diff options
Diffstat (limited to 'nixpkgs/pkgs/by-name/am/amazon-ssm-agent/package.nix')
-rw-r--r-- | nixpkgs/pkgs/by-name/am/amazon-ssm-agent/package.nix | 171 |
1 files changed, 171 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/by-name/am/amazon-ssm-agent/package.nix b/nixpkgs/pkgs/by-name/am/amazon-ssm-agent/package.nix new file mode 100644 index 000000000000..a4b76495c2ed --- /dev/null +++ b/nixpkgs/pkgs/by-name/am/amazon-ssm-agent/package.nix @@ -0,0 +1,171 @@ +{ lib +, writeShellScriptBin +, buildGoModule +, makeWrapper +, darwin +, fetchFromGitHub +, coreutils +, nettools +, util-linux +, stdenv +, dmidecode +, bashInteractive +, nix-update-script +, nixosTests +, testers +, amazon-ssm-agent +, overrideEtc ? true +}: + +let + # Tests use lsb_release, so we mock it (the SSM agent used to not + # read from our /etc/os-release file, but now it does) because in + # reality, it won't (shouldn't) be used when active on a system with + # /etc/os-release. If it is, we fake the only two fields it cares about. + fake-lsb-release = writeShellScriptBin "lsb_release" '' + . /etc/os-release || true + + case "$1" in + -i) echo "''${NAME:-unknown}";; + -r) echo "''${VERSION:-unknown}";; + esac + ''; + + binaries = { + "core" = "amazon-ssm-agent"; + "agent" = "ssm-agent-worker"; + "cli-main" = "ssm-cli"; + "worker" = "ssm-document-worker"; + "logging" = "ssm-session-logger"; + "sessionworker" = "ssm-session-worker"; + }; +in +buildGoModule rec { + pname = "amazon-ssm-agent"; + version = "3.3.131.0"; + + src = fetchFromGitHub { + owner = "aws"; + repo = "amazon-ssm-agent"; + rev = "refs/tags/${version}"; + hash = "sha256-fYFY5HQcArSDdh1qtIo4OzeLt+mIlbwlSr4O1py3MAk="; + }; + + vendorHash = null; + + patches = [ + # Some tests use networking, so we skip them. + ./0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch + + # They used constants from another package that I couldn't figure + # out how to resolve, so hardcoded the constants. + ./0002-version-gen-don-t-use-unnecessary-constants.patch + ]; + + nativeBuildInputs = [ + makeWrapper + ] ++ lib.optionals stdenv.isDarwin [ + darwin.DarwinTools + ]; + + # See the list https://github.com/aws/amazon-ssm-agent/blob/3.2.2143.0/makefile#L121-L147 + # The updater is not built because it cannot work on NixOS + subPackages = [ + "core" + "agent" + "agent/cli-main" + "agent/framework/processor/executer/outofproc/sessionworker" + "agent/framework/processor/executer/outofproc/worker" + "agent/session/logging" + ]; + + ldflags = [ "-s" "-w" ]; + + postPatch = '' + printf "#!/bin/sh\ntrue" > ./Tools/src/checkstyle.sh + + substituteInPlace agent/platform/platform_unix.go \ + --replace "/usr/bin/uname" "${coreutils}/bin/uname" \ + --replace '"/bin", "hostname"' '"${nettools}/bin/hostname"' \ + --replace '"lsb_release"' '"${fake-lsb-release}/bin/lsb_release"' + + substituteInPlace agent/session/shell/shell_unix.go \ + --replace '"script"' '"${util-linux}/bin/script"' + + substituteInPlace agent/rebooter/rebooter_unix.go \ + --replace "/sbin/shutdown" "shutdown" + + echo "${version}" > VERSION + '' + lib.optionalString overrideEtc '' + substituteInPlace agent/appconfig/constants_unix.go \ + --replace '"/etc/amazon/ssm/"' '"${placeholder "out"}/etc/amazon/ssm/"' + '' + lib.optionalString stdenv.isLinux '' + substituteInPlace agent/managedInstances/fingerprint/hardwareInfo_unix.go \ + --replace /usr/sbin/dmidecode ${dmidecode}/bin/dmidecode + ''; + + preBuild = '' + # Note: if this step fails, please patch the code to fix it! Please only skip + # tests if it is not feasible for the test to pass in a sandbox. + make quick-integtest + + make pre-release + make pre-build + ''; + + installPhase = '' + runHook preInstall + + declare -A map=(${builtins.concatStringsSep " " (lib.mapAttrsToList (name: value: "[\"${name}\"]=\"${value}\"") binaries)}) + + for key in ''${!map[@]}; do + install -D -m 0555 -T "$GOPATH/bin/''${key}" "$out/bin/''${map[''${key}]}" + done + + # These templates retain their `.template` extensions on installation. The + # amazon-ssm-agent.json.template is required as default configuration when an + # amazon-ssm-agent.json isn't present. Here, we retain the template to show + # we're using the default configuration. + + # seelog.xml isn't actually required to run, but it does ship as a template + # with debian packages, so it's here for reference. Future work in the nixos + # module could use this template and substitute a different log level. + + install -D -m 0444 -t $out/etc/amazon/ssm amazon-ssm-agent.json.template + install -D -m 0444 -T seelog_unix.xml $out/etc/amazon/ssm/seelog.xml.template + + runHook postInstall + ''; + + checkFlags = [ + # Skip time dependent/flaky test + "-skip=TestSendStreamDataMessageWithStreamDataSequenceNumberMutexLocked" + ]; + + postFixup = '' + wrapProgram $out/bin/amazon-ssm-agent \ + --prefix PATH : "${lib.makeBinPath [ bashInteractive ]}" + ''; + + passthru = { + tests = { + inherit (nixosTests) amazon-ssm-agent; + version = testers.testVersion { + package = amazon-ssm-agent; + command = "amazon-ssm-agent --version"; + }; + }; + updateScript = nix-update-script { }; + }; + + __darwinAllowLocalNetworking = true; + + meta = with lib; { + description = "Agent to enable remote management of your Amazon EC2 instance configuration"; + changelog = "https://github.com/aws/amazon-ssm-agent/releases/tag/${version}"; + homepage = "https://github.com/aws/amazon-ssm-agent"; + license = licenses.asl20; + platforms = platforms.unix; + maintainers = with maintainers; [ copumpkin manveru anthonyroussel ]; + }; +} |