Investigate feasibility of ephemeral build systems for non-Linux platforms

[sxa]

Part of SLSA level 3 and SSDF PO5.1. Part of this should be to avoid any possible interference from non-build processes to the systems used for building.
There are other technologies which could be used for this to mimic our use of dynamically created Docker containers which we use on Linux (s390x TBC), for example Solaris Zones, AIX WPARs etc.

[sxa]

Note: The job-restrictions plugin which we will plan to install as part of adoptium/infrastructure#2108 (comment) should allow us to get some level of isolation (Not ephemeral, but blocking non-build jobs from running on certain systems)

[sxa]

We should initially look at prioritising the primary platforms. Noting that Linux/s390x mentioned in the description is now building in a container, but the image is not being regular refreshed or stored off-machine at present:

• WINDOWS: There was some initial prototyping of using docker containers on windows for build in docker: add windows build support #2121 - we should look at reinvigorating that.
• MACOS: We are looking at how we run our macos farms and the possibility of cross-compiling on aarch64 mac machines for our x64 builds in order to reduce costs since we have fewer sponsored systems for macos. If we do this would could use the built in macos virtualization framework to fire up machines, use them for a build, and shut them down afterwards.
  In terms of secondaries:
• SOLARIS: Could use FLAR archives deployed as zones
• AIX: Can deploy mksysb backups to WPARs

[sxa]

Update:

• WINDOWS: Azure plugin has been deprecated - George took the action to see if we can use auto-provision of Windows systems at Azure again: Jenkins azure plugin is being retired on 29 Feb 2024 - switch to CLI? infrastructure#3199
• MACOS: We have started performing cross-compilation for the Mac/x64 builds and are looking at standing up an Orka cluster at MacStadium which would give us the potential to dynamically create VMs to be used for builds as an alternative to directly using the virtualisation framework as described above. Look at moving macstadium machines to orka infrastructure#2536

The other two platforms are not currently being progressed.

[sxa]

MacOS builds are being moved to orka3 under adoptium/infrastructure#2536 and will be tested heavily with the regular runs that will occur over the weekend.

[sxa]

adoptium/infrastructure#3286 is part of this

[sxa]

Feasibility has now been understood - windows will hopefully be ready shortly with the pipelines PR to allow docker containers, and AIX and Solaris can have separate issues created in the backlog pending someone with enough interest to achieve those levels on those platforms.