From e295db2edc900287ed33b8d62a1cd0d41e24ab17 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Wed, 2 Feb 2022 09:42:16 +0100 Subject: [PATCH] chore(lambda-layer-awscli): add update mechanism for AWS CLI We bundle the AWS CLI. This adds a mechanism to keep up with new updates of the CLI. It adds a script that should be executed periodically to create a PR with a version update. We had to install and bump to Python v3 because newer versions of the AWS CLI have ended support for Python 2.7. --- .../lambda-layer-awscli/awscli.version | 1 + .../build-tools/bump-awscli-version.sh | 19 ++++++++++++ .../lambda-layer-awscli/layer/Dockerfile | 31 ++++++++++--------- .../lambda-layer-awscli/layer/build.sh | 6 ++-- 4 files changed, 41 insertions(+), 16 deletions(-) create mode 100644 packages/@aws-cdk/lambda-layer-awscli/awscli.version create mode 100755 packages/@aws-cdk/lambda-layer-awscli/build-tools/bump-awscli-version.sh diff --git a/packages/@aws-cdk/lambda-layer-awscli/awscli.version b/packages/@aws-cdk/lambda-layer-awscli/awscli.version new file mode 100644 index 0000000000000..e0a2d9dda44ac --- /dev/null +++ b/packages/@aws-cdk/lambda-layer-awscli/awscli.version @@ -0,0 +1 @@ +1.22.46 diff --git a/packages/@aws-cdk/lambda-layer-awscli/build-tools/bump-awscli-version.sh b/packages/@aws-cdk/lambda-layer-awscli/build-tools/bump-awscli-version.sh new file mode 100755 index 0000000000000..e81df6f725c73 --- /dev/null +++ b/packages/@aws-cdk/lambda-layer-awscli/build-tools/bump-awscli-version.sh @@ -0,0 +1,19 @@ +#!/bin/bash +set -eu +scriptdir=$(cd $(dirname $0) && pwd) + +package=awscli +tmpfile=_pip.json + +curl -LsSf https://pypi.org/pypi/awscli/json > $tmpfile +trap "rm $tmpfile" EXIT +version=$(node -p "require('./${tmpfile}').info.version") + +if [[ $version != 1.* ]]; then + echo "Expected version 1.*, got ${version}" >&2 + exit 1 +fi + +echo "AWS CLI is currently at ${version}" + +echo $version > $scriptdir/../awscli.version diff --git a/packages/@aws-cdk/lambda-layer-awscli/layer/Dockerfile b/packages/@aws-cdk/lambda-layer-awscli/layer/Dockerfile index 8c5d754c04c03..92a513042a630 100644 --- a/packages/@aws-cdk/lambda-layer-awscli/layer/Dockerfile +++ b/packages/@aws-cdk/lambda-layer-awscli/layer/Dockerfile @@ -1,12 +1,5 @@ FROM public.ecr.aws/lambda/provided:latest -# -# versions -# - -# This is the last version that still supports Python 2.7 -ARG AWSCLI_VERSION=1.19.112 - USER root RUN mkdir -p /opt WORKDIR /tmp @@ -16,21 +9,24 @@ WORKDIR /tmp # RUN yum update -y \ - && yum install -y zip unzip wget tar gzip + && yum install -y zip unzip wget tar gzip python3 # # aws cli # +ARG AWSCLI_VERSION=0.0.0 + RUN curl https://s3.amazonaws.com/aws-cli/awscli-bundle-${AWSCLI_VERSION}.zip -o awscli-bundle.zip RUN unzip awscli-bundle.zip -RUN ./awscli-bundle/install -i /opt/awscli -b /opt/awscli/aws +RUN python3 ./awscli-bundle/install -i /opt/awscli -b /opt/awscli/aws # organize for self-contained usage -RUN mv /opt/awscli /opt/awscli.tmp -RUN mv /opt/awscli.tmp/lib/python2.7/site-packages /opt/awscli -RUN mv /opt/awscli.tmp/bin /opt/awscli/bin -RUN mv /opt/awscli/bin/aws /opt/awscli +RUN mv /opt/awscli /opt/awscli.tmp +RUN pyver=$(python3 -c 'import sys; v = sys.version_info; print(f"{v[0]}.{v[1]}")') && \ + mv /opt/awscli.tmp/lib/python${pyver}/site-packages /opt/awscli +RUN mv /opt/awscli.tmp/bin /opt/awscli/bin +RUN mv /opt/awscli/bin/aws /opt/awscli # cleanup RUN rm -fr /opt/awscli.tmp @@ -39,6 +35,13 @@ RUN rm -rf \ /opt/awscli/setuptools* \ /opt/awscli/awscli/examples +# +# Test that the CLI works +# + +RUN yum install -y groff +RUN /opt/awscli/aws help + # # create the bundle # @@ -49,4 +52,4 @@ RUN cd /opt \ && ls -alh /layer.zip; WORKDIR / -ENTRYPOINT [ "/bin/bash" ] \ No newline at end of file +ENTRYPOINT [ "/bin/bash" ] diff --git a/packages/@aws-cdk/lambda-layer-awscli/layer/build.sh b/packages/@aws-cdk/lambda-layer-awscli/layer/build.sh index a7c13263ebdce..99fee83d1be54 100755 --- a/packages/@aws-cdk/lambda-layer-awscli/layer/build.sh +++ b/packages/@aws-cdk/lambda-layer-awscli/layer/build.sh @@ -3,11 +3,13 @@ set -euo pipefail cd $(dirname $0) -echo ">> Building AWS Lambda layer inside a docker image..." +version=$(cat ../awscli.version) + +echo ">> Building AWS Lambda layer inside a docker image for CLI version ${version}..." TAG='aws-lambda-layer' -docker build -t ${TAG} . +docker build -t ${TAG} . --build-arg AWSCLI_VERSION=${version} echo ">> Extrating layer.zip from the build container..." CONTAINER=$(docker run -d ${TAG} false)