Giter Site home page Giter Site logo

zilberd-forks / easy_infra Goto Github PK

View Code? Open in Web Editor NEW

This project forked from seisollc/easy_infra

0.0 0.0 0.0 3.63 MB

A docker container to simplify and secure the use of Infrastructure as Code (IaC)

Home Page: https://seisollc.com

License: BSD 3-Clause "New" or "Revised" License

Shell 13.15% Python 71.70% HCL 0.62% Jinja 14.53%

easy_infra's Introduction

Easy Infra[structure as Code]

Getting Started

easy_infra is a docker container that simplifies and secures Infrastructure as Code deployments by running security scans prior to running IaC tools. It supports three main use cases:

  1. Experimentation by supporting interactive use and secure troubleshooting.
  2. Continuous Integration as a part of Pull/Merge Request validation.
  3. Continuous Deployment as an automated deployment tool.

In order to run your infrastructure code from within the container, volume mount your files into /iac and pass it your command, for example:

docker run -v .:/iac seiso/easy_infra:latest-terraform terraform validate

You can simplify your workflow further by using aliases. For instance, consider putting something like the following in your .zshrc, .bashrc, or similar:

alias terraform="docker run -v .:/iac seiso/easy_infra:latest-terraform terraform"

This will allow you to run simple terraform commands at the command-line, which will run transparently in easy_infra:

terraform validate
terraform plan
terraform apply

To learn more, check out our documentation and CONTRIBUTING.md.

Secure by default

This container provides security features by default. Deploying an environment using terraform would likely look something like this:

docker run -v .:/iac seiso/easy_infra:latest-terraform /bin/bash -c "terraform init && terraform apply -auto-approve"

What easy_infra does in this case is:

  1. Run a checkov security scan
  2. Run terraform init
  3. Identify if the filesystem changed, and only if so, run another checkov security scan
  4. Run terraform apply -auto-approve

Learning mode

The learning mode suppresses the exit codes of any injected validation, hook, or security tooling, ensuring the provided commands will run. This can be configured by setting the LEARNING_MODE environment variable to true, for instance:

docker run -e LEARNING_MODE=true -v .:/iac seiso/easy_infra:latest-terraform terraform apply -auto-approve

Debugging

If you'd like to enable debug logs at runtime, pass an environment variable of LOG_LEVEL with a value of DEBUG, such as:

docker run -e LOG_LEVEL=DEBUG -v .:/iac seiso/easy_infra:latest-terraform terraform validate

easy_infra's People

Contributors

jonzeolla avatar seisoautomation avatar github-actions[bot] avatar chiefholland avatar digeseiso avatar callmestu avatar scriptornaut avatar seanctech avatar derekseisollc avatar jimmio avatar tpears avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.