From 4ddade549bcb3a01af6dc5e86b1faebd4c4f5f3b Mon Sep 17 00:00:00 2001 From: Mike Date: Wed, 29 Apr 2026 11:44:37 -0400 Subject: [PATCH 1/2] Add: Packer, Fix: Only unzip what is necessary for TF --- .env.example | 2 ++ Dockerfile | 25 ++++++++++++++++++++++++- README.md | 1 + 3 files changed, 27 insertions(+), 1 deletion(-) diff --git a/.env.example b/.env.example index 34c9d63..9d7d73b 100755 --- a/.env.example +++ b/.env.example @@ -15,6 +15,7 @@ # # VERSION REFERENCE: # Terraform: https://releases.hashicorp.com/terraform +# Packer: https://releases.hashicorp.com/packer # kubectl: https://kubernetes.io/releases # k9s: https://github.com/derailed/k9s/releases # .NET: https://dotnet.microsoft.com/download/dotnet @@ -42,6 +43,7 @@ STERN_VERSION=v1.33.1 # Infrastructure as code tools ANSIBLE_VERSION=13.5.0 TERRAFORM_VERSION=1.14.8 +PACKER_VERSION=1.15.3 # Database clients POSTGRESQL_CLIENT_VERSION=18 diff --git a/Dockerfile b/Dockerfile index 20be557..d4cee28 100755 --- a/Dockerfile +++ b/Dockerfile @@ -144,11 +144,28 @@ ARG TERRAFORM_VERSION=1.14.8 RUN curl -fsSL \ "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_${TARGETARCH}.zip" \ -o /tmp/terraform.zip \ - && unzip /tmp/terraform.zip -d /usr/local/bin/ \ + && unzip /tmp/terraform.zip terraform -d /usr/local/bin/ \ && rm /tmp/terraform.zip \ && chmod +x /usr/local/bin/terraform \ && terraform version +# ----------------------------------------------------------------------------- +# Packer +# Machine image building tool by HashiCorp. Installed via HashiCorp's official +# binary release for exact version pinning. +# Packer uses amd64/arm64 naming — maps directly from TARGETARCH. +# URL: https://developer.hashicorp.com/packer +# ----------------------------------------------------------------------------- +ARG PACKER_VERSION=1.15.3 + +RUN curl -fsSL \ + "https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_${TARGETARCH}.zip" \ + -o /tmp/packer.zip \ + && unzip /tmp/packer.zip packer -d /usr/local/bin/ \ + && rm /tmp/packer.zip \ + && chmod +x /usr/local/bin/packer \ + && packer version + # ----------------------------------------------------------------------------- # GitHub CLI (gh) # Installed via official GitHub binary release — single static binary. @@ -413,6 +430,12 @@ RUN kubectl completion bash > /etc/bash_completion.d/kubectl # ----------------------------------------------------------------------------- RUN terraform -install-autocomplete || true +# ----------------------------------------------------------------------------- +# Shell completions — Packer +# Exits non-zero if already present, hence || true +# ----------------------------------------------------------------------------- +RUN packer -autocomplete-install || true + # ----------------------------------------------------------------------------- # Shell completions — Ansible # ----------------------------------------------------------------------------- diff --git a/README.md b/README.md index e5bebc1..57eb1af 100755 --- a/README.md +++ b/README.md @@ -14,6 +14,7 @@ with Docker and VS Code — no local setup required. | Tool | Version | Purpose | |---|---|---| | [Terraform](https://www.terraform.io) | See [Dockerfile](./Dockerfile) | Infrastructure as code | +| [Packer](https://developer.hashicorp.com/packer) | See [Dockerfile](./Dockerfile) | Machine image building | | [kubectl](https://kubernetes.io/docs/reference/kubectl/) | See [Dockerfile](./Dockerfile) | Kubernetes cluster management | | [k9s](https://k9scli.io) | See [Dockerfile](./Dockerfile) | Kubernetes terminal UI | | [kubeseal](https://github.com/bitnami-labs/sealed-secrets) | See [Dockerfile](./Dockerfile) | Kubernetes SealedSecrets CLI | From 1168844d60f39da7d4ded8ac0d0bbbeebee714b3 Mon Sep 17 00:00:00 2001 From: Mike Date: Wed, 29 Apr 2026 12:10:03 -0400 Subject: [PATCH 2/2] Add: checksum checking for Packer, LF enforcement --- .devcontainer/example/devcontainer.json | 0 .env.example | 0 .gitattributes | 14 ++++++++++++++ .github/ISSUE_TEMPLATE/bug_report.md | 0 .github/ISSUE_TEMPLATE/feature_request.md | 0 .github/workflows/build-and-push.yml | 0 Dockerfile | 14 +++++++++++--- README.md | 0 dependencies/ansible-requirements.yml | 0 dependencies/python-ansible-requirements.txt | 0 10 files changed, 25 insertions(+), 3 deletions(-) mode change 100755 => 100644 .devcontainer/example/devcontainer.json mode change 100755 => 100644 .env.example create mode 100644 .gitattributes mode change 100755 => 100644 .github/ISSUE_TEMPLATE/bug_report.md mode change 100755 => 100644 .github/ISSUE_TEMPLATE/feature_request.md mode change 100755 => 100644 .github/workflows/build-and-push.yml mode change 100755 => 100644 Dockerfile mode change 100755 => 100644 README.md mode change 100755 => 100644 dependencies/ansible-requirements.yml mode change 100755 => 100644 dependencies/python-ansible-requirements.txt diff --git a/.devcontainer/example/devcontainer.json b/.devcontainer/example/devcontainer.json old mode 100755 new mode 100644 diff --git a/.env.example b/.env.example old mode 100755 new mode 100644 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..f456f43 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,14 @@ +# Enforce LF line endings for all text files. +# This repo targets Linux (Docker images) — CRLF in shell scripts or +# Dockerfiles causes hard-to-diagnose runtime failures inside containers. +* text=auto eol=lf + +# Explicitly mark binary files so Git never attempts line-ending conversion. +*.png binary +*.jpg binary +*.jpeg binary +*.gif binary +*.ico binary +*.zip binary +*.gz binary +*.tar binary diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md old mode 100755 new mode 100644 diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md old mode 100755 new mode 100644 diff --git a/.github/workflows/build-and-push.yml b/.github/workflows/build-and-push.yml old mode 100755 new mode 100644 diff --git a/Dockerfile b/Dockerfile old mode 100755 new mode 100644 index d4cee28..2d62836 --- a/Dockerfile +++ b/Dockerfile @@ -161,8 +161,13 @@ ARG PACKER_VERSION=1.15.3 RUN curl -fsSL \ "https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_${TARGETARCH}.zip" \ -o /tmp/packer.zip \ + && curl -fsSL \ + "https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_SHA256SUMS" \ + -o /tmp/packer_SHA256SUMS \ + && EXPECTED=$(grep "packer_${PACKER_VERSION}_linux_${TARGETARCH}.zip" /tmp/packer_SHA256SUMS | awk '{print $1}') \ + && echo "${EXPECTED} /tmp/packer.zip" | sha256sum -c \ && unzip /tmp/packer.zip packer -d /usr/local/bin/ \ - && rm /tmp/packer.zip \ + && rm /tmp/packer.zip /tmp/packer_SHA256SUMS \ && chmod +x /usr/local/bin/packer \ && packer version @@ -432,9 +437,12 @@ RUN terraform -install-autocomplete || true # ----------------------------------------------------------------------------- # Shell completions — Packer -# Exits non-zero if already present, hence || true +# Uses complete -C (same approach as AWS CLI) rather than -autocomplete-install +# which only writes to root's shell RC, not system-wide. # ----------------------------------------------------------------------------- -RUN packer -autocomplete-install || true +RUN packer_path=$(which packer) \ + && echo "complete -C '${packer_path}' packer" \ + > /etc/bash_completion.d/packer # ----------------------------------------------------------------------------- # Shell completions — Ansible diff --git a/README.md b/README.md old mode 100755 new mode 100644 diff --git a/dependencies/ansible-requirements.yml b/dependencies/ansible-requirements.yml old mode 100755 new mode 100644 diff --git a/dependencies/python-ansible-requirements.txt b/dependencies/python-ansible-requirements.txt old mode 100755 new mode 100644