diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d2b642e828..b9d98e1f35 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Docker Buildx to use cache feature uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 @@ -39,7 +39,7 @@ jobs: - name: Docker Build CentOS6 Image Test - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0 with: file: ./ansible/docker/Dockerfile.CentOS6 build-args: git_sha=${{ github.sha }} @@ -50,7 +50,7 @@ jobs: if: github.ref != 'refs/heads/master' - name: Docker Build & Push Centos6 Image to Docker Hub On Merge - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0 with: file: ./ansible/docker/Dockerfile.CentOS6 build-args: git_sha=${{ github.sha }} @@ -65,13 +65,13 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Docker Buildx to use cache feature uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - name: Docker Build Alpine3 Image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0 with: file: ./ansible/docker/Dockerfile.Alpine3 build-args: git_sha=${{ github.sha }} diff --git a/.github/workflows/build_mac.yml b/.github/workflows/build_mac.yml index 98a2c0f8da..1bdfe7a994 100644 --- a/.github/workflows/build_mac.yml +++ b/.github/workflows/build_mac.yml @@ -22,9 +22,12 @@ jobs: - os: [macos-14] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - name: Install dependencies + - name: Install Python + run: brew install python@3.12 --overwrite + + - name: Install Ansible run: brew install ansible # This is to fix an issue with the github macos14 runner, that cant resolve keyserver.ubuntu.com diff --git a/.github/workflows/build_qemu.yml b/.github/workflows/build_qemu.yml index 81fae2b933..31c8b79331 100644 --- a/.github/workflows/build_qemu.yml +++ b/.github/workflows/build_qemu.yml @@ -36,7 +36,7 @@ jobs: # distro: jessie steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Run on architecture uses: uraimo/run-on-arch-action@b0ffb25eb00af00468375982384441f063da1741 # v2.7.2 diff --git a/.github/workflows/build_vagrant.yml b/.github/workflows/build_vagrant.yml index 090901bd2e..24f65df25b 100644 --- a/.github/workflows/build_vagrant.yml +++ b/.github/workflows/build_vagrant.yml @@ -19,16 +19,29 @@ permissions: jobs: build-solaris: name: Solaris - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + + # As Solaris Needs An Older Version Of Ansible/Python + # Use Python2 & Pip To Install On Ubuntu 22.04 + # Rather Than The System Packages + + - name: Install Python 2 + run: sudo apt-get install python2 + + - name: Python 2 Get Pip Bootstrap Script + run: curl https://bootstrap.pypa.io/pip/2.7/get-pip.py --output get-pip.py + + - name: Python 2 Get Pip + run: sudo python2 get-pip.py + + - name: Install Ansible Using PIP2 + run: pip2 install ansible - name: Update Repos run: sudo apt-get update - - - name: Install Ansible - run: sudo apt-get install ansible - name: Install VirtualBox run: sudo apt-get install virtualbox diff --git a/.github/workflows/build_wsl.yml b/.github/workflows/build_wsl.yml index 565fa02f5f..2e81b342fe 100644 --- a/.github/workflows/build_wsl.yml +++ b/.github/workflows/build_wsl.yml @@ -41,7 +41,7 @@ jobs: .\ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert .\ConfigureRemotingForAnsible.ps1 -SkipNetworkProfileCheck - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: Vampire/setup-wsl@6f87de3102a29ac6b92800f33bf1e8d9164ac0a1 # v3.1.1 diff --git a/.github/workflows/check_dockerstatic.yml b/.github/workflows/check_dockerstatic.yml index 32cf7bd83a..4b395db53b 100644 --- a/.github/workflows/check_dockerstatic.yml +++ b/.github/workflows/check_dockerstatic.yml @@ -28,7 +28,7 @@ jobs: - os: alpine3.19 dockerfile: "Dockerfile.alp319" steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Test Dockerfile on ${{ matrix.os }} env: DOCKERFILE: ${{ matrix.dockerfile }} @@ -45,7 +45,7 @@ jobs: - os: centos8 dockerfile: "Dockerfile.cent8" steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Test Dockerfile on ${{ matrix.os }} env: DOCKERFILE: ${{ matrix.dockerfile }} @@ -62,7 +62,7 @@ jobs: - os: fedora39 dockerfile: "Dockerfile.f39" steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Test Dockerfile on ${{ matrix.os }} env: DOCKERFILE: ${{ matrix.dockerfile }} @@ -83,7 +83,7 @@ jobs: - os: ubuntu22.04 dockerfile: "Dockerfile.u2204" steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Test Dockerfile on ${{ matrix.os }} env: DOCKERFILE: ${{ matrix.dockerfile }} diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 6a84514244..906a28c0b1 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -25,7 +25,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: 'Yamllint' uses: karancode/yamllint-github-action@fdef6bc189425ecc84cc4543b2674566c0827053 # v2.1.1 @@ -39,7 +39,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Python 3.x uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 diff --git a/.github/workflows/packer.yml b/.github/workflows/packer.yml new file mode 100644 index 0000000000..f149685751 --- /dev/null +++ b/.github/workflows/packer.yml @@ -0,0 +1,48 @@ +name: Packer + +on: + workflow_dispatch: + push: + paths: + - .github/workflows/packer.yml + - ansible/playbooks/AdoptOpenJDK_Unix_Playbook/** + - ansible/packer/** + branches: + - master + +jobs: + packer: + name: Update macOS Orka Image + runs-on: ubuntu-latest + strategy: + matrix: + os: [sonoma-arm64, sonoma-intel] + steps: + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + + # This is to fix an issue with the github macos14 runner, that cant resolve keyserver.ubuntu.com + # but this does work when replaced with the IP address. Spotted during the GPG verification of ANT step + # Upstream Bug : https://github.com/actions/runner-images/issues/9777 + - name: Replace keyserver address with IP address + run: | + sed -i 's/keyserver\.ubuntu\.com/185.125.188.27/g' ansible/playbooks/Supporting_Scripts/package_signature_verification.sh + + - name: Install openconnect + run: sudo apt-get install -y openconnect + + - name: Connect to Orka VPN + run: | + echo ${{ secrets.ORKA_VPN_PASSWORD }} | sudo openconnect 207.254.69.34 \ + --protocol=anyconnect --user=${{ secrets.ORKA_VPN_USERNAME }} \ + --passwd-on-stdin --background \ + --servercert ${{ secrets.ORKA_VPN_SERVER_CERT }} + + - name: Init Packer + run: packer init orka.pkr.hcl + working-directory: ansible/packer + + - name: Run Packer + run: packer build --only=macstadium-orka.${{ matrix.os }} orka.pkr.hcl + working-directory: ansible/packer + env: + ORKA_TOKEN: ${{ secrets.ORKA_TOKEN }} diff --git a/ansible/DockerInventory.json b/ansible/DockerInventory.json index 55a20b2328..b6b3eb5a6b 100644 --- a/ansible/DockerInventory.json +++ b/ansible/DockerInventory.json @@ -157,7 +157,7 @@ "port": "32772" }, { - "nodeName": "test-docker-debain12-armv8l-1", + "nodeName": "test-docker-debian12-armv8l-1", "port": "2231" }, { diff --git a/ansible/inventory.yml b/ansible/inventory.yml index 309df16288..9b78829a4a 100644 --- a/ansible/inventory.yml +++ b/ansible/inventory.yml @@ -102,6 +102,7 @@ hosts: ubuntu1804-armv8-2: {ip: 114.119.175.125} - azure: + ubuntu2404-x64-1: {ip: 20.115.98.159, user: azureuser} win2016-x64-1: {ip: 172.172.147.29, user: adoptopenjdk} win2019-x64-1: {ip: 13.92.177.186, user: adoptopenjdk} win2022-x64-1: {ip: 51.132.234.42, user: adoptopenjdk} @@ -128,6 +129,7 @@ hosts: ubuntu1804-ppc64le-1: {ip: 140.211.168.5, user: ubuntu} ubuntu1804-ppc64le-2: {ip: 140.211.168.8, user: ubuntu} ubuntu2004-ppc64le-1: {ip: 140.211.168.235, user: ubuntu} + ubuntu2404-aarch64-1: {ip: 140.211.169.12, user: ubuntu} - macincloud: macos1201-x64-1: {ip: 216.39.74.137, user: admin, description: DXT437} diff --git a/ansible/packer/README.md b/ansible/packer/README.md new file mode 100644 index 0000000000..683488d09f --- /dev/null +++ b/ansible/packer/README.md @@ -0,0 +1,47 @@ +# Packer Configuration for Virtual Machine Images + +This repository contains two Packer configuration files used for building virtual machine images for MacStadium Orka environments. These configurations are specifically tailored to set up environments with necessary tools like Homebrew, Ansible, and Xcode. + +## Configuration Files + +1. Base Image Creation (`orka-base.pkr.hcl`): This file is used to create a base image for sonoma-arm64 VMs. It installs Homebrew, Ansible, and specific versions of Xcode. + +1. Adoptium Image Creation (`orka.pkr.hcl`): This configuration builds upon the base image to create an Adoptium Sonoma ARM64 and Intel image, with a full Ansible playbook run excluding certain tags. + +## Prerequisites + +- [Packer](https://www.packer.io/downloads) installed on your system. +- Access to a MacStadium Orka environment (via VPN). +- Required environment variables set (`ORKA_TOKEN`, `XCode11_7_SAS_TOKEN`, `XCode15_0_1_SAS_TOKEN`). + +## Setup and Usage + +### Setting Environment Variables + +Set the necessary environment variables: + +```bash +export ORKA_TOKEN="your-orka-token" +export XCode11_7_SAS_TOKEN="your-xcode11.7-token" +export XCode15_0_1_SAS_TOKEN="your-xcode15.0.1-token" +``` + +### Running the Packer Builds + +1. Building the Base image + +```bash +packer init . +packer build orka-base.pkr.hcl +``` + +This will create the base image for sonoma-arm64 and somoma-intel VMs. The base step has a pause which allows users to manually make any required changes and then resume the build. + +1. Building the Adoptium image + +The Adoptium image depends on the base image. This generates the images that we use in Jenkins and contains the full set of dependencies. + +```bash +packer init . +packer build orka.pkr.hcl +``` diff --git a/ansible/packer/orka-base.pkr.hcl b/ansible/packer/orka-base.pkr.hcl new file mode 100644 index 0000000000..8b53a27a56 --- /dev/null +++ b/ansible/packer/orka-base.pkr.hcl @@ -0,0 +1,98 @@ +packer { + required_plugins { + macstadium-orka = { + source = "github.com/macstadium/macstadium-orka" + version = "~>3" + } + ansible = { + source = "github.com/hashicorp/ansible" + version = "~> 1" + } + } +} + +variable "ORKA_TOKEN" { + default = env("ORKA_TOKEN") +} + +variable "ORKA_ENDPOINT" { + default = "http://10.221.188.20" +} + +variable "XCode11_7_SAS_TOKEN" { + default = env("XCode11_7_SAS_TOKEN") +} + +variable "XCode15_0_1_SAS_TOKEN" { + default = env("XCode15_0_1_SAS_TOKEN") +} + +source "macstadium-orka" "sonoma-arm64" { + source_image = "sonoma-90gb-orka3-arm" + image_name = "sonoma-arm64-base" + image_description = "Base image with sudoers setup and xcode/brew/ansible installed" + image_force_overwrite = true + orka_endpoint = var.ORKA_ENDPOINT + orka_auth_token = var.ORKA_TOKEN + orka_vm_builder_name = "sonoma-arm64-builder" +} + +source "macstadium-orka" "sonoma-intel" { + source_image = "90gbsonomassh.img" + image_name = "sonoma-intel-base" + image_description = "Base image with sudoers setup and brew/ansible installed" + image_force_overwrite = true + orka_endpoint = var.ORKA_ENDPOINT + orka_auth_token = var.ORKA_TOKEN + orka_vm_builder_name = "sonoma-intel-builder" +} + +# Generate the base image for the sonoma-arm64 VMs which we will use to run the ansible playbook +build { + sources = [ + "macstadium-orka.sonoma-arm64", + "macstadium-orka.sonoma-intel" + ] + + # set sudoers to allow passwordless sudo + provisioner "shell" { + inline = [ + "echo admin | sudo -S sh -c 'echo \"%admin ALL=(ALL) NOPASSWD:ALL\" >> /etc/sudoers'", + ] + } + + # Pause the provisioner until user interacts (for install Xcode etc) + provisioner "breakpoint" {} + + # Install homebrew and ansible + provisioner "shell" { + inline = [<> /Users/admin/.zprofile; \ + eval "$($BREW_PATH/brew shellenv)"; \ + echo export PATH="$BREW_PATH:$PATH" >> /Users/admin/.zprofile; \ + brew install ansible;' +EOF + ] + } + + # Install Xcode + provisioner "ansible-local" { + playbook_file = "../playbooks/AdoptOpenJDK_Unix_Playbook/main.yml" + playbook_dir = "../playbooks/AdoptOpenJDK_Unix_Playbook" + extra_arguments = [ + "--extra-vars", "ansible_user=admin", + "--extra-vars", "XCode11_7_SAS_TOKEN=\"${var.XCode11_7_SAS_TOKEN}\"", + "--extra-vars", "XCode15_0_1_SAS_TOKEN=\"${var.XCode15_0_1_SAS_TOKEN}\"", + "--tags", "xcode11,xcode15" + ] + command = "source /Users/admin/.zprofile; ansible-playbook" + } +} diff --git a/ansible/packer/orka.pkr.hcl b/ansible/packer/orka.pkr.hcl new file mode 100644 index 0000000000..fe61ae3823 --- /dev/null +++ b/ansible/packer/orka.pkr.hcl @@ -0,0 +1,78 @@ +packer { + required_plugins { + macstadium-orka = { + source = "github.com/macstadium/macstadium-orka" + version = "~>3" + } + ansible = { + source = "github.com/hashicorp/ansible" + version = "~> 1" + } + } +} + +variable "ORKA_TOKEN" { + default = env("ORKA_TOKEN") +} + +variable "ORKA_ENDPOINT" { + default = "http://10.221.188.20" +} + +source "macstadium-orka" "sonoma-arm64" { + source_image = "sonoma-arm64-base" + image_name = "adoptium-sonoma-arm64" + image_description = "Adoptium Sonoma ARM64 image with full ansible playbook run" + image_force_overwrite = true + orka_endpoint = var.ORKA_ENDPOINT + orka_auth_token = var.ORKA_TOKEN + orka_vm_builder_name = "sonoma-arm64-builder" +} + +source "macstadium-orka" "sonoma-intel" { + source_image = "sonoma-intel-base" + image_name = "adoptium-sonoma-intel" + image_description = "Base image with sudoers setup and brew/ansible installed" + image_force_overwrite = true + orka_endpoint = var.ORKA_ENDPOINT + orka_auth_token = var.ORKA_TOKEN + orka_vm_builder_name = "sonoma-intel-builder" +} + +build { + sources = [ + "macstadium-orka.sonoma-arm64", + "macstadium-orka.sonoma-intel" + ] + + # Ensure ansible package is up to date + provisioner "shell" { + inline = [ + "source /Users/admin/.zprofile; brew upgrade ansible", + ] + } + + # Create /tmp/packer-provisioner-ansible-local + provisioner "shell" { + inline = [ + "mkdir -p /tmp/packer-provisioner-ansible-local", + ] + } + + # Copy playbooks/Supporting_Scripts to /tmp/packer-provisioner-ansible-local + provisioner "file" { + source = "../playbooks/Supporting_Scripts" + destination = "/tmp/packer-provisioner-ansible-local" + } + + # Run ansible playbook + provisioner "ansible-local" { + playbook_file = "../playbooks/AdoptOpenJDK_Unix_Playbook/main.yml" + playbook_dir = "../playbooks/AdoptOpenJDK_Unix_Playbook" + extra_arguments = [ + "--extra-vars", "ansible_user=admin", + "--skip-tags=hostname,brew_upgrade,brew_cu,core_dumps,crontab,kernel_tuning,adoptopenjdk,jenkins,nagios,superuser,swap_file,jck_tools" + ] + command = "source /Users/admin/.zprofile; ansible-playbook" + } +} diff --git a/ansible/playbooks/AdoptOpenJDK_AIX_Playbook/roles/yum/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_AIX_Playbook/roles/yum/tasks/main.yml index 1c44f00a5b..242fce6a06 100644 --- a/ansible/playbooks/AdoptOpenJDK_AIX_Playbook/roles/yum/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_AIX_Playbook/roles/yum/tasks/main.yml @@ -70,8 +70,6 @@ - name: Unpack yum bundle command: cmd: /usr/bin/tar -xf /tmp/yum/yum_bundle.tar -C /tmp/yum - # Neither zip nor gtar is not available, disable warning about unpack: - warn: false - name: Install yum bundle command: rpm -i /tmp/yum/*.rpm diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml index 765c05c59f..4678857d5c 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml @@ -84,11 +84,12 @@ - ansible_os_family == "RedHat" or ansible_os_family == "Debian" - ansible_architecture == "aarch64" tags: [devkit] - - role: Xcode - when: ansible_distribution == "MacOSX" - role: Xcode11 when: ansible_distribution == "MacOSX" and ansible_architecture == "arm64" - tags: [xcode11] + tags: [xcode11] # JDK 8 + - role: Xcode15 + when: ansible_distribution == "MacOSX" and ansible_architecture == "arm64" + tags: [xcode15] # JDK 17+ - role: cmake # OpenJ9 / OpenJFX when: ansible_distribution != "Solaris" # Compile fails on Solaris tags: [build_tools, build_tools_openj9, build_tools_openjfx] diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Ant-Contrib/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Ant-Contrib/tasks/main.yml index e1b62df104..2e0898dd42 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Ant-Contrib/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Ant-Contrib/tasks/main.yml @@ -88,6 +88,7 @@ tags: ant-contrib - name: Move ant-contrib.jar to ant lib folder + become: true command: mv /tmp/ant-contrib/lib/ant-contrib.jar {{ ant_lib_dir }} when: not antcontrib_status.stat.exists tags: ant-contrib diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/tasks/openSUSE.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/tasks/openSUSE.yml index be2b631a4d..d527fadf8c 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/tasks/openSUSE.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/tasks/openSUSE.yml @@ -26,15 +26,6 @@ - (ansible_distribution_major_version == "12") tags: SUSE_gcc48 -- name: Sed change gpgcheck for gcc repo on x86_64 - replace: - path: /etc/zypp/repos.d/devel_gcc.repo - regexp: 'gpgcheck=1' - replace: "gpgcheck=0" - when: - - (ansible_distribution_major_version == "12" and ansible_architecture == "x86_64") - tags: SUSE_gcc48 - # Skipping ansible lint as shell module is required to use the --force-resolution option (lint error 305) - name: Install gcc48 shell: zypper -n in --force-resolution gcc48 @@ -154,7 +145,7 @@ dest: /tmp/ mode: 0440 timeout: 25 - validate_certs: no + validate_certs: yes checksum: sha256:d9dc32efba7e74f788fcc4f212a43216fc37cf5f23f4c2339664d473353aedf6 when: - (ansible_distribution_major_version == "12" and ansible_architecture == "x86_64") diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml index be418e5063..3b541e5de9 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml @@ -9,6 +9,7 @@ Build_Tool_Packages: - autoconf - automake # for compiling freetype on JDK8u - coreutils + - git - gnupg - gnu-sed - gnu-tar @@ -25,6 +26,7 @@ Build_Tool_Casks: Test_Tool_Packages: - mercurial - pulseaudio + - jq JCK_Tool_Casks: - blackhole-2ch # Used to emulate a line in feed for JCK tests diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.ubi8 b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.ubi8 index ae6108fcd1..01a78f5a6f 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.ubi8 +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.ubi8 @@ -5,7 +5,7 @@ RUN dnf -y update && dnf install -y perl openssh-server unzip zip wget epel-rele RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -P "" # Install Additional Repos # N.B https is not available for centos mirror, so adding independently verified checksum validation for http downloads -RUN wget 'http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os/Packages/centos-gpg-keys-8-3.el8.noarch.rpm' -O /tmp/gpgkey.rpm +RUN wget 'https://vault.centos.org/centos/8-stream/BaseOS/x86_64/os/Packages/centos-gpg-keys-8-3.el8.noarch.rpm' -O /tmp/gpgkey.rpm ARG GPG_CHECKSUM=79cda0505d8dd88b8277c1af9c55021319a0e516df8d24c893d740eac1d74feb RUN ACTUAL_CHECKSUM=$(sha256sum /tmp/gpgkey.rpm | awk '{print $1}') \ && if [ "$ACTUAL_CHECKSUM" != "$GPG_CHECKSUM" ]; then \ @@ -13,7 +13,7 @@ RUN ACTUAL_CHECKSUM=$(sha256sum /tmp/gpgkey.rpm | awk '{print $1}') \ exit 1; \ fi RUN rpm -i '/tmp/gpgkey.rpm' -RUN wget 'http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os/Packages/centos-stream-repos-8-3.el8.noarch.rpm' -O /tmp/centosrepos.rpm +RUN wget 'https://vault.centos.org/centos/8-stream/BaseOS/x86_64/os/Packages/centos-stream-repos-8-3.el8.noarch.rpm' -O /tmp/centosrepos.rpm ARG REPO_CHECKSUM=bd0c7fe3f1f6a08f4658cc0cc9b1c1a91e38f8bf60c3af2ed2ee220523ded269 RUN ACTUAL_CHECKSUM=$(sha256sum /tmp/centosrepos.rpm | awk '{print $1}') \ && if [ "$ACTUAL_CHECKSUM" != "$REPO_CHECKSUM" ]; then \ @@ -21,6 +21,13 @@ RUN ACTUAL_CHECKSUM=$(sha256sum /tmp/centosrepos.rpm | awk '{print $1}') \ exit 1; \ fi RUN rpm -i '/tmp/centosrepos.rpm' +# Modify baseurl for all Centos repos, mainly Appstream, BaseOS and Extras repos +RUN sed -i 's/#baseurl=http\:\/\/mirror/baseurl=http\:\/\/vault/g' /etc/yum.repos.d/CentOS-Stream-* +# dnf complains about needing to remove redhat-release (lets not) +RUN echo "exclude=redhat-release" >> /etc/dnf/dnf.conf +RUN dnf -y update +# New Centos repos installed after update, so baseurl needs to be changed again for new repos +RUN sed -i 's/#baseurl=http\:\/\/mirror/baseurl=http\:\/\/vault/g' /etc/yum.repos.d/CentOS-Stream-* # Get latest jdk17 ga RUN wget -q 'https://api.adoptium.net/v3/binary/latest/17/ga/linux/x64/jdk/hotspot/normal/eclipse?project=jdk' -O /tmp/jdk17.tar.gz RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843C48A565F8F04B @@ -48,9 +55,9 @@ RUN chmod -R og-rwx /home/jenkins/.ssh # RUN service ssh start CMD ["/usr/sbin/sshd","-D"] RUN dnf install -y git curl make gcc xorg-x11-server-Xvfb libXrender libXi libXtst fontconfig fakeroot procps-ng hostname diffutils -RUN yum install -y coreutils --allowerasing +RUN dnf install -y coreutils --allowerasing # Install SSL Test packages -RUN yum install -y gnutls gnutls-utils libnss3.so nss nss-tools +RUN dnf install -y gnutls gnutls-utils nss nss-tools # ENTRYPOINT /usr/lib/jvm/jdk17/bin/java EXPOSE 22 # Start with docker run -p 2222:22 UUID diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.ubi9 b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.ubi9 new file mode 100644 index 0000000000..ed08ae9364 --- /dev/null +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.ubi9 @@ -0,0 +1,55 @@ +FROM redhat/ubi9 +# Install Base Requirements +RUN dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm +RUN dnf -y update && dnf install -y perl openssh-server unzip zip wget epel-release +RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -P "" +# Install Additional Repos +RUN wget 'https://mirror.stream.centos.org/9-stream/BaseOS/x86_64/os/Packages/centos-gpg-keys-9.0-26.el9.noarch.rpm' -O /tmp/gpgkey.rpm +ARG GPG_CHECKSUM=8d601d9f96356a200ad6ed8e5cb49bbac4aa3c4b762d10a23e11311daa5711ca +RUN ACTUAL_CHECKSUM=$(sha256sum /tmp/gpgkey.rpm | awk '{print $1}') \ + && if [ "$ACTUAL_CHECKSUM" != "$GPG_CHECKSUM" ]; then \ + echo "Checksum mismatch! Aborting installation."; \ + exit 1; \ + fi +RUN rpm -i '/tmp/gpgkey.rpm' +RUN wget 'https://mirror.stream.centos.org/9-stream/BaseOS/x86_64/os/Packages/centos-stream-repos-9.0-26.el9.noarch.rpm' -O /tmp/centosrepos.rpm +ARG REPO_CHECKSUM=eb3b55a5cf0e1a93a91cd2d39035bd1754b46f69ff3d062b3331e765b2345035 +RUN ACTUAL_CHECKSUM=$(sha256sum /tmp/centosrepos.rpm | awk '{print $1}') \ + && if [ "$ACTUAL_CHECKSUM" != "$REPO_CHECKSUM" ]; then \ + echo "Checksum mismatch! Aborting installation."; \ + exit 1; \ + fi +RUN rpm -i '/tmp/centosrepos.rpm' +# Get latest jdk17 ga +RUN wget -q 'https://api.adoptium.net/v3/binary/latest/17/ga/linux/x64/jdk/hotspot/normal/eclipse?project=jdk' -O /tmp/jdk17.tar.gz +RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843C48A565F8F04B +# Get sig file for latest jdk17 ga +RUN wget -q `curl -s 'https://api.adoptium.net/v3/assets/feature_releases/17/ga?architecture=x64&heap_size=normal&image_type=jdk&jvm_impl=hotspot&os=linux&page=0&page_size=1&project=jdk&vendor=eclipse' | grep signature_link | awk '{split($0,a,"\""); print a[4]}'` -O /tmp/jdk17.sig +RUN gpg --verify /tmp/jdk17.sig /tmp/jdk17.tar.gz +RUN mkdir -p /usr/lib/jvm/jdk17 && tar -xpzf /tmp/jdk17.tar.gz -C /usr/lib/jvm/jdk17 --strip-components=1 +# Install ant via WGET +RUN wget -q -O /tmp/ant.zip 'https://archive.apache.org/dist/ant/binaries/apache-ant-1.10.5-bin.zip' +RUN wget -q -O /tmp/ant-contrib.tgz https://sourceforge.net/projects/ant-contrib/files/ant-contrib/ant-contrib-1.0b2/ant-contrib-1.0b2-bin.tar.gz +RUN echo "2e48f9e429d67708f5690bc307232f08440d01ebe414059292b6543971da9c7cd259c21533b9163b4dd753321c17bd917adf8407d03245a0945fc30a4e633163 /tmp/ant.zip" > /tmp/ant.sha512 +RUN echo "0fd2771dca2b8b014a4cb3246715b32e20ad5d26754186d82eee781507a183d5e63064890b95eb27c091c93c1209528a0b18a6d7e6901899319492a7610e74ad /tmp/ant-contrib.tgz" >> /tmp/ant.sha512 +RUN sha512sum --check --strict /tmp/ant.sha512 +RUN ln -s /usr/local/apache-ant-1.10.5/bin/ant /usr/bin/ant +RUN unzip -q -d /usr/local /tmp/ant.zip +RUN tar xpfz /tmp/ant-contrib.tgz -C /usr/local/apache-ant-1.10.5/lib --strip-components=2 ant-contrib/lib/ant-contrib.jar +# Housekeep Downloaded Archives +RUN rm /tmp/jdk17.tar.gz /tmp/ant.zip /tmp/ant-contrib.tgz /tmp/gpgkey.rpm /tmp/jdk17.sig +# Set up jenkins user +RUN useradd -m -d /home/jenkins jenkins +RUN mkdir /home/jenkins/.ssh +RUN echo "Jenkins_User_SSHKey" > /home/jenkins/.ssh/authorized_keys +RUN chown -R jenkins /home/jenkins/.ssh +RUN chmod -R og-rwx /home/jenkins/.ssh +# RUN service ssh start +CMD ["/usr/sbin/sshd","-D"] +RUN dnf install -y git make gcc xorg-x11-server-Xvfb libXrender libXi libXtst fontconfig fakeroot procps-ng hostname diffutils +RUN dnf install -y coreutils --allowerasing curl +# Install SSL Test packages +RUN dnf install -y gnutls gnutls-utils nss nss-tools +# ENTRYPOINT /usr/lib/jvm/jdk17/bin/java +EXPOSE 22 +# Start with docker run -p 2222:22 UUID diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/README.md b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/README.md index 9525739b67..24413cc4b9 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/README.md +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/README.md @@ -33,6 +33,13 @@ The `dockerhost.yml` playbook can deploy single, multiple and duplicate containe will deploy 1 Ubuntu 22.04 container, 1 Alpine 3.19 container and 3 Ubuntu 18.04 containers. +If you would like to build an arm32 container on an arm64 dockerhost, pass the `build_arm32` variable: + +``` +ansible-playbook -u root -i AdoptOpenJDK_Unix_Playbook +/dockernode.yml -t "deploy" -e "docker_images=u2204 build_arm32=yes" +``` + ## Setting up a new DockerStatic container (manually) If you would like to setup an individual container on one of these machines, follow these instructions: diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Xcode/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Xcode/tasks/main.yml deleted file mode 100644 index 5f390c0983..0000000000 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Xcode/tasks/main.yml +++ /dev/null @@ -1,115 +0,0 @@ -# If xcversion install hangs, you might need an active UI session. Open VNC and log into the -# machine. Keep the VNC window open as long as the installation is running. -# -# We install the full Xcode on all machine types so that we can use test machines for notarization. -# -# List of available versions: $ xcversion list -# See https://xcodereleases.com for an Xcode support matrix. ---- -- name: Check if Apple ID variables are defined - set_fact: - apple_variables: yes - when: - - Apple_ID_User is defined - - Apple_ID_Password is defined - - FASTLANE_SESSION is defined - -- name: Display Information when apple_variables is not defined - debug: - msg: "Apple ID variables are not defined. Xcode will need to be installed manually. - Ensure that Apple_ID_User, Apple_ID_Password and FASTLANE_SESSION are defined. Skipping Xcode installation" - when: apple_variables is not defined - -- name: Set Mac homebrew path (x64) - set_fact: - homebrew_path: /usr/local/bin - when: ansible_architecture == "x86_64" - -- name: Set Mac homebrew path (Arm64) - set_fact: - homebrew_path: /opt/homebrew/bin - when: ansible_architecture == "arm64" - -- name: Install Xcode - when: apple_variables is defined - block: - - name: Ensure Ruby is installed for xcode-install - become: yes - become_user: "{{ ansible_user }}" - homebrew: - name: ruby@2.7 # no 3.0 yet for fastlane (https://github.com/fastlane/fastlane/issues/17931) - state: present - path: "{{ homebrew_path }}" - - - name: Configure Bash profile extension for Ruby - become: yes - copy: - content: | - if [ -d "/usr/local/opt/ruby@2.7/bin" ]; then - export PATH=/usr/local/opt/ruby@2.7/bin:$PATH - export PATH=`gem environment gemdir`/bin:$PATH - fi - dest: /etc/profile.d/ruby - owner: root - group: wheel - - - name: Reset SSH connection to ensure that shell/profile changes take effect - shell: sleep 1; pkill -u {{ ansible_ssh_user }} sshd - async: 3 - poll: 2 - - - name: Ensure xcode-install and its dependencies are installed - become: yes # for system-wide installation - gem: - name: "{{ item }}" - state: latest - user_install: no - environment: - PATH: /usr/local/opt/ruby@2.7/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin - loop: - - fastlane # explicitly list fastlane to get latest version - - xcode-install - - - name: Set xcversion location for x86_64 - set_fact: - xcversion: /usr/local/lib/ruby/gems/2.7.0/bin/xcversion - when: - - ansible_architecture == "x86_64" - - - name: Set xcversion location for arm64 - set_fact: - xcversion: xcversion - when: - - ansible_architecture == "arm64" - - # On ARM, we can use 12.x because compiling on ARM requires at least Xcode 12. - - name: Install Xcode on Apple Silicon Macs - shell: "{{ xcversion }} install 12.4 --retry-download-count=10" - when: ansible_architecture == "arm64" - environment: - XCODE_INSTALL_USER: "{{ Apple_ID_User }}" - XCODE_INSTALL_PASSWORD: "{{ Apple_ID_Password }}" - FASTLANE_SESSION: "{{ FASTLANE_SESSION }}" - FASTLANE_DONT_STORE_PASSWORD: "1" - - # 10.x is our default version on Intel. It requires 10.14.3+. As a consequence, some test machines - # with older macOS won't have Xcode installed. - - name: Install Xcode on Intel Macs - shell: "{{ xcversion }} install 10.3 --retry-download-count=10" - when: ansible_architecture == "x86_64" and ansible_distribution_version is version('10.14.3', operator='>=') - environment: - XCODE_INSTALL_USER: "{{ Apple_ID_User }}" - XCODE_INSTALL_PASSWORD: "{{ Apple_ID_Password }}" - FASTLANE_SESSION: "{{ FASTLANE_SESSION }}" - FASTLANE_DONT_STORE_PASSWORD: "1" - - - name: Cleanup Xcode installation files - shell: "{{ xcversion }} cleanup" - environment: - XCODE_INSTALL_USER: "{{ Apple_ID_User }}" - XCODE_INSTALL_PASSWORD: "{{ Apple_ID_Password }}" - FASTLANE_SESSION: "{{ FASTLANE_SESSION }}" - FASTLANE_DONT_STORE_PASSWORD: "1" - - - name: Set Xcode switch path to "/Applications/Xcode.app" - shell: sudo xcode-select --switch "/Applications/Xcode.app" diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Xcode11/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Xcode11/tasks/main.yml index 4fdb4d88ef..81d0bb1edd 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Xcode11/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Xcode11/tasks/main.yml @@ -11,17 +11,17 @@ - name: Check if SAS variable is defined set_fact: apple_variables: yes - when: not xcode11_installed.stat.exists and vars['XCode11.7_SAS_TOKEN'] is defined + when: not xcode11_installed.stat.exists and vars['XCode11_7_SAS_TOKEN'] is defined -- name: Display Information when XCode11.7_SAS_TOKEN is not defined +- name: Display Information when XCode11_7_SAS_TOKEN is not defined debug: - msg: "XCode11.7_SAS_TOKEN is not defined. Xcode will need to be installed manually. + msg: "XCode11_7_SAS_TOKEN is not defined. Xcode will need to be installed manually. Skipping Xcode installation" when: not xcode11_installed.stat.exists and apple_variables is not defined - name: Download XCode 11.7 from Azure blob storage get_url: - url: "https://ansiblestorageadopt.blob.core.windows.net/xcode11-7/Xcode_11.7.xip?{{ XCode11.7_SAS_TOKEN }}" + url: "https://ansiblestorageadopt.blob.core.windows.net/xcode11-7/Xcode_11.7.xip?{{ XCode11_7_SAS_TOKEN }}" dest: /tmp/Xcode_11.7.xip mode: 0755 when: not xcode11_installed.stat.exists and apple_variables is defined @@ -42,6 +42,17 @@ dest: /Applications/Xcode-11.7.app/ remote_src: true + - name: Install Rosetta 2 + command: /usr/sbin/softwareupdate --install-rosetta --agree-to-license + tags: + - rosetta + + - name: Select Xcode11.7 as the default Xcode + shell: sudo xcode-select --switch /Applications/Xcode-11.7.app + + - name: Accept Xcode license + shell: arch -x86_64 sudo xcodebuild -license accept + - name: Clean up Xcode11.7.xip file file: path: /tmp/Xcode_11.7.xip diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Xcode15/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Xcode15/tasks/main.yml new file mode 100644 index 0000000000..41d82cc5d7 --- /dev/null +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Xcode15/tasks/main.yml @@ -0,0 +1,59 @@ +--- +# Xcode 15.0.1 is needed to build JDK 17+ +# Xcode 15.0.1 can be downloaded from https://developer.apple.com/download/all after authentication with apple ID and password +# See https://github.com/adoptium/infrastructure/issues/2536#issuecomment-1708716478 + +- name: Check if Xcode15.0.1 is installed + stat: + path: /Applications/Xcode.app + register: xcode15_installed + +- name: Check if SAS variable is defined + set_fact: + apple_variables: yes + when: not xcode15_installed.stat.exists and XCode15_0_1_SAS_TOKEN is defined + +- name: Display Information when XCode15_0_1_SAS_TOKEN is not defined + debug: + msg: "XCode15_0_1_SAS_TOKEN is not defined. Xcode will need to be installed manually. + Skipping Xcode installation" + when: not xcode15_installed.stat.exists and apple_variables is not defined + +- name: Install Xcode15.0.1 + when: not xcode15_installed.stat.exists and apple_variables is defined + block: + - name: Check for /tmp/Xcode_15.0.1.xip + stat: + path: /tmp/Xcode_15.0.1.xip + register: xcode15_0_1_xip + + # Stored in Azure Blob Storage (SAS URL set to expire in 2033) + - name: Download XCode 15.0.1 from Azure blob storage + when: not xcode15_0_1_xip.stat.exists + get_url: + url: "https://ansiblestorageadopt.blob.core.windows.net/xcode-15-0-1/Xcode_15.0.1.xip?{{ XCode15_0_1_SAS_TOKEN }}" + dest: /tmp/Xcode_15.0.1.xip + mode: 0755 + + - name: Extract Xcode15.0.1 + shell: xip -x /tmp/Xcode_15.0.1.xip + args: + chdir: /tmp + creates: /tmp/Xcode.app + + - name: Move Xcode15.0.1 to /Applications directory + copy: + src: /tmp/Xcode.app + dest: /Applications/Xcode.app/ + remote_src: true + + - name: Select Xcode15.0.1 as the default Xcode + shell: sudo xcode-select --switch /Applications/Xcode.app + + - name: Accept Xcode license + shell: arch -x86_64 sudo xcodebuild -license accept + + - name: Clean up Xcode15.0.1.xip file + file: + path: /tmp/Xcode_15.0.1.xip + state: absent diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/ant/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/ant/tasks/main.yml index cca5d09dd5..30322a1e69 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/ant/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/ant/tasks/main.yml @@ -49,10 +49,11 @@ tags: ant - name: Extract ant + become: true unarchive: src: /tmp/apache-ant-1.10.5-bin.zip dest: /usr/local - copy: False + copy: false when: - ant_installed.rc != 0 tags: ant @@ -66,6 +67,7 @@ tags: ant - name: Create /usr/local/bin/ant symlink + become: true file: src: /usr/local/apache-ant-1.10.5/bin/ant dest: /usr/local/bin/ant diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/ccache/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/ccache/tasks/main.yml index b92d15e671..a5b8284953 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/ccache/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/ccache/tasks/main.yml @@ -16,7 +16,6 @@ - name: Download ccache.tar.gz command: wget -O /tmp/ccache.tar.gz https://github.com/ccache/ccache/releases/download/v{{ ccacheVersion }}/ccache-{{ ccacheVersion }}.tar.gz - warn=False when: ccache_status.rc != 0 tags: ccache diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml index e12470d7cf..522eb6ffa7 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml @@ -1,4 +1,19 @@ --- + +- name: Set docker build command + set_fact: + docker_build_command: "docker build" + docker_run_command: "docker run" + arm32_suffix: "" + +- name: Set docker buildx command if building arm32 container + set_fact: + docker_build_command: "docker buildx build --platform linux/v7/arm" + arm32_suffix: ".ARM32" + ansible_architecture: arm + docker_run_command: "docker run --platform linux/v7/arm" + when: build_arm32 is defined and build_arm32 == "yes" + # Dockerfiles are transferred from the controller node onto the dockerhost to be used to build and run docker containers - name: Transfer dockerfile copy: @@ -19,8 +34,8 @@ regexp: "Jenkins_User_SSHKey" replace: "{{ Jenkins_User_SSHKey }}" -- name: Build {{ docker_image }} docker images - command: docker build --cpu-period=100000 --cpu-quota=800000 -t aqa_{{ docker_image }} --memory=6G -f /tmp/Dockerfile.{{ docker_image }} /tmp/ +- name: Build {{ docker_image }} docker images {{ docker_build_command }} + command: "{{ docker_build_command }} --cpu-period=100000 --cpu-quota=800000 -t aqa_{{ docker_image }}{{ arm32_suffix }} --memory=6G -f /tmp/Dockerfile.{{ docker_image }} /tmp/" # Finds the highest port number already assigned and +1 - name: Find available port @@ -38,4 +53,4 @@ when: not (docker_port_output.stdout == "") - name: Run {{ docker_image }} docker container - command: docker run --restart unless-stopped -p {{ docker_port }}:22 --cpuset-cpus="0-3" --memory=6G --detach --name {{ docker_image | upper }}.{{ docker_port }} aqa_{{ docker_image }} + command: "{{ docker_run_command }} --restart unless-stopped -p {{ docker_port }}:22 --cpuset-cpus='0-3' --memory=6G --detach --name {{ docker_image | upper }}.{{ docker_port }}{{ arm32_suffix }} aqa_{{ docker_image }}{{ arm32_suffix }}" diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/jckservices_iptables/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/jckservices_iptables/tasks/main.yml index 5e3e117dd8..a1e3533150 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/jckservices_iptables/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/jckservices_iptables/tasks/main.yml @@ -76,6 +76,7 @@ - 62.210.163.106 # jck-scaleway-ubuntu2310-riscv64-2 - 20.234.51.61 # jck-azure-ubuntu2204-x64-1 - 172.178.96.199 # jck-ubuntu-2204-solaris10 + - 62.210.163.131 # jck-rise-ubuntu2404-risc64-1 - name: Setup iptables iptables: diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/maven/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/maven/tasks/main.yml index 737a678854..79730b7e5e 100644 --- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/maven/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/maven/tasks/main.yml @@ -31,6 +31,7 @@ tags: maven - name: Extract Apache Maven v3.6.3 + become: true unarchive: src: /tmp/apache-maven-3.6.3-bin.tar.gz dest: /usr/local @@ -39,6 +40,7 @@ tags: maven - name: Create Symlink, Add Maven to PATH + become: true file: src: /usr/local/apache-maven-3.6.3/bin/mvn dest: /usr/local/bin/mvn diff --git a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/MSVS_2022/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/MSVS_2022/tasks/main.yml index 2b9278a66d..52ae7f602f 100644 --- a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/MSVS_2022/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/MSVS_2022/tasks/main.yml @@ -94,7 +94,7 @@ - name: Download Visual Studio Community 2022 win_get_url: url: 'https://aka.ms/vs/17/release/vs_Community.exe' - checksum: 25ce0b366052fdd7eabe151b96c1c781c75e26cb228c9acda71cfe20d1415176 + checksum: 5d75942b56df540a0325e764e7eb46498ec12e15b73adea05d8aa58d323efd90 checksum_algorithm: sha256 dest: 'C:\temp\vs_community22.exe' force: no diff --git a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/NVidia_Cuda_Toolkit/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/NVidia_Cuda_Toolkit/tasks/main.yml index bfb571622e..30f3101ae9 100644 --- a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/NVidia_Cuda_Toolkit/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/NVidia_Cuda_Toolkit/tasks/main.yml @@ -2,9 +2,9 @@ ####################### # NVidia Cuda Toolkit # ####################### -- name: Check if NVidia CUDA toolkit is aready installed +- name: Check if NVidia CUDA toolkit is already installed win_stat: - path: 'C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v9.0' + path: 'C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v9.1' register: cuda_installed tags: NVidia_Cuda_Toolkit @@ -39,7 +39,7 @@ tags: NVidia_Cuda_Toolkit - name: Install NVidia CUDA toolkit - Windows 10 - win_shell: C:\temp\cuda_9.1.85_win10_network.exe -s compiler_9.1 nvml_dev_9.1 + win_shell: C:\temp\cuda_9.1.85_win10_network.exe -s nvcc_9.1 nvml_dev_9.1 when: (not cuda_installed.stat.exists and ansible_distribution_major_version == "10") tags: NVidia_Cuda_Toolkit diff --git a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/WiX/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/WiX/tasks/main.yml index d638610305..2b09eff7c9 100644 --- a/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/WiX/tasks/main.yml +++ b/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/WiX/tasks/main.yml @@ -13,11 +13,38 @@ register: wix_installed tags: Wix +- name: Test if DotNet SDK is already installed + win_stat: + path: 'C:\\Program Files\dotnet\dotnet.exe' + register: dotnet_installed + tags: Wix + +- name: Download .NET Installer + win_get_url: + url: https://download.visualstudio.microsoft.com/download/pr/b6f19ef3-52ca-40b1-b78b-0712d3c8bf4d/426bd0d376479d551ce4d5ac0ecf63a5/dotnet-sdk-8.0.302-win-x64.exe + dest: 'C:\temp\dotnet-install.exe' + checksum: bc6019e0192edd180ca7b299a16b95327941b0b53806cdb125be194aea12492d + checksum_algorithm: sha256 + when: (not dotnet_installed.stat.exists) + tags: Wix + +- name: Install .NET SDK If dotnet not installed + raw: C:\temp\dotnet-install.exe /quiet + when: (not dotnet_installed.stat.exists) + tags: Wix + +- name: Test if WiX is already installed + win_stat: + path: 'C:\\Users\{{ Jenkins_Username }}\.dotnet/tools/wix' + register: wix_installed + tags: Wix + - name: Test WiX version # generates an output like 5.0.0+41e11442 win_shell: wix --version register: installed_wix_version become_user: "{{ Jenkins_Username }}" + become_method: ansible.builtin.runas become: true when: wix_installed.stat.exists tags: Wix @@ -25,6 +52,13 @@ - name: Install Wix Toolset when not installed or version is not correct win_shell: dotnet tool install --global wix --version {{ wix_version }} become_user: "{{ Jenkins_Username }}" + become_method: ansible.builtin.runas become: true when: (not wix_installed.stat.exists) or (installed_wix_version.stdout.find(wix_version) == -1) tags: Wix + +- name: Delete downloaded .NET installer + win_file: + path: 'C:\temp\dotnet-install.exe' + state: absent + tags: Wix