Added the creation of Atlantis minimal with the latest TF version

[robmonct]

Added the creation of Atlantis minimal with only the latest TF version in order to avoid as much as possible the vulnerabilities of old TF versions.

what

Remove all Terraform versions except the last one to avoid exposure to old vulnerabilities.

why

The support of very old Terraform versions expose Atlantis docker image to old vulnerabilities which aren't easy to solve.

tests

references

• gcp (and snyk) container scan output #2883

[nitrocode]

Hi @robmonct . Thank you for the contribution.

I do not think we want to add a new docker image at this point. If anything, we'd eventually remove the older versions of terraform from the existing image.

For now, you are welcome, and encouraged, to create and manage your own version of the provided image. Most users, including myself, customize the image to add additional tools, and removing older (or even all) terraform versions also makes sense now that we can download terraform binaries on the fly.

[jamengual]

I have to agree, this adds more work to the already small group of maintainers.

as @nitrocode said you can always create your custom image.

[robmonct]

No problem. It was just a proposal. Thanks you for the feedback.