|
| 1 | +# https://github.com/cloudposse/geodesic/ |
| 2 | +ARG GEODESIC_VERSION=2.5.0 |
| 3 | +ARG GEODESIC_OS=debian |
| 4 | +# https://github.com/cloudposse/atmos |
| 5 | +ARG ATMOS_VERSION=1.63.0 |
| 6 | +# This should match the version set in stacks/catalog/spacelift.yaml |
| 7 | +# This should match the version set in .github/workflows/auto-format.yaml |
| 8 | +ARG TF_1_VERSION=1.4.5 |
| 9 | + |
| 10 | +FROM public.ecr.aws/cloudposse/geodesic:${GEODESIC_VERSION}-${GEODESIC_OS} |
| 11 | + |
| 12 | +# Geodesic message of the Day |
| 13 | +ENV MOTD_URL="https://geodesic.sh/motd" |
| 14 | + |
| 15 | +# Some configuration options for Geodesic |
| 16 | +ENV AWS_SAML2AWS_ENABLED=false |
| 17 | +ENV AWS_VAULT_ENABLED=false |
| 18 | +ENV AWS_VAULT_SERVER_ENABLED=false |
| 19 | +ENV CHAMBER_KMS_KEY_ALIAS=aws/ssm |
| 20 | +ENV GEODESIC_TF_PROMPT_ACTIVE=false |
| 21 | +ENV DIRENV_ENABLED=false |
| 22 | + |
| 23 | +# Enable advanced AWS assume role chaining for tools using AWS SDK |
| 24 | +# https://docs.aws.amazon.com/sdk-for-go/api/aws/session/ |
| 25 | +ENV AWS_SDK_LOAD_CONFIG=1 |
| 26 | +ENV AWS_DEFAULT_REGION=us-east-1 |
| 27 | +ENV AWS_DEFAULT_SHORT_REGION=use1 |
| 28 | +ENV AWS_REGION_ABBREVIATION_TYPE=short |
| 29 | +# Install specific versions of Terraform. Must match versions in Spacelift terraform_version_map |
| 30 | +# in components/terraform/spacelift/default.auto.tfvars |
| 31 | +ARG TF_1_VERSION |
| 32 | +RUN apt-get update && apt-get install -y -u --allow-downgrades \ |
| 33 | + terraform-1="${TF_1_VERSION}-*" && \ |
| 34 | + update-alternatives --set terraform /usr/share/terraform/1/bin/terraform |
| 35 | + |
| 36 | +ARG ATMOS_VERSION |
| 37 | +RUN apt-get update && apt-get install -y --allow-downgrades \ |
| 38 | + atmos="${ATMOS_VERSION}-*" \ |
| 39 | + spacectl |
| 40 | + |
| 41 | +# Install pluto - a CLI tool to help discover deprecated and removed apiVersions in Kubernetes |
| 42 | +# https://pluto.docs.fairwinds.com/ |
| 43 | +# https://github.com/FairwindsOps/pluto |
| 44 | +RUN apt-get update && apt-get install -y --allow-downgrades \ |
| 45 | + pluto |
| 46 | + |
| 47 | +COPY rootfs/ / |
| 48 | + |
| 49 | + |
| 50 | +ARG DOCKER_REPO |
| 51 | +ARG TENANT="core" |
| 52 | +ENV NAMESPACE=acme |
| 53 | +# Format of Geodesic banner prompt |
| 54 | +ENV BANNER=${NAMESPACE} |
| 55 | +ENV DOCKER_IMAGE="${NAMESPACE}/infra" |
| 56 | +ENV DOCKER_TAG="latest" |
| 57 | + |
| 58 | +# Default AWS_PROFILE |
| 59 | +ENV AWS_PROFILE=${NAMESPACE}-identity |
| 60 | +# This sets the default AWS_CONFIG to be used after signing in with Leapp. |
| 61 | +# Once logged in, this config file gives you access to all the other teams |
| 62 | +# and roles (if you are authorized for access). |
| 63 | +ENV AWS_CONFIG_FILE=/etc/aws-config/aws-config-teams |
| 64 | +ENV ASSUME_ROLE_INTERACTIVE_QUERY=${NAMESPACE}${TENANT:+-$TENANT}-gbl- |
| 65 | + |
| 66 | +WORKDIR / |
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments