├── .gitignore ├── hooks └── build ├── config.sample.sh ├── Dockerfile ├── terraform.sh ├── LICENSE.txt └── README.md /.gitignore: -------------------------------------------------------------------------------- 1 | config.sh 2 | -------------------------------------------------------------------------------- /hooks/build: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | docker build --build-arg VCS_REF=`git rev-parse --short HEAD` -t $IMAGE_NAME . 3 | -------------------------------------------------------------------------------- /config.sample.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ATLAS_TOKEN='tokenforAtlas' 4 | DATA_DIR='/path/to/data' 5 | DOCKER_SOCKET='/var/run/docker.sock' 6 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.13 2 | 3 | ENV TERRAFORM_VERSION=0.14.11 4 | 5 | VOLUME ["/data"] 6 | 7 | WORKDIR /data 8 | 9 | ENTRYPOINT ["/usr/bin/terraform"] 10 | 11 | CMD ["--help"] 12 | 13 | RUN apk update && \ 14 | apk add curl jq python3 bash ca-certificates git openssl unzip wget && \ 15 | cd /tmp && \ 16 | wget https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \ 17 | unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/bin && \ 18 | wget https://dl.google.com/dl/cloudsdk/channels/rapid/google-cloud-sdk.zip -O /tmp/google-cloud-sdk.zip && \ 19 | cd /usr/local && unzip /tmp/google-cloud-sdk.zip && \ 20 | google-cloud-sdk/install.sh --usage-reporting=false --path-update=true --bash-completion=true && \ 21 | google-cloud-sdk/bin/gcloud config set --installation component_manager/disable_update_check true && \ 22 | rm -rf /tmp/* && \ 23 | rm -rf /var/cache/apk/* && \ 24 | rm -rf /var/tmp/* 25 | 26 | ENV PATH = $PATH:/usr/local/google-cloud-sdk/bin/ 27 | 28 | ARG VCS_REF 29 | 30 | LABEL org.label-schema.vcs-ref=$VCS_REF \ 31 | org.label-schema.vcs-url="https://github.com/broadinstitute/docker-terraform" 32 | -------------------------------------------------------------------------------- /terraform.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | DOCKER_IMAGE='broadinstitute/terraform:latest' 4 | SUDO= 5 | 6 | SCRIPT_DIR="$( cd -P "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 7 | # shellcheck source=/dev/null 8 | source "${SCRIPT_DIR}/config.sh" 9 | 10 | usage() { 11 | PROG="$(basename "$0")" 12 | echo "usage: ${PROG} [--version] [--help] []" 13 | } 14 | 15 | if [ "$TERM" != 'dumb' ] ; then 16 | TTY='-it' 17 | fi 18 | 19 | EXTRA_OPTS= 20 | if [ -n "$ATLAS_TOKEN" ]; then 21 | EXTRA_OPTS="-e ATLAS_TOKEN=${ATLAS_TOKEN}" 22 | fi 23 | 24 | if [ "$(uname -s)" != 'Darwin' ]; then 25 | if [ ! -w "$DOCKER_SOCKET" ]; then 26 | SUDO='sudo' 27 | fi 28 | fi 29 | 30 | if [ -z "$1" ]; then 31 | usage 32 | exit 1 33 | fi 34 | 35 | # Map the terraform data directory into the container 36 | DATA_FQP="$( cd -P "${DATA_DIR}" && pwd )" 37 | if [ ! -d "$DATA_FQP" ]; then 38 | echo "Directory '${DATA_FQP}' does not exist...exiting." 39 | exit 2 40 | fi 41 | 42 | # Map gcloud configuration if it exists 43 | GCLOUD_CONFIG="$( cd -P "${HOME}/.config/gcloud" && pwd )" 44 | if [ -d "$GCLOUD_CONFIG" ]; then 45 | EXTRA_OPTS="${EXTRA_OPTS} -v ${GCLOUD_CONFIG}:/root/.config/gcloud" 46 | fi 47 | 48 | # shellcheck disable=SC2068,SC2086 49 | $SUDO docker run $TTY --rm -v "${DATA_FQP}:/data" $EXTRA_OPTS "$DOCKER_IMAGE" $@ 50 | -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- 1 | Copyright (c) 2015-2021, Broad Institute, Inc. 2 | All rights reserved. 3 | 4 | Redistribution and use in source and binary forms, with or without 5 | modification, are permitted provided that the following conditions are met: 6 | 7 | * Redistributions of source code must retain the above copyright notice, this 8 | list of conditions and the following disclaimer. 9 | 10 | * Redistributions in binary form must reproduce the above copyright notice, 11 | this list of conditions and the following disclaimer in the documentation 12 | and/or other materials provided with the distribution. 13 | 14 | * Neither the name Broad Institute, Inc. nor the names of its 15 | contributors may be used to endorse or promote products derived from 16 | this software without specific prior written permission. 17 | 18 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 19 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 21 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 22 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 24 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 25 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 26 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # broadinstitute/docker-terraform 2 | [![](https://images.microbadger.com/badges/image/broadinstitute/terraform.svg)](http://microbadger.com/images/broadinstitute/terraform "Get your own image badge on microbadger.com") 3 | [![](https://images.microbadger.com/badges/version/broadinstitute/terraform.svg)](https://hub.docker.com/r/broadinstitute/terraform/) 4 | [![Docker Hub](http://img.shields.io/docker/pulls/broadinstitute/terraform.svg)](https://hub.docker.com/r/broadinstitute/terraform/) 5 | 6 | ## What is terraform 7 | 8 | [Terraform][1] provides a common configuration to launch infrastructure from physical and virtual servers to email and DNS providers. Once launched, [Terraform][1] safely and efficiently changes infrastructure as the configuration is evolved. 9 | 10 | Simple file based configuration gives you a single view of your entire infrastructure. 11 | 12 | http://www.terraform.io/ 13 | 14 | ## Dockerfile 15 | 16 | This Docker image is based on the official [Alpine][2] 3.2 base image. 17 | 18 | ## Terraform configuration files 19 | 20 | This container expects the user to mount in a directory, which will be mapped to the `/data` directory inside the container. This is the directory from which [Terraform][1] is configured to read the configuration files referenced by the commands you call. 21 | 22 | ## How to run this image 23 | 24 | For most terraform commands, the run command is as simple as: 25 | 26 | ``` 27 | docker run -it --rm broadinstitute/terraform [--version] [--help] [] 28 | ``` 29 | 30 | Some, however, require higher network privileges and SSL certificates to function correctly, which need to be mapped into the `/etc/ssl/certs` directory in the container, similar to: 31 | 32 | ``` 33 | docker run -it --rm -v /etc/ssl/certs:/etc/ssl/certs:ro --net=host broadinstitute/terraform [--version] [--help] [] 34 | ``` 35 | 36 | Therefore, the repository used to build this container also contains a usedful `terraform.sh` script that will handle most of this so that the commands can be much shorter. All that is required is filling in a `config.sh` script so that the script will know where the `/data` directory is located as well as the path to the SSL certificates. The script will then determine whether each individual run requires the certificates as well as things like `sudo`, etc. Therefore, for the commands below, you could substitute the `terraform.sh` script for everything but the command and options. For example, if you have the `config.sh` correctly configured, you could do the following to run the **apply** command: 37 | 38 | ``` 39 | ./terraform.sh apply [options] 40 | ``` 41 | 42 | ### terraform apply 43 | 44 | ``` 45 | docker run -it --rm -v /data:/data -v /etc/ssl/certs:/etc/ssl/certs:ro --net=host broadinstitute/terraform apply [options] 46 | ``` 47 | 48 | ### terraform destroy 49 | 50 | ``` 51 | docker run -it --rm -v /data:/data broadinstitute/terraform destroy [options] [DIR] 52 | ``` 53 | 54 | ### terraform get 55 | 56 | ``` 57 | docker run -it --rm -v /data:/data broadinstitute/terraform get [options] PATH 58 | ``` 59 | 60 | ### terraform graph 61 | 62 | ``` 63 | docker run -it --rm -v /data:/data broadinstitute/terraform graph [options] 64 | ``` 65 | 66 | ### terraform init 67 | 68 | ``` 69 | docker run -it --rm -v /data:/data broadinstitute/terraform init [options] SOURCE [PATH] 70 | ``` 71 | 72 | ### terraform output 73 | 74 | ``` 75 | docker run -it --rm -v /data:/data broadinstitute/terraform output [options] NAME 76 | ``` 77 | 78 | ### terraform plan 79 | 80 | ``` 81 | docker run -it --rm -v /data:/data -v /etc/ssl/certs:/etc/ssl/certs:ro --net=host broadinstitute/terraform plan [options] 82 | ``` 83 | 84 | ### terraform push 85 | 86 | ``` 87 | docker run -it --rm -v /data:/data -v /etc/ssl/certs:/etc/ssl/certs:ro --net=host broadinstitute/terraform push [options] 88 | ``` 89 | 90 | ### terraform refresh 91 | 92 | ``` 93 | docker run -it --rm -v /data:/data -v /etc/ssl/certs:/etc/ssl/certs:ro --net=host broadinstitute/terraform refresh [options] 94 | ``` 95 | 96 | ### terraform remote 97 | 98 | ``` 99 | docker run -it --rm -v /data:/data -v /etc/ssl/certs:/etc/ssl/certs:ro --net=host broadinstitute/terraform remote [options] 100 | ``` 101 | 102 | ### terraform show 103 | 104 | ``` 105 | docker run -it --rm -v /data:/data broadinstitute/terraform show terraform.tfstate [options] 106 | ``` 107 | 108 | ### terraform taint 109 | 110 | ``` 111 | docker run -it --rm -v /data:/data -v /etc/ssl/certs:/etc/ssl/certs:ro --net=host broadinstitute/terraform taint [options] name 112 | ``` 113 | 114 | ### terraform version 115 | 116 | ``` 117 | docker run -it --rm broadinstitute/terraform version 118 | ``` 119 | 120 | [1]: http://www.terraform.io/ "Terraform" 121 | [2]: https://registry.hub.docker.com/_/alpine "Alpine" 122 | --------------------------------------------------------------------------------