-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfileNIX2
More file actions
21 lines (17 loc) · 829 Bytes
/
DockerfileNIX2
File metadata and controls
21 lines (17 loc) · 829 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# vim: set ft=dockerfile:
FROM nixos/nix:latest AS nix
FROM busybox:latest
RUN mkdir -p /etc/ssl/certs
COPY --from=nix /nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt
WORKDIR /app
RUN --mount=type=bind,source=context.tar,target=context.tar \
tar xf context.tar && \
mkdir -p /nix && mv nixstore /nix/store && \
mkdir -p /usr/local/bin && mv result/bin/* /usr/local/bin/ && rm -rf result && \
mv tf.zst /app/tf.zst
RUN adduser --disabled-password --home="/app" --uid 1717 nonroot
COPY --chown=nonroot ./terraform ./terraform
COPY --chown=nonroot ./infrastructure-templates ./infrastructure-templates
ENV TF_PLUGIN_CACHE_DIR="/app/.terraform.d/plugin-cache"
ENV DECOMPRESS_CMD="zstd --decompress tf.zst --stdout | tar xf -"
ENV TEMPLATES_DIR="/app/infrastructure-templates"