All tests implemented and passing

11/nanoserver-1809/Dockerfile

@@ -51,9 +51,9 @@ ENV PATH="${WindowsPATH};${ProgramFiles}\PowerShell;${JAVA_HOME}\bin"
 ARG OPENSSH_VERSION=v8.1.0.0p1-Beta
 
 ARG user=jenkins
-ARG JENKINS_AGENT_HOME=C:/Users/${user}
+ARG JENKINS_AGENT_WORK="C:/Users/${user}/Work"
 ENV JENKINS_AGENT_USER ${user}
-ENV JENKINS_AGENT_HOME ${JENKINS_AGENT_HOME}
+ENV JENKINS_AGENT_WORK ${JENKINS_AGENT_WORK}
 
 USER ContainerAdministrator
 
@@ -82,19 +82,19 @@ RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tl
     Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value 'ChallengeResponseAuthentication no' ; `
     Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value 'HostKeyAgent \\.\pipe\openssh-ssh-agent' ; `
     Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value ('Match User {0}' -f $env:JENKINS_AGENT_USER) ; `
-    Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value ('       AuthorizedKeysFile {0}/.ssh/authorized_keys' -f $env:JENKINS_AGENT_HOME) ; `
+    Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value ('       AuthorizedKeysFile C:/Users/{0}/.ssh/authorized_keys' -f $env:JENKINS_AGENT_USER) ; `
     New-Item -Path HKLM:\SOFTWARE -Name OpenSSH -Force | Out-Null ; `
     New-ItemProperty -Path HKLM:\SOFTWARE\OpenSSH -Name DefaultShell -Value 'C:\Program Files\Powershell\pwsh.exe' -PropertyType string -Force | Out-Null
 
 COPY CreateProfile.psm1 C:/
 
 # create user and user directory
 RUN Import-Module -Force C:/CreateProfile.psm1 ; `
-    New-UserWithProfile -UserName $env:JENKINS_AGENT_USER -Description 'Jenkins Agent User' -HomeDir $env:JENKINS_AGENT_HOME -Verbose ; `
+    New-UserWithProfile -UserName $env:JENKINS_AGENT_USER -Description 'Jenkins Agent User' ; `
     Remove-Item -Force C:/CreateProfile.psm1
 
-VOLUME "${JENKINS_AGENT_HOME}/Work" "${JENKINS_AGENT_HOME}/AppData/Local/Temp"
-WORKDIR "${JENKINS_AGENT_HOME}/Work"
+VOLUME "${JENKINS_AGENT_WORK}" "C:/Users/${user}/AppData/Local/Temp"
+WORKDIR "${JENKINS_AGENT_WORK}"
 
 COPY setup-sshd.ps1 C:/ProgramData/Jenkins/setup-sshd.ps1
 

11/windowsservercore-1809/Dockerfile

@@ -2,7 +2,7 @@
 
 # The MIT License
 #
-#  Copyright (c) 2019, Alex Earl
+#  Copyright (c) 2019-2020, Alex Earl
 #
 #  Permission is hereby granted, free of charge, to any person obtaining a copy
 #  of this software and associated documentation files (the "Software"), to deal
@@ -29,9 +29,9 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref
 ARG OPENSSH_VERSION=v8.1.0.0p1-Beta
 
 ARG user=jenkins
-ARG JENKINS_AGENT_HOME=C:/Users/${user}
+ARG JENKINS_AGENT_WORK="C:/Users/${user}/Work"
 ENV JENKINS_AGENT_USER ${user}
-ENV JENKINS_AGENT_HOME ${JENKINS_AGENT_HOME}
+ENV JENKINS_AGENT_WORK ${JENKINS_AGENT_WORK}
 
 USER ContainerAdministrator
 
@@ -60,19 +60,19 @@ RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tl
     Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value 'ChallengeResponseAuthentication no' ; `
     Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value 'HostKeyAgent \\.\pipe\openssh-ssh-agent' ; `
     Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value ('Match User {0}' -f $env:JENKINS_AGENT_USER) ; `
-    Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value ('       AuthorizedKeysFile {0}/.ssh/authorized_keys' -f $env:JENKINS_AGENT_HOME) ; `
+    Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value ('       AuthorizedKeysFile C:/Users/{0}/.ssh/authorized_keys' -f $env:JENKINS_AGENT_USER) ; `
     New-Item -Path HKLM:\SOFTWARE -Name OpenSSH -Force | Out-Null ; `
     New-ItemProperty -Path HKLM:\SOFTWARE\OpenSSH -Name DefaultShell -Value 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' -PropertyType string -Force | Out-Null
 
 COPY CreateProfile.psm1 C:/
 
 # create user and user directory
 RUN Import-Module -Force C:/CreateProfile.psm1 ; `
-    New-UserWithProfile -UserName $env:JENKINS_AGENT_USER -Description 'Jenkins Agent User' -HomeDir $env:JENKINS_AGENT_HOME -Verbose ; `
+    New-UserWithProfile -UserName $env:JENKINS_AGENT_USER -Description 'Jenkins Agent User' ; `
     Remove-Item -Force C:/CreateProfile.psm1
 
-VOLUME "${JENKINS_AGENT_HOME}/Work" "${JENKINS_AGENT_HOME}/AppData/Local/Temp"
-WORKDIR "${JENKINS_AGENT_HOME}/Work"
+VOLUME "${JENKINS_AGENT_WORK}" "C:/Users/${user}/AppData/Local/Temp"
+WORKDIR "${JENKINS_AGENT_WORK}"
 
 COPY setup-sshd.ps1 C:/ProgramData/Jenkins/setup-sshd.ps1
 

8/nanoserver-1809/Dockerfile

@@ -51,9 +51,9 @@ ENV PATH="${WindowsPATH};${ProgramFiles}\PowerShell;${JAVA_HOME}\bin"
 ARG OPENSSH_VERSION=v8.1.0.0p1-Beta
 
 ARG user=jenkins
-ARG JENKINS_AGENT_HOME=C:/Users/${user}
+ARG JENKINS_AGENT_WORK="C:/Users/${user}/Work"
 ENV JENKINS_AGENT_USER ${user}
-ENV JENKINS_AGENT_HOME ${JENKINS_AGENT_HOME}
+ENV JENKINS_AGENT_WORK ${JENKINS_AGENT_WORK}
 
 USER ContainerAdministrator
 
@@ -82,19 +82,19 @@ RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tl
     Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value 'ChallengeResponseAuthentication no' ; `
     Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value 'HostKeyAgent \\.\pipe\openssh-ssh-agent' ; `
     Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value ('Match User {0}' -f $env:JENKINS_AGENT_USER) ; `
-    Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value ('       AuthorizedKeysFile {0}/.ssh/authorized_keys' -f $env:JENKINS_AGENT_HOME) ; `
+    Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value ('       AuthorizedKeysFile C:/Users/{0}/.ssh/authorized_keys' -f $env:JENKINS_AGENT_USER) ; `
     New-Item -Path HKLM:\SOFTWARE -Name OpenSSH -Force | Out-Null ; `
     New-ItemProperty -Path HKLM:\SOFTWARE\OpenSSH -Name DefaultShell -Value 'C:\Program Files\Powershell\pwsh.exe' -PropertyType string -Force | Out-Null
 
 COPY CreateProfile.psm1 C:/
 
 # create user and user directory
 RUN Import-Module -Force C:/CreateProfile.psm1 ; `
-    New-UserWithProfile -UserName $env:JENKINS_AGENT_USER -Description 'Jenkins Agent User' -HomeDir $env:JENKINS_AGENT_HOME -Verbose ; `
+    New-UserWithProfile -UserName $env:JENKINS_AGENT_USER -Description 'Jenkins Agent User' ; `
     Remove-Item -Force C:/CreateProfile.psm1
 
-VOLUME "${JENKINS_AGENT_HOME}/Work" "${JENKINS_AGENT_HOME}/AppData/Local/Temp"
-WORKDIR "${JENKINS_AGENT_HOME}/Work"
+VOLUME "${JENKINS_AGENT_WORK}" "C:/Users/${user}/AppData/Local/Temp"
+WORKDIR "${JENKINS_AGENT_WORK}"
 
 COPY setup-sshd.ps1 C:/ProgramData/Jenkins/setup-sshd.ps1
 

8/windowsservercore-1809/Dockerfile

@@ -2,7 +2,7 @@
 
 # The MIT License
 #
-#  Copyright (c) 2019, Alex Earl
+#  Copyright (c) 2019-2020, Alex Earl
 #
 #  Permission is hereby granted, free of charge, to any person obtaining a copy
 #  of this software and associated documentation files (the "Software"), to deal
@@ -29,9 +29,9 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref
 ARG OPENSSH_VERSION=v8.1.0.0p1-Beta
 
 ARG user=jenkins
-ARG JENKINS_AGENT_HOME=C:/Users/${user}
+ARG JENKINS_AGENT_WORK="C:/Users/${user}/Work"
 ENV JENKINS_AGENT_USER ${user}
-ENV JENKINS_AGENT_HOME ${JENKINS_AGENT_HOME}
+ENV JENKINS_AGENT_WORK ${JENKINS_AGENT_WORK}
 
 USER ContainerAdministrator
 
@@ -60,19 +60,19 @@ RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tl
     Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value 'ChallengeResponseAuthentication no' ; `
     Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value 'HostKeyAgent \\.\pipe\openssh-ssh-agent' ; `
     Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value ('Match User {0}' -f $env:JENKINS_AGENT_USER) ; `
-    Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value ('       AuthorizedKeysFile {0}/.ssh/authorized_keys' -f $env:JENKINS_AGENT_HOME) ; `
+    Add-Content -Path "C:\ProgramData\ssh\sshd_config" -Value ('       AuthorizedKeysFile C:/Users/{0}/.ssh/authorized_keys' -f $env:JENKINS_AGENT_USER) ; `
     New-Item -Path HKLM:\SOFTWARE -Name OpenSSH -Force | Out-Null ; `
     New-ItemProperty -Path HKLM:\SOFTWARE\OpenSSH -Name DefaultShell -Value 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' -PropertyType string -Force | Out-Null
 
 COPY CreateProfile.psm1 C:/
 
 # create user and user directory
 RUN Import-Module -Force C:/CreateProfile.psm1 ; `
-    New-UserWithProfile -UserName $env:JENKINS_AGENT_USER -Description 'Jenkins Agent User' -HomeDir $env:JENKINS_AGENT_HOME -Verbose ; `
+    New-UserWithProfile -UserName $env:JENKINS_AGENT_USER -Description 'Jenkins Agent User' ; `
     Remove-Item -Force C:/CreateProfile.psm1
 
-VOLUME "${JENKINS_AGENT_HOME}/Work" "${JENKINS_AGENT_HOME}/AppData/Local/Temp"
-WORKDIR "${JENKINS_AGENT_HOME}/Work"
+VOLUME "${JENKINS_AGENT_WORK}" "C:/Users/${user}/AppData/Local/Temp"
+WORKDIR "${JENKINS_AGENT_WORK}"
 
 COPY setup-sshd.ps1 C:/ProgramData/Jenkins/setup-sshd.ps1
 

CreateProfile.psm1

@@ -63,55 +63,20 @@ function New-UserWithProfile {
         [Parameter(Mandatory=$false,
                    ValueFromPipelineByPropertyName=$true,
                    Position=1)]
-        [string]$Description = '',
-
-        [Parameter(Mandatory=$false,
-                  ValueFromPipelineByPropertyName=$true,
-                  Position=2)]
-        [string]$HomeDir="C:\Users\$UserName"
+        [string]$Description = ''
     )
 
     Write-Verbose "Creating local user $Username";
 
     try {
-        if($HomeDir.ToLower().Replace('\', '/') -ne "C:/Users/$UserName".ToLower()) {
-            if(-not (Test-Path $HomeDir)) {
-                New-Item -ItemType Directory -Path $HomeDir
-            }
-            net user $UserName /ADD /ACTIVE:YES /EXPIRES:NEVER /FULLNAME:"$Description" /PASSWORDCHG:NO /PASSWORDREQ:NO /HOMEDIR:$HomeDir
-        } else {
-            net user $UserName /ADD /ACTIVE:YES /EXPIRES:NEVER /FULLNAME:"$Description" /PASSWORDCHG:NO /PASSWORDREQ:NO
-        }
+        net user $UserName /ADD /ACTIVE:YES /EXPIRES:NEVER /FULLNAME:"$Description" /PASSWORDCHG:NO /PASSWORDREQ:NO
         net localgroup Administrators /add $UserName
     } catch {
         Write-Error $_.Exception.Message;
         break;
     }
 
     $localUser = New-Object System.Security.Principal.NTAccount($UserName)
-    $administrators = New-Object System.Security.Principal.NTAccount('BUILTIN\Administrators')
-    $system = New-Object System.Security.Principal.NTAccount('NT AUTHORITY\SYSTEM')
-
-    if($HomeDir.ToLower().Replace('\', '/') -ne "C:/Users/$UserName".ToLower()) {
-        Write-Warning "Setting access on $HomeDir!!!"
-        $acl = Get-Acl $HomeDir
-        $acl.SetAccessRuleProtection($true,$false)
-        ForEach ($u in @($localUSer, $administrators, $system)) {
-            $acl.AddAccessRule(
-                [System.Security.AccessControl.FileSystemAccessRule]::new(
-                    $u,
-                    [System.Security.AccessControl.FileSystemRights]::FullControl,
-                    [System.Security.AccessControl.InheritanceFlags]'ContainerInherit, ObjectInherit',
-                    [System.Security.AccessControl.PropagationFlags]::None,
-                    [System.Security.AccessControl.AccessControlType]::Allow
-                )
-            )
-        }
-        $acl.SetOwner($administrators)
-        $acl.SetGroup($administrators)
-        Set-Acl -Path $HomeDir -AclObject $acl
-        Get-Acl $HomeDir
-    }
 
     $methodName = 'UserEnvCP'
     $script:nativeMethods = @();

Jenkinsfile

@@ -24,9 +24,35 @@ pipeline {
                     options {
                         timeout(time: 60, unit: 'MINUTES')
                     }
+                    environment {
+                        DOCKERHUB_ORGANISATION = "${infra.isTrusted() ? 'jenkins' : 'jenkins4eval'}"
+                    }
                     steps {
                         checkout scm
-                        powershell "& ./make.ps1"
+                        powershell "& ./make.ps1 build"
+                        powershell '& ./make.ps1 test'
+                        script {
+                            def branchName = "${env.BRANCH_NAME}"
+                            if (branchName ==~ 'master') {
+                                // we can't use dockerhub builds for windows
+                                // so we publish here
+                                infra.withDockerCredentials {
+                                    powershell '& ./make.ps1 publish'
+                                }
+                            }
+
+                            if (env.TAG_NAME != null) {
+                                def tagItems = env.TAG_NAME.split('-')
+                                if(tagItems.length == 2) {
+                                    // we need to build and publish the tag version
+                                    infra.withDockerCredentials {
+                                        powershell "& ./make.ps1 -PushVersions -Tag ${env.TAG_NAME} publish"
+                                    }
+                                }
+                            }
+                        }
+
+                        powershell '& docker system prune --force --all'
                     }
                 }
                 stage('Linux') {
@@ -37,8 +63,17 @@ pipeline {
                         timeout(time: 30, unit: 'MINUTES')
                     }
                     steps {
-                        checkout scm
-                        sh "make build"
+                        script {
+                            if(!infra.isTrusted()) {
+                                deleteDir()
+                                checkout scm
+                                sh '''
+                                make build
+                                make test
+                                docker system prune --force --all
+                                '''
+                            }
+                        }
                     }
                 }
             }

make.ps1

@@ -4,7 +4,7 @@ Param(
     [String] $Target = "build",
     [String] $AdditionalArgs = '',
     [String] $Build = '',
-    [String] $Tag = '4.3-1',
+    [String] $Tag = '1.0-1',
     [switch] $PushVersions = $false
 )
 

setup-sshd.ps1

@@ -34,7 +34,7 @@ Param(
 )
 
 function Get-SSHDir {
-    return Join-Path $env:JENKINS_AGENT_HOME '.ssh'
+    return Join-Path "C:/Users/$env:JENKINS_AGENT_USER" '.ssh'
 }
 
 function Check-SSHDir {
@@ -64,7 +64,7 @@ function Write-HostKey($Key) {
 }
 
 # Give the user Full Access to the home directory
-icacls.exe $env:JENKINS_AGENT_HOME /grant "${env:JENKINS_AGENT_USER}:(CI)(OI)(F)" | Out-Null
+icacls.exe "C:/Users/$env:JENKINS_AGENT_USER" /grant "${env:JENKINS_AGENT_USER}:(CI)(OI)(F)" | Out-Null
 
 # check the .ssh dir permissions
 Check-SSHDir

tests/sshAgent.Tests.ps1

@@ -154,9 +154,10 @@ Describe "[$JDK $FLAVOR] build args" {
     }
 
     It 'uses build args correctly' {
-        $TEST_USER="foo"
+        $TEST_USER="testuser"
+        $TEST_JAW="C:/hamster"
 
-        $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg user=$TEST_USER -t $AGENT_IMAGE $FOLDER"
+        $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "build --build-arg `"user=$TEST_USER`" --build-arg `"JENKINS_AGENT_WORK=$TEST_JAW`" -t $AGENT_IMAGE $FOLDER"
         $exitCode | Should -Be 0
 
         $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "run -dit --name $AGENT_CONTAINER -P $AGENT_IMAGE $SHELL"
@@ -165,45 +166,15 @@ Describe "[$JDK $FLAVOR] build args" {
 
         $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER net user $TEST_USER"
         $exitCode | Should -Be 0
-        $stdout | Should -Match $TEST_USER
+        $stdout | Should -Match "User name\s*$TEST_USER"
+
+        $exitCode, $stdout, $stderr = Run-Program 'docker.exe' "exec $AGENT_CONTAINER $SHELL -C `"(Get-ChildItem env:\ | Where-Object { `$_.Name -eq 'JENKINS_AGENT_WORK' }).Value`""
+        $exitCode | Should -Be 0
+        $stdout.Trim() | Should -Match "$TEST_JAW"
     }
 
     AfterAll {
         Cleanup($AGENT_CONTAINER)
         Pop-Location -StackName 'agent'
     }
-}
-
-# @test "[${JDK} ${FLAVOR}] use build args correctly" {
-#   cd "${BATS_TEST_DIRNAME}"/.. || false
-
-# 	local TEST_USER=test-user
-# 	local TEST_GROUP=test-group
-# 	local TEST_UID=2000
-# 	local TEST_GID=3000
-# 	local TEST_JAH=/home/something
-
-#   docker build \
-#     --build-arg "user=${TEST_USER}" \
-#     --build-arg "group=${TEST_GROUP}" \
-#     --build-arg "uid=${TEST_UID}" \
-#     --build-arg "gid=${TEST_GID}" \
-#     --build-arg "JENKINS_AGENT_HOME=${TEST_JAH}" \
-#     -t "${SUT_IMAGE}" \
-#     "${FOLDER}"
-
-#   docker run -d --name "${SUT_CONTAINER}" -P "${SUT_IMAGE}" "${PUBLIC_SSH_KEY}"
-
-#   RESULT=$(docker exec "${SUT_CONTAINER}" sh -c "id -u -n ${TEST_USER}")
-#   [ "${RESULT}" = "${TEST_USER}" ]
-#   RESULT=$(docker exec "${SUT_CONTAINER}" sh -c "id -g -n ${TEST_USER}")
-#   [ "${RESULT}" = "${TEST_GROUP}" ]
-#   RESULT=$(docker exec "${SUT_CONTAINER}" sh -c "id -u ${TEST_USER}")
-#   [ "${RESULT}" = "${TEST_UID}" ]
-#   RESULT=$(docker exec "${SUT_CONTAINER}" sh -c "id -g ${TEST_USER}")
-#   [ "${RESULT}" = "${TEST_GID}" ]
-#   RESULT=$(docker exec "${SUT_CONTAINER}" sh -c 'stat -c "%U:%G" "${JENKINS_AGENT_HOME}"')
-#   [ "${RESULT}" = "${TEST_USER}:${TEST_GROUP}" ]
-
-#   clean_test_container
-# }
+}

tests/test_helpers.psm1

@@ -129,9 +129,6 @@ function Run-ThruSSH($container, $privateKeyVal, $cmd) {
     } else {
         $TMP_PRIV_KEY_FILE = New-TemporaryFile
         Set-Content -Path $TMP_PRIV_KEY_FILE -Value "$privateKeyVal"
-        # icacls.exe $TMP_PRIV_KEY_FILE /setowner $env:JENKINS_AGENT_USER | Out-Null
-        # icacls.exe $TMP_PRIV_KEY_FILE /grant $('{0}:(CI)(OI)(F)' -f $env:JENKINS_AGENT_USER) /grant "administrators:(CI)(OI)(F)" | Out-Null
-        # icacls.exe $TMP_PRIV_KEY_FILE /inheritance:r | Out-Null
 
         $exitCode, $stdout, $stderr = Run-Program (Join-Path $PSScriptRoot 'ssh.exe') "-i `"${TMP_PRIV_KEY_FILE}`" -o LogLevel=quiet -o UserKnownHostsFile=NUL -o StrictHostKeyChecking=no -l jenkins localhost -p $SSH_PORT $cmd"
         Remove-Item -Force $TMP_PRIV_KEY_FILE