From a91e241218b9301e4d7c881b93ea1a96e80b393c Mon Sep 17 00:00:00 2001
From: "alexander.miehe" <alexander.miehe@flaconi.de>
Date: Mon, 8 Jan 2024 15:51:51 +0100
Subject: [PATCH] PLT-0 - Add one password cli

* add one password cli to allow usage of 1password terraform provider with service account token
---
 .github/workflows/docker_build.yml |  2 +-
 Dockerfile                         | 24 ++++++++++++++++++++++++
 Makefile                           |  3 +++
 3 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml
index b25cc08..7f1b265 100644
--- a/.github/workflows/docker_build.yml
+++ b/.github/workflows/docker_build.yml
@@ -91,7 +91,7 @@ jobs:
           }
           retry make build ATLANTIS=${ATLANTIS} TERRAFORM=${TERRAFORM} TERRAGRUNT=${TERRAGRUNT}
         env:
-          RETRIES: 20
+          RETRIES: 1
 
       - name: Test
         run: |
diff --git a/Dockerfile b/Dockerfile
index 2c3b72b..7bb898c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,6 +12,7 @@ RUN apk add \
 ARG TERRAGRUNT
 ARG TERRAFORM
 ARG TERRAGRUNT_ATLANTIS_CONFIG
+ARG ONE_PASSWORD_CLI
 
 ###
 ### Ensure Terraform version is present, linked and validated
@@ -66,4 +67,27 @@ RUN set -eux \
 	&& chmod +x terragrunt-atlantis-config \
 	&& rm -rf terragrunt-atlantis-config_${TERRAGRUNT_ATLANTIS_CONFIG}_linux_amd64*
 
+
+###
+### Ensure 1Password CLI version is present, linked and validated
+###
+RUN set -eux \
+#	&& if [ "${ONE_PASSWORD_CLI}" = "latest" ]; then \
+#		ONE_PASSWORD_CLI="$( \
+#			curl -sS  https://app-updates.agilebits.com/product_history/CLI2 \
+#			| grep -Eo '"/dist/1P/op2/pkg/v?[0-9]+\.[0-9]+\.[0-9]+/op_linux_amd64"' \
+#			| grep -Eo '[0-9]+\.[0-9]+\.[0-9]+' \
+#			| sort -V \
+#			| tail -1 \
+#		)"; \
+#	fi \
+	&& cd "/tmp" \
+    && curl "https://cache.agilebits.com/dist/1P/op2/pkg/v${ONE_PASSWORD_CLI}/op_linux_amd64_v${ONE_PASSWORD_CLI}.zip" -o op.zip
+    #&& unzip op.zip \
+    #&& rm op.zip \
+    #&& cd "op" \
+    #&& chmod +x op \
+    #&& mv op /usr/local/bin/op; \
+    #&& op --version | grep "v${ONE_PASSWORD_CLI}"
+
 USER atlantis
diff --git a/Makefile b/Makefile
index 9bbb869..17bfaaa 100644
--- a/Makefile
+++ b/Makefile
@@ -14,6 +14,7 @@ ATLANTIS = '0.27.0'
 TERRAFORM = '1.6.6'
 TERRAGRUNT = '0.54.4'
 TERRAGRUNT_ATLANTIS_CONFIG = '1.16.0'
+ONE_PASSWORD_CLI = '2.24.0'
 
 pull:
 	docker pull $(shell grep FROM Dockerfile | sed 's/^FROM//g' | sed "s/\$${ATLANTIS}/$(ATLANTIS)/g";)
@@ -25,6 +26,7 @@ build:
 		--build-arg TERRAFORM=$(TERRAFORM) \
 		--build-arg TERRAGRUNT=$(TERRAGRUNT) \
 		--build-arg TERRAGRUNT_ATLANTIS_CONFIG=$(TERRAGRUNT_ATLANTIS_CONFIG) \
+		--build-arg ONE_PASSWORD_CLI=$(ONE_PASSWORD_CLI) \
 		-t $(IMAGE) -f $(DIR)/$(FILE) $(DIR)
 
 test:
@@ -32,6 +34,7 @@ test:
 	docker run --rm --entrypoint terraform ${IMAGE} --version | grep -E 'v$(TERRAFORM)$$'
 	docker run --rm --entrypoint terragrunt ${IMAGE} --version | grep -E 'v$(TERRAGRUNT)$$'
 	docker run --rm --entrypoint terragrunt-atlantis-config ${IMAGE} version | grep -E "$(TERRAGRUNT_ATLANTIS_CONFIG)$$"
+	docker run --rm --entrypoint op ${IMAGE} --version | grep -E "$(ONE_PASSWORD_CLI)$$"
 
 tag:
 	docker tag $(IMAGE) $(IMAGE):$(TAG)