forked from infracost/infracost
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.wolfi
57 lines (48 loc) · 2.26 KB
/
Dockerfile.wolfi
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
FROM cgr.dev/chainguard/go:latest-dev as builder
ARG ARCH=linux
ARG DEFAULT_TERRAFORM_VERSION=0.15.5
ARG TERRAGRUNT_VERSION=0.31.8
# Set Environment Variables
SHELL ["/bin/bash", "-c"]
ENV HOME /app
ENV CGO_ENABLED 0
RUN apk add bash wget
# Install latest of each Terraform version after 0.12 as we don't support versions before that
RUN AVAILABLE_TERRAFORM_VERSIONS="0.12.31 0.13.7 0.14.11 ${DEFAULT_TERRAFORM_VERSION} 1.0.2 1.0.10" && \
for VERSION in ${AVAILABLE_TERRAFORM_VERSIONS}; do \
wget -q https://releases.hashicorp.com/terraform/${VERSION}/terraform_${VERSION}_linux_amd64.zip && \
wget -q https://releases.hashicorp.com/terraform/${VERSION}/terraform_${VERSION}_SHA256SUMS && \
sed -n "/terraform_${VERSION}_linux_amd64.zip/p" terraform_${VERSION}_SHA256SUMS | sha256sum -c && \
unzip terraform_${VERSION}_linux_amd64.zip -d /tmp && \
mv /tmp/terraform /usr/bin/terraform_${VERSION} && \
chmod +x /usr/bin/terraform_${VERSION} && \
rm terraform_${VERSION}_linux_amd64.zip && \
rm terraform_${VERSION}_SHA256SUMS; \
done && \
ln -s /usr/bin/terraform_0.12.31 /usr/bin/terraform_0.12 && \
ln -s /usr/bin/terraform_0.13.7 /usr/bin/terraform_0.13 && \
ln -s /usr/bin/terraform_0.14.11 /usr/bin/terraform_0.14 && \
ln -s /usr/bin/terraform_1.0.10 /usr/bin/terraform_1.0 && \
ln -s /usr/bin/terraform_${DEFAULT_TERRAFORM_VERSION} /usr/bin/terraform_0.15 && \
ln -s /usr/bin/terraform_${DEFAULT_TERRAFORM_VERSION} /usr/bin/terraform
# Install Terragrunt
RUN wget -q https://github.com/gruntwork-io/terragrunt/releases/download/v$TERRAGRUNT_VERSION/terragrunt_linux_amd64
RUN mv terragrunt_linux_amd64 /usr/bin/terragrunt && \
chmod +x /usr/bin/terragrunt
WORKDIR /app
# Build Application
COPY . .
RUN make deps
RUN NO_DIRTY=true make build
RUN chmod +x /app/build/infracost
# Application
FROM cgr.dev/chainguard/wolfi-base as app
# Tools needed for running diffs in CI integrations
RUN apk --no-cache add ca-certificates openssl openssh-client curl git bash jq
WORKDIR /root/
# Scripts are used by CI integrations and other use-cases
COPY scripts /scripts
COPY --from=builder /usr/bin/terraform* /usr/bin/
COPY --from=builder /usr/bin/terragrunt /usr/bin/
COPY --from=builder /app/build/infracost /usr/bin/
ENTRYPOINT [ "infracost" ]