Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Run Atlantis on ECS with git-crypt
workflows:
decrypt:
plan:
steps:
- run: git-crypt unlock /tmp/<your-git-crypt-exported-key>
- init
- plan
# This Dockerfile is intended to be uploaded to a PRIVATE repository.
# This method involves copying the git-crypt key into this image,
# which will allow one to use a custom workflow in Atlantis
# to decrypt before running init/plan/apply.
FROM runatlantis/atlantis
ENV GIT_CRYPT_VERSION 0.6.0
RUN apk --update add \
bash \
curl \
git \
g++ \
make \
openssh \
openssl \
openssl-dev \
&& rm -rf /var/cache/apk/*
RUN curl -L https://github.com/AGWA/git-crypt/archive/$GIT_CRYPT_VERSION.tar.gz | tar zxv -C /var/tmp
RUN cd /var/tmp/git-crypt-$GIT_CRYPT_VERSION && make && make install PREFIX=/usr/local
COPY <your-git-crypt-exported-key> /tmp/.
CMD ["server"]
#!/bin/bash
AWS_REGION=<region>
AWS_ACCOUNT_ID=<your_account_id>
AWS_ECR_DOMAIN=$AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com
if [ -z "$1" ]; then
echo "Must provide Docker image ID as first argument!"
fi
# Spits out the docker login command for you, so just run the output:
$(AWS_PROFILE=master aws ecr get-login --region $AWS_REGION --no-include-email)
# Tag & push, boys:
docker tag $1 $AWS_ECR_DOMAIN/atlantis:latest
docker push $AWS_ECR_DOMAIN/atlantis:latest
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment