-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 3268368
Showing
6 changed files
with
267 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
name: Run Shared Build Workflow | ||
|
||
on: | ||
pull_request: | ||
branches: | ||
- main | ||
- master | ||
|
||
jobs: | ||
build: | ||
permissions: | ||
contents: read | ||
uses: jabez007/aws-kubectl/.github/workflows/shared.build_and_push.yml@master | ||
with: | ||
build-args: | | ||
AWS_REGION=${{ vars.AWS_REGION }} | ||
EKS_CLUSTER=${{ vars.EKS_CLUSTER }} | ||
secrets: inherit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
name: Run Shared Build and Push Workflow | ||
|
||
on: | ||
push: | ||
branches: | ||
- main | ||
- master | ||
paths: | ||
- 'Dockerfile' | ||
- '*.sh' | ||
|
||
jobs: | ||
build_and_push: | ||
permissions: | ||
contents: read | ||
packages: write # required if push is true | ||
uses: jabez007/aws-kubectl/.github/workflows/shared.build_and_push.yml@master | ||
with: | ||
push: true | ||
build-args: | | ||
AWS_REGION=${{ vars.AWS_REGION }} | ||
EKS_CLUSTER=${{ vars.EKS_CLUSTER }} | ||
secrets: inherit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,95 @@ | ||
name: Build and Push Docker Image to GHCR | ||
|
||
on: | ||
workflow_call: | ||
inputs: | ||
artifact-name: | ||
required: false | ||
type: string | ||
artifact-path: | ||
type: string | ||
default: . | ||
platforms: | ||
type: string | ||
default: linux/amd64,linux/arm64 | ||
build-args: | ||
required: false | ||
type: string | ||
tag: | ||
required: false | ||
type: string | ||
push: | ||
type: boolean | ||
default: false | ||
|
||
jobs: | ||
build-and-push: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v2 | ||
|
||
- name: See which repo we just cloned | ||
if: ${{ vars.PIPELINE_DEBUG == 'true' }} | ||
run: ls -lha | ||
|
||
- name: Get short commit hash | ||
id: git_commit | ||
run: echo "short_hash=$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT" | ||
|
||
- name: Download artifacts | ||
if: ${{ inputs.artifact-name != '' }} | ||
uses: actions/download-artifact@v2 | ||
with: | ||
name: ${{ inputs.artifact-name }} | ||
path: ${{ inputs.artifact-path }} | ||
|
||
- name: See which artifacts we just downloaded | ||
if: ${{ inputs.artifact-name != '' && vars.PIPELINE_DEBUG == 'true' }} | ||
run: ls ${{ inputs.artifact-path }} -lha | ||
|
||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v2 | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v2 | ||
|
||
- name: Log in to GitHub Container Registry | ||
if: ${{ inputs.push }} | ||
uses: docker/login-action@v2 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} # The name of the person or app that initiated the workflow. For example, octocat. | ||
password: ${{ secrets.GITHUB_TOKEN }} # automatically provided by GitHub Actions, so you don't need to create it manually. | ||
|
||
- name: Build and push Docker image | ||
if: ${{ inputs.push }} | ||
uses: docker/build-push-action@v4 | ||
with: | ||
platforms: ${{ inputs.platforms }} | ||
build-args: ${{ inputs.build-args }} | ||
context: . | ||
push: true | ||
# GITHUB_REPOSITORY = The owner and repository name. For example, octocat/Hello-World. | ||
# ghcr.io prefix makes sure we are pushing to GHCR | ||
tags: ghcr.io/${{ github.repository }}:${{ github.event.inputs.tag || steps.git_commit.outputs.short_hash }} # octocat/Hello-World:ffac537 | ||
|
||
- name: Build and export Docker image | ||
if: ${{ ! inputs.push }} | ||
uses: docker/build-push-action@v4 | ||
with: | ||
build-args: ${{ inputs.build-args }} | ||
context: . | ||
tags: ${{ github.repository }}:${{ github.event.inputs.tag || steps.git_commit.outputs.short_hash }} | ||
outputs: type=docker,dest=/tmp/${{ github.event.repository.name }}.tar | ||
|
||
- name: Upload image artifacts | ||
if: ${{ ! inputs.push }} | ||
uses: actions/upload-artifact@v2 | ||
with: | ||
name: ${{ steps.git_commit.outputs.short_hash }} | ||
path: /tmp/${{ github.event.repository.name }}.tar | ||
|
||
- name: Post cleanup | ||
run: docker image prune -f |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
ARG AWS_REGION | ||
ARG EKS_CLUSTER | ||
|
||
FROM --platform=$BUILDPLATFORM debian:stable-slim | ||
|
||
# Set target architecture variable | ||
ARG TARGETARCH | ||
|
||
# Install dependencies | ||
RUN apt-get update && apt-get install -y \ | ||
unzip \ | ||
bash \ | ||
curl \ | ||
jq \ | ||
yq \ | ||
&& rm -rf /var/lib/apt/lists/* | ||
|
||
# Install kubectl | ||
RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${TARGETARCH}/kubectl" \ | ||
&& install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl | ||
|
||
# Verify kubectl install | ||
RUN kubectl version --client | ||
|
||
# Install aws cli | ||
RUN if [ "$TARGETARCH" = "arm64" ]; then \ | ||
curl "https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip" -o "awscliv2.zip"; \ | ||
else \ | ||
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"; \ | ||
fi \ | ||
&& unzip awscliv2.zip \ | ||
&& ./aws/install \ | ||
&& rm -rf awscliv2.zip aws | ||
|
||
# Verify aws cli install | ||
RUN aws --version | ||
|
||
# Add aliases to .bashrc | ||
RUN echo "alias update-kubeconfig='aws eks update-kubeconfig --region ${AWS_REGION} --name ${EKS_CLUSTER}'" >> /root/.bashrc | ||
|
||
# Copy the entrypoint script into the container | ||
COPY entrypoint.sh /usr/local/bin/entrypoint.sh | ||
|
||
# Make the entrypoint script executable | ||
RUN chmod +x /usr/local/bin/entrypoint.sh | ||
|
||
# Set the entrypoint to the script | ||
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] | ||
|
||
# Set the working directory | ||
WORKDIR /home/root | ||
|
||
# Set bash as the default shell | ||
CMD ["/bin/bash"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
# aws-kubectl | ||
|
||
This repository provides a Dockerfile to build an image with the AWS CLI and `kubectl` installed. | ||
The image includes a startup script that ensures AWS Single Sign-On (SSO) is configured when the container starts. | ||
Additionally, the image configures an alias in the `.bashrc` to update the kubeconfig with the specified AWS region and EKS cluster name. | ||
|
||
## Features | ||
|
||
- AWS CLI pre-installed | ||
- `kubectl` pre-installed | ||
- Automatic SSO configuration at startup | ||
- Alias for updating kubeconfig with AWS region and EKS cluster | ||
|
||
## Build Arguments | ||
|
||
The Docker image build requires the following arguments: | ||
|
||
- `AWS_REGION`: The AWS region where your EKS cluster is located. | ||
- `EKS_CLUSTER`: The name of your EKS cluster. | ||
|
||
### Build the Docker Image | ||
|
||
To build the Docker image with the required arguments, run: | ||
|
||
```bash | ||
docker build --build-arg AWS_REGION=<your-region> --build-arg EKS_CLUSTER=<your-cluster-name> -t aws-kubectl . | ||
``` | ||
|
||
### Running the Container | ||
|
||
To run the container, ensure your local `.aws` directory is mounted to the container's `/root/.aws` directory. This allows the container to access your AWS configurations and credentials, including SSO profiles. | ||
|
||
#### Example for Linux/macOS, Windows with WSL, or Git Bash | ||
|
||
```bash | ||
docker run -it --rm -v ~/.aws:/root/.aws aws-kubectl | ||
``` | ||
|
||
#### Example for Windows with PowerShell | ||
|
||
```powershell | ||
docker run -it --rm -v ${env:USERPROFILE}\.aws:/root/.aws aws-kubectl | ||
``` | ||
|
||
### Using the Kubeconfig Alias | ||
|
||
Once the container is running, you can use the configured alias to update your kubeconfig: | ||
|
||
```bash | ||
update-kubeconfig | ||
``` | ||
|
||
This command automatically updates the kubeconfig with the AWS region and EKS cluster name specified during the build. | ||
|
||
### Notes | ||
|
||
- The container must have access to your AWS credentials, so mounting your `.aws` directory is necessary. | ||
- The startup script will check if SSO is configured and prompt you if additional steps are required. | ||
|
||
## Contributing | ||
|
||
Feel free to open issues or submit pull requests if you find any bugs or have suggestions for improvements. | ||
|
||
## License | ||
|
||
This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
#!/bin/bash | ||
|
||
# Check if the 'eks' profile exists | ||
aws configure list-profiles | grep -q '^eks$' | ||
if [ $? -eq 0 ]; then | ||
echo "Profile 'eks' found. Running 'aws sso login --profile eks'." | ||
aws sso login --profile eks | ||
else | ||
echo "Profile 'eks' not found. Running 'aws configure sso'." | ||
aws configure sso | ||
fi |