Using the Images¶
This section covers pull, run, and automation patterns from beginner to advanced usage.
New to DevOps Images?
Start with the Quick Start Guide for a 5-minute introduction, or use the Decision Framework to pick the right image for your needs.
Pull an Image¶
Choose your preferred registry and image variant:
Best for: Teams using both AWS and GCP, or those who want maximum flexibility
✅ No rate limits | ✅ Fast global CDN | ✅ Best uptime
✅ GitLab CI native | ✅ Private runner support
Best for: AWS-only teams who want a smaller image
Docker Hub Rate Limits
Docker Hub enforces rate limits for anonymous users (100 pulls per 6 hours). We recommend using GHCR to avoid these limits.
Run Interactively¶
Basic interactive run:
The default shell is zsh with Oh My Zsh pre-configured.
Shell Options
The image includes three shells:
- zsh (default) - Modern shell with autocomplete and plugins
- bash - Traditional Bourne Again Shell
- fish - Friendly interactive shell
Switch shells with: bash, fish, or zsh
Recommended Workstation Setup¶
For real work, mount your credentials and project directory:
docker run -it --name devops-work \ # (1)!
-v $PWD:/workspace \ # (2)!
-v ~/.ssh:/root/.ssh \ # (3)!
-v ~/.aws:/root/.aws \ # (4)!
-v ~/.config/gcloud:/root/.config/gcloud \ # (5)!
-v ~/.claude:/root/.claude \ # (6)!
-v ~/.codex:/root/.codex \ # (7)!
-v ~/.copilot:/root/.copilot \ # (8)!
-v ~/.gemini:/root/.gemini \ # (9)!
-w /workspace \ # (10)!
ghcr.io/jinalshah/devops/images/all-devops:latest
- Named container for easy restart with
docker start -i devops-work - Mount current directory as
/workspacefor accessing your project files - Mount SSH keys for Git operations and remote server access
- Mount AWS credentials for
awsCLI (omit if not using AWS) - Mount GCP credentials for
gcloud(omit if not using GCP) - Mount Claude AI credentials for
claudeCLI - Mount Codex credentials for
codexCLI (OpenAI) - Mount Copilot credentials for
copilotCLI (GitHub) - Mount Gemini credentials for
geminiCLI (Google) - Set working directory to
/workspace
Authentication Details
For comprehensive authentication setup including AI CLI configuration, see the Authentication Guide.
Run Tools Without an Interactive Shell¶
Execute single commands without entering a shell:
# Check tool versions
docker run --rm ghcr.io/jinalshah/devops/images/all-devops:latest terraform version
docker run --rm ghcr.io/jinalshah/devops/images/aws-devops:latest aws --version
docker run --rm ghcr.io/jinalshah/devops/images/gcp-devops:latest gcloud --version
docker run --rm ghcr.io/jinalshah/devops/images/all-devops:latest trivy --version
One-Liner Examples
# Run Terraform plan
docker run --rm -v $PWD:/workspace -w /workspace \
ghcr.io/jinalshah/devops/images/all-devops:latest \
terraform plan
# Scan with Trivy
docker run --rm -v $PWD:/workspace \
ghcr.io/jinalshah/devops/images/all-devops:latest \
trivy fs /workspace
# Run Ansible playbook
docker run --rm -v $PWD:/workspace -w /workspace \
ghcr.io/jinalshah/devops/images/all-devops:latest \
ansible-playbook site.yml
Work With Local Files¶
Mount your project directory to access files:
docker run --rm \
-v "$PWD:/workspace" \
-w /workspace \
ghcr.io/jinalshah/devops/images/all-devops:latest \
ansible-playbook playbook.yml
Avoid Root-Owned Files¶
To prevent Docker from creating root-owned files on your host:
docker run --rm \
--user "$(id -u):$(id -g)" \
-v "$PWD:/workspace" \
-w /workspace \
ghcr.io/jinalshah/devops/images/all-devops:latest \
terraform fmt -recursive
User Flag Limitations
The --user flag may cause permission issues with some tools that expect to run as root. If you encounter errors, run without --user and manually fix permissions afterward:
Quick Authentication Examples¶
Basic credential mounting for cloud providers and Git:
Comprehensive Authentication Guide
For detailed setup including AI CLI authentication, multiple cloud accounts, and troubleshooting, see the Authentication Guide.
Version Pinning for CI/CD¶
Use Immutable Tags in Production
Always pin specific image versions in CI/CD pipelines for reproducible builds:
✅ Good - Immutable, predictable:
⚠️ Avoid - Mutable, can change:
Version Tag Format¶
latest- Most recent build (for local development)1.0.abc1234- Semantic version + git commit SHA (for CI/CD)1.0- Semantic version only (semi-stable)
CI/CD Integration Examples¶
GitHub Actions¶
name: Deploy Infrastructure
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
container:
image: ghcr.io/jinalshah/devops/images/all-devops:1.0.abc1234 # (1)!
steps:
- uses: actions/checkout@v4
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Deploy with Terraform
run: |
terraform init
terraform apply -auto-approve
- Pin to specific version for reproducible builds
GitLab CI¶
stages:
- deploy
deploy:production:
stage: deploy
image: registry.gitlab.com/jinal-shah/devops/images/all-devops:1.0.abc1234
script:
- terraform init
- terraform apply -auto-approve
variables:
AWS_ACCESS_KEY_ID: $AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY: $AWS_SECRET_ACCESS_KEY
AWS_DEFAULT_REGION: us-east-1
only:
- main
More CI/CD Examples
For comprehensive CI/CD integration guides, see:
Next Steps¶
Getting Started:
- Quick Start Guide - 5-minute introduction
- Authentication Setup - Configure credentials
- Quick Reference - Common command patterns
Cloud-Specific Guides:
- Using all-devops - Multi-cloud image
- Using aws-devops - AWS-focused image
- Using gcp-devops - GCP-focused image
Advanced Topics:
- Docker Compose Examples - Multi-container setups
- Workflows & Patterns - Real-world examples
- Troubleshooting - Common issues