jenkins-controller-eclair: final changes to docker deployment
This change incorporates some changes that were suggested for
the initial import of the jenkins-controller-eclair dockerfile
that didn't make it into the review that was merged.
The first change was to rewrite the Dockerfile to be independent
of the trustedfirmware docker image in order to reduce the
complexity of the build.
The plugins.txt has also been rebuilt to include some of the extra
dependencies that eclair had rather than bundling them up into
S3.
Finally, we install a specific version of the eclair jenkins plugin
in the dockerfile explicitly so that we're not blindly trusting
the integrity of the S3 repo.
Signed-off-by: Kelley Spoon <kelley.spoon@linaro.org>
Change-Id: Id02598bf44dc839eef3d2ddd5bf06a330f83854f
diff --git a/jenkins-controller-eclair/Dockerfile b/jenkins-controller-eclair/Dockerfile
index 5437570..81937f3 100644
--- a/jenkins-controller-eclair/Dockerfile
+++ b/jenkins-controller-eclair/Dockerfile
@@ -1,14 +1,48 @@
-FROM trustedfirmware/ci-x86_64-jenkins-master-debian:lts
+FROM jenkins/jenkins:2.332.3-lts-slim
ENV JENKINS_JAVA_PARAMETERS="-server -XX:+AlwaysPreTouch -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/jenkins/heapdump.log -XX:+UseG1GC -XX:+UseStringDeduplication -XX:+ParallelRefProcEnabled -XX:+ExplicitGCInvokesConcurrent -XX:+UnlockDiagnosticVMOptions -XX:G1SummarizeRSetStatsPeriod=1 -XX:MaxMetaspaceExpansion=64M -Djenkins.model.Jenkins.logStartupPerformance=true"
ENV JAVA_OPTS="$JENKINS_JAVA_PARAMETERS -Djava.awt.headless=true -Dhudson.slaves.WorkspaceList='_' -Dhudson.model.ParametersAction.keepUndefinedParameters=true -Dorg.jenkinsci.plugins.gitclient.Git.timeOut=30 -Dorg.eclipse.jetty.server.Request.maxFormContentSize=1000000"
ENV JENKINS_OPTS="--sessionTimeout=1440 --sessionEviction=86400"
ENV JAVA_MEM=${JAVA_MEM:-8}
+ENV ECLAIR_VERSION=3.12.0.0
+# Install jenkins job builder
+# Create plugins directory, symlinked on host machine
+USER root
+RUN mkdir -p /var/jenkins_plugins \
+ && chown jenkins:jenkins /var/jenkins_plugins \
+ && ln -s /var/jenkins_home /var/lib/jenkins \
+ && ln -s /usr/bin/python3 /usr/bin/python \
+ && mkdir -p /usr/share/groovy/lib \
+ && apt-get -q update \
+ && DEBIAN_FRONTEND=noninteractive apt-get install -q -y --no-install-recommends \
+ ansible \
+ build-essential \
+ debian-keyring \
+ devscripts \
+ dirmngr \
+ jq \
+ moreutils \
+ python3-pip \
+ python3-paramiko \
+ python3-requests \
+ python3-setuptools \
+ python3-wheel \
+ sshpass \
+ virtualenv \
+ wget \
+ && apt-get clean \
+ && pip install jenkins-job-builder==3.11.0 pyyaml==5.4.1 Jinja2==3.0.1 python-jenkins==1.7.0 \
+ && rm -rf \
+ /var/lib/apt/lists/*
USER jenkins
-# Just install jenkins eclair plugins
-COPY mods/*.hpi /var/jenkins_plugins/
-RUN export JAVA_OPTS="-Xmx{$JAVA_MEM}g -Xms${JAVA_MEM}g $JAVA_OPTS"
+
+# Install jenkins plugins
+COPY plugins.txt .
+# Install eclair plugin
+COPY mods/eclair-${ECLAIR_VERSION}.hpi /var/jenkins_plugins/eclair.hpi
+RUN jenkins-plugin-cli -f plugins.txt
+RUN export JAVA_OPTS="-Xmx${JAVA_MEM}g -Xms${JAVA_MEM}g $JAVA_OPTS"
# Forward ports to host
EXPOSE 2222
diff --git a/jenkins-controller-eclair/plugins.txt b/jenkins-controller-eclair/plugins.txt
index 2c1f9e7..3ca8b77 100644
--- a/jenkins-controller-eclair/plugins.txt
+++ b/jenkins-controller-eclair/plugins.txt
@@ -1,52 +1,163 @@
-basic-branch-build-strategies:1.3.2
-build-name-setter:2.2.0
-build-timeout:1.21
-blueocean:1.25.5
-copyartifact:1.46.4
-docker-plugin:1.2.9
-docker-slaves:1.0.7
-ec2:1.68
-email-ext:2.88
-envinject:2.866.v5c0403e3d4df
-envinject-api:1.199.v3ce31253ed13
-extended-read-permission:3.2
-flexible-publish:0.16.1
-generic-webhook-trigger:1.84
-gerrit-trigger:2.36.0
-git:4.11.3
-git-parameter:0.9.17
-github-oauth:0.38
-groovy-postbuild:2.5
-jdk-tool:1.5
-jenkins-multijob-plugin:1.36
-jobConfigHistory:1133.v0f5420f85053
-leastload:3.0.0
-lockable-resources:2.15
-matrix-auth:3.1.2
-monitoring:1.91.0
-multiple-scms:0.8
-parameterized-trigger:2.44
-parameterized-scheduler:1.0
-pipeline-github:2.8-138.d766e30bb08b
-pipeline-github-lib:38.v445716ea_edda_
-pipeline-githubnotify-step:49.vf37bf92d2bc8
-pipeline-utility-steps:2.12.2
-prometheus:2.0.11
-postbuildscript:3.1.0-375.v3db_cd92485e1
-rebuild:1.34
-role-strategy:488.v0634ce149b_8c
-script-security:1175.v4b_d517d6db_f0
-ssh-agent:295.v9ca_a_1c7cc3a_a_
-ssh-slaves:1.814.vc82988f54b_10
-slack:608.v19e3b_44b_b_9ff
-timestamper:1.17
-throttle-concurrents:2.8
-windows-slaves:1.8.1
-workflow-aggregator:581.v0c46fa_697ffd
-workflow-api:1164.v760c223ddb_32
-workflow-cps-global-lib-http:2.0.0
-workflow-basic-steps:948.v2c72a_091b_b_68
-workflow-durable-task-step:1144.vd77b_57189936
-ws-cleanup:0.42
-yet-another-docker-plugin:0.2.0
+variant:1.4
+github-branch-source:1656.v77eddb_b_e95df
+workflow-multibranch:716.vc692a_e52371b_
+token-macro:293.v283932a_0a_b_49
blueocean-pipeline-api-impl:1.25.5
+credentials:1087.1089.v2f1b_9a_b_040e4
+ws-cleanup:0.42
+blueocean-display-url:2.4.1
+prometheus:2.0.11
+ssh-slaves:1.814.vc82988f54b_10
+ec2:1.68
+build-timeout:1.21
+jenkins-multijob-plugin:1.36
+workflow-aggregator:581.v0c46fa_697ffd
+blueocean-jwt:1.25.5
+git-parameter:0.9.17
+antisamy-markup-formatter:2.7
+throttle-concurrents:2.8
+pipeline-model-definition:2.2097.v33db_b_de764b_e
+snakeyaml-api:1.30.2-76.vc104f7ce9870
+mina-sshd-api-core:2.8.0-21.v493b_6b_db_22c6
+bootstrap5-api:5.1.3-7
+pipeline-utility-steps:2.12.2
+github-oauth:0.38
+timestamper:1.17
+workflow-api:1164.v760c223ddb_32
+postbuildscript:3.1.0-375.v3db_cd92485e1
+pipeline-build-step:2.18
+basic-branch-build-strategies:1.3.2
+sshd:3.242.va_db_9da_b_26a_c3
+workflow-cps-global-lib:588.v576c103a_ff86
+slack:608.v19e3b_44b_b_9ff
+sse-gateway:1.25
+mina-sshd-api-common:2.8.0-21.v493b_6b_db_22c6
+workflow-support:820.vd1a_6cc65ef33
+blueocean-i18n:1.25.5
+parameterized-trigger:2.44
+monitoring:1.91.0
+pipeline-stage-tags-metadata:2.2097.v33db_b_de764b_e
+font-awesome-api:6.1.1-1
+handy-uri-templates-2-api:2.1.8-22.v77d5b_75e6953
+icon-shim:3.0.0
+docker-commons:1.19
+metrics:4.1.6.2
+blueocean-bitbucket-pipeline:1.25.5
+pipeline-github:2.8-138.d766e30bb08b
+copyartifact:1.46.4
+blueocean-pipeline-editor:1.25.5
+windows-slaves:1.8.1
+structs:318.va_f3ccb_729b_71
+blueocean-core-js:1.25.5
+envinject:2.866.v5c0403e3d4df
+conditional-buildstep:1.4.2
+workflow-scm-step:400.v6b_89a_1317c9a_
+scm-api:608.vfa_f971c5a_a_e9
+aws-java-sdk-ec2:1.12.246-349.v96b_b_f7eb_a_c3c
+cloudbees-bitbucket-branch-source:773.v4b_9b_005b_562b_
+github:1.34.3
+plugin-util-api:2.17.0
+trilead-api:1.57.v6e90e07157e1
+favorite:2.4.1
+htmlpublisher:1.30
+blueocean-github-pipeline:1.25.5
+blueocean-pipeline-scm-api:1.25.5
+javadoc:217.v905b_86277a_2a_
+cloudbees-folder:6.729.v2b_9d1a_74d673
+blueocean-autofavorite:1.2.5
+role-strategy:488.v0634ce149b_8c
+blueocean-rest:1.25.5
+docker-plugin:1.2.9
+run-condition:1.5
+authentication-tokens:1.4
+built-on-column:1.1
+bouncycastle-api:2.26
+flexible-publish:0.16.1
+blueocean-commons:1.25.5
+jackson2-api:2.13.3-285.vc03c0256d517
+ssh-credentials:277.v95c2fec1c047
+blueocean:1.25.5
+matrix-auth:3.1.2
+matrix-project:772.v494f19991984
+aws-credentials:191.vcb_f183ce58b_9
+rebuild:1.34
+gerrit-trigger:2.36.0
+command-launcher:84.v4a_97f2027398
+plain-credentials:1.8
+pipeline-githubnotify-step:49.vf37bf92d2bc8
+cloud-stats:0.27
+workflow-cps:2729.vea_17b_79ed57a_
+jjwt-api:0.11.5-77.v646c772fddb_0
+branch-api:2.1046.v0ca_37783ecc5
+pipeline-groovy-lib:593.va_a_fc25d520e9
+groovy-postbuild:2.5
+leastload:3.0.0
+blueocean-dashboard:1.25.5
+badge:1.9.1
+pipeline-stage-step:293.v200037eefcd5
+apache-httpcomponents-client-4-api:4.5.13-1.0
+envinject-api:1.199.v3ce31253ed13
+junit:1119.1121.vc43d0fc45561
+ssh-agent:295.v9ca_a_1c7cc3a_a_
+blueocean-personalization:1.25.5
+blueocean-rest-impl:1.25.5
+mailer:414.vcc4c33714601
+docker-slaves:1.0.7
+blueocean-git-pipeline:1.25.5
+node-iterator-api:1.5.1
+jsch:0.1.55.2
+javax-activation-api:1.2.0-3
+okhttp-api:4.9.3-105.vb96869f8ac3a
+workflow-step-api:625.vd896b_f445a_f8
+aws-java-sdk-minimal:1.12.246-349.v96b_b_f7eb_a_c3c
+credentials-binding:523.vd859a_4b_122e6
+git-client:3.11.0
+maven-plugin:3.19
+email-ext:2.88
+docker-java-api:3.2.13-37.vf3411c9828b9
+pipeline-github-lib:38.v445716ea_edda_
+jaxb:2.3.6-1
+git-server:1.11
+javax-mail-api:1.6.2-6
+multiple-scms:0.8
+script-security:1175.v4b_d517d6db_f0
+workflow-durable-task-step:1144.vd77b_57189936
+yet-another-docker-plugin:0.2.0
+pipeline-input-step:449.v77f0e8b_845c4
+caffeine-api:2.9.3-65.v6a_47d0f4d1fe
+lockable-resources:2.15
+echarts-api:5.3.3-1
+pipeline-rest-api:2.24
+workflow-cps-global-lib-http:2.0.0
+pipeline-model-api:2.2097.v33db_b_de764b_e
+blueocean-events:1.25.5
+pubsub-light:1.16
+jdk-tool:1.5
+durable-task:496.va67c6f9eefa7
+jobConfigHistory:1133.v0f5420f85053
+ace-editor:1.1
+workflow-basic-steps:948.v2c72a_091b_b_68
+jenkins-design-language:1.25.5
+checks-api:1.7.4
+pipeline-graph-analysis:195.v5812d95a_a_2f9
+parameterized-scheduler:1.0
+build-name-setter:2.2.0
+resource-disposer:0.19
+jquery3-api:3.6.0-4
+git:4.11.3
+pipeline-model-extensions:2.2097.v33db_b_de764b_e
+pipeline-milestone-step:101.vd572fef9d926
+generic-webhook-trigger:1.84
+display-url-api:2.3.6
+extended-read-permission:3.2
+github-api:1.303-400.v35c2d8258028
+blueocean-web:1.25.5
+jquery:1.12.4-1
+blueocean-config:1.25.5
+workflow-job:1189.va_d37a_e9e4eda_
+popper2-api:2.11.5-2
+forensics-api:1.7.0
+warnings-ng:9.11.0
+analysis-model-api:10.9.1
+data-tables-api:1.11.3-6
+prism-api:1.25.0-2