docker: add action to deploy windows build image

.github/workflows/build.yml

@@ -16,6 +16,11 @@ on:
     branches:
     - master
 
+# Cancel existing runs if user makes another push.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 permissions:
   contents: read
 

.github/workflows/build_vagrant.yml

@@ -10,7 +10,7 @@ on:
 
 # Cancel existing runs if user makes another push.
 concurrency:
-  group: "${{ github.ref }}"
+  group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: ${{ github.event_name == 'pull_request' }}
 
 permissions:

.github/workflows/build_windows.yml

@@ -0,0 +1,48 @@
+name: Docker (Windows)
+
+on:
+  pull_request:
+    paths:
+    - .github/workflows/build_windows.yml
+    - ansible/docker/Dockerfile.win2022
+    branches:
+    - master
+  push:
+    paths:
+    - .github/workflows/build_windows.yml
+    - ansible/docker/Dockerfile.win2022
+    branches:
+    - master
+
+# Cancel existing runs if user makes another push.
+concurrency:
+    group: ${{ github.workflow }}-${{ github.ref }}
+    cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+    build:
+        if: startsWith(github.repository, 'adoptium/')
+        runs-on: windows-latest
+        steps:
+          - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+          - name: Login to our Azure subscription
+            if: github.ref == 'refs/heads/master'
+            uses: azure/login@a65d910e8af852a8061c627c456678983e180302 # v2.2.0
+            with:
+              client-id: ${{ secrets.AZURE_CLIENT_ID_OIDC }}
+              tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+              subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+          - name: Build container image
+            run: docker build -t adoptium.azurecr.io/windows2022_build_image:latest -f ansible/docker/Dockerfile.win2022 .
+
+          - name: Push container image to ACR
+            if: github.ref == 'refs/heads/master'
+            run: |
+                az acr login --name adoptium
+                docker push adoptium.azurecr.io/windows2022_build_image:latest

.github/workflows/build_wsl.yml

@@ -14,7 +14,7 @@ on:
 
 # Cancel existing runs if user makes another push.
 concurrency:
-  group: "${{ github.ref }}"
+  group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: ${{ github.event_name == 'pull_request' }}
 
 permissions:

FAQ.md

@@ -89,7 +89,7 @@ have at the moment:
 | [Centos6](./ansible/docker/Dockerfile.CentOS6) | [`adoptopenjdk/centos6_build_image`](https://hub.docker.com/r/adoptopenjdk/centos6_build_image)| linux/amd64 | [GH Actions](.github/workflows/build.yml) | Yes
 | [Alpine3](./ansible/docker/Dockerfile.Alpine3) | [`adoptopenjdk/alpine3_build_image`](https://hub.docker.com/r/adoptopenjdk/alpine3_build_image) | linux/x64 & linux/arm64 | [Jenkins](https://ci.adoptium.net/job/centos7_docker_image_updater/) | Yes
 | [Ubuntu 20.04 (riscv64 only)](./ansible/docker/Dockerfile.Ubuntu2004-riscv64) | [`adoptopenjdk/ubuntu2004_build_image:linux-riscv64`](https://hub.docker.com/r/adoptopenjdk/ubuntu2004_build_image) | linux/riscv64 | [Jenkins](https://ci.adoptium.net/job/centos7_docker_image_updater/) | Yes
-| [Windows Server 2022](./ansible/docker/Dockerfile.win2022) | n/a - restricted | Windows | No
+| [Windows Server 2022](./ansible/docker/Dockerfile.win2022) | `adoptium.azurecr.io/windows2022_build_image` - restricted | Windows | [GH Actions](.github/workflows/build_windows.yml) | Yes
 
 <details>
 <summary>(*) - Caveats:</summary>

ansible/docker/Dockerfile.win2022

@@ -16,11 +16,10 @@ RUN powershell -Command \
         Write-Host 'Checksum verification succeeded!' -ForegroundColor Green; \
     }"
 
-# Set up cygwin with git and ansible as a bootstrap, and add to system default path
-RUN setup-x86_64.exe --packages git,ansible --download --local-install --delete-orphans --site https://mirrors.kernel.org/sourceware/cygwin --local-package-dir c:\cygwin_packages --root C:\cygwin64 --wait --quiet-mode & \
-    C:\cygwin64\bin\git config --system core.autocrlf false & \
-    del setup-x86_64.exe & \
-    setx PATH "c:\cygwin64\bin;%PATH%" & \
+# Set up cygwin with ansible as a bootstrap, and add to system default path
+RUN setup-x86_64.exe --packages ansible --download --local-install --delete-orphans --site https://mirrors.kernel.org/sourceware/cygwin --local-package-dir c:\cygwin_packages --root C:\cygwin64 --wait --quiet-mode && \
+    del setup-x86_64.exe && \
+    setx PATH "c:\cygwin64\bin;%PATH%" && \
     mkdir c:\temp
 
 # Download Ansible Config Script & Verify Its Checksum
@@ -45,13 +44,14 @@ RUN PowerShell .\ConfigureRemotingForAnsible.ps1 -CertValidityDays 9999 & \
 # Set up WinRM user, clone and run the playbook, then delete the user so it's not in any layer
 ENV TERM=dumb
 
-RUN net user ansible %PW% /ADD & net localgroup "Administrators" ansible /ADD & net localgroup "Remote Management Users" ansible /ADD & \
-    C:\cygwin64\bin\git clone https://github.com/sxa/infrastructure -b windows_docker_support c:/infrastructure & \
-    sed -i -e 's/hosts: .*/hosts: localhost/' infrastructure/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/main.yml & \
-    echo localhost ansible_connection=winrm > infrastructure/ansible/hosts & \
-    cd infrastructure\ansible & \
+COPY . infrastructure
+
+RUN net user ansible %PW% /ADD & net localgroup "Administrators" ansible /ADD & net localgroup "Remote Management Users" ansible /ADD && \
+    sed -i -e 's/hosts: .*/hosts: localhost/' infrastructure/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/main.yml && \
+    echo localhost ansible_connection=winrm > infrastructure/ansible/hosts && \
+    cd infrastructure\ansible && \
     C:\cygwin64\bin\python3.7m.exe /usr/bin/ansible-playbook -e git_sha=00000000 -e ansible_user=ansible -e ansible_password=%PW% -i hosts \
-    --skip-tags=adoptopenjdk,reboot,NTP_TIME,MSVS_2013,MSVS_2017,MSVS_2019 playbooks/AdoptOpenJDK_Windows_Playbook/main.yml & \
+    --skip-tags=adoptopenjdk,reboot,Windows_Updates,NTP_TIME,MSVS_2013,MSVS_2017,MSVS_2019,NVidia_Cuda_Toolkit,clang_64bit,clang_32bit,nasm,Rust,IcedTea-Web playbooks/AdoptOpenJDK_Windows_Playbook/main.yml && \
     net user ansible /DELETE
 
 ENTRYPOINT ["C:\\Program Files (x86)\\Microsoft Visual Studio\\2022\\BuildTools\\Common7\\Tools\\VsDevCmd.bat", "&&", "powershell.exe", "-NoLogo", "-ExecutionPolicy", "Bypass"]

ansible/inventory.yml

@@ -15,8 +15,6 @@ hosts:
           ubuntu2204-x64-1: {ip: 172.187.163.163, user: adoptopenjdk, description: infra-wazuh-server}
           ubuntu2204-x64-2: {ip: 20.90.182.165, description: trss.adoptium.net}
           ubuntu2204-x64-3: {ip: 172.187.93.97, description: awx.adoptium.net}
-          ubuntu2204-vagrant-x64-1: {ip: 172.203.178.157, description: VPC-Qemu-1}
-          ubuntu2204-vagrant-x64-2: {ip: 48.217.96.46, description: VPC-Qemu-2}
 
       - digitalocean:
           ubuntu2004-x64-1: {ip: 178.62.115.224, description: bastillion.adoptopenjdk.net}

ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/ANT/tasks/main.yml

@@ -64,12 +64,7 @@
   tags: ANT
 
 - name: Download ant-contrib
-  win_get_url:
-    url: https://sourceforge.net/projects/ant-contrib/files/ant-contrib/ant-contrib-1.0b2/ant-contrib-1.0b2-bin.zip
-    dest: c:\temp\ant-contrib.zip
-    force: no
-    checksum: 22bae6c3ddf1a464b285784599eef8698f64dde24378c77e42522a536b88cbbc
-    checksum_algorithm: sha256
+  win_shell: c:\cygwin64\bin\curl -L -o /cygdrive/c/temp/ant-contrib.zip https://sourceforge.net/projects/ant-contrib/files/ant-contrib/ant-contrib-1.0b2/ant-contrib-1.0b2-bin.zip
   when: (not ant_contrib_installed.stat.exists)
   tags: ANT
 

ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/Incredibuild/tasks/main.yml

@@ -3,16 +3,19 @@
 # Incredibuild - Configuration Tasks  #
 #######################################
 
-- name: Check if the ibxbuild service exists
-  ansible.windows.win_service_info:
-    name: IBXDashboard
+- name: Check if the IBXDashboard service exists
+  win_shell: |
+    if (Get-Service -Name 'IBXDashboard' -ErrorAction SilentlyContinue) {
+      Write-Host "exists"
+    }
   register: service_info
+  changed_when: false
 
 - name: Stop the IBX Dashboard service if it exists
-  ansible.windows.win_service:
+  win_service:
     name: IBXDashboard
     state: stopped
-  when: service_info.exists
+  when: "'exists' in service_info.stdout"
 
 - name: Check if incredibuild.conf file exists
   win_stat:
@@ -28,7 +31,7 @@
   when: incredibuild_conf_file.stat.exists
 
 - name: Start the IBX Dashboard service if it exists
-  ansible.windows.win_service:
+  win_service:
     name: IBXDashboard
     state: started
-  when: service_info.exists
+  when: "'exists' in service_info.stdout"

ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/MSVS_2022/tasks/main.yml

@@ -100,7 +100,7 @@
 
 # Download & Install VS2022 When No Layout & Not AdoptOpenJDK
 # This is the target that you're redirected to when you go to https://aka.ms/vs/17/release/vs_community.exe
-- name: Download Visual Studio Community 2022
+- name: Download Visual Studio Build Tools 2022
   win_get_url:
 # https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-history
 # 17.7.34302.85    url: 'https://download.visualstudio.microsoft.com/download/pr/47b236ad-5505-4752-9d2b-5cf9795528bc/87684889f46dec53d1452f4a0ff9fec1ac202a97ebed866718d7c0269e814b28/vs_BuildTools.exe'

ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/MSVS_2022_REDIST/tasks/main.yml

@@ -19,13 +19,13 @@
   tags: MSVS_2022_REDIST
 
 - name: Check if C:\openjdk\devkit exists
-  ansible.windows.win_stat:
+  win_stat:
     path: 'c:\openjdk\devkit'
   register: directory_status
   tags: MSVS_2022_REDIST
 
 - name: Create  C:\openjdk\devkit if it does not exist
-  ansible.windows.win_file:
+  win_file:
     path: 'c:\openjdk\devkit\'
     state: directory
   when: not directory_status.stat.exists