about summary refs log tree commit diff
path: root/nixpkgs/pkgs/by-name/am/amazon-ssm-agent/package.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/by-name/am/amazon-ssm-agent/package.nix')
-rw-r--r--nixpkgs/pkgs/by-name/am/amazon-ssm-agent/package.nix171
1 files changed, 171 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/by-name/am/amazon-ssm-agent/package.nix b/nixpkgs/pkgs/by-name/am/amazon-ssm-agent/package.nix
new file mode 100644
index 000000000000..a4b76495c2ed
--- /dev/null
+++ b/nixpkgs/pkgs/by-name/am/amazon-ssm-agent/package.nix
@@ -0,0 +1,171 @@
+{ lib
+, writeShellScriptBin
+, buildGoModule
+, makeWrapper
+, darwin
+, fetchFromGitHub
+, coreutils
+, nettools
+, util-linux
+, stdenv
+, dmidecode
+, bashInteractive
+, nix-update-script
+, nixosTests
+, testers
+, amazon-ssm-agent
+, overrideEtc ? true
+}:
+
+let
+  # Tests use lsb_release, so we mock it (the SSM agent used to not
+  # read from our /etc/os-release file, but now it does) because in
+  # reality, it won't (shouldn't) be used when active on a system with
+  # /etc/os-release. If it is, we fake the only two fields it cares about.
+  fake-lsb-release = writeShellScriptBin "lsb_release" ''
+    . /etc/os-release || true
+
+    case "$1" in
+      -i) echo "''${NAME:-unknown}";;
+      -r) echo "''${VERSION:-unknown}";;
+    esac
+  '';
+
+  binaries = {
+    "core" = "amazon-ssm-agent";
+    "agent" = "ssm-agent-worker";
+    "cli-main" = "ssm-cli";
+    "worker" = "ssm-document-worker";
+    "logging" = "ssm-session-logger";
+    "sessionworker" = "ssm-session-worker";
+  };
+in
+buildGoModule rec {
+  pname = "amazon-ssm-agent";
+  version = "3.3.131.0";
+
+  src = fetchFromGitHub {
+    owner = "aws";
+    repo = "amazon-ssm-agent";
+    rev = "refs/tags/${version}";
+    hash = "sha256-fYFY5HQcArSDdh1qtIo4OzeLt+mIlbwlSr4O1py3MAk=";
+  };
+
+  vendorHash = null;
+
+  patches = [
+    # Some tests use networking, so we skip them.
+    ./0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch
+
+    # They used constants from another package that I couldn't figure
+    # out how to resolve, so hardcoded the constants.
+    ./0002-version-gen-don-t-use-unnecessary-constants.patch
+  ];
+
+  nativeBuildInputs = [
+    makeWrapper
+  ] ++ lib.optionals stdenv.isDarwin [
+    darwin.DarwinTools
+  ];
+
+  # See the list https://github.com/aws/amazon-ssm-agent/blob/3.2.2143.0/makefile#L121-L147
+  # The updater is not built because it cannot work on NixOS
+  subPackages = [
+    "core"
+    "agent"
+    "agent/cli-main"
+    "agent/framework/processor/executer/outofproc/sessionworker"
+    "agent/framework/processor/executer/outofproc/worker"
+    "agent/session/logging"
+  ];
+
+  ldflags = [ "-s" "-w" ];
+
+  postPatch = ''
+    printf "#!/bin/sh\ntrue" > ./Tools/src/checkstyle.sh
+
+    substituteInPlace agent/platform/platform_unix.go \
+      --replace "/usr/bin/uname" "${coreutils}/bin/uname" \
+      --replace '"/bin", "hostname"' '"${nettools}/bin/hostname"' \
+      --replace '"lsb_release"' '"${fake-lsb-release}/bin/lsb_release"'
+
+    substituteInPlace agent/session/shell/shell_unix.go \
+      --replace '"script"' '"${util-linux}/bin/script"'
+
+    substituteInPlace agent/rebooter/rebooter_unix.go \
+      --replace "/sbin/shutdown" "shutdown"
+
+    echo "${version}" > VERSION
+  '' + lib.optionalString overrideEtc ''
+    substituteInPlace agent/appconfig/constants_unix.go \
+      --replace '"/etc/amazon/ssm/"' '"${placeholder "out"}/etc/amazon/ssm/"'
+  '' + lib.optionalString stdenv.isLinux ''
+    substituteInPlace agent/managedInstances/fingerprint/hardwareInfo_unix.go \
+      --replace /usr/sbin/dmidecode ${dmidecode}/bin/dmidecode
+  '';
+
+  preBuild = ''
+    # Note: if this step fails, please patch the code to fix it! Please only skip
+    # tests if it is not feasible for the test to pass in a sandbox.
+    make quick-integtest
+
+    make pre-release
+    make pre-build
+  '';
+
+  installPhase = ''
+    runHook preInstall
+
+    declare -A map=(${builtins.concatStringsSep " " (lib.mapAttrsToList (name: value: "[\"${name}\"]=\"${value}\"") binaries)})
+
+    for key in ''${!map[@]}; do
+      install -D -m 0555 -T "$GOPATH/bin/''${key}" "$out/bin/''${map[''${key}]}"
+    done
+
+    # These templates retain their `.template` extensions on installation. The
+    # amazon-ssm-agent.json.template is required as default configuration when an
+    # amazon-ssm-agent.json isn't present. Here, we retain the template to show
+    # we're using the default configuration.
+
+    # seelog.xml isn't actually required to run, but it does ship as a template
+    # with debian packages, so it's here for reference. Future work in the nixos
+    # module could use this template and substitute a different log level.
+
+    install -D -m 0444 -t $out/etc/amazon/ssm amazon-ssm-agent.json.template
+    install -D -m 0444 -T seelog_unix.xml $out/etc/amazon/ssm/seelog.xml.template
+
+    runHook postInstall
+  '';
+
+  checkFlags = [
+    # Skip time dependent/flaky test
+    "-skip=TestSendStreamDataMessageWithStreamDataSequenceNumberMutexLocked"
+  ];
+
+  postFixup = ''
+    wrapProgram $out/bin/amazon-ssm-agent \
+      --prefix PATH : "${lib.makeBinPath [ bashInteractive ]}"
+  '';
+
+  passthru = {
+    tests = {
+      inherit (nixosTests) amazon-ssm-agent;
+      version = testers.testVersion {
+        package = amazon-ssm-agent;
+        command = "amazon-ssm-agent --version";
+      };
+    };
+    updateScript = nix-update-script { };
+  };
+
+  __darwinAllowLocalNetworking = true;
+
+  meta = with lib; {
+    description = "Agent to enable remote management of your Amazon EC2 instance configuration";
+    changelog = "https://github.com/aws/amazon-ssm-agent/releases/tag/${version}";
+    homepage = "https://github.com/aws/amazon-ssm-agent";
+    license = licenses.asl20;
+    platforms = platforms.unix;
+    maintainers = with maintainers; [ copumpkin manveru anthonyroussel ];
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-16 13:30:49 +0000