Infracycle Tool User Guide
The Infracycle Tool is a powerful command-line interface designed to manage and automate build and deployment pipelines. This guide provides an in-depth look into its functionality, supported stages, and practical usage.
Command Overview
dob infracycle apply
Description: The core command that executes the pipeline based on a YAML configuration file. This includes build stages, testing, security analysis, deployments, and more.
Options:
Pipeline Stages
The pipeline is structured into jobs and stages. Each stage represents a specific task or group of tasks. Below is a comprehensive list of supported stages and their functionality:
1. Setup and Cloning
Purpose: Prepares the environment by setting up repositories.
- Clones the code from a Git repository.
- Ensures dependencies and environment configurations are set.
2. Build Stages
a. Maven Build
Purpose: Compiles and packages Java-based applications.
- Checks for Maven installation.
- Installs necessary dependencies.
- Runs mvn build commands.
b. Gradle Build
Purpose: Builds projects using Gradle.
- Ensures Gradle is installed.
- Executes gradle build.
c. Ant Build
Purpose: Automates build processes for Java applications.
- Validates Apache Ant installation.
- Runs Ant build scripts.
d. SCons Build
Purpose: Performs advanced builds using Python-based SCons.
- Checks SCons installation.
- Executes scons commands.
e. Bazel Build
Purpose: Compiles large-scale software projects.
- Installs Bazel and dependencies.
- Runs Bazel build commands.
3. Testing Stages
a. JUnit Testing
Purpose: Executes unit tests for Java applications.
- Ensures JUnit dependencies are installed.
- Runs tests and generates reports.
b. TestNG Testing
Purpose: Runs TestNG test suites for Java projects.
- Executes testng.xml test suites.
- Produces detailed test results.
c. Python Testing
Purpose: Executes Python-based tests.
Tasks:
- Installs Python.
- Runs Python scripts or test frameworks like PyTest.
d. Go Testing
Purpose: Runs tests for Go modules.
Tasks:
- Validates Go environment setup.
- Executes go test.
4. Security Analysis
a. SonarQube Analysis
Purpose: Scans code for vulnerabilities and maintains code quality.
Tasks:
- Configures and runs sonar-scanner.
- Analyzes and reports issues.
b. OWASP ZAP Scanning
Purpose: Identifies vulnerabilities in web applications.
Tasks:
- Runs OWASP ZAP in full or specific modes (quick, spider, etc.).
- Generates reports.
c. Dependency-Check
Purpose: Scans for outdated or insecure dependencies.
Tasks:
- Runs OWASP Dependency-Check.
- Reports potential risks.
5. Deployment Stages
a. Docker Build and Push
Purpose: Builds and pushes Docker images to a registry.
Tasks:
- Builds Docker images.
- Pushes images to Docker Hub.
b. Kubernetes Deployment
Purpose: Deploys applications to Kubernetes clusters.
Tasks:
- Configures kubeconfig.
- Deploys to the specified namespace.
6. Notification and Approval
a. Notifications
Purpose: Alerts about pipeline progress.
Tasks:
- Sends email or chat notifications on task completion or failure.
b. External Approval
Purpose: Requires external approval to proceed.
Tasks:
- Sends an approval request via email or web interface.
- Waits for approval or rejection.
c. Python Testing
Purpose: Executes Python-based tests.
Tasks:
- Installs Python.
- Runs Python scripts or test frameworks like PyTest.
d. Go Testing
Purpose: Runs tests for Go modules.
Tasks:
- Validates Go environment setup.
- Executes go test.
4. Security Analysis
a. SonarQube Analysis
Purpose: Scans code for vulnerabilities and maintains code quality.
Tasks:
- Configures and runs sonar-scanner.
- Analyzes and reports issues.
b. OWASP ZAP Scanning
Purpose: Identifies vulnerabilities in web applications.
Tasks:
- Runs OWASP ZAP in full or specific modes (quick, spider, etc.).
- Generates reports.
c. Dependency-Check
Purpose: Scans for outdated or insecure dependencies.
Tasks:
- Runs OWASP Dependency-Check.
- Reports potential risks.
5. Deployment Stages
a. Docker Build and Push
Purpose: Builds and pushes Docker images to a registry.
Tasks:
- Builds Docker images.
- Pushes images to Docker Hub.
b. Kubernetes Deployment
Purpose: Deploys applications to Kubernetes clusters.
Tasks:
- Configures kubeconfig.
- Deploys to the specified namespace.
6. Notification and Approval
a. Notifications
Purpose: Alerts about pipeline progress.
Tasks:
- Sends email or chat notifications on task completion or failure.
b. External Approval
Purpose: Requires external approval to proceed.
Tasks:
- Sends an approval request via email or web interface.
- Waits for approval or rejection.
7. Custom Scripting
a. Shell Scripting
Purpose: Executes custom shell commands.
Tasks:
- Runs scripts locally or remotely.
b. Python Scripting
Purpose: Executes Python commands or scripts.
Tasks:
- Ensures Python environment is set up.
- Runs Python-based logic.
c. Go Scripting
Purpose: Executes Go commands or scripts.
Tasks:
- Installs Go and dependencies.
- Executes custom Go logic.
d. Bash Scripting
Purpose: Runs advanced Bash commands.
Tasks:
- Executes commands defined in the configuration.
e. Java Scripting
Purpose: Executes Java-based tasks.
Tasks:
- Runs Java scripts or custom logic.
Practical Usage
Basic Pipeline Execution
Run a simple pipeline using a YAML configuration file:
dob infracycle apply --file-path pipeline.yaml --environment dev
Enable Debugging
Show sensitive variables for debugging:
dob infracycle apply --file-path pipeline.yaml --show
Use Remote Configuration
Run a pipeline using remote configurations:
dob infracycle apply --remote-config https://example.com/config.yaml
Set Variables Inline
Override variables on the command line:
dob infracycle apply --set key1=value1 --set key2=value2
Request External Approval
Include an approval step in the configuration:
stages:
- name: Deployment
tasks:
request_external_approval:
enabled: true
approver_email: approver@example.com
approval_message: "Please approve the deployment."
Configuration Example
Here is an example YAML file for a multi-stage pipeline:
jobs:
- name: BuildPipeline
stages:
- name: Setup
tasks:
setup_and_clone:
enabled: true
repo_url: "https://github.com/example/repo.git"
- name: Build
tasks:
maven:
enabled: true
- name: Test
tasks:
junit:
enabled: true
test_command: "mvn test"
- name: Security
tasks:
sonarqube_analysis:
enabled: true
server_url: "http://sonarqube.example.com"
project_key: "example-project"
token: "your-sonar-token"
- name: Deploy
tasks:
k8s_deploy:
enabled: true
kubeconfig_path: "/root/.kube/config"
Best Practices
- Organize Pipelines: Divide tasks into meaningful stages for readability and modularity.
- Secure Variables: Use the
--passwordoption to encrypt sensitive variables. - Notifications: Enable notifications to track progress and failures in real-time.
- Testing: Leverage tools like SonarQube and OWASP ZAP to ensure code quality and security.
This detailed guide ensures you can make full use of the Infracycle Tool for all your DevOps automation needs.
Templates
Email Approval Notification
This template outlines how to configure and use the send_approval_email function to notify approvers for external approval requests via email.
# Email Notification Configuration Example
email_notification:
enabled: true
smtp_server: "smtp.example.com"
smtp_port: 587
sender_email: "your_email@example.com"
sender_password: "your_password"
recipients:
- "approver1@example.com"
- "approver2@example.com"
subject: "Approval Request for '{task_name}'"
body: |
Approval is required for the following task:
Task Name: {task_name}
Approval Link: {approval_link}
External Approval Request
This template explains the request_external_approval function, used to generate an approval request link and notify the approver via email.
# Approval Request Configuration Example
approval_request:
enabled: true
task_name: "Deploy to Production"
approver_email: "approver@example.com"
public_ip: "192.168.1.10" # Public IP or domain for generating approval links
approval_message: |
Approval is required for the following task:
Task Name: {task_name}
Identifier: {identifier}
Category: {category}
Username: {username}
Please click the following link to approve or reject the task:
{approval_link}
Kubernetes Deployment
This template demonstrates how to configure and use the deploy_to_k8s_with_kubeconfig function for Kubernetes deployments.
# Kubernetes Deployment Configuration Example
kubernetes_deployment:
enabled: true
kubeconfig_path: "/root/.kube/config"
manifest_files:
- "deployment.yaml"
- "service.yaml"
task_name: "Kubernetes Deployment"
identifier: "server"
category: "devops"
username: "root"
File Transfer
This template explains the transfer_file function, which enables transferring files or directories to remote servers.
# File Transfer Configuration Example
file_transfer:
enabled: true
source_file: "/local/path/to/file"
dest_path: "/remote/path/target"
task_name: "File Transfer"
identifier: "server"
category: "devops"
username: "root"
OWASP ZAP Scan
This template demonstrates how to configure and run an OWASP ZAP scan for security analysis using the run_zap_scan function.
# OWASP ZAP Scan Configuration Example
jobs:
- stages:
- name: Security Analysis
tasks:
zap_scan:
enabled: true
target_url: "http://example.com"
scan_type: "full" # Options: "quick", "spider", "api", "full"
output_dir: "/tmp/zap_results" # Directory to save scan results
report_format: "html" # Options: "html", "xml", "json"
additional_args: "" # Additional ZAP arguments if needed
Kubernetes Credential Setup
This template describes the run_k8s_credential_setup function to create Kubernetes credentials for applications.
# Kubernetes Credential Setup Configuration Example
k8s_credential_setup:
enabled: true
namespace: "default"
service_account_name: "devopsbot"
role_name: "app-role"
output_dir: "/tmp/k8s_credentials"
task_name: "Kubernetes Credential Setup"
identifier: "server"
category: "devops"
username: "root"
SonarQube Analysis
This template provides the configuration for running a SonarQube analysis using the run_sonar_analysis function.
# SonarQube Analysis Configuration Example
jobs:
- stages:
- name: Code Quality Analysis
tasks:
sonar_analysis:
enabled: true # Must be true to execute the task
server_url: "http://sonarqube.example.com" # SonarQube server URL
project_key: "example-project" # Project key in SonarQube
token: "your-sonar-token" # Authentication token for SonarQube
source_dir: "/path/to/source/code" # Source directory for analysis
java_binaries: "/path/to/classes" # Path to compiled Java binaries
jacoco_report_path: "/path/to/jacoco.xml" # Path to JaCoCo report
language: "java" # Optional, programming language
inclusions: "**/*.java" # Optional, files to include
exclusions: "**/test/**" # Optional, files to exclude
test_sources: "/path/to/test/source" # Optional, test source directory
test_inclusions: "**/test/**/*.java" # Optional, test files to include
test_exclusions: "**/test/mock/**" # Optional, test files to exclude
cpd_exclusions: "**/*.sql" # Optional, files to exclude from duplication check
coverage_exclusions: "**/test/**" # Optional, files to exclude from coverage
Trivy Scan
This template provides the configuration for running a Trivy scan using the run_trivy_scan function.
# Trivy Scan Configuration Example
jobs:
- stages:
- name: Security Scan
tasks:
trivy_scan:
enabled: true # Must be true to execute the task
target_type: "image" # Target type: "image" or "filesystem"
target: "my-image:latest" # Target image or file system
output_dir: "/tmp/trivy_results" # Directory to save results
format: "json" # Output format: "table", "json", "sarif"
severity: "LOW,MEDIUM,HIGH" # Severity levels to include
timeout: "5m" # Timeout for the scan
vuln_type: "os,library" # Types of vulnerabilities to scan for
security_checks: "vuln,config" # Security checks to perform
ignore_unfixed: false # Ignore unfixed vulnerabilities
skip_update: false # Skip updating Trivy database
ignore_file: "/path/to/.trivyignore" # Optional, ignore file for Trivy
TestNG Tests
This template provides the configuration for running TestNG tests using the run_testng_tests function.
# TestNG Tests Configuration Example
jobs:
- stages:
- name: TestNG Testing
tasks:
testng:
enabled: true # Ensure this is true to execute the task
testng_file: "testng.xml" # Path to the TestNG configuration file
result_dir: "/tmp/testng_results" # Directory to store test results
use_html_reporter: true # Whether to use jq HTML reporter
JUnit Tests
This template provides the configuration for running JUnit tests using the run_junit_tests function.
# JUnit Tests Configuration Example
jobs:
- stages:
- name: JUnit Testing
tasks:
junit:
enabled: true # Ensure this is true to execute the task
test_command: "mvn test" # Command to execute JUnit tests
output_dir: "/tmp/junit_results" # Directory to store test results
Cargo Tasks
This template provides the configuration for running Cargo tasks using the run_cargo_task function.
# Cargo Task Configuration Example
jobs:
- stages:
- name: Cargo Build and Test
tasks:
cargo:
enabled: true # Ensure this is true to execute the task
test: true # Set to true to execute Cargo tests
output_dir: "/tmp/cargo_artifacts" # Directory to store build artifacts
Bundler Tasks
This template provides the configuration for running Bundler tasks using the run_bundler_task function.
# Bundler Task Configuration Example
jobs:
- stages:
- name: Bundler Setup and Execution
tasks:
bundler:
enabled: true # Ensure this is true to execute the task
task: "rake" # Specify the additional Bundler task (e.g., rake, rails commands)
Rake Tasks
This template provides the configuration for running Rake tasks using the run_rake_task function.
# Rake Task Configuration Example
jobs:
- stages:
- name: Rake Task Execution
tasks:
rake:
enabled: true # Ensure this is true to execute the task
task: "db:migrate" # Specify the Rake task (e.g., db:migrate, test, default)
Go Modules Build
This template provides the configuration for building Go Modules using the run_go_build function.
# Go Build Task Configuration Example
jobs:
- stages:
- name: Go Modules Build
tasks:
go_build:
enabled: true # Ensure this is true to execute the task
output_dir: "/tmp/go_artifacts" # Directory to store build artifacts
SCons Build
This template provides the configuration for building projects using SCons with the run_scons_build function.
# SCons Build Task Configuration Example
jobs:
- stages:
- name: SCons Build
tasks:
scons_build:
enabled: true # Ensure this is true to execute the task
output_dir: "/tmp/scons_artifacts" # Directory to store build artifacts
Bazel Build
This template provides the configuration for building projects using Bazel with the run_bazel_build function.
# Bazel Build Task Configuration Example
jobs:
- stages:
- name: Bazel Build
tasks:
bazel_build:
enabled: true # Ensure this is true to execute the task
output_dir: "/tmp/bazel_artifacts" # Directory to store build artifacts
Meson Build
This template provides the configuration for building projects using Meson with the run_meson_build function.
# Meson Build Task Configuration Example
jobs:
- stages:
- name: Meson Build
tasks:
meson_build:
enabled: true # Ensure this is true to execute the task
output_dir: "/tmp/meson_artifacts" # Directory to store build artifacts
Rollup Build
This template demonstrates how to configure and use the run_rollup_build function for bundling JavaScript projects with Rollup.
# Rollup Build Configuration Example
jobs:
- stages:
- name: Rollup Build
tasks:
rollup_build:
enabled: true # Ensure this is true to execute the task
clone_dir: "/path/to/clone_dir" # Directory containing source files and rollup.config.mjs
output_dir: "/tmp/rollup_artifacts" # Directory to store Rollup build artifacts
dependencies: # List of dependencies to install via npm
- "react"
- "react-dom"
Parcel Build
This template demonstrates how to configure and use the run_parcel_build function
for bundling and optimizing web applications with Parcel.
# Parcel Build Configuration Example
jobs:
- stages:
- name: Parcel Build
tasks:
parcel_build:
enabled: true # Ensure this is true to execute the task
clone_dir: "/path/to/clone_dir" # Directory containing source files and configuration
output_dir: "/tmp/parcel_artifacts" # Directory to store Parcel build artifacts
entry_file: "public/index.html" # The entry file for Parcel to build the project
dependencies: # List of dependencies to install via npm
- "parcel-bundler"
- "react"
- "react-dom"
Webpack Build
This template demonstrates how to configure and use the run_webpack_build function
for bundling and optimizing web applications using Webpack.
# Webpack Build Configuration Example
jobs:
- stages:
- name: Webpack Build
tasks:
webpack_build:
enabled: true # Ensure this is true to execute the task
clone_dir: "/path/to/clone_dir" # Directory containing source files and configuration
output_dir: "/tmp/webpack_artifacts" # Directory to store Webpack build artifacts
entry_file: "src/index.js" # The entry file for Webpack to bundle the project
dependencies: # List of dependencies to install via npm
- "webpack"
- "webpack-cli"
- "babel-loader"
- "@babel/core"
- "@babel/preset-env"
Yarn Build
This template demonstrates how to configure and use the run_yarn_build function for building applications with Yarn.
# Yarn Build Configuration Example
jobs:
- stages:
- name: Yarn Build
tasks:
yarn_build:
enabled: true # Ensure this is true to execute the task
clone_dir: "/path/to/clone_dir" # Directory containing source files and Yarn configuration
output_dir: "/tmp/yarn_artifacts" # Directory to store Yarn build artifacts
required_files: # List of required files for the build
- "src/index.css"
- "src/index.js"
- "package.json"
NPM Build
This template demonstrates how to configure and use the run_npm_build function for building applications using NPM.
# NPM Build Configuration Example
jobs:
- stages:
- name: NPM Build
tasks:
npm_build:
enabled: true # Ensure this is true to execute the task
clone_dir: "/path/to/clone_dir" # Directory containing the source code and NPM config
output_dir: "/tmp/npm_artifacts" # Directory to store build artifacts
required_items: # List of required files/directories for the build
- "dist" # Output directory for the build process
- "public/index.html" # Main HTML file
- "package.json" # NPM configuration
- "package-lock.json" # Lock file for dependencies
- "webpack.config.js" # Webpack configuration file (if applicable)
- "node_modules" # Installed dependencies directory
- "src" # Source code directory
Custom Shell Script Execution
This template demonstrates how to configure and use the run_shell_steps function to execute custom shell commands in your pipeline.
# Shell Script Execution Configuration Example
jobs:
- stages:
- name: Shell Script Execution
tasks:
shell_steps:
enabled: true # Ensure this is true to execute the task
mode: remote # Execution mode: 'local' or 'remote'
steps: # List of shell commands to execute
- "echo 'Starting deployment...'"
- "mkdir -p /var/www/myapp"
- "cp -r /local/path/* /var/www/myapp/"
- "systemctl restart myapp.service"
Local Command Execution
This template demonstrates how to configure and use the execute_command_locally function to run shell commands directly on the local machine.
# Local Command Execution Configuration Example
jobs:
- stages:
- name: Local Command Execution
tasks:
local_shell_steps:
enabled: true # Ensure this is true to execute the task
steps: # List of shell commands to execute
- "echo 'Starting local setup...'"
- "mkdir -p ~/projects/myapp"
- "cp -r ~/source/* ~/projects/myapp/"
- "chmod -R 755 ~/projects/myapp/"
Python Script Execution
This template demonstrates how to configure and use the run_python_steps function to execute custom Python scripts on a remote server.
# Python Script Execution Configuration Example
jobs:
- stages:
- name: Python Script Execution
tasks:
python_steps:
enabled: true # Ensure this is true to execute the task
steps: # Python commands to run
- "print('Hello, World!')"
- "import os; print(os.getcwd())"
Bash Script Execution
This template demonstrates how to configure and use the run_bash_steps function to execute custom Bash commands on a remote server.
# Bash Script Execution Configuration Example
jobs:
- stages:
- name: Bash Script Execution
tasks:
bash_steps:
enabled: true # Ensure this is true to execute the task
steps: # Bash commands to execute
- "echo 'Starting setup...'"
- "mkdir -p /tmp/sample_project"
- "chmod 755 /tmp/sample_project"
Java Command Execution
This template demonstrates how to configure and use the run_java_steps function to execute custom Java commands on a remote server.
# Java Command Execution Configuration Example
jobs:
- stages:
- name: Java Command Execution
tasks:
java_steps:
enabled: true # Ensure this is true to execute the task
steps: # Java commands to run
- "java -jar myapp.jar --config config.yaml"
- "javac Main.java"
Go Script Execution
This template demonstrates how to configure and use the run_go_steps function to execute custom Go scripts on a remote server.
# Go Script Execution Configuration Example
jobs:
- stages:
- name: Go Script Execution
tasks:
go_steps:
enabled: true # Ensure this is true to execute the task
steps: # Go commands to run
- "go build -o /tmp/myapp"
- "go test ./..."
Pip Build Execution
This template demonstrates how to configure and use the run_pip_build function to execute a Python pip build process.
# Pip Build Configuration Example
jobs:
- stages:
- name: Python Pip Build
tasks:
pip_build:
enabled: true # Ensure this is true to execute the task
requirements_file: "requirements.txt"
output_dir: "/tmp/pip_artifacts"
Poetry Build Execution
This template demonstrates how to configure and use the run_poetry_build function to build and package Python projects using Poetry.
# Poetry Build Configuration Example
jobs:
- stages:
- name: Python Poetry Build
tasks:
poetry_build:
enabled: true # Ensure this is true to execute the task
output_dir: "/tmp/poetry_artifacts"
package_dir: "src" # Optional: Specify the package directory
Setuptools Build Execution
This template demonstrates how to configure and use the run_setuptools_build function to build Python packages using Setuptools.
# Setuptools Build Configuration Example
jobs:
- stages:
- name: Setuptools Build
tasks:
setuptools_build:
enabled: true # Ensure this is true to execute the task
output_dir: "/tmp/setuptools_artifacts" # Directory to store artifacts
package_dir: "src" # Path to the package directory (optional)
Ant Build Execution
This template demonstrates how to configure and use the run_ant_build function to build Java projects using Apache Ant.
# Ant Build Configuration Example
jobs:
- stages:
- name: Ant Build
tasks:
ant_build:
enabled: true # Ensure this is true to execute the task
build_file: "build.xml" # Path to the Ant build.xml file
target: "build" # Target to execute in build.xml
output_dir: "/tmp/ant_artifacts" # Directory to store artifacts
servlet_api_jar: "/usr/share/java/servlet-api.jar" # Path to Servlet API JAR
servlet_api_url: "https://repo1.maven.org/maven2/javax/servlet/javax.servlet-api/4.0.1/javax.servlet-api-4.0.1.jar"
properties: # Additional properties to pass to Ant
project.name: "MyProject"
build.version: "1.0.0"
options: # Additional Ant options (optional)
- "-verbose"
Gradle Build Execution
This template demonstrates how to configure and use the run_gradle_build function to build Java projects using Gradle.
# Gradle Build Configuration Example
jobs:
- stages:
- name: Gradle Build
tasks:
gradle_build:
enabled: true # Ensure this is true to execute the task
target: "build" # Gradle task to execute (e.g., build, clean, etc.)
output_dir: "/tmp/gradle_artifacts" # Directory to store build artifacts
Maven Build Execution
This template demonstrates how to configure and use the run_maven_build function to build Java projects using Maven.
# Maven Build Configuration Example
jobs:
- stages:
- name: Maven Build
tasks:
maven_build:
enabled: true # Ensure this is true to execute the task
project_pom: "pom.xml" # Path to the Maven POM file
goals: "clean install" # Maven goals to execute (e.g., clean, install)
profiles: "dev,qa" # Optional Maven profiles to use (comma-separated)
output_dir: "/tmp/maven_artifacts" # Directory to store build artifacts
Docker Build and Push Configuration
This template demonstrates how to configure and use the docker_build and push_to_docker_hub functions to build and push Docker images.
# Docker Build and Push Configuration Example
jobs:
- stages:
- name: Docker Build and Push
tasks:
docker_build:
enabled: true # Ensure this is true to enable Docker build
dockerfile_path: "./Dockerfile" # Path to the Dockerfile
build_tag: "v1.0.0" # Tag for the Docker image
image_name: "my_docker_image" # Name of the Docker image
push_to_docker_hub:
enabled: true # Ensure this is true to enable Docker push
username: "dockerhub_user" # Docker Hub username
password: "dockerhub_password" # Docker Hub password
repository: "my_repository" # Docker Hub repository name
image_tag: "v1.0.0" # Tag for the Docker image on Docker Hub
built_image_name: "my_docker_image:v1.0.0" # Name of the built Docker image
Repository Setup and Cloning Configuration
This template demonstrates how to configure and use the setup_and_clone_repository function to prepare a directory and clone one or more branches of a repository.
# Repository Setup and Cloning Configuration Example
jobs:
- stages:
- name: Setup and Clone Repository
tasks:
setup_and_clone:
enabled: true # Ensure this is true to execute the task
clone_dir: "/tmp/clone_repo_trial" # Directory to clone the repository into
source_url: "https://github.com/example/repository.git" # Repository URL
branches: # List of branches to clone
- "main"
- "feature-branch"
private_repo: false # Set to true for private repositories
username: "" # Username for private repository access (if applicable)
token: "" # Token for private repository access (if applicable)
