ARCH}.zip" -o "packer_${PKR_VER}_${PLATFORM}_${ARCH}.zip"
unzip "packer_${PKR_VER}_${PLATFORM}_${ARCH}.zip"
sudo install packer /usr/local/bin
rm -rf packer*
fi
# this is a problem child. Different platform/arch naming, different CLI arg format
if [[ ! $(which terrascan) ]]
then
printf "INFO: Installing terrascan."
curl -L "https://github.com/tenable/terrascan/releases/download/v${TRSCAN}/terrascan_${TRSCAN}_${PLATFORM^}_x86_64.tar.gz" -o terrascan.tar.gz
tar -xf terrascan.tar.gz terrascan
sudo install terrascan /usr/local/bin
rm -rf terrascan*
fi
if [[ ! $(which tfsec) ]]
then
printf "INFO: Installing tfsec."
curl -L "https://github.com/liamg/tfsec/releases/download/v${TFSEC_VER}/tfsec-${PLATFORM}-${ARCH}" -o "tfsec-${PLATFORM}-${ARCH}"
sudo install "tfsec-${PLATFORM}-${ARCH}" /usr/local/bin/tfsec
rm -rf tfsec*
fi
if [[ ! $(which infracost) ]]
then
printf "INFO: Installing infracost."
curl -L "https://github.com/infracost/infracost/releases/download/v${INFRACOST_VER}/infracost-${PLATFORM}-${ARCH}.tar.gz" -o infracost.tar.gz
tar -xf infracost.tar.gz
sudo install infracost-${PLATFORM}-${ARCH} /usr/local/bin/infracost
rm -rf infracost*
fi
if [[ ! $(which tflint) ]]
then
curl -s https://raw.githubusercontent.com/terraform-linters/tflint/master/install_linux.sh | bash
tflint --init
fi
printf "INFO: Tool version."
aws --version
git --version
infracost --version
packer --version
pip3 --version
python3 --version
terraform --version
terragrunt --version
terrascan version
tfenv --version
printf "INFO: Installing Git hooks."
cd "$PROJECT_ROOT" || exit
cp -f .git/hooks/pre-commit.dist .git/hooks/pre-commit
printf "INFO: Done."
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment