Fix/docker file

.docker/Dockerfile

@@ -0,0 +1,186 @@
+# Pull base image.
+FROM phusion/baseimage:jammy-1.0.4
+
+#####################################
+ENV LANG C.UTF-8
+ENV LC_ALL en_US.UTF-8
+ENV DEBIAN_FRONTEND noninteractive
+
+###
+ENV PHP_VERSION 8.3.10
+ENV PACKER_VERSION 1.11.2
+ENV TERRAFORM_VERSION 1.9.0
+ENV ANSIBLE_VERSION 10.3.0
+ENV LINT_VERSION 4.1.0
+ENV KUBECTL_VERSION 1.31.0
+ENV HELM_VERSION 3.15.1
+ENV AZURE_CLI_VERSION 2.63.0-1~jammy
+ENV AWS_CLI_VERSION 2.17.33
+ENV K9s_Version 0.32.5
+ENV GCLOUD_VERSION 489.0.0
+ENV KUI_Version 13.1.4
+ENV KUBECTX_VERSION 0.9.4
+ENV KUBENS_VERSION 0.9.4
+
+####################################
+
+#User
+RUN useradd ubuntu
+RUN passwd -d ubuntu
+RUN passwd -d root
+RUN echo "PermitEmptyPasswords yes" >> /etc/ssh/sshd_config && echo "ubuntu ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers 
+RUN echo "ChallengeResponseAuthentication no" >> /etc/ssh/sshd_config
+RUN echo "PubkeyAuthentication yes" >> /etc/ssh/sshd_config
+RUN chsh -s `which bash` ubuntu
+RUN usermod -d /home/ubuntu ubuntu
+RUN mkdir -p /home/ubuntu
+RUN mkdir -p /home/ubuntu/.ssh
+RUN chmod 755 /home/ubuntu/.ssh
+RUN chown -R ubuntu:ubuntu /home/ubuntu
+RUN chmod 755 /home/ubuntu
+ENV BOOT2DOCKER_ID 501
+ENV BOOT2DOCKER_GID 20
+# Tweaks to give write permissions to the app
+RUN usermod -u ${BOOT2DOCKER_ID} ubuntu && \
+    usermod -G staff ubuntu
+RUN groupmod -g $(($BOOT2DOCKER_GID + 10000)) $(getent group $BOOT2DOCKER_GID | cut -d: -f1) && groupmod -g ${BOOT2DOCKER_GID} staff
+RUN add-apt-repository ppa:longsleep/golang-backports
+
+#General
+RUN apt remove -y python3
+RUN apt update && apt upgrade -y
+RUN apt install -y      \
+	curl                   \
+	git                    \
+	zip                    \
+	unzip                  \
+	vim                    \
+	ruby-full              \
+	openssh-server         \
+	zsh                    \
+	figlet                 \
+	sysvbanner             \
+	htop                   \
+	python3-pip            \
+	wget                   \
+	ca-certificates        \
+	openssl                \
+	yamllint               \
+	inetutils-ping         \
+	telnet                 \
+	golang-go              \
+	libssl-dev             \
+    apt-transport-https    \
+    ca-certificates        \
+    gnupg
+
+
+# ZSH
+ADD ./etc/install-zsh.sh /root/install-zsh.sh
+ADD ./etc/install-zsh.sh /home/ubuntu/install-zsh.sh
+
+RUN chmod +x /root/install-zsh.sh
+RUN chmod +x /home/ubuntu/install-zsh.sh
+RUN sh /root/install-zsh.sh
+RUN su - ubuntu -c "sh /home/ubuntu/install-zsh.sh"
+RUN rm /root/.zshrc && chsh -s `which zsh` && chsh -s `which zsh` ubuntu && chmod -R 755 /usr/local/share/zsh*
+RUN mkdir -p ~/.oh-my-zsh/custom/plugins/copydir
+RUN curl -L https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/plugins/copypath/copypath.plugin.zsh -o ~/.oh-my-zsh/custom/plugins/copydir/copydir.plugin.zsh
+
+##Python with Packages
+RUN pip install ansible==${ANSIBLE_VERSION} \
+                 ansible-lint==${LINT_VERSION} \
+                 mongotail \
+                 bumpversion \
+                 pip \
+                 yamllint
+
+#terraform	
+RUN cd /tmp && \
+     wget https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
+     unzip -o terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/bin && \
+     rm terraform_${TERRAFORM_VERSION}_linux_amd64.zip
+
+# Packer
+RUN cd /tmp && \
+    wget https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_amd64.zip && \
+    unzip -o packer_${PACKER_VERSION}_linux_amd64.zip -d /usr/bin && \
+    rm packer_${PACKER_VERSION}_linux_amd64.zip
+
+#Kubectl
+RUN cd /usr/bin && \
+    curl -LO https://storage.googleapis.com/kubernetes-release/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl && \
+    chmod +x ./kubectl
+
+# Helm
+RUN cd /tmp && \
+    wget https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \
+    tar -zxvf helm* && \
+    mv linux-amd64/helm /usr/local/bin/helm && \
+    rm helm* && \
+    rm -rf linux-amd64 helm*
+
+#Azure Cli
+RUN apt-get install -y lsb-release && \
+    mkdir -p /etc/apt/keyrings && \
+    curl -sLS https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > /etc/apt/keyrings/microsoft.gpg && \
+    chmod go+r /etc/apt/keyrings/microsoft.gpg && \
+    AZ_DIST=$(lsb_release -cs) && \
+    echo "Types: deb\nURIs: https://packages.microsoft.com/repos/azure-cli/\nSuites: ${AZ_DIST}\nComponents: main\nArchitectures: $(dpkg --print-architecture)\nSigned-by: /etc/apt/keyrings/microsoft.gpg" | tee /etc/apt/sources.list.d/azure-cli.sources && \
+    apt-get update && \
+    apt-get install azure-cli=${AZURE_CLI_VERSION} && \
+    rm -rf /var/lib/apt/lists/*
+
+#Aws Cli
+RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-${AWS_CLI_VERSION}.zip" -o "awscliv2.zip" && \
+    unzip awscliv2.zip && \
+    ./aws/install -i /usr/local/aws-cli -b /usr/local/bin && \
+    mv /usr/local/bin/aws /bin
+
+#gcloud
+RUN cd /tmp && \
+    wget https://storage.googleapis.com/cloud-sdk-release/google-cloud-cli-${GCLOUD_VERSION}-linux-arm.tar.gz && \
+    tar -xvzf google-cloud-cli-${GCLOUD_VERSION}-linux-arm.tar.gz && \
+    mv google-cloud-sdk /usr/local/gcloud && \
+    /usr/local/gcloud/install.sh --quiet && \
+    rm /tmp/google-cloud-cli-${GCLOUD_VERSION}-linux-arm.tar.gz
+ENV PATH $PATH:/usr/local/gcloud/google-cloud-sdk/bin
+
+#k9s
+RUN curl -LO https://github.com/derailed/k9s/releases/latest/download/k9s_Linux_amd64.tar.gz && \
+    tar -xzf k9s_Linux_amd64.tar.gz && \
+    mv k9s /usr/local/bin/ && \
+    rm k9s_Linux_amd64.tar.gz
+
+#Kubectx
+RUN git clone https://github.com/ahmetb/kubectx /opt/kubectx \
+    && ln -s /opt/kubectx/kubectx /usr/local/bin/kubectx \
+    && ln -s /opt/kubectx/kubens /usr/local/bin/kubens
+
+#tfswitch
+RUN curl -L https://raw.githubusercontent.com/warrensbox/terraform-switcher/release/install.sh | bash -s -- -b /usr/local/bin
+
+#kubectx
+RUN curl -L https://github.com/ahmetb/kubectx/releases/download/v${KUBECTX_VERSION}/kubectx -o /usr/local/bin/kubectx && \
+    chmod +x /usr/local/bin/kubectx
+
+#kubens
+RUN curl -L https://github.com/ahmetb/kubectx/releases/download/v${KUBENS_VERSION}/kubens -o /usr/local/bin/kubens && \
+    chmod +x /usr/local/bin/kubens && \
+    mkdir -p /home/ubuntu/.kube/config && \
+    chmod 644 /home/ubuntu/.kube/config
+
+#Opentofu
+RUN cd /tmp
+RUN curl --proto '=https' --tlsv1.2 -fsSL https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh && \
+     chmod +x install-opentofu.sh && \
+     ./install-opentofu.sh --install-method standalone && \
+     rm -f install-opentofu.sh
+
+# Clean up APT when done.
+RUN apt clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/ /var/cache/apk/**
+WORKDIR /home/ubuntu/workspace
+
+# Define default command.
+EXPOSE 22
+CMD ["/usr/sbin/sshd", "-D"]

.docker/etc/install-zsh.sh

@@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+set -e
+
+if [ ! -n "$ZSH" ]; then
+  ZSH=~/.oh-my-zsh
+fi
+
+if [ -d "$ZSH" ]; then
+  echo "\033[0;33mYou already have Oh My Zsh installed.\033[0m You'll need to remove $ZSH if you want to install"
+  exit
+fi
+
+echo "\033[0;34mCloning Oh My Zsh...\033[0m"
+hash git >/dev/null 2>&1 && env git clone --depth=1 https://github.com/robbyrussell/oh-my-zsh.git $ZSH || {
+  echo "git not installed"
+  exit
+}
+
+echo "\033[0;34mLooking for an existing zsh config...\033[0m"
+if [ -f ~/.zshrc ] || [ -h ~/.zshrc ]; then
+  echo "\033[0;33mFound ~/.zshrc.\033[0m \033[0;32mBacking up to ~/.zshrc.pre-oh-my-zsh\033[0m";
+  mv ~/.zshrc ~/.zshrc.pre-oh-my-zsh;
+fi
+
+echo "\033[0;34mUsing the Oh My Zsh template file and adding it to ~/.zshrc\033[0m"
+cp $ZSH/templates/zshrc.zsh-template ~/.zshrc
+sed -i -e "/^export ZSH=/ c\\
+export ZSH=$ZSH
+" ~/.zshrc
+
+echo "\033[0;34mCopying your current PATH and adding it to the end of ~/.zshrc for you.\033[0m"
+sed -i -e "/export PATH=/ c\\
+export PATH=\"$PATH\"
+" ~/.zshrc
+
+echo "\033[0;34mCloning Plugins...\033[0m"
+git clone https://github.com/zsh-users/zsh-syntax-highlighting /usr/local/share/zsh-syntax-highlighting || true
+git clone https://github.com/zsh-users/zsh-autosuggestions /usr/local/share/zsh-autosuggestions || true

.github/CODEOWNERS

@@ -0,0 +1,2 @@
+# These owners will be the default owners for everything in the repo.
+*    @anmolnagpal @clouddrove-ci

.github/dependabot.yml

@@ -0,0 +1,30 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 3
+    assignees:
+      - "clouddrove-ci"
+    reviewers:
+      - "approvers"
+
+  - package-ecosystem: "docker" # See documentation for possible values
+    directory: "/.docker" # Location of package manifests
+    schedule:
+      interval: "weekly"
+    # Add assignees
+    assignees:
+      - "clouddrove-ci"
+    # Add reviewer
+    reviewers:
+      - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3

.github/workflows/docker-scanner.yaml

@@ -0,0 +1,18 @@
+name: Docker Workflow
+# This permission are helpful for pushing vulnerability in security tab
+permissions:
+  actions: read
+  contents: read
+  security-events: write
+  statuses: write
+
+on:
+  workflow_dispatch:
+
+jobs:
+  docker-scanner:
+    uses: clouddrove/github-shared-workflows/.github/workflows/[email protected]
+    with:
+      severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
+      dockerfile-path: "./docker/Dockerfile"
+      security-upload: "true"

bin/devops/etc/zsh/aliases.conf

@@ -0,0 +1,6 @@
+alias tf="terraform"
+alias k="kubectl"
+alias kx="kubectx"
+alias kns="kubens"
+alias tap="terraform apply"
+alias tp="terraform plan"

bin/devops/etc/zshrc

@@ -43,7 +43,7 @@ SAVEHIST=1000 # saved history
 source /usr/local/share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh
 source /usr/local/share/zsh-autosuggestions/zsh-autosuggestions.zsh
 
-plugins=(git cp git-extras gnu-utils history pip python ruby screen composer aws npm node common-aliases cp copyfile copydir github sudo ubuntu history-substring-search)
+plugins=(git cp git-extras gnu-utils history pip python ruby screen composer aws npm node common-aliases cp copyfile copypath github sudo ubuntu history-substring-search)
 
 typeset -g -A key
 

docker-compose.yml

@@ -3,7 +3,7 @@ version: '2.1'
 services:
   devops:
     container_name: devops
-    image: anmolnagpal/devops-machine:0.0.1
+    image: clouddrove/devops-machine:0.0.1
     mem_limit: 3g
     memswap_limit: 3g
     cpu_shares: 30
@@ -21,6 +21,7 @@ services:
       - ~/.aws:/home/ubuntu/.aws
       - ~/.zsh_history:/home/ubuntu/.zsh_history
       - ~/.gitconfig:/home/ubuntu/.gitconfig
+      - ~/.kube:/home/ubuntu/.kube
     networks:
       dev_net_devops:
         ipv4_address: 10.13.0.13
@@ -31,6 +32,4 @@ networks:
     ipam:
      config:
        - subnet: 10.13.0.0/16
-         gateway: 10.13.0.1
-
-
+         gateway: 10.13.0.1