From aacc957a30722dd192730f85b80a9953c1c3e7a6 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 21 May 2024 16:53:13 +0900 Subject: [PATCH 1/4] Updated build process for Zabbix agent (windows) --- .../workflows/base_images_build_windows.yml | 327 +++++++++++++++++ .github/workflows/images_build_windows.yml | 198 +--------- Dockerfiles/agent/windows/Dockerfile | 19 +- .../agent/windows/docker-entrypoint.ps1 | 2 +- Dockerfiles/agent2/windows/Dockerfile | 9 +- .../agent2/windows/docker-entrypoint.ps1 | 16 +- .../build-base/windows/Dockerfile.agent | 333 ++++++++++------- .../build-base/windows/Dockerfile.agent2 | 339 ++++++++++-------- .../build-mysql/windows/Dockerfile.agent | 53 +-- .../build-mysql/windows/Dockerfile.agent2 | 44 ++- 10 files changed, 812 insertions(+), 528 deletions(-) create mode 100644 .github/workflows/base_images_build_windows.yml diff --git a/.github/workflows/base_images_build_windows.yml b/.github/workflows/base_images_build_windows.yml new file mode 100644 index 000000000..099e23e3b --- /dev/null +++ b/.github/workflows/base_images_build_windows.yml @@ -0,0 +1,327 @@ +name: Build base images (DockerHub, Windows) + +on: + push: + branches: + - '[0-9]+.[0-9]+' + - 'trunk' + paths: + - 'Dockerfiles/build-base/windows/*' + - '!**/README.md' + - '.github/workflows/base_images_build_windows.yml' + schedule: + - cron: '0 10 * * 2,5' + workflow_dispatch: + +defaults: + run: + shell: pwsh + +permissions: + contents: read + +env: + TRUNK_ONLY_EVENT: ${{ contains(fromJSON('["schedule"]'), github.event_name) }} + AUTO_PUSH_IMAGES: ${{ vars.AUTO_PUSH_IMAGES }} + + DOCKER_REPOSITORY: ${{ vars.DOCKER_REPOSITORY }} + LATEST_BRANCH: ${{ github.event.repository.default_branch }} + TRUNK_GIT_BRANCH: "refs/heads/trunk" + IMAGES_PREFIX: "zabbix-" + + MSFT_BASE_BUILD_IMAGE: "mcr.microsoft.com/windows/servercore" + PWSH_BASE_IMAGE_NAME: "mcr.microsoft.com/powershell" + PWSH_BASE_IMAGE_PREFIX: "lts-nanoserver-" + + BASE_IMAGE_NAME: "build-base" + BASE_BUILD_IMAGE_NAME: "build-mysql" + + MATRIX_FILE: "build.json" + DOCKERFILES_DIRECTORY: "Dockerfiles" + + OIDC_ISSUER: "https://token.actions.githubusercontent.com" + IDENITY_REGEX: "https://github.com/zabbix/zabbix-docker/.github/" + +jobs: + init_build: + name: Initialize build + runs-on: ubuntu-latest + permissions: + contents: read + outputs: + os: ${{ steps.os.outputs.list }} + components: ${{ steps.components.outputs.list }} + is_default_branch: ${{ steps.branch_info.outputs.is_default_branch }} + current_branch: ${{ steps.branch_info.outputs.current_branch }} + sha_short: ${{ steps.branch_info.outputs.sha_short }} + steps: + - name: Block egress traffic + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 + with: + disable-sudo: true + egress-policy: block + allowed-endpoints: > + github.com:443 + + - name: Checkout repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + ref: ${{ env.TRUNK_ONLY_EVENT == 'true' && env.TRUNK_GIT_BRANCH || '' }} + fetch-depth: 1 + sparse-checkout: ${{ env.MATRIX_FILE }} + + - name: Check ${{ env.MATRIX_FILE }} file + id: build_exists + shell: bash + env: + MATRIX_FILE: ${{ env.MATRIX_FILE }} + run: | + if [[ ! -f "$MATRIX_FILE" ]]; then + echo "::error::File $MATRIX_FILE is missing" + exit 1 + fi + + - name: Prepare Operating System list + id: os + shell: bash + env: + MATRIX_FILE: ${{ env.MATRIX_FILE }} + run: | + os_list=$(jq -r '.["os-windows"] | keys | [ .[] | tostring ] | @json' "$MATRIX_FILE") + + echo "::group::Operating System List" + echo "$os_list" + echo "::endgroup::" + + echo "list=$os_list" >> $GITHUB_OUTPUT + + - name: Prepare Zabbix component list + id: components + shell: bash + run: | + component_list='["agent","agent2"]' + + echo "::group::Zabbix Component List" + echo "$component_list" + echo "::endgroup::" + + echo "list=$component_list" >> $GITHUB_OUTPUT + + - name: Get branch info + id: branch_info + shell: bash + env: + LATEST_BRANCH: ${{ env.LATEST_BRANCH }} + github_ref: ${{ env.TRUNK_ONLY_EVENT == 'true' && env.TRUNK_GIT_BRANCH || github.ref }} + run: | + result=false + sha_short=$(git rev-parse --short HEAD) + + if [[ "$github_ref" == "refs/tags/"* ]]; then + github_ref=${github_ref%.*} + fi + + github_ref=${github_ref##*/} + + if [[ "$github_ref" == "$LATEST_BRANCH" ]]; then + result=true + fi + + echo "::group::Branch data" + echo "is_default_branch - $result" + echo "current_branch - $github_ref" + echo "sha_short - $sha_short" + echo "::endgroup::" + + echo "is_default_branch=$result" >> $GITHUB_OUTPUT + echo "current_branch=$github_ref" >> $GITHUB_OUTPUT + echo "sha_short=$sha_short" >> $GITHUB_OUTPUT + + build_base: + name: Build ${{ matrix.component }} base on ${{ matrix.os }} + needs: init_build + runs-on: ${{ matrix.os }} + timeout-minutes: 50 + permissions: + contents: read + id-token: write + strategy: + fail-fast: false + matrix: + os: ${{ fromJson(needs.init_build.outputs.os) }} + component: ${{ fromJson(needs.init_build.outputs.components) }} + steps: + - name: Checkout repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + ref: ${{ env.TRUNK_ONLY_EVENT == 'true' && env.TRUNK_GIT_BRANCH || '' }} + fetch-depth: 1 + + - name: Install cosign + uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 + with: + cosign-release: 'v2.2.3' + + - name: Check cosign version + run: cosign version + + - name: Login to DockerHub + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Base Windows OS tag + id: base_os_tag + env: + MATRIX_OS: ${{ matrix.os }} + MATRIX_FILE: ${{ env.MATRIX_FILE }} + run: | + $os_tag=$(Get-Content -Path $Env:MATRIX_FILE | ConvertFrom-Json).'os-windows'."$Env:MATRIX_OS" + + echo "::group::Base Microsoft Windows OS tag" + echo "$os_tag" + echo "::endgroup::" + + echo "os_tag=$os_tag" >> $Env:GITHUB_OUTPUT + + - name: Generate tags + id: meta + uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 + with: + images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGES_PREFIX }}${{ env.BASE_IMAGE_NAME }} + context: ${{ env.TRUNK_ONLY_EVENT == 'true' && 'git' || '' }} + tags: | + type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}- + type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},suffix=-${{ steps.base_os_tag.outputs.os_tag }},prefix=${{ matrix.component }}- + type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}-,suffix=-latest + type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }}-latest,prefix=${{ matrix.component }}- + type=raw,enable=${{ (needs.init_build.outputs.current_branch != 'trunk') && (needs.init_build.outputs.is_default_branch == 'true') }},value=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}-latest + type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}- + type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }},prefix=${{ matrix.component }}- + flavor: | + latest=false + + - name: Build and push image + id: docker_build + env: + DOCKERFILES_DIRECTORY: ${{ env.DOCKERFILES_DIRECTORY }} + BASE_BUILD_IMAGE: ${{ env.MSFT_BASE_BUILD_IMAGE }} + BASE_IMAGE_NAME: ${{ env.BASE_IMAGE_NAME }} + MATRIX_COMPONENT: ${{ matrix.component }} + TAGS: ${{ steps.meta.outputs.tags }} + BASE_OS_TAG: ${{ steps.base_os_tag.outputs.os_tag }} + LABEL_REVISION: ${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} + LABEL_CREATED: ${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} + AUTO_PUSH_IMAGES: ${{ env.AUTO_PUSH_IMAGES }} + run: | + echo "::group::Docker version" + docker version + echo "::endgroup::" + echo "::group::Docker info" + docker info + echo "::endgroup::" + + $context="$Env:DOCKERFILES_DIRECTORY\$Env:BASE_IMAGE_NAME\windows\" + $dockerfile= $context + 'Dockerfile.' + $Env:MATRIX_COMPONENT + $base_os_image= $Env:BASE_BUILD_IMAGE + ':' + $Env:BASE_OS_TAG + # Can not build on GitHub due existing symlink. Must be removed before build process + Remove-Item -ErrorAction Ignore -Force -Path $context\README.md + + $tags_array=$( "$Env:TAGS".Split("`n") ) + $tags=$( $tags_array | Foreach-Object { "--tag=$_" } ) + + echo "::group::Image tags" + echo "$Env:TAGS" + echo "::endgroup::" + echo "::group::Pull base image" + docker pull $base_os_image + if (-not $?) {throw "Failed"} + echo "::endgroup::" + + echo "::group::Build Image" + Write-Host @" + docker build --label org.opencontainers.image.revision=$Env:LABEL_REVISION + --label org.opencontainers.image.created=$Env:LABEL_CREATED + --build-arg=BUILD_BASE_IMAGE=$base_os_image + --file=$dockerfile + $tags + $context + "@ + + docker build --label org.opencontainers.image.revision=$Env:LABEL_REVISION ` + --label org.opencontainers.image.created=$Env:LABEL_CREATED ` + --build-arg=BUILD_BASE_IMAGE=$base_os_image ` + --file=$dockerfile ` + $tags ` + $context + if (-not $?) {throw "Failed"} + echo "::endgroup::" + + echo "::group::Publish Image" + if ( $Env:AUTO_PUSH_IMAGES -eq 'true' ) { + Foreach ($tag in $tags_array) { + echo "docker image push $tag" + docker image push $tag + if (-not $?) {throw "Failed"} + } + + $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] + if (-not $?) {throw "Failed"} + echo "Image digest got from RepoDigests" + } + else { + $digest=$(docker inspect $tags_array[0] --format "{{ index .Id}}") + if (-not $?) {throw "Failed"} + echo "Image digest got from Id" + } + echo "::endgroup::" + + echo "::group::Digest" + echo "$digest" + echo "::endgroup::" + echo "digest=$digest" >> $Env:GITHUB_OUTPUT + + - name: Sign the images with GitHub OIDC Token + env: + DIGEST: ${{ steps.docker_build.outputs.digest }} + TAGS: ${{ steps.meta.outputs.tags }} + run: | + $tags_array=$( "$Env:TAGS".Split("`n") ) + $tag_list=@() + + + foreach ($tag in $tags_array) { + $tag_name=$tag.Split(":")[0] + $tag_list+="$tag_name@$Env:DIGEST" + } + echo "::group::Images to sign" + echo "$tag_list" + echo "::endgroup::" + + echo "::group::Signing" + echo "cosign sign --yes $tag_list" + cosign sign --yes $tag_list + echo "::endgroup::" + + - name: Image digest + if: ${{ env.AUTO_PUSH_IMAGES }} + env: + DIGEST: ${{ steps.docker_build.outputs.digest }} + CACHE_FILE_NAME: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }} + run: | + echo "::group::Image digest" + echo "$Env:DIGEST" + echo "::endgroup::" + + echo "::group::Cache file name" + echo "$Env:CACHE_FILE_NAME" + echo "::endgroup::" + + $Env:DIGEST | Set-Content -Path $Env:CACHE_FILE_NAME + + - name: Cache image digest + uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + with: + path: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }}_${{ needs.init_build.outputs.current_branch }} + key: ${{ env.BASE_IMAGE_NAME }}-${{ matrix.os }} diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 154f26431..a205085cb 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -140,198 +140,9 @@ jobs: echo "current_branch=$github_ref" >> $GITHUB_OUTPUT echo "sha_short=$sha_short" >> $GITHUB_OUTPUT - build_base: - name: Build ${{ matrix.component }} base on ${{ matrix.os }} - needs: init_build - runs-on: ${{ matrix.os }} - timeout-minutes: 70 - permissions: - contents: read - id-token: write - strategy: - fail-fast: false - matrix: - os: ${{ fromJson(needs.init_build.outputs.os) }} - component: ${{ fromJson(needs.init_build.outputs.components) }} - steps: - - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - ref: ${{ env.TRUNK_ONLY_EVENT == 'true' && env.TRUNK_GIT_BRANCH || '' }} - fetch-depth: 1 - - - name: Install cosign - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 - with: - cosign-release: 'v2.2.3' - - - name: Check cosign version - run: cosign version - - - name: Login to DockerHub - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Base Windows OS tag - id: base_os_tag - env: - MATRIX_OS: ${{ matrix.os }} - MATRIX_FILE: ${{ env.MATRIX_FILE }} - run: | - $os_tag=$(Get-Content -Path $Env:MATRIX_FILE | ConvertFrom-Json).'os-windows'."$Env:MATRIX_OS" - - echo "::group::Base Microsoft Windows OS tag" - echo "$os_tag" - echo "::endgroup::" - - echo "os_tag=$os_tag" >> $Env:GITHUB_OUTPUT - - - name: Generate tags - id: meta - uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 - with: - images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGES_PREFIX }}${{ env.BASE_IMAGE_NAME }} - context: ${{ env.TRUNK_ONLY_EVENT == 'true' && 'git' || '' }} - tags: | - type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}- - type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},suffix=-${{ steps.base_os_tag.outputs.os_tag }},prefix=${{ matrix.component }}- - type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}-,suffix=-latest - type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }}-latest,prefix=${{ matrix.component }}- - type=raw,enable=${{ (needs.init_build.outputs.current_branch != 'trunk') && (needs.init_build.outputs.is_default_branch == 'true') }},value=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}-latest - type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}- - type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }},prefix=${{ matrix.component }}- - flavor: | - latest=false - - - name: Build and push image - id: docker_build - env: - DOCKERFILES_DIRECTORY: ${{ env.DOCKERFILES_DIRECTORY }} - BASE_BUILD_IMAGE: ${{ env.MSFT_BASE_BUILD_IMAGE }} - BASE_IMAGE_NAME: ${{ env.BASE_IMAGE_NAME }} - MATRIX_COMPONENT: ${{ matrix.component }} - TAGS: ${{ steps.meta.outputs.tags }} - BASE_OS_TAG: ${{ steps.base_os_tag.outputs.os_tag }} - LABEL_REVISION: ${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} - LABEL_CREATED: ${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} - AUTO_PUSH_IMAGES: ${{ env.AUTO_PUSH_IMAGES }} - run: | - echo "::group::Docker version" - docker version - echo "::endgroup::" - echo "::group::Docker info" - docker info - echo "::endgroup::" - - $context="$Env:DOCKERFILES_DIRECTORY\$Env:BASE_IMAGE_NAME\windows\" - $dockerfile= $context + 'Dockerfile.' + $Env:MATRIX_COMPONENT - $base_os_image= $Env:BASE_BUILD_IMAGE + ':' + $Env:BASE_OS_TAG - # Can not build on GitHub due existing symlink. Must be removed before build process - Remove-Item -ErrorAction Ignore -Force -Path $context\README.md - - $tags_array=$( "$Env:TAGS".Split("`n") ) - $tags=$( $tags_array | Foreach-Object { "--tag=$_" } ) - - echo "::group::Image tags" - echo "$Env:TAGS" - echo "::endgroup::" - echo "::group::Pull base image" - docker pull $base_os_image - if (-not $?) {throw "Failed"} - echo "::endgroup::" - - echo "::group::Build Image" - Write-Host @" - docker build --label org.opencontainers.image.revision=$Env:LABEL_REVISION - --label org.opencontainers.image.created=$Env:LABEL_CREATED - --build-arg=BUILD_BASE_IMAGE=$base_os_image - --file=$dockerfile - $tags - $context - "@ - - docker build --label org.opencontainers.image.revision=$Env:LABEL_REVISION ` - --label org.opencontainers.image.created=$Env:LABEL_CREATED ` - --build-arg=BUILD_BASE_IMAGE=$base_os_image ` - --file=$dockerfile ` - $tags ` - $context - if (-not $?) {throw "Failed"} - echo "::endgroup::" - - echo "::group::Publish Image" - if ( $Env:AUTO_PUSH_IMAGES -eq 'true' ) { - Foreach ($tag in $tags_array) { - echo "docker image push $tag" - docker image push $tag - if (-not $?) {throw "Failed"} - } - - $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] - if (-not $?) {throw "Failed"} - echo "Image digest got from RepoDigests" - } - else { - $digest=$(docker inspect $tags_array[0] --format "{{ index .Id}}") - if (-not $?) {throw "Failed"} - echo "Image digest got from Id" - } - echo "::endgroup::" - - echo "::group::Digest" - echo "$digest" - echo "::endgroup::" - echo "digest=$digest" >> $Env:GITHUB_OUTPUT - - - name: Sign the images with GitHub OIDC Token - env: - DIGEST: ${{ steps.docker_build.outputs.digest }} - TAGS: ${{ steps.meta.outputs.tags }} - run: | - $tags_array=$( "$Env:TAGS".Split("`n") ) - $tag_list=@() - - - foreach ($tag in $tags_array) { - $tag_name=$tag.Split(":")[0] - $tag_list+="$tag_name@$Env:DIGEST" - } - echo "::group::Images to sign" - echo "$tag_list" - echo "::endgroup::" - - echo "::group::Signing" - echo "cosign sign --yes $tag_list" - cosign sign --yes $tag_list - echo "::endgroup::" - - - name: Image digest - if: ${{ env.AUTO_PUSH_IMAGES }} - env: - DIGEST: ${{ steps.docker_build.outputs.digest }} - CACHE_FILE_NAME: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }} - run: | - echo "::group::Image digest" - echo "$Env:DIGEST" - echo "::endgroup::" - - echo "::group::Cache file name" - echo "$Env:CACHE_FILE_NAME" - echo "::endgroup::" - - $Env:DIGEST | Set-Content -Path $Env:CACHE_FILE_NAME - - - name: Cache image digest - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 - with: - path: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }} - key: ${{ env.BASE_IMAGE_NAME }}-${{ matrix.os }}-${{ github.run_id }} - build_components: name: Build ${{ matrix.component }} sources on ${{ matrix.os }} - needs: [ "build_base", "init_build"] + needs: [ "init_build" ] runs-on: ${{ matrix.os }} timeout-minutes: 70 permissions: @@ -397,8 +208,11 @@ jobs: - name: Download SHA256 tag of ${{ env.BASE_IMAGE_NAME }}:${{ matrix.os }} uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 with: - path: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }} - key: ${{ env.BASE_IMAGE_NAME }}-${{ matrix.os }}-${{ github.run_id }} + path: | + ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }}_${{ needs.init_build.outputs.sha_short }} + ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }}_${{ needs.init_build.outputs.current_branch }} + key: ${{ env.BASE_IMAGE_NAME }}-${{ matrix.os }} + fail-on-cache-miss: true - name: Retrieve ${{ env.BASE_IMAGE_NAME }}:${{ matrix.os }} SHA256 tag id: base_build diff --git a/Dockerfiles/agent/windows/Dockerfile b/Dockerfiles/agent/windows/Dockerfile index f4ece63bd..00f6ab444 100644 --- a/Dockerfiles/agent/windows/Dockerfile +++ b/Dockerfiles/agent/windows/Dockerfile @@ -28,7 +28,7 @@ SHELL ["pwsh", "-Command", "$ErrorActionPreference = 'Stop';"] WORKDIR C:\zabbix\ -COPY --from=builder ["C:\\zabbix", "C:\\zabbix"] +COPY --from=builder ["C:\\zabbix_output", "C:\\zabbix"] COPY [".\\docker-entrypoint.ps1", "C:\\zabbix"] USER ContainerAdministrator @@ -37,16 +37,19 @@ RUN $env:PATH = [string]::Format('{0}\zabbix\sbin;{0}\zabbix\bin;', $env:SystemD [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` ` $env:ZBX_HOME = [string]::Format('{0}\zabbix', $env:SystemDrive); ` - [Environment]::SetEnvironmentVariable('ZBX_HOME', $env:ZBX_HOME, [EnvironmentVariableTarget]::Machine); + [Environment]::SetEnvironmentVariable('ZBX_HOME', $env:ZBX_HOME, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host ('Verifying Zabbix agent {0} ...' -f $env:ZBX_VERSION); ` + zabbix_agentd.exe -V; RUN Set-Location -Path $env:SystemDrive\.; ` ` - New-Item -ItemType directory -Path $env:ZBX_HOME\conf\zabbix_agentd.d | Out-Null; ` - New-Item -ItemType directory -Path $env:ZBX_HOME\enc | Out-Null; ` - New-Item -ItemType directory -Path $env:ZBX_HOME\modules | Out-Null; ` - New-Item -ItemType directory -Path $env:ZBX_HOME\buffer | Out-Null; ` + New-Item -Force -ItemType directory -Path $env:ZBX_HOME\conf\zabbix_agentd.d | Out-Null; ` + New-Item -Force -ItemType directory -Path $env:ZBX_HOME\enc | Out-Null; ` + New-Item -Force -ItemType directory -Path $env:ZBX_HOME\modules | Out-Null; ` + New-Item -Force -ItemType directory -Path $env:ZBX_HOME\buffer | Out-Null; ` ` - net accounts /MaxPWAge:unlimited; ` + net accounts /MaxPWAge:unlimited; ` net user /add zabbix /expire:never /passwordreq:no; ` $acl = Get-Acl -Path $env:ZBX_HOME; ` $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` @@ -57,4 +60,4 @@ USER zabbix EXPOSE 10050/TCP -CMD C:\zabbix\docker-entrypoint.ps1 C:\zabbix\sbin\zabbix_agentd.exe -c C:\zabbix\conf\zabbix_agentd.win.conf -f +CMD C:\zabbix\docker-entrypoint.ps1 C:\zabbix\sbin\zabbix_agentd.exe -c C:\zabbix\conf\zabbix_agentd.conf -f diff --git a/Dockerfiles/agent/windows/docker-entrypoint.ps1 b/Dockerfiles/agent/windows/docker-entrypoint.ps1 index 409f3b8fe..1963d372b 100644 --- a/Dockerfiles/agent/windows/docker-entrypoint.ps1 +++ b/Dockerfiles/agent/windows/docker-entrypoint.ps1 @@ -111,7 +111,7 @@ function Update-Config-Multiple-Var { function Prepare-Zbx-Agent-Config { Write-Host "** Preparing Zabbix agent configuration file" - $ZbxAgentConfig="$ZabbixConfigDir\zabbix_agentd.win.conf" + $ZbxAgentConfig="$ZabbixConfigDir\zabbix_agentd.conf" if ([string]::IsNullOrWhitespace($env:ZBX_PASSIVESERVERS)) { $env:ZBX_PASSIVESERVERS="" diff --git a/Dockerfiles/agent2/windows/Dockerfile b/Dockerfiles/agent2/windows/Dockerfile index edcbb0393..d2d8d6596 100644 --- a/Dockerfiles/agent2/windows/Dockerfile +++ b/Dockerfiles/agent2/windows/Dockerfile @@ -28,7 +28,7 @@ SHELL ["pwsh", "-Command", "$ErrorActionPreference = 'Stop';"] WORKDIR C:\zabbix\ -COPY --from=builder ["C:\\zabbix2", "C:\\zabbix"] +COPY --from=builder ["C:\\zabbix_output", "C:\\zabbix"] COPY [".\\docker-entrypoint.ps1", "C:\\zabbix"] USER ContainerAdministrator @@ -37,7 +37,10 @@ RUN $env:PATH = [string]::Format('{0}\zabbix\sbin;{0}\zabbix\bin;', $env:SystemD [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` ` $env:ZBX_HOME = [string]::Format('{0}\zabbix', $env:SystemDrive); ` - [Environment]::SetEnvironmentVariable('ZBX_HOME', $env:ZBX_HOME, [EnvironmentVariableTarget]::Machine); + [Environment]::SetEnvironmentVariable('ZBX_HOME', $env:ZBX_HOME, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host ('Verifying Zabbix agent 2 {0} ...' -f $env:ZBX_VERSION); ` + zabbix_agent2.exe -V; RUN Set-Location -Path $env:SystemDrive\.; ` ` @@ -57,4 +60,4 @@ USER zabbix EXPOSE 10050/TCP 31999/TCP -CMD C:\zabbix\docker-entrypoint.ps1 C:\zabbix\sbin\zabbix_agent2.exe -c C:\zabbix\conf\zabbix_agent2.win.conf -f +CMD C:\zabbix\docker-entrypoint.ps1 C:\zabbix\sbin\zabbix_agent2.exe -c C:\zabbix\conf\zabbix_agent2.conf -f diff --git a/Dockerfiles/agent2/windows/docker-entrypoint.ps1 b/Dockerfiles/agent2/windows/docker-entrypoint.ps1 index 8193fe941..ba5103ce1 100644 --- a/Dockerfiles/agent2/windows/docker-entrypoint.ps1 +++ b/Dockerfiles/agent2/windows/docker-entrypoint.ps1 @@ -109,9 +109,9 @@ function Update-Config-Multiple-Var { } function Prepare-Zbx-Agent-Config { - Write-Host "** Preparing Zabbix agent configuration file" + Write-Host "** Preparing Zabbix agent 2 configuration file" - $ZbxAgentConfig="$ZabbixConfigDir\zabbix_agent2.win.conf" + $ZbxAgentConfig="$ZabbixConfigDir\zabbix_agent2.conf" if ([string]::IsNullOrWhitespace($env:ZBX_PASSIVESERVERS)) { $env:ZBX_PASSIVESERVERS="" @@ -217,9 +217,19 @@ function Prepare-Zbx-Agent-Config { } +function Prepare-Zbx-Agent-Plugins-Config { + Write-Host "** Preparing Zabbix agent 2 (plugins) configuration file" + + $ZbxAgentConfig="$ZabbixConfigDir\zabbix_agent2.conf" + +# Update-Config-Var $ZbxAgentConfig "Plugins.MongoDB.System.Path" "$ZabbixUserHomeDir\zabbix-agent2-plugin\zabbix-agent2-plugin-mongodb.exe" +# Update-Config-Var $ZbxAgentConfig "Plugins.PostgreSQL.System.Path" "$ZabbixUserHomeDir\zabbix-agent2-plugin\zabbix-agent2-plugin-postgresql.exe" +} + function PrepareAgent { - Write-Host "** Preparing Zabbix agent" + Write-Host "** Preparing Zabbix agent 2" Prepare-Zbx-Agent-Config + Prepare-Zbx-Agent-Plugins-Config } $commandArgs=$args diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent b/Dockerfiles/build-base/windows/Dockerfile.agent index 97ab44a72..37eea6684 100644 --- a/Dockerfiles/build-base/windows/Dockerfile.agent +++ b/Dockerfiles/build-base/windows/Dockerfile.agent @@ -1,27 +1,37 @@ # syntax=docker/dockerfile:1 # escape=` ARG BUILD_BASE_IMAGE=mcr.microsoft.com/windows/servercore:ltsc2022 -FROM $BUILD_BASE_IMAGE +FROM $BUILD_BASE_IMAGE as builder_base ARG PCRE_VERSION=8.45 ARG OPENSSL_VERSION=1.1.1s +ARG ZLIB_VERSION=1.3.1 +ARG CURL_VERSION=8.7.1 + ARG BUILD_ARCH=x64 ARG CPU_MODEL=AMD64 ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION}.42 -ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/16/release/vs_buildtools.exe -ARG NASM_URL=https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/win64/nasm-2.15.05-installer-x64.exe -ARG PERL_URL=https://strawberryperl.com/download/5.32.1.1/strawberry-perl-5.32.1.1-64bit.msi ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/MinGit-2.33.0.2-busybox-64-bit.zip +ARG PERL_URL=https://github.com/StrawberryPerl/Perl-Dist-Strawberry/releases/download/SP_53822_64bit/strawberry-perl-5.38.2.2-64bit-portable.zip + +ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/17/release/vs_buildtools.exe +ARG NASM_URL=https://www.nasm.us/pub/nasm/releasebuilds/2.16.03/win64/nasm-2.16.03-installer-x64.exe + ARG PCRE_URL=https://sourceforge.net/projects/pcre/files/pcre/$PCRE_VERSION/pcre-$PCRE_VERSION.zip ARG OPENSSL_URL=https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz +ARG ZLIB_URL=https://zlib.net/zlib-$ZLIB_VERSION.tar.gz +ARG CURL_URL=https://curl.se/download/curl-$CURL_VERSION.tar.gz ENV ZBX_VERSION=$ZBX_VERSION ` BUILD_ARCH=$BUILD_ARCH CPU_MODEL=$CPU_MODEL ` + GIT_URL=$GIT_URL PERL_URL=$PERL_URL NASM_URL=$NASM_URL ` + VS_BUILDTOOLS_URL=$VS_BUILDTOOLS_URL ` PCRE_VERSION=$PCRE_VERSION OPENSSL_VERSION=$OPENSSL_VERSION ` - GIT_URL=$GIT_URL NASM_URL=$NASM_URL PERL_URL=$PERL_URL PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL + PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL ` + ZLIB_URL=$ZLIB_URL CURL_URL=$CURL_URL LABEL org.opencontainers.image.title="Zabbix agent build base for Windows" ` org.opencontainers.image.authors="Alexey Pustovalov " ` @@ -35,94 +45,86 @@ LABEL org.opencontainers.image.title="Zabbix agent build base for Windows" ` SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] RUN Set-Location -Path $env:SystemDrive\.; ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + ` + $env:PATH = [string]::Format('{0}\perl\perl\bin;{1}\NASM;{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive, ${env:ProgramFiles}) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + $env:BUILD_OUTPUT = [string]::Format('{0}\build_output', $env:SystemDrive); ` + [Environment]::SetEnvironmentVariable('BUILD_OUTPUT', $env:BUILD_OUTPUT, [EnvironmentVariableTarget]::Machine); ` + $env:BUILD_SRC = [string]::Format('{0}\build_src', $env:SystemDrive); ` + [Environment]::SetEnvironmentVariable('BUILD_SRC', $env:BUILD_SRC, [EnvironmentVariableTarget]::Machine); ` ` Write-Host ('Downloading {0} ...' -f $env:GIT_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\git.zip -Uri $env:GIT_URL; ` + Invoke-WebRequest -OutFile $env:TEMP\git.zip -Uri $env:GIT_URL; ` ` $sha256 = '273f55e881094d00877d64f56570b0c997c4da5dedcb26738d56481033c1eba1'; ` + $d_sha256 = (Get-FileHash $env:TEMP\git.zip -Algorithm sha256).Hash; ` Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\git.zip -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum GIT for Windows failed!'; ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum GIT for Windows ({0}) failed!' -f $d_sha256); ` exit 1; ` }; ` ` - Write-Host 'Installing ...'; ` + Write-Host ('Downloading {0} ...' -f $env:NASM_URL); ` + Invoke-WebRequest -OutFile $env:TEMP\nasm_installer.exe -Uri $env:NASM_URL; ` + ` + $sha256 = '657E1252676CFB26A008835C20A760F731C8E0414469A4ED0F83F0FB059CDD35'; ` + $d_sha256 = (Get-FileHash $env:TEMP\nasm_installer.exe -Algorithm sha256).Hash; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:TEMP\nasm_installer.exe -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host ('Checksum NASM ({0}) failed!' -f $d_sha256); ` + exit 1; ` + }; ` + ` + Write-Host ('Downloading {0} ...' -f $env:PERL_URL); ` + Invoke-WebRequest -OutFile $env:TEMP\perl.zip -Uri $env:PERL_URL; ` + ` + $sha256 = 'EA451686065D6338D7E4D4A04C9AF49F17951D15AA4C2E19AB8CB56FA2373440'; ` + $d_sha256 = (Get-FileHash $env:TEMP\perl.zip -Algorithm sha256).Hash; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum Strawberry Perl ({0}) failed!' -f $d_sha256); ` + exit 1; ` + }; ` + ` + Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` + Invoke-WebRequest -OutFile $env:TEMP\vs_buildtools.exe $env:VS_BUILDTOOLS_URL; ` + ` + Write-Host 'Installing GIT...'; ` Expand-Archive ` - -Path git.zip ` + -Path $env:TEMP\git.zip ` -DestinationPath $env:SystemDrive\git\.; ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\git.zip; ` - $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` ` Write-Host 'Verifying install ("git version") ...'; ` git version; ` - ` - Write-Host ('Downloading {0} ...' -f $env:NASM_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\nasm_installer.exe -Uri $env:NASM_URL; ` - $sha256 = 'a02325b9fe54f917f5d6a3036637b38dbb6addf6f7ba9d344d9b943a143fe7d0'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\nasm_installer.exe -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum NASM failed!'; ` - exit 1; ` - }; ` - Write-Host 'Installing ...'; ` + Write-Host 'Installing NASM...'; ` Start-Process ` - -FilePath $env:SystemDrive\nasm_installer.exe ` + -FilePath $env:TEMP\nasm_installer.exe ` -ArgumentList '/S' -Wait; ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\nasm_installer.exe; ` - ` - $env:PATH = [string]::Format('{0}\NASM;', ${env:ProgramFiles}) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` ` Write-Host 'Verifying install ("nasm -v") ...'; ` nasm -v; ` ` - Write-Host ('Downloading {0} ...' -f $env:PERL_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\perl_installer.msi -Uri $env:PERL_URL; ` - ` - $sha256 = '241a881670164feb0b91bb69d39fbbf84c981bec0d9f8c19959f8f48fd177768'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\perl_installer.msi -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum Strawberry Perl failed!'; ` - exit 1; ` - }; ` - Write-Host 'Installing ...'; ` - Start-Process ` - -FilePath 'msiexec.exe' ` - -ArgumentList """/i $env:SystemDrive\perl_installer.msi /qn /norestart INSTALLDIR=$env:SystemDrive\Strawberry""" ` - -Wait; ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\perl_installer.msi; ` - $env:PATH = [string]::Format('{0}\Strawberry\perl\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + Write-Host 'Installing Perl...'; ` + Expand-Archive -Path $env:TEMP\perl.zip -DestinationPath $env:SystemDrive\perl\; ` + Remove-Item -Force -Recurse $env:SystemDrive\perl\c\; ` ` Write-Host 'Verifying install ("perl -V") ...'; ` perl -V; ` ` - Write-Host 'Installing Text::Template...'; ` - cpan Text::Template; ` - ` - Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\vs_buildtools.exe $env:VS_BUILDTOOLS_URL; ` - ` Write-Host ('{0} - Visual Studio components installing...' -f $(Get-Date -format 'u')); ` - cmd /C start /w $env:SystemDrive\vs_buildtools.exe ` + cmd /C start /w $env:TEMP\vs_buildtools.exe ` --quiet ` --wait ` --norestart ` --nocache ` - --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` - --channelUri https://aka.ms/vs/16/release/channel ` - --installChannelUri https://aka.ms/vs/16/release/channel ` - --channelId VisualStudio.16.Release ` - # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 - --add Microsoft.VisualStudio.Component.Windows10SDK.19041 ` + --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2022\BuildTools""" ` + --channelUri https://aka.ms/vs/17/release/channel ` + --installChannelUri https://aka.ms/vs/17/release/channel ` + --channelId VisualStudio.17.Release ` + # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2022 + --add Microsoft.VisualStudio.Component.Windows11SDK.22621 ` --add Microsoft.VisualStudio.Component.VC.CMake.Project; ` if ($err = dir $Env:TEMP -Filter dd_setup_*_errors.log | where Length -gt 0 | Get-Content) { ` throw $err; ` @@ -130,40 +132,127 @@ RUN Set-Location -Path $env:SystemDrive\.; ` Wait-Process -name msiexec; ` Write-Host ('{0} - Visual Studio components installed' -f $(Get-Date -format 'u')); ` ` - Write-Host 'Visual Studio components installation cleanup'; ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\vs_buildtools.exe; ` - Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force -Recurse; ` - Remove-Item -Force -Recurse $env:TEMP\*; ` - Write-Host 'Build environment is ready...'; - -RUN Set-Location -Path $env:SystemDrive\.; ` + $env:VS_PATH = &(Join-Path ${env:ProgramFiles(x86)} """\Microsoft Visual Studio\Installer\vswhere.exe""") -latest -products Microsoft.VisualStudio.Product.BuildTools -property installationPath; ` + [Environment]::SetEnvironmentVariable('VS_PATH', $env:VS_PATH, [EnvironmentVariableTarget]::Machine); ` ` - Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` - Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + Write-Host 'Visual Studio components installation cleanup'; ` + Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force -Recurse; ` + ` + Write-Host 'Removing downloaded...'; ` + Remove-Item -Force -Recurse $env:TEMP\*; ` + Write-Host 'Build environment is ready...'; ` + ` + Set-Location -Path $env:SystemDrive\.; ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + ` + New-Item -ItemType directory -Path $env:BUILD_OUTPUT -Force | Out-Null; ` + New-Item -ItemType directory -Path $env:BUILD_SRC -Force | Out-Null; ` + Set-Location -Path $env:BUILD_SRC; ` ` Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - (new-object System.Net.WebClient).DownloadFile("""$env:PCRE_URL""","""$env:SystemDrive\pcre.zip"""); ` + Invoke-WebRequest -OutFile $env:TEMP\pcre.zip -Uri $env:PCRE_URL; ` ` $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` + $d_sha256 = (Get-FileHash $env:TEMP\pcre.zip -Algorithm sha256).Hash; ` Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\pcre.zip -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum PCRE library failed!'; ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum PCRE library ({0}) failed!' -f $d_sha256); ` exit 1; ` }; ` - Write-Host 'Extracting archive ...'; ` - Expand-Archive -Path $env:SystemDrive\pcre.zip -DestinationPath $env:SystemDrive; ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\pcre.zip; ` - Rename-Item -Path $env:SystemDrive\pcre-$env:PCRE_VERSION -NewName $env:SystemDrive\pcre_build; ` - New-Item -ItemType directory -Path "$env:SystemDrive\pcre_build\build" | Out-Null; ` ` - Set-Location -Path $env:SystemDrive\pcre_build\build; ` + Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` + Invoke-WebRequest -OutFile $env:TEMP\openssl.tar.gz -Uri $env:OPENSSL_URL; ` + ` + $sha256 = '6ae015467dabf0469b139ada93319327be24b98251ffaeceda0221848dc09262'; ` + $d_sha256 = (Get-FileHash $env:TEMP\openssl.tar.gz -Algorithm sha256).Hash; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum OpenSSL library ({0}) failed!' -f $d_sha256); ` + exit 1; ` + }; ` + ` + ` + Write-Host ('Downloading {0} ...' -f $env:ZLIB_URL); ` + Invoke-WebRequest -OutFile $env:TEMP\zlib.tar.gz -Uri $env:ZLIB_URL; ` + ` + $sha256 = '9A93B2B7DFDAC77CEBA5A558A580E74667DD6FEDE4585B91EEFB60F03B72DF23'; ` + $d_sha256 = (Get-FileHash $env:TEMP\zlib.tar.gz -Algorithm sha256).Hash; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum Zlib library ({0}) failed!' -f $d_sha256); ` + exit 1; ` + }; ` + ` + Write-Host ('Downloading {0} ...' -f $env:CURL_URL); ` + Invoke-WebRequest -OutFile $env:TEMP\curl.tar.gz -Uri $env:CURL_URL; ` + ` + $sha256 = 'F91249C87F68EA00CF27C44FDFA5A78423E41E71B7D408E5901A9896D905C495'; ` + $d_sha256 = (Get-FileHash $env:TEMP\curl.tar.gz -Algorithm sha256).Hash; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum Curl library ({0}) failed!' -f $d_sha256); ` + exit 1; ` + }; ` + ` + Write-Host 'Extracting PCRE archive ...'; ` + Expand-Archive -Path $env:TEMP\pcre.zip -DestinationPath $env:BUILD_SRC; ` + Rename-Item -Path $env:BUILD_SRC\pcre-$env:PCRE_VERSION -NewName $env:BUILD_SRC\pcre; ` + New-Item -ItemType directory -Path "$env:BUILD_SRC\pcre\build" | Out-Null; ` + ` + Write-Host 'Extracting OpenSSL archive ...'; ` + tar -zxf $env:TEMP\openssl.tar.gz; ` + Rename-Item -Path $env:BUILD_SRC\openssl-$env:OPENSSL_VERSION -NewName $env:BUILD_SRC\openssl; ` + ` + Write-Host 'Extracting Zlib archive ...'; ` + tar -zxf $env:TEMP\zlib.tar.gz; ` + Move-Item -Path $env:BUILD_SRC\zlib-$env:ZLIB_VERSION\ -Destination $env:BUILD_SRC\zlib; ` + ` + Write-Host 'Extracting CURL archive ...'; ` + tar -zxf $env:TEMP\curl.tar.gz; ` + Move-Item -Path $env:BUILD_SRC\curl-$env:CURL_VERSION\ -Destination $env:BUILD_SRC\curl; ` + ` + Set-Location -Path $env:SystemDrive\.; ` + ` + Import-Module (Get-ChildItem $env:VS_PATH -Recurse -File -Filter Microsoft.VisualStudio.DevShell.dll).FullName; ` + Enter-VsDevShell -VsInstallPath $env:VS_PATH -SkipAutomaticLocation -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + ` + Write-Host 'Building Zlib library...'; ` + Set-Location -Path $env:BUILD_SRC\zlib; ` + (Get-Content .\win32\Makefile.msc).replace('-MD', '-MT') | Set-Content .\win32\Makefile.msc; ` + set CL=/MP; ` + nmake /S -f .\win32\Makefile.msc; ` + New-Item -ItemType directory -Path $env:BUILD_OUTPUT\zlib | Out-Null; ` + New-Item -ItemType directory -Path $env:BUILD_OUTPUT\zlib\include | Out-Null; ` + New-Item -ItemType directory -Path $env:BUILD_OUTPUT\zlib\lib | Out-Null; ` + Copy-Item $env:BUILD_SRC\zlib\*.h -Destination $env:BUILD_OUTPUT\zlib\include; ` + Copy-Item $env:BUILD_SRC\zlib\zlib.lib -Destination $env:BUILD_OUTPUT\zlib\lib; ` + Copy-Item $env:BUILD_SRC\zlib\zlib.pdb -Destination $env:BUILD_OUTPUT\zlib\lib; ` + nmake /S -f .\win32\Makefile.msc clean | Out-Null; ` + Write-Host 'Zlib is ready...'; ` + ` + Write-Host 'Building OpenSSL library...'; ` + Set-Location -Path $env:BUILD_SRC\openssl; ` + perl $env:BUILD_SRC\openssl\Configure ` + VC-WIN64A ` + no-shared ` + no-ui-console ` + no-tests ` + no-unit-test ` + no-capieng ` + --api=1.1.0 ` + --prefix=$env:BUILD_OUTPUT\openssl ` + --openssldir=$env:BUILD_OUTPUT\openssl_ssl; ` + set CL=/MP; ` + nmake /S build_sw; ` + nmake /S install_dev; ` + nmake /S clean | Out-Null; ` + Write-Host 'OpenSSL is ready...'; ` + ` Write-Host 'Building PCRE library ...'; ` + Set-Location -Path $env:BUILD_SRC\pcre\build; ` cmake --log-level=ERROR ` - -G 'Visual Studio 16 2019' ` - -A $env:BUILD_ARCH ` + -G 'Visual Studio 17 2022' ` + -A $env:BUILD_ARCH ` -DPCRE_SUPPORT_UNICODE_PROPERTIES=ON ` -DPCRE_SUPPORT_UTF=ON ` -DCMAKE_C_FLAGS_RELEASE:string="""/MT""" ..; ` @@ -175,42 +264,38 @@ RUN Set-Location -Path $env:SystemDrive\.; ` /target:pcre; ` ` Write-Host 'PCRE is ready...'; - -RUN Set-Location -Path $env:SystemDrive\.; ` + New-Item -ItemType directory -Path $env:BUILD_OUTPUT\pcre | Out-Null; ` + New-Item -ItemType directory -Path $env:BUILD_OUTPUT\pcre\include | Out-Null; ` + New-Item -ItemType directory -Path $env:BUILD_OUTPUT\pcre\lib | Out-Null; ` + Copy-Item $env:BUILD_SRC\pcre\build\*.h -Destination $env:BUILD_OUTPUT\pcre\include; ` + Copy-Item $env:BUILD_SRC\pcre\build\Release\* -Destination $env:BUILD_OUTPUT\pcre\lib; ` + Remove-Item -Path $env:BUILD_SRC\pcre\build\* -Force -Recurse; ` + Write-Host 'PCRE is ready...'; ` ` - Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` - Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` ` - Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\openssl.tar.gz -Uri $env:OPENSSL_URL; ` - ` - $sha256 = 'c5ac01e760ee6ff0dab61d6b2bbd30146724d063eb322180c6f18a6f74e4b6aa'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\openssl.tar.gz -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum OpenSSL library failed!'; ` - exit 1; ` - }; ` - ` - Write-Host 'Extracting archive ...'; ` - tar -zxf $env:SystemDrive\openssl.tar.gz; ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` - Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` - ` - Write-Host 'Building OpenSSL library...'; ` - Set-Location -Path $env:SystemDrive\openssl_build; ` - perl $env:SystemDrive\openssl_build\Configure ` - VC-WIN64A ` - no-shared ` - no-ui-console ` - no-tests ` -# enable-capieng ` - no-capieng ` - --api=1.1.0 ` - --prefix=$env:SystemDrive\openssl_output ` - --openssldir=$env:SystemDrive\openssl_output_ssl; ` + Write-Host 'Building Curl library...'; ` + Set-Location -Path $env:BUILD_SRC\curl\winbuild; ` + (Get-Content MakefileBuild.vc).replace(' wldap32.lib', '') | Set-Content MakefileBuild.vc; ` set CL=/MP; ` - nmake /S; ` - nmake /S install_sw; ` - Write-Host 'OpenSSL is ready...'; + nmake /S -f Makefile.vc ` + mode=static ` + VC=17 ` + DEBUG=no ` + CC="""cl.exe /DCURL_DISABLE_LDAP /DCURL_DISABLE_LDAPS""" ` + MACHINE=$env:BUILD_ARCH ` + USE_IPV6=yes ` + ENABLE_UNICODE=yes ` + USE_IDN=no ` + GEN_PDB=no ` + WITH_SSL=static ` + SSL_PATH=$env:BUILD_OUTPUT\openssl ` + WITH_ZLIB=static ` + ZLIB_PATH=$env:BUILD_OUTPUT\zlib ` + RTLIBCFG=static; ` + ` + Move-Item -Path $env:BUILD_SRC\curl\builds\libcurl-vc17-$env:BUILD_ARCH-release-static-ssl-static-zlib-static-sspi\ -Destination $env:BUILD_OUTPUT\curl; ` + Remove-Item -Path $env:BUILD_SRC\curl\builds\* -Force -Recurse; ` + Write-Host 'Curl is ready...'; ` + ` + Write-Host 'Removing downloaded...'; ` + Remove-Item -Force -Recurse $env:TEMP\*; diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent2 b/Dockerfiles/build-base/windows/Dockerfile.agent2 index c383f08c5..3b0a61c6d 100644 --- a/Dockerfiles/build-base/windows/Dockerfile.agent2 +++ b/Dockerfiles/build-base/windows/Dockerfile.agent2 @@ -6,32 +6,38 @@ FROM $BUILD_BASE_IMAGE as builder_base ARG PCRE_VERSION=8.45 ARG OPENSSL_VERSION=1.1.1s ARG GOLANG_VERSION=1.18.8 -ARG SEVEN_ZIP_VERSION=2107 +ARG SEVEN_ZIP_VERSION=2405 + +ARG MSYSTEM=UCRT64 + ARG BUILD_ARCH=x64 ARG CPU_MODEL=AMD64 ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION}.42 -ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/16/release/vs_buildtools.exe ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/MinGit-2.33.0.2-busybox-64-bit.zip -ARG MINGW_URL=https://sourceforge.net/projects/mingw-w64/files/Toolchains%20targetting%20Win64/Personal%20Builds/mingw-builds/8.1.0/threads-win32/sjlj/x86_64-8.1.0-release-win32-sjlj-rt_v6-rev0.7z -ARG GOLANG_URL=https://golang.org/dl/go$GOLANG_VERSION.windows-amd64.msi -ARG CYGWIN_URL=https://cygwin.com/setup-x86_64.exe +ARG SEVEN_ZIP_URL=https://www.7-zip.org/a/7z$SEVEN_ZIP_VERSION-$BUILD_ARCH.msi + +ARG MINGW_URL=https://github.com/niXman/mingw-builds-binaries/releases/download/13.2.0-rt_v11-rev1/x86_64-13.2.0-release-win32-seh-ucrt-rt_v11-rev1.7z +ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/17/release/vs_buildtools.exe +ARG GOLANG_URL=https://go.dev/dl/go$GOLANG_VERSION.windows-amd64.zip +ARG MSYS2_URL=https://api.github.com/repos/msys2/msys2-installer/releases/latest + ARG PCRE_URL=https://sourceforge.net/projects/pcre/files/pcre/$PCRE_VERSION/pcre-$PCRE_VERSION.zip ARG OPENSSL_URL=https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz -ARG SEVEN_ZIP_URL=https://www.7-zip.org/a/7z$SEVEN_ZIP_VERSION-$BUILD_ARCH.msi ENV ZBX_VERSION=$ZBX_VERSION ` BUILD_ARCH=$BUILD_ARCH CPU_MODEL=$CPU_MODEL ` + GIT_URL=$GIT_URL SEVEN_ZIP_VERSION=$SEVEN_ZIP_VERSION ` + MINGW_URL=$MINGW_URL VS_BUILDTOOLS_URL=$VS_BUILDTOOLS_URL GOLANG_VERSION=$GOLANG_VERSION MSYS2_URL=$MSYS2_URL ` PCRE_VERSION=$PCRE_VERSION OPENSSL_VERSION=$OPENSSL_VERSION ` - GOLANG_VERSION=$GOLANG_VERSION SEVEN_ZIP_VERSION=$SEVEN_ZIP_VERSION ` - GIT_URL=$GIT_URL MINGW_URL=$MINGW_URL CYGWIN_URL=$CYGWIN_URL GOLANG_URL=$GOLANG_URL SEVEN_ZIP_URL=$SEVEN_ZIP_URL ` - PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL + PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL ` + CHERE_INVOKING=yes MSYSTEM=$MSYSTEM LABEL org.opencontainers.image.title="Zabbix agent 2 build base for Windows" ` org.opencontainers.image.authors="Alexey Pustovalov " ` - org.opencontainers.image.vendor="Zabbix LLC" ` + org.opencontainers.image.vendor="Zabbix SIA" ` org.opencontainers.image.url="https://zabbix.com/" ` org.opencontainers.image.description="Zabbix build base image contains all required packages to build Zabbix agent 2 images" ` org.opencontainers.image.licenses="GPL v2.0" ` @@ -41,211 +47,232 @@ LABEL org.opencontainers.image.title="Zabbix agent 2 build base for Windows" ` SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] RUN Set-Location -Path $env:SystemDrive\.; ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + ` + $env:PATH = [string]::Format('{0}\mingw64\bin;{0}\go\bin;{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;{1}\7-Zip;', $env:SystemDrive, ${env:ProgramFiles}) + $env:PATH; ` + $env:PATH = $env:PATH + [string]::Format(';{0}\msys64\usr\bin;{0}\msys64\{1}\bin', $env:SystemDrive, $env:MSYSTEM.ToLower()); ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + $env:BUILD_OUTPUT = [string]::Format('{0}\build_output', $env:SystemDrive); ` + [Environment]::SetEnvironmentVariable('BUILD_OUTPUT', $env:BUILD_OUTPUT, [EnvironmentVariableTarget]::Machine); ` + $env:BUILD_SRC = [string]::Format('{0}\build_src', $env:SystemDrive); ` + [Environment]::SetEnvironmentVariable('BUILD_SRC', $env:BUILD_SRC, [EnvironmentVariableTarget]::Machine); ` ` Write-Host ('Downloading {0} ...' -f $env:GIT_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\git.zip -Uri $env:GIT_URL; ` + Invoke-WebRequest -OutFile $env:TEMP\git.zip -Uri $env:GIT_URL; ` ` $sha256 = '273f55e881094d00877d64f56570b0c997c4da5dedcb26738d56481033c1eba1'; ` + $d_sha256 = (Get-FileHash $env:TEMP\git.zip -Algorithm sha256).Hash; ` Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\git.zip -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum GIT for Windows failed!'; ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum GIT for Windows ({0}) failed!' -f $d_sha256); ` exit 1; ` }; ` ` - Write-Host 'Installing ...'; ` - Expand-Archive -Path git.zip -DestinationPath $env:SystemDrive\git\.; ` + Write-Host ('Downloading {0} ...' -f $env:SEVEN_ZIP_URL); ` + Invoke-WebRequest -OutFile $env:TEMP\7z.msi -Uri $env:SEVEN_ZIP_URL; ` + ` + $sha256 = '0F6AA6596D418B1694F62C8583DE05D24589B8D7FFACCE5A7DAB52AE71F832B6'; ` + $d_sha256 = (Get-FileHash $env:TEMP\7z.msi -Algorithm sha256).Hash; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum 7-zip ({0}) failed!' -f $d_sha256); ` + exit 1; ` + }; ` + ` + Write-Host ('Downloading {0} ...' -f $env:GOLANG_URL); ` + Invoke-WebRequest -OutFile $env:TEMP\go_lang.zip -Uri $env:GOLANG_URL; ` + ` + $sha256 = '980788761e75ed33ffc4f2a7a3ff07cd90949bd023eb1a8d855ef0b5de9cbcba'; ` + $d_sha256 = (Get-FileHash $env:TEMP\go_lang.zip -Algorithm sha256).Hash; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum Go Lang ({0}) failed!' -f $d_sha256); ` + exit 1; ` + }; ` + ` + Write-Host ('Downloading {0} ...' -f $env:MINGW_URL); ` + Invoke-WebRequest -OutFile $env:TEMP\mingw.7z -Uri $env:MINGW_URL; ` + ` + $sha256 = '74ca64c55220edd3196681782fbff653c2b9cb4f427f9e532ab6e9a0823dc997'; ` + $d_sha256 = (Get-FileHash $env:TEMP\mingw.7z -Algorithm sha256).Hash; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum Mingw-w64 ({0}) failed!' -f $d_sha256); ` + exit 1; ` + }; ` + ` + Write-Host ('Downloading {0} ...' -f $env:MSYS2_URL); ` + Invoke-WebRequest -OutFile $env:TEMP\msys2.sfx.exe -Uri $(Invoke-RestMethod -UseBasicParsing $env:MSYS2_URL | ` + Select -ExpandProperty "assets" | ` + Select -ExpandProperty "browser_download_url" | ` + Select-String -Pattern '.sfx.exe$').ToString(); ` + ` + $sha256 = 'D96C53ECBFA4B9D81F6C58077965BB2E31472A8BDA4D4446EF8F45F9C601B11D'; ` + $d_sha256 = (Get-FileHash $env:TEMP\msys2.sfx.exe -Algorithm sha256).Hash; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum MSYS2 ({0}) failed!' -f $d_sha256); ` +# exit 1; ` + }; ` + ` + Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` + Invoke-WebRequest -OutFile $env:TEMP\vs_buildtools.exe $env:VS_BUILDTOOLS_URL; ` + ` + Write-Host 'Installing GIT...'; ` + Expand-Archive ` + -Path $env:TEMP\git.zip ` + -DestinationPath $env:SystemDrive\git\.; ` Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\git.zip; ` - $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` ` Write-Host 'Verifying install ("git version") ...'; ` git version; ` ` - Write-Host ('Downloading {0} ...' -f $env:GOLANG_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\go-amd64.msi -Uri $env:GOLANG_URL; ` - $sha256 = '6d38668862bf9772c0c1c1e0f26aa5dedea9825b33f763b81ccc4aa63df2cef9'; ` - ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\go-amd64.msi -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum Go Lang failed!'; ` - exit 1; ` - }; ` - Write-Host 'Installing ...'; ` + Write-Host 'Installing 7z...'; ` Start-Process ` - -FilePath $env:SystemDrive\go-amd64.msi ` + -FilePath $env:TEMP\7z.msi ` -Wait ` -ArgumentList '/qn /norestart'; ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\go-amd64.msi; ` - ` - $env:PATH = [string]::Format('{0}\Go\bin;', ${env:ProgramFiles}) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - Write-Host 'Verifying install ("go version") ...'; ` - go version; ` - ` - Write-Host ('Downloading {0} ...' -f $env:SEVEN_ZIP_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\7z.msi -Uri $env:SEVEN_ZIP_URL; ` - ` - $sha256 = '5447C9AC39C48F1BC7C88359B0520396A8C9707B307C107236A93A68E6FD3EB6'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\7z.msi -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum 7-zip failed!'; ` - exit 1; ` - }; ` - ` - Write-Host 'Installing ...'; ` - Start-Process ` - -FilePath $env:SystemDrive\7z.msi ` - -Wait ` - -ArgumentList '/qn /norestart'; ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\7z.msi; ` - $env:PATH = [string]::Format('{0}\7-Zip;', ${env:ProgramFiles}) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` ` Write-Host 'Verifying install ("7z -h") ...'; ` 7z -h | Select -first 2; ` ` - Write-Host ('Downloading {0} ...' -f $env:MINGW_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - (new-object System.Net.WebClient).DownloadFile("""$env:MINGW_URL""","""$env:SystemDrive\mingw.7z"""); ` + Write-Host 'Installing Go Lang...'; ` + Expand-Archive -Path $env:TEMP\go_lang.zip -DestinationPath $env:SystemDrive\; ` ` - $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\mingw.7z -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum Mingw-w64 failed!'; ` - exit 1; ` - }; ` + Write-Host 'Verifying install ("go version") ...'; ` + go version; ` ` - Write-Host 'Installing ...'; ` - 7z x $env:SystemDrive\mingw.7z; ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\mingw.7z; ` - $env:PATH = [string]::Format('{0}\mingw64\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + Write-Host 'Installing Mingw-w64...'; ` + 7z x $env:TEMP\mingw.7z; ` + compact /c /i /s:$env:SystemDrive\mingw64 | Out-Null; ` ` - Write-Host 'Verifying install ("mingw32-make -v") ...'; ` - mingw32-make -v; ` + Write-Host 'Verifying install ("gcc -v") ...'; ` + gcc -v; ` ` - Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\vs_buildtools.exe $env:VS_BUILDTOOLS_URL; ` + Write-Host 'Installing MSYS2...'; ` + & $env:TEMP\msys2.sfx.exe -y -o"""$env:SystemDrive\""" | Out-Null; ` + bash -lc 'pacman --noprogressbar --noconfirm -Syuu'; ` + bash -lc 'pacman --noprogressbar --noconfirm -Syuu'; ` + bash -lc 'pacman --noprogressbar --sync --quiet --noconfirm mingw-w64-ucrt-x86_64-cmake'; ` + bash -lc 'pacman --noprogressbar --noconfirm -Scc'; ` + bash -lc 'rm -rf /usr/share/man/* /usr/share/doc/* /usr/share/locale/*'; ` + bash -lc 'rm -rf /$MSYSTEM/usr/share/man/* /$MSYSTEM/usr/share/doc/* /$MSYSTEM/usr/share/locale/*'; ` + bash -lc 'rm -rf /$MSYSTEM/share/man/* /$MSYSTEM/share/doc/* /$MSYSTEM/share/locale/*'; ` + bash -lc 'rm -rf /var/cache/pacman/pkg/*'; ` + taskkill /F /FI 'MODULES eq msys-2.0.dll' | Out-Null; ` + compact /c /i /s:$env:SystemDrive\msys64 | Out-Null; ` + ` + Write-Host 'Verifying install ("bash --version") ...'; ` + bash --version; ` ` Write-Host ('{0} - Visual Studio components installing...' -f $(Get-Date -format 'u')); ` - cmd /C start /w $env:SystemDrive\vs_buildtools.exe ` + cmd /C start /w $env:TEMP\vs_buildtools.exe ` --quiet ` --wait ` --norestart ` --nocache ` - --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` - --channelUri https://aka.ms/vs/16/release/channel ` - --installChannelUri https://aka.ms/vs/16/release/channel ` - --channelId VisualStudio.16.Release ` - # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 - --add Microsoft.VisualStudio.Component.VC.CMake.Project; ` + --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2022\BuildTools""" ` + --channelUri https://aka.ms/vs/17/release/channel ` + --installChannelUri https://aka.ms/vs/17/release/channel ` + --channelId VisualStudio.17.Release ` + # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2022 + --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64; ` if ($err = dir $Env:TEMP -Filter dd_setup_*_errors.log | where Length -gt 0 | Get-Content) { ` throw $err; ` }; ` Wait-Process -name msiexec; ` Write-Host ('{0} - Visual Studio components installed' -f $(Get-Date -format 'u')); ` ` - Write-Host 'Visual Studio components installation cleanup'; ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\vs_buildtools.exe; ` - Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force -Recurse; ` - Remove-Item -Force -Recurse $env:TEMP\*; ` - Write-Host 'Build environment is ready...'; - -RUN Set-Location -Path $env:SystemDrive\.; ` + $env:VS_PATH = &(Join-Path ${env:ProgramFiles(x86)} """\Microsoft Visual Studio\Installer\vswhere.exe""") -latest -products Microsoft.VisualStudio.Product.BuildTools -property installationPath; ` + [Environment]::SetEnvironmentVariable('VS_PATH', $env:VS_PATH, [EnvironmentVariableTarget]::Machine); ` ` - Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` - Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + Write-Host 'Visual Studio components installation cleanup'; ` + Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force -Recurse; ` + ` + Write-Host 'Removing downloaded...'; ` + Remove-Item -Force -Recurse $env:TEMP\*; ` + Write-Host 'Build environment is ready...'; ` + ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + ` + New-Item -ItemType directory -Path $env:BUILD_OUTPUT -Force | Out-Null; ` + New-Item -ItemType directory -Path $env:BUILD_SRC -Force | Out-Null; ` + Set-Location -Path $env:BUILD_SRC; ` ` Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - (new-object System.Net.WebClient).DownloadFile("""$env:PCRE_URL""","""$env:SystemDrive\pcre.zip"""); ` + Invoke-WebRequest -OutFile $env:TEMP\pcre.zip -Uri $env:PCRE_URL; ` ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` - if ((Get-FileHash $env:SystemDrive\pcre.zip -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum PCRE library failed!'; ` + $d_sha256 = (Get-FileHash $env:TEMP\pcre.zip -Algorithm sha256).Hash; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum PCRE library ({0}) failed!' -f $d_sha256); ` exit 1; ` }; ` - Write-Host 'Extracting archive ...'; ` - Expand-Archive -Path $env:SystemDrive\pcre.zip -DestinationPath $env:SystemDrive; ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\pcre.zip; ` - Rename-Item -Path $env:SystemDrive\pcre-$env:PCRE_VERSION -NewName $env:SystemDrive\pcre_build; ` ` - Set-Location -Path $env:SystemDrive\pcre_build; ` + Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` + Invoke-WebRequest -OutFile $env:TEMP\openssl.tar.gz -Uri $env:OPENSSL_URL; ` + ` + $sha256 = '6ae015467dabf0469b139ada93319327be24b98251ffaeceda0221848dc09262'; ` + $d_sha256 = (Get-FileHash $env:TEMP\openssl.tar.gz -Algorithm sha256).Hash; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ($d_sha256 -ne $sha256) { ` + Write-Host ('Checksum OpenSSL library ({0}) failed!' -f $d_sha256); ` + exit 1; ` + }; ` + ` + Write-Host 'Extracting PCRE archive ...'; ` + Expand-Archive -Path $env:TEMP\pcre.zip -DestinationPath $env:BUILD_SRC; ` + ` + Write-Host 'Removing downloaded ...'; ` + Remove-Item -Force -Path $env:TEMP\pcre.zip; ` + Rename-Item -Path $env:BUILD_SRC\pcre-$env:PCRE_VERSION -NewName $env:BUILD_SRC\pcre; ` + ` + Write-Host 'Extracting OpenSSL archive ...'; ` + $env:SystemDirectory = [Environment]::SystemDirectory; ` + tar -zxf "$env:TEMP\openssl.tar.gz"; ` + ` + Write-Host 'Removing downloaded...'; ` + Remove-Item -Force -Path $env:TEMP\openssl.tar.gz; ` + Rename-Item -Path $env:BUILD_SRC\openssl-$env:OPENSSL_VERSION -NewName $env:BUILD_SRC\openssl; ` + ` Write-Host 'Building PCRE library ...'; ` + Set-Location -Path $env:BUILD_SRC\pcre; ` cmake --log-level=ERROR ` -G 'MinGW Makefiles' ` -DBUILD_SHARED_LIBS=OFF ` + -DBUILD_STATIC_LIBS=ON ` + -DPCRE_DEBUG=OFF ` + -DPCRE_BUILD_TESTS=OFF ` + -DINSTALL_MSVC_PDB=OFF ` -DCMAKE_C_COMPILER=gcc ` -DCMAKE_C_FLAGS='-O2 -g' ` - -DCMAKE_CXX_FLAGS='-O2 -g' ` - -DCMAKE_INSTALL_PREFIX="""$env:SystemDrive\pcre_output""" . ; ` + -DCMAKE_INSTALL_PREFIX="""$env:BUILD_OUTPUT\pcre""" . ; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install; ` - Write-Host 'PCRE is ready...'; - -RUN Set-Location -Path $env:SystemDrive\.; ` - ` - Write-Host ('Downloading {0} ...' -f $env:CYGWIN_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - (New-Object Net.WebClient).DownloadFile("""$env:CYGWIN_URL""", """$env:SystemDrive\setup.exe"""); ` - ` - $sha256 = '3d9e0143268f52aecaff76f81553c880ec9a353eb5a6e22bd6d34bad8251710c'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\setup.exe -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum Cygwin failed!'; ` - exit 1; ` - }; ` - Write-Host 'Installing ...'; ` - Start-Process $env:SystemDrive\setup.exe ` - -ArgumentList """-qnNdO -a x86_64 -R $env:SystemDrive\cygwin --site http://cygwin.mirror.constant.com -l $env:SystemDrive\cygwin\var\cache\setup --packages perl""" ` - -Wait ` - -NoNewWindow; ` - ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\setup.exe; ` - Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\openssl.tar.gz -Uri $env:OPENSSL_URL; ` - ` - $sha256 = 'c5ac01e760ee6ff0dab61d6b2bbd30146724d063eb322180c6f18a6f74e4b6aa'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\openssl.tar.gz -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum OpenSSL library failed!'; ` - exit 1; ` - }; ` - ` - Write-Host 'Extracting archive ...'; ` - tar -zxf $env:SystemDrive\openssl.tar.gz; ` - Write-Host 'Removing downloaded...'; ` - Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` - Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` + mingw32-make -s clean | Out-Null; ` + Remove-Item -Path $env:BUILD_OUTPUT\pcre\man -Force -Recurse; ` + Remove-Item -Path $env:BUILD_OUTPUT\pcre\share -Force -Recurse; ` + Write-Host 'PCRE is ready...'; ` ` Write-Host 'Building OpenSSL library...'; ` - Set-Location -Path $env:SystemDrive\openssl_build; ` - $env:PATH+=""";$env:SystemDrive\cygwin\bin"""; ` + Set-Location -Path $env:BUILD_SRC\openssl; ` perl Configure ` mingw64 ` no-shared ` no-ui-console ` no-tests ` -# enable-capieng ` + no-unit-test ` no-capieng ` --api=1.1.0 ` - --prefix=$env:SystemDrive\openssl_output ` - --openssldir=$env:SystemDrive\openssl_output_ssl; ` - mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` - mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install_sw; ` + --libdir=lib ` + --prefix=$env:BUILD_OUTPUT/openssl ` + --openssldir=$env:BUILD_OUTPUT/openssl_ssl; ` + mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" build_sw; ` + mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install_dev; ` + mingw32-make -s clean | Out-Null; ` Write-Host 'OpenSSL is ready...'; ` - Write-Host 'Removing cygwin...'; ` - Remove-Item -Recurse -Force -Path $env:SystemDrive\cygwin; + ` + Write-Host 'Removing downloaded...'; ` + Remove-Item -Force -Recurse $env:TEMP\*; diff --git a/Dockerfiles/build-mysql/windows/Dockerfile.agent b/Dockerfiles/build-mysql/windows/Dockerfile.agent index 646db689c..dbc60f437 100644 --- a/Dockerfiles/build-mysql/windows/Dockerfile.agent +++ b/Dockerfiles/build-mysql/windows/Dockerfile.agent @@ -6,11 +6,16 @@ ARG BUILD_BASE_IMAGE=zabbix-build-base:ltsc2022-agent-${ZBX_VERSION} FROM ${BUILD_BASE_IMAGE} as builder +SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] + ARG MAJOR_VERSION ARG ZBX_VERSION ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ARG GIT_BRANCH ARG ZABBIX_VERSION_RC_NUM=2400 -ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION ZABBIX_VERSION_RC_NUM=$ZABBIX_VERSION_RC_NUM + +ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION GIT_BRANCH=${GIT_BRANCH:-$ZBX_VERSION} ` + ZABBIX_VERSION_RC_NUM=$ZABBIX_VERSION_RC_NUM LABEL org.opencontainers.image.title="Zabbix agent build (Windows)" ` org.opencontainers.image.authors="Alexey Pustovalov " ` @@ -26,39 +31,41 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref RUN Set-Location -Path $env:SystemDrive\.; ` ` - Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` - Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix_src | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix_output | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix_output\sbin | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix_output\bin | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix_output\conf | Out-Null; ` ` - Write-Host ('Checkout GIT {0} ({1}) repository ...' -f $env:ZBX_SOURCES, $env:ZBX_VERSION); ` - git -c advice.detachedHead=false clone $env:ZBX_SOURCES --branch $env:ZBX_VERSION --depth 1 --single-branch $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` + Import-Module (Get-ChildItem $env:VS_PATH -Recurse -File -Filter Microsoft.VisualStudio.DevShell.dll).FullName; ` + Enter-VsDevShell -VsInstallPath $env:VS_PATH -SkipAutomaticLocation -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + ` + Write-Host ('Checkout GIT {0} ({1}) repository ...' -f $env:ZBX_SOURCES, $env:GIT_BRANCH); ` + git -c advice.detachedHead=false clone $env:ZBX_SOURCES --branch $env:GIT_BRANCH --depth 1 --single-branch $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION; ` ` Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` - Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` + Set-Location -Path $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION; ` $ZbxRevision=(git rev-parse --short HEAD); ` (Get-Content include/version.h).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content include/version.h; ` - Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\build\win32\project; ` + Set-Location -Path $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION\build\win32\project; ` set CL=/MP; ` nmake /S -f Makefile ` CPU=$env:CPU_MODEL ` - CFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision""" ` - PCREINCDIR=$env:SystemDrive\pcre_build\build ` - PCRELIBDIR=$env:SystemDrive\pcre_build\build\Release TLS=openssl ` + CFLAGS="""/D CURL_STATICLIB /D HAVE_LIBCURL /I "$env:BUILD_OUTPUT\curl\include" /D ZABBIX_VERSION_REVISION=$ZbxRevision /D DEFAULT_CONFIG_FILE=$env:SystemDrive\zabbix\conf\zabbix_agentd.conf""" ` + PCREINCDIR=$env:SystemDrive\build_output\pcre\include ` + PCRELIBDIR=$env:SystemDrive\build_output\pcre\lib TLS=openssl ` RFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D ZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM""" ` -# LIBS="Crypt32.lib" ` - TLSINCDIR=$env:SystemDrive\openssl_output\include ` - TLSLIBDIR=$env:SystemDrive\openssl_output\lib ` + TLSINCDIR=$env:BUILD_OUTPUT\openssl\include ` + TLSLIBDIR=$env:BUILD_OUTPUT\openssl\lib ` + LIBS="""$env:LIBS $env:BUILD_OUTPUT\curl\lib\libcurl_a.lib $env:BUILD_OUTPUT\zlib\lib\zlib.lib""" ` all; ` ` Write-Host 'Verifying build ("zabbix_agentd.exe -V") ...'; ` - & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe -V; ` - dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe; ` + & $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe -V; ` + dumpbin /dependents $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe; ` ` - New-Item -ItemType directory -Path $env:SystemDrive\zabbix | Out-Null; ` - New-Item -ItemType directory -Path $env:SystemDrive\zabbix\sbin | Out-Null; ` - New-Item -ItemType directory -Path $env:SystemDrive\zabbix\conf | Out-Null; ` - ` - Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe $env:SystemDrive\zabbix\sbin; ` - Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_get.exe $env:SystemDrive\zabbix\sbin; ` - Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_sender.exe $env:SystemDrive\zabbix\sbin; ` - Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\conf\zabbix_agentd.win.conf $env:SystemDrive\zabbix\conf; ` + Copy-Item -Path $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe $env:SystemDrive\zabbix_output\sbin; ` + Copy-Item -Path $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_get.exe $env:SystemDrive\zabbix_output\bin; ` + Copy-Item -Path $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_sender.exe $env:SystemDrive\zabbix_output\bin; ` + Copy-Item -Path $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION\conf\zabbix_agentd.win.conf $env:SystemDrive\zabbix_output\conf\zabbix_agentd.conf; ` Write-Host 'Zabbix binaries are compiled...'; diff --git a/Dockerfiles/build-mysql/windows/Dockerfile.agent2 b/Dockerfiles/build-mysql/windows/Dockerfile.agent2 index 605030360..e3925a243 100644 --- a/Dockerfiles/build-mysql/windows/Dockerfile.agent2 +++ b/Dockerfiles/build-mysql/windows/Dockerfile.agent2 @@ -12,7 +12,9 @@ ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION}.42 ARG ZABBIX_VERSION_RC_NUM=2400 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION + +ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION GIT_BRANCH=${GIT_BRANCH:-$ZBX_VERSION} + ZABBIX_VERSION_RC_NUM=$ZABBIX_VERSION_RC_NUM LABEL org.opencontainers.image.title="Zabbix agent 2 build (Windows)" ` org.opencontainers.image.authors="Alexey Pustovalov " ` @@ -26,31 +28,37 @@ LABEL org.opencontainers.image.title="Zabbix agent 2 build (Windows)" ` RUN Set-Location -Path $env:SystemDrive\.; ` ` - Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` - Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix_src | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix_output | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix_output\sbin | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix_output\conf | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix_output\conf\zabbix_agentd.d | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix_output\zabbix-agent2-plugin | Out-Null; ` ` - Write-Host ('Checkout GIT {0} ({1}) repository ...' -f $env:ZBX_SOURCES, $env:ZBX_VERSION); ` - git -c advice.detachedHead=false clone $env:ZBX_SOURCES --branch $env:ZBX_VERSION --depth 1 --single-branch $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` + Import-Module (Get-ChildItem $env:VS_PATH -Recurse -File -Filter Microsoft.VisualStudio.DevShell.dll).FullName; ` + Enter-VsDevShell -VsInstallPath $env:VS_PATH -SkipAutomaticLocation -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + ` + Write-Host ('Checkout GIT {0} ({1}) repository ...' -f $env:ZBX_SOURCES, $env:GIT_BRANCH); ` + git -c advice.detachedHead=false clone $env:ZBX_SOURCES --branch $env:GIT_BRANCH --depth 1 --single-branch $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION; ` ` Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` - Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` + Set-Location -Path $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION; ` $ZbxRevision=(git rev-parse --short HEAD); ` + (Get-Content include\version.h).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content include\version.h; ` (Get-Content src\go\pkg\version\version.go).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content src\go\pkg\version\version.go; ` - Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\build\mingw; ` - mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" ` -# CGO_LDFLAGS="""-lssl -lcrypto -lcrypt32 -L$env:SystemDrive\openssl_output\lib -L$env:SystemDrive\pcre_output\lib""" ` - PCRE=$env:SystemDrive\pcre_output ` - OPENSSL=$env:SystemDrive\openssl_output ` + Set-Location -Path $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION\build\mingw; ` + mingw32-make -j"""$env:NUMBER_OF_PROCESSORS""" ` +# CGO_LDFLAGS="""-lcrypt32 -L$env:BUILD_OUTPUT\openssl\lib -L$env:BUILD_OUTPUT\pcre\lib""" ` + PCRE=$env:BUILD_OUTPUT\pcre ` + OPENSSL=$env:BUILD_OUTPUT\openssl ` RFLAGS="""-DZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM"""; ` ` Write-Host 'Verifying build ("zabbix_agent2.exe -V") ...'; ` - & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe -V; ` - dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe; ` + & $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe -V; ` + dumpbin /dependents $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe; ` ` - New-Item -ItemType directory -Path $env:SystemDrive\zabbix2 | Out-Null; ` - New-Item -ItemType directory -Path $env:SystemDrive\zabbix2\sbin | Out-Null; ` - New-Item -ItemType directory -Path $env:SystemDrive\zabbix2\conf | Out-Null; ` + Copy-Item -Path $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe $env:SystemDrive\zabbix_output\sbin; ` + Copy-Item -Path $env:SystemDrive\zabbix_src\zabbix-$env:ZBX_VERSION\src\go\conf\zabbix_agent2.win.conf $env:SystemDrive\zabbix_output\conf\zabbix_agent2.conf; ` + mingw32-make -s clean; ` ` - Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe $env:SystemDrive\zabbix2\sbin; ` - Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\src\go\conf\zabbix_agent2.win.conf $env:SystemDrive\zabbix2\conf; ` Write-Host 'Zabbix binaries are compiled...'; From c0c14dd368c77feb42142894f2812ca72f8771e0 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 21 May 2024 18:30:18 +0900 Subject: [PATCH 2/4] Updated build process for Zabbix agent (windows) --- .github/workflows/base_images_build_windows.yml | 5 +++-- .github/workflows/images_build_windows.yml | 13 +++++++++---- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/.github/workflows/base_images_build_windows.yml b/.github/workflows/base_images_build_windows.yml index 099e23e3b..ea37fc778 100644 --- a/.github/workflows/base_images_build_windows.yml +++ b/.github/workflows/base_images_build_windows.yml @@ -12,6 +12,7 @@ on: schedule: - cron: '0 10 * * 2,5' workflow_dispatch: + workflow_call: defaults: run: @@ -323,5 +324,5 @@ jobs: - name: Cache image digest uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 with: - path: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }}_${{ needs.init_build.outputs.current_branch }} - key: ${{ env.BASE_IMAGE_NAME }}-${{ matrix.os }} + path: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }} + key: ${{ env.BASE_IMAGE_NAME }}-${{ matrix.os }}-${{ needs.init_build.outputs.current_branch }} diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index a205085cb..9207bc6d4 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -140,6 +140,13 @@ jobs: echo "current_branch=$github_ref" >> $GITHUB_OUTPUT echo "sha_short=$sha_short" >> $GITHUB_OUTPUT + build_base: + uses: ./.github/workflows/base_images_build_windows.yml + if: ${{ github.event_name == 'release' }} + permissions: + contents: read + id-token: write + build_components: name: Build ${{ matrix.component }} sources on ${{ matrix.os }} needs: [ "init_build" ] @@ -208,10 +215,8 @@ jobs: - name: Download SHA256 tag of ${{ env.BASE_IMAGE_NAME }}:${{ matrix.os }} uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 with: - path: | - ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }}_${{ needs.init_build.outputs.sha_short }} - ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }}_${{ needs.init_build.outputs.current_branch }} - key: ${{ env.BASE_IMAGE_NAME }}-${{ matrix.os }} + path: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }} + key: ${{ env.BASE_IMAGE_NAME }}-${{ matrix.os }}-${{ needs.init_build.outputs.current_branch }} fail-on-cache-miss: true - name: Retrieve ${{ env.BASE_IMAGE_NAME }}:${{ matrix.os }} SHA256 tag From fdb68c342400dc39788bb20a151625d65ba2a210 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 21 May 2024 19:45:53 +0900 Subject: [PATCH 3/4] Update LLC to SIA. New Windows agent workflow --- .github/workflows/images_build_rhel.yml | 18 +++++++++++++++--- Dockerfiles/agent/alpine/Dockerfile | 2 +- Dockerfiles/agent/centos/Dockerfile | 2 +- Dockerfiles/agent/ol/Dockerfile | 2 +- Dockerfiles/agent/rhel/Dockerfile | 4 ++-- Dockerfiles/agent/ubuntu/Dockerfile | 2 +- Dockerfiles/agent/windows/Dockerfile | 2 +- Dockerfiles/agent2/alpine/Dockerfile | 2 +- Dockerfiles/agent2/centos/Dockerfile | 2 +- Dockerfiles/agent2/ol/Dockerfile | 2 +- Dockerfiles/agent2/rhel/Dockerfile | 4 ++-- Dockerfiles/agent2/ubuntu/Dockerfile | 2 +- Dockerfiles/agent2/windows/Dockerfile | 2 +- Dockerfiles/build-base/alpine/Dockerfile | 2 +- Dockerfiles/build-base/centos/Dockerfile | 2 +- Dockerfiles/build-base/ol/Dockerfile | 2 +- Dockerfiles/build-base/rhel/Dockerfile | 4 ++-- Dockerfiles/build-base/ubuntu/Dockerfile | 2 +- .../build-base/windows/Dockerfile.agent | 2 +- Dockerfiles/build-mysql/alpine/Dockerfile | 2 +- Dockerfiles/build-mysql/centos/Dockerfile | 2 +- Dockerfiles/build-mysql/ol/Dockerfile | 2 +- Dockerfiles/build-mysql/rhel/Dockerfile | 4 ++-- Dockerfiles/build-mysql/ubuntu/Dockerfile | 2 +- .../build-mysql/windows/Dockerfile.agent | 2 +- .../build-mysql/windows/Dockerfile.agent2 | 2 +- Dockerfiles/build-pgsql/alpine/Dockerfile | 2 +- Dockerfiles/build-pgsql/centos/Dockerfile | 2 +- Dockerfiles/build-pgsql/ol/Dockerfile | 2 +- Dockerfiles/build-pgsql/ubuntu/Dockerfile | 2 +- Dockerfiles/build-sqlite3/alpine/Dockerfile | 2 +- Dockerfiles/build-sqlite3/centos/Dockerfile | 2 +- Dockerfiles/build-sqlite3/ol/Dockerfile | 2 +- Dockerfiles/build-sqlite3/rhel/Dockerfile | 4 ++-- Dockerfiles/build-sqlite3/ubuntu/Dockerfile | 2 +- Dockerfiles/java-gateway/alpine/Dockerfile | 2 +- Dockerfiles/java-gateway/centos/Dockerfile | 2 +- Dockerfiles/java-gateway/ol/Dockerfile | 2 +- Dockerfiles/java-gateway/rhel/Dockerfile | 4 ++-- Dockerfiles/java-gateway/ubuntu/Dockerfile | 2 +- Dockerfiles/proxy-mysql/alpine/Dockerfile | 2 +- Dockerfiles/proxy-mysql/centos/Dockerfile | 2 +- Dockerfiles/proxy-mysql/ol/Dockerfile | 2 +- Dockerfiles/proxy-mysql/rhel/Dockerfile | 4 ++-- Dockerfiles/proxy-mysql/ubuntu/Dockerfile | 2 +- Dockerfiles/proxy-sqlite3/alpine/Dockerfile | 2 +- Dockerfiles/proxy-sqlite3/centos/Dockerfile | 2 +- Dockerfiles/proxy-sqlite3/ol/Dockerfile | 2 +- Dockerfiles/proxy-sqlite3/rhel/Dockerfile | 4 ++-- Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile | 2 +- Dockerfiles/server-mysql/alpine/Dockerfile | 2 +- Dockerfiles/server-mysql/centos/Dockerfile | 2 +- Dockerfiles/server-mysql/ol/Dockerfile | 2 +- Dockerfiles/server-mysql/rhel/Dockerfile | 4 ++-- Dockerfiles/server-mysql/ubuntu/Dockerfile | 2 +- Dockerfiles/server-pgsql/alpine/Dockerfile | 2 +- Dockerfiles/server-pgsql/centos/Dockerfile | 2 +- Dockerfiles/server-pgsql/ol/Dockerfile | 2 +- Dockerfiles/server-pgsql/ubuntu/Dockerfile | 2 +- Dockerfiles/snmptraps/alpine/Dockerfile | 2 +- Dockerfiles/snmptraps/centos/Dockerfile | 2 +- Dockerfiles/snmptraps/ol/Dockerfile | 2 +- Dockerfiles/snmptraps/rhel/Dockerfile | 4 ++-- Dockerfiles/snmptraps/ubuntu/Dockerfile | 2 +- Dockerfiles/web-apache-mysql/alpine/Dockerfile | 2 +- Dockerfiles/web-apache-mysql/centos/Dockerfile | 2 +- Dockerfiles/web-apache-mysql/ol/Dockerfile | 2 +- Dockerfiles/web-apache-mysql/ubuntu/Dockerfile | 2 +- Dockerfiles/web-apache-pgsql/alpine/Dockerfile | 2 +- Dockerfiles/web-apache-pgsql/centos/Dockerfile | 2 +- Dockerfiles/web-apache-pgsql/ol/Dockerfile | 2 +- Dockerfiles/web-apache-pgsql/ubuntu/Dockerfile | 2 +- Dockerfiles/web-nginx-mysql/alpine/Dockerfile | 2 +- Dockerfiles/web-nginx-mysql/centos/Dockerfile | 2 +- Dockerfiles/web-nginx-mysql/ol/Dockerfile | 2 +- Dockerfiles/web-nginx-mysql/rhel/Dockerfile | 4 ++-- Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile | 2 +- Dockerfiles/web-nginx-pgsql/alpine/Dockerfile | 2 +- Dockerfiles/web-nginx-pgsql/centos/Dockerfile | 2 +- Dockerfiles/web-nginx-pgsql/ol/Dockerfile | 2 +- Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile | 2 +- 81 files changed, 106 insertions(+), 94 deletions(-) diff --git a/.github/workflows/images_build_rhel.yml b/.github/workflows/images_build_rhel.yml index 6f84de1e1..13a4909ed 100644 --- a/.github/workflows/images_build_rhel.yml +++ b/.github/workflows/images_build_rhel.yml @@ -20,6 +20,9 @@ on: required: true default: false type: boolean + trunk_version: + description: 'Specify trunk major version' + type: string defaults: run: @@ -30,7 +33,7 @@ permissions: env: TRUNK_ONLY_EVENT: ${{ contains(fromJSON('["schedule"]'), github.event_name) }} - AUTO_PUSH_IMAGES: ${{ ! contains(fromJSON('["workflow_dispatch", "push"]'), github.event_name) && vars.AUTO_PUSH_IMAGES }} + AUTO_PUSH_IMAGES: ${{ (! contains(fromJSON('["push"]'), github.event_name) && vars.AUTO_PUSH_IMAGES) || (contains(fromJSON('["workflow_dispatch"]'), github.event_name) && inputs.publish_images == 'true' ) }} LATEST_BRANCH: ${{ github.event.repository.default_branch }} TRUNK_GIT_BRANCH: "refs/heads/trunk" @@ -139,6 +142,7 @@ jobs: env: LATEST_BRANCH: ${{ env.LATEST_BRANCH }} github_ref: ${{ github.ref }} + TRUNK_MAJOR_VERSION: ${{ inputs.trunk_version }} run: | result=false sha_short=$(git rev-parse --short HEAD) @@ -156,13 +160,21 @@ jobs: echo "::group::Branch metadata" echo "is_default_branch - $result" echo "current_branch - $github_ref" - echo "secret_prefix=RHEL_${github_ref//.}" + if [ "${github_ref//.}" == "trunk" ] && [ ! -z "$TRUNK_MAJOR_VERSION" ]; then + echo "secret_prefix=RHEL_${TRUNK_MAJOR_VERSION//.}" + else + echo "secret_prefix=RHEL_${github_ref//.}" + fi echo "sha_short - $sha_short" echo "::endgroup::" echo "is_default_branch=$result" >> $GITHUB_OUTPUT echo "current_branch=$github_ref" >> $GITHUB_OUTPUT - echo "secret_prefix=RHEL_${github_ref//.}" >> $GITHUB_OUTPUT + if [ "${github_ref//.}" == "trunk" ] && [ ! -z "$TRUNK_MAJOR_VERSION" ]; then + echo "secret_prefix=RHEL_${TRUNK_MAJOR_VERSION//.}" >> $GITHUB_OUTPUT + else + echo "secret_prefix=RHEL_${github_ref//.}" >> $GITHUB_OUTPUT + fi echo "sha_short=$sha_short" >> $GITHUB_OUTPUT - name: Cleanup existing cache diff --git a/Dockerfiles/agent/alpine/Dockerfile b/Dockerfiles/agent/alpine/Dockerfile index ed11a898b..2708f93dc 100644 --- a/Dockerfiles/agent/alpine/Dockerfile +++ b/Dockerfiles/agent/alpine/Dockerfile @@ -21,7 +21,7 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov Date: Tue, 21 May 2024 22:10:46 +0900 Subject: [PATCH 4/4] Revert multiworkflow implementation for Windows images --- .../workflows/base_images_build_windows.yml | 328 ------------------ .github/workflows/images_build_windows.yml | 191 +++++++++- 2 files changed, 186 insertions(+), 333 deletions(-) delete mode 100644 .github/workflows/base_images_build_windows.yml diff --git a/.github/workflows/base_images_build_windows.yml b/.github/workflows/base_images_build_windows.yml deleted file mode 100644 index ea37fc778..000000000 --- a/.github/workflows/base_images_build_windows.yml +++ /dev/null @@ -1,328 +0,0 @@ -name: Build base images (DockerHub, Windows) - -on: - push: - branches: - - '[0-9]+.[0-9]+' - - 'trunk' - paths: - - 'Dockerfiles/build-base/windows/*' - - '!**/README.md' - - '.github/workflows/base_images_build_windows.yml' - schedule: - - cron: '0 10 * * 2,5' - workflow_dispatch: - workflow_call: - -defaults: - run: - shell: pwsh - -permissions: - contents: read - -env: - TRUNK_ONLY_EVENT: ${{ contains(fromJSON('["schedule"]'), github.event_name) }} - AUTO_PUSH_IMAGES: ${{ vars.AUTO_PUSH_IMAGES }} - - DOCKER_REPOSITORY: ${{ vars.DOCKER_REPOSITORY }} - LATEST_BRANCH: ${{ github.event.repository.default_branch }} - TRUNK_GIT_BRANCH: "refs/heads/trunk" - IMAGES_PREFIX: "zabbix-" - - MSFT_BASE_BUILD_IMAGE: "mcr.microsoft.com/windows/servercore" - PWSH_BASE_IMAGE_NAME: "mcr.microsoft.com/powershell" - PWSH_BASE_IMAGE_PREFIX: "lts-nanoserver-" - - BASE_IMAGE_NAME: "build-base" - BASE_BUILD_IMAGE_NAME: "build-mysql" - - MATRIX_FILE: "build.json" - DOCKERFILES_DIRECTORY: "Dockerfiles" - - OIDC_ISSUER: "https://token.actions.githubusercontent.com" - IDENITY_REGEX: "https://github.com/zabbix/zabbix-docker/.github/" - -jobs: - init_build: - name: Initialize build - runs-on: ubuntu-latest - permissions: - contents: read - outputs: - os: ${{ steps.os.outputs.list }} - components: ${{ steps.components.outputs.list }} - is_default_branch: ${{ steps.branch_info.outputs.is_default_branch }} - current_branch: ${{ steps.branch_info.outputs.current_branch }} - sha_short: ${{ steps.branch_info.outputs.sha_short }} - steps: - - name: Block egress traffic - uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 - with: - disable-sudo: true - egress-policy: block - allowed-endpoints: > - github.com:443 - - - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - ref: ${{ env.TRUNK_ONLY_EVENT == 'true' && env.TRUNK_GIT_BRANCH || '' }} - fetch-depth: 1 - sparse-checkout: ${{ env.MATRIX_FILE }} - - - name: Check ${{ env.MATRIX_FILE }} file - id: build_exists - shell: bash - env: - MATRIX_FILE: ${{ env.MATRIX_FILE }} - run: | - if [[ ! -f "$MATRIX_FILE" ]]; then - echo "::error::File $MATRIX_FILE is missing" - exit 1 - fi - - - name: Prepare Operating System list - id: os - shell: bash - env: - MATRIX_FILE: ${{ env.MATRIX_FILE }} - run: | - os_list=$(jq -r '.["os-windows"] | keys | [ .[] | tostring ] | @json' "$MATRIX_FILE") - - echo "::group::Operating System List" - echo "$os_list" - echo "::endgroup::" - - echo "list=$os_list" >> $GITHUB_OUTPUT - - - name: Prepare Zabbix component list - id: components - shell: bash - run: | - component_list='["agent","agent2"]' - - echo "::group::Zabbix Component List" - echo "$component_list" - echo "::endgroup::" - - echo "list=$component_list" >> $GITHUB_OUTPUT - - - name: Get branch info - id: branch_info - shell: bash - env: - LATEST_BRANCH: ${{ env.LATEST_BRANCH }} - github_ref: ${{ env.TRUNK_ONLY_EVENT == 'true' && env.TRUNK_GIT_BRANCH || github.ref }} - run: | - result=false - sha_short=$(git rev-parse --short HEAD) - - if [[ "$github_ref" == "refs/tags/"* ]]; then - github_ref=${github_ref%.*} - fi - - github_ref=${github_ref##*/} - - if [[ "$github_ref" == "$LATEST_BRANCH" ]]; then - result=true - fi - - echo "::group::Branch data" - echo "is_default_branch - $result" - echo "current_branch - $github_ref" - echo "sha_short - $sha_short" - echo "::endgroup::" - - echo "is_default_branch=$result" >> $GITHUB_OUTPUT - echo "current_branch=$github_ref" >> $GITHUB_OUTPUT - echo "sha_short=$sha_short" >> $GITHUB_OUTPUT - - build_base: - name: Build ${{ matrix.component }} base on ${{ matrix.os }} - needs: init_build - runs-on: ${{ matrix.os }} - timeout-minutes: 50 - permissions: - contents: read - id-token: write - strategy: - fail-fast: false - matrix: - os: ${{ fromJson(needs.init_build.outputs.os) }} - component: ${{ fromJson(needs.init_build.outputs.components) }} - steps: - - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - ref: ${{ env.TRUNK_ONLY_EVENT == 'true' && env.TRUNK_GIT_BRANCH || '' }} - fetch-depth: 1 - - - name: Install cosign - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 - with: - cosign-release: 'v2.2.3' - - - name: Check cosign version - run: cosign version - - - name: Login to DockerHub - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Base Windows OS tag - id: base_os_tag - env: - MATRIX_OS: ${{ matrix.os }} - MATRIX_FILE: ${{ env.MATRIX_FILE }} - run: | - $os_tag=$(Get-Content -Path $Env:MATRIX_FILE | ConvertFrom-Json).'os-windows'."$Env:MATRIX_OS" - - echo "::group::Base Microsoft Windows OS tag" - echo "$os_tag" - echo "::endgroup::" - - echo "os_tag=$os_tag" >> $Env:GITHUB_OUTPUT - - - name: Generate tags - id: meta - uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 - with: - images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGES_PREFIX }}${{ env.BASE_IMAGE_NAME }} - context: ${{ env.TRUNK_ONLY_EVENT == 'true' && 'git' || '' }} - tags: | - type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}- - type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},suffix=-${{ steps.base_os_tag.outputs.os_tag }},prefix=${{ matrix.component }}- - type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}-,suffix=-latest - type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }}-latest,prefix=${{ matrix.component }}- - type=raw,enable=${{ (needs.init_build.outputs.current_branch != 'trunk') && (needs.init_build.outputs.is_default_branch == 'true') }},value=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}-latest - type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}- - type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }},prefix=${{ matrix.component }}- - flavor: | - latest=false - - - name: Build and push image - id: docker_build - env: - DOCKERFILES_DIRECTORY: ${{ env.DOCKERFILES_DIRECTORY }} - BASE_BUILD_IMAGE: ${{ env.MSFT_BASE_BUILD_IMAGE }} - BASE_IMAGE_NAME: ${{ env.BASE_IMAGE_NAME }} - MATRIX_COMPONENT: ${{ matrix.component }} - TAGS: ${{ steps.meta.outputs.tags }} - BASE_OS_TAG: ${{ steps.base_os_tag.outputs.os_tag }} - LABEL_REVISION: ${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} - LABEL_CREATED: ${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} - AUTO_PUSH_IMAGES: ${{ env.AUTO_PUSH_IMAGES }} - run: | - echo "::group::Docker version" - docker version - echo "::endgroup::" - echo "::group::Docker info" - docker info - echo "::endgroup::" - - $context="$Env:DOCKERFILES_DIRECTORY\$Env:BASE_IMAGE_NAME\windows\" - $dockerfile= $context + 'Dockerfile.' + $Env:MATRIX_COMPONENT - $base_os_image= $Env:BASE_BUILD_IMAGE + ':' + $Env:BASE_OS_TAG - # Can not build on GitHub due existing symlink. Must be removed before build process - Remove-Item -ErrorAction Ignore -Force -Path $context\README.md - - $tags_array=$( "$Env:TAGS".Split("`n") ) - $tags=$( $tags_array | Foreach-Object { "--tag=$_" } ) - - echo "::group::Image tags" - echo "$Env:TAGS" - echo "::endgroup::" - echo "::group::Pull base image" - docker pull $base_os_image - if (-not $?) {throw "Failed"} - echo "::endgroup::" - - echo "::group::Build Image" - Write-Host @" - docker build --label org.opencontainers.image.revision=$Env:LABEL_REVISION - --label org.opencontainers.image.created=$Env:LABEL_CREATED - --build-arg=BUILD_BASE_IMAGE=$base_os_image - --file=$dockerfile - $tags - $context - "@ - - docker build --label org.opencontainers.image.revision=$Env:LABEL_REVISION ` - --label org.opencontainers.image.created=$Env:LABEL_CREATED ` - --build-arg=BUILD_BASE_IMAGE=$base_os_image ` - --file=$dockerfile ` - $tags ` - $context - if (-not $?) {throw "Failed"} - echo "::endgroup::" - - echo "::group::Publish Image" - if ( $Env:AUTO_PUSH_IMAGES -eq 'true' ) { - Foreach ($tag in $tags_array) { - echo "docker image push $tag" - docker image push $tag - if (-not $?) {throw "Failed"} - } - - $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] - if (-not $?) {throw "Failed"} - echo "Image digest got from RepoDigests" - } - else { - $digest=$(docker inspect $tags_array[0] --format "{{ index .Id}}") - if (-not $?) {throw "Failed"} - echo "Image digest got from Id" - } - echo "::endgroup::" - - echo "::group::Digest" - echo "$digest" - echo "::endgroup::" - echo "digest=$digest" >> $Env:GITHUB_OUTPUT - - - name: Sign the images with GitHub OIDC Token - env: - DIGEST: ${{ steps.docker_build.outputs.digest }} - TAGS: ${{ steps.meta.outputs.tags }} - run: | - $tags_array=$( "$Env:TAGS".Split("`n") ) - $tag_list=@() - - - foreach ($tag in $tags_array) { - $tag_name=$tag.Split(":")[0] - $tag_list+="$tag_name@$Env:DIGEST" - } - echo "::group::Images to sign" - echo "$tag_list" - echo "::endgroup::" - - echo "::group::Signing" - echo "cosign sign --yes $tag_list" - cosign sign --yes $tag_list - echo "::endgroup::" - - - name: Image digest - if: ${{ env.AUTO_PUSH_IMAGES }} - env: - DIGEST: ${{ steps.docker_build.outputs.digest }} - CACHE_FILE_NAME: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }} - run: | - echo "::group::Image digest" - echo "$Env:DIGEST" - echo "::endgroup::" - - echo "::group::Cache file name" - echo "$Env:CACHE_FILE_NAME" - echo "::endgroup::" - - $Env:DIGEST | Set-Content -Path $Env:CACHE_FILE_NAME - - - name: Cache image digest - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 - with: - path: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }} - key: ${{ env.BASE_IMAGE_NAME }}-${{ matrix.os }}-${{ needs.init_build.outputs.current_branch }} diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 9207bc6d4..154f26431 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -141,15 +141,197 @@ jobs: echo "sha_short=$sha_short" >> $GITHUB_OUTPUT build_base: - uses: ./.github/workflows/base_images_build_windows.yml - if: ${{ github.event_name == 'release' }} + name: Build ${{ matrix.component }} base on ${{ matrix.os }} + needs: init_build + runs-on: ${{ matrix.os }} + timeout-minutes: 70 permissions: contents: read id-token: write + strategy: + fail-fast: false + matrix: + os: ${{ fromJson(needs.init_build.outputs.os) }} + component: ${{ fromJson(needs.init_build.outputs.components) }} + steps: + - name: Checkout repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + ref: ${{ env.TRUNK_ONLY_EVENT == 'true' && env.TRUNK_GIT_BRANCH || '' }} + fetch-depth: 1 + + - name: Install cosign + uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 + with: + cosign-release: 'v2.2.3' + + - name: Check cosign version + run: cosign version + + - name: Login to DockerHub + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Base Windows OS tag + id: base_os_tag + env: + MATRIX_OS: ${{ matrix.os }} + MATRIX_FILE: ${{ env.MATRIX_FILE }} + run: | + $os_tag=$(Get-Content -Path $Env:MATRIX_FILE | ConvertFrom-Json).'os-windows'."$Env:MATRIX_OS" + + echo "::group::Base Microsoft Windows OS tag" + echo "$os_tag" + echo "::endgroup::" + + echo "os_tag=$os_tag" >> $Env:GITHUB_OUTPUT + + - name: Generate tags + id: meta + uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 + with: + images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGES_PREFIX }}${{ env.BASE_IMAGE_NAME }} + context: ${{ env.TRUNK_ONLY_EVENT == 'true' && 'git' || '' }} + tags: | + type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}- + type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},suffix=-${{ steps.base_os_tag.outputs.os_tag }},prefix=${{ matrix.component }}- + type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}-,suffix=-latest + type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }}-latest,prefix=${{ matrix.component }}- + type=raw,enable=${{ (needs.init_build.outputs.current_branch != 'trunk') && (needs.init_build.outputs.is_default_branch == 'true') }},value=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}-latest + type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}- + type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }},prefix=${{ matrix.component }}- + flavor: | + latest=false + + - name: Build and push image + id: docker_build + env: + DOCKERFILES_DIRECTORY: ${{ env.DOCKERFILES_DIRECTORY }} + BASE_BUILD_IMAGE: ${{ env.MSFT_BASE_BUILD_IMAGE }} + BASE_IMAGE_NAME: ${{ env.BASE_IMAGE_NAME }} + MATRIX_COMPONENT: ${{ matrix.component }} + TAGS: ${{ steps.meta.outputs.tags }} + BASE_OS_TAG: ${{ steps.base_os_tag.outputs.os_tag }} + LABEL_REVISION: ${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} + LABEL_CREATED: ${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} + AUTO_PUSH_IMAGES: ${{ env.AUTO_PUSH_IMAGES }} + run: | + echo "::group::Docker version" + docker version + echo "::endgroup::" + echo "::group::Docker info" + docker info + echo "::endgroup::" + + $context="$Env:DOCKERFILES_DIRECTORY\$Env:BASE_IMAGE_NAME\windows\" + $dockerfile= $context + 'Dockerfile.' + $Env:MATRIX_COMPONENT + $base_os_image= $Env:BASE_BUILD_IMAGE + ':' + $Env:BASE_OS_TAG + # Can not build on GitHub due existing symlink. Must be removed before build process + Remove-Item -ErrorAction Ignore -Force -Path $context\README.md + + $tags_array=$( "$Env:TAGS".Split("`n") ) + $tags=$( $tags_array | Foreach-Object { "--tag=$_" } ) + + echo "::group::Image tags" + echo "$Env:TAGS" + echo "::endgroup::" + echo "::group::Pull base image" + docker pull $base_os_image + if (-not $?) {throw "Failed"} + echo "::endgroup::" + + echo "::group::Build Image" + Write-Host @" + docker build --label org.opencontainers.image.revision=$Env:LABEL_REVISION + --label org.opencontainers.image.created=$Env:LABEL_CREATED + --build-arg=BUILD_BASE_IMAGE=$base_os_image + --file=$dockerfile + $tags + $context + "@ + + docker build --label org.opencontainers.image.revision=$Env:LABEL_REVISION ` + --label org.opencontainers.image.created=$Env:LABEL_CREATED ` + --build-arg=BUILD_BASE_IMAGE=$base_os_image ` + --file=$dockerfile ` + $tags ` + $context + if (-not $?) {throw "Failed"} + echo "::endgroup::" + + echo "::group::Publish Image" + if ( $Env:AUTO_PUSH_IMAGES -eq 'true' ) { + Foreach ($tag in $tags_array) { + echo "docker image push $tag" + docker image push $tag + if (-not $?) {throw "Failed"} + } + + $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] + if (-not $?) {throw "Failed"} + echo "Image digest got from RepoDigests" + } + else { + $digest=$(docker inspect $tags_array[0] --format "{{ index .Id}}") + if (-not $?) {throw "Failed"} + echo "Image digest got from Id" + } + echo "::endgroup::" + + echo "::group::Digest" + echo "$digest" + echo "::endgroup::" + echo "digest=$digest" >> $Env:GITHUB_OUTPUT + + - name: Sign the images with GitHub OIDC Token + env: + DIGEST: ${{ steps.docker_build.outputs.digest }} + TAGS: ${{ steps.meta.outputs.tags }} + run: | + $tags_array=$( "$Env:TAGS".Split("`n") ) + $tag_list=@() + + + foreach ($tag in $tags_array) { + $tag_name=$tag.Split(":")[0] + $tag_list+="$tag_name@$Env:DIGEST" + } + echo "::group::Images to sign" + echo "$tag_list" + echo "::endgroup::" + + echo "::group::Signing" + echo "cosign sign --yes $tag_list" + cosign sign --yes $tag_list + echo "::endgroup::" + + - name: Image digest + if: ${{ env.AUTO_PUSH_IMAGES }} + env: + DIGEST: ${{ steps.docker_build.outputs.digest }} + CACHE_FILE_NAME: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }} + run: | + echo "::group::Image digest" + echo "$Env:DIGEST" + echo "::endgroup::" + + echo "::group::Cache file name" + echo "$Env:CACHE_FILE_NAME" + echo "::endgroup::" + + $Env:DIGEST | Set-Content -Path $Env:CACHE_FILE_NAME + + - name: Cache image digest + uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + with: + path: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }} + key: ${{ env.BASE_IMAGE_NAME }}-${{ matrix.os }}-${{ github.run_id }} build_components: name: Build ${{ matrix.component }} sources on ${{ matrix.os }} - needs: [ "init_build" ] + needs: [ "build_base", "init_build"] runs-on: ${{ matrix.os }} timeout-minutes: 70 permissions: @@ -216,8 +398,7 @@ jobs: uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 with: path: ${{ env.BASE_IMAGE_NAME }}_${{ matrix.os }}_${{ matrix.component }} - key: ${{ env.BASE_IMAGE_NAME }}-${{ matrix.os }}-${{ needs.init_build.outputs.current_branch }} - fail-on-cache-miss: true + key: ${{ env.BASE_IMAGE_NAME }}-${{ matrix.os }}-${{ github.run_id }} - name: Retrieve ${{ env.BASE_IMAGE_NAME }}:${{ matrix.os }} SHA256 tag id: base_build