diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9d02a59402..63b919bc52 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -28,10 +28,10 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Docker Buildx to use cache feature - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 - name: Login to Docker Hub - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} @@ -39,7 +39,7 @@ jobs: - name: Docker Build CentOS6 Image Test - uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: file: ./ansible/docker/Dockerfile.CentOS6 build-args: git_sha=${{ github.sha }} @@ -50,7 +50,7 @@ jobs: if: github.ref != 'refs/heads/master' - name: Docker Build & Push Centos6 Image to Docker Hub On Merge - uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: file: ./ansible/docker/Dockerfile.CentOS6 build-args: git_sha=${{ github.sha }} @@ -68,10 +68,10 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Docker Buildx to use cache feature - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 - name: Docker Build Alpine3 Image - uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: file: ./ansible/docker/Dockerfile.Alpine3 build-args: git_sha=${{ github.sha }} diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 9239abafde..9dd639924a 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -42,7 +42,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Python 3.x - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: '3.x' diff --git a/FAQ.md b/FAQ.md index b2c552e2ef..6529c738bf 100644 --- a/FAQ.md +++ b/FAQ.md @@ -89,6 +89,7 @@ have at the moment: | [Centos6](./ansible/docker/Dockerfile.CentOS6) | [`adoptopenjdk/centos6_build_image`](https://hub.docker.com/r/adoptopenjdk/centos6_build_image)| linux/amd64 | [GH Actions](.github/workflows/build.yml) | Yes | [Alpine3](./ansible/docker/Dockerfile.Alpine3) | [`adoptopenjdk/alpine3_build_image`](https://hub.docker.com/r/adoptopenjdk/alpine3_build_image) | linux/x64 & linux/arm64 | [Jenkins](https://ci.adoptium.net/job/centos7_docker_image_updater/) | Yes | [Ubuntu 20.04 (riscv64 only)](./ansible/docker/Dockerfile.Ubuntu2004-riscv64) | [`adoptopenjdk/ubuntu2004_build_image:linux-riscv64`](https://hub.docker.com/r/adoptopenjdk/ubuntu2004_build_image) | linux/riscv64 | [Jenkins](https://ci.adoptium.net/job/centos7_docker_image_updater/) | Yes +| [Windows Server 2022](./ansible/docker/Dockerfile.win2022) | n/a - restricted | Windows | No
(*) - Caveats: diff --git a/README.md b/README.md index d5a5ba53e9..73e204e295 100644 --- a/README.md +++ b/README.md @@ -111,17 +111,19 @@ to do an out-of-bound patch if a sufficientl sever issue is identified. ### Jenkins 1. Ensure off-machine backups are working! -2. Check for plugin updates that will apply to the current version of +1. Ensure that no non-pipeline jobs are running on the server as they + will often hold up restarts +1. Check for plugin updates that will apply to the current version of jenkins (Each plugin should be checked for potential issues in the readme) -3. Repeat step 1 if necessary until jenkins does not offer any more plugins -4. Identify new LTS level - check [the release notes](https://www.jenkins.io/doc/upgrade-guide/) +1. Repeat step 1 if necessary until jenkins does not offer any more plugins +1. Identify new LTS level - check [the release notes](https://www.jenkins.io/doc/upgrade-guide/) to identify any potential problems. Allow jenkins to upgrade itself -5. Redo step 1/2 so that any plugins that were unable to be updated due to +1. Redo step 1/2 so that any plugins that were unable to be updated due to the older jenkins level can update themselves. -6. If necessary, and the remediation cannot be performed within the +1. If necessary, and the remediation cannot be performed within the maintenance window, identify potentially risky plugins that were held back and create an issue to deal with them in the next cycle. -7. Backup the main war in /usr/share/jenkins to a name with a version suffix +1. Backup the main war in /usr/share/jenkins to a name with a version suffix in case of corruption to the main jar. ### Backups diff --git a/ansible/DockerInventory.json b/ansible/DockerInventory.json index b6b3eb5a6b..d8a93812bb 100644 --- a/ansible/DockerInventory.json +++ b/ansible/DockerInventory.json @@ -11,10 +11,18 @@ "nodeName": "test-docker-alpine319-x64-4", "port": "32781" }, + { + "nodeName": "test-docker-alpine320-x64-1", + "port": "32784" + }, { "nodeName": "test-docker-fedora39-x64-2", "port": "32779" }, + { + "nodeName": "test-docker-ubi9-x64-1", + "port": "32783" + }, { "nodeName": "test-docker-ubuntu2004-x64-2", "port": "32768" @@ -32,10 +40,10 @@ "port": "32782" } ], - "containersCount": 7 + "containersCount": 9 }, { - "name": "dockerhost-azure-ubuntu2204-x64-2", + "name": "dockerhost-azure-ubuntu2404-x64-1", "ip": "20.83.24.86", "containers": [ { @@ -58,142 +66,170 @@ "nodeName": "test-docker-debian12-x64-4", "port": "32773" }, + { + "nodeName": "test-docker-fedora40-x64-1", + "port": "32778" + }, + { + "nodeName": "test-docker-fedora41-x64-1", + "port": "32779" + }, + { + "nodeName": "test-docker-ubi8-x64-1", + "port": "32777" + }, { "nodeName": "test-docker-ubuntu2004-x64-4", "port": "32775" }, { "nodeName": "test-docker-ubuntu2204-x64-6", - "port": "32769" + "port": "32768" }, { "nodeName": "test-docker-ubuntu2204-x64-7", "port": "32772" + }, + { + "nodeName": "test-docker-ubuntu2410-x64-1", + "port": "32780" } ], - "containersCount": 8 + "containersCount": 12 }, { - "name": "dockerhost-equinix-ubuntu2004-armv8-1", - "ip": "147.75.35.203", + "name": "dockerhost-equinix-ubuntu2204-armv8-1", + "ip": "139.178.86.243", "containers": [ { - "nodeName": "test-docker-alpine319-armv8-2", - "port": "32775" + "nodeName": "test-docker-alpine319-armv8-1", + "port": "2232" }, { - "nodeName": "test-docker-alpine319-armv8-4", + "nodeName": "test-docker-alpine319-armv8-3", + "port": "32772" + }, + { + "nodeName": "test-docker-alpine320-armv8-1", "port": "32777" }, { - "nodeName": "test-docker-amazon2023-armv8l-1", - "port": "32779" + "nodeName": "test-docker-debian12-armv8l-1", + "port": "2231" }, { - "nodeName": "test-docker-debian12-armv7l-1", + "nodeName": "test-docker-fedora40-armv8-1", "port": "32778" }, { - "nodeName": "test-docker-fedora39-armv8l-1", - "port": "2234" + "nodeName": "test-docker-fedora41-armv8-1", + "port": "32779" }, { - "nodeName": "test-docker-sles15-armv8l-1", - "port": "2236" + "nodeName": "test-docker-ubi8-armv8-1", + "port": "32775" }, { - "nodeName": "test-docker-ubuntu1804-armv8l-4", - "port": "32774" + "nodeName": "test-docker-ubuntu2004-armv7l-4", + "port": "2230" }, { - "nodeName": "test-docker-ubuntu2004-armv7l-1", - "port": "2322" + "nodeName": "test-docker-ubuntu2004-armv7l-5", + "port": "2229" }, { - "nodeName": "test-docker-ubuntu2004-armv7l-2", - "port": "2323" + "nodeName": "test-docker-ubuntu2004-armv7l-6", + "port": "2227" }, { - "nodeName": "test-docker-ubuntu2004-armv7l-3", - "port": "2332" + "nodeName": "test-docker-ubuntu2204-armv8-1", + "port": "32769" }, { - "nodeName": "test-docker-ubuntu2004-armv8l-1", + "nodeName": "test-docker-ubuntu2204-armv8-2", "port": "32770" }, { - "nodeName": "test-docker-ubuntu2004-armv8l-2", - "port": "32771" - }, - { - "nodeName": "test-docker-ubuntu2004-armv8l-3", - "port": "32772" + "nodeName": "test-docker-ubuntu2404-armv7-2", + "port": "32774" }, { - "nodeName": "test-docker-ubuntu2204-armv8l-2", + "nodeName": "test-docker-ubuntu2404-armv8-1", "port": "32773" }, { - "nodeName": "test-docker-ubuntu2310-armv8l-1", - "port": "32776" + "nodeName": "test-docker-ubuntu2410-armv8-1", + "port": "32780" } ], "containersCount": 15 }, { - "name": "dockerhost-equinix-ubuntu2204-armv8-1", - "ip": "139.178.86.243", + "name": "dockerhost-equinix-ubuntu2404-armv8-1", + "ip": "147.75.35.203", "containers": [ { - "nodeName": "test-docker-alpine314-armv8-3", - "port": "2214" + "nodeName": "test-docker-alpine319-armv8-2", + "port": "32775" }, { - "nodeName": "test-docker-alpine319-armv8-1", - "port": "2232" + "nodeName": "test-docker-alpine319-armv8-4", + "port": "32777" }, { - "nodeName": "test-docker-alpine319-armv8-3", - "port": "32772" + "nodeName": "test-docker-amazon2023-armv8l-1", + "port": "32779" }, { - "nodeName": "test-docker-debian12-armv8l-1", - "port": "2231" + "nodeName": "test-docker-debian12-armv7l-1", + "port": "32778" }, { - "nodeName": "test-docker-ubuntu2004-armv7l-4", - "port": "2230" + "nodeName": "test-docker-fedora39-armv8l-1", + "port": "2234" }, { - "nodeName": "test-docker-ubuntu2004-armv7l-5", - "port": "2229" + "nodeName": "test-docker-sles15-armv8l-1", + "port": "2236" }, { - "nodeName": "test-docker-ubuntu2004-armv7l-6", - "port": "2227" + "nodeName": "test-docker-ubi9-armv8l-1", + "port": "32780" }, { - "nodeName": "test-docker-ubuntu2204-armv8-1", - "port": "32769" + "nodeName": "test-docker-ubuntu1804-armv8l-4", + "port": "32774" }, { - "nodeName": "test-docker-ubuntu2204-armv8-2", + "nodeName": "test-docker-ubuntu2004-armv7l-1", + "port": "2322" + }, + { + "nodeName": "test-docker-ubuntu2004-armv7l-2", + "port": "2323" + }, + { + "nodeName": "test-docker-ubuntu2004-armv7l-3", + "port": "2332" + }, + { + "nodeName": "test-docker-ubuntu2004-armv8l-1", "port": "32770" }, { - "nodeName": "test-docker-ubuntu2204-armv8-3", + "nodeName": "test-docker-ubuntu2004-armv8l-2", "port": "32771" }, { - "nodeName": "test-docker-ubuntu2404-armv7l-1", - "port": "32774" + "nodeName": "test-docker-ubuntu2204-armv8l-2", + "port": "32773" }, { - "nodeName": "test-docker-ubuntu2404-armv8-1", - "port": "32773" + "nodeName": "test-docker-ubuntu2310-armv8l-1", + "port": "32776" } ], - "containersCount": 12 + "containersCount": 15 }, { "name": "dockerhost-marist-ubuntu2204-s390x-1", @@ -207,12 +243,16 @@ "nodeName": "test-docker-sles15-s390x-1", "port": "32768" }, + { + "nodeName": "test-docker-ubi9-s390x-1", + "port": "32771" + }, { "nodeName": "test-docker-ubuntu2404-s390x-1", "port": "32770" } ], - "containersCount": 3 + "containersCount": 4 }, { "name": "dockerhost-osuosl-ubuntu2004-ppc64le-1", @@ -265,8 +305,12 @@ "port": "32770" }, { - "nodeName": "test-docker-debian11-ppc64le-4", - "port": "32773" + "nodeName": "test-docker-ubi8-ppc64le-1", + "port": "32776" + }, + { + "nodeName": "test-docker-ubi9-ppc64le-1", + "port": "32775" }, { "nodeName": "test-docker-ubuntu2204-ppc64le-1", @@ -281,16 +325,12 @@ "port": "32774" } ], - "containersCount": 7 + "containersCount": 8 }, { "name": "dockerhost-skytap-ubuntu2204-x64-1", "ip": "20.61.136.254", "containers": [ - { - "nodeName": "build-skytap-solaris10-x64-1", - "port": "2200" - }, { "nodeName": "test-docker-alpine319-x64-1", "port": "32787" @@ -304,6 +344,6 @@ "port": "32790" } ], - "containersCount": 4 + "containersCount": 3 } ] \ No newline at end of file diff --git a/ansible/docker/Dockerfile.win2022 b/ansible/docker/Dockerfile.win2022 new file mode 100644 index 0000000000..94f4b6e628 --- /dev/null +++ b/ansible/docker/Dockerfile.win2022 @@ -0,0 +1,34 @@ +FROM mcr.microsoft.com/windows/servercore:ltsc2022 + +# Specify this with --build-arg PW=SomePassword +ARG PW=T3mp=Passwd + +# Set up cygwin with git and ansible as a bootstrap, and add to system default path +RUN powershell wget -UseBasicParsing https://cygwin.com/setup-x86_64.exe -OutFile setup-x86_64.exe & \ + setup-x86_64.exe --packages git,ansible --download --local-install --delete-orphans --site https://mirrors.kernel.org/sourceware/cygwin --local-package-dir c:\cygwin_packages --root C:\cygwin64 --wait --quiet-mode & \ + C:\cygwin64\bin\git config --system core.autocrlf false & \ + del setup-x86_64.exe & \ + setx PATH "c:\cygwin64\bin;%PATH%" & \ + mkdir c:\temp + +# Set up WinRM for the ansible connection +RUN powershell wget -UseBasicParsing https://raw.githubusercontent.com/ansible/ansible/dd4c56e4d68664e4a50292aa19ea61b15c92287c/examples/scripts/ConfigureRemotingForAnsible.ps1 -OutFile ConfigureRemotingForAnsible.ps1 & \ + PowerShell .\ConfigureRemotingForAnsible.ps1 -CertValidityDays 9999 & \ + PowerShell .\ConfigureRemotingForAnsible.ps1 -EnableCredSSP & \ + PowerShell .\ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert & \ + PowerShell .\ConfigureRemotingForAnsible.ps1 -SkipNetworkProfileCheck + +# Set up WinRM user, clone and run the playbook, then delete the user so it's not in any layer +ENV TERM=dumb + +RUN net user ansible %PW% /ADD & net localgroup "Administrators" ansible /ADD & net localgroup "Remote Management Users" ansible /ADD & \ + C:\cygwin64\bin\git clone https://github.com/sxa/infrastructure -b windows_docker_support c:/infrastructure & \ + sed -i -e 's/hosts: .*/hosts: localhost/' infrastructure/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/main.yml & \ + echo localhost ansible_connection=winrm > infrastructure/ansible/hosts & \ + cd infrastructure\ansible & \ + C:\cygwin64\bin\python3.7m.exe /usr/bin/ansible-playbook -e git_sha=00000000 -e ansible_user=ansible -e ansible_password=%PW% -i hosts \ + --skip-tags=adoptopenjdk,reboot,NTP_TIME,MSVS_2013,MSVS_2017,MSVS_2019 playbooks/AdoptOpenJDK_Windows_Playbook/main.yml & \ + net user ansible /DELETE + +ENTRYPOINT ["C:\\Program Files (x86)\\Microsoft Visual Studio\\2022\\BuildTools\\Common7\\Tools\\VsDevCmd.bat", "&&", "powershell.exe", "-NoLogo", "-ExecutionPolicy", "Bypass"] +USER ContainerUser diff --git a/ansible/inventory.yml b/ansible/inventory.yml index 10c1c2afb1..cf9d82d23a 100644 --- a/ansible/inventory.yml +++ b/ansible/inventory.yml @@ -15,6 +15,8 @@ hosts: ubuntu2204-x64-1: {ip: 172.187.163.163, user: adoptopenjdk, description: infra-wazuh-server} ubuntu2204-x64-2: {ip: 20.90.182.165, description: trss.adoptium.net} ubuntu2204-x64-3: {ip: 172.187.93.97, description: awx.adoptium.net} + ubuntu2204-vagrant-x64-1: {ip: 172.203.178.157, description: VPC-Qemu-1} + ubuntu2204-vagrant-x64-2: {ip: 48.217.96.46, description: VPC-Qemu-2} - digitalocean: ubuntu2004-x64-1: {ip: 178.62.115.224, description: bastillion.adoptopenjdk.net} @@ -79,10 +81,10 @@ hosts: - azure: ubuntu2204-x64-1: {ip: 52.180.147.157, description: Xeon Platinum 8272CL, 16 cores, 64GB} - ubuntu2204-x64-2: {ip: 20.83.24.86, description: 16 cores, 64GB} + ubuntu2404-x64-1: {ip: 20.83.24.86, description: 16 cores, 64GB} - equinix: - ubuntu2004-armv8-1: {ip: 147.75.35.203, description: Ampere Altra 160 core, 512Gb} + ubuntu2404-armv8-1: {ip: 147.75.35.203, description: Ampere Altra 160 core, 512Gb} ubuntu2204-armv8-1: {ip: 139.178.86.243, description: Ampere Altra 160 cores, 512Gb} - osuosl: @@ -144,7 +146,7 @@ hosts: rhel8-s390x-2: {ip: 148.100.74.2} sles12-s390x-2: {ip: 148.100.74.193} sles15-s390x-2: {ip: 148.100.74.154, ansible_python_interpreter: /usr/bin/python3} - ubuntu2004-s390x-1: {ip: 148.100.74.240} + ubuntu2404-s390x-1: {ip: 148.100.75.204} ubuntu2204-s390x-1: {ip: 148.100.74.105} # Rise machines are hosted in Scaleway diff --git a/ansible/pbTestScripts/vagrantPlaybookCheck.sh b/ansible/pbTestScripts/vagrantPlaybookCheck.sh index 2a38b17c24..2844290854 100644 --- a/ansible/pbTestScripts/vagrantPlaybookCheck.sh +++ b/ansible/pbTestScripts/vagrantPlaybookCheck.sh @@ -275,7 +275,18 @@ startVMPlaybook() sed -i -e "s/.*hosts:.*/ hosts: all/g" playbooks/AdoptOpenJDK_Unix_Playbook/main.yml awk '{print}/^\[defaults\]$/{print "private_key_file = id_rsa"; print "remote_tmp = $HOME/.ansible/tmp"; print "timeout = 60"}' < ansible.cfg > ansible.cfg.tmp && mv ansible.cfg.tmp ansible.cfg - ansible-playbook $verbosity -i playbooks/AdoptOpenJDK_Unix_Playbook/hosts.unx -u vagrant -b --skip-tags adoptopenjdk,jenkins${skipFullSetup} playbooks/AdoptOpenJDK_Unix_Playbook/main.yml 2>&1 | tee $WORKSPACE/adoptopenjdkPBTests/logFiles/$gitFork.$newGitBranch.$OS.log + # Check if the OS is Solaris10 and add specific ssh-rsa algorithms + sshargs="" + if [ "$OS" == "Solaris10" ]; then + sshargs="--ssh-extra-args='-o PubkeyAcceptedKeyTypes=ssh-rsa -o HostKeyAlgorithms=ssh-rsa'" + fi + + # Initialize the args variable with common arguments + args="$verbosity -i playbooks/AdoptOpenJDK_Unix_Playbook/hosts.unx -u vagrant -b $sshargs --skip-tags adoptopenjdk,jenkins${skipFullSetup}" + + # Run the ansible playbook with the constructed args + eval ansible-playbook $args "playbooks/AdoptOpenJDK_Unix_Playbook/main.yml" 2>&1 | tee "$WORKSPACE/adoptopenjdkPBTests/logFiles/$gitFork.$newGitBranch.$OS.log" + echo The playbook finished at : `date +%T` if ! grep -q 'unreachable=0.*failed=0' $pbLogPath; then echo PLAYBOOK FAILED @@ -286,7 +297,8 @@ startVMPlaybook() # Remove IP from known_hosts as the playbook installs an # alternate sshd which regenerates the host key infra#2244 ssh-keygen -R $(cat playbooks/AdoptOpenJDK_Unix_Playbook/hosts.unx) - ssh_args="$ssh_args -o StrictHostKeyChecking=no" + ssh-keyscan -t rsa -p ${vagrantPORT} -H 127.0.0.1 > ~/.ssh/known_hosts + ssh_args="$ssh_args -o PubkeyAcceptedKeyTypes=ssh-rsa -o HostKeyAlgorithms=ssh-rsa" fi if [[ "$testNativeBuild" = true ]]; then @@ -400,18 +412,61 @@ startVMPlaybookWin() # Run a python script to start the build on the Windows VM to give live stdout/stderr # See: https://github.com/adoptium/infrastructure/issues/1296 - python pbTestScripts/startScriptWin.py -i "127.0.0.1:$vagrantPort" -a "$buildFork $buildBranch $jdkToBuild $buildHotspot" -b 2>&1 | tee $buildLogPath + ## This Needs Amendments To Work With Python 3, so check the current version of python, and run the appropriate script + + # Check the Python version + PYTHON_VERSION=$(python -V 2>&1) + + echo "Starting Build" + if [[ $PYTHON_VERSION == *"Python 2."* ]]; then + echo "Python 2 detected" + python pbTestScripts/startScriptWin.py -i "127.0.0.1:$vagrantPort" -a "$buildFork $buildBranch $jdkToBuild $buildHotspot" -b 2>&1 | tee $buildLogPath + elif [[ $PYTHON_VERSION == *"Python 3."* ]]; then + echo "Python 3 detected" + ##echo "Due To Changes In Python 3 - No Output Will Be Displayed Until The Build Is Completed" + ##python pbTestScripts/startScriptWin_v2.py -i "127.0.0.1:$vagrantPort" -a "$buildFork $buildBranch $jdkToBuild $buildHotspot" -b 2>&1 | tee $buildLogPath + # Create Powershell Script To Launch Build + echo "Set-Location -Path \"C:/tmp\"" > BuildJDK_Tmp.ps1 + if [ "$buildHotspot" != "" ]; then + echo "& sh \"C:/vagrant/pbTestScripts/buildJDKWin.sh\" $buildFork $buildBranch $jdkToBuild --hotspot" >> BuildJDK_Tmp.ps1 + else + echo "& sh \"C:/vagrant/pbTestScripts/buildJDKWin.sh\" $buildFork $buildBranch $jdkToBuild" >> BuildJDK_Tmp.ps1 + fi + # Copy PowerShell Script From Vagrant Share For Performance Reasons & Launch + vagrant winrm -s powershell -e -c 'copy c:/vagrant/BuildJDK_Tmp.ps1 c:/tmp; cd c:/tmp; pwd; ls' + vagrant winrm -e -c 'powershell -ExecutionPolicy Bypass -File c:/tmp/BuildJDK_Tmp.ps1' | tee $buildLogPath + else + echo "Python is not installed or is of an unsupported version." + exit 99 + fi + echo The build finished at : `date +%T` if grep -q '] Error' $buildLogPath || grep -q 'configure: error' $buildLogPath; then echo BUILD FAILED exit 127 fi + echo "Starting Tests.." if [[ "$runTest" = true ]]; then local testLogPath="$WORKSPACE/adoptopenjdkPBTests/logFiles/${gitFork}.${newGitBranch}.$OS.test_log" - # Run a python script to start a test for the built JDK on the Windows VM - python pbTestScripts/startScriptWin.py -i "127.0.0.1:$vagrantPort" -t 2>&1 | tee $testLogPath + if [[ $PYTHON_VERSION == *"Python 2."* ]]; then + echo "Python 2 detected" + python pbTestScripts/startScriptWin.py -i "127.0.0.1:$vagrantPort" -t 2>&1 | tee $testLogPath + elif [[ $PYTHON_VERSION == *"Python 3."* ]]; then + echo "Python 3 detected" + #echo "Due To Changes In Python 3 - No Output Will Be Displayed Until The Build Is Completed" + #python pbTestScripts/startScriptWin_v2.py -i "127.0.0.1:$vagrantPort" -t 2>&1 | tee $testLogPath + # Create Powershell Script To Launch Tests + echo "& sh \"C:/vagrant/pbTestScripts/testJDKWin.sh\"" > testJDK_Tmp.ps1 + # Copy PowerShell Script From Vagrant Share For Performance Reasons & Launch + vagrant winrm -s powershell -e -c 'copy c:/vagrant/testJDK_Tmp.ps1 c:/tmp; cd c:/tmp; pwd; ls' + vagrant winrm -e -c 'powershell -ExecutionPolicy Bypass -File c:/tmp/testJDK_Tmp.ps1' | tee $testLogPath + else + echo "Python is not installed or is of an unsupported version." + exit 99 + fi + echo The test finished at : `date +%T` if ! grep -q 'FAILED: 0' $testLogPath; then echo TEST FAILED diff --git a/ansible/playbooks/AdoptOpenJDK_AIX_Playbook/roles/bash_login/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_AIX_Playbook/roles/bash_login/tasks/main.yml index 8e1b9fd918..2372527119 100644 --- a/ansible/playbooks/AdoptOpenJDK_AIX_Playbook/roles/bash_login/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_AIX_Playbook/roles/bash_login/tasks/main.yml @@ -7,14 +7,18 @@ path: /etc/security/login.cfg regexp: 'shells = ' replace: 'shells = /bin/bash,' - tags: login_shell + tags: + - login_shell + - adoptopenjdk - name: Add bash to available login shells blockinfile: dest: /etc/shells block: | /bin/bash - tags: login_shell + tags: + - login_shell + - adoptopenjdk # move to role later - name: Set variables for global environment @@ -24,11 +28,15 @@ AIXTHREAD_HRT=true PKG_CONFIG_PATH=/opt/freeware/lib64/pkgconfig:/opt/freeware/lib/pkgconfig PERL5LIB=/opt/freemarker/lib/perl5 - tags: login_shell + tags: + - login_shell + - adoptopenjdk - name: Add freeware and xlc to PATH for global environment replace: path: /etc/environment regexp: 'PATH=/usr/bin' - replace: 'PATH=/opt/freeware/bin:/opt/IBM/xlC/13.1.3/bin:/usr/bin' - tags: login_shell + replace: 'PATH=/usr/bin:/opt/IBM/xlC/13.1.3/bin:/opt/freeware/bin:' + tags: + - login_shell + - adoptopenjdk diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.f39 b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.f40 similarity index 99% rename from ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.f39 rename to ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.f40 index aa8d11ce99..b607e5690b 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.f39 +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.f40 @@ -1,4 +1,4 @@ -FROM fedora:39 +FROM fedora:40 RUN yum -y update && yum install -y perl openssh-server unzip zip wget RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -P "" diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u1804 b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.f41 similarity index 68% rename from ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u1804 rename to ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.f41 index d8b4402bb6..93d0361be5 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u1804 +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.f41 @@ -1,7 +1,7 @@ -FROM ubuntu:18.04 +FROM fedora:41 -ENV DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get install -qq -y perl openssh-server unzip zip gnupg curl +RUN yum -y update && yum install -y perl openssh-server unzip zip wget +RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -P "" # Get latest jdk17 ga RUN wget -q 'https://api.adoptium.net/v3/binary/latest/17/ga/linux/x64/jdk/hotspot/normal/eclipse?project=jdk' -O /tmp/jdk17.tar.gz RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843C48A565F8F04B @@ -9,15 +9,15 @@ RUN wget -q `curl -s 'https://api.adoptium.net/v3/assets/feature_releases/17/ga?architecture=x64&heap_size=normal&image_type=jdk&jvm_impl=hotspot&os=linux&page=0&page_size=1&project=jdk&vendor=eclipse' | grep signature_link | awk '{split($0,a,"\""); print a[4]}'` -O /tmp/jdk17.sig RUN gpg --verify /tmp/jdk17.sig /tmp/jdk17.tar.gz RUN mkdir -p /usr/lib/jvm/jdk17 && tar -xpzf /tmp/jdk17.tar.gz -C /usr/lib/jvm/jdk17 --strip-components=1 -# Install ant -RUN wget -q -O /tmp/ant.zip 'https://archive.apache.org/dist/ant/binaries/apache-ant-1.10.5-bin.zip' +# Install ant 1.10.12 +RUN wget -q -O /tmp/ant.zip 'https://archive.apache.org/dist/ant/binaries/apache-ant-1.10.12-bin.zip' RUN wget -q -O /tmp/ant-contrib.tgz https://sourceforge.net/projects/ant-contrib/files/ant-contrib/ant-contrib-1.0b2/ant-contrib-1.0b2-bin.tar.gz -RUN echo "2e48f9e429d67708f5690bc307232f08440d01ebe414059292b6543971da9c7cd259c21533b9163b4dd753321c17bd917adf8407d03245a0945fc30a4e633163 /tmp/ant.zip" > /tmp/ant.sha512 +RUN echo "7e6fbcc3563df4bd87c883ad86a161a71da2774e0ed71a1b3aad82cbff1a7656ed9a0acb5ce40652129376dfd79f1ef74ec3369c1067d412a63062fea62ceccd /tmp/ant.zip" > /tmp/ant.sha512 RUN echo "0fd2771dca2b8b014a4cb3246715b32e20ad5d26754186d82eee781507a183d5e63064890b95eb27c091c93c1209528a0b18a6d7e6901899319492a7610e74ad /tmp/ant-contrib.tgz" >> /tmp/ant.sha512 RUN sha512sum --check --strict /tmp/ant.sha512 -RUN ln -s /usr/local/apache-ant-1.10.5/bin/ant /usr/bin/ant +RUN ln -s /usr/local/apache-ant-1.10.12/bin/ant /usr/bin/ant RUN unzip -q -d /usr/local /tmp/ant.zip -RUN tar xpfz /tmp/ant-contrib.tgz -C /usr/local/apache-ant-1.10.5/lib --strip-components=2 ant-contrib/lib/ant-contrib.jar +RUN tar xpfz /tmp/ant-contrib.tgz -C /usr/local/apache-ant-1.10.12/lib --strip-components=2 ant-contrib/lib/ant-contrib.jar # Clear up space RUN rm /tmp/jdk17.tar.gz /tmp/ant.zip /tmp/ant-contrib.tgz /tmp/jdk17.sig # Set up jenkins user @@ -26,13 +26,11 @@ RUN echo "Jenkins_User_SSHKey" > /home/jenkins/.ssh/authorized_keys RUN chown -R jenkins /home/jenkins/.ssh RUN chmod -R og-rwx /home/jenkins/.ssh -RUN service ssh start +# RUN service ssh start CMD ["/usr/sbin/sshd","-D"] -RUN apt-get update && apt-get install -qq -y git curl make gcc xvfb libxrender1 libxi6 libxtst6 locales fontconfig fakeroot -# Install SSL Test packages -RUN apt-get install -qq -y gnutls-bin libnss3 libnss3-tools libnss3-dev pkg-config - -RUN locale-gen en_US.utf8 +RUN yum install -y git curl make gcc xorg-x11-server-Xvfb libXrender libXi libXtst procps glibc-langpack-en fontconfig which hostname fakeroot shared-mime-info +# Install Packages For openssl +RUN yum -y update && yum install -y openssl gnutls gnutls-utils nss-devel nss-tools # ENTRYPOINT /usr/lib/jvm/jdk17/bin/java EXPOSE 22 # Start with docker run -p 2222:22 UUID diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u2104 b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u2104 deleted file mode 100644 index 875d79bbb9..0000000000 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u2104 +++ /dev/null @@ -1,38 +0,0 @@ -FROM ubuntu:21.04 - -ENV DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get install -qq -y perl openssh-server unzip zip gnupg curl -# Get latest jdk17 ga -RUN wget -q 'https://api.adoptium.net/v3/binary/latest/17/ga/linux/x64/jdk/hotspot/normal/eclipse?project=jdk' -O /tmp/jdk17.tar.gz -RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843C48A565F8F04B -# Get sig file for latest jdk17 ga -RUN wget -q `curl -s 'https://api.adoptium.net/v3/assets/feature_releases/17/ga?architecture=x64&heap_size=normal&image_type=jdk&jvm_impl=hotspot&os=linux&page=0&page_size=1&project=jdk&vendor=eclipse' | grep signature_link | awk '{split($0,a,"\""); print a[4]}'` -O /tmp/jdk17.sig -RUN gpg --verify /tmp/jdk17.sig /tmp/jdk17.tar.gz -RUN mkdir -p /usr/lib/jvm/jdk17 && tar -xpzf /tmp/jdk17.tar.gz -C /usr/lib/jvm/jdk17 --strip-components=1 -# Install ant -RUN wget -q -O /tmp/ant.zip 'https://archive.apache.org/dist/ant/binaries/apache-ant-1.10.5-bin.zip' -RUN wget -q -O /tmp/ant-contrib.tgz https://sourceforge.net/projects/ant-contrib/files/ant-contrib/ant-contrib-1.0b2/ant-contrib-1.0b2-bin.tar.gz -RUN echo "2e48f9e429d67708f5690bc307232f08440d01ebe414059292b6543971da9c7cd259c21533b9163b4dd753321c17bd917adf8407d03245a0945fc30a4e633163 /tmp/ant.zip" > /tmp/ant.sha512 -RUN echo "0fd2771dca2b8b014a4cb3246715b32e20ad5d26754186d82eee781507a183d5e63064890b95eb27c091c93c1209528a0b18a6d7e6901899319492a7610e74ad /tmp/ant-contrib.tgz" >> /tmp/ant.sha512 -RUN sha512sum --check --strict /tmp/ant.sha512 -RUN ln -s /usr/local/apache-ant-1.10.5/bin/ant /usr/bin/ant -RUN unzip -q -d /usr/local /tmp/ant.zip -RUN tar xpfz /tmp/ant-contrib.tgz -C /usr/local/apache-ant-1.10.5/lib --strip-components=2 ant-contrib/lib/ant-contrib.jar -# Clear up space -RUN rm /tmp/jdk17.tar.gz /tmp/ant.zip /tmp/ant-contrib.tgz /tmp/jdk17.sig -# Set up jenkins user -RUN useradd -m -d /home/jenkins jenkins -RUN mkdir /home/jenkins/.ssh -RUN echo "Jenkins_User_SSHKey" > /home/jenkins/.ssh/authorized_keys -RUN chown -R jenkins /home/jenkins/.ssh -RUN chmod -R og-rwx /home/jenkins/.ssh -RUN service ssh start -CMD ["/usr/sbin/sshd","-D"] -RUN apt-get update && apt-get install -qq -y git curl make gcc xvfb libxrender1 libxi6 libxtst6 locales fontconfig fakeroot -# Install SSL Test packages -RUN apt-get install -qq -y gnutls-bin libnss3 libnss3-tools libnss3-dev pkg-config - -RUN locale-gen en_US.utf8 -# ENTRYPOINT /usr/lib/jvm/jdk17/bin/java -EXPOSE 22 -# Start with docker run -p 2225:22 UUID diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u1604 b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u2410 similarity index 96% rename from ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u1604 rename to ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u2410 index 9d76a8e2c5..fe5de3a6be 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u1604 +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u2410 @@ -1,7 +1,8 @@ -FROM ubuntu:16.04 +FROM ubuntu:24.10 ENV DEBIAN_FRONTEND=noninteractive RUN apt-get update && apt-get install -qq -y perl openssh-server unzip zip gnupg curl + # Get latest jdk17 ga RUN wget -q 'https://api.adoptium.net/v3/binary/latest/17/ga/linux/x64/jdk/hotspot/normal/eclipse?project=jdk' -O /tmp/jdk17.tar.gz RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843C48A565F8F04B @@ -9,6 +10,7 @@ RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843 RUN wget -q `curl -s 'https://api.adoptium.net/v3/assets/feature_releases/17/ga?architecture=x64&heap_size=normal&image_type=jdk&jvm_impl=hotspot&os=linux&page=0&page_size=1&project=jdk&vendor=eclipse' | grep signature_link | awk '{split($0,a,"\""); print a[4]}'` -O /tmp/jdk17.sig RUN gpg --verify /tmp/jdk17.sig /tmp/jdk17.tar.gz RUN mkdir -p /usr/lib/jvm/jdk17 && tar -xpzf /tmp/jdk17.tar.gz -C /usr/lib/jvm/jdk17 --strip-components=1 + # Install ant RUN wget -q -O /tmp/ant.zip 'https://archive.apache.org/dist/ant/binaries/apache-ant-1.10.5-bin.zip' RUN wget -q -O /tmp/ant-contrib.tgz https://sourceforge.net/projects/ant-contrib/files/ant-contrib/ant-contrib-1.0b2/ant-contrib-1.0b2-bin.tar.gz @@ -18,21 +20,25 @@ RUN sha512sum --check --strict /tmp/ant.sha512 RUN ln -s /usr/local/apache-ant-1.10.5/bin/ant /usr/bin/ant RUN unzip -q -d /usr/local /tmp/ant.zip RUN tar xpfz /tmp/ant-contrib.tgz -C /usr/local/apache-ant-1.10.5/lib --strip-components=2 ant-contrib/lib/ant-contrib.jar + # Clear up space RUN rm /tmp/jdk17.tar.gz /tmp/ant.zip /tmp/ant-contrib.tgz /tmp/jdk17.sig + # Set up jenkins user RUN useradd -m -d /home/jenkins jenkins RUN mkdir /home/jenkins/.ssh RUN echo "Jenkins_User_SSHKey" > /home/jenkins/.ssh/authorized_keys RUN chown -R jenkins /home/jenkins/.ssh RUN chmod -R og-rwx /home/jenkins/.ssh + RUN service ssh start CMD ["/usr/sbin/sshd","-D"] + RUN apt-get update && apt-get install -qq -y git curl make gcc xvfb libxrender1 libxi6 libxtst6 locales fontconfig fakeroot # Install SSL Test packages RUN apt-get install -qq -y gnutls-bin libnss3 libnss3-tools libnss3-dev pkg-config RUN locale-gen en_US.utf8 -# ENTRYPOINT /usr/lib/jvm/jdk17/bin/java + EXPOSE 22 -# Start with docker run -p 2222:22 UUID +# Start with docker run -p 2226:22 UUID diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml index 522eb6ffa7..697724ad77 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml @@ -9,7 +9,7 @@ - name: Set docker buildx command if building arm32 container set_fact: docker_build_command: "docker buildx build --platform linux/v7/arm" - arm32_suffix: ".ARM32" + arm32_suffix: ".arm32" ansible_architecture: arm docker_run_command: "docker run --platform linux/v7/arm" when: build_arm32 is defined and build_arm32 == "yes" @@ -53,4 +53,4 @@ when: not (docker_port_output.stdout == "") - name: Run {{ docker_image }} docker container - command: "{{ docker_run_command }} --restart unless-stopped -p {{ docker_port }}:22 --cpuset-cpus='0-3' --memory=6G --detach --name {{ docker_image | upper }}.{{ docker_port }}{{ arm32_suffix }} aqa_{{ docker_image }}{{ arm32_suffix }}" + command: "{{ docker_run_command }} --restart unless-stopped -p {{ docker_port }}:22 --cpuset-cpus='0-3' --memory=6G --detach --name {{ docker_image | upper }}.{{ docker_port }}{{ arm32_suffix | upper }} aqa_{{ docker_image }}{{ arm32_suffix }}" diff --git a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/main.yml b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/main.yml index afc10a15c5..60274091d0 100644 --- a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/main.yml @@ -22,7 +22,7 @@ # It can be defined as 'all' or a specific group which the host belongs to. # For example, it can be 'all' or 'x86' for when a host is in the group 'x86'. - name: Ansible Windows playbook - hosts: "{{ Groups | default('build*win*:test*win*') }}" + hosts: "{{ Groups | default('localhost:build:test:perf:jck:!*zos*:!*win*:!*aix*') }}" gather_facts: yes tasks: - name: Load Standard Variables diff --git a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/Common/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/Common/tasks/main.yml index 12461a994a..aa46f9d9a1 100644 --- a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/Common/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/Common/tasks/main.yml @@ -64,4 +64,4 @@ win_reboot: reboot_timeout: 1800 when: not (hostname_output.stdout == "") - tags: basic_config + tags: basic_config, reboot diff --git a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/GPG_signature_verification/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/GPG_signature_verification/tasks/main.yml index 11e07c75ab..99a8b1d961 100644 --- a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/GPG_signature_verification/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/GPG_signature_verification/tasks/main.yml @@ -24,7 +24,7 @@ - name: Import GPG Signing Key win_shell: | - C:/cygwin64/bin/bash.exe -c "gpg --batch --import c:/temp/gpgkey.asc" + C:/cygwin64/bin/bash.exe -c "gpg2 --batch --import c:/temp/gpgkey.asc" failed_when: false - name: Re-enable gpgagent @@ -39,7 +39,7 @@ win_command: wget -q "{{ signature_link }}" -O sigfile - name: Verify binary - win_shell: C:/cygwin64/bin/bash.exe -c "gpg --verify sigfile {{ file_path }}" + win_shell: C:/cygwin64/bin/bash.exe -c "gpg2 --verify sigfile {{ file_path }}" - name: Remove gnupg directory with Cygwin ( when it didnt exist previously ) win_shell: C:/cygwin64/bin/bash.exe -c "rm -rf ~/.gnupg" diff --git a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/MSVS_2022/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/MSVS_2022/tasks/main.yml index b71d52be21..309943273f 100644 --- a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/MSVS_2022/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/MSVS_2022/tasks/main.yml @@ -10,7 +10,7 @@ - name: Test if VS 2022 is installed win_stat: - path: 'C:\Program Files\Microsoft Visual Studio\2022\Community' + path: 'C:\Program Files\Microsoft Visual Studio\2022' register: vs2022_installed tags: adoptopenjdk @@ -95,40 +95,37 @@ - name: Test if VS 2022 is installed(non adopt) win_stat: - path: 'C:\Program Files\Microsoft Visual Studio\2022\Community' + path: 'C:\Program Files\Microsoft Visual Studio\2022' register: vs2022_installed # Download & Install VS2022 When No Layout & Not AdoptOpenJDK # This is the target that you're redirected to when you go to https://aka.ms/vs/17/release/vs_community.exe - name: Download Visual Studio Community 2022 win_get_url: - url: 'https://aka.ms/vs/17/release/vs_Community.exe' - checksum: 5d75942b56df540a0325e764e7eb46498ec12e15b73adea05d8aa58d323efd90 +# https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-history +# 17.7.34302.85 url: 'https://download.visualstudio.microsoft.com/download/pr/47b236ad-5505-4752-9d2b-5cf9795528bc/87684889f46dec53d1452f4a0ff9fec1ac202a97ebed866718d7c0269e814b28/vs_BuildTools.exe' + url: 'https://download.visualstudio.microsoft.com/download/pr/1d66edfe-3c83-476b-bf05-e8901c62ba7f/bac71effb5a23d7cd1a81e5f628a0c8dcb7e8a07e0aa7077c853ed84a862dceb/vs_BuildTools.exe' # 17.7.3 = 17.7.34024.191 + checksum: bac71effb5a23d7cd1a81e5f628a0c8dcb7e8a07e0aa7077c853ed84a862dceb checksum_algorithm: sha256 - dest: 'C:\temp\vs_community22.exe' + dest: 'C:\temp\vs_BuildTools22.exe' force: no when: (not vs2022_installed.stat.exists) and (windows_version.stdout_lines[0] | regex_search('^(10\.|11\.|2016|2019|2022)')) - name: Run Visual Studio 2022 Installer From Download win_shell: | - Start-Process -Wait -FilePath 'C:\temp\vs_community22.exe' -ArgumentList '--wait --add Microsoft.VisualStudio.Workload.NativeDesktop --includeRecommended --includeOptional --quiet --norestart' + Start-Process -Wait -FilePath 'C:\temp\vs_BuildTools22.exe' -ArgumentList '--wait --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 --add Microsoft.VisualStudio.Workload.NativeDesktop --add Microsoft.VisualStudio.Component.VC.Tools.ARM64 --add Microsoft.VisualStudio.Component.VC.ATL.ARM64 --add Microsoft.VisualStudio.Component.VC.MFC.ARM64 --includeRecommended --includeOptional --quiet --norestart' args: executable: powershell when: (not vs2022_installed.stat.exists) and (windows_version.stdout_lines[0] | regex_search('^(10\.|11\.|2016|2019|2022)')) register: vs2022_error failed_when: vs2022_error.rc != 0 and vs2022_error.rc != 3010 -- name: Install ARM64 components - win_shell: Start-Process -FilePath 'C:\temp\vs_community22.exe' -Wait -NoNewWindow -ArgumentList - 'modify --installPath "C:\Program Files (x86)\Microsoft Visual Studio\2022\Community" --quiet - --add Microsoft.VisualStudio.Component.VC.Tools.ARM64 --add Microsoft.VisualStudio.Component.VC.ATL.ARM64 --add Microsoft.VisualStudio.Component.VC.MFC.ARM64' - when: (not vs2022_installed.stat.exists) and (windows_version.stdout_lines[0] | regex_search('^(10\.|11\.|2016|2019|2022)')) - +# Note: If this does not find the files, then the NativeDesktop component was not installed - name: Register Visual Studio Community 2022 DIA SDK shared libraries win_command: 'regsvr32 /s "{{ item }}"' with_items: - - C:\Program Files\Microsoft Visual Studio\2022\Community\DIA SDK\bin\msdia140.dll - - C:\Program Files\Microsoft Visual Studio\2022\Community\DIA SDK\bin\amd64\msdia140.dll + - C:\Program Files (x86)\Microsoft Visual Studio\2022\BuildTools\DIA SDK\bin\msdia140.dll + - C:\Program Files (x86)\Microsoft Visual Studio\2022\BuildTools\DIA SDK\bin\amd64\msdia140.dll when: (not vs2022_installed.stat.exists) and (windows_version.stdout_lines[0] | regex_search('^(10\.|11\.|2016|2019|2022)')) - name: Reboot machine after Visual Studio installation diff --git a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/WMF_5.1/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/WMF_5.1/tasks/main.yml index 9ac9b2c0d2..79afd650e4 100644 --- a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/WMF_5.1/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/WMF_5.1/tasks/main.yml @@ -35,4 +35,4 @@ when: - (powershell_output.stdout < '5') - hotfix_install.reboot_required - tags: WMF + tags: WMF,reboot diff --git a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/cygwin/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/cygwin/tasks/main.yml index 443bd11eec..fdde87f728 100644 --- a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/cygwin/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/cygwin/tasks/main.yml @@ -4,7 +4,7 @@ ########## - name: Test if Cygwin is already installed win_stat: - path: 'C:\cygwin64' + path: 'C:\cygwin64\bin\jq.exe' register: cygwin_installed tags: cygwin @@ -15,6 +15,8 @@ when: not cygwin_installed.stat.exists tags: cygwin +# If you update this with a new package, modify the "Test +# if installed" to look for something in the new package - name: Install Cygwin win_shell: | Start-Process -Wait -FilePath 'C:\temp\cygwin.exe' -ArgumentList '--packages autoconf,automake,bsdtar,cmake,cpio,curl,gcc-core,git,gnupg,grep,jq,libtool,make,mingw64-x86_64-gcc-core,perl,rsync,unzip,wget,zip --quiet-mode --download --local-install --delete-orphans --site https://mirrors.kernel.org/sourceware/cygwin/ --local-package-dir C:\cygwin_packages --root C:\cygwin64' diff --git a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/logs/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/logs/tasks/main.yml index 160fca0c14..9a0adc85a0 100644 --- a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/logs/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/logs/tasks/main.yml @@ -7,14 +7,13 @@ # This task doesn't actually matter, aslong as it runs and is registered. The timestamp for the registered variable is used - name: Dummy task to get timestamp - win_command: whoami + win_command: cmd /c echo hello register: date_output # Accounts for cases where playbook executor is windows and its executing on localhost -- name: Get Latest git commit SHA (Windows Localhost) - win_command: git rev-parse HEAD +- name: Get Latest git commit SHA (Windows local container) + win_command: C:\cygwin64\bin\git -C C:/infrastructure rev-parse HEAD register: git_output - delegate_to: localhost ignore_errors: yes when: - git_sha is not defined diff --git a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/shortNames/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/shortNames/tasks/main.yml index 028463cc4e..a425048cc1 100644 --- a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/shortNames/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/shortNames/tasks/main.yml @@ -22,8 +22,9 @@ tags: - shortnames -- name: Enable shortnames on drive C:/ - win_shell: "fsutil 8dot3name set C: 0" +# Note that using "set C: 0" did not work in containers +- name: Enable shortnames + win_shell: "fsutil 8dot3name set 0" when: (not enabled_shortnames.stdout) tags: - shortnames diff --git a/ansible/playbooks/nagios/ansible.cfg b/ansible/playbooks/nagios/ansible.cfg index 55d7207db6..4a5b5b6110 100644 --- a/ansible/playbooks/nagios/ansible.cfg +++ b/ansible/playbooks/nagios/ansible.cfg @@ -1,5 +1,5 @@ [defaults] -become = no +become = yes become_method = sudo inventory = ./nagios_inventory.yml remote_user = ansible diff --git a/ansible/playbooks/nagios/roles/Nagios_Server/defaults/main.yml b/ansible/playbooks/nagios/roles/Nagios_Server/defaults/main.yml index cc8f8a2cc5..c0d6983a76 100644 --- a/ansible/playbooks/nagios/roles/Nagios_Server/defaults/main.yml +++ b/ansible/playbooks/nagios/roles/Nagios_Server/defaults/main.yml @@ -33,4 +33,5 @@ task_list: - configure_nagios_windows - configure_nagios_templates - configure_nagios_server_monitoring + - configure_nagios_server_crontab - restart_nagios_server diff --git a/ansible/playbooks/nagios/roles/Nagios_Server/files/nagios_server_plugins/excluded_ips.list b/ansible/playbooks/nagios/roles/Nagios_Server/files/nagios_server_plugins/excluded_ips.list new file mode 100644 index 0000000000..634ce67811 --- /dev/null +++ b/ansible/playbooks/nagios/roles/Nagios_Server/files/nagios_server_plugins/excluded_ips.list @@ -0,0 +1,6 @@ +# Add any IP addresses, that need to be excluded from having ssh tunnels created. +# This file assumes the standard Adoptium inventory file format. + +# Excluded Windows Hosts As Windows Hosts Do Not Use SSH +# 8.208.11.212 +# 8.208.87.18 diff --git a/ansible/playbooks/nagios/roles/Nagios_Server/files/nagios_server_plugins/setup_ssh.sh b/ansible/playbooks/nagios/roles/Nagios_Server/files/nagios_server_plugins/setup_ssh.sh new file mode 100644 index 0000000000..89b226750a --- /dev/null +++ b/ansible/playbooks/nagios/roles/Nagios_Server/files/nagios_server_plugins/setup_ssh.sh @@ -0,0 +1,88 @@ +#!/bin/bash +# ******************************************************************************** +# Copyright (c) 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made +# available under the terms of the Apache Software License 2.0 +# which is available at https://www.apache.org/licenses/LICENSE-2.0. +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************** + +# This script runs on the Nagios server as the nagios user, +# and will attempt to setup the SSH connections for each and every host in the Inventory +# ( as the nagios user defined below ) + +# URL of the Ansible Inventory File +INVENTORY_URL="https://raw.githubusercontent.com/adoptium/infrastructure/master/ansible/inventory.yml" +# List Of Excluded IP Addresses ( Infra + windows ) +EXCLUDE_FILE=/usr/local/nagios/libexec/excluded_ips.list +# Nagios Connection User +USER="nagios" + +# Download the Ansible Inventory file +curl -s -O "$INVENTORY_URL" + +# Check if the file was downloaded +if [[ ! -f inventory.yml ]]; then + echo "Failed to download inventory.yml" + exit 1 +fi + +# Function to extract hosts and attempt SSH connection +add_ssh_keys() { + local host_ip=$1 + local host_port=$2 + local ssh_cmd + + CHECK=`cat $EXCLUDE_FILE|grep $host_ip|wc -l` + + if [ $CHECK -gt 0 ]; then + echo "Skipped : $host_ip is in the exclusion list" + else + # Fetch the hostname using nslookup (dig can be used as an alternative) + HOST=$(nslookup $host_ip | grep 'name =' | awk '{print $4}' | sed 's/.$//') + + # If nslookup fails, HOST will be empty, so we can set it to the IP itself + if [ -z "$HOST" ]; then + HOST=$host_ip + fi + + # Fetch the host key and add it to known_hosts + ssh-keyscan -H $HOST >> ~/.ssh/known_hosts 2>/dev/null + KEYSCAN_RESULT=$? + + if [ $KEYSCAN_RESULT -gt 0 ]; then + echo "Failure : $host_ip has failed the Key Scan - Please Check & Add Manually If Required" + else + echo "Success : Keys Added Successfully For : $host_ip" + fi + fi +} + +# Parse the YAML file and extract IP addresses and ports +while read -r line; do + if [[ $line =~ ip:\ ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+) ]]; then + host_ip=${BASH_REMATCH[1]} + if [[ $line =~ port:\ ([0-9]+) ]]; then + host_port=${BASH_REMATCH[1]} + else + host_port="" + fi + add_ssh_keys "$host_ip" "$host_port" + elif [[ $line =~ ip:\ ([a-zA-Z0-9\.]+) ]]; then + host_ip=${BASH_REMATCH[1]} + if [[ $line =~ port:\ ([0-9]+) ]]; then + host_port=${BASH_REMATCH[1]} + else + host_port="" + fi + add_ssh_keys "$host_ip" "$host_port" + fi +done < inventory.yml + +# Clean up the downloaded file +rm -f inventory.yml diff --git a/ansible/playbooks/nagios/roles/Nagios_Server/tasks/configure_nagios_server_crontab.yml b/ansible/playbooks/nagios/roles/Nagios_Server/tasks/configure_nagios_server_crontab.yml new file mode 100644 index 0000000000..24b37d989c --- /dev/null +++ b/ansible/playbooks/nagios/roles/Nagios_Server/tasks/configure_nagios_server_crontab.yml @@ -0,0 +1,10 @@ +--- + +- name: Create crontab entry for nagios user if it doesn't exist + cron: + name: "Run Nagios SSH setup script daily" + user: nagios + minute: "0" + hour: "0" + job: "/usr/local/nagios/libexec/setup_ssh.sh" + state: present diff --git a/ansible/playbooks/nagios/roles/Nagios_Server/tasks/install_nagios_plugins.yml b/ansible/playbooks/nagios/roles/Nagios_Server/tasks/install_nagios_plugins.yml index 466496bf11..a371fb3a3c 100644 --- a/ansible/playbooks/nagios/roles/Nagios_Server/tasks/install_nagios_plugins.yml +++ b/ansible/playbooks/nagios/roles/Nagios_Server/tasks/install_nagios_plugins.yml @@ -67,3 +67,15 @@ src: roles/Nagios_Server/files/nagios_server_plugins/check_nagios_sync dest: /usr/local/nagios/libexec/check_check_nagios_sync mode: 0755 + +- name: Copy Nagios Server SSH Configuration Plugin + copy: + src: roles/Nagios_Server/files/nagios_server_plugins/setup_ssh.sh + dest: /usr/local/nagios/libexec/setup_ssh.sh + mode: 0755 + +- name: Copy Nagios Server SSH Configuration Plugin Excludes File + copy: + src: roles/Nagios_Server/files/nagios_server_plugins/excluded_ips.list + dest: /usr/local/nagios/libexec/excluded_ips.list + mode: 0755 diff --git a/ansible/playbooks/nagios/roles/Nagios_Server/tasks/main.yml b/ansible/playbooks/nagios/roles/Nagios_Server/tasks/main.yml index 902d69be0e..2ac05d785e 100644 --- a/ansible/playbooks/nagios/roles/Nagios_Server/tasks/main.yml +++ b/ansible/playbooks/nagios/roles/Nagios_Server/tasks/main.yml @@ -52,6 +52,10 @@ include_tasks: configure_nagios_server_monitoring.yml when: '"configure_nagios_server_monitoring" in task_list' +- name: Configure Nagios-Server-Crontab + include_tasks: configure_nagios_server_crontab.yml + when: '"configure_nagios_server_crontab" in task_list' + - name: Restart Nagios Server include_tasks: restart_nagios_server.yml when: '"restart_nagios_server" in task_list' diff --git a/ansible/playbooks/nagios/vars_setup_server.yml b/ansible/playbooks/nagios/vars_setup_server.yml index 2ad7f5ff0d..d5709d0666 100644 --- a/ansible/playbooks/nagios/vars_setup_server.yml +++ b/ansible/playbooks/nagios/vars_setup_server.yml @@ -31,3 +31,4 @@ task_list: - configure_nagios_windows - configure_nagios_templates - configure_nagios_server_monitoring + - configure_nagios_server_crontab diff --git a/ansible/playbooks/vagrant.yml b/ansible/playbooks/vagrant.yml index 052e8c37d8..58f3d70359 100644 --- a/ansible/playbooks/vagrant.yml +++ b/ansible/playbooks/vagrant.yml @@ -4,11 +4,15 @@ # ------------- Vagrant --------------# ######################################## -- name: Vagrant play +- name: Vagrant playbook hosts: all gather_facts: yes remote_user: root become: yes + vars: + # Jenkins User Variables: + Jenkins_Username: jenkins + # Jenkins_User_SSHKey: "Update This With Jenkins User SSH Key" tasks: - name: Vagrant playbook @@ -38,15 +42,22 @@ - tree - zlib1g - zlib1g-dev - - python-pip - - python-dev + - python3-pip + - python-is-python3 - build-essential - gettext - libcurl4-openssl-dev - sshpass + # Pre-Reqs For Vbox + - libssl-dev + - libvpx-dev + - libsdl-ttf2.0-0 + - evince - name: Run apt-get upgrade - apt: upgrade=safe + apt: upgrade=safe update_cache=yes + tags: patch_update + - name: Pip install winrm modules pip: @@ -109,6 +120,39 @@ when: default_java.rc != 0 tags: java + ########### + # Java 21 # + ########### + + - name: Check if jdk-21 is already installed in the target location + shell: ls -ld /usr/lib/jvm/jdk-21 >/dev/null 2>&1 + failed_when: false + register: jdk21_installed + changed_when: false + tags: java + + - name: Download the Latest JDK21 OpenJDK tar.gz file via the API + get_url: + url: "https://api.adoptium.net/v3/binary/latest/21/ga/linux/x64/jdk/hotspot/normal/eclipse?project=jdk" + dest: "/tmp/JDK21.tar.gz" + when: jdk21_installed.rc != 0 + tags: java + + - name: Install JDK21 if one not already installed + unarchive: + src: /tmp/JDK21.tar.gz + dest: /usr/lib/jvm + remote_src: yes + when: jdk21_installed.rc != 0 + tags: java + + - name: Remove Download JDK + file: + path: /tmp/JDK21.tar.gz + state: absent + when: jdk21_installed.rc != 0 + tags: java + ########### # Ansible # ########### @@ -211,32 +255,56 @@ register: vagrant_version tags: vagrant - - name: Download Vagrant - get_url: - url: https://releases.hashicorp.com/vagrant/2.2.5/vagrant_2.2.5_x86_64.deb - dest: /tmp/vagrant_2.2.5_x86_64.deb - checksum: sha256:415f50b93235e761db284c761f6a8240a6ef6762ee3ec7ff869d2bccb1a1cdf7 + - name: Download and add the HashiCorp GPG key + ansible.builtin.get_url: + url: https://apt.releases.hashicorp.com/gpg + dest: /tmp/hashicorp.gpg when: - - (vagrant_installed.rc != 0) or (vagrant_installed.rc == 0 and vagrant_version.stdout is version_compare('2.2.5', operator='lt')) + - (vagrant_installed.rc != 0) or (vagrant_installed.rc == 0 and vagrant_version.stdout is version_compare('2.2.19', operator='lt')) tags: vagrant - - name: Remove system vagrant if necessary - apt: - name: vagrant - state: absent - when: (vagrant_installed.rc == 0 and vagrant_version.stdout is version_compare('2.2.5', operator='lt')) + - name: Add the HashiCorp GPG key to the keyring + ansible.builtin.command: + cmd: gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg /tmp/hashicorp.gpg + creates: /usr/share/keyrings/hashicorp-archive-keyring.gpg + when: + - (vagrant_installed.rc != 0) or (vagrant_installed.rc == 0 and vagrant_version.stdout is version_compare('2.2.19', operator='lt')) + tags: vagrant + + - name: Add the HashiCorp repository + ansible.builtin.command: + cmd: echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/hashicorp.list + creates: /etc/apt/sources.list.d/hashicorp.list + when: + - (vagrant_installed.rc != 0) or (vagrant_installed.rc == 0 and vagrant_version.stdout is version_compare('2.2.19', operator='lt')) tags: vagrant + - name: Update apt package index + ansible.builtin.apt: + update_cache: yes + - name: Install Vagrant - command: dpkg -i /tmp/vagrant_2.2.5_x86_64.deb - become: yes + ansible.builtin.apt: + name: vagrant + state: present + when: + - (vagrant_installed.rc != 0) or (vagrant_installed.rc == 0 and vagrant_version.stdout is version_compare('2.2.19', operator='lt')) + tags: vagrant + + - name: Install Vagrant Plugins For WinRM + ansible.builtin.apt: + name: vagrant + state: present when: - - (vagrant_installed.rc != 0) or (vagrant_installed.rc == 0 and vagrant_version.stdout is version_compare('2.2.5', operator='lt')) + - (vagrant_installed.rc != 0) or (vagrant_installed.rc == 0 and vagrant_version.stdout is version_compare('2.2.19', operator='lt')) tags: vagrant ############## # VirtualBox # ############## + - name: Update apt cache + apt: + update_cache: yes - name: Check if Virtualbox is installed shell: which virtualbox >/dev/null 2>&1 @@ -260,66 +328,159 @@ when: virtualbox_installed.rc != 0 tags: VBox - - name: Install Virtualbox + - name: Update apt cache Again apt: - name: virtualbox-6.0 update_cache: yes when: virtualbox_installed.rc != 0 + + - name: Install linux headers and dkms + apt: + name: + - "linux-headers-{{ ansible_kernel }}" + - dkms + state: present + when: virtualbox_installed.rc != 0 + tags: VBox + + - name: Install VirtualBox + apt: + name: "virtualbox" + state: present + when: virtualbox_installed.rc != 0 tags: VBox ########## # QEMU # ########## - - name: Check to see if QEMU is installed - shell: qemu-system-s390x --version >/dev/null 2>&1 - failed_when: false - register: qemu_installed - tags: QEMU - - - name: Add repos to APT - apt_repository: - repo: '{{ item }}' - state: present - with_items: - - "deb [trusted=yes] http://ftp.uk.debian.org/debian sid main" - - "deb [trusted=yes] http://ftp.uk.debian.org/debian experimental main" - when: qemu_installed.rc != 0 - tags: QEMU - - - name: Install QEMU dependencies + - name: Install QEMU Packages apt: name: "{{ packages }}" + state: present update_cache: yes vars: packages: - - libfdt-dev - - libglib2.0-dev - - libguestfs-tools - - libiscsi-dev - - libnfs-dev - - libpixman-1-dev - - opensbi - - qemu-efi-aarch64 - - qemu-utils - - u-boot-qemu - - zliblg-dev - when: qemu_installed.rc != 0 + - qemu-kvm + - virt-manager + - virtinst + - libvirt-clients + - bridge-utils + - libvirt-daemon-system + - qemu-system-x86 + - qemu-system-s390x + - qemu-system-ppc + - qemu-system-arm + - qemu-system-misc tags: QEMU - - name: Extract source code - unarchive: - src: https://download.qemu.org/qemu-5.0.0.tar.xz - dest: /tmp - remote_src: yes - retries: 3 - delay: 5 - register: qemu_download - until: qemu_download is not failed - when: qemu_installed.rc != 0 - tags: QEMU + ################ + # Jenkins_User # + ################ + - name: Set Home Folder for Jenkins user + set_fact: + home_folder: /home/{{ Jenkins_Username }} + tags: jenkins_user - - name: Install QEMU - shell: cd /tmp/qemu-5.0.0 && ./configure && make && make install - when: qemu_installed.rc != 0 - tags: QEMU + - name: Create Jenkins user + action: user name={{ Jenkins_Username }} state=present home={{ home_folder }} shell=/bin/bash + failed_when: false + tags: jenkins_user + + - name: Create Jenkins SSH Folder + file: + path: "{{ home_folder }}/.ssh" + state: directory + owner: "{{ Jenkins_Username }}" + group: "{{ Jenkins_Username }}" + mode: '0700' + tags: jenkins_user + + - name: Add github.com to known_hosts + known_hosts: + name: github.com + key: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + path: "{{ home_folder }}/.ssh/known_hosts" + state: present + tags: jenkins_user + + - name: Change ownership of jenkins' ~/.ssh/known_hosts + file: + path: "{{ home_folder }}/.ssh/known_hosts" + owner: "{{ Jenkins_Username }}" + mode: 0644 + tags: jenkins_user + + - name: Add Jenkins user to the audio group + user: name={{ Jenkins_Username }} + groups=audio + append=yes + tags: jenkins_user + + - name: Set authorized key for Jenkins user + authorized_key: + user: "{{ Jenkins_Username }}" + state: present + key: "{{ Jenkins_User_SSHKey }}" + tags: jenkins_user + + - name: Pip install winrm modules + pip: + executable: /usr/bin/pip + name: ["requests-credssp", "pywinrm"] + become: yes + become_user: "{{ Jenkins_Username }}" + tags: jenkins_user + + #################################### + # Vagrant Plugins For Jenkins User # + #################################### + ## Vagrant Plugins Are User Specific, So Install As Jenkins User + + - name: Install Vagrant plugin winrm + command: vagrant plugin install winrm + register: winrm_installed + changed_when: "'installed' in winrm_installed.stdout" + failed_when: winrm_installed.rc != 0 and "'already installed' not in winrm_installed.stdout" + ignore_errors: yes + become: yes + become_user: "{{ Jenkins_Username }}" + + - name: Install Vagrant plugin winrmfs + command: vagrant plugin install winrm-fs + register: winrmfs_installed + changed_when: "'installed' in winrmfs_installed.stdout" + failed_when: winrmfs_installed.rc != 0 and "'already installed' not in winrmfs_installed.stdout" + ignore_errors: yes + become: yes + become_user: "{{ Jenkins_Username }}" + + - name: Install Vagrant plugin winrm-elevated + command: vagrant plugin install winrm-elevated + register: winrmelevate_installed + changed_when: "'installed' in winrmelevate_installed.stdout" + failed_when: winrmelevate_installed.rc != 0 and "'already installed' not in winrmelevate_installed.stdout" + ignore_errors: yes + become: yes + become_user: "{{ Jenkins_Username }}" + + - name: Install Vagrant plugin vagrant-disksize + command: vagrant plugin install vagrant-disksize + register: disksize_installed + changed_when: "'installed' in disksize_installed.stdout" + failed_when: disksize_installed.rc != 0 and "'already installed' not in disksize_installed.stdout" + ignore_errors: yes + become: yes + become_user: "{{ Jenkins_Username }}" + + - name: Ensure all plugins are installed + fail: + msg: "Failed to install Vagrant plugins" + when: winrm_installed.failed or winrmfs_installed.failed or winrmelevate_installed.failed or disksize_installed.failed + + - name: Output installation results + debug: + msg: > + winrm plugin installation: {{ winrm_installed.stdout }} + winrmfs plugin installation: {{ winrmfs_installed.stdout }} + winrm-elevated plugin installation: {{ winrmelevate_installed.stdout }} + vagrant-disksize plugin installation: {{ disksize_installed.stdout }} diff --git a/ansible/vagrant/Vagrantfile.Win2022.Adopt b/ansible/vagrant/Vagrantfile.Win2022.Adopt index c6f43c7426..55ba6d68cc 100644 --- a/ansible/vagrant/Vagrantfile.Win2022.Adopt +++ b/ansible/vagrant/Vagrantfile.Win2022.Adopt @@ -47,7 +47,7 @@ Vagrant.configure("2") do |config| v.gui = false v.memory = 8192 v.cpus = 2 - v.customize ["modifyvm", :id, "--cpuexecutioncap", "50"] + v.customize ["modifyvm", :id, "--cpuexecutioncap", "60"] end config.vm.boot_timeout = 600 end