ssm-agent: 2.3.1319.0 -> 3.0.755.0

Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>

3 files changed, 159 insertions, 39 deletions

diff --git a/pkgs/applications/networking/cluster/ssm-agent/0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch b/pkgs/applications/networking/cluster/ssm-agent/0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch
new file mode 100644
index 00000000000..364f7653efa
--- /dev/null
+++ b/pkgs/applications/networking/cluster/ssm-agent/0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch
@@ -0,0 +1,44 @@
+From bea6307ec2a77d90d59c13940381d73ec0f05b70 Mon Sep 17 00:00:00 2001
+From: Graham Christensen <graham@grahamc.com>
+Date: Mon, 1 Mar 2021 10:57:44 -0500
+Subject: [PATCH] Disable NIC tests that fail in the Nix sandbox.
+
+---
+ agent/managedInstances/fingerprint/fingerprint_integ_test.go | 2 ++
+ agent/ssm/service_test.go                                    | 1 +
+ 2 files changed, 3 insertions(+)
+
+diff --git a/agent/managedInstances/fingerprint/fingerprint_integ_test.go b/agent/managedInstances/fingerprint/fingerprint_integ_test.go
+index a1f969ff..631ea1f5 100644
+--- a/agent/managedInstances/fingerprint/fingerprint_integ_test.go
++++ b/agent/managedInstances/fingerprint/fingerprint_integ_test.go
+@@ -28,12 +28,14 @@ func TestHostnameInfo(t *testing.T) {
+ }
+ 
+ func TestPrimaryIpInfo(t *testing.T) {
++	t.Skip("The Nix build sandbox has no non-loopback IPs, causing this test to fail.");
+ 	ip, err := primaryIpInfo()
+ 	assert.NoError(t, err, "expected no error fetching the primary ip")
+ 	assert.NotEmpty(t, ip, "expected to fetch primary ip")
+ }
+ 
+ func TestMacAddrInfo(t *testing.T) {
++	t.Skip("The Nix build sandbox has no non-loopback interfaces, causing this test to fail.");
+ 	mac, err := macAddrInfo()
+ 	assert.NoError(t, err, "expected no error fetching the mac addr")
+ 	assert.NotEmpty(t, mac, "expected to fetch mac address")
+diff --git a/agent/ssm/service_test.go b/agent/ssm/service_test.go
+index f4b34f83..d8216dba 100644
+--- a/agent/ssm/service_test.go
++++ b/agent/ssm/service_test.go
+@@ -85,6 +85,7 @@ func (suite *SsmServiceTestSuite) TestUpdateEmptyInstanceInformation() {
+ // Test function for update instance information
+ // This function update the agent name, agent statuc, and agent version.
+ func (suite *SsmServiceTestSuite) TestUpdateInstanceInformation() {
++	suite.T().Skip("The Nix build sandbox has no interfaces for IP and MAC address reports.");
+ 	// Give mock value to test UpdateInstanceInformation, assert the error is nil, assert the log.Debug function get called.
+ 	response, err := suite.sdkService.UpdateInstanceInformation(suite.logMock, "2.2.3.2", "active", "Amazon-ssm-agent")
+ 	assert.Nil(suite.T(), err, "Err should be nil")
+-- 
+2.29.2
+
diff --git a/pkgs/applications/networking/cluster/ssm-agent/0002-version-gen-don-t-use-unnecessary-constants.patch b/pkgs/applications/networking/cluster/ssm-agent/0002-version-gen-don-t-use-unnecessary-constants.patch
new file mode 100644
index 00000000000..234e510d3d1
--- /dev/null
+++ b/pkgs/applications/networking/cluster/ssm-agent/0002-version-gen-don-t-use-unnecessary-constants.patch
@@ -0,0 +1,46 @@
+From 473e3f8544915a35b3a45c548743978b34e5310e Mon Sep 17 00:00:00 2001
+From: Cole Helbling <cole.e.helbling@outlook.com>
+Date: Tue, 2 Mar 2021 00:24:00 -0800
+Subject: [PATCH] version-gen: don't use unnecessary constants
+
+This prevents the tool from being built with Nix, because this project
+doesn't use Go modules (or something; I'm not really familiar with Go,
+much less Go + Nix).
+---
+ agent/version/versiongenerator/version-gen.go | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/agent/version/versiongenerator/version-gen.go b/agent/version/versiongenerator/version-gen.go
+index d710effc..55c9a001 100644
+--- a/agent/version/versiongenerator/version-gen.go
++++ b/agent/version/versiongenerator/version-gen.go
+@@ -22,8 +22,6 @@ import (
+ 	"path/filepath"
+ 	"strings"
+ 	"text/template"
+-
+-	"github.com/aws/amazon-ssm-agent/agent/appconfig"
+ )
+ 
+ const versiongoTemplate = `// This is an autogenerated file and should not be edited.
+@@ -59,7 +57,7 @@ func main() {
+ 	versionStr := strings.TrimSpace(string(versionContent))
+ 
+ 	fmt.Printf("Agent Version: %v", versionStr)
+-	if err := ioutil.WriteFile(filepath.Join("VERSION"), []byte(versionStr), appconfig.ReadWriteAccess); err != nil {
++	if err := ioutil.WriteFile(filepath.Join("VERSION"), []byte(versionStr), 0600); err != nil {
+ 		log.Fatalf("Error writing to VERSION file. %v", err)
+ 	}
+ 
+@@ -108,7 +106,7 @@ func main() {
+ 
+ 	releaseNoteOutFile := strings.Join(releaseNoteLines, "\n")
+ 
+-	if err = ioutil.WriteFile(filepath.Join(releaseNotesFile), []byte(releaseNoteOutFile), appconfig.ReadWriteAccess); err != nil {
++	if err = ioutil.WriteFile(filepath.Join(releaseNotesFile), []byte(releaseNoteOutFile), 0600); err != nil {
+ 		log.Fatalf("Error writing to RELEASENOTES.md file. %v", err)
+ 	}
+ 
+-- 
+2.30.0
+
diff --git a/pkgs/applications/networking/cluster/ssm-agent/default.nix b/pkgs/applications/networking/cluster/ssm-agent/default.nix
index b042f8ff15f..9b9e57ca333 100644
--- a/pkgs/applications/networking/cluster/ssm-agent/default.nix
+++ b/pkgs/applications/networking/cluster/ssm-agent/default.nix
@@ -1,63 +1,93 @@
-{ lib, fetchFromGitHub, buildGoPackage, bash, makeWrapper }:
+{ lib
+, writeShellScriptBin
+, buildGoPackage
+, makeWrapper
+, fetchFromGitHub
+, coreutils
+, nettools
+, dmidecode
+, util-linux
+, bashInteractive
+}:
 
+let
+  # The SSM agent doesn't pay attention to our /etc/os-release yet, and the lsb-release tool
+  # in nixpkgs doesn't seem to work properly on NixOS, so let's just fake the two fields SSM
+  # looks for. See https://github.com/aws/amazon-ssm-agent/issues/38 for upstream fix.
+  fake-lsb-release = writeShellScriptBin "lsb_release" ''
+    . /etc/os-release || true
+
+    case "$1" in
+      -i) echo "''${NAME:-unknown}";;
+      -r) echo "''${VERSION:-unknown}";;
+    esac
+  '';
+in
 buildGoPackage rec {
-  pname   = "amazon-ssm-agent";
-  version = "2.3.1319.0";
+  pname = "amazon-ssm-agent";
+  version = "3.0.755.0";
 
   goPackagePath = "github.com/aws/${pname}";
-  subPackages   = [
-    "agent"
-    "agent/framework/processor/executer/outofproc/worker"
-    "agent/framework/processor/executer/outofproc/worker"
-    "agent/framework/processor/executer/outofproc/sessionworker"
-    "agent/session/logging"
-    "agent/cli-main"
-  ];
 
   nativeBuildInputs = [ makeWrapper ];
 
   src = fetchFromGitHub {
-    rev    = version;
-    owner  = "aws";
-    repo   = pname;
-    sha256 = "1yiyhj7ckqa32b1rnbwn7zx89rsj00m5imn1xlpsw002ywxsxbnv";
+    rev = version;
+    owner = "aws";
+    repo = "amazon-ssm-agent";
+    hash = "sha256-yVQJL1MJ1JlAndlrXfEbNLQihlbLhSoQXTKzJMRzhao=";
   };
 
-  preBuild = ''
-    mv go/src/${goPackagePath}/vendor strange-vendor
-    mv strange-vendor/src go/src/${goPackagePath}/vendor
+  patches = [
+    # Some tests use networking, so we skip them.
+    ./0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch
+
+    # They used constants from another package that I couldn't figure
+    # out how to resolve, so hardcoded the constants.
+    ./0002-version-gen-don-t-use-unnecessary-constants.patch
+  ];
+
+  configurePhase = ''
+    export HOME=$(mktemp -d)
+
+    printf "#!/bin/sh\ntrue" > ./Tools/src/checkstyle.sh
+
+    substituteInPlace agent/platform/platform_unix.go \
+        --replace "/usr/bin/uname" "${coreutils}/bin/uname" \
+        --replace '"/bin", "hostname"' '"${nettools}/bin/hostname"' \
+        --replace '"lsb_release"' '"${fake-lsb-release}/bin/lsb_release"'
+
+    substituteInPlace agent/managedInstances/fingerprint/hardwareInfo_unix.go \
+        --replace /usr/sbin/dmidecode ${dmidecode}/bin/dmidecode
+
+    substituteInPlace agent/session/shell/shell_unix.go \
+        --replace '"script"' '"${util-linux}/bin/script"'
 
-    cd go/src/${goPackagePath}
-    echo ${version} > VERSION
+    # Note: if this step fails, please patch the code to fix it! Please only skip
+    # tests if it is not feasible for the test to pass in a sandbox.
+    make quick-integtest
 
-    substituteInPlace agent/plugins/inventory/gatherers/application/dataProvider.go \
-      --replace '"github.com/aws/amazon-ssm-agent/agent/plugins/configurepackage/localpackages"' ""
+    echo "${version}" > VERSION
 
-    go run agent/version/versiongenerator/version-gen.go
-    substituteInPlace agent/appconfig/constants_unix.go \
-      --replace /usr/bin/ssm-document-worker $bin/bin/ssm-document-worker \
-      --replace /usr/bin/ssm-session-worker $bin/bin/ssm-session-worker \
-      --replace /usr/bin/ssm-session-logger $bin/bin/ssm-session-logger
-    cd -
+    make pre-release
+    make pre-build
   '';
 
-  postBuild = ''
-    mv go/bin/agent go/bin/amazon-ssm-agent
-    mv go/bin/worker go/bin/ssm-document-worker
-    mv go/bin/sessionworker go/bin/ssm-session-worker
-    mv go/bin/logging go/bin/ssm-session-logger
-    mv go/bin/cli-main go/bin/ssm-cli
+  buildPhase = ''
+    make build-linux
   '';
 
-  postInstall = ''
-    wrapProgram $out/bin/amazon-ssm-agent --prefix PATH : ${bash}/bin
+  installPhase = ''
+    mkdir -p $out/bin
+    mv bin/linux_*/* $out/bin/
+    wrapProgram $out/bin/amazon-ssm-agent --prefix PATH : ${bashInteractive}/bin
   '';
 
   meta = with lib; {
     description = "Agent to enable remote management of your Amazon EC2 instance configuration";
-    homepage    = "https://github.com/aws/amazon-ssm-agent";
-    license     = licenses.asl20;
-    platforms   = platforms.unix;
+    homepage = "https://github.com/aws/amazon-ssm-agent";
+    license = licenses.asl20;
+    platforms = platforms.unix;
     maintainers = with maintainers; [ copumpkin manveru ];
   };
 }