diff --git a/.env b/.env index d1a4e3a8..411a525b 100644 --- a/.env +++ b/.env @@ -1,3 +1,3 @@ GHCR_USERNAME=jenkins-docs IMAGE_PREFIX=ghcr.io -BRANCH_SUFFIX= +BRANCH_SUFFIX=weekly diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 1825becc..3e0e3aa0 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -40,6 +40,11 @@ updates: open-pull-requests-limit: 10 - package-ecosystem: docker directory: "./dockerfiles/sidekick" + schedule: + interval: weekly + open-pull-requests-limit: 10 + - package-ecosystem: docker + directory: "./dockerfiles/agent-discovery" schedule: interval: weekly open-pull-requests-limit: 10 @@ -52,4 +57,9 @@ updates: directory: "./dockerfiles/golang" schedule: interval: weekly - open-pull-requests-limit: 10 \ No newline at end of file + open-pull-requests-limit: 10 + - package-ecosystem: docker + directory: "./dockerfiles/dotnet" + schedule: + interval: weekly + open-pull-requests-limit: 10 diff --git a/.github/labeler.yml b/.github/labeler.yml index 6dbfec0c..97252803 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -52,3 +52,9 @@ multi: github_actions: - changed-files: - any-glob-to-any-file: '/.github/workflows/*' + + +# Add 'dotnet' label to any change to Dockerfile* files within the root dir +dotnet: + - changed-files: + - any-glob-to-any-file: 'dockerfiles/dotnet/**' diff --git a/.github/workflows/anchore.yml b/.github/workflows/anchore.yml index b1d05a49..f99103d6 100644 --- a/.github/workflows/anchore.yml +++ b/.github/workflows/anchore.yml @@ -38,7 +38,7 @@ jobs: run: cd ./dockerfiles/ && docker build . --file Dockerfile --tag localbuild/testimage:latest - name: Run the Anchore Grype scan action - uses: anchore/scan-action@d43cc1dfea6a99ed123bf8f3133f1797c9b44492 + uses: anchore/scan-action@7c05671ae9be166aeb155bad2d7df9121823df32 id: scan with: path: "." diff --git a/.github/workflows/github-docker-registry-push.yml b/.github/workflows/github-docker-registry-push.yml index 8e015f0a..15430e5c 100644 --- a/.github/workflows/github-docker-registry-push.yml +++ b/.github/workflows/github-docker-registry-push.yml @@ -204,3 +204,23 @@ jobs: platforms: linux/amd64, linux/arm64 push: true tags: ghcr.io/${{ env.REPO_NAME }}/jenkinsci-tutorials:golang_${{ env.BRANCH }} + + - name: Build and push the jenkins agent for cpp tutorial + # This step builds and pushes the Jenkins agent for the C++ tutorial + if: contains(env.files, 'dockerfiles/cpp/Dockerfile') + uses: docker/build-push-action@v6 + with: + context: ./dockerfiles/cpp + platforms: linux/amd64, linux/aarch64 + push: true + tags: ghcr.io/${{ env.REPO_NAME }}/jenkinsci-tutorials:cpp_${{ env.BRANCH }} + + - name: Build and push the jenkins agent for dotnet tutorial + # This step builds and pushes the Jenkins agent for the C++ tutorial + if: contains(env.files, 'dockerfiles/dotnet/Dockerfile') + uses: docker/build-push-action@v6 + with: + context: ./dockerfiles/dotnet + platforms: linux/amd64, linux/aarch64 + push: true + tags: ghcr.io/${{ env.REPO_NAME }}/jenkinsci-tutorials:dotnet_${{ env.BRANCH }} diff --git a/.github/workflows/updatecli.yaml b/.github/workflows/updatecli.yaml index f5bc9f05..6c7cb45d 100644 --- a/.github/workflows/updatecli.yaml +++ b/.github/workflows/updatecli.yaml @@ -23,7 +23,7 @@ jobs: # This step installs Updatecli in the runner using the updatecli-action - name: Install Updatecli in the runner - uses: updatecli/updatecli-action@v2.62.0 + uses: updatecli/updatecli-action@v2.82.0 # This step runs Updatecli in Dry Run mode # It uses the "diff" command of updatecli with the specified config and values files @@ -37,7 +37,7 @@ jobs: # It uses the "apply" command of updatecli with the specified config and values files # The GitHub token is passed as an environment variable - name: Run Updatecli in Apply mode - if: github.ref == 'refs/heads/main' + if: github.ref == 'refs/heads/weekly' run: updatecli apply --config ./updatecli/updatecli.d --values ./updatecli/values.github-action.yaml env: UPDATECLI_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.gitpod/Dockerfile b/.gitpod/Dockerfile index 99fabf89..dd331f80 100644 --- a/.gitpod/Dockerfile +++ b/.gitpod/Dockerfile @@ -1,7 +1,7 @@ # This Dockerfile is used to create a Gitpod workspace with GitHub CLI installed. # We start from the Gitpod full workspace image which includes a broad range of development tools. -FROM gitpod/workspace-full:2024-07-14-17-19-51 +FROM gitpod/workspace-full:2025-04-16-08-49-20 # The RUN command executes a series of commands in the new layer of the image and commits the results. # The following commands are executed: diff --git a/build-docker-compose.yaml b/build-docker-compose.yaml index 3c61325f..41b4b140 100644 --- a/build-docker-compose.yaml +++ b/build-docker-compose.yaml @@ -25,6 +25,7 @@ services: - android - multi - golang + - dotnet - default # This service depends on the sidekick_service (generating SSH keys and JCasc token) completing successfully. depends_on: @@ -62,7 +63,7 @@ services: timeout: 10s retries: 5 default_agent: - image: jenkins/ssh-agent:5.44.0 + image: jenkins/ssh-agent:6.14.0-jdk21 container_name: desktop-jenkins_agent-1 profiles: - default @@ -205,6 +206,42 @@ services: retries: 5 volumes: - agent-ssh-dir:/home/jenkins/.ssh:ro # Mounts the agent-ssh-dir volume to the /home/jenkins/.ssh path inside the container as read-only + cpp: + build: dockerfiles/cpp/. + container_name: desktop-jenkins_agent-1-cpp + profiles: + - cpp + depends_on: + sidekick_service: + condition: service_completed_successfully + jenkins_controller: + condition: service_started + healthcheck: + test: ["CMD-SHELL", "[ -f /home/jenkins/.ssh/authorized_keys ] || exit 1"] + interval: 5s + timeout: 10s + retries: 5 + volumes: + - agent-ssh-dir:/home/jenkins/.ssh:ro + dotnet: + build: dockerfiles/dotnet/. + container_name: desktop-jenkins_agent-1-dotnet + profiles: + - dotnet + depends_on: + sidekick_service: + condition: service_completed_successfully + jenkins_controller: + condition: service_started + ports: + - "5000:5000" + healthcheck: + test: ["CMD-SHELL", "[ -f /home/jenkins/.ssh/authorized_keys ] || exit 1"] + interval: 5s + timeout: 10s + retries: 5 + volumes: + - agent-ssh-dir:/home/jenkins/.ssh:ro volumes: jenkins_home: null agent-ssh-dir: diff --git a/docker-compose.yaml b/docker-compose.yaml index 643cdccf..0b6cb07b 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -35,6 +35,7 @@ services: - android - multi - golang + - dotnet - default # This service depends on the sidekick_service (generating SSH keys and JCasc token) completing successfully. depends_on: @@ -59,8 +60,9 @@ services: - python - node - android - - multi - golang + - cpp + - dotnet - default # The CASC_RELOAD_TOKEN environment variable is used by the Jenkins controller to restart the Configuration as Code (JCasc) plugin configuration. environment: @@ -109,7 +111,7 @@ services: # The healthcheck command for each agent checks if the authorized_keys file exists in the /home/jenkins/.ssh directory. # The /home/jenkins/.ssh directory in each agent container is mapped to the agent-ssh-dir volume on the host. default_agent: - image: jenkins/ssh-agent:5.44.0 + image: jenkins/ssh-agent:6.14.0-jdk21 container_name: desktop-jenkins_agent-1 profiles: - default @@ -282,6 +284,50 @@ services: retries: 5 volumes: - agent-ssh-dir:/home/jenkins/.ssh:ro # Mounts the agent-ssh-dir volume to the /home/jenkins/.ssh path inside the container as read-only + cpp: + image: ${IMAGE_PREFIX}/${GHCR_USERNAME}/quickstart-tutorials/jenkinsci-tutorials:cpp_${BRANCH_SUFFIX} + environment: + - GITPOD_WORKSPACE_URL=${GITPOD_WORKSPACE_URL} + container_name: desktop-jenkins_agent-1 + profiles: + - cpp + depends_on: + sidekick_service: + condition: service_completed_successfully # Depends on the successful completion of the sidekick_service + jenkins_controller: + condition: service_started + ports: + - "3000:3000" + healthcheck: + test: ["CMD-SHELL", "[ -f /home/jenkins/.ssh/authorized_keys ] || exit 1"] + # Checks if the authorized_keys file exists in the /home/jenkins/.ssh path + interval: 5s + timeout: 10s + retries: 5 + volumes: + - agent-ssh-dir:/home/jenkins/.ssh:ro # Mounts the agent-ssh-dir volume to the /home/jenkins/.ssh path inside the container as read-only + dotnet: + image: ${IMAGE_PREFIX}/${GHCR_USERNAME}/quickstart-tutorials/jenkinsci-tutorials:dotnet_${BRANCH_SUFFIX} + environment: + - GITPOD_WORKSPACE_URL=${GITPOD_WORKSPACE_URL} + container_name: desktop-jenkins_agent-1 + profiles: + - dotnet + depends_on: + sidekick_service: + condition: service_completed_successfully # Depends on the successful completion of the sidekick_service + jenkins_controller: + condition: service_started + ports: + - "5000:5000" + healthcheck: + test: ["CMD-SHELL", "[ -f /home/jenkins/.ssh/authorized_keys ] || exit 1"] + # Checks if the authorized_keys file exists in the /home/jenkins/.ssh path + interval: 5s + timeout: 10s + retries: 5 + volumes: + - agent-ssh-dir:/home/jenkins/.ssh:ro # Mounts the agent-ssh-dir volume to the /home/jenkins/.ssh path inside the container as read-only volumes: jenkins_home: null empty_jenkins_home: null diff --git a/docker-versions.txt b/docker-versions.txt index ce2a23d2..7efe93fe 100644 --- a/docker-versions.txt +++ b/docker-versions.txt @@ -1,2 +1,2 @@ -- Docker version 26.1.3, build b72abbb -- Docker Compose version v2.27.1 +- Docker version 28.0.4, build b8034c0 +- Docker Compose version v2.35.1 diff --git a/dockerfiles/Dockerfile b/dockerfiles/Dockerfile index adac89f9..36b12e9a 100644 --- a/dockerfiles/Dockerfile +++ b/dockerfiles/Dockerfile @@ -1,7 +1,7 @@ # This Dockerfile is used to create a Jenkins server with a specific version and pre-configured settings. # We start by defining an ARG for the Jenkins version. This allows us to easily change the version of Jenkins we want to use. -ARG JENKINS_VERSION=2.452.3 +ARG JENKINS_VERSION=2.509-jdk21 # We then use the official Jenkins image with the specified version as our base image. FROM jenkins/jenkins:"${JENKINS_VERSION}" @@ -25,11 +25,11 @@ USER jenkins RUN echo "${JENKINS_VERSION}" > /usr/share/jenkins/ref/jenkins.install.UpgradeWizard.state # We copy a list of plugins to install to the Jenkins ref directory in the image. -COPY plugins.txt /usr/share/jenkins/ref/plugins.txt +COPY plugins.txt /usr/share/jenkins/ref/plugins.txt.override # We use the Jenkins plugin CLI to install the plugins listed in the plugins.txt file. -RUN jenkins-plugin-cli --plugin-file /usr/share/jenkins/ref/plugins.txt +RUN ln -s /usr/share/jenkins/ref/plugins.txt.override /usr/share/jenkins/ref/plugins.txt && jenkins-plugin-cli --plugin-file /usr/share/jenkins/ref/plugins.txt # We copy a pre-configured Jenkins configuration file to the Jenkins ref directory in the image. # This allows us to pre-configure Jenkins with our desired settings. -COPY jenkins.yaml /usr/share/jenkins/ref/jenkins.yaml +COPY jenkins.yaml /usr/share/jenkins/ref/jenkins.yaml.override diff --git a/dockerfiles/agent-discovery/Dockerfile b/dockerfiles/agent-discovery/Dockerfile index be96b45c..1801112c 100644 --- a/dockerfiles/agent-discovery/Dockerfile +++ b/dockerfiles/agent-discovery/Dockerfile @@ -1,7 +1,7 @@ # This Dockerfile is used to prepare a Debian-based Docker image with several utilities installed. # We start from the Debian 'bookworm' image dated 2023-11-20. -FROM debian:bookworm-20240311-slim as prepare-stage +FROM debian:bookworm-20250407-slim as prepare-stage # Copy all shell scripts from the current directory to /usr/local/bin/ in the image. COPY *sh /usr/local/bin/ diff --git a/dockerfiles/agent-discovery/find-name.sh b/dockerfiles/agent-discovery/find-name.sh index 7d4efb7b..0471321d 100644 --- a/dockerfiles/agent-discovery/find-name.sh +++ b/dockerfiles/agent-discovery/find-name.sh @@ -79,15 +79,31 @@ while true; do sleep 2 # Wait for 5 seconds before the next iteration of the loop. done +## Check if jenkins_controller is reachable, otherwise fall back to multi_jenkins_controller +JENKINS_CONTROLLER="jenkins_controller" +if ! curl -s -f --max-time 60 "http://${JENKINS_CONTROLLER}:8080/login" > /dev/null; then + echo "Primary controller not reachable, falling back to multi controller..." + JENKINS_CONTROLLER="multi_jenkins_controller" + if ! curl -s -f --max-time 60 "http://${JENKINS_CONTROLLER}:8080/login" > /dev/null; then + echo "Error: Neither primary nor multi controller is reachable" + exit 1 + fi +fi + # Check If Jenkins is running or not # If the message is found, awk exits with a non-zero status (1), and the loop continues. # If the message is not found, the loop exits, and the "Jenkins is running" message is displayed. -timeout 60 bash -c 'until curl -s -f http://jenkins_controller:8080/login > /dev/null; do sleep 5; done' && echo "Jenkins is running" || echo "Jenkins is not running" +timeout 60 bash -c "until curl -s -f http://${JENKINS_CONTROLLER}:8080/login > /dev/null; do sleep 5; done" && echo "Jenkins is running" || echo "Jenkins is not running" +# The colon (:) is a no-op command in Bash, which means it does nothing and always returns a true exit status. It is often used as a placeholder or to evaluate expressions without executing any commands. +# The ${JENKINS_STARTUP_TIMEOUT:=60} part is a parameter expansion. It checks if the JENKINS_STARTUP_TIMEOUT variable is set and not null. If it is not set, it assigns the value 60 to JENKINS_STARTUP_TIMEOUT +: "${JENKINS_STARTUP_TIMEOUT:=60}" # Default to 60 seconds if not set +timeout "${JENKINS_STARTUP_TIMEOUT}" bash -c "until curl -s -f http://${JENKINS_CONTROLLER}:8080/login > /dev/null; do sleep 5; done" && echo "Jenkins is running" || echo "Jenkins is not running" + echo "Jenkins is ready" # Get the Jenkins version -JENKINS_VERSION=$(curl -s -I -k http://admin:admin@jenkins_controller:8080 | grep -i '^X-Jenkins:' | awk '{print $2}') +JENKINS_VERSION=$(curl -s -I -k http://admin:admin@$JENKINS_CONTROLLER:8080 | grep -i '^X-Jenkins:' | awk '{print $2}') echo "Jenkins version is: $JENKINS_VERSION" # Use the token in the curl command to reload the configuration -# curl -X POST "http://admin:admin@jenkins_controller:8080/reload-configuration-as-code/?casc-reload-token=$JCASC_TOKEN" -curl -X POST "http://admin:admin@jenkins_controller:8080/reload-configuration-as-code/?casc-reload-token=thisisnotsecure" +# curl -X POST "http://admin:admin@$JENKINS_CONTROLLER:8080/reload-configuration-as-code/?casc-reload-token=$JCASC_TOKEN" +curl -X POST "http://admin:admin@$JENKINS_CONTROLLER:8080/reload-configuration-as-code/?casc-reload-token=thisisnotsecure" diff --git a/dockerfiles/android/Dockerfile b/dockerfiles/android/Dockerfile index c94dbeb1..f44ac955 100644 --- a/dockerfiles/android/Dockerfile +++ b/dockerfiles/android/Dockerfile @@ -1,4 +1,4 @@ -FROM jenkins/ssh-agent:5.44.0 as ssh-agent +FROM jenkins/ssh-agent:6.14.0-jdk21 as ssh-agent # ca-certificates because curl uses certificates from ca-certificates RUN apt-get update && apt-get install -y --no-install-recommends adb build-essential ca-certificates curl file git python3 python3-pip unzip diff --git a/dockerfiles/cpp/Dockerfile b/dockerfiles/cpp/Dockerfile new file mode 100644 index 00000000..ed025178 --- /dev/null +++ b/dockerfiles/cpp/Dockerfile @@ -0,0 +1,19 @@ +FROM jenkins/ssh-agent:6.14.0-jdk21 + +# Install necessary C++ build tools +RUN apt-get update && apt-get install -y --no-install-recommends \ + build-essential \ + cmake \ + gcc \ + g++ \ + clang \ + make \ + libstdc++-12-dev \ + pkg-config \ + && rm -rf /var/lib/apt/lists/* + +# Set environment variables +ENV PATH="/usr/local/bin:$PATH" + +# Ensure the ownership of the Jenkins agent home directory is set to the Jenkins user +RUN chown -R jenkins:jenkins "${JENKINS_AGENT_HOME}" diff --git a/dockerfiles/dotnet/Dockerfile b/dockerfiles/dotnet/Dockerfile new file mode 100644 index 00000000..55a5d303 --- /dev/null +++ b/dockerfiles/dotnet/Dockerfile @@ -0,0 +1,22 @@ +FROM jenkins/ssh-agent:6.12.0-jdk21 AS ssh-agent + +# install dotnet dependencies +RUN apt-get update && apt-get install -y --no-install-recommends libc6 libgcc1 libgssapi-krb5-2 libicu72 libssl3 libstdc++6 zlib1g wget && apt-get clean && \ + rm -rf /var/lib/apt/lists/* + +# Now time to install dotnet +ARG DOTNET_VERSION=8.0 + +# Set SHELL flags for RUN commands to allow -e and pipefail +# Rationale:https://github.com/hadolint/hadolint/wiki/DL4006 +SHELL ["/bin/bash", "-eo", "pipefail", "-c"] + +RUN wget https://dot.net/v1/dotnet-install.sh -O dotnet-install.sh && chmod +x ./dotnet-install.sh && \ + ./dotnet-install.sh --channel ${DOTNET_VERSION} --install-dir /usr/local/dotnet + +ENV DOTNET_ROOT=/usr/local/dotnet +ENV PATH=$PATH:$DOTNET_ROOT:$DOTNET_ROOT/tools + +RUN echo "PATH=${PATH}" >> /etc/environment && chown -R jenkins:jenkins "${JENKINS_AGENT_HOME}" && \ + dotnet --list-sdks + diff --git a/dockerfiles/gitpodURL.sh b/dockerfiles/gitpodURL.sh index ce668ed5..6513e01b 100755 --- a/dockerfiles/gitpodURL.sh +++ b/dockerfiles/gitpodURL.sh @@ -7,7 +7,7 @@ config_file="/workspace/quickstart-tutorials/dockerfiles/jenkins.yaml" service_url=$(echo "$GITPOD_WORKSPACE_URL" | awk -F/ '{print $3}') # Define an array of targets -targets=("maven" "node" "python" "multi" "default") +targets=("maven" "node" "python" "multi" "cpp" "dotnet" "default") # Initialize an empty string for the message message="As a gentle reminder, the current profiles are: " diff --git a/dockerfiles/golang/Dockerfile b/dockerfiles/golang/Dockerfile index fdb9126c..398061e9 100644 --- a/dockerfiles/golang/Dockerfile +++ b/dockerfiles/golang/Dockerfile @@ -1,11 +1,11 @@ -FROM jenkins/ssh-agent:5.44.0 as ssh-agent +FROM jenkins/ssh-agent:6.14.0-jdk21 as ssh-agent # ca-certificates because curl uses certificates from ca-certificates RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates curl && apt-get clean && \ rm -rf /var/lib/apt/lists/* # Now time to install golang -ARG GOLANG_VERSION=1.22.5 +ARG GOLANG_VERSION=1.24.2 ARG TARGETARCH ENV ARCHITECTURE=$TARGETARCH diff --git a/dockerfiles/maven/Dockerfile b/dockerfiles/maven/Dockerfile index 7871a500..cd8fa3a7 100644 --- a/dockerfiles/maven/Dockerfile +++ b/dockerfiles/maven/Dockerfile @@ -1,11 +1,11 @@ -FROM jenkins/ssh-agent:5.44.0 as ssh-agent +FROM jenkins/ssh-agent:6.14.0-jdk21 as ssh-agent # ca-certificates because curl uses certificates from ca-certificates RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates curl && apt-get clean && \ rm -rf /var/lib/apt/lists/* # Now time to install maven -ARG MAVEN_VERSION=3.9.8 +ARG MAVEN_VERSION=3.9.9 # Set SHELL flags for RUN commands to allow -e and pipefail # Rationale:https://github.com/hadolint/hadolint/wiki/DL4006 diff --git a/dockerfiles/multi/Dockerfile b/dockerfiles/multi/Dockerfile index 873d7e6b..67e2fc36 100644 --- a/dockerfiles/multi/Dockerfile +++ b/dockerfiles/multi/Dockerfile @@ -1,4 +1,4 @@ -FROM jenkins/ssh-agent:5.44.0 as ssh-agent +FROM jenkins/ssh-agent:6.14.0-jdk21 as ssh-agent ARG NODE_MAJOR=20 diff --git a/dockerfiles/node/Dockerfile b/dockerfiles/node/Dockerfile index 59b2bf6f..14ad2aee 100644 --- a/dockerfiles/node/Dockerfile +++ b/dockerfiles/node/Dockerfile @@ -1,5 +1,5 @@ -FROM jenkins/ssh-agent:5.44.0 as ssh-agent -ARG NODE_MAJOR=20 +FROM jenkins/ssh-agent:6.14.0-jdk21 as ssh-agent +ARG NODE_MAJOR=22 # ca-certificates because curl uses certificates from ca-certificates RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates curl gnupg && \ diff --git a/dockerfiles/plugins.txt b/dockerfiles/plugins.txt index 0807ee8f..3d714b14 100644 --- a/dockerfiles/plugins.txt +++ b/dockerfiles/plugins.txt @@ -1,82 +1,83 @@ -ant:497.v94e7d9fffa_b_9 -antisamy-markup-formatter:162.v0e6ec0fcfcf6 -apache-httpcomponents-client-4-api:4.5.14-208.v438351942757 -bootstrap5-api:5.3.3-1 -bouncycastle-api:2.30.1.78.1-248.ve27176eb_46cb_ -branch-api:2.1169.va_f810c56e895 -build-timeout:1.33 -caffeine-api:3.1.8-133.v17b_1ff2e0599 -checks-api:2.2.0 -cloudbees-folder:6.928.v7c780211d66e -commons-lang3-api:3.14.0-76.vda_5591261cfe -commons-text-api:1.12.0-119.v73ef73f2345d -configuration-as-code:1810.v9b_c30a_249a_4c -credentials-binding:681.vf91669a_32e45 -credentials:1371.vfee6b_095f0a_3 -display-url-api:2.204.vf6fddd8a_8b_e9 -durable-task:555.v6802fe0f0b_82 -echarts-api:5.5.0-1 -font-awesome-api:6.5.2-1 -git-client:5.0.0 -git:5.2.2 -github-api:1.318-461.v7a_c09c9fa_d63 -github-branch-source:1789.v5b_0c0cea_18c3 -github:1.39.0 -gradle:2.12 -instance-identity:185.v303dc7c645f9 -ionicons-api:74.v93d5eb_813d5f -jackson2-api:2.17.0-379.v02de8ec9f64c -jakarta-activation-api:2.1.3-1 -jakarta-mail-api:2.1.3-1 -javax-activation-api:1.2.0-7 -javax-mail-api:1.6.2-10 -jaxb:2.3.9-1 -jjwt-api:0.11.5-112.ve82dfb_224b_a_d -jquery3-api:3.7.1-2 -junit:1265.v65b_14fa_f12f0 -locale:519.v4e20f313cfa_f -mailer:472.vf7c289a_4b_420 -matrix-auth:3.2.2 -matrix-project:832.va_66e270d2946 -metrics:4.2.21-451.vd51df8df52ec -mina-sshd-api-common:2.13.1-117.v2f1a_b_66ff91d -mina-sshd-api-core:2.13.1-117.v2f1a_b_66ff91d -okhttp-api:4.11.0-172.vda_da_1feeb_c6e -pipeline-build-step:540.vb_e8849e1a_b_d8 -pipeline-graph-analysis:216.vfd8b_ece330ca_ -pipeline-graph-view:313.v1322ce83d680 -pipeline-groovy-lib:727.ve832a_9244dfa_ -pipeline-input-step:495.ve9c153f6067b_ -pipeline-milestone-step:119.vdfdc43fc3b_9a_ -pipeline-model-api:2.2205.vc9522a_9d5711 -pipeline-model-definition:2.2205.vc9522a_9d5711 -pipeline-model-extensions:2.2205.vc9522a_9d5711 -pipeline-rest-api:2.34 -pipeline-stage-step:312.v8cd10304c27a_ -pipeline-stage-tags-metadata:2.2205.vc9522a_9d5711 -pipeline-stage-view:2.34 -plain-credentials:183.va_de8f1dd5a_2b_ -plugin-util-api:4.1.0 -resource-disposer:0.23 -scm-api:690.vfc8b_54395023 -script-security:1341.va_2819b_414686 -snakeyaml-api:2.2-111.vc6598e30cc65 -ssh-credentials:337.v395d2403ccd4 -ssh-slaves:2.973.v0fa_8c0dea_f9f -sshd:3.330.vc866a_8389b_58 -structs:338.v848422169819 -timestamper:1.27 -token-macro:400.v35420b_922dcb_ -trilead-api:2.147.vb_73cc728a_32e -variant:60.v7290fc0eb_b_cd -workflow-aggregator:600.vb_57cdd26fdd7 -workflow-api:1316.v33eb_726c50b_a_ -workflow-basic-steps:1058.vcb_fc1e3a_21a_9 -workflow-cps:3908.vd6b_b_5a_a_54010 -workflow-durable-task-step:1360.v82d13453da_a_f -workflow-job:1400.v7fd111b_ec82f -workflow-multibranch:783.787.v50539468395f -workflow-scm-step:427.v4ca_6512e7df1 -workflow-step-api:678.v3ee58b_469476 -workflow-support:920.v59f71ce16f04 -ws-cleanup:0.46 +ant:513.vde9e7b_a_0da_0f +antisamy-markup-formatter:173.v680e3a_b_69ff3 +apache-httpcomponents-client-4-api:4.5.14-269.vfa_2321039a_83 +bootstrap5-api:5.3.5-1 +bouncycastle-api:2.30.1.80-256.vf98926042a_9b_ +branch-api:2.1217.v43d8b_b_d8b_2c7 +build-timeout:1.38 +caffeine-api:3.2.0-166.v72a_6d74b_870f +checks-api:370.vb_61a_c57328f3 +cloudbees-folder:6.1012.v79a_86a_1ea_c1f +commons-lang3-api:3.17.0-87.v5cf526e63b_8b_ +commons-text-api:1.13.0-153.v91dcd89e2a_22 +configuration-as-code:1967.va_968e15fd05b_ +coverage:2.5.0 +credentials-binding:687.v619cb_15e923f +credentials:1415.v831096eb_5534 +display-url-api:2.209.v582ed814ff2f +durable-task:587.v84b_877235b_45 +echarts-api:5.6.0-4 +font-awesome-api:6.7.2-1 +git-client:6.1.3 +git:5.7.0 +github-api:1.321-488.v9b_c0da_9533f8 +github-branch-source:1815.v9152b_2ff7a_1b_ +github:1.43.0 +gradle:2.14.1 +instance-identity:203.v15e81a_1b_7a_38 +ionicons-api:88.va_4187cb_eddf1 +jackson2-api:2.18.3-402.v74c4eb_f122b_2 +jakarta-activation-api:2.1.3-2 +jakarta-mail-api:2.1.3-2 +javax-activation-api:1.2.0-8 +javax-mail-api:1.6.2-11 +jaxb:2.3.9-133.vb_ec76a_73f706 +jjwt-api:0.11.5-120.v0268cf544b_89 +jquery3-api:3.7.1-3 +junit:1322.v1556dc1c59a_f +locale:566.v3323643741cc +mailer:489.vd4b_25144138f +matrix-auth:3.2.6 +matrix-project:849.v0cd64ed7e531 +metrics:4.2.30-471.v55fa_495f2b_f5 +mina-sshd-api-common:2.15.0-161.vb_200831a_c15b_ +mina-sshd-api-core:2.15.0-161.vb_200831a_c15b_ +okhttp-api:4.11.0-189.v976fa_d3379d6 +pipeline-build-step:567.vea_ce550ece97 +pipeline-graph-analysis:235.vb_a_a_36b_f248c2 +pipeline-graph-view:516.vd1d03f6c4a_99 +pipeline-groovy-lib:752.vdddedf804e72 +pipeline-input-step:517.vf8e782ee645c +pipeline-milestone-step:134.vdf60d179845f +pipeline-model-api:2.2255.v56a_15e805f12 +pipeline-model-definition:2.2255.v56a_15e805f12 +pipeline-model-extensions:2.2255.v56a_15e805f12 +pipeline-rest-api:2.38 +pipeline-stage-step:322.vecffa_99f371c +pipeline-stage-tags-metadata:2.2255.v56a_15e805f12 +pipeline-stage-view:2.38 +plain-credentials:195.vb_906e9073dee +plugin-util-api:6.1.0 +resource-disposer:0.25 +scm-api:704.v3ce5c542825a_ +script-security:1373.vb_b_4a_a_c26fa_00 +snakeyaml-api:2.3-125.v4d77857a_b_402 +ssh-credentials:355.v9b_e5b_cde5003 +ssh-slaves:3.1031.v72c6b_883b_869 +sshd:3.353.v2b_d33c46e970 +structs:343.vdcf37b_a_c81d5 +timestamper:1.28 +token-macro:444.v52de7e9c573d +trilead-api:2.209.v0e69b_c43c245 +variant:70.va_d9f17f859e0 +workflow-aggregator:608.v67378e9d3db_1 +workflow-api:1371.ve334280b_d611 +workflow-basic-steps:1079.vce64b_a_929c5a_ +workflow-cps:4106.v7a_8a_8176d450 +workflow-durable-task-step:1405.v1fcd4a_d00096 +workflow-job:1520.v56d65e3b_4566 +workflow-multibranch:806.vb_b_688f609ee9 +workflow-scm-step:437.v05a_f66b_e5ef8 +workflow-step-api:700.v6e45cb_a_5a_a_21 +workflow-support:968.v8f17397e87b_8 +ws-cleanup:0.48 diff --git a/dockerfiles/python/Dockerfile b/dockerfiles/python/Dockerfile index 6b108d9c..59a7f428 100644 --- a/dockerfiles/python/Dockerfile +++ b/dockerfiles/python/Dockerfile @@ -1,7 +1,7 @@ # This Dockerfile is used to create a Jenkins SSH agent with Python and several Python packages installed in order to run the python sample tutorial. # We start from the Jenkins SSH agent image version 5.20.0. -FROM jenkins/ssh-agent:5.44.0 as ssh-agent +FROM jenkins/ssh-agent:6.14.0-jdk21 as ssh-agent # The RUN command executes a series of commands in the new layer of the image and commits the results. # The following commands are executed: diff --git a/dockerfiles/sidekick/Dockerfile b/dockerfiles/sidekick/Dockerfile index 94b728f2..194605ce 100644 --- a/dockerfiles/sidekick/Dockerfile +++ b/dockerfiles/sidekick/Dockerfile @@ -1,7 +1,7 @@ # This Dockerfile is used to prepare a Debian-based Docker image with several utilities installed. # We start from the Debian 'bookworm' image dated 2023-11-20. -FROM debian:bookworm-20240701 as prepare-stage +FROM debian:bookworm-20250428 as prepare-stage # Copy all shell scripts from the current directory to /usr/local/bin/ in the image. COPY *sh /usr/local/bin/ diff --git a/extract-profiles.sh b/extract-profiles.sh new file mode 100755 index 00000000..5e09eaa8 --- /dev/null +++ b/extract-profiles.sh @@ -0,0 +1,51 @@ +#!/bin/bash +set -e + +original_file="docker-compose.yaml" + +# Function to add a service and its dependencies to the included_services list +add_service_and_dependencies() { + local service=$1 + # Mark the service as included + included_services["$service"]=1 + # Check if the service has dependencies + if yq e ".services.${service}.depends_on" "$original_file" -e > /dev/null; then + # Read dependencies of the service + local dependencies=($(yq e ".services.${service}.depends_on | keys" "$original_file" -o json | jq -r '.[]')) + # Recursively add dependencies + for dependency in "${dependencies[@]}"; do + if [[ -z "${included_services["$dependency"]}" ]]; then + add_service_and_dependencies "$dependency" + fi + done + fi +} + +# Step 1: Collect all dependencies +declare -A all_dependencies +services=$(yq e '.services | keys' "$original_file" -o json | jq -r '.[]') +for service in $services; do + dependencies=$(yq e ".services.$service.depends_on | keys" "$original_file" -o json | jq -r '.[]') + for dependency in $dependencies; do + all_dependencies["$dependency"]=1 + done +done + +# Step 2: Process each profile and include dependencies +for profile in $(yq e '.services[].profiles[]?' "$original_file" | sort -u); do + echo "Processing profile: $profile" + # Initialize an associative array to track included services + declare -A included_services + # Find and include services matching the profile + matching_services=$(yq e ".services | with_entries(select(.value.profiles[]? == \"$profile\")) | keys" "$original_file" -o json | jq -r '.[]') + for service in $matching_services; do + add_service_and_dependencies "$service" + done + # Correctly format the list of included services for yq query + included_services_keys=$(printf "'%s'," "${!included_services[@]}") + included_services_keys="[${included_services_keys%,}]" # Remove trailing comma and wrap in brackets + + # Generate the docker-compose file for the profile + echo "Generating docker-compose-$profile.yaml" + yq e ".services | with_entries(select(.key as \$k | .key == \"$included_services_list\"))" "$original_file" > "docker-compose-$profile.yaml" +done diff --git a/updatecli/updatecli.d/jenkins-lts.yaml b/updatecli/updatecli.d/jenkins-lts.yaml deleted file mode 100644 index b5fb62e8..00000000 --- a/updatecli/updatecli.d/jenkins-lts.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -name: Bump Jenkins' LTS version in the controller Dockerfile - -scms: - default: - kind: github - spec: - user: "{{ .github.user }}" - email: "{{ .github.email }}" - owner: "{{ .github.owner }}" - repository: "{{ .github.repository }}" - token: "{{ requiredEnv .github.token }}" - username: "{{ .github.username }}" - branch: "{{ .github.branch }}" - -sources: - JenkinsLatestLTS: - name: Get the latest Jenkins LTS version - kind: shell - spec: - command: bash ./updatecli/scripts/jenkins-lts.sh 0 # source input value passed as argument - -conditions: - # Test that the latest LTS Jenkins version exists - jenkinsLatestLTSVersion: - kind: jenkins - sourceid: JenkinsLatestLTS - -targets: - setJenkinsLatestLTS: - kind: dockerfile - spec: - file: dockerfiles/Dockerfile - instruction: - keyword: "ARG" - matcher: "JENKINS_VERSION" - name: "[jenkins-controller] Bump Jenkins LTS version in dockerfiles/Dockerfile" - sourceid: JenkinsLatestLTS - scmid: default - -actions: - default: - kind: github/pullrequest - scmid: default - title: Update Jenkins LTS versions to {{ source "JenkinsLatestLTS" }} in the controller Dockerfile - spec: - labels: - - dependencies - - chore diff --git a/updatecli/updatecli.d/jenkins-weekly.yaml b/updatecli/updatecli.d/jenkins-weekly.yaml new file mode 100644 index 00000000..3a6ce505 --- /dev/null +++ b/updatecli/updatecli.d/jenkins-weekly.yaml @@ -0,0 +1,76 @@ +--- +# This YAML configuration defines a pipeline for automatically updating the Jenkins Weekly version +# in a Dockerfile. It utilizes various components such as sources, conditions, targets, and actions +# to achieve this automation. + +# Define the pipeline's name and the SCM (Source Control Management) configurations. +name: Bump Jenkins' Weekly version in the controller Dockerfile + +scms: + default: + kind: github + spec: + user: "{{ .github.user }}" # GitHub user for authentication + email: "{{ .github.email }}" # Email associated with the GitHub user + owner: "{{ .github.owner }}" # Owner of the GitHub repository + repository: "{{ .github.repository }}" # Name of the GitHub repository + token: "{{ requiredEnv .github.token }}" # GitHub token for authentication + username: "{{ .github.username }}" # GitHub username + branch: "{{ .github.branch }}" # Branch to apply changes + +# Define the sources for the pipeline. These are the origins of data used in the pipeline. +sources: + JenkinsLatestWeekly: + name: Get the latest Jenkins Weekly version + kind: jenkins + spec: + release: weekly # Specifies that the weekly release of Jenkins is to be fetched + JenkinsLatestWeeklyJDK21: + name: Get the latest Jenkins Weekly version with JDK 21 + kind: jenkins + spec: + release: weekly # Specifies that the weekly release of Jenkins is to be fetched + jdk: 21 # Specifies JDK 21 for the Jenkins version + transformers: + - addsuffix: "-jdk21" # Adds a suffix to the version to denote JDK 21 + +# Define conditions that must be met for the pipeline to proceed. +conditions: + # Test that the latest Weekly Jenkins version exists + jenkinsWeekly: + kind: jenkins + sourceid: JenkinsLatestWeekly # Links this condition to the JenkinsLatestWeekly source + spec: + release: weekly + # Test that the docker image exists + dockerImage: + kind: dockerimage + sourceid: JenkinsLatestWeekly # Links this condition to the JenkinsLatestWeekly source + spec: + image: "jenkins/jenkins" # Specifies the Docker image to check + transformers: + - addsuffix: "-jdk21" # Adds a suffix to denote JDK 21 + +# Define the targets for the pipeline. These are the end goals the pipeline aims to achieve. +targets: + setJenkinsLatestWeekly: + kind: dockerfile + sourceid: JenkinsLatestWeeklyJDK21 # Links this target to the JenkinsLatestWeeklyJDK21 source + spec: + file: dockerfiles/Dockerfile # Specifies the Dockerfile to be updated + instruction: + keyword: "ARG" # Specifies the Dockerfile instruction to update + matcher: "JENKINS_VERSION" # Specifies the argument to be updated + name: "[jenkins-controller] Bump Jenkins Weekly version in dockerfiles/Dockerfile" + scmid: default # Links this target to the default SCM configuration + +# Define the actions to be taken once the conditions are met and targets are ready. +actions: + default: + kind: github/pullrequest + scmid: default # Links this action to the default SCM configuration + title: Update Jenkins Weekly versions to {{ source "JenkinsLatestWeekly" }}-jdk21 in the controller Dockerfile + spec: + labels: + - dependencies # Label for the pull request + - chore # Label for the pull request diff --git a/updatecli/updatecli.d/ssh-agent.yaml b/updatecli/updatecli.d/ssh-agent.yaml index bef372b4..76713d61 100644 --- a/updatecli/updatecli.d/ssh-agent.yaml +++ b/updatecli/updatecli.d/ssh-agent.yaml @@ -19,10 +19,11 @@ sources: kind: dockerimage spec: image: jenkins/ssh-agent - tagfilter: ^\d*(\.\d*){2}$ + # Use \d+ to ensure major, minor, patch are present + tagfilter: ^\d+\.\d+\.\d+-jdk21$ versionfilter: kind: semver - pattern: '>=5.20.0' + pattern: '>=0.0.0-0' targets: jenkins/python-agent: @@ -85,6 +86,16 @@ targets: matcher: jenkins/ssh-agent sourceid: jenkins/ssh-agent scmid: default + jenkins/cpp-agent: + name: '[jenkins/ssh-agent] Bump Docker image tag in "dockerfiles/cpp/Dockerfile"' + kind: dockerfile + spec: + file: dockerfiles/cpp/Dockerfile + instruction: + keyword: FROM + matcher: jenkins/ssh-agent + sourceid: jenkins/ssh-agent + scmid: default default-agent: name: '[jenkins/ssh-agent] Bump Docker image tag in "docker-compose.yaml"' kind: yaml diff --git a/updatecli/values.github-action.yaml b/updatecli/values.github-action.yaml index b1bf9199..6664f4cc 100644 --- a/updatecli/values.github-action.yaml +++ b/updatecli/values.github-action.yaml @@ -3,6 +3,6 @@ github: email: "41898282+github-actions[bot]@users.noreply.github.com" username: "github-actions" token: "UPDATECLI_GITHUB_TOKEN" - branch: "main" + branch: "weekly" owner: "jenkins-docs" repository: "quickstart-tutorials"