jprdonnelly/opentf
1
0
Fork 0
mirror of https://github.com/opentffoundation/opentf.git synced 2026-01-08 05:00:13 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
0f9af4dfa91bc30a6ce23dacff1cc9b8a69f6bd2
opentf/scripts/docker-release/Dockerfile-release
Martin Atkins 0f9af4dfa9 build: configuration for building "release" docker images 
These are different than our "full" images because they include a binary
already released to releases.hashicorp.com, whereas the root Dockerfile
directly builds from the current work tree.

This particular Dockerfile is not intended to be run manually, but rather
exists only to drive the dockerhub automated build.
2017-07-19 12:59:13 -07:00

38 lines
2.1 KiB
Plaintext
Raw Blame History

# This Dockerfile is not intended for general use, but is rather used to
# package up official Terraform releases (from releases.hashicorp.com) to
# release on Dockerhub as the "light" release images.
#
# The main Dockerfile in the root of the repository is more generally-useful,
# since it is able to build a docker image of the current state of the work
# tree, without any dependency on there being an existing release on
# releases.hashicorp.com.
FROM alpine:latest
MAINTAINER "HashiCorp Terraform Team <terraform@hashicorp.com>"
# This is intended to be run from the hooks/build script, which sets this
# appropriately based on git tags.
ARG TERRAFORM_VERSION=UNSPECIFIED
COPY releases_public_key .
# What's going on here?
# - Download the indicated release along with its checksums and signature for the checksums
# - Verify that the checksums file is signed by the Hashicorp releases key
# - Verify that the zip file matches the expected checksum
# - Extract the zip file so it can be run
RUN echo Building image for Terraform ${TERRAFORM_VERSION} && \
apk add --update git curl openssh gnupg && \
curl https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip > terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
curl https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_SHA256SUMS.sig > terraform_${TERRAFORM_VERSION}_SHA256SUMS.sig && \
curl https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_SHA256SUMS > terraform_${TERRAFORM_VERSION}_SHA256SUMS && \
gpg --import releases_public_key && \
gpg --verify terraform_${TERRAFORM_VERSION}_SHA256SUMS.sig terraform_${TERRAFORM_VERSION}_SHA256SUMS && \
grep linux_amd64 terraform_${TERRAFORM_VERSION}_SHA256SUMS >terraform_${TERRAFORM_VERSION}_SHA256SUMS_linux_amd64 && \
sha256sum -cs terraform_${TERRAFORM_VERSION}_SHA256SUMS_linux_amd64 && \
unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /bin && \
rm -f terraform_${TERRAFORM_VERSION}_linux_amd64.zip terraform_${TERRAFORM_VERSION}_SHA256SUMS*
ENTRYPOINT ["/bin/terraform"]
Reference in New Issue View Git Blame Copy Permalink