GNU bug report logs - #68264
awscli@2.2.0 downloads and runs a docker container from a large american corporation

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 68264 in the body.
You can then email your comments to 68264 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: "Collin J. Doering" <collin <at> rekahsoft.ca>
To: bug-guix <at> gnu.org
Subject: awscli <at> 2.2.0 downloads and runs a docker container from a large
 american corporation
Date: Fri, 05 Jan 2024 09:40:02 -0500

[Message part 1 (text/plain, inline)]

One thing I deeply appreciate about Gnu Guix is the fact that I have assurance that I have installed and am using software that respects my fundamental software freedoms. My understanding based on Guix's packaging guidelines (https://guix.gnu.org/manual/en/html_node/Packaging-Guidelines.html) is that a package should include all necessary software, libraries and resources necessary for the program to function; either directly or via dependencies. However, it appears that awscli <at> 2.2.0 (and all former versions of the v2 variant of awscli) download a docker image and run it. This is evident by the following, where guix shell is used to run awscli <at> 2.2.0 in a container, but docker and its daemon are not present.

--8<---------------cut here---------------start------------->8---
➜ guix shell -C awscli <at> 2.2.0 -- awsv2 --version
2.2.0
AWS CLI v2 command: docker run -i --rm -v /home/collin/.aws:/root/.aws -v /home/collin:/aws amazon/aws-cli
14:45:09 - awscliv2 - ERROR - Executable not found: docker
--8<---------------cut here---------------end--------------->8---

I propose awscli <at> 2.2.0 be removed immediately from guix.

Kind regards

PS: I have a packaged version of awscliv2 (2.15.6) available https://git.rekahsoft.ca/rekahsoft/rekahsoft-guix/src/branch/master/rekahsoft-gnu/packages/python-xyz.scm#L244-L329

It is still in need of some cleanup, and awscli is in an odd place (given the dependencies they vendor and fork), but it does work, and it depends on sources. This also follows closely to what nix does (see https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/admin/awscli2/default.nix).

-- 
Collin J. Doering

http://rekahsoft.ca
http://blog.rekahsoft.ca
http://git.rekahsoft.ca

[signature.asc (application/pgp-signature, inline)]

Message #8 received at 68264 <at> debbugs.gnu.org (full text, mbox):

From: Sharlatan Hellseher <sharlatanus <at> gmail.com>
To: 68264 <at> debbugs.gnu.org
Subject: awscli <at> 2.2.0 downloads and runs a docker container from a large
 american corporation
Date: Mon, 18 Nov 2024 23:10:28 +0000

[Message part 1 (text/plain, inline)]

Hi,

This issue was resolved in <https://issues.guix.gnu.org/74345> and
applied as ea6c381cac..391de92713 to master

--
Oleg

[signature.asc (application/pgp-signature, inline)]

Message #13 received at 68264-done <at> debbugs.gnu.org (full text, mbox):

From: Sharlatan Hellseher <sharlatanus <at> gmail.com>
To: 68264-done <at> debbugs.gnu.org
Subject: awscli <at> 2.2.0 downloads and runs a docker container from a large
 american corporation
Date: Mon, 18 Nov 2024 23:12:51 +0000

[Message part 1 (text/plain, inline)]

[signature.asc (application/pgp-signature, inline)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.