Using a Lean Docker Image

When hosting your own env0 Kubernetes Agent, you can choose an image that is leaner than the one used in env0 SaaS. You might not need all of the extra CLIs and capabilities that exist in our main image. So in such a case, you can use a "lean" image - This image will only contain the bare minimum of what is necessary to run env0, and its size will be drastically smaller than the main image

Using the lean Docker image in your agent

For each main image we build, we also create a "lean" image. If the main image is tagged ghcr.io/env0/deployment-agent:<image_tag>, then the lean image would be tagged ghcr.io/env0/deployment-agent-lean:<image_tag>

Simply follow this guide for using a custom image, and pick the lean image you would like to use

πŸ‘

Using the lean Docker image on ARM server architecture

To use the lean Docker image on an arm64 (AKA aarch64) server, look for arm64 image tags in our container registry. The latest tag is ghcr.io/env0/deployment-agent-lean:prod-arm64.

Expanding the lean image

You might like to add some CLIs or other capabilities to your lean image. For example, you can add Infracost to the lean image, in order to support cost estimation for your Terraform plans.

You can follow this guide to see how you can extend your image, and add anything you'd like to it

Here are some examples of how to extend the image:

Adding AWS CLI v2

# Use the env0 lean image as the base image
FROM ghcr.io/env0/deployment-agent-lean:<image_tag>

# install glibc compatibility for alpine
ARG GLIBC_VER=2.31-r0
RUN apk add --no-cache \
        binutils \
        groff \
    && curl -sL https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub -o /etc/apk/keys/sgerrand.rsa.pub \
    && curl -sLO https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VER}/glibc-${GLIBC_VER}.apk \
    && curl -sLO https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VER}/glibc-bin-${GLIBC_VER}.apk \
    && curl -sLO https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VER}/glibc-i18n-${GLIBC_VER}.apk \
    && apk add --no-cache --force-overwrite \
        glibc-${GLIBC_VER}.apk \
        glibc-bin-${GLIBC_VER}.apk \
        glibc-i18n-${GLIBC_VER}.apk \
    && /usr/glibc-compat/bin/localedef -i en_US -f UTF-8 en_US.UTF-8 \
    && rm -rf \
        glibc-*.apk \
        /var/cache/apk/*

# Install aws cli v2
RUN curl -sL https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip -o awscliv2.zip \
    && unzip -q awscliv2.zip \
    && aws/install -i /usr/local/aws-cli-v2 -b /usr/local/bin/aws-cli-v2 \
    && rm -rf \
        awscliv2.zip \
        aws \
        /usr/local/aws-cli/v2/current/dist/aws_completer \
        /usr/local/aws-cli/v2/current/dist/awscli/data/ac.index \
        /usr/local/aws-cli/v2/current/dist/awscli/examples \
    && ln -s /usr/local/bin/aws-cli-v2/aws /usr/local/bin/awsv2 # AWS CLI should be saved as "awsv2" for Cloudformation templates 

RUN awsv2 --version

# Make sure there is NO ENTRYPOINT in this file
# If you want to use CMD, make sure to add `&& npm start` at the end of it

Adding Infracost

# Use the env0 lean image as the base image
FROM ghcr.io/env0/deployment-agent-lean:<image_tag>

# Install infracost - check https://github.com/infracost/infracost/releases for latest version
ARG INFRACOST_VERSION=0.10.29
RUN curl -sL https://github.com/infracost/infracost/releases/download/v${INFRACOST_VERSION}/infracost-linux-amd64.tar.gz | tar xz  \
    && mv infracost-linux-amd64 /opt/infracost
    
# Make sure there is NO ENTRYPOINT in this file
# If you want to use CMD, make sure to add `&& npm start` at the end of it

🚧

Using infracost in a self hosted agent

Note that in order to run cost estimation on your env0 agent, you'd need to install the agent with your own infracost API key. See infracostApiKeyEncoded under self hosted agent optional configuration

Adding Terratag

# Use the env0 lean image as the base image
FROM ghcr.io/env0/deployment-agent-lean:<image_tag>

# Install Terratag
ARG TERRATAG_VERSION=0.2.4
RUN npm -g install "@env0/terratag@$TERRATAG_VERSION" \
    && mv /usr/local/lib/node_modules/@env0/terratag/terratag /opt/terratag \
    && chown -R node /opt/terratag \
    # Verifies terratag installation
    && /opt/terratag -h

πŸ“˜

Terratag

You should use Terratag if you wish to use cost monitoring and custom resource tagging.