diff --git a/.github/workflows/updatecli.yaml b/.github/workflows/updatecli.yaml index c3ca129e..744206e4 100644 --- a/.github/workflows/updatecli.yaml +++ b/.github/workflows/updatecli.yaml @@ -15,7 +15,7 @@ jobs: uses: actions/checkout@v4 - name: Install Updatecli in the runner - uses: updatecli/updatecli-action@v2.59.0 + uses: updatecli/updatecli-action@v2.60.0 - name: Run Updatecli in Dry Run mode run: updatecli diff --config ./updatecli/updatecli.d --values ./updatecli/values.github-action.yaml --values ./updatecli/values.temurin.yaml diff --git a/build.ps1 b/build.ps1 index 2d06a5af..f796646d 100644 --- a/build.ps1 +++ b/build.ps1 @@ -2,7 +2,6 @@ Param( [Parameter(Position=1)] [String] $Target = 'build', - [String] $Build = '', [String] $VersionTag = '1.0-1', [switch] $DryRun = $false, # Output debug info for tests. Accepted values: @@ -97,7 +96,6 @@ function Test-Image { Remove-Item -Recurse -Force $targetPath } New-Item -Path $targetPath -Type Directory | Out-Null - # $configuration.Run.Path = 'tests\sshAgent.Tests.ps1' $configuration.TestResult.OutputPath = '{0}\junit-results.xml' -f $targetPath $TestResults = Invoke-Pester -Configuration $configuration $failed = $false diff --git a/debian/Dockerfile b/debian/Dockerfile index 6c28bf16..8101a368 100644 --- a/debian/Dockerfile +++ b/debian/Dockerfile @@ -19,7 +19,7 @@ # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # THE SOFTWARE. -ARG DEBIAN_RELEASE=bookworm-20240513 +ARG DEBIAN_RELEASE=bookworm-20240612 FROM debian:"${DEBIAN_RELEASE}"-slim as jre-build SHELL ["/bin/bash", "-e", "-u", "-o", "pipefail", "-c"] diff --git a/debian/preview/Dockerfile b/debian/preview/Dockerfile deleted file mode 100644 index 54830b56..00000000 --- a/debian/preview/Dockerfile +++ /dev/null @@ -1,89 +0,0 @@ -ARG DEBIAN_RELEASE=bookworm-20230904 -FROM debian:"${DEBIAN_RELEASE}" AS jre-build -ARG JAVA_VERSION=21.0.1+12 -# This Build ARG is populated by Docker -# Ref. https://docs.docker.com/engine/reference/builder/#automatic-platform-args-in-the-global-scope -ARG TARGETPLATFORM - -SHELL ["/bin/bash","-e", "-u", "-o", "pipefail", "-c"] - -RUN apt-get update \ - && apt-get install --no-install-recommends -y ca-certificates curl jq \ - && ARCH=$(uname -m | sed -e 's/x86_64/x64/' -e 's/armv7l/arm/') \ - && JAVA_VERSION_ENCODED=$(printf '%s' "$JAVA_VERSION" | jq -jRr '@uri') \ - && BUILD_NUMBER=$(printf '%s' "$JAVA_VERSION" | cut -d'+' -f2) \ - && JAVA_MAJOR_VERSION=$(printf '%s' "$JAVA_VERSION" | cut -d'.' -f1) \ - && JAVA_VERSION_KEBAB=$(printf '%s' "$JAVA_VERSION" | sed 's/+/-/g;s/\./-/g') \ - && curl -sL https://github.com/adoptium/temurin"${JAVA_MAJOR_VERSION}"-binaries/releases/download/jdk-"${JAVA_VERSION_ENCODED}"-ea-beta/OpenJDK"${JAVA_MAJOR_VERSION}"U-jdk_"${ARCH}"_linux_hotspot_ea_"${JAVA_VERSION_KEBAB}".tar.gz | tar xz -C /opt/ \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* - -ENV PATH="/opt/jdk-${JAVA_VERSION}/bin:${PATH}" - -# It is acceptable to have a larger image in arm/v7 (arm 32 bits) environment. -# Because jlink fails with the error "jmods: Value too large for defined data type" error. -RUN cp -r "/opt/jdk-${JAVA_VERSION}" /javaruntime - -FROM debian:"${DEBIAN_RELEASE}" - -ARG user=jenkins -ARG group=jenkins -ARG uid=1000 -ARG gid=1000 -ARG JENKINS_AGENT_HOME=/home/${user} - -ENV JENKINS_AGENT_HOME=${JENKINS_AGENT_HOME} -ARG AGENT_WORKDIR="${JENKINS_AGENT_HOME}/agent" -# Persist agent workdir path through an environment variable for people extending the image -ENV AGENT_WORKDIR=${AGENT_WORKDIR} - -RUN groupadd -g ${gid} ${group} \ - && useradd -d "${JENKINS_AGENT_HOME}" -u "${uid}" -g "${gid}" -m -s /bin/bash "${user}" \ - # Prepare subdirectories - && mkdir -p "${JENKINS_AGENT_HOME}/.ssh/" "${AGENT_WORKDIR}" "${JENKINS_AGENT_HOME}/.jenkins" \ - # Make sure that user 'jenkins' own these directories and their content - && chown -R "${uid}":"${gid}" "${JENKINS_AGENT_HOME}" "${AGENT_WORKDIR}" - -RUN apt-get update \ - && apt-get install --no-install-recommends -y \ - ca-certificates \ - git-lfs \ - less \ - netcat-traditional \ - openssh-server \ - patch \ - && rm -rf /var/lib/apt/lists/* - -# setup SSH server -RUN sed -i /etc/ssh/sshd_config \ - -e 's/#PermitRootLogin.*/PermitRootLogin no/' \ - -e 's/#RSAAuthentication.*/RSAAuthentication yes/' \ - -e 's/#PasswordAuthentication.*/PasswordAuthentication no/' \ - -e 's/#SyslogFacility.*/SyslogFacility AUTH/' \ - -e 's/#LogLevel.*/LogLevel INFO/' && \ - mkdir /var/run/sshd - -# VOLUME directive must happen after setting up permissions and content -VOLUME "${AGENT_WORKDIR}" "${JENKINS_AGENT_HOME}"/.jenkins "/tmp" "/run" "/var/run" -WORKDIR "${JENKINS_AGENT_HOME}" - -ENV LANG='C.UTF-8' LC_ALL='C.UTF-8' - -ENV JAVA_HOME=/opt/java/openjdk -ENV PATH="${JAVA_HOME}/bin:${PATH}" -COPY --from=jre-build /javaruntime $JAVA_HOME - -RUN echo "PATH=${PATH}" >> /etc/environment -COPY setup-sshd /usr/local/bin/setup-sshd - -EXPOSE 22 - -ENTRYPOINT ["setup-sshd"] - -LABEL \ - org.opencontainers.image.vendor="Jenkins project" \ - org.opencontainers.image.title="Official Jenkins SSH Agent Docker image" \ - org.opencontainers.image.description="A Jenkins agent image which allows using SSH to establish the connection" \ - org.opencontainers.image.url="https://www.jenkins.io/" \ - org.opencontainers.image.source="https://github.com/jenkinsci/docker-ssh-agent" \ - org.opencontainers.image.licenses="MIT" diff --git a/docker-bake.hcl b/docker-bake.hcl index 81fa9191..dcbc0d67 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -2,7 +2,6 @@ group "linux" { targets = [ "alpine", "debian", - "debian_jdk21-preview", ] } @@ -13,12 +12,6 @@ group "linux-arm64" { ] } -group "linux-arm32" { - targets = [ - "debian_jdk21-preview", - ] -} - group "linux-s390x" { targets = [ "debian_jdk11", @@ -76,12 +69,8 @@ variable "JAVA21_VERSION" { default = "21.0.3_9" } -variable "JAVA21_PREVIEW_VERSION" { - default = "21.0.1+12" -} - variable "DEBIAN_RELEASE" { - default = "bookworm-20240513" + default = "bookworm-20240612" } ## Common functions @@ -173,22 +162,3 @@ target "debian" { platforms = debian_platforms(jdk) } -target "debian_jdk21-preview" { - dockerfile = "debian/preview/Dockerfile" - context = "." - args = { - JAVA_VERSION = JAVA21_PREVIEW_VERSION - DEBIAN_RELEASE = DEBIAN_RELEASE - } - tags = [ - # If there is a tag, add the versioned tag suffixed by the jdk - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${VERSION}-jdk21-preview" : "", - "${REGISTRY}/${JENKINS_REPO}:bookworm-jdk21-preview", - "${REGISTRY}/${JENKINS_REPO}:debian-jdk21-preview", - "${REGISTRY}/${JENKINS_REPO}:jdk21-preview", - "${REGISTRY}/${JENKINS_REPO}:latest-bookworm-jdk21-preview", - "${REGISTRY}/${JENKINS_REPO}:latest-debian-jdk21-preview", - "${REGISTRY}/${JENKINS_REPO}:latest-jdk21-preview", - ] - platforms = ["linux/arm/v7"] -} diff --git a/tests/sshAgent.Tests.ps1 b/tests/sshAgent.Tests.ps1 index bf063cf6..72416c31 100644 --- a/tests/sshAgent.Tests.ps1 +++ b/tests/sshAgent.Tests.ps1 @@ -1,8 +1,10 @@ Import-Module -DisableNameChecking -Force $PSScriptRoot/test_helpers.psm1 -$global:IMAGE_NAME = Get-EnvOrDefault 'IMAGE_NAME' '' # Ex: jenkins4eval/ssh-agent:nanoserver-1809-jdk17 +$global:IMAGE_NAME = Get-EnvOrDefault 'IMAGE_NAME' '' # Ex: jenkins4eval/ssh-agent:nanoserver-ltsc2019-jdk17 $global:JAVA_VERSION = Get-EnvOrDefault 'JAVA_VERSION' '' +Write-Host "= TESTS: Preparing $global:IMAGE_NAME with Java $global:JAVA_VERSION" + $imageItems = $global:IMAGE_NAME.Split(':') $global:IMAGE_TAG = $imageItems[1] diff --git a/updatecli/scripts/check-jdk.sh b/updatecli/scripts/check-jdk.sh index d16ac594..a0877aa6 100755 --- a/updatecli/scripts/check-jdk.sh +++ b/updatecli/scripts/check-jdk.sh @@ -29,17 +29,6 @@ function get_jdk_download_url() { ## JDK19 URLs have an underscore ('_') instead of a plus ('+') in their archive names echo "https://github.com/adoptium/temurin19-binaries/releases/download/jdk-${jdk_version}/OpenJDK19U-jdk_${platform}_hotspot_${jdk_version//+/_}"; return 0;; - 21*-ea-beta) - # JDK preview version (21+35-ea-beta, 21.0.1+12-ea-beta) - # This has been updated to support the new inferred URL pattern that started as of 21.0.3+2-ea-beta. It will not work for earlier preview versions. - # One could update the cases to support all preview versions, if desired. - jdk_version="${jdk_version//-beta}" - ## https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21%2B35-ea-beta/OpenJDK21U-jdk_aarch64_linux_hotspot_ea_21-0-35.tar.gz - ## https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.1%2B12-ea-beta/OpenJDK21U-jdk_x64_linux_hotspot_ea_21-0-1-12.tar.gz - dashJDKVersion="${jdk_version//+/_}" - jdk_version="${jdk_version//-ea}" - echo "https://github.com/adoptium/temurin21-binaries/releases/download/jdk-${jdk_version//+/%2B}-ea-beta/OpenJDK21U-jdk_${platform}_hotspot_${dashJDKVersion}" - return 0;; 21*) ## JDK21 URLs have an underscore ('_') instead of a plus ('+') in their archive names echo "https://github.com/adoptium/temurin21-binaries/releases/download/jdk-${jdk_version}/OpenJDK21U-jdk_${platform}_hotspot_${jdk_version//+/_}"; diff --git a/updatecli/updatecli.d/jdk21-preview.yaml b/updatecli/updatecli.d/jdk21-preview.yaml deleted file mode 100644 index fe0df376..00000000 --- a/updatecli/updatecli.d/jdk21-preview.yaml +++ /dev/null @@ -1,67 +0,0 @@ ---- -name: Bump JDK21 EA version for all Linux images - -scms: - default: - kind: github - spec: - user: "{{ .github.user }}" - email: "{{ .github.email }}" - owner: "{{ .github.owner }}" - repository: "{{ .github.repository }}" - token: "{{ requiredEnv .github.token }}" - username: "{{ .github.username }}" - branch: "{{ .github.branch }}" - temurin21-binaries: - kind: "github" - spec: - user: "{{ .github.user }}" - email: "{{ .github.email }}" - owner: "adoptium" - repository: "temurin21-binaries" - token: '{{ requiredEnv .github.token }}' - branch: "main" - -sources: - getLatestJDK21EAVersion: - name: Get the latest Adoptium JDK21 EA version - kind: gittag - scmid: temurin21-binaries - spec: - versionfilter: - kind: regex - pattern: ".*-ea-.*" - transformers: - - trimprefix: "jdk-" - - trimsuffix: "-ea-beta" - -conditions: - checkIfReleaseIsAvailable: - kind: shell - spec: - command: bash ./updatecli/scripts/check-jdk.sh # source input value passed as argument - -targets: - setJDK21VersionForBake: - name: "Bump JDK21 EA version for Linux images in the docker-bake.hcl file" - kind: hcl - spec: - file: docker-bake.hcl - path: variable.JAVA21_PREVIEW_VERSION.default - scmid: default - setJDK21VersionDebian: - name: "Bump JDK21 EA version for Linux images in the Debian Dockerfile" - kind: dockerfile - spec: - file: debian/preview/Dockerfile - instruction: - keyword: "ARG" - matcher: "JAVA_VERSION" -actions: - default: - kind: github/pullrequest - scmid: default - title: Bump JDK21 EA version to {{ source "getLatestJDK21EAVersion" }} - spec: - labels: - - dependencies \ No newline at end of file diff --git a/windows/nanoserver/Dockerfile b/windows/nanoserver/Dockerfile index f983b3eb..a37a5e3f 100644 --- a/windows/nanoserver/Dockerfile +++ b/windows/nanoserver/Dockerfile @@ -60,7 +60,7 @@ RUN $javaMajorVersion = $env:JAVA_HOME.Substring($env:JAVA_HOME.Length - 2); ` New-Item -Path "C:\jdk-${javaMajorVersion}" -ItemType SymbolicLink -Value "${env:JAVA_HOME}" # Install git -ARG GIT_VERSION=2.45.1 +ARG GIT_VERSION=2.45.2 ARG GIT_PATCH_VERSION=1 RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; ` # The patch "windows.1" always have a different URL than the subsequent patch (ZIP filename is different) diff --git a/windows/windowsservercore/Dockerfile b/windows/windowsservercore/Dockerfile index 3ca59147..aec1769c 100644 --- a/windows/windowsservercore/Dockerfile +++ b/windows/windowsservercore/Dockerfile @@ -55,7 +55,7 @@ ENV JENKINS_AGENT_WORK ${JENKINS_AGENT_WORK} USER ContainerAdministrator # Install git -ARG GIT_VERSION=2.45.1 +ARG GIT_VERSION=2.45.2 ARG GIT_PATCH_VERSION=1 RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; ` # The patch "windows.1" always have a different URL than the subsequent patch (ZIP filename is different)