coder/scripts/Dockerfile.base

# This is the base image used for Coder images. It's a multi-arch image that is
# built in depot.dev for all supported architectures. Since it's built on real
# hardware and not cross-compiled, it can have "RUN" commands.
FROM alpine:3.22.2@sha256:4b7ce07002c69e8f3d704a9c5d6fd3053be500b7f1c69fc0d80990c2ad8dd412

# We use a single RUN command to reduce the number of layers in the image.
# NOTE: Keep the Terraform version in sync with minTerraformVersion and
# maxTerraformVersion in provisioner/terraform/install.go.
RUN apk add --no-cache \
		curl \
		wget \
		bash \
		git \
		openssl \
		openssh-client \
		tzdata && \
	addgroup \
		-g 1000 \
		coder && \
	adduser \
		-D \
		-s /bin/bash \
		-h /home/coder \
		-u 1000 \
		-G coder \
		coder
# Terraform was disabled in the edge repo due to a build issue.
# https://gitlab.alpinelinux.org/alpine/aports/-/commit/f3e263d94cfac02d594bef83790c280e045eba35
# Using wget for now. Note that busybox unzip doesn't support streaming.
RUN ARCH="$(arch)"; if [ "${ARCH}" == "x86_64" ]; then ARCH="amd64"; elif [ "${ARCH}" == "aarch64" ]; then ARCH="arm64"; elif [ "${ARCH}" == "armv7l" ]; then ARCH="arm"; fi; wget -O /tmp/terraform.zip "https://releases.hashicorp.com/terraform/1.13.4/terraform_1.13.4_linux_${ARCH}.zip" && \
		busybox unzip /tmp/terraform.zip -d /usr/local/bin && \
		rm -f /tmp/terraform.zip && \
		chmod +x /usr/local/bin/terraform && \
		terraform --version
USER 1000:1000
ENV HOME=/home/coder
ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt
WORKDIR /home/coder