/terraform-publisher-apko

An experimental module for publishing images with tf-apko

Primary LanguageHCLApache License 2.0Apache-2.0

Build apko images with terraform.

This repository contains a terraform module to facilitate building an image with apko and signing the supply chain metadata with ambient credentials (e.g. github actions workload identity).

Currently the following supply chain metadata is surfaced:

  1. The images are signed by the workload,
  2. The SPDX SBOM are attestated by the workload.

Requirements

No requirements.

Providers

Name Version
apko n/a
cosign n/a

Modules

No modules.

Resources

Name Type
apko_build.this resource
cosign_attest.apko-configuration resource
cosign_attest.sboms resource
cosign_attest.slsa-provenance resource
cosign_sign.signature resource
apko_config.this data source

Inputs

Name Description Type Default Required
config The apko configuration file to build and publish. any n/a yes
extra_packages Additional packages to install into this image. list(string) [] no
target_repository The docker repo into which the image and attestations should be published. any n/a yes

Outputs

Name Description
arch_to_image n/a
archs n/a
config n/a
image_ref n/a