Docker
Extension can run actions in a Docker container when container
is specified on an extension block:
extension @terraform {
container = "hashicorp/terraform:1.8.4"
variables = [ "ARM_TENANT_ID"
"ARM_SUBSCRIPTION_ID"
"ARM_CLIENT_ID"
"ARM_CLIENT_SECRET"
"ARM_ACCESS_KEY" ]
}
All actions of this extension will run in the provided container - hence providing both isolation and avoiding configuration discrepancies.
Note actions are runned using following docker configuration:
- Entrypoint and arguments are overriden by action (
--entrypoint
) - Container is removed after execution (
--rm
) - Docker host socket is exposed to container to allow Docker in Docker but does not allow
privileged
access (-v /var/run/docker.sock
) - Container
USER
account is identified and used to map host homedir to USER homedir (-v
) - Container workdir is the current project rootdir (
-w
) - Network is set to
host
(--net=host
) - Environment variables can be passed from host to container
Last updated on