From c3c181635a9dd88433f0b81baf926810924d3b6d Mon Sep 17 00:00:00 2001 From: peterdeme Date: Wed, 2 Oct 2024 17:26:39 +0200 Subject: [PATCH] Add aws `session-manager-plugin` to `aws` image Signed-off-by: peterdeme --- .github/workflows/build.yml | 1 + README.md | 2 +- aws/Dockerfile | 27 +++++++++++++++++++++++++++ 3 files changed, 29 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 580f03c..ecd889f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -53,6 +53,7 @@ jobs: if [ "${{ matrix.folder }}" == "aws" ]; then docker run --rm ${{ env.IMAGE_NAME }} sh -c "python3 -c \"import boto3; print(boto3.__version__)\"" + docker run --rm ${{ env.IMAGE_NAME }} session-manager-plugin --version fi if [ "${{ matrix.folder }}" == "gcp" ]; then diff --git a/README.md b/README.md index ba6a361..5de022b 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ The image is pushed to the `public.ecr.aws/spacelift/runner-ansible` public repo Altogether we have 3 flavors of the image: - `public.ecr.aws/spacelift/runner-ansible` - built on top of the [Spacelift Terraform runner image](https://github.com/spacelift-io/runner-terraform), with Ansible installed. -- `public.ecr.aws/spacelift/runner-ansible-aws` - built on top of `runner-ansible`, with `boto3` installed. +- `public.ecr.aws/spacelift/runner-ansible-aws` - built on top of `runner-ansible`, with `boto3` and [`session-manager-plugin`](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html) installed. - `public.ecr.aws/spacelift/runner-ansible-gcp` - built on top of `runner-ansible`, with `google-auth` installed. ## Branch Model diff --git a/aws/Dockerfile b/aws/Dockerfile index 32b13ef..55c3efc 100644 --- a/aws/Dockerfile +++ b/aws/Dockerfile @@ -1,5 +1,32 @@ ARG REPOSITORY_BASE_PATH +FROM alpine AS ssm-builder + +ARG TARGETARCH + +RUN apk add dpkg curl; \ + if [ "$TARGETARCH" = "arm64" ]; then \ + curl "https://s3.amazonaws.com/session-manager-downloads/plugin/latest/ubuntu_arm64/session-manager-plugin.deb" -o "session-manager-plugin.deb"; \ + else \ + curl "https://s3.amazonaws.com/session-manager-downloads/plugin/latest/ubuntu_64bit/session-manager-plugin.deb" -o "session-manager-plugin.deb"; \ + fi; \ + dpkg -x session-manager-plugin.deb session-manager-plugin + FROM ${REPOSITORY_BASE_PATH}:latest +COPY --from=ssm-builder /session-manager-plugin/usr/local/sessionmanagerplugin/bin/session-manager-plugin /usr/local/bin/ + +ARG TARGETARCH + +USER root + +# session-manager-plugin requires gcompat on amd64 +RUN if [ "$TARGETARCH" = "amd64" ]; then \ + apk add --no-cache gcompat; \ + fi + +RUN chmod +x /usr/local/bin/session-manager-plugin + +USER spacelift + RUN pip install boto3 --break-system-packages