diff --git a/API.md b/API.md index fcac365b..1cff6d56 100644 --- a/API.md +++ b/API.md @@ -5385,7 +5385,7 @@ public readonly buildImage: IBuildImage; ``` - *Type:* aws-cdk-lib.aws_codebuild.IBuildImage -- *Default:* Ubuntu 22.04 for x64 and Amazon Linux 2 for ARM64 +- *Default:* Amazon Linux 2023 Build image to use in CodeBuild. diff --git a/src/image-builders/codebuild.ts b/src/image-builders/codebuild.ts index 080441eb..5f0ad325 100644 --- a/src/image-builders/codebuild.ts +++ b/src/image-builders/codebuild.ts @@ -39,7 +39,7 @@ export interface CodeBuildRunnerImageBuilderProps { * * The only action taken in CodeBuild is running `docker build`. You would therefore not need to change this setting often. * - * @default Ubuntu 22.04 for x64 and Amazon Linux 2 for ARM64 + * @default Amazon Linux 2023 */ readonly buildImage?: codebuild.IBuildImage; @@ -111,6 +111,12 @@ export class CodeBuildRunnerImageBuilder extends RunnerImageBuilderBase { removalPolicy: RemovalPolicy.DESTROY, autoDeleteImages: true, lifecycleRules: [ + { + description: 'Remove soci indexes for replaced images', + tagStatus: TagStatus.TAGGED, + tagPrefixList: ['sha256-'], + maxImageCount: 1, + }, { description: 'Remove untagged images that have been replaced by CodeBuild', tagStatus: TagStatus.UNTAGGED, @@ -189,9 +195,9 @@ export class CodeBuildRunnerImageBuilder extends RunnerImageBuilderBase { if (this.os.is(Os.LINUX_UBUNTU) || this.os.is(Os.LINUX_AMAZON_2) || this.os.is(Os.LINUX_AMAZON_2023) || this.os.is(Os.LINUX)) { // CodeBuild just runs `docker build` so its OS doesn't really matter if (this.architecture.is(Architecture.X86_64)) { - return codebuild.LinuxBuildImage.STANDARD_6_0; + return codebuild.LinuxBuildImage.AMAZON_LINUX_2_5; } else if (this.architecture.is(Architecture.ARM64)) { - return codebuild.LinuxArmBuildImage.AMAZON_LINUX_2_STANDARD_2_0; + return codebuild.LinuxArmBuildImage.AMAZON_LINUX_2_STANDARD_3_0; } } if (this.os.is(Os.WINDOWS)) { @@ -250,6 +256,15 @@ export class CodeBuildRunnerImageBuilder extends RunnerImageBuilderBase { private getBuildSpec(repository: ecr.Repository): codebuild.BuildSpec { const thisStack = cdk.Stack.of(this); + let archUrl; + if (this.architecture.is(Architecture.X86_64)) { + archUrl = 'x86_64'; + } else if (this.architecture.is(Architecture.ARM64)) { + archUrl = 'arm64'; + } else { + throw new Error(`Unsupported architecture for required CodeBuild: ${this.architecture.name}`); + } + return codebuild.BuildSpec.fromObject({ version: '0.2', env: { @@ -296,6 +311,12 @@ export class CodeBuildRunnerImageBuilder extends RunnerImageBuilderBase { '}\n' + 'EOF', 'if [ "$RESPONSE_URL" != "unspecified" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H "Content-Type:" -d "@/tmp/payload.json" "$RESPONSE_URL"; fi', + // generate and push soci index + // we do this after finishing the build, so we don't have to wait. it's also not required, so it's ok if it fails + 'docker rmi "$REPO_URI"', // it downloads the image again to /tmp, so save on space + 'LATEST_SOCI_VERSION=`curl -w "%{redirect_url}" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE "[^/]+$"`', + `curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/$\{LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_${archUrl}.tar.gz | tar xz`, + './standalone-soci-indexer "$REPO_URI"', ], }, }, diff --git a/test/default.integ.snapshot/github-runners-test.assets.json b/test/default.integ.snapshot/github-runners-test.assets.json index 1e7fc31f..18e4a2f6 100644 --- a/test/default.integ.snapshot/github-runners-test.assets.json +++ b/test/default.integ.snapshot/github-runners-test.assets.json @@ -235,7 +235,7 @@ } } }, - "69a02763bb60b5f7e6b1e4ec776b10f3d89a63dded64e7e82a3304f6d7aef6f2": { + "5f2631639a35b077e04ba77c64a9a1b3c08ea098e9d67ac8d48eec6f4a55cca9": { "source": { "path": "github-runners-test.template.json", "packaging": "file" @@ -243,7 +243,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "69a02763bb60b5f7e6b1e4ec776b10f3d89a63dded64e7e82a3304f6d7aef6f2.json", + "objectKey": "5f2631639a35b077e04ba77c64a9a1b3c08ea098e9d67ac8d48eec6f4a55cca9.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/test/default.integ.snapshot/github-runners-test.template.json b/test/default.integ.snapshot/github-runners-test.template.json index fff61d16..b4670446 100644 --- a/test/default.integ.snapshot/github-runners-test.template.json +++ b/test/default.integ.snapshot/github-runners-test.template.json @@ -406,7 +406,7 @@ }, "ImageTagMutability": "MUTABLE", "LifecyclePolicy": { - "LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Remove untagged images that have been replaced by CodeBuild\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countNumber\":1,\"countUnit\":\"days\"},\"action\":{\"type\":\"expire\"}}]}" + "LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Remove soci indexes for replaced images\",\"selection\":{\"tagStatus\":\"tagged\",\"tagPrefixList\":[\"sha256-\"],\"countType\":\"imageCountMoreThan\",\"countNumber\":1},\"action\":{\"type\":\"expire\"}},{\"rulePriority\":2,\"description\":\"Remove untagged images that have been replaced by CodeBuild\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countNumber\":1,\"countUnit\":\"days\"},\"action\":{\"type\":\"expire\"}}]}" }, "Tags": [ { @@ -458,7 +458,7 @@ "EncryptionKey": "alias/aws/s3", "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", - "Image": "aws/codebuild/standard:6.0", + "Image": "aws/codebuild/amazonlinux2-x86_64-standard:5.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": true, "Type": "LINUX_CONTAINER" @@ -543,7 +543,7 @@ { "Fn::Sub": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64f83fc47e69ce862669fca14d759c3034fdbed3686b66dcf7bf9ff166f65c68.yml" }, - " asset6-Custom-Undefined-0\",\n \"cat > component6-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component6-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Custom-Undefined-0 FUNDING.yml\\nCOPY component6-Custom-Undefined.sh /tmp\\nRUN /tmp/component6-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\"\n ]\n }\n }\n}" + " asset6-Custom-Undefined-0\",\n \"cat > component6-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component6-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Custom-Undefined-0 FUNDING.yml\\nCOPY component6-Custom-Undefined.sh /tmp\\nRUN /tmp/component6-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\",\n \"docker rmi \\\"$REPO_URI\\\"\",\n \"LATEST_SOCI_VERSION=`curl -w \\\"%{redirect_url}\\\" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE \\\"[^/]+$\\\"`\",\n \"curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/${LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_x86_64.tar.gz | tar xz\",\n \"./standalone-soci-indexer \\\"$REPO_URI\\\"\"\n ]\n }\n }\n}" ] ] }, @@ -725,7 +725,7 @@ { "Fn::Sub": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64f83fc47e69ce862669fca14d759c3034fdbed3686b66dcf7bf9ff166f65c68.yml" }, - " asset6-Custom-Undefined-0\",\n \"cat > component6-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component6-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Custom-Undefined-0 FUNDING.yml\\nCOPY component6-Custom-Undefined.sh /tmp\\nRUN /tmp/component6-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\"\n ]\n }\n }\n}" + " asset6-Custom-Undefined-0\",\n \"cat > component6-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component6-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Custom-Undefined-0 FUNDING.yml\\nCOPY component6-Custom-Undefined.sh /tmp\\nRUN /tmp/component6-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\",\n \"docker rmi \\\"$REPO_URI\\\"\",\n \"LATEST_SOCI_VERSION=`curl -w \\\"%{redirect_url}\\\" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE \\\"[^/]+$\\\"`\",\n \"curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/${LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_x86_64.tar.gz | tar xz\",\n \"./standalone-soci-indexer \\\"$REPO_URI\\\"\"\n ]\n }\n }\n}" ] ] } @@ -1093,7 +1093,7 @@ }, "ImageTagMutability": "MUTABLE", "LifecyclePolicy": { - "LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Remove untagged images that have been replaced by CodeBuild\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countNumber\":1,\"countUnit\":\"days\"},\"action\":{\"type\":\"expire\"}}]}" + "LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Remove soci indexes for replaced images\",\"selection\":{\"tagStatus\":\"tagged\",\"tagPrefixList\":[\"sha256-\"],\"countType\":\"imageCountMoreThan\",\"countNumber\":1},\"action\":{\"type\":\"expire\"}},{\"rulePriority\":2,\"description\":\"Remove untagged images that have been replaced by CodeBuild\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countNumber\":1,\"countUnit\":\"days\"},\"action\":{\"type\":\"expire\"}}]}" }, "Tags": [ { @@ -1145,7 +1145,7 @@ "EncryptionKey": "alias/aws/s3", "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", - "Image": "aws/codebuild/amazonlinux2-aarch64-standard:2.0", + "Image": "aws/codebuild/amazonlinux2-aarch64-standard:3.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": true, "Type": "ARM_CONTAINER" @@ -1230,7 +1230,7 @@ { "Fn::Sub": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64f83fc47e69ce862669fca14d759c3034fdbed3686b66dcf7bf9ff166f65c68.yml" }, - " asset6-Custom-Undefined-0\",\n \"cat > component6-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component6-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Custom-Undefined-0 FUNDING.yml\\nCOPY component6-Custom-Undefined.sh /tmp\\nRUN /tmp/component6-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\"\n ]\n }\n }\n}" + " asset6-Custom-Undefined-0\",\n \"cat > component6-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component6-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Custom-Undefined-0 FUNDING.yml\\nCOPY component6-Custom-Undefined.sh /tmp\\nRUN /tmp/component6-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\",\n \"docker rmi \\\"$REPO_URI\\\"\",\n \"LATEST_SOCI_VERSION=`curl -w \\\"%{redirect_url}\\\" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE \\\"[^/]+$\\\"`\",\n \"curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/${LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_arm64.tar.gz | tar xz\",\n \"./standalone-soci-indexer \\\"$REPO_URI\\\"\"\n ]\n }\n }\n}" ] ] }, @@ -1412,7 +1412,7 @@ { "Fn::Sub": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64f83fc47e69ce862669fca14d759c3034fdbed3686b66dcf7bf9ff166f65c68.yml" }, - " asset6-Custom-Undefined-0\",\n \"cat > component6-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component6-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Custom-Undefined-0 FUNDING.yml\\nCOPY component6-Custom-Undefined.sh /tmp\\nRUN /tmp/component6-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\"\n ]\n }\n }\n}" + " asset6-Custom-Undefined-0\",\n \"cat > component6-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component6-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Custom-Undefined-0 FUNDING.yml\\nCOPY component6-Custom-Undefined.sh /tmp\\nRUN /tmp/component6-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\",\n \"docker rmi \\\"$REPO_URI\\\"\",\n \"LATEST_SOCI_VERSION=`curl -w \\\"%{redirect_url}\\\" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE \\\"[^/]+$\\\"`\",\n \"curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/${LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_arm64.tar.gz | tar xz\",\n \"./standalone-soci-indexer \\\"$REPO_URI\\\"\"\n ]\n }\n }\n}" ] ] } @@ -1676,7 +1676,7 @@ }, "ImageTagMutability": "MUTABLE", "LifecyclePolicy": { - "LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Remove untagged images that have been replaced by CodeBuild\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countNumber\":1,\"countUnit\":\"days\"},\"action\":{\"type\":\"expire\"}}]}" + "LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Remove soci indexes for replaced images\",\"selection\":{\"tagStatus\":\"tagged\",\"tagPrefixList\":[\"sha256-\"],\"countType\":\"imageCountMoreThan\",\"countNumber\":1},\"action\":{\"type\":\"expire\"}},{\"rulePriority\":2,\"description\":\"Remove untagged images that have been replaced by CodeBuild\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countNumber\":1,\"countUnit\":\"days\"},\"action\":{\"type\":\"expire\"}}]}" }, "RepositoryPolicyText": { "Statement": [ @@ -1861,7 +1861,7 @@ "EncryptionKey": "alias/aws/s3", "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", - "Image": "aws/codebuild/standard:6.0", + "Image": "aws/codebuild/amazonlinux2-x86_64-standard:5.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": true, "Type": "LINUX_CONTAINER" @@ -1954,7 +1954,7 @@ { "Fn::Sub": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64f83fc47e69ce862669fca14d759c3034fdbed3686b66dcf7bf9ff166f65c68.yml" }, - " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lambda/nodejs:20-x86_64\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Lambda-Entrypoint-0 ${LAMBDA_TASK_ROOT}/runner.js\\nCOPY asset6-Lambda-Entrypoint-1 ${LAMBDA_TASK_ROOT}/runner.sh\\nCOPY component6-Lambda-Entrypoint.sh /tmp\\nRUN /tmp/component6-Lambda-Entrypoint.sh\\nWORKDIR ${LAMBDA_TASK_ROOT}\\nCMD [\\\"runner.handler\\\"]\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\"\n ]\n }\n }\n}" + " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lambda/nodejs:20-x86_64\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Lambda-Entrypoint-0 ${LAMBDA_TASK_ROOT}/runner.js\\nCOPY asset6-Lambda-Entrypoint-1 ${LAMBDA_TASK_ROOT}/runner.sh\\nCOPY component6-Lambda-Entrypoint.sh /tmp\\nRUN /tmp/component6-Lambda-Entrypoint.sh\\nWORKDIR ${LAMBDA_TASK_ROOT}\\nCMD [\\\"runner.handler\\\"]\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\",\n \"docker rmi \\\"$REPO_URI\\\"\",\n \"LATEST_SOCI_VERSION=`curl -w \\\"%{redirect_url}\\\" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE \\\"[^/]+$\\\"`\",\n \"curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/${LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_x86_64.tar.gz | tar xz\",\n \"./standalone-soci-indexer \\\"$REPO_URI\\\"\"\n ]\n }\n }\n}" ] ] }, @@ -2144,7 +2144,7 @@ { "Fn::Sub": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64f83fc47e69ce862669fca14d759c3034fdbed3686b66dcf7bf9ff166f65c68.yml" }, - " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lambda/nodejs:20-x86_64\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Lambda-Entrypoint-0 ${LAMBDA_TASK_ROOT}/runner.js\\nCOPY asset6-Lambda-Entrypoint-1 ${LAMBDA_TASK_ROOT}/runner.sh\\nCOPY component6-Lambda-Entrypoint.sh /tmp\\nRUN /tmp/component6-Lambda-Entrypoint.sh\\nWORKDIR ${LAMBDA_TASK_ROOT}\\nCMD [\\\"runner.handler\\\"]\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\"\n ]\n }\n }\n}" + " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lambda/nodejs:20-x86_64\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Lambda-Entrypoint-0 ${LAMBDA_TASK_ROOT}/runner.js\\nCOPY asset6-Lambda-Entrypoint-1 ${LAMBDA_TASK_ROOT}/runner.sh\\nCOPY component6-Lambda-Entrypoint.sh /tmp\\nRUN /tmp/component6-Lambda-Entrypoint.sh\\nWORKDIR ${LAMBDA_TASK_ROOT}\\nCMD [\\\"runner.handler\\\"]\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\",\n \"docker rmi \\\"$REPO_URI\\\"\",\n \"LATEST_SOCI_VERSION=`curl -w \\\"%{redirect_url}\\\" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE \\\"[^/]+$\\\"`\",\n \"curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/${LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_x86_64.tar.gz | tar xz\",\n \"./standalone-soci-indexer \\\"$REPO_URI\\\"\"\n ]\n }\n }\n}" ] ] } @@ -4553,7 +4553,7 @@ }, "ImageTagMutability": "MUTABLE", "LifecyclePolicy": { - "LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Remove untagged images that have been replaced by CodeBuild\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countNumber\":1,\"countUnit\":\"days\"},\"action\":{\"type\":\"expire\"}}]}" + "LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Remove soci indexes for replaced images\",\"selection\":{\"tagStatus\":\"tagged\",\"tagPrefixList\":[\"sha256-\"],\"countType\":\"imageCountMoreThan\",\"countNumber\":1},\"action\":{\"type\":\"expire\"}},{\"rulePriority\":2,\"description\":\"Remove untagged images that have been replaced by CodeBuild\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countNumber\":1,\"countUnit\":\"days\"},\"action\":{\"type\":\"expire\"}}]}" }, "Tags": [ { @@ -4605,7 +4605,7 @@ "EncryptionKey": "alias/aws/s3", "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", - "Image": "aws/codebuild/standard:6.0", + "Image": "aws/codebuild/amazonlinux2-x86_64-standard:5.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": true, "Type": "LINUX_CONTAINER" @@ -4690,7 +4690,7 @@ { "Fn::Sub": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64f83fc47e69ce862669fca14d759c3034fdbed3686b66dcf7bf9ff166f65c68.yml" }, - " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-Docker.sh /tmp\\nRUN /tmp/component5-Docker.sh\\n\\nCOPY component6-GithubRunner.sh /tmp\\nRUN /tmp/component6-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\"\n ]\n }\n }\n}" + " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-Docker.sh /tmp\\nRUN /tmp/component5-Docker.sh\\n\\nCOPY component6-GithubRunner.sh /tmp\\nRUN /tmp/component6-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\",\n \"docker rmi \\\"$REPO_URI\\\"\",\n \"LATEST_SOCI_VERSION=`curl -w \\\"%{redirect_url}\\\" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE \\\"[^/]+$\\\"`\",\n \"curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/${LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_x86_64.tar.gz | tar xz\",\n \"./standalone-soci-indexer \\\"$REPO_URI\\\"\"\n ]\n }\n }\n}" ] ] }, @@ -4872,7 +4872,7 @@ { "Fn::Sub": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64f83fc47e69ce862669fca14d759c3034fdbed3686b66dcf7bf9ff166f65c68.yml" }, - " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-Docker.sh /tmp\\nRUN /tmp/component5-Docker.sh\\n\\nCOPY component6-GithubRunner.sh /tmp\\nRUN /tmp/component6-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\"\n ]\n }\n }\n}" + " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-Docker.sh /tmp\\nRUN /tmp/component5-Docker.sh\\n\\nCOPY component6-GithubRunner.sh /tmp\\nRUN /tmp/component6-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\",\n \"docker rmi \\\"$REPO_URI\\\"\",\n \"LATEST_SOCI_VERSION=`curl -w \\\"%{redirect_url}\\\" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE \\\"[^/]+$\\\"`\",\n \"curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/${LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_x86_64.tar.gz | tar xz\",\n \"./standalone-soci-indexer \\\"$REPO_URI\\\"\"\n ]\n }\n }\n}" ] ] } @@ -5136,7 +5136,7 @@ }, "ImageTagMutability": "MUTABLE", "LifecyclePolicy": { - "LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Remove untagged images that have been replaced by CodeBuild\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countNumber\":1,\"countUnit\":\"days\"},\"action\":{\"type\":\"expire\"}}]}" + "LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Remove soci indexes for replaced images\",\"selection\":{\"tagStatus\":\"tagged\",\"tagPrefixList\":[\"sha256-\"],\"countType\":\"imageCountMoreThan\",\"countNumber\":1},\"action\":{\"type\":\"expire\"}},{\"rulePriority\":2,\"description\":\"Remove untagged images that have been replaced by CodeBuild\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countNumber\":1,\"countUnit\":\"days\"},\"action\":{\"type\":\"expire\"}}]}" }, "Tags": [ { @@ -5188,7 +5188,7 @@ "EncryptionKey": "alias/aws/s3", "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", - "Image": "aws/codebuild/amazonlinux2-aarch64-standard:2.0", + "Image": "aws/codebuild/amazonlinux2-aarch64-standard:3.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": true, "Type": "ARM_CONTAINER" @@ -5273,7 +5273,7 @@ { "Fn::Sub": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64f83fc47e69ce862669fca14d759c3034fdbed3686b66dcf7bf9ff166f65c68.yml" }, - " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-Docker.sh /tmp\\nRUN /tmp/component5-Docker.sh\\n\\nCOPY component6-GithubRunner.sh /tmp\\nRUN /tmp/component6-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\"\n ]\n }\n }\n}" + " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-Docker.sh /tmp\\nRUN /tmp/component5-Docker.sh\\n\\nCOPY component6-GithubRunner.sh /tmp\\nRUN /tmp/component6-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\",\n \"docker rmi \\\"$REPO_URI\\\"\",\n \"LATEST_SOCI_VERSION=`curl -w \\\"%{redirect_url}\\\" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE \\\"[^/]+$\\\"`\",\n \"curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/${LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_arm64.tar.gz | tar xz\",\n \"./standalone-soci-indexer \\\"$REPO_URI\\\"\"\n ]\n }\n }\n}" ] ] }, @@ -5455,7 +5455,7 @@ { "Fn::Sub": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64f83fc47e69ce862669fca14d759c3034fdbed3686b66dcf7bf9ff166f65c68.yml" }, - " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-Docker.sh /tmp\\nRUN /tmp/component5-Docker.sh\\n\\nCOPY component6-GithubRunner.sh /tmp\\nRUN /tmp/component6-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\"\n ]\n }\n }\n}" + " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lts/ubuntu:22.04\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-Docker.sh /tmp\\nRUN /tmp/component5-Docker.sh\\n\\nCOPY component6-GithubRunner.sh /tmp\\nRUN /tmp/component6-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\",\n \"docker rmi \\\"$REPO_URI\\\"\",\n \"LATEST_SOCI_VERSION=`curl -w \\\"%{redirect_url}\\\" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE \\\"[^/]+$\\\"`\",\n \"curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/${LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_arm64.tar.gz | tar xz\",\n \"./standalone-soci-indexer \\\"$REPO_URI\\\"\"\n ]\n }\n }\n}" ] ] } @@ -5719,7 +5719,7 @@ }, "ImageTagMutability": "MUTABLE", "LifecyclePolicy": { - "LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Remove untagged images that have been replaced by CodeBuild\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countNumber\":1,\"countUnit\":\"days\"},\"action\":{\"type\":\"expire\"}}]}" + "LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Remove soci indexes for replaced images\",\"selection\":{\"tagStatus\":\"tagged\",\"tagPrefixList\":[\"sha256-\"],\"countType\":\"imageCountMoreThan\",\"countNumber\":1},\"action\":{\"type\":\"expire\"}},{\"rulePriority\":2,\"description\":\"Remove untagged images that have been replaced by CodeBuild\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countNumber\":1,\"countUnit\":\"days\"},\"action\":{\"type\":\"expire\"}}]}" }, "RepositoryPolicyText": { "Statement": [ @@ -5904,7 +5904,7 @@ "EncryptionKey": "alias/aws/s3", "Environment": { "ComputeType": "BUILD_GENERAL1_SMALL", - "Image": "aws/codebuild/amazonlinux2-aarch64-standard:2.0", + "Image": "aws/codebuild/amazonlinux2-aarch64-standard:3.0", "ImagePullCredentialsType": "CODEBUILD", "PrivilegedMode": true, "Type": "ARM_CONTAINER" @@ -5997,7 +5997,7 @@ { "Fn::Sub": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64f83fc47e69ce862669fca14d759c3034fdbed3686b66dcf7bf9ff166f65c68.yml" }, - " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lambda/nodejs:20-arm64\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Lambda-Entrypoint-0 ${LAMBDA_TASK_ROOT}/runner.js\\nCOPY asset6-Lambda-Entrypoint-1 ${LAMBDA_TASK_ROOT}/runner.sh\\nCOPY component6-Lambda-Entrypoint.sh /tmp\\nRUN /tmp/component6-Lambda-Entrypoint.sh\\nWORKDIR ${LAMBDA_TASK_ROOT}\\nCMD [\\\"runner.handler\\\"]\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\"\n ]\n }\n }\n}" + " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lambda/nodejs:20-arm64\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Lambda-Entrypoint-0 ${LAMBDA_TASK_ROOT}/runner.js\\nCOPY asset6-Lambda-Entrypoint-1 ${LAMBDA_TASK_ROOT}/runner.sh\\nCOPY component6-Lambda-Entrypoint.sh /tmp\\nRUN /tmp/component6-Lambda-Entrypoint.sh\\nWORKDIR ${LAMBDA_TASK_ROOT}\\nCMD [\\\"runner.handler\\\"]\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\",\n \"docker rmi \\\"$REPO_URI\\\"\",\n \"LATEST_SOCI_VERSION=`curl -w \\\"%{redirect_url}\\\" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE \\\"[^/]+$\\\"`\",\n \"curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/${LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_arm64.tar.gz | tar xz\",\n \"./standalone-soci-indexer \\\"$REPO_URI\\\"\"\n ]\n }\n }\n}" ] ] }, @@ -6187,7 +6187,7 @@ { "Fn::Sub": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/64f83fc47e69ce862669fca14d759c3034fdbed3686b66dcf7bf9ff166f65c68.yml" }, - " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lambda/nodejs:20-arm64\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Lambda-Entrypoint-0 ${LAMBDA_TASK_ROOT}/runner.js\\nCOPY asset6-Lambda-Entrypoint-1 ${LAMBDA_TASK_ROOT}/runner.sh\\nCOPY component6-Lambda-Entrypoint.sh /tmp\\nRUN /tmp/component6-Lambda-Entrypoint.sh\\nWORKDIR ${LAMBDA_TASK_ROOT}\\nCMD [\\\"runner.handler\\\"]\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\"\n ]\n }\n }\n}" + " asset7-Custom-Undefined-0\",\n \"cat > component7-Custom-Undefined.sh <<'EOFGITHUBRUNNERSDOCKERFILE'\\n#!/bin/bash\\nset -exuo pipefail\\ntouch /custom-file\\nmkdir /custom-dir\\nmv FUNDING.yml /custom-dir\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"chmod +x component7-Custom-Undefined.sh\",\n \"cat > Dockerfile <<'EOFGITHUBRUNNERSDOCKERFILE'\\nFROM public.ecr.aws/lambda/nodejs:20-arm64\\nVOLUME /var/lib/docker\\nCOPY component0-RequiredPackages.sh /tmp\\nRUN /tmp/component0-RequiredPackages.sh\\n\\nCOPY component1-RunnerUser.sh /tmp\\nRUN /tmp/component1-RunnerUser.sh\\n\\nCOPY component2-Git.sh /tmp\\nRUN /tmp/component2-Git.sh\\n\\nCOPY component3-GithubCli.sh /tmp\\nRUN /tmp/component3-GithubCli.sh\\n\\nCOPY component4-AwsCli.sh /tmp\\nRUN /tmp/component4-AwsCli.sh\\n\\nCOPY component5-GithubRunner.sh /tmp\\nRUN /tmp/component5-GithubRunner.sh\\nENV RUNNER_VERSION=latest\\nCOPY asset6-Lambda-Entrypoint-0 ${LAMBDA_TASK_ROOT}/runner.js\\nCOPY asset6-Lambda-Entrypoint-1 ${LAMBDA_TASK_ROOT}/runner.sh\\nCOPY component6-Lambda-Entrypoint.sh /tmp\\nRUN /tmp/component6-Lambda-Entrypoint.sh\\nWORKDIR ${LAMBDA_TASK_ROOT}\\nCMD [\\\"runner.handler\\\"]\\nCOPY asset7-Custom-Undefined-0 FUNDING.yml\\nCOPY component7-Custom-Undefined.sh /tmp\\nRUN /tmp/component7-Custom-Undefined.sh\\n\\n\\nEOFGITHUBRUNNERSDOCKERFILE\",\n \"docker build --progress plain . -t \\\"$REPO_URI\\\"\",\n \"docker push \\\"$REPO_URI\\\"\"\n ]\n },\n \"post_build\": {\n \"commands\": [\n \"rm -f codebuild-log.sh && STATUS=\\\"SUCCESS\\\"\",\n \"if [ $CODEBUILD_BUILD_SUCCEEDING -ne 1 ]; then STATUS=\\\"FAILED\\\"; fi\",\n \"cat < /tmp/payload.json\\n{\\n \\\"StackId\\\": \\\"$STACK_ID\\\",\\n \\\"RequestId\\\": \\\"$REQUEST_ID\\\",\\n \\\"LogicalResourceId\\\": \\\"$LOGICAL_RESOURCE_ID\\\",\\n \\\"PhysicalResourceId\\\": \\\"$REPO_ARN\\\",\\n \\\"Status\\\": \\\"$STATUS\\\",\\n \\\"Reason\\\": `sed 's/[^[:print:]]//g' /tmp/codebuild.log | tail -c 400 | jq -Rsa .`,\\n \\\"Data\\\": {\\\"Random\\\": \\\"$RANDOM\\\"}\\n}\\nEOF\",\n \"if [ \\\"$RESPONSE_URL\\\" != \\\"unspecified\\\" ]; then jq . /tmp/payload.json; curl -fsSL -X PUT -H \\\"Content-Type:\\\" -d \\\"@/tmp/payload.json\\\" \\\"$RESPONSE_URL\\\"; fi\",\n \"docker rmi \\\"$REPO_URI\\\"\",\n \"LATEST_SOCI_VERSION=`curl -w \\\"%{redirect_url}\\\" -fsS https://github.com/CloudSnorkel/standalone-soci-indexer/releases/latest | grep -oE \\\"[^/]+$\\\"`\",\n \"curl -fsSL https://github.com/CloudSnorkel/standalone-soci-indexer/releases/download/${LATEST_SOCI_VERSION}/standalone-soci-indexer_Linux_arm64.tar.gz | tar xz\",\n \"./standalone-soci-indexer \\\"$REPO_URI\\\"\"\n ]\n }\n }\n}" ] ] }