Merge branch 'main' into feature/pre-commit-hook_support_1138

Author: gvatsal60

src/azure-cli/README.md

@@ -18,6 +18,7 @@ Installs the Azure CLI along with needed dependencies. Useful for base Dockerfil
 | version | Select or enter an Azure CLI version. (Available versions may vary by Linux distribution.) | string | latest |
 | extensions | Optional comma separated list of Azure CLI extensions to install in profile. | string | - |
 | installBicep | Optionally install Azure Bicep | boolean | false |
+| bicepVersion | Select or enter a Bicep version. ('latest' or a specic version such as 'v0.31.92') | string | latest |
 | installUsingPython | Install Azure CLI using Python instead of pipx | boolean | false |
 
 ## Customizations

src/docker-in-docker/README.md

@@ -18,7 +18,7 @@ Create child containers *inside* a container, independent from the host's docker
 | version | Select or enter a Docker/Moby Engine version. (Availability can vary by OS version.) | string | latest |
 | moby | Install OSS Moby build instead of Docker CE | boolean | true |
 | mobyBuildxVersion | Install a specific version of moby-buildx when using Moby | string | latest |
-| dockerDashComposeVersion | Default version of Docker Compose (latest, v2 or none) | string | latest |
+| dockerDashComposeVersion | Default version of Docker Compose (v1, v2 or none) | string | v2 |
 | azureDnsAutoDetection | Allow automatically setting the dockerd DNS server when the installation script detects it is running in Azure | boolean | true |
 | dockerDefaultAddressPool | Define default address pools for Docker networks. e.g. base=192.168.0.0/16,size=24 | string | - |
 | installDockerBuildx | Install Docker Buildx | boolean | true |
@@ -29,7 +29,7 @@ Create child containers *inside* a container, independent from the host's docker
 
 ### VS Code Extensions
 
-- `ms-azuretools.vscode-docker`
+- `ms-azuretools.vscode-containers`
 
 ## Limitations
 

src/docker-in-docker/devcontainer-feature.json

@@ -70,7 +70,7 @@
     "customizations": {
         "vscode": {
             "extensions": [
-                "ms-azuretools.vscode-docker"
+                "ms-azuretools.vscode-containers"
             ],
             "settings": {
                 "github.copilot.chat.codeGeneration.instructions": [

src/docker-outside-of-docker/README.md

@@ -28,7 +28,7 @@ Re-use the host docker socket, adding the Docker CLI to a container. Feature inv
 
 ### VS Code Extensions
 
-- `ms-azuretools.vscode-docker`
+- `ms-azuretools.vscode-containers`
 
 ## Limitations
 

src/docker-outside-of-docker/devcontainer-feature.json

@@ -50,7 +50,7 @@
     "customizations": {
         "vscode": {
             "extensions": [
-                "ms-azuretools.vscode-docker"
+                "ms-azuretools.vscode-containers"
             ],
             "settings": {
                 "github.copilot.chat.codeGeneration.instructions": [

src/git/devcontainer-feature.json

@@ -1,6 +1,6 @@
 {
     "id": "git",
-    "version": "1.3.3",
+    "version": "1.3.4",
     "name": "Git (from source)",
     "documentationURL": "https://github.com/devcontainers/features/tree/main/src/git",
     "description": "Install an up-to-date version of Git, built from source as needed. Useful for when you want the latest and greatest features. Auto-detects latest stable version and installs needed dependencies.",

src/git/install.sh

@@ -10,7 +10,7 @@
 GIT_VERSION=${VERSION} # 'system' checks the base image first, else installs 'latest'
 USE_PPA_IF_AVAILABLE=${PPA}
 
-GIT_CORE_PPA_ARCHIVE_GPG_KEY=E1DD270288B4E6030699E45FA1715D88E1DF1F24
+GIT_CORE_PPA_ARCHIVE_GPG_KEY=F911AB184317630C59970973E363C90F8F1B6217
 
 if [ "$(id -u)" -ne 0 ]; then
     echo -e 'Script must be run as root. Use sudo, su, or add "USER root" to your Dockerfile before running this script.'

src/nvidia-cuda/README.md

@@ -20,7 +20,7 @@ Installs shared libraries for NVIDIA CUDA.
 | installNvtx | Additionally install NVIDIA Tools Extension (NVTX) | boolean | false |
 | installToolkit | Additionally install NVIDIA CUDA Toolkit | boolean | false |
 | cudaVersion | Version of CUDA to install | string | 11.8 |
-| cudnnVersion | Version of cuDNN to install | string | 8.6.0.163 |
+| cudnnVersion | Version of cuDNN to install | string | automatic |
 
 ## Compatibility
 

src/terraform/README.md

@@ -22,17 +22,51 @@ Installs the Terraform CLI and optionally TFLint and Terragrunt. Auto-detects la
 | installTFsec | Install tfsec, a tool to spot potential misconfigurations for your terraform code | boolean | false |
 | installTerraformDocs | Install terraform-docs, a utility to generate documentation from Terraform modules | boolean | false |
 | httpProxy | Connect to a keyserver using a proxy by configuring this option | string | - |
+| customDownloadServer | Custom server URL for downloading Terraform and Sentinel packages, including protocol (e.g., https://releases.hashicorp.com). If not provided, the default HashiCorp download server (https://releases.hashicorp.com) will be used. | string | - |
 
 ## Customizations
 
 ### VS Code Extensions
 
 - `HashiCorp.terraform`
 
+
+
 ## Licensing
 
 On August 10, 2023, HashiCorp announced a change of license for its products, including Terraform. After ~9 years of Terraform being open source under the MPL v2 license, it was to move under a non-open source BSL v1.1 license, starting from the next (1.6) version. See https://github.com/hashicorp/terraform/blob/main/LICENSE
 
+## Custom Download Server
+
+The `customDownloadServer` option allows you to specify an alternative server for downloading Terraform and Sentinel packages. This is useful for organizations that maintain internal mirrors or have proxies for HashiCorp downloads.
+
+When using this option:
+- Provide the complete URL including protocol (e.g., `https://my-mirror.example.com`)
+- The server should mirror the HashiCorp releases structure
+
+Example:
+```json
+"features": {
+    "ghcr.io/devcontainers/features/terraform:1": {
+        "customDownloadServer": "https://my-mirror.example.com"
+    }
+}
+```
+
+### ⚠️ Security Considerations
+
+When using a custom download server, be aware of the following security implications:
+
+- **Server Verification**: Always verify that the custom server is trustworthy and maintained by your organization or a trusted entity. Using an untrusted or compromised server could lead to downloading malicious software.
+  
+- **Supply Chain Risks**: Malicious actors may attempt to distribute compromised versions of Terraform that contain backdoors, cryptominers, or other harmful code.
+  
+- **Integrity Checks**: The feature performs SHA256 checks when available, but these are only as trustworthy as the source of the checksums. If both the binaries and checksums come from a compromised server, the integrity check may pass despite the software being malicious.
+  
+- **Organizational Policy**: Ensure your custom download server adheres to your organization's security policies and implements proper access controls.
+
+Always use the official HashiCorp download server (https://releases.hashicorp.com) unless you have a specific need for an alternative source.
+
 ## OS Support
 
 This Feature should work on recent versions of Debian/Ubuntu-based distributions with the `apt` package manager installed.