From 3c64673cbad26731ef83af763306b80e979d606d Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Sat, 18 Jul 2020 14:42:49 -0700 Subject: [PATCH 1/4] Refactor Windows image directories Following updates to the docker-agent image, I have made similar changes here. I also added a test to catch password expiry issues from occurring again. --- 11/{ => windows}/nanoserver-1809/Dockerfile | 0 .../windowsservercore-1809/Dockerfile | 0 8/{ => windows}/nanoserver-1809/Dockerfile | 0 .../windowsservercore-1809/Dockerfile | 0 make.ps1 | 51 ++++++++++--------- tests/jnlpAgent.Tests.ps1 | 30 +++++++++-- tests/test_helpers.psm1 | 9 ++-- 7 files changed, 60 insertions(+), 30 deletions(-) rename 11/{ => windows}/nanoserver-1809/Dockerfile (100%) rename 11/{ => windows}/windowsservercore-1809/Dockerfile (100%) rename 8/{ => windows}/nanoserver-1809/Dockerfile (100%) rename 8/{ => windows}/windowsservercore-1809/Dockerfile (100%) diff --git a/11/nanoserver-1809/Dockerfile b/11/windows/nanoserver-1809/Dockerfile similarity index 100% rename from 11/nanoserver-1809/Dockerfile rename to 11/windows/nanoserver-1809/Dockerfile diff --git a/11/windowsservercore-1809/Dockerfile b/11/windows/windowsservercore-1809/Dockerfile similarity index 100% rename from 11/windowsservercore-1809/Dockerfile rename to 11/windows/windowsservercore-1809/Dockerfile diff --git a/8/nanoserver-1809/Dockerfile b/8/windows/nanoserver-1809/Dockerfile similarity index 100% rename from 8/nanoserver-1809/Dockerfile rename to 8/windows/nanoserver-1809/Dockerfile diff --git a/8/windowsservercore-1809/Dockerfile b/8/windows/windowsservercore-1809/Dockerfile similarity index 100% rename from 8/windowsservercore-1809/Dockerfile rename to 8/windows/windowsservercore-1809/Dockerfile diff --git a/make.ps1 b/make.ps1 index 415200f2..58116258 100644 --- a/make.ps1 +++ b/make.ps1 @@ -5,6 +5,7 @@ Param( [String] $AdditionalArgs = '', [String] $Build = '', [String] $VersionTag = '4.3-8', + [String] $DockerAgentVersion = '4.3-6', [switch] $PushVersions = $false ) @@ -19,30 +20,34 @@ if(![String]::IsNullOrWhiteSpace($env:DOCKERHUB_ORGANISATION)) { $Organization = $env:DOCKERHUB_ORGANISATION } -$builds = @{ - 'jdk8' = @{ - 'Folder' = '8\windowsservercore-1809'; - 'Tags' = @( "windowsservercore-1809", "jdk8-windowsservercore-1809" ); - }; - 'jdk11' = @{ - 'Folder' = '11\windowsservercore-1809'; - 'Tags' = @( "jdk11-windowsservercore-1809" ); - }; - 'nanoserver' = @{ - 'Folder' = '8\nanoserver-1809'; - 'Tags' = @( "nanoserver-1809", "jdk8-nanoserver-1809" ); - }; - 'nanoserver-jdk11' = @{ - 'Folder' = '11\nanoserver-1809'; - 'Tags' = @( "jdk11-nanoserver-1809" ); - }; +# this is the jdk version that will be used for the 'bare tag' images, e.g., jdk8-windowsservercore-1809 -> windowsserver-1809 +$defaultBuild = '8' +$builds = @{} + +Get-ChildItem -Recurse -Include windows -Directory | ForEach-Object { + Get-ChildItem -Directory -Path $_ | Where-Object { Test-Path (Join-Path $_.FullName "Dockerfile") } | ForEach-Object { + $dir = $_.FullName.Replace((Get-Location), "").TrimStart("\") + $items = $dir.Split("\") + $jdkVersion = $items[0] + $baseImage = $items[2] + $basicTag = "jdk${jdkVersion}-${baseImage}" + $tags = @( $basicTag ) + if($jdkVersion -eq $defaultBuild) { + $tags += $baseImage + } + + $builds[$basicTag] = @{ + 'Folder' = $dir; + 'Tags' = $tags; + } + } } if(![System.String]::IsNullOrWhiteSpace($Build) -and $builds.ContainsKey($Build)) { foreach($tag in $builds[$Build]['Tags']) { Copy-Item -Path 'jenkins-agent.ps1' -Destination (Join-Path $builds[$Build]['Folder'] 'jenkins-agent.ps1') -Force Write-Host "Building $Build => tag=$tag" - $cmd = "docker build -t {0}/{1}:{2} {3} {4}" -f $Organization, $Repository, $tag, $AdditionalArgs, $builds[$Build]['Folder'] + $cmd = "docker build --build-arg 'VERSION={0}' -t {1}/{2}:{3} {4} {5}" -f $DockerAgentVersion, $Organization, $Repository, $tag, $AdditionalArgs, $builds[$Build]['Folder'] Invoke-Expression $cmd if($PushVersions) { @@ -51,7 +56,7 @@ if(![System.String]::IsNullOrWhiteSpace($Build) -and $builds.ContainsKey($Build) $buildTag = "$VersionTag" } Write-Host "Building $Build => tag=$buildTag" - $cmd = "docker build -t {0}/{1}:{2} {3} {4}" -f $Organization, $Repository, $buildTag, $AdditionalArgs, $builds[$Build]['Folder'] + $cmd = "docker build --build-arg 'VERSION={0}' -t {1}/{2}:{3} {4} {5}" -f $DockerAgentVersion, $Organization, $Repository, $buildTag, $AdditionalArgs, $builds[$Build]['Folder'] Invoke-Expression $cmd } } @@ -60,7 +65,7 @@ if(![System.String]::IsNullOrWhiteSpace($Build) -and $builds.ContainsKey($Build) Copy-Item -Path 'jenkins-agent.ps1' -Destination (Join-Path $builds[$b]['Folder'] 'jenkins-agent.ps1') -Force foreach($tag in $builds[$b]['Tags']) { Write-Host "Building $b => tag=$tag" - $cmd = "docker build -t {0}/{1}:{2} {3} {4}" -f $Organization, $Repository, $tag, $AdditionalArgs, $builds[$b]['Folder'] + $cmd = "docker build --build-arg 'VERSION={0}' -t {1}/{2}:{3} {4} {5}" -f $DockerAgentVersion, $Organization, $Repository, $tag, $AdditionalArgs, $builds[$b]['Folder'] Invoke-Expression $cmd if($PushVersions) { @@ -69,7 +74,7 @@ if(![System.String]::IsNullOrWhiteSpace($Build) -and $builds.ContainsKey($Build) $buildTag = "$VersionTag" } Write-Host "Building $Build => tag=$buildTag" - $cmd = "docker build -t {0}/{1}:{2} {3} {4}" -f $Organization, $Repository, $buildTag, $AdditionalArgs, $builds[$b]['Folder'] + $cmd = "docker build --build-arg 'VERSION={0}' -t {1}/{2}:{3} {4} {5}" -f $DockerAgentVersion, $Organization, $Repository, $buildTag, $AdditionalArgs, $builds[$b]['Folder'] Invoke-Expression $cmd } } @@ -95,13 +100,13 @@ if($Target -eq "test") { if(![System.String]::IsNullOrWhiteSpace($Build) -and $builds.ContainsKey($Build)) { $env:FOLDER = $builds[$Build]['Folder'] - $env:VERSION = "$RemotingVersion-$BuildNumber" + $env:VERSION = $DockerAgentVersion Invoke-Pester -Path tests -EnableExit Remove-Item env:\FOLDER } else { foreach($b in $builds.Keys) { $env:FOLDER = $builds[$b]['Folder'] - $env:VERSION = "$RemotingVersion-$BuildNumber" + $env:VERSION = $DockerAgentVersion Invoke-Pester -Path tests -EnableExit Remove-Item env:\FOLDER } diff --git a/tests/jnlpAgent.Tests.ps1 b/tests/jnlpAgent.Tests.ps1 index 94b78ee4..8fcf148b 100644 --- a/tests/jnlpAgent.Tests.ps1 +++ b/tests/jnlpAgent.Tests.ps1 @@ -5,6 +5,7 @@ $AGENT_CONTAINER='pester-jenkins-inbound-agent' $SHELL="powershell.exe" $FOLDER = Get-EnvOrDefault 'FOLDER' '' +$VERSION = Get-EnvOrDefault 'VERSION' '4.3-6' $REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${FOLDER}" @@ -16,9 +17,9 @@ if(($FOLDER -match '^(?[0-9]+)[\\/](?.+)$') -and (Test-Path $REAL_F exit 1 } -if($FLAVOR -match "nanoserver") { +if($FLAVOR -match "nanoserver-(\d+)") { $AGENT_IMAGE += "-nanoserver" - $AGENT_CONTAINER += "-nanoserver-1809" + $AGENT_CONTAINER += "-nanoserver-$($Matches[1])" $SHELL = "pwsh.exe" } @@ -41,7 +42,7 @@ Describe "[$JDK $FLAVOR] build image" { } It 'builds image' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build -t $AGENT_IMAGE $FOLDER" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg 'VERSION=$VERSION' -t $AGENT_IMAGE $FOLDER" $exitCode | Should -Be 0 } @@ -50,6 +51,27 @@ Describe "[$JDK $FLAVOR] build image" { } } +Describe "[$JDK $FLAVOR] check user account" { + BeforeAll { + docker run -d -it --name "$AGENT_CONTAINER" -P "$AGENT_IMAGE" "$SHELL" + Is-ContainerRunning $AGENT_CONTAINER + } + + It 'Password never expires' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { exit -1 }`"" + $exitCode | Should -Be 0 + } + + It 'Password not required' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { exit -1 }`"" + $exitCode | Should -Be 0 + } + + AfterAll { + Cleanup($AGENT_CONTAINER) + } +} + Describe "[$JDK $FLAVOR] image has jenkins-agent.ps1 in the correct location" { BeforeAll { & docker run -dit --name "$AGENT_CONTAINER" -P "$AGENT_IMAGE" $SHELL @@ -57,7 +79,7 @@ Describe "[$JDK $FLAVOR] image has jenkins-agent.ps1 in the correct location" { } It 'has jenkins-agent.ps1 in C:/ProgramData/Jenkins' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if(Test-Path C:/ProgramData/Jenkins/jenkins-agent.ps1) { exit 0 } else { exit 1}`"" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if(Test-Path 'C:/ProgramData/Jenkins/jenkins-agent.ps1') { exit 0 } else { exit 1 }`"" $exitCode | Should -Be 0 } diff --git a/tests/test_helpers.psm1 b/tests/test_helpers.psm1 index 8023c562..43ae3063 100644 --- a/tests/test_helpers.psm1 +++ b/tests/test_helpers.psm1 @@ -81,8 +81,8 @@ function CleanupNetwork($name) { } function Is-ContainerRunning($container) { - Start-Sleep -Seconds 5 - return Retry-Command -RetryCount 10 -Delay 2 -ScriptBlock { + Start-Sleep -Seconds 10 + return Retry-Command -RetryCount 10 -Delay 3 -ScriptBlock { $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect -f `"{{.State.Running}}`" $container" if(($exitCode -ne 0) -or (-not $stdout.Contains('true')) ) { throw('Exit code incorrect, or invalid value for running state') @@ -92,7 +92,9 @@ function Is-ContainerRunning($container) { } function Run-Program($cmd, $params, $quiet=$true) { - #Write-Host "cmd = $cmd, params = $params" + if(-not $quiet) { + Write-Host "cmd = $cmd, params = $params" + } $psi = New-Object System.Diagnostics.ProcessStartInfo $psi.CreateNoWindow = $true $psi.UseShellExecute = $false @@ -115,6 +117,7 @@ function Run-Program($cmd, $params, $quiet=$true) { } function BuildNcatImage() { + Write-Host "Building nmap image for testing" $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect --type=image nmap" if($exitCode -ne 0) { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." From 6f7c89577f4f4ef28ed1a0ba8159efe4d43e06d6 Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Tue, 28 Jul 2020 19:54:27 -0700 Subject: [PATCH 2/4] Ignore some windows files --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 50225b34..8e5a600f 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,6 @@ bats-core/ 8/*/jenkins-agent* 11/*/jenkins-agent* + +/**/windows/**/jenkins-agent.ps1 +/.vscode/ From 979e9d7e36d6106fc09b6da9294af3122b211ecc Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Tue, 28 Jul 2020 19:57:33 -0700 Subject: [PATCH 3/4] Update make.ps1 Fix upstream image version --- make.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/make.ps1 b/make.ps1 index 58116258..c6bcda10 100644 --- a/make.ps1 +++ b/make.ps1 @@ -5,7 +5,7 @@ Param( [String] $AdditionalArgs = '', [String] $Build = '', [String] $VersionTag = '4.3-8', - [String] $DockerAgentVersion = '4.3-6', + [String] $DockerAgentVersion = '4.3-7', [switch] $PushVersions = $false ) From a32a82215c2e13ef773644fb7e2e38c79a0910b0 Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Mon, 28 Sep 2020 14:25:11 -0700 Subject: [PATCH 4/4] Rename test file --- tests/{jnlpAgent.Tests.ps1 => inboundAgent.Tests.ps1} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename tests/{jnlpAgent.Tests.ps1 => inboundAgent.Tests.ps1} (100%) diff --git a/tests/jnlpAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 similarity index 100% rename from tests/jnlpAgent.Tests.ps1 rename to tests/inboundAgent.Tests.ps1