github.com/KevinKlinger/open_terraform@v0.11.12-beta1/scripts/docker-release/Dockerfile-release (about)

     1  # This Dockerfile is not intended for general use, but is rather used to
     2  # package up official Terraform releases (from releases.hashicorp.com) to
     3  # release on Dockerhub as the "light" release images.
     4  #
     5  # The main Dockerfile in the root of the repository is more generally-useful,
     6  # since it is able to build a docker image of the current state of the work
     7  # tree, without any dependency on there being an existing release on
     8  # releases.hashicorp.com.
     9  
    10  FROM alpine:latest
    11  MAINTAINER "HashiCorp Terraform Team <terraform@hashicorp.com>"
    12  
    13  # This is intended to be run from the hooks/build script, which sets this
    14  # appropriately based on git tags.
    15  ARG TERRAFORM_VERSION=UNSPECIFIED
    16  
    17  COPY releases_public_key .
    18  
    19  # What's going on here?
    20  # - Download the indicated release along with its checksums and signature for the checksums
    21  # - Verify that the checksums file is signed by the Hashicorp releases key
    22  # - Verify that the zip file matches the expected checksum
    23  # - Extract the zip file so it can be run
    24  
    25  RUN echo Building image for Terraform ${TERRAFORM_VERSION} && \
    26      apk add --update git curl openssh gnupg && \
    27      curl https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip > terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
    28      curl https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_SHA256SUMS.sig > terraform_${TERRAFORM_VERSION}_SHA256SUMS.sig && \
    29      curl https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_SHA256SUMS > terraform_${TERRAFORM_VERSION}_SHA256SUMS && \
    30      gpg --import releases_public_key && \
    31      gpg --verify terraform_${TERRAFORM_VERSION}_SHA256SUMS.sig terraform_${TERRAFORM_VERSION}_SHA256SUMS && \
    32      grep linux_amd64 terraform_${TERRAFORM_VERSION}_SHA256SUMS >terraform_${TERRAFORM_VERSION}_SHA256SUMS_linux_amd64 && \
    33      sha256sum -cs terraform_${TERRAFORM_VERSION}_SHA256SUMS_linux_amd64 && \
    34      unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /bin && \
    35      rm -f terraform_${TERRAFORM_VERSION}_linux_amd64.zip terraform_${TERRAFORM_VERSION}_SHA256SUMS*
    36  
    37  LABEL "com.hashicorp.terraform.version"="${TERRAFORM_VERSION}"
    38  
    39  ENTRYPOINT ["/bin/terraform"]