Skip to content

feat: Add dual binary support with separate Dockerfiles #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
OS-alexandrebrito wants to merge 1 commit into
base: pr-1675
Choose a base branch
from
Draft

feat: Add dual binary support with separate Dockerfiles #2

OS-alexandrebrito wants to merge 1 commit into from

Conversation

@OS-alexandrebrito
Copy link
Owner

@OS-alexandrebrito OS-alexandrebrito commented Jan 9, 2026

Implements support for both Terraform and OpenTofu binaries using
separate Dockerfiles with minimal code changes. This enables teams
to use either binary while maintaining security compliance, with
OpenTofu as the default and a clear deprecation path for Terraform.

Changes:

  • Updated runner.Dockerfile and runner-azure.Dockerfile to OpenTofu v1.11.2
  • Created runner-terraform.Dockerfile and runner-terraform-azure.Dockerfile
  • Updated CI/CD workflows to build all 4 image variants
  • Added binary detection in runner/server.go
  • Added Terraform v1.14.3 support via separate images
  • Updated documentation for binary selection
  • Removed unnecessary BINARY_TYPE build arguments

Images published:

  • OpenTofu (default): v{VERSION}, latest
  • Terraform: v{VERSION}-terraform, latest-terraform

Binary versions:

  • OpenTofu: 1.11.2
  • Terraform: 1.14.3 (up from 1.5.7)

Breaking changes for Terraform users:

  • S3 backend role_arn deprecated (use assume_role block)
  • -state flag deprecated (use backend configuration)
  • See IMPLEMENTATION_VERIFICATION.md for migration guidance

Related to PR flux-iac#1675

@OS-alexandrebrito
feat: Add dual binary support with separate Dockerfiles
e6cb9fe 
  Implements support for both Terraform and OpenTofu binaries using
  separate Dockerfiles with minimal code changes. This enables teams
  to use either binary while maintaining security compliance, with
  OpenTofu as the default and a clear deprecation path for Terraform.

  Changes:
  - Updated runner.Dockerfile and runner-azure.Dockerfile to OpenTofu v1.11.2
  - Created runner-terraform.Dockerfile and runner-terraform-azure.Dockerfile
  - Updated CI/CD workflows to build all 4 image variants
  - Added binary detection in runner/server.go
  - Added Terraform v1.14.3 support via separate images
  - Updated documentation for binary selection
  - Removed unnecessary BINARY_TYPE build arguments

  Images published:
  - OpenTofu (default): v{VERSION}, latest
  - Terraform: v{VERSION}-terraform, latest-terraform

  Binary versions:
  - OpenTofu: 1.11.2
  - Terraform: 1.14.3 (up from 1.5.7)

  Breaking changes for Terraform users:
  - S3 backend role_arn deprecated (use assume_role block)
  - -state flag deprecated (use backend configuration)
  - See IMPLEMENTATION_VERIFICATION.md for migration guidance

  Related to PR flux-iac#1675
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@OS-alexandrebrito