windocker: Capture setup steps for the host machine in an ansible playbook

[sxa]

Steps are covered in #3286 (comment)

Possibly needs to include the setup of C:\jw and the .gitconfig file too subject to the resolution of other issues relating to path length and permissions.

c:\workspace\.gitconfig (Needs to have CRLF line endings, so don't do this from cygwin)

[safe]
        directory = /cygdrive/c/workspace/openjdk-build

startjenkins.cmd needs:

PATH C:\Program Files\Git\usr\bin;%PATH%;c:\cygwin64\bin
set HOME=c:\workspace
java -jar agent.jar ...

[sxa]

Noting that C:\jw is now C:\workspace for consistency with the existing pipelines. Also based on the investigations for #3723 there will need to be an openjdk-build directory under workspace which is owned by the container user (Unclear whether this could cause a problem when the container, and therefore user, is rebuilt, but that seems quite likely...)

[sxa]

Replicating the instructions here. Noting that the docker install will reboot the machine part way through so we cannot run any of these bits in parallel with that :-)

Steps (after formatting an F: drive for docker with diskmgmt.msc, unless C: is large enough). (Alternate option: mkdir c:\ProgramData\docker then format and mount there instead of F) Doesn't work as the daemon won't start with fatal: Unable to get the full path to root (C:\ProgramData\docker): failed to canonicalise path for C:\ProgramData\docker: EvalSymlinks: too many links)) The following must be executed from PowerShell:

cmd /c mklink /J C:\ProgramData\docker F:\
fsutil 8dot3name set 0
md c:\workspace
Invoke-WebRequest -UseBasicParsing "https://www.cygwin.com/setup-x86_64.exe" -o cygwin-setup-x86_64.exe
Invoke-WebRequest -UseBasicParsing "https://raw.githubusercontent.com/microsoft/Windows-Containers/Main/helpful_tools/Install-DockerCE/install-docker-ce.ps1" -o install-docker-ce.ps1
.\install-docker-ce.ps1

The final command will cause a reboot. Once the machine is back subsequent operations can be done safely in parallel:

.\cygwin-setup-x86_64.exe --packages ansible,git --quiet-mode --download --local-install --delete-orphans --site https://mirrors.kernel.org/sourceware/cygwin/ --local-package-dir C:\cygwin_packages --root C:\cygwin64
docker pull mcr.microsoft.com/windows/servercore:ltsc2022

(Optional pull servercore:ltsc2025 for future use). Note that the cygwin step may not add itself to the system path - this can be done manually afterwards or add it to the jenkins agent startup script (Otherwise on the host you will get errors about not finding nohup when you try to run jobs.

If you want to build the docker image manually on the machine run this (ideally from a cygwin shell) Note that the PW= option should be no longer than 14 characters:

git clone https://github.com/sxa/infrastructure -b windows_docker_antcontribfix
cd infrastructure/ansible/docker
# EDIT Dockerfile.win2022 to clone from windows_docker_antcontribfix branch
docker build --build-arg PW=Some-Pa55wd -t win2022_notrhel_image -f Dockerfile.win2022 . 2>&1 | tee ansible.log

If you get any "Address space is already occupied" messages during the above step, run rebaseall from a cygwin shell. <<< Good idea in practice, didn't work. Rebuild the machine with a new cygwin install to resolve

While you're doing that, grab the Temurin 21 MSI and install it for the jenkins agent: https://api.adoptium.net/v3/installer/latest/21/ga/windows/x64/jdk/hotspot/normal/eclipse (You may also want to run cmd /c mklink /J c:\openjdk\jdk-21 "C:\Program Files\Eclipse Adoptium\jdk-21.0.5.11-hotspot

Once this is done, set up c:\workspace.gitconfig as per the issue description. Then you can start the image and run a build if desired:

docker run it -v %HOMEPATH%\workspace:C:\workspace win2022_build_image
cd \workspace
git clone https://github.com/adoptium/temurin-build
cd temurin-build/build-farm
set CONFIGURE_ARGS=--with-toolchain-version=2022
bash ./make-adopt-build-farm.sh jdk21u

When starting the jenkins agent on the host system you may get the following error when running jobs:

14:08:37  Fetching changes from the remote Git repository
14:08:37  ERROR: Error fetching remote repo 'origin'
14:08:37  hudson.plugins.git.GitException: Failed to fetch from https://github.com/sxa/ci-jenkins-pipelines.git

This will occur if you do not set HOME=c:\workspace in the jenkins startup script. You may also get a message previously which can be ignored: 14:08:37 Warning: JENKINS-30600: special launcher org.jenkinsci.plugins.docker.workflow.WithContainerStep$Decorator$1@76d126a7; decorates hudson.plugins.cygpath.CygpathLauncherDecorator$1@17cc8fc0 will be ignored (a typical symptom is the Git executable not being run inside a designated container)

[sxa]

Some notes for starting the jenkins agents on the machines

When starting the agent on the host system you may get the following error when running jobs:

14:08:37  Fetching changes from the remote Git repository
14:08:37  ERROR: Error fetching remote repo 'origin'
14:08:37  hudson.plugins.git.GitException: Failed to fetch from https://github.com/sxa/ci-jenkins-pipelines.git

This will occur if you do not set HOME=c:\workspace in the jenkins startup script. You may also get a message previously which can be ignored: 14:08:37 Warning: JENKINS-30600: special launcher org.jenkinsci.plugins.docker.workflow.WithContainerStep$Decorator$1@76d126a7; decorates hudson.plugins.cygpath.CygpathLauncherDecorator$1@17cc8fc0 will be ignored (a typical symptom is the Git executable not being run inside a designated container)

Also be sure to start the agents with -Xmx128M particularly on machines provisioned with 4GiB of RAM otherwise you are likely to run into resource exhaustion issues.

If you get a failure:

java.io.IOException: Cannot run program "nohup"

then cygwin isn't in the path - add `C:\cygwin64\bin to the startup script or somewhere else.

If you have an issue about

stderr: fatal: detected dubious ownership in repository at '/cygdrive/c/workspace/openjdk-build'

you need to follow the instructions in the description of this issue.

[sxa]

There is something relating to the setting of HOME that's giving a problem during the build jobs:

21:09:34  C:\workspace\openjdk-build>bash -c "git config --global safe.directory $(cygpath ${WORKSPACE})" 
21:09:34  error: could not lock config file //.gitconfig: File exists

This is despite HOME being set in the jenkins startup script, but that doesn't seem to be making it through to the docker image. If you add DOCKER_ARGS: -e HOME=/cygdrive/c/workspace when running the pipelines then it runs through ok. This is specific to this machine.

Without: https://ci.adoptium.net/job/build-scripts/job/jobs/job/jdk21u/job/windbld/1354/console
With: https://ci.adoptium.net/job/build-scripts/job/jobs/job/jdk21u/job/windbld/1355/console

This is happening on the new -4-intel machine - the only one that had docker installed before cygwin (Mentioning that because I can't think of any other difference)

EDIT: Seems to be working after adjusting the jenkins configuration to have a variable HOME pointing at the cygwin path /cygdrive/c/workspace instead of c:\workspace Ref: windbld#1365 which didn't have the -e parameter.