bottlerocket-sdk

bottlerocket-sdk copied to clipboard

**Issue number:** Related: https://github.com/bottlerocket-os/bottlerocket/issues/1667 **Description of changes:** All of the packages in the main repo should now be building binaries for FIPS and non-FIPS. Enable the FIPS check by default...

bcressey

**Issue or Feature Request:** Support multiple versions of Go in the bottlerocket-sdk. This is necessary for releasing *k8s-1.30 variants of bottlerocket, as kubernetes requires a minimum version of Go 1.22...

ginglis13

**Image I'm using:** N/A **Issue or Feature Request:** `license-scan` has the ability to skip a list of files, but in the case of `spdx` there are entire directories full of...

jpculp

**Issue or Feature Request:** The [bottlerocket-update-operator](https://github.com/bottlerocket-os/bottlerocket-update-operator/tree/develop) has its own Helm repository. In order to maintain this repository, we use Helm and Kubeconform, both of which [currently use binary artifacts from...

cbgbt

Unable to use LLVM `15.0.6` in sdk `v0.29` and `15.0.7` in sdk `v0.30`

2

**Image I'm using:** In `v0.29` of the sdk, which uses LLVM `15.0.6` and in `v0.30` of the sdk which uses LLVM `15.0.7`, users found missing symbols: ``` readelf -a /*-bottlerocket-linux-musl/sys-root/usr/lib/libunwind.a...

jpmcb

**Image I'm using:** n/a **Issue or Feature Request:** bottlerocket-license-scan considers and copies in licenses for platform dependencies that don't make sense for Bottlerocket (e.g. Windows, Fuchsia, WebAssembly). It should skip...

iliana

**Image I'm using:** v0.42.0 **Issue or Feature Request:** [lz4 v1.10.0](https://github.com/lz4/lz4/releases/tag/v1.10.0) is out with improved multicore support. This should speed up image builds significantly, as the `lz4 -9vc` step takes a...

bcressey

**Issue or Feature Request:** In order to build the latest aws-iam-authenticator release (https://github.com/kubernetes-sigs/aws-iam-authenticator/releases/tag/v0.6.22) we need golang v1.22.5. Hence, we need the sdk's golang version to be updated

vigh-m

**Issue or Feature Request:** In order to provide fips support, Rust packages typically lean on [`aws-lc`](https://github.com/aws/aws-lc) for crypto. rustls leans on [`aws-lc-rs`](https://github.com/aws/aws-lc-rs) for bindings. Bindings aren't shipped upstream for Bottlerocket's...

cbgbt

**Image I'm using:** v0.42.0 **Issue or Feature Request:** I'm building an RPM that I would like to avoid running the [check-fips script](https://github.com/bottlerocket-os/bottlerocket-sdk/blob/6a9042cbefa86e8c7a99b6717190aa3c74dfdd1e/macros/check-fips). We [expose a macro `cross_check_fips`](https://github.com/bottlerocket-os/bottlerocket-sdk/blob/6a9042cbefa86e8c7a99b6717190aa3c74dfdd1e/macros/shared#L269) which should be...

cbgbt