github.com/KevinKlinger/open_terraform@v0.11.12-beta1/scripts/docker-release/Dockerfile-release (about) 1 # This Dockerfile is not intended for general use, but is rather used to 2 # package up official Terraform releases (from releases.hashicorp.com) to 3 # release on Dockerhub as the "light" release images. 4 # 5 # The main Dockerfile in the root of the repository is more generally-useful, 6 # since it is able to build a docker image of the current state of the work 7 # tree, without any dependency on there being an existing release on 8 # releases.hashicorp.com. 9 10 FROM alpine:latest 11 MAINTAINER "HashiCorp Terraform Team <terraform@hashicorp.com>" 12 13 # This is intended to be run from the hooks/build script, which sets this 14 # appropriately based on git tags. 15 ARG TERRAFORM_VERSION=UNSPECIFIED 16 17 COPY releases_public_key . 18 19 # What's going on here? 20 # - Download the indicated release along with its checksums and signature for the checksums 21 # - Verify that the checksums file is signed by the Hashicorp releases key 22 # - Verify that the zip file matches the expected checksum 23 # - Extract the zip file so it can be run 24 25 RUN echo Building image for Terraform ${TERRAFORM_VERSION} && \ 26 apk add --update git curl openssh gnupg && \ 27 curl https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip > terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \ 28 curl https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_SHA256SUMS.sig > terraform_${TERRAFORM_VERSION}_SHA256SUMS.sig && \ 29 curl https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_SHA256SUMS > terraform_${TERRAFORM_VERSION}_SHA256SUMS && \ 30 gpg --import releases_public_key && \ 31 gpg --verify terraform_${TERRAFORM_VERSION}_SHA256SUMS.sig terraform_${TERRAFORM_VERSION}_SHA256SUMS && \ 32 grep linux_amd64 terraform_${TERRAFORM_VERSION}_SHA256SUMS >terraform_${TERRAFORM_VERSION}_SHA256SUMS_linux_amd64 && \ 33 sha256sum -cs terraform_${TERRAFORM_VERSION}_SHA256SUMS_linux_amd64 && \ 34 unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /bin && \ 35 rm -f terraform_${TERRAFORM_VERSION}_linux_amd64.zip terraform_${TERRAFORM_VERSION}_SHA256SUMS* 36 37 LABEL "com.hashicorp.terraform.version"="${TERRAFORM_VERSION}" 38 39 ENTRYPOINT ["/bin/terraform"]