README.md
Rendering markdown...
FROM hashicorp/terraform:1.14.8 AS tf
FROM alpine:3.20
RUN apk add --no-cache git bash wget
# Copy terraform binary from pinned vulnerable version
COPY --from=tf /bin/terraform /usr/local/bin/terraform
# Simulate a GitHub Actions runner environment
RUN adduser -D runner
USER runner
WORKDIR /home/runner
# Fake AWS credentials at the standard CI path
RUN mkdir -p /home/runner/.aws && \
printf '[default]\naws_access_key_id = AKIAIOSFODNN7EXAMPLE\naws_secret_access_key = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY\n' > /home/runner/.aws/credentials
# Fake SSH key at the standard CI path
RUN mkdir -p /home/runner/.ssh && \
printf '-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAEbm9uZQAAAAAAAABBAAAAMwAAAAtzc2gtZWQyNTUxOQAAACBf\nTGsW7jX5W4VmPGqN9BkI2RbZ3YcHStoXl2KuQdCiYAAAAKjyj8lE8o/JRAAAAA==\n-----END OPENSSH PRIVATE KEY-----\n' > /home/runner/.ssh/id_rsa
RUN mkdir -p /home/runner/project
COPY --chown=runner:runner poc.sh /home/runner/poc.sh
RUN chmod +x /home/runner/poc.sh
CMD ["/home/runner/poc.sh"]