Build Docker image so that the aws command is a single static binary

[sfllaw]

Is your feature request related to a problem? Please describe. We would like to use the aws command inside our own Docker containers. The easiest way to do this now, is to source the official amazon/aws-cli Docker image and extract its contents into our minimal application image:

FROM busybox:1.32-musl AS busybox
FROM amazon/aws-cli:2.2.36 AS aws-cli
​
FROM scratch
​
COPY --from=busybox /bin/sh /bin/
COPY --from=aws-cli /usr/local/aws-cli/ /usr/local/aws-cli/
COPY --from=aws-cli /lib64/ld-linux-x86-64.so.2 /lib64/
COPY --from=aws-cli /lib64/lib*.so.? /usr/local/aws-cli/v2/current/lib/
​
ENV LD_LIBRARY_PATH=/usr/local/aws-cli/v2/current/lib
​
ENTRYPOINT /usr/local/aws-cli/v2/current/bin/aws

As you can see, this is pretty involved, a bit fragile, and involves copying lots of files.

Describe the solution you'd like Ideally, we would want to do something like this:

FROM amazon/aws-cli:2.2.36 AS aws-cli

FROM scratch

COPY --from=aws-cli /usr/local/aws-cli/v2/current/bin/aws /bin/

ENTRYPOINT /bin/aws

This requires aws-cli to be packaged with PyInstaller --onefile so that it no longer requires an entire directory. Then, I think StaticX could be used to turn this into a static binary by enumerating all the dynamic libraries and compiling with musl-gcc.

Note: Using --onefile makes the final binary a bit slower for very large programs because it has to unpack everything each time it is run. If the unpacking time is too long, it might make sense to create a separate Docker image for this use-case.

Describe alternatives you've considered You could also consider using PyOxidizer instead of PyInstaller, but that might be too big of a change? PyOxidizer does seem more efficient, because it doesn’t unpack the program to disk like PyInstaller does.

[stobrien89]

Hi @sfllaw,

Thanks for the feature request! I can see how this would make things much simpler for your use case. I'll review with the team to get their thoughts.

[stobrien89]

Hi @sfllaw,

My apologies for the delay. I was able to discuss this with the team last week and they're open to the idea— We generally like to see how much traction (in terms of community support) a feature request gets before we prioritize, so we'll leave this open for tracking for the time being. For anyone interested in this feature, please leave a reaction on the original post/comment. Let us know if you have any additional questions!

[sfllaw]

I noticed that #4685 is somewhat related.

[stobrien89]

Hi @sfllaw,

Thanks for letting us know! While related, I don't think it's similar enough to be considered a duplicate. I updated my last comment to highlight how we track community support for a feature.

[gLuColte]

Hi all, am wondering is there a solution for this?

[wsalles]

It is already possible to install aws-cli v2.13.0 natively on Alpine v3.18.

I will put my comment that I made in another issue explaining: https://github.com/aws/aws-cli/issues/4685#issuecomment-1631152031

[tim-finnigan]

As https://github.com/aws/aws-cli/issues/4685 was referenced here and has since been closed as completed, wanted to share the update from there:

The AWS CLI team published documentation for building CLI v2 from source here: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-source-install.html This contains a section "Alpine Linux container".

Does that meet the feature request here as well or can anyone expand on this issue?

[github-actions[bot]]

Greetings! It looks like this issue hasn’t been active in longer than five days. We encourage you to check if this is still an issue in the latest release. In the absence of more information, we will be closing this issue soon. If you find that this is still a problem, please feel free to provide a comment or upvote with a reaction on the initial post to prevent automatic closure. If the issue is already closed, please feel free to open a new one.