From 0951208ae23f9f9be44de019f1c27268d2d1e5de Mon Sep 17 00:00:00 2001
From: nitrocode <7775707+nitrocode@users.noreply.github.com>
Date: Tue, 12 Mar 2024 06:43:43 +0530
Subject: [PATCH] feat: add opentofu binary to container

Signed-off-by: nitrocode <7775707+nitrocode@users.noreply.github.com>
---
 .dockerignore               |  1 +
 Dockerfile                  | 44 ++++++++++++++++++-------------------
 scripts/download-release.sh | 33 ++++++++++++++++++++++++++++
 3 files changed, 55 insertions(+), 23 deletions(-)
 create mode 100755 scripts/download-release.sh

diff --git a/.dockerignore b/.dockerignore
index d9647e1977..523596ac26 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,5 +1,6 @@
 *
 !cmd/
+!scripts/download-release.sh
 !server/
 !testdrive/
 !main.go
diff --git a/Dockerfile b/Dockerfile
index 49341b8bc5..9de2cb3c2e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,15 +2,18 @@
 # what distro is the image being built for
 ARG ALPINE_TAG=3.19.1
 ARG DEBIAN_TAG=12.5-slim
+ARG GOLANG_VERSION=1.22.1
 
 # renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp
 ARG DEFAULT_TERRAFORM_VERSION=1.7.2
+# renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp
+ARG DEFAULT_OPENTOFU_VERSION=1.6.2
 # renovate: datasource=github-releases depName=open-policy-agent/conftest
 ARG DEFAULT_CONFTEST_VERSION=0.49.1
 
 # Stage 1: build artifact and download deps
 
-FROM golang:1.22.1-alpine AS builder
+FROM golang:${GOLANG_VERSION}-alpine AS builder
 
 ARG ATLANTIS_VERSION=dev
 ENV ATLANTIS_VERSION=${ATLANTIS_VERSION}
@@ -68,7 +71,6 @@ ARG TARGETPLATFORM
 WORKDIR /tmp/build
 
 # install conftest
-# renovate: datasource=github-releases depName=open-policy-agent/conftest
 ARG DEFAULT_CONFTEST_VERSION
 ENV DEFAULT_CONFTEST_VERSION=${DEFAULT_CONFTEST_VERSION}
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
@@ -106,31 +108,26 @@ RUN case ${TARGETPLATFORM} in \
     git-lfs --version
 
 # install terraform binaries
-# renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp
 ARG DEFAULT_TERRAFORM_VERSION
 ENV DEFAULT_TERRAFORM_VERSION=${DEFAULT_TERRAFORM_VERSION}
+ARG DEFAULT_OPENTOFU_VERSION
+ENV DEFAULT_OPENTOFU_VERSION=${DEFAULT_OPENTOFU_VERSION}
+
+# COPY scripts/download-release.sh .
+COPY --from=builder /app/scripts/download-release.sh download-release.sh
 
 # In the official Atlantis image, we only have the latest of each Terraform version.
 # Each binary is about 80 MB so we limit it to the 4 latest minor releases or fewer
-RUN AVAILABLE_TERRAFORM_VERSIONS="1.4.7 1.5.7 1.6.6 ${DEFAULT_TERRAFORM_VERSION}" && \
-    case "${TARGETPLATFORM}" in \
-        "linux/amd64") TERRAFORM_ARCH=amd64 ;; \
-        "linux/arm64") TERRAFORM_ARCH=arm64 ;; \
-        "linux/arm/v7") TERRAFORM_ARCH=arm ;; \
-        *) echo "ERROR: 'TARGETPLATFORM' value expected: ${TARGETPLATFORM}"; exit 1 ;; \
-    esac && \
-    for VERSION in ${AVAILABLE_TERRAFORM_VERSIONS}; do \
-        curl -LOs "https://releases.hashicorp.com/terraform/${VERSION}/terraform_${VERSION}_linux_${TERRAFORM_ARCH}.zip" && \
-        curl -LOs "https://releases.hashicorp.com/terraform/${VERSION}/terraform_${VERSION}_SHA256SUMS" && \
-        sed -n "/terraform_${VERSION}_linux_${TERRAFORM_ARCH}.zip/p" "terraform_${VERSION}_SHA256SUMS" | sha256sum -c && \
-        mkdir -p "/usr/local/bin/tf/versions/${VERSION}" && \
-        unzip "terraform_${VERSION}_linux_${TERRAFORM_ARCH}.zip" -d "/usr/local/bin/tf/versions/${VERSION}" && \
-        ln -s "/usr/local/bin/tf/versions/${VERSION}/terraform" "/usr/local/bin/terraform${VERSION}" && \
-        rm "terraform_${VERSION}_linux_${TERRAFORM_ARCH}.zip" && \
-        rm "terraform_${VERSION}_SHA256SUMS"; \
-    done && \
-    ln -s "/usr/local/bin/tf/versions/${DEFAULT_TERRAFORM_VERSION}/terraform" /usr/local/bin/terraform
-
+RUN ./download-release.sh \
+        "terraform" \
+        "${TARGETPLATFORM}" \
+        "${DEFAULT_TERRAFORM_VERSION}" \
+        "1.4.7 1.5.7 1.6.6 ${DEFAULT_TERRAFORM_VERSION}" \
+    && ./download-release.sh \
+        "tofu" \
+        "${TARGETPLATFORM}" \
+        "${DEFAULT_OPENTOFU_VERSION}" \
+        "${DEFAULT_OPENTOFU_VERSION}"
 
 # Stage 2 - Alpine
 # Creating the individual distro builds using targets
@@ -151,6 +148,7 @@ RUN addgroup atlantis && \
 COPY --from=builder /app/atlantis /usr/local/bin/atlantis
 # copy terraform binaries
 COPY --from=deps /usr/local/bin/terraform* /usr/local/bin/
+COPY --from=deps /usr/local/bin/tofu* /usr/local/bin/
 # copy dependencies
 COPY --from=deps /usr/local/bin/conftest /usr/local/bin/conftest
 COPY --from=deps /usr/bin/git-lfs /usr/bin/git-lfs
@@ -168,7 +166,6 @@ RUN apk add --no-cache \
         dumb-init~=1 \
         gcompat~=1
 
-
 # Set the entry point to the atlantis user and run the atlantis command
 USER atlantis
 ENTRYPOINT ["docker-entrypoint.sh"]
@@ -191,6 +188,7 @@ RUN useradd --create-home --user-group --shell /bin/bash atlantis && \
 COPY --from=builder /app/atlantis /usr/local/bin/atlantis
 # copy terraform binaries
 COPY --from=deps /usr/local/bin/terraform* /usr/local/bin/
+COPY --from=deps /usr/local/bin/tofu* /usr/local/bin/
 # copy dependencies
 COPY --from=deps /usr/local/bin/conftest /usr/local/bin/conftest
 COPY --from=deps /usr/bin/git-lfs /usr/bin/git-lfs
diff --git a/scripts/download-release.sh b/scripts/download-release.sh
new file mode 100755
index 0000000000..2197c9c4ee
--- /dev/null
+++ b/scripts/download-release.sh
@@ -0,0 +1,33 @@
+#!/bin/sh
+COMMAND_NAME=${1:-terraform}
+TARGETPLATFORM=${2:-"linux/amd64"}
+DEFAULT_VERSION=${3:-"1.6.2"}
+AVAILABLE_VERSIONS=${4:-"1.6.2"}
+case "${TARGETPLATFORM}" in
+  "linux/amd64") ARCH=amd64 ;;
+  "linux/arm64") ARCH=arm64 ;;
+  "linux/arm/v7") ARCH=arm ;;
+  *) echo "ERROR: 'TARGETPLATFORM' value unexpected: ${TARGETPLATFORM}"; exit 1 ;;
+esac
+for VERSION in ${AVAILABLE_VERSIONS}; do
+  case "${COMMAND_NAME}" in
+    "terraform")
+      DOWNLOAD_URL_FORMAT=$(printf 'https://releases.hashicorp.com/terraform/%s/%s_%s' "$VERSION" "$COMMAND_NAME" "$VERSION")
+      COMMAND_DIR=tf
+      ;;
+    "tofu")
+      DOWNLOAD_URL_FORMAT=$(printf 'https://github.com/opentofu/opentofu/releases/download/v%s/%s_%s' "$VERSION" "$COMMAND_NAME" "$VERSION")
+      COMMAND_DIR=tofu
+      ;;
+    *) echo "ERROR: 'COMMAND_NAME' value unexpected: ${COMMAND_NAME}"; exit 1 ;;
+  esac
+  curl -LOs "${DOWNLOAD_URL_FORMAT}_linux_${ARCH}.zip"
+  curl -LOs "${DOWNLOAD_URL_FORMAT}_SHA256SUMS"
+  sed -n "/${COMMAND_NAME}_${VERSION}_linux_${ARCH}.zip/p" "${COMMAND_NAME}_${VERSION}_SHA256SUMS" | sha256sum -c
+  mkdir -p "/usr/local/bin/${COMMAND_DIR}/${VERSION}"
+  unzip "${COMMAND_NAME}_${VERSION}_linux_${ARCH}.zip" -d "/usr/local/bin/${COMMAND_DIR}/${VERSION}"
+  ln -s "/usr/local/bin/${COMMAND_DIR}/${VERSION}/${COMMAND_NAME}" "/usr/local/bin/${COMMAND_NAME}${VERSION}"
+  rm "${COMMAND_NAME}_${VERSION}_linux_${ARCH}.zip"
+  rm "${COMMAND_NAME}_${VERSION}_SHA256SUMS"
+done
+ln -s "/usr/local/bin/${COMMAND_DIR}/${DEFAULT_VERSION}/${COMMAND_NAME}" "/usr/local/bin/${COMMAND_NAME}"