-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathroot_install.sh
More file actions
executable file
·59 lines (50 loc) · 2.57 KB
/
root_install.sh
File metadata and controls
executable file
·59 lines (50 loc) · 2.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
#!/usr/bin/env bash
set -euo pipefail
export DEBIAN_FRONTEND=noninteractive
# Add amd64 architecture if on arm64
if [ "$TARGETARCH" == "arm64" ] || [ "$TARGETARCH" == "aarch64" ]; then
echo "Adding amd64 architecture support"
dpkg --add-architecture amd64
# Update sources.list to include amd64 repositories
echo "Configuring sources.list for amd64 and arm64"
sed -i.bak '/^deb / s|http://ports.ubuntu.com/ubuntu-ports|[arch=arm64] http://ports.ubuntu.com/ubuntu-ports|' /etc/apt/sources.list
# shellcheck disable=SC2129
echo "deb [arch=amd64] http://archive.ubuntu.com/ubuntu jammy main universe" >> /etc/apt/sources.list
echo "deb [arch=amd64] http://archive.ubuntu.com/ubuntu jammy-updates main universe" >> /etc/apt/sources.list
echo "deb [arch=amd64] http://archive.ubuntu.com/ubuntu jammy-security main universe" >> /etc/apt/sources.list
fi
# update and upgrade packages
echo "Running apt-get update"
apt-get update
apt-get upgrade -y
# install necessary libraries for asdf and language runtimes
echo "Installing necessary packages"
apt-get -y install --no-install-recommends htop vim curl git build-essential \
libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev libbz2-dev \
zlib1g-dev unixodbc unixodbc-dev libsecret-1-0 libsecret-1-dev libsqlite3-dev \
jq apt-transport-https ca-certificates gnupg-agent \
software-properties-common bash-completion make parallel \
libreadline-dev wget llvm libncurses5-dev libncursesw5-dev \
xz-utils tk-dev liblzma-dev netcat-traditional libyaml-dev uuid-runtime xxd unzip
# install AWS SAM CLI
VERSION="${SAM_VERSION}" "${SCRIPTS_DIR}/${CONTAINER_NAME}/install_aws_sam_cli.sh"
# Install ASDF
VERSION="${ASDF_VERSION}" "${SCRIPTS_DIR}/${CONTAINER_NAME}/install_asdf.sh"
# install gitleaks
VERSION="${GITLEAKS_VERSION}" "${SCRIPTS_DIR}/${CONTAINER_NAME}/install_gitleaks.sh"
# install shellcheck
VERSION="${SHELLCHECK_VERSION}" "${SCRIPTS_DIR}/${CONTAINER_NAME}/install_shellcheck.sh"
# install direnv
VERSION="${DIRENV_VERSION}" "${SCRIPTS_DIR}/${CONTAINER_NAME}/install_direnv.sh"
# install yq
VERSION="${YQ_VERSION}" "${SCRIPTS_DIR}/${CONTAINER_NAME}/install_yq.sh"
# get cfn-guard ruleset
tmp_dir="$(mktemp -d)"
trap 'rm -rf "${tmp_dir}"' EXIT
download_file="${tmp_dir}/ruleset.zip"
curl -fsSL "https://github.com/aws-cloudformation/aws-guard-rules-registry/releases/download/1.0.2/ruleset-build-v1.0.2.zip" -o "${download_file}"
mkdir -p "${SCRIPTS_DIR}/cfnguard_rulesets"
unzip "${download_file}" -d "${SCRIPTS_DIR}/cfnguard_rulesets"
# clean up
apt-get clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*