A terraform-operator image that includes some providers so external internet access is not required at runtime.
terraform-operator requires a runtime image where terraform commands are run.
By default this includes terraform init which will try to fetch the providers from the public registry.
This image configures Terraform to use a pre-built cache containing aws and kubernetes providers.
| # https://github.com/GalleyBytes/terraform-operator-tasks/ | |
| # TODO: Rebuild image from source and upgrade Terraform | |
| FROM ghcr.io/galleybytes/terraform-operator-tftaskv1.1.1:1.4.6 | |
| # https://blog.nashtechglobal.com/using-terraform-without-internet/ | |
| # Cache directory needs to be writeable by the user | |
| COPY --chown=2000:0 providers.tf terraform.rc /terraform/ | |
| RUN cd /terraform && \ | |
| terraform init && \ | |
| mv .terraform/* . && \ | |
| rmdir .terraform | |
| ENV TF_CLI_CONFIG_FILE=/terraform/terraform.rc |
| # provider "kubernetes" {} | |
| # provider "aws" {} | |
| terraform { | |
| required_providers { | |
| aws = { | |
| source = "hashicorp/aws" | |
| version = "~> 6.28.0" | |
| } | |
| kubernetes = { | |
| source = "hashicorp/kubernetes" | |
| version = "~> 3.0.1" | |
| } | |
| } | |
| } |
| # https://developer.hashicorp.com/terraform/cli/config/config-file#provider-installation | |
| provider_installation { | |
| filesystem_mirror { | |
| path = "/terraform/providers" | |
| include = ["registry.terraform.io/*/*"] | |
| } | |
| direct { | |
| exclude = ["registry.terraform.io/*/*"] | |
| } | |
| } | |
| plugin_cache_dir = "/terraform/cache" | |
| disable_checkpoint=true |