Bump amazon-ssm-agent to 3.1.1208.0

[jkroepke]

Bump amazon-ssm-agent to 3.1.1208.0

Bump amazon-ssm-agent to 3.1.1208.0

How to use

To validate this PR, run ebuild.

In case integration tests are required, a flatcar image containing this ebuild needs to be run on a EC2 instance.

Testing done

# ebuild amazon-ssm-agent-3.1.1208.0.ebuild install
# find /var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr/share
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr/share/oem
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr/share/oem/ssm
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr/share/oem/ssm/amazon-ssm-agent.json.template
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr/share/oem/ssm/seelog.xml.template
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr/share/oem/bin
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr/share/oem/bin/ssm-cli
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr/share/oem/bin/ssm-session-worker
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr/share/oem/bin/ssm-document-worker
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr/share/oem/bin/amazon-ssm-agent
/var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr/share/oem/bin/ssm-session-logger
# /var/tmp/portage/app-emulation/amazon-ssm-agent-3.1.1208.0/image/usr/share/oem/bin/ssm-cli
usage: ssm-cli [options] <command> [subcommand1 subcommand2...] [parameters]
To see help text, you can run:

  ssm-cli help
  ssm-cli <command> help
  ssm-cli <command> <subcommand> help

• Changelog entries added in the respective changelog/ directory (user-facing change, bug fix, security fix, update)

It looks like https://github.com/flatcar-linux/coreos-overlay/blob/main/dev-lang/go/go-1.12.17-r1.ebuild can also drop after merge.

Upstream is using go 1.17, too. aws/amazon-ssm-agent@8d1f6de

[jkroepke]

Hold this until aws/amazon-ssm-agent#439 is merged and released.

[krnowak]

@jkroepke: Thanks for the PR! If it takes too much time to get the patch upstream, then we could carry it. But then we would also need to disable self-updates from the ebuild (if there is such a thing).

And you are right about dropping go 1.12, which is a nice thing.

[jkroepke]

But then we would also need to disable self-updates from the ebuild (if there is such a thing).

Can you explain it? What did you mean with self-updates in context of this overlay/ebuild? The ebuild way already outdated, such a self-update here would be great. Since the binaries are immutable (read-only usr) on Flatcar, SSM is unable to perform a self-update on a running instance.

[krnowak]

But then we would also need to disable self-updates from the ebuild (if there is such a thing).

Can you explain it? What did you mean with self-updates in context of this overlay/ebuild? The ebuild way already outdated, such a self-update here would be great.

I mean - sometimes the software has the functionality of auto-updating itself. Not sure if this is a thing with SSM. That's why I mentioned disabling it, because there could be a situation that SSM auto-updates itself to a version without the Flatcar support patch.

Since the binaries are immutable (read-only usr) on Flatcar, SSM is unable to perform a self-update on a running instance.

SSM is installed to the OEM partition (/usr/share/oem, and it's a mountpoint), which is not read-only.

[jkroepke]

SSM is installed to the OEM partition (/usr/share/oem, and it's a mountpoint), which is not read-only.

Ah, I see. I did not expect this. I though the SSM is part of the immutable /usr and I the upstream PR was blocking the self-update feature.

Thanks for the hint, I modified the PR.