From 176c130548ab42bac096f3263f8e8f67da45d662 Mon Sep 17 00:00:00 2001 From: Nic Cheneweth Date: Sun, 12 Jun 2022 14:49:12 -0500 Subject: [PATCH] [ncheneweth] update opw installation method Signed-off-by: Nic Cheneweth --- Dockerfile.alpine.unpinned | 12 ++++++++++-- Dockerfile.slim | 6 +++--- Dockerfile.slim.unpinned | 15 ++++++++++++++- 3 files changed, 27 insertions(+), 6 deletions(-) diff --git a/Dockerfile.alpine.unpinned b/Dockerfile.alpine.unpinned index 7f97eb5..3f28335 100644 --- a/Dockerfile.alpine.unpinned +++ b/Dockerfile.alpine.unpinned @@ -12,9 +12,11 @@ ENV PATH=/home/circleci/bin:/home/circleci/.local/bin:$PATH \ ENV USER=circleci SHELL ["/bin/ash", "-o", "pipefail", "-c"] -# hadolint ignore=DL3003,DL3004,DL3018 +# hadolint ignore=DL3003,DL3004,DL4001 RUN apk add --no-cache \ sudo \ + wget \ + curl \ libintl \ bash && \ apk --no-cache add --virtual build-dependencies \ @@ -31,7 +33,13 @@ RUN apk add --no-cache \ make && make install && \ cd .. && rm -r musl-locales-master && \ apk add --no-cache --repository https://alpine.secrethub.io/alpine/edge/main --allow-untrusted \ - secrethub-cli && \ + secrethub-cli==0.44.0-r0 && \ + sudo bash -c "echo https://downloads.1password.com/linux/alpinelinux/stable/ >> /etc/apk/repositories" && \ + sudo bash -c "wget https://downloads.1password.com/linux/keys/alpinelinux/support@1password.com-61ddfc31.rsa.pub -P /etc/apk/keys" && \ + sudo apk update && sudo apk add --no-cache 1password-cli && \ + curl -SLO https://github.com/ThoughtWorks-DPS/opw/releases/latest/download/opw_Linux_x86_64.tar.gz && \ + tar -xzf opw_Linux_x86_64.tar.gz && \ + sudo mv opw /usr/local/bin/opw && \ addgroup --gid 3434 -S $USER && \ adduser --uid 3434 --ingroup $USER --disabled-password $USER && \ echo "$USER ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/$USER && \ diff --git a/Dockerfile.slim b/Dockerfile.slim index a5d8fee..d8cdd63 100644 --- a/Dockerfile.slim +++ b/Dockerfile.slim @@ -22,9 +22,9 @@ RUN echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/90circleci && \ curl -sS https://downloads.1password.com/linux/debian/debsig/1password.pol | sudo tee /etc/debsig/policies/AC2D62742012EA22/1password.pol && \ sudo mkdir -p /usr/share/debsig/keyrings/AC2D62742012EA22 && \ curl -sS https://downloads.1password.com/linux/keys/1password.asc | sudo gpg --dearmor --output /usr/share/debsig/keyrings/AC2D62742012EA22/debsig.gpg && \ - sudo apt update && sudo apt install 1password-cli=2.4.0 && \ - curl -SLO https://github.com/ThoughtWorks-DPS/opw/releases/download/0.0.7/opw_0.0.7_Linux_x86_64.tar.gz && \ - tar -xf opw_0.0.7_Linux_x86_64.tar.gz && \ + sudo apt update && sudo apt install 1password-cli=2.4.1 && \ + curl -SLO https://github.com/ThoughtWorks-DPS/opw/releases/latest/download/opw_Linux_x86_64.tar.gz && \ + tar -xzf opw_Linux_x86_64.tar.gz && \ sudo mv opw /usr/local/bin/opw && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* && \ diff --git a/Dockerfile.slim.unpinned b/Dockerfile.slim.unpinned index eb99956..72eafad 100644 --- a/Dockerfile.slim.unpinned +++ b/Dockerfile.slim.unpinned @@ -5,14 +5,27 @@ LABEL maintainer= ENV DEBIAN_FRONTEND=noninteractive SHELL ["/bin/bash", "-exo", "pipefail", "-c"] -# hadolint ignore=DL4001,DL3004,DL3047, DL3008 +# hadolint ignore=DL4001,DL3004,DL3047 RUN echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/90circleci && \ echo 'DPkg::Options "--force-confnew";' >> /etc/apt/apt.conf.d/90circleci && \ echo "deb [trusted=yes] https://apt.secrethub.io stable main" > /etc/apt/sources.list.d/secrethub.sources.list && apt-get update && \ apt-get install --no-install-recommends -y \ sudo \ locales \ + curl \ + wget \ + gnupg \ secrethub-cli && \ + curl -sS https://downloads.1password.com/linux/keys/1password.asc | sudo gpg --dearmor --output /usr/share/keyrings/1password-archive-keyring.gpg && \ + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/$(dpkg --print-architecture) stable main" | sudo tee /etc/apt/sources.list.d/1password.list && \ + sudo mkdir -p /etc/debsig/policies/AC2D62742012EA22/ && \ + curl -sS https://downloads.1password.com/linux/debian/debsig/1password.pol | sudo tee /etc/debsig/policies/AC2D62742012EA22/1password.pol && \ + sudo mkdir -p /usr/share/debsig/keyrings/AC2D62742012EA22 && \ + curl -sS https://downloads.1password.com/linux/keys/1password.asc | sudo gpg --dearmor --output /usr/share/debsig/keyrings/AC2D62742012EA22/debsig.gpg && \ + sudo apt update && sudo apt install 1password-cli && \ + curl -SLO https://github.com/ThoughtWorks-DPS/opw/releases/latest/download/opw_Linux_x86_64.tar.gz && \ + tar -xzf opw_Linux_x86_64.tar.gz && \ + sudo mv opw /usr/local/bin/opw && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* && \ sed -i 's/^# *\(en_US.UTF-8\)/\1/' /etc/locale.gen && locale-gen && \