From b815ede25130ba0ff83225ec3961fd3077b1986f Mon Sep 17 00:00:00 2001 From: The Oh Brothers Bot Date: Thu, 14 Sep 2023 00:37:17 +0000 Subject: [PATCH] Enhancement: Bump v1.5 variants to v1.5.7 Signed-off-by: The Oh Brothers Bot --- .github/workflows/ci-master-pr.yml | 36 +++++------ README.md | 6 +- generate/definitions/versions.json | 2 +- .../v1.5.7-jq-libvirt-sops-ssh/Dockerfile | 63 +++++++++++++++++++ variants/v1.5.7-jq-sops-ssh/Dockerfile | 61 ++++++++++++++++++ variants/v1.5.7/Dockerfile | 49 +++++++++++++++ 6 files changed, 195 insertions(+), 22 deletions(-) create mode 100644 variants/v1.5.7-jq-libvirt-sops-ssh/Dockerfile create mode 100644 variants/v1.5.7-jq-sops-ssh/Dockerfile create mode 100644 variants/v1.5.7/Dockerfile diff --git a/.github/workflows/ci-master-pr.yml b/.github/workflows/ci-master-pr.yml index 00ba817..9cb621c 100644 --- a/.github/workflows/ci-master-pr.yml +++ b/.github/workflows/ci-master-pr.yml @@ -32,10 +32,10 @@ jobs: run: | git diff --exit-code - build-v1-5-2: + build-v1-5-7: runs-on: ubuntu-latest env: - VARIANT: v1.5.2 + VARIANT: v1.5.7 steps: - name: Checkout uses: actions/checkout@v3 @@ -107,7 +107,7 @@ jobs: if: github.event_name == 'pull_request' uses: docker/build-push-action@v3 with: - context: variants/v1.5.2 + context: variants/v1.5.7 platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: false tags: | @@ -121,7 +121,7 @@ jobs: if: github.ref == 'refs/heads/master' uses: docker/build-push-action@v3 with: - context: variants/v1.5.2 + context: variants/v1.5.7 platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | @@ -134,7 +134,7 @@ jobs: if: startsWith(github.ref, 'refs/tags/') uses: docker/build-push-action@v3 with: - context: variants/v1.5.2 + context: variants/v1.5.7 platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | @@ -153,10 +153,10 @@ jobs: rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache - build-v1-5-2-jq-sops-ssh: + build-v1-5-7-jq-sops-ssh: runs-on: ubuntu-latest env: - VARIANT: v1.5.2-jq-sops-ssh + VARIANT: v1.5.7-jq-sops-ssh steps: - name: Checkout uses: actions/checkout@v3 @@ -228,7 +228,7 @@ jobs: if: github.event_name == 'pull_request' uses: docker/build-push-action@v3 with: - context: variants/v1.5.2-jq-sops-ssh + context: variants/v1.5.7-jq-sops-ssh platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: false tags: | @@ -242,7 +242,7 @@ jobs: if: github.ref == 'refs/heads/master' uses: docker/build-push-action@v3 with: - context: variants/v1.5.2-jq-sops-ssh + context: variants/v1.5.7-jq-sops-ssh platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | @@ -255,7 +255,7 @@ jobs: if: startsWith(github.ref, 'refs/tags/') uses: docker/build-push-action@v3 with: - context: variants/v1.5.2-jq-sops-ssh + context: variants/v1.5.7-jq-sops-ssh platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | @@ -273,10 +273,10 @@ jobs: rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache - build-v1-5-2-jq-libvirt-sops-ssh: + build-v1-5-7-jq-libvirt-sops-ssh: runs-on: ubuntu-latest env: - VARIANT: v1.5.2-jq-libvirt-sops-ssh + VARIANT: v1.5.7-jq-libvirt-sops-ssh steps: - name: Checkout uses: actions/checkout@v3 @@ -348,7 +348,7 @@ jobs: if: github.event_name == 'pull_request' uses: docker/build-push-action@v3 with: - context: variants/v1.5.2-jq-libvirt-sops-ssh + context: variants/v1.5.7-jq-libvirt-sops-ssh platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: false tags: | @@ -362,7 +362,7 @@ jobs: if: github.ref == 'refs/heads/master' uses: docker/build-push-action@v3 with: - context: variants/v1.5.2-jq-libvirt-sops-ssh + context: variants/v1.5.7-jq-libvirt-sops-ssh platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | @@ -375,7 +375,7 @@ jobs: if: startsWith(github.ref, 'refs/tags/') uses: docker/build-push-action@v3 with: - context: variants/v1.5.2-jq-libvirt-sops-ssh + context: variants/v1.5.7-jq-libvirt-sops-ssh platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | @@ -5074,7 +5074,7 @@ jobs: mv /tmp/.buildx-cache-new /tmp/.buildx-cache update-draft-release: - needs: [build-v1-5-2, build-v1-5-2-jq-sops-ssh, build-v1-5-2-jq-libvirt-sops-ssh, build-v1-4-6, build-v1-4-6-jq-sops-ssh, build-v1-4-6-jq-libvirt-sops-ssh, build-v1-3-9, build-v1-3-9-jq-sops-ssh, build-v1-3-9-jq-libvirt-sops-ssh, build-v1-2-9, build-v1-2-9-jq-sops-ssh, build-v1-2-9-jq-libvirt-sops-ssh, build-v1-1-9, build-v1-1-9-jq-sops-ssh, build-v1-1-9-jq-libvirt-sops-ssh, build-v1-0-11, build-v1-0-11-jq-sops-ssh, build-v1-0-11-jq-libvirt-sops-ssh, build-v0-15-5, build-v0-15-5-jq-sops-ssh, build-v0-15-5-jq-libvirt-sops-ssh, build-v0-14-11, build-v0-14-11-jq-sops-ssh, build-v0-14-11-jq-libvirt-sops-ssh, build-v0-13-7, build-v0-13-7-jq-sops-ssh, build-v0-13-7-jq-libvirt-sops-ssh, build-v0-12-31, build-v0-12-31-jq-sops-ssh, build-v0-12-31-jq-libvirt-sops-ssh, build-v0-11-15, build-v0-11-15-jq-sops-ssh, build-v0-11-15-jq-libvirt-sops-ssh, build-v0-10-8, build-v0-10-8-jq-sops-ssh, build-v0-10-8-jq-libvirt-sops-ssh, build-v0-9-11, build-v0-9-11-jq-sops-ssh, build-v0-9-11-jq-libvirt-sops-ssh, build-v0-8-8, build-v0-8-8-jq-sops-ssh, build-v0-8-8-jq-libvirt-sops-ssh] + needs: [build-v1-5-7, build-v1-5-7-jq-sops-ssh, build-v1-5-7-jq-libvirt-sops-ssh, build-v1-4-6, build-v1-4-6-jq-sops-ssh, build-v1-4-6-jq-libvirt-sops-ssh, build-v1-3-9, build-v1-3-9-jq-sops-ssh, build-v1-3-9-jq-libvirt-sops-ssh, build-v1-2-9, build-v1-2-9-jq-sops-ssh, build-v1-2-9-jq-libvirt-sops-ssh, build-v1-1-9, build-v1-1-9-jq-sops-ssh, build-v1-1-9-jq-libvirt-sops-ssh, build-v1-0-11, build-v1-0-11-jq-sops-ssh, build-v1-0-11-jq-libvirt-sops-ssh, build-v0-15-5, build-v0-15-5-jq-sops-ssh, build-v0-15-5-jq-libvirt-sops-ssh, build-v0-14-11, build-v0-14-11-jq-sops-ssh, build-v0-14-11-jq-libvirt-sops-ssh, build-v0-13-7, build-v0-13-7-jq-sops-ssh, build-v0-13-7-jq-libvirt-sops-ssh, build-v0-12-31, build-v0-12-31-jq-sops-ssh, build-v0-12-31-jq-libvirt-sops-ssh, build-v0-11-15, build-v0-11-15-jq-sops-ssh, build-v0-11-15-jq-libvirt-sops-ssh, build-v0-10-8, build-v0-10-8-jq-sops-ssh, build-v0-10-8-jq-libvirt-sops-ssh, build-v0-9-11, build-v0-9-11-jq-sops-ssh, build-v0-9-11-jq-libvirt-sops-ssh, build-v0-8-8, build-v0-8-8-jq-sops-ssh, build-v0-8-8-jq-libvirt-sops-ssh] if: github.ref == 'refs/heads/master' runs-on: ubuntu-latest steps: @@ -5087,7 +5087,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} publish-draft-release: - needs: [build-v1-5-2, build-v1-5-2-jq-sops-ssh, build-v1-5-2-jq-libvirt-sops-ssh, build-v1-4-6, build-v1-4-6-jq-sops-ssh, build-v1-4-6-jq-libvirt-sops-ssh, build-v1-3-9, build-v1-3-9-jq-sops-ssh, build-v1-3-9-jq-libvirt-sops-ssh, build-v1-2-9, build-v1-2-9-jq-sops-ssh, build-v1-2-9-jq-libvirt-sops-ssh, build-v1-1-9, build-v1-1-9-jq-sops-ssh, build-v1-1-9-jq-libvirt-sops-ssh, build-v1-0-11, build-v1-0-11-jq-sops-ssh, build-v1-0-11-jq-libvirt-sops-ssh, build-v0-15-5, build-v0-15-5-jq-sops-ssh, build-v0-15-5-jq-libvirt-sops-ssh, build-v0-14-11, build-v0-14-11-jq-sops-ssh, build-v0-14-11-jq-libvirt-sops-ssh, build-v0-13-7, build-v0-13-7-jq-sops-ssh, build-v0-13-7-jq-libvirt-sops-ssh, build-v0-12-31, build-v0-12-31-jq-sops-ssh, build-v0-12-31-jq-libvirt-sops-ssh, build-v0-11-15, build-v0-11-15-jq-sops-ssh, build-v0-11-15-jq-libvirt-sops-ssh, build-v0-10-8, build-v0-10-8-jq-sops-ssh, build-v0-10-8-jq-libvirt-sops-ssh, build-v0-9-11, build-v0-9-11-jq-sops-ssh, build-v0-9-11-jq-libvirt-sops-ssh, build-v0-8-8, build-v0-8-8-jq-sops-ssh, build-v0-8-8-jq-libvirt-sops-ssh] + needs: [build-v1-5-7, build-v1-5-7-jq-sops-ssh, build-v1-5-7-jq-libvirt-sops-ssh, build-v1-4-6, build-v1-4-6-jq-sops-ssh, build-v1-4-6-jq-libvirt-sops-ssh, build-v1-3-9, build-v1-3-9-jq-sops-ssh, build-v1-3-9-jq-libvirt-sops-ssh, build-v1-2-9, build-v1-2-9-jq-sops-ssh, build-v1-2-9-jq-libvirt-sops-ssh, build-v1-1-9, build-v1-1-9-jq-sops-ssh, build-v1-1-9-jq-libvirt-sops-ssh, build-v1-0-11, build-v1-0-11-jq-sops-ssh, build-v1-0-11-jq-libvirt-sops-ssh, build-v0-15-5, build-v0-15-5-jq-sops-ssh, build-v0-15-5-jq-libvirt-sops-ssh, build-v0-14-11, build-v0-14-11-jq-sops-ssh, build-v0-14-11-jq-libvirt-sops-ssh, build-v0-13-7, build-v0-13-7-jq-sops-ssh, build-v0-13-7-jq-libvirt-sops-ssh, build-v0-12-31, build-v0-12-31-jq-sops-ssh, build-v0-12-31-jq-libvirt-sops-ssh, build-v0-11-15, build-v0-11-15-jq-sops-ssh, build-v0-11-15-jq-libvirt-sops-ssh, build-v0-10-8, build-v0-10-8-jq-sops-ssh, build-v0-10-8-jq-libvirt-sops-ssh, build-v0-9-11, build-v0-9-11-jq-sops-ssh, build-v0-9-11-jq-libvirt-sops-ssh, build-v0-8-8, build-v0-8-8-jq-sops-ssh, build-v0-8-8-jq-libvirt-sops-ssh] if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-latest steps: @@ -5102,7 +5102,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} update-dockerhub-description: - needs: [build-v1-5-2, build-v1-5-2-jq-sops-ssh, build-v1-5-2-jq-libvirt-sops-ssh, build-v1-4-6, build-v1-4-6-jq-sops-ssh, build-v1-4-6-jq-libvirt-sops-ssh, build-v1-3-9, build-v1-3-9-jq-sops-ssh, build-v1-3-9-jq-libvirt-sops-ssh, build-v1-2-9, build-v1-2-9-jq-sops-ssh, build-v1-2-9-jq-libvirt-sops-ssh, build-v1-1-9, build-v1-1-9-jq-sops-ssh, build-v1-1-9-jq-libvirt-sops-ssh, build-v1-0-11, build-v1-0-11-jq-sops-ssh, build-v1-0-11-jq-libvirt-sops-ssh, build-v0-15-5, build-v0-15-5-jq-sops-ssh, build-v0-15-5-jq-libvirt-sops-ssh, build-v0-14-11, build-v0-14-11-jq-sops-ssh, build-v0-14-11-jq-libvirt-sops-ssh, build-v0-13-7, build-v0-13-7-jq-sops-ssh, build-v0-13-7-jq-libvirt-sops-ssh, build-v0-12-31, build-v0-12-31-jq-sops-ssh, build-v0-12-31-jq-libvirt-sops-ssh, build-v0-11-15, build-v0-11-15-jq-sops-ssh, build-v0-11-15-jq-libvirt-sops-ssh, build-v0-10-8, build-v0-10-8-jq-sops-ssh, build-v0-10-8-jq-libvirt-sops-ssh, build-v0-9-11, build-v0-9-11-jq-sops-ssh, build-v0-9-11-jq-libvirt-sops-ssh, build-v0-8-8, build-v0-8-8-jq-sops-ssh, build-v0-8-8-jq-libvirt-sops-ssh] + needs: [build-v1-5-7, build-v1-5-7-jq-sops-ssh, build-v1-5-7-jq-libvirt-sops-ssh, build-v1-4-6, build-v1-4-6-jq-sops-ssh, build-v1-4-6-jq-libvirt-sops-ssh, build-v1-3-9, build-v1-3-9-jq-sops-ssh, build-v1-3-9-jq-libvirt-sops-ssh, build-v1-2-9, build-v1-2-9-jq-sops-ssh, build-v1-2-9-jq-libvirt-sops-ssh, build-v1-1-9, build-v1-1-9-jq-sops-ssh, build-v1-1-9-jq-libvirt-sops-ssh, build-v1-0-11, build-v1-0-11-jq-sops-ssh, build-v1-0-11-jq-libvirt-sops-ssh, build-v0-15-5, build-v0-15-5-jq-sops-ssh, build-v0-15-5-jq-libvirt-sops-ssh, build-v0-14-11, build-v0-14-11-jq-sops-ssh, build-v0-14-11-jq-libvirt-sops-ssh, build-v0-13-7, build-v0-13-7-jq-sops-ssh, build-v0-13-7-jq-libvirt-sops-ssh, build-v0-12-31, build-v0-12-31-jq-sops-ssh, build-v0-12-31-jq-libvirt-sops-ssh, build-v0-11-15, build-v0-11-15-jq-sops-ssh, build-v0-11-15-jq-libvirt-sops-ssh, build-v0-10-8, build-v0-10-8-jq-sops-ssh, build-v0-10-8-jq-libvirt-sops-ssh, build-v0-9-11, build-v0-9-11-jq-sops-ssh, build-v0-9-11-jq-libvirt-sops-ssh, build-v0-8-8, build-v0-8-8-jq-sops-ssh, build-v0-8-8-jq-libvirt-sops-ssh] if: github.ref == 'refs/heads/master' runs-on: ubuntu-latest steps: diff --git a/README.md b/README.md index 151cbc4..c7eb214 100644 --- a/README.md +++ b/README.md @@ -12,9 +12,9 @@ The base image is `alpine`, and not the closed-source [`hashicorp/terraform` ima | Tag | Dockerfile Build Context | |:-------:|:---------:| -| `:v1.5.2`, `:latest` | [View](variants/v1.5.2) | -| `:v1.5.2-jq-sops-ssh` | [View](variants/v1.5.2-jq-sops-ssh) | -| `:v1.5.2-jq-libvirt-sops-ssh` | [View](variants/v1.5.2-jq-libvirt-sops-ssh) | +| `:v1.5.7`, `:latest` | [View](variants/v1.5.7) | +| `:v1.5.7-jq-sops-ssh` | [View](variants/v1.5.7-jq-sops-ssh) | +| `:v1.5.7-jq-libvirt-sops-ssh` | [View](variants/v1.5.7-jq-libvirt-sops-ssh) | | `:v1.4.6` | [View](variants/v1.4.6) | | `:v1.4.6-jq-sops-ssh` | [View](variants/v1.4.6-jq-sops-ssh) | | `:v1.4.6-jq-libvirt-sops-ssh` | [View](variants/v1.4.6-jq-libvirt-sops-ssh) | diff --git a/generate/definitions/versions.json b/generate/definitions/versions.json index b353418..ef7f178 100644 --- a/generate/definitions/versions.json +++ b/generate/definitions/versions.json @@ -1,5 +1,5 @@ [ - "1.5.2", + "1.5.7", "1.4.6", "1.3.9", "1.2.9", diff --git a/variants/v1.5.7-jq-libvirt-sops-ssh/Dockerfile b/variants/v1.5.7-jq-libvirt-sops-ssh/Dockerfile new file mode 100644 index 0000000..4c2dfb7 --- /dev/null +++ b/variants/v1.5.7-jq-libvirt-sops-ssh/Dockerfile @@ -0,0 +1,63 @@ +FROM alpine:3.17 +ARG TARGETPLATFORM +ARG BUILDPLATFORM +RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" +# Install terraform +RUN set -eux; \ + TERRAFORM_VERSION=1.5.7; \ + case "$( uname -m )" in \ + 'x86') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_386.zip; \ + SHA256=106e4a9a237aea70f9dd2d4f84f0bcf795aa05227bf4ba8790a623f1d7e94950; \ + ;; \ + 'x86_64') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_amd64.zip; \ + SHA256=c0ed7bc32ee52ae255af9982c8c88a7a4c610485cf1d55feeb037eab75fa082c; \ + ;; \ + 'armhf') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_arm.zip; \ + SHA256=fd77cd3ba76175ecf7554fdf5fb66548f5906cb4944bc7e180b4be0b2196f404; \ + ;; \ + 'armv7l') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_arm.zip; \ + SHA256=fd77cd3ba76175ecf7554fdf5fb66548f5906cb4944bc7e180b4be0b2196f404; \ + ;; \ + 'aarch64') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_arm64.zip; \ + SHA256=f4b4ad7c6b6088960a667e34495cae490fb072947a9ff266bf5929f5333565e4; \ + ;; \ + *) \ + echo "Architecture not supported"; \ + exit 1; \ + ;; \ + esac; \ + FILE=terraform.zip; \ + wget -q "$URL" -O "$FILE"; \ + echo "$SHA256 $FILE" | sha256sum -c -; \ + unzip "$FILE" terraform; \ + mkdir -pv /usr/local/bin; \ + mv -v terraform /usr/local/bin/terraform; \ + chmod +x /usr/local/bin/terraform; \ + CHECKPOINT_DISABLE=1 terraform version; \ + : + +RUN apk add --no-cache ca-certificates + +RUN apk add --no-cache jq + +RUN apk add --no-cache libvirt-client + +RUN set -eux; \ + wget -qO- https://github.com/mozilla/sops/releases/download/v3.7.1/sops-v3.7.1.linux > /usr/local/bin/sops; \ + chmod +x /usr/local/bin/sops; \ + sha256sum /usr/local/bin/sops | grep '^185348fd77fc160d5bdf3cd20ecbc796163504fd3df196d7cb29000773657b74 '; \ + sops --version + +RUN apk add --no-cache gnupg + +RUN apk add --no-cache openssh-client sshpass + +# Disable telemetry. See: https://developer.hashicorp.com/terraform/cli/commands#upgrade-and-security-bulletin-checks +ENV CHECKPOINT_DISABLE=1 + +CMD [ "terraform" ] diff --git a/variants/v1.5.7-jq-sops-ssh/Dockerfile b/variants/v1.5.7-jq-sops-ssh/Dockerfile new file mode 100644 index 0000000..1043f95 --- /dev/null +++ b/variants/v1.5.7-jq-sops-ssh/Dockerfile @@ -0,0 +1,61 @@ +FROM alpine:3.17 +ARG TARGETPLATFORM +ARG BUILDPLATFORM +RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" +# Install terraform +RUN set -eux; \ + TERRAFORM_VERSION=1.5.7; \ + case "$( uname -m )" in \ + 'x86') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_386.zip; \ + SHA256=106e4a9a237aea70f9dd2d4f84f0bcf795aa05227bf4ba8790a623f1d7e94950; \ + ;; \ + 'x86_64') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_amd64.zip; \ + SHA256=c0ed7bc32ee52ae255af9982c8c88a7a4c610485cf1d55feeb037eab75fa082c; \ + ;; \ + 'armhf') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_arm.zip; \ + SHA256=fd77cd3ba76175ecf7554fdf5fb66548f5906cb4944bc7e180b4be0b2196f404; \ + ;; \ + 'armv7l') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_arm.zip; \ + SHA256=fd77cd3ba76175ecf7554fdf5fb66548f5906cb4944bc7e180b4be0b2196f404; \ + ;; \ + 'aarch64') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_arm64.zip; \ + SHA256=f4b4ad7c6b6088960a667e34495cae490fb072947a9ff266bf5929f5333565e4; \ + ;; \ + *) \ + echo "Architecture not supported"; \ + exit 1; \ + ;; \ + esac; \ + FILE=terraform.zip; \ + wget -q "$URL" -O "$FILE"; \ + echo "$SHA256 $FILE" | sha256sum -c -; \ + unzip "$FILE" terraform; \ + mkdir -pv /usr/local/bin; \ + mv -v terraform /usr/local/bin/terraform; \ + chmod +x /usr/local/bin/terraform; \ + CHECKPOINT_DISABLE=1 terraform version; \ + : + +RUN apk add --no-cache ca-certificates + +RUN apk add --no-cache jq + +RUN set -eux; \ + wget -qO- https://github.com/mozilla/sops/releases/download/v3.7.1/sops-v3.7.1.linux > /usr/local/bin/sops; \ + chmod +x /usr/local/bin/sops; \ + sha256sum /usr/local/bin/sops | grep '^185348fd77fc160d5bdf3cd20ecbc796163504fd3df196d7cb29000773657b74 '; \ + sops --version + +RUN apk add --no-cache gnupg + +RUN apk add --no-cache openssh-client sshpass + +# Disable telemetry. See: https://developer.hashicorp.com/terraform/cli/commands#upgrade-and-security-bulletin-checks +ENV CHECKPOINT_DISABLE=1 + +CMD [ "terraform" ] diff --git a/variants/v1.5.7/Dockerfile b/variants/v1.5.7/Dockerfile new file mode 100644 index 0000000..e98252c --- /dev/null +++ b/variants/v1.5.7/Dockerfile @@ -0,0 +1,49 @@ +FROM alpine:3.17 +ARG TARGETPLATFORM +ARG BUILDPLATFORM +RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" +# Install terraform +RUN set -eux; \ + TERRAFORM_VERSION=1.5.7; \ + case "$( uname -m )" in \ + 'x86') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_386.zip; \ + SHA256=106e4a9a237aea70f9dd2d4f84f0bcf795aa05227bf4ba8790a623f1d7e94950; \ + ;; \ + 'x86_64') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_amd64.zip; \ + SHA256=c0ed7bc32ee52ae255af9982c8c88a7a4c610485cf1d55feeb037eab75fa082c; \ + ;; \ + 'armhf') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_arm.zip; \ + SHA256=fd77cd3ba76175ecf7554fdf5fb66548f5906cb4944bc7e180b4be0b2196f404; \ + ;; \ + 'armv7l') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_arm.zip; \ + SHA256=fd77cd3ba76175ecf7554fdf5fb66548f5906cb4944bc7e180b4be0b2196f404; \ + ;; \ + 'aarch64') \ + URL=https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_arm64.zip; \ + SHA256=f4b4ad7c6b6088960a667e34495cae490fb072947a9ff266bf5929f5333565e4; \ + ;; \ + *) \ + echo "Architecture not supported"; \ + exit 1; \ + ;; \ + esac; \ + FILE=terraform.zip; \ + wget -q "$URL" -O "$FILE"; \ + echo "$SHA256 $FILE" | sha256sum -c -; \ + unzip "$FILE" terraform; \ + mkdir -pv /usr/local/bin; \ + mv -v terraform /usr/local/bin/terraform; \ + chmod +x /usr/local/bin/terraform; \ + CHECKPOINT_DISABLE=1 terraform version; \ + : + +RUN apk add --no-cache ca-certificates + +# Disable telemetry. See: https://developer.hashicorp.com/terraform/cli/commands#upgrade-and-security-bulletin-checks +ENV CHECKPOINT_DISABLE=1 + +CMD [ "terraform" ]