From 6f37234c863aca9c6f2cd9d99942aa2a42a9de43 Mon Sep 17 00:00:00 2001 From: Natalie Arellano Date: Tue, 26 Jul 2022 12:49:34 -0400 Subject: [PATCH 1/2] Updates windows-wcow runner to be GitHub-hosted vs self-hosted Signed-off-by: Natalie Arellano --- .github/workflows/build.yml | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f8fff7c70d..b3f6319b77 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -39,7 +39,7 @@ jobs: pack_bin: pack.exe - config: windows-wcow os: windows - runner: [self-hosted, windows, wcow] + runner: [windows-2019] no_docker: "false" pack_bin: pack.exe runs-on: ${{ matrix.runner }} @@ -89,6 +89,36 @@ jobs: shell: powershell - name: Verify run: make verify + - name: Register runner IP + if: matrix.config == 'windows-wcow' + shell: powershell + run: | + # Get IP from default gateway interface + $IPAddress=(Get-NetIPAddress -InterfaceAlias ((Get-NetRoute "0.0.0.0/0").InterfaceAlias) -AddressFamily IPv4)[0].IPAddress + + # Allow container-to-host registry traffic (from public interface, to the same interface) + New-NetfirewallRule -DisplayName test-registry -LocalAddress $IPAddress -RemoteAddress $IPAddress + + # create or update daemon config to allow host as insecure-registry + $config=@{} + if (Test-Path C:\ProgramData\docker\config\daemon.json) { + $config=(Get-Content C:\ProgramData\docker\config\daemon.json | ConvertFrom-json) + } + $config."insecure-registries" = @("$IPAddress/32") + ConvertTo-json $config | Out-File -Encoding ASCII C:\ProgramData\docker\config\daemon.json + + Restart-Service docker + + # dump docker info for auditing + docker version + docker info + + # Modify etc\hosts to include runner IP + $IPAddress=(Get-NetIPAddress -InterfaceAlias ((Get-NetRoute "0.0.0.0/0").InterfaceAlias) -AddressFamily IPv4)[0].IPAddress + "# Modified by CNB: https://github.com/buildpacks/ci/tree/main/gh-runners/windows + ${IPAddress} host.docker.internal + ${IPAddress} gateway.docker.internal + " | Out-File -Filepath C:\Windows\System32\drivers\etc\hosts -Encoding utf8 - name: Test env: TEST_COVERAGE: 1 From 4fc0140ecfe713f8f744f113ed5acd6aac336387 Mon Sep 17 00:00:00 2001 From: Natalie Arellano Date: Wed, 27 Jul 2022 10:49:41 -0400 Subject: [PATCH 2/2] Fixes for SSH dialer test Signed-off-by: Natalie Arellano --- internal/sshdialer/ssh_dialer_test.go | 10 +--------- internal/sshdialer/windows_test.go | 2 +- 2 files changed, 2 insertions(+), 10 deletions(-) diff --git a/internal/sshdialer/ssh_dialer_test.go b/internal/sshdialer/ssh_dialer_test.go index 654f122660..209a4d49bd 100644 --- a/internal/sshdialer/ssh_dialer_test.go +++ b/internal/sshdialer/ssh_dialer_test.go @@ -920,17 +920,9 @@ func (b badAgent) Signers() ([]ssh.Signer, error) { func withFixedUpSSHCLI(t *testing.T) func() { t.Helper() - which := "which" - if runtime.GOOS == "windows" { - which = "where" - } - - out, err := exec.Command(which, "ssh").CombinedOutput() + sshAbsPath, err := exec.LookPath("ssh") th.AssertNil(t, err) - sshAbsPath := string(out) - sshAbsPath = strings.Trim(sshAbsPath, "\r\n") - sshScript := `#!/bin/sh SSH_BIN -o PasswordAuthentication=no -o ConnectTimeout=3 -o UserKnownHostsFile="$HOME/.ssh/known_hosts" $@ ` diff --git a/internal/sshdialer/windows_test.go b/internal/sshdialer/windows_test.go index 304549d967..4909d0d015 100644 --- a/internal/sshdialer/windows_test.go +++ b/internal/sshdialer/windows_test.go @@ -22,7 +22,7 @@ func fixupPrivateKeyMod(path string) { err = acl.Apply(path, true, false, - acl.GrantName(((mode&0700)<<23)|((mode&0200)<<9), usr.Name)) + acl.GrantName(((mode&0700)<<23)|((mode&0200)<<9), usr.Username)) // See https://github.com/hectane/go-acl/issues/1 if err != nil && err.Error() != "The operation completed successfully." {