├── Jenkinsfile_k8s ├── .gitignore ├── .github ├── release-drafter.yml └── workflows │ └── release-drafter.yml ├── updatecli ├── values.yaml └── updatecli.d │ ├── jq.yml │ └── aws-cli.yml ├── README.adoc ├── Dockerfile └── cst.yml /Jenkinsfile_k8s: -------------------------------------------------------------------------------- 1 | parallelDockerUpdatecli([imageName: 'aws']) 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.tar 2 | hadolint.json 3 | Makefile 4 | cst-result.xml 5 | -------------------------------------------------------------------------------- /.github/release-drafter.yml: -------------------------------------------------------------------------------- 1 | _extends: .github 2 | 3 | name-template: 'next' 4 | tag-template: 'next' 5 | -------------------------------------------------------------------------------- /updatecli/values.yaml: -------------------------------------------------------------------------------- 1 | github: 2 | user: "updatebot" 3 | email: "updatebot@olblak.com" 4 | username: "jenkins-infra-bot" 5 | token: "UPDATECLI_GITHUB_TOKEN" 6 | branch: "main" 7 | owner: "jenkins-infra" 8 | repository: "docker-aws" 9 | -------------------------------------------------------------------------------- /.github/workflows/release-drafter.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Release Drafter 3 | 4 | on: 5 | push: 6 | branches: 7 | - main 8 | 9 | jobs: 10 | update_release_draft: 11 | runs-on: ubuntu-20.04 12 | steps: 13 | - uses: release-drafter/release-drafter@v5 14 | env: 15 | # This token is generated automatically by default in GitHub Actions: no need to create it manually 16 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 17 | ... 18 | -------------------------------------------------------------------------------- /README.adoc: -------------------------------------------------------------------------------- 1 | = Docker Image for AWS CLI Operations 2 | 3 | [IMPORTANT] 4 | Project superseeded by https://github.com/jenkins-infra/docker-hashicorp-tools 5 | 6 | This repository hosts the resources to build a Docker Image used for any operation involvin the AWS CLI on the Jenkins Infrastructure. 7 | 8 | == Contribute 9 | 10 | If you want to contribute, or build/test the Docker Image, please refer to the following documentation about Docker images for the Jenkins Infra project: 11 | link:https://github.com/jenkins-infra/pipeline-library/blob/master/resources/io/jenkins/infra/docker/README.adoc[README] 12 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | ARG AWS_CLI_VERSION=2.1.39 2 | FROM amazon/aws-cli:${AWS_CLI_VERSION} 3 | 4 | ## Repeating the ARG to add it into the scope of this image 5 | ARG AWS_CLI_VERSION=2.1.39 6 | 7 | ## bash need to be installed for this instruction to work as expected 8 | SHELL ["/bin/bash", "-o", "pipefail", "-c"] 9 | 10 | ### Build requirements 11 | RUN yum install -y \ 12 | curl-* \ 13 | make-* \ 14 | # Required to have adduser 15 | shadow-utils-* \ 16 | unzip-* \ 17 | which-* \ 18 | && yum clean all 19 | 20 | ### Install JQ to allow JSON command line management 21 | ARG JQ_VERSION=1.6 22 | RUN curl --silent --show-error --location --output /usr/local/bin/jq \ 23 | "https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64" \ 24 | && chmod a+x /usr/local/bin/jq \ 25 | && jq --version | grep -q "${JQ_VERSION}" 26 | 27 | ENV USER=infra 28 | ENV HOME=/home/"${USER}" 29 | 30 | RUN adduser --uid=1000 "${USER}" \ 31 | && chown -R "${USER}" /home/"${USER}" \ 32 | && chmod -R 750 /home/"${USER}" 33 | 34 | USER "${USER}" 35 | 36 | LABEL io.jenkins-infra.tools="aws-cli,jq" 37 | LABEL io.jenkins-infra.tools.aws-cli.version="${AWS_CLI_VERSION}" 38 | LABEL io.jenkins-infra.tools.jq.version="${JQ_VERSION}" 39 | 40 | WORKDIR /app 41 | 42 | ENTRYPOINT [] 43 | CMD ["/bin/bash"] 44 | -------------------------------------------------------------------------------- /cst.yml: -------------------------------------------------------------------------------- 1 | schemaVersion: 2.0.0 2 | metadataTest: 3 | env: 4 | - key: "USER" 5 | value: "infra" 6 | - key: "HOME" 7 | value: "/home/infra" 8 | labels: 9 | - key: io.jenkins-infra.tools 10 | value: "aws-cli,jq" 11 | - key: io.jenkins-infra.tools.aws-cli.version 12 | value: "2.1.39" 13 | - key: io.jenkins-infra.tools.jq.version 14 | value: "1.6" 15 | entrypoint: [] 16 | cmd: ["/bin/bash"] 17 | workdir: "/app" 18 | fileExistenceTests: 19 | - name: 'Bash' 20 | path: '/bin/bash' 21 | shouldExist: true 22 | isExecutableBy: 'any' 23 | - name: 'Curl' 24 | path: '/usr/bin/curl' 25 | shouldExist: true 26 | isExecutableBy: 'any' 27 | - name: 'Make' 28 | path: '/usr/bin/make' 29 | shouldExist: true 30 | isExecutableBy: 'any' 31 | - name: 'Unzip' 32 | path: '/usr/bin/unzip' 33 | shouldExist: true 34 | isExecutableBy: 'any' 35 | - name: 'Which' 36 | path: '/usr/bin/which' 37 | shouldExist: true 38 | isExecutableBy: 'any' 39 | - name: 'JQ' 40 | path: '/usr/local/bin/jq' 41 | shouldExist: true 42 | isExecutableBy: 'any' 43 | - name: "Default user's home" 44 | path: '/home/infra' 45 | shouldExist: true 46 | fileContentTests: 47 | - name: 'Default user exists with the correct UID/GID' 48 | path: '/etc/passwd' 49 | expectedContents: ['.*infra:x:1000:1000.*'] 50 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/jq.yml: -------------------------------------------------------------------------------- 1 | --- 2 | title: "Bump jq version" 3 | sources: 4 | getJqVersion: 5 | kind: githubRelease 6 | name: Get the latest Jq version 7 | spec: 8 | owner: "stedolan" 9 | repository: "jq" 10 | token: "{{ requiredEnv .github.token }}" 11 | username: "{{ .github.username }}" 12 | versionFilter: 13 | kind: latest 14 | transformers: 15 | - trimPrefix: "jq-" 16 | conditions: 17 | testDockerfileArgJqVersion: 18 | name: "Does the Dockerfile have an ARG instruction which key is JQ_VERSION?" 19 | kind: dockerfile 20 | spec: 21 | file: Dockerfile 22 | instruction: 23 | keyword: "ARG" 24 | matcher: "JQ_VERSION" 25 | testCstJqVersion: 26 | name: "Does the test harness checks for a label io.jenkins-infra.tools.jq.version?" 27 | kind: yaml 28 | spec: 29 | file: "cst.yml" 30 | key: "metadataTest.labels[2].key" 31 | value: io.jenkins-infra.tools.jq.version 32 | targets: 33 | updateCstJqVersion: 34 | name: "Update the label io.jenkins-infra.tools.jq.version in the test harness" 35 | sourceID: getJqVersion 36 | kind: yaml 37 | spec: 38 | file: "cst.yml" 39 | key: "metadataTest.labels[2].value" 40 | scm: 41 | github: 42 | user: "{{ .github.user }}" 43 | email: "{{ .github.email }}" 44 | owner: "{{ .github.owner }}" 45 | repository: "{{ .github.repository }}" 46 | token: "{{ requiredEnv .github.token }}" 47 | username: "{{ .github.username }}" 48 | branch: "{{ .github.branch }}" 49 | updateDockerfileArgJqVersion: 50 | name: "Update the value of ARG JQ_VERSION in the Dockerfile" 51 | sourceID: getJqVersion 52 | kind: dockerfile 53 | spec: 54 | file: Dockerfile 55 | instruction: 56 | keyword: "ARG" 57 | matcher: "JQ_VERSION" 58 | scm: 59 | github: 60 | user: "{{ .github.user }}" 61 | email: "{{ .github.email }}" 62 | owner: "{{ .github.owner }}" 63 | repository: "{{ .github.repository }}" 64 | token: "{{ requiredEnv .github.token }}" 65 | username: "{{ .github.username }}" 66 | branch: "{{ .github.branch }}" 67 | ... 68 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/aws-cli.yml: -------------------------------------------------------------------------------- 1 | --- 2 | title: "Bump AWS CLI version" 3 | sources: 4 | getAWSCliLatestRelease: 5 | kind: githubRelease 6 | name: Get the latest AWS CLI version 7 | spec: 8 | owner: "aws" 9 | repository: "aws-cli" 10 | token: "{{ requiredEnv .github.token }}" 11 | username: "{{ .github.username }}" 12 | versionFilter: 13 | kind: regex 14 | pattern: '2.(\d*).(\d*)' # Only the version 2.x.y has a Docker Image 15 | conditions: 16 | testDockerfileArgAwsCliVersion: 17 | name: "Does the Docker Image exists with the found tag?" 18 | kind: dockerImage 19 | spec: 20 | image: "amazon/aws-cli" 21 | testDockerImageAwsCli: 22 | name: "Does the Dockerfile have an ARG instruction which key is AWS_CLI_VERSION?" 23 | kind: dockerfile 24 | spec: 25 | file: Dockerfile 26 | instruction: 27 | keyword: "ARG" 28 | matcher: "AWS_CLI_VERSION" 29 | testCstAwsClilangVersion: 30 | name: "Does the test harness checks for a label label io.jenkins-infra.tools.aws-cli.version?" 31 | kind: yaml 32 | spec: 33 | file: "cst.yml" 34 | key: "metadataTest.labels[1].key" 35 | value: io.jenkins-infra.tools.aws-cli.version 36 | targets: 37 | updateCstAwsCliVersion: 38 | name: "Update the label io.jenkins-infra.tools.aws-cli.version in the test harness" 39 | sourceID: getAWSCliLatestRelease 40 | kind: yaml 41 | spec: 42 | file: "cst.yml" 43 | key: "metadataTest.labels[1].value" 44 | scm: 45 | github: 46 | user: "{{ .github.user }}" 47 | email: "{{ .github.email }}" 48 | owner: "{{ .github.owner }}" 49 | repository: "{{ .github.repository }}" 50 | token: "{{ requiredEnv .github.token }}" 51 | username: "{{ .github.username }}" 52 | branch: "{{ .github.branch }}" 53 | updateDockerfileArAwsCliVersion: 54 | name: "Update the value of AWS_CLI_VERSION in the Dockerfile" 55 | sourceID: getAWSCliLatestRelease 56 | kind: dockerfile 57 | spec: 58 | file: Dockerfile 59 | instruction: 60 | keyword: "ARG" 61 | matcher: "AWS_CLI_VERSION" 62 | scm: 63 | github: 64 | user: "{{ .github.user }}" 65 | email: "{{ .github.email }}" 66 | owner: "{{ .github.owner }}" 67 | repository: "{{ .github.repository }}" 68 | token: "{{ requiredEnv .github.token }}" 69 | username: "{{ .github.username }}" 70 | branch: "{{ .github.branch }}" 71 | ... 72 | --------------------------------------------------------------------------------