From d49b05d3c71f5e00dcb9d921d3c2051c55f87692 Mon Sep 17 00:00:00 2001 From: The Oh Brothers Bot Date: Thu, 5 Dec 2024 00:57:43 +0000 Subject: [PATCH] Enhancement: Bump terraform 1.10 variants to 1.10.1 Signed-off-by: The Oh Brothers Bot --- .github/workflows/ci-master-pr.yml | 102 +++++++++--------- README.md | 6 +- generate/definitions/versions.json | 2 +- .../1.10.1-jq-libvirt-sops-ssh/Dockerfile | 63 +++++++++++ variants/1.10.1-jq-sops-ssh/Dockerfile | 61 +++++++++++ variants/1.10.1/Dockerfile | 49 +++++++++ 6 files changed, 228 insertions(+), 55 deletions(-) create mode 100644 variants/1.10.1-jq-libvirt-sops-ssh/Dockerfile create mode 100644 variants/1.10.1-jq-sops-ssh/Dockerfile create mode 100644 variants/1.10.1/Dockerfile diff --git a/.github/workflows/ci-master-pr.yml b/.github/workflows/ci-master-pr.yml index beb202e..a28e831 100644 --- a/.github/workflows/ci-master-pr.yml +++ b/.github/workflows/ci-master-pr.yml @@ -33,7 +33,7 @@ jobs: run: | git diff --exit-code - build-1-10-0: + build-1-10-1: runs-on: ubuntu-latest steps: - name: Checkout @@ -64,9 +64,9 @@ jobs: uses: actions/cache@v4 with: path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-1.10.0-${{ github.sha }} + key: ${{ runner.os }}-buildx-1.10.1-${{ github.sha }} restore-keys: | - ${{ runner.os }}-buildx-1.10.0- + ${{ runner.os }}-buildx-1.10.1- ${{ runner.os }}-buildx- - name: Login to Docker Hub registry @@ -79,7 +79,7 @@ jobs: # This step generates the docker tags - name: Prepare - id: prep-1-10-0 + id: prep-1-10-1 run: | set -e @@ -92,7 +92,7 @@ jobs: # Generate docker image tags # E.g. 'v0.0.0-' and 'v0.0.0-abc0123-' # E.g. 'master-' and 'master-abc0123-' - VARIANT="1.10.0" + VARIANT="1.10.1" REF_VARIANT="${REF}-${VARIANT}" REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}" @@ -102,52 +102,52 @@ jobs: echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_OUTPUT echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_OUTPUT - - name: 1.10.0 - Build (PRs) + - name: 1.10.1 - Build (PRs) # Run only on pull requests if: github.event_name == 'pull_request' uses: docker/build-push-action@v5 with: - context: variants/1.10.0 + context: variants/1.10.1 platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: false tags: | - ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - - name: 1.10.0 - Build and push (master) + - name: 1.10.1 - Build and push (master) # Run only on master if: github.ref == 'refs/heads/master' uses: docker/build-push-action@v5 with: - context: variants/1.10.0 + context: variants/1.10.1 platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | - ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - - name: 1.10.0 - Build and push (release) + - name: 1.10.1 - Build and push (release) if: startsWith(github.ref, 'refs/tags/') uses: docker/build-push-action@v5 with: - context: variants/1.10.0 + context: variants/1.10.1 platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | - ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-10-0.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1.outputs.VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1.outputs.REF_SHA_VARIANT }} ${{ github.repository }}:latest cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max # This step generates the docker tags - name: Prepare - id: prep-1-10-0-jq-sops-ssh + id: prep-1-10-1-jq-sops-ssh run: | set -e @@ -160,7 +160,7 @@ jobs: # Generate docker image tags # E.g. 'v0.0.0-' and 'v0.0.0-abc0123-' # E.g. 'master-' and 'master-abc0123-' - VARIANT="1.10.0-jq-sops-ssh" + VARIANT="1.10.1-jq-sops-ssh" REF_VARIANT="${REF}-${VARIANT}" REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}" @@ -170,51 +170,51 @@ jobs: echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_OUTPUT echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_OUTPUT - - name: 1.10.0-jq-sops-ssh - Build (PRs) + - name: 1.10.1-jq-sops-ssh - Build (PRs) # Run only on pull requests if: github.event_name == 'pull_request' uses: docker/build-push-action@v5 with: - context: variants/1.10.0-jq-sops-ssh + context: variants/1.10.1-jq-sops-ssh platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: false tags: | - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-sops-ssh.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-sops-ssh.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - - name: 1.10.0-jq-sops-ssh - Build and push (master) + - name: 1.10.1-jq-sops-ssh - Build and push (master) # Run only on master if: github.ref == 'refs/heads/master' uses: docker/build-push-action@v5 with: - context: variants/1.10.0-jq-sops-ssh + context: variants/1.10.1-jq-sops-ssh platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-sops-ssh.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-sops-ssh.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - - name: 1.10.0-jq-sops-ssh - Build and push (release) + - name: 1.10.1-jq-sops-ssh - Build and push (release) if: startsWith(github.ref, 'refs/tags/') uses: docker/build-push-action@v5 with: - context: variants/1.10.0-jq-sops-ssh + context: variants/1.10.1-jq-sops-ssh platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-sops-ssh.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-sops-ssh.outputs.VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-sops-ssh.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-sops-ssh.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max # This step generates the docker tags - name: Prepare - id: prep-1-10-0-jq-libvirt-sops-ssh + id: prep-1-10-1-jq-libvirt-sops-ssh run: | set -e @@ -227,7 +227,7 @@ jobs: # Generate docker image tags # E.g. 'v0.0.0-' and 'v0.0.0-abc0123-' # E.g. 'master-' and 'master-abc0123-' - VARIANT="1.10.0-jq-libvirt-sops-ssh" + VARIANT="1.10.1-jq-libvirt-sops-ssh" REF_VARIANT="${REF}-${VARIANT}" REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}" @@ -237,45 +237,45 @@ jobs: echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_OUTPUT echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_OUTPUT - - name: 1.10.0-jq-libvirt-sops-ssh - Build (PRs) + - name: 1.10.1-jq-libvirt-sops-ssh - Build (PRs) # Run only on pull requests if: github.event_name == 'pull_request' uses: docker/build-push-action@v5 with: - context: variants/1.10.0-jq-libvirt-sops-ssh + context: variants/1.10.1-jq-libvirt-sops-ssh platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: false tags: | - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-libvirt-sops-ssh.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-libvirt-sops-ssh.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - - name: 1.10.0-jq-libvirt-sops-ssh - Build and push (master) + - name: 1.10.1-jq-libvirt-sops-ssh - Build and push (master) # Run only on master if: github.ref == 'refs/heads/master' uses: docker/build-push-action@v5 with: - context: variants/1.10.0-jq-libvirt-sops-ssh + context: variants/1.10.1-jq-libvirt-sops-ssh platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-libvirt-sops-ssh.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-libvirt-sops-ssh.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - - name: 1.10.0-jq-libvirt-sops-ssh - Build and push (release) + - name: 1.10.1-jq-libvirt-sops-ssh - Build and push (release) if: startsWith(github.ref, 'refs/tags/') uses: docker/build-push-action@v5 with: - context: variants/1.10.0-jq-libvirt-sops-ssh + context: variants/1.10.1-jq-libvirt-sops-ssh platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-10-0-jq-libvirt-sops-ssh.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-libvirt-sops-ssh.outputs.VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-libvirt-sops-ssh.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-10-1-jq-libvirt-sops-ssh.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max @@ -4843,7 +4843,7 @@ jobs: update-draft-release: needs: - - build-1-10-0 + - build-1-10-1 - build-1-9-8 - build-1-8-5 - build-1-7-5 @@ -4875,7 +4875,7 @@ jobs: publish-draft-release: needs: - - build-1-10-0 + - build-1-10-1 - build-1-9-8 - build-1-8-5 - build-1-7-5 @@ -4909,7 +4909,7 @@ jobs: update-dockerhub-description: needs: - - build-1-10-0 + - build-1-10-1 - build-1-9-8 - build-1-8-5 - build-1-7-5 diff --git a/README.md b/README.md index 96ac288..a654187 100644 --- a/README.md +++ b/README.md @@ -12,9 +12,9 @@ The base image is `alpine`. The image is not the closed-source [`hashicorp/terra | Tag | Dockerfile Build Context | |:-------:|:---------:| -| `:1.10.0`, `:latest` | [View](variants/1.10.0) | -| `:1.10.0-jq-sops-ssh` | [View](variants/1.10.0-jq-sops-ssh) | -| `:1.10.0-jq-libvirt-sops-ssh` | [View](variants/1.10.0-jq-libvirt-sops-ssh) | +| `:1.10.1`, `:latest` | [View](variants/1.10.1) | +| `:1.10.1-jq-sops-ssh` | [View](variants/1.10.1-jq-sops-ssh) | +| `:1.10.1-jq-libvirt-sops-ssh` | [View](variants/1.10.1-jq-libvirt-sops-ssh) | | `:1.9.8` | [View](variants/1.9.8) | | `:1.9.8-jq-sops-ssh` | [View](variants/1.9.8-jq-sops-ssh) | | `:1.9.8-jq-libvirt-sops-ssh` | [View](variants/1.9.8-jq-libvirt-sops-ssh) | diff --git a/generate/definitions/versions.json b/generate/definitions/versions.json index 5ab2d29..7952909 100644 --- a/generate/definitions/versions.json +++ b/generate/definitions/versions.json @@ -1,7 +1,7 @@ { "terraform": { "versions": [ - "1.10.0", + "1.10.1", "1.9.8", "1.8.5", "1.7.5", diff --git a/variants/1.10.1-jq-libvirt-sops-ssh/Dockerfile b/variants/1.10.1-jq-libvirt-sops-ssh/Dockerfile new file mode 100644 index 0000000..730639c --- /dev/null +++ b/variants/1.10.1-jq-libvirt-sops-ssh/Dockerfile @@ -0,0 +1,63 @@ +FROM alpine:3.17 +ARG TARGETPLATFORM +ARG BUILDPLATFORM +RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" +# Install terraform +RUN set -eux; \ + TERRAFORM_VERSION=1.10.1; \ + case "$( uname -m )" in \ + 'x86') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_386.zip"; \ + SHA256=2ac3b1648d7bc5054c81d2db5cc6c0922cf4474113702a76bccb2dd172be243d; \ + ;; \ + 'x86_64') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_amd64.zip"; \ + SHA256=d49d4d08ed092a8dec335f1fe3e127d1a285f160557323dd5a84ddc0c8472e1a; \ + ;; \ + 'armhf') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_arm.zip"; \ + SHA256=be437778a3b9c59d5de1cbcc70873a40b07d5fc6ae52c09c9bc5adb93a9c1b84; \ + ;; \ + 'armv7l') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_arm.zip"; \ + SHA256=be437778a3b9c59d5de1cbcc70873a40b07d5fc6ae52c09c9bc5adb93a9c1b84; \ + ;; \ + 'aarch64') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_arm64.zip"; \ + SHA256=6375a763b7784e47b4314e939a8c15f357db718d932e82825d87392abb5d1e09; \ + ;; \ + *) \ + echo "Architecture not supported"; \ + exit 1; \ + ;; \ + esac; \ + FILE=terraform.zip; \ + wget -q "$URL" -O "$FILE"; \ + echo "$SHA256 $FILE" | sha256sum -c -; \ + unzip "$FILE" terraform; \ + mkdir -pv /usr/local/bin; \ + mv -v terraform /usr/local/bin/terraform; \ + chmod +x /usr/local/bin/terraform; \ + CHECKPOINT_DISABLE=1 terraform version; \ + : + +RUN apk add --no-cache ca-certificates + +RUN apk add --no-cache jq + +RUN apk add --no-cache libvirt-client + +RUN set -eux; \ + wget -qO- https://github.com/mozilla/sops/releases/download/v3.7.3/sops-v3.7.3.linux > /usr/local/bin/sops; \ + chmod +x /usr/local/bin/sops; \ + sha256sum /usr/local/bin/sops | grep '^53aec65e45f62a769ff24b7e5384f0c82d62668dd96ed56685f649da114b4dbb '; \ + sops --version + +RUN apk add --no-cache gnupg + +RUN apk add --no-cache openssh-client sshpass + +# Disable telemetry. See: https://developer.hashicorp.com/terraform/cli/commands#upgrade-and-security-bulletin-checks +ENV CHECKPOINT_DISABLE=1 + +CMD [ "terraform" ] diff --git a/variants/1.10.1-jq-sops-ssh/Dockerfile b/variants/1.10.1-jq-sops-ssh/Dockerfile new file mode 100644 index 0000000..1b2e53d --- /dev/null +++ b/variants/1.10.1-jq-sops-ssh/Dockerfile @@ -0,0 +1,61 @@ +FROM alpine:3.17 +ARG TARGETPLATFORM +ARG BUILDPLATFORM +RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" +# Install terraform +RUN set -eux; \ + TERRAFORM_VERSION=1.10.1; \ + case "$( uname -m )" in \ + 'x86') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_386.zip"; \ + SHA256=2ac3b1648d7bc5054c81d2db5cc6c0922cf4474113702a76bccb2dd172be243d; \ + ;; \ + 'x86_64') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_amd64.zip"; \ + SHA256=d49d4d08ed092a8dec335f1fe3e127d1a285f160557323dd5a84ddc0c8472e1a; \ + ;; \ + 'armhf') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_arm.zip"; \ + SHA256=be437778a3b9c59d5de1cbcc70873a40b07d5fc6ae52c09c9bc5adb93a9c1b84; \ + ;; \ + 'armv7l') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_arm.zip"; \ + SHA256=be437778a3b9c59d5de1cbcc70873a40b07d5fc6ae52c09c9bc5adb93a9c1b84; \ + ;; \ + 'aarch64') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_arm64.zip"; \ + SHA256=6375a763b7784e47b4314e939a8c15f357db718d932e82825d87392abb5d1e09; \ + ;; \ + *) \ + echo "Architecture not supported"; \ + exit 1; \ + ;; \ + esac; \ + FILE=terraform.zip; \ + wget -q "$URL" -O "$FILE"; \ + echo "$SHA256 $FILE" | sha256sum -c -; \ + unzip "$FILE" terraform; \ + mkdir -pv /usr/local/bin; \ + mv -v terraform /usr/local/bin/terraform; \ + chmod +x /usr/local/bin/terraform; \ + CHECKPOINT_DISABLE=1 terraform version; \ + : + +RUN apk add --no-cache ca-certificates + +RUN apk add --no-cache jq + +RUN set -eux; \ + wget -qO- https://github.com/mozilla/sops/releases/download/v3.7.3/sops-v3.7.3.linux > /usr/local/bin/sops; \ + chmod +x /usr/local/bin/sops; \ + sha256sum /usr/local/bin/sops | grep '^53aec65e45f62a769ff24b7e5384f0c82d62668dd96ed56685f649da114b4dbb '; \ + sops --version + +RUN apk add --no-cache gnupg + +RUN apk add --no-cache openssh-client sshpass + +# Disable telemetry. See: https://developer.hashicorp.com/terraform/cli/commands#upgrade-and-security-bulletin-checks +ENV CHECKPOINT_DISABLE=1 + +CMD [ "terraform" ] diff --git a/variants/1.10.1/Dockerfile b/variants/1.10.1/Dockerfile new file mode 100644 index 0000000..5ea437c --- /dev/null +++ b/variants/1.10.1/Dockerfile @@ -0,0 +1,49 @@ +FROM alpine:3.17 +ARG TARGETPLATFORM +ARG BUILDPLATFORM +RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" +# Install terraform +RUN set -eux; \ + TERRAFORM_VERSION=1.10.1; \ + case "$( uname -m )" in \ + 'x86') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_386.zip"; \ + SHA256=2ac3b1648d7bc5054c81d2db5cc6c0922cf4474113702a76bccb2dd172be243d; \ + ;; \ + 'x86_64') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_amd64.zip"; \ + SHA256=d49d4d08ed092a8dec335f1fe3e127d1a285f160557323dd5a84ddc0c8472e1a; \ + ;; \ + 'armhf') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_arm.zip"; \ + SHA256=be437778a3b9c59d5de1cbcc70873a40b07d5fc6ae52c09c9bc5adb93a9c1b84; \ + ;; \ + 'armv7l') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_arm.zip"; \ + SHA256=be437778a3b9c59d5de1cbcc70873a40b07d5fc6ae52c09c9bc5adb93a9c1b84; \ + ;; \ + 'aarch64') \ + URL="https://releases.hashicorp.com/terraform/1.10.1/terraform_1.10.1_linux_arm64.zip"; \ + SHA256=6375a763b7784e47b4314e939a8c15f357db718d932e82825d87392abb5d1e09; \ + ;; \ + *) \ + echo "Architecture not supported"; \ + exit 1; \ + ;; \ + esac; \ + FILE=terraform.zip; \ + wget -q "$URL" -O "$FILE"; \ + echo "$SHA256 $FILE" | sha256sum -c -; \ + unzip "$FILE" terraform; \ + mkdir -pv /usr/local/bin; \ + mv -v terraform /usr/local/bin/terraform; \ + chmod +x /usr/local/bin/terraform; \ + CHECKPOINT_DISABLE=1 terraform version; \ + : + +RUN apk add --no-cache ca-certificates + +# Disable telemetry. See: https://developer.hashicorp.com/terraform/cli/commands#upgrade-and-security-bulletin-checks +ENV CHECKPOINT_DISABLE=1 + +CMD [ "terraform" ]