From f9cc7b699e0716d0c6b2c2445596b5626b25b4f0 Mon Sep 17 00:00:00 2001 From: The Oh Brothers Bot Date: Thu, 28 Nov 2024 00:56:43 +0000 Subject: [PATCH] Enhancement: Add terraform 1.10.0 variants Signed-off-by: The Oh Brothers Bot --- .github/workflows/ci-master-pr.yml | 258 +++++++++++++++++- README.md | 5 +- generate/definitions/versions.json | 1 + .../1.10.0-jq-libvirt-sops-ssh/Dockerfile | 63 +++++ variants/1.10.0-jq-sops-ssh/Dockerfile | 61 +++++ variants/1.10.0/Dockerfile | 49 ++++ 6 files changed, 435 insertions(+), 2 deletions(-) create mode 100644 variants/1.10.0-jq-libvirt-sops-ssh/Dockerfile create mode 100644 variants/1.10.0-jq-sops-ssh/Dockerfile create mode 100644 variants/1.10.0/Dockerfile diff --git a/.github/workflows/ci-master-pr.yml b/.github/workflows/ci-master-pr.yml index 3da87e4..beb202e 100644 --- a/.github/workflows/ci-master-pr.yml +++ b/.github/workflows/ci-master-pr.yml @@ -33,6 +33,260 @@ jobs: run: | git diff --exit-code + build-1-10-0: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Display system info (linux) + run: | + set -e + hostname + whoami + cat /etc/*release + lscpu + free + df -h + pwd + docker info + docker version + + # See: https://github.com/docker/build-push-action/blob/v2.6.1/docs/advanced/cache.md#github-cache + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v3 + + - name: Cache Docker layers + uses: actions/cache@v4 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-1.10.0-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx-1.10.0- + ${{ runner.os }}-buildx- + + - name: Login to Docker Hub registry + # Run on master and tags + if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/') + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_REGISTRY_USER }} + password: ${{ secrets.DOCKERHUB_REGISTRY_PASSWORD }} + + # This step generates the docker tags + - name: Prepare + id: prep-1-10-0 + run: | + set -e + + # Get ref, i.e. from refs/heads/, or from refs/tags/. E.g. 'master' or 'v0.0.0' + REF=$( echo "${GITHUB_REF}" | rev | cut -d '/' -f 1 | rev ) + + # Get short commit hash E.g. 'abc0123' + SHA=$( echo "${GITHUB_SHA}" | cut -c1-7 ) + + # Generate docker image tags + # E.g. 'v0.0.0-' and 'v0.0.0-abc0123-' + # E.g. 'master-' and 'master-abc0123-' + VARIANT="1.10.0" + REF_VARIANT="${REF}-${VARIANT}" + REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}" + + # Pass variables to next step + echo "VARIANT_BUILD_DIR=$VARIANT_BUILD_DIR" >> $GITHUB_OUTPUT + echo "VARIANT=$VARIANT" >> $GITHUB_OUTPUT + echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_OUTPUT + echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_OUTPUT + + - name: 1.10.0 - Build (PRs) + # Run only on pull requests + if: github.event_name == 'pull_request' + uses: docker/build-push-action@v5 + with: + context: variants/1.10.0 + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 + push: false + tags: | + ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.REF_SHA_VARIANT }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + - name: 1.10.0 - Build and push (master) + # Run only on master + if: github.ref == 'refs/heads/master' + uses: docker/build-push-action@v5 + with: + context: variants/1.10.0 + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 + push: true + tags: | + ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.REF_SHA_VARIANT }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + - name: 1.10.0 - Build and push (release) + if: startsWith(github.ref, 'refs/tags/') + uses: docker/build-push-action@v5 + with: + context: variants/1.10.0 + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 + push: true + tags: | + ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:latest + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + # This step generates the docker tags + - name: Prepare + id: prep-1-10-0-jq-sops-ssh + run: | + set -e + + # Get ref, i.e. from refs/heads/, or from refs/tags/. E.g. 'master' or 'v0.0.0' + REF=$( echo "${GITHUB_REF}" | rev | cut -d '/' -f 1 | rev ) + + # Get short commit hash E.g. 'abc0123' + SHA=$( echo "${GITHUB_SHA}" | cut -c1-7 ) + + # Generate docker image tags + # E.g. 'v0.0.0-' and 'v0.0.0-abc0123-' + # E.g. 'master-' and 'master-abc0123-' + VARIANT="1.10.0-jq-sops-ssh" + REF_VARIANT="${REF}-${VARIANT}" + REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}" + + # Pass variables to next step + echo "VARIANT_BUILD_DIR=$VARIANT_BUILD_DIR" >> $GITHUB_OUTPUT + echo "VARIANT=$VARIANT" >> $GITHUB_OUTPUT + echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_OUTPUT + echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_OUTPUT + + - name: 1.10.0-jq-sops-ssh - Build (PRs) + # Run only on pull requests + if: github.event_name == 'pull_request' + uses: docker/build-push-action@v5 + with: + context: variants/1.10.0-jq-sops-ssh + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 + push: false + tags: | + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.REF_SHA_VARIANT }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + - name: 1.10.0-jq-sops-ssh - Build and push (master) + # Run only on master + if: github.ref == 'refs/heads/master' + uses: docker/build-push-action@v5 + with: + context: variants/1.10.0-jq-sops-ssh + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 + push: true + tags: | + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.REF_SHA_VARIANT }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + - name: 1.10.0-jq-sops-ssh - Build and push (release) + if: startsWith(github.ref, 'refs/tags/') + uses: docker/build-push-action@v5 + with: + context: variants/1.10.0-jq-sops-ssh + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 + push: true + tags: | + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.REF_SHA_VARIANT }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + # This step generates the docker tags + - name: Prepare + id: prep-1-10-0-jq-libvirt-sops-ssh + run: | + set -e + + # Get ref, i.e. from refs/heads/, or from refs/tags/. E.g. 'master' or 'v0.0.0' + REF=$( echo "${GITHUB_REF}" | rev | cut -d '/' -f 1 | rev ) + + # Get short commit hash E.g. 'abc0123' + SHA=$( echo "${GITHUB_SHA}" | cut -c1-7 ) + + # Generate docker image tags + # E.g. 'v0.0.0-' and 'v0.0.0-abc0123-' + # E.g. 'master-' and 'master-abc0123-' + VARIANT="1.10.0-jq-libvirt-sops-ssh" + REF_VARIANT="${REF}-${VARIANT}" + REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}" + + # Pass variables to next step + echo "VARIANT_BUILD_DIR=$VARIANT_BUILD_DIR" >> $GITHUB_OUTPUT + echo "VARIANT=$VARIANT" >> $GITHUB_OUTPUT + echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_OUTPUT + echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_OUTPUT + + - name: 1.10.0-jq-libvirt-sops-ssh - Build (PRs) + # Run only on pull requests + if: github.event_name == 'pull_request' + uses: docker/build-push-action@v5 + with: + context: variants/1.10.0-jq-libvirt-sops-ssh + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 + push: false + tags: | + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.REF_SHA_VARIANT }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + - name: 1.10.0-jq-libvirt-sops-ssh - Build and push (master) + # Run only on master + if: github.ref == 'refs/heads/master' + uses: docker/build-push-action@v5 + with: + context: variants/1.10.0-jq-libvirt-sops-ssh + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 + push: true + tags: | + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.REF_SHA_VARIANT }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + - name: 1.10.0-jq-libvirt-sops-ssh - Build and push (release) + if: startsWith(github.ref, 'refs/tags/') + uses: docker/build-push-action@v5 + with: + context: variants/1.10.0-jq-libvirt-sops-ssh + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 + push: true + tags: | + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.REF_SHA_VARIANT }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + # Temp fix + # https://github.com/docker/build-push-action/issues/252 + # https://github.com/moby/buildkit/issues/1896 + - name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache + build-1-9-8: runs-on: ubuntu-latest steps: @@ -141,7 +395,6 @@ jobs: ${{ github.repository }}:${{ steps.prep-1-9-8.outputs.VARIANT }} ${{ github.repository }}:${{ steps.prep-1-9-8.outputs.REF_VARIANT }} ${{ github.repository }}:${{ steps.prep-1-9-8.outputs.REF_SHA_VARIANT }} - ${{ github.repository }}:latest cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max @@ -4590,6 +4843,7 @@ jobs: update-draft-release: needs: + - build-1-10-0 - build-1-9-8 - build-1-8-5 - build-1-7-5 @@ -4621,6 +4875,7 @@ jobs: publish-draft-release: needs: + - build-1-10-0 - build-1-9-8 - build-1-8-5 - build-1-7-5 @@ -4654,6 +4909,7 @@ jobs: update-dockerhub-description: needs: + - build-1-10-0 - build-1-9-8 - build-1-8-5 - build-1-7-5 diff --git a/README.md b/README.md index 9e16f12..96ac288 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,10 @@ The base image is `alpine`. The image is not the closed-source [`hashicorp/terra | Tag | Dockerfile Build Context | |:-------:|:---------:| -| `:1.9.8`, `:latest` | [View](variants/1.9.8) | +| `:1.10.0`, `:latest` | [View](variants/1.10.0) | +| `:1.10.0-jq-sops-ssh` | [View](variants/1.10.0-jq-sops-ssh) | +| `:1.10.0-jq-libvirt-sops-ssh` | [View](variants/1.10.0-jq-libvirt-sops-ssh) | +| `:1.9.8` | [View](variants/1.9.8) | | `:1.9.8-jq-sops-ssh` | [View](variants/1.9.8-jq-sops-ssh) | | `:1.9.8-jq-libvirt-sops-ssh` | [View](variants/1.9.8-jq-libvirt-sops-ssh) | | `:1.8.5` | [View](variants/1.8.5) | diff --git a/generate/definitions/versions.json b/generate/definitions/versions.json index 56b4797..5ab2d29 100644 --- a/generate/definitions/versions.json +++ b/generate/definitions/versions.json @@ -1,6 +1,7 @@ { "terraform": { "versions": [ + "1.10.0", "1.9.8", "1.8.5", "1.7.5", diff --git a/variants/1.10.0-jq-libvirt-sops-ssh/Dockerfile b/variants/1.10.0-jq-libvirt-sops-ssh/Dockerfile new file mode 100644 index 0000000..31f7678 --- /dev/null +++ b/variants/1.10.0-jq-libvirt-sops-ssh/Dockerfile @@ -0,0 +1,63 @@ +FROM alpine:3.17 +ARG TARGETPLATFORM +ARG BUILDPLATFORM +RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" +# Install terraform +RUN set -eux; \ + TERRAFORM_VERSION=1.10.0; \ + case "$( uname -m )" in \ + 'x86') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_386.zip"; \ + SHA256=8af8eb3315ecade87ec6cb04dd16a5b6ebefd7bf7058b8e8db7422c1c9500108; \ + ;; \ + 'x86_64') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_amd64.zip"; \ + SHA256=4b05f4848d365597cf7ac5b59334c62a16b3bb7b524586578ee45ba823b6758b; \ + ;; \ + 'armhf') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_arm.zip"; \ + SHA256=8209739371bad76287e04aedd2a3b1b6bcf5c16ae9ba8adbb93dc3d7346df9f1; \ + ;; \ + 'armv7l') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_arm.zip"; \ + SHA256=8209739371bad76287e04aedd2a3b1b6bcf5c16ae9ba8adbb93dc3d7346df9f1; \ + ;; \ + 'aarch64') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_arm64.zip"; \ + SHA256=e12fad357bcff9537e904a7821529206c2c8fb48f700b670c25d6deddbb65d05; \ + ;; \ + *) \ + echo "Architecture not supported"; \ + exit 1; \ + ;; \ + esac; \ + FILE=terraform.zip; \ + wget -q "$URL" -O "$FILE"; \ + echo "$SHA256 $FILE" | sha256sum -c -; \ + unzip "$FILE" terraform; \ + mkdir -pv /usr/local/bin; \ + mv -v terraform /usr/local/bin/terraform; \ + chmod +x /usr/local/bin/terraform; \ + CHECKPOINT_DISABLE=1 terraform version; \ + : + +RUN apk add --no-cache ca-certificates + +RUN apk add --no-cache jq + +RUN apk add --no-cache libvirt-client + +RUN set -eux; \ + wget -qO- https://github.com/mozilla/sops/releases/download/v3.7.3/sops-v3.7.3.linux > /usr/local/bin/sops; \ + chmod +x /usr/local/bin/sops; \ + sha256sum /usr/local/bin/sops | grep '^53aec65e45f62a769ff24b7e5384f0c82d62668dd96ed56685f649da114b4dbb '; \ + sops --version + +RUN apk add --no-cache gnupg + +RUN apk add --no-cache openssh-client sshpass + +# Disable telemetry. See: https://developer.hashicorp.com/terraform/cli/commands#upgrade-and-security-bulletin-checks +ENV CHECKPOINT_DISABLE=1 + +CMD [ "terraform" ] diff --git a/variants/1.10.0-jq-sops-ssh/Dockerfile b/variants/1.10.0-jq-sops-ssh/Dockerfile new file mode 100644 index 0000000..6ea9383 --- /dev/null +++ b/variants/1.10.0-jq-sops-ssh/Dockerfile @@ -0,0 +1,61 @@ +FROM alpine:3.17 +ARG TARGETPLATFORM +ARG BUILDPLATFORM +RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" +# Install terraform +RUN set -eux; \ + TERRAFORM_VERSION=1.10.0; \ + case "$( uname -m )" in \ + 'x86') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_386.zip"; \ + SHA256=8af8eb3315ecade87ec6cb04dd16a5b6ebefd7bf7058b8e8db7422c1c9500108; \ + ;; \ + 'x86_64') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_amd64.zip"; \ + SHA256=4b05f4848d365597cf7ac5b59334c62a16b3bb7b524586578ee45ba823b6758b; \ + ;; \ + 'armhf') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_arm.zip"; \ + SHA256=8209739371bad76287e04aedd2a3b1b6bcf5c16ae9ba8adbb93dc3d7346df9f1; \ + ;; \ + 'armv7l') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_arm.zip"; \ + SHA256=8209739371bad76287e04aedd2a3b1b6bcf5c16ae9ba8adbb93dc3d7346df9f1; \ + ;; \ + 'aarch64') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_arm64.zip"; \ + SHA256=e12fad357bcff9537e904a7821529206c2c8fb48f700b670c25d6deddbb65d05; \ + ;; \ + *) \ + echo "Architecture not supported"; \ + exit 1; \ + ;; \ + esac; \ + FILE=terraform.zip; \ + wget -q "$URL" -O "$FILE"; \ + echo "$SHA256 $FILE" | sha256sum -c -; \ + unzip "$FILE" terraform; \ + mkdir -pv /usr/local/bin; \ + mv -v terraform /usr/local/bin/terraform; \ + chmod +x /usr/local/bin/terraform; \ + CHECKPOINT_DISABLE=1 terraform version; \ + : + +RUN apk add --no-cache ca-certificates + +RUN apk add --no-cache jq + +RUN set -eux; \ + wget -qO- https://github.com/mozilla/sops/releases/download/v3.7.3/sops-v3.7.3.linux > /usr/local/bin/sops; \ + chmod +x /usr/local/bin/sops; \ + sha256sum /usr/local/bin/sops | grep '^53aec65e45f62a769ff24b7e5384f0c82d62668dd96ed56685f649da114b4dbb '; \ + sops --version + +RUN apk add --no-cache gnupg + +RUN apk add --no-cache openssh-client sshpass + +# Disable telemetry. See: https://developer.hashicorp.com/terraform/cli/commands#upgrade-and-security-bulletin-checks +ENV CHECKPOINT_DISABLE=1 + +CMD [ "terraform" ] diff --git a/variants/1.10.0/Dockerfile b/variants/1.10.0/Dockerfile new file mode 100644 index 0000000..7a6a34a --- /dev/null +++ b/variants/1.10.0/Dockerfile @@ -0,0 +1,49 @@ +FROM alpine:3.17 +ARG TARGETPLATFORM +ARG BUILDPLATFORM +RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" +# Install terraform +RUN set -eux; \ + TERRAFORM_VERSION=1.10.0; \ + case "$( uname -m )" in \ + 'x86') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_386.zip"; \ + SHA256=8af8eb3315ecade87ec6cb04dd16a5b6ebefd7bf7058b8e8db7422c1c9500108; \ + ;; \ + 'x86_64') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_amd64.zip"; \ + SHA256=4b05f4848d365597cf7ac5b59334c62a16b3bb7b524586578ee45ba823b6758b; \ + ;; \ + 'armhf') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_arm.zip"; \ + SHA256=8209739371bad76287e04aedd2a3b1b6bcf5c16ae9ba8adbb93dc3d7346df9f1; \ + ;; \ + 'armv7l') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_arm.zip"; \ + SHA256=8209739371bad76287e04aedd2a3b1b6bcf5c16ae9ba8adbb93dc3d7346df9f1; \ + ;; \ + 'aarch64') \ + URL="https://releases.hashicorp.com/terraform/1.10.0/terraform_1.10.0_linux_arm64.zip"; \ + SHA256=e12fad357bcff9537e904a7821529206c2c8fb48f700b670c25d6deddbb65d05; \ + ;; \ + *) \ + echo "Architecture not supported"; \ + exit 1; \ + ;; \ + esac; \ + FILE=terraform.zip; \ + wget -q "$URL" -O "$FILE"; \ + echo "$SHA256 $FILE" | sha256sum -c -; \ + unzip "$FILE" terraform; \ + mkdir -pv /usr/local/bin; \ + mv -v terraform /usr/local/bin/terraform; \ + chmod +x /usr/local/bin/terraform; \ + CHECKPOINT_DISABLE=1 terraform version; \ + : + +RUN apk add --no-cache ca-certificates + +# Disable telemetry. See: https://developer.hashicorp.com/terraform/cli/commands#upgrade-and-security-bulletin-checks +ENV CHECKPOINT_DISABLE=1 + +CMD [ "terraform" ]