Skip to content

Trixie #422

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
dflook wants to merge 19 commits into
base: main
Choose a base branch
from
Open

Trixie #422

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
8cc07c0
Build a trixie base image
dflook Feb 28, 2026
0a47be5
Test trixie
dflook Feb 28, 2026
561c9e9
Build a trixie base image
dflook Feb 28, 2026
e00d3d5
Build a trixie base image
dflook Feb 28, 2026
fc0b875
Build a trixie base image
dflook Feb 28, 2026
b4d8542
Build a trixie base image
dflook Feb 28, 2026
c46c2c6
Build a trixie base image
dflook Feb 28, 2026
aaa6c5a
Add underscored output variants
dflook Mar 2, 2026
9d4c05e
Add underscored output variants
dflook Mar 2, 2026
9ea2e78
Install python package in venv
dflook Mar 28, 2026
818f0fc
Explicitly gpg verify the expected signed
dflook Mar 28, 2026
09b1bef
Update actions versions
dflook Mar 28, 2026
040fce1
Add python requirements.txt
dflook Mar 28, 2026
85827a9
Remove broken symlink, and better handle broken symlinks
dflook Mar 28, 2026
131dfa1
Disable dumb rule
dflook Mar 30, 2026
5e925f6
Escape quotes or backslashes in cloud tokens when writing
dflook Apr 7, 2026
05961a3
Use secrets module rather than random for random strings
dflook Apr 7, 2026
68fa5af
Use correct mode
dflook Apr 7, 2026
c7399a4
Use variables in graphql query
dflook Apr 7, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions .github/workflows/base-image.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: Update base image
on:
push:
branches:
- main
- trixie
paths:
- image/Dockerfile-base
- .github/workflows/base-image.yaml
Expand Down Expand Up @@ -41,13 +41,13 @@ jobs:
- name: Base image
id: build-and-push
run: |
BASE_DIGEST=$(docker buildx imagetools inspect "debian:bookworm-slim" --format '{{json .}}' | jq -r '.manifest.digest')
BASE_DIGEST=$(docker buildx imagetools inspect "debian:trixie-slim" --format '{{json .}}' | jq -r '.manifest.digest')

sed -i "s|FROM debian:bookworm-slim|FROM debian:bookworm-slim@$BASE_DIGEST|" "image/Dockerfile-base"
sed -i "s|FROM debian:trixie-slim|FROM debian:trixie-slim@$BASE_DIGEST|" "image/Dockerfile-base"

docker buildx build \
--tag "danielflook/terraform-github-actions-base:$GITHUB_RUN_ID" \
--tag danielflook/terraform-github-actions-base:latest \
--tag danielflook/terraform-github-actions-base:trixie \
--platform linux/amd64,linux/arm64 \
--attest "type=provenance,mode=max,builder-id=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \
--annotation "index,manifest:org.opencontainers.image.created=$(date '+%Y-%m-%dT%H:%M:%S%z')" \
Expand All @@ -58,7 +58,7 @@ jobs:
--annotation "index:org.opencontainers.image.ref.name=docker.io/danielflook/terraform-github-actions-base:$GITHUB_RUN_ID" \
--annotation "index,manifest:builder-id=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \
--annotation "index,manifest:ref.tag=$GITHUB_RUN_ID" \
--annotation "index,manifest:org.opencontainers.image.base.name=docker.io/debian:bookworm-slim" \
--annotation "index,manifest:org.opencontainers.image.base.name=docker.io/debian:trixie-slim" \
--annotation "index,manifest:base.manifest.digest=$BASE_DIGEST" \
--file image/Dockerfile-base \
--push \
Expand Down
9 changes: 8 additions & 1 deletion image/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,18 @@
# hadolint ignore=DL3007
FROM danielflook/terraform-github-actions-base:latest
FROM danielflook/terraform-github-actions-base:trixie

ARG TARGETARCH

ARG FETCH_CHECKSUMS
ARG VERSION=99.0.0

RUN <<EOF

Check failure on line 9 in image/Dockerfile

View workflow job for this annotation

GitHub Actions / Linting 

DL3008 warning: Pin versions in apt get install. Instead of `apt-get install <package>` use `apt-get install <package>=<version>`
apt-get update
apt-get install --no-install-recommends -y \
python3-setuptools
rm -rf /var/lib/apt/lists/*
EOF

COPY src/ /tmp/src/
COPY setup.py /tmp
RUN sed -i "s|version='.*'|version=\'${VERSION}\'|" /tmp/setup.py \
Expand Down
2 changes: 1 addition & 1 deletion image/Dockerfile-base
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ RUN git clone https://github.com/cloudposse/tfmask.git \
&& make \
&& make go/build

FROM debian:bookworm-slim AS terraform-github-actions-base
FROM debian:trixie-slim AS terraform-github-actions-base

# Terraform environment variables
ENV CHECKPOINT_DISABLE=true
Expand Down
Loading