Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

@naviat

naviat/Dockerfile

Forked from angeloskaltsikis/Dockerfile
Created May 27, 2022 07:41
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save naviat/7149e533f61562c4de57c034d0e6972e to your computer and use it in GitHub Desktop.
Save naviat/7149e533f61562c4de57c034d0e6972e to your computer and use it in GitHub Desktop.
Download ZIP
A wrapper to make Terragrunt less verbose (both plan & apply supported). Also includes all the files required to efficiently run Terragrunt with Atlantis.
Raw
Dockerfile
ARG atlantis_version=v0.15.0
FROM runatlantis/atlantis:${atlantis_version}
LABEL maintainer="Beat DevOps Team"
LABEL description="thebeat.co atlantis image used in IaC CI/CD!"
LABEL version="0.2"
# https://github.com/gruntwork-io/terragrunt/releases
ARG terragrunt_version=v0.25.1
ARG terragrunt_sha256sum=533f43ece374476efc8bbe4eea9395892dfcd9e4f1ae033cdd6855c227632f31
ARG terragrunt_uri=https://github.com/gruntwork-io/terragrunt/releases/download/${terragrunt_version}/terragrunt_linux_amd64
# Custom fork of https://github.com/transcend-io/terragrunt-atlantis-config for linux_amd64 binary
ARG terragrunt_atlantis_config_version=0.8.0
ARG terragrunt_atlantis_config_sha256sum=3b146cdba021410a5f6de836c29da9546c3424cd55c060722fed5a724a01236b
# This is a fork of the original project because it doesn't support Linux AMD64 Binary yet. It will be changed as soon as the repo supports it.
ARG terragrunt_atlantis_config_uri=https://github.com/angeloskaltsikis/terragrunt-atlantis-config/releases/download/v${terragrunt_atlantis_config_version}/terragrunt-atlantis-config_${terragrunt_atlantis_config_version}_linux_amd64.tar.gz
# https://releases.hashicorp.com/terraform-provider-aws
ARG terraform_provider_aws_version=3.8.0
ARG terraform_provider_aws_sha256sum=d931d23ad961616f1ad437b48cb4ad147b3b68fedf8d1b541ab6c5e49eacb32c
ARG terraform_provider_aws_uri=https://releases.hashicorp.com/terraform-provider-aws/${terraform_provider_aws_version}/terraform-provider-aws_${terraform_provider_aws_version}_linux_amd64.zip
# https://releases.hashicorp.com/terraform-provider-github
ARG terraform_provider_github_version=2.9.1
ARG terraform_provider_github_sha256sum=f9f4ee5444d58ed94f608ed580feccded225a6e26899f016b1013a388dc3cce5
ARG terraform_provider_github_uri=https://releases.hashicorp.com/terraform-provider-github/${terraform_provider_github_version}/terraform-provider-github_${terraform_provider_github_version}_linux_amd64.zip
# https://github.com/Mongey/terraform-provider-kafka
ARG terraform_provider_kafka_version=0.2.10
ARG terraform_provider_kafka_sha256sum=8faa5fca58cc8c73a604e097dc8d205d521141db0db25747b874e4d65a1680db
ARG terraform_provider_kafka_uri=https://github.com/Mongey/terraform-provider-kafka/releases/download/v${terraform_provider_kafka_version}/terraform-provider-kafka_${terraform_provider_kafka_version}_linux_amd64.zip
# https://releases.hashicorp.com/terraform-provider-random
ARG terraform_provider_random_version=2.2.1
ARG terraform_provider_random_sha256sum=7fa7737661380d18cba3cdc71c4ec6f2fd281b9d61112f6b48d06ca8bbf97771
ARG terraform_provider_random_uri=https://releases.hashicorp.com/terraform-provider-random/${terraform_provider_random_version}/terraform-provider-random_${terraform_provider_random_version}_linux_amd64.zip
# Downloads multiple custom dependencies we have for our Atlantis Installation
RUN AVAILABLE_TERRAFORM_VERSIONS="0.12.26 0.12.28 0.13.2" && \
# Fetch all Terraform Versions described in the AVAILABLE_TERRAFORM_VERSIONS
for VERSION in ${AVAILABLE_TERRAFORM_VERSIONS}; do \
curl -LOs https://releases.hashicorp.com/terraform/${VERSION}/terraform_${VERSION}_linux_amd64.zip && \
curl -LOs https://releases.hashicorp.com/terraform/${VERSION}/terraform_${VERSION}_SHA256SUMS && \
sed -n "/terraform_${VERSION}_linux_amd64.zip/p" terraform_${VERSION}_SHA256SUMS | sha256sum -c && \
mkdir -p /usr/local/bin/tf/versions/${VERSION} && \
unzip terraform_${VERSION}_linux_amd64.zip -d /usr/local/bin/tf/versions/${VERSION} && \
ln -s /usr/local/bin/tf/versions/${VERSION}/terraform /usr/local/bin/terraform${VERSION} && \
rm terraform_${VERSION}_linux_amd64.zip && \
rm terraform_${VERSION}_SHA256SUMS; \
done && \
# Fetch Terragrunt
wget --directory-prefix=/tmp ${terragrunt_uri} && \
echo "${terragrunt_sha256sum} /tmp/terragrunt_linux_amd64" | sha256sum -c - && \
cp /tmp/terragrunt_linux_amd64 /usr/local/bin/terragrunt && \
chmod +x /usr/local/bin/terragrunt && \
rm /tmp/terragrunt_linux_amd64 && \
# Fetch Terragrunt NodeJS Wrapper Dependencies
apk add --update nodejs npm && \
npm install shelljs path && \
# Fetch Terragrunt Atlantis Config Generator
wget --directory-prefix=/tmp ${terragrunt_atlantis_config_uri} && \
echo "${terragrunt_atlantis_config_sha256sum} /tmp/terragrunt-atlantis-config_${terragrunt_atlantis_config_version}_linux_amd64.tar.gz" | sha256sum -c - && \
cd /tmp && tar -zxvf terragrunt-atlantis-config_${terragrunt_atlantis_config_version}_linux_amd64.tar.gz && \
cp /tmp/terragrunt-atlantis-config_${terragrunt_atlantis_config_version}_linux_amd64/terragrunt-atlantis-config_${terragrunt_atlantis_config_version}_linux_amd64 /usr/local/bin/terragrunt-atlantis-config && \
chmod +x /usr/local/bin/terragrunt-atlantis-config && \
# Terraform Providers
mkdir -p /home/atlantis/terraform-providers && \
mkdir -p /home/atlantis/.terraform.d/plugins/ && \
# Fetch Terraform AWS Provider (Both for TF 0.12 & TF 0.13)
wget --directory-prefix=/tmp ${terraform_provider_aws_uri} && \
echo "$terraform_provider_aws_sha256sum terraform-provider-aws_${terraform_provider_aws_version}_linux_amd64.zip" | sha256sum -c - && \
cd /tmp && unzip terraform-provider-aws_${terraform_provider_aws_version}_linux_amd64.zip && \
chmod +x terraform-provider-aws_v${terraform_provider_aws_version}_x5 && \
cp terraform-provider-aws_v${terraform_provider_aws_version}_x5 /home/atlantis/terraform-providers && \
ln -s /home/atlantis/terraform-providers/terraform-provider-aws_v${terraform_provider_aws_version}_x5 /home/atlantis/.terraform.d/plugins/terraform-provider-aws && \
mkdir -p /home/atlantis/.terraform.d/plugins/registry.terraform.io/hashicorp/aws/${terraform_provider_aws_version}/linux_amd64/ && \
mkdir -p /home/atlantis/.terraform.d/plugins/registry.terraform.io/-/aws/${terraform_provider_aws_version}/linux_amd64/ && \
ln -s /home/atlantis/terraform-providers/terraform-provider-aws_v${terraform_provider_aws_version}_x5 /home/atlantis/.terraform.d/plugins/registry.terraform.io/hashicorp/aws/${terraform_provider_aws_version}/linux_amd64/terraform-provider-aws_v${terraform_provider_aws_version} && \
ln -s /home/atlantis/terraform-providers/terraform-provider-aws_v${terraform_provider_aws_version}_x5 /home/atlantis/.terraform.d/plugins/registry.terraform.io/-/aws/${terraform_provider_aws_version}/linux_amd64/terraform-provider-aws_v${terraform_provider_aws_version} && \
# Fetch Terraform Github Provider (Both for TF 0.12 & TF 0.13)
wget --directory-prefix=/tmp ${terraform_provider_github_uri} && \
echo "$terraform_provider_github_sha256sum terraform-provider-github_${terraform_provider_github_version}_linux_amd64.zip" | sha256sum -c - && \
cd /tmp && unzip terraform-provider-github_${terraform_provider_github_version}_linux_amd64.zip && \
chmod +x terraform-provider-github_v${terraform_provider_github_version}_x4 && \
cp terraform-provider-github_v${terraform_provider_github_version}_x4 /home/atlantis/terraform-providers && \
ln -s /home/atlantis/terraform-providers/terraform-provider-github_v${terraform_provider_github_version}_x4 /home/atlantis/.terraform.d/plugins/terraform-provider-github && \
mkdir -p /home/atlantis/.terraform.d/plugins/registry.terraform.io/hashicorp/google/${terraform_provider_github_version}/linux_amd64/ && \
mkdir -p /home/atlantis/.terraform.d/plugins/registry.terraform.io/-/google/${terraform_provider_github_version}/linux_amd64/ && \
ln -s /home/atlantis/terraform-providers/terraform-provider-github_v${terraform_provider_github_version}_x4 /home/atlantis/.terraform.d/plugins/registry.terraform.io/hashicorp/google/${terraform_provider_github_version}/linux_amd64/terraform-provider-github_v${terraform_provider_github_version} && \
ln -s /home/atlantis/terraform-providers/terraform-provider-github_v${terraform_provider_github_version}_x4 /home/atlantis/.terraform.d/plugins/registry.terraform.io/-/google/${terraform_provider_github_version}/linux_amd64/terraform-provider-github_v${terraform_provider_github_version} && \
# Fetch Terraform Kafka Provider (Both for TF 0.12 & TF 0.13)
wget --directory-prefix=/tmp ${terraform_provider_kafka_uri} && \
echo "$terraform_provider_kafka_sha256sum terraform-provider-kafka_${terraform_provider_kafka_version}_linux_amd64.zip" | sha256sum -c - && \
cd /tmp && unzip terraform-provider-kafka_${terraform_provider_kafka_version}_linux_amd64.zip && \
chmod +x terraform-provider-kafka_v${terraform_provider_kafka_version} && \
cp terraform-provider-kafka_v${terraform_provider_kafka_version} /home/atlantis/terraform-providers && \
ln -s /home/atlantis/terraform-providers/terraform-provider-kafka_v${terraform_provider_kafka_version} /home/atlantis/.terraform.d/plugins/terraform-provider-kafka && \
mkdir -p /home/atlantis/.terraform.d/plugins/registry.terraform.io/Mongey/kafka/${terraform_provider_kafka_version}/linux_amd64/ && \
mkdir -p /home/atlantis/.terraform.d/plugins/registry.terraform.io/-/kafka/${terraform_provider_kafka_version}/linux_amd64/ && \
ln -s /home/atlantis/terraform-providers/terraform-provider-kafka_v${terraform_provider_kafka_version} /home/atlantis/.terraform.d/plugins/registry.terraform.io/Mongey/kafka/${terraform_provider_kafka_version}/linux_amd64/terraform-provider-kafka_v${terraform_provider_kafka_version} && \
ln -s /home/atlantis/terraform-providers/terraform-provider-kafka_v${terraform_provider_kafka_version} /home/atlantis/.terraform.d/plugins/registry.terraform.io/-/kafka/${terraform_provider_kafka_version}/linux_amd64/terraform-provider-kafka_v${terraform_provider_kafka_version} && \
# Fetch Terraform Random Provider (Both for TF 0.12 & TF 0.13)
wget --directory-prefix=/tmp ${terraform_provider_random_uri} && \
echo "$terraform_provider_random_sha256sum terraform-provider-random_${terraform_provider_random_version}_linux_amd64.zip" | sha256sum -c - && \
cd /tmp && unzip terraform-provider-random_${terraform_provider_random_version}_linux_amd64.zip && \
chmod +x terraform-provider-random_v${terraform_provider_random_version}_x4 && \
cp terraform-provider-random_v${terraform_provider_random_version}_x4 /home/atlantis/terraform-providers && \
ln -s /home/atlantis/terraform-providers/terraform-provider-random_v${terraform_provider_random_version}_x4 /home/atlantis/.terraform.d/plugins/terraform-provider-random && \
mkdir -p /home/atlantis/.terraform.d/plugins/registry.terraform.io/hashicorp/random/${terraform_provider_random_version}/linux_amd64/ && \
mkdir -p /home/atlantis/.terraform.d/plugins/registry.terraform.io/-/random/${terraform_provider_random_version}/linux_amd64/ && \
ln -s /home/atlantis/terraform-providers/terraform-provider-random_v${terraform_provider_random_version}_x4 /home/atlantis/.terraform.d/plugins/registry.terraform.io/hashicorp/random/${terraform_provider_random_version}/linux_amd64/terraform-provider-random_v${terraform_provider_random_version} && \
ln -s /home/atlantis/terraform-providers/terraform-provider-random_v${terraform_provider_random_version}_x4 /home/atlantis/.terraform.d/plugins/registry.terraform.io/-/random/${terraform_provider_random_version}/linux_amd64/terraform-provider-random_v${terraform_provider_random_version} && \
# Delete all the /tmp folder to make sure it deletes all downloads
rm -rf /tmp/*
# Based on https://gist.github.com/dmattia/0d17696bad1dffd90ec7c899e0343955 for less verbose terragrunt output from . Our version is a more extended one.
COPY terragrunt_light.js /home/atlantis/terragrunt_light.js
# Wrapper Script which tries to run git hooks if the repo cloned to atlantis include some in a certain directory.
COPY post-checkout.sh /home/atlantis/hooks/post-checkout
Raw
post-checkout.sh
#!/bin/bash
## Make sure to give execution permissions.
# Checks if a post-checkout.sh script exists in `atlantis-hooks` folder in order to auto-run that.
PWD=`pwd`
FILE=$PWD/atlantis-git-hooks/repo-post-checkout.sh
if [ -f "$FILE" ]; then
echo "$FILE exists in the repo $PWD."
exec $FILE
else
echo "$FILE does not exist in the repo $PWD."
fi
Raw
repo-post-checkout.sh
#!/bin/bash
## This should be placed in folder `atlantis-git-hooks/repo-post-checkout.sh` in your Environments repo (where Terragrunt code lives).
## Make sure to give execution permissions.
result=${PWD##*/}
if [ $result = "default" ]; then
echo "Default Workspace. Atlantis Config will be generated."
exec terragrunt-atlantis-config generate --ignore-parent-terragrunt --autoplan --workflow terragrunt --parallel --create-workspace --create-project-name --output ./atlantis.yaml
else
echo "Not the Default Workspace. Will clone atlantis.yaml from default workspace and will skip re-generating it."
ln -s ../default/atlantis.yaml atlantis.yaml
fi
Raw
repos.yaml
terragrunt:
plan:
steps:
- env:
name: TERRAGRUNT_TFPATH
command: 'echo "terraform${ATLANTIS_TERRAFORM_VERSION}"'
- run: node ~/terragrunt_light.js plan $PLANFILE
apply:
steps:
- env:
name: TERRAGRUNT_TFPATH
command: 'echo "terraform${ATLANTIS_TERRAFORM_VERSION}"'
- run: node ~/terragrunt_light.js apply $PLANFILE
Raw
terragrunt_light.js
/**
* Wrapper around terragrunt to display output succinctly on Atlantis.
*
* Terragrunt is notoriously verbose, which can cause Atlantis to output
* hundreds of comments on single PRs, which can be annoying.
*
* This script will output just the final plan for resources to update on
* successful terragrunt runs, but will output all terragrunt output on
* errors.
*/
const shell = require('shelljs');
const path = require('path');
/**
* Promisifies shelljs.exec
*
* @param {string} command - Command to execute in the local shell
*/
async function run(command) {
return new Promise((resolve) => {
shell.exec(command, { silent: true }, (code, stdout, stderr) => {
resolve({ code, stdout, stderr });
});
});
}
/**
* Runs a plan via terragrunt. Output is only shown on error
*
* @param {string} file - name of the plan file to show the output of
*/
async function runPlan(file) {
const { code, stderr } = await run(`terragrunt plan -no-color -out=${file}`);
if (code != 0) {
console.log(stderr);
throw Error(`Failed to run plan in ${shell.pwd()}`);
}
}
/**
* Prints a representation of the terraform plan output to the console
*
* @param {string} file - name of the plan file to show the output of
*/
async function printPlanFile(file) {
const { dir, base } = path.parse(file);
shell.cd(dir);
const { stdout } = await run(`terragrunt show -no-color ${base}`);
console.log(stdout);
}
/**
* Runs an apply via terragrunt. Output is only shown on error
*
* @param {string} file - name of the plan file to be used for apply
*/
async function runAndPrintApply(file) {
const { code, stdout, stderr } = await run(`terragrunt apply -no-color ${file}`);
if (code != 0) {
console.log(stderr);
throw Error(`Failed to run apply in ${shell.pwd()}`);
} else {
console.log(stdout);
shell.rm(file)
}
}
/**
* Main function
*/
async function main() {
var args = process.argv.slice(2);
var command = args[0];
var planFilePath = args[1];
if (command.toString().trim() === 'apply') {
await runAndPrintApply(planFilePath);
} else {
await runPlan(planFilePath);
await printPlanFile(planFilePath);
}
}
/**
* Run the program, exiting with a status code of 1 on any error
*/
main().catch((err) => {
console.error(err);
process.exit(1);
});
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment