1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
{ lib
, writeShellScriptBin
, buildGoPackage
, makeWrapper
, fetchFromGitHub
, coreutils
, nettools
, dmidecode
, util-linux
, bashInteractive
, overrideEtc ? true
}:
let
# Tests use lsb_release, so we mock it (the SSM agent used to not
# read from our /etc/os-release file, but now it does) because in
# reality, it won't (shouldn't) be used when active on a system with
# /etc/os-release. If it is, we fake the only two fields it cares about.
fake-lsb-release = writeShellScriptBin "lsb_release" ''
. /etc/os-release || true
case "$1" in
-i) echo "''${NAME:-unknown}";;
-r) echo "''${VERSION:-unknown}";;
esac
'';
in
buildGoPackage rec {
pname = "amazon-ssm-agent";
version = "3.2.1297.0";
goPackagePath = "github.com/aws/${pname}";
nativeBuildInputs = [ makeWrapper ];
src = fetchFromGitHub {
rev = version;
owner = "aws";
repo = "amazon-ssm-agent";
hash = "sha256-zRs7RsShZPH3hb5MsADUNrTfHbJVwCELE9mCqEWaTng=";
};
patches = [
# Some tests use networking, so we skip them.
./0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch
# They used constants from another package that I couldn't figure
# out how to resolve, so hardcoded the constants.
./0002-version-gen-don-t-use-unnecessary-constants.patch
];
# See the list https://github.com/aws/amazon-ssm-agent/blob/3.2.1297.0/makefile#L120-L138
# The updater is not built because it cannot work on NixOS
subPackages = [
"core"
"agent"
"agent/cli-main"
"agent/framework/processor/executer/outofproc/worker"
"agent/session/logging"
"agent/framework/processor/executer/outofproc/sessionworker"
];
ldflags = [
"-s"
"-w"
];
preConfigure = ''
printf "#!/bin/sh\ntrue" > ./Tools/src/checkstyle.sh
substituteInPlace agent/platform/platform_unix.go \
--replace "/usr/bin/uname" "${coreutils}/bin/uname" \
--replace '"/bin", "hostname"' '"${nettools}/bin/hostname"' \
--replace '"lsb_release"' '"${fake-lsb-release}/bin/lsb_release"'
substituteInPlace agent/managedInstances/fingerprint/hardwareInfo_unix.go \
--replace /usr/sbin/dmidecode ${dmidecode}/bin/dmidecode
substituteInPlace agent/session/shell/shell_unix.go \
--replace '"script"' '"${util-linux}/bin/script"'
echo "${version}" > VERSION
'' + lib.optionalString overrideEtc ''
substituteInPlace agent/appconfig/constants_unix.go \
--replace '"/etc/amazon/ssm/"' '"${placeholder "out"}/etc/amazon/ssm/"'
'';
preBuild = ''
pushd go/src/${goPackagePath}
# Note: if this step fails, please patch the code to fix it! Please only skip
# tests if it is not feasible for the test to pass in a sandbox.
make quick-integtest
make pre-release
make pre-build
popd
'';
postBuild = ''
pushd go/bin
mv core amazon-ssm-agent
mv agent ssm-agent-worker
mv cli-main ssm-cli
mv worker ssm-document-worker
mv logging ssm-session-logger
mv sessionworker ssm-session-worker
popd
'';
# These templates retain their `.template` extensions on installation. The
# amazon-ssm-agent.json.template is required as default configuration when an
# amazon-ssm-agent.json isn't present. Here, we retain the template to show
# we're using the default configuration.
# seelog.xml isn't actually required to run, but it does ship as a template
# with debian packages, so it's here for reference. Future work in the nixos
# module could use this template and substitute a different log level.
postInstall = ''
mkdir -p $out/etc/amazon/ssm
cp go/src/${goPackagePath}/amazon-ssm-agent.json.template $out/etc/amazon/ssm/amazon-ssm-agent.json.template
cp go/src/${goPackagePath}/seelog_unix.xml $out/etc/amazon/ssm/seelog.xml.template
'';
postFixup = ''
wrapProgram $out/bin/amazon-ssm-agent --prefix PATH : ${bashInteractive}/bin
'';
meta = with lib; {
description = "Agent to enable remote management of your Amazon EC2 instance configuration";
homepage = "https://github.com/aws/amazon-ssm-agent";
license = licenses.asl20;
platforms = platforms.unix;
maintainers = with maintainers; [ copumpkin manveru ];
};
}
|