Update to Bootstrap Container

Dockerfile

@@ -1,17 +1,20 @@
-FROM amazonlinux:2023
+FROM public.ecr.aws/amazonlinux/amazonlinux:2023
 
 # Install necessary packages
-RUN yum update -y && \
-    yum install -y \
+RUN yum update -y 
+
+RUN yum install -y \
     aws-cli \
     jq \
     util-linux \
     e2fsprogs \
     xfsprogs \
     lvm2 \
     mdadm && \
-    yum clean all && \
-    # Verify that all packages are installed
+    yum clean all
+
+# Verify that all packages are installed
+RUN \
     command -v aws && \
     command -v jq && \
     command -v lsblk && \
@@ -23,8 +26,5 @@ RUN yum update -y && \
 # Copy the wrapper script into the container
 COPY bootstrap-script.sh /usr/local/bin/bootstrap-script.sh
 
-# Make the wrapper script executable
-RUN chmod +x /usr/local/bin/bootstrap-script.sh
-
 # Set the wrapper script as the entry point
 ENTRYPOINT ["/usr/local/bin/bootstrap-script.sh"]

Makefile

@@ -1,18 +1,37 @@
-IMAGE_NAME = bottlerocket-bootstrap-container:latest
+# IMAGE_NAME is the full name of the container image being built.
+IMAGE_NAME ?= $(notdir $(shell pwd -P))$(IMAGE_ARCH_SUFFIX):$(IMAGE_VERSION)$(addprefix -,$(SHORT_SHA))
+# IMAGE_VERSION is the semver version that's tagged on the image.
+IMAGE_VERSION = $(shell cat VERSION)
+# SHORT_SHA is the revision that the container image was built with.
+SHORT_SHA ?= $(shell git describe --abbrev=8 --always --dirty='-dev' --exclude '*' || echo "unknown")
+# IMAGE_ARCH_SUFFIX is the runtime architecture designator for the container
+# image, it is appended to the IMAGE_NAME unless the name is specified.
+IMAGE_ARCH_SUFFIX ?= $(addprefix -,$(ARCH))
+# DESTDIR is where the release artifacts will be written.
+DESTDIR ?= .
+# DISTFILE is the path to the dist target's output file - the container image
+# tarball.
+DISTFILE ?= $(subst /,,$(DESTDIR))/$(subst /,_,$(IMAGE_NAME)).tar.gz
 
-.PHONY: all build clean
+UNAME_ARCH = $(shell uname -m)
+ARCH ?= $(lastword $(subst :, ,$(filter $(UNAME_ARCH):%,x86_64:amd64 aarch64:arm64)))
 
-# Run all build tasks for this container image
-all: build_amd64 build_arm64
+.PHONY: all build dist clean
 
-# Build the container image for the amd64 architecture
-build_amd64:
-	docker build --tag $(IMAGE_NAME)-amd64 -f Dockerfile .
+# Run all build tasks for this container image.
+all: build
 
-# Build the container image for the arm64 architecture
-build_arm64:
-	docker build --tag $(IMAGE_NAME)-arm64 -f Dockerfile .
+# Create a distribution container image tarball for release.
+dist: all
+	@mkdir -p $(dir $(DISTFILE))
+	docker save $(IMAGE_NAME) | gzip > $(DISTFILE)
+
+# Build the container image.
+build:
+	DOCKER_BUILDKIT=1 docker build $(DOCKER_BUILD_FLAGS) \
+		--tag $(IMAGE_NAME) \
+		--build-arg IMAGE_VERSION="$(IMAGE_VERSION)" \
+		-f Dockerfile . >&2
 
-# Clean up the build artifacts (if there are any to clean)
 clean:
-	rm -f $(IMAGE_NAME)
+	rm -f $(DISTFILE)

README.md

@@ -1,7 +1,7 @@
-# Bottlerocket Control Container
+# Bottlerocket Bootstrap Container
 
-This is the bootstrap container for the [Bottlerocket](https://github.com/bottlerocket-os/bottlerocket) operating system. This container 
-image allows the user to provide their own script to run bootstrap commands to setup their own configuration during runtime. 
+This is the bootstrap container for the [Bottlerocket](https://github.com/bottlerocket-os/bottlerocket) operating system. 
+This container image allows the user to provide their own script to run bootstrap commands to setup their own configuration during runtime. 
 
 ## Using the Container Image
 

bootstrap-script.sh

@@ -1,24 +1,22 @@
 #!/usr/bin/env bash
 
-set -euo pipefail
-set -x
+set -xeuo pipefail
 
 # Full path to the base64-encoded user data
-USER_DATA_PATH=/.bottlerocket/bootstrap-containers/current/user-data
+USER_DATA_PATH='/.bottlerocket/bootstrap-containers/current/user-data'
 
 # If the user data file is there, not empty, and not a directory, make it executable
-if [ -s "$USER_DATA_PATH" ] && [ ! -d "$USER_DATA_PATH" ]; then
-    chmod +x "$USER_DATA_PATH"
+if [[ -s "${USER_DATA_PATH}" ]] && [[ ! -d "${USER_DATA_PATH}" ]]; then
+    chmod +x "${USER_DATA_PATH}"
 
     # If the decoded script is there and executable, then execute it.
-    if [ -x "$USER_DATA_PATH" ]; then
-        echo "Executing user bootstrap script: $USER_DATA_PATH"
-        exec "$USER_DATA_PATH"
+    if [ -x "${USER_DATA_PATH}" ]; then
+        exec "${USER_DATA_PATH}"
     else
-        echo "Warning: User bootstrap script not found or not executable: $USER_DATA_PATH"
+        echo "ERROR: User bootstrap script not found or not executable: ${USER_DATA_PATH}" >&2
         exit 1
     fi
 else
-    echo "Warning: User data not found or is a directory: $USER_DATA_PATH"
+    echo "ERROR: User data not found or is a directory: ${USER_DATA_PATH}" >&2
     exit 1
 fi