A Docker image to build with Terraform and the AWS CLI on CI servers (like Bitbucket or GitHub Actions)
These images are available in Docker Hub.
Images are also published to the GitHub Container Repository, but those images are intended only for use in this project's CI pipeline. Docker Hub has a much cleaner version history.
This image can be used as the container in a GitHub action like this:
jobs:
my_job:
runs-on: ubuntu-latest # Use Ubuntu to spin up the Action's Docker container
container: jdlubrano/terraform-aws-ci:latest # Or use a stable v*.*.* tag
steps:
- uses: actions/checkout@v2
- name: My Terraform step
run: terraform init
- name: My AWS CLI step
run: aws --version
This image can be used in a Bitbucket pipeline like this:
image: jdlubrano/terraform-aws-ci:latest # Or use a stable v*.*.* tag
pipelines:
default:
- step:
name: My Terraform step
script:
- terraform init
- step:
name: My AWS step
script:
- aws --version
You can, of course, also use this image for a specific build step, too:
pipelines:
default:
- step:
name: My Terraform and AWS steps
image: jdlubrano/terraform-aws-ci:latest # Or use a stable v*.*.* tag
script:
- terraform init
- aws --version
These images are scanned by Snyk on a nightly basis. A new patch version will be released as quickly as possible when a fix for any security vulnerability becomes available.
One way to build a new Docker image that includes updated security patches is to push an empty commit and then push a new patch-level tag.
git commit --allow-empty -m "Empty commit to pick up security patches"
git push origin main
# ...wait for passing build
git tag ...
git push --tags