-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(awscli): Bump AWS CLI and fix install of AWS CLI #5995
Conversation
@@ -23,7 +23,7 @@ RUN apk update \ | |||
openssh-client | |||
|
|||
# AWS CLI | |||
RUN pip install --upgrade awscli==${AWS_CLI_VERSION} s3cmd==${AWS_CLI_S3_CMD} python-magic \ | |||
RUN pip install --upgrade --no-build-isolation awscli==${AWS_CLI_VERSION} s3cmd==${AWS_CLI_S3_CMD} python-magic \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What does --no-build-isolation do?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From what I understand, it prevents some automatic install of some dependencies:
https://stackoverflow.com/questions/62889093/what-does-no-build-isolation-do/62889267#62889267
This was the recommended flag from AWS to get the CLI install working. Whether it's "right" is a different question.
I'll bet testing more shortly BUT getting this out here now while I do that testing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What's broken about the way it is without -no-build-isolation
? We're not using it and haven't seen any problems -- though there could totally still be some.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Additional notes: this seems to be dependent upon which version of python & libs. AKA builds failed on ubuntu. Ubuntu bionic is out of standard support so this MAY not be required UNTIl we start other upgrades.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What breaks is the pip install. Will NOT impact any EXISTING built images and It's PRIMARILY impacting Alpine builds - started in July? due to a dependency of the aws cli pip install. Bionic may not have the issue but bionic is WAY out of date, testing that as well in this. Will LIKELY revert the bionic and do a separate PR with JUST the ubuntu changes.
See: aws/aws-cli#8036 (comment)
This also bumps to a later release of the CLI (used MOSTLY for kubeconfig exec auth & ECR token fetch, so impact should be minimal). Note armory has been using 1.22 of the CLI for quite a while (since 1.28). This PR bumps BOTH ubuntu & slim versions and fixes the ubuntu version to match.