feat: add gh wf

Author: MaksymLeus

.dockerignore

@@ -0,0 +1,28 @@
+# Git & Meta
+.git
+.github
+.gitignore
+
+# Python Bloat
+__pycache__
+*.pyc
+*.pyo
+*.pyd
+.pytest_cache
+.venv
+node_modules
+
+# Build Artifacts
+dist
+build
+*.egg-info
+
+# Project Specific
+tmp
+docs
+LICENSE
+README.md
+Dockerfile*
+.env
+*.aws/credentials
+*.aws/config

.github/workflows/docker.yml

@@ -0,0 +1,145 @@
+name: 🐳 Reusable Docker Build
+
+on:
+  workflow_call:
+    inputs:
+      version:
+        required: true
+        type: string
+      registry:
+        required: false
+        type: string
+        default: 'docker.io'
+      image_name:
+        required: false
+        type: string
+        default: ""
+      push:
+        required: false
+        type: boolean
+        default: true
+    secrets:
+      DOCKERHUB_USERNAME:
+        required: true
+      DOCKERHUB_TOKEN:
+        required: true
+
+permissions:
+  contents: read
+  packages: write
+  security-events: write
+
+env:
+  ORGANISATION: ${{ github.repository_owner }}
+
+
+jobs:
+  build:
+    name: Build Docker Image
+    runs-on: ubuntu-latest
+    outputs:
+      tags: ${{ steps.meta.outputs.tags }}
+      primary_tag: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
+
+      
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Resolve Image Name
+        id: prep
+        run: |
+          if [ -n "${{ inputs.image_name }}" ]; then
+            FULL_NAME="${{ inputs.image_name }}"
+          else
+            FULL_NAME="${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}"
+          fi
+
+          # Force lowercase for Docker Hub compatibility
+          FINAL_NAME=$(echo "$FULL_NAME" | tr '[:upper:]' '[:lower:]')
+          REPO_ONLY=$(echo "${{ github.event.repository.name }}" | tr '[:upper:]' '[:lower:]')
+          
+          echo "image_full_name=$FINAL_NAME" >> $GITHUB_OUTPUT
+          echo "repo_only=$REPO_ONLY" >> $GITHUB_OUTPUT
+
+          echo "ℹ️ Resolved Image Name: $FINAL_NAME"
+
+      - name: Log in to ${{ inputs.registry }}
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ inputs.registry }}
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+        with:
+          platforms: linux/amd64,linux/arm64
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Generate metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ inputs.registry }}/${{ steps.prep.outputs.image_full_name }}
+          tags: |
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=ref,event=branch
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=raw,value=${{ inputs.version }},enable=${{ inputs.version != '' }}
+            type=sha,prefix=sha-
+
+          labels: |
+            org.opencontainers.image.title=${{ github.event.repository.name }}
+            org.opencontainers.image.description=${{ github.event.repository.description }}
+            org.opencontainers.image.vendor=${{ env.ORGANISATION }}
+            org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
+            org.opencontainers.image.licenses=MIT
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          # Multi-arch support
+          platforms: linux/amd64,linux/arm64
+          push: true
+          provenance: false
+          sbom: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          # GitHub Actions Cache (extremely fast)
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Generate image summary
+        if: github.event_name != 'pull_request'
+        run: |
+          echo "## Docker Image Published" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**Registry:** \`${{ inputs.registry }}\`" >> $GITHUB_STEP_SUMMARY
+          echo "**Image:** \`${{ steps.prep.outputs.image_full_name }}\`" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "### Tags" >> $GITHUB_STEP_SUMMARY
+          echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
+          echo "${{ steps.meta.outputs.tags }}" >> $GITHUB_STEP_SUMMARY
+          echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "### Pull Command" >> $GITHUB_STEP_SUMMARY
+          echo "\`\`\`bash" >> $GITHUB_STEP_SUMMARY
+          echo "docker pull ${{ inputs.registry }}/${{ steps.prep.outputs.image_full_name }}:latest" >> $GITHUB_STEP_SUMMARY
+          echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
+
+      - name: Cleanup old Docker Hub tags
+        uses: data-science-at-scale/delete-docker-hub-tag@v0.6.1
+        with:
+          repository: ${{ env.IMAGE_NAME }}
+          repository: ${{ steps.prep.outputs.repo_only }}
+          # For Docker Hub, use your username and a Personal Access Token
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+          # Regex for tags to delete (e.g., all except latest and semver)
+          tag: '^sha-.*$' # Example: delete all git-sha tags

.github/workflows/release.yml

@@ -100,9 +100,19 @@ jobs:
           name: ${{ steps.info.outputs.artifact_name }}
           path: dist/${{ steps.info.outputs.artifact_name }}
 
+  publish-docker:
+    needs: [check_version]
+    uses: ./.github/workflows/docker.yml
+    with:
+      version: ${{ needs.check_version.outputs.clean_version }}
+      push: false
+    secrets:
+      DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+      DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
+
   release:
     name: Create Release
-    needs: [build, check_version]
+    needs: [check_version, build, publish-docker]
     env:
       VERSION: ${{ needs.check_version.outputs.clean_version }}
     runs-on: ubuntu-latest

Dockerfile

@@ -0,0 +1,64 @@
+# --- Stage 1: Builder ---
+FROM python:3.11-slim-bookworm AS builder
+
+# This ARG is automatically populated by Buildx
+ARG TARGETARCH
+
+# 1. Install build-only dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    curl \
+    git \
+    unzip \
+    ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /app
+
+# 2. Install official AWS CLI v2
+# Map Docker arch names to AWS CLI arch names
+RUN set -eux; \
+    case "$TARGETARCH" in \
+        arm64) AWS_ARCH="aarch64" ;; \
+        amd64) AWS_ARCH="x86_64" ;; \
+        *) echo "Unsupported arch: $TARGETARCH" && exit 1 ;; \
+    esac; \
+    curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-${AWS_ARCH}.zip" -o awscliv2.zip; \
+    unzip awscliv2.zip; \
+    ./aws/install --bin-dir /usr/local/bin --install-dir /usr/local/aws-cli --update; \
+    rm -rf awscliv2.zip ./aws
+
+# 3. Copy and run your Addons installer
+COPY . .
+
+ENV PATH="/root/.local/bin:$PATH"
+
+RUN chmod +x ./tools/installer.sh && \
+    ./tools/installer.sh
+
+# --- Stage 2: Final Runtime ---
+FROM python:3.11-slim-bookworm
+
+# 1. Install minimal runtime utilities (needed for AWS CLI output and SSL)
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    groff \
+    less \
+    curl \
+    ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
+# 2. Copy AWS CLI v2 from builder
+COPY --from=builder /usr/local/aws-cli /usr/local/aws-cli
+# Instead of copying the symlink, just create a new one in the final stage
+RUN ln -s /usr/local/aws-cli/v2/current/bin/aws /usr/local/bin/aws
+
+# 3. Copy your Addons and Alias config from builder
+COPY --from=builder /root/.local /root/.local
+COPY --from=builder /root/.aws /root/.aws
+
+# 4. Final environment setup
+WORKDIR /root
+ENV PATH="/root/.local/bin:/usr/local/bin:$PATH"
+
+# Act as a simple app
+ENTRYPOINT ["aws"]
+CMD ["--help"]

README.md

@@ -107,4 +107,10 @@ To build the project from source or add new commands:
 
 	```bash
 	./tools/build.sh
-	```
+	```
+## Docker
+
+	# Example: Check whoami (mounting your local AWS credentials)
+   ```bash
+   docker run --rm -v ~/.aws:/root/.aws awscli-addons whoami
+   ```

docs/TODO.md

@@ -1,39 +1,40 @@
-- install.sh
-  <!-- 1. configure correct setup -->
-  <!-- 2. test it -->
-  3. write docs
-  <!-- 4. ADD awscli-aliases  -->
-
-- github action workflow
-  <!-- 1. Create setup  -->
-  <!-- 2. test in tempo repo -->
-  <!-- 3. Write docs -->
-
-add Docker container to docker hub + repo dockerfile
-
-- python app
-  1. Add configuration command
-     <!-- 1. if don;t exist aws-cli -->
-     <!-- 2. to simplify setup of work station -->
-     1. Add commands
-        1. show creads - for curent profile
-        2. configure - change all configs + creds
-        3. Add Upgrade app
-        4. login ecr https://github.com/lamhaison/aws-cli-utils/blob/main/services/ecr.sh
-     2. add docs
-  2. Add Windows support
-
-
-
-
 ## Roadmap
-- SSO support
+- add Docker container to docker hub + repo dockerfile
+  <!-- - add docker hub (dh) -->
+  - add docker to github wf
+  - add dh to readme
+  - add docs to dockerhub
+  
+- Add configuration command (read alias and add extra)
+    1. show creads - for curent profile
+    2. configure - change all configs + creds
+    3. Add Upgrade app
+    4. login ecr https://github.com/lamhaison/aws-cli-utils/blob/main/services/ecr.sh
+    5. docs
+   
+- Add documentation
+
+- Add Windows support
+  
 - Session caching (Not apply mfa each time)
+
 - Auto-refresh role (same as aws-vault)
+
 - Pipe-friendly output
+
 - TUI mode
+
 - JSON output mode
   `awscli-addons whoami --json`
-- etc
 
+- SSO support
+
+
+
+
+docker build -t awscli-addons .
 
+# Example: Check whoami (mounting your local AWS credentials)
+docker run --rm -v ~/.aws:/root/.aws awscli-addons whoami
+docker run --rm  -it awscli-addons bash
+VERSION=feature/init tools/installer.sh