IntenseWebs/opentofu
3
0
Fork 0
mirror of https://github.com/opentofu/opentofu.git synced 2025-02-25 18:45:20 -06:00
Code Issues Packages Projects Releases Wiki Activity

Updating install instructions to include the installer script (#1070)

Browse Source 
Signed-off-by: Janos Bonic <86970079+janosdebugs@users.noreply.github.com>
This commit is contained in:
Janos 2024-01-10 15:27:09 +01:00 committed by GitHub
parent 764244cb91
commit 0d915ead58
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
29 changed files with 1490 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
website/docs/intro/install/alpine-convenience.sh Normal file
View File

@ -0,0 +1,14 @@
# Download the installer script:
curl --proto '=https' --tlsv1.2 -fsSL https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
# Alternatively: wget --secure-protocol=TLSv1_2 --https-only https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
# Give it execution permissions:
chmod +x install-opentofu.sh
# Please inspect the downloaded script
# Run the installer:
./install-opentofu.sh --install-method apk
# Remove the installer:
rm install-opentofu.sh

2
website/docs/intro/install/alpine-manual.sh Normal file
View File

@ -0,0 +1,2 @@
echo '@testing https://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/repositories
apk add opentofu@testing

20
website/docs/intro/install/alpine.mdx
View File

@ -5,17 +5,21 @@ description: |-
Install OpenTofu on Alpine Linux.
---
import CodeBlock from '@theme/CodeBlock';
import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';
import ApkConvenienceScript from '!!raw-loader!./alpine-convenience.sh'
import ApkManualScript from '!!raw-loader!./alpine-manual.sh'
# Installing OpenTofu on Alpine Linux
OpenTofu is available in the [Alpine Linux testing repository](https://pkgs.alpinelinux.org/packages?name=opentofu) or as an `.apk` package from the [GitHub releases page](https://github.com/opentofu/opentofu/releases/latest/).
## Installing from the testing repository
## Installing using the installer
OpenTofu is available in the Alpine Testing repository and can be installed from there:
You can use the OpenTofu installer script to run the installation.
```bash
apk add opentofu --repository=https://dl-cdn.alpinelinux.org/alpine/edge/testing/
```
<CodeBlock language="bash">{ApkConvenienceScript}</CodeBlock>
## Installing the .apk
@ -24,3 +28,9 @@ You can also [download the .apk](https://github.com/opentofu/opentofu/releases/l
```bash
apk add --allow-untrusted tofu_*.apk
```
## Installing from the testing repository
OpenTofu is currently available in the Alpine Testing repository and coming to Alpine stable. You can use the following commands to test Alpine installation.
<CodeBlock language="bash">{ApkManualScript}</CodeBlock>

13
website/docs/intro/install/alpine.sh Executable file
View File

@ -0,0 +1,13 @@
#!/bin/sh
set -e
apk add curl
if [ "$1" = "--convenience" ]; then
sh -x alpine-convenience.sh
else
sh -x alpine-manual.sh
fi
tofu --version

1
website/docs/intro/install/brew-install.sh
View File

@ -1 +1,2 @@
brew update
brew install opentofu

18
website/docs/intro/install/deb-convenience.sh
View File

@ -1,6 +1,14 @@
curl --proto '=https' --tlsv1.2 -fsSL 'https://packages.opentofu.org/install/repositories/opentofu/tofu/script.deb.sh?any=true' -o /tmp/tofu-repository-setup.sh
# Inspect the downloaded script at /tmp/tofu-repository-setup.sh before running
sudo bash /tmp/tofu-repository-setup.sh
rm /tmp/tofu-repository-setup.sh
# Download the installer script:
curl --proto '=https' --tlsv1.2 -fsSL https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
# Alternatively: wget --secure-protocol=TLSv1_2 --https-only https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
sudo apt-get install tofu
# Give it execution permissions:
chmod +x install-opentofu.sh
# Please inspect the downloaded script
# Run the installer:
./install-opentofu.sh --install-method deb
# Remove the installer:
rm install-opentofu.sh

6
website/docs/intro/install/deb.mdx
View File

@ -19,6 +19,12 @@ import Buildkite from './buildkite'
You can install OpenTofu from our Debian repository by following the step-by-step instructions below.
## Installing using the installer
You can use the OpenTofu installer script to run the installation.
<CodeBlock language="bash">{DebConvenienceScript}</CodeBlock>
## Step-by-step instructions
The following steps explain how to set up the OpenTofu Debian repositories. These instructions should work on most Debian-based Linux systems.

16
website/docs/intro/install/docker-compose.yaml
View File

@ -2,6 +2,22 @@
# test-install-instructions.sh for details.
version: '3.2'
services:
alpine-convenience:
image: alpine
volumes:
- source: ./
target: /data
type: bind
command: /data/alpine.sh --convenience
working_dir: /data
alpine-manual:
image: alpine
volumes:
- source: ./
target: /data
type: bind
command: /data/alpine.sh
working_dir: /data
debian-convenience:
image: debian:buster
volumes:

2
website/docs/intro/install/homebrew.mdx
View File

@ -10,6 +10,6 @@ import BrewScript from '!!raw-loader!./brew-install.sh'
# Installing OpenTofu via Homebrew
You can use OpenTofu as a [portable binary](portable.mdx) or you can install it using [Homebrew](https://formulae.brew.sh/formula/opentofu). OpenTofu is available in the Homebrew Core repository, so you can install it by running:
You can use OpenTofu as a [standalone binary](standalone.mdx) or you can install it using [Homebrew](https://formulae.brew.sh/formula/opentofu). OpenTofu is available in the Homebrew Core repository, so you can install it by running:
<CodeBlock language={"bash"}>{BrewScript}</CodeBlock>

4
website/docs/intro/install/index.mdx
View File

@ -49,8 +49,8 @@ You can install OpenTofu via a wide range of methods. Please select your operati
},
{
type: "link",
href: "/docs/intro/install/portable",
label: "Portable (Linux/MacOS/Windows)",
href: "/docs/intro/install/standalone",
label: "Standalone (Linux/MacOS/Windows)",
description:
"Use OpenTofu without installation on Linux, MacOS, or Windows.",
},

1244
website/docs/intro/install/install-opentofu.sh Executable file
View File

File diff suppressed because it is too large Load Diff

10
website/docs/intro/install/portable-install.ps1
View File

@ -1,10 +0,0 @@
$TOFU_VERSION="1.6.0-alpha2"
$TARGET=Join-Path $env:LOCALAPPDATA OpenTofu
New-Item -ItemType Directory -Path $TARGET
Push-Location $TARGET
Invoke-WebRequest -Uri "https://github.com/opentofu/opentofu/releases/download/v${TOFU_VERSION}/tofu_${TOFU_VERSION}_windows_amd64.zip" -OutFile "tofu_${TOFU_VERSION}_windows_amd64.zip"
Expand-Archive "tofu_${TOFU_VERSION}_windows_amd64.zip" -DestinationPath $TARGET
Remove-Item "tofu_${TOFU_VERSION}_windows_amd64.zip"
$TOFU_PATH=Join-Path $TARGET tofu.exe
Pop-Location
echo "OpenTofu is now available at ${TOFU_PATH}. Please add it to your path for easier access."

13
website/docs/intro/install/portable-install.sh
View File

@ -1,13 +0,0 @@
#!/bin/sh
set -e
TOFU_VERSION="1.6.0-alpha2"
OS="$(uname | tr '[:upper:]' '[:lower:]')"
ARCH="$(uname -m | sed -e 's/aarch64/arm64/' -e 's/x86_64/amd64/')"
TEMPDIR="$(mktemp -d)"
pushd "${TEMPDIR}" >/dev/null
wget "https://github.com/opentofu/opentofu/releases/download/v${TOFU_VERSION}/tofu_${TOFU_VERSION}_${OS}_${ARCH}.zip"
unzip "tofu_${TOFU_VERSION}_${OS}_${ARCH}.zip"
sudo mv tofu /usr/local/bin/tofu
popd >/dev/null
rm -rf "${TEMPDIR}"
echo "OpenTofu is now available at /usr/local/bin/tofu."

31
website/docs/intro/install/portable.mdx
View File

@ -1,31 +0,0 @@
---
sidebar_position: 99
sidebar_label: Portable (Linux/MacOS/Windows)
description: |-
Use OpenTofu as a portable binary without installation.
---
import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';
import CodeBlock from '@theme/CodeBlock';
import LinuxScript from '!!raw-loader!./portable-install.sh'
import WindowsScript from '!!raw-loader!./portable-install.ps1'
# Using OpenTofu as a portable binary
You can run OpenTofu without installation as a portable binary. You can [download the latest release](https://github.com/opentofu/opentofu/releases/latest/) for your operating system from the [GitHub releases page](https://github.com/opentofu/opentofu/releases/latest/), unpack the zip and start using it. For easier updates, we recommend using the **non-portable packaged versions for your operating system**.
:::tip Scripting downloads
If you want to automate the updates of the portable binaries yourself you can do so by adapting the following scripts to your needs:
<Tabs>
<TabItem value="linux-macos" label="Linux/MacOS" default>
<CodeBlock language="bash">{LinuxScript}</CodeBlock>
</TabItem>
<TabItem value="windows" label="Windows (PowerShell)">
<CodeBlock language="powershell">{WindowsScript}</CodeBlock>
</TabItem>
</Tabs>
:::

2
website/docs/intro/install/repo-yum.sh
View File

@ -6,6 +6,7 @@ repo_gpgcheck=0
gpgcheck=1
enabled=1
gpgkey=https://get.opentofu.org/opentofu.gpg
https://packages.opentofu.org/opentofu/tofu/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
@ -17,6 +18,7 @@ repo_gpgcheck=0
gpgcheck=1
enabled=1
gpgkey=https://get.opentofu.org/opentofu.gpg
https://packages.opentofu.org/opentofu/tofu/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

6
website/docs/intro/install/repo-zypper.sh
View File

@ -2,10 +2,11 @@ cat >/etc/zypp/repos.d/opentofu.repo <<EOF
[opentofu]
name=opentofu
baseurl=https://packages.opentofu.org/opentofu/tofu/rpm_any/rpm_any/\$basearch
repo_gpgcheck=0
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://get.opentofu.org/opentofu.gpg
https://packages.opentofu.org/opentofu/tofu/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
@ -13,10 +14,11 @@ metadata_expire=300
[opentofu-source]
name=opentofu-source
baseurl=https://packages.opentofu.org/opentofu/tofu/rpm_any/rpm_any/SRPMS
repo_gpgcheck=0
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://get.opentofu.org/opentofu.gpg
https://packages.opentofu.org/opentofu/tofu/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

6
website/docs/intro/install/rpm-convenience-yum.sh
View File

@ -1,6 +0,0 @@
curl --proto '=https' --tlsv1.2 -fsSL 'https://packages.opentofu.org/install/repositories/opentofu/tofu/script.rpm.sh?any=true' -o /tmp/tofu-repository-setup.sh
# Inspect the downloaded script at /tmp/tofu-repository-setup.sh before running
sudo bash /tmp/tofu-repository-setup.sh
rm /tmp/tofu-repository-setup.sh
sudo yum install -y tofu

6
website/docs/intro/install/rpm-convenience-zypper.sh
View File

@ -1,6 +0,0 @@
curl --proto '=https' --tlsv1.2 -fsSL 'https://packages.opentofu.org/install/repositories/opentofu/tofu/script.rpm.sh?any=true' -o /tmp/tofu-repository-setup.sh
# Inspect the downloaded script at /tmp/tofu-repository-setup.sh before running
sudo bash /tmp/tofu-repository-setup.sh
rm /tmp/tofu-repository-setup.sh
sudo zypper install -y tofu

14
website/docs/intro/install/rpm-convenience.sh Normal file
View File

@ -0,0 +1,14 @@
# Download the installer script:
curl --proto '=https' --tlsv1.2 -fsSL https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
# Alternatively: wget --secure-protocol=TLSv1_2 --https-only https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
# Give it execution permissions:
chmod +x install-opentofu.sh
# Please inspect the downloaded script
# Run the installer:
./install-opentofu.sh --install-method rpm
# Remove the installer:
rm install-opentofu.sh

9
website/docs/intro/install/rpm.mdx
View File

@ -8,8 +8,7 @@ description: |-
import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';
import CodeBlock from '@theme/CodeBlock';
import YumConvenienceScript from '!!raw-loader!./rpm-convenience-yum.sh'
import ZypperConvenienceScript from '!!raw-loader!./rpm-convenience-zypper.sh'
import RpmConvenienceScript from '!!raw-loader!./rpm-convenience.sh'
import YumRepoScript from '!!raw-loader!./repo-yum.sh'
import ZypperRepoScript from '!!raw-loader!./repo-zypper.sh'
import YumInstallScript from '!!raw-loader!./install-yum.sh'
@ -22,6 +21,12 @@ import Buildkite from "./buildkite";
You can install OpenTofu from our RPM repository by following the step-by-step instructions below.
## Installing using the installer
You can use the OpenTofu installer script to run the installation.
<CodeBlock language="bash">{RpmConvenienceScript}</CodeBlock>
## Step-by-step instructions
The following steps explain how to set up the OpenTofu RPM repositories. These instructions should work on most RPM-based Linux systems.

4
website/docs/intro/install/rpm.sh
View File

@ -5,7 +5,7 @@ set -e
if [ -f /usr/bin/zypper ]; then
zypper install -y sudo
if [ "$1" = "--convenience" ]; then
bash -ex rpm-convenience-zypper.sh
bash -ex rpm-convenience.sh
else
bash -ex repo-zypper.sh
bash -ex install-zypper.sh
@ -13,7 +13,7 @@ if [ -f /usr/bin/zypper ]; then
else
yum install -y sudo
if [ "$1" = "--convenience" ]; then
bash -ex rpm-convenience-yum.sh
bash -ex rpm-convenience.sh
else
bash -ex repo-yum.sh
bash -ex install-yum.sh

10
website/docs/intro/install/standalone-install.ps1 Normal file
View File

@ -0,0 +1,10 @@
# Download the installer script:
Invoke-WebRequest -outfile "install-opentofu.ps1" -uri "https://get.opentofu.org/install-opentofu.ps1"
# Please inspect the downloaded script at this point.
# Run the installer:
& .\install-opentofu.ps1 -installMethod standalone
# Remove the installer:
Remove-Item install-opentofu.ps1

14
website/docs/intro/install/standalone-install.sh Normal file
View File

@ -0,0 +1,14 @@
# Download the installer script:
curl --proto '=https' --tlsv1.2 -fsSL https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
# Alternatively: wget --secure-protocol=TLSv1_2 --https-only https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
# Grand execution permissions:
chmod +x install-opentofu.sh
# Please inspect the downloaded script at this point.
# Run the installer:
./install-opentofu.sh --install-method standalone
# Remove the installer:
rm install-opentofu.sh

68
website/docs/intro/install/standalone.mdx Normal file
View File

@ -0,0 +1,68 @@
---
sidebar_position: 99
sidebar_label: Standalone (Linux/MacOS/Windows)
description: |-
Use OpenTofu as a standalone binary without installation.
---
import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';
import CodeBlock from '@theme/CodeBlock';
import LinuxScript from '!!raw-loader!./standalone-install.sh'
import WindowsScript from '!!raw-loader!./standalone-install.ps1'
import VerifyChecksumPS1 from '!!raw-loader!./verify-checksum.ps1'
import VerifyChecksumLinux from '!!raw-loader!./verify-checksum-linux.sh'
import VerifyChecksumMacOS from '!!raw-loader!./verify-checksum-macos.sh'
import VerifyCosignLinux from '!!raw-loader!./verify-cosign.sh'
import VerifyCosignWindows from '!!raw-loader!./verify-cosign.ps1'
import Admonition from '@theme/Admonition';
# Installing OpenTofu from GitHub Releases
## Using the installer script
<Tabs>
<TabItem value="posix" label="Linux/MacOS/Unix (POSIX)">
<CodeBlock language="bash">{LinuxScript}</CodeBlock>
<Admonition type="info">The standalone installer verifies the integrity of the downloaded files. You need to install <a href="https://docs.sigstore.dev/system_config/installation/">cosign</a>, <a href="https://gnupg.org/">GnuPG</a>, or disable the integrity verification by using the <code>--skip-verify</code> option.</Admonition>
</TabItem>
<TabItem value="powershell" label="Windows (PowerShell)">
<CodeBlock language="powershell">{WindowsScript}</CodeBlock>
<Admonition type="info">If you run into script execution policy issues when running this script, please run <code>Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope Process</code> before running the installer.</Admonition>
<Admonition type="info">The standalone installer verifies the integrity of the downloaded files. You need to install <a href="https://docs.sigstore.dev/system_config/installation/">cosign</a>, <a href="https://gnupg.org/">GnuPG</a>, or disable the integrity verification by using the <code>-skipVerify</code> option.</Admonition>
</TabItem>
</Tabs>
## Using OpenTofu as a standalone binary
You can run OpenTofu without installation as a standalone binary. You can [download the latest release](https://github.com/opentofu/opentofu/releases/latest/) for your operating system from the [GitHub releases page](https://github.com/opentofu/opentofu/releases/latest/), unpack the zip and start using it. For easier updates, we recommend using the **non-portable packaged versions for your operating system**.
## Verify the file integrity
Please download the `tofu_YOURVERSION_SHA256SUMS` file from the release. This file contains the SHA256 checksums for all files. You can verify the integrity of your file by running:
<Tabs>
<TabItem value="linux" label="Linux (sha256sum)">
<CodeBlock language="bash">{VerifyChecksumLinux}</CodeBlock>
</TabItem>
<TabItem value="macos" label="MacOS (shasum)">
<CodeBlock language="bash">{VerifyChecksumMacOS}</CodeBlock>
</TabItem>
<TabItem value="windows" label="Windows (PowerShell)">
<CodeBlock language="powershell">{VerifyChecksumPS1}</CodeBlock>
</TabItem>
</Tabs>
# Verifying the binaries with Cosign
After you have verified the checksums, you can verify the integrity of the checksum file itself with [Cosign](https://docs.sigstore.dev/system_config/installation/). Please make sure you have installed Cosign and download the `tofu_YOURVERSION_SHA256SUMS.pem` and `tofu_YOURVERSION_SHA256SUMS.sig` files for your release. You can then run the integrity verification:
<Tabs>
<TabItem value="posix" label="Linux/MacOS/UNIX (POSIX)">
<CodeBlock language="bash">{VerifyCosignLinux}</CodeBlock>
</TabItem>
<TabItem value="powershell" label="Windows (PowerShell)">
<CodeBlock language="powershell">{VerifyCosignWindows}</CodeBlock>
</TabItem>
</Tabs>

8
website/docs/intro/install/verify-checksum-linux.sh Normal file
View File

@ -0,0 +1,8 @@
ZIPFILE=tofu_*.zip
CHECKSUM=$(sha256sum "${ZIPFILE}" | cut -f 1 -d ' ')
EXPECTED_CHECKSUM=$(grep "${ZIPFILE}" tofu_*_SHA256SUMS | cut -f 1 -d ' ')
if [ "${CHECKSUM}" = "${EXPECTED_CHECKSUM}" ]; then
echo "OK"
else
echo "MISMATCH"
fi

8
website/docs/intro/install/verify-checksum-macos.sh Normal file
View File

@ -0,0 +1,8 @@
ZIPFILE=tofu_*.zip
CHECKSUM=$(shasum -a 256 "tofu_*.zip" | cut -f 1 -d ' ')
EXPECTED_CHECKSUM=$(grep "${ZIPFILE}" tofu_*_SHA256SUMS | cut -f 1 -d ' ')
if [ "${CHECKSUM}" = "${EXPECTED_CHECKSUM}" ]; then
echo "OK"
else
echo "MISMATCH"
fi

6
website/docs/intro/install/verify-checksum.ps1 Normal file
View File

@ -0,0 +1,6 @@
$zipFile="tofu_YOURVERSION_REPLACEME.zip"
$checksum = $(Get-FileHash -Algorithm SHA256 $zipFile).Hash
$expectedChecksum = $((Get-Content "tofu_YOURVERSION_REPLACEME_SHA256SUMS" | Select-String -Pattern $zipFile) -split '\s+')[0]
if ($realHash -ne $expectedHash) {
Write-Error "Checksum mismatch"
}

10
website/docs/intro/install/verify-cosign.ps1 Normal file
View File

@ -0,0 +1,10 @@
$version = [version]"YOUR_OPENTOFU_VERSION"
$identity = "https://github.com/opentofu/opentofu/.github/workflows/release.yml@refs/heads/v${version.Major}.${version.Minor}"
# For alpha and beta builds use /main
cosign.exe `
verify-blob `
--certificate-identity $identity `
--signature "tofu_YOURVERSION_REPLACEME.sig" `
--certificate "tofu_YOURVERSION_REPLACEME.pem" `
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" `
"tofu_YOURVERSION_REPLACEME_SHA256SUMS"

10
website/docs/intro/install/verify-cosign.sh Normal file
View File

@ -0,0 +1,10 @@
OPENTOFU_VERSION_MAJORMINOR="Add your OpenTofu major and minor version here"
IDENTITY="https://github.com/opentofu/opentofu/.github/workflows/release.yml@refs/heads/v${OPENTOFU_VERSION_MAJORMINOR}"
# For alpha and beta builds use /main
cosign \
verify-blob \
--certificate-identity "${IDENTITY}" \
--signature "tofu_*.sig" \
--certificate "tofu_*.pem" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
"tofu_*_SHA256SUMS"