-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
move to amazon linux 2023 and LTS clamav
- Loading branch information
1 parent
2a636a8
commit 193fd19
Showing
3 changed files
with
82 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
#!/usr/bin/env bash | ||
set -e | ||
|
||
echo "building clamav lambda layer..." | ||
uname -m | ||
rm -rf bin | ||
rm -rf lib | ||
rm lambda_layer.zip || true | ||
|
||
yum update -y | ||
amazon-linux-extras install epel -y | ||
yum install -y cpio yum-utils zip | ||
|
||
# extract binaries for clamav, json-c, pcre | ||
mkdir -p /tmp/build | ||
pushd /tmp/build | ||
|
||
# Download the clamav package that includes unrar | ||
curl -L --output clamav-0.103.3-22187.el7.art.x86_64.rpm http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/clamav-0.104.4-27025.el7.art.x86_64.rpm | ||
rpm2cpio clamav-0*.rpm | cpio -vimd | ||
|
||
# Download libcrypt.so.1 | ||
curl -L --output glibc-2.17-317.el7.x86_64.rpm http://mirror.centos.org/centos/7/os/x86_64/Packages/glibc-2.17-317.el7.x86_64.rpm | ||
rpm2cpio glibc*.rpm | cpio -vimd | ||
|
||
# Download other package dependencies | ||
yumdownloader -x \*i686 --archlist=x86_64 clamav clamav-lib clamav-update clamd json-c pcre2 libtool-ltdl libxml2 bzip2-libs xz-libs libprelude gnutls nettle libcurl libnghttp2 libidn2 libssh2 openldap libffi krb5-libs keyutils-libs libunistring cyrus-sasl-lib nss nspr libselinux openssl-libs libcrypt | ||
rpm2cpio clamav-0*.rpm | cpio -vimd | ||
rpm2cpio clamav-lib*.rpm | cpio -vimd | ||
rpm2cpio clamav-update*.rpm | cpio -vimd | ||
rpm2cpio clamd*.rpm | cpio -vimd | ||
rpm2cpio json-c*.rpm | cpio -vimd | ||
rpm2cpio pcre*.rpm | cpio -vimd | ||
rpm2cpio libtool-ltdl*.rpm | cpio -vimd | ||
rpm2cpio libxml2*.rpm | cpio -vimd | ||
rpm2cpio bzip2-libs*.rpm | cpio -vimd | ||
rpm2cpio xz-libs*.rpm | cpio -vimd | ||
rpm2cpio libprelude*.rpm | cpio -vimd | ||
rpm2cpio gnutls*.rpm | cpio -vimd | ||
rpm2cpio nettle*.rpm | cpio -vimd | ||
rpm2cpio libcurl*.rpm | cpio -vimd | ||
rpm2cpio libnghttp2*.rpm | cpio -vimd | ||
rpm2cpio libidn2*.rpm | cpio -vimd | ||
rpm2cpio libssh2*.rpm | cpio -vimd | ||
rpm2cpio openldap*.rpm | cpio -vimd | ||
rpm2cpio libffi*.rpm | cpio -vimd | ||
rpm2cpio krb5-libs*.rpm | cpio -vimd | ||
rpm2cpio keyutils-libs*.rpm | cpio -vimd | ||
rpm2cpio libunistring*.rpm | cpio -vimd | ||
rpm2cpio cyrus-sasl-lib*.rpm | cpio -vimd | ||
rpm2cpio nss*.rpm | cpio -vimd | ||
rpm2cpio nspr*.rpm | cpio -vimd | ||
rpm2cpio libselinux*.rpm | cpio -vimd | ||
rpm2cpio openssl-libs*.rpm | cpio -vimd | ||
rpm2cpio libcrypt*.rpm | cpio -vimd | ||
|
||
# reset the timestamps so that we generate a reproducible zip file where | ||
# running with the same file contents we get the exact same hash even if we | ||
# run the same build on different days | ||
find usr -exec touch -t 200001010000 "{}" \; | ||
popd | ||
|
||
mkdir -p bin lib | ||
|
||
cp /tmp/build/usr/bin/clamscan /tmp/build/usr/bin/freshclam bin/. | ||
cp -R /tmp/build/usr/lib64/* lib/. | ||
cp -R /tmp/build/lib64/* lib/. | ||
cp freshclam.conf bin/freshclam.conf | ||
|
||
zip -r9 lambda_layer.zip bin | ||
zip -r9 lambda_layer.zip lib |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
#!/usr/bin/env bash | ||
|
||
set -e | ||
docker pull amazonlinux:2 | ||
docker run --rm --platform linux/x86_64 -v `pwd`/build:/opt/app amazonlinux:2 /bin/bash -c "cd /opt/app && ./build.sh" | ||
docker pull amazonlinux:2023 | ||
docker run --rm --platform linux/x86_64 -v `pwd`/build:/opt/app amazonlinux:2023 /bin/bash -c "cd /opt/app && ./build.sh" |