-
Notifications
You must be signed in to change notification settings - Fork 56
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add CI framework for Windows 64 (#229)
Though official support for Windows (64-bit) is blocked, we can still add CI support for it. Once the Windows CI framework is added to ACCP, we only have to reconfigure the `tests/ci/run_windows_tests.bat` test script for ACCP windows testing, then enable the CI support.
- Loading branch information
1 parent
63f3fe2
commit bbcfdbd
Showing
16 changed files
with
528 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
64 changes: 64 additions & 0 deletions
64
tests/ci/cdk/cdk/codebuild/pr_integration_windows_x86_omnibus.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# SPDX-License-Identifier: Apache-2.0 | ||
|
||
version: 0.2 | ||
|
||
# Doc for batch https://docs.aws.amazon.com/codebuild/latest/userguide/batch-build-buildspec.html#build-spec.batch.build-list | ||
batch: | ||
build-list: | ||
- identifier: windows_msvc2015_corretto8_x64 | ||
buildspec: ./tests/ci/codebuild/windows-x86/windows-msvc2015.yml | ||
env: | ||
# https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html | ||
type: WINDOWS_SERVER_2019_CONTAINER | ||
privileged-mode: false | ||
compute-type: BUILD_GENERAL1_LARGE | ||
image: ECR_REPO_PLACEHOLDER:vs2015_corretto_latest | ||
variables: | ||
TEST_JAVA_HOME: C:\Program Files\Amazon Corretto\jdk1.8.0_332\bin | ||
- identifier: windows_msvc2015_corretto11_x64 | ||
buildspec: ./tests/ci/codebuild/windows-x86/windows-msvc2015.yml | ||
env: | ||
type: WINDOWS_SERVER_2019_CONTAINER | ||
privileged-mode: false | ||
compute-type: BUILD_GENERAL1_LARGE | ||
image: ECR_REPO_PLACEHOLDER:vs2015_corretto_latest | ||
variables: | ||
TEST_JAVA_HOME: C:\Program Files\Amazon Corretto\jdk11.0.15_9\bin | ||
- identifier: windows_msvc2015_corretto17_x64 | ||
buildspec: ./tests/ci/codebuild/windows-x86/windows-msvc2015.yml | ||
env: | ||
type: WINDOWS_SERVER_2019_CONTAINER | ||
privileged-mode: false | ||
compute-type: BUILD_GENERAL1_LARGE | ||
image: ECR_REPO_PLACEHOLDER:vs2015_corretto_latest | ||
variables: | ||
TEST_JAVA_HOME: C:\Program Files\Amazon Corretto\jdk17.0.3_6\bin | ||
|
||
- identifier: windows_msvc2017_corretto8_x64 | ||
buildspec: ./tests/ci/codebuild/windows-x86/windows-msvc2017.yml | ||
env: | ||
type: WINDOWS_SERVER_2019_CONTAINER | ||
privileged-mode: false | ||
compute-type: BUILD_GENERAL1_LARGE | ||
image: ECR_REPO_PLACEHOLDER:vs2017_corretto_latest | ||
variables: | ||
TEST_JAVA_HOME: C:\Program Files\Amazon Corretto\jdk1.8.0_332\bin | ||
- identifier: windows_msvc2017_corretto11_x64 | ||
buildspec: ./tests/ci/codebuild/windows-x86/windows-msvc2017.yml | ||
env: | ||
type: WINDOWS_SERVER_2019_CONTAINER | ||
privileged-mode: false | ||
compute-type: BUILD_GENERAL1_LARGE | ||
image: ECR_REPO_PLACEHOLDER:vs2017_corretto_latest | ||
variables: | ||
TEST_JAVA_HOME: C:\Program Files\Amazon Corretto\jdk11.0.15_9\bin | ||
- identifier: windows_msvc2017_corretto17_x64 | ||
buildspec: ./tests/ci/codebuild/windows-x86/windows-msvc2017.yml | ||
env: | ||
type: WINDOWS_SERVER_2019_CONTAINER | ||
privileged-mode: false | ||
compute-type: BUILD_GENERAL1_LARGE | ||
image: ECR_REPO_PLACEHOLDER:vs2017_corretto_latest | ||
variables: | ||
TEST_JAVA_HOME: C:\Program Files\Amazon Corretto\jdk17.0.3_6\bin |
27 changes: 27 additions & 0 deletions
27
tests/ci/cdk/cdk/ssm/windows_docker_build_ssm_document.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# SPDX-License-Identifier: Apache-2.0 | ||
|
||
--- | ||
schemaVersion: '2.2' | ||
description: accp:buildWindowsDockerImages | ||
mainSteps: | ||
- action: aws:runPowerShellScript | ||
name: runPowerShellScript | ||
inputs: | ||
timeoutSeconds: '7200' | ||
runCommand: | ||
- mkdir docker-images | ||
- cd docker-images | ||
# Install choco and git | ||
- Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12; $env:chocolateyUseWindowsCompression = 'true'; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) | Out-Null | ||
- choco install git --version 2.23.0 -y | ||
- $env:path+='C:\Program Files\Git\cmd' | ||
# Git clone accp repo. | ||
- git clone https://github.com/GITHUB_OWNER_PLACEHOLDER/amazon-corretto-crypto-provider.git | ||
# Build Windows docker images. | ||
- cd .\amazon-corretto-crypto-provider | ||
- git checkout GITHUB_SOURCE_VERSION_PLACEHOLDER | ||
- cd .\tests\ci\docker_images\windows | ||
- Invoke-Expression -Command (Get-ECRLoginCommand -Region REGION_PLACEHOLDER).Command | ||
- .\build_images.ps1 | ||
- .\push_images.ps1 ECR_PLACEHOLDER |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# SPDX-License-Identifier: Apache-2.0 | ||
|
||
from aws_cdk import core, aws_ec2 as ec2, aws_s3 as s3, aws_iam as iam, aws_ssm as ssm | ||
from util.iam_policies import ecr_power_user_policy_in_json, s3_read_write_policy_in_json | ||
from util.metadata import AWS_ACCOUNT, AWS_REGION, WINDOWS_X86_ECR_REPO, S3_BUCKET_NAME, GITHUB_REPO_OWNER, WIN_EC2_TAG_KEY, \ | ||
WIN_EC2_TAG_VALUE, SSM_DOCUMENT_NAME, GITHUB_SOURCE_VERSION | ||
from util.yml_loader import YmlLoader | ||
|
||
|
||
class WindowsDockerImageBuildStack(core.Stack): | ||
"""Define a temporary stack used to build Windows Docker images. After build, this stack will be destroyed.""" | ||
|
||
def __init__(self, | ||
scope: core.Construct, | ||
id: str, | ||
**kwargs) -> None: | ||
super().__init__(scope, id, **kwargs) | ||
|
||
# Define SSM command document. | ||
ecr_repo = "{}.dkr.ecr.{}.amazonaws.com/{}".format(AWS_ACCOUNT, AWS_REGION, WINDOWS_X86_ECR_REPO) | ||
placeholder_map = {"ECR_PLACEHOLDER": ecr_repo, "GITHUB_OWNER_PLACEHOLDER": GITHUB_REPO_OWNER, | ||
"REGION_PLACEHOLDER": AWS_REGION, "GITHUB_SOURCE_VERSION_PLACEHOLDER": GITHUB_SOURCE_VERSION} | ||
content = YmlLoader.load("./cdk/ssm/windows_docker_build_ssm_document.yaml", placeholder_map) | ||
ssm.CfnDocument(scope=self, | ||
id="{}-ssm-document".format(id), | ||
name=SSM_DOCUMENT_NAME, | ||
content=content, | ||
document_type="Command") | ||
|
||
# Define a S3 bucket to store windows docker files and build scripts. | ||
s3.Bucket(scope=self, | ||
id="{}-s3".format(id), | ||
bucket_name=S3_BUCKET_NAME, | ||
block_public_access=s3.BlockPublicAccess.BLOCK_ALL) | ||
|
||
# Define a role for EC2. | ||
ecr_power_user_policy = iam.PolicyDocument.from_json(ecr_power_user_policy_in_json([WINDOWS_X86_ECR_REPO])) | ||
s3_read_write_policy = iam.PolicyDocument.from_json(s3_read_write_policy_in_json(S3_BUCKET_NAME)) | ||
inline_policies = {"ecr_power_user_policy": ecr_power_user_policy, "s3_read_write_policy": s3_read_write_policy} | ||
role = iam.Role(scope=self, id="{}-role".format(id), | ||
assumed_by=iam.ServicePrincipal("ec2.amazonaws.com"), | ||
inline_policies=inline_policies, | ||
managed_policies=[ | ||
iam.ManagedPolicy.from_aws_managed_policy_name("AmazonSSMManagedInstanceCore") | ||
]) | ||
|
||
# Define Windows EC2 instance, where the SSM document will be executed. | ||
machine_image = ec2.MachineImage.latest_windows(ec2.WindowsVersion.WINDOWS_SERVER_2019_ENGLISH_FULL_CONTAINERSLATEST) | ||
vpc = ec2.Vpc(scope=self, id="{}-vpc".format(id)) | ||
block_device_volume = ec2.BlockDeviceVolume.ebs(volume_size=200, delete_on_termination=True) | ||
block_device = ec2.BlockDevice(device_name="/dev/sda1", volume=block_device_volume) | ||
instance = ec2.Instance(scope=self, | ||
id="{}-instance".format(id), | ||
instance_type=ec2.InstanceType(instance_type_identifier="m5d.xlarge"), | ||
vpc=vpc, | ||
role=role, | ||
block_devices=[block_device], | ||
vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC), | ||
machine_image=machine_image) | ||
|
||
core.Tags.of(instance).add(WIN_EC2_TAG_KEY, WIN_EC2_TAG_VALUE) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# SPDX-License-Identifier: Apache-2.0. | ||
|
||
version: 0.2 | ||
|
||
phases: | ||
build: | ||
commands: | ||
# vcvarsall will set the required lib and libpath for MSVC to compile everything. This is used for AWS-LC's | ||
# Windows tests, but ACCP might use something different. | ||
- .\tests\ci\run_windows_tests.bat "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# SPDX-License-Identifier: Apache-2.0. | ||
|
||
version: 0.2 | ||
|
||
phases: | ||
build: | ||
commands: | ||
# vcvarsall will set the required lib and libpath for MSVC to compile everything. This is used for AWS-LC's | ||
# Windows tests, but ACCP might use something different. | ||
- .\tests\ci\run_windows_tests.bat "C:\Program Files (x86)\Microsoft Visual Studio\2017\BuildTools\VC\Auxiliary\Build\vcvarsall.bat" |
Oops, something went wrong.