adoptium · Haroon-Khel · Feb 15, 2024 · Feb 13, 2024 · Feb 13, 2024 · Feb 13, 2024
diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/dockernode.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/dockernode.yml
@@ -0,0 +1,18 @@
+---
+###############################
+# Adoptium - Ansible Playbook #
+###############################
+# This playbook is used to deploy static docker containers onto dockerhost machines
+# https://github.com/adoptium/infrastructure/issues/3370
+
+- name: Dockernode playbook
+  hosts: all
+  gather_facts: yes
+
+  roles:
+    - role: Debug
+      tags: debug
+    - role: Get_Vendor_Files
+      tags: deploy
+    - role: deploy_container
+      tags: deploy
diff --git a/...ockerStatic/Dockerfiles/Dockerfile.alp311 → ...ockerStatic/Dockerfiles/Dockerfile.alp319 b/...ockerStatic/Dockerfiles/Dockerfile.alp311 → ...ockerStatic/Dockerfiles/Dockerfile.alp319
@@ -1,4 +1,4 @@
-FROM alpine:3.11
+FROM alpine:3.19
 
 RUN apk --update add bash shadow openssh-server openssh-client unzip zip wget git curl make gcc perl xvfb \
         libxrender libxi libxtst procps musl-dev perl-doc alsa-lib libx11 msttcorefonts-installer fontconfig libxext freetype zlib fakeroot gnupg
@@ -11,13 +11,13 @@ RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -P ""
 ## Ensure Fonts Are Updated (Issue https://github.com/adoptium/infrastructure/issues/3039)
 RUN update-ms-fonts
 
-# Get latest jdk17 ga
-RUN wget -q 'https://api.adoptium.net/v3/binary/latest/17/ga/alpine-linux/x64/jdk/hotspot/normal/eclipse?project=jdk' -O /tmp/jdk17.tar.gz
+# Get latest jdk21 ga
+RUN wget -q 'https://api.adoptium.net/v3/binary/latest/21/ga/alpine-linux/x64/jdk/hotspot/normal/eclipse?project=jdk' -O /tmp/jdk21.tar.gz
 RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843C48A565F8F04B
-# Get sig file for latest jdk17 ga
-RUN wget -q `curl -s 'https://api.adoptium.net/v3/assets/feature_releases/17/ga?architecture=x64&heap_size=normal&image_type=jdk&jvm_impl=hotspot&os=alpine-linux&page=0&page_size=1&project=jdk&vendor=eclipse' | grep signature_link | awk '{split($0,a,"\""); print a[4]}'` -O /tmp/jdk17.sig
-RUN gpg --verify /tmp/jdk17.sig /tmp/jdk17.tar.gz
-RUN mkdir -p /usr/lib/jvm/jdk17 && tar -xpzf /tmp/jdk17.tar.gz -C /usr/lib/jvm/jdk17 --strip-components=1
+# Get sig file for latest jdk21 ga
+RUN wget -q `curl -s 'https://api.adoptium.net/v3/assets/feature_releases/21/ga?architecture=x64&heap_size=normal&image_type=jdk&jvm_impl=hotspot&os=alpine-linux&page=0&page_size=1&project=jdk&vendor=eclipse' | grep signature_link | awk '{split($0,a,"\""); print a[4]}'` -O /tmp/jdk21.sig
+RUN gpg --verify /tmp/jdk21.sig /tmp/jdk21.tar.gz
+RUN mkdir -p /usr/lib/jvm/jdk21 && tar -xpzf /tmp/jdk21.tar.gz -C /usr/lib/jvm/jdk21 --strip-components=1
 
 # Install ant and ant-contrib.
 RUN wget -O /tmp/ant.zip 'https://archive.apache.org/dist/ant/binaries/apache-ant-1.10.9-bin.zip'
@@ -39,7 +39,7 @@ RUN chown -R jenkins:jenkins /home/jenkins/.ssh
 RUN chmod -R "g=,o=" /home/jenkins/.ssh
 
 # Remove temporary files.
-RUN rm -rf /tmp/jdk17.tar.gz /tmp/ant* /tmp/ant-contrib* /tmp/jdk17.sig
+RUN rm -rf /tmp/jdk21.tar.gz /tmp/ant* /tmp/ant-contrib* /tmp/jdk21.sig
 
 # Start container with docker run -p 2222:22 UUID.
 CMD ["/usr/sbin/sshd","-D"]

diff --git a/...DockerStatic/Dockerfiles/Dockerfile.deb11 → ...DockerStatic/Dockerfiles/Dockerfile.deb12 b/...DockerStatic/Dockerfiles/Dockerfile.deb11 → ...DockerStatic/Dockerfiles/Dockerfile.deb12
@@ -1,4 +1,4 @@
-FROM debian:bullseye
+FROM debian:12
 # Install Base Requirements
 RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
 RUN apt-get update && apt-get install -y perl openssh-server unzip zip wget apt-utils gnupg curl

diff --git a/...s/DockerStatic/Dockerfiles/Dockerfile.f35 → ...s/DockerStatic/Dockerfiles/Dockerfile.f39 b/...s/DockerStatic/Dockerfiles/Dockerfile.f35 → ...s/DockerStatic/Dockerfiles/Dockerfile.f39
@@ -1,4 +1,4 @@
-FROM fedora:35
+FROM fedora:39
 
 RUN yum -y update && yum install -y perl openssh-server unzip zip wget
 RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -P ""
@@ -30,7 +30,7 @@
 CMD ["/usr/sbin/sshd","-D"]
 RUN yum install -y git curl make gcc xorg-x11-server-Xvfb libXrender libXi libXtst procps glibc-langpack-en fontconfig which hostname fakeroot shared-mime-info
 # Install Packages For openssl
-RUN yum -y update && yum install -y openssl gnutls gnutls-utils libnss3.so nss-devel nss-tools
+RUN yum -y update && yum install -y openssl gnutls gnutls-utils nss-devel nss-tools
 # ENTRYPOINT /usr/lib/jvm/jdk17/bin/java
 EXPOSE 22
 # Start with docker run -p 2222:22 UUID
diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u2310 b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u2310
@@ -0,0 +1,44 @@
+FROM ubuntu:23.10
+
+ENV DEBIAN_FRONTEND=noninteractive
+RUN apt-get update && apt-get install -qq -y perl openssh-server unzip zip gnupg curl
+
+# Get latest jdk17 ga
+RUN wget -q 'https://api.adoptium.net/v3/binary/latest/17/ga/linux/x64/jdk/hotspot/normal/eclipse?project=jdk' -O /tmp/jdk17.tar.gz
+RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843C48A565F8F04B
+# Get sig file for latest jdk17 ga
+RUN wget -q `curl -s 'https://api.adoptium.net/v3/assets/feature_releases/17/ga?architecture=x64&heap_size=normal&image_type=jdk&jvm_impl=hotspot&os=linux&page=0&page_size=1&project=jdk&vendor=eclipse' | grep signature_link | awk '{split($0,a,"\""); print a[4]}'` -O /tmp/jdk17.sig
+RUN gpg --verify /tmp/jdk17.sig /tmp/jdk17.tar.gz
+RUN mkdir -p /usr/lib/jvm/jdk17 && tar -xpzf /tmp/jdk17.tar.gz -C /usr/lib/jvm/jdk17 --strip-components=1
+
+# Install ant
+RUN wget -q -O /tmp/ant.zip 'https://archive.apache.org/dist/ant/binaries/apache-ant-1.10.5-bin.zip'
+RUN wget -q -O /tmp/ant-contrib.tgz  https://sourceforge.net/projects/ant-contrib/files/ant-contrib/ant-contrib-1.0b2/ant-contrib-1.0b2-bin.tar.gz
+RUN echo "2e48f9e429d67708f5690bc307232f08440d01ebe414059292b6543971da9c7cd259c21533b9163b4dd753321c17bd917adf8407d03245a0945fc30a4e633163  /tmp/ant.zip" > /tmp/ant.sha512
+RUN echo "0fd2771dca2b8b014a4cb3246715b32e20ad5d26754186d82eee781507a183d5e63064890b95eb27c091c93c1209528a0b18a6d7e6901899319492a7610e74ad  /tmp/ant-contrib.tgz" >> /tmp/ant.sha512
+RUN sha512sum --check --strict /tmp/ant.sha512
+RUN ln -s /usr/local/apache-ant-1.10.5/bin/ant /usr/bin/ant
+RUN unzip -q -d /usr/local /tmp/ant.zip
+RUN tar xpfz /tmp/ant-contrib.tgz -C /usr/local/apache-ant-1.10.5/lib --strip-components=2 ant-contrib/lib/ant-contrib.jar
+
+# Clear up space
+RUN rm /tmp/jdk17.tar.gz /tmp/ant.zip /tmp/ant-contrib.tgz /tmp/jdk17.sig
+
+# Set up jenkins user
+RUN useradd -m -d /home/jenkins jenkins
+RUN mkdir /home/jenkins/.ssh
+RUN echo "Jenkins_User_SSHKey" > /home/jenkins/.ssh/authorized_keys
+RUN chown -R jenkins /home/jenkins/.ssh
+RUN chmod -R og-rwx /home/jenkins/.ssh
+
+RUN service ssh start
+CMD ["/usr/sbin/sshd","-D"]
+
+RUN apt-get update && apt-get install -qq -y git curl make gcc xvfb libxrender1 libxi6 libxtst6 locales fontconfig fakeroot
+# Install SSL Test packages
+RUN apt-get install -qq -y gnutls-bin libnss3 libnss3-tools libnss3-dev pkg-config
+
+RUN locale-gen en_US.utf8
+
+EXPOSE 22
+# Start with docker run -p 2226:22 UUID
diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml
@@ -0,0 +1,35 @@
+---
+# Dockerfiles are transferred from the controller node onto the dockerhost to be used to build and run docker containers
+- name: Transfer dockerfile
+  copy:
+    src: "roles/DockerStatic/Dockerfiles/Dockerfile.{{ docker_image }}"
+    dest: "/tmp/Dockerfile.{{ docker_image }}"
+
+# For images built on non x86_64 dockerhosts
+- name: Translate architecture in dockerfile
+  replace:
+    dest: /tmp/Dockerfile.{{ docker_image }}
+    regexp: "x64"
+    replace: "{{ ansible_architecture }}"
+  when: ansible_architecture != "x86_64"
+
+- name: Set jenkins authorized_Key in dockerfiles
+  replace:
+    dest: /tmp/Dockerfile.{{ docker_image }}
+    regexp: "Jenkins_User_SSHKey"
+    replace: "{{ Jenkins_User_SSHKey }}"
+
+- name: Build {{ docker_image }} docker images
+  command: docker build --cpu-period=100000 --cpu-quota=800000 -t aqa_{{ docker_image }} --memory=6G -f /tmp/Dockerfile.{{ docker_image }} /tmp/
+
+# Without specifying a port here, docker will give the container a random unused port
+- name: Run {{ docker_image }} docker container
+  command: docker run --restart unless-stopped -p 22 --cpuset-cpus="0-3" --memory=6G --detach --name {{ docker_image | upper }}.PORT aqa_{{ docker_image }}
+
+# Now we want to rename the running container with the port name
+- name: Find assigned port of {{ docker_image }} container
+  shell: docker port {{ docker_image | upper }}.PORT | head -n 1 | cut -d ':' -f 2
+  register: docker_port
+
+- name: Rename {{ docker_image }} container to {{ docker_image | upper }}.{{ docker_port.stdout_lines[0] }}
+  command: docker rename {{ docker_image | upper }}.PORT {{ docker_image | upper }}.{{ docker_port.stdout_lines[0] }}
diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/main.yml
@@ -0,0 +1,25 @@
+---
+# This task verifies the docker_images arguments passed into the playbook
+# Then runs the deploy.yml task to build and run each image on the dockerhost
+- name: Set docker images list variable
+  set_fact:
+    docker_images_list: "{{ docker_images.split(',') | list }}"
+
+- name: Check if dockerfile exists
+  delegate_to: localhost
+  stat:
+    path: "roles/DockerStatic/Dockerfiles/Dockerfile.{{ item }}"
+  loop: "{{ docker_images_list }}"
+  register: dockerfiles_exist
+
+- name: Fail if dockerfile does not exist
+  fail:
+    msg: "{{ item.invocation.module_args.path }} does not exist"
+  when: not item.stat.exists
+  loop: "{{ dockerfiles_exist.results }}"
+
+- name: Run deploy.yml for every docker image
+  include_tasks: deploy.yml
+  loop: "{{ docker_images_list }}"
+  loop_control:
+    loop_var: docker_image