From f598243830f3d6370c00aa3fd1fc6e1c5e1e1377 Mon Sep 17 00:00:00 2001 From: Nicolas De Loof Date: Fri, 28 Aug 2015 10:36:23 +0200 Subject: [PATCH 001/130] initial implementation, mostly inspired by https://github.com/carlossg/jenkins-slave-docker --- README.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 000000000..12f23f05e --- /dev/null +++ b/README.md @@ -0,0 +1,19 @@ +# Jenkins JNLP slave Docker image + +[`jenkinsci/jnlp-slave`](https://hub.docker.com/r/jenkinsci/jnlp-slave/) + +A [Jenkins](https://jenkins-ci.org) slave using JNLP to establish connection. + +See [Jenkins Distributed builds](https://wiki.jenkins-ci.org/display/JENKINS/Distributed+builds) for more info. + +## Running + +To run a Docker container + + docker run jenkinsci/jnlp-slave -url http://jenkins-server:port + +optional environment variables: + +* `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL +* `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this slave host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. + From cec8c0edad22b1ceebba504eaf4b4567f53cab49 Mon Sep 17 00:00:00 2001 From: Chris Henzie Date: Mon, 16 Nov 2015 16:38:33 -0800 Subject: [PATCH 002/130] Adding udpate ECS container agent suggestion to README --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 12f23f05e..76f83378e 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,8 @@ A [Jenkins](https://jenkins-ci.org) slave using JNLP to establish connection. See [Jenkins Distributed builds](https://wiki.jenkins-ci.org/display/JENKINS/Distributed+builds) for more info. +Make sure your ECS container agent is [updated](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) before running. Older versions do not properly handle the entryPoint parameter. See the [entryPoint](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#container_definitions) definition for more information. + ## Running To run a Docker container From b37e78c55a3cea1a5538740a1be9ca4af45325ce Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Fri, 2 Sep 2016 17:55:37 +0200 Subject: [PATCH 003/130] Upgrade remoting to 2.62 and disable JNLP3 protocol by default (#12) * Update remoting to 2.62 * Disable JnlpProtocol3 by default, allow to reenable it --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 76f83378e..48270d0a9 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,12 @@ See [Jenkins Distributed builds](https://wiki.jenkins-ci.org/display/JENKINS/Dis Make sure your ECS container agent is [updated](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) before running. Older versions do not properly handle the entryPoint parameter. See the [entryPoint](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#container_definitions) definition for more information. +## Configuration specifics + +By default, JnlpProtocol3 is disabled due to the known stability and scalability issues. +You can enable this protocol on your own risk using the +JNLP_PROTOCOL_OPTS=-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=false property. + ## Running To run a Docker container From 2ec748cc345d885d49fffa8174c546601ca261fb Mon Sep 17 00:00:00 2001 From: Carlos Sanchez Date: Wed, 22 Feb 2017 10:22:00 +0100 Subject: [PATCH 004/130] Rename JENKINS_NAME to JENKINS_AGENT_NAME --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 48270d0a9..41308675f 100644 --- a/README.md +++ b/README.md @@ -24,4 +24,5 @@ optional environment variables: * `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL * `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this slave host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. - +* `JENKINS_SECRET`: agent secret, if not set as an argument +* `JENKINS_AGENT_NAME`: agent name, if not set as an argument From 542c469f333de0a085b61f9cabde25ce9189b23d Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Wed, 15 Mar 2017 11:17:43 +0100 Subject: [PATCH 005/130] Update the description, use Agents instead of Slaves where possible --- README.md | 36 ++++++++++++++++++++++++------------ 1 file changed, 24 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 48270d0a9..72beceb5c 100644 --- a/README.md +++ b/README.md @@ -1,27 +1,39 @@ -# Jenkins JNLP slave Docker image +# Jenkins JNLP Agent Docker image -[`jenkinsci/jnlp-slave`](https://hub.docker.com/r/jenkinsci/jnlp-slave/) +[![Docker Stars](https://img.shields.io/docker/stars/jenkinsci/jnlp-slave.svg)](https://hub.docker.com/r/jenkinsci/jnlp-slave/) +[![Docker Pulls](https://img.shields.io/docker/pulls/jenkinsci/jnlp-slave.svg)](https://hub.docker.com/r/jenkinsci/jnlp-slave/) +[![Docker Automated build](https://img.shields.io/docker/automated/jenkinsci/jnlp-slave.svg)](https://hub.docker.com/r/jenkinsci/jnlp-slave/) -A [Jenkins](https://jenkins-ci.org) slave using JNLP to establish connection. +This is an image for [Jenkins](https://jenkins.io) agent (FKA "slave") using JNLP to establish connection. +This agent is powered by the [Jenkins Remoting library](https://github.com/jenkinsci/remoting), which version is being taken from the base [Docker Agent](https://github.com/jenkinsci/docker-slave/) image. See [Jenkins Distributed builds](https://wiki.jenkins-ci.org/display/JENKINS/Distributed+builds) for more info. -Make sure your ECS container agent is [updated](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) before running. Older versions do not properly handle the entryPoint parameter. See the [entryPoint](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#container_definitions) definition for more information. +## Running + +To run a Docker container + + docker run jenkinsci/jnlp-slave -url http://jenkins-server:port + +Optional environment variables: + +* `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL +* `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this agent host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. ## Configuration specifics -By default, JnlpProtocol3 is disabled due to the known stability and scalability issues. +### Enabled JNLP protocols + +By default, the [JNLP3-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp3-connect) is disabled due to the known stability and scalability issues. You can enable this protocol on your own risk using the -JNLP_PROTOCOL_OPTS=-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=false property. +`JNLP_PROTOCOL_OPTS=-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=false` property (the protocol should be enabled on the master side as well). -## Running +In Jenkins versions starting from `2.27` there is a [JNLP4-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp4-connect) protocol. +If you use Jenkins `2.32.x LTS`, it is recommended to enable the protocol on your instance. -To run a Docker container +### Amazon ECS - docker run jenkinsci/jnlp-slave -url http://jenkins-server:port +Make sure your ECS container agent is [updated](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) before running. Older versions do not properly handle the entryPoint parameter. See the [entryPoint](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#container_definitions) definition for more information. -optional environment variables: -* `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL -* `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this slave host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. From 6dd9686285a6bdad20fb758af67e06be0c28d06b Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Fri, 17 Mar 2017 08:08:34 +0100 Subject: [PATCH 006/130] REadme: Fix typo noticed by @jglick --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d411713f4..d335b91d6 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ Optional environment variables: ### Enabled JNLP protocols By default, the [JNLP3-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp3-connect) is disabled due to the known stability and scalability issues. -You can enable this protocol on your own risk using the +You can enable this protocol at your own risk using the `JNLP_PROTOCOL_OPTS=-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=false` property (the protocol should be enabled on the master side as well). In Jenkins versions starting from `2.27` there is a [JNLP4-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp4-connect) protocol. From f603b13d7938546692a279727cae9c78d47391a7 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Fri, 4 Aug 2017 23:11:39 +0200 Subject: [PATCH 007/130] [JENKINS-44114] - Add the WorkDir option example --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index d411713f4..20aba3ebf 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,10 @@ To run a Docker container docker run jenkinsci/jnlp-slave -url http://jenkins-server:port +To run a Docker container with [Work Directory](https://github.com/jenkinsci/remoting/blob/master/docs/workDir.md): + + docker run jenkinsci/jnlp-slave -url http://jenkins-server:port -workDir=/home/jenkins/agent + Optional environment variables: * `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL From 10d856a0f853d255c48ab36f714e8b529b887279 Mon Sep 17 00:00:00 2001 From: Giannicola Olivadoti Date: Tue, 12 Sep 2017 17:53:23 +0200 Subject: [PATCH 008/130] Document new env variable JENKINS_AGENT_WORKDIR --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 20aba3ebf..c3b9f01f5 100644 --- a/README.md +++ b/README.md @@ -25,6 +25,7 @@ Optional environment variables: * `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this agent host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. * `JENKINS_SECRET`: agent secret, if not set as an argument * `JENKINS_AGENT_NAME`: agent name, if not set as an argument +* `JENKINS_AGENT_WORKDIR`: agent work directory, if not set by optional parameter `-workDir` ## Configuration specifics From f9b762a276f1ffb7475f7a5b954c1afdb05ea1ec Mon Sep 17 00:00:00 2001 From: Carlos Sanchez Date: Fri, 8 Dec 2017 08:19:38 -0600 Subject: [PATCH 009/130] Update jenkinsci/jnlp-slave -> jenkins/jnlp-slave --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 20aba3ebf..7ad7efde9 100644 --- a/README.md +++ b/README.md @@ -13,11 +13,11 @@ See [Jenkins Distributed builds](https://wiki.jenkins-ci.org/display/JENKINS/Dis To run a Docker container - docker run jenkinsci/jnlp-slave -url http://jenkins-server:port + docker run jenkins/jnlp-slave -url http://jenkins-server:port To run a Docker container with [Work Directory](https://github.com/jenkinsci/remoting/blob/master/docs/workDir.md): - docker run jenkinsci/jnlp-slave -url http://jenkins-server:port -workDir=/home/jenkins/agent + docker run jenkins/jnlp-slave -url http://jenkins-server:port -workDir=/home/jenkins/agent Optional environment variables: From 9d4b7e86fec0d7aa5214655d71a14d0c366a5598 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Fri, 22 Dec 2017 16:22:12 +0100 Subject: [PATCH 010/130] Update Remoting to 3.15 + fix documentation --- README.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 7ad7efde9..dbb8c8343 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,11 @@ # Jenkins JNLP Agent Docker image -[![Docker Stars](https://img.shields.io/docker/stars/jenkinsci/jnlp-slave.svg)](https://hub.docker.com/r/jenkinsci/jnlp-slave/) -[![Docker Pulls](https://img.shields.io/docker/pulls/jenkinsci/jnlp-slave.svg)](https://hub.docker.com/r/jenkinsci/jnlp-slave/) -[![Docker Automated build](https://img.shields.io/docker/automated/jenkinsci/jnlp-slave.svg)](https://hub.docker.com/r/jenkinsci/jnlp-slave/) +[![Docker Stars](https://img.shields.io/docker/stars/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) +[![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) +[![Docker Automated build](https://img.shields.io/docker/automated/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) + +:exclamation: **Warning!** This image used to be published as [jenkinsci/jnlp-slave/](https://hub.docker.com/r/jenkinsci/jnlp-slave/). +This release destination is deprecated. This is an image for [Jenkins](https://jenkins.io) agent (FKA "slave") using JNLP to establish connection. This agent is powered by the [Jenkins Remoting library](https://github.com/jenkinsci/remoting), which version is being taken from the base [Docker Agent](https://github.com/jenkinsci/docker-slave/) image. From d5900ba54abd86489936233406dab3bfd7fac3c5 Mon Sep 17 00:00:00 2001 From: Carlos Sanchez Date: Tue, 30 Jan 2018 10:22:10 +0100 Subject: [PATCH 011/130] Fix #57 Clarify image name deprecation --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 883e55a36..42e513c16 100644 --- a/README.md +++ b/README.md @@ -4,8 +4,8 @@ [![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) [![Docker Automated build](https://img.shields.io/docker/automated/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) -:exclamation: **Warning!** This image used to be published as [jenkinsci/jnlp-slave/](https://hub.docker.com/r/jenkinsci/jnlp-slave/). -This release destination is deprecated. +:exclamation: **Warning!** This image used to be published as [jenkinsci/jnlp-slave](https://hub.docker.com/r/jenkinsci/jnlp-slave/). +That image name is deprecated, use [jenkins/jnlp-slave](https://hub.docker.com/r/jenkins/jnlp-slave/). This is an image for [Jenkins](https://jenkins.io) agent (FKA "slave") using JNLP to establish connection. This agent is powered by the [Jenkins Remoting library](https://github.com/jenkinsci/remoting), which version is being taken from the base [Docker Agent](https://github.com/jenkinsci/docker-slave/) image. From c6490e3f35767ea3f7270f6afa330c8fbc92bb68 Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Sat, 13 Jul 2019 06:58:05 -0700 Subject: [PATCH 012/130] Initial Windows agent support This will require the PR for https://github.com/jenkinsci/docker-slave to be merged and pushed to docker hub. --- README.md | 14 +++++- jenkins-agent.ps1 | 118 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 131 insertions(+), 1 deletion(-) create mode 100644 jenkins-agent.ps1 diff --git a/README.md b/README.md index 42e513c16..7318b456a 100644 --- a/README.md +++ b/README.md @@ -16,11 +16,23 @@ See [Jenkins Distributed builds](https://wiki.jenkins-ci.org/display/JENKINS/Dis To run a Docker container + Linux agent: + docker run jenkins/jnlp-slave -url http://jenkins-server:port -To run a Docker container with [Work Directory](https://github.com/jenkinsci/remoting/blob/master/docs/workDir.md): + Windows agent: + + docker run jenkins/jnlp-agent:latest-windows -Url http://jenkins-server:port -Secret -Name + +To run a Docker container with [Work Directory](https://github.com/jenkinsci/remoting/blob/master/docs/workDir.md) + + Linux agent: docker run jenkins/jnlp-slave -url http://jenkins-server:port -workDir=/home/jenkins/agent + + Windows agent: + + docker run jenkins/jnlp-agent-windows -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name Optional environment variables: diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 new file mode 100644 index 000000000..43d43833c --- /dev/null +++ b/jenkins-agent.ps1 @@ -0,0 +1,118 @@ +# The MIT License +# +# Copyright (c) 2019, Alex Earl +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +# THE SOFTWARE. + +[CmdletBinding()] +Param( + $Cmd = '', # this is only used when docker run has one arg positional arg + $Url = '', + $Secret = '', + $Name = '', + $Tunnel = '', + $WorkDir = 'C:/Users/jenkins/Agent', + $JavaHome = $env:JAVA_HOME +) + +# Usage jenkins-slave.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] +# Optional environment variables : +# * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network +# * JENKINS_URL : alternate jenkins URL +# * JENKINS_SECRET : agent secret, if not set as an argument +# * JENKINS_AGENT_NAME : agent name, if not set as an argument +# * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir + +if(![System.String]::IsNullOrWhiteSpace($Cmd)) { + # if `docker run` only has one arguments, we assume user is running alternate command like `bash` to inspect the image + Invoke-Expression "$Cmd" +} else { + # if -Tunnel is not provided, try env vars + if(![System.String]::IsNullOrWhiteSpace($env:JENKINS_TUNNEL)) { + if(![System.String]::IsNullOrWhiteSpace($Tunnel)) { + Write-Warning "Tunnel is defined twice; in command-line arguments and the environment variable" + } + $Tunnel = $($env:JENKINS_TUNNEL).Trim() + } + $Tunnel = $Tunnel.Trim() + if(![System.String]::IsNullOrWhiteSpace($Tunnel)) { + $Tunnel = " -tunnel `"$Tunnel`"" + } + + # if -WorkDir is not provided, try env vars + if(![System.String]::IsNullOrWhiteSpace($env:JENKINS_AGENT_WORKDIR)) { + if(![System.String]::IsNullOrWhiteSpace($WorkDir)) { + Write-Warning "Work directory is defined twice; in command-line arguments and the environment variable" + } + $WorkDir = $env:JENKINS_AGENT_WORKDIR + } + $WorkDir = $WorkDir.Trim() + if(![System.String]::IsNullOrWhiteSpace($WorkDir)) { + $WorkDir = " -workDir `"$WorkDir`"" + } + + # if -Url is not provided, try env vars + if(![System.String]::IsNullOrWhiteSpace($env:JENKINS_URL)) { + if(![System.String]::IsNullOrWhiteSpace($Url)) { + Write-Warning "Url is defined twice; in command-line arguments and the environment variable" + } + $Url = $($env:JENKINS_URL).Trim() + } + $Url = $Url.Trim() + if(![System.String]::IsNullOrWhiteSpace($Url)) { + $Url = " -url `"$Url`"" + } + + # if -Name is not provided, try env vars + if(![System.String]::IsNullOrWhiteSpace($env:JENKINS_NAME)) { + if(![System.String]::IsNullOrWhiteSpace($Name)) { + Write-Warning "Name is defined twice; in command-line arguments and the environment variable" + } + $Name = $env:JENKINS_NAME + } + $Name = $Name.Trim() + + $jnlpProtocolOpts = '' + if([System.String]::IsNullOrWhiteSpace($env:JNLP_PROTOCOL_OPTS)) { + Write-Warning "JnlpProtocol3 is disabled by default, use JNLP_PROTOCOL_OPTS to alter the behavior" + $jnlpProtocolOpts="-D`"org.jenkinsci.remoting.engine.JnlpProtocol3.disabled=true`"" + } + + # if java home is defined, use it + $JAVA_BIN="java.exe" + if(![System.String]::IsNullOrWhiteSpace($JavaHome)) { + $JAVA_BIN="$JavaHome/bin/java.exe" + } + + # if -Url is not provided, try env vars + if(![System.String]::IsNullOrWhiteSpace($env:JENKINS_SECRET)) { + if(![System.String]::IsNullOrWhiteSpace($Secret)) { + Write-Warning "Secret is defined twice; in command-line arguments and the environment variable" + } + $Secret = $env:JENKINS_SECRET + } + $Secret = $Secret.Trim() + if(![System.String]::IsNullOrWhiteSpace($Secret)) { + $Secret = " $Secret" + } + + #TODO: Handle the case when the command-line and Environment variable contain different values. + #It is fine it blows up for now since it should lead to an error anyway. + Start-Process -FilePath $JAVA_BIN -Wait -NoNewWindow -ArgumentList $("$jnlpProtocolOpts -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -headless$Tunnel$Url$WorkDir$Secret $Name") +} From 0ca658b9d9eca392568b21bbb0cfd5d8a5cb8b83 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Fri, 20 Sep 2019 13:50:55 +0200 Subject: [PATCH 013/130] [JENKINS-42846] - Rename the jenkins-slave script to jenkins-agent --- jenkins-agent | 101 ++++++++++++++++++++++++++++++++++++++++++++++ jenkins-agent.ps1 | 2 +- 2 files changed, 102 insertions(+), 1 deletion(-) create mode 100644 jenkins-agent diff --git a/jenkins-agent b/jenkins-agent new file mode 100644 index 000000000..0a556ea38 --- /dev/null +++ b/jenkins-agent @@ -0,0 +1,101 @@ +#!/usr/bin/env sh + +# The MIT License +# +# Copyright (c) 2015-2019, CloudBees, Inc. +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +# THE SOFTWARE. + +# Usage jenkins-agent.sh [options] -url http://jenkins [SECRET] [AGENT_NAME] +# Optional environment variables : +# * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network +# * JENKINS_URL : alternate jenkins URL +# * JENKINS_SECRET : agent secret, if not set as an argument +# * JENKINS_AGENT_NAME : agent name, if not set as an argument +# * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir + +if [ $# -eq 1 ]; then + + # if `docker run` only has one arguments, we assume user is running alternate command like `bash` to inspect the image + exec "$@" + +else + + # if -tunnel is not provided, try env vars + case "$@" in + *"-tunnel "*) ;; + *) + if [ ! -z "$JENKINS_TUNNEL" ]; then + TUNNEL="-tunnel $JENKINS_TUNNEL" + fi ;; + esac + + # if -workDir is not provided, try env vars + if [ ! -z "$JENKINS_AGENT_WORKDIR" ]; then + case "$@" in + *"-workDir"*) echo "Warning: Work directory is defined twice in command-line arguments and the environment variable" ;; + *) + WORKDIR="-workDir $JENKINS_AGENT_WORKDIR" ;; + esac + fi + + if [ -n "$JENKINS_URL" ]; then + URL="-url $JENKINS_URL" + fi + + if [ -n "$JENKINS_NAME" ]; then + JENKINS_AGENT_NAME="$JENKINS_NAME" + fi + + if [ -z "$JNLP_PROTOCOL_OPTS" ]; then + echo "Warning: JnlpProtocol3 is disabled by default, use JNLP_PROTOCOL_OPTS to alter the behavior" + JNLP_PROTOCOL_OPTS="-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=true" + fi + + # if java home is defined, use it + JAVA_BIN="java" + if [ "$JAVA_HOME" ]; then + JAVA_BIN="$JAVA_HOME/bin/java" + fi + + # if both required options are defined, do not pass the parameters + OPT_JENKINS_SECRET="" + if [ -n "$JENKINS_SECRET" ]; then + case "$@" in + *"${JENKINS_SECRET}"*) echo "Warning: SECRET is defined twice in command-line arguments and the environment variable" ;; + *) + OPT_JENKINS_SECRET="${JENKINS_SECRET}" ;; + esac + fi + + OPT_JENKINS_AGENT_NAME="" + if [ -n "$JENKINS_AGENT_NAME" ]; then + case "$@" in + *"${JENKINS_AGENT_NAME}"*) echo "Warning: AGENT_NAME is defined twice in command-line arguments and the environment variable" ;; + *) + OPT_JENKINS_AGENT_NAME="${JENKINS_AGENT_NAME}" ;; + esac + fi + + #TODO: Handle the case when the command-line and Environment variable contain different values. + #It is fine it blows up for now since it should lead to an error anyway. + + ls -la /usr/share/jenkins/ + exec $JAVA_BIN $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" +fi diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 43d43833c..05c883be1 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -31,7 +31,7 @@ Param( $JavaHome = $env:JAVA_HOME ) -# Usage jenkins-slave.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] +# Usage jenkins-agent.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] # Optional environment variables : # * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network # * JENKINS_URL : alternate jenkins URL From 2882d8eed34682e4bb66a1b4069f8dc668ea0116 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Fri, 20 Sep 2019 13:52:09 +0200 Subject: [PATCH 014/130] Revert "[JENKINS-42846] - Rename the jenkins-slave script to jenkins-agent" This reverts commit 0ca658b9d9eca392568b21bbb0cfd5d8a5cb8b83. --- jenkins-agent | 101 ---------------------------------------------- jenkins-agent.ps1 | 2 +- 2 files changed, 1 insertion(+), 102 deletions(-) delete mode 100644 jenkins-agent diff --git a/jenkins-agent b/jenkins-agent deleted file mode 100644 index 0a556ea38..000000000 --- a/jenkins-agent +++ /dev/null @@ -1,101 +0,0 @@ -#!/usr/bin/env sh - -# The MIT License -# -# Copyright (c) 2015-2019, CloudBees, Inc. -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. - -# Usage jenkins-agent.sh [options] -url http://jenkins [SECRET] [AGENT_NAME] -# Optional environment variables : -# * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network -# * JENKINS_URL : alternate jenkins URL -# * JENKINS_SECRET : agent secret, if not set as an argument -# * JENKINS_AGENT_NAME : agent name, if not set as an argument -# * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir - -if [ $# -eq 1 ]; then - - # if `docker run` only has one arguments, we assume user is running alternate command like `bash` to inspect the image - exec "$@" - -else - - # if -tunnel is not provided, try env vars - case "$@" in - *"-tunnel "*) ;; - *) - if [ ! -z "$JENKINS_TUNNEL" ]; then - TUNNEL="-tunnel $JENKINS_TUNNEL" - fi ;; - esac - - # if -workDir is not provided, try env vars - if [ ! -z "$JENKINS_AGENT_WORKDIR" ]; then - case "$@" in - *"-workDir"*) echo "Warning: Work directory is defined twice in command-line arguments and the environment variable" ;; - *) - WORKDIR="-workDir $JENKINS_AGENT_WORKDIR" ;; - esac - fi - - if [ -n "$JENKINS_URL" ]; then - URL="-url $JENKINS_URL" - fi - - if [ -n "$JENKINS_NAME" ]; then - JENKINS_AGENT_NAME="$JENKINS_NAME" - fi - - if [ -z "$JNLP_PROTOCOL_OPTS" ]; then - echo "Warning: JnlpProtocol3 is disabled by default, use JNLP_PROTOCOL_OPTS to alter the behavior" - JNLP_PROTOCOL_OPTS="-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=true" - fi - - # if java home is defined, use it - JAVA_BIN="java" - if [ "$JAVA_HOME" ]; then - JAVA_BIN="$JAVA_HOME/bin/java" - fi - - # if both required options are defined, do not pass the parameters - OPT_JENKINS_SECRET="" - if [ -n "$JENKINS_SECRET" ]; then - case "$@" in - *"${JENKINS_SECRET}"*) echo "Warning: SECRET is defined twice in command-line arguments and the environment variable" ;; - *) - OPT_JENKINS_SECRET="${JENKINS_SECRET}" ;; - esac - fi - - OPT_JENKINS_AGENT_NAME="" - if [ -n "$JENKINS_AGENT_NAME" ]; then - case "$@" in - *"${JENKINS_AGENT_NAME}"*) echo "Warning: AGENT_NAME is defined twice in command-line arguments and the environment variable" ;; - *) - OPT_JENKINS_AGENT_NAME="${JENKINS_AGENT_NAME}" ;; - esac - fi - - #TODO: Handle the case when the command-line and Environment variable contain different values. - #It is fine it blows up for now since it should lead to an error anyway. - - ls -la /usr/share/jenkins/ - exec $JAVA_BIN $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" -fi diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 05c883be1..43d43833c 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -31,7 +31,7 @@ Param( $JavaHome = $env:JAVA_HOME ) -# Usage jenkins-agent.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] +# Usage jenkins-slave.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] # Optional environment variables : # * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network # * JENKINS_URL : alternate jenkins URL From 638f97061272bbb22588c4fd35e0e68a75ab55cb Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Fri, 20 Sep 2019 13:50:55 +0200 Subject: [PATCH 015/130] [JENKINS-42846] - Rename the jenkins-slave script to jenkins-agent --- jenkins-agent | 101 ++++++++++++++++++++++++++++++++++++++++++++++ jenkins-agent.ps1 | 2 +- 2 files changed, 102 insertions(+), 1 deletion(-) create mode 100644 jenkins-agent diff --git a/jenkins-agent b/jenkins-agent new file mode 100644 index 000000000..0a556ea38 --- /dev/null +++ b/jenkins-agent @@ -0,0 +1,101 @@ +#!/usr/bin/env sh + +# The MIT License +# +# Copyright (c) 2015-2019, CloudBees, Inc. +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +# THE SOFTWARE. + +# Usage jenkins-agent.sh [options] -url http://jenkins [SECRET] [AGENT_NAME] +# Optional environment variables : +# * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network +# * JENKINS_URL : alternate jenkins URL +# * JENKINS_SECRET : agent secret, if not set as an argument +# * JENKINS_AGENT_NAME : agent name, if not set as an argument +# * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir + +if [ $# -eq 1 ]; then + + # if `docker run` only has one arguments, we assume user is running alternate command like `bash` to inspect the image + exec "$@" + +else + + # if -tunnel is not provided, try env vars + case "$@" in + *"-tunnel "*) ;; + *) + if [ ! -z "$JENKINS_TUNNEL" ]; then + TUNNEL="-tunnel $JENKINS_TUNNEL" + fi ;; + esac + + # if -workDir is not provided, try env vars + if [ ! -z "$JENKINS_AGENT_WORKDIR" ]; then + case "$@" in + *"-workDir"*) echo "Warning: Work directory is defined twice in command-line arguments and the environment variable" ;; + *) + WORKDIR="-workDir $JENKINS_AGENT_WORKDIR" ;; + esac + fi + + if [ -n "$JENKINS_URL" ]; then + URL="-url $JENKINS_URL" + fi + + if [ -n "$JENKINS_NAME" ]; then + JENKINS_AGENT_NAME="$JENKINS_NAME" + fi + + if [ -z "$JNLP_PROTOCOL_OPTS" ]; then + echo "Warning: JnlpProtocol3 is disabled by default, use JNLP_PROTOCOL_OPTS to alter the behavior" + JNLP_PROTOCOL_OPTS="-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=true" + fi + + # if java home is defined, use it + JAVA_BIN="java" + if [ "$JAVA_HOME" ]; then + JAVA_BIN="$JAVA_HOME/bin/java" + fi + + # if both required options are defined, do not pass the parameters + OPT_JENKINS_SECRET="" + if [ -n "$JENKINS_SECRET" ]; then + case "$@" in + *"${JENKINS_SECRET}"*) echo "Warning: SECRET is defined twice in command-line arguments and the environment variable" ;; + *) + OPT_JENKINS_SECRET="${JENKINS_SECRET}" ;; + esac + fi + + OPT_JENKINS_AGENT_NAME="" + if [ -n "$JENKINS_AGENT_NAME" ]; then + case "$@" in + *"${JENKINS_AGENT_NAME}"*) echo "Warning: AGENT_NAME is defined twice in command-line arguments and the environment variable" ;; + *) + OPT_JENKINS_AGENT_NAME="${JENKINS_AGENT_NAME}" ;; + esac + fi + + #TODO: Handle the case when the command-line and Environment variable contain different values. + #It is fine it blows up for now since it should lead to an error anyway. + + ls -la /usr/share/jenkins/ + exec $JAVA_BIN $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" +fi diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 43d43833c..05c883be1 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -31,7 +31,7 @@ Param( $JavaHome = $env:JAVA_HOME ) -# Usage jenkins-slave.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] +# Usage jenkins-agent.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] # Optional environment variables : # * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network # * JENKINS_URL : alternate jenkins URL From aea520e312320a0cbdc8fa62a14c8e6851296b76 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Fri, 20 Sep 2019 13:59:30 +0200 Subject: [PATCH 016/130] Add Gitter and GitHub Releases badges to README --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 7318b456a..cf45ef618 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,10 @@ # Jenkins JNLP Agent Docker image +[![Join the chat at https://gitter.im/jenkinsci/docker-slave](https://badges.gitter.im/jenkinsci/docker-slave.svg)](https://gitter.im/jenkinsci/docker-slave?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Stars](https://img.shields.io/docker/stars/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) [![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) [![Docker Automated build](https://img.shields.io/docker/automated/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) +[![GitHub release](https://img.shields.io/github/release/jenkinsci/docker-jnlp-slave.svg?label=chanelog)](https://github.com/jenkinsci/docker-jnlp-slave/releases/latest) :exclamation: **Warning!** This image used to be published as [jenkinsci/jnlp-slave](https://hub.docker.com/r/jenkinsci/jnlp-slave/). That image name is deprecated, use [jenkins/jnlp-slave](https://hub.docker.com/r/jenkins/jnlp-slave/). From 61dd2a8ae828a06e8354bd4bac60d6f5b18280e6 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Fri, 20 Sep 2019 15:22:05 +0200 Subject: [PATCH 017/130] [JENKINS-42846] - Remove the debug code --- jenkins-agent | 1 - 1 file changed, 1 deletion(-) diff --git a/jenkins-agent b/jenkins-agent index 0a556ea38..ec0b57bca 100644 --- a/jenkins-agent +++ b/jenkins-agent @@ -96,6 +96,5 @@ else #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - ls -la /usr/share/jenkins/ exec $JAVA_BIN $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" fi From 763659dd7fbf5d7c1baf37b80b4069d5fd738014 Mon Sep 17 00:00:00 2001 From: Alexander Link Date: Tue, 24 Sep 2019 16:09:11 +0200 Subject: [PATCH 018/130] Adjusted jenkins-agent script for direct connection --- jenkins-agent | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/jenkins-agent b/jenkins-agent index ec0b57bca..9b2d31af8 100644 --- a/jenkins-agent +++ b/jenkins-agent @@ -29,6 +29,11 @@ # * JENKINS_SECRET : agent secret, if not set as an argument # * JENKINS_AGENT_NAME : agent name, if not set as an argument # * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir +# * JENKINS_DIRECT_CONNECTION: Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. +# Value: ":" +# * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, +# the agent skips connecting to an HTTP(S) port for connection info. +# * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. if [ $# -eq 1 ]; then @@ -61,13 +66,25 @@ else if [ -n "$JENKINS_NAME" ]; then JENKINS_AGENT_NAME="$JENKINS_NAME" - fi + fi if [ -z "$JNLP_PROTOCOL_OPTS" ]; then echo "Warning: JnlpProtocol3 is disabled by default, use JNLP_PROTOCOL_OPTS to alter the behavior" JNLP_PROTOCOL_OPTS="-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=true" fi - + + if [ -n "$JENKINS_PROTOCOLS" ]; then + PROTOCOLS="-protocols $JENKINS_PROTOCOLS" + fi + + if [ -n "$JENKINS_DIRECT_CONNECTION" ]; then + DIRECT="-direct $JENKINS_DIRECT_CONNECTION" + fi + + if [ -n "$JENKINS_INSTANCE_IDENTITY" ]; then + INSTANCE_IDENTITY="-instanceIdentity $JENKINS_INSTANCE_IDENTITY" + fi + # if java home is defined, use it JAVA_BIN="java" if [ "$JAVA_HOME" ]; then @@ -96,5 +113,5 @@ else #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - exec $JAVA_BIN $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + exec $JAVA_BIN $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" fi From 21351567a84de7a4111c450f6485f95d3ea1bd4d Mon Sep 17 00:00:00 2001 From: Jesse Glick Date: Mon, 9 Dec 2019 21:02:55 -0500 Subject: [PATCH 019/130] JENKINS_WEB_SOCKET=true --- jenkins-agent | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/jenkins-agent b/jenkins-agent index 9b2d31af8..a1b7377ab 100644 --- a/jenkins-agent +++ b/jenkins-agent @@ -29,6 +29,7 @@ # * JENKINS_SECRET : agent secret, if not set as an argument # * JENKINS_AGENT_NAME : agent name, if not set as an argument # * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir +# * JENKINS_WEB_SOCKET: true if the connection should be made via WebSocket rather than TCP # * JENKINS_DIRECT_CONNECTION: Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. # Value: ":" # * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, @@ -73,6 +74,10 @@ else JNLP_PROTOCOL_OPTS="-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=true" fi + if [ "$JENKINS_WEB_SOCKET" = true ]; then + WEB_SOCKET=-webSocket + fi + if [ -n "$JENKINS_PROTOCOLS" ]; then PROTOCOLS="-protocols $JENKINS_PROTOCOLS" fi @@ -113,5 +118,5 @@ else #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - exec $JAVA_BIN $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + exec $JAVA_BIN $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" fi From 7312f652ef09ce78b045362ef256df83340e8894 Mon Sep 17 00:00:00 2001 From: Richard Bywater Date: Mon, 16 Dec 2019 09:43:50 +1300 Subject: [PATCH 020/130] Fix spelling mistake MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Just a nit-pick PR to fix the spelling of changelog that has been bothering me 😁 --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8b3556198..1d92f88d3 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ [![Docker Stars](https://img.shields.io/docker/stars/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) [![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) [![Docker Automated build](https://img.shields.io/docker/automated/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) -[![GitHub release](https://img.shields.io/github/release/jenkinsci/docker-jnlp-slave.svg?label=chanelog)](https://github.com/jenkinsci/docker-jnlp-slave/releases/latest) +[![GitHub release](https://img.shields.io/github/release/jenkinsci/docker-jnlp-slave.svg?label=changelog)](https://github.com/jenkinsci/docker-jnlp-slave/releases/latest) :exclamation: **Warning!** This image used to be published as [jenkinsci/jnlp-slave](https://hub.docker.com/r/jenkinsci/jnlp-slave/). That image name is deprecated, use [jenkins/jnlp-slave](https://hub.docker.com/r/jenkins/jnlp-slave/). From a118d3d1edb7610ba7c551a6299336f26b4e9ac4 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Wed, 25 Dec 2019 23:39:32 +0100 Subject: [PATCH 021/130] Fix the Gitter chat link in the documentation --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1d92f88d3..28904972a 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Jenkins JNLP Agent Docker image -[![Join the chat at https://gitter.im/jenkinsci/docker-slave](https://badges.gitter.im/jenkinsci/docker-slave.svg)](https://gitter.im/jenkinsci/docker-slave?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) +[![Join the chat at https://gitter.im/jenkinsci/docker](https://badges.gitter.im/jenkinsci/docker.svg)](https://gitter.im/jenkinsci/docker-slave?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Stars](https://img.shields.io/docker/stars/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) [![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) [![Docker Automated build](https://img.shields.io/docker/automated/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) From e4ad809f5706aded20d17bb434bba1cbeb20d7a0 Mon Sep 17 00:00:00 2001 From: Jesse Glick Date: Fri, 3 Jan 2020 17:17:04 -0500 Subject: [PATCH 022/130] Noting new variable in documentation. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 8b3556198..cd0b0cae3 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,7 @@ Optional environment variables: * `JENKINS_SECRET`: agent secret, if not set as an argument * `JENKINS_AGENT_NAME`: agent name, if not set as an argument * `JENKINS_AGENT_WORKDIR`: agent work directory, if not set by optional parameter `-workDir` +* `JENKINS_WEB_SOCKET`: `true` if the connection should be made via WebSocket rather than TCP ## Configuration specifics From f104777e23b473ee313d24a9fe02d226deede349 Mon Sep 17 00:00:00 2001 From: Jeff Thompson Date: Fri, 10 Jan 2020 11:35:09 -0700 Subject: [PATCH 023/130] Update to Remoting 3.40. This Remoting version removes old, deprecated, unsupported protocols versions 1, 2, and 3. --- README.md | 4 ---- jenkins-agent | 9 ++------- jenkins-agent.ps1 | 10 ++-------- 3 files changed, 4 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index 28904972a..d2172e4f3 100644 --- a/README.md +++ b/README.md @@ -48,10 +48,6 @@ Optional environment variables: ### Enabled JNLP protocols -By default, the [JNLP3-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp3-connect) is disabled due to the known stability and scalability issues. -You can enable this protocol at your own risk using the -`JNLP_PROTOCOL_OPTS=-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=false` property (the protocol should be enabled on the master side as well). - In Jenkins versions starting from `2.27` there is a [JNLP4-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp4-connect) protocol. If you use Jenkins `2.32.x LTS`, it is recommended to enable the protocol on your instance. diff --git a/jenkins-agent b/jenkins-agent index 9b2d31af8..c4563417e 100644 --- a/jenkins-agent +++ b/jenkins-agent @@ -2,7 +2,7 @@ # The MIT License # -# Copyright (c) 2015-2019, CloudBees, Inc. +# Copyright (c) 2015-2020, CloudBees, Inc. # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to deal @@ -68,11 +68,6 @@ else JENKINS_AGENT_NAME="$JENKINS_NAME" fi - if [ -z "$JNLP_PROTOCOL_OPTS" ]; then - echo "Warning: JnlpProtocol3 is disabled by default, use JNLP_PROTOCOL_OPTS to alter the behavior" - JNLP_PROTOCOL_OPTS="-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=true" - fi - if [ -n "$JENKINS_PROTOCOLS" ]; then PROTOCOLS="-protocols $JENKINS_PROTOCOLS" fi @@ -113,5 +108,5 @@ else #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - exec $JAVA_BIN $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + exec $JAVA_BIN $JAVA_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" fi diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 05c883be1..ebe8a746c 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -1,6 +1,6 @@ # The MIT License # -# Copyright (c) 2019, Alex Earl +# Copyright (c) 2020, Alex Earl # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to deal @@ -88,12 +88,6 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { } $Name = $Name.Trim() - $jnlpProtocolOpts = '' - if([System.String]::IsNullOrWhiteSpace($env:JNLP_PROTOCOL_OPTS)) { - Write-Warning "JnlpProtocol3 is disabled by default, use JNLP_PROTOCOL_OPTS to alter the behavior" - $jnlpProtocolOpts="-D`"org.jenkinsci.remoting.engine.JnlpProtocol3.disabled=true`"" - } - # if java home is defined, use it $JAVA_BIN="java.exe" if(![System.String]::IsNullOrWhiteSpace($JavaHome)) { @@ -114,5 +108,5 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - Start-Process -FilePath $JAVA_BIN -Wait -NoNewWindow -ArgumentList $("$jnlpProtocolOpts -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -headless$Tunnel$Url$WorkDir$Secret $Name") + Start-Process -FilePath $JAVA_BIN -Wait -NoNewWindow -ArgumentList $("-cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -headless$Tunnel$Url$WorkDir$Secret $Name") } From 8fa077f4ce0e33f6c4ba98d8d6f2c28f88fdec6e Mon Sep 17 00:00:00 2001 From: Jeff Thompson Date: Fri, 10 Jan 2020 12:18:28 -0700 Subject: [PATCH 024/130] Improve README --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d2172e4f3..94b2ad78e 100644 --- a/README.md +++ b/README.md @@ -48,8 +48,9 @@ Optional environment variables: ### Enabled JNLP protocols -In Jenkins versions starting from `2.27` there is a [JNLP4-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp4-connect) protocol. -If you use Jenkins `2.32.x LTS`, it is recommended to enable the protocol on your instance. +As of version 3.40-1 this image only supports the [JNLP4-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp4-connect) protocol. +Earlier, long-unsupported protocols have been removed. +As a result, Jenkins versions prior to 2.32 are no longer supported. ### Amazon ECS From 0da278c7ab1fa02762aacdf7fbc880592b6bf3ad Mon Sep 17 00:00:00 2001 From: Jeff Thompson <37345299+jeffret-b@users.noreply.github.com> Date: Fri, 10 Jan 2020 12:19:59 -0700 Subject: [PATCH 025/130] Fix copyright. Co-Authored-By: Mark Waite --- jenkins-agent.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index ebe8a746c..6457d1e8e 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -1,6 +1,6 @@ # The MIT License # -# Copyright (c) 2020, Alex Earl +# Copyright (c) 2019-2020, Alex Earl # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to deal From d3c82c5ee053e466cf13064a5cc59724c963cfb5 Mon Sep 17 00:00:00 2001 From: alex3d Date: Tue, 14 Jan 2020 19:36:15 +0300 Subject: [PATCH 026/130] Pass --init to docker-run to reap zombies. --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 94b2ad78e..e3f6e3da5 100644 --- a/README.md +++ b/README.md @@ -20,21 +20,21 @@ To run a Docker container Linux agent: - docker run jenkins/jnlp-slave -url http://jenkins-server:port + docker run --init jenkins/jnlp-slave -url http://jenkins-server:port Windows agent: - docker run jenkins/jnlp-agent:latest-windows -Url http://jenkins-server:port -Secret -Name + docker run --init jenkins/jnlp-agent:latest-windows -Url http://jenkins-server:port -Secret -Name To run a Docker container with [Work Directory](https://github.com/jenkinsci/remoting/blob/master/docs/workDir.md) Linux agent: - docker run jenkins/jnlp-slave -url http://jenkins-server:port -workDir=/home/jenkins/agent + docker run --init jenkins/jnlp-slave -url http://jenkins-server:port -workDir=/home/jenkins/agent Windows agent: - docker run jenkins/jnlp-agent-windows -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name + docker run --init jenkins/jnlp-agent-windows -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name Optional environment variables: From 27057240994a4b287e690629ad24bf4313cd8c0f Mon Sep 17 00:00:00 2001 From: alex3d Date: Wed, 15 Jan 2020 09:04:47 +0300 Subject: [PATCH 027/130] Remove docker run --init flag (it's ignored on Windows) --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e3f6e3da5..530a13b04 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ To run a Docker container Windows agent: - docker run --init jenkins/jnlp-agent:latest-windows -Url http://jenkins-server:port -Secret -Name + docker run jenkins/jnlp-agent:latest-windows -Url http://jenkins-server:port -Secret -Name To run a Docker container with [Work Directory](https://github.com/jenkinsci/remoting/blob/master/docs/workDir.md) @@ -34,7 +34,7 @@ To run a Docker container with [Work Directory](https://github.com/jenkinsci/rem Windows agent: - docker run --init jenkins/jnlp-agent-windows -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name + docker run jenkins/jnlp-agent-windows -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name Optional environment variables: From f9f870eda65c928a500868e009c8848710b3f373 Mon Sep 17 00:00:00 2001 From: Fabio Kruger Date: Fri, 17 Jan 2020 01:21:06 +0100 Subject: [PATCH 028/130] Added tests Signed-off-by: Fabio Kruger --- tests/netcat-helper/Dockerfile | 6 +++ tests/tests.bats | 94 ++++++++++++++++++++++++++++++++++ 2 files changed, 100 insertions(+) create mode 100644 tests/netcat-helper/Dockerfile create mode 100755 tests/tests.bats diff --git a/tests/netcat-helper/Dockerfile b/tests/netcat-helper/Dockerfile new file mode 100644 index 000000000..6313e4a4e --- /dev/null +++ b/tests/netcat-helper/Dockerfile @@ -0,0 +1,6 @@ +FROM alpine:3.11 + +RUN apk update --no-cache \ + && apk add --no-cache \ + coreutils \ + netcat-openbsd diff --git a/tests/tests.bats b/tests/tests.bats new file mode 100755 index 000000000..6bf2c1bab --- /dev/null +++ b/tests/tests.bats @@ -0,0 +1,94 @@ +#!/usr/bin/env bats + +DOCKERFILE=Dockerfile +JDK=8 +SLAVE_IMAGE=jenkins-jnlp-slave +SLAVE_CONTAINER=bats-jenkins-jnlp-slave +NETCAT_HELPER_CONTAINER=netcat-helper + +if [[ -z "${FLAVOR}" ]] +then + FLAVOR="debian" +elif [[ "${FLAVOR}" = "jdk11" ]] +then + DOCKERFILE+="-jdk11" + JDK=11 + SLAVE_IMAGE+=":jdk11" + SLAVE_CONTAINER+="-jdk11" +else + DOCKERFILE+="-alpine" + SLAVE_IMAGE+=":alpine" + SLAVE_CONTAINER+="-alpine" +fi + +load test_helpers + +clean_test_container + +buildNetcatImage + +function teardown () { + clean_test_container +} + +@test "[${FLAVOR}] build image" { + cd "${BATS_TEST_DIRNAME}"/.. || false + docker build -t "${SLAVE_IMAGE}" -f "${DOCKERFILE}" . +} + +@test "[${FLAVOR}] image has installed jenkins-agent in PATH" { + docker run -d -it --name "${SLAVE_CONTAINER}" -P "${SLAVE_IMAGE}" /bin/bash + + is_slave_container_running + + run docker exec "${SLAVE_CONTAINER}" which jenkins-slave + [ "/usr/local/bin/jenkins-slave" = "${lines[0]}" ] + + run docker exec "${SLAVE_CONTAINER}" which jenkins-agent + [ "/usr/local/bin/jenkins-agent" = "${lines[0]}" ] +} + +@test "[${FLAVOR}] image starts jenkins-agent correctly" { + docker run -d -it --name netcat-helper netcat-helper:latest /bin/sh + + docker run -d --link netcat-helper --name "${SLAVE_CONTAINER}" "${SLAVE_IMAGE}" -url http://netcat-helper:5000 aaa bbb + + run docker exec netcat-helper /bin/sh -c "timeout 10s nc -l 5000" + + # The GET request ends with a '\r' + [ $'GET /tcpSlaveAgentListener/ HTTP/1.1\r' = "${lines[0]}" ] +} + +@test "[${FLAVOR}] use build args correctly" { + cd "${BATS_TEST_DIRNAME}"/.. || false + + local ARG_TEST_VERSION + local TEST_VERSION="3.36" + local TEST_USER="root" + + if [[ "${FLAVOR}" = "debian" ]] + then + ARG_TEST_VERSION="${TEST_VERSION}-1" + elif [[ "${FLAVOR}" = "jdk11" ]] + then + ARG_TEST_VERSION="${TEST_VERSION}-1-jdk11" + else + ARG_TEST_VERSION="${TEST_VERSION}-1-alpine" + fi + + docker build \ + --build-arg "version=${ARG_TEST_VERSION}" \ + --build-arg "user=${TEST_USER}" \ + -t "${SLAVE_IMAGE}" \ + -f "${DOCKERFILE}" . + + docker run -d -it --name "${SLAVE_CONTAINER}" -P "${SLAVE_IMAGE}" /bin/sh + + is_slave_container_running + + run docker exec "${SLAVE_CONTAINER}" sh -c "java -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -version" + [ "${TEST_VERSION}" = "${lines[0]}" ] + + run docker exec "${SLAVE_CONTAINER}" sh -c "id -u -n ${TEST_USER}" + [ "${TEST_USER}" = "${lines[0]}" ] +} From 63202c21a6697ce5b2452a641ff12f79598ceac2 Mon Sep 17 00:00:00 2001 From: alex3d Date: Fri, 17 Jan 2020 12:49:42 +0300 Subject: [PATCH 029/130] Add `zombie reaping` note --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 530a13b04..e35468dc5 100644 --- a/README.md +++ b/README.md @@ -21,6 +21,7 @@ To run a Docker container Linux agent: docker run --init jenkins/jnlp-slave -url http://jenkins-server:port + Note: `--init` is necessary for correct subprocesses handling (zombie reaping) Windows agent: From 8deb0d008c96c54f735aa985f8abdd9456b46e1a Mon Sep 17 00:00:00 2001 From: Fabio Kruger Date: Tue, 21 Jan 2020 21:41:35 +0100 Subject: [PATCH 030/130] Removed hidden tabs --- tests/tests.bats | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/tests.bats b/tests/tests.bats index 6bf2c1bab..06997c774 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -62,9 +62,9 @@ function teardown () { @test "[${FLAVOR}] use build args correctly" { cd "${BATS_TEST_DIRNAME}"/.. || false - local ARG_TEST_VERSION + local ARG_TEST_VERSION local TEST_VERSION="3.36" - local TEST_USER="root" + local TEST_USER="root" if [[ "${FLAVOR}" = "debian" ]] then From c4bf751840f6931a364d0e5ce566746486938a55 Mon Sep 17 00:00:00 2001 From: Jesse Glick Date: Mon, 27 Jan 2020 11:24:25 -0500 Subject: [PATCH 031/130] Script seems to be using tabs not spaces --- jenkins-agent | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/jenkins-agent b/jenkins-agent index b17d84cb8..74485736a 100644 --- a/jenkins-agent +++ b/jenkins-agent @@ -69,9 +69,9 @@ else JENKINS_AGENT_NAME="$JENKINS_NAME" fi - if [ "$JENKINS_WEB_SOCKET" = true ]; then - WEB_SOCKET=-webSocket - fi + if [ "$JENKINS_WEB_SOCKET" = true ]; then + WEB_SOCKET=-webSocket + fi if [ -n "$JENKINS_PROTOCOLS" ]; then PROTOCOLS="-protocols $JENKINS_PROTOCOLS" From b153932da958dbe3ef0638c1ad8078ecffa8d950 Mon Sep 17 00:00:00 2001 From: Jesse Glick Date: Mon, 27 Jan 2020 12:26:23 -0500 Subject: [PATCH 032/130] Also patch the PowerShell script --- jenkins-agent.ps1 | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 6457d1e8e..b0bc20764 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -28,6 +28,7 @@ Param( $Name = '', $Tunnel = '', $WorkDir = 'C:/Users/jenkins/Agent', + $WebSocket = '', $JavaHome = $env:JAVA_HOME ) @@ -38,6 +39,7 @@ Param( # * JENKINS_SECRET : agent secret, if not set as an argument # * JENKINS_AGENT_NAME : agent name, if not set as an argument # * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir +# * JENKINS_WEB_SOCKET : true if the connection should be made via WebSocket rather than TCP if(![System.String]::IsNullOrWhiteSpace($Cmd)) { # if `docker run` only has one arguments, we assume user is running alternate command like `bash` to inspect the image @@ -67,6 +69,10 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { $WorkDir = " -workDir `"$WorkDir`"" } + if("true".Equals($Env:JENKINS_WEB_SOCKET)) { + $WebSocket = " -webSocket" + } + # if -Url is not provided, try env vars if(![System.String]::IsNullOrWhiteSpace($env:JENKINS_URL)) { if(![System.String]::IsNullOrWhiteSpace($Url)) { @@ -108,5 +114,5 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - Start-Process -FilePath $JAVA_BIN -Wait -NoNewWindow -ArgumentList $("-cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -headless$Tunnel$Url$WorkDir$Secret $Name") + Start-Process -FilePath $JAVA_BIN -Wait -NoNewWindow -ArgumentList $("-cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -headless$Tunnel$Url$WorkDir$WebSocket$Secret $Name") } From aeac3ab4dd93bd0b4f7ded8c21b356de3ba51f75 Mon Sep 17 00:00:00 2001 From: Jesse Glick Date: Mon, 27 Jan 2020 12:50:05 -0500 Subject: [PATCH 033/130] -eq rather than .Equals --- jenkins-agent.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index b0bc20764..47d3e66ce 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -69,7 +69,7 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { $WorkDir = " -workDir `"$WorkDir`"" } - if("true".Equals($Env:JENKINS_WEB_SOCKET)) { + if($Env:JENKINS_WEB_SOCKET -eq "true") { $WebSocket = " -webSocket" } From b05c5d9eb6389e9cb5e9abef74c421881e0e2edd Mon Sep 17 00:00:00 2001 From: Fabio Kruger Date: Wed, 29 Jan 2020 22:54:16 +0100 Subject: [PATCH 034/130] Increased timeout in the netcat-helper container to 30s to execute correctly with automated testing tools --- tests/tests.bats | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/tests/tests.bats b/tests/tests.bats index 06997c774..46290a4b6 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -48,12 +48,17 @@ function teardown () { [ "/usr/local/bin/jenkins-agent" = "${lines[0]}" ] } -@test "[${FLAVOR}] image starts jenkins-agent correctly" { +@test "[${FLAVOR}] image starts jenkins-agent correctly (slow test)" { + # Spin off a helper image which contains netcat docker run -d -it --name netcat-helper netcat-helper:latest /bin/sh - docker run -d --link netcat-helper --name "${SLAVE_CONTAINER}" "${SLAVE_IMAGE}" -url http://netcat-helper:5000 aaa bbb + # Run jenkins agent which tries to connect to the netcat-helper container at port 5000 + docker run -d --link netcat-helper --name "${AGENT_CONTAINER}" "${AGENT_IMAGE}" -url http://netcat-helper:5000 aaa bbb - run docker exec netcat-helper /bin/sh -c "timeout 10s nc -l 5000" + # Launch the netcat utility, listening at port 5000 for 30 sec + # bats will capture the output from netcat and compare the first line + # of the header of the first HTTP request with the expected one + run docker exec netcat-helper /bin/sh -c "timeout 30s nc -l 5000" # The GET request ends with a '\r' [ $'GET /tcpSlaveAgentListener/ HTTP/1.1\r' = "${lines[0]}" ] From ce374c30d23de6e12615cd75d46be62a0711a5c5 Mon Sep 17 00:00:00 2001 From: Fabio Kruger Date: Wed, 29 Jan 2020 23:04:49 +0100 Subject: [PATCH 035/130] Corrected typo in the test file --- tests/tests.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/tests.bats b/tests/tests.bats index 46290a4b6..cb07eccc9 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -53,7 +53,7 @@ function teardown () { docker run -d -it --name netcat-helper netcat-helper:latest /bin/sh # Run jenkins agent which tries to connect to the netcat-helper container at port 5000 - docker run -d --link netcat-helper --name "${AGENT_CONTAINER}" "${AGENT_IMAGE}" -url http://netcat-helper:5000 aaa bbb + docker run -d --link netcat-helper --name "${SLAVE_CONTAINER}" "${SLAVE_IMAGE}" -url http://netcat-helper:5000 aaa bbb # Launch the netcat utility, listening at port 5000 for 30 sec # bats will capture the output from netcat and compare the first line From a0386dc19b2a89ef4e7029202d9399b9d75827a0 Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Tue, 31 Mar 2020 20:58:34 -0700 Subject: [PATCH 036/130] Directory updates for Linux containers Moved files around similar to how opejdk handles OS and JDKs --- tests/tests.bats | 68 +++++++++++++++++++++++++++--------------------- 1 file changed, 39 insertions(+), 29 deletions(-) diff --git a/tests/tests.bats b/tests/tests.bats index cb07eccc9..b92970b47 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -1,24 +1,34 @@ #!/usr/bin/env bats -DOCKERFILE=Dockerfile -JDK=8 -SLAVE_IMAGE=jenkins-jnlp-slave -SLAVE_CONTAINER=bats-jenkins-jnlp-slave +AGENT_IMAGE=jenkins-jnlp-agent +AGENT_CONTAINER=bats-jenkins-jnlp-agent NETCAT_HELPER_CONTAINER=netcat-helper -if [[ -z "${FLAVOR}" ]] +REGEX='^([0-9]+)/(.+)$' + +REAL_FOLDER=$(realpath "${BATS_TEST_DIRNAME}/../${FOLDER}") + +if [[ ${FOLDER} =~ ${REGEX} ]] && [[ -d "${REAL_FOLDER}" ]] then - FLAVOR="debian" -elif [[ "${FLAVOR}" = "jdk11" ]] + JDK="${BASH_REMATCH[1]}" + FLAVOR="${BASH_REMATCH[2]}" +else + echo "Wrong folder format or folder does not exist: ${FOLDER}" + exit 1 +fi + +if [[ "${JDK}" = "11" ]] then - DOCKERFILE+="-jdk11" - JDK=11 - SLAVE_IMAGE+=":jdk11" - SLAVE_CONTAINER+="-jdk11" + AGENT_IMAGE+=":jdk11" + AGENT_CONTAINER+="-jdk11" else - DOCKERFILE+="-alpine" - SLAVE_IMAGE+=":alpine" - SLAVE_CONTAINER+="-alpine" + if [[ "${FLAVOR}" = "alpine*" ]] + then + AGENT_IMAGE+=":alpine" + AGENT_CONTAINER+="-alpine" + else + AGENT_IMAGE+=":latest" + fi fi load test_helpers @@ -31,29 +41,29 @@ function teardown () { clean_test_container } -@test "[${FLAVOR}] build image" { +@test "[${JDK} ${FLAVOR}] build image" { cd "${BATS_TEST_DIRNAME}"/.. || false - docker build -t "${SLAVE_IMAGE}" -f "${DOCKERFILE}" . + docker build -t "${AGENT_IMAGE}" ${FOLDER} } -@test "[${FLAVOR}] image has installed jenkins-agent in PATH" { - docker run -d -it --name "${SLAVE_CONTAINER}" -P "${SLAVE_IMAGE}" /bin/bash +@test "[${JDK} ${FLAVOR}] image has installed jenkins-agent in PATH" { + docker run -d -it --name "${AGENT_CONTAINER}" -P "${AGENT_IMAGE}" /bin/bash is_slave_container_running - run docker exec "${SLAVE_CONTAINER}" which jenkins-slave - [ "/usr/local/bin/jenkins-slave" = "${lines[0]}" ] + run docker exec "${AGENT_CONTAINER}" which jenkins-agent + [ "/usr/local/bin/jenkins-agent" = "${lines[0]}" ] - run docker exec "${SLAVE_CONTAINER}" which jenkins-agent + run docker exec "${AGENT_CONTAINER}" which jenkins-agent [ "/usr/local/bin/jenkins-agent" = "${lines[0]}" ] } -@test "[${FLAVOR}] image starts jenkins-agent correctly (slow test)" { +@test "[${JDK} ${FLAVOR}] image starts jenkins-agent correctly (slow test)" { # Spin off a helper image which contains netcat docker run -d -it --name netcat-helper netcat-helper:latest /bin/sh # Run jenkins agent which tries to connect to the netcat-helper container at port 5000 - docker run -d --link netcat-helper --name "${SLAVE_CONTAINER}" "${SLAVE_IMAGE}" -url http://netcat-helper:5000 aaa bbb + docker run -d --link netcat-helper --name "${AGENT_CONTAINER}" "${AGENT_IMAGE}" -url http://netcat-helper:5000 aaa bbb # Launch the netcat utility, listening at port 5000 for 30 sec # bats will capture the output from netcat and compare the first line @@ -64,7 +74,7 @@ function teardown () { [ $'GET /tcpSlaveAgentListener/ HTTP/1.1\r' = "${lines[0]}" ] } -@test "[${FLAVOR}] use build args correctly" { +@test "[${JDK} ${FLAVOR}] use build args correctly" { cd "${BATS_TEST_DIRNAME}"/.. || false local ARG_TEST_VERSION @@ -84,16 +94,16 @@ function teardown () { docker build \ --build-arg "version=${ARG_TEST_VERSION}" \ --build-arg "user=${TEST_USER}" \ - -t "${SLAVE_IMAGE}" \ - -f "${DOCKERFILE}" . + -t "${AGENT_IMAGE}" \ + ${FOLDER} - docker run -d -it --name "${SLAVE_CONTAINER}" -P "${SLAVE_IMAGE}" /bin/sh + docker run -d -it --name "${AGENT_CONTAINER}" -P "${AGENT_IMAGE}" /bin/sh is_slave_container_running - run docker exec "${SLAVE_CONTAINER}" sh -c "java -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -version" + run docker exec "${AGENT_CONTAINER}" sh -c "java -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -version" [ "${TEST_VERSION}" = "${lines[0]}" ] - run docker exec "${SLAVE_CONTAINER}" sh -c "id -u -n ${TEST_USER}" + run docker exec "${AGENT_CONTAINER}" sh -c "id -u -n ${TEST_USER}" [ "${TEST_USER}" = "${lines[0]}" ] } From 31aeff719433c022c42ef93d1dc0cee3c8ae4c0a Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Wed, 1 Apr 2020 13:50:44 -0700 Subject: [PATCH 037/130] Rework directory structure and Windows containers - Based on work by @krufab on docker-slave - Moved Dockerfiles into JDK/FLAVOR directory structure - Updated Windows containers to support same parameters as the Linux ones - Added nanoserver builds - Added tests using Pester --- README.md | 4 +- jenkins-agent.ps1 | 139 ++++++++++++++----------- tests/netcat-helper/Dockerfile-windows | 40 +++++++ 3 files changed, 118 insertions(+), 65 deletions(-) create mode 100644 tests/netcat-helper/Dockerfile-windows diff --git a/README.md b/README.md index b90d993dd..44a52c56d 100644 --- a/README.md +++ b/README.md @@ -31,9 +31,9 @@ To run a Docker container with [Work Directory](https://github.com/jenkinsci/rem Linux agent: docker run jenkins/jnlp-slave -url http://jenkins-server:port -workDir=/home/jenkins/agent - + Windows agent: - + docker run jenkins/jnlp-agent-windows -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name Optional environment variables: diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 47d3e66ce..59548e55c 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -22,13 +22,16 @@ [CmdletBinding()] Param( - $Cmd = '', # this is only used when docker run has one arg positional arg - $Url = '', - $Secret = '', - $Name = '', + $Cmd = '', # this is only used when docker run has one arg positional arg + $Url = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_URL)) { throw ("Url is required") } else { '' } ), + $Secret = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_SECRET)) { throw ("Secret is required") } else { '' } ), + $Name = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_AGENT_NAME)) { throw ("Name is required") } else { '' } ), $Tunnel = '', - $WorkDir = 'C:/Users/jenkins/Agent', - $WebSocket = '', + $WorkDir = '', + [switch] $WebSocket = $false, + $DirectConnection = '', + $InstanceIdentity = '', + $Protocols = '', $JavaHome = $env:JAVA_HOME ) @@ -40,59 +43,81 @@ Param( # * JENKINS_AGENT_NAME : agent name, if not set as an argument # * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir # * JENKINS_WEB_SOCKET : true if the connection should be made via WebSocket rather than TCP +# * JENKINS_DIRECT_CONNECTION: Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. +# Value: ":" +# * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, +# the agent skips connecting to an HTTP(S) port for connection info. +# * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. if(![System.String]::IsNullOrWhiteSpace($Cmd)) { # if `docker run` only has one arguments, we assume user is running alternate command like `bash` to inspect the image Invoke-Expression "$Cmd" } else { - # if -Tunnel is not provided, try env vars - if(![System.String]::IsNullOrWhiteSpace($env:JENKINS_TUNNEL)) { - if(![System.String]::IsNullOrWhiteSpace($Tunnel)) { - Write-Warning "Tunnel is defined twice; in command-line arguments and the environment variable" - } - $Tunnel = $($env:JENKINS_TUNNEL).Trim() - } - $Tunnel = $Tunnel.Trim() - if(![System.String]::IsNullOrWhiteSpace($Tunnel)) { - $Tunnel = " -tunnel `"$Tunnel`"" - } + $AgentArguments = @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main", "-headless") - # if -WorkDir is not provided, try env vars - if(![System.String]::IsNullOrWhiteSpace($env:JENKINS_AGENT_WORKDIR)) { - if(![System.String]::IsNullOrWhiteSpace($WorkDir)) { - Write-Warning "Work directory is defined twice; in command-line arguments and the environment variable" - } - $WorkDir = $env:JENKINS_AGENT_WORKDIR - } - $WorkDir = $WorkDir.Trim() - if(![System.String]::IsNullOrWhiteSpace($WorkDir)) { - $WorkDir = " -workDir `"$WorkDir`"" - } + # this maps the variable name from th CmdletBinding to environment variables + $ParamMap = @{ + 'Tunnel' = 'JENKINS_TUNNEL'; + 'Url' = 'JENKINS_URL'; + 'Secret' = 'JENKINS_SECRET'; + 'Name' = 'JENKINS_AGENT_NAME'; + 'WorkDir' = 'JENKINS_AGENT_WORKDIR'; + 'WebSocket' = 'JENKINS_WEB_SOCKET'; + 'DirectConnection' = 'JENKINS_DIRECT_CONNECTION'; + 'InstanceIdentity' = 'JENKINS_INSTANCE_IDENTITY'; + 'Protocols' = 'JENKINS_PROTOCOLS'; + } - if($Env:JENKINS_WEB_SOCKET -eq "true") { - $WebSocket = " -webSocket" - } + # this does some trickery to update the variable from the CmdletBinding + # with the value of the + foreach($p in $ParamMap.Keys) { + $var = Get-Variable $p + $envVar = Get-ChildItem -Path "env:$($ParamMap[$p])" -ErrorAction 'SilentlyContinue' - # if -Url is not provided, try env vars - if(![System.String]::IsNullOrWhiteSpace($env:JENKINS_URL)) { - if(![System.String]::IsNullOrWhiteSpace($Url)) { - Write-Warning "Url is defined twice; in command-line arguments and the environment variable" - } - $Url = $($env:JENKINS_URL).Trim() - } - $Url = $Url.Trim() - if(![System.String]::IsNullOrWhiteSpace($Url)) { - $Url = " -url `"$Url`"" - } + if(($null -ne $envVar) -and ((($envVar.Value -is [System.String]) -and (![System.String]::IsNullOrWhiteSpace($envVar.Value))) -or ($null -ne $envVar.Value))) { + if(($null -ne $var) -and ((($var.Value -is [System.String]) -and (![System.String]::IsNullOrWhiteSpace($var.Value))))) { + Write-Warning "${p} is defined twice; in command-line arguments (-${p}) and in the environment variable ${envVar.Name}" + } + if($var.Value -is [System.String]) { + $var.Value = $envVar.Value + } elseif($var.Value -is [System.Management.Automation.SwitchParameter]) { + $var.Value = [bool]$envVar.Value + } + } + if($var.Value -is [System.String]) { + $var.Value = $var.Value.Trim() + } + } - # if -Name is not provided, try env vars - if(![System.String]::IsNullOrWhiteSpace($env:JENKINS_NAME)) { - if(![System.String]::IsNullOrWhiteSpace($Name)) { - Write-Warning "Name is defined twice; in command-line arguments and the environment variable" - } - $Name = $env:JENKINS_NAME - } - $Name = $Name.Trim() + if(![System.String]::IsNullOrWhiteSpace($Tunnel)) { + $AgentArguments += @("-tunnel", "`"$Tunnel`"") + } + + if(![System.String]::IsNullOrWhiteSpace($WorkDir)) { + $AgentArguments += @("-workDir", "`"$WorkDir`"") + } else { + $AgentArguments += @("-workDir", "`"C:/Users/jenkins/Work`"") + } + + if($WebSocket) { + $AgentArguments += @("-webSocket") + } + + if(![System.String]::IsNullOrWhiteSpace($Url)) { + $AgentArguments += @("-url", "`"$Url`"") + } + + if(![System.String]::IsNullOrWhiteSpace($DirectConnection)) { + $AgentArguments += @('-direct', $DirectConnection) + } + + if(![System.String]::IsNullOrWhiteSpace($InstanceIdentity)) { + $AgentArguments += @('-instanceIdentity', $InstanceIdentity) + } + + # these need to be the last things added since they are positional + # parameters to agent.jar + $AgentArguments += @($Secret, $Name) # if java home is defined, use it $JAVA_BIN="java.exe" @@ -100,19 +125,7 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { $JAVA_BIN="$JavaHome/bin/java.exe" } - # if -Url is not provided, try env vars - if(![System.String]::IsNullOrWhiteSpace($env:JENKINS_SECRET)) { - if(![System.String]::IsNullOrWhiteSpace($Secret)) { - Write-Warning "Secret is defined twice; in command-line arguments and the environment variable" - } - $Secret = $env:JENKINS_SECRET - } - $Secret = $Secret.Trim() - if(![System.String]::IsNullOrWhiteSpace($Secret)) { - $Secret = " $Secret" - } - #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - Start-Process -FilePath $JAVA_BIN -Wait -NoNewWindow -ArgumentList $("-cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -headless$Tunnel$Url$WorkDir$WebSocket$Secret $Name") + Start-Process -FilePath $JAVA_BIN -Wait -NoNewWindow -ArgumentList $AgentArguments } diff --git a/tests/netcat-helper/Dockerfile-windows b/tests/netcat-helper/Dockerfile-windows new file mode 100644 index 000000000..c0ac2f057 --- /dev/null +++ b/tests/netcat-helper/Dockerfile-windows @@ -0,0 +1,40 @@ +# escape=` + +# The MIT License +# +# Copyright (c) 2019-2020, Alex Earl and other Jenkins Contributors +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +# THE SOFTWARE. + +FROM mcr.microsoft.com/windows/servercore:1809 + +SHELL ["powershell.exe", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] + +ARG NMAP_VERSION=7.80 +ENV NMAP_VERSION $NMAP_VERSION + +RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; ` + $url = $('https://nmap.org/dist/nmap-{0}-setup.exe' -f $env:NMAP_VERSION) ; ` + Write-Host "Retrieving $url..." ; ` + Invoke-WebRequest $url -OutFile 'nmap-install.exe' -UseBasicParsing ; ` + $proc = Start-Process "C:\nmap-install.exe" -PassThru -ArgumentList '/S' ; ` + $proc.WaitForExit() ; ` + Remove-Item -Path nmap-install.exe + + From 39b118c43caaf8479f717f6ef60e78b62c34fabb Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Sun, 12 Apr 2020 09:43:07 +0200 Subject: [PATCH 038/130] INFRA-1105 - Rename the image to jenkins/inbound-agent --- README.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 19bcc3033..160fe6a54 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,16 @@ -# Jenkins JNLP Agent Docker image +# Docker image for inbound Jenkins agents -[![Join the chat at https://gitter.im/jenkinsci/docker](https://badges.gitter.im/jenkinsci/docker.svg)](https://gitter.im/jenkinsci/docker-slave?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) -[![Docker Stars](https://img.shields.io/docker/stars/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) -[![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) -[![Docker Automated build](https://img.shields.io/docker/automated/jenkins/jnlp-slave.svg)](https://hub.docker.com/r/jenkins/jnlp-slave/) -[![GitHub release](https://img.shields.io/github/release/jenkinsci/docker-jnlp-slave.svg?label=changelog)](https://github.com/jenkinsci/docker-jnlp-slave/releases/latest) +[![Join the chat at https://gitter.im/jenkinsci/docker](https://badges.gitter.im/jenkinsci/docker.svg)](https://gitter.im/jenkinsci/docker?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) +[![Docker Stars](https://img.shields.io/docker/stars/jenkins/inbound-agent.svg)](https://hub.docker.com/r/jenkins/inbound-agent/) +[![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/inbound-agent.svg)](https://hub.docker.com/r/jenkins/inbound-agent/) +[![Docker Automated build](https://img.shields.io/docker/automated/jenkins/inbound-agent.svg)](https://hub.docker.com/r/jenkins/inbound-agent/) +[![GitHub release](https://img.shields.io/github/release/jenkinsci/docker-inbound-agent.svg?label=changelog)](https://github.com/jenkinsci/docker-inbound-agent/releases/latest) -:exclamation: **Warning!** This image used to be published as [jenkinsci/jnlp-slave](https://hub.docker.com/r/jenkinsci/jnlp-slave/). -That image name is deprecated, use [jenkins/jnlp-slave](https://hub.docker.com/r/jenkins/jnlp-slave/). +:exclamation: **Warning!** This image used to be published as [jenkinsci/jnlp-slave](https://hub.docker.com/r/jenkinsci/jnlp-slave/) and [jenkins/jnlp-slave](https://hub.docker.com/r/jenkins/jnlp-slave/). +These images are deprecated, use [jenkins/inbound-agent](https://hub.docker.com/r/jenkins/jnlp-slave/). -This is an image for [Jenkins](https://jenkins.io) agent (FKA "slave") using JNLP to establish connection. -This agent is powered by the [Jenkins Remoting library](https://github.com/jenkinsci/remoting), which version is being taken from the base [Docker Agent](https://github.com/jenkinsci/docker-slave/) image. +This is an image for [Jenkins](https://jenkins.io) agents using TCP or WebSockets to establish inbound connection to the Jenkins master. +This agent is powered by the [Jenkins Remoting library](https://github.com/jenkinsci/remoting), which version is being taken from the base [Docker Agent](https://github.com/jenkinsci/docker-agent/) image. See [Jenkins Distributed builds](https://wiki.jenkins-ci.org/display/JENKINS/Distributed+builds) for more info. @@ -20,7 +20,7 @@ To run a Docker container Linux agent: - docker run --init jenkins/jnlp-slave -url http://jenkins-server:port + docker run --init jenkins/inbound-agent -url http://jenkins-server:port Note: `--init` is necessary for correct subprocesses handling (zombie reaping) Windows agent: @@ -31,7 +31,7 @@ To run a Docker container with [Work Directory](https://github.com/jenkinsci/rem Linux agent: - docker run --init jenkins/jnlp-slave -url http://jenkins-server:port -workDir=/home/jenkins/agent + docker run --init jenkins/inbound-agent -url http://jenkins-server:port -workDir=/home/jenkins/agent Windows agent: From 7dbb6279b4f5d819a1415eb1655190d228cfdf29 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Sun, 12 Apr 2020 23:52:15 +0200 Subject: [PATCH 039/130] [INFRA-1105] - Rename Windows agents in README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 160fe6a54..de2e65df1 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ To run a Docker container with [Work Directory](https://github.com/jenkinsci/rem Windows agent: - docker run jenkins/jnlp-agent-windows -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name + docker run jenkins/inbound-agent:latest-windows -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name Optional environment variables: From 5c86c5fab927f3001134b6dda614269875754803 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Mon, 13 Apr 2020 04:57:17 +0200 Subject: [PATCH 040/130] Cleanup Docker badges in README (#161) --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index 160fe6a54..877b633ee 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,7 @@ # Docker image for inbound Jenkins agents [![Join the chat at https://gitter.im/jenkinsci/docker](https://badges.gitter.im/jenkinsci/docker.svg)](https://gitter.im/jenkinsci/docker?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) -[![Docker Stars](https://img.shields.io/docker/stars/jenkins/inbound-agent.svg)](https://hub.docker.com/r/jenkins/inbound-agent/) [![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/inbound-agent.svg)](https://hub.docker.com/r/jenkins/inbound-agent/) -[![Docker Automated build](https://img.shields.io/docker/automated/jenkins/inbound-agent.svg)](https://hub.docker.com/r/jenkins/inbound-agent/) [![GitHub release](https://img.shields.io/github/release/jenkinsci/docker-inbound-agent.svg?label=changelog)](https://github.com/jenkinsci/docker-inbound-agent/releases/latest) :exclamation: **Warning!** This image used to be published as [jenkinsci/jnlp-slave](https://hub.docker.com/r/jenkinsci/jnlp-slave/) and [jenkins/jnlp-slave](https://hub.docker.com/r/jenkins/jnlp-slave/). From 341c81d999567b671cd317b92cb63ec557cc5103 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Mon, 13 Apr 2020 22:21:22 +0200 Subject: [PATCH 041/130] Update README.md Co-Authored-By: Alex Earl --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index de2e65df1..65edf03db 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ To run a Docker container with [Work Directory](https://github.com/jenkinsci/rem Windows agent: - docker run jenkins/inbound-agent:latest-windows -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name + docker run jenkins/inbound-agent:windowsservercore-1809 -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name Optional environment variables: From c62311f27bb475dac855bbfe1d83dc3ab2e68906 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Mon, 13 Apr 2020 22:49:05 +0200 Subject: [PATCH 042/130] Fix tests after renaming of the base image --- tests/tests.bats | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tests/tests.bats b/tests/tests.bats index b92970b47..3ff055e41 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -78,17 +78,18 @@ function teardown () { cd "${BATS_TEST_DIRNAME}"/.. || false local ARG_TEST_VERSION - local TEST_VERSION="3.36" + local TEST_VERSION="4.3" + local DOCKER_AGENT_VERSION_SUFFIX="4" local TEST_USER="root" if [[ "${FLAVOR}" = "debian" ]] then - ARG_TEST_VERSION="${TEST_VERSION}-1" + ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" elif [[ "${FLAVOR}" = "jdk11" ]] then - ARG_TEST_VERSION="${TEST_VERSION}-1-jdk11" + ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}-jdk11" else - ARG_TEST_VERSION="${TEST_VERSION}-1-alpine" + ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}-alpine" fi docker build \ From b8765a484591ed4e36326b6b25c7d5af09f62b3e Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Mon, 13 Apr 2020 23:51:47 +0200 Subject: [PATCH 043/130] Show GitHub stars and repo quick link on the DockerHub landing page --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 89d22795b..9e0d678ca 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,7 @@ # Docker image for inbound Jenkins agents [![Join the chat at https://gitter.im/jenkinsci/docker](https://badges.gitter.im/jenkinsci/docker.svg)](https://gitter.im/jenkinsci/docker?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) +[![GitHub stars](https://img.shields.io/github/stars/jenkinsci/docker-inbound-agent?label=GitHub%20stars)](https://github.com/jenkinsci/docker-inbound-agent) [![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/inbound-agent.svg)](https://hub.docker.com/r/jenkins/inbound-agent/) [![GitHub release](https://img.shields.io/github/release/jenkinsci/docker-inbound-agent.svg?label=changelog)](https://github.com/jenkinsci/docker-inbound-agent/releases/latest) From 70171b532422ee1fcf0ab4908ee05656af80a343 Mon Sep 17 00:00:00 2001 From: Marshall Ford Date: Tue, 14 Apr 2020 08:41:58 -0500 Subject: [PATCH 044/130] fixes jenkins/inbound-agent link in README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9e0d678ca..356d2e61c 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ [![GitHub release](https://img.shields.io/github/release/jenkinsci/docker-inbound-agent.svg?label=changelog)](https://github.com/jenkinsci/docker-inbound-agent/releases/latest) :exclamation: **Warning!** This image used to be published as [jenkinsci/jnlp-slave](https://hub.docker.com/r/jenkinsci/jnlp-slave/) and [jenkins/jnlp-slave](https://hub.docker.com/r/jenkins/jnlp-slave/). -These images are deprecated, use [jenkins/inbound-agent](https://hub.docker.com/r/jenkins/jnlp-slave/). +These images are deprecated, use [jenkins/inbound-agent](https://hub.docker.com/r/jenkins/inbound-agent/). This is an image for [Jenkins](https://jenkins.io) agents using TCP or WebSockets to establish inbound connection to the Jenkins master. This agent is powered by the [Jenkins Remoting library](https://github.com/jenkinsci/remoting), which version is being taken from the base [Docker Agent](https://github.com/jenkinsci/docker-agent/) image. From 3ae76e75c58855aa34571e4f956897902ba4b133 Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Thu, 7 May 2020 17:19:06 -0700 Subject: [PATCH 045/130] Fix issue with protocols value not being supplied to agent.jar This also fixes some whitespace issues. --- jenkins-agent.ps1 | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 59548e55c..4b0016695 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -25,14 +25,14 @@ Param( $Cmd = '', # this is only used when docker run has one arg positional arg $Url = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_URL)) { throw ("Url is required") } else { '' } ), $Secret = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_SECRET)) { throw ("Secret is required") } else { '' } ), - $Name = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_AGENT_NAME)) { throw ("Name is required") } else { '' } ), - $Tunnel = '', - $WorkDir = '', + $Name = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_AGENT_NAME)) { throw ("Name is required") } else { '' } ), + $Tunnel = '', + $WorkDir = '', [switch] $WebSocket = $false, $DirectConnection = '', $InstanceIdentity = '', $Protocols = '', - $JavaHome = $env:JAVA_HOME + $JavaHome = $env:JAVA_HOME ) # Usage jenkins-agent.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] @@ -50,7 +50,7 @@ Param( # * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. if(![System.String]::IsNullOrWhiteSpace($Cmd)) { - # if `docker run` only has one arguments, we assume user is running alternate command like `bash` to inspect the image + # if `docker run` only has one arguments, we assume user is running alternate command like `powershell` or `pwsh` to inspect the image Invoke-Expression "$Cmd" } else { $AgentArguments = @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main", "-headless") @@ -114,18 +114,22 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { if(![System.String]::IsNullOrWhiteSpace($InstanceIdentity)) { $AgentArguments += @('-instanceIdentity', $InstanceIdentity) } + + if(![System.String]::IsNullOrWhiteSpace($Protocols)) { + $AgentArguments += @('-protocols', $Protocols) + } # these need to be the last things added since they are positional # parameters to agent.jar $AgentArguments += @($Secret, $Name) - # if java home is defined, use it - $JAVA_BIN="java.exe" - if(![System.String]::IsNullOrWhiteSpace($JavaHome)) { - $JAVA_BIN="$JavaHome/bin/java.exe" - } + # if java home is defined, use it + $JAVA_BIN="java.exe" + if(![System.String]::IsNullOrWhiteSpace($JavaHome)) { + $JAVA_BIN="$JavaHome/bin/java.exe" + } - #TODO: Handle the case when the command-line and Environment variable contain different values. - #It is fine it blows up for now since it should lead to an error anyway. + #TODO: Handle the case when the command-line and Environment variable contain different values. + #It is fine it blows up for now since it should lead to an error anyway. Start-Process -FilePath $JAVA_BIN -Wait -NoNewWindow -ArgumentList $AgentArguments } From 3b8577284ff1a0414f4ab044225fc2e893150ebd Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Thu, 7 May 2020 19:27:28 -0700 Subject: [PATCH 046/130] Update jenkins-agent.ps1 Co-authored-by: Mark Waite --- jenkins-agent.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 4b0016695..7a52e8fdc 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -50,7 +50,7 @@ Param( # * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. if(![System.String]::IsNullOrWhiteSpace($Cmd)) { - # if `docker run` only has one arguments, we assume user is running alternate command like `powershell` or `pwsh` to inspect the image + # if `docker run` only has one argument, we assume user is running alternate command like `powershell` or `pwsh` to inspect the image Invoke-Expression "$Cmd" } else { $AgentArguments = @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main", "-headless") From 59b285a97b626182df8b1baa5688f4a1aa2ff3f1 Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Mon, 28 Sep 2020 14:25:11 -0700 Subject: [PATCH 047/130] Rename test file --- tests/inboundAgent.Tests.ps1 | 152 +++++++++++++++++++++++++++++++++++ 1 file changed, 152 insertions(+) create mode 100644 tests/inboundAgent.Tests.ps1 diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 new file mode 100644 index 000000000..8fcf148b7 --- /dev/null +++ b/tests/inboundAgent.Tests.ps1 @@ -0,0 +1,152 @@ +Import-Module -DisableNameChecking -Force $PSScriptRoot/test_helpers.psm1 + +$AGENT_IMAGE='jenkins-inbound-agent' +$AGENT_CONTAINER='pester-jenkins-inbound-agent' +$SHELL="powershell.exe" + +$FOLDER = Get-EnvOrDefault 'FOLDER' '' +$VERSION = Get-EnvOrDefault 'VERSION' '4.3-6' + +$REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${FOLDER}" + +if(($FOLDER -match '^(?[0-9]+)[\\/](?.+)$') -and (Test-Path $REAL_FOLDER)) { + $JDK = $Matches['jdk'] + $FLAVOR = $Matches['flavor'] +} else { + Write-Error "Wrong folder format or folder does not exist: $FOLDER" + exit 1 +} + +if($FLAVOR -match "nanoserver-(\d+)") { + $AGENT_IMAGE += "-nanoserver" + $AGENT_CONTAINER += "-nanoserver-$($Matches[1])" + $SHELL = "pwsh.exe" +} + +if($JDK -eq "11") { + $AGENT_IMAGE += ":jdk11" + $AGENT_CONTAINER += "-jdk11" +} else { + $AGENT_IMAGE += ":latest" +} + +Cleanup($AGENT_CONTAINER) +Cleanup("nmap") +CleanupNetwork("jnlp-network") + +BuildNcatImage + +Describe "[$JDK $FLAVOR] build image" { + BeforeAll { + Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." + } + + It 'builds image' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg 'VERSION=$VERSION' -t $AGENT_IMAGE $FOLDER" + $exitCode | Should -Be 0 + } + + AfterAll { + Pop-Location -StackName 'agent' + } +} + +Describe "[$JDK $FLAVOR] check user account" { + BeforeAll { + docker run -d -it --name "$AGENT_CONTAINER" -P "$AGENT_IMAGE" "$SHELL" + Is-ContainerRunning $AGENT_CONTAINER + } + + It 'Password never expires' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { exit -1 }`"" + $exitCode | Should -Be 0 + } + + It 'Password not required' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { exit -1 }`"" + $exitCode | Should -Be 0 + } + + AfterAll { + Cleanup($AGENT_CONTAINER) + } +} + +Describe "[$JDK $FLAVOR] image has jenkins-agent.ps1 in the correct location" { + BeforeAll { + & docker run -dit --name "$AGENT_CONTAINER" -P "$AGENT_IMAGE" $SHELL + Is-ContainerRunning $AGENT_CONTAINER | Should -BeTrue + } + + It 'has jenkins-agent.ps1 in C:/ProgramData/Jenkins' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if(Test-Path 'C:/ProgramData/Jenkins/jenkins-agent.ps1') { exit 0 } else { exit 1 }`"" + $exitCode | Should -Be 0 + } + + AfterAll { + Cleanup($AGENT_CONTAINER) + } +} + +Describe "[$JDK $FLAVOR] image starts jenkins-agent.ps1 correctly (slow test)" { + It 'connects to the nmap container' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "network create --driver nat jnlp-network" + # Launch the netcat utility, listening at port 5000 for 30 sec + # bats will capture the output from netcat and compare the first line + # of the header of the first HTTP request with the expected one + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" + $exitCode | Should -Be 0 + Is-ContainerRunning "nmap" | Should -BeTrue + + # get the ip address of the nmap container + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect -f `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" + $exitCode | Should -Be 0 + $nmap_ip = $stdout.Trim() + + # run Jenkins agent which tries to connect to the nmap container at port 5000 + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --network=jnlp-network --name $AGENT_CONTAINER $AGENT_IMAGE -Url http://${nmap_ip}:5000 -Secret aaa -Name bbb" + $exitCode | Should -Be 0 + Is-ContainerRunning $AGENT_CONTAINER | Should -BeTrue + + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' 'wait nmap' + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' 'logs nmap' + $exitCode | Should -Be 0 + $stdout | Should -Match "GET /tcpSlaveAgentListener/ HTTP/1.1`r" + } + + AfterAll { + Cleanup($AGENT_CONTAINER) + Cleanup("nmap") + CleanupNetwork("jnlp-network") + } +} + +Describe "[$JDK $FLAVOR] build args" { + BeforeAll { + Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." + } + + It -Skip 'uses build args correctly' { + $TEST_VERSION="4.3" + $TEST_USER="foo" + + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=${TEST_VERSION}-2 --build-arg user=$TEST_USER -t $AGENT_IMAGE $FOLDER" + $exitCode | Should -Be 0 + + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name $AGENT_CONTAINER -P $AGENT_IMAGE $SHELL" + $exitCode | Should -Be 0 + Is-ContainerRunning "$AGENT_CONTAINER" | Should -BeTrue + + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -c `"java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version`"" + $exitCode | Should -Be 0 + $stdout | Should -Match $TEST_VERSION + + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -c `"(Get-ChildItem env:\ | Where-Object { `$_.Name -eq 'USERNAME' }).Value`"" + $exitCode | Should -Be 0 + $stdout | Should -Match $TEST_USER + } + + AfterAll { + Pop-Location -StackName 'agent' + } +} From 0d728ff4b654a15ef4b9d905440cf034a8c08826 Mon Sep 17 00:00:00 2001 From: Sergey Slabnov Date: Sat, 17 Oct 2020 16:11:51 +0300 Subject: [PATCH 048/130] Fixup docker image name and tag to correct --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 356d2e61c..e589827d6 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ To run a Docker container Windows agent: - docker run jenkins/jnlp-agent:latest-windows -Url http://jenkins-server:port -Secret -Name + docker run jenkins/inbound-agent:windowsservercore-1809 -Url http://jenkins-server:port -Secret -Name To run a Docker container with [Work Directory](https://github.com/jenkinsci/remoting/blob/master/docs/workDir.md) From 3a46b5fb52c26bc0a74cb52354d2dfd466a7a5f8 Mon Sep 17 00:00:00 2001 From: Sergey Slabnov Date: Sat, 17 Oct 2020 16:13:07 +0300 Subject: [PATCH 049/130] Remove unused spaces --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index e589827d6..4e0461cd2 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ [![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/inbound-agent.svg)](https://hub.docker.com/r/jenkins/inbound-agent/) [![GitHub release](https://img.shields.io/github/release/jenkinsci/docker-inbound-agent.svg?label=changelog)](https://github.com/jenkinsci/docker-inbound-agent/releases/latest) -:exclamation: **Warning!** This image used to be published as [jenkinsci/jnlp-slave](https://hub.docker.com/r/jenkinsci/jnlp-slave/) and [jenkins/jnlp-slave](https://hub.docker.com/r/jenkins/jnlp-slave/). +:exclamation: **Warning!** This image used to be published as [jenkinsci/jnlp-slave](https://hub.docker.com/r/jenkinsci/jnlp-slave/) and [jenkins/jnlp-slave](https://hub.docker.com/r/jenkins/jnlp-slave/). These images are deprecated, use [jenkins/inbound-agent](https://hub.docker.com/r/jenkins/inbound-agent/). This is an image for [Jenkins](https://jenkins.io) agents using TCP or WebSockets to establish inbound connection to the Jenkins master. @@ -26,12 +26,12 @@ To run a Docker container docker run jenkins/inbound-agent:windowsservercore-1809 -Url http://jenkins-server:port -Secret -Name -To run a Docker container with [Work Directory](https://github.com/jenkinsci/remoting/blob/master/docs/workDir.md) +To run a Docker container with [Work Directory](https://github.com/jenkinsci/remoting/blob/master/docs/workDir.md) Linux agent: docker run --init jenkins/inbound-agent -url http://jenkins-server:port -workDir=/home/jenkins/agent - + Windows agent: docker run jenkins/inbound-agent:windowsservercore-1809 -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name From 416747e63cee01dcbab9ea2c42defe6e8ac57678 Mon Sep 17 00:00:00 2001 From: Jeff Thompson Date: Tue, 3 Nov 2020 15:35:49 -0700 Subject: [PATCH 050/130] Upgrade to Remoting 4.6. --- tests/inboundAgent.Tests.ps1 | 4 ++-- tests/tests.bats | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 8fcf148b7..058e153a2 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -5,7 +5,7 @@ $AGENT_CONTAINER='pester-jenkins-inbound-agent' $SHELL="powershell.exe" $FOLDER = Get-EnvOrDefault 'FOLDER' '' -$VERSION = Get-EnvOrDefault 'VERSION' '4.3-6' +$VERSION = Get-EnvOrDefault 'VERSION' '4.6-1' $REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${FOLDER}" @@ -127,7 +127,7 @@ Describe "[$JDK $FLAVOR] build args" { } It -Skip 'uses build args correctly' { - $TEST_VERSION="4.3" + $TEST_VERSION="4.6" $TEST_USER="foo" $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=${TEST_VERSION}-2 --build-arg user=$TEST_USER -t $AGENT_IMAGE $FOLDER" diff --git a/tests/tests.bats b/tests/tests.bats index 3ff055e41..cfb1cabdb 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -78,7 +78,7 @@ function teardown () { cd "${BATS_TEST_DIRNAME}"/.. || false local ARG_TEST_VERSION - local TEST_VERSION="4.3" + local TEST_VERSION="4.6" local DOCKER_AGENT_VERSION_SUFFIX="4" local TEST_USER="root" From 375b2b6b7d438f50d2f698251900c785eb46c650 Mon Sep 17 00:00:00 2001 From: Jeff Thompson <37345299+jeffret-b@users.noreply.github.com> Date: Wed, 4 Nov 2020 11:21:43 -0700 Subject: [PATCH 051/130] Update tests/tests.bats --- tests/tests.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/tests.bats b/tests/tests.bats index cfb1cabdb..3ff055e41 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -78,7 +78,7 @@ function teardown () { cd "${BATS_TEST_DIRNAME}"/.. || false local ARG_TEST_VERSION - local TEST_VERSION="4.6" + local TEST_VERSION="4.3" local DOCKER_AGENT_VERSION_SUFFIX="4" local TEST_USER="root" From 91bca717c8c180c9647197b004b6f2db92f574e6 Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Wed, 4 Nov 2020 11:23:00 -0700 Subject: [PATCH 052/130] Update tests/inboundAgent.Tests.ps1 --- tests/inboundAgent.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 058e153a2..968c47aa9 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -127,7 +127,7 @@ Describe "[$JDK $FLAVOR] build args" { } It -Skip 'uses build args correctly' { - $TEST_VERSION="4.6" + $TEST_VERSION="4.3" $TEST_USER="foo" $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=${TEST_VERSION}-2 --build-arg user=$TEST_USER -t $AGENT_IMAGE $FOLDER" From 3d43ddaf9c0f024a41a2331a91d96af771895f79 Mon Sep 17 00:00:00 2001 From: Gareth Evans Date: Fri, 18 Dec 2020 16:32:02 +0000 Subject: [PATCH 053/130] chore: bumped agent version to 4.6-2 --- tests/inboundAgent.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 968c47aa9..fbfa0c689 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -5,7 +5,7 @@ $AGENT_CONTAINER='pester-jenkins-inbound-agent' $SHELL="powershell.exe" $FOLDER = Get-EnvOrDefault 'FOLDER' '' -$VERSION = Get-EnvOrDefault 'VERSION' '4.6-1' +$VERSION = Get-EnvOrDefault 'VERSION' '4.6-2' $REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${FOLDER}" From b8bbdedd45090d00424acf19d78751d1208a1fb1 Mon Sep 17 00:00:00 2001 From: Jeff Thompson Date: Tue, 23 Mar 2021 14:11:31 -0600 Subject: [PATCH 054/130] Upgrade to Remoting 4.7. --- tests/inboundAgent.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index fbfa0c689..a2e72bdc5 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -5,7 +5,7 @@ $AGENT_CONTAINER='pester-jenkins-inbound-agent' $SHELL="powershell.exe" $FOLDER = Get-EnvOrDefault 'FOLDER' '' -$VERSION = Get-EnvOrDefault 'VERSION' '4.6-2' +$VERSION = Get-EnvOrDefault 'VERSION' '4.7-1' $REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${FOLDER}" From 045ccc2f2759ccd496691a3bd913eb00d73ced48 Mon Sep 17 00:00:00 2001 From: Vincent Latombe Date: Mon, 24 May 2021 15:19:57 +0200 Subject: [PATCH 055/130] Allows to pass JAVA_OPTS to the JVM Just like the linux version --- jenkins-agent.ps1 | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 7a52e8fdc..5e4e5dc91 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -32,7 +32,8 @@ Param( $DirectConnection = '', $InstanceIdentity = '', $Protocols = '', - $JavaHome = $env:JAVA_HOME + $JavaHome = $env:JAVA_HOME, + $JavaOpts = '' ) # Usage jenkins-agent.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] @@ -53,9 +54,8 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { # if `docker run` only has one argument, we assume user is running alternate command like `powershell` or `pwsh` to inspect the image Invoke-Expression "$Cmd" } else { - $AgentArguments = @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main", "-headless") - # this maps the variable name from th CmdletBinding to environment variables + # this maps the variable name from the CmdletBinding to environment variables $ParamMap = @{ 'Tunnel' = 'JENKINS_TUNNEL'; 'Url' = 'JENKINS_URL'; @@ -66,6 +66,7 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { 'DirectConnection' = 'JENKINS_DIRECT_CONNECTION'; 'InstanceIdentity' = 'JENKINS_INSTANCE_IDENTITY'; 'Protocols' = 'JENKINS_PROTOCOLS'; + 'JavaOpts' = 'JAVA_OPTS'; } # this does some trickery to update the variable from the CmdletBinding @@ -89,6 +90,14 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { } } + $AgentArguments = @() + + if(![System.String]::IsNullOrWhiteSpace($JavaOpts)) { + $AgentArguments += @($JavaOpts.split(" ")) + } + + $AgentArguments += @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main", "-headless") + if(![System.String]::IsNullOrWhiteSpace($Tunnel)) { $AgentArguments += @("-tunnel", "`"$Tunnel`"") } @@ -114,7 +123,7 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { if(![System.String]::IsNullOrWhiteSpace($InstanceIdentity)) { $AgentArguments += @('-instanceIdentity', $InstanceIdentity) } - + if(![System.String]::IsNullOrWhiteSpace($Protocols)) { $AgentArguments += @('-protocols', $Protocols) } From 02af84c4df363ba0a9a4abb114e4d600e01a904e Mon Sep 17 00:00:00 2001 From: Steve Arch Date: Thu, 1 Jul 2021 09:21:00 +0100 Subject: [PATCH 056/130] Upgrade remoting to 4.9 --- tests/inboundAgent.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index a2e72bdc5..dc8f6a1aa 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -5,7 +5,7 @@ $AGENT_CONTAINER='pester-jenkins-inbound-agent' $SHELL="powershell.exe" $FOLDER = Get-EnvOrDefault 'FOLDER' '' -$VERSION = Get-EnvOrDefault 'VERSION' '4.7-1' +$VERSION = Get-EnvOrDefault 'VERSION' '4.9-1' $REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${FOLDER}" From 5a841fb6f2cb4e9ae72db7f00b205976ebc99782 Mon Sep 17 00:00:00 2001 From: Vincent Latombe Date: Wed, 4 Aug 2021 10:05:03 +0200 Subject: [PATCH 057/130] Specify JENKINS_JAVA_BIN to run the agent using a specific JRE (#234) This allows to use a specific JRE to run the Jenkins agent, differing from the one that is available through PATH or JAVA_HOME. --- jenkins-agent | 13 +++++++++---- jenkins-agent.ps1 | 17 ++++++++++++----- 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/jenkins-agent b/jenkins-agent index 74485736a..006ccca37 100644 --- a/jenkins-agent +++ b/jenkins-agent @@ -24,6 +24,7 @@ # Usage jenkins-agent.sh [options] -url http://jenkins [SECRET] [AGENT_NAME] # Optional environment variables : +# * JENKINS_JAVA_BIN : Java executable to use instead of the default in PATH or obtained from JAVA_HOME # * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network # * JENKINS_URL : alternate jenkins URL # * JENKINS_SECRET : agent secret, if not set as an argument @@ -85,10 +86,14 @@ else INSTANCE_IDENTITY="-instanceIdentity $JENKINS_INSTANCE_IDENTITY" fi - # if java home is defined, use it - JAVA_BIN="java" - if [ "$JAVA_HOME" ]; then - JAVA_BIN="$JAVA_HOME/bin/java" + if [ "$JENKINS_JAVA_BIN" ]; then + JAVA_BIN="$JENKINS_JAVA_BIN" + else + # if java home is defined, use it + JAVA_BIN="java" + if [ "$JAVA_HOME" ]; then + JAVA_BIN="$JAVA_HOME/bin/java" + fi fi # if both required options are defined, do not pass the parameters diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 7a52e8fdc..4db7e0219 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -32,11 +32,13 @@ Param( $DirectConnection = '', $InstanceIdentity = '', $Protocols = '', + $JenkinsJavaBin = '', $JavaHome = $env:JAVA_HOME ) # Usage jenkins-agent.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] # Optional environment variables : +# * JENKINS_JAVA_BIN : Java executable to use instead of the default in PATH or obtained from JAVA_HOME # * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network # * JENKINS_URL : alternate jenkins URL # * JENKINS_SECRET : agent secret, if not set as an argument @@ -55,8 +57,9 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { } else { $AgentArguments = @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main", "-headless") - # this maps the variable name from th CmdletBinding to environment variables + # this maps the variable name from the CmdletBinding to environment variables $ParamMap = @{ + 'JenkinsJavaBin' = 'JENKINS_JAVA_BIN'; 'Tunnel' = 'JENKINS_TUNNEL'; 'Url' = 'JENKINS_URL'; 'Secret' = 'JENKINS_SECRET'; @@ -123,10 +126,14 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { # parameters to agent.jar $AgentArguments += @($Secret, $Name) - # if java home is defined, use it - $JAVA_BIN="java.exe" - if(![System.String]::IsNullOrWhiteSpace($JavaHome)) { - $JAVA_BIN="$JavaHome/bin/java.exe" + if(![System.String]::IsNullOrWhiteSpace($JenkinsJavaBin)) { + $JAVA_BIN = $JenkinsJavaBin + } else { + # if java home is defined, use it + $JAVA_BIN = "java.exe" + if (![System.String]::IsNullOrWhiteSpace($JavaHome)) { + $JAVA_BIN = "$JavaHome/bin/java.exe" + } } #TODO: Handle the case when the command-line and Environment variable contain different values. From 88497e9d2fa8b06f9a7dc11e20fa0604721c017c Mon Sep 17 00:00:00 2001 From: Sergey Karatkevich Date: Thu, 26 Aug 2021 10:03:54 +0200 Subject: [PATCH 058/130] Update jenkins-agent.ps1 (#226) adding a position parameters to satisfy github.com/jenkinsci/amazon-ecs-plugin/ requirements --- jenkins-agent.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 4db7e0219..3ea22e36d 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -24,8 +24,8 @@ Param( $Cmd = '', # this is only used when docker run has one arg positional arg $Url = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_URL)) { throw ("Url is required") } else { '' } ), - $Secret = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_SECRET)) { throw ("Secret is required") } else { '' } ), - $Name = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_AGENT_NAME)) { throw ("Name is required") } else { '' } ), + [Parameter(Position=0)]$Secret = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_SECRET)) { throw ("Secret is required") } else { '' } ), + [Parameter(Position=1)]$Name = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_AGENT_NAME)) { throw ("Name is required") } else { '' } ), $Tunnel = '', $WorkDir = '', [switch] $WebSocket = $false, From 9151e678e782673dea799436684e8b5621607f9a Mon Sep 17 00:00:00 2001 From: Tim Jacomb <21194782+timja@users.noreply.github.com> Date: Thu, 26 Aug 2021 09:06:08 +0100 Subject: [PATCH 059/130] Add publishing for linux via Jenkins (#236) * Add publishing for linux via Jenkins * Convert tests to buildx --- tests/tests.bats | 95 ++++++++++++++++-------------------------------- 1 file changed, 31 insertions(+), 64 deletions(-) diff --git a/tests/tests.bats b/tests/tests.bats index 3ff055e41..acec4a38b 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -1,69 +1,34 @@ #!/usr/bin/env bats -AGENT_IMAGE=jenkins-jnlp-agent AGENT_CONTAINER=bats-jenkins-jnlp-agent NETCAT_HELPER_CONTAINER=netcat-helper -REGEX='^([0-9]+)/(.+)$' - -REAL_FOLDER=$(realpath "${BATS_TEST_DIRNAME}/../${FOLDER}") - -if [[ ${FOLDER} =~ ${REGEX} ]] && [[ -d "${REAL_FOLDER}" ]] -then - JDK="${BASH_REMATCH[1]}" - FLAVOR="${BASH_REMATCH[2]}" -else - echo "Wrong folder format or folder does not exist: ${FOLDER}" - exit 1 -fi - -if [[ "${JDK}" = "11" ]] -then - AGENT_IMAGE+=":jdk11" - AGENT_CONTAINER+="-jdk11" -else - if [[ "${FLAVOR}" = "alpine*" ]] - then - AGENT_IMAGE+=":alpine" - AGENT_CONTAINER+="-alpine" - else - AGENT_IMAGE+=":latest" - fi -fi - load test_helpers -clean_test_container - buildNetcatImage -function teardown () { - clean_test_container -} - -@test "[${JDK} ${FLAVOR}] build image" { - cd "${BATS_TEST_DIRNAME}"/.. || false - docker build -t "${AGENT_IMAGE}" ${FOLDER} -} +SUT_IMAGE=$(get_sut_image) -@test "[${JDK} ${FLAVOR}] image has installed jenkins-agent in PATH" { - docker run -d -it --name "${AGENT_CONTAINER}" -P "${AGENT_IMAGE}" /bin/bash +@test "[${SUT_IMAGE}] image has installed jenkins-agent in PATH" { + cid=$(docker run -d -it -P "${SUT_IMAGE}" /bin/bash) - is_slave_container_running + is_agent_container_running $cid - run docker exec "${AGENT_CONTAINER}" which jenkins-agent + run docker exec "${cid}" which jenkins-agent [ "/usr/local/bin/jenkins-agent" = "${lines[0]}" ] - run docker exec "${AGENT_CONTAINER}" which jenkins-agent + run docker exec "${cid}" which jenkins-agent [ "/usr/local/bin/jenkins-agent" = "${lines[0]}" ] + + cleanup $cid } -@test "[${JDK} ${FLAVOR}] image starts jenkins-agent correctly (slow test)" { +@test "[${SUT_IMAGE}] image starts jenkins-agent correctly (slow test)" { # Spin off a helper image which contains netcat - docker run -d -it --name netcat-helper netcat-helper:latest /bin/sh + netcat_cid=$(docker run -d -it --name netcat-helper netcat-helper:latest /bin/sh) # Run jenkins agent which tries to connect to the netcat-helper container at port 5000 - docker run -d --link netcat-helper --name "${AGENT_CONTAINER}" "${AGENT_IMAGE}" -url http://netcat-helper:5000 aaa bbb + cid=$(docker run -d --link netcat-helper "${SUT_IMAGE}" -url http://netcat-helper:5000 aaa bbb) # Launch the netcat utility, listening at port 5000 for 30 sec # bats will capture the output from netcat and compare the first line @@ -72,39 +37,41 @@ function teardown () { # The GET request ends with a '\r' [ $'GET /tcpSlaveAgentListener/ HTTP/1.1\r' = "${lines[0]}" ] + + cleanup $netcat_cid + cleanup $cid } -@test "[${JDK} ${FLAVOR}] use build args correctly" { +@test "[${SUT_IMAGE}] use build args correctly" { cd "${BATS_TEST_DIRNAME}"/.. || false local ARG_TEST_VERSION local TEST_VERSION="4.3" local DOCKER_AGENT_VERSION_SUFFIX="4" local TEST_USER="root" + local ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" - if [[ "${FLAVOR}" = "debian" ]] - then - ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" - elif [[ "${FLAVOR}" = "jdk11" ]] - then - ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}-jdk11" - else - ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}-alpine" - fi + local FOLDER=$(get_dockerfile_directory) - docker build \ - --build-arg "version=${ARG_TEST_VERSION}" \ - --build-arg "user=${TEST_USER}" \ - -t "${AGENT_IMAGE}" \ - ${FOLDER} + local sut_image="${SUT_IMAGE}-tests-${BATS_TEST_NUMBER}" - docker run -d -it --name "${AGENT_CONTAINER}" -P "${AGENT_IMAGE}" /bin/sh + docker buildx bake \ + --set "${IMAGE}".args.version="${ARG_TEST_VERSION}" \ + --set "${IMAGE}".args.user="${TEST_USER}" \ + --set "${IMAGE}".platform="linux/${ARCH}" \ + --set "${IMAGE}".tags="${sut_image}" \ + --load \ + "${IMAGE}" - is_slave_container_running + cid=$(docker run -d -it --name "${AGENT_CONTAINER}" -P "${sut_image}" /bin/sh) - run docker exec "${AGENT_CONTAINER}" sh -c "java -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -version" + is_agent_container_running $cid + + run docker exec "${cid}" sh -c "java -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -version" [ "${TEST_VERSION}" = "${lines[0]}" ] run docker exec "${AGENT_CONTAINER}" sh -c "id -u -n ${TEST_USER}" [ "${TEST_USER}" = "${lines[0]}" ] + + cleanup $cid } From 47313b562b7b9a767f57ce7ee00d27441ccf0de5 Mon Sep 17 00:00:00 2001 From: Felipe Santos Date: Thu, 26 Aug 2021 12:47:27 -0300 Subject: [PATCH 060/130] Do not prevent execution if the single argument is an option (#219) This prevents such kind of error: ```sh-session $ docker run jenkins/inbound-agent -disableHttpsCertValidation /usr/local/bin/jenkins-agent: 42: exec: -disableHttpsCertValidation: not found ``` Co-authored-by: Tim Jacomb --- jenkins-agent | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jenkins-agent b/jenkins-agent index 006ccca37..5a0860711 100644 --- a/jenkins-agent +++ b/jenkins-agent @@ -37,9 +37,9 @@ # the agent skips connecting to an HTTP(S) port for connection info. # * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. -if [ $# -eq 1 ]; then +if [ $# -eq 1 ] && [ "${1#-}" == "$1" ] ; then - # if `docker run` only has one arguments, we assume user is running alternate command like `bash` to inspect the image + # if `docker run` only has one arguments and it is not an option as `-help`, we assume user is running alternate command like `bash` to inspect the image exec "$@" else From 946255b9fcdd9e4cda384fc278004bd1e543dd9f Mon Sep 17 00:00:00 2001 From: Felipe Santos Date: Wed, 1 Sep 2021 10:53:35 -0300 Subject: [PATCH 061/130] Fix error with jenkins-agent syntax (#239) --- jenkins-agent | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) mode change 100644 => 100755 jenkins-agent diff --git a/jenkins-agent b/jenkins-agent old mode 100644 new mode 100755 index 5a0860711..a6501cf3b --- a/jenkins-agent +++ b/jenkins-agent @@ -37,7 +37,7 @@ # the agent skips connecting to an HTTP(S) port for connection info. # * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. -if [ $# -eq 1 ] && [ "${1#-}" == "$1" ] ; then +if [ $# -eq 1 ] && [ "${1#-}" = "$1" ] ; then # if `docker run` only has one arguments and it is not an option as `-help`, we assume user is running alternate command like `bash` to inspect the image exec "$@" From b55164b34f46759f42ac283ca88f5474d35d8ade Mon Sep 17 00:00:00 2001 From: Tim Jacomb <21194782+timja@users.noreply.github.com> Date: Mon, 6 Sep 2021 21:32:15 +0100 Subject: [PATCH 062/130] Update to latest version of docker/agent (#240) --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4e0461cd2..4a6e9acdf 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ To run a Docker container Windows agent: - docker run jenkins/inbound-agent:windowsservercore-1809 -Url http://jenkins-server:port -Secret -Name + docker run jenkins/inbound-agent:windowsservercore-ltsc2019 -Url http://jenkins-server:port -Secret -Name To run a Docker container with [Work Directory](https://github.com/jenkinsci/remoting/blob/master/docs/workDir.md) @@ -34,7 +34,7 @@ To run a Docker container with [Work Directory](https://github.com/jenkinsci/rem Windows agent: - docker run jenkins/inbound-agent:windowsservercore-1809 -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name + docker run jenkins/inbound-agent:windowsservercore-ltsc2019 -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret -Name Optional environment variables: From 4f3e5628f7111ab5cd83ab3b8f275ea5a66d7caf Mon Sep 17 00:00:00 2001 From: bob-rohan Date: Mon, 3 Jan 2022 19:03:28 +0000 Subject: [PATCH 063/130] Add Java 17 alpine (#252) Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> --- jenkins-agent | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/jenkins-agent b/jenkins-agent index a6501cf3b..4a6760a93 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -118,5 +118,18 @@ else #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - exec $JAVA_BIN $JAVA_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + FUTURE_OPTS="" + if [ "$JENKINS_ENABLE_FUTURE_JAVA" ] ; then + FUTURE_OPTS="--add-opens java.base/java.lang=ALL-UNNAMED + --add-opens java.base/java.io=ALL-UNNAMED + --add-opens java.base/java.util=ALL-UNNAMED + --add-opens java.base/java.util.concurrent=ALL-UNNAMED + --add-opens java.base/java.lang.reflect=ALL-UNNAMED + --add-opens java.base/java.text=ALL-UNNAMED + --add-opens java.desktop/java.awt.font=ALL-UNNAMED + " + fi + + exec $JAVA_BIN ${FUTURE_OPTS} $JAVA_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + fi From ecab80088b45e8c8fec6f7dadd9955cdb81a3c19 Mon Sep 17 00:00:00 2001 From: Basil Crow Date: Sat, 15 Jan 2022 12:13:27 -0800 Subject: [PATCH 064/130] Allow the use of multiple arguments (#254) --- jenkins-agent | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/jenkins-agent b/jenkins-agent index 4a6760a93..bf1b39451 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -1,4 +1,4 @@ -#!/usr/bin/env sh +#!/usr/bin/env bash # The MIT License # @@ -37,9 +37,9 @@ # the agent skips connecting to an HTTP(S) port for connection info. # * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. -if [ $# -eq 1 ] && [ "${1#-}" = "$1" ] ; then +if [ "${1:0:1}" != '-' ]; then - # if `docker run` only has one arguments and it is not an option as `-help`, we assume user is running alternate command like `bash` to inspect the image + # if `docker run`'s first argument does not look like a flag, we assume the user is running an alternate command like `bash` to inspect the image exec "$@" else From 8fefb6ac01c86584d00335bda372947d07650ccf Mon Sep 17 00:00:00 2001 From: Tim Jacomb <21194782+timja@users.noreply.github.com> Date: Mon, 17 Jan 2022 09:46:25 +0000 Subject: [PATCH 065/130] Revert "Allow the use of multiple arguments" (#257) --- jenkins-agent | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/jenkins-agent b/jenkins-agent index bf1b39451..4a6760a93 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/usr/bin/env sh # The MIT License # @@ -37,9 +37,9 @@ # the agent skips connecting to an HTTP(S) port for connection info. # * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. -if [ "${1:0:1}" != '-' ]; then +if [ $# -eq 1 ] && [ "${1#-}" = "$1" ] ; then - # if `docker run`'s first argument does not look like a flag, we assume the user is running an alternate command like `bash` to inspect the image + # if `docker run` only has one arguments and it is not an option as `-help`, we assume user is running alternate command like `bash` to inspect the image exec "$@" else From 44f87794e9b053ea07a0d2a0ec6ea9180bff260b Mon Sep 17 00:00:00 2001 From: Allan Burdajewicz Date: Wed, 9 Mar 2022 18:16:12 +1000 Subject: [PATCH 066/130] Specify JENKINS_JAVA_OPTS to pass JVM options that apply to the agent only (#261) --- README.md | 5 +++++ jenkins-agent | 12 +++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 4a6e9acdf..f11c9aa96 100644 --- a/README.md +++ b/README.md @@ -38,12 +38,17 @@ To run a Docker container with [Work Directory](https://github.com/jenkinsci/rem Optional environment variables: +* `JENKINS_JAVA_BIN`: Path to Java executable to use instead of the default in PATH or obtained from JAVA_HOME +* `JENKINS_JAVA_OPTS` : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS * `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL * `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this agent host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. * `JENKINS_SECRET`: agent secret, if not set as an argument * `JENKINS_AGENT_NAME`: agent name, if not set as an argument * `JENKINS_AGENT_WORKDIR`: agent work directory, if not set by optional parameter `-workDir` * `JENKINS_WEB_SOCKET`: `true` if the connection should be made via WebSocket rather than TCP +* `JENKINS_DIRECT_CONNECTION`: (`HOST:PORT`) Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. +* `JENKINS_INSTANCE_IDENTITY`: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, the agent skips connecting to an HTTP(S) port for connection info. +* `JENKINS_PROTOCOLS`: Specify the remoting protocols to attempt when `JENKINS_INSTANCE_IDENTITY` is provided. ## Configuration specifics diff --git a/jenkins-agent b/jenkins-agent index 4a6760a93..3822dc5fc 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -25,6 +25,7 @@ # Usage jenkins-agent.sh [options] -url http://jenkins [SECRET] [AGENT_NAME] # Optional environment variables : # * JENKINS_JAVA_BIN : Java executable to use instead of the default in PATH or obtained from JAVA_HOME +# * JENKINS_JAVA_OPTS : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS # * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network # * JENKINS_URL : alternate jenkins URL # * JENKINS_SECRET : agent secret, if not set as an argument @@ -96,6 +97,15 @@ else fi fi + if [ "$JENKINS_JAVA_OPTS" ]; then + JAVA_OPTIONS="$JENKINS_JAVA_OPTS" + else + # if JAVA_OPTS is defined, use it + if [ "$JAVA_OPTS" ]; then + JAVA_OPTIONS="$JAVA_OPTS" + fi + fi + # if both required options are defined, do not pass the parameters OPT_JENKINS_SECRET="" if [ -n "$JENKINS_SECRET" ]; then @@ -130,6 +140,6 @@ else " fi - exec $JAVA_BIN ${FUTURE_OPTS} $JAVA_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + exec $JAVA_BIN ${FUTURE_OPTS} $JAVA_OPTIONS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" fi From 921b076c14430787ef0f57ecf9b608222426ca1c Mon Sep 17 00:00:00 2001 From: Basil Crow Date: Fri, 11 Mar 2022 12:17:28 -0800 Subject: [PATCH 067/130] Remove `--add-opens` directives on Java 17 (#263) --- jenkins-agent | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/jenkins-agent b/jenkins-agent index 3822dc5fc..6d1beb26e 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -128,18 +128,6 @@ else #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - FUTURE_OPTS="" - if [ "$JENKINS_ENABLE_FUTURE_JAVA" ] ; then - FUTURE_OPTS="--add-opens java.base/java.lang=ALL-UNNAMED - --add-opens java.base/java.io=ALL-UNNAMED - --add-opens java.base/java.util=ALL-UNNAMED - --add-opens java.base/java.util.concurrent=ALL-UNNAMED - --add-opens java.base/java.lang.reflect=ALL-UNNAMED - --add-opens java.base/java.text=ALL-UNNAMED - --add-opens java.desktop/java.awt.font=ALL-UNNAMED - " - fi - - exec $JAVA_BIN ${FUTURE_OPTS} $JAVA_OPTIONS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + exec $JAVA_BIN $JAVA_OPTIONS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" fi From 8502a128b64feed1d767eae1fdbab2bed7bda3c3 Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Sun, 25 Sep 2022 08:03:28 -0700 Subject: [PATCH 068/130] Remove Java 8 (#278) Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> --- jenkins-agent.ps1 | 1 - tests/inboundAgent.Tests.ps1 | 122 +++++++++++++++++++++-------------- 2 files changed, 74 insertions(+), 49 deletions(-) diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 3ea22e36d..3dd0543db 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -52,7 +52,6 @@ Param( # * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. if(![System.String]::IsNullOrWhiteSpace($Cmd)) { - # if `docker run` only has one argument, we assume user is running alternate command like `powershell` or `pwsh` to inspect the image Invoke-Expression "$Cmd" } else { $AgentArguments = @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main", "-headless") diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index dc8f6a1aa..c7cad3f09 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -1,48 +1,49 @@ Import-Module -DisableNameChecking -Force $PSScriptRoot/test_helpers.psm1 -$AGENT_IMAGE='jenkins-inbound-agent' -$AGENT_CONTAINER='pester-jenkins-inbound-agent' -$SHELL="powershell.exe" +$global:AGENT_IMAGE='jenkins-inbound-agent' +$global:AGENT_CONTAINER='pester-jenkins-inbound-agent' +$global:SHELL="powershell.exe" -$FOLDER = Get-EnvOrDefault 'FOLDER' '' -$VERSION = Get-EnvOrDefault 'VERSION' '4.9-1' +$global:FOLDER = Get-EnvOrDefault 'FOLDER' '' +$global:VERSION = Get-EnvOrDefault 'VERSION' '4.9-1' -$REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${FOLDER}" +$REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${global:FOLDER}" -if(($FOLDER -match '^(?[0-9]+)[\\/](?.+)$') -and (Test-Path $REAL_FOLDER)) { - $JDK = $Matches['jdk'] - $FLAVOR = $Matches['flavor'] +if(($global:FOLDER -match '^(?[0-9]+)[\\/](?.+)$') -and (Test-Path $REAL_FOLDER)) { + $global:JDK = $Matches['jdk'] + $global:FLAVOR = $Matches['flavor'] } else { - Write-Error "Wrong folder format or folder does not exist: $FOLDER" + Write-Error "Wrong folder format or folder does not exist: $global:FOLDER" exit 1 } -if($FLAVOR -match "nanoserver-(\d+)") { - $AGENT_IMAGE += "-nanoserver" - $AGENT_CONTAINER += "-nanoserver-$($Matches[1])" - $SHELL = "pwsh.exe" +if($global:FLAVOR -match "nanoserver-(\d+)") { + $global:AGENT_IMAGE += "-nanoserver" + $global:AGENT_CONTAINER += "-nanoserver-$($Matches[1])" + $global:SHELL = "pwsh.exe" } -if($JDK -eq "11") { - $AGENT_IMAGE += ":jdk11" - $AGENT_CONTAINER += "-jdk11" +if($global:JDK -eq "17") { + $global:AGENT_IMAGE += ":jdk17" + $global:AGENT_CONTAINER += "-jdk17" } else { - $AGENT_IMAGE += ":latest" + $global:AGENT_IMAGE += ":latest" } -Cleanup($AGENT_CONTAINER) +Cleanup($global:AGENT_CONTAINER) Cleanup("nmap") CleanupNetwork("jnlp-network") BuildNcatImage -Describe "[$JDK $FLAVOR] build image" { +Describe "[$global:JDK $global:FLAVOR] build image" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." } It 'builds image' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg 'VERSION=$VERSION' -t $AGENT_IMAGE $FOLDER" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=$global:VERSION -t $global:AGENT_IMAGE $global:FOLDER" + # This failure was added on purpose to verify that the build will fail if a test fails $exitCode | Should -Be 0 } @@ -51,44 +52,45 @@ Describe "[$JDK $FLAVOR] build image" { } } -Describe "[$JDK $FLAVOR] check user account" { +Describe "[$global:JDK $global:FLAVOR] check default user account" { BeforeAll { - docker run -d -it --name "$AGENT_CONTAINER" -P "$AGENT_IMAGE" "$SHELL" - Is-ContainerRunning $AGENT_CONTAINER + docker run -d -it --name "$global:AGENT_CONTAINER" -P "$global:AGENT_IMAGE" -Cmd "$global:SHELL" + $LASTEXITCODE | Should -Be 0 + Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue } - It 'Password never expires' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { exit -1 }`"" + It 'has a password that never expires' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { net user jenkins ; exit -1 }`"" $exitCode | Should -Be 0 } - It 'Password not required' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { exit -1 }`"" + It 'has password policy of "not required"' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { net user jenkins ; exit -1 }`"" $exitCode | Should -Be 0 } AfterAll { - Cleanup($AGENT_CONTAINER) + Cleanup($global:AGENT_CONTAINER) } } -Describe "[$JDK $FLAVOR] image has jenkins-agent.ps1 in the correct location" { +Describe "[$global:JDK $global:FLAVOR] image has jenkins-agent.ps1 in the correct location" { BeforeAll { - & docker run -dit --name "$AGENT_CONTAINER" -P "$AGENT_IMAGE" $SHELL - Is-ContainerRunning $AGENT_CONTAINER | Should -BeTrue + & docker run -dit --name "$global:AGENT_CONTAINER" -P "$global:AGENT_IMAGE" -Cmd $global:SHELL + Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue } It 'has jenkins-agent.ps1 in C:/ProgramData/Jenkins' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if(Test-Path 'C:/ProgramData/Jenkins/jenkins-agent.ps1') { exit 0 } else { exit 1 }`"" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if(Test-Path 'C:/ProgramData/Jenkins/jenkins-agent.ps1') { exit 0 } else { exit 1 }`"" $exitCode | Should -Be 0 } AfterAll { - Cleanup($AGENT_CONTAINER) + Cleanup($global:AGENT_CONTAINER) } } -Describe "[$JDK $FLAVOR] image starts jenkins-agent.ps1 correctly (slow test)" { +Describe "[$global:JDK $global:FLAVOR] image starts jenkins-agent.ps1 correctly (slow test)" { It 'connects to the nmap container' { $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "network create --driver nat jnlp-network" # Launch the netcat utility, listening at port 5000 for 30 sec @@ -104,9 +106,11 @@ Describe "[$JDK $FLAVOR] image starts jenkins-agent.ps1 correctly (slow test)" { $nmap_ip = $stdout.Trim() # run Jenkins agent which tries to connect to the nmap container at port 5000 - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --network=jnlp-network --name $AGENT_CONTAINER $AGENT_IMAGE -Url http://${nmap_ip}:5000 -Secret aaa -Name bbb" + $secret = "aaa" + $name = "bbb" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --network=jnlp-network --name $global:AGENT_CONTAINER $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 $secret $name" $exitCode | Should -Be 0 - Is-ContainerRunning $AGENT_CONTAINER | Should -BeTrue + Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue $exitCode, $stdout, $stderr = Run-Program 'docker.exe' 'wait nmap' $exitCode, $stdout, $stderr = Run-Program 'docker.exe' 'logs nmap' @@ -115,38 +119,60 @@ Describe "[$JDK $FLAVOR] image starts jenkins-agent.ps1 correctly (slow test)" { } AfterAll { - Cleanup($AGENT_CONTAINER) + Cleanup($global:AGENT_CONTAINER) Cleanup("nmap") CleanupNetwork("jnlp-network") } } -Describe "[$JDK $FLAVOR] build args" { +Describe "[$global:JDK $global:FLAVOR] build args" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." - } - - It -Skip 'uses build args correctly' { - $TEST_VERSION="4.3" + # an old jdk11 image version + $TEST_VERSION="4.7" + $DOCKER_AGENT_VERSION_SUFFIX="1" + if($global:JDK -eq '17') { + # the first jdk17 images for Windows + $TEST_VERSION = "4.10" + $DOCKER_AGENT_VERSION_SUFFIX="7" + } $TEST_USER="foo" + $ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" + } - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=${TEST_VERSION}-2 --build-arg user=$TEST_USER -t $AGENT_IMAGE $FOLDER" + It 'builds image with arguments' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=${ARG_TEST_VERSION} --build-arg user=$TEST_USER -t $global:AGENT_IMAGE $global:FOLDER" $exitCode | Should -Be 0 - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name $AGENT_CONTAINER -P $AGENT_IMAGE $SHELL" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name $global:AGENT_CONTAINER -P $global:AGENT_IMAGE -Cmd $global:SHELL" $exitCode | Should -Be 0 - Is-ContainerRunning "$AGENT_CONTAINER" | Should -BeTrue + Is-ContainerRunning "$global:AGENT_CONTAINER" | Should -BeTrue + } - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -c `"java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version`"" + It "has the correct agent.jar version" { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -c `"java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version`"" $exitCode | Should -Be 0 $stdout | Should -Match $TEST_VERSION + } - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -c `"(Get-ChildItem env:\ | Where-Object { `$_.Name -eq 'USERNAME' }).Value`"" + It "has the correct (overridden) user account and the container is running as that user" { + # check that the user exists and is the user the container is running as + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -c `"(Get-ChildItem env:\ | Where-Object { `$_.Name -eq 'USERNAME' }).Value`"" $exitCode | Should -Be 0 $stdout | Should -Match $TEST_USER } + It "has the correct password policy for overridden user account" { + # check that $TEST_USER's password never expires and that password is NOT required to login + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if((net user $TEST_USER | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { net user $TEST_USER ; exit -1 }`"" + $exitCode | Should -Be 0 + + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if((net user $TEST_USER | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { net user $TEST_USER ; exit -1 }`"" + $exitCode | Should -Be 0 + } + AfterAll { + Cleanup($global:AGENT_CONTAINER) Pop-Location -StackName 'agent' } } From b4a507bb2f543bbe72bb2a8c5ae77f1ccf53ae77 Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Fri, 23 Sep 2022 18:16:02 +0200 Subject: [PATCH 069/130] fix: only deploy to DockerHub on tag-triggered builds Signed-off-by: Damien Duportal --- tests/netcat-helper/Dockerfile-windows | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/netcat-helper/Dockerfile-windows b/tests/netcat-helper/Dockerfile-windows index c0ac2f057..d42d52443 100644 --- a/tests/netcat-helper/Dockerfile-windows +++ b/tests/netcat-helper/Dockerfile-windows @@ -36,5 +36,3 @@ RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tl $proc = Start-Process "C:\nmap-install.exe" -PassThru -ArgumentList '/S' ; ` $proc.WaitForExit() ; ` Remove-Item -Path nmap-install.exe - - From 55207ce538910b887daeda930f2baedbb0cefe6a Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Thu, 29 Sep 2022 11:28:29 -0400 Subject: [PATCH 070/130] fixup Signed-off-by: Damien Duportal --- tests/inboundAgent.Tests.ps1 | 7 +------ tests/tests.bats | 4 ++-- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index c7cad3f09..55b870bac 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -129,13 +129,8 @@ Describe "[$global:JDK $global:FLAVOR] build args" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." # an old jdk11 image version - $TEST_VERSION="4.7" + $TEST_VERSION="3063.v26e24490f041" $DOCKER_AGENT_VERSION_SUFFIX="1" - if($global:JDK -eq '17') { - # the first jdk17 images for Windows - $TEST_VERSION = "4.10" - $DOCKER_AGENT_VERSION_SUFFIX="7" - } $TEST_USER="foo" $ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" } diff --git a/tests/tests.bats b/tests/tests.bats index acec4a38b..13b81580b 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -46,8 +46,8 @@ SUT_IMAGE=$(get_sut_image) cd "${BATS_TEST_DIRNAME}"/.. || false local ARG_TEST_VERSION - local TEST_VERSION="4.3" - local DOCKER_AGENT_VERSION_SUFFIX="4" + local TEST_VERSION="3063.v26e24490f041" + local DOCKER_AGENT_VERSION_SUFFIX="1" local TEST_USER="root" local ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" From ef202085607c1981e4d5e9a25c6febb92c9d20b8 Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Thu, 29 Sep 2022 12:52:58 -0400 Subject: [PATCH 071/130] chore(test) fix build argument tests by using an old version Signed-off-by: Damien Duportal --- tests/inboundAgent.Tests.ps1 | 7 ++++--- tests/tests.bats | 9 ++++++--- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 55b870bac..3bd65439d 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -128,15 +128,16 @@ Describe "[$global:JDK $global:FLAVOR] image starts jenkins-agent.ps1 correctly Describe "[$global:JDK $global:FLAVOR] build args" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." - # an old jdk11 image version - $TEST_VERSION="3063.v26e24490f041" + # Old version used to test overriding the build arguments. + # This old version must have the same tag suffixes as the current 4 windows images (`-jdk11-nanoserver` etc.) + $TEST_VERSION="3046.v38db_38a_b_7a_86" $DOCKER_AGENT_VERSION_SUFFIX="1" $TEST_USER="foo" $ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" } It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=${ARG_TEST_VERSION} --build-arg user=$TEST_USER -t $global:AGENT_IMAGE $global:FOLDER" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg version=${ARG_TEST_VERSION} --build-arg user=$TEST_USER -t $global:AGENT_IMAGE $global:FOLDER" $exitCode | Should -Be 0 $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name $global:AGENT_CONTAINER -P $global:AGENT_IMAGE -Cmd $global:SHELL" diff --git a/tests/tests.bats b/tests/tests.bats index 13b81580b..9a73a470a 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -45,11 +45,14 @@ SUT_IMAGE=$(get_sut_image) @test "[${SUT_IMAGE}] use build args correctly" { cd "${BATS_TEST_DIRNAME}"/.. || false - local ARG_TEST_VERSION - local TEST_VERSION="3063.v26e24490f041" + # Old version used to test overriding the build arguments. + # This old version must have the same tag suffixes as the ones defined in the docker-bake file (`-jdk17`, `jdk11`, etc.) + local TEST_VERSION="3046.v38db_38a_b_7a_86" local DOCKER_AGENT_VERSION_SUFFIX="1" - local TEST_USER="root" + local ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" + local TEST_USER="root" + local FOLDER=$(get_dockerfile_directory) From c1d490488f8648e7393df3653751079b761c74b6 Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Sat, 12 Nov 2022 10:36:16 +0100 Subject: [PATCH 072/130] chore(linux tests) apply shellcheck and fix concurency issues Signed-off-by: Damien Duportal --- tests/tests.bats | 61 ++++++++++++++++++++++++------------------------ 1 file changed, 31 insertions(+), 30 deletions(-) diff --git a/tests/tests.bats b/tests/tests.bats index 9a73a470a..f47739112 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -1,80 +1,81 @@ #!/usr/bin/env bats AGENT_CONTAINER=bats-jenkins-jnlp-agent -NETCAT_HELPER_CONTAINER=netcat-helper load test_helpers buildNetcatImage -SUT_IMAGE=$(get_sut_image) +SUT_IMAGE="$(get_sut_image)" @test "[${SUT_IMAGE}] image has installed jenkins-agent in PATH" { - cid=$(docker run -d -it -P "${SUT_IMAGE}" /bin/bash) + local sut_cid + sut_cid="$(docker run -d -it -P "${SUT_IMAGE}" /bin/bash)" - is_agent_container_running $cid + is_agent_container_running "${sut_cid}" - run docker exec "${cid}" which jenkins-agent + run docker exec "${sut_cid}" which jenkins-agent [ "/usr/local/bin/jenkins-agent" = "${lines[0]}" ] - run docker exec "${cid}" which jenkins-agent + run docker exec "${sut_cid}" which jenkins-agent [ "/usr/local/bin/jenkins-agent" = "${lines[0]}" ] - cleanup $cid + cleanup "${sut_cid}" } @test "[${SUT_IMAGE}] image starts jenkins-agent correctly (slow test)" { - # Spin off a helper image which contains netcat - netcat_cid=$(docker run -d -it --name netcat-helper netcat-helper:latest /bin/sh) + local netcat_cid sut_cid + # Spin off a helper image which launches the netcat utility, listening at port 5000 for 30 sec + netcat_cid="$(docker run -d -it netcat-helper:latest /bin/sh -c "timeout 30s nc -l 5000")" # Run jenkins agent which tries to connect to the netcat-helper container at port 5000 - cid=$(docker run -d --link netcat-helper "${SUT_IMAGE}" -url http://netcat-helper:5000 aaa bbb) + sut_cid="$(docker run -d --link "${netcat_cid}" "${SUT_IMAGE}" -url "http://${netcat_cid}:5000" aaa bbb)" - # Launch the netcat utility, listening at port 5000 for 30 sec - # bats will capture the output from netcat and compare the first line + # Wait for the whole process to take place (in resource-constrained environments it can take 100s of milliseconds) + sleep 1 + + # Capture the logs output from netcat and compare the first line # of the header of the first HTTP request with the expected one - run docker exec netcat-helper /bin/sh -c "timeout 30s nc -l 5000" + run docker logs "${netcat_cid}" - # The GET request ends with a '\r' - [ $'GET /tcpSlaveAgentListener/ HTTP/1.1\r' = "${lines[0]}" ] + [[ "${lines[0]}" = *"GET /tcpSlaveAgentListener/ HTTP/1.1"* ]] - cleanup $netcat_cid - cleanup $cid + cleanup "${netcat_cid}" + cleanup "${sut_cid}" } @test "[${SUT_IMAGE}] use build args correctly" { cd "${BATS_TEST_DIRNAME}"/.. || false + local TEST_VERSION DOCKER_AGENT_VERSION_SUFFIX ARG_TEST_VERSION TEST_USER sut_image sut_cid + # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the ones defined in the docker-bake file (`-jdk17`, `jdk11`, etc.) - local TEST_VERSION="3046.v38db_38a_b_7a_86" - local DOCKER_AGENT_VERSION_SUFFIX="1" - - local ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" - local TEST_USER="root" - + TEST_VERSION="3046.v38db_38a_b_7a_86" + DOCKER_AGENT_VERSION_SUFFIX="1" - local FOLDER=$(get_dockerfile_directory) + ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" + TEST_USER="root" - local sut_image="${SUT_IMAGE}-tests-${BATS_TEST_NUMBER}" + sut_image="${SUT_IMAGE}-tests-${BATS_TEST_NUMBER}" docker buildx bake \ --set "${IMAGE}".args.version="${ARG_TEST_VERSION}" \ --set "${IMAGE}".args.user="${TEST_USER}" \ - --set "${IMAGE}".platform="linux/${ARCH}" \ + --set "${IMAGE}".platform=linux/"${ARCH}" \ --set "${IMAGE}".tags="${sut_image}" \ --load \ "${IMAGE}" - cid=$(docker run -d -it --name "${AGENT_CONTAINER}" -P "${sut_image}" /bin/sh) + sut_cid="$(docker run -d -it --name "${AGENT_CONTAINER}" -P "${sut_image}" /bin/sh)" - is_agent_container_running $cid + is_agent_container_running "${sut_cid}" - run docker exec "${cid}" sh -c "java -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -version" + run docker exec "${sut_cid}" sh -c "java -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -version" [ "${TEST_VERSION}" = "${lines[0]}" ] run docker exec "${AGENT_CONTAINER}" sh -c "id -u -n ${TEST_USER}" [ "${TEST_USER}" = "${lines[0]}" ] - cleanup $cid + cleanup "${sut_cid}" } From 3ed3d992080a35a849e0ea95ec73348733cb96e9 Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Sat, 12 Nov 2022 20:32:19 +0100 Subject: [PATCH 073/130] fixup Signed-off-by: Damien Duportal --- tests/tests.bats | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/tests/tests.bats b/tests/tests.bats index f47739112..fd4633e9f 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -32,13 +32,11 @@ SUT_IMAGE="$(get_sut_image)" sut_cid="$(docker run -d --link "${netcat_cid}" "${SUT_IMAGE}" -url "http://${netcat_cid}:5000" aaa bbb)" # Wait for the whole process to take place (in resource-constrained environments it can take 100s of milliseconds) - sleep 1 + sleep 5 - # Capture the logs output from netcat and compare the first line - # of the header of the first HTTP request with the expected one + # Capture the logs output from netcat and check the header of the first HTTP request with the expected one run docker logs "${netcat_cid}" - - [[ "${lines[0]}" = *"GET /tcpSlaveAgentListener/ HTTP/1.1"* ]] + echo "${output}" | grep 'GET /tcpSlaveAgentListener/ HTTP/1.1' cleanup "${netcat_cid}" cleanup "${sut_cid}" From e2e0f16361770e5704e8d5f461b94d4032bd15e7 Mon Sep 17 00:00:00 2001 From: bob-rohan Date: Mon, 3 Jan 2022 19:03:28 +0000 Subject: [PATCH 074/130] Add Java 17 alpine (#252) Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> --- jenkins-agent | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/jenkins-agent b/jenkins-agent index a6501cf3b..4a6760a93 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -118,5 +118,18 @@ else #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - exec $JAVA_BIN $JAVA_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + FUTURE_OPTS="" + if [ "$JENKINS_ENABLE_FUTURE_JAVA" ] ; then + FUTURE_OPTS="--add-opens java.base/java.lang=ALL-UNNAMED + --add-opens java.base/java.io=ALL-UNNAMED + --add-opens java.base/java.util=ALL-UNNAMED + --add-opens java.base/java.util.concurrent=ALL-UNNAMED + --add-opens java.base/java.lang.reflect=ALL-UNNAMED + --add-opens java.base/java.text=ALL-UNNAMED + --add-opens java.desktop/java.awt.font=ALL-UNNAMED + " + fi + + exec $JAVA_BIN ${FUTURE_OPTS} $JAVA_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + fi From 9bbd3249860856c4d2432f42afe40e02a98680cf Mon Sep 17 00:00:00 2001 From: Basil Crow Date: Sat, 15 Jan 2022 12:13:27 -0800 Subject: [PATCH 075/130] Allow the use of multiple arguments (#254) --- jenkins-agent | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/jenkins-agent b/jenkins-agent index 4a6760a93..bf1b39451 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -1,4 +1,4 @@ -#!/usr/bin/env sh +#!/usr/bin/env bash # The MIT License # @@ -37,9 +37,9 @@ # the agent skips connecting to an HTTP(S) port for connection info. # * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. -if [ $# -eq 1 ] && [ "${1#-}" = "$1" ] ; then +if [ "${1:0:1}" != '-' ]; then - # if `docker run` only has one arguments and it is not an option as `-help`, we assume user is running alternate command like `bash` to inspect the image + # if `docker run`'s first argument does not look like a flag, we assume the user is running an alternate command like `bash` to inspect the image exec "$@" else From 51774e336496f1e4d875abd0f6ee45756abd75b9 Mon Sep 17 00:00:00 2001 From: Tim Jacomb <21194782+timja@users.noreply.github.com> Date: Mon, 17 Jan 2022 09:46:25 +0000 Subject: [PATCH 076/130] Revert "Allow the use of multiple arguments" (#257) --- jenkins-agent | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/jenkins-agent b/jenkins-agent index bf1b39451..4a6760a93 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/usr/bin/env sh # The MIT License # @@ -37,9 +37,9 @@ # the agent skips connecting to an HTTP(S) port for connection info. # * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. -if [ "${1:0:1}" != '-' ]; then +if [ $# -eq 1 ] && [ "${1#-}" = "$1" ] ; then - # if `docker run`'s first argument does not look like a flag, we assume the user is running an alternate command like `bash` to inspect the image + # if `docker run` only has one arguments and it is not an option as `-help`, we assume user is running alternate command like `bash` to inspect the image exec "$@" else From 9c88589259cd815a79b8105f9585df43b17a889e Mon Sep 17 00:00:00 2001 From: Allan Burdajewicz Date: Wed, 9 Mar 2022 18:16:12 +1000 Subject: [PATCH 077/130] Specify JENKINS_JAVA_OPTS to pass JVM options that apply to the agent only (#261) --- README.md | 5 +++++ jenkins-agent | 12 +++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 4a6e9acdf..f11c9aa96 100644 --- a/README.md +++ b/README.md @@ -38,12 +38,17 @@ To run a Docker container with [Work Directory](https://github.com/jenkinsci/rem Optional environment variables: +* `JENKINS_JAVA_BIN`: Path to Java executable to use instead of the default in PATH or obtained from JAVA_HOME +* `JENKINS_JAVA_OPTS` : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS * `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL * `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this agent host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. * `JENKINS_SECRET`: agent secret, if not set as an argument * `JENKINS_AGENT_NAME`: agent name, if not set as an argument * `JENKINS_AGENT_WORKDIR`: agent work directory, if not set by optional parameter `-workDir` * `JENKINS_WEB_SOCKET`: `true` if the connection should be made via WebSocket rather than TCP +* `JENKINS_DIRECT_CONNECTION`: (`HOST:PORT`) Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. +* `JENKINS_INSTANCE_IDENTITY`: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, the agent skips connecting to an HTTP(S) port for connection info. +* `JENKINS_PROTOCOLS`: Specify the remoting protocols to attempt when `JENKINS_INSTANCE_IDENTITY` is provided. ## Configuration specifics diff --git a/jenkins-agent b/jenkins-agent index 4a6760a93..3822dc5fc 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -25,6 +25,7 @@ # Usage jenkins-agent.sh [options] -url http://jenkins [SECRET] [AGENT_NAME] # Optional environment variables : # * JENKINS_JAVA_BIN : Java executable to use instead of the default in PATH or obtained from JAVA_HOME +# * JENKINS_JAVA_OPTS : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS # * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network # * JENKINS_URL : alternate jenkins URL # * JENKINS_SECRET : agent secret, if not set as an argument @@ -96,6 +97,15 @@ else fi fi + if [ "$JENKINS_JAVA_OPTS" ]; then + JAVA_OPTIONS="$JENKINS_JAVA_OPTS" + else + # if JAVA_OPTS is defined, use it + if [ "$JAVA_OPTS" ]; then + JAVA_OPTIONS="$JAVA_OPTS" + fi + fi + # if both required options are defined, do not pass the parameters OPT_JENKINS_SECRET="" if [ -n "$JENKINS_SECRET" ]; then @@ -130,6 +140,6 @@ else " fi - exec $JAVA_BIN ${FUTURE_OPTS} $JAVA_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + exec $JAVA_BIN ${FUTURE_OPTS} $JAVA_OPTIONS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" fi From 3dd8b43b325cf9453695dc381b2b8f03d8babce4 Mon Sep 17 00:00:00 2001 From: Basil Crow Date: Fri, 11 Mar 2022 12:17:28 -0800 Subject: [PATCH 078/130] Remove `--add-opens` directives on Java 17 (#263) --- jenkins-agent | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/jenkins-agent b/jenkins-agent index 3822dc5fc..6d1beb26e 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -128,18 +128,6 @@ else #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - FUTURE_OPTS="" - if [ "$JENKINS_ENABLE_FUTURE_JAVA" ] ; then - FUTURE_OPTS="--add-opens java.base/java.lang=ALL-UNNAMED - --add-opens java.base/java.io=ALL-UNNAMED - --add-opens java.base/java.util=ALL-UNNAMED - --add-opens java.base/java.util.concurrent=ALL-UNNAMED - --add-opens java.base/java.lang.reflect=ALL-UNNAMED - --add-opens java.base/java.text=ALL-UNNAMED - --add-opens java.desktop/java.awt.font=ALL-UNNAMED - " - fi - - exec $JAVA_BIN ${FUTURE_OPTS} $JAVA_OPTIONS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + exec $JAVA_BIN $JAVA_OPTIONS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" fi From 86f5ddc504fd18884e6ab4c3d65d4969df5c2607 Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Sun, 25 Sep 2022 08:03:28 -0700 Subject: [PATCH 079/130] Remove Java 8 (#278) Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> --- jenkins-agent.ps1 | 1 - tests/inboundAgent.Tests.ps1 | 122 +++++++++++++++++++++-------------- 2 files changed, 74 insertions(+), 49 deletions(-) diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 33d0e1bd3..7e0ae27d7 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -53,7 +53,6 @@ Param( # * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. if(![System.String]::IsNullOrWhiteSpace($Cmd)) { - # if `docker run` only has one argument, we assume user is running alternate command like `powershell` or `pwsh` to inspect the image Invoke-Expression "$Cmd" } else { diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index dc8f6a1aa..c7cad3f09 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -1,48 +1,49 @@ Import-Module -DisableNameChecking -Force $PSScriptRoot/test_helpers.psm1 -$AGENT_IMAGE='jenkins-inbound-agent' -$AGENT_CONTAINER='pester-jenkins-inbound-agent' -$SHELL="powershell.exe" +$global:AGENT_IMAGE='jenkins-inbound-agent' +$global:AGENT_CONTAINER='pester-jenkins-inbound-agent' +$global:SHELL="powershell.exe" -$FOLDER = Get-EnvOrDefault 'FOLDER' '' -$VERSION = Get-EnvOrDefault 'VERSION' '4.9-1' +$global:FOLDER = Get-EnvOrDefault 'FOLDER' '' +$global:VERSION = Get-EnvOrDefault 'VERSION' '4.9-1' -$REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${FOLDER}" +$REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${global:FOLDER}" -if(($FOLDER -match '^(?[0-9]+)[\\/](?.+)$') -and (Test-Path $REAL_FOLDER)) { - $JDK = $Matches['jdk'] - $FLAVOR = $Matches['flavor'] +if(($global:FOLDER -match '^(?[0-9]+)[\\/](?.+)$') -and (Test-Path $REAL_FOLDER)) { + $global:JDK = $Matches['jdk'] + $global:FLAVOR = $Matches['flavor'] } else { - Write-Error "Wrong folder format or folder does not exist: $FOLDER" + Write-Error "Wrong folder format or folder does not exist: $global:FOLDER" exit 1 } -if($FLAVOR -match "nanoserver-(\d+)") { - $AGENT_IMAGE += "-nanoserver" - $AGENT_CONTAINER += "-nanoserver-$($Matches[1])" - $SHELL = "pwsh.exe" +if($global:FLAVOR -match "nanoserver-(\d+)") { + $global:AGENT_IMAGE += "-nanoserver" + $global:AGENT_CONTAINER += "-nanoserver-$($Matches[1])" + $global:SHELL = "pwsh.exe" } -if($JDK -eq "11") { - $AGENT_IMAGE += ":jdk11" - $AGENT_CONTAINER += "-jdk11" +if($global:JDK -eq "17") { + $global:AGENT_IMAGE += ":jdk17" + $global:AGENT_CONTAINER += "-jdk17" } else { - $AGENT_IMAGE += ":latest" + $global:AGENT_IMAGE += ":latest" } -Cleanup($AGENT_CONTAINER) +Cleanup($global:AGENT_CONTAINER) Cleanup("nmap") CleanupNetwork("jnlp-network") BuildNcatImage -Describe "[$JDK $FLAVOR] build image" { +Describe "[$global:JDK $global:FLAVOR] build image" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." } It 'builds image' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg 'VERSION=$VERSION' -t $AGENT_IMAGE $FOLDER" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=$global:VERSION -t $global:AGENT_IMAGE $global:FOLDER" + # This failure was added on purpose to verify that the build will fail if a test fails $exitCode | Should -Be 0 } @@ -51,44 +52,45 @@ Describe "[$JDK $FLAVOR] build image" { } } -Describe "[$JDK $FLAVOR] check user account" { +Describe "[$global:JDK $global:FLAVOR] check default user account" { BeforeAll { - docker run -d -it --name "$AGENT_CONTAINER" -P "$AGENT_IMAGE" "$SHELL" - Is-ContainerRunning $AGENT_CONTAINER + docker run -d -it --name "$global:AGENT_CONTAINER" -P "$global:AGENT_IMAGE" -Cmd "$global:SHELL" + $LASTEXITCODE | Should -Be 0 + Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue } - It 'Password never expires' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { exit -1 }`"" + It 'has a password that never expires' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { net user jenkins ; exit -1 }`"" $exitCode | Should -Be 0 } - It 'Password not required' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { exit -1 }`"" + It 'has password policy of "not required"' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { net user jenkins ; exit -1 }`"" $exitCode | Should -Be 0 } AfterAll { - Cleanup($AGENT_CONTAINER) + Cleanup($global:AGENT_CONTAINER) } } -Describe "[$JDK $FLAVOR] image has jenkins-agent.ps1 in the correct location" { +Describe "[$global:JDK $global:FLAVOR] image has jenkins-agent.ps1 in the correct location" { BeforeAll { - & docker run -dit --name "$AGENT_CONTAINER" -P "$AGENT_IMAGE" $SHELL - Is-ContainerRunning $AGENT_CONTAINER | Should -BeTrue + & docker run -dit --name "$global:AGENT_CONTAINER" -P "$global:AGENT_IMAGE" -Cmd $global:SHELL + Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue } It 'has jenkins-agent.ps1 in C:/ProgramData/Jenkins' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"if(Test-Path 'C:/ProgramData/Jenkins/jenkins-agent.ps1') { exit 0 } else { exit 1 }`"" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if(Test-Path 'C:/ProgramData/Jenkins/jenkins-agent.ps1') { exit 0 } else { exit 1 }`"" $exitCode | Should -Be 0 } AfterAll { - Cleanup($AGENT_CONTAINER) + Cleanup($global:AGENT_CONTAINER) } } -Describe "[$JDK $FLAVOR] image starts jenkins-agent.ps1 correctly (slow test)" { +Describe "[$global:JDK $global:FLAVOR] image starts jenkins-agent.ps1 correctly (slow test)" { It 'connects to the nmap container' { $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "network create --driver nat jnlp-network" # Launch the netcat utility, listening at port 5000 for 30 sec @@ -104,9 +106,11 @@ Describe "[$JDK $FLAVOR] image starts jenkins-agent.ps1 correctly (slow test)" { $nmap_ip = $stdout.Trim() # run Jenkins agent which tries to connect to the nmap container at port 5000 - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --network=jnlp-network --name $AGENT_CONTAINER $AGENT_IMAGE -Url http://${nmap_ip}:5000 -Secret aaa -Name bbb" + $secret = "aaa" + $name = "bbb" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --network=jnlp-network --name $global:AGENT_CONTAINER $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 $secret $name" $exitCode | Should -Be 0 - Is-ContainerRunning $AGENT_CONTAINER | Should -BeTrue + Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue $exitCode, $stdout, $stderr = Run-Program 'docker.exe' 'wait nmap' $exitCode, $stdout, $stderr = Run-Program 'docker.exe' 'logs nmap' @@ -115,38 +119,60 @@ Describe "[$JDK $FLAVOR] image starts jenkins-agent.ps1 correctly (slow test)" { } AfterAll { - Cleanup($AGENT_CONTAINER) + Cleanup($global:AGENT_CONTAINER) Cleanup("nmap") CleanupNetwork("jnlp-network") } } -Describe "[$JDK $FLAVOR] build args" { +Describe "[$global:JDK $global:FLAVOR] build args" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." - } - - It -Skip 'uses build args correctly' { - $TEST_VERSION="4.3" + # an old jdk11 image version + $TEST_VERSION="4.7" + $DOCKER_AGENT_VERSION_SUFFIX="1" + if($global:JDK -eq '17') { + # the first jdk17 images for Windows + $TEST_VERSION = "4.10" + $DOCKER_AGENT_VERSION_SUFFIX="7" + } $TEST_USER="foo" + $ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" + } - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=${TEST_VERSION}-2 --build-arg user=$TEST_USER -t $AGENT_IMAGE $FOLDER" + It 'builds image with arguments' { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=${ARG_TEST_VERSION} --build-arg user=$TEST_USER -t $global:AGENT_IMAGE $global:FOLDER" $exitCode | Should -Be 0 - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name $AGENT_CONTAINER -P $AGENT_IMAGE $SHELL" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name $global:AGENT_CONTAINER -P $global:AGENT_IMAGE -Cmd $global:SHELL" $exitCode | Should -Be 0 - Is-ContainerRunning "$AGENT_CONTAINER" | Should -BeTrue + Is-ContainerRunning "$global:AGENT_CONTAINER" | Should -BeTrue + } - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -c `"java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version`"" + It "has the correct agent.jar version" { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -c `"java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version`"" $exitCode | Should -Be 0 $stdout | Should -Match $TEST_VERSION + } - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -c `"(Get-ChildItem env:\ | Where-Object { `$_.Name -eq 'USERNAME' }).Value`"" + It "has the correct (overridden) user account and the container is running as that user" { + # check that the user exists and is the user the container is running as + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -c `"(Get-ChildItem env:\ | Where-Object { `$_.Name -eq 'USERNAME' }).Value`"" $exitCode | Should -Be 0 $stdout | Should -Match $TEST_USER } + It "has the correct password policy for overridden user account" { + # check that $TEST_USER's password never expires and that password is NOT required to login + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if((net user $TEST_USER | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { net user $TEST_USER ; exit -1 }`"" + $exitCode | Should -Be 0 + + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if((net user $TEST_USER | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { net user $TEST_USER ; exit -1 }`"" + $exitCode | Should -Be 0 + } + AfterAll { + Cleanup($global:AGENT_CONTAINER) Pop-Location -StackName 'agent' } } From c1f2329c9e5e861f68ba0a98acc7cf59913b7aae Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Fri, 23 Sep 2022 18:16:02 +0200 Subject: [PATCH 080/130] fix: only deploy to DockerHub on tag-triggered builds Signed-off-by: Damien Duportal --- tests/netcat-helper/Dockerfile-windows | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/netcat-helper/Dockerfile-windows b/tests/netcat-helper/Dockerfile-windows index c0ac2f057..d42d52443 100644 --- a/tests/netcat-helper/Dockerfile-windows +++ b/tests/netcat-helper/Dockerfile-windows @@ -36,5 +36,3 @@ RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tl $proc = Start-Process "C:\nmap-install.exe" -PassThru -ArgumentList '/S' ; ` $proc.WaitForExit() ; ` Remove-Item -Path nmap-install.exe - - From 52b909fc516dd2abe7483c5c5331ea0c9bbac217 Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Thu, 29 Sep 2022 11:28:29 -0400 Subject: [PATCH 081/130] fixup Signed-off-by: Damien Duportal --- tests/inboundAgent.Tests.ps1 | 7 +------ tests/tests.bats | 4 ++-- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index c7cad3f09..55b870bac 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -129,13 +129,8 @@ Describe "[$global:JDK $global:FLAVOR] build args" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." # an old jdk11 image version - $TEST_VERSION="4.7" + $TEST_VERSION="3063.v26e24490f041" $DOCKER_AGENT_VERSION_SUFFIX="1" - if($global:JDK -eq '17') { - # the first jdk17 images for Windows - $TEST_VERSION = "4.10" - $DOCKER_AGENT_VERSION_SUFFIX="7" - } $TEST_USER="foo" $ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" } diff --git a/tests/tests.bats b/tests/tests.bats index acec4a38b..13b81580b 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -46,8 +46,8 @@ SUT_IMAGE=$(get_sut_image) cd "${BATS_TEST_DIRNAME}"/.. || false local ARG_TEST_VERSION - local TEST_VERSION="4.3" - local DOCKER_AGENT_VERSION_SUFFIX="4" + local TEST_VERSION="3063.v26e24490f041" + local DOCKER_AGENT_VERSION_SUFFIX="1" local TEST_USER="root" local ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" From 33090267d85b134f5738875f2a5e52b5628c5ce1 Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Thu, 29 Sep 2022 12:52:58 -0400 Subject: [PATCH 082/130] chore(test) fix build argument tests by using an old version Signed-off-by: Damien Duportal --- tests/inboundAgent.Tests.ps1 | 7 ++++--- tests/tests.bats | 9 ++++++--- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 55b870bac..3bd65439d 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -128,15 +128,16 @@ Describe "[$global:JDK $global:FLAVOR] image starts jenkins-agent.ps1 correctly Describe "[$global:JDK $global:FLAVOR] build args" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." - # an old jdk11 image version - $TEST_VERSION="3063.v26e24490f041" + # Old version used to test overriding the build arguments. + # This old version must have the same tag suffixes as the current 4 windows images (`-jdk11-nanoserver` etc.) + $TEST_VERSION="3046.v38db_38a_b_7a_86" $DOCKER_AGENT_VERSION_SUFFIX="1" $TEST_USER="foo" $ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" } It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=${ARG_TEST_VERSION} --build-arg user=$TEST_USER -t $global:AGENT_IMAGE $global:FOLDER" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg version=${ARG_TEST_VERSION} --build-arg user=$TEST_USER -t $global:AGENT_IMAGE $global:FOLDER" $exitCode | Should -Be 0 $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name $global:AGENT_CONTAINER -P $global:AGENT_IMAGE -Cmd $global:SHELL" diff --git a/tests/tests.bats b/tests/tests.bats index 13b81580b..9a73a470a 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -45,11 +45,14 @@ SUT_IMAGE=$(get_sut_image) @test "[${SUT_IMAGE}] use build args correctly" { cd "${BATS_TEST_DIRNAME}"/.. || false - local ARG_TEST_VERSION - local TEST_VERSION="3063.v26e24490f041" + # Old version used to test overriding the build arguments. + # This old version must have the same tag suffixes as the ones defined in the docker-bake file (`-jdk17`, `jdk11`, etc.) + local TEST_VERSION="3046.v38db_38a_b_7a_86" local DOCKER_AGENT_VERSION_SUFFIX="1" - local TEST_USER="root" + local ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" + local TEST_USER="root" + local FOLDER=$(get_dockerfile_directory) From b32baf36cfc26eeec63c8c47928c398e81e55adb Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Sat, 12 Nov 2022 10:36:16 +0100 Subject: [PATCH 083/130] chore(linux tests) apply shellcheck and fix concurency issues Signed-off-by: Damien Duportal --- tests/tests.bats | 61 ++++++++++++++++++++++++------------------------ 1 file changed, 31 insertions(+), 30 deletions(-) diff --git a/tests/tests.bats b/tests/tests.bats index 9a73a470a..f47739112 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -1,80 +1,81 @@ #!/usr/bin/env bats AGENT_CONTAINER=bats-jenkins-jnlp-agent -NETCAT_HELPER_CONTAINER=netcat-helper load test_helpers buildNetcatImage -SUT_IMAGE=$(get_sut_image) +SUT_IMAGE="$(get_sut_image)" @test "[${SUT_IMAGE}] image has installed jenkins-agent in PATH" { - cid=$(docker run -d -it -P "${SUT_IMAGE}" /bin/bash) + local sut_cid + sut_cid="$(docker run -d -it -P "${SUT_IMAGE}" /bin/bash)" - is_agent_container_running $cid + is_agent_container_running "${sut_cid}" - run docker exec "${cid}" which jenkins-agent + run docker exec "${sut_cid}" which jenkins-agent [ "/usr/local/bin/jenkins-agent" = "${lines[0]}" ] - run docker exec "${cid}" which jenkins-agent + run docker exec "${sut_cid}" which jenkins-agent [ "/usr/local/bin/jenkins-agent" = "${lines[0]}" ] - cleanup $cid + cleanup "${sut_cid}" } @test "[${SUT_IMAGE}] image starts jenkins-agent correctly (slow test)" { - # Spin off a helper image which contains netcat - netcat_cid=$(docker run -d -it --name netcat-helper netcat-helper:latest /bin/sh) + local netcat_cid sut_cid + # Spin off a helper image which launches the netcat utility, listening at port 5000 for 30 sec + netcat_cid="$(docker run -d -it netcat-helper:latest /bin/sh -c "timeout 30s nc -l 5000")" # Run jenkins agent which tries to connect to the netcat-helper container at port 5000 - cid=$(docker run -d --link netcat-helper "${SUT_IMAGE}" -url http://netcat-helper:5000 aaa bbb) + sut_cid="$(docker run -d --link "${netcat_cid}" "${SUT_IMAGE}" -url "http://${netcat_cid}:5000" aaa bbb)" - # Launch the netcat utility, listening at port 5000 for 30 sec - # bats will capture the output from netcat and compare the first line + # Wait for the whole process to take place (in resource-constrained environments it can take 100s of milliseconds) + sleep 1 + + # Capture the logs output from netcat and compare the first line # of the header of the first HTTP request with the expected one - run docker exec netcat-helper /bin/sh -c "timeout 30s nc -l 5000" + run docker logs "${netcat_cid}" - # The GET request ends with a '\r' - [ $'GET /tcpSlaveAgentListener/ HTTP/1.1\r' = "${lines[0]}" ] + [[ "${lines[0]}" = *"GET /tcpSlaveAgentListener/ HTTP/1.1"* ]] - cleanup $netcat_cid - cleanup $cid + cleanup "${netcat_cid}" + cleanup "${sut_cid}" } @test "[${SUT_IMAGE}] use build args correctly" { cd "${BATS_TEST_DIRNAME}"/.. || false + local TEST_VERSION DOCKER_AGENT_VERSION_SUFFIX ARG_TEST_VERSION TEST_USER sut_image sut_cid + # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the ones defined in the docker-bake file (`-jdk17`, `jdk11`, etc.) - local TEST_VERSION="3046.v38db_38a_b_7a_86" - local DOCKER_AGENT_VERSION_SUFFIX="1" - - local ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" - local TEST_USER="root" - + TEST_VERSION="3046.v38db_38a_b_7a_86" + DOCKER_AGENT_VERSION_SUFFIX="1" - local FOLDER=$(get_dockerfile_directory) + ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" + TEST_USER="root" - local sut_image="${SUT_IMAGE}-tests-${BATS_TEST_NUMBER}" + sut_image="${SUT_IMAGE}-tests-${BATS_TEST_NUMBER}" docker buildx bake \ --set "${IMAGE}".args.version="${ARG_TEST_VERSION}" \ --set "${IMAGE}".args.user="${TEST_USER}" \ - --set "${IMAGE}".platform="linux/${ARCH}" \ + --set "${IMAGE}".platform=linux/"${ARCH}" \ --set "${IMAGE}".tags="${sut_image}" \ --load \ "${IMAGE}" - cid=$(docker run -d -it --name "${AGENT_CONTAINER}" -P "${sut_image}" /bin/sh) + sut_cid="$(docker run -d -it --name "${AGENT_CONTAINER}" -P "${sut_image}" /bin/sh)" - is_agent_container_running $cid + is_agent_container_running "${sut_cid}" - run docker exec "${cid}" sh -c "java -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -version" + run docker exec "${sut_cid}" sh -c "java -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -version" [ "${TEST_VERSION}" = "${lines[0]}" ] run docker exec "${AGENT_CONTAINER}" sh -c "id -u -n ${TEST_USER}" [ "${TEST_USER}" = "${lines[0]}" ] - cleanup $cid + cleanup "${sut_cid}" } From ca52fd6a9d7f782b53a097807dcb3d4ef353faab Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Sat, 12 Nov 2022 20:32:19 +0100 Subject: [PATCH 084/130] fixup Signed-off-by: Damien Duportal --- tests/tests.bats | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/tests/tests.bats b/tests/tests.bats index f47739112..fd4633e9f 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -32,13 +32,11 @@ SUT_IMAGE="$(get_sut_image)" sut_cid="$(docker run -d --link "${netcat_cid}" "${SUT_IMAGE}" -url "http://${netcat_cid}:5000" aaa bbb)" # Wait for the whole process to take place (in resource-constrained environments it can take 100s of milliseconds) - sleep 1 + sleep 5 - # Capture the logs output from netcat and compare the first line - # of the header of the first HTTP request with the expected one + # Capture the logs output from netcat and check the header of the first HTTP request with the expected one run docker logs "${netcat_cid}" - - [[ "${lines[0]}" = *"GET /tcpSlaveAgentListener/ HTTP/1.1"* ]] + echo "${output}" | grep 'GET /tcpSlaveAgentListener/ HTTP/1.1' cleanup "${netcat_cid}" cleanup "${sut_cid}" From b65ad2096777f7501b3e95fb6b6c90d29fa099b4 Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Thu, 24 Nov 2022 10:28:57 -0700 Subject: [PATCH 085/130] Fixup command line processing and add test --- jenkins-agent.ps1 | 16 +++++++++++----- tests/inboundAgent.Tests.ps1 | 35 ++++++++++++++++++++++++++++++++++- 2 files changed, 45 insertions(+), 6 deletions(-) diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 7e0ae27d7..2f354c2ef 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -22,7 +22,7 @@ [CmdletBinding()] Param( - $Cmd = '', # this is only used when docker run has one arg positional arg + $Cmd = '', # this must be specified explicitly $Url = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_URL)) { throw ("Url is required") } else { '' } ), [Parameter(Position=0)]$Secret = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_SECRET)) { throw ("Secret is required") } else { '' } ), [Parameter(Position=1)]$Name = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_AGENT_NAME)) { throw ("Name is required") } else { '' } ), @@ -34,12 +34,13 @@ Param( $Protocols = '', $JenkinsJavaBin = '', $JavaHome = $env:JAVA_HOME, - $JavaOpts = '' + $JenkinsJavaOpts = '' ) # Usage jenkins-agent.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] # Optional environment variables : # * JENKINS_JAVA_BIN : Java executable to use instead of the default in PATH or obtained from JAVA_HOME +# * JENKINS_JAVA_OPTS : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS # * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network # * JENKINS_URL : alternate jenkins URL # * JENKINS_SECRET : agent secret, if not set as an argument @@ -59,6 +60,7 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { # this maps the variable name from the CmdletBinding to environment variables $ParamMap = @{ 'JenkinsJavaBin' = 'JENKINS_JAVA_BIN'; + 'JenkinsJavaOpts' = 'JENKINS_JAVA_OPTS'; 'Tunnel' = 'JENKINS_TUNNEL'; 'Url' = 'JENKINS_URL'; 'Secret' = 'JENKINS_SECRET'; @@ -68,7 +70,6 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { 'DirectConnection' = 'JENKINS_DIRECT_CONNECTION'; 'InstanceIdentity' = 'JENKINS_INSTANCE_IDENTITY'; 'Protocols' = 'JENKINS_PROTOCOLS'; - 'JavaOpts' = 'JAVA_OPTS'; } # this does some trickery to update the variable from the CmdletBinding @@ -94,8 +95,13 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { $AgentArguments = @() - if(![System.String]::IsNullOrWhiteSpace($JavaOpts)) { - $AgentArguments += @($JavaOpts.split(" ")) + if(![System.String]::IsNullOrWhiteSpace($JenkinsJavaOpts)) { + # this magic will basically process the $JenkinsJavaOpts like a command line + # and split into an array, the command line processing follows the PowerShell + # commnd line processing, which means for things like -Dsomething.something=something, + # you need to quote the string like this: "-Dsomething.something=something" or else it + # will get parsed incorrectly. + $AgentArguments += Invoke-Expression "echo $JenkinsJavaOpts" } $AgentArguments += @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main", "-headless") diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 3bd65439d..01af53dee 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -43,7 +43,6 @@ Describe "[$global:JDK $global:FLAVOR] build image" { It 'builds image' { $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=$global:VERSION -t $global:AGENT_IMAGE $global:FOLDER" - # This failure was added on purpose to verify that the build will fail if a test fails $exitCode | Should -Be 0 } @@ -172,3 +171,37 @@ Describe "[$global:JDK $global:FLAVOR] build args" { Pop-Location -StackName 'agent' } } + + +Describe "[$global:JDK $global:FLAVOR] passing JVM options (slow test)" { + It "shows the java version with --show-version" { + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "network create --driver nat jnlp-network" + # Launch the netcat utility, listening at port 5000 for 30 sec + # bats will capture the output from netcat and compare the first line + # of the header of the first HTTP request with the expected one + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" + $exitCode | Should -Be 0 + Is-ContainerRunning "nmap" | Should -BeTrue + + # get the ip address of the nmap container + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect -f `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" + $exitCode | Should -Be 0 + $nmap_ip = $stdout.Trim() + + # run Jenkins agent which tries to connect to the nmap container at port 5000 + $secret = "aaa" + $name = "bbb" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --network=jnlp-network --name $global:AGENT_CONTAINER $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 -JenkinsJavaOpts `"--show-version`" $secret $name" + $exitCode | Should -Be 0 + Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "logs $global:AGENT_CONTAINER" + $exitCode | Should -Be 0 + $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JDK}" + } + + AfterAll { + Cleanup($global:AGENT_CONTAINER) + Cleanup("nmap") + CleanupNetwork("jnlp-network") + } +} \ No newline at end of file From d80c959f3a267ef37dccaae177255a22b3f4b063 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20MERLE?= <95630726+smerle33@users.noreply.github.com> Date: Sat, 10 Dec 2022 10:21:21 +0100 Subject: [PATCH 086/130] documentation(README): complement `JENKINS_JAVA_OPTS` usage for Windows (#313) Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> --- README.md | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index f11c9aa96..0aa1fe385 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ To run a Docker container with [Work Directory](https://github.com/jenkinsci/rem Optional environment variables: * `JENKINS_JAVA_BIN`: Path to Java executable to use instead of the default in PATH or obtained from JAVA_HOME -* `JENKINS_JAVA_OPTS` : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS +* `JENKINS_JAVA_OPTS` : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS, **Warning** :exclamation: For more information on Windows usage, please see the **Windows Jenkins Java Opts** [section below](#windows-jenkins-java-opts). * `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL * `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this agent host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. * `JENKINS_SECRET`: agent secret, if not set as an argument @@ -50,6 +50,26 @@ Optional environment variables: * `JENKINS_INSTANCE_IDENTITY`: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, the agent skips connecting to an HTTP(S) port for connection info. * `JENKINS_PROTOCOLS`: Specify the remoting protocols to attempt when `JENKINS_INSTANCE_IDENTITY` is provided. + +## Windows Jenkins Java Opts + +The processing of the JENKINS_JAVA_OPTS environment variable or -JenkinsJavaOpts command line parameter follow the [https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.3](command parsing semantics of Powershell). This means that if a parameter contains any characters that are part of an expression in Powershell, it will need to be surrounded by quotes. +For example: + +-XX:+PrintCommandLineFlags --show-version + +This would need to be escaped with quotes like this: + +"-XX:+PrintCommandLineFlags" --show-version + +Or another example: +-Dsome.property=some value --show-version + +This would need to be escaped like this: + +"-Dsome.property='some value'" --show-version + + ## Configuration specifics ### Enabled JNLP protocols From fab30ac83d5131deba73bbf84a233b6135965693 Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Sat, 29 Apr 2023 18:09:20 +0200 Subject: [PATCH 087/130] cleanup(windows) remove custom user (feature parity with Linux and delegating to parent image) Signed-off-by: Damien Duportal --- tests/inboundAgent.Tests.ps1 | 29 ++++++----------------------- 1 file changed, 6 insertions(+), 23 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 01af53dee..349454e5f 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -38,16 +38,16 @@ BuildNcatImage Describe "[$global:JDK $global:FLAVOR] build image" { BeforeAll { - Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." + Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." } It 'builds image' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=$global:VERSION -t $global:AGENT_IMAGE $global:FOLDER" - $exitCode | Should -Be 0 + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=$global:VERSION -t $global:AGENT_IMAGE $global:FOLDER" + $exitCode | Should -Be 0 } AfterAll { - Pop-Location -StackName 'agent' + Pop-Location -StackName 'agent' } } @@ -131,12 +131,11 @@ Describe "[$global:JDK $global:FLAVOR] build args" { # This old version must have the same tag suffixes as the current 4 windows images (`-jdk11-nanoserver` etc.) $TEST_VERSION="3046.v38db_38a_b_7a_86" $DOCKER_AGENT_VERSION_SUFFIX="1" - $TEST_USER="foo" $ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" } It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg version=${ARG_TEST_VERSION} --build-arg user=$TEST_USER -t $global:AGENT_IMAGE $global:FOLDER" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg version=${ARG_TEST_VERSION} -t $global:AGENT_IMAGE $global:FOLDER" $exitCode | Should -Be 0 $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name $global:AGENT_CONTAINER -P $global:AGENT_IMAGE -Cmd $global:SHELL" @@ -150,22 +149,6 @@ Describe "[$global:JDK $global:FLAVOR] build args" { $stdout | Should -Match $TEST_VERSION } - It "has the correct (overridden) user account and the container is running as that user" { - # check that the user exists and is the user the container is running as - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -c `"(Get-ChildItem env:\ | Where-Object { `$_.Name -eq 'USERNAME' }).Value`"" - $exitCode | Should -Be 0 - $stdout | Should -Match $TEST_USER - } - - It "has the correct password policy for overridden user account" { - # check that $TEST_USER's password never expires and that password is NOT required to login - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if((net user $TEST_USER | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { net user $TEST_USER ; exit -1 }`"" - $exitCode | Should -Be 0 - - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if((net user $TEST_USER | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { net user $TEST_USER ; exit -1 }`"" - $exitCode | Should -Be 0 - } - AfterAll { Cleanup($global:AGENT_CONTAINER) Pop-Location -StackName 'agent' @@ -204,4 +187,4 @@ Describe "[$global:JDK $global:FLAVOR] passing JVM options (slow test)" { Cleanup("nmap") CleanupNetwork("jnlp-network") } -} \ No newline at end of file +} From 106db6b2ab2eccd39e469a7f6f38540a93a906b2 Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Sun, 30 Apr 2023 10:55:16 +0200 Subject: [PATCH 088/130] chore(windows tests) fix harness to use long flags, no more interactive flag and same build command make.ps1 Signed-off-by: Damien Duportal --- tests/inboundAgent.Tests.ps1 | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 01af53dee..d4277fa6c 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -5,7 +5,6 @@ $global:AGENT_CONTAINER='pester-jenkins-inbound-agent' $global:SHELL="powershell.exe" $global:FOLDER = Get-EnvOrDefault 'FOLDER' '' -$global:VERSION = Get-EnvOrDefault 'VERSION' '4.9-1' $REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${global:FOLDER}" @@ -38,22 +37,22 @@ BuildNcatImage Describe "[$global:JDK $global:FLAVOR] build image" { BeforeAll { - Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." + Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." } It 'builds image' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg VERSION=$global:VERSION -t $global:AGENT_IMAGE $global:FOLDER" - $exitCode | Should -Be 0 + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --tag $global:AGENT_IMAGE --file $global:FOLDER/Dockerfile ./" + $exitCode | Should -Be 0 } AfterAll { - Pop-Location -StackName 'agent' + Pop-Location -StackName 'agent' } } Describe "[$global:JDK $global:FLAVOR] check default user account" { BeforeAll { - docker run -d -it --name "$global:AGENT_CONTAINER" -P "$global:AGENT_IMAGE" -Cmd "$global:SHELL" + docker run --detach --tty --name "$global:AGENT_CONTAINER" "$global:AGENT_IMAGE" -Cmd "$global:SHELL" $LASTEXITCODE | Should -Be 0 Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue } @@ -75,7 +74,8 @@ Describe "[$global:JDK $global:FLAVOR] check default user account" { Describe "[$global:JDK $global:FLAVOR] image has jenkins-agent.ps1 in the correct location" { BeforeAll { - & docker run -dit --name "$global:AGENT_CONTAINER" -P "$global:AGENT_IMAGE" -Cmd $global:SHELL + docker run --detach --tty --name "$global:AGENT_CONTAINER" "$global:AGENT_IMAGE" -Cmd "$global:SHELL" + $LASTEXITCODE | Should -Be 0 Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue } @@ -95,19 +95,19 @@ Describe "[$global:JDK $global:FLAVOR] image starts jenkins-agent.ps1 correctly # Launch the netcat utility, listening at port 5000 for 30 sec # bats will capture the output from netcat and compare the first line # of the header of the first HTTP request with the expected one - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" $exitCode | Should -Be 0 Is-ContainerRunning "nmap" | Should -BeTrue # get the ip address of the nmap container - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect -f `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect --format `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" $exitCode | Should -Be 0 $nmap_ip = $stdout.Trim() # run Jenkins agent which tries to connect to the nmap container at port 5000 $secret = "aaa" $name = "bbb" - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --network=jnlp-network --name $global:AGENT_CONTAINER $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 $secret $name" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run --detach --tty --network=jnlp-network --name $global:AGENT_CONTAINER $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 $secret $name" $exitCode | Should -Be 0 Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue @@ -139,7 +139,7 @@ Describe "[$global:JDK $global:FLAVOR] build args" { $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg version=${ARG_TEST_VERSION} --build-arg user=$TEST_USER -t $global:AGENT_IMAGE $global:FOLDER" $exitCode | Should -Be 0 - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name $global:AGENT_CONTAINER -P $global:AGENT_IMAGE -Cmd $global:SHELL" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run --detach --tty --name $global:AGENT_CONTAINER $global:AGENT_IMAGE -Cmd $global:SHELL" $exitCode | Should -Be 0 Is-ContainerRunning "$global:AGENT_CONTAINER" | Should -BeTrue } @@ -172,26 +172,25 @@ Describe "[$global:JDK $global:FLAVOR] build args" { } } - Describe "[$global:JDK $global:FLAVOR] passing JVM options (slow test)" { It "shows the java version with --show-version" { $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "network create --driver nat jnlp-network" # Launch the netcat utility, listening at port 5000 for 30 sec # bats will capture the output from netcat and compare the first line # of the header of the first HTTP request with the expected one - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" $exitCode | Should -Be 0 Is-ContainerRunning "nmap" | Should -BeTrue # get the ip address of the nmap container - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect -f `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect --format `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" $exitCode | Should -Be 0 $nmap_ip = $stdout.Trim() # run Jenkins agent which tries to connect to the nmap container at port 5000 $secret = "aaa" $name = "bbb" - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --network=jnlp-network --name $global:AGENT_CONTAINER $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 -JenkinsJavaOpts `"--show-version`" $secret $name" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run --detach --tty --network=jnlp-network --name $global:AGENT_CONTAINER $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 -JenkinsJavaOpts `"--show-version`" $secret $name" $exitCode | Should -Be 0 Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "logs $global:AGENT_CONTAINER" @@ -204,4 +203,4 @@ Describe "[$global:JDK $global:FLAVOR] passing JVM options (slow test)" { Cleanup("nmap") CleanupNetwork("jnlp-network") } -} \ No newline at end of file +} From 9aaaaa29ecaae07c31efa1500dbcd285314c98aa Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Thu, 18 May 2023 09:59:23 +0200 Subject: [PATCH 089/130] chore(windows) factorize JDK specification to make.ps1 Signed-off-by: Damien Duportal --- tests/inboundAgent.Tests.ps1 | 127 ++++++++++++++++------------------- 1 file changed, 57 insertions(+), 70 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index eb6715a24..4ac1989be 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -1,188 +1,175 @@ Import-Module -DisableNameChecking -Force $PSScriptRoot/test_helpers.psm1 -$global:AGENT_IMAGE='jenkins-inbound-agent' -$global:AGENT_CONTAINER='pester-jenkins-inbound-agent' -$global:SHELL="powershell.exe" - +$global:AGENT_IMAGE = Get-EnvOrDefault 'AGENT_IMAGE' '' $global:FOLDER = Get-EnvOrDefault 'FOLDER' '' +$global:JAVA_MAJOR_VERSION = Get-EnvOrDefault 'JAVA_MAJOR_VERSION' '' +$global:VERSION = Get-EnvOrDefault 'VERSION' '' + +# TODO: make this name unique for concurency +$global:CONTAINERNAME = 'pester-jenkins-inbound-agent-{0}' -f $global:AGENT_IMAGE $REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${global:FOLDER}" -if(($global:FOLDER -match '^(?[0-9]+)[\\/](?.+)$') -and (Test-Path $REAL_FOLDER)) { - $global:JDK = $Matches['jdk'] - $global:FLAVOR = $Matches['flavor'] -} else { - Write-Error "Wrong folder format or folder does not exist: $global:FOLDER" - exit 1 -} +$items = $global:AGENT_IMAGE.Split("-") -if($global:FLAVOR -match "nanoserver-(\d+)") { - $global:AGENT_IMAGE += "-nanoserver" - $global:AGENT_CONTAINER += "-nanoserver-$($Matches[1])" - $global:SHELL = "pwsh.exe" -} +# Remove the 'jdk' prefix (3 first characters) +$global:JDKMAJORVERSION = $items[0].Remove(0,3) +$global:WINDOWSFLAVOR = $items[1] +$global:WINDOWSVERSION = $items[2] -if($global:JDK -eq "17") { - $global:AGENT_IMAGE += ":jdk17" - $global:AGENT_CONTAINER += "-jdk17" -} else { - $global:AGENT_IMAGE += ":latest" +$global:CONTAINERSHELL="powershell.exe" +if($global:WINDOWSFLAVOR -eq 'nanoserver') { + $global:CONTAINERSHELL = "pwsh.exe" } -Cleanup($global:AGENT_CONTAINER) + +Cleanup($global:CONTAINERNAME) Cleanup("nmap") CleanupNetwork("jnlp-network") BuildNcatImage -Describe "[$global:JDK $global:FLAVOR] build image" { - BeforeAll { - Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." - } - +Describe "[$global:AGENT_IMAGE] build image" { It 'builds image' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --tag $global:AGENT_IMAGE --file $global:FOLDER/Dockerfile ./" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${global:VERSION} --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${global:AGENT_IMAGE} --file $global:FOLDER/Dockerfile ./" $exitCode | Should -Be 0 } - - AfterAll { - Pop-Location -StackName 'agent' - } } -Describe "[$global:JDK $global:FLAVOR] check default user account" { +Describe "[$global:AGENT_IMAGE] check default user account" { BeforeAll { - docker run --detach --tty --name "$global:AGENT_CONTAINER" "$global:AGENT_IMAGE" -Cmd "$global:SHELL" + docker run --detach --tty --name "$global:CONTAINERNAME" "$global:AGENT_IMAGE" -Cmd "$global:CONTAINERSHELL" $LASTEXITCODE | Should -Be 0 - Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue + Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue } It 'has a password that never expires' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { net user jenkins ; exit -1 }`"" + $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -C `"if((net user jenkins | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { net user jenkins ; exit -1 }`"" $exitCode | Should -Be 0 } It 'has password policy of "not required"' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if((net user jenkins | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { net user jenkins ; exit -1 }`"" + $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -C `"if((net user jenkins | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { net user jenkins ; exit -1 }`"" $exitCode | Should -Be 0 } AfterAll { - Cleanup($global:AGENT_CONTAINER) + Cleanup($global:CONTAINERNAME) } } -Describe "[$global:JDK $global:FLAVOR] image has jenkins-agent.ps1 in the correct location" { +Describe "[$global:AGENT_IMAGE] image has jenkins-agent.ps1 in the correct location" { BeforeAll { - docker run --detach --tty --name "$global:AGENT_CONTAINER" "$global:AGENT_IMAGE" -Cmd "$global:SHELL" + docker run --detach --tty --name "$global:CONTAINERNAME" "$global:AGENT_IMAGE" -Cmd "$global:CONTAINERSHELL" $LASTEXITCODE | Should -Be 0 - Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue + Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue } It 'has jenkins-agent.ps1 in C:/ProgramData/Jenkins' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -C `"if(Test-Path 'C:/ProgramData/Jenkins/jenkins-agent.ps1') { exit 0 } else { exit 1 }`"" + $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -C `"if(Test-Path 'C:/ProgramData/Jenkins/jenkins-agent.ps1') { exit 0 } else { exit 1 }`"" $exitCode | Should -Be 0 } AfterAll { - Cleanup($global:AGENT_CONTAINER) + Cleanup($global:CONTAINERNAME) } } -Describe "[$global:JDK $global:FLAVOR] image starts jenkins-agent.ps1 correctly (slow test)" { +Describe "[$global:AGENT_IMAGE] image starts jenkins-agent.ps1 correctly (slow test)" { It 'connects to the nmap container' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "network create --driver nat jnlp-network" + $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" # Launch the netcat utility, listening at port 5000 for 30 sec # bats will capture the output from netcat and compare the first line # of the header of the first HTTP request with the expected one - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" + $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" $exitCode | Should -Be 0 Is-ContainerRunning "nmap" | Should -BeTrue # get the ip address of the nmap container - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect --format `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" + $exitCode, $stdout, $stderr = Run-Program 'docker' "inspect --format `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" $exitCode | Should -Be 0 $nmap_ip = $stdout.Trim() # run Jenkins agent which tries to connect to the nmap container at port 5000 $secret = "aaa" $name = "bbb" - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run --detach --tty --network=jnlp-network --name $global:AGENT_CONTAINER $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 $secret $name" + $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --network=jnlp-network --name $global:CONTAINERNAME $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 $secret $name" $exitCode | Should -Be 0 - Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue + Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' 'wait nmap' - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' 'logs nmap' + $exitCode, $stdout, $stderr = Run-Program 'docker' 'wait nmap' + $exitCode, $stdout, $stderr = Run-Program 'docker' 'logs nmap' $exitCode | Should -Be 0 $stdout | Should -Match "GET /tcpSlaveAgentListener/ HTTP/1.1`r" } AfterAll { - Cleanup($global:AGENT_CONTAINER) + Cleanup($global:CONTAINERNAME) Cleanup("nmap") CleanupNetwork("jnlp-network") } } -Describe "[$global:JDK $global:FLAVOR] build args" { +Describe "[$global:AGENT_IMAGE] custom build args" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the current 4 windows images (`-jdk11-nanoserver` etc.) - $TEST_VERSION="3046.v38db_38a_b_7a_86" - $DOCKER_AGENT_VERSION_SUFFIX="1" - $ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" + $TEST_VERSION = "3046.v38db_38a_b_7a_86" + $DOCKER_AGENT_VERSION_SUFFIX = "1" + $ARG_TEST_VERSION = "${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" + $customImageName = "custom-${global:AGENT_IMAGE}" } It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg version=${ARG_TEST_VERSION} -t $global:AGENT_IMAGE $global:FOLDER" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${customImageName} --file=${global:FOLDER}/Dockerfile ./" $exitCode | Should -Be 0 - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run --detach --tty --name $global:AGENT_CONTAINER $global:AGENT_IMAGE -Cmd $global:SHELL" + $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" $exitCode | Should -Be 0 - Is-ContainerRunning "$global:AGENT_CONTAINER" | Should -BeTrue + Is-ContainerRunning "$global:CONTAINERNAME" | Should -BeTrue } It "has the correct agent.jar version" { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $global:AGENT_CONTAINER $global:SHELL -c `"java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version`"" + $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -c `"java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version`"" $exitCode | Should -Be 0 $stdout | Should -Match $TEST_VERSION } AfterAll { - Cleanup($global:AGENT_CONTAINER) + Cleanup($global:CONTAINERNAME) Pop-Location -StackName 'agent' } } -Describe "[$global:JDK $global:FLAVOR] passing JVM options (slow test)" { +Describe "[$global:AGENT_IMAGE] passing JVM options (slow test)" { It "shows the java version with --show-version" { - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "network create --driver nat jnlp-network" + $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" # Launch the netcat utility, listening at port 5000 for 30 sec # bats will capture the output from netcat and compare the first line # of the header of the first HTTP request with the expected one - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" + $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" $exitCode | Should -Be 0 Is-ContainerRunning "nmap" | Should -BeTrue # get the ip address of the nmap container - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect --format `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" + $exitCode, $stdout, $stderr = Run-Program 'docker' "inspect --format `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" $exitCode | Should -Be 0 $nmap_ip = $stdout.Trim() # run Jenkins agent which tries to connect to the nmap container at port 5000 $secret = "aaa" $name = "bbb" - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run --detach --tty --network=jnlp-network --name $global:AGENT_CONTAINER $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 -JenkinsJavaOpts `"--show-version`" $secret $name" + $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --network=jnlp-network --name $global:CONTAINERNAME $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 -JenkinsJavaOpts `"--show-version`" $secret $name" $exitCode | Should -Be 0 - Is-ContainerRunning $global:AGENT_CONTAINER | Should -BeTrue - $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "logs $global:AGENT_CONTAINER" + Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue + $exitCode, $stdout, $stderr = Run-Program 'docker' "logs $global:CONTAINERNAME" $exitCode | Should -Be 0 - $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JDK}" + $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JDKMAJORVERSION}" } AfterAll { - Cleanup($global:AGENT_CONTAINER) + Cleanup($global:CONTAINERNAME) Cleanup("nmap") CleanupNetwork("jnlp-network") } From c3a2767ae73b2ec0aad77929be48256af250127d Mon Sep 17 00:00:00 2001 From: Brian Krische <1189328+krische@users.noreply.github.com> Date: Wed, 28 Jun 2023 09:06:48 -0500 Subject: [PATCH 090/130] [Windows] Allow JENKINS_URL to not be set when JENKINS_DIRECT_CONNECTION is set (#361) --- jenkins-agent.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 2f354c2ef..c37ccb375 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -23,7 +23,7 @@ [CmdletBinding()] Param( $Cmd = '', # this must be specified explicitly - $Url = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_URL)) { throw ("Url is required") } else { '' } ), + $Url = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_URL) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_DIRECT_CONNECTION)) { throw ("Url is required") } else { '' } ), [Parameter(Position=0)]$Secret = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_SECRET)) { throw ("Secret is required") } else { '' } ), [Parameter(Position=1)]$Name = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_AGENT_NAME)) { throw ("Name is required") } else { '' } ), $Tunnel = '', From b7157d31473c36f17c02d05481d332f32706617d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Sat, 8 Jul 2023 19:14:30 +0200 Subject: [PATCH 091/130] build Windows images with docker compose like docker-agent and regroup dockerfiles --- jenkins-agent | 133 ----------------------------- jenkins-agent.ps1 | 156 ----------------------------------- tests/inboundAgent.Tests.ps1 | 14 ++-- tests/tests.bats | 2 +- 4 files changed, 8 insertions(+), 297 deletions(-) delete mode 100755 jenkins-agent delete mode 100644 jenkins-agent.ps1 diff --git a/jenkins-agent b/jenkins-agent deleted file mode 100755 index 6d1beb26e..000000000 --- a/jenkins-agent +++ /dev/null @@ -1,133 +0,0 @@ -#!/usr/bin/env sh - -# The MIT License -# -# Copyright (c) 2015-2020, CloudBees, Inc. -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. - -# Usage jenkins-agent.sh [options] -url http://jenkins [SECRET] [AGENT_NAME] -# Optional environment variables : -# * JENKINS_JAVA_BIN : Java executable to use instead of the default in PATH or obtained from JAVA_HOME -# * JENKINS_JAVA_OPTS : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS -# * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network -# * JENKINS_URL : alternate jenkins URL -# * JENKINS_SECRET : agent secret, if not set as an argument -# * JENKINS_AGENT_NAME : agent name, if not set as an argument -# * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir -# * JENKINS_WEB_SOCKET: true if the connection should be made via WebSocket rather than TCP -# * JENKINS_DIRECT_CONNECTION: Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. -# Value: ":" -# * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, -# the agent skips connecting to an HTTP(S) port for connection info. -# * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. - -if [ $# -eq 1 ] && [ "${1#-}" = "$1" ] ; then - - # if `docker run` only has one arguments and it is not an option as `-help`, we assume user is running alternate command like `bash` to inspect the image - exec "$@" - -else - - # if -tunnel is not provided, try env vars - case "$@" in - *"-tunnel "*) ;; - *) - if [ ! -z "$JENKINS_TUNNEL" ]; then - TUNNEL="-tunnel $JENKINS_TUNNEL" - fi ;; - esac - - # if -workDir is not provided, try env vars - if [ ! -z "$JENKINS_AGENT_WORKDIR" ]; then - case "$@" in - *"-workDir"*) echo "Warning: Work directory is defined twice in command-line arguments and the environment variable" ;; - *) - WORKDIR="-workDir $JENKINS_AGENT_WORKDIR" ;; - esac - fi - - if [ -n "$JENKINS_URL" ]; then - URL="-url $JENKINS_URL" - fi - - if [ -n "$JENKINS_NAME" ]; then - JENKINS_AGENT_NAME="$JENKINS_NAME" - fi - - if [ "$JENKINS_WEB_SOCKET" = true ]; then - WEB_SOCKET=-webSocket - fi - - if [ -n "$JENKINS_PROTOCOLS" ]; then - PROTOCOLS="-protocols $JENKINS_PROTOCOLS" - fi - - if [ -n "$JENKINS_DIRECT_CONNECTION" ]; then - DIRECT="-direct $JENKINS_DIRECT_CONNECTION" - fi - - if [ -n "$JENKINS_INSTANCE_IDENTITY" ]; then - INSTANCE_IDENTITY="-instanceIdentity $JENKINS_INSTANCE_IDENTITY" - fi - - if [ "$JENKINS_JAVA_BIN" ]; then - JAVA_BIN="$JENKINS_JAVA_BIN" - else - # if java home is defined, use it - JAVA_BIN="java" - if [ "$JAVA_HOME" ]; then - JAVA_BIN="$JAVA_HOME/bin/java" - fi - fi - - if [ "$JENKINS_JAVA_OPTS" ]; then - JAVA_OPTIONS="$JENKINS_JAVA_OPTS" - else - # if JAVA_OPTS is defined, use it - if [ "$JAVA_OPTS" ]; then - JAVA_OPTIONS="$JAVA_OPTS" - fi - fi - - # if both required options are defined, do not pass the parameters - OPT_JENKINS_SECRET="" - if [ -n "$JENKINS_SECRET" ]; then - case "$@" in - *"${JENKINS_SECRET}"*) echo "Warning: SECRET is defined twice in command-line arguments and the environment variable" ;; - *) - OPT_JENKINS_SECRET="${JENKINS_SECRET}" ;; - esac - fi - - OPT_JENKINS_AGENT_NAME="" - if [ -n "$JENKINS_AGENT_NAME" ]; then - case "$@" in - *"${JENKINS_AGENT_NAME}"*) echo "Warning: AGENT_NAME is defined twice in command-line arguments and the environment variable" ;; - *) - OPT_JENKINS_AGENT_NAME="${JENKINS_AGENT_NAME}" ;; - esac - fi - - #TODO: Handle the case when the command-line and Environment variable contain different values. - #It is fine it blows up for now since it should lead to an error anyway. - - exec $JAVA_BIN $JAVA_OPTIONS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" - -fi diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 deleted file mode 100644 index c37ccb375..000000000 --- a/jenkins-agent.ps1 +++ /dev/null @@ -1,156 +0,0 @@ -# The MIT License -# -# Copyright (c) 2019-2020, Alex Earl -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. - -[CmdletBinding()] -Param( - $Cmd = '', # this must be specified explicitly - $Url = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_URL) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_DIRECT_CONNECTION)) { throw ("Url is required") } else { '' } ), - [Parameter(Position=0)]$Secret = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_SECRET)) { throw ("Secret is required") } else { '' } ), - [Parameter(Position=1)]$Name = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_AGENT_NAME)) { throw ("Name is required") } else { '' } ), - $Tunnel = '', - $WorkDir = '', - [switch] $WebSocket = $false, - $DirectConnection = '', - $InstanceIdentity = '', - $Protocols = '', - $JenkinsJavaBin = '', - $JavaHome = $env:JAVA_HOME, - $JenkinsJavaOpts = '' -) - -# Usage jenkins-agent.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] -# Optional environment variables : -# * JENKINS_JAVA_BIN : Java executable to use instead of the default in PATH or obtained from JAVA_HOME -# * JENKINS_JAVA_OPTS : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS -# * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network -# * JENKINS_URL : alternate jenkins URL -# * JENKINS_SECRET : agent secret, if not set as an argument -# * JENKINS_AGENT_NAME : agent name, if not set as an argument -# * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir -# * JENKINS_WEB_SOCKET : true if the connection should be made via WebSocket rather than TCP -# * JENKINS_DIRECT_CONNECTION: Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. -# Value: ":" -# * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, -# the agent skips connecting to an HTTP(S) port for connection info. -# * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. - -if(![System.String]::IsNullOrWhiteSpace($Cmd)) { - Invoke-Expression "$Cmd" -} else { - - # this maps the variable name from the CmdletBinding to environment variables - $ParamMap = @{ - 'JenkinsJavaBin' = 'JENKINS_JAVA_BIN'; - 'JenkinsJavaOpts' = 'JENKINS_JAVA_OPTS'; - 'Tunnel' = 'JENKINS_TUNNEL'; - 'Url' = 'JENKINS_URL'; - 'Secret' = 'JENKINS_SECRET'; - 'Name' = 'JENKINS_AGENT_NAME'; - 'WorkDir' = 'JENKINS_AGENT_WORKDIR'; - 'WebSocket' = 'JENKINS_WEB_SOCKET'; - 'DirectConnection' = 'JENKINS_DIRECT_CONNECTION'; - 'InstanceIdentity' = 'JENKINS_INSTANCE_IDENTITY'; - 'Protocols' = 'JENKINS_PROTOCOLS'; - } - - # this does some trickery to update the variable from the CmdletBinding - # with the value of the - foreach($p in $ParamMap.Keys) { - $var = Get-Variable $p - $envVar = Get-ChildItem -Path "env:$($ParamMap[$p])" -ErrorAction 'SilentlyContinue' - - if(($null -ne $envVar) -and ((($envVar.Value -is [System.String]) -and (![System.String]::IsNullOrWhiteSpace($envVar.Value))) -or ($null -ne $envVar.Value))) { - if(($null -ne $var) -and ((($var.Value -is [System.String]) -and (![System.String]::IsNullOrWhiteSpace($var.Value))))) { - Write-Warning "${p} is defined twice; in command-line arguments (-${p}) and in the environment variable ${envVar.Name}" - } - if($var.Value -is [System.String]) { - $var.Value = $envVar.Value - } elseif($var.Value -is [System.Management.Automation.SwitchParameter]) { - $var.Value = [bool]$envVar.Value - } - } - if($var.Value -is [System.String]) { - $var.Value = $var.Value.Trim() - } - } - - $AgentArguments = @() - - if(![System.String]::IsNullOrWhiteSpace($JenkinsJavaOpts)) { - # this magic will basically process the $JenkinsJavaOpts like a command line - # and split into an array, the command line processing follows the PowerShell - # commnd line processing, which means for things like -Dsomething.something=something, - # you need to quote the string like this: "-Dsomething.something=something" or else it - # will get parsed incorrectly. - $AgentArguments += Invoke-Expression "echo $JenkinsJavaOpts" - } - - $AgentArguments += @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main", "-headless") - - if(![System.String]::IsNullOrWhiteSpace($Tunnel)) { - $AgentArguments += @("-tunnel", "`"$Tunnel`"") - } - - if(![System.String]::IsNullOrWhiteSpace($WorkDir)) { - $AgentArguments += @("-workDir", "`"$WorkDir`"") - } else { - $AgentArguments += @("-workDir", "`"C:/Users/jenkins/Work`"") - } - - if($WebSocket) { - $AgentArguments += @("-webSocket") - } - - if(![System.String]::IsNullOrWhiteSpace($Url)) { - $AgentArguments += @("-url", "`"$Url`"") - } - - if(![System.String]::IsNullOrWhiteSpace($DirectConnection)) { - $AgentArguments += @('-direct', $DirectConnection) - } - - if(![System.String]::IsNullOrWhiteSpace($InstanceIdentity)) { - $AgentArguments += @('-instanceIdentity', $InstanceIdentity) - } - - if(![System.String]::IsNullOrWhiteSpace($Protocols)) { - $AgentArguments += @('-protocols', $Protocols) - } - - # these need to be the last things added since they are positional - # parameters to agent.jar - $AgentArguments += @($Secret, $Name) - - if(![System.String]::IsNullOrWhiteSpace($JenkinsJavaBin)) { - $JAVA_BIN = $JenkinsJavaBin - } else { - # if java home is defined, use it - $JAVA_BIN = "java.exe" - if (![System.String]::IsNullOrWhiteSpace($JavaHome)) { - $JAVA_BIN = "$JavaHome/bin/java.exe" - } - } - - #TODO: Handle the case when the command-line and Environment variable contain different values. - #It is fine it blows up for now since it should lead to an error anyway. - Start-Process -FilePath $JAVA_BIN -Wait -NoNewWindow -ArgumentList $AgentArguments -} diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 4ac1989be..dd94bb320 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -1,19 +1,19 @@ Import-Module -DisableNameChecking -Force $PSScriptRoot/test_helpers.psm1 $global:AGENT_IMAGE = Get-EnvOrDefault 'AGENT_IMAGE' '' -$global:FOLDER = Get-EnvOrDefault 'FOLDER' '' -$global:JAVA_MAJOR_VERSION = Get-EnvOrDefault 'JAVA_MAJOR_VERSION' '' +$global:IMAGE_FOLDER = Get-EnvOrDefault 'IMAGE_FOLDER' '' $global:VERSION = Get-EnvOrDefault 'VERSION' '' # TODO: make this name unique for concurency $global:CONTAINERNAME = 'pester-jenkins-inbound-agent-{0}' -f $global:AGENT_IMAGE -$REAL_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${global:FOLDER}" +# TODO: delete as not used? +# $REAL_IMAGE_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${global:IMAGE_FOLDER}" $items = $global:AGENT_IMAGE.Split("-") # Remove the 'jdk' prefix (3 first characters) -$global:JDKMAJORVERSION = $items[0].Remove(0,3) +$global:JAVA_MAJOR_VERSION = $items[0].Remove(0,3) $global:WINDOWSFLAVOR = $items[1] $global:WINDOWSVERSION = $items[2] @@ -31,7 +31,7 @@ BuildNcatImage Describe "[$global:AGENT_IMAGE] build image" { It 'builds image' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${global:VERSION} --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${global:AGENT_IMAGE} --file $global:FOLDER/Dockerfile ./" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${global:VERSION} --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${global:AGENT_IMAGE} --file ${global:IMAGE_FOLDER}/Dockerfile.${global:WINDOWSFLAVOR} ${global:IMAGE_FOLDER}" $exitCode | Should -Be 0 } } @@ -122,7 +122,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${customImageName} --file=${global:FOLDER}/Dockerfile ./" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${ARG_TEST_VERSION} --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${customImageName} --file=${global:IMAGE_FOLDER}/Dockerfile.${global:WINDOWSFLAVOR} ${global:IMAGE_FOLDER}" $exitCode | Should -Be 0 $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" @@ -165,7 +165,7 @@ Describe "[$global:AGENT_IMAGE] passing JVM options (slow test)" { Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue $exitCode, $stdout, $stderr = Run-Program 'docker' "logs $global:CONTAINERNAME" $exitCode | Should -Be 0 - $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JDKMAJORVERSION}" + $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JAVA_MAJOR_VERSION}" } AfterAll { diff --git a/tests/tests.bats b/tests/tests.bats index fd4633e9f..8dc4abcda 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -58,7 +58,7 @@ SUT_IMAGE="$(get_sut_image)" sut_image="${SUT_IMAGE}-tests-${BATS_TEST_NUMBER}" docker buildx bake \ - --set "${IMAGE}".args.version="${ARG_TEST_VERSION}" \ + --set "${IMAGE}".args.VERSION="${ARG_TEST_VERSION}" \ --set "${IMAGE}".args.user="${TEST_USER}" \ --set "${IMAGE}".platform=linux/"${ARCH}" \ --set "${IMAGE}".tags="${sut_image}" \ From 07d810a705b7994f2157580d2840e7e961efc395 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Sun, 9 Jul 2023 11:50:52 +0200 Subject: [PATCH 092/130] refactor builds like https://github.com/jenkinsci/docker-agent/pull/445 --- tests/inboundAgent.Tests.ps1 | 18 ++++++++++-------- tests/netcat-helper/Dockerfile-windows | 3 ++- tests/tests.bats | 4 ++-- 3 files changed, 14 insertions(+), 11 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index dd94bb320..390ca48a0 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -3,13 +3,11 @@ Import-Module -DisableNameChecking -Force $PSScriptRoot/test_helpers.psm1 $global:AGENT_IMAGE = Get-EnvOrDefault 'AGENT_IMAGE' '' $global:IMAGE_FOLDER = Get-EnvOrDefault 'IMAGE_FOLDER' '' $global:VERSION = Get-EnvOrDefault 'VERSION' '' +$global:WINDOWS_VERSION_TAG = Get-EnvOrDefault 'WINDOWS_VERSION_TAG' '' # TODO: make this name unique for concurency $global:CONTAINERNAME = 'pester-jenkins-inbound-agent-{0}' -f $global:AGENT_IMAGE -# TODO: delete as not used? -# $REAL_IMAGE_FOLDER=Resolve-Path -Path "$PSScriptRoot/../${global:IMAGE_FOLDER}" - $items = $global:AGENT_IMAGE.Split("-") # Remove the 'jdk' prefix (3 first characters) @@ -20,6 +18,10 @@ $global:WINDOWSVERSION = $items[2] $global:CONTAINERSHELL="powershell.exe" if($global:WINDOWSFLAVOR -eq 'nanoserver') { $global:CONTAINERSHELL = "pwsh.exe" + # Special case for nanoserver-1809 + if($global:WINDOWSVERSION -eq '1809') { + $global:WINDOWS_VERSION_TAG = '1809' + } } @@ -27,11 +29,11 @@ Cleanup($global:CONTAINERNAME) Cleanup("nmap") CleanupNetwork("jnlp-network") -BuildNcatImage +BuildNcatImage($global:WINDOWS_VERSION_TAG) Describe "[$global:AGENT_IMAGE] build image" { It 'builds image' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${global:VERSION} --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${global:AGENT_IMAGE} --file ${global:IMAGE_FOLDER}/Dockerfile.${global:WINDOWSFLAVOR} ${global:IMAGE_FOLDER}" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${global:VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${global:AGENT_IMAGE} --file ${global:IMAGE_FOLDER}/Dockerfile.${global:WINDOWSFLAVOR} ${global:IMAGE_FOLDER}" $exitCode | Should -Be 0 } } @@ -115,14 +117,14 @@ Describe "[$global:AGENT_IMAGE] custom build args" { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the current 4 windows images (`-jdk11-nanoserver` etc.) - $TEST_VERSION = "3046.v38db_38a_b_7a_86" - $DOCKER_AGENT_VERSION_SUFFIX = "1" + $TEST_VERSION = "3131.vf2b_b_798b_ce99" + $DOCKER_AGENT_VERSION_SUFFIX = "4" $ARG_TEST_VERSION = "${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" $customImageName = "custom-${global:AGENT_IMAGE}" } It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${ARG_TEST_VERSION} --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${customImageName} --file=${global:IMAGE_FOLDER}/Dockerfile.${global:WINDOWSFLAVOR} ${global:IMAGE_FOLDER}" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${customImageName} --file=${global:IMAGE_FOLDER}/Dockerfile.${global:WINDOWSFLAVOR} ${global:IMAGE_FOLDER}" $exitCode | Should -Be 0 $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" diff --git a/tests/netcat-helper/Dockerfile-windows b/tests/netcat-helper/Dockerfile-windows index d42d52443..e8e18811b 100644 --- a/tests/netcat-helper/Dockerfile-windows +++ b/tests/netcat-helper/Dockerfile-windows @@ -22,7 +22,8 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # THE SOFTWARE. -FROM mcr.microsoft.com/windows/servercore:1809 +ARG WINDOWS_VERSION_TAG=1809 +FROM mcr.microsoft.com/windows/servercore:"${WINDOWS_VERSION_TAG}" SHELL ["powershell.exe", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] diff --git a/tests/tests.bats b/tests/tests.bats index 8dc4abcda..5cbb2a239 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -49,8 +49,8 @@ SUT_IMAGE="$(get_sut_image)" # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the ones defined in the docker-bake file (`-jdk17`, `jdk11`, etc.) - TEST_VERSION="3046.v38db_38a_b_7a_86" - DOCKER_AGENT_VERSION_SUFFIX="1" + TEST_VERSION="3131.vf2b_b_798b_ce99" + DOCKER_AGENT_VERSION_SUFFIX="4" ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" TEST_USER="root" From bd892f89accbefa1b9f7d42ebda02e6bb9a50e68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Tue, 11 Jul 2023 15:14:48 +0200 Subject: [PATCH 093/130] revert images regroupment by OS type --- tests/inboundAgent.Tests.ps1 | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 390ca48a0..80fadc6d8 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -1,7 +1,7 @@ Import-Module -DisableNameChecking -Force $PSScriptRoot/test_helpers.psm1 $global:AGENT_IMAGE = Get-EnvOrDefault 'AGENT_IMAGE' '' -$global:IMAGE_FOLDER = Get-EnvOrDefault 'IMAGE_FOLDER' '' +$global:BUILD_CONTEXT = Get-EnvOrDefault 'BUILD_CONTEXT' '' $global:VERSION = Get-EnvOrDefault 'VERSION' '' $global:WINDOWS_VERSION_TAG = Get-EnvOrDefault 'WINDOWS_VERSION_TAG' '' @@ -33,7 +33,8 @@ BuildNcatImage($global:WINDOWS_VERSION_TAG) Describe "[$global:AGENT_IMAGE] build image" { It 'builds image' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${global:VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${global:AGENT_IMAGE} --file ${global:IMAGE_FOLDER}/Dockerfile.${global:WINDOWSFLAVOR} ${global:IMAGE_FOLDER}" + # TODO: fix + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${global:VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${global:AGENT_IMAGE} --file ./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" $exitCode | Should -Be 0 } } @@ -124,7 +125,8 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${customImageName} --file=${global:IMAGE_FOLDER}/Dockerfile.${global:WINDOWSFLAVOR} ${global:IMAGE_FOLDER}" + # TODO: fix + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" $exitCode | Should -Be 0 $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" From 1b61b1c372085b90b50f6fa8f255c43881c4089e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Tue, 11 Jul 2023 15:19:57 +0200 Subject: [PATCH 094/130] restore jenkins-agent.ps1 location at root folder --- jenkins-agent.ps1 | 156 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 156 insertions(+) create mode 100644 jenkins-agent.ps1 diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 new file mode 100644 index 000000000..c37ccb375 --- /dev/null +++ b/jenkins-agent.ps1 @@ -0,0 +1,156 @@ +# The MIT License +# +# Copyright (c) 2019-2020, Alex Earl +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +# THE SOFTWARE. + +[CmdletBinding()] +Param( + $Cmd = '', # this must be specified explicitly + $Url = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_URL) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_DIRECT_CONNECTION)) { throw ("Url is required") } else { '' } ), + [Parameter(Position=0)]$Secret = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_SECRET)) { throw ("Secret is required") } else { '' } ), + [Parameter(Position=1)]$Name = $( if([System.String]::IsNullOrWhiteSpace($Cmd) -and [System.String]::IsNullOrWhiteSpace($env:JENKINS_AGENT_NAME)) { throw ("Name is required") } else { '' } ), + $Tunnel = '', + $WorkDir = '', + [switch] $WebSocket = $false, + $DirectConnection = '', + $InstanceIdentity = '', + $Protocols = '', + $JenkinsJavaBin = '', + $JavaHome = $env:JAVA_HOME, + $JenkinsJavaOpts = '' +) + +# Usage jenkins-agent.ps1 [options] -Url http://jenkins -Secret [SECRET] -Name [AGENT_NAME] +# Optional environment variables : +# * JENKINS_JAVA_BIN : Java executable to use instead of the default in PATH or obtained from JAVA_HOME +# * JENKINS_JAVA_OPTS : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS +# * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network +# * JENKINS_URL : alternate jenkins URL +# * JENKINS_SECRET : agent secret, if not set as an argument +# * JENKINS_AGENT_NAME : agent name, if not set as an argument +# * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir +# * JENKINS_WEB_SOCKET : true if the connection should be made via WebSocket rather than TCP +# * JENKINS_DIRECT_CONNECTION: Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. +# Value: ":" +# * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, +# the agent skips connecting to an HTTP(S) port for connection info. +# * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. + +if(![System.String]::IsNullOrWhiteSpace($Cmd)) { + Invoke-Expression "$Cmd" +} else { + + # this maps the variable name from the CmdletBinding to environment variables + $ParamMap = @{ + 'JenkinsJavaBin' = 'JENKINS_JAVA_BIN'; + 'JenkinsJavaOpts' = 'JENKINS_JAVA_OPTS'; + 'Tunnel' = 'JENKINS_TUNNEL'; + 'Url' = 'JENKINS_URL'; + 'Secret' = 'JENKINS_SECRET'; + 'Name' = 'JENKINS_AGENT_NAME'; + 'WorkDir' = 'JENKINS_AGENT_WORKDIR'; + 'WebSocket' = 'JENKINS_WEB_SOCKET'; + 'DirectConnection' = 'JENKINS_DIRECT_CONNECTION'; + 'InstanceIdentity' = 'JENKINS_INSTANCE_IDENTITY'; + 'Protocols' = 'JENKINS_PROTOCOLS'; + } + + # this does some trickery to update the variable from the CmdletBinding + # with the value of the + foreach($p in $ParamMap.Keys) { + $var = Get-Variable $p + $envVar = Get-ChildItem -Path "env:$($ParamMap[$p])" -ErrorAction 'SilentlyContinue' + + if(($null -ne $envVar) -and ((($envVar.Value -is [System.String]) -and (![System.String]::IsNullOrWhiteSpace($envVar.Value))) -or ($null -ne $envVar.Value))) { + if(($null -ne $var) -and ((($var.Value -is [System.String]) -and (![System.String]::IsNullOrWhiteSpace($var.Value))))) { + Write-Warning "${p} is defined twice; in command-line arguments (-${p}) and in the environment variable ${envVar.Name}" + } + if($var.Value -is [System.String]) { + $var.Value = $envVar.Value + } elseif($var.Value -is [System.Management.Automation.SwitchParameter]) { + $var.Value = [bool]$envVar.Value + } + } + if($var.Value -is [System.String]) { + $var.Value = $var.Value.Trim() + } + } + + $AgentArguments = @() + + if(![System.String]::IsNullOrWhiteSpace($JenkinsJavaOpts)) { + # this magic will basically process the $JenkinsJavaOpts like a command line + # and split into an array, the command line processing follows the PowerShell + # commnd line processing, which means for things like -Dsomething.something=something, + # you need to quote the string like this: "-Dsomething.something=something" or else it + # will get parsed incorrectly. + $AgentArguments += Invoke-Expression "echo $JenkinsJavaOpts" + } + + $AgentArguments += @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main", "-headless") + + if(![System.String]::IsNullOrWhiteSpace($Tunnel)) { + $AgentArguments += @("-tunnel", "`"$Tunnel`"") + } + + if(![System.String]::IsNullOrWhiteSpace($WorkDir)) { + $AgentArguments += @("-workDir", "`"$WorkDir`"") + } else { + $AgentArguments += @("-workDir", "`"C:/Users/jenkins/Work`"") + } + + if($WebSocket) { + $AgentArguments += @("-webSocket") + } + + if(![System.String]::IsNullOrWhiteSpace($Url)) { + $AgentArguments += @("-url", "`"$Url`"") + } + + if(![System.String]::IsNullOrWhiteSpace($DirectConnection)) { + $AgentArguments += @('-direct', $DirectConnection) + } + + if(![System.String]::IsNullOrWhiteSpace($InstanceIdentity)) { + $AgentArguments += @('-instanceIdentity', $InstanceIdentity) + } + + if(![System.String]::IsNullOrWhiteSpace($Protocols)) { + $AgentArguments += @('-protocols', $Protocols) + } + + # these need to be the last things added since they are positional + # parameters to agent.jar + $AgentArguments += @($Secret, $Name) + + if(![System.String]::IsNullOrWhiteSpace($JenkinsJavaBin)) { + $JAVA_BIN = $JenkinsJavaBin + } else { + # if java home is defined, use it + $JAVA_BIN = "java.exe" + if (![System.String]::IsNullOrWhiteSpace($JavaHome)) { + $JAVA_BIN = "$JavaHome/bin/java.exe" + } + } + + #TODO: Handle the case when the command-line and Environment variable contain different values. + #It is fine it blows up for now since it should lead to an error anyway. + Start-Process -FilePath $JAVA_BIN -Wait -NoNewWindow -ArgumentList $AgentArguments +} From 344561b58d4546d1ff2d1900f3aa5e801353878f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Tue, 11 Jul 2023 15:35:58 +0200 Subject: [PATCH 095/130] clean comments --- tests/inboundAgent.Tests.ps1 | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 80fadc6d8..f68147d9b 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -33,7 +33,6 @@ BuildNcatImage($global:WINDOWS_VERSION_TAG) Describe "[$global:AGENT_IMAGE] build image" { It 'builds image' { - # TODO: fix $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${global:VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${global:AGENT_IMAGE} --file ./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" $exitCode | Should -Be 0 } @@ -117,7 +116,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." # Old version used to test overriding the build arguments. - # This old version must have the same tag suffixes as the current 4 windows images (`-jdk11-nanoserver` etc.) + # This old version must have the same tag suffixes as the current windows images (`-jdk11-nanoserver` etc.), and the same Windows version (2019, 2022, etc.) $TEST_VERSION = "3131.vf2b_b_798b_ce99" $DOCKER_AGENT_VERSION_SUFFIX = "4" $ARG_TEST_VERSION = "${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" @@ -125,7 +124,6 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } It 'builds image with arguments' { - # TODO: fix $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" $exitCode | Should -Be 0 From ea397920ff13bf1cc8e8e45df93f3f62b2f341a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Tue, 11 Jul 2023 15:58:03 +0200 Subject: [PATCH 096/130] restore docker-bake & jenkins-agent script location --- jenkins-agent | 133 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 133 insertions(+) create mode 100755 jenkins-agent diff --git a/jenkins-agent b/jenkins-agent new file mode 100755 index 000000000..6d1beb26e --- /dev/null +++ b/jenkins-agent @@ -0,0 +1,133 @@ +#!/usr/bin/env sh + +# The MIT License +# +# Copyright (c) 2015-2020, CloudBees, Inc. +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +# THE SOFTWARE. + +# Usage jenkins-agent.sh [options] -url http://jenkins [SECRET] [AGENT_NAME] +# Optional environment variables : +# * JENKINS_JAVA_BIN : Java executable to use instead of the default in PATH or obtained from JAVA_HOME +# * JENKINS_JAVA_OPTS : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS +# * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network +# * JENKINS_URL : alternate jenkins URL +# * JENKINS_SECRET : agent secret, if not set as an argument +# * JENKINS_AGENT_NAME : agent name, if not set as an argument +# * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir +# * JENKINS_WEB_SOCKET: true if the connection should be made via WebSocket rather than TCP +# * JENKINS_DIRECT_CONNECTION: Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. +# Value: ":" +# * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, +# the agent skips connecting to an HTTP(S) port for connection info. +# * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. + +if [ $# -eq 1 ] && [ "${1#-}" = "$1" ] ; then + + # if `docker run` only has one arguments and it is not an option as `-help`, we assume user is running alternate command like `bash` to inspect the image + exec "$@" + +else + + # if -tunnel is not provided, try env vars + case "$@" in + *"-tunnel "*) ;; + *) + if [ ! -z "$JENKINS_TUNNEL" ]; then + TUNNEL="-tunnel $JENKINS_TUNNEL" + fi ;; + esac + + # if -workDir is not provided, try env vars + if [ ! -z "$JENKINS_AGENT_WORKDIR" ]; then + case "$@" in + *"-workDir"*) echo "Warning: Work directory is defined twice in command-line arguments and the environment variable" ;; + *) + WORKDIR="-workDir $JENKINS_AGENT_WORKDIR" ;; + esac + fi + + if [ -n "$JENKINS_URL" ]; then + URL="-url $JENKINS_URL" + fi + + if [ -n "$JENKINS_NAME" ]; then + JENKINS_AGENT_NAME="$JENKINS_NAME" + fi + + if [ "$JENKINS_WEB_SOCKET" = true ]; then + WEB_SOCKET=-webSocket + fi + + if [ -n "$JENKINS_PROTOCOLS" ]; then + PROTOCOLS="-protocols $JENKINS_PROTOCOLS" + fi + + if [ -n "$JENKINS_DIRECT_CONNECTION" ]; then + DIRECT="-direct $JENKINS_DIRECT_CONNECTION" + fi + + if [ -n "$JENKINS_INSTANCE_IDENTITY" ]; then + INSTANCE_IDENTITY="-instanceIdentity $JENKINS_INSTANCE_IDENTITY" + fi + + if [ "$JENKINS_JAVA_BIN" ]; then + JAVA_BIN="$JENKINS_JAVA_BIN" + else + # if java home is defined, use it + JAVA_BIN="java" + if [ "$JAVA_HOME" ]; then + JAVA_BIN="$JAVA_HOME/bin/java" + fi + fi + + if [ "$JENKINS_JAVA_OPTS" ]; then + JAVA_OPTIONS="$JENKINS_JAVA_OPTS" + else + # if JAVA_OPTS is defined, use it + if [ "$JAVA_OPTS" ]; then + JAVA_OPTIONS="$JAVA_OPTS" + fi + fi + + # if both required options are defined, do not pass the parameters + OPT_JENKINS_SECRET="" + if [ -n "$JENKINS_SECRET" ]; then + case "$@" in + *"${JENKINS_SECRET}"*) echo "Warning: SECRET is defined twice in command-line arguments and the environment variable" ;; + *) + OPT_JENKINS_SECRET="${JENKINS_SECRET}" ;; + esac + fi + + OPT_JENKINS_AGENT_NAME="" + if [ -n "$JENKINS_AGENT_NAME" ]; then + case "$@" in + *"${JENKINS_AGENT_NAME}"*) echo "Warning: AGENT_NAME is defined twice in command-line arguments and the environment variable" ;; + *) + OPT_JENKINS_AGENT_NAME="${JENKINS_AGENT_NAME}" ;; + esac + fi + + #TODO: Handle the case when the command-line and Environment variable contain different values. + #It is fine it blows up for now since it should lead to an error anyway. + + exec $JAVA_BIN $JAVA_OPTIONS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + +fi From 61f7e3fb87474c4c85c0a3d948c89d272f6edc19 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Tue, 11 Jul 2023 16:07:35 +0200 Subject: [PATCH 097/130] replace DOCKER_AGENT_VERSION by PARENT_IMAGE_VERSION --- tests/inboundAgent.Tests.ps1 | 4 ++-- tests/tests.bats | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index f68147d9b..8c89b7a03 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -118,8 +118,8 @@ Describe "[$global:AGENT_IMAGE] custom build args" { # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the current windows images (`-jdk11-nanoserver` etc.), and the same Windows version (2019, 2022, etc.) $TEST_VERSION = "3131.vf2b_b_798b_ce99" - $DOCKER_AGENT_VERSION_SUFFIX = "4" - $ARG_TEST_VERSION = "${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" + $PARENT_IMAGE_VERSION_SUFFIX = "4" + $ARG_TEST_VERSION = "${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" $customImageName = "custom-${global:AGENT_IMAGE}" } diff --git a/tests/tests.bats b/tests/tests.bats index 5cbb2a239..a216d1fc4 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -45,14 +45,14 @@ SUT_IMAGE="$(get_sut_image)" @test "[${SUT_IMAGE}] use build args correctly" { cd "${BATS_TEST_DIRNAME}"/.. || false - local TEST_VERSION DOCKER_AGENT_VERSION_SUFFIX ARG_TEST_VERSION TEST_USER sut_image sut_cid + local TEST_VERSION PARENT_IMAGE_VERSION_SUFFIX ARG_TEST_VERSION TEST_USER sut_image sut_cid # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the ones defined in the docker-bake file (`-jdk17`, `jdk11`, etc.) TEST_VERSION="3131.vf2b_b_798b_ce99" - DOCKER_AGENT_VERSION_SUFFIX="4" + PARENT_IMAGE_VERSION_SUFFIX="4" - ARG_TEST_VERSION="${TEST_VERSION}-${DOCKER_AGENT_VERSION_SUFFIX}" + ARG_TEST_VERSION="${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" TEST_USER="root" sut_image="${SUT_IMAGE}-tests-${BATS_TEST_NUMBER}" From 8543246fe9b75fe50374f9d43a5ee86dde776530 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Tue, 11 Jul 2023 16:11:40 +0200 Subject: [PATCH 098/130] replace 'VERSION' by 'version' --- tests/inboundAgent.Tests.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 8c89b7a03..7a47b59ad 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -2,7 +2,7 @@ Import-Module -DisableNameChecking -Force $PSScriptRoot/test_helpers.psm1 $global:AGENT_IMAGE = Get-EnvOrDefault 'AGENT_IMAGE' '' $global:BUILD_CONTEXT = Get-EnvOrDefault 'BUILD_CONTEXT' '' -$global:VERSION = Get-EnvOrDefault 'VERSION' '' +$global:version = Get-EnvOrDefault 'VERSION' '' $global:WINDOWS_VERSION_TAG = Get-EnvOrDefault 'WINDOWS_VERSION_TAG' '' # TODO: make this name unique for concurency @@ -33,7 +33,7 @@ BuildNcatImage($global:WINDOWS_VERSION_TAG) Describe "[$global:AGENT_IMAGE] build image" { It 'builds image' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${global:VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${global:AGENT_IMAGE} --file ./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${global:version} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${global:AGENT_IMAGE} --file ./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" $exitCode | Should -Be 0 } } @@ -124,7 +124,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg VERSION=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" $exitCode | Should -Be 0 $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" From 0213d3ce71a6ccc972ac497426b4fb1f348007ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Tue, 11 Jul 2023 18:48:56 +0200 Subject: [PATCH 099/130] restore 'version' case in tests.bats --- tests/tests.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/tests.bats b/tests/tests.bats index a216d1fc4..72605188e 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -58,7 +58,7 @@ SUT_IMAGE="$(get_sut_image)" sut_image="${SUT_IMAGE}-tests-${BATS_TEST_NUMBER}" docker buildx bake \ - --set "${IMAGE}".args.VERSION="${ARG_TEST_VERSION}" \ + --set "${IMAGE}".args.version="${ARG_TEST_VERSION}" \ --set "${IMAGE}".args.user="${TEST_USER}" \ --set "${IMAGE}".platform=linux/"${ARCH}" \ --set "${IMAGE}".tags="${sut_image}" \ From cb1ef87482923dc650139869af1000480aa79ff1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Sun, 30 Jul 2023 19:03:38 +0200 Subject: [PATCH 100/130] chore: output JAVA_MAJOR_VERSION in tests --- tests/inboundAgent.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 7a47b59ad..69ef0bbc2 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -145,7 +145,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } Describe "[$global:AGENT_IMAGE] passing JVM options (slow test)" { - It "shows the java version with --show-version" { + It "shows the java version ${global:JAVA_MAJOR_VERSION} with --show-version" { $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" # Launch the netcat utility, listening at port 5000 for 30 sec # bats will capture the output from netcat and compare the first line From 077c01366714f7eeb6f1e52aac6e479543f27481 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Mon, 31 Jul 2023 11:32:35 +0200 Subject: [PATCH 101/130] chore: remove duplicated space --- tests/inboundAgent.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 69ef0bbc2..e0ba47806 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -145,7 +145,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } Describe "[$global:AGENT_IMAGE] passing JVM options (slow test)" { - It "shows the java version ${global:JAVA_MAJOR_VERSION} with --show-version" { + It "shows the java version ${global:JAVA_MAJOR_VERSION} with --show-version" { $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" # Launch the netcat utility, listening at port 5000 for 30 sec # bats will capture the output from netcat and compare the first line From b3d78f795e8a45915aa9296f59a30e8372c216af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Mon, 31 Jul 2023 12:29:06 +0200 Subject: [PATCH 102/130] chore: show `JAVA_MAJOR_VERSION` in tests output --- tests/inboundAgent.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 7a47b59ad..e0ba47806 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -145,7 +145,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } Describe "[$global:AGENT_IMAGE] passing JVM options (slow test)" { - It "shows the java version with --show-version" { + It "shows the java version ${global:JAVA_MAJOR_VERSION} with --show-version" { $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" # Launch the netcat utility, listening at port 5000 for 30 sec # bats will capture the output from netcat and compare the first line From 2378fb03f1bdb8c0125b24e5288b965808c46909 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= <91831478+lemeurherve@users.noreply.github.com> Date: Mon, 31 Jul 2023 15:52:28 +0200 Subject: [PATCH 103/130] chore: fix link title in README (#381) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 0aa1fe385..bca13b14d 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ Optional environment variables: ## Windows Jenkins Java Opts -The processing of the JENKINS_JAVA_OPTS environment variable or -JenkinsJavaOpts command line parameter follow the [https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.3](command parsing semantics of Powershell). This means that if a parameter contains any characters that are part of an expression in Powershell, it will need to be surrounded by quotes. +The processing of the JENKINS_JAVA_OPTS environment variable or -JenkinsJavaOpts command line parameter follow the [command parsing semantics of Powershell](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.3). This means that if a parameter contains any characters that are part of an expression in Powershell, it will need to be surrounded by quotes. For example: -XX:+PrintCommandLineFlags --show-version From 67cc8014a13099ac368983d1564a605133336e24 Mon Sep 17 00:00:00 2001 From: Alexander Brandes Date: Thu, 3 Aug 2023 16:45:08 +0200 Subject: [PATCH 104/130] Sync README.md with docker hub (#385) --- .github/workflows/sync-dockerhub-readme.yaml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/workflows/sync-dockerhub-readme.yaml diff --git a/.github/workflows/sync-dockerhub-readme.yaml b/.github/workflows/sync-dockerhub-readme.yaml new file mode 100644 index 000000000..559d6d1a7 --- /dev/null +++ b/.github/workflows/sync-dockerhub-readme.yaml @@ -0,0 +1,19 @@ +name: Update Docker Hub Description +on: + release: + types: [ published ] + workflow_dispatch: + +jobs: + dockerHubDescription: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Update Docker Hub description + uses: peter-evans/dockerhub-description@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + enable-url-completion: true + short-description: ${{ github.event.repository.description }} + repository: jenkins/inbound-agent From 2c87f973d3691c5a67cbcf9b58f5de2bf10f51d4 Mon Sep 17 00:00:00 2001 From: Alex Earl Date: Thu, 31 Aug 2023 13:38:13 -0700 Subject: [PATCH 105/130] Fix incorrect link (#392) Changes link that was pointing to the wiki to point to the documentation on jenkins.io. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index bca13b14d..68eeebbe4 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ These images are deprecated, use [jenkins/inbound-agent](https://hub.docker.com/ This is an image for [Jenkins](https://jenkins.io) agents using TCP or WebSockets to establish inbound connection to the Jenkins master. This agent is powered by the [Jenkins Remoting library](https://github.com/jenkinsci/remoting), which version is being taken from the base [Docker Agent](https://github.com/jenkinsci/docker-agent/) image. -See [Jenkins Distributed builds](https://wiki.jenkins-ci.org/display/JENKINS/Distributed+builds) for more info. +See [Using Agents](https://www.jenkins.io/doc/book/using/using-agents/) for more info. ## Running From 3df8eade48dd8e89e3e342575abac63758f2e5ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Thu, 7 Sep 2023 23:23:47 +0200 Subject: [PATCH 106/130] refactor like jenkinsci/docker-agent#459 --- tests/inboundAgent.Tests.ps1 | 28 ++++++++++++-------------- tests/netcat-helper/Dockerfile-windows | 1 + 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index e0ba47806..9b38846d4 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -3,37 +3,35 @@ Import-Module -DisableNameChecking -Force $PSScriptRoot/test_helpers.psm1 $global:AGENT_IMAGE = Get-EnvOrDefault 'AGENT_IMAGE' '' $global:BUILD_CONTEXT = Get-EnvOrDefault 'BUILD_CONTEXT' '' $global:version = Get-EnvOrDefault 'VERSION' '' -$global:WINDOWS_VERSION_TAG = Get-EnvOrDefault 'WINDOWS_VERSION_TAG' '' - -# TODO: make this name unique for concurency -$global:CONTAINERNAME = 'pester-jenkins-inbound-agent-{0}' -f $global:AGENT_IMAGE $items = $global:AGENT_IMAGE.Split("-") # Remove the 'jdk' prefix (3 first characters) -$global:JAVA_MAJOR_VERSION = $items[0].Remove(0,3) +$global:JAVAMAJORVERSION = $items[0].Remove(0,3) $global:WINDOWSFLAVOR = $items[1] -$global:WINDOWSVERSION = $items[2] +$global:WINDOWSVERSIONTAG = $items[2] + +# TODO: make this name unique for concurency +$global:CONTAINERNAME = 'pester-jenkins-inbound-agent-{0}' -f $global:AGENT_IMAGE $global:CONTAINERSHELL="powershell.exe" if($global:WINDOWSFLAVOR -eq 'nanoserver') { $global:CONTAINERSHELL = "pwsh.exe" - # Special case for nanoserver-1809 - if($global:WINDOWSVERSION -eq '1809') { - $global:WINDOWS_VERSION_TAG = '1809' - } } +# # Uncomment to help debugging when working on this script +# Write-Host "= DEBUG: global vars" +# Get-Variable -Scope Global | ForEach-Object { Write-Host "$($_.Name) = $($_.Value)" } Cleanup($global:CONTAINERNAME) Cleanup("nmap") CleanupNetwork("jnlp-network") -BuildNcatImage($global:WINDOWS_VERSION_TAG) +BuildNcatImage($global:WINDOWSVERSIONTAG) Describe "[$global:AGENT_IMAGE] build image" { It 'builds image' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${global:version} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${global:AGENT_IMAGE} --file ./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${global:version} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVAMAJORVERSION} --tag=${global:AGENT_IMAGE} --file ./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" $exitCode | Should -Be 0 } } @@ -124,7 +122,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWS_VERSION_TAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVA_MAJOR_VERSION} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVAMAJORVERSION} --build-arg WINDOWS_FLAVOR=${global:WINDOWSFLAVOR} --build-arg CONTAINER_SHELL=${global:CONTAINERSHELL} --tag=${customImageName} --file=./windows/Dockerfile ${global:BUILD_CONTEXT}" $exitCode | Should -Be 0 $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" @@ -145,7 +143,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } Describe "[$global:AGENT_IMAGE] passing JVM options (slow test)" { - It "shows the java version ${global:JAVA_MAJOR_VERSION} with --show-version" { + It "shows the java version ${global:JAVAMAJORVERSION} with --show-version" { $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" # Launch the netcat utility, listening at port 5000 for 30 sec # bats will capture the output from netcat and compare the first line @@ -167,7 +165,7 @@ Describe "[$global:AGENT_IMAGE] passing JVM options (slow test)" { Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue $exitCode, $stdout, $stderr = Run-Program 'docker' "logs $global:CONTAINERNAME" $exitCode | Should -Be 0 - $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JAVA_MAJOR_VERSION}" + $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JAVAMAJORVERSION}" } AfterAll { diff --git a/tests/netcat-helper/Dockerfile-windows b/tests/netcat-helper/Dockerfile-windows index e8e18811b..38e3a09d6 100644 --- a/tests/netcat-helper/Dockerfile-windows +++ b/tests/netcat-helper/Dockerfile-windows @@ -22,6 +22,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # THE SOFTWARE. +# Available tags: https://mcr.microsoft.com/v2/windows/servercore/tags/list ARG WINDOWS_VERSION_TAG=1809 FROM mcr.microsoft.com/windows/servercore:"${WINDOWS_VERSION_TAG}" From 42379401ddcb1995a87be1e2f068f4e17a4a8f16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 8 Sep 2023 01:40:35 +0200 Subject: [PATCH 107/130] fix: switch to the docker-agent version which has nanoserver-ltsc2019 & windowsservercore-1809 variants --- tests/inboundAgent.Tests.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 9b38846d4..13221ce60 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -115,8 +115,8 @@ Describe "[$global:AGENT_IMAGE] custom build args" { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the current windows images (`-jdk11-nanoserver` etc.), and the same Windows version (2019, 2022, etc.) - $TEST_VERSION = "3131.vf2b_b_798b_ce99" - $PARENT_IMAGE_VERSION_SUFFIX = "4" + $TEST_VERSION = "3148.v532a_7e715ee3" + $PARENT_IMAGE_VERSION_SUFFIX = "3" $ARG_TEST_VERSION = "${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" $customImageName = "custom-${global:AGENT_IMAGE}" } From ef3f84158594204552b3bb3f938be3eabb0b2835 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 8 Sep 2023 01:52:02 +0200 Subject: [PATCH 108/130] fix bad rebase --- tests/inboundAgent.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 13221ce60..045ec9b4f 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -122,7 +122,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVAMAJORVERSION} --build-arg WINDOWS_FLAVOR=${global:WINDOWSFLAVOR} --build-arg CONTAINER_SHELL=${global:CONTAINERSHELL} --tag=${customImageName} --file=./windows/Dockerfile ${global:BUILD_CONTEXT}" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVAMAJORVERSION} --build-arg WINDOWS_FLAVOR=${global:WINDOWSFLAVOR} --build-arg CONTAINER_SHELL=${global:CONTAINERSHELL} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" $exitCode | Should -Be 0 $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" From 375eb8f3f8076fd02adce204f8f8ed9c1eb6f645 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 8 Sep 2023 02:00:39 +0200 Subject: [PATCH 109/130] run slow tests at the end --- tests/inboundAgent.Tests.ps1 | 64 ++++++++++++++++++------------------ 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 045ec9b4f..0825938d8 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -75,6 +75,38 @@ Describe "[$global:AGENT_IMAGE] image has jenkins-agent.ps1 in the correct locat } } +Describe "[$global:AGENT_IMAGE] custom build args" { + BeforeAll { + Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." + # Old version used to test overriding the build arguments. + # This old version must have the same tag suffixes as the current windows images (`-jdk11-nanoserver` etc.), and the same Windows version (2019, 2022, etc.) + $TEST_VERSION = "3148.v532a_7e715ee3" + $PARENT_IMAGE_VERSION_SUFFIX = "3" + $ARG_TEST_VERSION = "${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" + $customImageName = "custom-${global:AGENT_IMAGE}" + } + + It 'builds image with arguments' { + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVAMAJORVERSION} --build-arg WINDOWS_FLAVOR=${global:WINDOWSFLAVOR} --build-arg CONTAINER_SHELL=${global:CONTAINERSHELL} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" + $exitCode | Should -Be 0 + + $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" + $exitCode | Should -Be 0 + Is-ContainerRunning "$global:CONTAINERNAME" | Should -BeTrue + } + + It "has the correct agent.jar version" { + $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -c `"java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version`"" + $exitCode | Should -Be 0 + $stdout | Should -Match $TEST_VERSION + } + + AfterAll { + Cleanup($global:CONTAINERNAME) + Pop-Location -StackName 'agent' + } +} + Describe "[$global:AGENT_IMAGE] image starts jenkins-agent.ps1 correctly (slow test)" { It 'connects to the nmap container' { $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" @@ -110,38 +142,6 @@ Describe "[$global:AGENT_IMAGE] image starts jenkins-agent.ps1 correctly (slow t } } -Describe "[$global:AGENT_IMAGE] custom build args" { - BeforeAll { - Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." - # Old version used to test overriding the build arguments. - # This old version must have the same tag suffixes as the current windows images (`-jdk11-nanoserver` etc.), and the same Windows version (2019, 2022, etc.) - $TEST_VERSION = "3148.v532a_7e715ee3" - $PARENT_IMAGE_VERSION_SUFFIX = "3" - $ARG_TEST_VERSION = "${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" - $customImageName = "custom-${global:AGENT_IMAGE}" - } - - It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVAMAJORVERSION} --build-arg WINDOWS_FLAVOR=${global:WINDOWSFLAVOR} --build-arg CONTAINER_SHELL=${global:CONTAINERSHELL} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" - $exitCode | Should -Be 0 - - $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" - $exitCode | Should -Be 0 - Is-ContainerRunning "$global:CONTAINERNAME" | Should -BeTrue - } - - It "has the correct agent.jar version" { - $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -c `"java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version`"" - $exitCode | Should -Be 0 - $stdout | Should -Match $TEST_VERSION - } - - AfterAll { - Cleanup($global:CONTAINERNAME) - Pop-Location -StackName 'agent' - } -} - Describe "[$global:AGENT_IMAGE] passing JVM options (slow test)" { It "shows the java version ${global:JAVAMAJORVERSION} with --show-version" { $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" From c9c45ca5c6ffe96db14558ebdf4f32e2d22dcd1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 8 Sep 2023 02:12:10 +0200 Subject: [PATCH 110/130] remove unwanted CONTAINER_SHELL arg --- tests/inboundAgent.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 0825938d8..c69561a04 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -87,7 +87,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVAMAJORVERSION} --build-arg WINDOWS_FLAVOR=${global:WINDOWSFLAVOR} --build-arg CONTAINER_SHELL=${global:CONTAINERSHELL} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVAMAJORVERSION} --build-arg WINDOWS_FLAVOR=${global:WINDOWSFLAVOR} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" $exitCode | Should -Be 0 $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" From 1455e10336ab196d1c8d52f452b4b1fa059dbb7d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 8 Sep 2023 02:12:32 +0200 Subject: [PATCH 111/130] debug --- tests/inboundAgent.Tests.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index c69561a04..17ddb2fa8 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -19,9 +19,9 @@ if($global:WINDOWSFLAVOR -eq 'nanoserver') { $global:CONTAINERSHELL = "pwsh.exe" } -# # Uncomment to help debugging when working on this script -# Write-Host "= DEBUG: global vars" -# Get-Variable -Scope Global | ForEach-Object { Write-Host "$($_.Name) = $($_.Value)" } +# Uncomment to help debugging when working on this script +Write-Host "= DEBUG: global vars" +Get-Variable -Scope Global | ForEach-Object { Write-Host "$($_.Name) = $($_.Value)" } Cleanup($global:CONTAINERNAME) Cleanup("nmap") From 04858bb1d46d886310d5525c1fcfbff69af6b579 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 8 Sep 2023 02:45:42 +0200 Subject: [PATCH 112/130] more debug --- tests/inboundAgent.Tests.ps1 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 17ddb2fa8..cff20b265 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -22,6 +22,8 @@ if($global:WINDOWSFLAVOR -eq 'nanoserver') { # Uncomment to help debugging when working on this script Write-Host "= DEBUG: global vars" Get-Variable -Scope Global | ForEach-Object { Write-Host "$($_.Name) = $($_.Value)" } +Write-Host "= DEBUG: env vars" +Get-ChildItem Env: | ForEach-Object { Write-Host "$($_.Name) = $($_.Value)" } Cleanup($global:CONTAINERNAME) Cleanup("nmap") From 70904e401b112799a114a0c992e2854eb50aee6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 8 Sep 2023 02:48:37 +0200 Subject: [PATCH 113/130] try fixing pester failing to encode junit xml because of 0x1b char in stdout --- tests/inboundAgent.Tests.ps1 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index cff20b265..27698d85b 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -19,6 +19,9 @@ if($global:WINDOWSFLAVOR -eq 'nanoserver') { $global:CONTAINERSHELL = "pwsh.exe" } +# Test fix "exadecimal value 0x1B, is an invalid character." ref https://github.com/PowerShell/PowerShell/issues/10809 +$env:__SuppressAnsiEscapeSequences = 1 + # Uncomment to help debugging when working on this script Write-Host "= DEBUG: global vars" Get-Variable -Scope Global | ForEach-Object { Write-Host "$($_.Name) = $($_.Value)" } From 49c5e7d00c781b98da7ce5c52f588ed837a2c74d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 8 Sep 2023 02:50:11 +0200 Subject: [PATCH 114/130] Revert "run slow tests at the end" This reverts commit 375eb8f3f8076fd02adce204f8f8ed9c1eb6f645. --- tests/inboundAgent.Tests.ps1 | 64 ++++++++++++++++++------------------ 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 27698d85b..93a5807d4 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -80,38 +80,6 @@ Describe "[$global:AGENT_IMAGE] image has jenkins-agent.ps1 in the correct locat } } -Describe "[$global:AGENT_IMAGE] custom build args" { - BeforeAll { - Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." - # Old version used to test overriding the build arguments. - # This old version must have the same tag suffixes as the current windows images (`-jdk11-nanoserver` etc.), and the same Windows version (2019, 2022, etc.) - $TEST_VERSION = "3148.v532a_7e715ee3" - $PARENT_IMAGE_VERSION_SUFFIX = "3" - $ARG_TEST_VERSION = "${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" - $customImageName = "custom-${global:AGENT_IMAGE}" - } - - It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVAMAJORVERSION} --build-arg WINDOWS_FLAVOR=${global:WINDOWSFLAVOR} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" - $exitCode | Should -Be 0 - - $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" - $exitCode | Should -Be 0 - Is-ContainerRunning "$global:CONTAINERNAME" | Should -BeTrue - } - - It "has the correct agent.jar version" { - $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -c `"java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version`"" - $exitCode | Should -Be 0 - $stdout | Should -Match $TEST_VERSION - } - - AfterAll { - Cleanup($global:CONTAINERNAME) - Pop-Location -StackName 'agent' - } -} - Describe "[$global:AGENT_IMAGE] image starts jenkins-agent.ps1 correctly (slow test)" { It 'connects to the nmap container' { $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" @@ -147,6 +115,38 @@ Describe "[$global:AGENT_IMAGE] image starts jenkins-agent.ps1 correctly (slow t } } +Describe "[$global:AGENT_IMAGE] custom build args" { + BeforeAll { + Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." + # Old version used to test overriding the build arguments. + # This old version must have the same tag suffixes as the current windows images (`-jdk11-nanoserver` etc.), and the same Windows version (2019, 2022, etc.) + $TEST_VERSION = "3148.v532a_7e715ee3" + $PARENT_IMAGE_VERSION_SUFFIX = "3" + $ARG_TEST_VERSION = "${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" + $customImageName = "custom-${global:AGENT_IMAGE}" + } + + It 'builds image with arguments' { + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVAMAJORVERSION} --build-arg WINDOWS_FLAVOR=${global:WINDOWSFLAVOR} --build-arg CONTAINER_SHELL=${global:CONTAINERSHELL} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" + $exitCode | Should -Be 0 + + $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" + $exitCode | Should -Be 0 + Is-ContainerRunning "$global:CONTAINERNAME" | Should -BeTrue + } + + It "has the correct agent.jar version" { + $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -c `"java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version`"" + $exitCode | Should -Be 0 + $stdout | Should -Match $TEST_VERSION + } + + AfterAll { + Cleanup($global:CONTAINERNAME) + Pop-Location -StackName 'agent' + } +} + Describe "[$global:AGENT_IMAGE] passing JVM options (slow test)" { It "shows the java version ${global:JAVAMAJORVERSION} with --show-version" { $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" From 631b01ad3a17594cc3528e2d495fdd795397acc2 Mon Sep 17 00:00:00 2001 From: gounthar Date: Fri, 8 Sep 2023 15:29:15 +0200 Subject: [PATCH 115/130] fix(tests): Image not found. ERROR: docker.io/jenkins/agent:3131.vf2b_b_798b_ce99-4-alpine-jdk21-preview: not found --- tests/tests.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/tests.bats b/tests/tests.bats index 72605188e..86c74699d 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -49,7 +49,7 @@ SUT_IMAGE="$(get_sut_image)" # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the ones defined in the docker-bake file (`-jdk17`, `jdk11`, etc.) - TEST_VERSION="3131.vf2b_b_798b_ce99" + TEST_VERSION="3148.v532a_7e715ee3-4" PARENT_IMAGE_VERSION_SUFFIX="4" ARG_TEST_VERSION="${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" From 3db7a8de36b48603378a9dad4ec7b28172bed58c Mon Sep 17 00:00:00 2001 From: gounthar Date: Fri, 8 Sep 2023 15:47:20 +0200 Subject: [PATCH 116/130] fix(tests): Image not found. ERROR: docker.io/jenkins/agent:3131.vf2b_b_798b_ce99-4-alpine-jdk21-preview: not found --- tests/tests.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/tests.bats b/tests/tests.bats index 86c74699d..e81fb4b5b 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -49,7 +49,7 @@ SUT_IMAGE="$(get_sut_image)" # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the ones defined in the docker-bake file (`-jdk17`, `jdk11`, etc.) - TEST_VERSION="3148.v532a_7e715ee3-4" + TEST_VERSION="3148.v532a_7e715ee3" PARENT_IMAGE_VERSION_SUFFIX="4" ARG_TEST_VERSION="${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" From 29f5399971dc9ea0a5266cf6ecec7034a305088b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 8 Sep 2023 17:45:51 +0200 Subject: [PATCH 117/130] comment out for now the failing test --- tests/inboundAgent.Tests.ps1 | 148 ++++++++++++++++++++++++++++------- 1 file changed, 119 insertions(+), 29 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index 93a5807d4..f88224118 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -147,35 +147,125 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } } -Describe "[$global:AGENT_IMAGE] passing JVM options (slow test)" { - It "shows the java version ${global:JAVAMAJORVERSION} with --show-version" { - $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" - # Launch the netcat utility, listening at port 5000 for 30 sec - # bats will capture the output from netcat and compare the first line - # of the header of the first HTTP request with the expected one - $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" - $exitCode | Should -Be 0 - Is-ContainerRunning "nmap" | Should -BeTrue +# === TODO: uncomment test later, see error log below +# === this test passes on a Windows machine - # get the ip address of the nmap container - $exitCode, $stdout, $stderr = Run-Program 'docker' "inspect --format `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" - $exitCode | Should -Be 0 - $nmap_ip = $stdout.Trim() +# Describe "[$global:AGENT_IMAGE] passing JVM options (slow test)" { +# It "shows the java version ${global:JAVAMAJORVERSION} with --show-version" { +# $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" +# # Launch the netcat utility, listening at port 5000 for 30 sec +# # bats will capture the output from netcat and compare the first line +# # of the header of the first HTTP request with the expected one +# $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" +# $exitCode | Should -Be 0 +# Is-ContainerRunning "nmap" | Should -BeTrue - # run Jenkins agent which tries to connect to the nmap container at port 5000 - $secret = "aaa" - $name = "bbb" - $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --network=jnlp-network --name $global:CONTAINERNAME $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 -JenkinsJavaOpts `"--show-version`" $secret $name" - $exitCode | Should -Be 0 - Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue - $exitCode, $stdout, $stderr = Run-Program 'docker' "logs $global:CONTAINERNAME" - $exitCode | Should -Be 0 - $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JAVAMAJORVERSION}" - } +# # get the ip address of the nmap container +# $exitCode, $stdout, $stderr = Run-Program 'docker' "inspect --format `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" +# $exitCode | Should -Be 0 +# $nmap_ip = $stdout.Trim() - AfterAll { - Cleanup($global:CONTAINERNAME) - Cleanup("nmap") - CleanupNetwork("jnlp-network") - } -} +# # run Jenkins agent which tries to connect to the nmap container at port 5000 +# $secret = "aaa" +# $name = "bbb" +# $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --network=jnlp-network --name $global:CONTAINERNAME $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 -JenkinsJavaOpts `"--show-version`" $secret $name" +# $exitCode | Should -Be 0 +# Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue +# $exitCode, $stdout, $stderr = Run-Program 'docker' "logs $global:CONTAINERNAME" +# $exitCode | Should -Be 0 +# $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JAVAMAJORVERSION}" +# } + +# AfterAll { +# Cleanup($global:CONTAINERNAME) +# Cleanup("nmap") +# CleanupNetwork("jnlp-network") +# } +# } + + +# === Corresponding error log: + +# Running tests from 'inboundAgent.Tests.ps1' +# Describing [jdk17-windowsservercore-1809] build image +# cmd = docker, params = build --build-arg version=3148.v532a_7e715ee3-3 --build-arg "WINDOWS_VERSION_TAG=1809" --build-arg JAVA_MAJOR_VERSION=17 --tag=jdk17-windowsservercore-1809 --file ./windows/windowsservercore/Dockerfile C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396 +# [+] builds image 572ms (378ms|195ms) +# cmd = docker.exe, params = inspect -f "{{.State.Running}}" pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 + +# Describing [jdk17-windowsservercore-1809] check default user account +# cmd = docker, params = exec pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 powershell.exe -C "if((net user jenkins | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { net user jenkins ; exit -1 }" +# [+] has a password that never expires 4.55s (4.55s|5ms) +# cmd = docker, params = exec pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 powershell.exe -C "if((net user jenkins | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { net user jenkins ; exit -1 }" +# [+] has password policy of "not required" 2.74s (2.73s|3ms) +# cmd = docker.exe, params = inspect -f "{{.State.Running}}" pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 + +# Describing [jdk17-windowsservercore-1809] image has jenkins-agent.ps1 in the correct location +# cmd = docker, params = exec pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 powershell.exe -C "if(Test-Path 'C:/ProgramData/Jenkins/jenkins-agent.ps1') { exit 0 } else { exit 1 }" +# [+] has jenkins-agent.ps1 in C:/ProgramData/Jenkins 4.35s (4.27s|85ms) + +# Describing [jdk17-windowsservercore-1809] image starts jenkins-agent.ps1 correctly (slow test) +# cmd = docker, params = network create --driver nat jnlp-network +# cmd = docker, params = run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000 +# cmd = docker.exe, params = inspect -f "{{.State.Running}}" nmap +# cmd = docker, params = inspect --format "{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}" nmap +# cmd = docker, params = run --detach --tty --network=jnlp-network --name pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 jdk17-windowsservercore-1809 -Url http://172.23.176.67:5000 aaa bbb +# cmd = docker.exe, params = inspect -f "{{.State.Running}}" pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 +# cmd = docker, params = wait nmap +# cmd = docker, params = logs nmap +# [+] connects to the nmap container 89.43s (89.43s|8ms) + +# Describing [jdk17-windowsservercore-1809] custom build args +# cmd = docker, params = build --build-arg version=3148.v532a_7e715ee3-3 --build-arg "WINDOWS_VERSION_TAG=1809" --build-arg JAVA_MAJOR_VERSION=17 --build-arg WINDOWS_FLAVOR=windowsservercore --build-arg CONTAINER_SHELL=powershell.exe --tag=custom-jdk17-windowsservercore-1809 --file=./windows/windowsservercore/Dockerfile C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396 +# cmd = docker, params = run --detach --tty --name pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 custom-jdk17-windowsservercore-1809 -Cmd powershell.exe +# cmd = docker.exe, params = inspect -f "{{.State.Running}}" pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 +# [+] builds image with arguments 11.3s (11.3s|5ms) +# cmd = docker, params = exec pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 powershell.exe -c "java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version" +# [+] has the correct agent.jar version 2.25s (2.25s|5ms) + +# Describing [jdk17-windowsservercore-1809] passing JVM options (slow test) +# cmd = docker, params = network create --driver nat jnlp-network +# cmd = docker, params = run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000 +# cmd = docker.exe, params = inspect -f "{{.State.Running}}" nmap +# cmd = docker, params = inspect --format "{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}" nmap +# cmd = docker, params = run --detach --tty --network=jnlp-network --name pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 jdk17-windowsservercore-1809 -Url http://172.23.254.19:5000 -JenkinsJavaOpts "--show-version" aaa bbb +# cmd = docker.exe, params = inspect -f "{{.State.Running}}" pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 +# cmd = docker, params = logs pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 +# [-] shows the java version 17 with --show-version 24.36s (24.35s|11ms) +# Expected regular expression 'OpenJDK Runtime Environment Temurin-17' to match ' +# ', but it did not match. +# at $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JAVAMAJORVERSION}", C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396\tests\inboundAgent.Tests.ps1:173 +# at , C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396\tests\inboundAgent.Tests.ps1:173 +# Tests completed in 219.22s +# Tests Passed: 7, Failed: 1, Skipped: 0 NotRun: 0 +# System.Management.Automation.MethodInvocationException: Exception calling "WriteAttributeString" with "2" argument(s): "'exadecimal value 0x1B, is an invalid character." ---> System.ArgumentException: 'exadecimal value 0x1B, is an invalid character. +# at System.Xml.XmlUtf8RawTextWriter.InvalidXmlChar(Int32 ch, Byte* pDst, Boolean entitize) +# at System.Xml.XmlUtf8RawTextWriter.WriteAttributeTextBlock(Char* pSrc, Char* pSrcEnd) +# at System.Xml.XmlUtf8RawTextWriter.WriteString(String text) +# at System.Xml.XmlWellFormedWriter.WriteString(String text) +# at System.Xml.XmlWriter.WriteAttributeString(String localName, String value) +# at CallSite.Target(Closure , CallSite , XmlWriter , String , Object ) +# --- End of inner exception stack trace --- +# at System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception exception) +# at System.Management.Automation.Interpreter.ActionCallInstruction`2.Run(InterpretedFrame frame) +# at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame) +# at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame) +# at System.Management.Automation.Interpreter.Interpreter.Run(InterpretedFrame frame) +# at System.Management.Automation.Interpreter.LightLambda.RunVoid1[T0](T0 arg0) +# at System.Management.Automation.PSScriptCmdlet.RunClause(Action`1 clause, Object dollarUnderbar, Object inputToProcess) +# at System.Management.Automation.PSScriptCmdlet.DoEndProcessing() +# at System.Management.Automation.CommandProcessorBase.Complete() +# at Write-JUnitTestCaseMessageElements, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 16460 +# at Write-JUnitTestCaseAttributes, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 16452 +# at Write-JUnitTestCaseElements, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 16424 +# at Write-JUnitTestSuiteElements, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 16385 +# at Write-JUnitReport, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 16269 +# at Export-XmlReport, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 16005 +# at Export-PesterResults, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 15863 +# at Invoke-Pester, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 5263 +# at Test-Image, C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396\build.ps1: line 130 +# at , C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396\build.ps1: line 176 +# at , C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396@tmp\durable-513b70db\powershellScript.ps1: line 1 +# at , : line 1 +# at , : line 1 + +# === end of error log From 26735e37407e4cdfb8640e6d7ffb3c85acd4efb5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 8 Sep 2023 17:46:46 +0200 Subject: [PATCH 118/130] remove debug --- tests/inboundAgent.Tests.ps1 | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index f88224118..c7b20b257 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -19,14 +19,11 @@ if($global:WINDOWSFLAVOR -eq 'nanoserver') { $global:CONTAINERSHELL = "pwsh.exe" } -# Test fix "exadecimal value 0x1B, is an invalid character." ref https://github.com/PowerShell/PowerShell/issues/10809 -$env:__SuppressAnsiEscapeSequences = 1 - -# Uncomment to help debugging when working on this script -Write-Host "= DEBUG: global vars" -Get-Variable -Scope Global | ForEach-Object { Write-Host "$($_.Name) = $($_.Value)" } -Write-Host "= DEBUG: env vars" -Get-ChildItem Env: | ForEach-Object { Write-Host "$($_.Name) = $($_.Value)" } +# # Uncomment to help debugging when working on this script +# Write-Host "= DEBUG: global vars" +# Get-Variable -Scope Global | ForEach-Object { Write-Host "$($_.Name) = $($_.Value)" } +# Write-Host "= DEBUG: env vars" +# Get-ChildItem Env: | ForEach-Object { Write-Host "$($_.Name) = $($_.Value)" } Cleanup($global:CONTAINERNAME) Cleanup("nmap") From 06c2be75365d928d4da208bf98211d8afd428127 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Sep 2023 11:21:56 +0000 Subject: [PATCH 119/130] chore(deps): bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/sync-dockerhub-readme.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sync-dockerhub-readme.yaml b/.github/workflows/sync-dockerhub-readme.yaml index 559d6d1a7..037b79c2c 100644 --- a/.github/workflows/sync-dockerhub-readme.yaml +++ b/.github/workflows/sync-dockerhub-readme.yaml @@ -8,7 +8,7 @@ jobs: dockerHubDescription: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Update Docker Hub description uses: peter-evans/dockerhub-description@v3 with: From 80592abfbed7ef1dc222809bce15584130784a51 Mon Sep 17 00:00:00 2001 From: Junyeong Yim Date: Sat, 7 Oct 2023 22:43:08 +0900 Subject: [PATCH 120/130] documentation(README): add description for secret Detail ====== - Add description for the `` and how to setup the agent with this container image. - referred to the following docs - https://www.jenkins.io/doc/book/using/using-agents/ - https://github.com/jenkinsci/docker-inbound-agent/blob/master/docs/windows-commandline.adoc - Closed #316 --- README.md | 34 +++++++++++++++++++++++++++++++--- 1 file changed, 31 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 68eeebbe4..f62536661 100644 --- a/README.md +++ b/README.md @@ -13,9 +13,30 @@ This agent is powered by the [Jenkins Remoting library](https://github.com/jenki See [Using Agents](https://www.jenkins.io/doc/book/using/using-agents/) for more info. -## Running +## Configuring agents with this container image + +### Setup the agent on Jenkins + +1. Go to your Jenkins dashboard +2. Go to `Manage Jenkins` option in main menu +3. Go to `Nodes` item in `System Configuration` + ![image](https://github.com/jenkinsci/docker-inbound-agent/assets/16630665/f3451996-ee56-4346-9713-9379c26ebeba) +4. Go to `New Node` option in side menu +5. Fill the Node(agent) name and select the type; (e.g. Name: agent1, Type: Permanent Agent) +6. Now fill the fields like remote root directory, labels, # of executors, etc. + * **`Launch method` is `Launch agent by connecting it to the controller`** + ![image](https://github.com/jenkinsci/docker-inbound-agent/assets/16630665/602f39cf-873d-4709-b1ac-a5f337bd7975) +7. Press the `Save` button and the agent1 will be registered, but offline for the time being. Click on it. + ![image](https://github.com/jenkinsci/docker-inbound-agent/assets/16630665/dc03bb20-4e4d-4766-8dae-495f2016e761) +8. You should now see the secret. Use the secret value to pass it to the argument of container, or set to `JENKINS_SECRET` as environment variable. + ![image](https://github.com/jenkinsci/docker-inbound-agent/assets/16630665/969d658d-d772-429e-a2b6-89afe3b70f88) + +### Running this container To run a Docker container + > **Note** + > Remember to replace the `` and `` for secret and agent name, which can be you can get(and set) from [above section](#Setup-the-agent-on-Jenkins). + > Your agent node should be possible to connect to Jenkins controller with agent port (not Jenkins server's port like 80, 443, 8080), which can be set in `Manage Jenkins` > `Security` > `Agent`. Default port is 50000. Linux agent: @@ -42,14 +63,21 @@ Optional environment variables: * `JENKINS_JAVA_OPTS` : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS, **Warning** :exclamation: For more information on Windows usage, please see the **Windows Jenkins Java Opts** [section below](#windows-jenkins-java-opts). * `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL * `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this agent host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. -* `JENKINS_SECRET`: agent secret, if not set as an argument -* `JENKINS_AGENT_NAME`: agent name, if not set as an argument +* `JENKINS_SECRET`: (use only if not set as an argument) the secret as shown on the master after creating the agent +* `JENKINS_AGENT_NAME`: (use only if not set as an argument) the name of the agent, it should match the name you specified when creating the agent on the master * `JENKINS_AGENT_WORKDIR`: agent work directory, if not set by optional parameter `-workDir` * `JENKINS_WEB_SOCKET`: `true` if the connection should be made via WebSocket rather than TCP * `JENKINS_DIRECT_CONNECTION`: (`HOST:PORT`) Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. * `JENKINS_INSTANCE_IDENTITY`: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, the agent skips connecting to an HTTP(S) port for connection info. * `JENKINS_PROTOCOLS`: Specify the remoting protocols to attempt when `JENKINS_INSTANCE_IDENTITY` is provided. +#### Example + +1. Enter the command above. + ![image](https://github.com/jenkinsci/docker-inbound-agent/assets/16630665/98354cd0-a1df-42a8-afff-4c20cb9259e9) +2. Check the Jenkins dashboard if the agent is connected well. + ![image](https://github.com/jenkinsci/docker-inbound-agent/assets/16630665/639344cf-9c90-4cfa-87aa-17d6f8bf0e58) + ## Windows Jenkins Java Opts From f854cebec443afbc125628a947a5fe3706da30fd Mon Sep 17 00:00:00 2001 From: Mark Waite Date: Sat, 7 Oct 2023 09:06:38 -0600 Subject: [PATCH 121/130] Store images in the repository --- README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index f62536661..9e665154c 100644 --- a/README.md +++ b/README.md @@ -20,16 +20,16 @@ See [Using Agents](https://www.jenkins.io/doc/book/using/using-agents/) for more 1. Go to your Jenkins dashboard 2. Go to `Manage Jenkins` option in main menu 3. Go to `Nodes` item in `System Configuration` - ![image](https://github.com/jenkinsci/docker-inbound-agent/assets/16630665/f3451996-ee56-4346-9713-9379c26ebeba) + ![image](images/screen-4.png) 4. Go to `New Node` option in side menu 5. Fill the Node(agent) name and select the type; (e.g. Name: agent1, Type: Permanent Agent) 6. Now fill the fields like remote root directory, labels, # of executors, etc. * **`Launch method` is `Launch agent by connecting it to the controller`** - ![image](https://github.com/jenkinsci/docker-inbound-agent/assets/16630665/602f39cf-873d-4709-b1ac-a5f337bd7975) + ![image](images/screen-1.png) 7. Press the `Save` button and the agent1 will be registered, but offline for the time being. Click on it. - ![image](https://github.com/jenkinsci/docker-inbound-agent/assets/16630665/dc03bb20-4e4d-4766-8dae-495f2016e761) + ![image](images/screen-2.png) 8. You should now see the secret. Use the secret value to pass it to the argument of container, or set to `JENKINS_SECRET` as environment variable. - ![image](https://github.com/jenkinsci/docker-inbound-agent/assets/16630665/969d658d-d772-429e-a2b6-89afe3b70f88) + ![image](images/screen-3.png) ### Running this container @@ -74,9 +74,9 @@ Optional environment variables: #### Example 1. Enter the command above. - ![image](https://github.com/jenkinsci/docker-inbound-agent/assets/16630665/98354cd0-a1df-42a8-afff-4c20cb9259e9) + ![image](images/screen-5.png) 2. Check the Jenkins dashboard if the agent is connected well. - ![image](https://github.com/jenkinsci/docker-inbound-agent/assets/16630665/639344cf-9c90-4cfa-87aa-17d6f8bf0e58) + ![image](images/screen-6.png) ## Windows Jenkins Java Opts From 0ffeb9497e6825df83bd5167758947754cf9a25b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Thu, 12 Oct 2023 09:42:55 +0200 Subject: [PATCH 122/130] update first parent image version suffix containing all tags in tests --- tests/inboundAgent.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index c7b20b257..c6840142f 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -118,7 +118,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the current windows images (`-jdk11-nanoserver` etc.), and the same Windows version (2019, 2022, etc.) $TEST_VERSION = "3148.v532a_7e715ee3" - $PARENT_IMAGE_VERSION_SUFFIX = "3" + $PARENT_IMAGE_VERSION_SUFFIX = "12" $ARG_TEST_VERSION = "${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" $customImageName = "custom-${global:AGENT_IMAGE}" } From b748ef75c72317f870b86718b34776f32780cf82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= <91831478+lemeurherve@users.noreply.github.com> Date: Thu, 12 Oct 2023 20:56:09 +0200 Subject: [PATCH 123/130] feat!: set Java 17 as default (#419) --- tests/inboundAgent.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inboundAgent.Tests.ps1 index c6840142f..a8e5d5d38 100644 --- a/tests/inboundAgent.Tests.ps1 +++ b/tests/inboundAgent.Tests.ps1 @@ -116,7 +116,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." # Old version used to test overriding the build arguments. - # This old version must have the same tag suffixes as the current windows images (`-jdk11-nanoserver` etc.), and the same Windows version (2019, 2022, etc.) + # This old version must have the same tag suffixes as the current windows images (`-jdk17-nanoserver` etc.), and the same Windows version (2019, 2022, etc.) $TEST_VERSION = "3148.v532a_7e715ee3" $PARENT_IMAGE_VERSION_SUFFIX = "12" $ARG_TEST_VERSION = "${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" From b85fad6abb36b434f44f8892c6a0bd70274a3446 Mon Sep 17 00:00:00 2001 From: Basil Crow Date: Fri, 13 Oct 2023 01:54:30 -0700 Subject: [PATCH 124/130] Remove usage of deprecated `-headless` argument (#428) --- jenkins-agent | 2 +- jenkins-agent.ps1 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/jenkins-agent b/jenkins-agent index 6d1beb26e..f621700de 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -128,6 +128,6 @@ else #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - exec $JAVA_BIN $JAVA_OPTIONS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + exec $JAVA_BIN $JAVA_OPTIONS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" fi diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index c37ccb375..5336305ef 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -104,7 +104,7 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { $AgentArguments += Invoke-Expression "echo $JenkinsJavaOpts" } - $AgentArguments += @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main", "-headless") + $AgentArguments += @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main") if(![System.String]::IsNullOrWhiteSpace($Tunnel)) { $AgentArguments += @("-tunnel", "`"$Tunnel`"") From fcce53659d9109f9d623314a1386926a9906d498 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Sun, 22 Oct 2023 23:01:35 +0200 Subject: [PATCH 125/130] fix linux tests by bumpiung the reference version containing all tags --- tests/tests.bats | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/tests.bats b/tests/tests.bats index e81fb4b5b..30dc0bbab 100755 --- a/tests/tests.bats +++ b/tests/tests.bats @@ -49,8 +49,8 @@ SUT_IMAGE="$(get_sut_image)" # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the ones defined in the docker-bake file (`-jdk17`, `jdk11`, etc.) - TEST_VERSION="3148.v532a_7e715ee3" - PARENT_IMAGE_VERSION_SUFFIX="4" + TEST_VERSION="3180.v3dd999d24861" + PARENT_IMAGE_VERSION_SUFFIX="2" ARG_TEST_VERSION="${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" TEST_USER="root" From cbde922e37802144c3be80117a869e1db2c04b78 Mon Sep 17 00:00:00 2001 From: Basil Crow Date: Tue, 24 Oct 2023 11:48:01 -0700 Subject: [PATCH 126/130] Migrate to new Remoting calling convention --- jenkins-agent | 10 ++++------ jenkins-agent.ps1 | 8 +++----- 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/jenkins-agent b/jenkins-agent index f621700de..01a873778 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -22,7 +22,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # THE SOFTWARE. -# Usage jenkins-agent.sh [options] -url http://jenkins [SECRET] [AGENT_NAME] +# Usage jenkins-agent.sh [options] -url http://jenkins -secret [SECRET] -name [AGENT_NAME] # Optional environment variables : # * JENKINS_JAVA_BIN : Java executable to use instead of the default in PATH or obtained from JAVA_HOME # * JENKINS_JAVA_OPTS : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS @@ -107,27 +107,25 @@ else fi # if both required options are defined, do not pass the parameters - OPT_JENKINS_SECRET="" if [ -n "$JENKINS_SECRET" ]; then case "$@" in *"${JENKINS_SECRET}"*) echo "Warning: SECRET is defined twice in command-line arguments and the environment variable" ;; *) - OPT_JENKINS_SECRET="${JENKINS_SECRET}" ;; + SECRET="-secret ${JENKINS_SECRET}" ;; esac fi - OPT_JENKINS_AGENT_NAME="" if [ -n "$JENKINS_AGENT_NAME" ]; then case "$@" in *"${JENKINS_AGENT_NAME}"*) echo "Warning: AGENT_NAME is defined twice in command-line arguments and the environment variable" ;; *) - OPT_JENKINS_AGENT_NAME="${JENKINS_AGENT_NAME}" ;; + AGENT_NAME="-name ${JENKINS_AGENT_NAME}" ;; esac fi #TODO: Handle the case when the command-line and Environment variable contain different values. #It is fine it blows up for now since it should lead to an error anyway. - exec $JAVA_BIN $JAVA_OPTIONS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@" + exec $JAVA_BIN $JAVA_OPTIONS -jar /usr/share/jenkins/agent.jar $SECRET $AGENT_NAME $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY "$@" fi diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 5336305ef..652af184a 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -104,7 +104,9 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { $AgentArguments += Invoke-Expression "echo $JenkinsJavaOpts" } - $AgentArguments += @("-cp", "C:/ProgramData/Jenkins/agent.jar", "hudson.remoting.jnlp.Main") + $AgentArguments += @("-jar", "C:/ProgramData/Jenkins/agent.jar") + $AgentArguments += @("-secret", $Secret) + $AgentArguments += @("-name", $Name) if(![System.String]::IsNullOrWhiteSpace($Tunnel)) { $AgentArguments += @("-tunnel", "`"$Tunnel`"") @@ -136,10 +138,6 @@ if(![System.String]::IsNullOrWhiteSpace($Cmd)) { $AgentArguments += @('-protocols', $Protocols) } - # these need to be the last things added since they are positional - # parameters to agent.jar - $AgentArguments += @($Secret, $Name) - if(![System.String]::IsNullOrWhiteSpace($JenkinsJavaBin)) { $JAVA_BIN = $JenkinsJavaBin } else { From b490aae3c33e06a80f661df18876aa3f24cf4c4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= <91831478+lemeurherve@users.noreply.github.com> Date: Mon, 20 Nov 2023 12:54:37 +0100 Subject: [PATCH 127/130] chore: replace `master` by `controller` (#456) --- README.md | 8 ++++---- jenkins-agent | 2 +- jenkins-agent.ps1 | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 9e665154c..d6621f0d4 100644 --- a/README.md +++ b/README.md @@ -62,13 +62,13 @@ Optional environment variables: * `JENKINS_JAVA_BIN`: Path to Java executable to use instead of the default in PATH or obtained from JAVA_HOME * `JENKINS_JAVA_OPTS` : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS, **Warning** :exclamation: For more information on Windows usage, please see the **Windows Jenkins Java Opts** [section below](#windows-jenkins-java-opts). * `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL -* `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this agent host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. -* `JENKINS_SECRET`: (use only if not set as an argument) the secret as shown on the master after creating the agent -* `JENKINS_AGENT_NAME`: (use only if not set as an argument) the name of the agent, it should match the name you specified when creating the agent on the master +* `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this agent host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins controller. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. +* `JENKINS_SECRET`: (use only if not set as an argument) the secret as shown on the controller after creating the agent +* `JENKINS_AGENT_NAME`: (use only if not set as an argument) the name of the agent, it should match the name you specified when creating the agent on the controller * `JENKINS_AGENT_WORKDIR`: agent work directory, if not set by optional parameter `-workDir` * `JENKINS_WEB_SOCKET`: `true` if the connection should be made via WebSocket rather than TCP * `JENKINS_DIRECT_CONNECTION`: (`HOST:PORT`) Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. -* `JENKINS_INSTANCE_IDENTITY`: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, the agent skips connecting to an HTTP(S) port for connection info. +* `JENKINS_INSTANCE_IDENTITY`: The base64 encoded InstanceIdentity byte array of the Jenkins controller. When this is set, the agent skips connecting to an HTTP(S) port for connection info. * `JENKINS_PROTOCOLS`: Specify the remoting protocols to attempt when `JENKINS_INSTANCE_IDENTITY` is provided. #### Example diff --git a/jenkins-agent b/jenkins-agent index 01a873778..22025cd1b 100755 --- a/jenkins-agent +++ b/jenkins-agent @@ -34,7 +34,7 @@ # * JENKINS_WEB_SOCKET: true if the connection should be made via WebSocket rather than TCP # * JENKINS_DIRECT_CONNECTION: Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. # Value: ":" -# * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, +# * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins controller. When this is set, # the agent skips connecting to an HTTP(S) port for connection info. # * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. diff --git a/jenkins-agent.ps1 b/jenkins-agent.ps1 index 652af184a..6dbf62f8b 100644 --- a/jenkins-agent.ps1 +++ b/jenkins-agent.ps1 @@ -49,7 +49,7 @@ Param( # * JENKINS_WEB_SOCKET : true if the connection should be made via WebSocket rather than TCP # * JENKINS_DIRECT_CONNECTION: Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. # Value: ":" -# * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set, +# * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins controller. When this is set, # the agent skips connecting to an HTTP(S) port for connection info. # * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. From 5e06d07736b4c5f408783f785e5dab1c63afeeaf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 12 Jan 2024 01:04:10 +0100 Subject: [PATCH 128/130] rename `docker-inbound-agent` files before import --- ...nc-dockerhub-readme.yaml => update-dockerhub-description.yaml} | 0 README.md => README_inbound-agent.md | 0 tests/{inboundAgent.Tests.ps1 => inbound-agent.Tests.ps1} | 0 tests/{tests.bats => tests_inbound-agent.bats} | 0 4 files changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{sync-dockerhub-readme.yaml => update-dockerhub-description.yaml} (100%) rename README.md => README_inbound-agent.md (100%) rename tests/{inboundAgent.Tests.ps1 => inbound-agent.Tests.ps1} (100%) rename tests/{tests.bats => tests_inbound-agent.bats} (100%) diff --git a/.github/workflows/sync-dockerhub-readme.yaml b/.github/workflows/update-dockerhub-description.yaml similarity index 100% rename from .github/workflows/sync-dockerhub-readme.yaml rename to .github/workflows/update-dockerhub-description.yaml diff --git a/README.md b/README_inbound-agent.md similarity index 100% rename from README.md rename to README_inbound-agent.md diff --git a/tests/inboundAgent.Tests.ps1 b/tests/inbound-agent.Tests.ps1 similarity index 100% rename from tests/inboundAgent.Tests.ps1 rename to tests/inbound-agent.Tests.ps1 diff --git a/tests/tests.bats b/tests/tests_inbound-agent.bats similarity index 100% rename from tests/tests.bats rename to tests/tests_inbound-agent.bats From 7510ba12d7e622f15421d9b0a31183b21a973994 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 12 Jan 2024 01:04:16 +0100 Subject: [PATCH 129/130] rename `docker-agent` files before import --- README.md => README_agent.md | 0 tests/{tests.bats => tests_agent.bats} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename README.md => README_agent.md (100%) rename tests/{tests.bats => tests_agent.bats} (100%) diff --git a/README.md b/README_agent.md similarity index 100% rename from README.md rename to README_agent.md diff --git a/tests/tests.bats b/tests/tests_agent.bats similarity index 100% rename from tests/tests.bats rename to tests/tests_agent.bats From 2f13f7f380817a2a96102a9f0f06f3209a42e3c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= Date: Fri, 12 Jan 2024 01:04:16 +0100 Subject: [PATCH 130/130] feat: build both `agent` and `inbound-agent` images --- .../update-dockerhub-description.yaml | 14 +- .gitignore | 1 + Jenkinsfile | 2 +- Makefile | 14 +- README.md | 21 ++ alpine/Dockerfile | 29 +- build.ps1 | 269 ++++++++++-------- build.sh | 6 +- debian/Dockerfile | 30 +- debian/preview/Dockerfile | 29 +- docker-bake.hcl | 187 ++++++++---- tests/agent.Tests.ps1 | 39 +-- tests/inbound-agent.Tests.ps1 | 171 +++-------- tests/test_helpers.bash | 17 +- tests/test_helpers.psm1 | 30 +- tests/tests_agent.bats | 28 +- tests/tests_inbound-agent.bats | 16 +- windows/nanoserver/Dockerfile | 19 +- windows/windowsservercore/Dockerfile | 19 +- 19 files changed, 557 insertions(+), 384 deletions(-) create mode 100644 README.md diff --git a/.github/workflows/update-dockerhub-description.yaml b/.github/workflows/update-dockerhub-description.yaml index 037b79c2c..bba896fe4 100644 --- a/.github/workflows/update-dockerhub-description.yaml +++ b/.github/workflows/update-dockerhub-description.yaml @@ -9,11 +9,21 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - name: Update Docker Hub description + - name: Update Docker Hub description for agent uses: peter-evans/dockerhub-description@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} enable-url-completion: true - short-description: ${{ github.event.repository.description }} + short-description: This is a base image, which provides the Jenkins agent executable (agent.jar) + repository: jenkins/agent + readme-filepath: ./README_agent.md + - name: Update Docker Hub description for inbound-agent + uses: peter-evans/dockerhub-description@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + enable-url-completion: true + short-description: This is an image for Jenkins agents using TCP or WebSockets to establish inbound connection to the Jenkins controller repository: jenkins/inbound-agent + readme-filepath: ./README_inbound-agent.md diff --git a/.gitignore b/.gitignore index 76ff725db..069b0c8f1 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ bats-core/ bats/ target/ +build-windows-current.yaml diff --git a/Jenkinsfile b/Jenkinsfile index ea8a82ff3..557a5f002 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -69,7 +69,7 @@ pipeline { } post { always { - junit(allowEmptyResults: true, keepLongStdio: true, testResults: 'target/**/junit-results.xml') + junit(allowEmptyResults: true, keepLongStdio: true, testResults: 'target/**/junit-results*.xml') } } } diff --git a/Makefile b/Makefile index 3ad48865b..f55418549 100644 --- a/Makefile +++ b/Makefile @@ -10,12 +10,6 @@ export BUILDKIT_PROGRESS=plain current_arch := $(shell uname -m) export ARCH ?= $(shell case $(current_arch) in (x86_64) echo "amd64" ;; (i386) echo "386";; (aarch64|arm64) echo "arm64" ;; (armv6*) echo "arm/v6";; (armv7*) echo "arm/v7";; (s390*|riscv*|ppc64le) echo $(current_arch);; (*) echo "UNKNOWN-CPU";; esac) -IMAGE_NAME:=jenkins4eval/agent - -# Set to the path of a specific test suite to restrict execution only to this -# default is "all test suites in the "tests/" directory -TEST_SUITES ?= $(CURDIR)/tests - ##### Macros ## Check the presence of a CLI in the current PATH check_cli = type "$(1)" >/dev/null 2>&1 || { echo "Error: command '$(1)' required but not found. Exiting." ; exit 1 ; } @@ -42,6 +36,7 @@ build: check-reqs build-%: @$(call check_image,$*) + @echo "== building $*" @set -x; $(bake_base_cli) --set '*.platform=linux/$(ARCH)' '$*' show: @@ -59,7 +54,7 @@ prepare-test: bats check-reqs ## Define bats options based on environment # common flags for all tests -bats_flags := $(TEST_SUITES) +bats_flags := "" # if DISABLE_PARALLEL_TESTS true, then disable parallel execution ifneq (true,$(DISABLE_PARALLEL_TESTS)) # If the GNU 'parallel' command line is absent, then disable parallel execution @@ -75,9 +70,10 @@ test-%: prepare-test @$(call check_image,$*) # Ensure that the image is built @make --silent build-$* -# Execute the test harness and write result to a TAP file + @echo "== testing $*" set -x - IMAGE=$* bats/bin/bats $(bats_flags) | tee target/results-$*.tap +# Each type of image ("agent" or "inbound-agent") has its own tests suite + IMAGE=$* bats/bin/bats $(CURDIR)/tests/tests_$(shell echo $* | cut -d "_" -f 1).bats $(bats_flags) | tee target/results-$*.tap # convert TAP to JUNIT docker run --rm -v "$(CURDIR)":/usr/src/app -w /usr/src/app node:16-alpine \ sh -c "npm install tap-xunit -g && cat target/results-$*.tap | tap-xunit --package='jenkinsci.docker.$*' > target/junit-results-$*.xml" diff --git a/README.md b/README.md new file mode 100644 index 000000000..6b43ca1ce --- /dev/null +++ b/README.md @@ -0,0 +1,21 @@ +# Jenkins Agent and Inbound Agent Docker images + +[![Join the chat at https://gitter.im/jenkinsci/docker](https://badges.gitter.im/jenkinsci/docker.svg)](https://gitter.im/jenkinsci/docker?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) +[![GitHub stars](https://img.shields.io/github/stars/jenkinsci/docker-agent?label=GitHub%20stars)](https://github.com/jenkinsci/docker-agent) +[![GitHub release](https://img.shields.io/github/release/jenkinsci/docker-agent.svg?label=changelog)](https://github.com/jenkinsci/docker-agent/releases/latest) + +This repository contains the definition of two images: + +## agent +[![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/agent.svg)](https://hub.docker.com/r/jenkins/agent/) + +This is a base image for Docker, which includes JDK and the Jenkins agent executable (agent.jar). + +See [the `agent` README](./README_agent.md) + +## inbound-agent +[![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/inbound-agent.svg)](https://hub.docker.com/r/jenkins/inbound-agent/) + +This is an image based on `agent` for [Jenkins](https://jenkins.io) agents using TCP or WebSockets to establish inbound connection to the Jenkins master. + +See [the `inbound-agent` README](./README_inbound-agent.md) diff --git a/alpine/Dockerfile b/alpine/Dockerfile index 0e9c4e4c1..0fa14a319 100644 --- a/alpine/Dockerfile +++ b/alpine/Dockerfile @@ -40,7 +40,8 @@ RUN if [ "$TARGETPLATFORM" != 'linux/arm/v7' ]; then \ cp -r /opt/java/openjdk /javaruntime; \ fi -FROM alpine:"${ALPINE_TAG}" AS build +## Agent image target +FROM alpine:"${ALPINE_TAG}" AS agent ARG user=jenkins ARG group=jenkins @@ -48,7 +49,7 @@ ARG uid=1000 ARG gid=1000 RUN addgroup -g "${gid}" "${group}" \ - && adduser -h /home/"${user}" -u "${uid}" -G "${group}" -D "${user}" + && adduser -h /home/"${user}" -u "${uid}" -G "${group}" -D "${user}" || echo "user ${user} already exists." ARG AGENT_WORKDIR=/home/"${user}"/agent @@ -82,7 +83,7 @@ ENV PATH="${JAVA_HOME}/bin:${PATH}" USER "${user}" ENV AGENT_WORKDIR="${AGENT_WORKDIR}" -RUN mkdir /home/"${user}"/.jenkins && mkdir -p "${AGENT_WORKDIR}" +RUN mkdir -p /home/"${user}"/.jenkins && mkdir -p "${AGENT_WORKDIR}" VOLUME /home/"${user}"/.jenkins VOLUME "${AGENT_WORKDIR}" @@ -96,3 +97,25 @@ LABEL \ org.opencontainers.image.url="https://www.jenkins.io/" \ org.opencontainers.image.source="https://github.com/jenkinsci/docker-agent" \ org.opencontainers.image.licenses="MIT" + +## Inbound Agent image target +FROM agent AS inbound-agent + +ARG user=jenkins + +USER root +COPY ../../jenkins-agent /usr/local/bin/jenkins-agent +RUN chmod +x /usr/local/bin/jenkins-agent &&\ + ln -s /usr/local/bin/jenkins-agent /usr/local/bin/jenkins-slave +USER ${user} + +LABEL \ + org.opencontainers.image.vendor="Jenkins project" \ + org.opencontainers.image.title="Official Jenkins Agent Base Docker image" \ + org.opencontainers.image.description="This is an image for Jenkins agents using TCP or WebSockets to establish inbound connection to the Jenkins controller" \ + org.opencontainers.image.version="${VERSION}" \ + org.opencontainers.image.url="https://www.jenkins.io/" \ + org.opencontainers.image.source="https://github.com/jenkinsci/docker-agent" \ + org.opencontainers.image.licenses="MIT" + +ENTRYPOINT ["/usr/local/bin/jenkins-agent"] diff --git a/build.ps1 b/build.ps1 index 508b61d26..8bb257791 100644 --- a/build.ps1 +++ b/build.ps1 @@ -3,15 +3,21 @@ Param( [Parameter(Position=1)] [String] $Target = "build", [String] $RemotingVersion = '3206.vb_15dcf73f6a_9', + [String] $AgentType = '', [String] $BuildNumber = '1', [switch] $DisableEnvProps = $false, [switch] $DryRun = $false ) $ErrorActionPreference = 'Stop' -$Repository = 'agent' -$Organization = 'jenkins' -$ImageType = 'windows-ltsc2019' +$AgentTypes = @('agent', 'inbound-agent') +if ($AgentType -ne '' -and $AgentType -in $AgentTypes) { + $AgentTypes = @($AgentType) +} +$ImageType = 'windowsservercore-ltsc2019' +$Organisation = 'jenkins4eval' +$AgentRepository = 'agent' +$InboundAgentRepository = 'inbound-agent' if(!$DisableEnvProps) { Get-Content env.props | ForEach-Object { @@ -24,12 +30,16 @@ if(!$DisableEnvProps) { } } -if(![String]::IsNullOrWhiteSpace($env:DOCKERHUB_REPO)) { - $Repository = $env:DOCKERHUB_REPO +if(![String]::IsNullOrWhiteSpace($env:DOCKERHUB_ORGANISATION)) { + $Organisation = $env:DOCKERHUB_ORGANISATION } -if(![String]::IsNullOrWhiteSpace($env:DOCKERHUB_ORGANISATION)) { - $Organization = $env:DOCKERHUB_ORGANISATION +if(![String]::IsNullOrWhiteSpace($env:DOCKERHUB_REPO_AGENT)) { + $AgentRepository = $env:DOCKERHUB_REPO_AGENT +} + +if(![String]::IsNullOrWhiteSpace($env:DOCKERHUB_REPO_INBOUND_AGENT)) { + $InboundAgentRepository = $env:DOCKERHUB_REPO_INBOUND_AGENT } if(![String]::IsNullOrWhiteSpace($env:REMOTING_VERSION)) { @@ -64,7 +74,6 @@ Function Test-CommandExists { # this is the jdk version that will be used for the 'bare tag' images, e.g., jdk17-windowsservercore-1809 -> windowsserver-1809 $defaultJdk = '17' -$builds = @{} $env:REMOTING_VERSION = "$RemotingVersion" $items = $ImageType.Split("-") @@ -82,121 +91,41 @@ Test-CommandExists "docker" Test-CommandExists "docker-compose" Test-CommandExists "yq" -$baseDockerCmd = 'docker-compose --file=build-windows.yaml' -$baseDockerBuildCmd = '{0} build --parallel --pull' -f $baseDockerCmd - -Invoke-Expression "$baseDockerCmd config --services" 2>$null | ForEach-Object { - $image = '{0}-{1}-{2}' -f $_, $env:WINDOWS_FLAVOR, $env:WINDOWS_VERSION_TAG # Ex: "jdk17-nanoserver-1809" - - # Remove the 'jdk' prefix - $jdkMajorVersion = $_.Remove(0,3) - - $versionTag = "${RemotingVersion}-${BuildNumber}-${image}" - $tags = @( $image, $versionTag ) - - # Additional image tag without any 'jdk' prefix for the default JDK - $baseImage = "${env:WINDOWS_FLAVOR}-${env:WINDOWS_VERSION_TAG}" - if($jdkMajorVersion -eq "$defaultJdk") { - $tags += $baseImage - $tags += "${RemotingVersion}-${BuildNumber}-${baseImage}" - } - - $builds[$image] = @{ - 'Tags' = $tags; - } -} - -Write-Host "= PREPARE: List of $Organization/$Repository images and tags to be processed:" -ConvertTo-Json $builds - -Write-Host "= BUILD: Building all images..." -if ($DryRun) { - Write-Host "(dry-run) $baseDockerBuildCmd" -} else { - Invoke-Expression $baseDockerBuildCmd -} -Write-Host "= BUILD: Finished building all images." - -if($lastExitCode -ne 0) { - exit $lastExitCode -} - function Test-Image { param ( - $ImageName + $AgentTypeAndImageName ) - Write-Host "= TEST: Testing image ${ImageName}:" + $items = $AgentTypeAndImageName.Split("|") + $agentType = $items[0] + $imageName = $items[1] - $env:AGENT_IMAGE = $ImageName - $serviceName = $ImageName.SubString(0, $ImageName.IndexOf('-')) - $env:BUILD_CONTEXT = Invoke-Expression "$baseDockerCmd config" 2>$null | yq -r ".services.${serviceName}.build.context" + Write-Host "= TEST: Testing ${agentType} image ${imageName}:" + + $env:AGENT_TYPE = $agentType + $env:AGENT_IMAGE = $imageName $env:VERSION = "$RemotingVersion-$BuildNumber" - if(Test-Path ".\target\$ImageName") { - Remove-Item -Recurse -Force ".\target\$ImageName" + $targetPath = '.\target\{0}\{1}' -f $agentType, $imageName + if(Test-Path $targetPath) { + Remove-Item -Recurse -Force $targetPath } - New-Item -Path ".\target\$ImageName" -Type Directory | Out-Null - $configuration.TestResult.OutputPath = ".\target\$ImageName\junit-results.xml" + New-Item -Path $targetPath -Type Directory | Out-Null + $configuration.Run.Path = 'tests\{0}.Tests.ps1' -f $agentType + $configuration.TestResult.OutputPath = '{0}\junit-results.xml' -f $targetPath $TestResults = Invoke-Pester -Configuration $configuration if ($TestResults.FailedCount -gt 0) { - Write-Host "There were $($TestResults.FailedCount) failed tests in $ImageName" + Write-Host "There were $($TestResults.FailedCount) failed tests in ${agentType} $imageName" $testFailed = $true } else { - Write-Host "There were $($TestResults.PassedCount) passed tests out of $($TestResults.TotalCount) in $ImageName" + Write-Host "There were $($TestResults.PassedCount) passed tests out of $($TestResults.TotalCount) in ${agentType} $imageName" } + + Remove-Item env:\AGENT_TYPE Remove-Item env:\AGENT_IMAGE - Remove-Item env:\BUILD_CONTEXT Remove-Item env:\VERSION } -if($target -eq "test") { - if ($DryRun) { - Write-Host "= TEST: (dry-run) test harness" - } else { - Write-Host "= TEST: Starting test harness" - - # Only fail the run afterwards in case of any test failures - $testFailed = $false - $mod = Get-InstalledModule -Name Pester -MinimumVersion 5.3.0 -MaximumVersion 5.3.3 -ErrorAction SilentlyContinue - if($null -eq $mod) { - Write-Host "= TEST: Pester 5.3.x not found: installing..." - $module = "c:\Program Files\WindowsPowerShell\Modules\Pester" - if(Test-Path $module) { - takeown /F $module /A /R - icacls $module /reset - icacls $module /grant Administrators:'F' /inheritance:d /T - Remove-Item -Path $module -Recurse -Force -Confirm:$false - } - Install-Module -Force -Name Pester -MaximumVersion 5.3.3 - } - - Import-Module Pester - Write-Host "= TEST: Setting up Pester environment..." - $configuration = [PesterConfiguration]::Default - $configuration.Run.PassThru = $true - $configuration.Run.Path = '.\tests' - $configuration.Run.Exit = $true - $configuration.TestResult.Enabled = $true - $configuration.TestResult.OutputFormat = 'JUnitXml' - $configuration.Output.Verbosity = 'Diagnostic' - $configuration.CodeCoverage.Enabled = $false - - Write-Host "= TEST: Testing all images..." - foreach($image in $builds.Keys) { - Test-Image $image - } - - # Fail if any test failures - if($testFailed -ne $false) { - Write-Error "Test stage failed!" - exit 1 - } else { - Write-Host "= TEST: stage passed!" - } - } -} - function Publish-Image { param ( [String] $Build, @@ -214,22 +143,126 @@ function Publish-Image { } -if($target -eq "publish") { - # Only fail the run afterwards in case of any issues when publishing the docker images - $publishFailed = 0 - foreach($b in $builds.Keys) { - foreach($tag in $Builds[$b]['Tags']) { - Publish-Image "$b" "${Organization}/${Repository}:${tag}" - if($lastExitCode -ne 0) { - $publishFailed = 1 +$originalDockerComposeFile = 'build-windows.yaml' +$finalDockerComposeFile = 'build-windows-current.yaml' +$baseDockerCmd = 'docker-compose --file={0}' -f $finalDockerComposeFile +$baseDockerBuildCmd = '{0} build --parallel --pull' -f $baseDockerCmd + +foreach($agentType in $AgentTypes) { + $env:AGENT_TYPE = $agentType + + # Temporary docker compose file (git ignored) + Copy-Item -Path $originalDockerComposeFile -Destination $finalDockerComposeFile + $repository = $InboundAgentRepository + # If it's a type "agent", set corresponding target and repository + if($agentType -eq 'agent') { + yq '.services.[].build.target = \"agent\"' $originalDockerComposeFile | Out-File -FilePath $finalDockerComposeFile + $repository = $AgentRepository + } + + $builds = @{} + + Invoke-Expression "$baseDockerCmd config --services" 2>$null | ForEach-Object { + $image = '{0}-{1}-{2}' -f $_, $env:WINDOWS_FLAVOR, $env:WINDOWS_VERSION_TAG # Ex: "jdk17-nanoserver-1809" + + # Remove the 'jdk' prefix + $jdkMajorVersion = $_.Remove(0,3) + + $versionTag = "${RemotingVersion}-${BuildNumber}-${image}" + $tags = @( $image, $versionTag ) + + # Additional image tag without any 'jdk' prefix for the default JDK + $baseImage = "${env:WINDOWS_FLAVOR}-${env:WINDOWS_VERSION_TAG}" + if($jdkMajorVersion -eq "$defaultJdk") { + $tags += $baseImage + $tags += "${RemotingVersion}-${BuildNumber}-${baseImage}" + } + + $builds[$image] = @{ + 'Tags' = $tags; + } + } + + Write-Host "= PREPARE: List of $Organisation/$repository images and tags to be processed:" + ConvertTo-Json $builds + + Write-Host "= BUILD: Building all images..." + if ($DryRun) { + Write-Host "(dry-run) $baseDockerBuildCmd" + } else { + Invoke-Expression $baseDockerBuildCmd + } + Write-Host "= BUILD: Finished building all images." + + if($lastExitCode -ne 0) { + exit $lastExitCode + } + + if($target -eq "test") { + if ($DryRun) { + Write-Host "= TEST: (dry-run) test harness" + } else { + Write-Host "= TEST: Starting test harness" + + # Only fail the run afterwards in case of any test failures + $testFailed = $false + $mod = Get-InstalledModule -Name Pester -MinimumVersion 5.3.0 -MaximumVersion 5.3.3 -ErrorAction SilentlyContinue + if($null -eq $mod) { + Write-Host "= TEST: Pester 5.3.x not found: installing..." + $module = "c:\Program Files\WindowsPowerShell\Modules\Pester" + if(Test-Path $module) { + takeown /F $module /A /R + icacls $module /reset + icacls $module /grant Administrators:'F' /inheritance:d /T + Remove-Item -Path $module -Recurse -Force -Confirm:$false + } + Install-Module -Force -Name Pester -MaximumVersion 5.3.3 + } + + Import-Module Pester + Write-Host "= TEST: Setting up Pester environment..." + $configuration = [PesterConfiguration]::Default + $configuration.Run.PassThru = $true + $configuration.Run.Path = '.\tests' + $configuration.Run.Exit = $true + $configuration.TestResult.Enabled = $true + $configuration.TestResult.OutputFormat = 'JUnitXml' + $configuration.Output.Verbosity = 'Diagnostic' + $configuration.CodeCoverage.Enabled = $false + + Write-Host "= TEST: Testing all images..." + Write-Host "= TEST: Testing all ${agentType} images..." + foreach($image in $builds.Keys) { + Test-Image ('{0}|{1}' -f $agentType, $image) + } + + # Fail if any test failures + if($testFailed -ne $false) { + Write-Error "Test stage failed for ${agentType}!" + exit 1 + } else { + Write-Host "= TEST: stage passed for ${agentType}!" } } } - # Fail if any issues when publising the docker images - if($publishFailed -ne 0) { - Write-Error "Publish failed!" - exit 1 + if($target -eq "publish") { + # Only fail the run afterwards in case of any issues when publishing the docker images + $publishFailed = 0 + foreach($b in $builds.Keys) { + foreach($tag in $Builds[$b]['Tags']) { + Publish-Image "$b" "${Organisation}/${Repository}:${tag}" + if($lastExitCode -ne 0) { + $publishFailed = 1 + } + } + } + + # Fail if any issues when publising the docker images + if($publishFailed -ne 0) { + Write-Error "Publish failed for ${Organisation}/${repository}!" + exit 1 + } } } diff --git a/build.sh b/build.sh index f8963a3c7..1c3da8bcd 100755 --- a/build.sh +++ b/build.sh @@ -51,8 +51,9 @@ if [[ "${disable_env_props}" = "0" ]] ; then export "$(cut -d= -f1 env.props)" fi -REPOSITORY=${DOCKERHUB_REPO:-agent} -ORGANIZATION=${DOCKERHUB_ORGANISATION:-jenkins} +export REGISTRY_ORG=${DOCKERHUB_ORGANISATION:-jenkins4eval} +export REGISTRY_REPO_AGENT=${DOCKERHUB_REPO_AGENT:-agent} +export REGISTRY_REPO_INBOUND_AGENT=${DOCKERHUB_REPO_INBOUND_AGENT:-inbound-agent} remoting_version=${REMOTING_VERSION:-${remoting_version}} if [[ "${target}" = "build" ]] ; then @@ -72,7 +73,6 @@ fi if [[ "${target}" = "publish" ]] ; then set -x - export JENKINS_REPO="${ORGANIZATION}/${REPOSITORY}" export REMOTING_VERSION="${remoting_version}" if [[ -n "${build_number}" ]] ; then export ON_TAG=true diff --git a/debian/Dockerfile b/debian/Dockerfile index 26a5ee249..3333b261e 100644 --- a/debian/Dockerfile +++ b/debian/Dockerfile @@ -50,8 +50,8 @@ RUN if test "${TARGETPLATFORM}" != 'linux/arm/v7'; then \ else cp -r /opt/java/openjdk /javaruntime; \ fi - -FROM debian:"${DEBIAN_RELEASE}"-slim AS build +## Agent image target +FROM debian:"${DEBIAN_RELEASE}"-slim AS agent ARG user=jenkins ARG group=jenkins @@ -59,7 +59,7 @@ ARG uid=1000 ARG gid=1000 RUN groupadd -g "${gid}" "${group}" \ - && useradd -l -c "Jenkins user" -d /home/"${user}" -u "${uid}" -g "${gid}" -m "${user}" + && useradd -l -c "Jenkins user" -d /home/"${user}" -u "${uid}" -g "${gid}" -m "${user}" || echo "user ${user} already exists." ARG AGENT_WORKDIR=/home/"${user}"/agent ENV TZ=Etc/UTC @@ -94,7 +94,7 @@ ENV PATH="${JAVA_HOME}/bin:${PATH}" USER "${user}" ENV AGENT_WORKDIR=${AGENT_WORKDIR} -RUN mkdir /home/${user}/.jenkins && mkdir -p "${AGENT_WORKDIR}" +RUN mkdir -p /home/"${user}"/.jenkins && mkdir -p "${AGENT_WORKDIR}" VOLUME /home/"${user}"/.jenkins VOLUME "${AGENT_WORKDIR}" @@ -108,3 +108,25 @@ LABEL \ org.opencontainers.image.url="https://www.jenkins.io/" \ org.opencontainers.image.source="https://github.com/jenkinsci/docker-agent" \ org.opencontainers.image.licenses="MIT" + +## Inbound Agent image target +FROM agent AS inbound-agent + +ARG user=jenkins + +USER root +COPY ../../jenkins-agent /usr/local/bin/jenkins-agent +RUN chmod +x /usr/local/bin/jenkins-agent &&\ + ln -s /usr/local/bin/jenkins-agent /usr/local/bin/jenkins-slave +USER ${user} + +LABEL \ + org.opencontainers.image.vendor="Jenkins project" \ + org.opencontainers.image.title="Official Jenkins Inbound Agent Base Docker image" \ + org.opencontainers.image.description="This is an image for Jenkins agents using TCP or WebSockets to establish inbound connection to the Jenkins controller" \ + org.opencontainers.image.version="${VERSION}" \ + org.opencontainers.image.url="https://www.jenkins.io/" \ + org.opencontainers.image.source="https://github.com/jenkinsci/docker-agent-inbound" \ + org.opencontainers.image.licenses="MIT" + +ENTRYPOINT ["/usr/local/bin/jenkins-agent"] diff --git a/debian/preview/Dockerfile b/debian/preview/Dockerfile index b727cea5c..32a2caea1 100644 --- a/debian/preview/Dockerfile +++ b/debian/preview/Dockerfile @@ -40,7 +40,8 @@ RUN if test "${TARGETPLATFORM}" != 'linux/arm/v7'; then \ cp -r "/opt/jdk-${JAVA_VERSION}" /javaruntime; \ fi -FROM debian:"${DEBIAN_RELEASE}" AS build +## Agent image target +FROM debian:"${DEBIAN_RELEASE}" AS agent ARG user=jenkins ARG group=jenkins @@ -48,7 +49,7 @@ ARG uid=1000 ARG gid=1000 RUN groupadd -g "${gid}" "${group}" \ - && useradd -l -c "Jenkins user" -d /home/"${user}" -u "${uid}" -g "${gid}" -m "${user}" + && useradd -l -c "Jenkins user" -d /home/"${user}" -u "${uid}" -g "${gid}" -m "${user}" || echo "user ${user} already exists." ARG AGENT_WORKDIR=/home/"${user}"/agent ENV TZ=Etc/UTC @@ -83,7 +84,7 @@ ENV PATH="${JAVA_HOME}/bin:${PATH}" USER "${user}" ENV AGENT_WORKDIR=${AGENT_WORKDIR} -RUN mkdir /home/${user}/.jenkins && mkdir -p "${AGENT_WORKDIR}" +RUN mkdir -p /home/${user}/.jenkins && mkdir -p "${AGENT_WORKDIR}" VOLUME /home/"${user}"/.jenkins VOLUME "${AGENT_WORKDIR}" @@ -97,3 +98,25 @@ LABEL \ org.opencontainers.image.url="https://www.jenkins.io/" \ org.opencontainers.image.source="https://github.com/jenkinsci/docker-agent" \ org.opencontainers.image.licenses="MIT" + +## Inbound Agent image target +FROM agent AS inbound-agent + +ARG user=jenkins + +USER root +COPY ../../jenkins-agent /usr/local/bin/jenkins-agent +RUN chmod +x /usr/local/bin/jenkins-agent &&\ + ln -s /usr/local/bin/jenkins-agent /usr/local/bin/jenkins-slave +USER ${user} + +LABEL \ + org.opencontainers.image.vendor="Jenkins project" \ + org.opencontainers.image.title="Official Jenkins Inbound Agent Base Docker image" \ + org.opencontainers.image.description="This is an image for Jenkins agents using TCP or WebSockets to establish inbound connection to the Jenkins controller" \ + org.opencontainers.image.version="${VERSION}" \ + org.opencontainers.image.url="https://www.jenkins.io/" \ + org.opencontainers.image.source="https://github.com/jenkinsci/docker-agent-inbound" \ + org.opencontainers.image.licenses="MIT" + +ENTRYPOINT ["/usr/local/bin/jenkins-agent"] diff --git a/docker-bake.hcl b/docker-bake.hcl index b7b8eea36..79149924c 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -3,7 +3,7 @@ group "linux" { "alpine_jdk11", "alpine_jdk17", "alpine_jdk21", - "archlinux_jdk11", + "agent_archlinux_jdk11", "debian_jdk11", "debian_jdk17", "debian_jdk21", @@ -11,6 +11,31 @@ group "linux" { ] } +group "linux-agent-only" { + targets = [ + "agent_alpine_jdk11", + "agent_alpine_jdk17", + "agent_alpine_jdk21", + "agent_archlinux_jdk11", + "agent_debian_jdk11", + "agent_debian_jdk17", + "agent_debian_jdk21", + "agent_debian_jdk21_preview" + ] +} + +group "linux-inbound-agent-only" { + targets = [ + "inbound-agent_alpine_jdk11", + "inbound-agent_alpine_jdk17", + "inbound-agent_alpine_jdk21", + "inbound-agent_debian_jdk11", + "inbound-agent_debian_jdk17", + "inbound-agent_debian_jdk21", + "inbound-agent_debian_jdk21_preview" + ] +} + group "linux-arm64" { targets = [ "debian_jdk11", @@ -51,8 +76,16 @@ variable "REGISTRY" { default = "docker.io" } -variable "JENKINS_REPO" { - default = "jenkins/agent" +variable "REGISTRY_ORG" { + default = "jenkins" +} + +variable "REGISTRY_REPO_AGENT" { + default = "agent" +} + +variable "REGISTRY_REPO_INBOUND_AGENT" { + default = "inbound-agent" } variable "BUILD_NUMBER" { @@ -91,7 +124,12 @@ variable "JAVA21_PREVIEW_VERSION" { default = "21.0.1+12" } -target "archlinux_jdk11" { +function "orgrepo" { + params = [agentType] + result = equal("agent", agentType) ? "${REGISTRY_ORG}/${REGISTRY_REPO_AGENT}" : "${REGISTRY_ORG}/${REGISTRY_REPO_INBOUND_AGENT}" +} + +target "agent_archlinux_jdk11" { dockerfile = "archlinux/Dockerfile" context = "." args = { @@ -99,17 +137,22 @@ target "archlinux_jdk11" { VERSION = REMOTING_VERSION } tags = [ - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-archlinux" : "", - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-archlinux-jdk11" : "", - "${REGISTRY}/${JENKINS_REPO}:archlinux", - "${REGISTRY}/${JENKINS_REPO}:latest-archlinux", - "${REGISTRY}/${JENKINS_REPO}:archlinux-jdk11", - "${REGISTRY}/${JENKINS_REPO}:latest-archlinux-jdk11", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo("agent")}:${REMOTING_VERSION}-${BUILD_NUMBER}-archlinux" : "", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo("agent")}:${REMOTING_VERSION}-${BUILD_NUMBER}-archlinux-jdk11" : "", + "${REGISTRY}/${orgrepo("agent")}:archlinux", + "${REGISTRY}/${orgrepo("agent")}:latest-archlinux", + "${REGISTRY}/${orgrepo("agent")}:archlinux-jdk11", + "${REGISTRY}/${orgrepo("agent")}:latest-archlinux-jdk11", ] platforms = ["linux/amd64"] } target "alpine_jdk11" { + matrix = { + type = ["agent", "inbound-agent"] + } + name = "${type}_alpine_jdk11" + target = type dockerfile = "alpine/Dockerfile" context = "." args = { @@ -118,17 +161,22 @@ target "alpine_jdk11" { VERSION = REMOTING_VERSION } tags = [ - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine-jdk11" : "", - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine${ALPINE_SHORT_TAG}-jdk11" : "", - "${REGISTRY}/${JENKINS_REPO}:alpine-jdk11", - "${REGISTRY}/${JENKINS_REPO}:alpine${ALPINE_SHORT_TAG}-jdk11", - "${REGISTRY}/${JENKINS_REPO}:latest-alpine-jdk11", - "${REGISTRY}/${JENKINS_REPO}:latest-alpine${ALPINE_SHORT_TAG}-jdk11", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine-jdk11" : "", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine${ALPINE_SHORT_TAG}-jdk11" : "", + "${REGISTRY}/${orgrepo(type)}:alpine-jdk11", + "${REGISTRY}/${orgrepo(type)}:alpine${ALPINE_SHORT_TAG}-jdk11", + "${REGISTRY}/${orgrepo(type)}:latest-alpine-jdk11", + "${REGISTRY}/${orgrepo(type)}:latest-alpine${ALPINE_SHORT_TAG}-jdk11", ] platforms = ["linux/amd64"] } target "alpine_jdk17" { + matrix = { + type = ["agent", "inbound-agent"] + } + name = "${type}_alpine_jdk17" + target = type dockerfile = "alpine/Dockerfile" context = "." args = { @@ -137,23 +185,28 @@ target "alpine_jdk17" { VERSION = REMOTING_VERSION } tags = [ - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine" : "", - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine${ALPINE_SHORT_TAG}" : "", - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine-jdk17" : "", - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine${ALPINE_SHORT_TAG}-jdk17" : "", - "${REGISTRY}/${JENKINS_REPO}:alpine", - "${REGISTRY}/${JENKINS_REPO}:alpine${ALPINE_SHORT_TAG}", - "${REGISTRY}/${JENKINS_REPO}:alpine-jdk17", - "${REGISTRY}/${JENKINS_REPO}:alpine${ALPINE_SHORT_TAG}-jdk17", - "${REGISTRY}/${JENKINS_REPO}:latest-alpine", - "${REGISTRY}/${JENKINS_REPO}:latest-alpine${ALPINE_SHORT_TAG}", - "${REGISTRY}/${JENKINS_REPO}:latest-alpine-jdk17", - "${REGISTRY}/${JENKINS_REPO}:latest-alpine${ALPINE_SHORT_TAG}-jdk17", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine" : "", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine${ALPINE_SHORT_TAG}" : "", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine-jdk17" : "", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine${ALPINE_SHORT_TAG}-jdk17" : "", + "${REGISTRY}/${orgrepo(type)}:alpine", + "${REGISTRY}/${orgrepo(type)}:alpine${ALPINE_SHORT_TAG}", + "${REGISTRY}/${orgrepo(type)}:alpine-jdk17", + "${REGISTRY}/${orgrepo(type)}:alpine${ALPINE_SHORT_TAG}-jdk17", + "${REGISTRY}/${orgrepo(type)}:latest-alpine", + "${REGISTRY}/${orgrepo(type)}:latest-alpine${ALPINE_SHORT_TAG}", + "${REGISTRY}/${orgrepo(type)}:latest-alpine-jdk17", + "${REGISTRY}/${orgrepo(type)}:latest-alpine${ALPINE_SHORT_TAG}-jdk17", ] platforms = ["linux/amd64"] } target "alpine_jdk21" { + matrix = { + type = ["agent", "inbound-agent"] + } + name = "${type}_alpine_jdk21" + target = type dockerfile = "alpine/Dockerfile" context = "." args = { @@ -162,17 +215,22 @@ target "alpine_jdk21" { VERSION = REMOTING_VERSION } tags = [ - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine-jdk21" : "", - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine${ALPINE_SHORT_TAG}-jdk21" : "", - "${REGISTRY}/${JENKINS_REPO}:alpine-jdk21", - "${REGISTRY}/${JENKINS_REPO}:alpine${ALPINE_SHORT_TAG}-jdk21", - "${REGISTRY}/${JENKINS_REPO}:latest-alpine-jdk21", - "${REGISTRY}/${JENKINS_REPO}:latest-alpine${ALPINE_SHORT_TAG}-jdk21", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine-jdk21" : "", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}-alpine${ALPINE_SHORT_TAG}-jdk21" : "", + "${REGISTRY}/${orgrepo(type)}:alpine-jdk21", + "${REGISTRY}/${orgrepo(type)}:alpine${ALPINE_SHORT_TAG}-jdk21", + "${REGISTRY}/${orgrepo(type)}:latest-alpine-jdk21", + "${REGISTRY}/${orgrepo(type)}:latest-alpine${ALPINE_SHORT_TAG}-jdk21", ] platforms = ["linux/amd64", "linux/arm64"] } target "debian_jdk11" { + matrix = { + type = ["agent", "inbound-agent"] + } + name = "${type}_debian_jdk11" + target = type dockerfile = "debian/Dockerfile" context = "." args = { @@ -181,16 +239,21 @@ target "debian_jdk11" { DEBIAN_RELEASE = DEBIAN_RELEASE } tags = [ - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-jdk11" : "", - "${REGISTRY}/${JENKINS_REPO}:bookworm-jdk11", - "${REGISTRY}/${JENKINS_REPO}:jdk11", - "${REGISTRY}/${JENKINS_REPO}:latest-bookworm-jdk11", - "${REGISTRY}/${JENKINS_REPO}:latest-jdk11", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}-jdk11" : "", + "${REGISTRY}/${orgrepo(type)}:bookworm-jdk11", + "${REGISTRY}/${orgrepo(type)}:jdk11", + "${REGISTRY}/${orgrepo(type)}:latest-bookworm-jdk11", + "${REGISTRY}/${orgrepo(type)}:latest-jdk11", ] platforms = ["linux/amd64", "linux/arm64", "linux/arm/v7", "linux/s390x", "linux/ppc64le"] } target "debian_jdk17" { + matrix = { + type = ["agent", "inbound-agent"] + } + name = "${type}_debian_jdk17" + target = type dockerfile = "debian/Dockerfile" context = "." args = { @@ -199,19 +262,24 @@ target "debian_jdk17" { DEBIAN_RELEASE = DEBIAN_RELEASE } tags = [ - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}" : "", - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-jdk17" : "", - "${REGISTRY}/${JENKINS_REPO}:bookworm-jdk17", - "${REGISTRY}/${JENKINS_REPO}:jdk17", - "${REGISTRY}/${JENKINS_REPO}:latest", - "${REGISTRY}/${JENKINS_REPO}:latest-bookworm", - "${REGISTRY}/${JENKINS_REPO}:latest-bookworm-jdk17", - "${REGISTRY}/${JENKINS_REPO}:latest-jdk17", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}" : "", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}-jdk17" : "", + "${REGISTRY}/${orgrepo(type)}:bookworm-jdk17", + "${REGISTRY}/${orgrepo(type)}:jdk17", + "${REGISTRY}/${orgrepo(type)}:latest", + "${REGISTRY}/${orgrepo(type)}:latest-bookworm", + "${REGISTRY}/${orgrepo(type)}:latest-bookworm-jdk17", + "${REGISTRY}/${orgrepo(type)}:latest-jdk17", ] platforms = ["linux/amd64", "linux/arm64", "linux/arm/v7", "linux/ppc64le"] } target "debian_jdk21" { + matrix = { + type = ["agent", "inbound-agent"] + } + name = "${type}_debian_jdk21" + target = type dockerfile = "debian/Dockerfile" context = "." args = { @@ -220,16 +288,21 @@ target "debian_jdk21" { DEBIAN_RELEASE = DEBIAN_RELEASE } tags = [ - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-jdk21" : "", - "${REGISTRY}/${JENKINS_REPO}:bookworm-jdk21", - "${REGISTRY}/${JENKINS_REPO}:jdk21", - "${REGISTRY}/${JENKINS_REPO}:latest-bookworm-jdk21", - "${REGISTRY}/${JENKINS_REPO}:latest-jdk21", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}-jdk21" : "", + "${REGISTRY}/${orgrepo(type)}:bookworm-jdk21", + "${REGISTRY}/${orgrepo(type)}:jdk21", + "${REGISTRY}/${orgrepo(type)}:latest-bookworm-jdk21", + "${REGISTRY}/${orgrepo(type)}:latest-jdk21", ] platforms = ["linux/amd64", "linux/arm64"] } target "debian_jdk21_preview" { + matrix = { + type = ["agent", "inbound-agent"] + } + name = "${type}_debian_jdk21_preview" + target = type dockerfile = "debian/preview/Dockerfile" context = "." args = { @@ -238,11 +311,11 @@ target "debian_jdk21_preview" { DEBIAN_RELEASE = DEBIAN_RELEASE } tags = [ - equal(ON_TAG, "true") ? "${REGISTRY}/${JENKINS_REPO}:${REMOTING_VERSION}-${BUILD_NUMBER}-jdk21-preview" : "", - "${REGISTRY}/${JENKINS_REPO}:bookworm-jdk21-preview", - "${REGISTRY}/${JENKINS_REPO}:jdk21-preview", - "${REGISTRY}/${JENKINS_REPO}:latest-bookworm-jdk21-preview", - "${REGISTRY}/${JENKINS_REPO}:latest-jdk21-preview", + equal(ON_TAG, "true") ? "${REGISTRY}/${orgrepo(type)}:${REMOTING_VERSION}-${BUILD_NUMBER}-jdk21-preview" : "", + "${REGISTRY}/${orgrepo(type)}:bookworm-jdk21-preview", + "${REGISTRY}/${orgrepo(type)}:jdk21-preview", + "${REGISTRY}/${orgrepo(type)}:latest-bookworm-jdk21-preview", + "${REGISTRY}/${orgrepo(type)}:latest-jdk21-preview", ] platforms = ["linux/ppc64le", "linux/s390x", "linux/arm/v7"] } diff --git a/tests/agent.Tests.ps1 b/tests/agent.Tests.ps1 index 745dcc1ff..88b22b395 100644 --- a/tests/agent.Tests.ps1 +++ b/tests/agent.Tests.ps1 @@ -1,7 +1,7 @@ Import-Module -DisableNameChecking -Force $PSScriptRoot/test_helpers.psm1 +$global:AGENT_TYPE = Get-EnvOrDefault 'AGENT_TYPE' '' $global:AGENT_IMAGE = Get-EnvOrDefault 'AGENT_IMAGE' '' -$global:BUILD_CONTEXT = Get-EnvOrDefault 'BUILD_CONTEXT' '' $global:VERSION = Get-EnvOrDefault 'VERSION' '' $items = $global:AGENT_IMAGE.Split("-") @@ -27,14 +27,14 @@ $global:GITLFSVERSION = '3.4.1' Cleanup($global:CONTAINERNAME) -Describe "[$global:AGENT_IMAGE] image is present" { +Describe "[$global:AGENT_TYPE > $global:AGENT_IMAGE] image is present" { It 'builds image' { $exitCode, $stdout, $stderr = Run-Program 'docker' "inspect $global:AGENT_IMAGE" $exitCode | Should -Be 0 } } -Describe "[$global:AGENT_IMAGE] correct image metadata" { +Describe "[$global:AGENT_TYPE > $global:AGENT_IMAGE] correct image metadata" { It 'has correct volumes' { $exitCode, $stdout, $stderr = Run-Program 'docker' "inspect --format='{{.Config.Volumes}}' $global:AGENT_IMAGE" $stdout = $stdout.Trim() @@ -43,10 +43,10 @@ Describe "[$global:AGENT_IMAGE] correct image metadata" { } } -Describe "[$global:AGENT_IMAGE] image has correct applications in the PATH" { +Describe "[$global:AGENT_TYPE > $global:AGENT_IMAGE] image has correct applications in the PATH" { BeforeAll { docker run --detach --interactive --tty --name "$global:CONTAINERNAME" "$global:AGENT_IMAGE" "$global:CONTAINERSHELL" - Is-AgentContainerRunning $global:CONTAINERNAME + Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue } It 'has java installed and in the path' { @@ -78,15 +78,20 @@ Describe "[$global:AGENT_IMAGE] image has correct applications in the PATH" { $stdout.Trim() | Should -Match "git-lfs/${global:GITLFSVERSION}" } + It 'does not include jenkins-agent.ps1 (inbound-agent)' { + $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -C `"if(Test-Path C:/ProgramData/Jenkins/jenkins-agent.ps1) { exit -1 } else { exit 0 }`"" + $exitCode | Should -Be 0 + } + AfterAll { Cleanup($global:CONTAINERNAME) } } -Describe "[$global:AGENT_IMAGE] check user account" { +Describe "[$global:AGENT_TYPE > $global:AGENT_IMAGE] check user account" { BeforeAll { docker run -d -it --name "$global:CONTAINERNAME" -P "$global:AGENT_IMAGE" "$global:CONTAINERSHELL" - Is-AgentContainerRunning $global:CONTAINERNAME + Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue } It 'Password never expires' { @@ -104,10 +109,10 @@ Describe "[$global:AGENT_IMAGE] check user account" { } } -Describe "[$global:AGENT_IMAGE] check user access to directories" { +Describe "[$global:AGENT_TYPE > $global:AGENT_IMAGE] check user access to directories" { BeforeAll { docker run -d -it --name "$global:CONTAINERNAME" -P "$global:AGENT_IMAGE" "$global:CONTAINERSHELL" - Is-AgentContainerRunning $global:CONTAINERNAME + Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue } It 'can write to HOME' { @@ -134,33 +139,33 @@ $global:TEST_VERSION="4.0" $global:TEST_USER="test-user" $global:TEST_AGENT_WORKDIR="C:/test-user/something" -Describe "[$global:AGENT_IMAGE] can be built with custom build arguments" { +Describe "[$global:AGENT_TYPE > $global:AGENT_IMAGE] can be built with custom build arguments" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg `"VERSION=${global:TEST_VERSION}`" --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg `"TOOLS_WINDOWS_VERSION=${global:WINDOWSVERSIONFALLBACKTAG}`" --build-arg `"user=${global:TEST_USER}`" --build-arg `"AGENT_WORKDIR=${global:TEST_AGENT_WORKDIR}`" --tag ${global:AGENT_IMAGE} --file ./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --target agent --build-arg `"VERSION=${global:TEST_VERSION}`" --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg `"TOOLS_WINDOWS_VERSION=${global:WINDOWSVERSIONFALLBACKTAG}`" --build-arg `"user=${global:TEST_USER}`" --build-arg `"AGENT_WORKDIR=${global:TEST_AGENT_WORKDIR}`" --tag ${global:AGENT_IMAGE} --file ./windows/${global:WINDOWSFLAVOR}/Dockerfile ." $exitCode | Should -Be 0 - docker run -d -it --name "$global:CONTAINERNAME" -P "$global:AGENT_IMAGE" "$global:CONTAINERSHELL" - Is-AgentContainerRunning $global:CONTAINERNAME + $exitCode, $stdout, $stderr = Run-Program 'docker' "run -d -it --name $global:CONTAINERNAME -P $global:AGENT_IMAGE $global:CONTAINERSHELL" + Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue } It 'has the correct version of remoting' { $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -C `"`$global:VERSION = java -jar C:/ProgramData/Jenkins/agent.jar -version ; Write-Host `$global:VERSION`"" $exitCode | Should -Be 0 - $stdout.Trim() | Should -Match $TEST_VERSION + $stdout.Trim() | Should -Match $global:TEST_VERSION } It 'has correct user' { $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -C `"(Get-ChildItem env:\ | Where-Object { `$_.Name -eq 'USERNAME' }).Value`"" $exitCode | Should -Be 0 - $stdout.Trim() | Should -Match $TEST_USER + $stdout.Trim() | Should -Match $global:TEST_USER } It 'has correct AGENT_WORKDIR' { $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -C `"Get-ChildItem env:`"" $exitCode | Should -Be 0 - $stdout | Should -Match "AGENT_WORKDIR.*${TEST_AGENT_WORKDIR}" + $stdout | Should -Match "AGENT_WORKDIR.*${global:TEST_AGENT_WORKDIR}" } It 'can write to HOME' { @@ -181,7 +186,7 @@ Describe "[$global:AGENT_IMAGE] can be built with custom build arguments" { It 'version in docker metadata' { $exitCode, $stdout, $stderr = Run-Program 'docker' "inspect --format=`"{{index .Config.Labels \`"org.opencontainers.image.version\`"}}`" $global:AGENT_IMAGE" $exitCode | Should -Be 0 - $stdout.Trim() | Should -Match $TEST_VERSION + $stdout.Trim() | Should -Match $global:sTEST_VERSION } AfterAll { diff --git a/tests/inbound-agent.Tests.ps1 b/tests/inbound-agent.Tests.ps1 index a8e5d5d38..a10ab6b8f 100644 --- a/tests/inbound-agent.Tests.ps1 +++ b/tests/inbound-agent.Tests.ps1 @@ -1,7 +1,7 @@ Import-Module -DisableNameChecking -Force $PSScriptRoot/test_helpers.psm1 +$global:AGENT_TYPE = Get-EnvOrDefault 'AGENT_TYPE' '' $global:AGENT_IMAGE = Get-EnvOrDefault 'AGENT_IMAGE' '' -$global:BUILD_CONTEXT = Get-EnvOrDefault 'BUILD_CONTEXT' '' $global:version = Get-EnvOrDefault 'VERSION' '' $items = $global:AGENT_IMAGE.Split("-") @@ -31,14 +31,14 @@ CleanupNetwork("jnlp-network") BuildNcatImage($global:WINDOWSVERSIONTAG) -Describe "[$global:AGENT_IMAGE] build image" { +Describe "[$global:AGENT_TYPE > $global:AGENT_IMAGE] build image" { It 'builds image' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${global:version} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVAMAJORVERSION} --tag=${global:AGENT_IMAGE} --file ./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${global:version} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg `"JAVA_VERSION=${global:JAVAMAJORVERSION}`" --build-arg `"JAVA_HOME=C:\openjdk-${global:JAVAMAJORVERSION}`" --tag=${global:AGENT_IMAGE} --file ./windows/${global:WINDOWSFLAVOR}/Dockerfile ." $exitCode | Should -Be 0 } } -Describe "[$global:AGENT_IMAGE] check default user account" { +Describe "[$global:AGENT_TYPE > $global:AGENT_IMAGE] check default user account" { BeforeAll { docker run --detach --tty --name "$global:CONTAINERNAME" "$global:AGENT_IMAGE" -Cmd "$global:CONTAINERSHELL" $LASTEXITCODE | Should -Be 0 @@ -60,7 +60,7 @@ Describe "[$global:AGENT_IMAGE] check default user account" { } } -Describe "[$global:AGENT_IMAGE] image has jenkins-agent.ps1 in the correct location" { +Describe "[$global:AGENT_TYPE > $global:AGENT_IMAGE] image has jenkins-agent.ps1 in the correct location" { BeforeAll { docker run --detach --tty --name "$global:CONTAINERNAME" "$global:AGENT_IMAGE" -Cmd "$global:CONTAINERSHELL" $LASTEXITCODE | Should -Be 0 @@ -77,7 +77,7 @@ Describe "[$global:AGENT_IMAGE] image has jenkins-agent.ps1 in the correct locat } } -Describe "[$global:AGENT_IMAGE] image starts jenkins-agent.ps1 correctly (slow test)" { +Describe "[$global:AGENT_TYPE > $global:AGENT_IMAGE] image starts jenkins-agent.ps1 correctly (slow test)" { It 'connects to the nmap container' { $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" # Launch the netcat utility, listening at port 5000 for 30 sec @@ -112,19 +112,17 @@ Describe "[$global:AGENT_IMAGE] image starts jenkins-agent.ps1 correctly (slow t } } -Describe "[$global:AGENT_IMAGE] custom build args" { +Describe "[$global:AGENT_TYPE > $global:AGENT_IMAGE] custom build args" { BeforeAll { Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." # Old version used to test overriding the build arguments. # This old version must have the same tag suffixes as the current windows images (`-jdk17-nanoserver` etc.), and the same Windows version (2019, 2022, etc.) - $TEST_VERSION = "3148.v532a_7e715ee3" - $PARENT_IMAGE_VERSION_SUFFIX = "12" - $ARG_TEST_VERSION = "${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" + $TEST_VERSION = "3206.vb_15dcf73f6a_9" $customImageName = "custom-${global:AGENT_IMAGE}" } It 'builds image with arguments' { - $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${ARG_TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg JAVA_MAJOR_VERSION=${global:JAVAMAJORVERSION} --build-arg WINDOWS_FLAVOR=${global:WINDOWSFLAVOR} --build-arg CONTAINER_SHELL=${global:CONTAINERSHELL} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ${global:BUILD_CONTEXT}" + $exitCode, $stdout, $stderr = Run-Program 'docker' "build --build-arg version=${TEST_VERSION} --build-arg `"WINDOWS_VERSION_TAG=${global:WINDOWSVERSIONTAG}`" --build-arg `"JAVA_VERSION=${global:JAVAMAJORVERSION}`" --build-arg `"JAVA_HOME=C:\openjdk-${global:JAVAMAJORVERSION}`" --build-arg WINDOWS_FLAVOR=${global:WINDOWSFLAVOR} --build-arg CONTAINER_SHELL=${global:CONTAINERSHELL} --tag=${customImageName} --file=./windows/${global:WINDOWSFLAVOR}/Dockerfile ." $exitCode | Should -Be 0 $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name $global:CONTAINERNAME $customImageName -Cmd $global:CONTAINERSHELL" @@ -133,7 +131,7 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } It "has the correct agent.jar version" { - $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -c `"java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version`"" + $exitCode, $stdout, $stderr = Run-Program 'docker' "exec $global:CONTAINERNAME $global:CONTAINERSHELL -c `"java -jar C:/ProgramData/Jenkins/agent.jar -version`"" $exitCode | Should -Be 0 $stdout | Should -Match $TEST_VERSION } @@ -144,125 +142,36 @@ Describe "[$global:AGENT_IMAGE] custom build args" { } } -# === TODO: uncomment test later, see error log below -# === this test passes on a Windows machine - -# Describe "[$global:AGENT_IMAGE] passing JVM options (slow test)" { -# It "shows the java version ${global:JAVAMAJORVERSION} with --show-version" { -# $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" -# # Launch the netcat utility, listening at port 5000 for 30 sec -# # bats will capture the output from netcat and compare the first line -# # of the header of the first HTTP request with the expected one -# $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" -# $exitCode | Should -Be 0 -# Is-ContainerRunning "nmap" | Should -BeTrue - -# # get the ip address of the nmap container -# $exitCode, $stdout, $stderr = Run-Program 'docker' "inspect --format `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" -# $exitCode | Should -Be 0 -# $nmap_ip = $stdout.Trim() - -# # run Jenkins agent which tries to connect to the nmap container at port 5000 -# $secret = "aaa" -# $name = "bbb" -# $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --network=jnlp-network --name $global:CONTAINERNAME $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 -JenkinsJavaOpts `"--show-version`" $secret $name" -# $exitCode | Should -Be 0 -# Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue -# $exitCode, $stdout, $stderr = Run-Program 'docker' "logs $global:CONTAINERNAME" -# $exitCode | Should -Be 0 -# $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JAVAMAJORVERSION}" -# } - -# AfterAll { -# Cleanup($global:CONTAINERNAME) -# Cleanup("nmap") -# CleanupNetwork("jnlp-network") -# } -# } - - -# === Corresponding error log: - -# Running tests from 'inboundAgent.Tests.ps1' -# Describing [jdk17-windowsservercore-1809] build image -# cmd = docker, params = build --build-arg version=3148.v532a_7e715ee3-3 --build-arg "WINDOWS_VERSION_TAG=1809" --build-arg JAVA_MAJOR_VERSION=17 --tag=jdk17-windowsservercore-1809 --file ./windows/windowsservercore/Dockerfile C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396 -# [+] builds image 572ms (378ms|195ms) -# cmd = docker.exe, params = inspect -f "{{.State.Running}}" pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 - -# Describing [jdk17-windowsservercore-1809] check default user account -# cmd = docker, params = exec pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 powershell.exe -C "if((net user jenkins | Select-String -Pattern 'Password expires') -match 'Never') { exit 0 } else { net user jenkins ; exit -1 }" -# [+] has a password that never expires 4.55s (4.55s|5ms) -# cmd = docker, params = exec pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 powershell.exe -C "if((net user jenkins | Select-String -Pattern 'Password required') -match 'No') { exit 0 } else { net user jenkins ; exit -1 }" -# [+] has password policy of "not required" 2.74s (2.73s|3ms) -# cmd = docker.exe, params = inspect -f "{{.State.Running}}" pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 - -# Describing [jdk17-windowsservercore-1809] image has jenkins-agent.ps1 in the correct location -# cmd = docker, params = exec pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 powershell.exe -C "if(Test-Path 'C:/ProgramData/Jenkins/jenkins-agent.ps1') { exit 0 } else { exit 1 }" -# [+] has jenkins-agent.ps1 in C:/ProgramData/Jenkins 4.35s (4.27s|85ms) - -# Describing [jdk17-windowsservercore-1809] image starts jenkins-agent.ps1 correctly (slow test) -# cmd = docker, params = network create --driver nat jnlp-network -# cmd = docker, params = run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000 -# cmd = docker.exe, params = inspect -f "{{.State.Running}}" nmap -# cmd = docker, params = inspect --format "{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}" nmap -# cmd = docker, params = run --detach --tty --network=jnlp-network --name pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 jdk17-windowsservercore-1809 -Url http://172.23.176.67:5000 aaa bbb -# cmd = docker.exe, params = inspect -f "{{.State.Running}}" pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 -# cmd = docker, params = wait nmap -# cmd = docker, params = logs nmap -# [+] connects to the nmap container 89.43s (89.43s|8ms) +Describe "[$global:AGENT_TYPE > $global:AGENT_IMAGE] passing JVM options (slow test)" { + It "shows the java version ${global:JAVAMAJORVERSION} with --show-version" { + $exitCode, $stdout, $stderr = Run-Program 'docker' "network create --driver nat jnlp-network" + # Launch the netcat utility, listening at port 5000 for 30 sec + # bats will capture the output from netcat and compare the first line + # of the header of the first HTTP request with the expected one + $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000" + $exitCode | Should -Be 0 + Is-ContainerRunning "nmap" | Should -BeTrue -# Describing [jdk17-windowsservercore-1809] custom build args -# cmd = docker, params = build --build-arg version=3148.v532a_7e715ee3-3 --build-arg "WINDOWS_VERSION_TAG=1809" --build-arg JAVA_MAJOR_VERSION=17 --build-arg WINDOWS_FLAVOR=windowsservercore --build-arg CONTAINER_SHELL=powershell.exe --tag=custom-jdk17-windowsservercore-1809 --file=./windows/windowsservercore/Dockerfile C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396 -# cmd = docker, params = run --detach --tty --name pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 custom-jdk17-windowsservercore-1809 -Cmd powershell.exe -# cmd = docker.exe, params = inspect -f "{{.State.Running}}" pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 -# [+] builds image with arguments 11.3s (11.3s|5ms) -# cmd = docker, params = exec pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 powershell.exe -c "java -cp C:/ProgramData/Jenkins/agent.jar hudson.remoting.jnlp.Main -version" -# [+] has the correct agent.jar version 2.25s (2.25s|5ms) + # get the ip address of the nmap container + $exitCode, $stdout, $stderr = Run-Program 'docker' "inspect --format `"{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}`" nmap" + $exitCode | Should -Be 0 + $nmap_ip = $stdout.Trim() -# Describing [jdk17-windowsservercore-1809] passing JVM options (slow test) -# cmd = docker, params = network create --driver nat jnlp-network -# cmd = docker, params = run --detach --tty --name nmap --network=jnlp-network nmap:latest ncat.exe -w 30 -l 5000 -# cmd = docker.exe, params = inspect -f "{{.State.Running}}" nmap -# cmd = docker, params = inspect --format "{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}" nmap -# cmd = docker, params = run --detach --tty --network=jnlp-network --name pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 jdk17-windowsservercore-1809 -Url http://172.23.254.19:5000 -JenkinsJavaOpts "--show-version" aaa bbb -# cmd = docker.exe, params = inspect -f "{{.State.Running}}" pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 -# cmd = docker, params = logs pester-jenkins-inbound-agent-jdk17-windowsservercore-1809 -# [-] shows the java version 17 with --show-version 24.36s (24.35s|11ms) -# Expected regular expression 'OpenJDK Runtime Environment Temurin-17' to match ' -# ', but it did not match. -# at $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JAVAMAJORVERSION}", C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396\tests\inboundAgent.Tests.ps1:173 -# at , C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396\tests\inboundAgent.Tests.ps1:173 -# Tests completed in 219.22s -# Tests Passed: 7, Failed: 1, Skipped: 0 NotRun: 0 -# System.Management.Automation.MethodInvocationException: Exception calling "WriteAttributeString" with "2" argument(s): "'exadecimal value 0x1B, is an invalid character." ---> System.ArgumentException: 'exadecimal value 0x1B, is an invalid character. -# at System.Xml.XmlUtf8RawTextWriter.InvalidXmlChar(Int32 ch, Byte* pDst, Boolean entitize) -# at System.Xml.XmlUtf8RawTextWriter.WriteAttributeTextBlock(Char* pSrc, Char* pSrcEnd) -# at System.Xml.XmlUtf8RawTextWriter.WriteString(String text) -# at System.Xml.XmlWellFormedWriter.WriteString(String text) -# at System.Xml.XmlWriter.WriteAttributeString(String localName, String value) -# at CallSite.Target(Closure , CallSite , XmlWriter , String , Object ) -# --- End of inner exception stack trace --- -# at System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception exception) -# at System.Management.Automation.Interpreter.ActionCallInstruction`2.Run(InterpretedFrame frame) -# at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame) -# at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame) -# at System.Management.Automation.Interpreter.Interpreter.Run(InterpretedFrame frame) -# at System.Management.Automation.Interpreter.LightLambda.RunVoid1[T0](T0 arg0) -# at System.Management.Automation.PSScriptCmdlet.RunClause(Action`1 clause, Object dollarUnderbar, Object inputToProcess) -# at System.Management.Automation.PSScriptCmdlet.DoEndProcessing() -# at System.Management.Automation.CommandProcessorBase.Complete() -# at Write-JUnitTestCaseMessageElements, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 16460 -# at Write-JUnitTestCaseAttributes, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 16452 -# at Write-JUnitTestCaseElements, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 16424 -# at Write-JUnitTestSuiteElements, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 16385 -# at Write-JUnitReport, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 16269 -# at Export-XmlReport, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 16005 -# at Export-PesterResults, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 15863 -# at Invoke-Pester, C:\Program Files\WindowsPowerShell\Modules\Pester\5.3.3\Pester.psm1: line 5263 -# at Test-Image, C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396\build.ps1: line 130 -# at , C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396\build.ps1: line 176 -# at , C:\Jenkins\agent\workspace\ging_docker-inbound-agent_PR-396@tmp\durable-513b70db\powershellScript.ps1: line 1 -# at , : line 1 -# at , : line 1 + # run Jenkins agent which tries to connect to the nmap container at port 5000 + $secret = "aaa" + $name = "bbb" + $exitCode, $stdout, $stderr = Run-Program 'docker' "run --detach --tty --network=jnlp-network --name $global:CONTAINERNAME $global:AGENT_IMAGE -Url http://${nmap_ip}:5000 -JenkinsJavaOpts `"--show-version`" $secret $name" + $exitCode | Should -Be 0 + Is-ContainerRunning $global:CONTAINERNAME | Should -BeTrue + Start-Sleep -Seconds 20 + $exitCode, $stdout, $stderr = Run-Program 'docker' "logs $global:CONTAINERNAME" + $exitCode | Should -Be 0 + $stdout | Should -Match "OpenJDK Runtime Environment Temurin-${global:JAVAMAJORVERSION}" + } -# === end of error log + AfterAll { + Cleanup($global:CONTAINERNAME) + Cleanup("nmap") + CleanupNetwork("jnlp-network") + } +} diff --git a/tests/test_helpers.bash b/tests/test_helpers.bash index 5f99823e6..1b61dba95 100755 --- a/tests/test_helpers.bash +++ b/tests/test_helpers.bash @@ -30,13 +30,13 @@ function get_sut_image { # Option --print for 'docker buildx bake' prints the JSON configuration on the stdout # Option --silent for 'make' suppresses the echoing of command so the output is valid JSON # The image name is the 1st of the "tags" array, on the first "image" found - make --silent show | jq -r ".target.${IMAGE}.tags[0]" + make --silent show | jq -r ".target.\"${IMAGE}\".tags[0]" } function get_remoting_version() { test -n "${IMAGE:?"[sut_image] Please set the variable 'IMAGE' to the name of the image to test in 'docker-bake.hcl'."}" - make --silent show | jq -r ".target.${IMAGE}.args.VERSION" + make --silent show | jq -r ".target.\"${IMAGE}\".args.VERSION" } function cleanup { @@ -47,7 +47,7 @@ function cleanup { function get_dockerfile_directory() { test -n "${IMAGE:?"[sut_image] Please set the variable 'IMAGE' to the name of the image to test in 'docker-bake.hcl'."}" - DOCKERFILE=$(make --silent show | jq -r ".target.${IMAGE}.dockerfile") + DOCKERFILE=$(make --silent show | jq -r ".target.\"${IMAGE}\".dockerfile") echo "${DOCKERFILE%"/Dockerfile"}" } @@ -79,3 +79,14 @@ function is_agent_container_running { sleep 1 retry 3 1 assert "true" docker inspect -f '{{.State.Running}}' "${1}" } + +function buildNetcatImage() { + if ! docker inspect --type=image netcat-helper:latest &>/dev/null; then + docker build -t netcat-helper:latest tests/netcat-helper/ &>/dev/null + fi +} + +function clean_test_container { + docker kill "${AGENT_CONTAINER}" "${NETCAT_HELPER_CONTAINER}" &>/dev/null || : + docker rm -fv "${AGENT_CONTAINER}" "${NETCAT_HELPER_CONTAINER}" &>/dev/null || : +} diff --git a/tests/test_helpers.psm1 b/tests/test_helpers.psm1 index 985d485de..8a2e6e054 100644 --- a/tests/test_helpers.psm1 +++ b/tests/test_helpers.psm1 @@ -77,29 +77,30 @@ function Cleanup($name='') { } if(![System.String]::IsNullOrWhiteSpace($name)) { - #Write-Host "Cleaning up $name" docker kill "$name" 2>&1 | Out-Null docker rm -fv "$name" 2>&1 | Out-Null } } -function Is-AgentContainerRunning($container='') { +function Is-ContainerRunning($container='') { if([System.String]::IsNullOrWhiteSpace($container)) { $container = Get-EnvOrDefault 'AGENT_CONTAINER' '' } Start-Sleep -Seconds 5 - Retry-Command -RetryCount 3 -Delay 1 -ScriptBlock { + Retry-Command -RetryCount 10 -Delay 3 -ScriptBlock { $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect -f `"{{.State.Running}}`" $container" if(($exitCode -ne 0) -or (-not $stdout.Contains('true')) ) { throw('Exit code incorrect, or invalid value for running state') } return $true - } | Should -BeTrue + } } -function Run-Program($cmd, $params) { - #Write-Host "cmd = $cmd, params = $params" +function Run-Program($cmd, $params, $quiet=$true) { + if(-not $quiet) { + Write-Host "cmd & params: $cmd $params" + } $psi = New-Object System.Diagnostics.ProcessStartInfo $psi.CreateNoWindow = $true $psi.UseShellExecute = $false @@ -114,7 +115,7 @@ function Run-Program($cmd, $params) { $stdout = $proc.StandardOutput.ReadToEnd() $stderr = $proc.StandardError.ReadToEnd() $proc.WaitForExit() - if($proc.ExitCode -ne 0) { + if(($proc.ExitCode -ne 0) -and (-not $quiet)) { Write-Host "[err] stdout:`n$stdout" Write-Host "[err] stderr:`n$stderr" Write-Host "[err] cmd:`n$cmd" @@ -123,3 +124,18 @@ function Run-Program($cmd, $params) { return $proc.ExitCode, $stdout, $stderr } + +function BuildNcatImage($windowsVersionTag) { + Write-Host "Building nmap image (Windows version '${windowsVersionTag}') for testing" + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect --type=image nmap" $true + if($exitCode -ne 0) { + Push-Location -StackName 'agent' -Path "$PSScriptRoot/.." + $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build -t nmap --build-arg `"WINDOWS_VERSION_TAG=${windowsVersionTag}`" -f ./tests/netcat-helper/Dockerfile-windows ./tests/netcat-helper" + $exitCode | Should -Be 0 + Pop-Location -StackName 'agent' + } +} + +function CleanupNetwork($name) { + docker network rm $name 2>&1 | Out-Null +} diff --git a/tests/tests_agent.bats b/tests/tests_agent.bats index 451a41788..def0c679c 100755 --- a/tests/tests_agent.bats +++ b/tests/tests_agent.bats @@ -4,7 +4,7 @@ load test_helpers load 'test_helper/bats-support/load' # this is required by bats-assert! load 'test_helper/bats-assert/load' -IMAGE=${IMAGE:-debian_jdk11} +IMAGE=${IMAGE:-debian_jdk17} SUT_IMAGE=$(get_sut_image) ARCH=${ARCH:-x86_64} @@ -99,19 +99,19 @@ ARCH=${ARCH:-x86_64} local TEST_AGENT_WORKDIR="/home/test-user/something" local sut_image="${SUT_IMAGE}-tests-${BATS_TEST_NUMBER}" -# false positive detecting platform -# shellcheck disable=SC2140 -docker buildx bake \ - --set "${IMAGE}".args.VERSION="${TEST_VERSION}" \ - --set "${IMAGE}".args.user="${TEST_USER}" \ - --set "${IMAGE}".args.group="${TEST_GROUP}" \ - --set "${IMAGE}".args.uid="${TEST_UID}" \ - --set "${IMAGE}".args.gid="${TEST_GID}" \ - --set "${IMAGE}".args.AGENT_WORKDIR="${TEST_AGENT_WORKDIR}" \ - --set "${IMAGE}".platform="linux/${ARCH}" \ - --set "${IMAGE}".tags="${sut_image}" \ - --load `# Image should be loaded on the Docker engine`\ - "${IMAGE}" + # false positive detecting platform + # shellcheck disable=SC2140 + docker buildx bake \ + --set "${IMAGE}".args.VERSION="${TEST_VERSION}" \ + --set "${IMAGE}".args.user="${TEST_USER}" \ + --set "${IMAGE}".args.group="${TEST_GROUP}" \ + --set "${IMAGE}".args.uid="${TEST_UID}" \ + --set "${IMAGE}".args.gid="${TEST_GID}" \ + --set "${IMAGE}".args.AGENT_WORKDIR="${TEST_AGENT_WORKDIR}" \ + --set "${IMAGE}".platform="linux/${ARCH}" \ + --set "${IMAGE}".tags="${sut_image}" \ + --load `# Image should be loaded on the Docker engine`\ + "${IMAGE}" local cid cid="$(docker run -d -it -P "${sut_image}" /bin/sh)" diff --git a/tests/tests_inbound-agent.bats b/tests/tests_inbound-agent.bats index 30dc0bbab..c07ccf588 100755 --- a/tests/tests_inbound-agent.bats +++ b/tests/tests_inbound-agent.bats @@ -45,23 +45,19 @@ SUT_IMAGE="$(get_sut_image)" @test "[${SUT_IMAGE}] use build args correctly" { cd "${BATS_TEST_DIRNAME}"/.. || false - local TEST_VERSION PARENT_IMAGE_VERSION_SUFFIX ARG_TEST_VERSION TEST_USER sut_image sut_cid + local TEST_VERSION TEST_USER sut_image sut_cid # Old version used to test overriding the build arguments. - # This old version must have the same tag suffixes as the ones defined in the docker-bake file (`-jdk17`, `jdk11`, etc.) TEST_VERSION="3180.v3dd999d24861" - PARENT_IMAGE_VERSION_SUFFIX="2" - - ARG_TEST_VERSION="${TEST_VERSION}-${PARENT_IMAGE_VERSION_SUFFIX}" TEST_USER="root" sut_image="${SUT_IMAGE}-tests-${BATS_TEST_NUMBER}" docker buildx bake \ - --set "${IMAGE}".args.version="${ARG_TEST_VERSION}" \ - --set "${IMAGE}".args.user="${TEST_USER}" \ - --set "${IMAGE}".platform=linux/"${ARCH}" \ - --set "${IMAGE}".tags="${sut_image}" \ + --set "${IMAGE}.args.VERSION=${TEST_VERSION}" \ + --set "${IMAGE}.args.user=${TEST_USER}" \ + --set "${IMAGE}.platform=linux/${ARCH}" \ + --set "${IMAGE}.tags=${sut_image}" \ --load \ "${IMAGE}" @@ -69,7 +65,7 @@ SUT_IMAGE="$(get_sut_image)" is_agent_container_running "${sut_cid}" - run docker exec "${sut_cid}" sh -c "java -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -version" + run docker exec "${sut_cid}" sh -c "java -jar /usr/share/jenkins/agent.jar -version" [ "${TEST_VERSION}" = "${lines[0]}" ] run docker exec "${AGENT_CONTAINER}" sh -c "id -u -n ${TEST_USER}" diff --git a/windows/nanoserver/Dockerfile b/windows/nanoserver/Dockerfile index 8dd900c28..ecd95f994 100644 --- a/windows/nanoserver/Dockerfile +++ b/windows/nanoserver/Dockerfile @@ -29,7 +29,8 @@ FROM eclipse-temurin:"${JAVA_VERSION}"-jdk-windowsservercore-"${TOOLS_WINDOWS_VE FROM mcr.microsoft.com/powershell:nanoserver-"${TOOLS_WINDOWS_VERSION}" AS pwsh-source -FROM mcr.microsoft.com/windows/nanoserver:"${WINDOWS_VERSION_TAG}" +## Agent image target +FROM mcr.microsoft.com/windows/nanoserver:"${WINDOWS_VERSION_TAG}" AS agent ARG JAVA_HOME="C:\openjdk-17" ENV PSHOME="C:\Program Files\PowerShell" @@ -114,3 +115,19 @@ LABEL ` org.opencontainers.image.url="https://www.jenkins.io/" ` org.opencontainers.image.source="https://github.com/jenkinsci/docker-agent" ` org.opencontainers.image.licenses="MIT" + +## Inbound Agent image target +FROM agent AS inbound-agent + +COPY jenkins-agent.ps1 C:/ProgramData/Jenkins + +LABEL ` + org.opencontainers.image.vendor="Jenkins project" ` + org.opencontainers.image.title="Official Jenkins Inbound Agent Base Docker image" ` + org.opencontainers.image.description="This is an image for Jenkins agents using TCP or WebSockets to establish inbound connection to the Jenkins controller" ` + org.opencontainers.image.version="${VERSION}" ` + org.opencontainers.image.url="https://www.jenkins.io/" ` + org.opencontainers.image.source="https://github.com/jenkinsci/docker-agent-inbound" ` + org.opencontainers.image.licenses="MIT" + +ENTRYPOINT ["pwsh.exe", "-f", "C:/ProgramData/Jenkins/jenkins-agent.ps1"] diff --git a/windows/windowsservercore/Dockerfile b/windows/windowsservercore/Dockerfile index 8f4b71903..622a605db 100644 --- a/windows/windowsservercore/Dockerfile +++ b/windows/windowsservercore/Dockerfile @@ -27,7 +27,8 @@ ARG WINDOWS_VERSION_TAG=ltsc2019 ARG TOOLS_WINDOWS_VERSION=1809 FROM eclipse-temurin:"${JAVA_VERSION}"-jdk-windowsservercore-"${TOOLS_WINDOWS_VERSION}" AS jdk-core -FROM mcr.microsoft.com/windows/servercore:"${WINDOWS_VERSION_TAG}" +## Agent image target +FROM mcr.microsoft.com/windows/servercore:"${WINDOWS_VERSION_TAG}" AS agent ARG JAVA_HOME="C:\openjdk-17" ENV JAVA_HOME=${JAVA_HOME} @@ -107,3 +108,19 @@ LABEL ` org.opencontainers.image.url="https://www.jenkins.io/" ` org.opencontainers.image.source="https://github.com/jenkinsci/docker-agent" ` org.opencontainers.image.licenses="MIT" + +## Inbound Agent image target +FROM agent AS inbound-agent + +COPY jenkins-agent.ps1 C:/ProgramData/Jenkins + +LABEL ` + org.opencontainers.image.vendor="Jenkins project" ` + org.opencontainers.image.title="Official Jenkins Inbound Agent Base Docker image" ` + org.opencontainers.image.description="This is an image for Jenkins agents using TCP or WebSockets to establish inbound connection to the Jenkins controller" ` + org.opencontainers.image.version="${VERSION}" ` + org.opencontainers.image.url="https://www.jenkins.io/" ` + org.opencontainers.image.source="https://github.com/jenkinsci/docker-agent-inbound" ` + org.opencontainers.image.licenses="MIT" + +ENTRYPOINT ["powershell.exe", "-f", "C:/ProgramData/Jenkins/jenkins-agent.ps1"]