π³ Security-first container image for an all-in-one DevOps environment with popular tools like Ansible, Terraform, kubectl, Helm, AWS CLI, Azure CLI, Git, Python, and more... Pull it and work on your tasks.
- Comprehensive Toolset: Pre-installed with tools like Git, Python, Ansible, Terraform, kubectl, Helm, GitHub CLI, AWS CLI, Azure CLI, Google Cloud CLI, and more.
- Easy Integration: Use it directly or customize it with your preferred versions.
- Efficient Updates: Tool versions are checked automatically and verified against the real installed binaries before every release, so published images track current, patched versions rather than drifting silently.
- Configuration Reusability: Mounts host config folders for seamless reuse across sessions.
The commands below are written for a Bash host shell. Running from a Windows PowerShell host? See windows_usage for the PowerShell-syntax equivalents.
mkdir -p $HOME/.dtc # Skip this step if you already created the configuration folder before
docker pull tungbq/devops-toolkit:latest
docker run -it --rm --name devops-toolkit-demo1 \
-v $HOME/.dtc:/dtc \
--network host \
tungbq/devops-toolkit:latestMount current directory and start the toolkit
docker run -it --name devops-toolkit-demo2 \
--volume "$PWD:$PWD" \
--volume "$HOME/.dtc:/dtc" \
--volume "$HOME/.ssh:/root/.ssh" \
--workdir "$PWD" \
--network host \
tungbq/devops-toolkit:latest
# Adjust the docker run command base on your use casesdocker run -it --name devops-toolkit-demo3 \
--volume "$HOME/.aws:/root/.aws" \
--volume "$HOME/.azure:/root/.azure" \
--volume "$HOME/.kube:/root/.kube" \
--volume "$HOME/.terraform.d:/root/.terraform.d" \
--volume "$HOME/.config/helm:/root/.config/helm" \
--volume "$HOME/.ansible:/root/.ansible" \
--volume "$HOME/.gitconfig:/root/.gitconfig" \
--volume "$HOME/.ssh:/root/.ssh" \
--volume "$PWD:$PWD" \
--workdir "$PWD" \
--network host \
tungbq/devops-toolkit:latest
# Adjust the docker run command base on your use cases.dtcstands for DevOps Toolkit Configuration- You can replace
$HOME/.dtcwith any desired folder path on your VM. - Remove the
-v $HOME/.dtc:/dtcoption if you do not wish to store configurations on the host (not recommended for configuration reuse).
We use the following versioning scheme:
- Repository Tags:
vX.Y.Z(e.g.,v1.2.3) - Docker Tags:
X.Y.Zorlatestfor the most recent version.
You can pull specific versions from Docker Hub using:
docker pull tungbq/devops-toolkit:1.2.3
docker pull tungbq/devops-toolkit:latestFor more details on versioning, check the release notes.
Explore the comprehensive guide below to gain insight into the detailed utilization of every tool within the toolkit.
- For detailed instructions on using specific tools, refer to: DevOps toolkit specific tool user guide
- For instructions on common run modes, visit DevOps toolkit common run mode
- Checkout the Demo code and instruction here.
Built on ubuntu:24.04 base image
| Name | Version | Release | Usage |
|---|---|---|---|
| Python | PYTHON_VERSION=3.12 | Check | python_usage |
| Ansible | ANSIBLE_VERSION=2.21.1 | Check | ansible_usage |
| Terraform | TERRAFORM_VERSION=1.15.8 | Check | terraform_usage |
| Kubectl | KUBECTL_VERSION=1.36.2 | Check | kubectl_usage |
| Helm | HELM_VERSION=3.21.3 | Check | helm_usage |
| GitHub CLI | GH_VERSION=2.96.0 | Check | githubcli_usage |
| AwsCLI | AWSCLI_VERSION=2.35.21 | Check | awscli_usage |
| AzureCLI | AZURECLI_VERSION=2.88.0 | Check | azurecli_usage |
| GCloudCLI | GCLOUD_VERSION=575.0.1 | Check | gcloudcli_usage |
| PowerShell | PS_VERSION=7.6.3 | Check | powershell_usage |
And more tools to be implemented...
Whichever tag you pull β latest or a pinned vX.Y.Z release β you're getting a specific, reproducible set of tool versions, not a silently drifting image. Every version we ship is built from the exact tool versions recorded in toolkit_info.json, verified against the real installed binaries, and scanned for vulnerabilities before it's published, so you can standardize on the toolkit without re-verifying it yourself each time.
- Every image is scanned for
CRITICAL/HIGHvulnerabilities with Trivy before it is merged and before it is published to Docker Hub β builds with fixable findings are blocked. - The published
latestimage is re-scanned on a recurring schedule, and all scan results are published to this repo's Security tab. - A CycloneDX SBOM is generated for every
mainand release build. - See SECURITY.md for the full policy and how to report a vulnerability.
- See: CONTRIBUTING.md
- Looking for the issue to work on? Check the list of our open issues good first issue
- Feel free to open a new issue if you encounter the toolkit bug or want to request more content about DevOps toolkit
- Submit a new issue (π) if you encounter the bug/error when using this toolkit
Licensed under the Apache License, Version 2.0. You're free to use, modify, and distribute this project, including commercially, provided you retain the copyright notice and state significant changes. The license also grants an explicit patent license from contributors and includes the standard "AS IS" warranty disclaimer.
- If you find this repository helpful, kindly consider showing your appreciation by giving it a star β Thanks! π
