IntenseWebs/opentofu
3
0
Fork 0
mirror of https://github.com/opentofu/opentofu.git synced 2025-02-25 18:45:20 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fixes #1931: Dockerfile update / base image deprecation (#1993)

Browse Source 
Signed-off-by: Janos <179820029+abstractionfactory@users.noreply.github.com>
This commit is contained in:
abstractionfactory 2024-09-17 16:07:07 +02:00 committed by GitHub
parent 854c49e04b
commit 892440def6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 93 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.goreleaser.yaml
View File

@ -159,6 +159,14 @@ docker_manifests:
- ghcr.io/opentofu/opentofu:{{ .Version }}-386 - ghcr.io/opentofu/opentofu:{{ .Version }}-386
skip_push: auto # Skips the push on pre-release versions, like 1.6.1-alpha1. See https://goreleaser.com/customization/docker_manifest/#customization skip_push: auto # Skips the push on pre-release versions, like 1.6.1-alpha1. See https://goreleaser.com/customization/docker_manifest/#customization
- name_template: ghcr.io/opentofu/opentofu:{{ .Major }}
image_templates:
- ghcr.io/opentofu/opentofu:{{ .Version }}-amd64
- ghcr.io/opentofu/opentofu:{{ .Version }}-arm64
- ghcr.io/opentofu/opentofu:{{ .Version }}-arm
- ghcr.io/opentofu/opentofu:{{ .Version }}-386
skip_push: auto # Skips the push on pre-release versions, like 1.6.1-alpha1. See https://goreleaser.com/customization/docker_manifest/#customization
- name_template: ghcr.io/opentofu/opentofu:latest - name_template: ghcr.io/opentofu/opentofu:latest
image_templates: image_templates:
- ghcr.io/opentofu/opentofu:{{ .Version }}-amd64 - ghcr.io/opentofu/opentofu:{{ .Version }}-amd64

2
CHANGELOG.md
View File

@ -2,6 +2,8 @@
UPGRADE NOTES: UPGRADE NOTES:
* Using the `ghcr.io/opentofu/opentofu` image as a base image for custom images is deprecated and this will be removed in OpenTofu 1.10. Please see https://opentofu.org/docs/intro/install/docker/ for instructions on building your own image.
NEW FEATURES: NEW FEATURES:
ENHANCEMENTS: ENHANCEMENTS:

32
Dockerfile
View File

@ -3,7 +3,7 @@
# Copyright (c) 2023 HashiCorp, Inc. # Copyright (c) 2023 HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0 # SPDX-License-Identifier: MPL-2.0
FROM alpine:3.18 FROM alpine:3.20
LABEL maintainer="OpenTofu Core Team <core@opentofu.org>" LABEL maintainer="OpenTofu Core Team <core@opentofu.org>"
@ -11,4 +11,34 @@ RUN apk add --no-cache git bash openssh
COPY tofu /usr/local/bin/tofu COPY tofu /usr/local/bin/tofu
ONBUILD RUN echo -e "\033[1;33mWARNING! PLEASE READ!\033[0m" >&2 \
&& echo -e "\033[1;33mPlease read carefully: you are using the OpenTofu image as a base image\033[0m" >&2 \
&& echo -e "\033[1;33mfor your own builds. This image is only intended as a command line tool\033[0m" >&2 \
&& echo -e "\033[1;33mand not as general-purpose base image. It is not safe to use to build\033[0m" >&2 \
&& echo -e "\033[1;33mservices on top of because we don't regularly ship updates to all\033[0m" >&2 \
&& echo -e "\033[1;33mpackages in this image, which would be required for a secure base\033[0m" >&2 \
&& echo -e "\033[1;33mimage.\033[0m" >&2 \
&& echo -e "\033[1;33m\033[0m" >&2 \
&& echo -e "\033[1;33mStarting with OpenTofu 1.10, this image will refuse to build if used\033[0m" >&2 \
&& echo -e "\033[1;33mas a base image. Please follow the instructions at\033[0m" >&2 \
&& echo -e "\033[1;33m https://opentofu.org/docs/intro/install/docker/ to build your own\033[0m" >&2 \
&& echo -e "\033[1;33mimage. See https://github.com/opentofu/opentofu/issues/1931 for details\033[0m" >&2 \
&& echo -e "\033[1;33mon this decision.\033[0m" >&2
ONBUILD RUN # WARNING! PLEASE READ!
ONBUILD RUN # Please read carefully: you are using the OpenTofu image as a base image
ONBUILD RUN # for your own builds. This image is only intended as a command line tool
ONBUILD RUN # and not as general-purpose base image. It is not safe to use to build
ONBUILD RUN # services on top of because we don't regularly ship updates to all
ONBUILD RUN # packages in this image, which would be required for a secure base
ONBUILD RUN # image.
ONBUILD RUN # Starting with OpenTofu 1.10, this image will refuse to build if used
ONBUILD RUN # as a base image. Please follow the instructions at
ONBUILD RUN # https://opentofu.org/docs/intro/install/docker/ to build your own
ONBUILD RUN # image. See https://github.com/opentofu/opentofu/issues/1931 for details
ONBUILD RUN # on this decision.
# This sleep is here to hopefully catch people's attention due to increased build times.
ONBUILD RUN sleep 120
ENTRYPOINT ["/usr/local/bin/tofu"] ENTRYPOINT ["/usr/local/bin/tofu"]

52
website/docs/intro/install/docker.mdx
View File

@ -14,6 +14,13 @@ import DockerRunScript from '!!raw-loader!./examples/docker-run.sh'
OpenTofu is available as [OCI container images](https://github.com/opentofu/opentofu/pkgs/container/opentofu), OpenTofu is available as [OCI container images](https://github.com/opentofu/opentofu/pkgs/container/opentofu),
and distributed via public GitHub Packages registry. and distributed via public GitHub Packages registry.
:::warning Warning!
Do not use the OCI container image as a base image. This is not supported and will stop working with OpenTofu 1.10.
Instead, follow the [instructions below to build your own OpenTofu image](#building-your-own-image).
:::
## Versions ## Versions
Images are hosted as packages in the OpenTofu GitHub organization. See the list Images are hosted as packages in the OpenTofu GitHub organization. See the list
@ -50,3 +57,48 @@ To pull the image from GitHub Packages registry:
To run OpenTofu as a Docker container: To run OpenTofu as a Docker container:
<CodeBlock language="bash">{DockerRunScript}</CodeBlock> <CodeBlock language="bash">{DockerRunScript}</CodeBlock>
## Building your own image
The OCI image published by OpenTofu is intended as a basic command line tool. If you need additional tools in the image
or want to build services on top of OpenTofu, you will need to build your own image. This section outlines how to
accomplish that.
### Step 1: Obtaining the installation script
OpenTofu publishes POSIX/Powershell installation scripts. You can use these scripts to safely install OpenTofu in your
container image. Please follow the [standalone installation instructions](standalone.mdx) to obtain the installation
script and place it next to your `Dockerfile`/`Containerfile`.
### Step 2: Creating a stage for installation
Next, you can start creating a download stage in your `Dockerfile`/`Containerfile`. For details on multi-stage builds
please read the [Docker documentation](https://docs.docker.com/build/building/multi-stage/).
```Dockerfile
FROM alpine:3.20 AS tofu
ADD install-opentofu.sh /install-opentofu.sh
RUN chmod +x /install-opentofu.sh
RUN apk add gpg
RUN ./install-opentofu.sh --install-method standalone --install-path / --symlink-path -
```
## Step 3: Creating your own image
Now you can add your image below the installation stage and copy the `tofu` binary into it:
```Dockerfile
FROM alpine:3.20 AS tofu
ADD install-opentofu.sh /install-opentofu.sh
RUN chmod +x /install-opentofu.sh
RUN apk add gpg
RUN ./install-opentofu.sh --install-method standalone --install-path / --symlink-path -
## This is your stage:
FROM ubuntu
COPY --from=tofu /tofu /usr/local/bin/tofu
# Add your commands here
```