From 8ed387ceffb3590c1b045c4589ad5a323421bb32 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Tue, 17 Jan 2023 11:08:38 -0800 Subject: [PATCH 01/68] edit Dockerfile with ecr account url --- .../base-images/ubuntu/Dockerfile | 46 +++++++ .github/workflows/base-images.yml | 115 ++++++++++++++++++ 2 files changed, 161 insertions(+) create mode 100644 .github/docker-images/base-images/ubuntu/Dockerfile create mode 100644 .github/workflows/base-images.yml diff --git a/.github/docker-images/base-images/ubuntu/Dockerfile b/.github/docker-images/base-images/ubuntu/Dockerfile new file mode 100644 index 0000000..3e5d255 --- /dev/null +++ b/.github/docker-images/base-images/ubuntu/Dockerfile @@ -0,0 +1,46 @@ +FROM ubuntu:latest +ARG OPENSSL_CONFIG=linux-generic64 +# Install Prerequisites +RUN apt-get update && \ +apt-get install -y build-essential git && \ +apt-get install -y wget tar libssl-dev openssl cmake python3 +# Install Dependencies +RUN mkdir /home/dependencies +WORKDIR /home/dependencies +RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ + tar xzvf /tmp/zlib-1.2.13.tar.gz && \ + cd zlib-1.2.13 && \ + ./configure && \ + make && \ + make install +WORKDIR /home/dependencies +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ + tar xzvf /tmp/boost.tar.gz && \ + cd boost_1_79_0 && \ + ./bootstrap.sh && \ + ./b2 install link=static +WORKDIR /home/dependencies +RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ + tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ + cd protobuf-3.17.3 && \ + mkdir build && \ + cd build && \ + cmake ../cmake && \ + make && \ + make install +WORKDIR /home/dependencies +RUN git clone https://github.com/openssl/openssl.git && \ + cd openssl && \ + git checkout OpenSSL_1_1_1-stable && \ + ./Configure $OPENSSL_CONFIG && \ + make depend && \ + make all +WORKDIR /home/dependencies +RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ + cd Catch2 && \ + mkdir build && \ + cd build && \ + cmake ../ && \ + make && \ + make install +WORKDIR /src \ No newline at end of file diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml new file mode 100644 index 0000000..9b29cdd --- /dev/null +++ b/.github/workflows/base-images.yml @@ -0,0 +1,115 @@ +name: Base Image Builds + +# This workflow is to allow the building of Docker base images by merging to the base-images branch of the repo +# Building the base images is time-consuming and not necessary unless there have been changes to the Dockerfile +# or a dependency. This workflow allows developers to merge to the base-images to build and publish the base images +# only when needed. This cuts the time needed for typical workflow runs significantly. + +on: + push: + branches: ['base-images'] + pull_request: + branches: ['base-images'] + types: [opened, closed] + +env: + PACKAGE_NAME: aws-iot-securetunneling-localproxy + ECR_BASE_REPO: aws-iot-securetunneling-localproxy-base-images + +jobs: + build-base-docker-image-ubuntu-amd64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build Ubuntu Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/ubuntu/Dockerfile + context: . + target: base + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-ubuntu-latest + platforms: linux/amd64 + build-base-docker-image-ubuntu-arm64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build Ubuntu Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/ubuntu/Dockerfile + context: . + target: base + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-ubuntu-latest + platforms: linux/arm64 + build-base-docker-image-ubuntu-armv7: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build ubuntu Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/ubuntu/Dockerfile + context: . + target: base + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:armv7-ubuntu-latest + platforms: linux/arm/v7 From b792fa31aa3001d8de90e58cc0406011c6425d26 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS <100961047+RogerZhongAWS@users.noreply.github.com> Date: Tue, 17 Jan 2023 11:23:02 -0800 Subject: [PATCH 02/68] Update base-images.yml --- .github/workflows/base-images.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 9b29cdd..813f95b 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -7,9 +7,9 @@ name: Base Image Builds on: push: - branches: ['base-images'] + branches: ['base-images', 'docker-builds'] pull_request: - branches: ['base-images'] + branches: ['base-images', 'docker-builds'] types: [opened, closed] env: From 1518e7a6c075dc03bac78a94fa2722b774ad213c Mon Sep 17 00:00:00 2001 From: RogerZhongAWS <100961047+RogerZhongAWS@users.noreply.github.com> Date: Tue, 17 Jan 2023 12:32:03 -0800 Subject: [PATCH 03/68] Update Dockerfile --- .github/docker-images/base-images/ubuntu/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/docker-images/base-images/ubuntu/Dockerfile b/.github/docker-images/base-images/ubuntu/Dockerfile index 3e5d255..b73618b 100644 --- a/.github/docker-images/base-images/ubuntu/Dockerfile +++ b/.github/docker-images/base-images/ubuntu/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:latest +FROM ubuntu:latest as base ARG OPENSSL_CONFIG=linux-generic64 # Install Prerequisites RUN apt-get update && \ @@ -43,4 +43,4 @@ RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ cmake ../ && \ make && \ make install -WORKDIR /src \ No newline at end of file +WORKDIR /src From f197c3ca661e21168af3cf3df9377bdbced3a20d Mon Sep 17 00:00:00 2001 From: RogerZhongAWS <100961047+RogerZhongAWS@users.noreply.github.com> Date: Tue, 17 Jan 2023 15:17:12 -0800 Subject: [PATCH 04/68] Update Dockerfile --- .github/docker-images/base-images/ubuntu/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/docker-images/base-images/ubuntu/Dockerfile b/.github/docker-images/base-images/ubuntu/Dockerfile index b73618b..9ac435e 100644 --- a/.github/docker-images/base-images/ubuntu/Dockerfile +++ b/.github/docker-images/base-images/ubuntu/Dockerfile @@ -18,7 +18,7 @@ RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_ tar xzvf /tmp/boost.tar.gz && \ cd boost_1_79_0 && \ ./bootstrap.sh && \ - ./b2 install link=static + ./b2 install WORKDIR /home/dependencies RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ From 79d87b5144f6503348fde4a8ff5e53965d1895a7 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS <100961047+RogerZhongAWS@users.noreply.github.com> Date: Tue, 17 Jan 2023 16:34:06 -0800 Subject: [PATCH 05/68] Update base-images.yml --- .github/workflows/base-images.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 813f95b..8d2d164 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -30,7 +30,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} - name: Checkout uses: actions/checkout@v2 with: @@ -62,7 +62,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} - name: Checkout uses: actions/checkout@v2 with: @@ -94,7 +94,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} - name: Checkout uses: actions/checkout@v2 with: From e39ff938fb82597c3d9c3fa83fcf0eabc690c4e5 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Wed, 18 Jan 2023 09:43:00 -0800 Subject: [PATCH 06/68] separate boost install into two steps --- .github/docker-images/base-images/ubuntu/Dockerfile | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/docker-images/base-images/ubuntu/Dockerfile b/.github/docker-images/base-images/ubuntu/Dockerfile index 9ac435e..2289f9f 100644 --- a/.github/docker-images/base-images/ubuntu/Dockerfile +++ b/.github/docker-images/base-images/ubuntu/Dockerfile @@ -17,8 +17,10 @@ WORKDIR /home/dependencies RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ cd boost_1_79_0 && \ - ./bootstrap.sh && \ - ./b2 install + ./bootstrap.sh +WORKDIR /home/dependencies +RUN cd boost_1_79_0 && \ + ./b2 install link=static WORKDIR /home/dependencies RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ From 264a386c0ead5eca305b6afb776a674c411319a3 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 19 Jan 2023 09:51:05 -0800 Subject: [PATCH 07/68] use dockerfile from device client integration test repo --- .../base-images/ubuntu/Dockerfile | 70 ++++++++++--------- .github/workflows/base-images.yml | 9 ++- 2 files changed, 42 insertions(+), 37 deletions(-) diff --git a/.github/docker-images/base-images/ubuntu/Dockerfile b/.github/docker-images/base-images/ubuntu/Dockerfile index 2289f9f..8d3fecd 100644 --- a/.github/docker-images/base-images/ubuntu/Dockerfile +++ b/.github/docker-images/base-images/ubuntu/Dockerfile @@ -1,48 +1,50 @@ -FROM ubuntu:latest as base -ARG OPENSSL_CONFIG=linux-generic64 +ARG OS +FROM ${OS} AS base + # Install Prerequisites -RUN apt-get update && \ -apt-get install -y build-essential git && \ -apt-get install -y wget tar libssl-dev openssl cmake python3 + +RUN apt update && apt upgrade -y && \ + apt install -y git libboost-all-dev autoconf automake \ + wget libtool curl make g++ unzip cmake libssl-dev + # Install Dependencies + RUN mkdir /home/dependencies WORKDIR /home/dependencies RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ - tar xzvf /tmp/zlib-1.2.13.tar.gz && \ - cd zlib-1.2.13 && \ - ./configure && \ - make && \ - make install + tar xzvf /tmp/zlib-1.2.13.tar.gz && \ + cd zlib-1.2.13 && \ + ./configure && \ + make && \ + make install WORKDIR /home/dependencies RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ - tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_79_0 && \ - ./bootstrap.sh + tar xzvf /tmp/boost.tar.gz && \ + cd boost_1_79_0 && \ + ./bootstrap.sh WORKDIR /home/dependencies -RUN cd boost_1_79_0 && \ - ./b2 install link=static +RUN ./b2 install link=static WORKDIR /home/dependencies RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ - tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ - cd protobuf-3.17.3 && \ - mkdir build && \ - cd build && \ - cmake ../cmake && \ - make && \ - make install + tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ + cd protobuf-3.17.3 && \ + mkdir build && \ + cd build && \ + cmake ../cmake && \ + make && \ + make install WORKDIR /home/dependencies RUN git clone https://github.com/openssl/openssl.git && \ - cd openssl && \ - git checkout OpenSSL_1_1_1-stable && \ - ./Configure $OPENSSL_CONFIG && \ - make depend && \ - make all + cd openssl && \ + git checkout OpenSSL_1_1_1-stable && \ + ./config && \ + make depend && \ + make all WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ - cd Catch2 && \ - mkdir build && \ - cd build && \ - cmake ../ && \ - make && \ - make install -WORKDIR /src + cd Catch2 && \ + mkdir build && \ + cd build && \ + cmake ../ && \ + make && \ + make install \ No newline at end of file diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 8d2d164..4070f39 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -43,8 +43,9 @@ jobs: uses: docker/build-push-action@v3 with: file: .github/docker-images/base-images/ubuntu/Dockerfile + build-args: | + OS=ubuntu:22.04 context: . - target: base push: true tags: | ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-ubuntu-latest @@ -75,8 +76,9 @@ jobs: uses: docker/build-push-action@v3 with: file: .github/docker-images/base-images/ubuntu/Dockerfile + build-args: | + OS=ubuntu:22.04 context: . - target: base push: true tags: | ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-ubuntu-latest @@ -107,8 +109,9 @@ jobs: uses: docker/build-push-action@v3 with: file: .github/docker-images/base-images/ubuntu/Dockerfile + build-args: | + OS=ubuntu:22.04 context: . - target: base push: true tags: | ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:armv7-ubuntu-latest From a033806199ab0622bdb6973cb2cb23ede378d440 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 19 Jan 2023 10:01:54 -0800 Subject: [PATCH 08/68] add missing line in dockerfile --- .github/docker-images/base-images/ubuntu/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/docker-images/base-images/ubuntu/Dockerfile b/.github/docker-images/base-images/ubuntu/Dockerfile index 8d3fecd..5949864 100644 --- a/.github/docker-images/base-images/ubuntu/Dockerfile +++ b/.github/docker-images/base-images/ubuntu/Dockerfile @@ -23,7 +23,8 @@ RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_ cd boost_1_79_0 && \ ./bootstrap.sh WORKDIR /home/dependencies -RUN ./b2 install link=static +RUN cd boost_1_79_0 && \ + ./b2 install link=static WORKDIR /home/dependencies RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ From 9a017bbf596b27228284e78c1c036228cb2e3864 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS <100961047+RogerZhongAWS@users.noreply.github.com> Date: Thu, 19 Jan 2023 11:16:22 -0800 Subject: [PATCH 09/68] Update base-images.yml --- .github/workflows/base-images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 4070f39..18c02fc 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -110,7 +110,7 @@ jobs: with: file: .github/docker-images/base-images/ubuntu/Dockerfile build-args: | - OS=ubuntu:22.04 + OS=ubuntu:18.04 context: . push: true tags: | From 885097595e2a8593d5b20ef2c368faed8c6d0ede Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 19 Jan 2023 19:34:01 -0800 Subject: [PATCH 10/68] ubi8 and amazonlinux docker images --- .../base-images/amazonlinux/Dockerfile | 51 +++++++ .../docker-images/base-images/ubi8/Dockerfile | 51 +++++++ .../base-images/ubuntu/Dockerfile | 2 +- .github/workflows/base-images.yml | 124 ++++++++++++++++++ 4 files changed, 227 insertions(+), 1 deletion(-) create mode 100644 .github/docker-images/base-images/amazonlinux/Dockerfile create mode 100644 .github/docker-images/base-images/ubi8/Dockerfile diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile new file mode 100644 index 0000000..2c3f6cb --- /dev/null +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -0,0 +1,51 @@ +FROM amazonlinux:latest AS base + +# Install Prerequisites + +RUN yum -y update \ + && yum -y install \ + git autoconf automake \ + wget libtool curl make gcc-c++ unzip cmake python3 \ + && yum clean all \ + && rm -rf /var/cache/yum + +RUN mkdir /home/dependencies +WORKDIR /home/dependencies +RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ + tar xzvf /tmp/zlib-1.2.13.tar.gz && \ + cd zlib-1.2.13 && \ + ./configure && \ + make && \ + make install +WORKDIR /home/dependencies +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ + tar xzvf /tmp/boost.tar.gz && \ + cd boost_1_79_0 && \ + ./bootstrap.sh +WORKDIR /home/dependencies +RUN cd boost_1_79_0 && \ + ./b2 install link=static +WORKDIR /home/dependencies +RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ + tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ + cd protobuf-3.17.3 && \ + mkdir build && \ + cd build && \ + cmake ../cmake && \ + make && \ + make install +WORKDIR /home/dependencies +RUN git clone https://github.com/openssl/openssl.git && \ + cd openssl && \ + git checkout OpenSSL_1_1_1-stable && \ + ./config && \ + make depend && \ + make all +WORKDIR /home/dependencies +RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ + cd Catch2 && \ + mkdir build && \ + cd build && \ + cmake ../ && \ + make && \ + make install \ No newline at end of file diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile new file mode 100644 index 0000000..ccf293d --- /dev/null +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -0,0 +1,51 @@ +FROM redhat/ubi8:latest AS base + +# Install Prerequisites + +RUN yum -y update \ + && yum -y install \ + git autoconf automake \ + wget libtool curl make gcc-c++ unzip cmake python3 \ + && yum clean all \ + && rm -rf /var/cache/yum + +RUN mkdir /home/dependencies +WORKDIR /home/dependencies +RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ + tar xzvf /tmp/zlib-1.2.13.tar.gz && \ + cd zlib-1.2.13 && \ + ./configure && \ + make && \ + make install +WORKDIR /home/dependencies +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ + tar xzvf /tmp/boost.tar.gz && \ + cd boost_1_79_0 && \ + ./bootstrap.sh +WORKDIR /home/dependencies +RUN cd boost_1_79_0 && \ + ./b2 install link=static +WORKDIR /home/dependencies +RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ + tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ + cd protobuf-3.17.3 && \ + mkdir build && \ + cd build && \ + cmake ../cmake && \ + make && \ + make install +WORKDIR /home/dependencies +RUN git clone https://github.com/openssl/openssl.git && \ + cd openssl && \ + git checkout OpenSSL_1_1_1-stable && \ + ./config && \ + make depend && \ + make all +WORKDIR /home/dependencies +RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ + cd Catch2 && \ + mkdir build && \ + cd build && \ + cmake ../ && \ + make && \ + make install \ No newline at end of file diff --git a/.github/docker-images/base-images/ubuntu/Dockerfile b/.github/docker-images/base-images/ubuntu/Dockerfile index 5949864..b924a4f 100644 --- a/.github/docker-images/base-images/ubuntu/Dockerfile +++ b/.github/docker-images/base-images/ubuntu/Dockerfile @@ -5,7 +5,7 @@ FROM ${OS} AS base RUN apt update && apt upgrade -y && \ apt install -y git libboost-all-dev autoconf automake \ - wget libtool curl make g++ unzip cmake libssl-dev + wget libtool curl make g++ unzip cmake libssl-dev python3 # Install Dependencies diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 18c02fc..a5b13be 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -116,3 +116,127 @@ jobs: tags: | ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:armv7-ubuntu-latest platforms: linux/arm/v7 + build-base-docker-image-ubi8-amd64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build ubuntu Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/ubi8/Dockerfile + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-ubi8-latest + platforms: linux/amd64 + build-base-docker-image-ubi8-arm64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build ubuntu Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/ubi8/Dockerfile + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-ubi8-latest + platforms: linux/arm64 + build-base-docker-image-amazonlinux-amd64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build ubuntu Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/amazonlinux/Dockerfile + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-amazonlinux-latest + platforms: linux/amd64 + build-base-docker-image-amazonlinux-arm64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build ubuntu Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/amazonlinux/Dockerfile + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-amazonlinux-latest + platforms: linux/arm64 \ No newline at end of file From a1b6fd6f1dd7f851b6446297b0e4cf16526f0d1e Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 19 Jan 2023 19:56:39 -0800 Subject: [PATCH 11/68] update cmake and python packages --- .github/docker-images/base-images/amazonlinux/Dockerfile | 4 ++-- .github/docker-images/base-images/ubi8/Dockerfile | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index 2c3f6cb..896828f 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -4,8 +4,8 @@ FROM amazonlinux:latest AS base RUN yum -y update \ && yum -y install \ - git autoconf automake \ - wget libtool curl make gcc-c++ unzip cmake python3 \ + git autoconf automake which \ + wget libtool curl make gcc-c++ unzip cmake3 openssl11-devel python-devel \ && yum clean all \ && rm -rf /var/cache/yum diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index ccf293d..245945a 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -5,7 +5,7 @@ FROM redhat/ubi8:latest AS base RUN yum -y update \ && yum -y install \ git autoconf automake \ - wget libtool curl make gcc-c++ unzip cmake python3 \ + wget libtool curl make gcc-c++ unzip cmake3 openssl11-devel python-devel \ && yum clean all \ && rm -rf /var/cache/yum From 2f990de5a5bfb5d425ba1312826025a3a0ce34b1 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 19 Jan 2023 19:59:06 -0800 Subject: [PATCH 12/68] fix errors --- .github/docker-images/base-images/amazonlinux/Dockerfile | 2 +- .github/docker-images/base-images/ubi8/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index 896828f..5ca85ea 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -5,7 +5,7 @@ FROM amazonlinux:latest AS base RUN yum -y update \ && yum -y install \ git autoconf automake which \ - wget libtool curl make gcc-c++ unzip cmake3 openssl11-devel python-devel \ + wget libtool curl make gcc-c++ unzip cmake3 python3 openssl11-devel \ && yum clean all \ && rm -rf /var/cache/yum diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index 245945a..2462522 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -5,7 +5,7 @@ FROM redhat/ubi8:latest AS base RUN yum -y update \ && yum -y install \ git autoconf automake \ - wget libtool curl make gcc-c++ unzip cmake3 openssl11-devel python-devel \ + wget libtool curl make gcc-c++ unzip cmake3 python3 \ && yum clean all \ && rm -rf /var/cache/yum From e8c420cd4b505e67d583e2a1d10b98cfd8a4b64c Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 19 Jan 2023 20:08:54 -0800 Subject: [PATCH 13/68] copy old dockerfile --- .../base-images/amazonlinux/Dockerfile | 57 ++++++++++++------- 1 file changed, 35 insertions(+), 22 deletions(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index 5ca85ea..e2ceab1 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -1,51 +1,64 @@ -FROM amazonlinux:latest AS base +# FROM amazonlinux:latest +FROM amazonlinux:latest as builder +ARG OPENSSL_CONFIG # Install Prerequisites -RUN yum -y update \ - && yum -y install \ - git autoconf automake which \ - wget libtool curl make gcc-c++ unzip cmake3 python3 openssl11-devel \ - && yum clean all \ - && rm -rf /var/cache/yum +RUN yum check-update; yum upgrade -y && \ + yum install -y git boost-devel autoconf automake \ + wget libtool curl make gcc-c++ unzip cmake3 openssl11-devel \ + python-devel which + +# Install Dependencies RUN mkdir /home/dependencies WORKDIR /home/dependencies + RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ tar xzvf /tmp/zlib-1.2.13.tar.gz && \ cd zlib-1.2.13 && \ ./configure && \ make && \ - make install -WORKDIR /home/dependencies + make install && \ + cd /home/dependencies + RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ cd boost_1_79_0 && \ - ./bootstrap.sh -WORKDIR /home/dependencies -RUN cd boost_1_79_0 && \ - ./b2 install link=static -WORKDIR /home/dependencies + ./bootstrap.sh && \ + ./b2 install link=static && \ + cd /home/dependencies + RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ cd protobuf-3.17.3 && \ mkdir build && \ cd build && \ - cmake ../cmake && \ + cmake3 ../cmake && \ make && \ - make install -WORKDIR /home/dependencies + make install && \ + cd /home/dependencies + RUN git clone https://github.com/openssl/openssl.git && \ cd openssl && \ git checkout OpenSSL_1_1_1-stable && \ - ./config && \ + ./Configure $OPENSSL_CONFIG && \ make depend && \ - make all -WORKDIR /home/dependencies + make all && \ + cd /home/dependencies + RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ cd Catch2 && \ mkdir build && \ cd build && \ - cmake ../ && \ + cmake3 ../ && \ make && \ - make install \ No newline at end of file + make install && \ + cd /home/dependencies + +RUN git clone https://github.com/aws-samples/aws-iot-securetunneling-localproxy && \ + cd aws-iot-securetunneling-localproxy && \ + mkdir build && \ + cd build && \ + cmake3 ../ && \ + make \ From 893aeda01db2b5f265bf2879a772d4facef62c11 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 19 Jan 2023 20:52:15 -0800 Subject: [PATCH 14/68] fix openssl --- .github/docker-images/base-images/amazonlinux/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index e2ceab1..85abd0f 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -42,7 +42,7 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p RUN git clone https://github.com/openssl/openssl.git && \ cd openssl && \ git checkout OpenSSL_1_1_1-stable && \ - ./Configure $OPENSSL_CONFIG && \ + ./config && \ make depend && \ make all && \ cd /home/dependencies From ee873d7370c7c0bb48878113db5c20e58405a0a5 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Fri, 20 Jan 2023 11:42:19 -0800 Subject: [PATCH 15/68] optimize Dockerfiles --- .../base-images/amazonlinux/Dockerfile | 33 ++++++++----------- .../docker-images/base-images/ubi8/Dockerfile | 11 ++++--- .../base-images/ubuntu/Dockerfile | 9 +++-- 3 files changed, 26 insertions(+), 27 deletions(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index 85abd0f..a9efef6 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -6,29 +6,30 @@ ARG OPENSSL_CONFIG RUN yum check-update; yum upgrade -y && \ yum install -y git boost-devel autoconf automake \ - wget libtool curl make gcc-c++ unzip cmake3 openssl11-devel \ - python-devel which + wget libtool curl make gcc-c++ unzip cmake3 python3 openssl11-devel which \ + && yum clean all \ + && rm -rf /var/cache/yum # Install Dependencies RUN mkdir /home/dependencies -WORKDIR /home/dependencies +WORKDIR /home/dependencies RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ tar xzvf /tmp/zlib-1.2.13.tar.gz && \ cd zlib-1.2.13 && \ ./configure && \ make && \ - make install && \ - cd /home/dependencies + make install +WORKDIR /home/dependencies RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ cd boost_1_79_0 && \ ./bootstrap.sh && \ - ./b2 install link=static && \ - cd /home/dependencies + ./b2 install link=static +WORKDIR /home/dependencies RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ cd protobuf-3.17.3 && \ @@ -36,29 +37,21 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p cd build && \ cmake3 ../cmake && \ make && \ - make install && \ - cd /home/dependencies + make install +WORKDIR /home/dependencies RUN git clone https://github.com/openssl/openssl.git && \ cd openssl && \ git checkout OpenSSL_1_1_1-stable && \ ./config && \ make depend && \ - make all && \ - cd /home/dependencies + make all +WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ cd Catch2 && \ mkdir build && \ cd build && \ cmake3 ../ && \ make && \ - make install && \ - cd /home/dependencies - -RUN git clone https://github.com/aws-samples/aws-iot-securetunneling-localproxy && \ - cd aws-iot-securetunneling-localproxy && \ - mkdir build && \ - cd build && \ - cmake3 ../ && \ - make \ + make install diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index 2462522..8a880c1 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -5,11 +5,12 @@ FROM redhat/ubi8:latest AS base RUN yum -y update \ && yum -y install \ git autoconf automake \ - wget libtool curl make gcc-c++ unzip cmake3 python3 \ + wget libtool curl make gcc-c++ unzip cmake python3 openssl-devel \ && yum clean all \ && rm -rf /var/cache/yum RUN mkdir /home/dependencies + WORKDIR /home/dependencies RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ tar xzvf /tmp/zlib-1.2.13.tar.gz && \ @@ -17,14 +18,14 @@ RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ ./configure && \ make && \ make install + WORKDIR /home/dependencies RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ cd boost_1_79_0 && \ - ./bootstrap.sh -WORKDIR /home/dependencies -RUN cd boost_1_79_0 && \ + ./bootstrap.sh && \ ./b2 install link=static + WORKDIR /home/dependencies RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ @@ -34,6 +35,7 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p cmake ../cmake && \ make && \ make install + WORKDIR /home/dependencies RUN git clone https://github.com/openssl/openssl.git && \ cd openssl && \ @@ -41,6 +43,7 @@ RUN git clone https://github.com/openssl/openssl.git && \ ./config && \ make depend && \ make all + WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ cd Catch2 && \ diff --git a/.github/docker-images/base-images/ubuntu/Dockerfile b/.github/docker-images/base-images/ubuntu/Dockerfile index b924a4f..d89fc4a 100644 --- a/.github/docker-images/base-images/ubuntu/Dockerfile +++ b/.github/docker-images/base-images/ubuntu/Dockerfile @@ -10,6 +10,7 @@ RUN apt update && apt upgrade -y && \ # Install Dependencies RUN mkdir /home/dependencies + WORKDIR /home/dependencies RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ tar xzvf /tmp/zlib-1.2.13.tar.gz && \ @@ -17,14 +18,14 @@ RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ ./configure && \ make && \ make install + WORKDIR /home/dependencies RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ cd boost_1_79_0 && \ - ./bootstrap.sh -WORKDIR /home/dependencies -RUN cd boost_1_79_0 && \ + ./bootstrap.sh && \ ./b2 install link=static + WORKDIR /home/dependencies RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ @@ -34,6 +35,7 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p cmake ../cmake && \ make && \ make install + WORKDIR /home/dependencies RUN git clone https://github.com/openssl/openssl.git && \ cd openssl && \ @@ -41,6 +43,7 @@ RUN git clone https://github.com/openssl/openssl.git && \ ./config && \ make depend && \ make all + WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ cd Catch2 && \ From aa39ddb29f8178a1c248e0f4af0ca9e1168a274b Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Fri, 20 Jan 2023 11:59:00 -0800 Subject: [PATCH 16/68] fix amazonlinux dockerfile --- .github/docker-images/base-images/amazonlinux/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index a9efef6..7d35364 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -6,7 +6,7 @@ ARG OPENSSL_CONFIG RUN yum check-update; yum upgrade -y && \ yum install -y git boost-devel autoconf automake \ - wget libtool curl make gcc-c++ unzip cmake3 python3 openssl11-devel which \ + wget libtool curl make gcc-c++ unzip cmake3 python-devel openssl11-devel which \ && yum clean all \ && rm -rf /var/cache/yum From 3dcc81b186363b567650c723f7693d777b652b43 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Tue, 21 Feb 2023 11:58:23 -0800 Subject: [PATCH 17/68] all base and release images --- .github/docker-images/Dockerfile | 25 ++ .../base-images/amazonlinux/Dockerfile | 3 +- .../base-images/debian/Dockerfile | 52 +++ .../base-images/fedora/Dockerfile | 54 +++ .../docker-images/base-images/ubi8/Dockerfile | 2 +- .../base-images/ubuntu/Dockerfile | 6 +- .../oss-compliance/generate-oss-compliance.sh | 34 ++ .../linux-packages/dpkg-packages.sh | 29 ++ .../linux-packages/yum-packages.sh | 54 +++ .../test/test-oss-compliance.sh | 17 + .github/workflows/base-images.yml | 136 +++++- .github/workflows/release.yml | 402 ++++++++++++++++++ 12 files changed, 802 insertions(+), 12 deletions(-) create mode 100644 .github/docker-images/Dockerfile create mode 100644 .github/docker-images/base-images/debian/Dockerfile create mode 100644 .github/docker-images/base-images/fedora/Dockerfile create mode 100644 .github/docker-images/oss-compliance/generate-oss-compliance.sh create mode 100644 .github/docker-images/oss-compliance/linux-packages/dpkg-packages.sh create mode 100644 .github/docker-images/oss-compliance/linux-packages/yum-packages.sh create mode 100644 .github/docker-images/oss-compliance/test/test-oss-compliance.sh create mode 100644 .github/workflows/release.yml diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile new file mode 100644 index 0000000..c6fdda3 --- /dev/null +++ b/.github/docker-images/Dockerfile @@ -0,0 +1,25 @@ +ARG OS +ARG BASE_IMAGE +FROM ${BASE_IMAGE} AS deploy + +############################################################################### +# Copy and build local proxy +############################################################################### +COPY . /root/aws-iot-securetunneling-localproxy +RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ + && cd /root/aws-iot-securetunneling-localproxy/build \ + && cmake .. \ + && make + +FROM ${OS} AS minimum_size + +COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/aws-iot-securetunneling-localproxy ./bin + +COPY ./.github/docker-images/oss-compliance /root/oss-compliance +#RUN HOME_DIR=/root \ +# && chmod +x ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh \ +# && chmod +x ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh \ +# && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ +# && rm -rf ${HOME_DIR}/oss-compliance* + +ENTRYPOINT ["/bin"] \ No newline at end of file diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index 7d35364..927667a 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -1,5 +1,4 @@ -# FROM amazonlinux:latest -FROM amazonlinux:latest as builder +FROM amazonlinux:latest as base ARG OPENSSL_CONFIG # Install Prerequisites diff --git a/.github/docker-images/base-images/debian/Dockerfile b/.github/docker-images/base-images/debian/Dockerfile new file mode 100644 index 0000000..944da56 --- /dev/null +++ b/.github/docker-images/base-images/debian/Dockerfile @@ -0,0 +1,52 @@ +FROM debian:latest AS base +# Install Prerequisites + +RUN apt update && apt upgrade -y && \ + apt install -y git libboost-all-dev autoconf automake \ + wget libtool curl make g++ unzip cmake libssl-dev python3 + +# Install Dependencies + +RUN mkdir /home/dependencies + +WORKDIR /home/dependencies +RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ + tar xzvf /tmp/zlib-1.2.13.tar.gz && \ + cd zlib-1.2.13 && \ + ./configure && \ + make && \ + make install + +WORKDIR /home/dependencies +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ + tar xzvf /tmp/boost.tar.gz && \ + cd boost_1_81_0 && \ + ./bootstrap.sh && \ + ./b2 install link=static + +WORKDIR /home/dependencies +RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ + tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ + cd protobuf-3.17.3 && \ + mkdir build && \ + cd build && \ + cmake ../cmake && \ + make && \ + make install + +WORKDIR /home/dependencies +RUN git clone https://github.com/openssl/openssl.git && \ + cd openssl && \ + git checkout OpenSSL_1_1_1-stable && \ + ./config && \ + make depend && \ + make all + +WORKDIR /home/dependencies +RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ + cd Catch2 && \ + mkdir build && \ + cd build && \ + cmake ../ && \ + make && \ + make install diff --git a/.github/docker-images/base-images/fedora/Dockerfile b/.github/docker-images/base-images/fedora/Dockerfile new file mode 100644 index 0000000..60ef93e --- /dev/null +++ b/.github/docker-images/base-images/fedora/Dockerfile @@ -0,0 +1,54 @@ +FROM fedora:latest AS base + +# Install Prerequisites + +RUN dnf -y update \ + && dnf -y install \ + git autoconf automake \ + wget libtool curl make gcc-c++ unzip cmake python3 openssl-devel perl-core \ + && dnf clean all \ + && rm -rf /var/cache/dnf + +RUN mkdir /home/dependencies + +WORKDIR /home/dependencies +RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ + tar xzvf /tmp/zlib-1.2.13.tar.gz && \ + cd zlib-1.2.13 && \ + ./configure && \ + make && \ + make install + +WORKDIR /home/dependencies +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ + tar xzvf /tmp/boost.tar.gz && \ + cd boost_1_79_0 && \ + ./bootstrap.sh && \ + ./b2 install link=static + +WORKDIR /home/dependencies +RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ + tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ + cd protobuf-3.17.3 && \ + mkdir build && \ + cd build && \ + cmake ../cmake && \ + make && \ + make install + +WORKDIR /home/dependencies +RUN git clone https://github.com/openssl/openssl.git && \ + cd openssl && \ + git checkout OpenSSL_1_1_1-stable && \ + ./config && \ + make depend && \ + make all + +WORKDIR /home/dependencies +RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ + cd Catch2 && \ + mkdir build && \ + cd build && \ + cmake ../ && \ + make && \ + make install diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index 8a880c1..f1ef6a0 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -51,4 +51,4 @@ RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ cd build && \ cmake ../ && \ make && \ - make install \ No newline at end of file + make install diff --git a/.github/docker-images/base-images/ubuntu/Dockerfile b/.github/docker-images/base-images/ubuntu/Dockerfile index d89fc4a..7791abd 100644 --- a/.github/docker-images/base-images/ubuntu/Dockerfile +++ b/.github/docker-images/base-images/ubuntu/Dockerfile @@ -20,9 +20,9 @@ RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_79_0 && \ + cd boost_1_81_0 && \ ./bootstrap.sh && \ ./b2 install link=static @@ -51,4 +51,4 @@ RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ cd build && \ cmake ../ && \ make && \ - make install \ No newline at end of file + make install diff --git a/.github/docker-images/oss-compliance/generate-oss-compliance.sh b/.github/docker-images/oss-compliance/generate-oss-compliance.sh new file mode 100644 index 0000000..8572340 --- /dev/null +++ b/.github/docker-images/oss-compliance/generate-oss-compliance.sh @@ -0,0 +1,34 @@ +# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +# SPDX-License-Identifier: Apache-2.0 + +#!/bin/bash + +PRETTY_NAME=$(cat /etc/os-release | grep PRETTY_NAME) + +HOME_DIR=$1 + +export HOME_DIR=${HOME_DIR} +LINUX_PACKAGES=${HOME_DIR}/oss-compliance/linux-packages +BUILD_FROM_SOURCE_PACKAGES_LICENCES=${HOME_DIR}/oss-compliance/build-from-source-packages/build-from-source-package-licenses.txt + +set -e + +chmod +x ${LINUX_PACKAGES}/yum-packages.sh +chmod +x ${LINUX_PACKAGES}/dkpg-packages.sh + +if [[ $PRETTY_NAME == *"Ubuntu"* ]]; then + ${LINUX_PACKAGES}/dkpg-packages.sh +fi + +if [[ $PRETTY_NAME == *"Amazon Linux"* ]]; then + ${LINUX_PACKAGES}/yum-packages.sh +fi + +if [[ $PRETTY_NAME == *"Red Hat Enterprise Linux"* ]]; then + ${LINUX_PACKAGES}/yum-packages.sh + BUILD_FROM_SOURCE_PACKAGES_LICENCES=${HOME_DIR}/oss-compliance/build-from-source-packages/build-from-source-package-licenses-ubi8.txt +fi + +cp ${BUILD_FROM_SOURCE_PACKAGES_LICENCES} ${HOME_DIR}/BUILD_FROM_SOURCE_PACKAGES_LICENCES +chmod +x ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh +bash ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh ${HOME_DIR} \ No newline at end of file diff --git a/.github/docker-images/oss-compliance/linux-packages/dpkg-packages.sh b/.github/docker-images/oss-compliance/linux-packages/dpkg-packages.sh new file mode 100644 index 0000000..ce13175 --- /dev/null +++ b/.github/docker-images/oss-compliance/linux-packages/dpkg-packages.sh @@ -0,0 +1,29 @@ +# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +# SPDX-License-Identifier: Apache-2.0 + +HOME_DIR=/root +LICENSE_TEXT_FILE_NAME="LINUX_PACKAGES_LICENSES" +LICENSE_TEXT_FILE_PATH=${HOME_DIR}/${LICENSE_TEXT_FILE_NAME} +PACKAGE_LIST_TEXT_FILE_NAME="LINUX_PACKAGES_LIST" + +OUTPUT=$(dpkg -l | grep '^.[iufhwt]') +echo "${OUTPUT}" > ${HOME_DIR}/${PACKAGE_LIST_TEXT_FILE_NAME} + +IFS=$'\n' read -rd '' -a OUTPUT_LIST <<<${OUTPUT} + +for (( i=0; i<${#OUTPUT_LIST[@]}; i++ )) +do + IFS=$' ' read -rd '' -a PACKAGE_DETAILS <<<${OUTPUT_LIST[$i]} + if [ ${#PACKAGE_DETAILS[@]} ]; then + IFS=$':' read -a PACKAGE_NAME_AND_ARCH <<<${PACKAGE_DETAILS[1]} + PACKAGE_NAME="${PACKAGE_NAME_AND_ARCH[0]}" + LICENSE_TEXT=$(cat "/usr/share/doc/${PACKAGE_NAME}/copyright") + if [ -z "${LICENSE_TEXT}" ]; then + LICENSE_TEXT="License is not present for this package." + fi + echo "Package Name: "${PACKAGE_NAME} >> ${LICENSE_TEXT_FILE_PATH} + echo "Package Version: "${PACKAGE_DETAILS[2]} >> ${LICENSE_TEXT_FILE_PATH} + echo "Package License Location: "${PACKAGE_LICENSE_LOCATION} >> ${LICENSE_TEXT_FILE_PATH} + echo -e "Package License Text: "${LICENSE_TEXT}"\n" >> ${LICENSE_TEXT_FILE_PATH} + fi +done \ No newline at end of file diff --git a/.github/docker-images/oss-compliance/linux-packages/yum-packages.sh b/.github/docker-images/oss-compliance/linux-packages/yum-packages.sh new file mode 100644 index 0000000..dc4773a --- /dev/null +++ b/.github/docker-images/oss-compliance/linux-packages/yum-packages.sh @@ -0,0 +1,54 @@ +# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +# SPDX-License-Identifier: Apache-2.0 + +LICENSE_FILE_NAMES=("LICENSE" "LICENSE.txt" "LICENSE.md" "license.txt" "license" "COPYRIGHT" "LICENSE.rst" "COPYING" "COPYING.md" "COPYING.txt") + +LICENSE_FILE_LOCATIONS=("/usr/share/licenses" "/usr/share/doc") + +HOME_DIR=/root +LICENSE_TEXT_FILE_NAME="LINUX_PACKAGES_LICENSES" +LICENSE_TEXT_FILE_PATH=${HOME_DIR}/${LICENSE_TEXT_FILE_NAME} +PACKAGE_LIST_TEXT_FILE_NAME="LINUX_PACKAGES_LIST" + +OUTPUT="$(yum list installed | grep -v @amzn2-core | sort)" +echo "${OUTPUT}" > ${HOME_DIR}/${PACKAGE_LIST_TEXT_FILE_NAME} + +IFS=$'\n' read -rd '' -a OUTPUT_LIST <<<"${OUTPUT}" + +for (( i=0; i<${#OUTPUT_LIST[@]}; i++ )) +do + IFS=$' ' read -rd '' -a PACKAGE_DETAILS <<<${OUTPUT_LIST[$i]} + if [ ${#PACKAGE_DETAILS[@]} -eq "3" ]; then + IFS=$'.' read -rd '' -a PACKAGE_NAME_AND_ARCH <<<${PACKAGE_DETAILS[0]} + PACKAGE_NAME=${PACKAGE_NAME_AND_ARCH[0]} + IFS=$'-:' read -rd '' -a PACKAGE_VERSION_ARR <<<${PACKAGE_DETAILS[1]} + if [ ${#PACKAGE_VERSION[@]} -ge "2" ]; then + PACKAGE_VERSION="${PACKAGE_VERSION_ARR[1]}" + else + PACKAGE_VERSION="${PACKAGE_VERSION_ARR[0]}" + fi + PACKAGE_LOCATION="" + for (( license_file_dir=0; license_file_dir<"${#LICENSE_FILE_LOCATIONS[@]}"; license_file_dir++ )) + do + for (( license_file=0; license_file<"${#LICENSE_FILE_NAMES[@]}"; license_file++ )) + do + if [[ -f "${LICENSE_FILE_LOCATIONS[$license_file_dir]}/${PACKAGE_NAME}-${PACKAGE_VERSION}/${LICENSE_FILE_NAMES[$license_file]}" ]]; then + PACKAGE_LICENSE_LOCATION=${LICENSE_FILE_LOCATIONS[$license_file_dir]}/${PACKAGE_NAME}-${PACKAGE_VERSION}/${LICENSE_FILE_NAMES[$license_file]} + break + elif [[ -f "${LICENSE_FILE_LOCATIONS[$license_file_dir]}/${PACKAGE_NAME}/${LICENSE_FILE_NAMES[$license_file]}" ]]; then + PACKAGE_LICENSE_LOCATION=${LICENSE_FILE_LOCATIONS[$license_file_dir]}/${PACKAGE_NAME}/${LICENSE_FILE_NAMES[$license_file]} + break + fi + done + done + if [ ${PACKAGE_LICENSE_LOCATION} ] && [ -f ${PACKAGE_LICENSE_LOCATION} ]; then + LICENSE_TEXT=$(cat "${PACKAGE_LICENSE_LOCATION}") || true + else + LICENSE_TEXT="License is not present for this package." + fi + echo "Package Name: "${PACKAGE_NAME} >> ${LICENSE_TEXT_FILE_PATH} + echo "Package Version: "${PACKAGE_VERSION} >> ${LICENSE_TEXT_FILE_PATH} + echo "Package License Location: "${PACKAGE_LICENSE_LOCATION} >> ${LICENSE_TEXT_FILE_PATH} + echo -e "Package License Text: "${LICENSE_TEXT}"\n" >> ${LICENSE_TEXT_FILE_PATH} + fi +done \ No newline at end of file diff --git a/.github/docker-images/oss-compliance/test/test-oss-compliance.sh b/.github/docker-images/oss-compliance/test/test-oss-compliance.sh new file mode 100644 index 0000000..104a9d4 --- /dev/null +++ b/.github/docker-images/oss-compliance/test/test-oss-compliance.sh @@ -0,0 +1,17 @@ +# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +# SPDX-License-Identifier: Apache-2.0 + +#!/bin/bash + +HOME_DIR=$1 + +FILES=("${HOME_DIR}/LINUX_PACKAGES_LICENSES" "${HOME_DIR}/BUILD_FROM_SOURCE_PACKAGES_LICENCES") + +for FILE in ${FILES[@]}; do + if [ -f "$FILE" ]; then + echo "$FILE exists." + else + echo "$FILE doesn't exist which is needed for license attribution compliance." + exit 1 + fi +done \ No newline at end of file diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index a5b13be..89d7dae 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -44,7 +44,7 @@ jobs: with: file: .github/docker-images/base-images/ubuntu/Dockerfile build-args: | - OS=ubuntu:22.04 + OS=ubuntu:latest context: . push: true tags: | @@ -77,7 +77,7 @@ jobs: with: file: .github/docker-images/base-images/ubuntu/Dockerfile build-args: | - OS=ubuntu:22.04 + OS=ubuntu:latest context: . push: true tags: | @@ -138,7 +138,7 @@ jobs: uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Build ubuntu Base Image + - name: Build ubi8 Base Image uses: docker/build-push-action@v3 with: file: .github/docker-images/base-images/ubi8/Dockerfile @@ -169,7 +169,7 @@ jobs: uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Build ubuntu Base Image + - name: Build ubi8 Base Image uses: docker/build-push-action@v3 with: file: .github/docker-images/base-images/ubi8/Dockerfile @@ -200,7 +200,7 @@ jobs: uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Build ubuntu Base Image + - name: Build amazonlinux Base Image uses: docker/build-push-action@v3 with: file: .github/docker-images/base-images/amazonlinux/Dockerfile @@ -231,7 +231,7 @@ jobs: uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Build ubuntu Base Image + - name: Build amazonlinux Base Image uses: docker/build-push-action@v3 with: file: .github/docker-images/base-images/amazonlinux/Dockerfile @@ -239,4 +239,128 @@ jobs: push: true tags: | ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-amazonlinux-latest + platforms: linux/arm64 + build-base-docker-image-debian-amd64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build debian Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/debian/Dockerfile + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-debian-latest + platforms: linux/amd64 + build-base-docker-image-debian-arm64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build debian Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/debian/Dockerfile + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-debian-latest + platforms: linux/arm64 + build-base-docker-image-fedora-amd64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build fedora Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/fedora/Dockerfile + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-fedora-latest + platforms: linux/amd64 + build-base-docker-image-fedora-arm64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build fedora Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/fedora/Dockerfile + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-latest platforms: linux/arm64 \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..80f0fe4 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,402 @@ +name: Release Image Builds + +# This workflow is to allow the building of Docker release images by copying the binary from a base image to a minimum size OS image. + +on: + push: + branches: ['main'] + pull_request: + branches: ['main'] + types: [opened, closed] + +env: + PACKAGE_NAME: aws-iot-securetunneling-localproxy + ECR_BASE_REPO: aws-iot-securetunneling-localproxy-base-images + ECR_REPO: aws-iot-securetunneling-localproxy-release-images + +jobs: + build-docker-image-ubuntu-amd64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build Ubuntu Release Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/Dockerfile + build-args: | + OS=ubuntu:latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-ubuntu-latest + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-ubuntu-${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-ubuntu-latest + platforms: linux/amd64 + build-docker-image-ubuntu-arm64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build Ubuntu Release Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/Dockerfile + build-args: | + OS=ubuntu:latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-ubuntu-latest + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-ubuntu-${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-ubuntu-latest + platforms: linux/arm64 + build-docker-image-ubuntu-armv7: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build ubuntu Release Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/Dockerfile + build-args: | + OS=ubuntu:18.04 + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:armv7-ubuntu-latest + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:armv7-ubuntu-${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:armv7-ubuntu-latest + platforms: linux/arm/v7 + build-docker-image-ubi8-amd64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build ubi8 Release Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/Dockerfile + build-args: | + OS=redhat/ubi8:latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-ubi8-latest + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-ubi8-${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-ubi8-latest + platforms: linux/amd64 + build-docker-image-ubi8-arm64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build ubi8 Release Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/Dockerfile + build-args: | + OS=redhat/ubi8:latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-ubi8-latest + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-ubi8-${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-ubi8-latest + platforms: linux/arm64 + build-docker-image-amazonlinux-amd64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build amazonlinux Release Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/Dockerfile + build-args: | + OS=amazonlinux:latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-amazonlinux-latest + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-amazonlinux-${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-amazonlinux-latest + platforms: linux/amd64 + build-docker-image-amazonlinux-arm64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build amazonlinux Release Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/Dockerfile + build-args: | + OS=amazonlinux:latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-amazonlinux-latest + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-amazonlinux-${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-amazonlinux-latest + platforms: linux/arm64 + build-docker-image-debian-amd64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build debian Release Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/Dockerfile + build-args: | + OS=debian:latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-debian-latest + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-debian-${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-debian-latest + platforms: linux/amd64 + build-docker-image-debian-arm64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build debian Release Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/Dockerfile + build-args: | + OS=debian:latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-debian-latest + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-debian-${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-debian-latest + platforms: linux/arm64 + build-docker-image-fedora-amd64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build fedora Release Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/Dockerfile + build-args: | + OS=fedora:latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-fedora-latest + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-fedora-${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-fedora-latest + platforms: linux/amd64 + build-docker-image-fedora-arm64: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build fedora Release Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/Dockerfile + build-args: | + OS=fedora:latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-latest + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-fedora-${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-fedora-latest + platforms: linux/arm64 \ No newline at end of file From d1cf4563896951da2ed4bcb447ab5f650f5d80af Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Tue, 21 Feb 2023 17:11:06 -0800 Subject: [PATCH 18/68] oss compliance script --- .../oss-compliance/generate-oss-compliance.sh | 23 +++++++------------ .../test/test-oss-compliance.sh | 2 +- .github/workflows/base-images.yml | 4 ++-- .github/workflows/release.yml | 4 ++-- 4 files changed, 13 insertions(+), 20 deletions(-) diff --git a/.github/docker-images/oss-compliance/generate-oss-compliance.sh b/.github/docker-images/oss-compliance/generate-oss-compliance.sh index 8572340..b9cc834 100644 --- a/.github/docker-images/oss-compliance/generate-oss-compliance.sh +++ b/.github/docker-images/oss-compliance/generate-oss-compliance.sh @@ -5,30 +5,23 @@ PRETTY_NAME=$(cat /etc/os-release | grep PRETTY_NAME) -HOME_DIR=$1 +HOME_DIR=$(pwd) export HOME_DIR=${HOME_DIR} -LINUX_PACKAGES=${HOME_DIR}/oss-compliance/linux-packages -BUILD_FROM_SOURCE_PACKAGES_LICENCES=${HOME_DIR}/oss-compliance/build-from-source-packages/build-from-source-package-licenses.txt +LINUX_PACKAGES=${HOME_DIR}/linux-packages set -e chmod +x ${LINUX_PACKAGES}/yum-packages.sh -chmod +x ${LINUX_PACKAGES}/dkpg-packages.sh +chmod +x ${LINUX_PACKAGES}/dpkg-packages.sh -if [[ $PRETTY_NAME == *"Ubuntu"* ]]; then - ${LINUX_PACKAGES}/dkpg-packages.sh +if [[ $PRETTY_NAME == *"Ubuntu"* || $PRETTY_NAME == *"Debian"* ]]; then + ${LINUX_PACKAGES}/dpkg-packages.sh fi -if [[ $PRETTY_NAME == *"Amazon Linux"* ]]; then +if [[ $PRETTY_NAME == *"Amazon Linux"* || $PRETTY_NAME == *"Red Hat Enterprise Linux"* || $PRETTY_NAME == "Fedora" ]]; then ${LINUX_PACKAGES}/yum-packages.sh fi -if [[ $PRETTY_NAME == *"Red Hat Enterprise Linux"* ]]; then - ${LINUX_PACKAGES}/yum-packages.sh - BUILD_FROM_SOURCE_PACKAGES_LICENCES=${HOME_DIR}/oss-compliance/build-from-source-packages/build-from-source-package-licenses-ubi8.txt -fi - -cp ${BUILD_FROM_SOURCE_PACKAGES_LICENCES} ${HOME_DIR}/BUILD_FROM_SOURCE_PACKAGES_LICENCES -chmod +x ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh -bash ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh ${HOME_DIR} \ No newline at end of file +chmod +x ${HOME_DIR}/test/test-oss-compliance.sh +bash ${HOME_DIR}/test/test-oss-compliance.sh ${HOME_DIR} \ No newline at end of file diff --git a/.github/docker-images/oss-compliance/test/test-oss-compliance.sh b/.github/docker-images/oss-compliance/test/test-oss-compliance.sh index 104a9d4..33e0b7c 100644 --- a/.github/docker-images/oss-compliance/test/test-oss-compliance.sh +++ b/.github/docker-images/oss-compliance/test/test-oss-compliance.sh @@ -3,7 +3,7 @@ #!/bin/bash -HOME_DIR=$1 +HOME_DIR=/root FILES=("${HOME_DIR}/LINUX_PACKAGES_LICENSES" "${HOME_DIR}/BUILD_FROM_SOURCE_PACKAGES_LICENCES") diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 89d7dae..0ddbc19 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -7,9 +7,9 @@ name: Base Image Builds on: push: - branches: ['base-images', 'docker-builds'] + branches: ['base-images'] pull_request: - branches: ['base-images', 'docker-builds'] + branches: ['base-images'] types: [opened, closed] env: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 80f0fe4..c727aa6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -4,9 +4,9 @@ name: Release Image Builds on: push: - branches: ['main'] + branches: ['main', 'docker-builds'] pull_request: - branches: ['main'] + branches: ['main', 'docker-builds'] types: [opened, closed] env: From 327f1b82351d2c316a1bf4e47edb0eb1913749c6 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Tue, 21 Feb 2023 17:23:32 -0800 Subject: [PATCH 19/68] add attribution doc, fix script --- .../ build-from-source-package-licenses.txt | 299 ++++++++++++++++++ .../build-from-source-package-licenses.txt | 299 ++++++++++++++++++ .../oss-compliance/generate-oss-compliance.sh | 4 +- 3 files changed, 601 insertions(+), 1 deletion(-) create mode 100644 .github/docker-images/oss-compliance/ build-from-source-packages/ build-from-source-package-licenses.txt create mode 100644 .github/docker-images/oss-compliance/build-from-source-packages/build-from-source-package-licenses.txt diff --git a/.github/docker-images/oss-compliance/ build-from-source-packages/ build-from-source-package-licenses.txt b/.github/docker-images/oss-compliance/ build-from-source-packages/ build-from-source-package-licenses.txt new file mode 100644 index 0000000..587a314 --- /dev/null +++ b/.github/docker-images/oss-compliance/ build-from-source-packages/ build-from-source-package-licenses.txt @@ -0,0 +1,299 @@ +** OPENSSL; version 1.1.1 -- https://openssl.org/ + + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS +* For OPENSSL see also this required NOTICE: + Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. + +------ + +** google-protobuf; version 3.17.3 -- https://github.com/protocolbuffers/protobuf +Copyright 2008 Google Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +Code generated by the Protocol Buffer compiler is owned by the owner +of the input file used when generating it. This code is not +standalone and requires a support library to be linked with it. This +support library is itself covered by the above license. + +------ + +** catch2; version 2.13.6 -- https://github.com/catchorg/Catch2/releases/download/v2.13.6/catch.hpp +Copyright (c) 2021 Two Blue Cubes Ltd. All rights reserved. + +Distributed under the Boost Software License, Version 1.0. (See accompanying + file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) + +Boost Software License - Version 1.0 - August 17th, 2003 + +Permission is hereby granted, free of charge, to any person or organization +obtaining a copy of the software and accompanying documentation covered by +this license (the "Software") to use, reproduce, display, distribute, +execute, and transmit the Software, and to prepare derivative works of the +Software, and to permit third-parties to whom the Software is furnished to +do so, all subject to the following: + +The copyright notices in the Software and this entire statement, including +the above license grant, this restriction and the following disclaimer, +must be included in all copies of the Software, in whole or in part, and +all derivative works of the Software, unless such copies or derivative +works are solely in the form of machine-executable object code generated by +a source language processor. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT +SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE +FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. + +------ + +** Boost; version 1.79.0 -- http://www.boost.org/ +Boost Software License - Version 1.0 - August 17th, 2003 + +Permission is hereby granted, free of charge, to any person or organization +obtaining a copy of the software and accompanying documentation covered by +this license (the "Software") to use, reproduce, display, distribute, +execute, and transmit the Software, and to prepare derivative works of the +Software, and to permit third-parties to whom the Software is furnished to +do so, all subject to the following: + +The copyright notices in the Software and this entire statement, including +the above license grant, this restriction and the following disclaimer, +must be included in all copies of the Software, in whole or in part, and +all derivative works of the Software, unless such copies or derivative +works are solely in the form of machine-executable object code generated by +a source language processor. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT +SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE +FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. + +------ + +** zlib; version 1.2.13 -- http://www.zlib.net/ +Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler + +This software is provided 'as-is', without any express or implied + warranty. In no event will the authors be held liable for any damages + arising from the use of this software. + + Permission is granted to anyone to use this software for any purpose, + including commercial applications, and to alter it and redistribute it + freely, subject to the following restrictions: + + 1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. + 2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. + 3. This notice may not be removed or altered from any source distribution. + + Jean-loup Gailly Mark Adler + jloup@gzip.org madler@alumni.caltech.edu diff --git a/.github/docker-images/oss-compliance/build-from-source-packages/build-from-source-package-licenses.txt b/.github/docker-images/oss-compliance/build-from-source-packages/build-from-source-package-licenses.txt new file mode 100644 index 0000000..587a314 --- /dev/null +++ b/.github/docker-images/oss-compliance/build-from-source-packages/build-from-source-package-licenses.txt @@ -0,0 +1,299 @@ +** OPENSSL; version 1.1.1 -- https://openssl.org/ + + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS +* For OPENSSL see also this required NOTICE: + Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. + +------ + +** google-protobuf; version 3.17.3 -- https://github.com/protocolbuffers/protobuf +Copyright 2008 Google Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +Code generated by the Protocol Buffer compiler is owned by the owner +of the input file used when generating it. This code is not +standalone and requires a support library to be linked with it. This +support library is itself covered by the above license. + +------ + +** catch2; version 2.13.6 -- https://github.com/catchorg/Catch2/releases/download/v2.13.6/catch.hpp +Copyright (c) 2021 Two Blue Cubes Ltd. All rights reserved. + +Distributed under the Boost Software License, Version 1.0. (See accompanying + file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) + +Boost Software License - Version 1.0 - August 17th, 2003 + +Permission is hereby granted, free of charge, to any person or organization +obtaining a copy of the software and accompanying documentation covered by +this license (the "Software") to use, reproduce, display, distribute, +execute, and transmit the Software, and to prepare derivative works of the +Software, and to permit third-parties to whom the Software is furnished to +do so, all subject to the following: + +The copyright notices in the Software and this entire statement, including +the above license grant, this restriction and the following disclaimer, +must be included in all copies of the Software, in whole or in part, and +all derivative works of the Software, unless such copies or derivative +works are solely in the form of machine-executable object code generated by +a source language processor. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT +SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE +FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. + +------ + +** Boost; version 1.79.0 -- http://www.boost.org/ +Boost Software License - Version 1.0 - August 17th, 2003 + +Permission is hereby granted, free of charge, to any person or organization +obtaining a copy of the software and accompanying documentation covered by +this license (the "Software") to use, reproduce, display, distribute, +execute, and transmit the Software, and to prepare derivative works of the +Software, and to permit third-parties to whom the Software is furnished to +do so, all subject to the following: + +The copyright notices in the Software and this entire statement, including +the above license grant, this restriction and the following disclaimer, +must be included in all copies of the Software, in whole or in part, and +all derivative works of the Software, unless such copies or derivative +works are solely in the form of machine-executable object code generated by +a source language processor. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT +SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE +FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. + +------ + +** zlib; version 1.2.13 -- http://www.zlib.net/ +Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler + +This software is provided 'as-is', without any express or implied + warranty. In no event will the authors be held liable for any damages + arising from the use of this software. + + Permission is granted to anyone to use this software for any purpose, + including commercial applications, and to alter it and redistribute it + freely, subject to the following restrictions: + + 1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. + 2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. + 3. This notice may not be removed or altered from any source distribution. + + Jean-loup Gailly Mark Adler + jloup@gzip.org madler@alumni.caltech.edu diff --git a/.github/docker-images/oss-compliance/generate-oss-compliance.sh b/.github/docker-images/oss-compliance/generate-oss-compliance.sh index b9cc834..ce88a32 100644 --- a/.github/docker-images/oss-compliance/generate-oss-compliance.sh +++ b/.github/docker-images/oss-compliance/generate-oss-compliance.sh @@ -9,6 +9,7 @@ HOME_DIR=$(pwd) export HOME_DIR=${HOME_DIR} LINUX_PACKAGES=${HOME_DIR}/linux-packages +BUILD_FROM_SOURCE_PACKAGES_LICENCES=${HOME_DIR}/build-from-source-packages/build-from-source-package-licenses.txt set -e @@ -16,12 +17,13 @@ chmod +x ${LINUX_PACKAGES}/yum-packages.sh chmod +x ${LINUX_PACKAGES}/dpkg-packages.sh if [[ $PRETTY_NAME == *"Ubuntu"* || $PRETTY_NAME == *"Debian"* ]]; then - ${LINUX_PACKAGES}/dpkg-packages.sh + ${LINUX_PACKAGES}/dpkg-packages.sh fi if [[ $PRETTY_NAME == *"Amazon Linux"* || $PRETTY_NAME == *"Red Hat Enterprise Linux"* || $PRETTY_NAME == "Fedora" ]]; then ${LINUX_PACKAGES}/yum-packages.sh fi +cp ${BUILD_FROM_SOURCE_PACKAGES_LICENCES} ${HOME_DIR}/BUILD_FROM_SOURCE_PACKAGES_LICENCES chmod +x ${HOME_DIR}/test/test-oss-compliance.sh bash ${HOME_DIR}/test/test-oss-compliance.sh ${HOME_DIR} \ No newline at end of file From 021d8cba9a45d08f943c90a8f2d8d4d70a82d7e7 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Tue, 21 Feb 2023 17:52:51 -0800 Subject: [PATCH 20/68] update boost to 1.81, fixed build scripts --- .github/docker-images/Dockerfile | 14 +++++++------- .../base-images/amazonlinux/Dockerfile | 9 +++++---- .../docker-images/base-images/fedora/Dockerfile | 4 ++-- .github/docker-images/base-images/ubi8/Dockerfile | 4 ++-- 4 files changed, 16 insertions(+), 15 deletions(-) diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile index c6fdda3..f0e98a5 100644 --- a/.github/docker-images/Dockerfile +++ b/.github/docker-images/Dockerfile @@ -13,13 +13,13 @@ RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ FROM ${OS} AS minimum_size -COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/aws-iot-securetunneling-localproxy ./bin +COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/aws-iot-securetunneling-localproxy ./aws-iot-securetunneling-localproxy COPY ./.github/docker-images/oss-compliance /root/oss-compliance -#RUN HOME_DIR=/root \ -# && chmod +x ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh \ -# && chmod +x ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh \ -# && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ -# && rm -rf ${HOME_DIR}/oss-compliance* +RUN HOME_DIR=/root \ + && chmod +x ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh \ + && chmod +x ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh \ + && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ + && rm -rf ${HOME_DIR}/oss-compliance* -ENTRYPOINT ["/bin"] \ No newline at end of file +ENTRYPOINT ["/aws-iot-securetunneling-localproxy"] \ No newline at end of file diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index 927667a..ee64198 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -11,6 +11,7 @@ RUN yum check-update; yum upgrade -y && \ # Install Dependencies +RUN ln -s /usr/bin/cmake3 /usr/bin/cmake RUN mkdir /home/dependencies WORKDIR /home/dependencies @@ -22,9 +23,9 @@ RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_79_0 && \ + cd boost_1_81_0 && \ ./bootstrap.sh && \ ./b2 install link=static @@ -34,7 +35,7 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p cd protobuf-3.17.3 && \ mkdir build && \ cd build && \ - cmake3 ../cmake && \ + cmake ../cmake && \ make && \ make install @@ -51,6 +52,6 @@ RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ cd Catch2 && \ mkdir build && \ cd build && \ - cmake3 ../ && \ + cmake ../ && \ make && \ make install diff --git a/.github/docker-images/base-images/fedora/Dockerfile b/.github/docker-images/base-images/fedora/Dockerfile index 60ef93e..3dc9d25 100644 --- a/.github/docker-images/base-images/fedora/Dockerfile +++ b/.github/docker-images/base-images/fedora/Dockerfile @@ -20,9 +20,9 @@ RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_79_0 && \ + cd boost_1_81_0 && \ ./bootstrap.sh && \ ./b2 install link=static diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index f1ef6a0..35124fe 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -20,9 +20,9 @@ RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.79.0/source/boost_1_79_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_79_0 && \ + cd boost_1_81_0 && \ ./bootstrap.sh && \ ./b2 install link=static From 713fc21acf08e3a0b61227505d34566a58095601 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Tue, 21 Feb 2023 17:55:39 -0800 Subject: [PATCH 21/68] build new base images --- .github/workflows/base-images.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 0ddbc19..89d7dae 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -7,9 +7,9 @@ name: Base Image Builds on: push: - branches: ['base-images'] + branches: ['base-images', 'docker-builds'] pull_request: - branches: ['base-images'] + branches: ['base-images', 'docker-builds'] types: [opened, closed] env: From 78443cba8fbb0361e38a8f597178643a470cf02e Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Wed, 22 Feb 2023 09:51:08 -0800 Subject: [PATCH 22/68] add libatomic, fix binary copy step --- .github/docker-images/Dockerfile | 4 ++-- .github/docker-images/base-images/fedora/Dockerfile | 2 +- .github/docker-images/base-images/ubi8/Dockerfile | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile index f0e98a5..de814b8 100644 --- a/.github/docker-images/Dockerfile +++ b/.github/docker-images/Dockerfile @@ -13,7 +13,7 @@ RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ FROM ${OS} AS minimum_size -COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/aws-iot-securetunneling-localproxy ./aws-iot-securetunneling-localproxy +COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy ./localproxy COPY ./.github/docker-images/oss-compliance /root/oss-compliance RUN HOME_DIR=/root \ @@ -22,4 +22,4 @@ RUN HOME_DIR=/root \ && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ && rm -rf ${HOME_DIR}/oss-compliance* -ENTRYPOINT ["/aws-iot-securetunneling-localproxy"] \ No newline at end of file +ENTRYPOINT ["/localproxy"] \ No newline at end of file diff --git a/.github/docker-images/base-images/fedora/Dockerfile b/.github/docker-images/base-images/fedora/Dockerfile index 3dc9d25..fd4f979 100644 --- a/.github/docker-images/base-images/fedora/Dockerfile +++ b/.github/docker-images/base-images/fedora/Dockerfile @@ -5,7 +5,7 @@ FROM fedora:latest AS base RUN dnf -y update \ && dnf -y install \ git autoconf automake \ - wget libtool curl make gcc-c++ unzip cmake python3 openssl-devel perl-core \ + which wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel perl-core \ && dnf clean all \ && rm -rf /var/cache/dnf diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index 35124fe..6d804f6 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -5,7 +5,7 @@ FROM redhat/ubi8:latest AS base RUN yum -y update \ && yum -y install \ git autoconf automake \ - wget libtool curl make gcc-c++ unzip cmake python3 openssl-devel \ + wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel \ && yum clean all \ && rm -rf /var/cache/yum From 426c1a82545896ccc9336c7d8c192f3eb2165cd2 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Wed, 22 Feb 2023 18:11:51 -0800 Subject: [PATCH 23/68] cd to working directory --- .github/docker-images/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile index de814b8..225b871 100644 --- a/.github/docker-images/Dockerfile +++ b/.github/docker-images/Dockerfile @@ -17,6 +17,7 @@ COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy COPY ./.github/docker-images/oss-compliance /root/oss-compliance RUN HOME_DIR=/root \ + && cd ${HOME_DIR}/oss-compliance \ && chmod +x ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh \ && chmod +x ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh \ && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ From 676ca7edb8951d4cd1669da47405264d3a1b678a Mon Sep 17 00:00:00 2001 From: RogerZhongAWS <100961047+RogerZhongAWS@users.noreply.github.com> Date: Thu, 23 Feb 2023 10:20:23 -0800 Subject: [PATCH 24/68] Delete build-from-source-package-licenses.txt --- .../ build-from-source-package-licenses.txt | 299 ------------------ 1 file changed, 299 deletions(-) delete mode 100644 .github/docker-images/oss-compliance/ build-from-source-packages/ build-from-source-package-licenses.txt diff --git a/.github/docker-images/oss-compliance/ build-from-source-packages/ build-from-source-package-licenses.txt b/.github/docker-images/oss-compliance/ build-from-source-packages/ build-from-source-package-licenses.txt deleted file mode 100644 index 587a314..0000000 --- a/.github/docker-images/oss-compliance/ build-from-source-packages/ build-from-source-package-licenses.txt +++ /dev/null @@ -1,299 +0,0 @@ -** OPENSSL; version 1.1.1 -- https://openssl.org/ - - Apache License - Version 2.0, January 2004 - https://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS -* For OPENSSL see also this required NOTICE: - Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. - ------- - -** google-protobuf; version 3.17.3 -- https://github.com/protocolbuffers/protobuf -Copyright 2008 Google Inc. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -Code generated by the Protocol Buffer compiler is owned by the owner -of the input file used when generating it. This code is not -standalone and requires a support library to be linked with it. This -support library is itself covered by the above license. - ------- - -** catch2; version 2.13.6 -- https://github.com/catchorg/Catch2/releases/download/v2.13.6/catch.hpp -Copyright (c) 2021 Two Blue Cubes Ltd. All rights reserved. - -Distributed under the Boost Software License, Version 1.0. (See accompanying - file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) - -Boost Software License - Version 1.0 - August 17th, 2003 - -Permission is hereby granted, free of charge, to any person or organization -obtaining a copy of the software and accompanying documentation covered by -this license (the "Software") to use, reproduce, display, distribute, -execute, and transmit the Software, and to prepare derivative works of the -Software, and to permit third-parties to whom the Software is furnished to -do so, all subject to the following: - -The copyright notices in the Software and this entire statement, including -the above license grant, this restriction and the following disclaimer, -must be included in all copies of the Software, in whole or in part, and -all derivative works of the Software, unless such copies or derivative -works are solely in the form of machine-executable object code generated by -a source language processor. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT -SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE -FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE, -ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -DEALINGS IN THE SOFTWARE. - ------- - -** Boost; version 1.79.0 -- http://www.boost.org/ -Boost Software License - Version 1.0 - August 17th, 2003 - -Permission is hereby granted, free of charge, to any person or organization -obtaining a copy of the software and accompanying documentation covered by -this license (the "Software") to use, reproduce, display, distribute, -execute, and transmit the Software, and to prepare derivative works of the -Software, and to permit third-parties to whom the Software is furnished to -do so, all subject to the following: - -The copyright notices in the Software and this entire statement, including -the above license grant, this restriction and the following disclaimer, -must be included in all copies of the Software, in whole or in part, and -all derivative works of the Software, unless such copies or derivative -works are solely in the form of machine-executable object code generated by -a source language processor. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT -SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE -FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE, -ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -DEALINGS IN THE SOFTWARE. - ------- - -** zlib; version 1.2.13 -- http://www.zlib.net/ -Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler - -This software is provided 'as-is', without any express or implied - warranty. In no event will the authors be held liable for any damages - arising from the use of this software. - - Permission is granted to anyone to use this software for any purpose, - including commercial applications, and to alter it and redistribute it - freely, subject to the following restrictions: - - 1. The origin of this software must not be misrepresented; you must not - claim that you wrote the original software. If you use this software - in a product, an acknowledgment in the product documentation would be - appreciated but is not required. - 2. Altered source versions must be plainly marked as such, and must not be - misrepresented as being the original software. - 3. This notice may not be removed or altered from any source distribution. - - Jean-loup Gailly Mark Adler - jloup@gzip.org madler@alumni.caltech.edu From a479c87a46be535f0d3bcf33d7e62009e742e2d8 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 23 Feb 2023 11:13:02 -0800 Subject: [PATCH 25/68] add staged fedora builds, fixed oss script --- .../base-images/fedora/Dockerfile-CI-stage1 | 27 +++++++ .../base-images/fedora/Dockerfile-CI-stage2 | 12 ++++ .../base-images/fedora/Dockerfile-CI-stage3 | 19 +++++ .../oss-compliance/generate-oss-compliance.sh | 4 +- .github/workflows/base-images.yml | 70 ++++++++++++++++++- 5 files changed, 128 insertions(+), 4 deletions(-) create mode 100644 .github/docker-images/base-images/fedora/Dockerfile-CI-stage1 create mode 100644 .github/docker-images/base-images/fedora/Dockerfile-CI-stage2 create mode 100644 .github/docker-images/base-images/fedora/Dockerfile-CI-stage3 diff --git a/.github/docker-images/base-images/fedora/Dockerfile-CI-stage1 b/.github/docker-images/base-images/fedora/Dockerfile-CI-stage1 new file mode 100644 index 0000000..ca3d3d5 --- /dev/null +++ b/.github/docker-images/base-images/fedora/Dockerfile-CI-stage1 @@ -0,0 +1,27 @@ +FROM fedora:latest AS base + +# Install Prerequisites + +RUN dnf -y update \ + && dnf -y install \ + git autoconf automake \ + which wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel perl-core \ + && dnf clean all \ + && rm -rf /var/cache/dnf + +RUN mkdir /home/dependencies + +WORKDIR /home/dependencies +RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ + tar xzvf /tmp/zlib-1.2.13.tar.gz && \ + cd zlib-1.2.13 && \ + ./configure && \ + make && \ + make install + +WORKDIR /home/dependencies +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ + tar xzvf /tmp/boost.tar.gz && \ + cd boost_1_81_0 && \ + ./bootstrap.sh && \ + ./b2 install link=static \ No newline at end of file diff --git a/.github/docker-images/base-images/fedora/Dockerfile-CI-stage2 b/.github/docker-images/base-images/fedora/Dockerfile-CI-stage2 new file mode 100644 index 0000000..2483448 --- /dev/null +++ b/.github/docker-images/base-images/fedora/Dockerfile-CI-stage2 @@ -0,0 +1,12 @@ +ARG STAGE_1 +FROM ${STAGE_1} AS STAGE_2 + +WORKDIR /home/dependencies +RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ + tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ + cd protobuf-3.17.3 && \ + mkdir build && \ + cd build && \ + cmake ../cmake && \ + make && \ + make install \ No newline at end of file diff --git a/.github/docker-images/base-images/fedora/Dockerfile-CI-stage3 b/.github/docker-images/base-images/fedora/Dockerfile-CI-stage3 new file mode 100644 index 0000000..c4643b4 --- /dev/null +++ b/.github/docker-images/base-images/fedora/Dockerfile-CI-stage3 @@ -0,0 +1,19 @@ +ARG STAGE_2 +FROM ${STAGE_2} AS STAGE_3 + +WORKDIR /home/dependencies +RUN git clone https://github.com/openssl/openssl.git && \ + cd openssl && \ + git checkout OpenSSL_1_1_1-stable && \ + ./config && \ + make depend && \ + make all + +WORKDIR /home/dependencies +RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ + cd Catch2 && \ + mkdir build && \ + cd build && \ + cmake ../ && \ + make && \ + make install \ No newline at end of file diff --git a/.github/docker-images/oss-compliance/generate-oss-compliance.sh b/.github/docker-images/oss-compliance/generate-oss-compliance.sh index ce88a32..e9f35ef 100644 --- a/.github/docker-images/oss-compliance/generate-oss-compliance.sh +++ b/.github/docker-images/oss-compliance/generate-oss-compliance.sh @@ -20,10 +20,10 @@ if [[ $PRETTY_NAME == *"Ubuntu"* || $PRETTY_NAME == *"Debian"* ]]; then ${LINUX_PACKAGES}/dpkg-packages.sh fi -if [[ $PRETTY_NAME == *"Amazon Linux"* || $PRETTY_NAME == *"Red Hat Enterprise Linux"* || $PRETTY_NAME == "Fedora" ]]; then +if [[ $PRETTY_NAME == *"Amazon Linux"* || $PRETTY_NAME == *"Red Hat Enterprise Linux"* || $PRETTY_NAME == *"Fedora"* ]]; then ${LINUX_PACKAGES}/yum-packages.sh fi -cp ${BUILD_FROM_SOURCE_PACKAGES_LICENCES} ${HOME_DIR}/BUILD_FROM_SOURCE_PACKAGES_LICENCES +cp ${BUILD_FROM_SOURCE_PACKAGES_LICENCES} $/root/BUILD_FROM_SOURCE_PACKAGES_LICENCES chmod +x ${HOME_DIR}/test/test-oss-compliance.sh bash ${HOME_DIR}/test/test-oss-compliance.sh ${HOME_DIR} \ No newline at end of file diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 89d7dae..fbf231c 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -333,7 +333,7 @@ jobs: tags: | ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-fedora-latest platforms: linux/amd64 - build-base-docker-image-fedora-arm64: + build-base-docker-image-fedora-arm64-stage1: runs-on: ubuntu-latest permissions: id-token: write @@ -358,7 +358,73 @@ jobs: - name: Build fedora Base Image uses: docker/build-push-action@v3 with: - file: .github/docker-images/base-images/fedora/Dockerfile + file: .github/docker-images/base-images/fedora/Dockerfile-CI-stage1 + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-stage1-latest + platforms: linux/arm64 + build-base-docker-image-fedora-arm64-stage2: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build fedora Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/fedora/Dockerfile-CI-stage2 + build-args: | + STAGE_1=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-stage1-latest + context: . + push: true + tags: | + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-stage2-latest + platforms: linux/arm64 + build-base-docker-image-fedora-arm64-stage3: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} + aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} + aws-region: us-east-1 + - name: Login to ECR + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build fedora Base Image + uses: docker/build-push-action@v3 + with: + file: .github/docker-images/base-images/fedora/Dockerfile-CI-stage2 + build-args: | + STAGE_2=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-stage2-latest context: . push: true tags: | From 66c368d10d9c6c9b5c466e888fd00fd457f34fd2 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 23 Feb 2023 11:15:58 -0800 Subject: [PATCH 26/68] fix typo in workflow --- .github/workflows/base-images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index fbf231c..f52ba00 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -422,7 +422,7 @@ jobs: - name: Build fedora Base Image uses: docker/build-push-action@v3 with: - file: .github/docker-images/base-images/fedora/Dockerfile-CI-stage2 + file: .github/docker-images/base-images/fedora/Dockerfile-CI-stage3 build-args: | STAGE_2=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-stage2-latest context: . From d0329d287a1d9e489940b4945bfbfec1df0ed568 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 23 Feb 2023 11:20:46 -0800 Subject: [PATCH 27/68] add needs specifier for previous stage update docker build action remove cache deletion fix typo update stage1 file modify dockerfiles change download dir delete fedora arm build update macos ci openssl version readme update --- .github/docker-images/Dockerfile | 4 +- .../base-images/amazonlinux/Dockerfile | 4 +- .../base-images/fedora/Dockerfile | 4 +- .../base-images/fedora/Dockerfile-CI-stage1 | 27 ------ .../base-images/fedora/Dockerfile-CI-stage2 | 12 --- .../base-images/fedora/Dockerfile-CI-stage3 | 19 ---- .../docker-images/base-images/ubi8/Dockerfile | 4 +- .../oss-compliance/generate-oss-compliance.sh | 2 +- .github/workflows/base-images.yml | 97 ------------------- .github/workflows/ci.yml | 3 +- .github/workflows/release.yml | 35 ------- CMakeLists.txt | 2 +- README.md | 33 ++++++- 13 files changed, 37 insertions(+), 209 deletions(-) delete mode 100644 .github/docker-images/base-images/fedora/Dockerfile-CI-stage1 delete mode 100644 .github/docker-images/base-images/fedora/Dockerfile-CI-stage2 delete mode 100644 .github/docker-images/base-images/fedora/Dockerfile-CI-stage3 diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile index 225b871..3d99f44 100644 --- a/.github/docker-images/Dockerfile +++ b/.github/docker-images/Dockerfile @@ -13,7 +13,7 @@ RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ FROM ${OS} AS minimum_size -COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy ./localproxy +COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy /root/bin/localproxy COPY ./.github/docker-images/oss-compliance /root/oss-compliance RUN HOME_DIR=/root \ @@ -23,4 +23,4 @@ RUN HOME_DIR=/root \ && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ && rm -rf ${HOME_DIR}/oss-compliance* -ENTRYPOINT ["/localproxy"] \ No newline at end of file +ENTRYPOINT ["/root/bin"] \ No newline at end of file diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index ee64198..d8507df 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -5,9 +5,7 @@ ARG OPENSSL_CONFIG RUN yum check-update; yum upgrade -y && \ yum install -y git boost-devel autoconf automake \ - wget libtool curl make gcc-c++ unzip cmake3 python-devel openssl11-devel which \ - && yum clean all \ - && rm -rf /var/cache/yum + wget libtool curl make gcc-c++ unzip cmake3 python-devel openssl11-devel which # Install Dependencies diff --git a/.github/docker-images/base-images/fedora/Dockerfile b/.github/docker-images/base-images/fedora/Dockerfile index fd4f979..6b7e3f6 100644 --- a/.github/docker-images/base-images/fedora/Dockerfile +++ b/.github/docker-images/base-images/fedora/Dockerfile @@ -5,9 +5,7 @@ FROM fedora:latest AS base RUN dnf -y update \ && dnf -y install \ git autoconf automake \ - which wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel perl-core \ - && dnf clean all \ - && rm -rf /var/cache/dnf + which wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel perl-core RUN mkdir /home/dependencies diff --git a/.github/docker-images/base-images/fedora/Dockerfile-CI-stage1 b/.github/docker-images/base-images/fedora/Dockerfile-CI-stage1 deleted file mode 100644 index ca3d3d5..0000000 --- a/.github/docker-images/base-images/fedora/Dockerfile-CI-stage1 +++ /dev/null @@ -1,27 +0,0 @@ -FROM fedora:latest AS base - -# Install Prerequisites - -RUN dnf -y update \ - && dnf -y install \ - git autoconf automake \ - which wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel perl-core \ - && dnf clean all \ - && rm -rf /var/cache/dnf - -RUN mkdir /home/dependencies - -WORKDIR /home/dependencies -RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ - tar xzvf /tmp/zlib-1.2.13.tar.gz && \ - cd zlib-1.2.13 && \ - ./configure && \ - make && \ - make install - -WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ - tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_81_0 && \ - ./bootstrap.sh && \ - ./b2 install link=static \ No newline at end of file diff --git a/.github/docker-images/base-images/fedora/Dockerfile-CI-stage2 b/.github/docker-images/base-images/fedora/Dockerfile-CI-stage2 deleted file mode 100644 index 2483448..0000000 --- a/.github/docker-images/base-images/fedora/Dockerfile-CI-stage2 +++ /dev/null @@ -1,12 +0,0 @@ -ARG STAGE_1 -FROM ${STAGE_1} AS STAGE_2 - -WORKDIR /home/dependencies -RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ - tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ - cd protobuf-3.17.3 && \ - mkdir build && \ - cd build && \ - cmake ../cmake && \ - make && \ - make install \ No newline at end of file diff --git a/.github/docker-images/base-images/fedora/Dockerfile-CI-stage3 b/.github/docker-images/base-images/fedora/Dockerfile-CI-stage3 deleted file mode 100644 index c4643b4..0000000 --- a/.github/docker-images/base-images/fedora/Dockerfile-CI-stage3 +++ /dev/null @@ -1,19 +0,0 @@ -ARG STAGE_2 -FROM ${STAGE_2} AS STAGE_3 - -WORKDIR /home/dependencies -RUN git clone https://github.com/openssl/openssl.git && \ - cd openssl && \ - git checkout OpenSSL_1_1_1-stable && \ - ./config && \ - make depend && \ - make all - -WORKDIR /home/dependencies -RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ - cd Catch2 && \ - mkdir build && \ - cd build && \ - cmake ../ && \ - make && \ - make install \ No newline at end of file diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index 6d804f6..c265848 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -5,9 +5,7 @@ FROM redhat/ubi8:latest AS base RUN yum -y update \ && yum -y install \ git autoconf automake \ - wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel \ - && yum clean all \ - && rm -rf /var/cache/yum + wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel RUN mkdir /home/dependencies diff --git a/.github/docker-images/oss-compliance/generate-oss-compliance.sh b/.github/docker-images/oss-compliance/generate-oss-compliance.sh index e9f35ef..ac32d02 100644 --- a/.github/docker-images/oss-compliance/generate-oss-compliance.sh +++ b/.github/docker-images/oss-compliance/generate-oss-compliance.sh @@ -24,6 +24,6 @@ if [[ $PRETTY_NAME == *"Amazon Linux"* || $PRETTY_NAME == *"Red Hat Enterprise L ${LINUX_PACKAGES}/yum-packages.sh fi -cp ${BUILD_FROM_SOURCE_PACKAGES_LICENCES} $/root/BUILD_FROM_SOURCE_PACKAGES_LICENCES +cp ${BUILD_FROM_SOURCE_PACKAGES_LICENCES} /root/BUILD_FROM_SOURCE_PACKAGES_LICENCES chmod +x ${HOME_DIR}/test/test-oss-compliance.sh bash ${HOME_DIR}/test/test-oss-compliance.sh ${HOME_DIR} \ No newline at end of file diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index f52ba00..238d343 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -333,100 +333,3 @@ jobs: tags: | ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-fedora-latest platforms: linux/amd64 - build-base-docker-image-fedora-arm64-stage1: - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} - aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} - aws-region: us-east-1 - - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Build fedora Base Image - uses: docker/build-push-action@v3 - with: - file: .github/docker-images/base-images/fedora/Dockerfile-CI-stage1 - context: . - push: true - tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-stage1-latest - platforms: linux/arm64 - build-base-docker-image-fedora-arm64-stage2: - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} - aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} - aws-region: us-east-1 - - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Build fedora Base Image - uses: docker/build-push-action@v3 - with: - file: .github/docker-images/base-images/fedora/Dockerfile-CI-stage2 - build-args: | - STAGE_1=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-stage1-latest - context: . - push: true - tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-stage2-latest - platforms: linux/arm64 - build-base-docker-image-fedora-arm64-stage3: - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} - aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} - aws-region: us-east-1 - - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Build fedora Base Image - uses: docker/build-push-action@v3 - with: - file: .github/docker-images/base-images/fedora/Dockerfile-CI-stage3 - build-args: | - STAGE_2=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-stage2-latest - context: . - push: true - tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-latest - platforms: linux/arm64 \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 001fa37..ffb924b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,7 +14,6 @@ env: jobs: osx: runs-on: macos-latest - if: (github.event_name == 'push') || ((github.event_name == 'pull_request') && (github.event.pull_request.head.repo.full_name != github.repository)) steps: - uses: actions/checkout@v2 name: 'Checkout' @@ -45,7 +44,7 @@ jobs: run: | mkdir build cd build - cmake .. -DBUILD_TESTS=OFF -DOPENSSL_ROOT_DIR=/usr/local/Cellar/openssl@1.1/1.1.1s/ -DOPENSSL_LIBRARIES=/usr/local/Cellar/openssl@1.1/1.1.1s/lib/ + cmake .. -DBUILD_TESTS=OFF -DOPENSSL_ROOT_DIR=/usr/local/Cellar/openssl@1.1/1.1.1t/ -DOPENSSL_LIBRARIES=/usr/local/Cellar/openssl@1.1/1.1.1t/lib/ make - name: Upload Artifact uses: actions/upload-artifact@v3 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c727aa6..54aad3a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -365,38 +365,3 @@ jobs: ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-fedora-${{ github.sha }} ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-fedora-latest platforms: linux/amd64 - build-docker-image-fedora-arm64: - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} - aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} - aws-region: us-east-1 - - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Build fedora Release Image - uses: docker/build-push-action@v3 - with: - file: .github/docker-images/Dockerfile - build-args: | - OS=fedora:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-fedora-latest - context: . - push: true - tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-fedora-${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-fedora-latest - platforms: linux/arm64 \ No newline at end of file diff --git a/CMakeLists.txt b/CMakeLists.txt index 831892c..340e109 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -30,7 +30,7 @@ set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/bin) # Configure Compiler flags if (UNIX OR APPLE) - set(CUSTOM_COMPILER_FLAGS "-O2 -D_FORTIFY_SOURCE=2 -fPIE -Wall -Werror") + set(CUSTOM_COMPILER_FLAGS "-O2 -D_FORTIFY_SOURCE=2 -fPIE -fstack-protector-strong -Wall -Werror") set(TEST_COMPILER_FLAGS "${CUSTOM_COMPILER_FLAGS} -D_AWSIOT_TUNNELING_NO_SSL") elseif (WIN32 OR MSVC) set(CUSTOM_COMPILER_FLAGS "/W4 /DYNAMICBASE /NXCOMPAT /analyze") diff --git a/README.md b/README.md index f67599d..41bd841 100644 --- a/README.md +++ b/README.md @@ -18,12 +18,37 @@ This code enables tunneling of a single threaded TCP client / server socket inte * Docker 18+ -### Running the Docker Build +### Using Pre-built Docker Images -`./docker-build.sh` +We provide several docker images on various platforms. +There are two types of images: base images and release images. +The base images come with all dependencies pre-installed. You will still need to download and build the source. +These are useful if you want to modify and [compile](https://github.com/aws-samples/aws-iot-securetunneling-localproxy#download-and-build-the-local-proxy) the local proxy on your own, but are large (~1 GB each). +You can find them at: +#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/base-images +The release images are minimum size images that include a pre-built binary. No dependencies are installed, so recompilation will not work. +The format of every tag is `[arch]-[os]-[git commit sha]` for example: amd64-ubuntu-33879dd7f1500f7b3e56e48ce8b002cd9b0f9e4e. +You can cross-check the git commit sha with the commits in the local proxy repo to see if the binary contains changes added in a specific commit. +You can find them at: +#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/release-images + +### Building a Docker Image + +If you do not want to use the prebuilt images, you can build them yourself: + +`cd .github/docker-images/base-images/` + +`docker build -t .` -After the Docker build completes, run `./docker-run.sh` to open a shell inside the container created in the -previous step, or you can run `./docker-run.sh -p ` to expose a port from the docker container. Here you can find both the `localproxy` and `localproxytest` binaries. Note that when the localproxy runs in source mode, it binds by default to `localhost`, If you want to access the localproxy from outside the container, make sure to use the option `-b 0.0.0.0` when you run the localproxy from the container so that it binds to `0.0.0.0` since `localhost` can not be access from outside the container. +To build cross-platform images for ARM: + +`docker buildx --platform linux/arm64 -t .` + +After the Docker build completes, run `docker run --rm -it ` to open a shell inside the container created in the +previous step, or you can add ` -p ` to expose a port from the docker container. Note that when the localproxy runs in source mode, it binds by default to `localhost`, If you want to access the localproxy from outside the container, make sure to use the option `-b 0.0.0.0` when you run the localproxy from the container so that it binds to `0.0.0.0` since `localhost` can not be access from outside the container. + +#### Deprecated Method +`./docker-build.sh` --- From 2d0d5202e976583d3eb030c3990b24a02d0685d1 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Tue, 28 Feb 2023 16:45:41 -0800 Subject: [PATCH 28/68] combined ubuntu and debian, restructured repo --- .../{ubuntu => debian-ubuntu}/Dockerfile | 0 .../docker-images/base-images/ubi8/Dockerfile | 3 +- .github/workflows/base-images.yml | 30 +++++--- .github/workflows/release.yml | 72 ++++++++++--------- README.md | 24 +++++-- 5 files changed, 79 insertions(+), 50 deletions(-) rename .github/docker-images/base-images/{ubuntu => debian-ubuntu}/Dockerfile (100%) diff --git a/.github/docker-images/base-images/ubuntu/Dockerfile b/.github/docker-images/base-images/debian-ubuntu/Dockerfile similarity index 100% rename from .github/docker-images/base-images/ubuntu/Dockerfile rename to .github/docker-images/base-images/debian-ubuntu/Dockerfile diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index c265848..9f8716c 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -3,8 +3,7 @@ FROM redhat/ubi8:latest AS base # Install Prerequisites RUN yum -y update \ - && yum -y install \ - git autoconf automake \ + && yum -y install git autoconf automake \ wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel RUN mkdir /home/dependencies diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 238d343..c2d253f 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -14,7 +14,11 @@ on: env: PACKAGE_NAME: aws-iot-securetunneling-localproxy - ECR_BASE_REPO: aws-iot-securetunneling-localproxy-base-images + ECR_BASE_UBUNTU: ubuntu-base + ECR_BASE_UBI8: ubi8-base + ECR_BASE_AMAZONLINUX: amazonlinux-base + ECR_BASE_DEBIAN: debian-base + ECR_BASE_FEDORA: fedora-base jobs: build-base-docker-image-ubuntu-amd64: @@ -48,7 +52,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-ubuntu-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBUNTU }}:latest platforms: linux/amd64 build-base-docker-image-ubuntu-arm64: runs-on: ubuntu-latest @@ -81,7 +85,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-ubuntu-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBUNTU }}:latest platforms: linux/arm64 build-base-docker-image-ubuntu-armv7: runs-on: ubuntu-latest @@ -114,7 +118,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:armv7-ubuntu-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBUNTU }}:latest platforms: linux/arm/v7 build-base-docker-image-ubi8-amd64: runs-on: ubuntu-latest @@ -145,7 +149,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-ubi8-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBI8 }}:latest platforms: linux/amd64 build-base-docker-image-ubi8-arm64: runs-on: ubuntu-latest @@ -176,7 +180,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-ubi8-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBI8 }}:latest platforms: linux/arm64 build-base-docker-image-amazonlinux-amd64: runs-on: ubuntu-latest @@ -207,7 +211,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-amazonlinux-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_AMAZONLINUX }}:latest platforms: linux/amd64 build-base-docker-image-amazonlinux-arm64: runs-on: ubuntu-latest @@ -238,7 +242,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-amazonlinux-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_AMAZONLINUX }}:latest platforms: linux/arm64 build-base-docker-image-debian-amd64: runs-on: ubuntu-latest @@ -266,10 +270,12 @@ jobs: uses: docker/build-push-action@v3 with: file: .github/docker-images/base-images/debian/Dockerfile + build-args: | + OS=debian:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-debian-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_DEBIAN }}:latest platforms: linux/amd64 build-base-docker-image-debian-arm64: runs-on: ubuntu-latest @@ -297,10 +303,12 @@ jobs: uses: docker/build-push-action@v3 with: file: .github/docker-images/base-images/debian/Dockerfile + build-args: | + OS=debian:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-debian-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_DEBIAN }}:latest platforms: linux/arm64 build-base-docker-image-fedora-amd64: runs-on: ubuntu-latest @@ -331,5 +339,5 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-fedora-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_FEDORA }}:latest platforms: linux/amd64 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 54aad3a..5b34bc3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,8 +11,16 @@ on: env: PACKAGE_NAME: aws-iot-securetunneling-localproxy - ECR_BASE_REPO: aws-iot-securetunneling-localproxy-base-images - ECR_REPO: aws-iot-securetunneling-localproxy-release-images + ECR_BASE_UBUNTU: ubuntu-base + ECR_BASE_UBI8: ubi8-base + ECR_BASE_AMAZONLINUX: amazonlinux-base + ECR_BASE_DEBIAN: debian-base + ECR_BASE_FEDORA: fedora-base + ECR_RELEASE_UBUNTU: ubuntu-bin + ECR_RELEASE_UBI8: ubi8-bin + ECR_RELEASE_AMAZONLINUX: amazonlinux-bin + ECR_RELEASE_DEBIAN: debian-bin + ECR_RELEASE_FEDORA: fedora-bin jobs: build-docker-image-ubuntu-amd64: @@ -43,12 +51,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=ubuntu:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-ubuntu-latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBUNTU }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-ubuntu-${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-ubuntu-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBUNTU }}:latest platforms: linux/amd64 build-docker-image-ubuntu-arm64: runs-on: ubuntu-latest @@ -78,12 +86,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=ubuntu:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-ubuntu-latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBUNTU }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-ubuntu-${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-ubuntu-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBUNTU }}:latest platforms: linux/arm64 build-docker-image-ubuntu-armv7: runs-on: ubuntu-latest @@ -113,12 +121,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=ubuntu:18.04 - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:armv7-ubuntu-latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBUNTU }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:armv7-ubuntu-${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:armv7-ubuntu-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBUNTU }}:latest platforms: linux/arm/v7 build-docker-image-ubi8-amd64: runs-on: ubuntu-latest @@ -148,12 +156,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=redhat/ubi8:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-ubi8-latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBI8 }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-ubi8-${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-ubi8-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBI8 }}:latest platforms: linux/amd64 build-docker-image-ubi8-arm64: runs-on: ubuntu-latest @@ -183,12 +191,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=redhat/ubi8:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-ubi8-latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBI8 }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-ubi8-${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-ubi8-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBI8 }}:latest platforms: linux/arm64 build-docker-image-amazonlinux-amd64: runs-on: ubuntu-latest @@ -218,12 +226,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=amazonlinux:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-amazonlinux-latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_AMAZONLINUX }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-amazonlinux-${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-amazonlinux-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_AMAZONLINUX }}:latest platforms: linux/amd64 build-docker-image-amazonlinux-arm64: runs-on: ubuntu-latest @@ -253,12 +261,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=amazonlinux:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-amazonlinux-latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_AMAZONLINUX }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-amazonlinux-${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-amazonlinux-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_AMAZONLINUX }}:latest platforms: linux/arm64 build-docker-image-debian-amd64: runs-on: ubuntu-latest @@ -288,12 +296,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=debian:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-debian-latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_DEBIAN }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-debian-${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-debian-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_DEBIAN }}:latest platforms: linux/amd64 build-docker-image-debian-arm64: runs-on: ubuntu-latest @@ -323,12 +331,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=debian:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:arm64-debian-latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_DEBIAN }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-debian-${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:arm64-debian-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_DEBIAN }}:latest platforms: linux/arm64 build-docker-image-fedora-amd64: runs-on: ubuntu-latest @@ -358,10 +366,10 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=fedora:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_REPO }}:amd64-fedora-latest + BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_FEDORA }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-fedora-${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_REPO }}:amd64-fedora-latest + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_FEDORA }}:${{ github.sha }} + ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_FEDORA }}:latest platforms: linux/amd64 diff --git a/README.md b/README.md index 41bd841..49a379d 100644 --- a/README.md +++ b/README.md @@ -20,17 +20,25 @@ This code enables tunneling of a single threaded TCP client / server socket inte ### Using Pre-built Docker Images -We provide several docker images on various platforms. +We provide several docker images on various platforms. Both x86 and ARM are supported, though armv7 is currently limited to the ubuntu images. There are two types of images: base images and release images. The base images come with all dependencies pre-installed. You will still need to download and build the source. These are useful if you want to modify and [compile](https://github.com/aws-samples/aws-iot-securetunneling-localproxy#download-and-build-the-local-proxy) the local proxy on your own, but are large (~1 GB each). You can find them at: -#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/base-images -The release images are minimum size images that include a pre-built binary. No dependencies are installed, so recompilation will not work. -The format of every tag is `[arch]-[os]-[git commit sha]` for example: amd64-ubuntu-33879dd7f1500f7b3e56e48ce8b002cd9b0f9e4e. +#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/ubuntu-base +#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/debian-base +#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/amazonlinux-base +#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/ubi8-base +#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/fedora-base +The release images are minimum size images that include a pre-built binary with no dependencies installed. +Every tag contains a git commit sha for example: 33879dd7f1500f7b3e56e48ce8b002cd9b0f9e4e. You can cross-check the git commit sha with the commits in the local proxy repo to see if the binary contains changes added in a specific commit. You can find them at: -#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/release-images +#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/ubuntu-bin +#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/debian-bin +#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/amazonlinux-bin +#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/ubi8-bin +#### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/fedora-bin ### Building a Docker Image @@ -40,10 +48,16 @@ If you do not want to use the prebuilt images, you can build them yourself: `docker build -t .` +Or, for the debian-ubuntu combined Dockerfile: + +`docker build -t . --build-arg OS=:latest` + To build cross-platform images for ARM: `docker buildx --platform linux/arm64 -t .` +You may also try armv7 for 32 bit images, but supported functionality may be limited. + After the Docker build completes, run `docker run --rm -it ` to open a shell inside the container created in the previous step, or you can add ` -p ` to expose a port from the docker container. Note that when the localproxy runs in source mode, it binds by default to `localhost`, If you want to access the localproxy from outside the container, make sure to use the option `-b 0.0.0.0` when you run the localproxy from the container so that it binds to `0.0.0.0` since `localhost` can not be access from outside the container. From 7d3570af7f5b55aed15e3a5515459b3e1f84c7f6 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Wed, 1 Mar 2023 09:15:52 -0800 Subject: [PATCH 29/68] delete debian Dockerfile --- .../base-images/debian/Dockerfile | 52 ------------------- .github/workflows/base-images.yml | 10 ++-- 2 files changed, 5 insertions(+), 57 deletions(-) delete mode 100644 .github/docker-images/base-images/debian/Dockerfile diff --git a/.github/docker-images/base-images/debian/Dockerfile b/.github/docker-images/base-images/debian/Dockerfile deleted file mode 100644 index 944da56..0000000 --- a/.github/docker-images/base-images/debian/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -FROM debian:latest AS base -# Install Prerequisites - -RUN apt update && apt upgrade -y && \ - apt install -y git libboost-all-dev autoconf automake \ - wget libtool curl make g++ unzip cmake libssl-dev python3 - -# Install Dependencies - -RUN mkdir /home/dependencies - -WORKDIR /home/dependencies -RUN wget https://www.zlib.net/zlib-1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ - tar xzvf /tmp/zlib-1.2.13.tar.gz && \ - cd zlib-1.2.13 && \ - ./configure && \ - make && \ - make install - -WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ - tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_81_0 && \ - ./bootstrap.sh && \ - ./b2 install link=static - -WORKDIR /home/dependencies -RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/protobuf-all-3.17.3.tar.gz -O /tmp/protobuf-all-3.17.3.tar.gz && \ - tar xzvf /tmp/protobuf-all-3.17.3.tar.gz && \ - cd protobuf-3.17.3 && \ - mkdir build && \ - cd build && \ - cmake ../cmake && \ - make && \ - make install - -WORKDIR /home/dependencies -RUN git clone https://github.com/openssl/openssl.git && \ - cd openssl && \ - git checkout OpenSSL_1_1_1-stable && \ - ./config && \ - make depend && \ - make all - -WORKDIR /home/dependencies -RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ - cd Catch2 && \ - mkdir build && \ - cd build && \ - cmake ../ && \ - make && \ - make install diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index c2d253f..bbe736e 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -46,7 +46,7 @@ jobs: - name: Build Ubuntu Base Image uses: docker/build-push-action@v3 with: - file: .github/docker-images/base-images/ubuntu/Dockerfile + file: .github/docker-images/base-images/debian-ubuntu/Dockerfile build-args: | OS=ubuntu:latest context: . @@ -79,7 +79,7 @@ jobs: - name: Build Ubuntu Base Image uses: docker/build-push-action@v3 with: - file: .github/docker-images/base-images/ubuntu/Dockerfile + file: .github/docker-images/base-images/debian-ubuntu/Dockerfile build-args: | OS=ubuntu:latest context: . @@ -112,7 +112,7 @@ jobs: - name: Build ubuntu Base Image uses: docker/build-push-action@v3 with: - file: .github/docker-images/base-images/ubuntu/Dockerfile + file: .github/docker-images/base-images/debian-ubuntu/Dockerfile build-args: | OS=ubuntu:18.04 context: . @@ -269,7 +269,7 @@ jobs: - name: Build debian Base Image uses: docker/build-push-action@v3 with: - file: .github/docker-images/base-images/debian/Dockerfile + file: .github/docker-images/base-images/debian-ubuntu/Dockerfile build-args: | OS=debian:latest context: . @@ -302,7 +302,7 @@ jobs: - name: Build debian Base Image uses: docker/build-push-action@v3 with: - file: .github/docker-images/base-images/debian/Dockerfile + file: .github/docker-images/base-images/debian-ubuntu/Dockerfile build-args: | OS=debian:latest context: . From eefd7500b102a1bae2f30f5bee63ec5e80a7f0c2 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Wed, 1 Mar 2023 10:51:15 -0800 Subject: [PATCH 30/68] restarting image builds --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 49a379d..00bed86 100644 --- a/README.md +++ b/README.md @@ -30,6 +30,7 @@ You can find them at: #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/amazonlinux-base #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/ubi8-base #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/fedora-base + The release images are minimum size images that include a pre-built binary with no dependencies installed. Every tag contains a git commit sha for example: 33879dd7f1500f7b3e56e48ce8b002cd9b0f9e4e. You can cross-check the git commit sha with the commits in the local proxy repo to see if the binary contains changes added in a specific commit. From 2b92bcfe8d1c7de4d8be6a0eb4dfb24a9e8641f5 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 2 Mar 2023 13:32:43 -0800 Subject: [PATCH 31/68] switch to public repo --- .github/workflows/base-images.yml | 41 ++++++++-------- .github/workflows/release.yml | 81 ++++++++++++++++--------------- README.md | 10 ++++ 3 files changed, 72 insertions(+), 60 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index bbe736e..9faa9e8 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -14,6 +14,7 @@ on: env: PACKAGE_NAME: aws-iot-securetunneling-localproxy + ECR_ACCOUNT_URL: public.ecr.aws ECR_BASE_UBUNTU: ubuntu-base ECR_BASE_UBI8: ubi8-base ECR_BASE_AMAZONLINUX: amazonlinux-base @@ -34,7 +35,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -52,7 +53,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest platforms: linux/amd64 build-base-docker-image-ubuntu-arm64: runs-on: ubuntu-latest @@ -67,7 +68,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -85,7 +86,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest platforms: linux/arm64 build-base-docker-image-ubuntu-armv7: runs-on: ubuntu-latest @@ -100,7 +101,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -118,7 +119,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest platforms: linux/arm/v7 build-base-docker-image-ubi8-amd64: runs-on: ubuntu-latest @@ -133,7 +134,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -149,7 +150,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBI8 }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:latest platforms: linux/amd64 build-base-docker-image-ubi8-arm64: runs-on: ubuntu-latest @@ -164,7 +165,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -180,7 +181,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBI8 }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:latest platforms: linux/arm64 build-base-docker-image-amazonlinux-amd64: runs-on: ubuntu-latest @@ -195,7 +196,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -211,7 +212,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_AMAZONLINUX }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:latest platforms: linux/amd64 build-base-docker-image-amazonlinux-arm64: runs-on: ubuntu-latest @@ -226,7 +227,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -242,7 +243,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_AMAZONLINUX }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:latest platforms: linux/arm64 build-base-docker-image-debian-amd64: runs-on: ubuntu-latest @@ -257,7 +258,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -275,7 +276,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_DEBIAN }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:latest platforms: linux/amd64 build-base-docker-image-debian-arm64: runs-on: ubuntu-latest @@ -290,7 +291,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -308,7 +309,7 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_DEBIAN }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:latest platforms: linux/arm64 build-base-docker-image-fedora-amd64: runs-on: ubuntu-latest @@ -323,7 +324,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -339,5 +340,5 @@ jobs: context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_FEDORA }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:latest platforms: linux/amd64 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5b34bc3..ea78d61 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,6 +11,7 @@ on: env: PACKAGE_NAME: aws-iot-securetunneling-localproxy + ECR_ACCOUNT_URL: public.ecr.aws ECR_BASE_UBUNTU: ubuntu-base ECR_BASE_UBI8: ubi8-base ECR_BASE_AMAZONLINUX: amazonlinux-base @@ -36,7 +37,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -51,12 +52,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=ubuntu:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBUNTU }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }} + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:latest platforms: linux/amd64 build-docker-image-ubuntu-arm64: runs-on: ubuntu-latest @@ -71,7 +72,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -86,12 +87,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=ubuntu:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBUNTU }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }} + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:latest platforms: linux/arm64 build-docker-image-ubuntu-armv7: runs-on: ubuntu-latest @@ -106,7 +107,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -121,12 +122,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=ubuntu:18.04 - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBUNTU }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }} + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:latest platforms: linux/arm/v7 build-docker-image-ubi8-amd64: runs-on: ubuntu-latest @@ -141,7 +142,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -156,12 +157,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=redhat/ubi8:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBI8 }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBI8 }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }} + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:latest platforms: linux/amd64 build-docker-image-ubi8-arm64: runs-on: ubuntu-latest @@ -176,7 +177,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -191,12 +192,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=redhat/ubi8:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_UBI8 }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_UBI8 }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }} + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:latest platforms: linux/arm64 build-docker-image-amazonlinux-amd64: runs-on: ubuntu-latest @@ -211,7 +212,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -226,12 +227,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=amazonlinux:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_AMAZONLINUX }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_AMAZONLINUX }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }} + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:latest platforms: linux/amd64 build-docker-image-amazonlinux-arm64: runs-on: ubuntu-latest @@ -246,7 +247,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -261,12 +262,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=amazonlinux:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_AMAZONLINUX }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_AMAZONLINUX }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }} + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:latest platforms: linux/arm64 build-docker-image-debian-amd64: runs-on: ubuntu-latest @@ -281,7 +282,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -296,12 +297,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=debian:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_DEBIAN }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_DEBIAN }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }} + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:latest platforms: linux/amd64 build-docker-image-debian-arm64: runs-on: ubuntu-latest @@ -316,7 +317,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -331,12 +332,12 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=debian:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_DEBIAN }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_DEBIAN }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }} + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:latest platforms: linux/arm64 build-docker-image-fedora-amd64: runs-on: ubuntu-latest @@ -351,7 +352,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{secrets.ECR_ACCOUNT_URL}} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} - name: Checkout uses: actions/checkout@v2 with: @@ -366,10 +367,10 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=fedora:latest - BASE_IMAGE=${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_BASE_FEDORA }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:latest context: . push: true tags: | - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_FEDORA }}:${{ github.sha }} - ${{secrets.ECR_ACCOUNT_URL}}/${{ env.ECR_RELEASE_FEDORA }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_FEDORA }}:${{ github.sha }} + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_FEDORA }}:latest platforms: linux/amd64 diff --git a/README.md b/README.md index 00bed86..1471f9a 100644 --- a/README.md +++ b/README.md @@ -26,20 +26,30 @@ The base images come with all dependencies pre-installed. You will still need to These are useful if you want to modify and [compile](https://github.com/aws-samples/aws-iot-securetunneling-localproxy#download-and-build-the-local-proxy) the local proxy on your own, but are large (~1 GB each). You can find them at: #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/ubuntu-base +- amd64/arm64/armv7 #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/debian-base +- amd64/arm64 #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/amazonlinux-base +- amd64/arm64 #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/ubi8-base +- amd64/arm64 #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/fedora-base +- amd64 The release images are minimum size images that include a pre-built binary with no dependencies installed. Every tag contains a git commit sha for example: 33879dd7f1500f7b3e56e48ce8b002cd9b0f9e4e. You can cross-check the git commit sha with the commits in the local proxy repo to see if the binary contains changes added in a specific commit. You can find them at: #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/ubuntu-bin +- amd64/arm64/armv7 #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/debian-bin +- amd64/arm64 #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/amazonlinux-bin +- amd64/arm64 #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/ubi8-bin +- amd64/arm64 #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/fedora-bin +- amd64 ### Building a Docker Image From 277cb99bbe3270d607c8cd78bdebd86ed14c55d3 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 2 Mar 2023 13:36:47 -0800 Subject: [PATCH 32/68] fix docker login --- .github/workflows/base-images.yml | 20 ++++++++++---------- .github/workflows/release.yml | 20 ++++++++++---------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 9faa9e8..01ae699 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -35,7 +35,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -68,7 +68,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -101,7 +101,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -134,7 +134,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -165,7 +165,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -196,7 +196,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -227,7 +227,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -258,7 +258,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -291,7 +291,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -324,7 +324,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ea78d61..89b447d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,7 +37,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -72,7 +72,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -107,7 +107,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -142,7 +142,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -177,7 +177,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -212,7 +212,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -247,7 +247,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -282,7 +282,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -317,7 +317,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -352,7 +352,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }}/${{ env.PACKAGE_NAME }} + run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: From 2ed38efc82e7cc167492c13e00b3f6bb50480b6c Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 2 Mar 2023 13:39:55 -0800 Subject: [PATCH 33/68] fix login command --- .github/workflows/base-images.yml | 20 ++++++++++---------- .github/workflows/release.yml | 20 ++++++++++---------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 01ae699..4d0a51d 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -35,7 +35,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -68,7 +68,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -101,7 +101,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -134,7 +134,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -165,7 +165,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -196,7 +196,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -227,7 +227,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -258,7 +258,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -291,7 +291,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -324,7 +324,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 89b447d..4399f13 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,7 +37,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -72,7 +72,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -107,7 +107,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -142,7 +142,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -177,7 +177,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -212,7 +212,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -247,7 +247,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -282,7 +282,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -317,7 +317,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: @@ -352,7 +352,7 @@ jobs: aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} aws-region: us-east-1 - name: Login to ECR - run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} + run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_ACCOUNT_URL }} - name: Checkout uses: actions/checkout@v2 with: From e4db995c51513253ea7ee3f79f66e8b10d33192a Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 2 Mar 2023 13:47:26 -0800 Subject: [PATCH 34/68] fix repo full name --- .github/workflows/base-images.yml | 10 +++++----- .github/workflows/release.yml | 20 ++++++++++---------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 4d0a51d..109fd5a 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -15,11 +15,11 @@ on: env: PACKAGE_NAME: aws-iot-securetunneling-localproxy ECR_ACCOUNT_URL: public.ecr.aws - ECR_BASE_UBUNTU: ubuntu-base - ECR_BASE_UBI8: ubi8-base - ECR_BASE_AMAZONLINUX: amazonlinux-base - ECR_BASE_DEBIAN: debian-base - ECR_BASE_FEDORA: fedora-base + ECR_BASE_UBUNTU: ${{ env.PACKAGE_NAME }}/ubuntu-base + ECR_BASE_UBI8: ${{ env.PACKAGE_NAME }}/ubi8-base + ECR_BASE_AMAZONLINUX: ${{ env.PACKAGE_NAME }}/amazonlinux-base + ECR_BASE_DEBIAN: ${{ env.PACKAGE_NAME }}/debian-base + ECR_BASE_FEDORA: ${{ env.PACKAGE_NAME }}/fedora-base jobs: build-base-docker-image-ubuntu-amd64: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4399f13..501f87f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,16 +12,16 @@ on: env: PACKAGE_NAME: aws-iot-securetunneling-localproxy ECR_ACCOUNT_URL: public.ecr.aws - ECR_BASE_UBUNTU: ubuntu-base - ECR_BASE_UBI8: ubi8-base - ECR_BASE_AMAZONLINUX: amazonlinux-base - ECR_BASE_DEBIAN: debian-base - ECR_BASE_FEDORA: fedora-base - ECR_RELEASE_UBUNTU: ubuntu-bin - ECR_RELEASE_UBI8: ubi8-bin - ECR_RELEASE_AMAZONLINUX: amazonlinux-bin - ECR_RELEASE_DEBIAN: debian-bin - ECR_RELEASE_FEDORA: fedora-bin + ECR_BASE_UBUNTU: ${{ env.PACKAGE_NAME }}/ubuntu-base + ECR_BASE_UBI8: ${{ env.PACKAGE_NAME }}/ubi8-base + ECR_BASE_AMAZONLINUX: ${{ env.PACKAGE_NAME }}/amazonlinux-base + ECR_BASE_DEBIAN: ${{ env.PACKAGE_NAME }}/debian-base + ECR_BASE_FEDORA: ${{ env.PACKAGE_NAME }}/fedora-base + ECR_RELEASE_UBUNTU: ${{ env.PACKAGE_NAME }}/ubuntu-bin + ECR_RELEASE_UBI8: ${{ env.PACKAGE_NAME }}/ubi8-bin + ECR_RELEASE_AMAZONLINUX: ${{ env.PACKAGE_NAME }}/amazonlinux-bin + ECR_RELEASE_DEBIAN: ${{ env.PACKAGE_NAME }}/debian-bin + ECR_RELEASE_FEDORA: ${{ env.PACKAGE_NAME }}/fedora-bin jobs: build-docker-image-ubuntu-amd64: From 70c12ea89ec0a7d26f8a6545ba6b846c542208e8 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 2 Mar 2023 13:49:12 -0800 Subject: [PATCH 35/68] fix syntax error --- .github/workflows/base-images.yml | 10 +++++----- .github/workflows/release.yml | 20 ++++++++++---------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 109fd5a..9b67e36 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -15,11 +15,11 @@ on: env: PACKAGE_NAME: aws-iot-securetunneling-localproxy ECR_ACCOUNT_URL: public.ecr.aws - ECR_BASE_UBUNTU: ${{ env.PACKAGE_NAME }}/ubuntu-base - ECR_BASE_UBI8: ${{ env.PACKAGE_NAME }}/ubi8-base - ECR_BASE_AMAZONLINUX: ${{ env.PACKAGE_NAME }}/amazonlinux-base - ECR_BASE_DEBIAN: ${{ env.PACKAGE_NAME }}/debian-base - ECR_BASE_FEDORA: ${{ env.PACKAGE_NAME }}/fedora-base + ECR_BASE_UBUNTU: aws-iot-securetunneling-localproxy/ubuntu-base + ECR_BASE_UBI8: aws-iot-securetunneling-localproxy/ubi8-base + ECR_BASE_AMAZONLINUX: aws-iot-securetunneling-localproxy/amazonlinux-base + ECR_BASE_DEBIAN: aws-iot-securetunneling-localproxy/debian-base + ECR_BASE_FEDORA: aws-iot-securetunneling-localproxy/fedora-base jobs: build-base-docker-image-ubuntu-amd64: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 501f87f..9debd07 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,16 +12,16 @@ on: env: PACKAGE_NAME: aws-iot-securetunneling-localproxy ECR_ACCOUNT_URL: public.ecr.aws - ECR_BASE_UBUNTU: ${{ env.PACKAGE_NAME }}/ubuntu-base - ECR_BASE_UBI8: ${{ env.PACKAGE_NAME }}/ubi8-base - ECR_BASE_AMAZONLINUX: ${{ env.PACKAGE_NAME }}/amazonlinux-base - ECR_BASE_DEBIAN: ${{ env.PACKAGE_NAME }}/debian-base - ECR_BASE_FEDORA: ${{ env.PACKAGE_NAME }}/fedora-base - ECR_RELEASE_UBUNTU: ${{ env.PACKAGE_NAME }}/ubuntu-bin - ECR_RELEASE_UBI8: ${{ env.PACKAGE_NAME }}/ubi8-bin - ECR_RELEASE_AMAZONLINUX: ${{ env.PACKAGE_NAME }}/amazonlinux-bin - ECR_RELEASE_DEBIAN: ${{ env.PACKAGE_NAME }}/debian-bin - ECR_RELEASE_FEDORA: ${{ env.PACKAGE_NAME }}/fedora-bin + ECR_BASE_UBUNTU: aws-iot-securetunneling-localproxy/ubuntu-base + ECR_BASE_UBI8: aws-iot-securetunneling-localproxy/ubi8-base + ECR_BASE_AMAZONLINUX: aws-iot-securetunneling-localproxy/amazonlinux-base + ECR_BASE_DEBIAN: aws-iot-securetunneling-localproxy/debian-base + ECR_BASE_FEDORA: aws-iot-securetunneling-localproxy/fedora-base + ECR_RELEASE_UBUNTU: aws-iot-securetunneling-localproxy/ubuntu-bin + ECR_RELEASE_UBI8: aws-iot-securetunneling-localproxy/ubi8-bin + ECR_RELEASE_AMAZONLINUX: aws-iot-securetunneling-localproxy/amazonlinux-bin + ECR_RELEASE_DEBIAN: aws-iot-securetunneling-localproxy/debian-bin + ECR_RELEASE_FEDORA: aws-iot-securetunneling-localproxy/fedora-bin jobs: build-docker-image-ubuntu-amd64: From 9c96be1026e9c74c57bb0178f7dcd354039df45c Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 2 Mar 2023 17:56:51 -0800 Subject: [PATCH 36/68] update README --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 1471f9a..2c78d9d 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,11 @@ To build cross-platform images for ARM: You may also try armv7 for 32 bit images, but supported functionality may be limited. After the Docker build completes, run `docker run --rm -it ` to open a shell inside the container created in the -previous step, or you can add ` -p ` to expose a port from the docker container. Note that when the localproxy runs in source mode, it binds by default to `localhost`, If you want to access the localproxy from outside the container, make sure to use the option `-b 0.0.0.0` when you run the localproxy from the container so that it binds to `0.0.0.0` since `localhost` can not be access from outside the container. +previous step... + +Because it may not make practical sense to SSH into a docker container, you can transfer binaries by exposing your machine's filesystem to the containerized filesystem via bind mount. To bind mount a volume on your physical machine's current directory: +`docker run --rm -it -v $(pwd):/root ` +and you can add ` -p ` to expose a port from the docker container. Note that when the localproxy runs in source mode, it binds by default to `localhost`, If you want to access the localproxy from outside the container, make sure to use the option `-b 0.0.0.0` when you run the localproxy from the container so that it binds to `0.0.0.0` since `localhost` can not be access from outside the container. #### Deprecated Method `./docker-build.sh` From a8cd42df2cab3533ed523184844396cd4bf89a65 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Wed, 15 Mar 2023 09:43:16 -0700 Subject: [PATCH 37/68] update image tag to include platform --- .github/workflows/base-images.yml | 20 ++++++++-------- .github/workflows/release.yml | 40 +++++++++++++++---------------- 2 files changed, 30 insertions(+), 30 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 9b67e36..0a5acc9 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -53,7 +53,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:amd64 platforms: linux/amd64 build-base-docker-image-ubuntu-arm64: runs-on: ubuntu-latest @@ -86,7 +86,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:arm64 platforms: linux/arm64 build-base-docker-image-ubuntu-armv7: runs-on: ubuntu-latest @@ -119,7 +119,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:arm/v7 platforms: linux/arm/v7 build-base-docker-image-ubi8-amd64: runs-on: ubuntu-latest @@ -150,7 +150,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:amd64 platforms: linux/amd64 build-base-docker-image-ubi8-arm64: runs-on: ubuntu-latest @@ -181,7 +181,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:arm64 platforms: linux/arm64 build-base-docker-image-amazonlinux-amd64: runs-on: ubuntu-latest @@ -212,7 +212,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:amd64 platforms: linux/amd64 build-base-docker-image-amazonlinux-arm64: runs-on: ubuntu-latest @@ -243,7 +243,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:arm64 platforms: linux/arm64 build-base-docker-image-debian-amd64: runs-on: ubuntu-latest @@ -276,7 +276,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:amd64 platforms: linux/amd64 build-base-docker-image-debian-arm64: runs-on: ubuntu-latest @@ -309,7 +309,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:arm64 platforms: linux/arm64 build-base-docker-image-fedora-amd64: runs-on: ubuntu-latest @@ -340,5 +340,5 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:amd64 platforms: linux/amd64 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9debd07..509a260 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -56,8 +56,8 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }}-amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:amd64 platforms: linux/amd64 build-docker-image-ubuntu-arm64: runs-on: ubuntu-latest @@ -91,8 +91,8 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }}-arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:arm64 platforms: linux/arm64 build-docker-image-ubuntu-armv7: runs-on: ubuntu-latest @@ -126,8 +126,8 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }}-arm/v7 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:arm/v7 platforms: linux/arm/v7 build-docker-image-ubi8-amd64: runs-on: ubuntu-latest @@ -161,8 +161,8 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }}-amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:amd64 platforms: linux/amd64 build-docker-image-ubi8-arm64: runs-on: ubuntu-latest @@ -196,8 +196,8 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }}-arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:arm64 platforms: linux/arm64 build-docker-image-amazonlinux-amd64: runs-on: ubuntu-latest @@ -231,8 +231,8 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }}-amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:amd64 platforms: linux/amd64 build-docker-image-amazonlinux-arm64: runs-on: ubuntu-latest @@ -266,8 +266,8 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }}-arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:arm64 platforms: linux/arm64 build-docker-image-debian-amd64: runs-on: ubuntu-latest @@ -301,8 +301,8 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }}-amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:amd64 platforms: linux/amd64 build-docker-image-debian-arm64: runs-on: ubuntu-latest @@ -336,8 +336,8 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }}-arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:arm64 platforms: linux/arm64 build-docker-image-fedora-amd64: runs-on: ubuntu-latest @@ -371,6 +371,6 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_FEDORA }}:${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_FEDORA }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_FEDORA }}:${{ github.sha }}-amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_FEDORA }}:amd64 platforms: linux/amd64 From a99458879cbd330f01fbf03aa552ca1496458ec7 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Wed, 15 Mar 2023 10:11:08 -0700 Subject: [PATCH 38/68] fix tagging, update README --- .github/workflows/base-images.yml | 22 ++++++++-------- .github/workflows/release.yml | 42 +++++++++++++++---------------- README.md | 6 ++--- 3 files changed, 35 insertions(+), 35 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 0a5acc9..3848168 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -45,7 +45,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build Ubuntu Base Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/base-images/debian-ubuntu/Dockerfile build-args: | @@ -78,7 +78,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build Ubuntu Base Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/base-images/debian-ubuntu/Dockerfile build-args: | @@ -111,7 +111,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build ubuntu Base Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/base-images/debian-ubuntu/Dockerfile build-args: | @@ -119,7 +119,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:arm/v7 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:armv7 platforms: linux/arm/v7 build-base-docker-image-ubi8-amd64: runs-on: ubuntu-latest @@ -144,7 +144,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build ubi8 Base Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/base-images/ubi8/Dockerfile context: . @@ -175,7 +175,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build ubi8 Base Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/base-images/ubi8/Dockerfile context: . @@ -206,7 +206,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build amazonlinux Base Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/base-images/amazonlinux/Dockerfile context: . @@ -237,7 +237,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build amazonlinux Base Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/base-images/amazonlinux/Dockerfile context: . @@ -268,7 +268,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build debian Base Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/base-images/debian-ubuntu/Dockerfile build-args: | @@ -301,7 +301,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build debian Base Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/base-images/debian-ubuntu/Dockerfile build-args: | @@ -334,7 +334,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build fedora Base Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/base-images/fedora/Dockerfile context: . diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 509a260..f0604b5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -47,7 +47,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build Ubuntu Release Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/Dockerfile build-args: | @@ -57,7 +57,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }}-amd64 - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:amd64-latest platforms: linux/amd64 build-docker-image-ubuntu-arm64: runs-on: ubuntu-latest @@ -82,7 +82,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build Ubuntu Release Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/Dockerfile build-args: | @@ -92,7 +92,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }}-arm64 - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:arm64-latest platforms: linux/arm64 build-docker-image-ubuntu-armv7: runs-on: ubuntu-latest @@ -117,7 +117,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build ubuntu Release Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/Dockerfile build-args: | @@ -126,8 +126,8 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }}-arm/v7 - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:arm/v7 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }}-armv7 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:armv7-latest platforms: linux/arm/v7 build-docker-image-ubi8-amd64: runs-on: ubuntu-latest @@ -152,7 +152,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build ubi8 Release Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/Dockerfile build-args: | @@ -162,7 +162,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }}-amd64 - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:amd64-latest platforms: linux/amd64 build-docker-image-ubi8-arm64: runs-on: ubuntu-latest @@ -187,7 +187,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build ubi8 Release Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/Dockerfile build-args: | @@ -197,7 +197,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }}-arm64 - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:arm64-latest platforms: linux/arm64 build-docker-image-amazonlinux-amd64: runs-on: ubuntu-latest @@ -222,7 +222,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build amazonlinux Release Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/Dockerfile build-args: | @@ -232,7 +232,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }}-amd64 - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:amd64-latest platforms: linux/amd64 build-docker-image-amazonlinux-arm64: runs-on: ubuntu-latest @@ -257,7 +257,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build amazonlinux Release Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/Dockerfile build-args: | @@ -267,7 +267,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }}-arm64 - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:arm64-latest platforms: linux/arm64 build-docker-image-debian-amd64: runs-on: ubuntu-latest @@ -292,7 +292,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build debian Release Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/Dockerfile build-args: | @@ -302,7 +302,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }}-amd64 - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:amd64-latest platforms: linux/amd64 build-docker-image-debian-arm64: runs-on: ubuntu-latest @@ -327,7 +327,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build debian Release Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/Dockerfile build-args: | @@ -337,7 +337,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }}-arm64 - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:arm64-latest platforms: linux/arm64 build-docker-image-fedora-amd64: runs-on: ubuntu-latest @@ -362,7 +362,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build fedora Release Image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: .github/docker-images/Dockerfile build-args: | @@ -372,5 +372,5 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_FEDORA }}:${{ github.sha }}-amd64 - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_FEDORA }}:amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_FEDORA }}:amd64-latest platforms: linux/amd64 diff --git a/README.md b/README.md index 2c78d9d..cb0ce06 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,7 @@ This code enables tunneling of a single threaded TCP client / server socket inte We provide several docker images on various platforms. Both x86 and ARM are supported, though armv7 is currently limited to the ubuntu images. There are two types of images: base images and release images. -The base images come with all dependencies pre-installed. You will still need to download and build the source. +The base images come with all dependencies pre-installed. You will still need to download and build the source. These images are tagged with their corresponding arch. These are useful if you want to modify and [compile](https://github.com/aws-samples/aws-iot-securetunneling-localproxy#download-and-build-the-local-proxy) the local proxy on your own, but are large (~1 GB each). You can find them at: #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/ubuntu-base @@ -37,7 +37,7 @@ You can find them at: - amd64 The release images are minimum size images that include a pre-built binary with no dependencies installed. -Every tag contains a git commit sha for example: 33879dd7f1500f7b3e56e48ce8b002cd9b0f9e4e. +These images are tagged with the git commit and corresponding arch. Example: 33879dd7f1500f7b3e56e48ce8b002cd9b0f9e4e-amd64. You can cross-check the git commit sha with the commits in the local proxy repo to see if the binary contains changes added in a specific commit. You can find them at: #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/ubuntu-bin @@ -61,7 +61,7 @@ If you do not want to use the prebuilt images, you can build them yourself: Or, for the debian-ubuntu combined Dockerfile: -`docker build -t . --build-arg OS=:latest` +`docker build -t . --build-arg OS=:` To build cross-platform images for ARM: From 088f33afa13e4438ddf72d27b3d89d1da60a51ca Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Wed, 15 Mar 2023 10:25:22 -0700 Subject: [PATCH 39/68] update build-args with arch --- .github/workflows/release.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f0604b5..bdba24e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -52,7 +52,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=ubuntu:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:amd64 context: . push: true tags: | @@ -87,7 +87,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=ubuntu:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:arm64 context: . push: true tags: | @@ -122,7 +122,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=ubuntu:18.04 - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:armv7 context: . push: true tags: | @@ -157,7 +157,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=redhat/ubi8:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:amd64 context: . push: true tags: | @@ -192,7 +192,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=redhat/ubi8:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:arm64 context: . push: true tags: | @@ -227,7 +227,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=amazonlinux:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:amd64 context: . push: true tags: | @@ -262,7 +262,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=amazonlinux:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:arm64 context: . push: true tags: | @@ -297,7 +297,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=debian:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:amd64 context: . push: true tags: | @@ -332,7 +332,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=debian:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:arm64 context: . push: true tags: | @@ -367,7 +367,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=fedora:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:latest + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:amd64 context: . push: true tags: | From 41c78ee690ed92ed4541e352a1c6a7fd2167f23d Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Mon, 20 Mar 2023 11:43:15 -0700 Subject: [PATCH 40/68] fix docker entrypoint --- .github/docker-images/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile index 3d99f44..78d43ce 100644 --- a/.github/docker-images/Dockerfile +++ b/.github/docker-images/Dockerfile @@ -23,4 +23,4 @@ RUN HOME_DIR=/root \ && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ && rm -rf ${HOME_DIR}/oss-compliance* -ENTRYPOINT ["/root/bin"] \ No newline at end of file +ENTRYPOINT ["/root/bin/localproxy"] \ No newline at end of file From 8930960e38fa8a2577b0164b5204e555c73bc024 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Mon, 20 Mar 2023 14:23:49 -0700 Subject: [PATCH 41/68] pin version to 3.0.2 set openssl to use static libs --- .github/docker-images/Dockerfile | 2 +- .../base-images/amazonlinux/Dockerfile | 13 ++++++------- .../base-images/debian-ubuntu/Dockerfile | 12 ++++++------ .../docker-images/base-images/fedora/Dockerfile | 14 +++++++------- .github/docker-images/base-images/ubi8/Dockerfile | 12 ++++++------ CMakeLists.txt | 1 + 6 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile index 78d43ce..ba17f21 100644 --- a/.github/docker-images/Dockerfile +++ b/.github/docker-images/Dockerfile @@ -8,7 +8,7 @@ FROM ${BASE_IMAGE} AS deploy COPY . /root/aws-iot-securetunneling-localproxy RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ && cd /root/aws-iot-securetunneling-localproxy/build \ - && cmake .. \ + && cmake .. -DOPENSSL_ROOT_DIR=/usr/local/ssl -DOPENSSL_LIBRARIES=/usr/local/include/openssl \ && make FROM ${OS} AS minimum_size diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index d8507df..e15613e 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -5,11 +5,10 @@ ARG OPENSSL_CONFIG RUN yum check-update; yum upgrade -y && \ yum install -y git boost-devel autoconf automake \ - wget libtool curl make gcc-c++ unzip cmake3 python-devel openssl11-devel which + wget libtool make gcc-c++ unzip cmake3 python-devel which # Install Dependencies -RUN ln -s /usr/bin/cmake3 /usr/bin/cmake RUN mkdir /home/dependencies WORKDIR /home/dependencies @@ -38,12 +37,12 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make install WORKDIR /home/dependencies -RUN git clone https://github.com/openssl/openssl.git && \ - cd openssl && \ - git checkout OpenSSL_1_1_1-stable && \ +RUN wget https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.2.tar.gz -O /tmp/openssl-3.0.2.tar.gz && \ + tar xzvf /tmp/openssl-3.0.2.tar.gz && \ + cd openssl-openssl-3.0.2 && \ ./config && \ - make depend && \ - make all + make && \ + make install WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ diff --git a/.github/docker-images/base-images/debian-ubuntu/Dockerfile b/.github/docker-images/base-images/debian-ubuntu/Dockerfile index 7791abd..9267007 100644 --- a/.github/docker-images/base-images/debian-ubuntu/Dockerfile +++ b/.github/docker-images/base-images/debian-ubuntu/Dockerfile @@ -5,7 +5,7 @@ FROM ${OS} AS base RUN apt update && apt upgrade -y && \ apt install -y git libboost-all-dev autoconf automake \ - wget libtool curl make g++ unzip cmake libssl-dev python3 + wget libtool curl make g++ unzip cmake python3 # Install Dependencies @@ -37,12 +37,12 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make install WORKDIR /home/dependencies -RUN git clone https://github.com/openssl/openssl.git && \ - cd openssl && \ - git checkout OpenSSL_1_1_1-stable && \ +RUN wget https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.2.tar.gz -O /tmp/openssl-3.0.2.tar.gz && \ + tar xzvf /tmp/openssl-3.0.2.tar.gz && \ + cd openssl-openssl-3.0.2 && \ ./config && \ - make depend && \ - make all + make && \ + make install WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ diff --git a/.github/docker-images/base-images/fedora/Dockerfile b/.github/docker-images/base-images/fedora/Dockerfile index 6b7e3f6..a5dd465 100644 --- a/.github/docker-images/base-images/fedora/Dockerfile +++ b/.github/docker-images/base-images/fedora/Dockerfile @@ -5,7 +5,7 @@ FROM fedora:latest AS base RUN dnf -y update \ && dnf -y install \ git autoconf automake \ - which wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel perl-core + which wget libtool libatomic curl make gcc-c++ unzip cmake python3 perl-core RUN mkdir /home/dependencies @@ -35,12 +35,12 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make install WORKDIR /home/dependencies -RUN git clone https://github.com/openssl/openssl.git && \ - cd openssl && \ - git checkout OpenSSL_1_1_1-stable && \ - ./config && \ - make depend && \ - make all +RUN wget https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.2.tar.gz -O /tmp/openssl-3.0.2.tar.gz && \ + tar xzvf /tmp/openssl-3.0.2.tar.gz && \ + cd openssl-openssl-3.0.2 && \ + ./config && \ + make && \ + make install WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index 9f8716c..3f362b5 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -4,7 +4,7 @@ FROM redhat/ubi8:latest AS base RUN yum -y update \ && yum -y install git autoconf automake \ - wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel + wget libtool libatomic curl make gcc-c++ unzip cmake python3 RUN mkdir /home/dependencies @@ -34,12 +34,12 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make install WORKDIR /home/dependencies -RUN git clone https://github.com/openssl/openssl.git && \ - cd openssl && \ - git checkout OpenSSL_1_1_1-stable && \ +RUN wget https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.2.tar.gz -O /tmp/openssl-3.0.2.tar.gz && \ + tar xzvf /tmp/openssl-3.0.2.tar.gz && \ + cd openssl-openssl-3.0.2 && \ ./config && \ - make depend && \ - make all + make && \ + make install WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ diff --git a/CMakeLists.txt b/CMakeLists.txt index 340e109..e1126db 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -59,6 +59,7 @@ protobuf_generate_cpp(PROTO_SRCS PROTO_HDRS ${PROJECT_SOURCE_DIR}/resources/Mess ######################################### # OpenSSL dependency # ######################################### +set(OPENSSL_USE_STATIC_LIBS TRUE) find_package(OpenSSL REQUIRED) ######################################### From 506a82d8a8bcd2ddb2c132c747a1f13755d5a139 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Mon, 20 Mar 2023 18:19:16 -0700 Subject: [PATCH 42/68] Revert "openssl install run tests" This reverts commit 9a2ca5eefc72811206c72a9b90b00d8b58562d20. --- .github/docker-images/Dockerfile | 2 +- .../base-images/amazonlinux/Dockerfile | 13 +++++++------ .../base-images/debian-ubuntu/Dockerfile | 12 ++++++------ .../docker-images/base-images/fedora/Dockerfile | 14 +++++++------- .github/docker-images/base-images/ubi8/Dockerfile | 12 ++++++------ CMakeLists.txt | 1 - 6 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile index ba17f21..78d43ce 100644 --- a/.github/docker-images/Dockerfile +++ b/.github/docker-images/Dockerfile @@ -8,7 +8,7 @@ FROM ${BASE_IMAGE} AS deploy COPY . /root/aws-iot-securetunneling-localproxy RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ && cd /root/aws-iot-securetunneling-localproxy/build \ - && cmake .. -DOPENSSL_ROOT_DIR=/usr/local/ssl -DOPENSSL_LIBRARIES=/usr/local/include/openssl \ + && cmake .. \ && make FROM ${OS} AS minimum_size diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index e15613e..d8507df 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -5,10 +5,11 @@ ARG OPENSSL_CONFIG RUN yum check-update; yum upgrade -y && \ yum install -y git boost-devel autoconf automake \ - wget libtool make gcc-c++ unzip cmake3 python-devel which + wget libtool curl make gcc-c++ unzip cmake3 python-devel openssl11-devel which # Install Dependencies +RUN ln -s /usr/bin/cmake3 /usr/bin/cmake RUN mkdir /home/dependencies WORKDIR /home/dependencies @@ -37,12 +38,12 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make install WORKDIR /home/dependencies -RUN wget https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.2.tar.gz -O /tmp/openssl-3.0.2.tar.gz && \ - tar xzvf /tmp/openssl-3.0.2.tar.gz && \ - cd openssl-openssl-3.0.2 && \ +RUN git clone https://github.com/openssl/openssl.git && \ + cd openssl && \ + git checkout OpenSSL_1_1_1-stable && \ ./config && \ - make && \ - make install + make depend && \ + make all WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ diff --git a/.github/docker-images/base-images/debian-ubuntu/Dockerfile b/.github/docker-images/base-images/debian-ubuntu/Dockerfile index 9267007..7791abd 100644 --- a/.github/docker-images/base-images/debian-ubuntu/Dockerfile +++ b/.github/docker-images/base-images/debian-ubuntu/Dockerfile @@ -5,7 +5,7 @@ FROM ${OS} AS base RUN apt update && apt upgrade -y && \ apt install -y git libboost-all-dev autoconf automake \ - wget libtool curl make g++ unzip cmake python3 + wget libtool curl make g++ unzip cmake libssl-dev python3 # Install Dependencies @@ -37,12 +37,12 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make install WORKDIR /home/dependencies -RUN wget https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.2.tar.gz -O /tmp/openssl-3.0.2.tar.gz && \ - tar xzvf /tmp/openssl-3.0.2.tar.gz && \ - cd openssl-openssl-3.0.2 && \ +RUN git clone https://github.com/openssl/openssl.git && \ + cd openssl && \ + git checkout OpenSSL_1_1_1-stable && \ ./config && \ - make && \ - make install + make depend && \ + make all WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ diff --git a/.github/docker-images/base-images/fedora/Dockerfile b/.github/docker-images/base-images/fedora/Dockerfile index a5dd465..6b7e3f6 100644 --- a/.github/docker-images/base-images/fedora/Dockerfile +++ b/.github/docker-images/base-images/fedora/Dockerfile @@ -5,7 +5,7 @@ FROM fedora:latest AS base RUN dnf -y update \ && dnf -y install \ git autoconf automake \ - which wget libtool libatomic curl make gcc-c++ unzip cmake python3 perl-core + which wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel perl-core RUN mkdir /home/dependencies @@ -35,12 +35,12 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make install WORKDIR /home/dependencies -RUN wget https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.2.tar.gz -O /tmp/openssl-3.0.2.tar.gz && \ - tar xzvf /tmp/openssl-3.0.2.tar.gz && \ - cd openssl-openssl-3.0.2 && \ - ./config && \ - make && \ - make install +RUN git clone https://github.com/openssl/openssl.git && \ + cd openssl && \ + git checkout OpenSSL_1_1_1-stable && \ + ./config && \ + make depend && \ + make all WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index 3f362b5..9f8716c 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -4,7 +4,7 @@ FROM redhat/ubi8:latest AS base RUN yum -y update \ && yum -y install git autoconf automake \ - wget libtool libatomic curl make gcc-c++ unzip cmake python3 + wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel RUN mkdir /home/dependencies @@ -34,12 +34,12 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make install WORKDIR /home/dependencies -RUN wget https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.2.tar.gz -O /tmp/openssl-3.0.2.tar.gz && \ - tar xzvf /tmp/openssl-3.0.2.tar.gz && \ - cd openssl-openssl-3.0.2 && \ +RUN git clone https://github.com/openssl/openssl.git && \ + cd openssl && \ + git checkout OpenSSL_1_1_1-stable && \ ./config && \ - make && \ - make install + make depend && \ + make all WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ diff --git a/CMakeLists.txt b/CMakeLists.txt index e1126db..340e109 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -59,7 +59,6 @@ protobuf_generate_cpp(PROTO_SRCS PROTO_HDRS ${PROJECT_SOURCE_DIR}/resources/Mess ######################################### # OpenSSL dependency # ######################################### -set(OPENSSL_USE_STATIC_LIBS TRUE) find_package(OpenSSL REQUIRED) ######################################### From 4d0289cf0073470dfae1454000bafd68b10e0215 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Wed, 22 Mar 2023 15:48:33 -0700 Subject: [PATCH 43/68] fix release image tagging --- .github/workflows/base-images.yml | 12 +++++++++++- .github/workflows/release.yml | 20 ++++++++++---------- 2 files changed, 21 insertions(+), 11 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 3848168..06d767c 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -53,7 +53,8 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:amd64-${{ github.sha }} + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:amd64-latest platforms: linux/amd64 build-base-docker-image-ubuntu-arm64: runs-on: ubuntu-latest @@ -86,6 +87,7 @@ jobs: context: . push: true tags: | + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:arm64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:arm64 platforms: linux/arm64 build-base-docker-image-ubuntu-armv7: @@ -119,6 +121,7 @@ jobs: context: . push: true tags: | + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:armv7-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:armv7 platforms: linux/arm/v7 build-base-docker-image-ubi8-amd64: @@ -150,6 +153,7 @@ jobs: context: . push: true tags: | + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:amd64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:amd64 platforms: linux/amd64 build-base-docker-image-ubi8-arm64: @@ -181,6 +185,7 @@ jobs: context: . push: true tags: | + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:arm64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:arm64 platforms: linux/arm64 build-base-docker-image-amazonlinux-amd64: @@ -212,6 +217,7 @@ jobs: context: . push: true tags: | + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:amd64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:amd64 platforms: linux/amd64 build-base-docker-image-amazonlinux-arm64: @@ -243,6 +249,7 @@ jobs: context: . push: true tags: | + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:arm64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:arm64 platforms: linux/arm64 build-base-docker-image-debian-amd64: @@ -276,6 +283,7 @@ jobs: context: . push: true tags: | + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:amd64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:amd64 platforms: linux/amd64 build-base-docker-image-debian-arm64: @@ -309,6 +317,7 @@ jobs: context: . push: true tags: | + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:arm64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:arm64 platforms: linux/arm64 build-base-docker-image-fedora-amd64: @@ -340,5 +349,6 @@ jobs: context: . push: true tags: | + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:amd64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:amd64 platforms: linux/amd64 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bdba24e..c522d12 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -56,7 +56,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }}-amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:amd64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:amd64-latest platforms: linux/amd64 build-docker-image-ubuntu-arm64: @@ -91,7 +91,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }}-arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:arm64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:arm64-latest platforms: linux/arm64 build-docker-image-ubuntu-armv7: @@ -126,7 +126,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:${{ github.sha }}-armv7 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:armv7-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBUNTU }}:armv7-latest platforms: linux/arm/v7 build-docker-image-ubi8-amd64: @@ -161,7 +161,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }}-amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:amd64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:amd64-latest platforms: linux/amd64 build-docker-image-ubi8-arm64: @@ -196,7 +196,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:${{ github.sha }}-arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:arm64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_UBI8 }}:arm64-latest platforms: linux/arm64 build-docker-image-amazonlinux-amd64: @@ -231,7 +231,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }}-amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:amd64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:amd64-latest platforms: linux/amd64 build-docker-image-amazonlinux-arm64: @@ -266,7 +266,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:${{ github.sha }}-arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:arm64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_AMAZONLINUX }}:arm64-latest platforms: linux/arm64 build-docker-image-debian-amd64: @@ -301,7 +301,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }}-amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:amd64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:amd64-latest platforms: linux/amd64 build-docker-image-debian-arm64: @@ -336,7 +336,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:${{ github.sha }}-arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:arm64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_DEBIAN }}:arm64-latest platforms: linux/arm64 build-docker-image-fedora-amd64: @@ -371,6 +371,6 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_FEDORA }}:${{ github.sha }}-amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_FEDORA }}:amd64-${{ github.sha }} ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_RELEASE_FEDORA }}:amd64-latest platforms: linux/amd64 From 5faa0ed454f060ab1d05cd1258906feba475df29 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 23 Mar 2023 09:26:52 -0700 Subject: [PATCH 44/68] fix tagging --- .github/workflows/base-images.yml | 18 +++++++++--------- .github/workflows/release.yml | 20 ++++++++++---------- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 06d767c..d1da7ee 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -88,7 +88,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:arm64-${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:arm64-latest platforms: linux/arm64 build-base-docker-image-ubuntu-armv7: runs-on: ubuntu-latest @@ -122,7 +122,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:armv7-${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:armv7 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:armv7-latest platforms: linux/arm/v7 build-base-docker-image-ubi8-amd64: runs-on: ubuntu-latest @@ -154,7 +154,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:amd64-${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:amd64-latest platforms: linux/amd64 build-base-docker-image-ubi8-arm64: runs-on: ubuntu-latest @@ -186,7 +186,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:arm64-${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:arm64-latest platforms: linux/arm64 build-base-docker-image-amazonlinux-amd64: runs-on: ubuntu-latest @@ -218,7 +218,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:amd64-${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:amd64-latest platforms: linux/amd64 build-base-docker-image-amazonlinux-arm64: runs-on: ubuntu-latest @@ -250,7 +250,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:arm64-${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:arm64-latest platforms: linux/arm64 build-base-docker-image-debian-amd64: runs-on: ubuntu-latest @@ -284,7 +284,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:amd64-${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:amd64-latest platforms: linux/amd64 build-base-docker-image-debian-arm64: runs-on: ubuntu-latest @@ -318,7 +318,7 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:arm64-${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:arm64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:arm64-latest platforms: linux/arm64 build-base-docker-image-fedora-amd64: runs-on: ubuntu-latest @@ -350,5 +350,5 @@ jobs: push: true tags: | ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:amd64-${{ github.sha }} - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:amd64 + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:amd64-latest platforms: linux/amd64 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c522d12..e1dfd8d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -52,7 +52,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=ubuntu:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:amd64 + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:amd64-latest context: . push: true tags: | @@ -87,7 +87,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=ubuntu:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:arm64 + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:arm64-latest context: . push: true tags: | @@ -122,7 +122,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=ubuntu:18.04 - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:armv7 + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:armv7-latest context: . push: true tags: | @@ -157,7 +157,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=redhat/ubi8:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:amd64 + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:amd64-latest context: . push: true tags: | @@ -192,7 +192,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=redhat/ubi8:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:arm64 + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:arm64-latest context: . push: true tags: | @@ -227,7 +227,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=amazonlinux:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:amd64 + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:amd64-latest context: . push: true tags: | @@ -262,7 +262,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=amazonlinux:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:arm64 + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:arm64-latest context: . push: true tags: | @@ -297,7 +297,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=debian:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:amd64 + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:amd64-latest context: . push: true tags: | @@ -332,7 +332,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=debian:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:arm64 + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:arm64-latest context: . push: true tags: | @@ -367,7 +367,7 @@ jobs: file: .github/docker-images/Dockerfile build-args: | OS=fedora:latest - BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:amd64 + BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:amd64-latest context: . push: true tags: | From ba09678b27c6e14ea9f2926b8d7267e67fdfd79b Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Fri, 24 Mar 2023 17:08:23 -0700 Subject: [PATCH 45/68] openssl 3.0.8 in release images --- .github/docker-images/Dockerfile | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile index 78d43ce..e0b72b0 100644 --- a/.github/docker-images/Dockerfile +++ b/.github/docker-images/Dockerfile @@ -2,9 +2,21 @@ ARG OS ARG BASE_IMAGE FROM ${BASE_IMAGE} AS deploy +RUN apt update && apt upgrade -y && \ + apt install -y git wget curl make g++ cmake + +WORKDIR /root +RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ + && tar xzvf openssl-3.0.8.tar.gz \ + && cd openssl-3.0.8 \ + && ./config \ + && make depend \ + && make all + ############################################################################### # Copy and build local proxy ############################################################################### +WORKDIR /root COPY . /root/aws-iot-securetunneling-localproxy RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ && cd /root/aws-iot-securetunneling-localproxy/build \ From c2ac27c982d0e8a2f612281892ec547a1cbd2212 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Fri, 24 Mar 2023 17:12:47 -0700 Subject: [PATCH 46/68] fix release image --- .github/docker-images/Dockerfile | 15 +++++++++------ .../base-images/amazonlinux/Dockerfile | 12 ++++++------ .../base-images/debian-ubuntu/Dockerfile | 12 ++++++------ .../docker-images/base-images/fedora/Dockerfile | 12 ++++++------ .github/docker-images/base-images/ubi8/Dockerfile | 12 ++++++------ 5 files changed, 33 insertions(+), 30 deletions(-) diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile index e0b72b0..eddfd08 100644 --- a/.github/docker-images/Dockerfile +++ b/.github/docker-images/Dockerfile @@ -5,7 +5,13 @@ FROM ${BASE_IMAGE} AS deploy RUN apt update && apt upgrade -y && \ apt install -y git wget curl make g++ cmake -WORKDIR /root +WORKDIR /home/dependencies +RUN rm -rf zlib-1.2.13 \ + && rm -rf boost_1_81_0 \ + && rm -rf protobuf-3.17.3 \ + && rm -rf Catch2 \ + + RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ && tar xzvf openssl-3.0.8.tar.gz \ && cd openssl-3.0.8 \ @@ -21,11 +27,8 @@ COPY . /root/aws-iot-securetunneling-localproxy RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ && cd /root/aws-iot-securetunneling-localproxy/build \ && cmake .. \ - && make - -FROM ${OS} AS minimum_size - -COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy /root/bin/localproxy + && make \ + && cp /root/aws-iot-securetunneling-localproxy/build/bin/localproxy /root/bin/localproxy COPY ./.github/docker-images/oss-compliance /root/oss-compliance RUN HOME_DIR=/root \ diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index d8507df..1d5ada3 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -38,12 +38,12 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make install WORKDIR /home/dependencies -RUN git clone https://github.com/openssl/openssl.git && \ - cd openssl && \ - git checkout OpenSSL_1_1_1-stable && \ - ./config && \ - make depend && \ - make all +RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ + && tar xzvf openssl-3.0.8.tar.gz \ + && cd openssl-3.0.8 \ + && ./config \ + && make depend \ + && make all WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ diff --git a/.github/docker-images/base-images/debian-ubuntu/Dockerfile b/.github/docker-images/base-images/debian-ubuntu/Dockerfile index 7791abd..eb34def 100644 --- a/.github/docker-images/base-images/debian-ubuntu/Dockerfile +++ b/.github/docker-images/base-images/debian-ubuntu/Dockerfile @@ -37,12 +37,12 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make install WORKDIR /home/dependencies -RUN git clone https://github.com/openssl/openssl.git && \ - cd openssl && \ - git checkout OpenSSL_1_1_1-stable && \ - ./config && \ - make depend && \ - make all +RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ + && tar xzvf openssl-3.0.8.tar.gz \ + && cd openssl-3.0.8 \ + && ./config \ + && make depend \ + && make all WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ diff --git a/.github/docker-images/base-images/fedora/Dockerfile b/.github/docker-images/base-images/fedora/Dockerfile index 6b7e3f6..ec81ab4 100644 --- a/.github/docker-images/base-images/fedora/Dockerfile +++ b/.github/docker-images/base-images/fedora/Dockerfile @@ -35,12 +35,12 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make install WORKDIR /home/dependencies -RUN git clone https://github.com/openssl/openssl.git && \ - cd openssl && \ - git checkout OpenSSL_1_1_1-stable && \ - ./config && \ - make depend && \ - make all +RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ + && tar xzvf openssl-3.0.8.tar.gz \ + && cd openssl-3.0.8 \ + && ./config \ + && make depend \ + && make all WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index 9f8716c..6c118e3 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -34,12 +34,12 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make install WORKDIR /home/dependencies -RUN git clone https://github.com/openssl/openssl.git && \ - cd openssl && \ - git checkout OpenSSL_1_1_1-stable && \ - ./config && \ - make depend && \ - make all +RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ + && tar xzvf openssl-3.0.8.tar.gz \ + && cd openssl-3.0.8 \ + && ./config \ + && make depend \ + && make all WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ From ba07fa1742ee86540340a1800dbc9447e60b6b5e Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Tue, 28 Mar 2023 10:06:22 -0700 Subject: [PATCH 47/68] get openssl 3 from package manager --- .../docker-images/base-images/amazonlinux/Dockerfile | 10 +--------- .../docker-images/base-images/debian-ubuntu/Dockerfile | 8 -------- .github/docker-images/base-images/ubi8/Dockerfile | 10 +--------- 3 files changed, 2 insertions(+), 26 deletions(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index 1d5ada3..33766cb 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -5,7 +5,7 @@ ARG OPENSSL_CONFIG RUN yum check-update; yum upgrade -y && \ yum install -y git boost-devel autoconf automake \ - wget libtool curl make gcc-c++ unzip cmake3 python-devel openssl11-devel which + wget libtool curl make gcc-c++ unzip cmake3 python-devel openssl-devel which # Install Dependencies @@ -37,14 +37,6 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make && \ make install -WORKDIR /home/dependencies -RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ - && tar xzvf openssl-3.0.8.tar.gz \ - && cd openssl-3.0.8 \ - && ./config \ - && make depend \ - && make all - WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ cd Catch2 && \ diff --git a/.github/docker-images/base-images/debian-ubuntu/Dockerfile b/.github/docker-images/base-images/debian-ubuntu/Dockerfile index eb34def..12b9357 100644 --- a/.github/docker-images/base-images/debian-ubuntu/Dockerfile +++ b/.github/docker-images/base-images/debian-ubuntu/Dockerfile @@ -36,14 +36,6 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make && \ make install -WORKDIR /home/dependencies -RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ - && tar xzvf openssl-3.0.8.tar.gz \ - && cd openssl-3.0.8 \ - && ./config \ - && make depend \ - && make all - WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ cd Catch2 && \ diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index 6c118e3..88c0ed2 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -4,7 +4,7 @@ FROM redhat/ubi8:latest AS base RUN yum -y update \ && yum -y install git autoconf automake \ - wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel + wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel perl-IPC-Cmd RUN mkdir /home/dependencies @@ -33,14 +33,6 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make && \ make install -WORKDIR /home/dependencies -RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ - && tar xzvf openssl-3.0.8.tar.gz \ - && cd openssl-3.0.8 \ - && ./config \ - && make depend \ - && make all - WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ cd Catch2 && \ From f75a94ba84017df1022438dabcc4fa88bbca1351 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Tue, 28 Mar 2023 11:08:10 -0700 Subject: [PATCH 48/68] openssl use static libs --- .github/docker-images/Dockerfile | 25 +++++-------------------- CMakeLists.txt | 1 + 2 files changed, 6 insertions(+), 20 deletions(-) diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile index eddfd08..78d43ce 100644 --- a/.github/docker-images/Dockerfile +++ b/.github/docker-images/Dockerfile @@ -2,33 +2,18 @@ ARG OS ARG BASE_IMAGE FROM ${BASE_IMAGE} AS deploy -RUN apt update && apt upgrade -y && \ - apt install -y git wget curl make g++ cmake - -WORKDIR /home/dependencies -RUN rm -rf zlib-1.2.13 \ - && rm -rf boost_1_81_0 \ - && rm -rf protobuf-3.17.3 \ - && rm -rf Catch2 \ - - -RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ - && tar xzvf openssl-3.0.8.tar.gz \ - && cd openssl-3.0.8 \ - && ./config \ - && make depend \ - && make all - ############################################################################### # Copy and build local proxy ############################################################################### -WORKDIR /root COPY . /root/aws-iot-securetunneling-localproxy RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ && cd /root/aws-iot-securetunneling-localproxy/build \ && cmake .. \ - && make \ - && cp /root/aws-iot-securetunneling-localproxy/build/bin/localproxy /root/bin/localproxy + && make + +FROM ${OS} AS minimum_size + +COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy /root/bin/localproxy COPY ./.github/docker-images/oss-compliance /root/oss-compliance RUN HOME_DIR=/root \ diff --git a/CMakeLists.txt b/CMakeLists.txt index 340e109..e1126db 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -59,6 +59,7 @@ protobuf_generate_cpp(PROTO_SRCS PROTO_HDRS ${PROJECT_SOURCE_DIR}/resources/Mess ######################################### # OpenSSL dependency # ######################################### +set(OPENSSL_USE_STATIC_LIBS TRUE) find_package(OpenSSL REQUIRED) ######################################### From cae8dba8f589d568ee059f73f768ec6764aa044c Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Tue, 28 Mar 2023 14:29:03 -0700 Subject: [PATCH 49/68] remove curl install --- .github/docker-images/base-images/amazonlinux/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index 33766cb..bbd7821 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -5,7 +5,7 @@ ARG OPENSSL_CONFIG RUN yum check-update; yum upgrade -y && \ yum install -y git boost-devel autoconf automake \ - wget libtool curl make gcc-c++ unzip cmake3 python-devel openssl-devel which + wget libtool make gcc-c++ unzip cmake3 python-devel openssl-devel which # Install Dependencies From bcefa19c519c24835bbe17806389ae9b29fade77 Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Wed, 5 Apr 2023 12:08:39 -0700 Subject: [PATCH 50/68] remove symlink for cmake --- .github/docker-images/base-images/amazonlinux/Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index bbd7821..149c0bf 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -9,7 +9,6 @@ RUN yum check-update; yum upgrade -y && \ # Install Dependencies -RUN ln -s /usr/bin/cmake3 /usr/bin/cmake RUN mkdir /home/dependencies WORKDIR /home/dependencies From 113210ead5eb09a4fedb079a2b93044a53184a1a Mon Sep 17 00:00:00 2001 From: Roger Zhong Date: Thu, 13 Apr 2023 18:21:41 -0700 Subject: [PATCH 51/68] temporary solution for ubuntu-bin image --- .github/docker-images/Dockerfile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile index 78d43ce..53663bf 100644 --- a/.github/docker-images/Dockerfile +++ b/.github/docker-images/Dockerfile @@ -5,6 +5,7 @@ FROM ${BASE_IMAGE} AS deploy ############################################################################### # Copy and build local proxy ############################################################################### + COPY . /root/aws-iot-securetunneling-localproxy RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ && cd /root/aws-iot-securetunneling-localproxy/build \ @@ -13,6 +14,10 @@ RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ FROM ${OS} AS minimum_size +RUN apt update && apt upgrade -y && \ + apt install -y ca-certificates && \ + update-ca-certificates + COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy /root/bin/localproxy COPY ./.github/docker-images/oss-compliance /root/oss-compliance From 50781b68e629bb299c4720e13a32e6263e86a194 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 28 Mar 2024 04:23:51 +0000 Subject: [PATCH 52/68] fix ecr image tagging --- .github/workflows/base-images.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 9b67e36..d11d9d4 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -7,9 +7,9 @@ name: Base Image Builds on: push: - branches: ['base-images', 'docker-builds'] + branches: ['main', 'base-images', 'docker-builds'] pull_request: - branches: ['base-images', 'docker-builds'] + branches: ['main', 'base-images', 'docker-builds'] types: [opened, closed] env: @@ -53,7 +53,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}-amd64:latest platforms: linux/amd64 build-base-docker-image-ubuntu-arm64: runs-on: ubuntu-latest @@ -86,7 +86,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}-arm64:latest platforms: linux/arm64 build-base-docker-image-ubuntu-armv7: runs-on: ubuntu-latest @@ -119,7 +119,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}-armv7:latest platforms: linux/arm/v7 build-base-docker-image-ubi8-amd64: runs-on: ubuntu-latest @@ -150,7 +150,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}-amd64:latest platforms: linux/amd64 build-base-docker-image-ubi8-arm64: runs-on: ubuntu-latest @@ -181,7 +181,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}-arm64:latest platforms: linux/arm64 build-base-docker-image-amazonlinux-amd64: runs-on: ubuntu-latest @@ -212,7 +212,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}-amd64:latest platforms: linux/amd64 build-base-docker-image-amazonlinux-arm64: runs-on: ubuntu-latest @@ -243,7 +243,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}-arm64:latest platforms: linux/arm64 build-base-docker-image-debian-amd64: runs-on: ubuntu-latest @@ -276,7 +276,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}-amd64:latest platforms: linux/amd64 build-base-docker-image-debian-arm64: runs-on: ubuntu-latest @@ -309,7 +309,7 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}-arm64:latest platforms: linux/arm64 build-base-docker-image-fedora-amd64: runs-on: ubuntu-latest @@ -340,5 +340,5 @@ jobs: context: . push: true tags: | - ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:latest + ${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}-amd64:latest platforms: linux/amd64 From be636085cb980cb69052a8124a297e1d1614f319 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 28 Mar 2024 05:20:13 +0000 Subject: [PATCH 53/68] fix script error --- .github/docker-images/Dockerfile | 4 ---- .github/docker-images/base-images/debian-ubuntu/Dockerfile | 3 ++- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/docker-images/Dockerfile b/.github/docker-images/Dockerfile index 53663bf..87ed0f3 100644 --- a/.github/docker-images/Dockerfile +++ b/.github/docker-images/Dockerfile @@ -14,10 +14,6 @@ RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ FROM ${OS} AS minimum_size -RUN apt update && apt upgrade -y && \ - apt install -y ca-certificates && \ - update-ca-certificates - COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy /root/bin/localproxy COPY ./.github/docker-images/oss-compliance /root/oss-compliance diff --git a/.github/docker-images/base-images/debian-ubuntu/Dockerfile b/.github/docker-images/base-images/debian-ubuntu/Dockerfile index 84dbc7f..27a4ff2 100644 --- a/.github/docker-images/base-images/debian-ubuntu/Dockerfile +++ b/.github/docker-images/base-images/debian-ubuntu/Dockerfile @@ -5,7 +5,8 @@ FROM ${OS} AS base RUN apt update && apt upgrade -y && \ apt install -y git libboost-all-dev autoconf automake \ - wget libtool curl make g++ unzip cmake libssl-dev python3 + wget libtool curl make g++ unzip cmake libssl-dev python3 \ + ca-certificates && update-ca-certificates # Install Dependencies From 9eeba67dd53c9c603647b07e978c02e0be1a7fb0 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 28 Mar 2024 05:37:06 +0000 Subject: [PATCH 54/68] add manual openssl 3 install --- .../base-images/amazonlinux/Dockerfile | 8 ++++++++ .../base-images/debian-ubuntu/Dockerfile | 8 ++++++++ .../docker-images/base-images/fedora/Dockerfile | 16 ++++++++-------- .../docker-images/base-images/ubi8/Dockerfile | 8 ++++++++ 4 files changed, 32 insertions(+), 8 deletions(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index 419391e..be703e6 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -11,6 +11,14 @@ RUN yum check-update; yum upgrade -y && \ RUN mkdir /home/dependencies +WORKDIR /home/dependencies +RUN wget https://www.openssl.org/source/openssl-3.0.12.tar.gz \ + && tar xzvf openssl-3.0.12.tar.gz \ + && cd openssl-3.0.12 \ + && ./config \ + && make depend \ + && make all + WORKDIR /home/dependencies RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ tar xzvf /tmp/zlib-1.2.13.tar.gz && \ diff --git a/.github/docker-images/base-images/debian-ubuntu/Dockerfile b/.github/docker-images/base-images/debian-ubuntu/Dockerfile index 27a4ff2..0d11289 100644 --- a/.github/docker-images/base-images/debian-ubuntu/Dockerfile +++ b/.github/docker-images/base-images/debian-ubuntu/Dockerfile @@ -12,6 +12,14 @@ RUN apt update && apt upgrade -y && \ RUN mkdir /home/dependencies +WORKDIR /home/dependencies +RUN wget https://www.openssl.org/source/openssl-3.0.12.tar.gz \ + && tar xzvf openssl-3.0.12.tar.gz \ + && cd openssl-3.0.12 \ + && ./config \ + && make depend \ + && make all + WORKDIR /home/dependencies RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ tar xzvf /tmp/zlib-1.2.13.tar.gz && \ diff --git a/.github/docker-images/base-images/fedora/Dockerfile b/.github/docker-images/base-images/fedora/Dockerfile index ed6c64a..35875c9 100644 --- a/.github/docker-images/base-images/fedora/Dockerfile +++ b/.github/docker-images/base-images/fedora/Dockerfile @@ -9,6 +9,14 @@ RUN dnf -y update \ RUN mkdir /home/dependencies +WORKDIR /home/dependencies +RUN wget https://www.openssl.org/source/openssl-3.0.12.tar.gz \ + && tar xzvf openssl-3.0.12.tar.gz \ + && cd openssl-3.0.12 \ + && ./config \ + && make depend \ + && make all + WORKDIR /home/dependencies RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ tar xzvf /tmp/zlib-1.2.13.tar.gz && \ @@ -34,14 +42,6 @@ RUN wget https://github.com/protocolbuffers/protobuf/releases/download/v3.17.3/p make && \ make install -WORKDIR /home/dependencies -RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ - && tar xzvf openssl-3.0.8.tar.gz \ - && cd openssl-3.0.8 \ - && ./config \ - && make depend \ - && make all - WORKDIR /home/dependencies RUN git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git && \ cd Catch2 && \ diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index d4e3f4d..ae19c14 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -8,6 +8,14 @@ RUN yum -y update \ RUN mkdir /home/dependencies +WORKDIR /home/dependencies +RUN wget https://www.openssl.org/source/openssl-3.0.12.tar.gz \ + && tar xzvf openssl-3.0.12.tar.gz \ + && cd openssl-3.0.12 \ + && ./config \ + && make depend \ + && make all + WORKDIR /home/dependencies RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ tar xzvf /tmp/zlib-1.2.13.tar.gz && \ From 0f43a9340b0f06b275a52fd185199d6aed29c7c8 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 28 Mar 2024 05:41:33 +0000 Subject: [PATCH 55/68] add perl dependency --- .github/docker-images/base-images/amazonlinux/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index be703e6..721179c 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -4,7 +4,7 @@ ARG OPENSSL_CONFIG # Install Prerequisites RUN yum check-update; yum upgrade -y && \ - yum install -y git boost-devel autoconf automake libatomic \ + yum install -y git boost-devel autoconf automake libatomic perl-IPC-Cmd \ wget libtool make gcc-c++ unzip cmake3 python-devel openssl-devel which # Install Dependencies From 0d95d6becdcc757c9fe26b7af0fb0cdd288f4967 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 28 Mar 2024 05:45:19 +0000 Subject: [PATCH 56/68] install full perl packagge --- .github/docker-images/base-images/amazonlinux/Dockerfile | 2 +- .github/docker-images/base-images/ubi8/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index 721179c..c74be98 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -4,7 +4,7 @@ ARG OPENSSL_CONFIG # Install Prerequisites RUN yum check-update; yum upgrade -y && \ - yum install -y git boost-devel autoconf automake libatomic perl-IPC-Cmd \ + yum install -y git boost-devel autoconf automake libatomic perl \ wget libtool make gcc-c++ unzip cmake3 python-devel openssl-devel which # Install Dependencies diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index ae19c14..ab2b6c2 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -4,7 +4,7 @@ FROM redhat/ubi8:latest AS base RUN yum -y update \ && yum -y install git autoconf automake \ - wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel perl-IPC-Cmd + wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel perl RUN mkdir /home/dependencies From 31a97f9cc010692a59a50c5e7fb12f6d4300d231 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 28 Mar 2024 06:23:28 +0000 Subject: [PATCH 57/68] test boost 1.84 --- .github/docker-images/base-images/debian-ubuntu/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/docker-images/base-images/debian-ubuntu/Dockerfile b/.github/docker-images/base-images/debian-ubuntu/Dockerfile index 0d11289..94cc41c 100644 --- a/.github/docker-images/base-images/debian-ubuntu/Dockerfile +++ b/.github/docker-images/base-images/debian-ubuntu/Dockerfile @@ -29,9 +29,9 @@ RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2. make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_81_0 && \ + cd boost_1_84_0 && \ ./bootstrap.sh && \ ./b2 install link=static From 6a9e5fbae3509cb928a616345d91e9a58e07096a Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 28 Mar 2024 08:34:39 +0000 Subject: [PATCH 58/68] fix openssl install --- .github/docker-images/base-images/amazonlinux/Dockerfile | 5 ++--- .github/docker-images/base-images/fedora/Dockerfile | 4 ++-- .github/docker-images/base-images/ubi8/Dockerfile | 4 ++-- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index c74be98..e054c69 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -1,5 +1,4 @@ FROM amazonlinux:2023 as base -ARG OPENSSL_CONFIG # Install Prerequisites @@ -16,8 +15,8 @@ RUN wget https://www.openssl.org/source/openssl-3.0.12.tar.gz \ && tar xzvf openssl-3.0.12.tar.gz \ && cd openssl-3.0.12 \ && ./config \ - && make depend \ - && make all + && make \ + && make install WORKDIR /home/dependencies RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ diff --git a/.github/docker-images/base-images/fedora/Dockerfile b/.github/docker-images/base-images/fedora/Dockerfile index 35875c9..fe72ca9 100644 --- a/.github/docker-images/base-images/fedora/Dockerfile +++ b/.github/docker-images/base-images/fedora/Dockerfile @@ -14,8 +14,8 @@ RUN wget https://www.openssl.org/source/openssl-3.0.12.tar.gz \ && tar xzvf openssl-3.0.12.tar.gz \ && cd openssl-3.0.12 \ && ./config \ - && make depend \ - && make all + && make \ + && make install WORKDIR /home/dependencies RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index ab2b6c2..8bfdd52 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -13,8 +13,8 @@ RUN wget https://www.openssl.org/source/openssl-3.0.12.tar.gz \ && tar xzvf openssl-3.0.12.tar.gz \ && cd openssl-3.0.12 \ && ./config \ - && make depend \ - && make all + && make \ + && make install WORKDIR /home/dependencies RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ From 081ff44eb3abf969d57679dee8748a1a259a2dec Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 28 Mar 2024 17:40:34 +0000 Subject: [PATCH 59/68] add includes for gcc13 --- src/Url.cpp | 1 + src/Url.h | 1 + src/config/ConfigFile.cpp | 1 + 3 files changed, 3 insertions(+) diff --git a/src/Url.cpp b/src/Url.cpp index 7542cff..3323706 100644 --- a/src/Url.cpp +++ b/src/Url.cpp @@ -5,6 +5,7 @@ #include #include #include +#include #include #include diff --git a/src/Url.h b/src/Url.h index 81fc932..fa084d3 100644 --- a/src/Url.h +++ b/src/Url.h @@ -3,6 +3,7 @@ #pragma once #include +#include namespace aws { namespace iot { namespace securedtunneling { diff --git a/src/config/ConfigFile.cpp b/src/config/ConfigFile.cpp index 9afb7ca..105ca10 100644 --- a/src/config/ConfigFile.cpp +++ b/src/config/ConfigFile.cpp @@ -25,6 +25,7 @@ #include #include #include +#include #include "ConfigFile.h" From 05954297772e4296dc8983ba81fde44e284cd948 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 28 Mar 2024 18:00:05 +0000 Subject: [PATCH 60/68] add link ldl lib --- CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index e1126db..647b887 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -115,6 +115,7 @@ target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} OpenSSL::SSL) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} OpenSSL::Crypto) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${Boost_STATIC_LIBRARIES}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${Protobuf_LITE_STATIC_LIBRARY}) +target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${CMAKE_DL_LIBS}) set_property(TARGET ${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} APPEND_STRING PROPERTY COMPILE_FLAGS ${CUSTOM_COMPILER_FLAGS}) if(BUILD_TESTS) From 58e1af8c5ac99347910dd62419a3b28e3412731f Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 28 Mar 2024 19:18:31 +0000 Subject: [PATCH 61/68] pin ubuntu version to 22.04 --- .github/workflows/base-images.yml | 4 ++-- CMakeLists.txt | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index 36bd02a..df83185 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -49,7 +49,7 @@ jobs: with: file: .github/docker-images/base-images/debian-ubuntu/Dockerfile build-args: | - OS=ubuntu:latest + OS=ubuntu:22.04 context: . push: true tags: | @@ -83,7 +83,7 @@ jobs: with: file: .github/docker-images/base-images/debian-ubuntu/Dockerfile build-args: | - OS=ubuntu:latest + OS=ubuntu:22.04 context: . push: true tags: | diff --git a/CMakeLists.txt b/CMakeLists.txt index 647b887..d54b8eb 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -124,6 +124,7 @@ if(BUILD_TESTS) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} OpenSSL::Crypto) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${Boost_STATIC_LIBRARIES}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${Protobuf_LITE_STATIC_LIBRARY}) + target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${CMAKE_DL_LIBS}) set_property(TARGET ${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} APPEND_STRING PROPERTY COMPILE_FLAGS ${TEST_COMPILER_FLAGS}) endif(BUILD_TESTS) From 3d93c4cfbb47616e72d92fd1077c45cc0e1ec859 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 28 Mar 2024 22:54:05 +0000 Subject: [PATCH 62/68] upgrade boost to 1.84 in al2023 --- .github/docker-images/base-images/amazonlinux/Dockerfile | 4 ++-- .github/docker-images/base-images/fedora/Dockerfile | 4 ++-- .github/docker-images/base-images/ubi8/Dockerfile | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index e054c69..565e16a 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -27,9 +27,9 @@ RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2. make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_81_0 && \ + cd boost_1_84_0 && \ ./bootstrap.sh && \ ./b2 install link=static diff --git a/.github/docker-images/base-images/fedora/Dockerfile b/.github/docker-images/base-images/fedora/Dockerfile index fe72ca9..3c6e9ce 100644 --- a/.github/docker-images/base-images/fedora/Dockerfile +++ b/.github/docker-images/base-images/fedora/Dockerfile @@ -26,9 +26,9 @@ RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2. make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_81_0 && \ + cd boost_1_84_0 && \ ./bootstrap.sh && \ ./b2 install link=static diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index 8bfdd52..95904a6 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -25,9 +25,9 @@ RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2. make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_81_0 && \ + cd boost_1_84_0 && \ ./bootstrap.sh && \ ./b2 install link=static From 0cec11b29a392aecd8af04b86c34df31aa32b29c Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 28 Mar 2024 23:47:52 +0000 Subject: [PATCH 63/68] rollback boost to 1.81 --- .github/docker-images/base-images/amazonlinux/Dockerfile | 4 ++-- .github/docker-images/base-images/debian-ubuntu/Dockerfile | 4 ++-- .github/docker-images/base-images/fedora/Dockerfile | 4 ++-- .github/docker-images/base-images/ubi8/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index 565e16a..e054c69 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -27,9 +27,9 @@ RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2. make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_84_0 && \ + cd boost_1_81_0 && \ ./bootstrap.sh && \ ./b2 install link=static diff --git a/.github/docker-images/base-images/debian-ubuntu/Dockerfile b/.github/docker-images/base-images/debian-ubuntu/Dockerfile index 94cc41c..0d11289 100644 --- a/.github/docker-images/base-images/debian-ubuntu/Dockerfile +++ b/.github/docker-images/base-images/debian-ubuntu/Dockerfile @@ -29,9 +29,9 @@ RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2. make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_84_0 && \ + cd boost_1_81_0 && \ ./bootstrap.sh && \ ./b2 install link=static diff --git a/.github/docker-images/base-images/fedora/Dockerfile b/.github/docker-images/base-images/fedora/Dockerfile index 3c6e9ce..fe72ca9 100644 --- a/.github/docker-images/base-images/fedora/Dockerfile +++ b/.github/docker-images/base-images/fedora/Dockerfile @@ -26,9 +26,9 @@ RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2. make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_84_0 && \ + cd boost_1_81_0 && \ ./bootstrap.sh && \ ./b2 install link=static diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index 95904a6..8bfdd52 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -25,9 +25,9 @@ RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2. make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_84_0 && \ + cd boost_1_81_0 && \ ./bootstrap.sh && \ ./b2 install link=static From cbd31e57b17a2da1456c24cf5c2bfd0ba061c80e Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Fri, 29 Mar 2024 00:38:13 +0000 Subject: [PATCH 64/68] add specific dockerfiles for building the bin image --- .../base-images/debian-ubuntu/Dockerfile | 4 +-- .../docker-images/base-images/ubi8/Dockerfile | 4 +-- .../bin-images/amazonlinux/Dockerfile | 30 +++++++++++++++++++ .../bin-images/debian-ubuntu/Dockerfile | 27 +++++++++++++++++ .../bin-images/fedora/Dockerfile | 30 +++++++++++++++++++ .../docker-images/bin-images/ubi8/Dockerfile | 30 +++++++++++++++++++ .github/workflows/release.yml | 28 ++++++++--------- 7 files changed, 135 insertions(+), 18 deletions(-) create mode 100644 .github/docker-images/bin-images/amazonlinux/Dockerfile create mode 100644 .github/docker-images/bin-images/debian-ubuntu/Dockerfile create mode 100644 .github/docker-images/bin-images/fedora/Dockerfile create mode 100644 .github/docker-images/bin-images/ubi8/Dockerfile diff --git a/.github/docker-images/base-images/debian-ubuntu/Dockerfile b/.github/docker-images/base-images/debian-ubuntu/Dockerfile index 0d11289..ad22a6d 100644 --- a/.github/docker-images/base-images/debian-ubuntu/Dockerfile +++ b/.github/docker-images/base-images/debian-ubuntu/Dockerfile @@ -17,8 +17,8 @@ RUN wget https://www.openssl.org/source/openssl-3.0.12.tar.gz \ && tar xzvf openssl-3.0.12.tar.gz \ && cd openssl-3.0.12 \ && ./config \ - && make depend \ - && make all + && make \ + && make install WORKDIR /home/dependencies RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2.13.tar.gz && \ diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index 8bfdd52..ecc4509 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -3,8 +3,8 @@ FROM redhat/ubi8:latest AS base # Install Prerequisites RUN yum -y update \ - && yum -y install git autoconf automake \ - wget libtool libatomic curl make gcc-c++ unzip cmake python3 openssl-devel perl + && yum -y install git autoconf automake libatomic \ + wget libtool curl make gcc-c++ unzip cmake python3 openssl-devel perl RUN mkdir /home/dependencies diff --git a/.github/docker-images/bin-images/amazonlinux/Dockerfile b/.github/docker-images/bin-images/amazonlinux/Dockerfile new file mode 100644 index 0000000..776e1de --- /dev/null +++ b/.github/docker-images/bin-images/amazonlinux/Dockerfile @@ -0,0 +1,30 @@ +ARG BASE_IMAGE +FROM ${BASE_IMAGE} AS deploy + +############################################################################### +# Copy and build local proxy +############################################################################### + +COPY . /root/aws-iot-securetunneling-localproxy +RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ + && cd /root/aws-iot-securetunneling-localproxy/build \ + && cmake .. \ + && make + +FROM amazonlinux:2023 AS minimum_size + +COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy /root/bin/localproxy + +COPY ./.github/docker-images/oss-compliance /root/oss-compliance +RUN HOME_DIR=/root \ + && cd ${HOME_DIR}/oss-compliance \ + && chmod +x ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh \ + && chmod +x ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh \ + && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ + && rm -rf ${HOME_DIR}/oss-compliance* + +# OS-specific commands +RUN yum check-update; yum upgrade -y && \ + yum install -y libatomic + +ENTRYPOINT ["/root/bin/localproxy"] \ No newline at end of file diff --git a/.github/docker-images/bin-images/debian-ubuntu/Dockerfile b/.github/docker-images/bin-images/debian-ubuntu/Dockerfile new file mode 100644 index 0000000..87ed0f3 --- /dev/null +++ b/.github/docker-images/bin-images/debian-ubuntu/Dockerfile @@ -0,0 +1,27 @@ +ARG OS +ARG BASE_IMAGE +FROM ${BASE_IMAGE} AS deploy + +############################################################################### +# Copy and build local proxy +############################################################################### + +COPY . /root/aws-iot-securetunneling-localproxy +RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ + && cd /root/aws-iot-securetunneling-localproxy/build \ + && cmake .. \ + && make + +FROM ${OS} AS minimum_size + +COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy /root/bin/localproxy + +COPY ./.github/docker-images/oss-compliance /root/oss-compliance +RUN HOME_DIR=/root \ + && cd ${HOME_DIR}/oss-compliance \ + && chmod +x ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh \ + && chmod +x ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh \ + && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ + && rm -rf ${HOME_DIR}/oss-compliance* + +ENTRYPOINT ["/root/bin/localproxy"] \ No newline at end of file diff --git a/.github/docker-images/bin-images/fedora/Dockerfile b/.github/docker-images/bin-images/fedora/Dockerfile new file mode 100644 index 0000000..6feaae8 --- /dev/null +++ b/.github/docker-images/bin-images/fedora/Dockerfile @@ -0,0 +1,30 @@ +ARG BASE_IMAGE +FROM ${BASE_IMAGE} AS deploy + +############################################################################### +# Copy and build local proxy +############################################################################### + +COPY . /root/aws-iot-securetunneling-localproxy +RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ + && cd /root/aws-iot-securetunneling-localproxy/build \ + && cmake .. \ + && make + +FROM fedora:latest AS minimum_size + +COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy /root/bin/localproxy + +COPY ./.github/docker-images/oss-compliance /root/oss-compliance +RUN HOME_DIR=/root \ + && cd ${HOME_DIR}/oss-compliance \ + && chmod +x ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh \ + && chmod +x ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh \ + && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ + && rm -rf ${HOME_DIR}/oss-compliance* + +# OS-specific commands +RUN dnf -y update \ + && dnf -y install libatomic + +ENTRYPOINT ["/root/bin/localproxy"] \ No newline at end of file diff --git a/.github/docker-images/bin-images/ubi8/Dockerfile b/.github/docker-images/bin-images/ubi8/Dockerfile new file mode 100644 index 0000000..5c343e3 --- /dev/null +++ b/.github/docker-images/bin-images/ubi8/Dockerfile @@ -0,0 +1,30 @@ +ARG BASE_IMAGE +FROM ${BASE_IMAGE} AS deploy + +############################################################################### +# Copy and build local proxy +############################################################################### + +COPY . /root/aws-iot-securetunneling-localproxy +RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ + && cd /root/aws-iot-securetunneling-localproxy/build \ + && cmake .. \ + && make + +FROM redhat/ubi8:latest AS minimum_size + +COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy /root/bin/localproxy + +COPY ./.github/docker-images/oss-compliance /root/oss-compliance +RUN HOME_DIR=/root \ + && cd ${HOME_DIR}/oss-compliance \ + && chmod +x ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh \ + && chmod +x ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh \ + && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ + && rm -rf ${HOME_DIR}/oss-compliance* + +# OS-specific commands +RUN yum check-update; yum upgrade -y && \ + yum install -y libatomic + +ENTRYPOINT ["/root/bin/localproxy"] \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e1dfd8d..69d28aa 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -49,9 +49,9 @@ jobs: - name: Build Ubuntu Release Image uses: docker/build-push-action@v4 with: - file: .github/docker-images/Dockerfile + file: .github/docker-images/bin-images/debian-ubuntu/Dockerfile build-args: | - OS=ubuntu:latest + OS=ubuntu:22.04 BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:amd64-latest context: . push: true @@ -84,9 +84,9 @@ jobs: - name: Build Ubuntu Release Image uses: docker/build-push-action@v4 with: - file: .github/docker-images/Dockerfile + file: .github/docker-images/bin-images/debian-ubuntu/Dockerfile build-args: | - OS=ubuntu:latest + OS=ubuntu:22.04 BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:arm64-latest context: . push: true @@ -119,7 +119,7 @@ jobs: - name: Build ubuntu Release Image uses: docker/build-push-action@v4 with: - file: .github/docker-images/Dockerfile + file: .github/docker-images/bin-images/debian-ubuntu/Dockerfile build-args: | OS=ubuntu:18.04 BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBUNTU }}:armv7-latest @@ -154,7 +154,7 @@ jobs: - name: Build ubi8 Release Image uses: docker/build-push-action@v4 with: - file: .github/docker-images/Dockerfile + file: .github/docker-images/bin-images/ubi8/Dockerfile build-args: | OS=redhat/ubi8:latest BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:amd64-latest @@ -189,7 +189,7 @@ jobs: - name: Build ubi8 Release Image uses: docker/build-push-action@v4 with: - file: .github/docker-images/Dockerfile + file: .github/docker-images/bin-images/ubi8/Dockerfile build-args: | OS=redhat/ubi8:latest BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_UBI8 }}:arm64-latest @@ -224,9 +224,9 @@ jobs: - name: Build amazonlinux Release Image uses: docker/build-push-action@v4 with: - file: .github/docker-images/Dockerfile + file: .github/docker-images/bin-images/amazonlinux/Dockerfile build-args: | - OS=amazonlinux:latest + OS=amazonlinux:2023 BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:amd64-latest context: . push: true @@ -259,9 +259,9 @@ jobs: - name: Build amazonlinux Release Image uses: docker/build-push-action@v4 with: - file: .github/docker-images/Dockerfile + file: .github/docker-images/bin-images/amazonlinux/Dockerfile build-args: | - OS=amazonlinux:latest + OS=amazonlinux:2023 BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_AMAZONLINUX }}:arm64-latest context: . push: true @@ -294,7 +294,7 @@ jobs: - name: Build debian Release Image uses: docker/build-push-action@v4 with: - file: .github/docker-images/Dockerfile + file: .github/docker-images/bin-images/debian-ubuntu/Dockerfile build-args: | OS=debian:latest BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:amd64-latest @@ -329,7 +329,7 @@ jobs: - name: Build debian Release Image uses: docker/build-push-action@v4 with: - file: .github/docker-images/Dockerfile + file: .github/docker-images/bin-images/debian-ubuntu/Dockerfile build-args: | OS=debian:latest BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_DEBIAN }}:arm64-latest @@ -364,7 +364,7 @@ jobs: - name: Build fedora Release Image uses: docker/build-push-action@v4 with: - file: .github/docker-images/Dockerfile + file: .github/docker-images/bin-images/fedora/Dockerfile build-args: | OS=fedora:latest BASE_IMAGE=${{ env.ECR_ACCOUNT_URL }}/${{ env.ECR_BASE_FEDORA }}:amd64-latest From c8ea10c4206f86bfa581d01857d7fba4b8469f98 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Fri, 29 Mar 2024 01:47:06 +0000 Subject: [PATCH 65/68] remove update ca store --- .../docker-images/base-images/debian-ubuntu/Dockerfile | 10 ++++------ .../docker-images/bin-images/amazonlinux/Dockerfile | 2 +- .github/docker-images/bin-images/fedora/Dockerfile | 2 +- .github/docker-images/bin-images/ubi8/Dockerfile | 2 +- 4 files changed, 7 insertions(+), 9 deletions(-) diff --git a/.github/docker-images/base-images/debian-ubuntu/Dockerfile b/.github/docker-images/base-images/debian-ubuntu/Dockerfile index ad22a6d..0650449 100644 --- a/.github/docker-images/base-images/debian-ubuntu/Dockerfile +++ b/.github/docker-images/base-images/debian-ubuntu/Dockerfile @@ -5,17 +5,15 @@ FROM ${OS} AS base RUN apt update && apt upgrade -y && \ apt install -y git libboost-all-dev autoconf automake \ - wget libtool curl make g++ unzip cmake libssl-dev python3 \ - ca-certificates && update-ca-certificates - + wget libtool curl make g++ unzip cmake libssl-dev python3 # Install Dependencies RUN mkdir /home/dependencies WORKDIR /home/dependencies -RUN wget https://www.openssl.org/source/openssl-3.0.12.tar.gz \ - && tar xzvf openssl-3.0.12.tar.gz \ - && cd openssl-3.0.12 \ +RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ + && tar xzvf openssl-3.0.8.tar.gz \ + && cd openssl-3.0.8 \ && ./config \ && make \ && make install diff --git a/.github/docker-images/bin-images/amazonlinux/Dockerfile b/.github/docker-images/bin-images/amazonlinux/Dockerfile index 776e1de..bd875f3 100644 --- a/.github/docker-images/bin-images/amazonlinux/Dockerfile +++ b/.github/docker-images/bin-images/amazonlinux/Dockerfile @@ -25,6 +25,6 @@ RUN HOME_DIR=/root \ # OS-specific commands RUN yum check-update; yum upgrade -y && \ - yum install -y libatomic + yum install -y libatomic libicu ENTRYPOINT ["/root/bin/localproxy"] \ No newline at end of file diff --git a/.github/docker-images/bin-images/fedora/Dockerfile b/.github/docker-images/bin-images/fedora/Dockerfile index 6feaae8..d4e5d3f 100644 --- a/.github/docker-images/bin-images/fedora/Dockerfile +++ b/.github/docker-images/bin-images/fedora/Dockerfile @@ -25,6 +25,6 @@ RUN HOME_DIR=/root \ # OS-specific commands RUN dnf -y update \ - && dnf -y install libatomic + && dnf -y install libatomic libicu ENTRYPOINT ["/root/bin/localproxy"] \ No newline at end of file diff --git a/.github/docker-images/bin-images/ubi8/Dockerfile b/.github/docker-images/bin-images/ubi8/Dockerfile index 5c343e3..02ba6d0 100644 --- a/.github/docker-images/bin-images/ubi8/Dockerfile +++ b/.github/docker-images/bin-images/ubi8/Dockerfile @@ -25,6 +25,6 @@ RUN HOME_DIR=/root \ # OS-specific commands RUN yum check-update; yum upgrade -y && \ - yum install -y libatomic + yum install -y libatomic libicu ENTRYPOINT ["/root/bin/localproxy"] \ No newline at end of file From c73249aa5ba9e7fdc3996f261582eec5f6f49dc5 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Fri, 29 Mar 2024 02:44:04 +0000 Subject: [PATCH 66/68] add os-specfic commands for updating ca-trust store --- .../base-images/amazonlinux/Dockerfile | 4 +-- .../base-images/debian-ubuntu/Dockerfile | 10 +++---- .../base-images/fedora/Dockerfile | 4 +-- .../docker-images/base-images/ubi8/Dockerfile | 4 +-- .../bin-images/debian-ubuntu/Dockerfile | 3 ++ .../bin-images/fedora/Dockerfile | 30 ------------------- .../docker-images/bin-images/ubi8/Dockerfile | 3 +- 7 files changed, 16 insertions(+), 42 deletions(-) delete mode 100644 .github/docker-images/bin-images/fedora/Dockerfile diff --git a/.github/docker-images/base-images/amazonlinux/Dockerfile b/.github/docker-images/base-images/amazonlinux/Dockerfile index e054c69..565e16a 100644 --- a/.github/docker-images/base-images/amazonlinux/Dockerfile +++ b/.github/docker-images/base-images/amazonlinux/Dockerfile @@ -27,9 +27,9 @@ RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2. make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_81_0 && \ + cd boost_1_84_0 && \ ./bootstrap.sh && \ ./b2 install link=static diff --git a/.github/docker-images/base-images/debian-ubuntu/Dockerfile b/.github/docker-images/base-images/debian-ubuntu/Dockerfile index 0650449..5df51cc 100644 --- a/.github/docker-images/base-images/debian-ubuntu/Dockerfile +++ b/.github/docker-images/base-images/debian-ubuntu/Dockerfile @@ -11,9 +11,9 @@ RUN apt update && apt upgrade -y && \ RUN mkdir /home/dependencies WORKDIR /home/dependencies -RUN wget https://www.openssl.org/source/openssl-3.0.8.tar.gz \ - && tar xzvf openssl-3.0.8.tar.gz \ - && cd openssl-3.0.8 \ +RUN wget https://www.openssl.org/source/openssl-3.0.12.tar.gz \ + && tar xzvf openssl-3.0.12.tar.gz \ + && cd openssl-3.0.12 \ && ./config \ && make \ && make install @@ -27,9 +27,9 @@ RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2. make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_81_0 && \ + cd boost_1_84_0 && \ ./bootstrap.sh && \ ./b2 install link=static diff --git a/.github/docker-images/base-images/fedora/Dockerfile b/.github/docker-images/base-images/fedora/Dockerfile index fe72ca9..3c6e9ce 100644 --- a/.github/docker-images/base-images/fedora/Dockerfile +++ b/.github/docker-images/base-images/fedora/Dockerfile @@ -26,9 +26,9 @@ RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2. make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_81_0 && \ + cd boost_1_84_0 && \ ./bootstrap.sh && \ ./b2 install link=static diff --git a/.github/docker-images/base-images/ubi8/Dockerfile b/.github/docker-images/base-images/ubi8/Dockerfile index ecc4509..c93d1e3 100644 --- a/.github/docker-images/base-images/ubi8/Dockerfile +++ b/.github/docker-images/base-images/ubi8/Dockerfile @@ -25,9 +25,9 @@ RUN wget https://github.com/madler/zlib/archive/v1.2.13.tar.gz -O /tmp/zlib-1.2. make install WORKDIR /home/dependencies -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz && \ +RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz && \ tar xzvf /tmp/boost.tar.gz && \ - cd boost_1_81_0 && \ + cd boost_1_84_0 && \ ./bootstrap.sh && \ ./b2 install link=static diff --git a/.github/docker-images/bin-images/debian-ubuntu/Dockerfile b/.github/docker-images/bin-images/debian-ubuntu/Dockerfile index 87ed0f3..805629e 100644 --- a/.github/docker-images/bin-images/debian-ubuntu/Dockerfile +++ b/.github/docker-images/bin-images/debian-ubuntu/Dockerfile @@ -24,4 +24,7 @@ RUN HOME_DIR=/root \ && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ && rm -rf ${HOME_DIR}/oss-compliance* +# OS-specific commands +RUN apt update && apt upgrade -y && apt install -y ca-certificates && update-ca-certificates + ENTRYPOINT ["/root/bin/localproxy"] \ No newline at end of file diff --git a/.github/docker-images/bin-images/fedora/Dockerfile b/.github/docker-images/bin-images/fedora/Dockerfile deleted file mode 100644 index d4e5d3f..0000000 --- a/.github/docker-images/bin-images/fedora/Dockerfile +++ /dev/null @@ -1,30 +0,0 @@ -ARG BASE_IMAGE -FROM ${BASE_IMAGE} AS deploy - -############################################################################### -# Copy and build local proxy -############################################################################### - -COPY . /root/aws-iot-securetunneling-localproxy -RUN mkdir -p /root/aws-iot-securetunneling-localproxy/build \ - && cd /root/aws-iot-securetunneling-localproxy/build \ - && cmake .. \ - && make - -FROM fedora:latest AS minimum_size - -COPY --from=deploy /root/aws-iot-securetunneling-localproxy/build/bin/localproxy /root/bin/localproxy - -COPY ./.github/docker-images/oss-compliance /root/oss-compliance -RUN HOME_DIR=/root \ - && cd ${HOME_DIR}/oss-compliance \ - && chmod +x ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh \ - && chmod +x ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh \ - && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \ - && rm -rf ${HOME_DIR}/oss-compliance* - -# OS-specific commands -RUN dnf -y update \ - && dnf -y install libatomic libicu - -ENTRYPOINT ["/root/bin/localproxy"] \ No newline at end of file diff --git a/.github/docker-images/bin-images/ubi8/Dockerfile b/.github/docker-images/bin-images/ubi8/Dockerfile index 02ba6d0..eca15f2 100644 --- a/.github/docker-images/bin-images/ubi8/Dockerfile +++ b/.github/docker-images/bin-images/ubi8/Dockerfile @@ -25,6 +25,7 @@ RUN HOME_DIR=/root \ # OS-specific commands RUN yum check-update; yum upgrade -y && \ - yum install -y libatomic libicu + yum install -y libatomic libicu ca-certificates && \ + update-ca-trust extract ENTRYPOINT ["/root/bin/localproxy"] \ No newline at end of file From e234f8c3b15ef9433685099776d1773d82752ffb Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Fri, 29 Mar 2024 07:17:03 +0000 Subject: [PATCH 67/68] remove main as trigger branch for base image builds --- .github/workflows/base-images.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/base-images.yml b/.github/workflows/base-images.yml index df83185..007d798 100644 --- a/.github/workflows/base-images.yml +++ b/.github/workflows/base-images.yml @@ -7,9 +7,9 @@ name: Base Image Builds on: push: - branches: ['main', 'base-images', 'docker-builds'] + branches: ['base-images', 'docker-builds'] pull_request: - branches: ['main', 'base-images', 'docker-builds'] + branches: ['base-images', 'docker-builds'] types: [opened, closed] env: From e89066b2b50b2cdf46e6b811215f75ea4928f99f Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Fri, 29 Mar 2024 07:29:47 +0000 Subject: [PATCH 68/68] update README --- README.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7f0f696..ffa3eb1 100644 --- a/README.md +++ b/README.md @@ -36,10 +36,14 @@ You can find them at: #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/fedora-base - amd64 -The release images are minimum size images that include a pre-built binary with no dependencies installed. +The release images are minimum size images that include a pre-built binary with only the necessary shared libs installed. To use the release images, simply pass the localproxy CLI args into the docker run command. Example: + +`docker run --rm -it --network=host public.ecr.aws/aws-iot-securetunneling-localproxy/ubuntu-bin:amd64-latest --region us-east-1 -s 5555 -t ` + +This will automatically pull down the latest docker image and run the localproxy without having to manually install it on your system. These images are tagged with the git commit and corresponding arch. Example: 33879dd7f1500f7b3e56e48ce8b002cd9b0f9e4e-amd64. You can cross-check the git commit sha with the commits in the local proxy repo to see if the binary contains changes added in a specific commit. -You can find them at: +The release images can be found at: #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/ubuntu-bin - amd64/arm64/armv7 #### https://gallery.ecr.aws/aws-iot-securetunneling-localproxy/debian-bin