packaging: provide CentOS Stream, Alma and Rocky Linux builds for version 10

[patrick-stephens]

Resolves #10469 by providing builds for all RHEL-compatible v10 targets.

Also fixes an issue with RockyLinux base images using outdated versions due to an issue over there: rocky-linux/sig-cloud-instance-images#57

Found an issue with ARM runners not finding awscli package to install: actions/partner-runner-images#135
Resolved by using snap if apt fails so should also allow us to transition to Ubuntu 24 now for those runners.

---

Enter [N/A] in the box, if an item is not applicable to your change.

Testing
Before we can approve your change; please submit the following in a comment:

• Example configuration file for the change
• Debug log output from testing the change

• Attached Valgrind output that shows no leaks or memory corruption was found

If this is a change to packaging of containers or native binaries then please confirm it works for all targets.

• Run local packaging test showing all targets (including any new ones) build.
• Set ok-package-test label to test for all targets (requires maintainer to do).

Documentation

• Documentation required for this feature
• packaging: add Centos/Alma/Rocky Linux v10 support fluent-bit-docs#2067

Backporting

• Backport to latest stable release.
• packaging: support Alma/Rocky/CentOS 10 plus Debian Trixie/13 [Backport to 4.0] #10907

---

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

Summary by CodeRabbit

• New Features

  • Added official RPM package support for CentOS Stream 10, Rocky Linux 10, and AlmaLinux 10 on x86_64 and arm64.

• Documentation

  • Expanded Linux distribution matrix to include CentOS Stream 10, Rocky Linux 10, and AlmaLinux 10 variants (x86_64/arm64).

• Tests

  • Expanded release package tests: added Ubuntu 24.04 and Debian 12/13 (APT), plus AlmaLinux 10, Rocky Linux 10, and CentOS Stream 10 (YUM).

• Chores

  • Updated build/repo automation and CI to support new RPM targets, cross-arch builds, and a more robust AWS CLI install fallback.

[coderabbitai]

Walkthrough

Adds RPM build/test/repo support for CentOS Stream 10, AlmaLinux 10, and Rocky Linux 10 (x86_64 and arm64v8). Introduces new Dockerfile base stages and ARM QEMU support, expands build-config targets, test matrices, repo update paths, and updates packaging docs and CI steps for robust AWS CLI install.

Changes

Cohort / File(s)	Summary
Docs: distro coverage packaging/README.md	Expanded Linux distro table to include CentOS Stream 10 and AlmaLinux/Rocky Linux 10/9/8 for x86_64 and arm64v8; AmazonLinux 2023 unchanged.
Build targets config packaging/build-config.json	Added six rpm linux_targets: centos/10, centos/10.arm64v8, rockylinux/10, rockylinux/10.arm64v8, almalinux/10, almalinux/10.arm64v8.
AlmaLinux Docker builds packaging/distros/almalinux/Dockerfile	Added almalinux-10-base and almalinux-10.arm64v8-base stages; enabled CRB/dev tools, set FLB_JEMALLOC_OPTIONS, added COPY --from=multiarch-aarch64 for ARM QEMU, standardized stage alias casing to AS.
CentOS Docker builds packaging/distros/centos/Dockerfile	Added centos-10-base and centos-10.arm64v8-base; installs CMake/deps, exposes FLB_* ARG/ENV, adds ARM QEMU, and sets FLB_UNICODE_ENCODER/FLB_KAFKA/FLB_JEMALLOC_OPTIONS for ARM stage.
Rocky Linux Docker builds packaging/distros/rockylinux/Dockerfile	Switched base refs to rockylinux/rockylinux:<ver>, added rockylinux-10 amd64/arm64 stages, standardized AS, and adjusted ARM64 base handling.
Release test matrices packaging/test-release-packages.sh	Expanded APT_TARGETS (added ubuntu:24.04, debian:12, debian:13) and YUM_TARGETS (added almalinux:10, rockylinux:10, quay.io/centos/centos:stream10); reformatted arrays.
Repo updater paths packaging/update-repos.sh	Extended RPM_REPO_PATHS with centos/10, rockylinux/10, almalinux/10 and reformatted to multi-line.
CI workflow: awscli install .github/workflows/call-build-linux-packages.yaml	Decoupled AWS CLI install from distro-info; added fallback to snap install aws-cli --classic and shell: bash for step(s); other logic unchanged.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Dev as Developer
  participant CI as CI Orchestrator
  participant Dkr as Docker Buildx
  participant QEMU as QEMU (arm64 emulation)
  participant Repo as RPM Repo Updater
  participant Test as Release Test Runner

  Dev->>CI: Trigger package build (rpm targets)
  CI->>Dkr: Build base stages for {centos, rockylinux, almalinux}/10 (amd64 + arm64)
  alt arm64 builds
    Dkr->>QEMU: Copy qemu-aarch64-static for emulation
  end
  Dkr-->>CI: Produce RPM artifacts
  CI->>Repo: Run update-repos.sh (includes .../10)
  CI->>Test: Run test-release-packages.sh (includes stream10, 10 targets)
  Test-->>CI: Report version checks & results

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• packaging: add debian trixie support #10728 — Similar packaging changes adding new Linux distro targets (build-config and README overlap).

Suggested reviewers

• niedbalski
• celalettin1286
• cosmo0920

Poem

I nibble new bases in CentOS and Rock,
Alma's tenth burrow gets its clock.
QEMU hums for ARM with gentle cheer,
RPMs roll out — carrots near! 🥕🐇

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title succinctly summarizes the primary change: adding packaging support for CentOS Stream, AlmaLinux, and Rocky Linux version 10. It directly corresponds to the added Dockerfile stages, build-config.json updates, repository list changes, and expanded test targets described in the PR. The phrasing is concise and specific enough for a teammate scanning history to understand the main change.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

packaging/distros/almalinux/Dockerfile (1)

94-113: Minor inconsistency in comment but functionality is correct.

The comment on Line 94 says "almalinux/8.arm64v8 base image" but this is actually the AlmaLinux 10 ARM64 stage. The functionality is correct with proper QEMU setup and Jemalloc configuration.

-# almalinux/8.arm64v8 base image
+# almalinux/10.arm64v8 base image

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 59d9f26 and 87a83d0.

📒 Files selected for processing (7)

• packaging/README.md (2 hunks)
• packaging/build-config.json (3 hunks)
• packaging/distros/almalinux/Dockerfile (5 hunks)
• packaging/distros/centos/Dockerfile (1 hunks)
• packaging/distros/rockylinux/Dockerfile (5 hunks)
• packaging/test-release-packages.sh (1 hunks)
• packaging/update-repos.sh (1 hunks)

🧰 Additional context used

🪛 Checkov (3.2.334)

packaging/distros/centos/Dockerfile

[high] 236-247: Ensure that certificate validation isn't disabled with curl

(CKV2_DOCKER_2)

---

[high] 265-276: Ensure that certificate validation isn't disabled with curl

(CKV2_DOCKER_2)

🪛 GitHub Check: PR - Hadolint

packaging/distros/centos/Dockerfile

[warning] 265-265:
[hadolint] reported by reviewdog 🐶
Set the SHELL option -o pipefail before RUN with a pipe in it. If you are using /bin/sh in an alpine image or if your shell is symlinked to busybox then consider explicitly setting your SHELL to /bin/ash, or disable this check

Raw Output:
message:"Set the SHELL option -o pipefail before RUN with a pipe in it. If you are using /bin/sh in an alpine image or if your shell is symlinked to busybox then consider explicitly setting your SHELL to /bin/ash, or disable this check" location:{path:"packaging/distros/centos/Dockerfile" range:{start:{line:265 column:1}}} severity:WARNING source:{name:"hadolint" url:"https://github.com/hadolint/hadolint"} code:{value:"DL4006" url:"https://github.com/hadolint/hadolint/wiki/DL4006"}

---

[warning] 236-236:
[hadolint] reported by reviewdog 🐶
Set the SHELL option -o pipefail before RUN with a pipe in it. If you are using /bin/sh in an alpine image or if your shell is symlinked to busybox then consider explicitly setting your SHELL to /bin/ash, or disable this check

Raw Output:
message:"Set the SHELL option -o pipefail before RUN with a pipe in it. If you are using /bin/sh in an alpine image or if your shell is symlinked to busybox then consider explicitly setting your SHELL to /bin/ash, or disable this check" location:{path:"packaging/distros/centos/Dockerfile" range:{start:{line:236 column:1}}} severity:WARNING source:{name:"hadolint" url:"https://github.com/hadolint/hadolint"} code:{value:"DL4006" url:"https://github.com/hadolint/hadolint/wiki/DL4006"}

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (51)

• GitHub Check: PR - container builds / Windows container images (2025)
• GitHub Check: PR - container builds / Windows container images (2022)
• GitHub Check: PR - packages build Linux / ubuntu/24.04.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / ubuntu/22.04 package build and stage to S3
• GitHub Check: PR - packages build Linux / raspbian/bookworm package build and stage to S3
• GitHub Check: PR - packages build Linux / debian/bullseye package build and stage to S3
• GitHub Check: PR - packages build Linux / debian/bookworm package build and stage to S3
• GitHub Check: PR - packages build Linux / debian/trixie package build and stage to S3
• GitHub Check: PR - packages build Linux / debian/bookworm.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / debian/bullseye.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / ubuntu/24.04 package build and stage to S3
• GitHub Check: PR - packages build Linux / ubuntu/22.04.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / debian/trixie.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / debian/buster package build and stage to S3
• GitHub Check: PR - packages build Linux / rockylinux/10 package build and stage to S3
• GitHub Check: PR - packages build Linux / debian/buster.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / almalinux/8.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / rockylinux/9.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / almalinux/9.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / almalinux/9 package build and stage to S3
• GitHub Check: PR - packages build Linux / almalinux/10 package build and stage to S3
• GitHub Check: PR - packages build Linux / almalinux/10.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / almalinux/8 package build and stage to S3
• GitHub Check: PR - packages build Linux / centos/10 package build and stage to S3
• GitHub Check: PR - packages build Linux / rockylinux/8 package build and stage to S3
• GitHub Check: PR - packages build Linux / rockylinux/9 package build and stage to S3
• GitHub Check: PR - packages build Linux / centos/7 package build and stage to S3
• GitHub Check: PR - packages build Linux / centos/10.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / centos/7.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / rockylinux/10.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / rockylinux/8.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / amazonlinux/2.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / amazonlinux/2023.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / centos/9.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / centos/9 package build and stage to S3
• GitHub Check: PR - packages build Linux / amazonlinux/2023 package build and stage to S3
• GitHub Check: PR - packages build Linux / centos/8 package build and stage to S3
• GitHub Check: PR - packages build Linux / centos/8.arm64v8 package build and stage to S3
• GitHub Check: PR - packages build Linux / amazonlinux/2 package build and stage to S3
• GitHub Check: PR - container builds / arm64/debug container image build
• GitHub Check: PR - container builds / arm/v7/production container image build
• GitHub Check: PR - container builds / arm64/production container image build
• GitHub Check: PR - container builds / amd64/debug container image build
• GitHub Check: PR - container builds / amd64/production container image build
• GitHub Check: PR - container builds / arm/v7/debug container image build
• GitHub Check: PR - packages build MacOS / call-build-macos-package (Apple Silicon macOS runner, macos-14, 3.31.6)
• GitHub Check: PR - packages build MacOS / call-build-macos-package (Intel macOS runner, macos-14-large, 3.31.6)
• GitHub Check: PR - packages build Windows / call-build-windows-package (Windows 64bit, x64, x64-windows-static, 3.31.6)
• GitHub Check: PR - packages build Windows / call-build-windows-package (Windows 32bit, x86, x86-windows-static, 3.31.6)
• GitHub Check: PR - packages build Windows / call-build-windows-package (Windows 64bit (Arm64), amd64_arm64, -DCMAKE_SYSTEM_NAME=Windows -DCMA...
• GitHub Check: Run install tests

🔇 Additional comments (20)

packaging/README.md (3)

14-25: LGTM! Documentation properly reflects new distro support.

The addition of AlmaLinux 10 and CentOS Stream 10 entries in both x86_64 and arm64v8 architectures accurately documents the expanded build targets added in this PR. The table format and target options are consistent with existing entries.

---

22-23: Verify the AmazonLinux 2 entries are intentionally preserved.

The AI summary mentioned that AmazonLinux 2 entries replaced some content, but I see they're still present. This appears correct as these are valid supported targets.

---

52-57: LGTM! Rocky Linux 10 documentation is complete.

The Rocky Linux 10 entries for both architectures follow the established pattern and correctly document the new build targets.

packaging/build-config.json (3)

43-50: LGTM! CentOS 10 targets added correctly.

The new CentOS 10 RPM targets for both x86_64 and arm64v8 architectures are properly positioned after the CentOS 9 targets and follow the established JSON structure.

---

67-74: LGTM! Rocky Linux 10 targets added correctly.

The Rocky Linux 10 build targets are properly configured and positioned consistently with other distro versions.

---

91-98: LGTM! AlmaLinux 10 targets added correctly.

The AlmaLinux 10 targets complete the RHEL-compatible v10 distribution coverage as intended by the PR objectives.

packaging/distros/rockylinux/Dockerfile (5)

10-10: LGTM! Dockerfile style standardization.

The change from lowercase as to uppercase AS in multi-stage build declarations improves consistency and follows Docker best practices.

---

13-13: Good fix for Rocky Linux base image references.

The update from rockylinux:<ver> to rockylinux/rockylinux:<ver> addresses the issue mentioned in the PR description regarding outdated Rocky Linux base images, referencing the GitHub issue at rocky-linux/sig-cloud-instance-images/issues/57.

Also applies to: 28-28, 47-47

---

81-93: LGTM! Rocky Linux 10 x86_64 base stage added.

The new rockylinux-10-base stage follows the established pattern from other Rocky Linux versions and includes the appropriate package installations and repository configurations.

---

96-113: LGTM! Rocky Linux 10 ARM64 base stage with cross-compilation support.

The ARM64 variant correctly includes QEMU setup for cross-compilation and the larger page size configuration for ARM64 architecture requirements.

---

117-117: LGTM! Consistent uppercase AS usage in final stage.

The final builder stage declaration now uses uppercase AS consistently with the other changes in the file.

packaging/update-repos.sh (1)

34-46: LGTM! RPM repository paths expanded correctly.

The addition of centos/10, rockylinux/10, and almalinux/10 to the RPM_REPO_PATHS array properly supports the new v10 RHEL-compatible distributions. The multi-line formatting improves readability.

packaging/test-release-packages.sh (2)

40-47: LGTM! APT test targets updated appropriately.

The addition of Ubuntu 24.04 and Debian 12/13 test targets expands test coverage and the multi-line array format improves maintainability.

---

49-61: LGTM! YUM test targets expanded for v10 distributions.

The addition of almalinux:10, rockylinux:10, and quay.io/centos/centos:stream10 properly tests the new RHEL-compatible v10 builds. The test matrix now comprehensively covers all supported RPM-based distributions.

packaging/distros/almalinux/Dockerfile (3)

10-10: LGTM! Consistent Dockerfile style improvements.

The standardization to uppercase AS in all multi-stage build declarations improves consistency across the Dockerfile and follows Docker best practices.

Also applies to: 13-13, 28-28, 47-47, 62-62, 117-117

---

62-80: LGTM! AlmaLinux 9 ARM64 stage properly configured.

The ARM64 variant includes QEMU setup for cross-compilation and the appropriate Jemalloc configuration for ARM64 architecture requirements.

---

81-93: LGTM! AlmaLinux 10 x86_64 base stage added correctly.

The new AlmaLinux 10 base stage properly enables the CRB repository and installs the necessary development tools following the established pattern.

packaging/distros/centos/Dockerfile (3)

228-253: LGTM! CentOS Stream 10 x86_64 base stage properly configured.

The new centos-10-base stage correctly uses quay.io/centos/centos:stream10 as the base image, enables the CRB repository, and includes comprehensive development tools installation. The CMake setup and FLB_OUT_PGSQL configuration align with other CentOS versions.

---

255-290: LGTM! CentOS Stream 10 ARM64 stage with comprehensive configuration.

The ARM64 variant correctly includes QEMU setup for cross-compilation and the additional build flags (FLB_UNICODE_ENCODER, FLB_KAFKA, FLB_JEMALLOC_OPTIONS) appropriate for ARM64 builds. The larger page size configuration addresses ARM64 architecture requirements.

---

236-247: Static analysis warnings can be safely ignored.

The Hadolint warnings about curl certificate validation and pipefail are false positives in this context:

1. The curl commands use GitHub's official CMake releases with proper TLS validation
2. The pipefail warnings relate to tar extraction pipelines that are safe and follow established patterns in the existing Dockerfile

These are standard Docker build patterns used consistently throughout the file.

Also applies to: 265-276

[patrick-stephens]

@cosmo0920 did we make some changes to the default runner? It looks like all ARM builds fail later with E: Package 'awscli' has no installation candidate

I think it is down to https://forum.virtualmin.com/t/ubuntu-24-04-does-not-have-awscli/130361/2

Ah it is likely down to the ARM images being mixed up: actions/partner-runner-images#134

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (3)

.github/workflows/call-build-linux-packages.yaml (3)

229-231: Apply the same robust AWS CLI install to repo job and verify version.

Mirror the hardening from the build job to avoid environment drift or missing aws on this path.

-          sudo apt-get install -y awscli || sudo snap install aws-cli --classic
+          sudo apt-get install -y awscli \
+          || { sudo apt-get install -y snapd && sudo snap install aws-cli --classic; }
+          echo "/snap/bin" >> "$GITHUB_PATH"
+          aws --version || { echo "aws CLI missing after install"; exit 1; }

---

218-220: Stale comment contradicts runner image.

Comment says “Need to use 18.04…”, but the job runs on ubuntu-22.04. Update to prevent confusion.

-    # Need to use 18.04 as 20.04 has no createrepo available
-    runs-on: ubuntu-22.04
+    # Using Ubuntu 22.04 (Jammy); createrepo-c is available via apt.
+    runs-on: ubuntu-22.04

---

108-109: Install AWS CLI v2 via AWS's official ARM64 installer on ARM runners

ubuntu-22.04-arm is an Arm partner runner; distro apt/snap may not provide the supported AWS CLI v2 for aarch64 — detect the ARM path and install awscli-exe-linux-aarch64.zip (unzip + sudo ./aws/install) in the ARM job instead of relying on apt/snap. File: .github/workflows/call-build-linux-packages.yaml lines 108-109.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 87a83d0 and 2e0328c.

📒 Files selected for processing (1)

• .github/workflows/call-build-linux-packages.yaml (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: PR - container builds / Windows container images (2022)
• GitHub Check: PR - container builds / Windows container images (2025)
• GitHub Check: PR - packages build Windows / call-build-windows-package (Windows 64bit, x64, x64-windows-static, 3.31.6)
• GitHub Check: PR - packages build Windows / call-build-windows-package (Windows 64bit (Arm64), amd64_arm64, -DCMAKE_SYSTEM_NAME=Windows -DCMA...
• GitHub Check: PR - packages build Windows / call-build-windows-package (Windows 32bit, x86, x86-windows-static, 3.31.6)

[coderabbitai]

⚠️ Potential issue

🧩 Analysis chain

Harden AWS CLI install (snapd availability, PATH, version drift).

• Partner/ARM runners may not have snapd enabled; current fallback can still fail.
• PATH to /snap/bin isn’t guaranteed; add it to GITHUB_PATH after snap install.
• apt installs v1; snap installs v2. Mixing per-run can cause subtle behavior differences. At minimum, log the installed version; ideally standardize on one.

Suggested patch:

-          sudo apt-get install -y awscli || sudo snap install aws-cli --classic
+          # Try apt first; if unavailable, install snapd then snap-based AWS CLI v2
+          sudo apt-get install -y awscli \
+          || { sudo apt-get install -y snapd && sudo snap install aws-cli --classic; }
+          # Ensure snap binaries are reachable for subsequent steps and log version
+          echo "/snap/bin" >> "$GITHUB_PATH"
+          aws --version || { echo "aws CLI missing after install"; exit 1; }

---

🌐 Web query:

Do GitHub Actions ubuntu-latest runners have snapd installed by default and include /snap/bin in their PATH?

💡 Result:

Short answer: Yes.

• GitHub's Ubuntu runner images list (runner-images) is the source of truth for included software and the Ubuntu images are built from Ubuntu LTS images that include snapd. [1]
• There are multiple reports and issues showing workflows using snap (e.g. running sudo snap install ...) on ubuntu-22.04/ubuntu-latest runners, which implies snapd is present on those images. [2]
• The snapd package itself installs an environment fragment (/usr/lib/environment.d/990-snapd.conf) that adds /snap/bin to PATH (so snap-installed commands are available). See the snapd package file list and related Ubuntu docs/bugs describing 990-snapd.conf writing PATH. [3]

Notes: some users have seen intermittent problems with snap operations on hosted runners (e.g. snap install hanging), so while snapd and /snap/bin are present, snap commands may sometimes behave unexpectedly on CI. [2]

Sources:

1. actions/runner-images (GitHub Actions runner images documentation). [1]
2. Issue reporting snap install problems on ubuntu runners (actions/runner-images / issues). [2]
3. snapd package file list and Ubuntu docs referencing /usr/lib/environment.d/990-snapd.conf which appends /snap/bin to PATH. [3]

---

🌐 Web query:

What AWS CLI version is installed by `sudo apt-get install -y awscli` on Ubuntu 20.04 and which version does `sudo snap install aws-cli --classic` install?

💡 Result:

• sudo apt-get install -y awscli (Ubuntu 20.04 focal): installs the Ubuntu/Debian package "awscli" from focal (Universe) — this is AWS CLI v1 (focal-updates packaged as 1.18.69; base was 1.17.14). [1][2]

• sudo snap install aws-cli --classic: the snap is the officially-published snap for the AWS CLI; the snap's default v2 channel publishes AWS CLI v2 (the snap can also be installed on the v1 channel if you explicitly request --channel=v1/stable). Snap installs therefore typically give you AWS CLI v2 unless you choose the v1 channel. [3][4]

Sources:

1. packages.ubuntu.com (awscli for focal / focal‑updates). [turn1search4].
2. UbuntuUpdates / package awscli (focal). [turn1search1].
3. AWS CLI install docs (notes about snap being officially supported and snap providing latest v2). [turn0search0].
4. Snapcraft aws-cli install page (snap install aws-cli --classic; channels include v1/v2). [turn0search3].

---

Harden AWS CLI install: avoid mixing v1/v2 and make snap fallback reliable

File: .github/workflows/call-build-linux-packages.yaml (lines 166–168)

• GitHub-hosted ubuntu images generally include snapd and /snap/bin is normally exposed, but snap installs can intermittently fail in CI and snapd is not guaranteed on self-hosted/partner/ARM runners.
• apt-get install awscli installs AWS CLI v1; snap install aws-cli --classic installs AWS CLI v2 by default. Do not mix — this causes subtle runtime differences.
• Required changes: standardize on one AWS CLI major version (prefer v2 via the official bundled installer or snap). If you keep a fallback, ensure you install snapd first, add /snap/bin to $GITHUB_PATH, log aws --version, and fail the job on missing/mismatched CLI.