Skip to content
/ driftctl-docker-custom-howto Public

how to create your own customized driftctl docker image

driftctl.com
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

cloudskiff/driftctl-docker-custom-howto

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.driftignore
.driftignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 

Repository files navigation

How to build your own driftctl Docker image (including your own .driftignore file)

The easiest way to use driftctl along with your own custom .driftignore file is to build your own docker container image, based on the official one.

Requirements for this tutorial:

Here´s how we do it:

$ docker run -t --rm -v $(pwd):/app:ro \
  -e AWS_ACCESS_KEY_ID=AKIAxxx \
  -e AWS_SECRET_ACCESS_KEY=XXX \
  -e AWS_REGION=us-east-1 \
  cloudskiff/driftctl scan --from tfstate+s3://mycorp-bucket/tfstates-folder/ 
[...]
  • Now create a new folder (that will eventually become a git repository later) and add your own .driftignore file to it:
mkdir mycorp-driftctl-docker-custom 
touch .driftignore
  • Add all the content you need into this .driftignore file, like:
echo "aws_iam_user.terraform" >> .driftignore 
[...lots of copy-pasting...]
  • Now, let's create our own Docker image from the official one; create a Dockerfile and open it:
touch Dockerfile
  • Add the following content:
FROM cloudskiff/driftctl 
WORKDIR /app 
COPY .driftignore .
  • Now build your custom docker image:
$ docker build -t mycorp-driftctl . 
[...]
  • Finally run your own docker image of driftctl:
$ docker run -t --rm \
  -e AWS_ACCESS_KEY_ID=AKIAxxx \
  -e AWS_SECRET_ACCESS_KEY=xxx \
  -e AWS_REGION=us-east-1 \
  mycorp-driftctl:latest scan --from tfstate+s3://driftctl-tfstates/ 
[...]

Congratulations! Now you can run driftctl fully isolated in Docker, with your own .driftignore always available. Much easier now to run as a scheduled task or cronjob!

Next Steps

The next steps can include:

  • Adding this folder to git, so you can version the .driftignore file and track your improvements over time
  • Pushing the image somewhere central, so it can be easily used by your team
  • Automatically rebuilding your own docker image when the source image changes (so you stay up to date with driftctl)
  • Automatically rebuilding your own docker image when the .driftignore file changes
  • Adding your docker image scan to an hourly cron job so you are notified when something drifts

We'd love to hear about your own use cases, come tell us how you use driftctl! Thanks for reading!

About

how to create your own customized driftctl docker image

driftctl.com

Topics

docker aws terraform iac drift infrastructure-drift

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages