@cloudsnorkel/cdk-github-runners 0.9.4 → 0.9.5

package/API.md

@@ -3294,7 +3294,8 @@ new ImageBuilderComponent(this, 'AWS CLI', {
   displayName: 'AWS CLI',
   description: 'Install latest version of AWS CLI',
   commands: [
-    'Start-Process msiexec.exe -Wait -ArgumentList \'/i https://awscli.amazonaws.com/AWSCLIV2.msi /qn\'',
+    '$p = Start-Process msiexec.exe -PassThru -Wait -ArgumentList \'/i https://awscli.amazonaws.com/AWSCLIV2.msi /qn\'',
+    'if ($p.ExitCode -ne 0) { throw "Exit code is $p.ExitCode" }',
   ],
 }
 ```
@@ -4666,8 +4667,6 @@ public readonly installDocker: boolean;
 
 Install Docker inside the image, so it can be used by the runner.
 
-You may want to disable this if you are building a Windows image and don't have a Docker Desktop license.
-
 ---
 
 ##### `instanceType`<sup>Optional</sup> <a name="instanceType" id="@cloudsnorkel/cdk-github-runners.AmiBuilderProps.property.instanceType"></a>
@@ -4975,7 +4974,7 @@ public readonly buildImage: IBuildImage;
 ```
 
 - *Type:* aws-cdk-lib.aws_codebuild.IBuildImage
-- *Default:* Ubuntu 20.04 for x64 and Amazon Linux 2 for ARM64
+- *Default:* Ubuntu 22.04 for x64 and Amazon Linux 2 for ARM64
 
 Build image to use in CodeBuild.
 
@@ -5159,7 +5158,7 @@ public readonly buildImage: IBuildImage;
 ```
 
 - *Type:* aws-cdk-lib.aws_codebuild.IBuildImage
-- *Default:* Ubuntu 20.04 for x64 and Amazon Linux 2 for ARM64
+- *Default:* Ubuntu 22.04 for x64 and Amazon Linux 2 for ARM64
 
 Build image to use in CodeBuild.
 
@@ -6700,6 +6699,7 @@ const imageBuilderComponentProperties: ImageBuilderComponentProperties = { ... }
 | <code><a href="#@cloudsnorkel/cdk-github-runners.ImageBuilderComponentProperties.property.displayName">displayName</a></code> | <code>string</code> | Component display name. |
 | <code><a href="#@cloudsnorkel/cdk-github-runners.ImageBuilderComponentProperties.property.platform">platform</a></code> | <code>string</code> | Component platform. |
 | <code><a href="#@cloudsnorkel/cdk-github-runners.ImageBuilderComponentProperties.property.assets">assets</a></code> | <code><a href="#@cloudsnorkel/cdk-github-runners.ImageBuilderAsset">ImageBuilderAsset</a>[]</code> | Optional assets to add to the built image. |
+| <code><a href="#@cloudsnorkel/cdk-github-runners.ImageBuilderComponentProperties.property.reboot">reboot</a></code> | <code>boolean</code> | Require a reboot after installing this component. |
 
 ---
 
@@ -6767,6 +6767,19 @@ Optional assets to add to the built image.
 
 ---
 
+##### `reboot`<sup>Optional</sup> <a name="reboot" id="@cloudsnorkel/cdk-github-runners.ImageBuilderComponentProperties.property.reboot"></a>
+
+```typescript
+public readonly reboot: boolean;
+```
+
+- *Type:* boolean
+- *Default:* false
+
+Require a reboot after installing this component.
+
+---
+
 ### LambdaRunnerProviderProps <a name="LambdaRunnerProviderProps" id="@cloudsnorkel/cdk-github-runners.LambdaRunnerProviderProps"></a>
 
 #### Initializer <a name="Initializer" id="@cloudsnorkel/cdk-github-runners.LambdaRunnerProviderProps.Initializer"></a>
@@ -7432,10 +7445,12 @@ public readonly baseAmi: string;
 ```
 
 - *Type:* string
-- *Default:* latest Ubuntu 20.04 AMI for Os.LINUX_UBUNTU, latest Amazon Linux 2 AMI for Os.LINUX_AMAZON_2, latest Windows Server 2022 AMI for Os.WINDOWS
+- *Default:* latest Ubuntu 22.04 AMI for Os.LINUX_UBUNTU, latest Amazon Linux 2 AMI for Os.LINUX_AMAZON_2, latest Windows Server 2022 AMI for Os.WINDOWS
 
 Base AMI from which runner AMIs will be built.
 
+This can be an actual AMI or an AWS Image Builder ARN that points to the latest AMI. For example `arn:aws:imagebuilder:us-east-1:aws:image/ubuntu-server-22-lts-x86/x.x.x` would always use the latest version of Ubuntu 22.04 in each build. If you want a specific version, you can replace `x.x.x` with that version.
+
 ---
 
 ##### `baseDockerImage`<sup>Optional</sup> <a name="baseDockerImage" id="@cloudsnorkel/cdk-github-runners.RunnerImageBuilderProps.property.baseDockerImage"></a>
@@ -8443,6 +8458,7 @@ new RunnerImageComponent()
 | <code><a href="#@cloudsnorkel/cdk-github-runners.RunnerImageComponent.getAssets">getAssets</a></code> | Returns assets to copy into the built image. |
 | <code><a href="#@cloudsnorkel/cdk-github-runners.RunnerImageComponent.getCommands">getCommands</a></code> | Returns commands to run to in built image. |
 | <code><a href="#@cloudsnorkel/cdk-github-runners.RunnerImageComponent.getDockerCommands">getDockerCommands</a></code> | Returns Docker commands to run to in built image. |
+| <code><a href="#@cloudsnorkel/cdk-github-runners.RunnerImageComponent.shouldReboot">shouldReboot</a></code> | Returns true if the image builder should be rebooted after this component is installed. |
 
 ---
 
@@ -8514,6 +8530,26 @@ Docker commands are added after assets and normal commands.
 
 ---
 
+##### `shouldReboot` <a name="shouldReboot" id="@cloudsnorkel/cdk-github-runners.RunnerImageComponent.shouldReboot"></a>
+
+```typescript
+public shouldReboot(_os: Os, _architecture: Architecture): boolean
+```
+
+Returns true if the image builder should be rebooted after this component is installed.
+
+###### `_os`<sup>Required</sup> <a name="_os" id="@cloudsnorkel/cdk-github-runners.RunnerImageComponent.shouldReboot.parameter._os"></a>
+
+- *Type:* <a href="#@cloudsnorkel/cdk-github-runners.Os">Os</a>
+
+---
+
+###### `_architecture`<sup>Required</sup> <a name="_architecture" id="@cloudsnorkel/cdk-github-runners.RunnerImageComponent.shouldReboot.parameter._architecture"></a>
+
+- *Type:* <a href="#@cloudsnorkel/cdk-github-runners.Architecture">Architecture</a>
+
+---
+
 #### Static Functions <a name="Static Functions" id="Static Functions"></a>
 
 | **Name** | **Description** |
@@ -8574,7 +8610,7 @@ RunnerImageComponent.docker()
 
 A component to install Docker.
 
-On Windows this installs Docker Desktop.
+On Windows this sets up dockerd for Windows containers without Docker Desktop. If you need Linux containers on Windows, you'll need to install Docker Desktop which doesn't seem to play well with servers (PRs welcome).
 
 ##### `dockerInDocker` <a name="dockerInDocker" id="@cloudsnorkel/cdk-github-runners.RunnerImageComponent.dockerInDocker"></a>
 

package/README.md

@@ -2,7 +2,7 @@
 
 [![NPM](https://img.shields.io/npm/v/@cloudsnorkel/cdk-github-runners?label=npm&logo=npm)][7]
 [![PyPI](https://img.shields.io/pypi/v/cloudsnorkel.cdk-github-runners?label=pypi&logo=pypi)][6]
-[![Maven Central](https://img.shields.io/maven-central/v/com.cloudsnorkel/cdk.github.runners.svg?label=Maven%20Central&logo=java)][8]
+[![Maven Central](https://img.shields.io/maven-central/v/com.cloudsnorkel/cdk.github.runners.svg?label=Maven%20Central&logo=apachemaven)][8]
 [![Go](https://img.shields.io/github/v/tag/CloudSnorkel/cdk-github-runners?color=red&label=go&logo=go)][11]
 [![Nuget](https://img.shields.io/nuget/v/CloudSnorkel.Cdk.Github.Runners?color=red&&logo=nuget)][12]
 [![Release](https://github.com/CloudSnorkel/cdk-github-runners/actions/workflows/release.yml/badge.svg)](https://github.com/CloudSnorkel/cdk-github-runners/actions/workflows/release.yml)
@@ -21,6 +21,7 @@ Self-hosted runners in AWS are useful when:
 * You need easy access to internal resources in your actions
 * You want to pre-install some software for your actions
 * You want to provide some basic AWS API access (but [aws-actions/configure-aws-credentials][2] has more security controls)
+* You are using GitHub Enterprise Server
 
 Ephemeral (or on-demand) runners are the [recommended way by GitHub][14] for auto-scaling, and they make sure all jobs run with a clean image. Runners are started on-demand. You don't pay unless a job is running.
 
@@ -212,7 +213,7 @@ new GitHubRunners(this, 'runners', {
 1. Always start with the status function, make sure no errors are reported, and confirm all status codes are OK
 2. If jobs are stuck on pending:
    1. Make sure `runs-on` in the workflow matches the expected labels set in the runner provider
-   2. If it happens every time, cancel the job and start it again
+   2. If jobs get stuck often and take a long time to start, cancel the pending jobs and start them again
 4. Confirm the webhook Lambda was called by visiting the URL in `troubleshooting.webhookHandlerUrl` from `status.json`
    1. If it's not called or logs errors, confirm the webhook settings on the GitHub side
    2. If you see too many errors, make sure you're only sending `workflow_job` events
@@ -221,6 +222,18 @@ new GitHubRunners(this, 'runners', {
    1. Use the details tab to find the specific execution of the provider (Lambda, CodeBuild, Fargate, etc.)
    2. Every step function execution should be successful, even if the runner action inside it failed
 
+## Monitoring
+
+There are two important ways to monitor your runners:
+
+1. Make sure runners don't fail to start. When that happens, jobs may sit and wait. Use `GitHubRunners.metricFailed()` to get a metric for the number of failed runner starts. You should use this metric to trigger an alarm.
+2. Make sure runner images don't fail to build. Failed runner image builds mean you will get stuck with out-of-date software on your runners. It may lead to security vulnerabilities, or it may lead to slower runner start-ups as the runner software itself needs to be updated. Use `GitHubRunners.failedImageBuildsTopic()` to get SNS topic that gets notified of failed runner image builds. You should subscribe to this topic.
+
+Other useful metrics to track:
+
+1. Use `GitHubRunners.metricJobCompleted()` to get a metric for the number of completed jobs broken down by labels and job success.
+2. Use `GitHubRunners.metricTime()` to get a metric for the total time a runner is running. This includes the overhead of starting the runner.
+
 ## Other Options
 
 1. [philips-labs/terraform-aws-github-runner][3] if you're using Terraform

package/assets/{providers/image-builders → image-builders}/aws-image-builder/delete-ami.lambda/index.js

@@ -22,7 +22,7 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
   mod
 ));
 
-// src/providers/image-builders/aws-image-builder/delete-ami.lambda.ts
+// src/image-builders/aws-image-builder/delete-ami.lambda.ts
 var AWS2 = __toESM(require("aws-sdk"));
 
 // src/lambda-helpers.ts
@@ -62,7 +62,7 @@ async function customResourceRespond(event, responseStatus, reason, physicalReso
   });
 }
 
-// src/providers/image-builders/aws-image-builder/delete-ami.lambda.ts
+// src/image-builders/aws-image-builder/delete-ami.lambda.ts
 var ec2 = new AWS2.EC2();
 async function deleteAmis(launchTemplateId, stackName, builderName, deleteAll) {
   var _a;

package/assets/{providers/image-builders → image-builders}/aws-image-builder/filter-failed-builds.lambda/index.js

@@ -22,7 +22,7 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
   mod
 ));
 
-// src/providers/image-builders/aws-image-builder/filter-failed-builds.lambda.ts
+// src/image-builders/aws-image-builder/filter-failed-builds.lambda.ts
 var AWS = __toESM(require("aws-sdk"));
 var sns = new AWS.SNS();
 exports.handler = async function(event) {

package/assets/{providers/image-builders → image-builders}/aws-image-builder/versioner.lambda/index.js

@@ -2432,7 +2432,7 @@ var require_semver2 = __commonJS({
   }
 });
 
-// src/providers/image-builders/aws-image-builder/versioner.lambda.ts
+// src/image-builders/aws-image-builder/versioner.lambda.ts
 var versioner_lambda_exports = {};
 __export(versioner_lambda_exports, {
   handler: () => handler
@@ -2478,7 +2478,7 @@ async function customResourceRespond(event, responseStatus, reason, physicalReso
   });
 }
 
-// src/providers/image-builders/aws-image-builder/versioner.lambda.ts
+// src/image-builders/aws-image-builder/versioner.lambda.ts
 var ib = new AWS2.Imagebuilder();
 async function handler(event, context) {
   console.log(JSON.stringify({ ...event, ResponseURL: "..." }));

package/lib/access.js

@@ -56,7 +56,7 @@ class LambdaAccess {
     }
 }
 _a = JSII_RTTI_SYMBOL_1;
-LambdaAccess[_a] = { fqn: "@cloudsnorkel/cdk-github-runners.LambdaAccess", version: "0.9.4" };
+LambdaAccess[_a] = { fqn: "@cloudsnorkel/cdk-github-runners.LambdaAccess", version: "0.9.5" };
 exports.LambdaAccess = LambdaAccess;
 /**
  * @internal

package/lib/image-builders/api.js

@@ -0,0 +1,47 @@
+"use strict";
+var _a;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RunnerImageBuilder = void 0;
+const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const aws_image_builder_1 = require("./aws-image-builder");
+const codebuild_1 = require("./codebuild");
+const common_1 = require("./common");
+const common_2 = require("../providers/common");
+/**
+ * GitHub Runner image builder. Builds a Docker image or AMI with GitHub Runner and other requirements installed.
+ *
+ * Images can be customized before passed into the provider by adding or removing components to be installed.
+ *
+ * Images are rebuilt every week by default to ensure that the latest security patches are applied.
+ */
+class RunnerImageBuilder extends common_1.RunnerImageBuilderBase {
+    /**
+     * Create a new image builder based on the provided properties. The implementation will differ based on the OS, architecture, and requested builder type.
+     */
+    static new(scope, id, props) {
+        if (props?.components && props.runnerVersion) {
+            aws_cdk_lib_1.Annotations.of(scope).addWarning('runnerVersion is ignored when components are specified. The runner version will be determined by the components.');
+        }
+        if (props?.builderType === common_1.RunnerImageBuilderType.CODE_BUILD) {
+            return new codebuild_1.CodeBuildRunnerImageBuilder(scope, id, props);
+        }
+        else if (props?.builderType === common_1.RunnerImageBuilderType.AWS_IMAGE_BUILDER) {
+            return new aws_image_builder_1.AwsImageBuilderRunnerImageBuilder(scope, id, props);
+        }
+        const os = props?.os ?? common_2.Os.LINUX_UBUNTU;
+        if (os.is(common_2.Os.LINUX_UBUNTU) || os.is(common_2.Os.LINUX_AMAZON_2)) {
+            return new codebuild_1.CodeBuildRunnerImageBuilder(scope, id, props);
+        }
+        else if (os.is(common_2.Os.WINDOWS)) {
+            return new aws_image_builder_1.AwsImageBuilderRunnerImageBuilder(scope, id, props);
+        }
+        else {
+            throw new Error(`Unable to find runner image builder implementation for ${os.name}`);
+        }
+    }
+}
+_a = JSII_RTTI_SYMBOL_1;
+RunnerImageBuilder[_a] = { fqn: "@cloudsnorkel/cdk-github-runners.RunnerImageBuilder", version: "0.9.5" };
+exports.RunnerImageBuilder = RunnerImageBuilder;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXBpLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2ltYWdlLWJ1aWxkZXJzL2FwaS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLDZDQUEwQztBQUUxQywyREFBd0U7QUFDeEUsMkNBQTBEO0FBQzFELHFDQUFtRztBQUNuRyxnREFBeUM7QUFFekM7Ozs7OztHQU1HO0FBQ0gsTUFBc0Isa0JBQW1CLFNBQVEsK0JBQXNCO0lBQ3JFOztPQUVHO0lBQ0gsTUFBTSxDQUFDLEdBQUcsQ0FBQyxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUErQjtRQUN0RSxJQUFJLEtBQUssRUFBRSxVQUFVLElBQUksS0FBSyxDQUFDLGFBQWEsRUFBRTtZQUM1Qyx5QkFBVyxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxVQUFVLENBQUMsa0hBQWtILENBQUMsQ0FBQztTQUN0SjtRQUVELElBQUksS0FBSyxFQUFFLFdBQVcsS0FBSywrQkFBc0IsQ0FBQyxVQUFVLEVBQUU7WUFDNUQsT0FBTyxJQUFJLHVDQUEyQixDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUUsS0FBSyxDQUFDLENBQUM7U0FDMUQ7YUFBTSxJQUFJLEtBQUssRUFBRSxXQUFXLEtBQUssK0JBQXNCLENBQUMsaUJBQWlCLEVBQUU7WUFDMUUsT0FBTyxJQUFJLHFEQUFpQyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUUsS0FBSyxDQUFDLENBQUM7U0FDaEU7UUFFRCxNQUFNLEVBQUUsR0FBRyxLQUFLLEVBQUUsRUFBRSxJQUFJLFdBQUUsQ0FBQyxZQUFZLENBQUM7UUFDeEMsSUFBSSxFQUFFLENBQUMsRUFBRSxDQUFDLFdBQUUsQ0FBQyxZQUFZLENBQUMsSUFBSSxFQUFFLENBQUMsRUFBRSxDQUFDLFdBQUUsQ0FBQyxjQUFjLENBQUMsRUFBRTtZQUN0RCxPQUFPLElBQUksdUNBQTJCLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRSxLQUFLLENBQUMsQ0FBQztTQUMxRDthQUFNLElBQUksRUFBRSxDQUFDLEVBQUUsQ0FBQyxXQUFFLENBQUMsT0FBTyxDQUFDLEVBQUU7WUFDNUIsT0FBTyxJQUFJLHFEQUFpQyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUUsS0FBSyxDQUFDLENBQUM7U0FDaEU7YUFBTTtZQUNMLE1BQU0sSUFBSSxLQUFLLENBQUMsMERBQTBELEVBQUUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO1NBQ3RGO0lBQ0gsQ0FBQzs7OztBQXZCbUIsZ0RBQWtCIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgQW5ub3RhdGlvbnMgfSBmcm9tICdhd3MtY2RrLWxpYic7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcbmltcG9ydCB7IEF3c0ltYWdlQnVpbGRlclJ1bm5lckltYWdlQnVpbGRlciB9IGZyb20gJy4vYXdzLWltYWdlLWJ1aWxkZXInO1xuaW1wb3J0IHsgQ29kZUJ1aWxkUnVubmVySW1hZ2VCdWlsZGVyIH0gZnJvbSAnLi9jb2RlYnVpbGQnO1xuaW1wb3J0IHsgUnVubmVySW1hZ2VCdWlsZGVyQmFzZSwgUnVubmVySW1hZ2VCdWlsZGVyUHJvcHMsIFJ1bm5lckltYWdlQnVpbGRlclR5cGUgfSBmcm9tICcuL2NvbW1vbic7XG5pbXBvcnQgeyBPcyB9IGZyb20gJy4uL3Byb3ZpZGVycy9jb21tb24nO1xuXG4vKipcbiAqIEdpdEh1YiBSdW5uZXIgaW1hZ2UgYnVpbGRlci4gQnVpbGRzIGEgRG9ja2VyIGltYWdlIG9yIEFNSSB3aXRoIEdpdEh1YiBSdW5uZXIgYW5kIG90aGVyIHJlcXVpcmVtZW50cyBpbnN0YWxsZWQuXG4gKlxuICogSW1hZ2VzIGNhbiBiZSBjdXN0b21pemVkIGJlZm9yZSBwYXNzZWQgaW50byB0aGUgcHJvdmlkZXIgYnkgYWRkaW5nIG9yIHJlbW92aW5nIGNvbXBvbmVudHMgdG8gYmUgaW5zdGFsbGVkLlxuICpcbiAqIEltYWdlcyBhcmUgcmVidWlsdCBldmVyeSB3ZWVrIGJ5IGRlZmF1bHQgdG8gZW5zdXJlIHRoYXQgdGhlIGxhdGVzdCBzZWN1cml0eSBwYXRjaGVzIGFyZSBhcHBsaWVkLlxuICovXG5leHBvcnQgYWJzdHJhY3QgY2xhc3MgUnVubmVySW1hZ2VCdWlsZGVyIGV4dGVuZHMgUnVubmVySW1hZ2VCdWlsZGVyQmFzZSB7XG4gIC8qKlxuICAgKiBDcmVhdGUgYSBuZXcgaW1hZ2UgYnVpbGRlciBiYXNlZCBvbiB0aGUgcHJvdmlkZWQgcHJvcGVydGllcy4gVGhlIGltcGxlbWVudGF0aW9uIHdpbGwgZGlmZmVyIGJhc2VkIG9uIHRoZSBPUywgYXJjaGl0ZWN0dXJlLCBhbmQgcmVxdWVzdGVkIGJ1aWxkZXIgdHlwZS5cbiAgICovXG4gIHN0YXRpYyBuZXcoc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM/OiBSdW5uZXJJbWFnZUJ1aWxkZXJQcm9wcyk6IFJ1bm5lckltYWdlQnVpbGRlciB7XG4gICAgaWYgKHByb3BzPy5jb21wb25lbnRzICYmIHByb3BzLnJ1bm5lclZlcnNpb24pIHtcbiAgICAgIEFubm90YXRpb25zLm9mKHNjb3BlKS5hZGRXYXJuaW5nKCdydW5uZXJWZXJzaW9uIGlzIGlnbm9yZWQgd2hlbiBjb21wb25lbnRzIGFyZSBzcGVjaWZpZWQuIFRoZSBydW5uZXIgdmVyc2lvbiB3aWxsIGJlIGRldGVybWluZWQgYnkgdGhlIGNvbXBvbmVudHMuJyk7XG4gICAgfVxuXG4gICAgaWYgKHByb3BzPy5idWlsZGVyVHlwZSA9PT0gUnVubmVySW1hZ2VCdWlsZGVyVHlwZS5DT0RFX0JVSUxEKSB7XG4gICAgICByZXR1cm4gbmV3IENvZGVCdWlsZFJ1bm5lckltYWdlQnVpbGRlcihzY29wZSwgaWQsIHByb3BzKTtcbiAgICB9IGVsc2UgaWYgKHByb3BzPy5idWlsZGVyVHlwZSA9PT0gUnVubmVySW1hZ2VCdWlsZGVyVHlwZS5BV1NfSU1BR0VfQlVJTERFUikge1xuICAgICAgcmV0dXJuIG5ldyBBd3NJbWFnZUJ1aWxkZXJSdW5uZXJJbWFnZUJ1aWxkZXIoc2NvcGUsIGlkLCBwcm9wcyk7XG4gICAgfVxuXG4gICAgY29uc3Qgb3MgPSBwcm9wcz8ub3MgPz8gT3MuTElOVVhfVUJVTlRVO1xuICAgIGlmIChvcy5pcyhPcy5MSU5VWF9VQlVOVFUpIHx8IG9zLmlzKE9zLkxJTlVYX0FNQVpPTl8yKSkge1xuICAgICAgcmV0dXJuIG5ldyBDb2RlQnVpbGRSdW5uZXJJbWFnZUJ1aWxkZXIoc2NvcGUsIGlkLCBwcm9wcyk7XG4gICAgfSBlbHNlIGlmIChvcy5pcyhPcy5XSU5ET1dTKSkge1xuICAgICAgcmV0dXJuIG5ldyBBd3NJbWFnZUJ1aWxkZXJSdW5uZXJJbWFnZUJ1aWxkZXIoc2NvcGUsIGlkLCBwcm9wcyk7XG4gICAgfSBlbHNlIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcihgVW5hYmxlIHRvIGZpbmQgcnVubmVyIGltYWdlIGJ1aWxkZXIgaW1wbGVtZW50YXRpb24gZm9yICR7b3MubmFtZX1gKTtcbiAgICB9XG4gIH1cbn1cbiJdfQ==

package/lib/{providers/image-builders → image-builders}/aws-image-builder/ami.d.ts

@@ -1,8 +1,7 @@
-import { aws_ec2 as ec2 } from 'aws-cdk-lib';
 import { Construct } from 'constructs';
 import { ImageBuilderComponent } from './builder';
 import { ImageBuilderObjectBase } from './common';
-import { Architecture, Os } from '../../common';
+import { Architecture, Os } from '../../providers/common';
 /**
  * Properties for AmiRecipe construct.
  */
@@ -39,5 +38,5 @@ export declare class AmiRecipe extends ImageBuilderObjectBase {
  *
  * @internal
  */
-export declare function defaultBaseAmi(os: Os, architecture: Architecture): ec2.IMachineImage;
+export declare function defaultBaseAmi(scope: Construct, os: Os, architecture: Architecture): string;
 export {};

package/lib/image-builders/aws-image-builder/ami.js

@@ -0,0 +1,93 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.defaultBaseAmi = exports.AmiRecipe = void 0;
+const cdk = require("aws-cdk-lib");
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const common_1 = require("./common");
+const common_2 = require("../../providers/common");
+const common_3 = require("../common");
+/**
+ * Image builder recipe for Amazon Machine Image (AMI).
+ *
+ * @internal
+ */
+class AmiRecipe extends common_1.ImageBuilderObjectBase {
+    constructor(scope, id, props) {
+        super(scope, id);
+        const name = (0, common_3.uniqueImageBuilderName)(this);
+        let components = props.components.map(component => {
+            return {
+                componentArn: component.arn,
+            };
+        });
+        let workingDirectory;
+        if (props.platform == 'Linux') {
+            workingDirectory = '/home/runner';
+        }
+        else if (props.platform == 'Windows') {
+            workingDirectory = 'C:/'; // must exist or Image Builder fails and must not be empty or git will stall installing from the default windows\system32
+        }
+        else {
+            throw new Error(`Unsupported AMI recipe platform: ${props.platform}`);
+        }
+        const recipe = new aws_cdk_lib_1.aws_imagebuilder.CfnImageRecipe(this, 'Recipe', {
+            name: name,
+            version: this.version('ImageRecipe', name, {
+                platform: props.platform,
+                components,
+                parentAmi: props.baseAmi,
+            }),
+            parentImage: props.baseAmi,
+            components,
+            workingDirectory,
+        });
+        this.arn = recipe.attrArn;
+        this.name = name;
+    }
+}
+exports.AmiRecipe = AmiRecipe;
+/**
+ * Default base AMI for given OS and architecture.
+ *
+ * @internal
+ */
+function defaultBaseAmi(scope, os, architecture) {
+    const stack = cdk.Stack.of(scope);
+    let arch;
+    if (architecture.is(common_2.Architecture.X86_64)) {
+        arch = 'x86';
+    }
+    else if (architecture.is(common_2.Architecture.ARM64)) {
+        arch = 'arm64';
+    }
+    else {
+        throw new Error(`Unsupported architecture for base AMI: ${architecture.name}`);
+    }
+    if (os.is(common_2.Os.LINUX_UBUNTU) || os.is(common_2.Os.LINUX)) {
+        return stack.formatArn({
+            service: 'imagebuilder',
+            resource: 'image',
+            account: 'aws',
+            resourceName: `ubuntu-server-22-lts-${arch}/x.x.x`,
+        });
+    }
+    if (os.is(common_2.Os.LINUX_AMAZON_2)) {
+        return stack.formatArn({
+            service: 'imagebuilder',
+            resource: 'image',
+            account: 'aws',
+            resourceName: `amazon-linux-2-${arch}/x.x.x`,
+        });
+    }
+    if (os.is(common_2.Os.WINDOWS)) {
+        return stack.formatArn({
+            service: 'imagebuilder',
+            resource: 'image',
+            account: 'aws',
+            resourceName: `windows-server-2022-english-full-base-${arch}/x.x.x`,
+        });
+    }
+    throw new Error(`OS ${os.name} not supported for AMI runner image`);
+}
+exports.defaultBaseAmi = defaultBaseAmi;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYW1pLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2ltYWdlLWJ1aWxkZXJzL2F3cy1pbWFnZS1idWlsZGVyL2FtaS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxtQ0FBbUM7QUFDbkMsNkNBQStEO0FBRy9ELHFDQUFrRDtBQUNsRCxtREFBMEQ7QUFDMUQsc0NBQW1EO0FBMkJuRDs7OztHQUlHO0FBQ0gsTUFBYSxTQUFVLFNBQVEsK0JBQXNCO0lBSW5ELFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBMEI7UUFDbEUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixNQUFNLElBQUksR0FBRyxJQUFBLCtCQUFzQixFQUFDLElBQUksQ0FBQyxDQUFDO1FBRTFDLElBQUksVUFBVSxHQUFHLEtBQUssQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLFNBQVMsQ0FBQyxFQUFFO1lBQ2hELE9BQU87Z0JBQ0wsWUFBWSxFQUFFLFNBQVMsQ0FBQyxHQUFHO2FBQzVCLENBQUM7UUFDSixDQUFDLENBQUMsQ0FBQztRQUVILElBQUksZ0JBQWdCLENBQUM7UUFDckIsSUFBSSxLQUFLLENBQUMsUUFBUSxJQUFJLE9BQU8sRUFBRTtZQUM3QixnQkFBZ0IsR0FBRyxjQUFjLENBQUM7U0FDbkM7YUFBTSxJQUFJLEtBQUssQ0FBQyxRQUFRLElBQUksU0FBUyxFQUFFO1lBQ3RDLGdCQUFnQixHQUFHLEtBQUssQ0FBQyxDQUFDLHlIQUF5SDtTQUNwSjthQUFNO1lBQ0wsTUFBTSxJQUFJLEtBQUssQ0FBQyxvQ0FBb0MsS0FBSyxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUM7U0FDdkU7UUFFRCxNQUFNLE1BQU0sR0FBRyxJQUFJLDhCQUFZLENBQUMsY0FBYyxDQUFDLElBQUksRUFBRSxRQUFRLEVBQUU7WUFDN0QsSUFBSSxFQUFFLElBQUk7WUFDVixPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxhQUFhLEVBQUUsSUFBSSxFQUFFO2dCQUN6QyxRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7Z0JBQ3hCLFVBQVU7Z0JBQ1YsU0FBUyxFQUFFLEtBQUssQ0FBQyxPQUFPO2FBQ3pCLENBQUM7WUFDRixXQUFXLEVBQUUsS0FBSyxDQUFDLE9BQU87WUFDMUIsVUFBVTtZQUNWLGdCQUFnQjtTQUNqQixDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsR0FBRyxHQUFHLE1BQU0sQ0FBQyxPQUFPLENBQUM7UUFDMUIsSUFBSSxDQUFDLElBQUksR0FBRyxJQUFJLENBQUM7SUFDbkIsQ0FBQztDQUNGO0FBdkNELDhCQXVDQztBQUVEOzs7O0dBSUc7QUFDSCxTQUFnQixjQUFjLENBQUMsS0FBZ0IsRUFBRSxFQUFNLEVBQUUsWUFBMEI7SUFDakYsTUFBTSxLQUFLLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUMsS0FBSyxDQUFDLENBQUM7SUFFbEMsSUFBSSxJQUFJLENBQUM7SUFDVCxJQUFJLFlBQVksQ0FBQyxFQUFFLENBQUMscUJBQVksQ0FBQyxNQUFNLENBQUMsRUFBRTtRQUN4QyxJQUFJLEdBQUcsS0FBSyxDQUFDO0tBQ2Q7U0FBTSxJQUFJLFlBQVksQ0FBQyxFQUFFLENBQUMscUJBQVksQ0FBQyxLQUFLLENBQUMsRUFBRTtRQUM5QyxJQUFJLEdBQUcsT0FBTyxDQUFDO0tBQ2hCO1NBQU07UUFDTCxNQUFNLElBQUksS0FBSyxDQUFDLDBDQUEwQyxZQUFZLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQztLQUNoRjtJQUVELElBQUksRUFBRSxDQUFDLEVBQUUsQ0FBQyxXQUFFLENBQUMsWUFBWSxDQUFDLElBQUksRUFBRSxDQUFDLEVBQUUsQ0FBQyxXQUFFLENBQUMsS0FBSyxDQUFDLEVBQUU7UUFDN0MsT0FBTyxLQUFLLENBQUMsU0FBUyxDQUFDO1lBQ3JCLE9BQU8sRUFBRSxjQUFjO1lBQ3ZCLFFBQVEsRUFBRSxPQUFPO1lBQ2pCLE9BQU8sRUFBRSxLQUFLO1lBQ2QsWUFBWSxFQUFFLHdCQUF3QixJQUFJLFFBQVE7U0FDbkQsQ0FBQyxDQUFDO0tBQ0o7SUFFRCxJQUFJLEVBQUUsQ0FBQyxFQUFFLENBQUMsV0FBRSxDQUFDLGNBQWMsQ0FBQyxFQUFFO1FBQzVCLE9BQU8sS0FBSyxDQUFDLFNBQVMsQ0FBQztZQUNyQixPQUFPLEVBQUUsY0FBYztZQUN2QixRQUFRLEVBQUUsT0FBTztZQUNqQixPQUFPLEVBQUUsS0FBSztZQUNkLFlBQVksRUFBRSxrQkFBa0IsSUFBSSxRQUFRO1NBQzdDLENBQUMsQ0FBQztLQUNKO0lBRUQsSUFBSSxFQUFFLENBQUMsRUFBRSxDQUFDLFdBQUUsQ0FBQyxPQUFPLENBQUMsRUFBRTtRQUNyQixPQUFPLEtBQUssQ0FBQyxTQUFTLENBQUM7WUFDckIsT0FBTyxFQUFFLGNBQWM7WUFDdkIsUUFBUSxFQUFFLE9BQU87WUFDakIsT0FBTyxFQUFFLEtBQUs7WUFDZCxZQUFZLEVBQUUseUNBQXlDLElBQUksUUFBUTtTQUNwRSxDQUFDLENBQUM7S0FDSjtJQUVELE1BQU0sSUFBSSxLQUFLLENBQUMsTUFBTSxFQUFFLENBQUMsSUFBSSxxQ0FBcUMsQ0FBQyxDQUFDO0FBQ3RFLENBQUM7QUF4Q0Qsd0NBd0NDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY2RrIGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCB7IGF3c19pbWFnZWJ1aWxkZXIgYXMgaW1hZ2VidWlsZGVyIH0gZnJvbSAnYXdzLWNkay1saWInO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSAnY29uc3RydWN0cyc7XG5pbXBvcnQgeyBJbWFnZUJ1aWxkZXJDb21wb25lbnQgfSBmcm9tICcuL2J1aWxkZXInO1xuaW1wb3J0IHsgSW1hZ2VCdWlsZGVyT2JqZWN0QmFzZSB9IGZyb20gJy4vY29tbW9uJztcbmltcG9ydCB7IEFyY2hpdGVjdHVyZSwgT3MgfSBmcm9tICcuLi8uLi9wcm92aWRlcnMvY29tbW9uJztcbmltcG9ydCB7IHVuaXF1ZUltYWdlQnVpbGRlck5hbWUgfSBmcm9tICcuLi9jb21tb24nO1xuXG4vKipcbiAqIFByb3BlcnRpZXMgZm9yIEFtaVJlY2lwZSBjb25zdHJ1Y3QuXG4gKi9cbmludGVyZmFjZSBBbWlSZWNpcGVQcm9wZXJ0aWVzIHtcbiAgLyoqXG4gICAqIFRhcmdldCBwbGF0Zm9ybS4gTXVzdCBtYXRjaCBidWlsZGVyIHBsYXRmb3JtLlxuICAgKi9cbiAgcmVhZG9ubHkgcGxhdGZvcm06ICdMaW51eCcgfCAnV2luZG93cyc7XG5cbiAgLyoqXG4gICAqIFRhcmdldCBhcmNoaXRlY3R1cmUuIE11c3QgbWF0Y2ggYnVpbGRlciBwbGF0Zm9ybS5cbiAgICovXG4gIHJlYWRvbmx5IGFyY2hpdGVjdHVyZTogQXJjaGl0ZWN0dXJlO1xuXG4gIC8qKlxuICAgKiBCYXNlIEFNSSB0byB1c2UgZm9yIHRoZSBuZXcgcnVubmVyIEFNSS5cbiAgICovXG4gIHJlYWRvbmx5IGJhc2VBbWk6IHN0cmluZztcblxuICAvKipcbiAgICogQ29tcG9uZW50cyB0byBhZGQgdG8gdGFyZ2V0IGNvbnRhaW5lciBpbWFnZS5cbiAgICovXG4gIHJlYWRvbmx5IGNvbXBvbmVudHM6IEltYWdlQnVpbGRlckNvbXBvbmVudFtdO1xufVxuXG4vKipcbiAqIEltYWdlIGJ1aWxkZXIgcmVjaXBlIGZvciBBbWF6b24gTWFjaGluZSBJbWFnZSAoQU1JKS5cbiAqXG4gKiBAaW50ZXJuYWxcbiAqL1xuZXhwb3J0IGNsYXNzIEFtaVJlY2lwZSBleHRlbmRzIEltYWdlQnVpbGRlck9iamVjdEJhc2Uge1xuICBwdWJsaWMgcmVhZG9ubHkgYXJuOiBzdHJpbmc7XG4gIHB1YmxpYyByZWFkb25seSBuYW1lOiBzdHJpbmc7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IEFtaVJlY2lwZVByb3BlcnRpZXMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgY29uc3QgbmFtZSA9IHVuaXF1ZUltYWdlQnVpbGRlck5hbWUodGhpcyk7XG5cbiAgICBsZXQgY29tcG9uZW50cyA9IHByb3BzLmNvbXBvbmVudHMubWFwKGNvbXBvbmVudCA9PiB7XG4gICAgICByZXR1cm4ge1xuICAgICAgICBjb21wb25lbnRBcm46IGNvbXBvbmVudC5hcm4sXG4gICAgICB9O1xuICAgIH0pO1xuXG4gICAgbGV0IHdvcmtpbmdEaXJlY3Rvcnk7XG4gICAgaWYgKHByb3BzLnBsYXRmb3JtID09ICdMaW51eCcpIHtcbiAgICAgIHdvcmtpbmdEaXJlY3RvcnkgPSAnL2hvbWUvcnVubmVyJztcbiAgICB9IGVsc2UgaWYgKHByb3BzLnBsYXRmb3JtID09ICdXaW5kb3dzJykge1xuICAgICAgd29ya2luZ0RpcmVjdG9yeSA9ICdDOi8nOyAvLyBtdXN0IGV4aXN0IG9yIEltYWdlIEJ1aWxkZXIgZmFpbHMgYW5kIG11c3Qgbm90IGJlIGVtcHR5IG9yIGdpdCB3aWxsIHN0YWxsIGluc3RhbGxpbmcgZnJvbSB0aGUgZGVmYXVsdCB3aW5kb3dzXFxzeXN0ZW0zMlxuICAgIH0gZWxzZSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoYFVuc3VwcG9ydGVkIEFNSSByZWNpcGUgcGxhdGZvcm06ICR7cHJvcHMucGxhdGZvcm19YCk7XG4gICAgfVxuXG4gICAgY29uc3QgcmVjaXBlID0gbmV3IGltYWdlYnVpbGRlci5DZm5JbWFnZVJlY2lwZSh0aGlzLCAnUmVjaXBlJywge1xuICAgICAgbmFtZTogbmFtZSxcbiAgICAgIHZlcnNpb246IHRoaXMudmVyc2lvbignSW1hZ2VSZWNpcGUnLCBuYW1lLCB7XG4gICAgICAgIHBsYXRmb3JtOiBwcm9wcy5wbGF0Zm9ybSxcbiAgICAgICAgY29tcG9uZW50cyxcbiAgICAgICAgcGFyZW50QW1pOiBwcm9wcy5iYXNlQW1pLFxuICAgICAgfSksXG4gICAgICBwYXJlbnRJbWFnZTogcHJvcHMuYmFzZUFtaSxcbiAgICAgIGNvbXBvbmVudHMsXG4gICAgICB3b3JraW5nRGlyZWN0b3J5LFxuICAgIH0pO1xuXG4gICAgdGhpcy5hcm4gPSByZWNpcGUuYXR0ckFybjtcbiAgICB0aGlzLm5hbWUgPSBuYW1lO1xuICB9XG59XG5cbi8qKlxuICogRGVmYXVsdCBiYXNlIEFNSSBmb3IgZ2l2ZW4gT1MgYW5kIGFyY2hpdGVjdHVyZS5cbiAqXG4gKiBAaW50ZXJuYWxcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGRlZmF1bHRCYXNlQW1pKHNjb3BlOiBDb25zdHJ1Y3QsIG9zOiBPcywgYXJjaGl0ZWN0dXJlOiBBcmNoaXRlY3R1cmUpIHtcbiAgY29uc3Qgc3RhY2sgPSBjZGsuU3RhY2sub2Yoc2NvcGUpO1xuXG4gIGxldCBhcmNoO1xuICBpZiAoYXJjaGl0ZWN0dXJlLmlzKEFyY2hpdGVjdHVyZS5YODZfNjQpKSB7XG4gICAgYXJjaCA9ICd4ODYnO1xuICB9IGVsc2UgaWYgKGFyY2hpdGVjdHVyZS5pcyhBcmNoaXRlY3R1cmUuQVJNNjQpKSB7XG4gICAgYXJjaCA9ICdhcm02NCc7XG4gIH0gZWxzZSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKGBVbnN1cHBvcnRlZCBhcmNoaXRlY3R1cmUgZm9yIGJhc2UgQU1JOiAke2FyY2hpdGVjdHVyZS5uYW1lfWApO1xuICB9XG5cbiAgaWYgKG9zLmlzKE9zLkxJTlVYX1VCVU5UVSkgfHwgb3MuaXMoT3MuTElOVVgpKSB7XG4gICAgcmV0dXJuIHN0YWNrLmZvcm1hdEFybih7XG4gICAgICBzZXJ2aWNlOiAnaW1hZ2VidWlsZGVyJyxcbiAgICAgIHJlc291cmNlOiAnaW1hZ2UnLFxuICAgICAgYWNjb3VudDogJ2F3cycsXG4gICAgICByZXNvdXJjZU5hbWU6IGB1YnVudHUtc2VydmVyLTIyLWx0cy0ke2FyY2h9L3gueC54YCxcbiAgICB9KTtcbiAgfVxuXG4gIGlmIChvcy5pcyhPcy5MSU5VWF9BTUFaT05fMikpIHtcbiAgICByZXR1cm4gc3RhY2suZm9ybWF0QXJuKHtcbiAgICAgIHNlcnZpY2U6ICdpbWFnZWJ1aWxkZXInLFxuICAgICAgcmVzb3VyY2U6ICdpbWFnZScsXG4gICAgICBhY2NvdW50OiAnYXdzJyxcbiAgICAgIHJlc291cmNlTmFtZTogYGFtYXpvbi1saW51eC0yLSR7YXJjaH0veC54LnhgLFxuICAgIH0pO1xuICB9XG5cbiAgaWYgKG9zLmlzKE9zLldJTkRPV1MpKSB7XG4gICAgcmV0dXJuIHN0YWNrLmZvcm1hdEFybih7XG4gICAgICBzZXJ2aWNlOiAnaW1hZ2VidWlsZGVyJyxcbiAgICAgIHJlc291cmNlOiAnaW1hZ2UnLFxuICAgICAgYWNjb3VudDogJ2F3cycsXG4gICAgICByZXNvdXJjZU5hbWU6IGB3aW5kb3dzLXNlcnZlci0yMDIyLWVuZ2xpc2gtZnVsbC1iYXNlLSR7YXJjaH0veC54LnhgLFxuICAgIH0pO1xuICB9XG5cbiAgdGhyb3cgbmV3IEVycm9yKGBPUyAke29zLm5hbWV9IG5vdCBzdXBwb3J0ZWQgZm9yIEFNSSBydW5uZXIgaW1hZ2VgKTtcbn1cblxuIl19

package/lib/{providers/image-builders → image-builders}/aws-image-builder/builder.d.ts

@@ -2,7 +2,7 @@ import * as cdk from 'aws-cdk-lib';
 import { aws_ec2 as ec2, aws_iam as iam, aws_imagebuilder as imagebuilder, aws_logs as logs, aws_s3_assets as s3_assets, aws_sns as sns } from 'aws-cdk-lib';
 import { Construct, IConstruct } from 'constructs';
 import { ImageBuilderObjectBase } from './common';
-import { RunnerAmi, RunnerImage } from '../../common';
+import { RunnerAmi, RunnerImage } from '../../providers';
 import { RunnerImageBuilderBase, RunnerImageBuilderProps } from '../common';
 export interface AwsImageBuilderRunnerImageBuilderProps {
     /**
@@ -51,6 +51,12 @@ export interface ImageBuilderComponentProperties {
      * Optional assets to add to the built image.
      */
     readonly assets?: ImageBuilderAsset[];
+    /**
+     * Require a reboot after installing this component.
+     *
+     * @default false
+     */
+    readonly reboot?: boolean;
 }
 /**
  * Components are a set of commands to run and optional files to add to an image. Components are the building blocks of images built by Image Builder.
@@ -63,7 +69,8 @@ export interface ImageBuilderComponentProperties {
  *   displayName: 'AWS CLI',
  *   description: 'Install latest version of AWS CLI',
  *   commands: [
- *     'Start-Process msiexec.exe -Wait -ArgumentList \'/i https://awscli.amazonaws.com/AWSCLIV2.msi /qn\'',
+ *     '$p = Start-Process msiexec.exe -PassThru -Wait -ArgumentList \'/i https://awscli.amazonaws.com/AWSCLIV2.msi /qn\'',
+ *     'if ($p.ExitCode -ne 0) { throw "Exit code is $p.ExitCode" }',
  *   ],
  * }
  * ```