-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FIPS #267
FIPS #267
Changes from all commits
b4e75ab
1ba95e0
1a4b484
52fd4eb
62a1729
2aa26dc
d015a16
10e3e39
6bf5b52
73b3d3c
cc3da23
b920ac1
70899c2
ddf1107
86287bc
1be485c
151a39c
10efcb7
62e673e
869b82e
0ea4c63
8cf8ebc
dc2588b
130e29d
ff91fc0
962457f
422dcb3
10356a2
5805dd2
3c25475
c1667df
1eb95bd
d52a45f
e9bb3ee
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -18,7 +18,8 @@ RUN apk add \ | |
ca-certificates \ | ||
cmake \ | ||
bash \ | ||
aws-cli | ||
aws-cli \ | ||
perl-strictures | ||
|
||
WORKDIR /tmp | ||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -18,7 +18,8 @@ RUN apk add \ | |
ca-certificates \ | ||
cmake \ | ||
bash \ | ||
aws-cli | ||
aws-cli \ | ||
perl-strictures | ||
|
||
WORKDIR /tmp | ||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -24,6 +24,12 @@ RUN apt-get update -qq \ | |
ca-certificates \ | ||
&& apt-get clean | ||
|
||
# Add the longsleep/golang-backports PPA | ||
RUN apt-get update && apt-get install -y software-properties-common && add-apt-repository ppa:longsleep/golang-backports && apt-get update | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. debatable: I would rather investigate the failure on x64 instead of having two different methods for installing GO. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I did spend half a day to investigate it, and I don't know. The issue is when we extract the go.tar.gz something failed. I tried different packages, and different ways to extract, no luck. It only happens for ubuntu, and I gave up |
||
|
||
# Install Go from the PPA | ||
RUN apt-get install -y golang-go | ||
|
||
############################################################################### | ||
# Python/AWS CLI | ||
############################################################################### | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,94 @@ | ||
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# SPDX-License-Identifier: Apache-2.0. | ||
|
||
import os | ||
from pathlib import Path | ||
|
||
from builder.core.fetch import fetch_and_extract, mirror_package | ||
from builder.core.project import Import | ||
import builder.core.util as util | ||
from builder.core.host import current_platform | ||
|
||
URLs = { | ||
'linux-armv6': 'https://go.dev/dl/go1.21.5.linux-armv6l.tar.gz', | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. any specific reason for 1.25.5? if we just want latest versions, looks like we can them up here https://go.dev/dl/?mode=json |
||
'linux-armv7': 'https://go.dev/dl/go1.21.5.linux-armv6l.tar.gz', | ||
'linux-armv8': 'https://go.dev/dl/go1.21.5.linux-arm64.tar.gz', | ||
'linux-x86': 'https://go.dev/dl/go1.21.5.linux-386.tar.gz', | ||
'linux-x64': 'https://go.dev/dl/go1.21.5.linux-amd64.tar.gz', | ||
'openbsd-x64': 'https://go.dev/dl/go1.21.5.linux-amd64.tar.gz', | ||
'windows-x64': 'https://go.dev/dl/go1.21.5.windows-amd64.zip', | ||
'windows-x86': 'https://go.dev/dl/go1.21.5.windows-386.zip', | ||
'macos-x64': 'https://go.dev/dl/go1.21.5.darwin-amd64.tar.gz', | ||
} | ||
|
||
|
||
class GOLANG(Import): | ||
def __init__(self, **kwargs): | ||
super().__init__( | ||
config={}, | ||
**kwargs) | ||
self.path = None | ||
self.installed = False | ||
|
||
def resolved(self): | ||
return True | ||
|
||
def install(self, env): | ||
if self.installed: | ||
return | ||
|
||
sh = env.shell | ||
|
||
target = '{}-{}'.format(env.spec.target, env.spec.arch) | ||
|
||
cross_compile = util.deep_get(env, 'toolchain.cross_compile', False) | ||
|
||
# If this is a local build, check the local machine | ||
if not cross_compile or target not in URLs: | ||
# run `go version` | ||
result = util.run_command('go', 'version') | ||
if result.returncode == 0: | ||
# check the version, we need version >=1.18 | ||
version_str = result.output.split(" ")[2][2:] | ||
version_numbers = list(map(int, version_str.split('.'))) | ||
compare_version_numbers = list(map(int, "1.18.0".split('.'))) | ||
if version_numbers >= compare_version_numbers: | ||
return | ||
|
||
if target not in URLs: | ||
raise EnvironmentError( | ||
'No pre-built binaries for {} are available, please install golang greater than 1.18'.format(target)) | ||
|
||
install_dir = os.path.join(env.deps_dir, self.name.lower()) | ||
# If path is going to be relative, it has to be relative to the source directory | ||
self.path = str(Path(install_dir).relative_to(env.root_dir)) | ||
print('Installing pre-built golang binaries for {} to {}'.format( | ||
target, install_dir)) | ||
|
||
sh.mkdir(install_dir) | ||
if cross_compile: | ||
# If cross compile using the go execuble for current platform instead to codegen | ||
url = URLs[current_platform()] | ||
else: | ||
url = URLs[target] | ||
ext = '.tar.gz' if url.endswith('.tar.gz') else '.zip' | ||
filename = '{}/golang{}'.format(install_dir, ext) | ||
print('Downloading {}'.format(url)) | ||
fetch_and_extract(url, filename, install_dir) | ||
os.remove(filename) | ||
|
||
# Set PATH | ||
if cross_compile: | ||
# Path to go binary | ||
env.variables['go_path'] = "/work/"+str(Path(os.path.join(install_dir, 'go/bin') | ||
).relative_to(env.root_dir)) | ||
else: | ||
# export the PATH directly if not cross compile. | ||
# env.variables['go_path'] = '{}/go/bin'.format(install_dir) | ||
sh.setenv('PATH', '{}{}{}'.format('{}/go/bin'.format(install_dir), os.pathsep, sh.getenv('PATH'))) | ||
|
||
self.installed = True | ||
|
||
def mirror(self, env): | ||
for src_url in URLs.values(): | ||
mirror_package(self.name, src_url) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we need this weird specific package?
https://metacpan.org/pod/strictures
Is there something more basic, named like
perl
?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah, but aws-lc needs strict module for perl.
anyway, we are not turning fips on by default now. I can remove this