diff --git a/al2/x86_64/standard/4.0/Dockerfile b/al2/x86_64/standard/4.0/Dockerfile new file mode 100644 index 00000000..e319040e --- /dev/null +++ b/al2/x86_64/standard/4.0/Dockerfile @@ -0,0 +1,366 @@ +# Copyright 2020-2022 Amazon.com, Inc. or its affiliates. All Rights Reserved. +# +# Licensed under the Amazon Software License (the "License"). You may not use this file except in compliance with the License. +# A copy of the License is located at +# +# http://aws.amazon.com/asl/ +# +# or in the "license" file accompanying this file. +# This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied. +# See the License for the specific language governing permissions and limitations under the License. + +FROM public.ecr.aws/amazonlinux/amazonlinux:2 AS core + +# Install git, SSH, and other utilities +RUN set -ex \ + && yum install -y -q openssh-clients \ + && mkdir ~/.ssh \ + && mkdir -p /opt/tools \ + && mkdir -p /codebuild/image/config \ + && touch ~/.ssh/known_hosts \ + && ssh-keyscan -t rsa,dsa -H github.com >> ~/.ssh/known_hosts \ + && ssh-keyscan -t rsa,dsa -H bitbucket.org >> ~/.ssh/known_hosts \ + && chmod 600 ~/.ssh/known_hosts \ + && amazon-linux-extras install epel -y \ + && rpm --import https://download.mono-project.com/repo/xamarin.gpg \ + && curl https://download.mono-project.com/repo/centos7-stable.repo | tee /etc/yum.repos.d/mono-centos7-stable.repo \ + && amazon-linux-extras enable corretto8 \ + && amazon-linux-extras enable docker \ + && yum groupinstall -y -q "Development tools" \ + && yum install -y -q \ + GeoIP-devel ImageMagick asciidoc bzip2-devel bzr bzrtools cvs cvsps \ + docbook-dtds docbook-style-xsl dpkg-dev e2fsprogs expat-devel expect fakeroot \ + glib2-devel groff gzip icu iptables jq krb5-server libargon2-devel \ + libcurl-devel libdb-devel libedit-devel libevent-devel libffi-devel \ + libicu-devel libjpeg-devel libpng-devel libserf libsqlite3x-devel \ + libtidy-devel libunwind libwebp-devel libxml2-devel libxslt libxslt-devel \ + libyaml-devel libzip-devel mariadb-devel mercurial mlocate mono-devel \ + ncurses-devel oniguruma-devel openssl openssl-devel perl-DBD-SQLite \ + perl-DBI perl-HTTP-Date perl-IO-Pty-Easy perl-TimeDate perl-YAML-LibYAML \ + postgresql-devel procps-ng python-configobj readline-devel rsync sgml-common \ + subversion-perl tar tcl tk vim wget which xfsprogs xmlto xorg-x11-server-Xvfb xz-devel \ + amazon-ecr-credential-helper \ + && rm /etc/yum.repos.d/mono-centos7-stable.repo + +RUN useradd codebuild-user + +#=======================End of layer: core ================= + +FROM core AS tools + +# Install Git +RUN set -ex \ + && GIT_VERSION=2.36.1 \ + && GIT_TAR_FILE=git-$GIT_VERSION.tar.gz \ + && GIT_SRC=https://github.com/git/git/archive/v${GIT_VERSION}.tar.gz \ + && curl -L -o $GIT_TAR_FILE $GIT_SRC \ + && tar zxf $GIT_TAR_FILE \ + && cd git-$GIT_VERSION \ + && make -j4 prefix=/usr \ + && make install prefix=/usr \ + && cd .. && rm -rf git-$GIT_VERSION \ + && rm -rf $GIT_TAR_FILE /tmp/* + +# Install stunnel +RUN set -ex \ + && STUNNEL_VERSION=5.64 \ + && STUNNEL_TAR=stunnel-$STUNNEL_VERSION.tar.gz \ + && STUNNEL_SHA256="eebe53ed116ba43b2e786762b0c2b91511e7b74857ad4765824e7199e6faf883" \ + && curl -o $STUNNEL_TAR https://www.usenix.org.uk/mirrors/stunnel/archive/5.x/$STUNNEL_TAR && echo "$STUNNEL_SHA256 $STUNNEL_TAR" | sha256sum --check && tar xfz $STUNNEL_TAR \ + && cd stunnel-$STUNNEL_VERSION \ + && ./configure \ + && make -j4 \ + && make install \ + && openssl genrsa -out key.pem 2048 \ + && openssl req -new -x509 -key key.pem -out cert.pem -days 1095 -subj "/C=US/ST=Washington/L=Seattle/O=Amazon/OU=Codebuild/CN=codebuild.amazon.com" \ + && cat key.pem cert.pem >> /usr/local/etc/stunnel/stunnel.pem \ + && cd .. && rm -rf stunnel-${STUNNEL_VERSION}* + +# AWS Tools +# https://docs.aws.amazon.com/eks/latest/userguide/install-aws-iam-authenticator.html https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_CLI_installation.html +RUN curl -sS -o /usr/local/bin/aws-iam-authenticator https://amazon-eks.s3.us-west-2.amazonaws.com/1.22.6/2022-03-09/bin/linux/amd64/aws-iam-authenticator \ + && curl -sS -o /usr/local/bin/kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.22.6/2022-03-09/bin/linux/amd64/kubectl \ + && curl -sS -o /usr/local/bin/ecs-cli https://s3.amazonaws.com/amazon-ecs-cli/ecs-cli-linux-amd64-latest \ + && curl -sS -L https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_Linux_amd64.tar.gz | tar xz -C /usr/local/bin \ + && chmod +x /usr/local/bin/kubectl /usr/local/bin/aws-iam-authenticator /usr/local/bin/ecs-cli /usr/local/bin/eksctl + +# Configure SSM +RUN set -ex \ + && yum install -y -q https://s3.amazonaws.com/amazon-ssm-us-east-1/latest/linux_amd64/amazon-ssm-agent.rpm + +# Install env tools for runtimes +## Dotnet +ENV PATH="/root/.dotnet/:/root/.dotnet/tools/:$PATH" +RUN set -ex \ +&& wget -qO /usr/local/bin/dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ +&& chmod +x /usr/local/bin/dotnet-install.sh + +##nodejs +ENV N_SRC_DIR="$SRC_DIR/n" +RUN git clone https://github.com/tj/n $N_SRC_DIR \ + && cd $N_SRC_DIR && make install + +##ruby +ENV RBENV_SRC_DIR="/usr/local/rbenv" + +ENV PATH="/root/.rbenv/shims:$RBENV_SRC_DIR/bin:$RBENV_SRC_DIR/shims:$PATH" \ + RUBY_BUILD_SRC_DIR="$RBENV_SRC_DIR/plugins/ruby-build" + +RUN set -ex \ + && git clone https://github.com/rbenv/rbenv.git $RBENV_SRC_DIR \ + && mkdir -p $RBENV_SRC_DIR/plugins \ + && git clone https://github.com/rbenv/ruby-build.git $RUBY_BUILD_SRC_DIR \ + && sh $RUBY_BUILD_SRC_DIR/install.sh + +##python +RUN curl https://pyenv.run | bash +ENV PATH="/root/.pyenv/shims:/root/.pyenv/bin:$PATH" + +##php +RUN curl -L https://raw.githubusercontent.com/phpenv/phpenv-installer/master/bin/phpenv-installer | bash +ENV PATH="/root/.phpenv/shims:/root/.phpenv/bin:$PATH" + +##go +RUN git clone https://github.com/syndbg/goenv.git $HOME/.goenv +ENV PATH="/root/.goenv/shims:/root/.goenv/bin:/go/bin:$PATH" +ENV GOENV_DISABLE_GOPATH=1 +ENV GOPATH="/go" + +#=======================End of layer: tools ================= + +FROM tools AS runtimes_1 + +#**************** JAVA **************************************************** + +ENV JAVA_17_HOME="/usr/lib/jvm/java-17-amazon-corretto.x86_64" \ + JDK_17_HOME="/usr/lib/jvm/java-17-amazon-corretto.x86_64" \ + JRE_17_HOME="/usr/lib/jvm/java-17-amazon-corretto.x86_64" \ + ANT_VERSION=1.10.12 \ + MAVEN_HOME="/opt/maven" \ + MAVEN_VERSION=3.8.6 \ + INSTALLED_GRADLE_VERSIONS="7.4.2" \ + GRADLE_VERSION=7.4.2 \ + SBT_VERSION=1.6.2 \ + GRADLE_PATH="$SRC_DIR/gradle" \ + ANT_DOWNLOAD_SHA512="2287dc5cfc21043c14e5413f9afb1c87c9f266ec2a9ba2d3bf2285446f6e4ccb59b558bf2e5c57911a05dfa293c7d5c7ad60ac9f744ba11406f4e6f9a27b2403" \ + MAVEN_DOWNLOAD_SHA512="f790857f3b1f90ae8d16281f902c689e4f136ebe584aba45e4b1fa66c80cba826d3e0e52fdd04ed44b4c66f6d3fe3584a057c26dfcac544a60b301e6d0f91c26" \ + GRADLE_DOWNLOADS_SHA256="e6d864e3b5bc05cc62041842b306383fc1fefcec359e70cebb1d470a6094ca82 7.4.2" \ + SBT_DOWNLOAD_SHA256="637637b6c4e6fa04ab62cd364061e32b12480b09001cd23303df62b36fadd440" \ + LOG4J_UNSAFE_VERSIONS="2.11.1 1.2.8" + +ARG MAVEN_CONFIG_HOME="/root/.m2" +ENV JAVA_HOME="$JAVA_17_HOME" \ + JDK_HOME="$JDK_17_HOME" \ + JRE_HOME="$JRE_17_HOME" + +RUN set -x \ + # Install Amazon Corretto 17 + && yum install -y -q java-17-amazon-corretto \ + && update-ca-trust \ + && for tool_path in $JAVA_HOME/bin/*; do \ + tool=`basename $tool_path`; \ + update-alternatives --install /usr/bin/$tool $tool $tool_path 10000; \ + update-alternatives --set $tool $tool_path; \ + done \ + && rm $JAVA_HOME/lib/security/cacerts && ln -s /etc/pki/java/cacerts $JAVA_HOME/lib/security/cacerts \ + # Install Ant + && curl -LSso /var/tmp/apache-ant-$ANT_VERSION-bin.tar.gz https://archive.apache.org/dist/ant/binaries/apache-ant-$ANT_VERSION-bin.tar.gz \ + && echo "$ANT_DOWNLOAD_SHA512 /var/tmp/apache-ant-$ANT_VERSION-bin.tar.gz" | sha512sum -c - \ + && tar -xzf /var/tmp/apache-ant-$ANT_VERSION-bin.tar.gz -C /opt \ + && rm /var/tmp/apache-ant-$ANT_VERSION-bin.tar.gz \ + && update-alternatives --install /usr/bin/ant ant /opt/apache-ant-$ANT_VERSION/bin/ant 10000 + +RUN set -ex \ + # Install Maven + && mkdir -p $MAVEN_HOME \ + && curl -LSso /var/tmp/apache-maven-$MAVEN_VERSION-bin.tar.gz https://apache.org/dist/maven/maven-3/$MAVEN_VERSION/binaries/apache-maven-$MAVEN_VERSION-bin.tar.gz \ + && echo "$MAVEN_DOWNLOAD_SHA512 /var/tmp/apache-maven-$MAVEN_VERSION-bin.tar.gz" | sha512sum -c - \ + && tar xzf /var/tmp/apache-maven-$MAVEN_VERSION-bin.tar.gz -C $MAVEN_HOME --strip-components=1 \ + && rm /var/tmp/apache-maven-$MAVEN_VERSION-bin.tar.gz \ + && update-alternatives --install /usr/bin/mvn mvn /opt/maven/bin/mvn 10000 \ + && mkdir -p $MAVEN_CONFIG_HOME \ + # Install Gradle + && mkdir -p $GRADLE_PATH \ + && for version in $INSTALLED_GRADLE_VERSIONS; do { \ + wget -q "https://services.gradle.org/distributions/gradle-$version-all.zip" -O "$GRADLE_PATH/gradle-$version-all.zip" \ + && unzip -q "$GRADLE_PATH/gradle-$version-all.zip" -d /usr/local \ + && echo -e "$GRADLE_DOWNLOADS_SHA256" | grep "$version" | sed "s|$version|$GRADLE_PATH/gradle-$version-all.zip|" | sha256sum -c - \ + && rm "$GRADLE_PATH/gradle-$version-all.zip" \ + && mkdir "/tmp/gradle-$version" \ + && "/usr/local/gradle-$version/bin/gradle" -p "/tmp/gradle-$version" init \ + && "/usr/local/gradle-$version/bin/gradle" -p "/tmp/gradle-$version" wrapper \ + # Android Studio uses the "-all" distribution for it's wrapper script. + && perl -pi -e "s/gradle-$version-bin.zip/gradle-$version-all.zip/" "/tmp/gradle-$version/gradle/wrapper/gradle-wrapper.properties" \ + && "/tmp/gradle-$version/gradlew" -p "/tmp/gradle-$version" init \ + && rm -rf "/tmp/gradle-$version" \ + && if [ "$version" != "$GRADLE_VERSION" ]; then rm -rf "/usr/local/gradle-$version"; fi; \ + }; done \ + # Install default GRADLE_VERSION to path + && ln -s /usr/local/gradle-$GRADLE_VERSION/bin/gradle /usr/bin/gradle \ + && rm -rf $GRADLE_PATH \ + # Install SBT + && curl -fSL "https://github.com/sbt/sbt/releases/download/v${SBT_VERSION}/sbt-${SBT_VERSION}.tgz" -o sbt.tgz \ + && echo "${SBT_DOWNLOAD_SHA256} *sbt.tgz" | sha256sum -c - \ + && tar xzf sbt.tgz -C /usr/local/bin/ \ + && rm sbt.tgz \ + && for version in $LOG4J_UNSAFE_VERSIONS; do find / -name log4j*-$version.jar | xargs rm -f; done + +ENV PATH "/usr/local/bin/sbt/bin:$PATH" +RUN sbt version -Dsbt.rootdir=true +# Cleanup +RUN rm -fr /tmp/* /var/tmp/* +#**************** END JAVA **************************************************** + + +#**************** PowerShell ******************************************************* + +# Install Powershell Core +# See instructions at https://docs.microsoft.com/en-us/powershell/scripting/setup/installing-powershell-core-on-linux +ENV POWERSHELL_VERSION 7.2.4 +ENV POWERSHELL_DOWNLOAD_URL https://github.com/PowerShell/PowerShell/releases/download/v$POWERSHELL_VERSION/powershell-$POWERSHELL_VERSION-linux-x64.tar.gz +ENV POWERSHELL_DOWNLOAD_SHA 935B874A2E5F5662AB23EFBE7392DC96C27D4FD064041D28A25A487EC5F6CC2E + +RUN set -ex \ + && curl -SL $POWERSHELL_DOWNLOAD_URL --output powershell.tar.gz \ + && echo "$POWERSHELL_DOWNLOAD_SHA powershell.tar.gz" | sha256sum -c - \ + && mkdir -p /opt/microsoft/powershell/$POWERSHELL_VERSION \ + && tar zxf powershell.tar.gz -C /opt/microsoft/powershell/$POWERSHELL_VERSION \ + && rm powershell.tar.gz \ + && ln -s /opt/microsoft/powershell/$POWERSHELL_VERSION/pwsh /usr/bin/pwsh + +#DotNet 6.0 +ENV DOTNET_60_SDK_VERSION="6.0.301" +ENV DOTNET_ROOT="/root/.dotnet" + +# Add .NET Core 6.0 Global Tools install folder to PATH +RUN /usr/local/bin/dotnet-install.sh -v $DOTNET_60_SDK_VERSION \ + && dotnet --list-sdks \ + && rm -rf /tmp/* + +## Trigger the population of the local package cache +ENV NUGET_XMLDOC_MODE skip +RUN set -ex \ + && mkdir warmup \ + && cd warmup \ + && dotnet new \ + && cd .. \ + && rm -rf warmup \ + && rm -rf /tmp/NuGetScratch +#**************** END Powershell ******************************************************* + + +#**************** NODEJS **************************************************** + +ENV NODE_16_VERSION="16.15.1" + +RUN n $NODE_16_VERSION && npm install --save-dev -g -f grunt && npm install --save-dev -g -f grunt-cli && npm install --save-dev -g -f webpack \ + && curl -sSL https://dl.yarnpkg.com/rpm/yarn.repo | tee /etc/yum.repos.d/yarn.repo \ + && rpm --import https://dl.yarnpkg.com/rpm/pubkey.gpg \ + && yum install -y https://download-ib01.fedoraproject.org/pub/epel/8/Modular/x86_64/Packages/l/libuv-1.43.0-2.module_el8+13804+34326f90.x86_64.rpm \ + && yum install -y -q yarn \ + && yarn --version \ + && cd / && rm -rf $N_SRC_DIR && rm -rf /tmp/* + +#**************** END NODEJS **************************************************** + +#**************** RUBY ********************************************************* + +ENV RUBY_31_VERSION="3.1.2" + +RUN rbenv install $RUBY_31_VERSION && rm -rf /tmp/* && rbenv global $RUBY_31_VERSION && ruby -v + +#**************** END RUBY ***************************************************** + +#**************** PYTHON ***************************************************** +#Python 3.9 +ENV PYTHON_39_VERSION="3.9.12" +ENV PYTHON_PIP_VERSION=21.1.2 +ENV PYYAML_VERSION=5.4.1 + +COPY tools/runtime_configs/python/$PYTHON_39_VERSION /root/.pyenv/plugins/python-build/share/python-build/$PYTHON_39_VERSION +RUN env PYTHON_CONFIGURE_OPTS="--enable-shared" pyenv install $PYTHON_39_VERSION && rm -rf /tmp/* +RUN pyenv global $PYTHON_39_VERSION +RUN set -ex \ + && pip3 install --no-cache-dir --upgrade --force-reinstall "pip==$PYTHON_PIP_VERSION" \ + && pip3 install --no-cache-dir --upgrade "PyYAML==$PYYAML_VERSION" \ + && pip3 install --no-cache-dir --upgrade 'setuptools==57.4.0' wheel aws-sam-cli awscli boto3 pipenv virtualenv --use-feature=2020-resolver + +#**************** END PYTHON ***************************************************** + +#**************** PHP **************************************************** +ENV PHP_81_VERSION="8.1.6" + +COPY tools/runtime_configs/php/$PHP_81_VERSION /root/.phpenv/plugins/php-build/share/php-build/definitions/$PHP_81_VERSION +RUN phpenv install $PHP_81_VERSION && rm -rf /tmp/* && phpenv global $PHP_81_VERSION +RUN echo "memory_limit = 1G;" >> "/root/.phpenv/versions/$PHP_81_VERSION/etc/conf.d/memory.ini" + +# Install Composer globally +RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer +#**************** END PHP **************************************************** + +#**************** GOLANG **************************************************** +ENV GOLANG_18_VERSION="1.18.3" +ENV GOENV_DISABLE_GOPATH=1 +ENV GOPATH="/go" + +RUN goenv install $GOLANG_18_VERSION && rm -rf /tmp/* && \ + goenv global $GOLANG_18_VERSION && \ + go env -w GO111MODULE=auto + +RUN go get -u github.com/golang/dep/cmd/dep +#**************** END GOLANG **************************************************** + +#=======================End of layer: runtimes_1 ================= +FROM runtimes_1 AS runtimes_2 + +#Docker 20 +ENV DOCKER_BUCKET="download.docker.com" \ + DOCKER_CHANNEL="stable" \ + DIND_COMMIT="3b5fac462d21ca164b3778647420016315289034" \ + DOCKER_COMPOSE_VERSION="1.26.0" + +ENV DOCKER_SHA256="9ccfc39305ae1d8882d18c9c431544fca82913d6df717409ac2244ac58c4f070" +ENV DOCKER_VERSION="20.10.15" + +VOLUME /var/lib/docker + +RUN set -ex \ + && curl -fSL "https://${DOCKER_BUCKET}/linux/static/${DOCKER_CHANNEL}/x86_64/docker-${DOCKER_VERSION}.tgz" -o docker.tgz \ + && echo "${DOCKER_SHA256} *docker.tgz" | sha256sum -c - \ + && tar --extract --file docker.tgz --strip-components 1 --directory /usr/local/bin/ \ + && rm docker.tgz \ + && docker -v \ + # set up subuid/subgid so that "--userns-remap=default" works out-of-the-box + && groupadd dockremap \ + && useradd -g dockremap dockremap \ + && echo 'dockremap:165536:65536' >> /etc/subuid \ + && echo 'dockremap:165536:65536' >> /etc/subgid \ + && wget -q "https://raw.githubusercontent.com/docker/docker/${DIND_COMMIT}/hack/dind" -O /usr/local/bin/dind \ + && curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-Linux-x86_64 > /usr/local/bin/docker-compose \ + && chmod +x /usr/local/bin/dind /usr/local/bin/docker-compose \ + && docker-compose version + + +#=======================End of layer: runtimes_2 ================= +FROM runtimes_2 AS runtimes_3 + +# Install GitVersion +ENV GITVERSION_VERSION="5.3.5" +RUN set -ex \ + && dotnet tool install --global GitVersion.Tool --version $GITVERSION_VERSION \ + && ln -s ~/.dotnet/tools/dotnet-gitversion /usr/local/bin/gitversion + +#===================END of runtimes_3 ============== +FROM runtimes_3 AS al2_v3 + +# Configure SSH +COPY ssh_config /root/.ssh/config +COPY runtimes.yml /codebuild/image/config/runtimes.yml +COPY dockerd-entrypoint.sh /usr/local/bin/dockerd-entrypoint.sh +COPY legal/THIRD_PARTY_LICENSES.txt /usr/share/doc/THIRD_PARTY_LICENSES.txt +COPY legal/bill_of_material.txt /usr/share/doc/bill_of_material.txt +COPY amazon-ssm-agent.json /etc/amazon/ssm/amazon-ssm-agent.json + +ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh"] + +#=======================End of layer: al2_v3 ================= diff --git a/al2/x86_64/standard/2.0/amazon-ssm-agent.json b/al2/x86_64/standard/4.0/amazon-ssm-agent.json similarity index 100% rename from al2/x86_64/standard/2.0/amazon-ssm-agent.json rename to al2/x86_64/standard/4.0/amazon-ssm-agent.json diff --git a/al2/x86_64/standard/2.0/dockerd-entrypoint.sh b/al2/x86_64/standard/4.0/dockerd-entrypoint.sh similarity index 100% rename from al2/x86_64/standard/2.0/dockerd-entrypoint.sh rename to al2/x86_64/standard/4.0/dockerd-entrypoint.sh diff --git a/al2/x86_64/standard/2.0/legal/THIRD_PARTY_LICENSES.txt b/al2/x86_64/standard/4.0/legal/THIRD_PARTY_LICENSES.txt similarity index 100% rename from al2/x86_64/standard/2.0/legal/THIRD_PARTY_LICENSES.txt rename to al2/x86_64/standard/4.0/legal/THIRD_PARTY_LICENSES.txt diff --git a/al2/x86_64/standard/2.0/legal/bill_of_material.txt b/al2/x86_64/standard/4.0/legal/bill_of_material.txt similarity index 100% rename from al2/x86_64/standard/2.0/legal/bill_of_material.txt rename to al2/x86_64/standard/4.0/legal/bill_of_material.txt diff --git a/al2/x86_64/standard/4.0/runtimes.yml b/al2/x86_64/standard/4.0/runtimes.yml new file mode 100644 index 00000000..9a31e4a3 --- /dev/null +++ b/al2/x86_64/standard/4.0/runtimes.yml @@ -0,0 +1,64 @@ +version: 0.1 + +runtimes: + java: + versions: + corretto17: + commands: + - echo "Installing corretto(OpenJDK) version 17 ..." + + - export JAVA_HOME="$JAVA_17_HOME" + + - export JRE_HOME="$JRE_17_HOME" + + - export JDK_HOME="$JDK_17_HOME" + + - |- + for tool_path in "$JAVA_HOME"/bin/*; + do tool=`basename "$tool_path"`; + if [ $tool != 'java-rmi.cgi' ]; + then + rm -f /usr/bin/$tool /var/lib/alternatives/$tool \ + && update-alternatives --install /usr/bin/$tool $tool $tool_path 20000; + fi; + done + golang: + versions: + 1.18: + commands: + - echo "Installing Go version 1.18 ..." + - goenv global $GOLANG_18_VERSION + python: + versions: + 3.9: + commands: + - echo "Installing Python version 3.9 ..." + - pyenv global $PYTHON_39_VERSION + php: + versions: + 8.1: + commands: + - echo "Installing PHP version 8.1 ..." + - phpenv global $PHP_81_VERSION + ruby: + versions: + 3.1: + commands: + - echo "Installing Ruby version 3.1 ..." + - rbenv global $RUBY_31_VERSION + nodejs: + versions: + 16: + commands: + - echo "Installing Node.js version 16 ..." + - n $NODE_16_VERSION + docker: + versions: + 20: + commands: + - echo "Specifying docker version in buildspec is deprecated. Using docker $DOCKER_VERSION" + dotnet: + versions: + 6.0: + commands: + - echo "Installing .NET version 6.0 ..." diff --git a/al2/x86_64/standard/2.0/ssh_config b/al2/x86_64/standard/4.0/ssh_config similarity index 100% rename from al2/x86_64/standard/2.0/ssh_config rename to al2/x86_64/standard/4.0/ssh_config diff --git a/al2/x86_64/standard/4.0/tools/runtime_configs/php/8.1.6 b/al2/x86_64/standard/4.0/tools/runtime_configs/php/8.1.6 new file mode 100644 index 00000000..53328bc5 --- /dev/null +++ b/al2/x86_64/standard/4.0/tools/runtime_configs/php/8.1.6 @@ -0,0 +1,17 @@ +configure_option "--with-curl" +configure_option "--with-password-argon2" +configure_option "--with-pdo-pgsql" +configure_option "--with-libedit" + +PHP_BUILD_EXTRA_MAKE_ARGUMENTS="-j4" + +#https://github.com/php-build/php-build/blob/master/share/php-build/definitions/8.1.6 +#Don't change beyond this line + +configure_option "--enable-gd" +configure_option "--with-jpeg" +configure_option "--with-zip" + +install_package "https://secure.php.net/distributions/php-8.1.6.tar.bz2" +install_xdebug "3.1.3" +enable_builtin_opcache diff --git a/al2/x86_64/standard/4.0/tools/runtime_configs/python/3.7.13 b/al2/x86_64/standard/4.0/tools/runtime_configs/python/3.7.13 new file mode 100644 index 00000000..5ed85b47 --- /dev/null +++ b/al2/x86_64/standard/4.0/tools/runtime_configs/python/3.7.13 @@ -0,0 +1,17 @@ +export PYTHON_CONFIGURE_OPTS="\ + --enable-shared + --enable-loadable-sqlite-extensions" + +# Don't change below this line. +# https://github.com/pyenv/pyenv/blob/master/plugins/python-build/share/python-build/3.7.13 + +#require_gcc +prefer_openssl11 +export PYTHON_BUILD_CONFIGURE_WITH_OPENSSL=1 +install_package "openssl-1.1.1n" "https://www.openssl.org/source/openssl-1.1.1n.tar.gz#40dceb51a4f6a5275bde0e6bf20ef4b91bfc32ed57c0552e2e8e15463372b17a" mac_openssl --if has_broken_mac_openssl +install_package "readline-8.1" "https://ftpmirror.gnu.org/readline/readline-8.1.tar.gz#f8ceb4ee131e3232226a17f51b164afc46cd0b9e6cef344be87c65962cb82b02" mac_readline --if has_broken_mac_readline +if has_tar_xz_support; then + install_package "Python-3.7.13" "https://www.python.org/ftp/python/3.7.13/Python-3.7.13.tar.xz#99f106275df8899c3e8cb9d7c01ce686c202ef275953301427194693de5bef84" standard verify_py37 copy_python_gdb ensurepip +else + install_package "Python-3.7.13" "https://www.python.org/ftp/python/3.7.13/Python-3.7.13.tgz#e405417f50984bc5870c7e7a9f9aeb93e9d270f5ac67f667a0cd3a09439682b5" standard verify_py37 copy_python_gdb ensurepip +fi diff --git a/al2/x86_64/standard/4.0/tools/runtime_configs/python/3.8.13 b/al2/x86_64/standard/4.0/tools/runtime_configs/python/3.8.13 new file mode 100644 index 00000000..f49aaa02 --- /dev/null +++ b/al2/x86_64/standard/4.0/tools/runtime_configs/python/3.8.13 @@ -0,0 +1,17 @@ +export PYTHON_CONFIGURE_OPTS="\ + --enable-shared + --enable-loadable-sqlite-extensions" + +# Don't change below this line. +# https://github.com/pyenv/pyenv/blob/master/plugins/python-build/share/python-build/3.8.13 + +#require_gcc +prefer_openssl11 +export PYTHON_BUILD_CONFIGURE_WITH_OPENSSL=1 +install_package "openssl-1.1.1n" "https://www.openssl.org/source/openssl-1.1.1n.tar.gz#40dceb51a4f6a5275bde0e6bf20ef4b91bfc32ed57c0552e2e8e15463372b17a" mac_openssl --if has_broken_mac_openssl +install_package "readline-8.1" "https://ftpmirror.gnu.org/readline/readline-8.1.tar.gz#f8ceb4ee131e3232226a17f51b164afc46cd0b9e6cef344be87c65962cb82b02" mac_readline --if has_broken_mac_readline +if has_tar_xz_support; then + install_package "Python-3.8.13" "https://www.python.org/ftp/python/3.8.13/Python-3.8.13.tar.xz#6f309077012040aa39fe8f0c61db8c0fa1c45136763299d375c9e5756f09cf57" standard verify_py38 copy_python_gdb ensurepip +else + install_package "Python-3.8.13" "https://www.python.org/ftp/python/3.8.13/Python-3.8.13.tgz#903b92d76354366b1d9c4434d0c81643345cef87c1600adfa36095d7b00eede4" standard verify_py38 copy_python_gdb ensurepip +fi diff --git a/al2/x86_64/standard/4.0/tools/runtime_configs/python/3.9.12 b/al2/x86_64/standard/4.0/tools/runtime_configs/python/3.9.12 new file mode 100644 index 00000000..fb3bf1f6 --- /dev/null +++ b/al2/x86_64/standard/4.0/tools/runtime_configs/python/3.9.12 @@ -0,0 +1,17 @@ +export PYTHON_CONFIGURE_OPTS="\ + --enable-shared + --enable-loadable-sqlite-extensions" + +# Don't change below this line. +# https://github.com/pyenv/pyenv/blob/master/plugins/python-build/share/python-build/3.9.12 + +#require_gcc +prefer_openssl11 +export PYTHON_BUILD_CONFIGURE_WITH_OPENSSL=1 +install_package "openssl-1.1.1n" "https://www.openssl.org/source/openssl-1.1.1n.tar.gz#40dceb51a4f6a5275bde0e6bf20ef4b91bfc32ed57c0552e2e8e15463372b17a" mac_openssl --if has_broken_mac_openssl +install_package "readline-8.1" "https://ftpmirror.gnu.org/readline/readline-8.1.tar.gz#f8ceb4ee131e3232226a17f51b164afc46cd0b9e6cef344be87c65962cb82b02" mac_readline --if has_broken_mac_readline +if has_tar_xz_support; then + install_package "Python-3.9.12" "https://www.python.org/ftp/python/3.9.12/Python-3.9.12.tar.xz#2cd94b20670e4159c6d9ab57f91dbf255b97d8c1a1451d1c35f4ec1968adf971" standard verify_py39 copy_python_gdb ensurepip +else + install_package "Python-3.9.12" "https://www.python.org/ftp/python/3.9.12/Python-3.9.12.tgz#70e08462ebf265012bd2be88a63d2149d880c73e53f1712b7bbbe93750560ae8" standard verify_py39 copy_python_gdb ensurepip +fi diff --git a/ubuntu/standard/6.0/Dockerfile b/ubuntu/standard/6.0/Dockerfile new file mode 100644 index 00000000..aec395da --- /dev/null +++ b/ubuntu/standard/6.0/Dockerfile @@ -0,0 +1,386 @@ +# Copyright 2020-2022 Amazon.com, Inc. or its affiliates. All Rights Reserved. +# +# Licensed under the Amazon Software License (the "License"). You may not use this file except in compliance with the License. +# A copy of the License is located at +# +# http://aws.amazon.com/asl/ +# +# or in the "license" file accompanying this file. +# This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied. +# See the License for the specific language governing permissions and limitations under the License. +FROM public.ecr.aws/ubuntu/ubuntu:22.04 AS core + +ARG DEBIAN_FRONTEND="noninteractive" + +# Install git, SSH, and other utilities +RUN set -ex \ + && echo 'Acquire::CompressionTypes::Order:: "gz";' > /etc/apt/apt.conf.d/99use-gzip-compression \ + && apt-get update \ + && apt install -y -qq apt-transport-https gnupg ca-certificates \ + && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF \ + && apt-get install software-properties-common -y -qq --no-install-recommends \ + && apt-add-repository -y ppa:git-core/ppa \ + && apt-get update \ + && apt-get install git=1:2.* -y -qq --no-install-recommends \ + && git version \ + && apt-get install -y -qq --no-install-recommends openssh-client \ + && mkdir ~/.ssh \ + && mkdir -p /codebuild/image/config \ + && touch ~/.ssh/known_hosts \ + && ssh-keyscan -t rsa,dsa -H github.com >> ~/.ssh/known_hosts \ + && ssh-keyscan -t rsa,dsa -H bitbucket.org >> ~/.ssh/known_hosts \ + && chmod 600 ~/.ssh/known_hosts \ + && apt-get install -y -qq --no-install-recommends \ + apt-utils asciidoc autoconf automake build-essential bzip2 \ + bzr curl dirmngr docbook-xml docbook-xsl dpkg-dev \ + e2fsprogs expect fakeroot file g++ gcc gettext gettext-base \ + groff gzip iptables jq less libapr1 libaprutil1 \ + libargon2-0-dev libbz2-dev libc6-dev libcurl4-openssl-dev \ + libdb-dev libdbd-sqlite3-perl libdbi-perl libdpkg-perl \ + libedit-dev liberror-perl libevent-dev libffi-dev libgeoip-dev \ + libglib2.0-dev libhttp-date-perl libio-pty-perl libjpeg-dev \ + libkrb5-dev liblzma-dev libmagickcore-dev libmagickwand-dev \ + libmysqlclient-dev libncurses5-dev libncursesw5-dev libonig-dev \ + libpq-dev libreadline-dev libserf-1-1 libsodium-dev libsqlite3-dev libssl-dev \ + libsvn1 libsvn-perl libtcl8.6 libtidy-dev libtimedate-perl \ + libtool libwebp-dev libxml2-dev libxml2-utils libxslt1-dev \ + libyaml-dev libyaml-perl llvm locales make mlocate \ + netbase openssl patch pkg-config procps python3-configobj \ + python3-openssl rsync sgml-base sgml-data \ + tar tcl tcl8.6 tk tk-dev unzip wget xfsprogs xml-core xmlto xsltproc \ + libzip-dev vim xvfb xz-utils zip zlib1g-dev \ + && rm -rf /var/lib/apt/lists/* + +ENV LC_CTYPE="C.UTF-8" + +RUN useradd codebuild-user + +#=======================End of layer: core ================= + + +FROM core AS tools + +# Install stunnel +RUN set -ex \ + && STUNNEL_VERSION=5.64 \ + && STUNNEL_TAR=stunnel-$STUNNEL_VERSION.tar.gz \ + && STUNNEL_SHA256="eebe53ed116ba43b2e786762b0c2b91511e7b74857ad4765824e7199e6faf883" \ + && curl -o $STUNNEL_TAR https://www.usenix.org.uk/mirrors/stunnel/archive/5.x/$STUNNEL_TAR && echo "$STUNNEL_SHA256 $STUNNEL_TAR" | sha256sum --check && tar xfz $STUNNEL_TAR \ + && cd stunnel-$STUNNEL_VERSION \ + && ./configure \ + && make -j4 \ + && make install \ + && openssl genrsa -out key.pem 2048 \ + && openssl req -new -x509 -key key.pem -out cert.pem -days 1095 -subj "/C=US/ST=Washington/L=Seattle/O=Amazon/OU=Codebuild/CN=codebuild.amazon.com" \ + && cat key.pem cert.pem >> /usr/local/etc/stunnel/stunnel.pem \ + && cd .. && rm -rf stunnel-${STUNNEL_VERSION}* + +# AWS Tools +# https://docs.aws.amazon.com/eks/latest/userguide/install-aws-iam-authenticator.html https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_CLI_installation.html +RUN curl -sS -o /usr/local/bin/aws-iam-authenticator https://s3.us-west-2.amazonaws.com/amazon-eks/1.22.6/2022-03-09/bin/linux/amd64/aws-iam-authenticator \ + && curl -sS -o /usr/local/bin/kubectl https://s3.us-west-2.amazonaws.com/amazon-eks/1.22.6/2022-03-09/bin/linux/amd64/kubectl \ + && curl -sS -o /usr/local/bin/ecs-cli https://s3.amazonaws.com/amazon-ecs-cli/ecs-cli-linux-amd64-latest \ + && curl -sS -L https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_Linux_amd64.tar.gz | tar xz -C /usr/local/bin \ + && chmod +x /usr/local/bin/kubectl /usr/local/bin/aws-iam-authenticator /usr/local/bin/ecs-cli /usr/local/bin/eksctl + +# Configure SSM +RUN set -ex \ + && mkdir /tmp/ssm \ + && cd /tmp/ssm \ + && wget -q https://s3.amazonaws.com/amazon-ssm-us-east-1/latest/debian_amd64/amazon-ssm-agent.deb \ + && dpkg -i amazon-ssm-agent.deb + +# Install AWS CLI v2 +# https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-linux.html +RUN curl https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip -o /tmp/awscliv2.zip \ + && unzip -q /tmp/awscliv2.zip -d /opt \ + && /opt/aws/install --update -i /usr/local/aws-cli -b /usr/local/bin \ + && rm /tmp/awscliv2.zip \ + && rm -rf /opt/aws \ + && aws --version + +# Install env tools for runtimes +# Dotnet +ENV PATH "/root/.dotnet/:/root/.dotnet/tools/:$PATH" +RUN set -ex \ +&& wget -qO /usr/local/bin/dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ +&& chmod +x /usr/local/bin/dotnet-install.sh + +#nodejs +ARG SRC_DIR="/usr/src" +ARG N_SRC_DIR="$SRC_DIR/n" +RUN git clone https://github.com/tj/n $N_SRC_DIR \ + && cd $N_SRC_DIR && make install + +#ruby +ARG RBENV_SRC_DIR="/usr/local/rbenv" + +ENV PATH="/root/.rbenv/shims:$RBENV_SRC_DIR/bin:$RBENV_SRC_DIR/shims:$PATH" \ + RUBY_BUILD_SRC_DIR="$RBENV_SRC_DIR/plugins/ruby-build" + +RUN set -ex \ + && git clone https://github.com/rbenv/rbenv.git $RBENV_SRC_DIR \ + && mkdir -p $RBENV_SRC_DIR/plugins \ + && git clone https://github.com/rbenv/ruby-build.git $RUBY_BUILD_SRC_DIR \ + && sh $RUBY_BUILD_SRC_DIR/install.sh + +#python +RUN curl https://pyenv.run | bash +ENV PATH="/root/.pyenv/shims:/root/.pyenv/bin:$PATH" + +#php +RUN curl -L https://raw.githubusercontent.com/phpenv/phpenv-installer/master/bin/phpenv-installer | bash +ENV PATH="/root/.phpenv/shims:/root/.phpenv/bin:$PATH" + +#go +RUN git clone https://github.com/syndbg/goenv.git $HOME/.goenv +ENV PATH="/root/.goenv/shims:/root/.goenv/bin:/go/bin:$PATH" +ENV GOENV_DISABLE_GOPATH=1 +ENV GOPATH="/go" + +#=======================End of layer: tools ================= +FROM tools AS runtimes + +#**************** .NET-CORE ******************************************************* + +ENV DOTNET_6_SDK_VERSION="6.0.301" +ENV DOTNET_ROOT="/root/.dotnet" + +# Add .NET Core 6 Global Tools install folder to PATH +RUN /usr/local/bin/dotnet-install.sh -v $DOTNET_6_SDK_VERSION \ + && dotnet --list-sdks \ + && rm -rf /tmp/* + +# Trigger the population of the local package cache +ENV NUGET_XMLDOC_MODE skip +RUN set -ex \ + && mkdir warmup \ + && cd warmup \ + && dotnet new \ + && cd .. \ + && rm -rf warmup \ + && rm -rf /tmp/NuGetScratch + +# Install Powershell Core +# See instructions at https://docs.microsoft.com/en-us/powershell/scripting/setup/installing-powershell-core-on-linux +ARG POWERSHELL_VERSION=7.2.4 +ARG POWERSHELL_DOWNLOAD_URL=https://github.com/PowerShell/PowerShell/releases/download/v$POWERSHELL_VERSION/powershell-$POWERSHELL_VERSION-linux-x64.tar.gz +ARG POWERSHELL_DOWNLOAD_SHA=935B874A2E5F5662AB23EFBE7392DC96C27D4FD064041D28A25A487EC5F6CC2E + +RUN set -ex \ + && curl -SL $POWERSHELL_DOWNLOAD_URL --output powershell.tar.gz \ + && echo "$POWERSHELL_DOWNLOAD_SHA powershell.tar.gz" | sha256sum -c - \ + && mkdir -p /opt/microsoft/powershell/$POWERSHELL_VERSION \ + && tar zxf powershell.tar.gz -C /opt/microsoft/powershell/$POWERSHELL_VERSION \ + && rm powershell.tar.gz \ + && ln -s /opt/microsoft/powershell/$POWERSHELL_VERSION/pwsh /usr/bin/pwsh +#**************** END .NET-CORE ******************************************************* + + +#**************** NODEJS **************************************************** + +ENV NODE_16_VERSION="16.15.1" + +RUN n $NODE_16_VERSION && npm install --save-dev -g -f grunt && npm install --save-dev -g -f grunt-cli && npm install --save-dev -g -f webpack \ + && curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \ + && echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list \ + && apt-get update && apt-get install -y -qq --no-install-recommends yarn \ + && yarn --version \ + && cd / && rm -rf $N_SRC_DIR && rm -rf /tmp/* + +#**************** END NODEJS **************************************************** + +#**************** RUBY ********************************************************* + +ENV RUBY_31_VERSION="3.1.2" + +RUN rbenv install $RUBY_31_VERSION && rm -rf /tmp/* \ + && rbenv global $RUBY_31_VERSION && ruby -v + +#**************** END RUBY ***************************************************** + +#**************** PYTHON ***************************************************** +ENV PYTHON_310_VERSION="3.10.5" + +ARG PYTHON_PIP_VERSION=22.1.2 +ENV PYYAML_VERSION=5.4.1 + +COPY tools/runtime_configs/python/$PYTHON_310_VERSION /root/.pyenv/plugins/python-build/share/python-build/$PYTHON_310_VERSION +RUN env PYTHON_CONFIGURE_OPTS="--enable-shared" pyenv install $PYTHON_310_VERSION && rm -rf /tmp/* +RUN pyenv global $PYTHON_310_VERSION +RUN set -ex \ + && pip3 install --no-cache-dir --upgrade --force-reinstall "pip==$PYTHON_PIP_VERSION" \ + && pip3 install --no-cache-dir --upgrade "PyYAML==$PYYAML_VERSION" \ + && pip3 install --no-cache-dir --upgrade 'setuptools==62.6.0' wheel aws-sam-cli boto3 pipenv virtualenv + +#**************** END PYTHON ***************************************************** + +#**************** PHP **************************************************** +ENV PHP_81_VERSION="8.1.6" + +COPY tools/runtime_configs/php/$PHP_81_VERSION /root/.phpenv/plugins/php-build/share/php-build/definitions/$PHP_81_VERSION +RUN phpenv install $PHP_81_VERSION && rm -rf /tmp/* && phpenv global $PHP_81_VERSION +RUN echo "memory_limit = 1G;" >> "/root/.phpenv/versions/$PHP_81_VERSION/etc/conf.d/memory.ini" + +# Install Composer globally +RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer +#**************** END PHP **************************************************** + +#**************** GOLANG **************************************************** +ENV GOLANG_18_VERSION="1.18.3" + +RUN goenv install $GOLANG_18_VERSION && rm -rf /tmp/* && \ + goenv global $GOLANG_18_VERSION && \ + go env -w GO111MODULE=auto + +RUN go get -u github.com/golang/dep/cmd/dep +#**************** END GOLANG ******************************* + +#=======================End of layer: runtimes ================= + +FROM runtimes AS runtimes_n_corretto + +#**************** JAVA **************************************************** +ENV JAVA_17_HOME="/usr/lib/jvm/java-17-amazon-corretto" \ + JDK_17_HOME="/usr/lib/jvm/java-17-amazon-corretto" \ + JRE_17_HOME="/usr/lib/jvm/java-17-amazon-corretto" +ARG ANT_VERSION=1.10.12 +ARG MAVEN_HOME="/opt/maven" +ARG MAVEN_VERSION=3.8.6 +ARG INSTALLED_GRADLE_VERSIONS="7.4.2" +ARG GRADLE_VERSION=7.4.2 +ARG SBT_VERSION=1.6.2 +ARG GRADLE_PATH="$SRC_DIR/gradle" +ARG ANT_DOWNLOAD_SHA512="2287dc5cfc21043c14e5413f9afb1c87c9f266ec2a9ba2d3bf2285446f6e4ccb59b558bf2e5c57911a05dfa293c7d5c7ad60ac9f744ba11406f4e6f9a27b2403" +ARG MAVEN_DOWNLOAD_SHA512="f790857f3b1f90ae8d16281f902c689e4f136ebe584aba45e4b1fa66c80cba826d3e0e52fdd04ed44b4c66f6d3fe3584a057c26dfcac544a60b301e6d0f91c26" +ARG GRADLE_DOWNLOADS_SHA256="e6d864e3b5bc05cc62041842b306383fc1fefcec359e70cebb1d470a6094ca82 7.4.2" +ARG SBT_DOWNLOAD_SHA256="637637b6c4e6fa04ab62cd364061e32b12480b09001cd23303df62b36fadd440" +ENV LOG4J_UNSAFE_VERSIONS="2.11.1 1.2.8" + +ARG MAVEN_CONFIG_HOME="/root/.m2" + +ENV JAVA_HOME="$JAVA_17_HOME" \ + JDK_HOME="$JDK_17_HOME" \ + JRE_HOME="$JRE_17_HOME" + +ENV PATH="${PATH}:/opt/tools" + +RUN set -ex \ + && apt-get update \ + && apt-get install -y -qq software-properties-common apt-utils \ + # Install Corretto 17 + && wget -qO- https://apt.corretto.aws/corretto.key | apt-key add - \ + && add-apt-repository 'deb https://apt.corretto.aws stable main' \ + && apt-get update \ + && apt-get install -y -qq java-17-amazon-corretto-jdk \ + && apt-get install -y -qq --no-install-recommends ca-certificates-java \ + # Ensure Java cacerts symlink points to valid location + && update-ca-certificates -f \ + && dpkg --add-architecture i386 \ + && apt-get update \ + && for tool_path in $JAVA_HOME/bin/*; do \ + tool=`basename $tool_path`; \ + update-alternatives --install /usr/bin/$tool $tool $tool_path 10000; \ + update-alternatives --set $tool $tool_path; \ + done \ + && rm $JAVA_HOME/lib/security/cacerts && ln -s /etc/ssl/certs/java/cacerts $JAVA_HOME/lib/security/cacerts \ + # Install Ant + && curl -LSso /var/tmp/apache-ant-$ANT_VERSION-bin.tar.gz https://archive.apache.org/dist/ant/binaries/apache-ant-$ANT_VERSION-bin.tar.gz \ + && echo "$ANT_DOWNLOAD_SHA512 /var/tmp/apache-ant-$ANT_VERSION-bin.tar.gz" | sha512sum -c - \ + && tar -xzf /var/tmp/apache-ant-$ANT_VERSION-bin.tar.gz -C /opt \ + && rm /var/tmp/apache-ant-$ANT_VERSION-bin.tar.gz \ + && update-alternatives --install /usr/bin/ant ant /opt/apache-ant-$ANT_VERSION/bin/ant 10000 + +RUN set -ex \ + # Install Maven + && mkdir -p $MAVEN_HOME \ + && curl -LSso /var/tmp/apache-maven-$MAVEN_VERSION-bin.tar.gz https://apache.org/dist/maven/maven-3/$MAVEN_VERSION/binaries/apache-maven-$MAVEN_VERSION-bin.tar.gz \ + && echo "$MAVEN_DOWNLOAD_SHA512 /var/tmp/apache-maven-$MAVEN_VERSION-bin.tar.gz" | sha512sum -c - \ + && tar xzf /var/tmp/apache-maven-$MAVEN_VERSION-bin.tar.gz -C $MAVEN_HOME --strip-components=1 \ + && rm /var/tmp/apache-maven-$MAVEN_VERSION-bin.tar.gz \ + && update-alternatives --install /usr/bin/mvn mvn /opt/maven/bin/mvn 10000 \ + && mkdir -p $MAVEN_CONFIG_HOME \ + # Install Gradle + && mkdir -p $GRADLE_PATH \ + && for version in $INSTALLED_GRADLE_VERSIONS; do { \ + wget -q "https://services.gradle.org/distributions/gradle-$version-all.zip" -O "$GRADLE_PATH/gradle-$version-all.zip" \ + && unzip -q "$GRADLE_PATH/gradle-$version-all.zip" -d /usr/local \ + && echo "$GRADLE_DOWNLOADS_SHA256" | grep "$version" | sed "s|$version|$GRADLE_PATH/gradle-$version-all.zip|" | sha256sum -c - \ + && rm "$GRADLE_PATH/gradle-$version-all.zip" \ + && mkdir "/tmp/gradle-$version" \ + && "/usr/local/gradle-$version/bin/gradle" -p "/tmp/gradle-$version" init \ + && "/usr/local/gradle-$version/bin/gradle" -p "/tmp/gradle-$version" wrapper \ + # Android Studio uses the "-all" distribution for it's wrapper script. + && perl -pi -e "s/gradle-$version-bin.zip/gradle-$version-all.zip/" "/tmp/gradle-$version/gradle/wrapper/gradle-wrapper.properties" \ + && "/tmp/gradle-$version/gradlew" -p "/tmp/gradle-$version" init \ + && rm -rf "/tmp/gradle-$version" \ + && if [ "$version" != "$GRADLE_VERSION" ]; then rm -rf "/usr/local/gradle-$version"; fi; \ + }; done \ + # Install default GRADLE_VERSION to path + && ln -s /usr/local/gradle-$GRADLE_VERSION/bin/gradle /usr/bin/gradle \ + && rm -rf $GRADLE_PATH \ + # Install SBT + && curl -fSL "https://github.com/sbt/sbt/releases/download/v${SBT_VERSION}/sbt-${SBT_VERSION}.tgz" -o sbt.tgz \ + && echo "${SBT_DOWNLOAD_SHA256} *sbt.tgz" | sha256sum -c - \ + && tar xzf sbt.tgz -C /usr/local/bin/ \ + && rm sbt.tgz \ + && for version in $LOG4J_UNSAFE_VERSIONS; do find / -name log4j*-$version.jar | xargs rm -f; done + +ENV PATH "/usr/local/bin/sbt/bin:$PATH" +RUN sbt version -Dsbt.rootdir=true +# Cleanup +RUN rm -fr /var/lib/apt/lists/* /tmp/* /var/tmp/* \ + && apt-get clean +#**************** END JAVA **************************************************** + +#**************** DOCKER ********************************************* +ARG DOCKER_BUCKET="download.docker.com" +ARG DOCKER_CHANNEL="stable" +ARG DIND_COMMIT="3b5fac462d21ca164b3778647420016315289034" +ARG DOCKER_COMPOSE_VERSION="2.6.0" +ARG SRC_DIR="/usr/src" + +ARG DOCKER_SHA256="969210917b5548621a2b541caf00f86cc6963c6cf0fb13265b9731c3b98974d9" +ARG DOCKER_VERSION="20.10.17" + +# Install Docker +RUN set -ex \ + && curl -fSL "https://${DOCKER_BUCKET}/linux/static/${DOCKER_CHANNEL}/x86_64/docker-${DOCKER_VERSION}.tgz" -o docker.tgz \ + && echo "${DOCKER_SHA256} *docker.tgz" | sha256sum -c - \ + && tar --extract --file docker.tgz --strip-components 1 --directory /usr/local/bin/ \ + && rm docker.tgz \ + && docker -v \ + # set up subuid/subgid so that "--userns-remap=default" works out-of-the-box + && addgroup dockremap \ + && useradd -g dockremap dockremap \ + && echo 'dockremap:165536:65536' >> /etc/subuid \ + && echo 'dockremap:165536:65536' >> /etc/subgid \ + && wget -q "https://raw.githubusercontent.com/docker/docker/${DIND_COMMIT}/hack/dind" -O /usr/local/bin/dind \ + && curl -L https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-Linux-x86_64 > /usr/local/bin/docker-compose \ + && chmod +x /usr/local/bin/dind /usr/local/bin/docker-compose \ + # Ensure docker-compose works + && docker-compose version + +VOLUME /var/lib/docker +#*********************** END DOCKER **************************** + +#=======================End of layer: corretto ================= +FROM runtimes_n_corretto AS std_v6 + +# Activate runtime versions specific to image version. +RUN n $NODE_16_VERSION +RUN pyenv global $PYTHON_310_VERSION +RUN phpenv global $PHP_81_VERSION +RUN rbenv global $RUBY_31_VERSION +RUN goenv global $GOLANG_18_VERSION + +# Configure SSH +COPY ssh_config /root/.ssh/config +COPY runtimes.yml /codebuild/image/config/runtimes.yml +COPY dockerd-entrypoint.sh /usr/local/bin/dockerd-entrypoint.sh +COPY legal/bill_of_material.txt /usr/share/doc/bill_of_material.txt +COPY amazon-ssm-agent.json /etc/amazon/ssm/amazon-ssm-agent.json + +ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh"] + +#=======================END of STD:5.0 ================= diff --git a/ubuntu/standard/3.0/amazon-ssm-agent.json b/ubuntu/standard/6.0/amazon-ssm-agent.json similarity index 100% rename from ubuntu/standard/3.0/amazon-ssm-agent.json rename to ubuntu/standard/6.0/amazon-ssm-agent.json diff --git a/ubuntu/standard/3.0/dockerd-entrypoint.sh b/ubuntu/standard/6.0/dockerd-entrypoint.sh similarity index 100% rename from ubuntu/standard/3.0/dockerd-entrypoint.sh rename to ubuntu/standard/6.0/dockerd-entrypoint.sh diff --git a/ubuntu/standard/6.0/legal/bill_of_material.txt b/ubuntu/standard/6.0/legal/bill_of_material.txt new file mode 100644 index 00000000..c8760d1d --- /dev/null +++ b/ubuntu/standard/6.0/legal/bill_of_material.txt @@ -0,0 +1,270 @@ +The Amazon CodeBuild Product includes the following third-party software/licensing: + +---------------- +apt-transport-https : /usr/share/doc/apt-transport-https/copyright +---------------- +apt-utils : /usr/share/doc/apt-utils/copyright +---------------- +asciidoc : /usr/share/doc/asciidoc/copyright +---------------- +autoconf : /usr/share/doc/autoconf/copyright +---------------- +automake : /usr/share/doc/automake/copyright +---------------- +build-essential : /usr/share/doc/build-essential/copyright +---------------- +bzip2 : /usr/share/doc/bzip2/copyright +---------------- +bzr : /usr/share/doc/bzr/copyright +---------------- +ca-certificates-java : /usr/share/doc/ca-certificates-java/copyright +---------------- +curl : /usr/share/doc/curl/copyright +---------------- +dirmngr : /usr/share/doc/dirmngr/copyright +---------------- +docbook-xml : /usr/share/doc/docbook-xml/copyright +---------------- +docbook-xsl : /usr/share/doc/docbook-xsl/copyright +---------------- +dpkg-dev : /usr/share/doc/dpkg-dev/copyright +---------------- +e2fsprogs : /usr/share/doc/e2fsprogs/copyright +---------------- +expect : /usr/share/doc/expect/copyright +---------------- +fakeroot : /usr/share/doc/fakeroot/copyright +---------------- +file : /usr/share/doc/file/copyright +---------------- +g++ : /usr/share/doc/g++/copyright +---------------- +gcc : /usr/share/doc/gcc/copyright +---------------- +gettext : /usr/share/doc/gettext/copyright +---------------- +gettext-base : /usr/share/doc/gettext-base/copyright +---------------- +git : /usr/share/doc/git/copyright +---------------- +groff : /usr/share/doc/groff/copyright +---------------- +gzip : /usr/share/doc/gzip/copyright +---------------- +iptables : /usr/share/doc/iptables/copyright +---------------- +jq : /usr/share/doc/jq/copyright +---------------- +less : /usr/share/doc/less/copyright +---------------- +lib32gcc1 : /usr/share/doc/lib32gcc1/copyright +---------------- +lib32ncurses5 : /usr/share/doc/lib32ncurses5/copyright +---------------- +lib32stdc++6 : /usr/share/doc/lib32stdc++6/copyright +---------------- +lib32z1 : /usr/share/doc/lib32z1/copyright +---------------- +libapr1 : /usr/share/doc/libapr1/copyright +---------------- +libaprutil1 : /usr/share/doc/libaprutil1/copyright +---------------- +libargon2-0-dev : /usr/share/doc/libargon2-0-dev/copyright +---------------- +libasound2 : /usr/share/doc/libasound2/copyright +---------------- +libbz2-dev : /usr/share/doc/libbz2-dev/copyright +---------------- +libc6-dev : /usr/share/doc/libc6-dev/copyright +---------------- +libc6-i386 : /usr/share/doc/libc6-i386/copyright +---------------- +libcurl4-openssl-dev : /usr/share/doc/libcurl4-openssl-dev/copyright +---------------- +libdb-dev : /usr/share/doc/libdb-dev/copyright +---------------- +libdbd-sqlite3-perl : /usr/share/doc/libdbd-sqlite3-perl/copyright +---------------- +libdbi-perl : /usr/share/doc/libdbi-perl/copyright +---------------- +libdbus-1-3 : /usr/share/doc/libdbus-1-3/copyright +---------------- +libdbus-glib-1-2 : /usr/share/doc/libdbus-glib-1-2/copyright +---------------- +libdpkg-perl : /usr/share/doc/libdpkg-perl/copyright +---------------- +libedit-dev : /usr/share/doc/libedit-dev/copyright +---------------- +liberror-perl : /usr/share/doc/liberror-perl/copyright +---------------- +libevent-dev : /usr/share/doc/libevent-dev/copyright +---------------- +libffi-dev : /usr/share/doc/libffi-dev/copyright +---------------- +libgeoip-dev : /usr/share/doc/libgeoip-dev/copyright +---------------- +libglib2.0-0 : /usr/share/doc/libglib2.0-0/copyright +---------------- +libglib2.0-dev : /usr/share/doc/libglib2.0-dev/copyright +---------------- +libgtk-3-0 : /usr/share/doc/libgtk-3-0/copyright +---------------- +libhttp-date-perl : /usr/share/doc/libhttp-date-perl/copyright +---------------- +libio-pty-perl : /usr/share/doc/libio-pty-perl/copyright +---------------- +libjpeg-dev : /usr/share/doc/libjpeg-dev/copyright +---------------- +libkrb5-dev : /usr/share/doc/libkrb5-dev/copyright +---------------- +liblzma-dev : /usr/share/doc/liblzma-dev/copyright +---------------- +libmagickcore-dev : /usr/share/doc/libmagickcore-dev/copyright +---------------- +libmagickwand-dev : /usr/share/doc/libmagickwand-dev/copyright +---------------- +libmysqlclient-dev : /usr/share/doc/libmysqlclient-dev/copyright +---------------- +libncurses5-dev : /usr/share/doc/libncurses5-dev/copyright +---------------- +libncursesw5-dev : /usr/share/doc/libncursesw5-dev/copyright +---------------- +libonig-dev : /usr/share/doc/libonig-dev/copyright +---------------- +libpq-dev : /usr/share/doc/libpq-dev/copyright +---------------- +libqt5widgets5 : /usr/share/doc/libqt5widgets5/copyright +---------------- +libreadline-dev : /usr/share/doc/libreadline-dev/copyright +---------------- +libserf-1-1 : /usr/share/doc/libserf-1-1/copyright +---------------- +libsqlite3-dev : /usr/share/doc/libsqlite3-dev/copyright +---------------- +libssl-dev : /usr/share/doc/libssl-dev/copyright +---------------- +libsvn-perl : /usr/share/doc/libsvn-perl/copyright +---------------- +libsvn1 : /usr/share/doc/libsvn1/copyright +---------------- +libtcl8.6 : /usr/share/doc/libtcl8.6/copyright +---------------- +libtidy-dev : /usr/share/doc/libtidy-dev/copyright +---------------- +libtimedate-perl : /usr/share/doc/libtimedate-perl/copyright +---------------- +libtool : /usr/share/doc/libtool/copyright +---------------- +libwebp-dev : /usr/share/doc/libwebp-dev/copyright +---------------- +libxml2-dev : /usr/share/doc/libxml2-dev/copyright +---------------- +libxml2-utils : /usr/share/doc/libxml2-utils/copyright +---------------- +libxslt1-dev : /usr/share/doc/libxslt1-dev/copyright +---------------- +libyaml-dev : /usr/share/doc/libyaml-dev/copyright +---------------- +libyaml-perl : /usr/share/doc/libyaml-perl/copyright +---------------- +libzip-dev : /usr/share/doc/libzip-dev/copyright +---------------- +libzip4 : /usr/share/doc/libzip4/copyright +---------------- +llvm : /usr/share/doc/llvm/copyright +---------------- +locales : /usr/share/doc/locales/copyright +---------------- +make : /usr/share/doc/make/copyright +---------------- +mlocate : /usr/share/doc/mlocate/copyright +---------------- +netbase : /usr/share/doc/netbase/copyright +---------------- +openjdk-8-jdk : /usr/share/doc/openjdk-8-jdk/copyright +---------------- +openjdk-11-jdk : /usr/share/doc/openjdk-11-jre-headless/copyright +---------------- +openssh-client : /usr/share/doc/openssh-client/copyright +---------------- +openssl : /usr/share/doc/openssl/copyright +---------------- +patch : /usr/share/doc/patch/copyright +---------------- +pkg-config : /usr/share/doc/pkg-config/copyright +---------------- +procps : /usr/share/doc/procps/copyright +---------------- +python-bzrlib : /usr/share/doc/python-bzrlib/copyright +---------------- +python-configobj : /usr/share/doc/python-configobj/copyright +---------------- +python-openssl : /usr/share/doc/python-openssl/copyright +---------------- +python-setuptools : /usr/share/doc/python-setuptools/copyright +---------------- +rsync : /usr/share/doc/rsync/copyright +---------------- +sbt : /usr/share/doc/sbt/copyright +---------------- +sgml-base : /usr/share/doc/sgml-base/copyright +---------------- +sgml-data : /usr/share/doc/sgml-data/copyright +---------------- +software-properties-common : /usr/share/doc/software-properties-common/copyright +---------------- +tar : /usr/share/doc/tar/copyright +---------------- +tcl : /usr/share/doc/tcl/copyright +---------------- +tcl8.6 : /usr/share/doc/tcl8.6/copyright +---------------- +tk : /usr/share/doc/tk/copyright +---------------- +tk-dev : /usr/share/doc/tk-dev/copyright +---------------- +unzip : /usr/share/doc/unzip/copyright +---------------- +vim : /usr/share/doc/vim/copyright +---------------- +wget : /usr/share/doc/wget/copyright +---------------- +xfsprogs : /usr/share/doc/xfsprogs/copyright +---------------- +xml-core : /usr/share/doc/xml-core/copyright +---------------- +xmlto : /usr/share/doc/xmlto/copyright +---------------- +xsltproc : /usr/share/doc/xsltproc/copyright +---------------- +xvfb : /usr/share/doc/xvfb/copyright +---------------- +xz-utils : /usr/share/doc/xz-utils/copyright +---------------- +zip : /usr/share/doc/zip/copyright +---------------- +zlib1g-dev : /usr/share/doc/zlib1g-dev/copyright +---------------- +ruby :https://www.ruby-lang.org/en/about/license.txt +---------------- +python :https://docs.python.org/3/license.html +---------------- +php :https://www.php.net/license/index.php +---------------- +nodejs :https://github.com/nodejs/node/blob/master/LICENSE +---------------- +golang :https://golang.org/LICENSE +---------------- +dotnet :https://github.com/dotnet/core/blob/master/LICENSE.TXT +---------------- +Firefox :https://www.mozilla.org/en-US/MPL/ +---------------- +Chrome : https://www.google.com/intl/en_pk/chrome/privacy/eula_text.html +---------------- +stunnel : https://www.stunnel.org/gpl.html +---------------- +gitversion :https://github.com/GitTools/GitVersion/blob/master/LICENSE +---------------- +docker : https://www.docker.com/legal/components-licenses +---------------- + diff --git a/ubuntu/standard/6.0/runtimes.yml b/ubuntu/standard/6.0/runtimes.yml new file mode 100644 index 00000000..d12065a2 --- /dev/null +++ b/ubuntu/standard/6.0/runtimes.yml @@ -0,0 +1,59 @@ +version: 0.1 + +runtimes: + java: + versions: + corretto17: + commands: + - echo "Installing Java version 17 ..." + + - export JAVA_HOME="$JAVA_17_HOME" + + - export JRE_HOME="$JRE_17_HOME" + + - export JDK_HOME="$JDK_17_HOME" + + - |- + for tool_path in "$JAVA_HOME"/bin/*; + do tool=`basename "$tool_path"`; + if [ $tool != 'java-rmi.cgi' ]; + then + update-alternatives --list "$tool" | grep -q "$tool_path" \ + && update-alternatives --set "$tool" "$tool_path"; + fi; + done + golang: + versions: + 1.18: + commands: + - echo "Installing Go version 1.18 ..." + - goenv global $GOLANG_18_VERSION + python: + versions: + 3.10: + commands: + - echo "Installing Python version 3.10 ..." + - pyenv global $PYTHON_310_VERSION + php: + versions: + 8.1: + commands: + - echo "Installing PHP version 8.1 ..." + - phpenv global $PHP_81_VERSION + ruby: + versions: + 3.1: + commands: + - echo "Installing Ruby version 3.1 ..." + - rbenv global $RUBY_31_VERSION + nodejs: + versions: + 16: + commands: + - echo "Installing Node.js version 16 ..." + - n $NODE_16_VERSION + dotnet: + versions: + 6.0: + commands: + - echo "Installing .NET version 6.0 ..." diff --git a/ubuntu/standard/3.0/ssh_config b/ubuntu/standard/6.0/ssh_config similarity index 100% rename from ubuntu/standard/3.0/ssh_config rename to ubuntu/standard/6.0/ssh_config diff --git a/al2/x86_64/standard/2.0/tools/android-accept-licenses.sh b/ubuntu/standard/6.0/tools/android-accept-licenses.sh similarity index 100% rename from al2/x86_64/standard/2.0/tools/android-accept-licenses.sh rename to ubuntu/standard/6.0/tools/android-accept-licenses.sh diff --git a/ubuntu/standard/6.0/tools/runtime_configs/php/8.1.6 b/ubuntu/standard/6.0/tools/runtime_configs/php/8.1.6 new file mode 100644 index 00000000..0ea797d4 --- /dev/null +++ b/ubuntu/standard/6.0/tools/runtime_configs/php/8.1.6 @@ -0,0 +1,20 @@ +configure_option "--with-curl" +configure_option "--with-password-argon2" +configure_option "--with-pdo-pgsql" +configure_option "--with-libedit" + +PHP_BUILD_EXTRA_MAKE_ARGUMENTS="-j4" + +#https://github.com/php-build/php-build/blob/master/share/php-build/definitions/8.1.6 +#Don't change beyond this line + +configure_option "--enable-gd" +configure_option "--with-jpeg" +configure_option "--with-zip" +configure_option "--with-mhash" + +configure_option -D "--with-xmlrpc" + +install_package "https://secure.php.net/distributions/php-8.1.6.tar.bz2" +install_xdebug "3.1.3" +enable_builtin_opcache \ No newline at end of file diff --git a/ubuntu/standard/6.0/tools/runtime_configs/python/3.10.5 b/ubuntu/standard/6.0/tools/runtime_configs/python/3.10.5 new file mode 100644 index 00000000..305dbb4b --- /dev/null +++ b/ubuntu/standard/6.0/tools/runtime_configs/python/3.10.5 @@ -0,0 +1,17 @@ +export PYTHON_CONFIGURE_OPTS="\ + --enable-shared + --enable-loadable-sqlite-extensions" + +# Don't change below this line. +# https://github.com/pyenv/pyenv/blob/master/plugins/python-build/share/python-build/3.10.5 + +# require_gcc +prefer_openssl11 +export PYTHON_BUILD_CONFIGURE_WITH_OPENSSL=1 +install_package "openssl-1.1.1o" "https://www.openssl.org/source/openssl-1.1.1o.tar.gz#9384a2b0570dd80358841464677115df785edb941c71211f75076d72fe6b438f" mac_openssl --if has_broken_mac_openssl +install_package "readline-8.1" "https://ftpmirror.gnu.org/readline/readline-8.1.tar.gz#f8ceb4ee131e3232226a17f51b164afc46cd0b9e6cef344be87c65962cb82b02" mac_readline --if has_broken_mac_readline +if has_tar_xz_support; then + install_package "Python-3.10.5" "https://www.python.org/ftp/python/3.10.5/Python-3.10.5.tar.xz#8437efd5b106ef0a75aabfbf23d880625120a73a86a22ade4d2e2e68d7b74486" standard verify_py310 copy_python_gdb ensurepip +else + install_package "Python-3.10.5" "https://www.python.org/ftp/python/3.10.5/Python-3.10.5.tgz#18f57182a2de3b0be76dfc39fdcfd28156bb6dd23e5f08696f7492e9e3d0bf2d" standard verify_py310 copy_python_gdb ensurepip +fi \ No newline at end of file diff --git a/al2/x86_64/standard/2.0/Dockerfile b/unsupported_images/al2/x86_64/standard/2.0/Dockerfile similarity index 100% rename from al2/x86_64/standard/2.0/Dockerfile rename to unsupported_images/al2/x86_64/standard/2.0/Dockerfile diff --git a/unsupported_images/al2/x86_64/standard/2.0/amazon-ssm-agent.json b/unsupported_images/al2/x86_64/standard/2.0/amazon-ssm-agent.json new file mode 100644 index 00000000..acb8c83e --- /dev/null +++ b/unsupported_images/al2/x86_64/standard/2.0/amazon-ssm-agent.json @@ -0,0 +1,45 @@ +{ + "Profile":{ + "ShareCreds" : true, + "ShareProfile" : "" + }, + "Mds": { + "CommandWorkersLimit" : 5, + "StopTimeoutMillis" : 20000, + "Endpoint": "", + "CommandRetryLimit": 15 + }, + "Ssm": { + "Endpoint": "", + "HealthFrequencyMinutes": 5, + "CustomInventoryDefaultLocation" : "", + "AssociationLogsRetentionDurationHours" : 24, + "RunCommandLogsRetentionDurationHours" : 336, + "SessionLogsRetentionDurationHours" : 336 + }, + "Mgs": { + "Region": "", + "Endpoint": "", + "StopTimeoutMillis" : 20000, + "SessionWorkersLimit" : 1000 + }, + "Agent": { + "Region": "", + "OrchestrationRootDir": "", + "ContainerMode": true + }, + "Os": { + "Lang": "en-US", + "Name": "", + "Version": "1" + }, + "S3": { + "Endpoint": "", + "Region": "", + "LogBucket":"", + "LogKey":"" + }, + "Kms": { + "Endpoint": "" + } +} diff --git a/unsupported_images/al2/x86_64/standard/2.0/dockerd-entrypoint.sh b/unsupported_images/al2/x86_64/standard/2.0/dockerd-entrypoint.sh new file mode 100755 index 00000000..1591be44 --- /dev/null +++ b/unsupported_images/al2/x86_64/standard/2.0/dockerd-entrypoint.sh @@ -0,0 +1,23 @@ +#!/bin/sh +set -e + +/usr/local/bin/dockerd \ + --host=unix:///var/run/docker.sock \ + --host=tcp://127.0.0.1:2375 \ + --storage-driver=overlay2 &>/var/log/docker.log & + + +tries=0 +d_timeout=60 +until docker info >/dev/null 2>&1 +do + if [ "$tries" -gt "$d_timeout" ]; then + cat /var/log/docker.log + echo 'Timed out trying to connect to internal docker host.' >&2 + exit 1 + fi + tries=$(( $tries + 1 )) + sleep 1 +done + +eval "$@" diff --git a/ubuntu/standard/3.0/legal/THIRD_PARTY_LICENSES.txt b/unsupported_images/al2/x86_64/standard/2.0/legal/THIRD_PARTY_LICENSES.txt similarity index 100% rename from ubuntu/standard/3.0/legal/THIRD_PARTY_LICENSES.txt rename to unsupported_images/al2/x86_64/standard/2.0/legal/THIRD_PARTY_LICENSES.txt diff --git a/unsupported_images/al2/x86_64/standard/2.0/legal/bill_of_material.txt b/unsupported_images/al2/x86_64/standard/2.0/legal/bill_of_material.txt new file mode 100644 index 00000000..3a60efeb --- /dev/null +++ b/unsupported_images/al2/x86_64/standard/2.0/legal/bill_of_material.txt @@ -0,0 +1,184 @@ +The Amazon CodeBuild Product includes the following third-party software/licensing: + +---------------- +GeoIP-devel : LGPLv2+ and GPLv2+ and CC-BY-SA +---------------- +ImageMagick : ImageMagick +---------------- +asciidoc : GPL+ and GPLv2+ +---------------- +bzip2-devel : BSD +---------------- +bzr : GPLv2+ +---------------- +bzrtools : GPLv2+ +---------------- +chromium : BSD and LGPLv2+ and ASL 2.0 and IJG and MIT and GPLv2+ and ISC and OpenSSL and (MPLv1.1 or GPLv2 or LGPLv2) +---------------- +cvs : BSD and GPL+ and GPLv2+ and LGPLv2+ and zlib and Public Domain +---------------- +cvsps : GPL+ +---------------- +dbus-glib-devel : AFL and GPLv2+ +---------------- +docbook-dtds : Copyright only +---------------- +docbook-style-xsl : DMIT +---------------- +dpkg-dev : GPLv2 and GPLv2+ and LGPLv2+ and Public Domain and BSD +---------------- +e2fsprogs : GPLv2 +---------------- +expat-devel : MIT +---------------- +expect : Public Domain +---------------- +fakeroot : GPLv3+ and LGPLv2+ and (GPL+ or Artistic) +---------------- +glib2-devel : LGPLv2+ +---------------- +groff : GPLv3+ and GFDL and BSD and MIT +---------------- +gtk3-devel : LGPLv2+ +---------------- +gzip : GPLv3+ and GFDL +---------------- +icu : MIT and UCD and Public Domain +---------------- +iptables : GPLv2 +---------------- +java-1.8.0-amazon-corretto-devel : ASL 1.1 and ASL 2.0 and BSD and BSD with advertising and GPL+ and GPLv2 and GPLv2 with exceptions and IJG and LGPLv2+ and MIT and MPLv2.0 and Public Domain and W3C and zlib. +---------------- +java-1.11.0-amazon-corretto-devel : ASL 1.1 and ASL 2.0 and BSD and BSD with advertising and GPL+ and GPLv2 and GPLv2 with exceptions and IJG and LGPLv2+ and MIT and MPLv2.0 and Public Domain and W3C and zlib. +---------------- +jq : MIT and ASL 2.0 and CC-BY and GPLv3 +---------------- +krb5-server : MIT +---------------- +libargon2-devel : Public Domain or ASL 2.0 +---------------- +libcurl-devel : MIT +---------------- +libdb-devel : BSD and LGPLv2 and Sleepycat +---------------- +libedit-devel : BSD +---------------- +libevent-devel : BSD +---------------- +libffi-devel : MIT and Public Domain +---------------- +libgit2 : GPLv2 with exceptions +---------------- +libicu-devel : MIT and UCD and Public Domain +---------------- +libpng-devel : zlib +---------------- +libserf : ASL 2.0 +---------------- +libsqlite3x-devel : zlib +---------------- +libtidy-devel : W3C +---------------- +libunwind : BSD +---------------- +libwebp-devel : BSD +---------------- +libxml2-devel : MIT +---------------- +libxslt : MIT +---------------- +libxslt-devel : MIT +---------------- +libyaml-devel : MIT +---------------- +libzip-devel : BSD +---------------- +mariadb-devel : GPLv2 with exceptions and LGPLv2 and BSD +---------------- +mercurial : GPLv2+ +---------------- +mlocate : GPLv2 +---------------- +mono-devel : LGPL-2.1 +---------------- +ncurses-devel : MIT +---------------- +oniguruma-devel : BSD +---------------- +openssh-clients : BSD +---------------- +openssl : OpenSSL +---------------- +openssl-devel : OpenSSL +---------------- +perl-DBD-SQLite : GPL+ or Artistic +---------------- +perl-DBI : GPL+ or Artistic +---------------- +perl-HTTP-Date : GPL+ or Artistic +---------------- +perl-IO-Pty-Easy : GPL+ or Artistic +---------------- +perl-TimeDate : GPL+ or Artistic +---------------- +perl-YAML-LibYAML : GPL+ or Artistic +---------------- +postgresql-devel : PostgreSQL +---------------- +procps-ng : GPL+ and GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+ +---------------- +python-configobj : BSD +---------------- +readline-devel : GPLv3+ +---------------- +rsync : GPLv3+ +---------------- +sbt : BSD +---------------- +sgml-common : GPL+ +---------------- +subversion-perl : ASL 2.0 +---------------- +tar : GPLv3+ +---------------- +tcl : TCL +---------------- +tk : TCL +---------------- +wget : GPLv3+ +---------------- +which : GPLv3 +---------------- +xfsprogs : GPL+ and LGPLv2+ +---------------- +xmlto : GPLv2+ +---------------- +xorg-x11-server-Xvfb : MIT and GPLv2 +---------------- +xz-devel : LGPLv2+ +---------------- +yarn : BSD +---------------- +ruby :https://www.ruby-lang.org/en/about/license.txt +---------------- +python :https://docs.python.org/3/license.html +---------------- +php :https://www.php.net/license/index.php +---------------- +nodejs :https://github.com/nodejs/node/blob/master/LICENSE +---------------- +golang :https://golang.org/LICENSE +---------------- +dotnet :https://github.com/dotnet/core/blob/master/LICENSE.TXT +---------------- +Firefox :https://www.mozilla.org/en-US/MPL/ +---------------- +Chrome :https://www.google.com/intl/en_pk/chrome/privacy/eula_text.html +---------------- +stunnel :https://www.stunnel.org/gpl.html +---------------- +gitversion :https://github.com/GitTools/GitVersion/blob/master/LICENSE +---------------- +docker :https://www.docker.com/legal/components-licenses +---------------- + diff --git a/al2/x86_64/standard/2.0/runtimes.yml b/unsupported_images/al2/x86_64/standard/2.0/runtimes.yml similarity index 100% rename from al2/x86_64/standard/2.0/runtimes.yml rename to unsupported_images/al2/x86_64/standard/2.0/runtimes.yml diff --git a/unsupported_images/al2/x86_64/standard/2.0/ssh_config b/unsupported_images/al2/x86_64/standard/2.0/ssh_config new file mode 100644 index 00000000..710e2754 --- /dev/null +++ b/unsupported_images/al2/x86_64/standard/2.0/ssh_config @@ -0,0 +1,3 @@ +Host * + ConnectTimeout 10 + ConnectionAttempts 10 diff --git a/ubuntu/standard/3.0/tools/android-accept-licenses.sh b/unsupported_images/al2/x86_64/standard/2.0/tools/android-accept-licenses.sh similarity index 100% rename from ubuntu/standard/3.0/tools/android-accept-licenses.sh rename to unsupported_images/al2/x86_64/standard/2.0/tools/android-accept-licenses.sh diff --git a/al2/x86_64/standard/2.0/tools/runtime_configs/php/7.3.13 b/unsupported_images/al2/x86_64/standard/2.0/tools/runtime_configs/php/7.3.13 similarity index 100% rename from al2/x86_64/standard/2.0/tools/runtime_configs/php/7.3.13 rename to unsupported_images/al2/x86_64/standard/2.0/tools/runtime_configs/php/7.3.13 diff --git a/al2/x86_64/standard/2.0/tools/runtime_configs/php/7.4.1 b/unsupported_images/al2/x86_64/standard/2.0/tools/runtime_configs/php/7.4.1 similarity index 100% rename from al2/x86_64/standard/2.0/tools/runtime_configs/php/7.4.1 rename to unsupported_images/al2/x86_64/standard/2.0/tools/runtime_configs/php/7.4.1 diff --git a/al2/x86_64/standard/2.0/tools/runtime_configs/python/3.7.10 b/unsupported_images/al2/x86_64/standard/2.0/tools/runtime_configs/python/3.7.10 similarity index 100% rename from al2/x86_64/standard/2.0/tools/runtime_configs/python/3.7.10 rename to unsupported_images/al2/x86_64/standard/2.0/tools/runtime_configs/python/3.7.10 diff --git a/al2/x86_64/standard/2.0/tools/runtime_configs/python/3.8.10 b/unsupported_images/al2/x86_64/standard/2.0/tools/runtime_configs/python/3.8.10 similarity index 100% rename from al2/x86_64/standard/2.0/tools/runtime_configs/python/3.8.10 rename to unsupported_images/al2/x86_64/standard/2.0/tools/runtime_configs/python/3.8.10 diff --git a/al2/x86_64/standard/2.0/tools/runtime_configs/python/3.9.5 b/unsupported_images/al2/x86_64/standard/2.0/tools/runtime_configs/python/3.9.5 similarity index 100% rename from al2/x86_64/standard/2.0/tools/runtime_configs/python/3.9.5 rename to unsupported_images/al2/x86_64/standard/2.0/tools/runtime_configs/python/3.9.5 diff --git a/ubuntu/standard/3.0/Dockerfile b/unsupported_images/ubuntu/standard/3.0/Dockerfile similarity index 100% rename from ubuntu/standard/3.0/Dockerfile rename to unsupported_images/ubuntu/standard/3.0/Dockerfile diff --git a/unsupported_images/ubuntu/standard/3.0/amazon-ssm-agent.json b/unsupported_images/ubuntu/standard/3.0/amazon-ssm-agent.json new file mode 100644 index 00000000..acb8c83e --- /dev/null +++ b/unsupported_images/ubuntu/standard/3.0/amazon-ssm-agent.json @@ -0,0 +1,45 @@ +{ + "Profile":{ + "ShareCreds" : true, + "ShareProfile" : "" + }, + "Mds": { + "CommandWorkersLimit" : 5, + "StopTimeoutMillis" : 20000, + "Endpoint": "", + "CommandRetryLimit": 15 + }, + "Ssm": { + "Endpoint": "", + "HealthFrequencyMinutes": 5, + "CustomInventoryDefaultLocation" : "", + "AssociationLogsRetentionDurationHours" : 24, + "RunCommandLogsRetentionDurationHours" : 336, + "SessionLogsRetentionDurationHours" : 336 + }, + "Mgs": { + "Region": "", + "Endpoint": "", + "StopTimeoutMillis" : 20000, + "SessionWorkersLimit" : 1000 + }, + "Agent": { + "Region": "", + "OrchestrationRootDir": "", + "ContainerMode": true + }, + "Os": { + "Lang": "en-US", + "Name": "", + "Version": "1" + }, + "S3": { + "Endpoint": "", + "Region": "", + "LogBucket":"", + "LogKey":"" + }, + "Kms": { + "Endpoint": "" + } +} diff --git a/unsupported_images/ubuntu/standard/3.0/dockerd-entrypoint.sh b/unsupported_images/ubuntu/standard/3.0/dockerd-entrypoint.sh new file mode 100755 index 00000000..1591be44 --- /dev/null +++ b/unsupported_images/ubuntu/standard/3.0/dockerd-entrypoint.sh @@ -0,0 +1,23 @@ +#!/bin/sh +set -e + +/usr/local/bin/dockerd \ + --host=unix:///var/run/docker.sock \ + --host=tcp://127.0.0.1:2375 \ + --storage-driver=overlay2 &>/var/log/docker.log & + + +tries=0 +d_timeout=60 +until docker info >/dev/null 2>&1 +do + if [ "$tries" -gt "$d_timeout" ]; then + cat /var/log/docker.log + echo 'Timed out trying to connect to internal docker host.' >&2 + exit 1 + fi + tries=$(( $tries + 1 )) + sleep 1 +done + +eval "$@" diff --git a/unsupported_images/ubuntu/standard/3.0/legal/THIRD_PARTY_LICENSES.txt b/unsupported_images/ubuntu/standard/3.0/legal/THIRD_PARTY_LICENSES.txt new file mode 100644 index 00000000..14350194 --- /dev/null +++ b/unsupported_images/ubuntu/standard/3.0/legal/THIRD_PARTY_LICENSES.txt @@ -0,0 +1,6 @@ +Third Party Licenses +==================== + +Stunnel: +We include unmodified version of stunnel softwares in the docker images. The source code for the current version can be downloaded from https://www.usenix.org.uk/mirrors/stunnel/archive/5.x/stunnel-5.56.tar.gz + diff --git a/ubuntu/standard/3.0/legal/bill_of_material.txt b/unsupported_images/ubuntu/standard/3.0/legal/bill_of_material.txt similarity index 100% rename from ubuntu/standard/3.0/legal/bill_of_material.txt rename to unsupported_images/ubuntu/standard/3.0/legal/bill_of_material.txt diff --git a/ubuntu/standard/3.0/runtimes.yml b/unsupported_images/ubuntu/standard/3.0/runtimes.yml similarity index 100% rename from ubuntu/standard/3.0/runtimes.yml rename to unsupported_images/ubuntu/standard/3.0/runtimes.yml diff --git a/unsupported_images/ubuntu/standard/3.0/ssh_config b/unsupported_images/ubuntu/standard/3.0/ssh_config new file mode 100644 index 00000000..710e2754 --- /dev/null +++ b/unsupported_images/ubuntu/standard/3.0/ssh_config @@ -0,0 +1,3 @@ +Host * + ConnectTimeout 10 + ConnectionAttempts 10 diff --git a/unsupported_images/ubuntu/standard/3.0/tools/android-accept-licenses.sh b/unsupported_images/ubuntu/standard/3.0/tools/android-accept-licenses.sh new file mode 100755 index 00000000..ebac067f --- /dev/null +++ b/unsupported_images/ubuntu/standard/3.0/tools/android-accept-licenses.sh @@ -0,0 +1,30 @@ +#!/usr/bin/expect -f + +set timeout 1800 +set cmd [lindex $argv 0] +set licenses [lindex $argv 1] + +spawn {*}$cmd +expect { + "Do you accept the license '*'*" { + exp_send "y\r" + exp_continue + } + "Accept? (y/N): " { + exp_send "y\r" + exp_continue + } + "Review licenses that have not been accepted (y/N)? " { + exp_send "y\r" + exp_continue + } + eof +} + +lassign [wait] pid spawnid os_error waitvalue + +if {$os_error == 0} { + exit $waitvalue +} else { + exit 1 +} diff --git a/ubuntu/standard/3.0/tools/runtime_configs/php/7.3.13 b/unsupported_images/ubuntu/standard/3.0/tools/runtime_configs/php/7.3.13 similarity index 100% rename from ubuntu/standard/3.0/tools/runtime_configs/php/7.3.13 rename to unsupported_images/ubuntu/standard/3.0/tools/runtime_configs/php/7.3.13 diff --git a/ubuntu/standard/3.0/tools/runtime_configs/php/7.4.1 b/unsupported_images/ubuntu/standard/3.0/tools/runtime_configs/php/7.4.1 similarity index 100% rename from ubuntu/standard/3.0/tools/runtime_configs/php/7.4.1 rename to unsupported_images/ubuntu/standard/3.0/tools/runtime_configs/php/7.4.1 diff --git a/ubuntu/standard/3.0/tools/runtime_configs/python/3.7.10 b/unsupported_images/ubuntu/standard/3.0/tools/runtime_configs/python/3.7.10 similarity index 100% rename from ubuntu/standard/3.0/tools/runtime_configs/python/3.7.10 rename to unsupported_images/ubuntu/standard/3.0/tools/runtime_configs/python/3.7.10 diff --git a/ubuntu/standard/3.0/tools/runtime_configs/python/3.8.10 b/unsupported_images/ubuntu/standard/3.0/tools/runtime_configs/python/3.8.10 similarity index 100% rename from ubuntu/standard/3.0/tools/runtime_configs/python/3.8.10 rename to unsupported_images/ubuntu/standard/3.0/tools/runtime_configs/python/3.8.10 diff --git a/ubuntu/standard/3.0/tools/runtime_configs/python/3.9.5 b/unsupported_images/ubuntu/standard/3.0/tools/runtime_configs/python/3.9.5 similarity index 100% rename from ubuntu/standard/3.0/tools/runtime_configs/python/3.9.5 rename to unsupported_images/ubuntu/standard/3.0/tools/runtime_configs/python/3.9.5