From f1878e8e68b618fb9713e8bfb11d16ec7b112316 Mon Sep 17 00:00:00 2001
From: "alexander.miehe" <alexander.miehe@flaconi.de>
Date: Mon, 8 Jan 2024 15:51:51 +0100
Subject: [PATCH] PLT-0 - Add one password cli

* add one password cli to allow usage of 1password terraform provider with service account token
---
 Dockerfile | 23 +++++++++++++++++++++++
 Makefile   |  3 +++
 README.md  |  2 ++
 3 files changed, 28 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 2c3b72b..a0478af 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,6 +12,7 @@ RUN apk add \
 ARG TERRAGRUNT
 ARG TERRAFORM
 ARG TERRAGRUNT_ATLANTIS_CONFIG
+ARG ONE_PASSWORD_CLI
 
 ###
 ### Ensure Terraform version is present, linked and validated
@@ -66,4 +67,26 @@ RUN set -eux \
 	&& chmod +x terragrunt-atlantis-config \
 	&& rm -rf terragrunt-atlantis-config_${TERRAGRUNT_ATLANTIS_CONFIG}_linux_amd64*
 
+
+###
+### Ensure 1Password CLI version is present, linked and validated
+###
+RUN set -eux \
+	&& if [ "${ONE_PASSWORD_CLI}" = "latest" ]; then \
+		ONE_PASSWORD_CLI="$( \
+			curl -sS  https://app-updates.agilebits.com/product_history/CLI2 \
+			| grep -Eo '"/dist/1P/op2/pkg/v?[0-9]+\.[0-9]+\.[0-9]+/op_linux_amd64"' \
+			| grep -Eo '[0-9]+\.[0-9]+\.[0-9]+' \
+			| sort -V \
+			| tail -1 \
+		)"; \
+	fi \
+	&& cd "/tmp" \
+    && curl -sS "https://cache.agilebits.com/dist/1P/op2/pkg/v${ONE_PASSWORD_CLI}/op_linux_amd64_v${ONE_PASSWORD_CLI}.zip" -o op.zip \
+    && unzip op.zip \
+    && rm op.zip \
+    && chmod +x op \
+    && mv op /usr/local/bin/op \
+    && op --version | grep "${ONE_PASSWORD_CLI}"
+
 USER atlantis
diff --git a/Makefile b/Makefile
index 9bbb869..252775b 100644
--- a/Makefile
+++ b/Makefile
@@ -14,6 +14,7 @@ ATLANTIS = '0.27.0'
 TERRAFORM = '1.6.6'
 TERRAGRUNT = '0.54.4'
 TERRAGRUNT_ATLANTIS_CONFIG = '1.16.0'
+ONE_PASSWORD_CLI = '2.24.0'
 
 pull:
 	docker pull $(shell grep FROM Dockerfile | sed 's/^FROM//g' | sed "s/\$${ATLANTIS}/$(ATLANTIS)/g";)
@@ -25,6 +26,7 @@ build:
 		--build-arg TERRAFORM=$(TERRAFORM) \
 		--build-arg TERRAGRUNT=$(TERRAGRUNT) \
 		--build-arg TERRAGRUNT_ATLANTIS_CONFIG=$(TERRAGRUNT_ATLANTIS_CONFIG) \
+		--build-arg ONE_PASSWORD_CLI=$(ONE_PASSWORD_CLI) \
 		-t $(IMAGE) -f $(DIR)/$(FILE) $(DIR)
 
 test:
@@ -32,6 +34,7 @@ test:
 	docker run --rm --entrypoint terraform ${IMAGE} --version | grep -E 'v$(TERRAFORM)$$'
 	docker run --rm --entrypoint terragrunt ${IMAGE} --version | grep -E 'v$(TERRAGRUNT)$$'
 	docker run --rm --entrypoint terragrunt-atlantis-config ${IMAGE} version | grep -E "$(TERRAGRUNT_ATLANTIS_CONFIG)$$"
+	docker run --rm --entrypoint op ${IMAGE} --version | grep -E '$(ONE_PASSWORD_CLI)$$'
 
 tag:
 	docker tag $(IMAGE) $(IMAGE):$(TAG)
diff --git a/README.md b/README.md
index 7f43a7e..407f7d2 100644
--- a/README.md
+++ b/README.md
@@ -17,6 +17,7 @@ For building you can overwrite your desired versions with the following three Ma
 * `TERRAFORM`
 * `TERRAGRUNT`
 * `TERRAGRUNT_ATLANTIS_CONFIG`
+* `ONE_PASSWORD_CLI`
 
 ```
 make build
@@ -24,6 +25,7 @@ make build TERRAFORM=1.6.6
 make build TERRAFORM=1.6.6 TERRAGRUNT=0.54.4
 make build TERRAFORM=1.6.6 TERRAGRUNT=0.54.4 ATLANTIS=0.27.0
 make build TERRAFORM=1.6.6 TERRAGRUNT=0.54.4 ATLANTIS=0.27.0 TERRAGRUNT_ATLANTIS_CONFIG=1.16.0
+make build TERRAFORM=1.6.6 TERRAGRUNT=0.54.4 ATLANTIS=0.27.0 TERRAGRUNT_ATLANTIS_CONFIG=1.16.0 ONE_PASSWORD_CLI=2.24.0
 ```
 
 ## Available images