begin transition to stagex
This commit is contained in:
parent
8bfad21bea
commit
016dc52f8e
GPG Key ID:
8E401478A3FBEF72
|
|
@ -0,0 +1 @@
|
|||
*
|
||||
|
|
@ -0,0 +1,44 @@
|
|||
# Tools used for managing the stagex stack
|
||||
|
||||
FROM quay.io/stagex/core-busybox AS busybox
|
||||
FROM quay.io/stagex/core-musl AS musl
|
||||
FROM quay.io/stagex/core-ca-certificates AS ca-certificates
|
||||
FROM quay.io/stagex/core-zlib AS zlib
|
||||
FROM quay.io/stagex/user-gpg AS gpg
|
||||
FROM quay.io/stagex/user-npth AS npth
|
||||
FROM quay.io/stagex/user-libksba AS libksba
|
||||
FROM quay.io/stagex/user-libgpg-error AS libgpg-error
|
||||
FROM quay.io/stagex/user-libassuan AS libassuan
|
||||
FROM quay.io/stagex/user-libgcrypt AS libgcrypt
|
||||
FROM quay.io/stagex/user-tofu AS tofu
|
||||
FROM quay.io/stagex/user-sops AS sops
|
||||
FROM quay.io/stagex/user-talosctl AS talosctl
|
||||
FROM quay.io/stagex/user-kubectl AS kubectl
|
||||
FROM quay.io/stagex/user-kustomize AS kustomize
|
||||
FROM quay.io/stagex/user-kustomize-sops AS kustomize-sops
|
||||
FROM quay.io/stagex/user-helm AS helm
|
||||
|
||||
FROM scratch
|
||||
COPY --from=busybox . /
|
||||
COPY --from=musl . /
|
||||
COPY --from=ca-certificates . /
|
||||
COPY --from=zlib . /
|
||||
COPY --from=npth . /
|
||||
COPY --from=libksba . /
|
||||
COPY --from=libgpg-error . /
|
||||
COPY --from=libassuan . /
|
||||
COPY --from=libgcrypt . /
|
||||
COPY --from=gpg . /
|
||||
COPY --from=tofu . /
|
||||
COPY --from=sops . /
|
||||
COPY --from=talosctl . /
|
||||
COPY --from=kubectl . /
|
||||
COPY --from=kustomize . /
|
||||
COPY --from=kustomize-sops . /
|
||||
COPY --from=sops . /
|
||||
COPY --from=helm . /
|
||||
|
||||
RUN mkdir -p /root/.gnupg
|
||||
RUN chmod 0700 /root/.gnupg
|
||||
|
||||
ENTRYPOINT ["/bin/sh"]
|
||||
26
Makefile
26
Makefile
|
|
@ -1,6 +1,3 @@
|
|||
include $(PWD)/src/toolchain/Makefile
|
||||
include $(PWD)/src/make/tools.mk
|
||||
|
||||
BACKEND_TF := $(wildcard infra/backend/*.tf)
|
||||
MAIN_TF := $(wildcard infra/main/*.tf)
|
||||
ENVIRONMENT := production
|
||||
|
|
@ -133,6 +130,29 @@ config/$(ENVIRONMENT).tfbackend: | \
|
|||
-state $(ENVIRONMENT).tfstate \
|
||||
'
|
||||
|
||||
.PHONY: build-container
|
||||
build-container:
|
||||
docker build -t git.distrust.co/public/stack-tools -f Containerfile.tools .
|
||||
|
||||
GPG_TTY ?= $(shell tty)
|
||||
|
||||
define run-container
|
||||
docker run -it \
|
||||
-e GPG_TTY=$(GPG_TTY) \
|
||||
-e GPG_AGENT_INFO=/S.gpg-agent:0:1 \
|
||||
-v $(shell gpgconf --list-dirs agent-socket):/root/.gnupg-w/S.gpg-agent \
|
||||
-v $(shell gpgconf --list-dirs homedir):/root/.gnupg:ro \
|
||||
git.distrust.co/public/stack-tools
|
||||
endef
|
||||
|
||||
.PHONY: new-apply
|
||||
new-apply: build-container
|
||||
$(call run-container,'\
|
||||
echo $$GPG_AGENT_INFO; \
|
||||
ls -l /S.gpg-agent; \
|
||||
gpg --verbose --list-keys \
|
||||
')
|
||||
|
||||
.PHONY:
|
||||
apply: \
|
||||
$(TERRAFORM) \
|
||||
|
|
|
|||
Loading…
Reference in New Issue