Skip to content

Testing alpine and debian slim #284

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
kylekthompson wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Testing alpine and debian slim #284

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7685d8e
Add debian-trixie-slim and alpine-latest configs
kylekthompson Nov 13, 2025
d7338c5
Bump the versions so CI works
kylekthompson Nov 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions aws/assume-role/rwx-ci-cd.config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
---
tests:
- key: alpine-latest
template: rwx-ci-cd.template.yml
base:
image: alpine:latest
config: none
- key: debian-trixie-slim
template: rwx-ci-cd.template.yml
base:
image: debian:trixie-slim
config: none
148 changes: 74 additions & 74 deletions aws/assume-role/rwx-package.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,100 +1,100 @@
---
name: aws/assume-role
version: 2.0.6
version: 2.0.7
description: Assume an AWS role
source_code_url: https://github.com/rwx-cloud/packages/tree/main/aws/assume-role
issue_tracker_url: https://github.com/rwx-cloud/packages/issues

parameters:
region:
description: "The AWS region (e.g. us-east-2)."
description: The AWS region (e.g. us-east-2).
required: true
role-to-assume:
description: "The ARN of the AWS role to be assumed (e.g. arn:aws:iam::your-account-id:role/your-role)."
description: The ARN of the AWS role to be assumed (e.g. arn:aws:iam::your-account-id:role/your-role).
required: true
role-duration-seconds:
description: "The role duration in seconds."
description: The role duration in seconds.
default: 900
role-session-name:
description: "The name of the session."
description: The name of the session.
required: false
profile-name:
description: "The profile under which the credentials will be configured."
default: "default"
description: The profile under which the credentials will be configured.
default: default
oidc-token-env-var:
description: "The environment variable that contains the OIDC token."
default: "AWS_OIDC_TOKEN"
description: The environment variable that contains the OIDC token.
default: AWS_OIDC_TOKEN
role-chaining:
description: "Enable role chaining."
description: Enable role chaining.
default: false
source-profile-name:
description: "The profile used to assume the chained role (only used with role-chaining is enabled)."
default: "default"

description: The profile used to assume the chained role (only used with role-chaining
is enabled).
default: default
tasks:
- key: produce-assume-role-hooks
run: |
set -ueo pipefail
- key: produce-assume-role-hooks
run: |
set -ueo pipefail

if [[ "${{ params.role-chaining}}" == "false" ]]; then
BEFORE_HOOK_TEMPLATE="$RWX_PACKAGES_PATH/assume-role.template.txt"
BEFORE_HOOK="$RWX_HOOKS_BEFORE_TASK/aws-assume-role--assume-${{ params.profile-name }}.sh"
AFTER_HOOK="$RWX_HOOKS_AFTER_TASK/aws-assume-role--assume-${{ params.profile-name }}.sh"
if [[ "${{ params.role-chaining}}" == "false" ]]; then
BEFORE_HOOK_TEMPLATE="$RWX_PACKAGES_PATH/assume-role.template.txt"
BEFORE_HOOK="$RWX_HOOKS_BEFORE_TASK/aws-assume-role--assume-${{ params.profile-name }}.sh"
AFTER_HOOK="$RWX_HOOKS_AFTER_TASK/aws-assume-role--assume-${{ params.profile-name }}.sh"

awk \
-v REGION="${{ params.region }}" \
-v ROLE_TO_ASSUME="${{ params.role-to-assume }}" \
-v ROLE_DURATION_SECONDS="${{ params.role-duration-seconds }}" \
-v ROLE_SESSION_NAME="${{ params.role-session-name }}" \
-v PROFILE_NAME="${{ params.profile-name }}" \
-v OIDC_TOKEN_ENV_VAR="${{ params.oidc-token-env-var }}" \
'{
gsub("%{{REGION}}", REGION);
gsub("%{{ROLE_TO_ASSUME}}", ROLE_TO_ASSUME);
gsub("%{{ROLE_DURATION_SECONDS}}", ROLE_DURATION_SECONDS);
gsub("%{{ROLE_SESSION_NAME}}", ROLE_SESSION_NAME);
gsub("%{{PROFILE_NAME}}", PROFILE_NAME);
gsub("%{{OIDC_TOKEN_ENV_VAR}}", OIDC_TOKEN_ENV_VAR);
print
}' "$BEFORE_HOOK_TEMPLATE" > $BEFORE_HOOK
awk \
-v REGION="${{ params.region }}" \
-v ROLE_TO_ASSUME="${{ params.role-to-assume }}" \
-v ROLE_DURATION_SECONDS="${{ params.role-duration-seconds }}" \
-v ROLE_SESSION_NAME="${{ params.role-session-name }}" \
-v PROFILE_NAME="${{ params.profile-name }}" \
-v OIDC_TOKEN_ENV_VAR="${{ params.oidc-token-env-var }}" \
'{
gsub("%{{REGION}}", REGION);
gsub("%{{ROLE_TO_ASSUME}}", ROLE_TO_ASSUME);
gsub("%{{ROLE_DURATION_SECONDS}}", ROLE_DURATION_SECONDS);
gsub("%{{ROLE_SESSION_NAME}}", ROLE_SESSION_NAME);
gsub("%{{PROFILE_NAME}}", PROFILE_NAME);
gsub("%{{OIDC_TOKEN_ENV_VAR}}", OIDC_TOKEN_ENV_VAR);
print
}' "$BEFORE_HOOK_TEMPLATE" > $BEFORE_HOOK

else
BEFORE_HOOK_TEMPLATE="$RWX_PACKAGES_PATH/chain-role.template.txt"
ROLE_TO_ASSUME_HASH=$(echo -n "${{ params.role-to-assume }}" | sha1sum | awk '{print $1}')
BEFORE_HOOK="$RWX_HOOKS_BEFORE_TASK/aws-assume-role--chain-${{ params.profile-name }}--$ROLE_TO_ASSUME_HASH.sh"
AFTER_HOOK="$RWX_HOOKS_AFTER_TASK/aws-assume-role--chain-${{ params.profile-name }}--$ROLE_TO_ASSUME_HASH.sh"
else
BEFORE_HOOK_TEMPLATE="$RWX_PACKAGES_PATH/chain-role.template.txt"
ROLE_TO_ASSUME_HASH=$(echo -n "${{ params.role-to-assume }}" | sha1sum | awk '{print $1}')
BEFORE_HOOK="$RWX_HOOKS_BEFORE_TASK/aws-assume-role--chain-${{ params.profile-name }}--$ROLE_TO_ASSUME_HASH.sh"
AFTER_HOOK="$RWX_HOOKS_AFTER_TASK/aws-assume-role--chain-${{ params.profile-name }}--$ROLE_TO_ASSUME_HASH.sh"

awk \
-v REGION="${{ params.region }}" \
-v ROLE_TO_ASSUME="${{ params.role-to-assume }}" \
-v ROLE_DURATION_SECONDS="${{ params.role-duration-seconds }}" \
-v ROLE_SESSION_NAME="${{ params.role-session-name }}" \
-v PROFILE_NAME="${{ params.profile-name }}" \
-v SOURCE_PROFILE_NAME="${{ params.source-profile-name }}" \
'{
gsub("%{{REGION}}", REGION);
gsub("%{{ROLE_TO_ASSUME}}", ROLE_TO_ASSUME);
gsub("%{{ROLE_DURATION_SECONDS}}", ROLE_DURATION_SECONDS);
gsub("%{{ROLE_SESSION_NAME}}", ROLE_SESSION_NAME);
gsub("%{{PROFILE_NAME}}", PROFILE_NAME);
gsub("%{{SOURCE_PROFILE_NAME}}", SOURCE_PROFILE_NAME);
print
}' "$BEFORE_HOOK_TEMPLATE" > $BEFORE_HOOK
fi
awk \
-v REGION="${{ params.region }}" \
-v ROLE_TO_ASSUME="${{ params.role-to-assume }}" \
-v ROLE_DURATION_SECONDS="${{ params.role-duration-seconds }}" \
-v ROLE_SESSION_NAME="${{ params.role-session-name }}" \
-v PROFILE_NAME="${{ params.profile-name }}" \
-v SOURCE_PROFILE_NAME="${{ params.source-profile-name }}" \
'{
gsub("%{{REGION}}", REGION);
gsub("%{{ROLE_TO_ASSUME}}", ROLE_TO_ASSUME);
gsub("%{{ROLE_DURATION_SECONDS}}", ROLE_DURATION_SECONDS);
gsub("%{{ROLE_SESSION_NAME}}", ROLE_SESSION_NAME);
gsub("%{{PROFILE_NAME}}", PROFILE_NAME);
gsub("%{{SOURCE_PROFILE_NAME}}", SOURCE_PROFILE_NAME);
print
}' "$BEFORE_HOOK_TEMPLATE" > $BEFORE_HOOK
fi

bash -n $BEFORE_HOOK || { echo "Generated before hook script has syntax errors."; exit 1; }
bash -n $BEFORE_HOOK || { echo "Generated before hook script has syntax errors."; exit 1; }

cat <<'EOF' > $AFTER_HOOK
set -ueo pipefail
AWS_SKIP_AUTH="${AWS_SKIP_AUTH:-}"
if [ -n "$AWS_SKIP_AUTH" ]; then
echo "AWS_SKIP_AUTH is set, the aws/assume-role hook has been skipped."
exit 0
fi
echo 'Removing aws credentials'
if [ -f ~/.aws/credentials ]; then
rm ~/.aws/credentials
fi
EOF
cat <<'EOF' > $AFTER_HOOK
set -ueo pipefail
AWS_SKIP_AUTH="${AWS_SKIP_AUTH:-}"
if [ -n "$AWS_SKIP_AUTH" ]; then
echo "AWS_SKIP_AUTH is set, the aws/assume-role hook has been skipped."
exit 0
fi
echo 'Removing aws credentials'
if [ -f ~/.aws/credentials ]; then
rm ~/.aws/credentials
fi
EOF

chmod +x $BEFORE_HOOK
chmod +x $AFTER_HOOK
chmod +x $BEFORE_HOOK
chmod +x $AFTER_HOOK
62 changes: 35 additions & 27 deletions aws/install-cli/rwx-ci-cd.config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,28 +1,36 @@
---
tests:
- key: ubuntu-22-04-x86-64-1-1
template: rwx-ci-cd.template.yml
base:
os: ubuntu 22.04
tag: 1.1
arch: x86_64

- key: ubuntu-22-04-arm64-1-1
template: rwx-ci-cd.template.yml
base:
os: ubuntu 22.04
tag: 1.1
arch: arm64

- key: ubuntu-24-04-x86-64-1-2
template: rwx-ci-cd.template.yml
base:
os: ubuntu 24.04
tag: 1.2
arch: x86_64

- key: ubuntu-24-04-arm64-1-2
template: rwx-ci-cd.template.yml
base:
os: ubuntu 24.04
tag: 1.2
arch: arm64
- key: ubuntu-22-04-x86-64-1-1
template: rwx-ci-cd.template.yml
base:
os: ubuntu 22.04
tag: 1.1
arch: x86_64
- key: ubuntu-22-04-arm64-1-1
template: rwx-ci-cd.template.yml
base:
os: ubuntu 22.04
tag: 1.1
arch: arm64
- key: ubuntu-24-04-x86-64-1-2
template: rwx-ci-cd.template.yml
base:
os: ubuntu 24.04
tag: 1.2
arch: x86_64
- key: ubuntu-24-04-arm64-1-2
template: rwx-ci-cd.template.yml
base:
os: ubuntu 24.04
tag: 1.2
arch: arm64
- key: alpine-latest
template: rwx-ci-cd.template.yml
base:
image: alpine:latest
config: none
- key: debian-trixie-slim
template: rwx-ci-cd.template.yml
base:
image: debian:trixie-slim
config: none
Loading