From 2d008ae66adf5a0b586f61446d5c3156894db3cd Mon Sep 17 00:00:00 2001 From: Damien Duportal Date: Tue, 24 Oct 2023 19:55:13 +0200 Subject: [PATCH] tests(windows) Use `goss` for sanity checks for JDKs and trivy (#818) * tests: use goss for windows Signed-off-by: Damien Duportal * fixup Signed-off-by: Damien Duportal --------- Signed-off-by: Damien Duportal --- build-jenkins-agent-windows.pkr.hcl | 16 +++++++++++++++ goss/goss-windows.yaml | 31 +++++++++++++++++++++++++++++ provisioning/windows-provision.ps1 | 29 +++++++-------------------- 3 files changed, 54 insertions(+), 22 deletions(-) create mode 100644 goss/goss-windows.yaml diff --git a/build-jenkins-agent-windows.pkr.hcl b/build-jenkins-agent-windows.pkr.hcl index be305594f..ed80e2796 100644 --- a/build-jenkins-agent-windows.pkr.hcl +++ b/build-jenkins-agent-windows.pkr.hcl @@ -67,6 +67,22 @@ build { provisioner "windows-restart" { max_retries = 3 } + provisioner "file" { + source = "./goss/goss-windows.yaml" + destination = "C:/goss-windows.yaml" + } + provisioner "breakpoint" { + note = "Enable this breakpoint to pause before trying to run goss tests" + disable = true + } + provisioner "powershell" { + inline = [ + "$ErrorActionPreference = 'Stop'", + "goss --version", + "goss --use-alpha=1 --gossfile C:/goss-windows.yaml validate --retry-timeout 5s", + "Remove-Item -Force C:/goss-windows.yaml", + ] + } # This provisioner must be the last for Azure builds, after reboots provisioner "powershell" { only = ["azure-arm.windows"] diff --git a/goss/goss-windows.yaml b/goss/goss-windows.yaml new file mode 100644 index 000000000..a11779587 --- /dev/null +++ b/goss/goss-windows.yaml @@ -0,0 +1,31 @@ +command: + default_java: + exec: java --version + exit-status: 0 + stdout: + - 11.0.21+9 + jdk8: + exec: C:\tools\jdk-8\bin\java.exe -version + exit-status: 0 + stderr: + - 1.8.0_382 + jdk11: + exec: C:\tools\jdk-11\bin\java.exe --version + exit-status: 0 + stdout: + - 11.0.21+9 + jdk17: + exec: C:\tools\jdk-17\bin\java.exe --version + exit-status: 0 + stdout: + - 17.0.8.1+1 + jdk21: + exec: C:\tools\jdk-21\bin\java.exe --version + exit-status: 0 + stdout: + - 21+35 + trivy: + exec: trivy --version + exit-status: 0 + stdout: + - 0.46.0 diff --git a/provisioning/windows-provision.ps1 b/provisioning/windows-provision.ps1 index 8340e5e63..be3eb9ff6 100644 --- a/provisioning/windows-provision.ps1 +++ b/provisioning/windows-provision.ps1 @@ -92,10 +92,6 @@ $downloads = [ordered]@{ & Move-Item -Path "$baseDir\jdk-11*" -Destination "$baseDir\jdk-11" }; 'cleanupLocal' = 'true'; - # folder included here since it's not in the PATH - 'sanityCheck'= { - & "$baseDir\jdk-11\bin\java.exe" -version; - } }; 'jdk17' = @{ 'url' = 'https://github.com/adoptium/temurin17-binaries/releases/download/jdk-{0}/OpenJDK17U-jdk_x64_windows_hotspot_{1}.zip' -f [System.Web.HTTPUtility]::UrlEncode($env:JDK17_VERSION),$env:JDK17_VERSION.Replace('+', '_'); @@ -105,10 +101,6 @@ $downloads = [ordered]@{ & Move-Item -Path "$baseDir\jdk-17*" -Destination "$baseDir\jdk-17" }; 'cleanupLocal' = 'true'; - # folder included here since it's not in the PATH - 'sanityCheck'= { - & "$baseDir\jdk-17\bin\java.exe" -version; - } }; 'jdk21' = @{ 'url' = 'https://github.com/adoptium/temurin21-binaries/releases/download/jdk-{0}/OpenJDK21U-jdk_x64_windows_hotspot_{1}.zip' -f [System.Web.HTTPUtility]::UrlEncode($env:JDK21_VERSION),$env:JDK21_VERSION.Replace('+', '_'); @@ -118,10 +110,6 @@ $downloads = [ordered]@{ & Move-Item -Path "$baseDir\jdk-21*" -Destination "$baseDir\jdk-21" }; 'cleanupLocal' = 'true'; - # folder included here since it's not in the PATH - 'sanityCheck'= { - & "$baseDir\jdk-21\bin\java.exe" -version; - } }; 'jdk8' = @{ 'url' = 'https://github.com/adoptium/temurin8-binaries/releases/download/jdk{0}/OpenJDK8U-jdk_x64_windows_hotspot_{1}.zip' -f $env:JDK8_VERSION,$env:JDK8_VERSION.Replace('-', ''); @@ -131,10 +119,6 @@ $downloads = [ordered]@{ & Move-Item -Path "$baseDir\jdk8*" -Destination "$baseDir\jdk-8" }; 'cleanupLocal' = 'true'; - # folder included here since it's not in the PATH - 'sanityCheck'= { - & "$baseDir\jdk-8\bin\java.exe" -version; - } } 'maven' = @{ 'url' = 'https://archive.apache.org/dist/maven/maven-3/{0}/binaries/apache-maven-{0}-bin.zip' -f $env:MAVEN_VERSION; @@ -145,9 +129,6 @@ $downloads = [ordered]@{ 'MAVEN_HOME' = '{0}\apache-maven-{1}' -f $baseDir,$env:MAVEN_VERSION; }; 'cleanupLocal' = 'true'; - 'sanityCheck'= { - & "mvn.cmd" -v; - } }; 'git' = @{ 'url' = 'https://github.com/git-for-windows/git/releases/download/v{0}.windows.1/MinGit-{0}-64-bit.zip' -f $env:GIT_WINDOWS_VERSION; @@ -160,9 +141,6 @@ $downloads = [ordered]@{ # git cmd and gnu tools included with git as paths 'path' = "$baseDir\git\cmd;$baseDir\git\usr\bin"; 'cleanupLocal' = 'true'; - 'sanityCheck'= { - & "git.exe" --version; - } }; 'gitlfs' = @{ 'url' = 'https://github.com/git-lfs/git-lfs/releases/download/v{0}/git-lfs-windows-amd64-v{0}.zip' -f $env:GIT_LFS_VERSION; @@ -286,6 +264,13 @@ $downloads = [ordered]@{ & kubectl.exe version --client; } }; + 'goss' = @{ + 'url' = 'https://github.com/goss-org/goss/releases/download/v{0}/goss-windows-amd64.exe' -f $env:GOSS_VERSION; + 'local' = "$baseDir\goss.exe" + 'sanityCheck'= { + & goss.exe version; + } + }; 'chocolatey-and-packages' = @{ 'url' = 'https://github.com/chocolatey/choco/releases/download/{0}/chocolatey.{0}.nupkg' -f $env:CHOCOLATEY_VERSION; 'local' = "$baseDir\chocolatey.zip";