Merging 'main' into '.github-actions'

mattgwagner · Apr 10, 2022 · a2340fa · a2340fa
2 parents cd30694 + bfec028
commit a2340fa
Show file tree

Hide file tree

Showing 184 changed files with 3,775 additions and 3,108 deletions.
diff --git a/.github-actions/.github/ISSUE_TEMPLATE/announcement.yml b/.github-actions/.github/ISSUE_TEMPLATE/announcement.yml
@@ -34,7 +34,7 @@ body:
  - label: Ubuntu 20.04
  - label: macOS 10.15
  - label: macOS 11
- - label: Windows Server 2016
+ - label: macOS 12
  - label: Windows Server 2019
  - label: Windows Server 2022
  validations:

diff --git a/.github-actions/.github/ISSUE_TEMPLATE/bug-report.yml b/.github-actions/.github/ISSUE_TEMPLATE/bug-report.yml
@@ -1,6 +1,6 @@
 name: Bug Report
-description: Submit a bug report
-labels: [needs triage]
+description: Submit a bug report.
+labels: [bug report, needs triage]
 body:
  - type: textarea
  attributes:
@@ -16,7 +16,7 @@ body:
  - label: Ubuntu 20.04
  - label: macOS 10.15
  - label: macOS 11
- - label: Windows Server 2016
+ - label: macOS 12
  - label: Windows Server 2019
  - label: Windows Server 2022
  validations:
@@ -28,7 +28,7 @@ body:
  Image version where you are experiencing the issue. Where to find image version in build logs:
  1. For GitHub Actions, under "Set up job" -> "Virtual Environment" -> "Version".
  2. For Azure DevOps, under "Initialize job" -> "Virtual Environment" -> "Version".
- 
+
  If you have a public example, please, provide a link to the failed build.
  validations:
  required: true
@@ -51,5 +51,5 @@ body:
  A description with steps to reproduce the issue.
  1. Step 1
  2. Step 2
- validations: 
- required: true
+ validations:
+ required: true
diff --git a/.github-actions/.github/ISSUE_TEMPLATE/config.yml b/.github-actions/.github/ISSUE_TEMPLATE/config.yml
@@ -1 +1,6 @@
-blank_issues_enabled: false
+blank_issues_enabled: false
+
+contact_links:
+ - name: Get help in GitHub Discussions
+ url: https://github.com/actions/virtual-environments/discussions
+ about: Have a question? Feel free to ask in the virtual-environments GitHub Discussions!
diff --git a/.github-actions/.github/ISSUE_TEMPLATE/tool-request.yml b/.github-actions/.github/ISSUE_TEMPLATE/tool-request.yml
@@ -55,7 +55,7 @@ body:
  - label: Ubuntu 20.04
  - label: macOS 10.15
  - label: macOS 11
- - label: Windows Server 2016
+ - label: macOS 12
  - label: Windows Server 2019
  - label: Windows Server 2022
  validations:

diff --git a/.github-actions/.github/workflows/linter.yml b/.github-actions/.github/workflows/linter.yml
@@ -5,6 +5,10 @@ name: Linter
 on:
  pull_request:
  branches: [ main ]
+ paths:
+ - '**.json'
+ - '**.md'
+ - '**.sh'
 
 jobs:
  build:
@@ -18,13 +22,14 @@ jobs:
  fetch-depth: 0
 
  - name: Lint Code Base
- uses: github/super-linter@v3
+ uses: github/super-linter/slim@v4
  env:
  VALIDATE_ALL_CODEBASE: false
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  VALIDATE_JSON: true
- VALIDATE_MD: true
+ VALIDATE_MARKDOWN: true
  DEFAULT_BRANCH: ${{ github.base_ref }}
+ FILTER_REGEX_EXCLUDE: .*images/*/.*-Readme.md
 
  - name: Checking shebang lines in MacOS and Ubuntu releases.
  run: ./images.CI/shebang-linter.ps1

diff --git a/.github-actions/README.md b/.github-actions/README.md
@@ -12,10 +12,10 @@ For general questions about using the virtual environments or writing your Actio
 | --------------------|---------------------|--------------------|---------------------|
 | Ubuntu 20.04 | `ubuntu-latest` or `ubuntu-20.04` | [ubuntu-20.04] | [![](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=ubuntu20&badge=1)](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=ubuntu20&redirect=1)
 | Ubuntu 18.04 | `ubuntu-18.04` | [ubuntu-18.04] | [![](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=ubuntu18&badge=1)](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=ubuntu18&redirect=1)
-| macOS 11 | `macos-11` | [macOS-11] | [![](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=macos-11&badge=1)](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=macos-11&redirect=1)
-| macOS 10.15 | `macos-latest` or `macos-10.15` | [macOS-10.15] | [![](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=macos-10.15&badge=1)](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=macos-10.15&redirect=1)
-| Windows Server 2022<sup>[beta]</sup> | `windows-2022` | [windows-2022] | [![](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=windows-2022&badge=1)](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=windows-2022&redirect=1) |
-| Windows Server 2019 | `windows-latest` or `windows-2019` | [windows-2019] | [![](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=windows-2019&badge=1)](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=windows-2019&redirect=1)
+| macOS 11 | `macos-latest` or `macos-11`| [macOS-11] | [![](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=macos-11&badge=1)](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=macos-11&redirect=1)
+| macOS 10.15 | `macos-10.15` | [macOS-10.15] | [![](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=macos-10.15&badge=1)](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=macos-10.15&redirect=1)
+| Windows Server 2022 | `windows-latest` or `windows-2022` | [windows-2022] | [![](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=windows-2022&badge=1)](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=windows-2022&redirect=1) |
+| Windows Server 2019 | `windows-2019` | [windows-2019] | [![](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=windows-2019&badge=1)](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=windows-2019&redirect=1)
 | Windows Server 2016 | `windows-2016` | [windows-2016] | [![](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=windows-2016&badge=1)](https://actionvirtualenvironmentsstatus.azurewebsites.net/api/status?imageName=windows-2016&redirect=1)
 
 <b>Note:</b> Beta and Preview images are provided "as-is", "with all faults" and "as available" and are excluded from the service level agreement and warranty. Beta and Preview images may not be covered by customer support.
@@ -46,8 +46,8 @@ we pin the tool to specific version(s).
 * **Regular Weekly Rhythm** can be followed by watching [Releases](https://github.com/actions/virtual-environments/releases). Pre-release is created when deployment is started. As soon as deployment is finished, it is converted to release.
 You can also track upcoming changes using the [awaiting-deployment](https://github.com/actions/virtual-environments/labels/awaiting-deployment) label.
 
-[ubuntu-20.04]: https://github.com/actions/virtual-environments/blob/main/images/linux/Ubuntu2004-README.md
-[ubuntu-18.04]: https://github.com/actions/virtual-environments/blob/main/images/linux/Ubuntu1804-README.md
+[ubuntu-20.04]: https://github.com/actions/virtual-environments/blob/main/images/linux/Ubuntu2004-Readme.md
+[ubuntu-18.04]: https://github.com/actions/virtual-environments/blob/main/images/linux/Ubuntu1804-Readme.md
 [windows-2022]: https://github.com/actions/virtual-environments/blob/main/images/win/Windows2022-Readme.md
 [windows-2019]: https://github.com/actions/virtual-environments/blob/main/images/win/Windows2019-Readme.md
 [windows-2016]: https://github.com/actions/virtual-environments/blob/main/images/win/Windows2016-Readme.md

diff --git a/.github-actions/docs/create-image-and-azure-resources.md b/.github-actions/docs/create-image-and-azure-resources.md
@@ -15,8 +15,7 @@ After successful image generation, a snapshot of the temporary VM will be conver
 - `Azure Az Powershell module` - https://docs.microsoft.com/en-us/powershell/azure/install-az-ps
 - `Git for Windows` - https://gitforwindows.org/
 
-### Azure DevOps self-hosted pool requirements
-To connect to a temporary VM packer use WinRM or SSH connections on public IP interfaces.
+> To connect to a temporary VM packer uses WinRM or SSH connections on public IP interfaces.
 If you use a build agent located in an Azure subscription, please make sure that HTTPS/SSH ports are allowed for incoming/outgoing connections.
 In case of firewall restrictions, prohibiting connections from public addresses, private virtual network resources can be deployed and passed as arguments to the packer. This approach allows virtual machines to use private connections inside VLAN.
 
@@ -67,6 +66,12 @@ Where:
 
 The function automatically creates all required Azure resources and kicks off packer image generation for the selected image type.
 
+For optional authentication via service principal make sure to provide the following params — `AzureClientId`, `AzureClientSecret`, `AzureTenantId`, so the whole command will be:
+
+```
+GenerateResourcesAndImage -SubscriptionId {YourSubscriptionId} -ResourceGroupName "myTestResourceGroup" -ImageGenerationRepositoryRoot "$pwd" -ImageType Ubuntu1804 -AzureLocation "East US" -AzureClientId {AADApplicationID} -AzureClientSecret {AADApplicationSecret} -AzureTenantId {AADTenantID}
+```
+
 *Please, check synopsis of `GenerateResourcesAndImage` for details about non-mandatory parameters.*
 
 #### Generated VM Deployment
@@ -96,6 +101,7 @@ The function creates an Azure VM from a template and generates network resources
 ### User variables
 The Packer template includes `variables` section containing user variables used in image generation. Each variable is defined as a key/value strings. User variables can be passed to packer via predefined environment variables, or as direct arguments, in case if packer started manually.
 
+- `build_resource_group_name` - Specify an existing resource group to run the build in it. By default, a temporary resource group will be created and destroyed as part of the build. If you do not have permission to do so, use build_resource_group_name to specify an existing resource group to run the build in it.
 - `client_id` - The application ID of the AAD Service Principal. Requires `client_secret`.
 - `object_id` - The object ID for the AAD SP. Will be derived from the oAuth token if empty.
 - `client_secret` - A password/secret registered for the AAD SP.

diff --git a/.github-actions/docs/software-and-images-guidelines.md b/.github-actions/docs/software-and-images-guidelines.md
@@ -17,8 +17,8 @@ In general, these are the guidelines we consider when deciding what to pre-insta
 ## Software and images support policy
 These are the guidelines we follow in software and images supporting routine:
 - Tools and versions will typically be removed 6 months after they are deprecated or have reached end-of-life.
-- We support at least 2 latest OS versions (LTS only for Ubuntu) and initiate deprecation process for the oldest one when image usage drops below 5%.
-- Most of the tools are preinstalled in the latest version only.
+- We support at least 2 latest OS versions. We begin the deprecation process of the oldest image label once a new OS version has been released.
+- The images generally contain the latest versions of packages installed except for Ubuntu LTS where we rely on the Canonical-provided repositories mostly.
 - Popular tools can have several versions installed side-by-side with the following strategy:
 
 | Tool name | Installation strategy |

diff --git a/.github-actions/helpers/CreateAzureVMFromPackerTemplate.ps1 b/.github-actions/helpers/CreateAzureVMFromPackerTemplate.ps1
@@ -72,5 +72,5 @@ Function CreateAzureVMFromPackerTemplate {
  Write-Host "`nCreating the VM"
  az group deployment create -g $ResourceGroupName -n $VirtualMachineName --subscription $subscriptionId --template-file $templateFilePath --parameters vmSize=$vmSize vmName=$VirtualMachineName adminUserName=$AdminUsername adminPassword=$AdminPassword networkInterfaceId=$networkId
 
- Write-Host "`nCreated in $(ResourceGroupName):`n vnet $(vnetName)`n subnet $(subnetName)`n nic $(nicName)`n publicip $(publicIpName)`n vm $(VirtualMachineName)"
+ Write-Host "`nCreated in ${ResourceGroupName}:`n vnet ${vnetName}`n subnet ${subnetName}`n nic ${nicName}`n publicip ${publicIpName}`n vm ${VirtualMachineName}"
 }
diff --git a/.github-actions/helpers/GenerateResourcesAndImage.ps1 b/.github-actions/helpers/GenerateResourcesAndImage.ps1
@@ -123,12 +123,14 @@ Function GenerateResourcesAndImage {
  [Parameter(Mandatory = $False)]
  [Switch] $Force,
  [Parameter(Mandatory = $False)]
- [bool] $AllowBlobPublicAccess = $False
+ [bool] $AllowBlobPublicAccess = $False,
+ [Parameter(Mandatory = $False)]
+ [bool] $EnableHttpsTrafficOnly = $False
  )
 
  $builderScriptPath = Get-PackerTemplatePath -RepositoryRoot $ImageGenerationRepositoryRoot -ImageType $ImageType
- $ServicePrincipalClientSecret = $env:UserName + [System.GUID]::NewGuid().ToString().ToUpper();
- $InstallPassword = $env:UserName + [System.GUID]::NewGuid().ToString().ToUpper();
+ $ServicePrincipalClientSecret = $env:UserName + [System.GUID]::NewGuid().ToString().ToUpper()
+ $InstallPassword = $env:UserName + [System.GUID]::NewGuid().ToString().ToUpper()
 
  if ([string]::IsNullOrEmpty($AzureClientId))
  {
@@ -191,28 +193,52 @@ Function GenerateResourcesAndImage {
  $storageAccountName = $storageAccountName.Replace("-", "").Replace("_", "").Replace("(", "").Replace(")", "").ToLower()
  $storageAccountName += "001"
 
- New-AzStorageAccount -ResourceGroupName $ResourceGroupName -AccountName $storageAccountName -Location $AzureLocation -SkuName "Standard_LRS" -AllowBlobPublicAccess $AllowBlobPublicAccess
+ New-AzStorageAccount -ResourceGroupName $ResourceGroupName -AccountName $storageAccountName -Location $AzureLocation -SkuName "Standard_LRS" -AllowBlobPublicAccess $AllowBlobPublicAccess -EnableHttpsTrafficOnly $EnableHttpsTrafficOnly
 
  if ([string]::IsNullOrEmpty($AzureClientId)) {
  # Interactive authentication: A service principal is created during runtime.
  $spDisplayName = [System.GUID]::NewGuid().ToString().ToUpper()
- $credentialProperties = @{ StartDate=Get-Date; EndDate=Get-Date -Year 2024; Password=$ServicePrincipalClientSecret }
- $credentials = New-Object -TypeName Microsoft.Azure.Commands.ActiveDirectory.PSADPasswordCredential -Property $credentialProperties
- $sp = New-AzADServicePrincipal -DisplayName $spDisplayName -PasswordCredential $credentials
+ $startDate = Get-Date
+ $endDate = $startDate.AddYears(1)
+
+ if ('Microsoft.Azure.Commands.ActiveDirectory.PSADPasswordCredential' -as [type]) {
+ $credentials = [Microsoft.Azure.Commands.ActiveDirectory.PSADPasswordCredential]@{
+ StartDate = $startDate
+ EndDate = $endDate
+ Password = $ServicePrincipalClientSecret
+ }
+ $sp = New-AzADServicePrincipal -DisplayName $spDisplayName -PasswordCredential $credentials
+ $spClientId = $sp.ApplicationId
+ $azRoleParam = @{
+ RoleDefinitionName = "Contributor"
+ ServicePrincipalName = $spClientId
+ }
+ }
 
- $spAppId = $sp.ApplicationId
- $spClientId = $sp.ApplicationId
- Start-Sleep -Seconds $SecondsToWaitForServicePrincipalSetup
+ if ('Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Models.ApiV10.MicrosoftGraphPasswordCredential' -as [type]) {
+ $credentials = [Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Models.ApiV10.MicrosoftGraphPasswordCredential]@{
+ StartDateTime = $startDate
+ EndDateTime = $endDate
+ }
+ $sp = New-AzADServicePrincipal -DisplayName $spDisplayName
+ $appCred = New-AzADAppCredential -ApplicationId $sp.AppId -PasswordCredentials $credentials
+ $spClientId = $sp.AppId
+ $azRoleParam = @{
+ RoleDefinitionName = "Contributor"
+ PrincipalId = $sp.Id
+ }
+ $ServicePrincipalClientSecret = $appCred.SecretText
+ }
 
- New-AzRoleAssignment -RoleDefinitionName Contributor -ServicePrincipalName $spAppId
+ Start-Sleep -Seconds $SecondsToWaitForServicePrincipalSetup
+ New-AzRoleAssignment @azRoleParam
  Start-Sleep -Seconds $SecondsToWaitForServicePrincipalSetup
  $sub = Get-AzSubscription -SubscriptionId $SubscriptionId
  $tenantId = $sub.TenantId
  # "", "Note this variable-setting script for running Packer with these Azure resources in the future:", "==============================================================================================", "`$spClientId = `"$spClientId`"", "`$ServicePrincipalClientSecret = `"$ServicePrincipalClientSecret`"", "`$SubscriptionId = `"$SubscriptionId`"", "`$tenantId = `"$tenantId`"", "`$spObjectId = `"$spObjectId`"", "`$AzureLocation = `"$AzureLocation`"", "`$ResourceGroupName = `"$ResourceGroupName`"", "`$storageAccountName = `"$storageAccountName`"", "`$install_password = `"$install_password`"", ""
  } else {
  # Parametrized Authentication via given service principal: The service principal with the data provided via the command line
  # is used for all authentication purposes.
- $spAppId = $AzureClientId
  $spClientId = $AzureClientId
  $credentials = $AzureAppCred
  $ServicePrincipalClientSecret = $AzureClientSecret
@@ -228,7 +254,7 @@ Function GenerateResourcesAndImage {
 
  if($RestrictToAgentIpAddress -eq $true) {
  $AgentIp = (Invoke-RestMethod http://ipinfo.io/json).ip
- echo "Restricting access to packer generated VM to agent IP Address: $AgentIp"
+ Write-Host "Restricting access to packer generated VM to agent IP Address: $AgentIp"
  }
 
  & $packerBinary build -on-error=ask `
@@ -242,4 +268,4 @@ Function GenerateResourcesAndImage {
  -var "install_password=$($InstallPassword)" `
  -var "allowed_inbound_ip_addresses=$($AgentIp)" `
  $builderScriptPath
-}
+}
diff --git a/.github-actions/images.CI/linux-and-win/azure-pipelines/ubuntu1804.yml b/.github-actions/images.CI/linux-and-win/azure-pipelines/ubuntu1804.yml
@@ -17,4 +17,4 @@ jobs:
 - template: image-generation.yml
  parameters:
  image_type: ubuntu1804
- image_readme_name: Ubuntu1804-README.md
+ image_readme_name: Ubuntu1804-Readme.md
diff --git a/.github-actions/images.CI/linux-and-win/azure-pipelines/ubuntu2004.yml b/.github-actions/images.CI/linux-and-win/azure-pipelines/ubuntu2004.yml
@@ -17,4 +17,4 @@ jobs:
 - template: image-generation.yml
  parameters:
  image_type: ubuntu2004
- image_readme_name: Ubuntu2004-README.md
+ image_readme_name: Ubuntu2004-Readme.md
diff --git a/.github-actions/images.CI/macos/anka/Anka.Helpers.psm1 b/.github-actions/images.CI/macos/anka/Anka.Helpers.psm1
@@ -6,14 +6,23 @@ function Push-AnkaTemplateToRegistry {
 
  [Parameter(Mandatory)]
  [ValidateNotNullOrEmpty()]
- [string] $TagVersion,
+ [string] $TagName,
 
  [Parameter(Mandatory)]
  [ValidateNotNullOrEmpty()]
  [string] $TemplateName
  )
 
- $command = "anka registry -a $RegistryUrl push -t $TagVersion $TemplateName"
+ # if registry uuid doesn't match than delete an image in registry
+ $images = anka --machine-readable registry --registry-path $RegistryUrl list | ConvertFrom-Json | ForEach-Object body
+ $images | Where-Object name -eq $TemplateName | ForEach-Object {
+ $id = $_.id
+ Show-StringWithFormat "Deleting '$TemplateName[$id]' VM and '$TagName' tag"
+ $uri = '{0}/registry/vm?id={1}' -f $RegistryUrl, $id
+ Invoke-WebRequest -Uri $uri -Method Delete | Out-Null
+ }
+
+ $command = "anka registry --registry-path $RegistryUrl push --force --tag $TagName $TemplateName"
  Invoke-AnkaCommand -Command $command
 }