depot/third_party/nixpkgs/pkgs/by-name/am/amazon-ssm-agent/package.nix

185 lines
5.2 KiB
Nix

{
lib,
writeShellScriptBin,
buildGoModule,
makeWrapper,
darwin,
fetchFromGitHub,
coreutils,
nettools,
util-linux,
stdenv,
dmidecode,
bashInteractive,
nix-update-script,
nixosTests,
testers,
amazon-ssm-agent,
}:
let
# Tests use lsb_release, so we mock it (the SSM agent used to not
# read from our /etc/os-release file, but now it does) because in
# reality, it won't (shouldn't) be used when active on a system with
# /etc/os-release. If it is, we fake the only two fields it cares about.
fake-lsb-release = writeShellScriptBin "lsb_release" ''
. /etc/os-release || true
case "$1" in
-i) echo "''${NAME:-unknown}";;
-r) echo "''${VERSION:-unknown}";;
esac
'';
binaries = {
"core" = "amazon-ssm-agent";
"agent" = "ssm-agent-worker";
"cli-main" = "ssm-cli";
"worker" = "ssm-document-worker";
"logging" = "ssm-session-logger";
"sessionworker" = "ssm-session-worker";
};
in
buildGoModule rec {
pname = "amazon-ssm-agent";
version = "3.3.1345.0";
src = fetchFromGitHub {
owner = "aws";
repo = "amazon-ssm-agent";
rev = "refs/tags/${version}";
hash = "sha256-6MGb6P3PYfnoztLdLhOm/smCjyWuV7ZGJtK40l4yFB0=";
};
vendorHash = null;
patches = [
# Some tests use networking, so we skip them.
./0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch
# They used constants from another package that I couldn't figure
# out how to resolve, so hardcoded the constants.
./0002-version-gen-don-t-use-unnecessary-constants.patch
];
nativeBuildInputs =
[
makeWrapper
]
++ lib.optionals stdenv.hostPlatform.isDarwin [
darwin.DarwinTools
];
# See the list https://github.com/aws/amazon-ssm-agent/blob/3.2.2143.0/makefile#L121-L147
# The updater is not built because it cannot work on NixOS
subPackages = [
"core"
"agent"
"agent/cli-main"
"agent/framework/processor/executer/outofproc/sessionworker"
"agent/framework/processor/executer/outofproc/worker"
"agent/session/logging"
];
ldflags = [
"-s"
"-w"
];
postPatch =
''
printf "#!/bin/sh\ntrue" > ./Tools/src/checkstyle.sh
substituteInPlace agent/platform/platform_unix.go \
--replace-fail "/usr/bin/uname" "${coreutils}/bin/uname" \
--replace-fail '"/bin", "hostname"' '"${nettools}/bin/hostname"' \
--replace-fail '"lsb_release"' '"${fake-lsb-release}/bin/lsb_release"'
substituteInPlace agent/session/shell/shell_unix.go \
--replace-fail '"script"' '"${util-linux}/bin/script"'
substituteInPlace agent/rebooter/rebooter_unix.go \
--replace-fail "/sbin/shutdown" "shutdown"
echo "${version}" > VERSION
''
+ lib.optionalString stdenv.hostPlatform.isLinux ''
substituteInPlace agent/managedInstances/fingerprint/hardwareInfo_unix.go \
--replace-fail /usr/sbin/dmidecode ${dmidecode}/bin/dmidecode
'';
preBuild = ''
# Note: if this step fails, please patch the code to fix it! Please only skip
# tests if it is not feasible for the test to pass in a sandbox.
make quick-integtest
make pre-release
make pre-build
'';
installPhase = ''
runHook preInstall
declare -A map=(${
builtins.concatStringsSep " " (
lib.mapAttrsToList (name: value: "[\"${name}\"]=\"${value}\"") binaries
)
})
for key in ''${!map[@]}; do
install -D -m 0555 -T "$GOPATH/bin/''${key}" "$out/bin/''${map[''${key}]}"
done
# These templates retain their `.template` extensions on installation. The
# amazon-ssm-agent.json.template is required as default configuration when an
# amazon-ssm-agent.json isn't present. Here, we retain the template to show
# we're using the default configuration.
# seelog.xml isn't actually required to run, but it does ship as a template
# with debian packages, so it's here for reference. Future work in the nixos
# module could use this template and substitute a different log level.
install -D -m 0444 -t $out/etc/amazon/ssm amazon-ssm-agent.json.template
install -D -m 0444 -T seelog_unix.xml $out/etc/amazon/ssm/seelog.xml.template
runHook postInstall
'';
checkFlags = [
# Skip time dependent/flaky test
"-skip=TestSendStreamDataMessageWithStreamDataSequenceNumberMutexLocked"
"-skip=TestParallelAccessOfQueue"
];
postFixup = ''
wrapProgram $out/bin/amazon-ssm-agent \
--prefix PATH : "${lib.makeBinPath [ bashInteractive ]}"
'';
passthru = {
tests = {
inherit (nixosTests) amazon-ssm-agent;
version = testers.testVersion {
package = amazon-ssm-agent;
command = "amazon-ssm-agent --version";
};
};
updateScript = nix-update-script { };
};
__darwinAllowLocalNetworking = true;
meta = with lib; {
description = "Agent to enable remote management of your Amazon EC2 instance configuration";
changelog = "https://github.com/aws/amazon-ssm-agent/releases/tag/${version}";
homepage = "https://github.com/aws/amazon-ssm-agent";
license = licenses.asl20;
platforms = platforms.unix;
maintainers = with maintainers; [
copumpkin
manveru
anthonyroussel
arianvp
];
};
}