diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9238511028..5f5b1044b6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -28,7 +28,7 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Set up Docker Buildx to use cache feature - uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0 + uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - name: Login to Docker Hub uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3 @@ -68,7 +68,7 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Set up Docker Buildx to use cache feature - uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0 + uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - name: Docker Build Alpine3 Image uses: docker/build-push-action@af5a7ed5ba88268d5278f7203fb52cd833f66d6e # v5.2.0 diff --git a/FAQ.md b/FAQ.md index cc850474fb..45c24e5fae 100644 --- a/FAQ.md +++ b/FAQ.md @@ -85,16 +85,30 @@ have at the moment: | Dockerfile | Image | Platforms | Where is this built? | In use? |---|---|---|---|---| | [Centos7](./ansible/docker/Dockerfile.CentOS7) | [`adoptopenjdk/centos7_build_image`](https://hub.docker.com/r/adoptopenjdk/centos7_build_image) | linux on amd64, arm64, ppc64le | [Jenkins](https://ci.adoptium.net/job/centos7_docker_image_updater/) | Yes +| [RHEL7](./ansible/docker/Dockerfile.RHEL7) | n/a - restricted (*) | s390x | [Jenkins](https://ci.adoptium.net/job/rhel7_docker_image_updater/) | Yes | [Centos6](./ansible/docker/Dockerfile.CentOS6) | [`adoptopenjdk/centos6_build_image`](https://hub.docker.com/r/adoptopenjdk/centos6_build_image)| linux/amd64 | [GH Actions](.github/workflows/build.yml) | Yes | [Alpine3](./ansible/docker/Dockerfile.Alpine3) | [`adoptopenjdk/alpine3_build_image`](https://hub.docker.com/r/adoptopenjdk/alpine3_build_image) | linux/x64 & linux/arm64 | [Jenkins](https://ci.adoptium.net/job/centos7_docker_image_updater/) | Yes | [Ubuntu 20.04 (riscv64 only)](./ansible/docker/Dockerfile.Ubuntu2004-riscv64) | [`adoptopenjdk/ubuntu2004_build_image:linux-riscv64`](https://hub.docker.com/r/adoptopenjdk/ubuntu2004_build_image) | linux/riscv64 | [Jenkins](https://ci.adoptium.net/job/centos7_docker_image_updater/) | Yes +
+(*) - Caveats: + +The RHEL7 image creation for s390x has to be run on a RHEL host using a +container implementation supplied by Red Hat, and we are using RHEL8 for +this as it has a stable implemention. The image creation requires the +following: + +1. The host needs to have an active RHEL subscription +2. The RHEL7 devkit (which cannot be made public) to be available in a tar file under /usr/local on the host as per the name in the Dockerfile +
+ When a change lands into master, the relevant dockerfiles are built using the appropriate CI system listed in the table above by configuring them with -the ansible playbooks and pushing them up to Docker Hub where they can be -consumed by our jenkins build agents when the `DOCKER_IMAGE` value is -defined on the jenkins build pipelines as configured in the -[pipeline_config files](https://github.com/AdoptOpenJDK/ci-jenkins-pipelines/tree/master/pipelines/jobs/configurations). +the ansible playbooks and - with the exception of the RHEL7 image for s390x - +pushing them up to Docker Hub where they can be consumed by our jenkins +build agents when the `DOCKER_IMAGE` value is defined on the jenkins build +pipelines as configured in the [pipeline_config +files](https://github.com/AdoptOpenJDK/ci-jenkins-pipelines/tree/master/pipelines/jobs/configurations). ### Adding a new dockerBuild dockerhub repository diff --git a/ansible/docker/Dockerfile.RHEL7 b/ansible/docker/Dockerfile.RHEL7 index e9e0f96bb6..dc0b773fae 100644 --- a/ansible/docker/Dockerfile.RHEL7 +++ b/ansible/docker/Dockerfile.RHEL7 @@ -1,10 +1,5 @@ FROM registry.access.redhat.com/rhel7 -# This dockerfile should be built using this from the top level of the repository: -# ROSIPW=******* docker build --no-cache -t rhel7_build_image -f ansible/docker/Dockerfile.RHEL7 --build-arg ROSIUSER=******* --secret id=ROSIPW --build-arg git_sha="$(git rev-parse --short HEAD)" `pwd` -ARG ROSIUSER -RUN sed -i 's/\(def in_container():\)/\1\n return False/g' /usr/lib64/python*/*-packages/rhsm/config.py -RUN --mount=type=secret,id=ROSIPW,required=true subscription-manager register --username=${ROSIUSER} --password="$(cat /run/secrets/ROSIPW)" --auto-attach -RUN subscription-manager repos --enable rhel-7-for-system-z-optional-rpms +RUN yum-config-manager --enable rhel-7-for-system-z-optional-rpms # ^^ Optional repo needed for Xvfb ARG git_sha @@ -15,6 +10,7 @@ RUN yum --enablerepo=rhel-7-server-ansible-2-for-system-z-rpms install -y ansibl RUN yum clean all COPY . /ansible +COPY devkit /usr/local/devkit RUN echo "localhost ansible_connection=local" > /ansible/hosts @@ -31,7 +27,10 @@ RUN useradd -c "Jenkins user" -d /home/${user} -u 1002 -g 1003 -m ${user} ENV \ JDK7_BOOT_DIR="/usr/lib/jvm/java-1.7.0-openjdk" \ JDK8_BOOT_DIR="/usr/lib/jvm/java-1.8.0-openjdk" \ - JDK10_BOOT_DIR="/usr/lib/jvm/jdk-10" \ JAVA_HOME="/usr/lib/jvm/java-1.8.0-openjdk" -RUN subscription-manager unregister +# While this does bloat the image it is required for building the +# devkit, and the process for that runs as non-root ... +# Disabled for now as we're going to copy from /usr/local/devkit on the host +RUN yum clean all +RUN yum reinstall --downloadonly glibc glibc-headers glibc-devel cups-libs cups-devel libX11 libX11-devel xorg-x11-proto-devel alsa-lib alsa-lib-devel libXext libXext-devel libXtst libXtst-devel libXrender libXrender-devel libXrandr libXrandr-devel freetype freetype-devel libXt libXt-devel libSM libSM-devel libICE libICE-devel libXi libXi-devel libXdmcp libXdmcp-devel libXau libXau-devel libgcc libxcrypt zlib zlib-devel libffi libffi-devel fontconfig fontconfig-devel kernel-headers diff --git a/ansible/inventory.yml b/ansible/inventory.yml index 0b2fcc92c3..bac7f050ce 100644 --- a/ansible/inventory.yml +++ b/ansible/inventory.yml @@ -70,13 +70,8 @@ hosts: solaris10u11-sparcv9-1: {ip: cloud.siteox.com, port: 24322} - ibmcloud: - win2012r2-x64-1: {ip: 169.48.4.138, user: Administrator} - win2012r2-x64-2: {ip: 169.48.4.142, user: Administrator} win2022-x64-1: {ip: 52.118.206.11, user: Administrator} - - spearhead: - freebsd12-x64-1: {ip: 185.131.222.224} - - docker: - skytap: @@ -89,8 +84,6 @@ hosts: ubuntu2204-x64-2: {ip: 20.83.24.86, description: 16 cores, 64GB} - equinix: - ubuntu2204-x64-1: {ip: 145.40.113.173, description: Intel Xeon Gold 40 core} - ubuntu2004-x64-1: {ip: 145.40.114.58, description: AMD EPYC 7401P 24 core} ubuntu2004-armv8-1: {ip: 147.75.35.203, description: Ampere Altra 160 core, 512Gb} ubuntu2204-armv8-1: {ip: 139.178.86.243, description: Ampere Altra 160 cores, 512Gb} @@ -113,7 +106,7 @@ hosts: - azure: win2016-x64-1: {ip: 52.149.211.210, user: adoptopenjdk} - win2019-x64-1: {ip: 20.185.182.137, user: adoptopenjdk} + win2019-x64-1: {ip: 13.92.177.186, user: adoptopenjdk} win2022-x64-1: {ip: 51.132.234.42, user: adoptopenjdk} win2022-x64-2: {ip: 20.26.116.218, user: adoptopenjdk} win11-aarch64-1: {ip: 20.4.31.184, user: adoptopenjdk} @@ -178,5 +171,3 @@ hosts: rhel6-x64-1: {ip: 169.48.4.140} rhel7-x64-1: {ip: 169.48.4.136} ubuntu1604-x64-1: {ip: 169.48.4.141} - win2012r2-x64-1: {ip: 169.48.4.131, user: Administrator} - win2012r2-x64-2: {ip: 169.48.4.139, user: Administrator} diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml index e43cf47b4e..059989e1f4 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml @@ -94,6 +94,7 @@ when: - (ansible_distribution != "Alpine" or ansible_architecture != "aarch64") - ansible_architecture != "riscv64" + - ansible_architecture != "s390x" tags: build_tools - role: adoptopenjdk_install # JDK11 Build Bootstrap jdk_version: 10 @@ -120,6 +121,7 @@ - ansible_distribution != "Solaris" - ansible_architecture != "riscv64" - ansible_architecture != "armv7l" + - ansible_architecture != "s390x" tags: build_tools - role: adoptopenjdk_install # Current LTS jdk_version: 21 diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml index f6382e7038..e12470d7cf 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml @@ -22,14 +22,20 @@ - name: Build {{ docker_image }} docker images command: docker build --cpu-period=100000 --cpu-quota=800000 -t aqa_{{ docker_image }} --memory=6G -f /tmp/Dockerfile.{{ docker_image }} /tmp/ -# Without specifying a port here, docker will give the container a random unused port -- name: Run {{ docker_image }} docker container - command: docker run --restart unless-stopped -p 22 --cpuset-cpus="0-3" --memory=6G --detach --name {{ docker_image | upper }}.PORT aqa_{{ docker_image }} +# Finds the highest port number already assigned and +1 +- name: Find available port + shell: docker ps --format \"\{\{\.Ports\}\}\" | awk -F[:-] '{print $2}' | sort | tail -n 1 + register: docker_port_output + +- name: Set docker_port variable if empty + set_fact: + docker_port: 32000 + when: docker_port_output.stdout == "" -# Now we want to rename the running container with the port name -- name: Find assigned port of {{ docker_image }} container - shell: docker port {{ docker_image | upper }}.PORT | head -n 1 | cut -d ':' -f 2 - register: docker_port +- name: Set docker_port variable when non empty + set_fact: + docker_port: "{{ docker_port_output.stdout | int + 1 }}" + when: not (docker_port_output.stdout == "") -- name: Rename {{ docker_image }} container to {{ docker_image | upper }}.{{ docker_port.stdout_lines[0] }} - command: docker rename {{ docker_image | upper }}.PORT {{ docker_image | upper }}.{{ docker_port.stdout_lines[0] }} +- name: Run {{ docker_image }} docker container + command: docker run --restart unless-stopped -p {{ docker_port }}:22 --cpuset-cpus="0-3" --memory=6G --detach --name {{ docker_image | upper }}.{{ docker_port }} aqa_{{ docker_image }} diff --git a/ansible/playbooks/nagios/roles/Nagios_Config/files/Nagios_Server_Config.py b/ansible/playbooks/nagios/roles/Nagios_Config/files/Nagios_Server_Config.py index e00f3d27bf..70e2e050ff 100644 --- a/ansible/playbooks/nagios/roles/Nagios_Config/files/Nagios_Server_Config.py +++ b/ansible/playbooks/nagios/roles/Nagios_Config/files/Nagios_Server_Config.py @@ -29,8 +29,7 @@ ## Define Any Hosts That Should Be Excluded -excluded_hosts = {'build-spearhead-freebsd12-x64-1', - 'test-inspira-solaris10u11-sparcv9-1', +excluded_hosts = {'test-inspira-solaris10u11-sparcv9-1', 'build-inspira-solaris10u11-sparcv9-1', 'build-inspira-solaris10u11-sparcv9-2', 'infrastructure-aws-ubuntu1804-x64-1', diff --git a/ansible/plugins/inventory/adoptopenjdk_yaml.py b/ansible/plugins/inventory/adoptopenjdk_yaml.py index f88ba3ba5c..3fe8ef8013 100755 --- a/ansible/plugins/inventory/adoptopenjdk_yaml.py +++ b/ansible/plugins/inventory/adoptopenjdk_yaml.py @@ -47,7 +47,7 @@ # providers - validated for consistency 'provider': ('alibaba', 'azure', 'marist', 'osuosl', - 'macstadium', 'macincloud', 'ibmcloud', 'spearhead', 'siteox', + 'macstadium', 'macincloud', 'ibmcloud', 'siteox', 'equinix', 'linaro','digitalocean', 'ibm', 'godaddy', 'aws', 'inspira', 'equinix_esxi', 'nine', 'scaleway', 'skytap', 'hetzner') diff --git a/collections/requirements.yml b/collections/requirements.yml index 9ee87128fb..13a584e939 100644 --- a/collections/requirements.yml +++ b/collections/requirements.yml @@ -4,3 +4,6 @@ collections: - name: community.general source: https://galaxy.ansible.com + + - name: community.windows + source: https://galaxy.ansible.com