Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

generate bottlerocket rpm inventory file to share with host containers #1996

Merged
merged 3 commits into from
Mar 23, 2022
Merged

generate bottlerocket rpm inventory file to share with host containers #1996

merged 3 commits into from
Mar 23, 2022

Conversation

jpculp
Copy link
Member

@jpculp jpculp commented Mar 15, 2022
edited
Loading

Description of changes:

This grants host containers context to the underlying Bottlerocket OS packages by generating a JSON-formatted inventory file at the time of RPM install and mounting it as read-only to /var/lib/bottlerocket/inventory/application.json.

Testing done:

  • Built aws-k8s-1.21 instance.
  • cat mounted file in both the control and admin host containers.

Example output:

https://gist.github.com/jpculp/c1aa3142ce8917eeec47fc170f74873d

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.

@jpculp jpculp requested review from bcressey and cbgbt March 15, 2022 00:58
@jpculp jpculp force-pushed the app-inventory branch 2 times, most recently from 3e30dbf to 0dd5256 Compare March 17, 2022 19:17
@jpculp jpculp marked this pull request as ready for review March 17, 2022 19:18
@cbgbt
Copy link
Contributor

cbgbt commented Mar 18, 2022

Do you mind sharing an example inventory file as a gist?

bcressey
bcressey reviewed Mar 22, 2022
View reviewed changes
tools/rpm2img Outdated Show resolved Hide resolved
@misterek
Copy link

Out of curiosity, is there any chance that this might be a way to make some progress toward: #848 ?

@jpculp
Copy link
Member Author

jpculp commented Mar 23, 2022

This particular PR is to help support SSM inventories, but the file is generic enough to be used elsewhere. Separately, we are working with AWS Inspector to add support for Bottlerocket.

@jpculp
build: inventory installed packages
e0730a3 
This adds logic to `rpm2img` to generate an inventory of the installed
rpms to `/usr/share/bottlerocket/application-inventory.json`.
@jpculp
host-ctr: share inventory of installed packages with host containers
97530bc
@jpculp
Copy link
Member Author

jpculp commented Mar 23, 2022

  • Replaced sed logic with jq sub.
  • Split up transforms to make it easier to read (and add future ones).
  • Fixed incorrect architecture in cross-compiled builds.
  • Removed extraneous error-checking.

cbgbt
cbgbt approved these changes Mar 23, 2022
View reviewed changes
Copy link
Contributor

@cbgbt cbgbt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

@jpculp jpculp merged commit 7e0a918 into bottlerocket-os:develop Mar 23, 2022
@jpculp jpculp deleted the app-inventory branch March 23, 2022 23:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cbgbt cbgbt cbgbt approved these changes

@bcressey bcressey bcressey approved these changes

@webern webern Awaiting requested review from webern

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@jpculp @cbgbt @misterek @bcressey @webern