feat: add support for bitbucket pipes (#317)

build/common.sh

@@ -273,3 +273,18 @@ function _clone() {
   clone_log="/var/log/clone.log"
   echo "$(date): Cloned ${folder_count} folders" >> "${clone_log}"
 }
+
+function pipeline_setup() {
+  # Returns a custom command if a supported custom pipeline is detected, empty otherwise
+
+  # Quit early if this is not a Bitbucket pipeline
+  if [[ -z "${BITBUCKET_BUILD_NUMBER}" ]]; then
+    return
+  fi
+
+  if [[ -n "${COMMAND}" ]]; then
+    echo "${COMMAND}"
+  else
+    echo "terraform validate"
+  fi
+}

build/docker-entrypoint.sh

@@ -44,7 +44,13 @@ if [[ -x "$(which strace)" ]]; then
   fi
 fi
 
-if [ "$#" -eq 0 ]; then
+# Pipeline-specific detection and setup steps
+custom_command=$(pipeline_setup)
+
+if [[ -n "${custom_command}" ]]; then
+  # Run the command provided
+  eval "${custom_command}"
+elif [ "$#" -eq 0 ]; then
   # Print select tool versions then open an bash shell
   if [ -x "$(which aws)" ]; then
     echo -e "aws-cli\t\t ${AWS_CLI_VERSION}"

docs/BitBucket/index.rst

@@ -0,0 +1,60 @@
+*********
+BitBucket
+*********
+
+``easy_infra`` can be used as a BitBucket pipe.
+
+Using the pipe
+--------------
+
+An example ``bitbucket-pipeline.yml`` is as follows::
+
+    ---
+    image:
+      name: atlassian/default-image:4
+
+    test: &test
+      step:
+        name: Test
+        services:
+          - docker
+        script:
+          - pipe: docker://seisollc/easy_infra:2024.01.01-terraform
+
+    pipelines:
+      default:
+        - <<: *test
+
+Configuring the pipe
+--------------------
+
+The pipe accepts the following variables::
+
++-----------------------+------------------------+------------------------------------------------------------+
+| Variable              | Default                | Result                                                     |
++=======================+========================+============================================================+
+| ``COMMAND``           | ``terraform validate`` | Sets the command to run in the ``easy_infra`` container    |
++-----------------------+------------------------+------------------------------------------------------------+
+| ``LEARNING_MODE``     | ``false``              | Sets ``LEARNING_MODE`` in the ``easy_infra`` container     |
++-----------------------+------------------------+------------------------------------------------------------+
+| ``TERRAFORM_VERSION`` | N/A                    | Sets ``TERRAFORM_VERSION`` in the ``easy_infra`` container |
++-----------------------+------------------------+------------------------------------------------------------+
+
+For example::
+
+    ---
+    deploy: &deploy
+      step:
+        name: Deploy
+        services:
+          - docker
+        script:
+          - pipe: docker://seisollc/easy_infra:2024.01.01-terraform
+            variables:
+              COMMAND: /bin/bash -c "terraform plan -out=plan.out && terraform apply -auto-approve plan.out"
+              LEARNING_MODE: true
+              TERRAFORM_VERSION: 1.6.6
+
+    pipelines:
+      default:
+        - <<: *deploy

docs/index.rst

@@ -14,4 +14,5 @@
    Logging/index
    Hooks/index
    Cloning/index
+   BitBucket/index
    Technical Details/index

pipe.yml

@@ -0,0 +1,27 @@
+---
+NOTICE: |
+  This is just for illustrative purposes; BitBucket requires that pipe.yml files be hosted on bitbucket so we use `pipe: docker://` in our examples to go direct
+  to Docker Hub, bypassing the use of this file.
+---
+name: Easy Infra (terraform)
+description: A docker container to simplify and secure the use of Infrastructure as Code (IaC)
+image: seiso/easy_infra:2024.01.01-terraform
+category: Security
+repository: https://github.com/seisollc/easy_infra
+maintainer:
+  name: Seiso
+  website: https://SeisoLLC.com/
+vendor:
+  name: Seiso
+  website: https://SeisoLLC.com/
+variables:
+  - name: COMMAND
+    default: "terraform validate"
+  - name: LEARNING_MODE
+    default: "false"
+  - name: TERRAFORM_VERSION
+    default: "$TERRAFORM_VERSION"
+tags:
+  - seiso
+  - security
+  - terraform

setup.cfg

@@ -18,3 +18,7 @@ url = "https://github.com/SeisoLLC/easy_infra"
 [bumpversion:file:easy_infra/__init__.py]
 
 [bumpversion:file:docs/conf.py]
+
+[bumpversion:file:docs/BitBucket/index.rst]
+
+[bumpversion:file:pipe.yml]

tests/test.py

@@ -1403,6 +1403,38 @@ def run_terraform(*, image: str, user: str, mount_local_files: bool) -> None:
         tests=tests, volumes=hooks_script_volumes, image=image, user=user
     )
 
+    # Test the custom "COMMAND" feature used with bitbucket pipes
+    tests: list[tuple[dict, str, int]] = [  # type: ignore
+        (
+            {
+                "BITBUCKET_BUILD_NUMBER": "mustexist",  # Prereq to allow it to continue
+                "COMMAND": "ls",
+            },
+            "exit 230",  # This should be overridden by COMMAND
+            0,
+        ),
+        (
+            {
+                "BITBUCKET_BUILD_NUMBER": "mustexist",  # Prereq to allow it to continue
+                "COMMAND": "",
+            },
+            "exit 230",  # Because BITBUCKET_BUILD_NUMBER was set, even though COMMAND is empty, this will be ignored
+            0,  # This falls back to the built-in default command when a BitBucket pipeline is detected which exits neither 230 nor 1, but 0
+        ),
+        (
+            {
+                "COMMAND": "exit 230",  # BITBUCKET_BUILD_NUMBER is purposefully missing, so this should be skipped
+            },
+            "exit 1",
+            1,
+        ),
+    ]
+
+    LOG.debug("Testing the bitbucket pipe detection and COMMAND variable")
+    num_tests_ran += exec_tests(
+        tests=tests, volumes=hooks_script_volumes, image=image, user=user
+    )
+
     tests: list[tuple[dict, str, int]] = [  # type: ignore
         (
             {