Essential DevOps Tools for macOS
Source: Dev.to
Introduction
macOS traces its roots back to NeXTSTEP and is built on the Mach‑derived XNU kernel. The Darwin userland provides a BSD‑based Unix environment with familiar POSIX tools, plus macOS‑specific additions such as launchd. This Unix heritage is why many Linux‑focused cloud and container tools run reliably on macOS with only minimal differences.
Why the extra steps?
macOS ships with BSD‑flavored utilities (grep,sed,awk, …). Scripts written for Linux may behave differently or fail entirely. The steps below install GNU equivalents and a common set of command‑line tools so that scripts behave consistently across Linux, macOS, and Windows MSYS2 environments.
Overview of the Tools
| Tool | Command(s) | Description |
|---|---|---|
| Terraform | terraform | Provision cloud infrastructure (HashiCorp). |
| AWS CLI | aws | Interact with Amazon Web Services. |
| okta‑aws‑cli | okta-aws-cli | Obtain temporary IAM credentials via Okta. |
| Kubernetes CLI | kubectl | Interact with a Kubernetes control plane. |
| Helm | helm | Package manager for Kubernetes applications. |
| Kustomize | kustomize | Patch‑based configuration for Kubernetes resources. |
| Helmfile | helmfile | Declarative spec for deploying Helm charts (supports templating & patching). |
| Krew | kubectl krew | Plugin manager for kubectl. |
| Corretto (OpenJDK) | java, javac, jar, keytool | Amazon’s OpenJDK distribution. |
| Vault | vault | Secure storage and access control for secrets (tokens, passwords, certificates, keys). |
| Other utilities | bc, curl, git, jq, zsh, … | Frequently‑used GNU tools and shells. |
Prerequisites
Install Xcode Command‑Line Tools
xcode-select --installInstall Homebrew
URL="https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh"
/bin/bash -c "$(curl -fsSL $URL)"Install Core GNU Utilities
These commands give you GNU versions of common tools (e.g., grep, sed, tar) that behave like their Linux counterparts.
brew install \
autoconf \
bash \
bc \
binutils \
coreutils \
curl \
diffutils \
ed \
findutils \
flex \
gawk \
git \
gnu-indent \
gnu-sed \
gnu-tar \
gnu-which \
gpatch \
grep \
gzip \
jq \
less \
m4 \
make \
nano \
screen \
watch \
wdiff \
wget \
zip \
zshMake the GNU shells available to the system
echo "$(brew --prefix)/bin/bash" | sudo tee -a /etc/shells
echo "$(brew --prefix)/bin/zsh" | sudo tee -a /etc/shellsChoose your default shell
# Use GNU Bash
chsh -s "$(brew --prefix)/bin/bash"
# Or use GNU Zsh
chsh -s "$(brew --prefix)/bin/zsh"Tip: When writing scripts, use an
envshebang so the script picks up the GNU version from yourPATHrather than the system‑provided (BSD) version.
# Bash shebang
#!/usr/bin/env bash
# Zsh shebang
#!/usr/bin/env zshAdd GNU/Keg‑only binaries to PATH
The GNU utilities installed by Homebrew live in keg‑only locations (e.g., …/opt/coreutils/libexec/gnubin). Add them to your shell’s startup file (~/.bash_profile, ~/.zshrc, …).
# -------------------------------------------------
# Add this function to your startup script
# -------------------------------------------------
update_homebrew_path() {
local BREW_PREFIX GNU_PATHS KEG_PATHS COMBINED_PATHS DEDUPE_SCRIPT
# Bail out if Homebrew isn’t available
command -v brew >/dev/null 2>&1 || return
BREW_PREFIX="$(brew --prefix)"
# All GNU “gnubin” directories (coreutils, findutils, gawk, …)
GNU_PATHS=$(printf "%s:" "${BREW_PREFIX}/opt/"*"/libexec/gnubin")
# Directories of keg‑only binaries (e.g., `krew`, `helmfile`)
KEG_PATHS=$(
brew info --installed --json=v1 \
| jq -r 'map(select(.keg_only == true)) | .[].name' \
| while read -r PKG; do
[[ -d "${BREW_PREFIX}/opt/${PKG}/bin" ]] && printf "%s:" "${BREW_PREFIX}/opt/${PKG}/bin"
done
)
COMBINED_PATHS="${GNU_PATHS}${KEG_PATHS}"
DEDUPE_SCRIPT='print join ":", grep { ! $seen{$_}++ } split /:/, shift'
perl -e "${DEDUPE_SCRIPT}" "${COMBINED_PATHS}" | sed 's/^://; s/:$//'
}
# Export the new PATH
NEW_PATHS="$(update_homebrew_path)"
export PATH="${NEW_PATHS}:${PATH}"After adding the function, reload your shell or run source ~/.zshrc (or the appropriate file).
Install Cloud‑Provisioning & Kubernetes Toolchain
# AWS CLI & Okta helper
brew install awscli
brew install okta-aws-cli
# HashiCorp tools
brew tap hashicorp/tap
brew install hashicorp/tap/terraform
brew install hashicorp/tap/vault
# Kubernetes CLI
brew install kubernetes-cli # provides `kubectl`
# Helm (package manager)
brew install helm
# Java (Amazon Corretto 17)
brew tap homebrew/cask-versions
brew install --cask corretto17
# Helmfile & Kustomize
brew install helmfile
brew install kustomize
# Optional: kubectl plugin manager
brew install krew
# Miscellaneous utilities
brew install jqVerify Installations
terraform --version
vault --version
kubectl version --client
helm version
kustomize version
helmfile version
java --version
aws --version
okta-aws-cli --version
jq --versionIf each command prints version information without errors, the toolchain is ready for use.
Final Thoughts
- macOS’s BSD‑based utilities can cause subtle script failures; installing GNU equivalents eliminates most incompatibilities.
- Keeping the GNU tools early in
PATHensures your scripts pick the right binaries. - The same Homebrew commands work on Linux (via Linuxbrew) and on Windows MSYS2, giving you a truly cross‑platform development environment.
Happy provisioning! 🚀
Versions
aws --version
okta-aws-cli --versionHelm Plugins
Helm can be extended with plugins. Below are some popular ones. I especially recommend helm‑diff, which shows the resources that will be changed before you install or upgrade an application.
helm plugin install https://github.com/databus23/helm-diff
helm plugin install https://github.com/aslafy-z/helm-git
helm plugin install https://github.com/hypnoglow/helm-s3.git
helm plugin install https://github.com/jkroepke/helm-secretsKubernetes Krew (Plugin Manager)
Krew adds a plugin system to kubectl. Use the script below to install it.
#!/usr/bin/env bash
main() {
install_krew
# Add this to your startup scripts
export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"
}
install_krew() {
TEMP_DIR=$(mktemp -d)
pushd "$TEMP_DIR"
OS="$(uname | tr '[:upper:]' '[:lower:]')"
ARCH="$(
uname -m \
| sed -e 's/x86_64/amd64/' \
-e 's/\(arm\)\(64\)\?.*/\1\2/' \
-e 's/aarch64$/arm64/'
)"
KREW="krew-${OS}_${ARCH}"
PKG="/${KREW}.tar.gz"
URL_PATH="kubernetes-sigs/krew/releases/latest/download/$PKG"
URL="https://github.com/$URL_PATH"
curl -fsSLO "$URL"
tar zxvf "${KREW}.tar.gz"
./"${KREW}" install krew
popd
rm -rf "$TEMP_DIR"
}
mainAfter installation, ensure the Krew binary directory is in your PATH (as shown in the script).
Homebrew Brewfile
Homebrew can install a list of packages from a single manifest file called a Brewfile. Create a file named Brewfile with the following contents:
# Common Core Commands
brew 'autoconf'
brew 'bash'
brew 'bc'
brew 'binutils'
brew 'coreutils'
brew 'curl'
brew 'diffutils'
brew 'ed'
brew 'findutils'
brew 'flex'
brew 'gawk'
brew 'git'
brew 'gnu-indent'
brew 'gnu-sed'
brew 'gnu-tar'
brew 'gnu-which'
brew 'gpatch'
brew 'grep'
brew 'gzip'
brew 'jq'
brew 'less'
brew 'm4'
brew 'make'
brew 'nano'
brew 'screen'
brew 'watch'
brew 'wdiff'
brew 'wget'
brew 'zip'
brew 'zsh'
# AWS Tools
brew 'awscli'
brew 'okta-aws-cli'
# HashiCorp
tap 'hashicorp/tap'
brew 'hashicorp/tap/terraform'
brew 'hashicorp/tap/vault'
# Kubernetes
brew 'kubernetes-cli'
brew 'helm'
brew 'kustomize'
brew 'helmfile'
# Java
tap 'homebrew/cask-versions'
cask 'corretto17'
# Other
brew 'jq'Install the Brewfile
brew bundle --verbosePost‑Installation Steps
- Update your
PATH– Add the directories for GNU utilities and any keg‑only commands so they take precedence over the macOS defaults. - Register new shells – Append the paths of the newly installed
zshandbashbinaries to/etc/shellsso they can be selected as login shells.
Now you have a fully‑featured development environment with Helm plugins, Kubernetes Krew, and a reproducible Homebrew package set.