diff --git a/docker/base/Dockerfile b/docker/base/Dockerfile index 70288c61..c330f22f 100644 --- a/docker/base/Dockerfile +++ b/docker/base/Dockerfile @@ -1,5 +1,6 @@ # syntax = docker/dockerfile:experimental FROM debian:bookworm-slim AS builder +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG PULUMI_VERSION RUN apt-get update -y && \ apt-get upgrade -y && \ @@ -14,6 +15,7 @@ RUN curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION # The runtime container # This is our base container, so let's copy all the runtimes to .pulumi/bin FROM debian:bookworm-slim +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] LABEL org.opencontainers.image.description="Pulumi CLI container, bring your own SDK" WORKDIR /pulumi COPY --from=builder /root/.pulumi/bin bin diff --git a/docker/base/Dockerfile.ubi b/docker/base/Dockerfile.ubi index e1c36e9e..6717f250 100644 --- a/docker/base/Dockerfile.ubi +++ b/docker/base/Dockerfile.ubi @@ -1,5 +1,6 @@ # syntax = docker/dockerfile:experimental FROM redhat/ubi8-minimal:latest as builder +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG PULUMI_VERSION RUN microdnf install -y \ curl \ @@ -14,6 +15,7 @@ RUN curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION # The runtime container # This is our base container, so let's copy all the runtimes to .pulumi/bin FROM redhat/ubi8-minimal:latest +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] LABEL org.opencontainers.image.description="Pulumi CLI container, bring your own SDK" WORKDIR /pulumi COPY --from=builder /root/.pulumi/bin bin diff --git a/docker/dotnet/Dockerfile b/docker/dotnet/Dockerfile index caa9bd3f..cb3dc219 100644 --- a/docker/dotnet/Dockerfile +++ b/docker/dotnet/Dockerfile @@ -1,6 +1,7 @@ # syntax = docker/dockerfile:experimental FROM debian:bookworm-slim AS builder +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG PULUMI_VERSION RUN apt-get update -y && \ apt-get upgrade -y && \ @@ -15,6 +16,7 @@ RUN curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION # The runtime container FROM debian:bookworm-slim +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] LABEL org.opencontainers.image.description="Pulumi CLI container for dotnet" WORKDIR /pulumi/projects diff --git a/docker/dotnet/Dockerfile.ubi b/docker/dotnet/Dockerfile.ubi index 3315161d..8a602b19 100644 --- a/docker/dotnet/Dockerfile.ubi +++ b/docker/dotnet/Dockerfile.ubi @@ -1,6 +1,7 @@ # syntax = docker/dockerfile:experimental # Interim container so we can copy pulumi binaries FROM redhat/ubi8-minimal:latest as builder +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG PULUMI_VERSION RUN microdnf install -y \ curl \ @@ -11,6 +12,7 @@ RUN curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION # The runtime container FROM redhat/ubi8-minimal:latest +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG LANGUAGE_VERSION LABEL org.opencontainers.image.description="Pulumi CLI container for dotnet" WORKDIR /pulumi/projects diff --git a/docker/go/Dockerfile b/docker/go/Dockerfile index f1323362..d9312ba8 100644 --- a/docker/go/Dockerfile +++ b/docker/go/Dockerfile @@ -4,6 +4,7 @@ # Build container FROM ubuntu:bionic AS builder +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG PULUMI_VERSION ARG GO_RUNTIME_VERSION=1.21.1 @@ -52,6 +53,7 @@ RUN case $(uname -m) in \ # The runtime container FROM debian:11-slim +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] LABEL org.opencontainers.image.description="Pulumi CLI container for go" WORKDIR /pulumi/projects diff --git a/docker/go/Dockerfile.ubi b/docker/go/Dockerfile.ubi index 6542053a..70a8a9c6 100644 --- a/docker/go/Dockerfile.ubi +++ b/docker/go/Dockerfile.ubi @@ -1,6 +1,7 @@ # syntax = docker/dockerfile:experimental # Interim container so we can copy pulumi binaries FROM redhat/ubi8-minimal:latest as builder +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG PULUMI_VERSION RUN microdnf install -y \ curl \ @@ -24,6 +25,7 @@ RUN curl -fsSLo /tmp/go.tgz https://golang.org/dl/go${RUNTIME_VERSION}.linux-amd # The runtime container FROM redhat/ubi8-minimal:latest +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] LABEL org.opencontainers.image.description="Pulumi CLI container for go" WORKDIR /pulumi/projects diff --git a/docker/java/Dockerfile b/docker/java/Dockerfile index 6509d9b5..5c6be54f 100644 --- a/docker/java/Dockerfile +++ b/docker/java/Dockerfile @@ -2,6 +2,7 @@ # Interim container so we can copy pulumi binaries # Must be defined first FROM debian:bookworm-slim AS builder +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG PULUMI_VERSION RUN apt-get update -y && \ apt-get upgrade -y && \ @@ -16,6 +17,7 @@ RUN curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION # The runtime container FROM debian:bookworm-slim +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] LABEL org.opencontainers.image.description="Pulumi CLI container for java" WORKDIR /pulumi/projects diff --git a/docker/java/Dockerfile.ubi b/docker/java/Dockerfile.ubi index 0628509f..7d1d7a31 100644 --- a/docker/java/Dockerfile.ubi +++ b/docker/java/Dockerfile.ubi @@ -2,6 +2,7 @@ # Interim container so we can copy pulumi binaries # Must be defined first FROM redhat/ubi8-minimal:latest as builder +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG PULUMI_VERSION RUN microdnf install -y \ curl \ @@ -14,6 +15,7 @@ RUN curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION # The runtime container FROM redhat/ubi8-minimal:latest +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] LABEL org.opencontainers.image.description="Pulumi CLI container for Java" WORKDIR /pulumi/projects diff --git a/docker/nodejs/Dockerfile b/docker/nodejs/Dockerfile index 1ea09298..44e35112 100644 --- a/docker/nodejs/Dockerfile +++ b/docker/nodejs/Dockerfile @@ -4,6 +4,7 @@ ARG LANGUAGE_VERSION FROM debian:bookworm-slim AS builder +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG PULUMI_VERSION RUN apt-get update -y && \ apt-get upgrade -y && \ @@ -18,6 +19,7 @@ RUN curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION # The runtime container FROM node:${LANGUAGE_VERSION}-bookworm-slim +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] LABEL org.opencontainers.image.description="Pulumi CLI container for nodejs" WORKDIR /pulumi/projects diff --git a/docker/nodejs/Dockerfile.ubi b/docker/nodejs/Dockerfile.ubi index 227940ab..9362df43 100644 --- a/docker/nodejs/Dockerfile.ubi +++ b/docker/nodejs/Dockerfile.ubi @@ -1,6 +1,7 @@ # syntax = docker/dockerfile:experimental # Interim container so we can copy pulumi binaries FROM redhat/ubi8-minimal:latest as builder +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG PULUMI_VERSION RUN microdnf install -y \ curl \ @@ -11,6 +12,7 @@ RUN curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION # The runtime container FROM redhat/ubi8-minimal:latest +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG LANGUAGE_VERSION LABEL org.opencontainers.image.description="Pulumi CLI container for nodejs" WORKDIR /pulumi/projects diff --git a/docker/pulumi/Dockerfile b/docker/pulumi/Dockerfile index 5b954f7c..5f44ed83 100644 --- a/docker/pulumi/Dockerfile +++ b/docker/pulumi/Dockerfile @@ -1,4 +1,5 @@ FROM debian:12 AS base +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] # These values are passed in by the build system automatically. The options are: arm64, amd64 # See: https://docs.docker.com/build/building/variables/#pre-defined-build-arguments @@ -170,6 +171,7 @@ ENTRYPOINT ["pulumi"] ######################################################################## FROM base AS nonroot +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] LABEL "repository"="https://github.com/pulumi/pulumi" LABEL "homepage"="https://pulumi.com" @@ -199,6 +201,7 @@ RUN helm repo add stable https://charts.helm.sh/stable && \ ######################################################################## FROM base AS build-environment +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG TARGETARCH diff --git a/docker/python/Dockerfile b/docker/python/Dockerfile index 136228a8..bba5a01f 100644 --- a/docker/python/Dockerfile +++ b/docker/python/Dockerfile @@ -4,6 +4,7 @@ ARG LANGUAGE_VERSION FROM debian:bookworm-slim AS builder +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG PULUMI_VERSION RUN apt-get update -y && \ apt-get upgrade -y && \ @@ -17,6 +18,7 @@ RUN curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION # The runtime container FROM python:${LANGUAGE_VERSION}-slim-bookworm +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] LABEL org.opencontainers.image.description="Pulumi CLI container for python" WORKDIR /pulumi/projects diff --git a/docker/python/Dockerfile.ubi b/docker/python/Dockerfile.ubi index 100ef5dc..a7eebe8b 100644 --- a/docker/python/Dockerfile.ubi +++ b/docker/python/Dockerfile.ubi @@ -1,6 +1,7 @@ # syntax = docker/dockerfile:experimental # Interim container so we can copy pulumi binaries FROM redhat/ubi8-minimal:latest as builder +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG PULUMI_VERSION RUN microdnf install -y \ gzip \ @@ -10,6 +11,7 @@ RUN curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION # The runtime container FROM redhat/ubi8-minimal:latest +SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] ARG LANGUAGE_VERSION LABEL org.opencontainers.image.description="Pulumi CLI container for python" WORKDIR /pulumi/projects