Merge branch 'master' into Common-tags

.github/workflows/build.yml

@@ -25,10 +25,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
 
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
     - name: Set up Docker Buildx to use cache feature
-      uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
+      uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
 
     - name: Login to Docker Hub
       uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
@@ -39,7 +39,7 @@ jobs:
 
 
     - name: Docker Build CentOS6 Image Test
-      uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
+      uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
       with:
         file: ./ansible/docker/Dockerfile.CentOS6
         build-args: git_sha=${{ github.sha }}
@@ -50,7 +50,7 @@ jobs:
       if: github.ref != 'refs/heads/master'
 
     - name: Docker Build & Push Centos6 Image to Docker Hub On Merge
-      uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
+      uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
       with:
         file: ./ansible/docker/Dockerfile.CentOS6
         build-args: git_sha=${{ github.sha }}
@@ -65,13 +65,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
 
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
     - name: Set up Docker Buildx to use cache feature
-      uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
+      uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
 
     - name: Docker Build Alpine3 Image
-      uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
+      uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
       with:
         file: ./ansible/docker/Dockerfile.Alpine3
         build-args: git_sha=${{ github.sha }}

.github/workflows/build_mac.yml

@@ -22,21 +22,20 @@ jobs:
           - os: [macos-14]
     steps:
 
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
     - name: Install Python
       run: brew install [email protected] --overwrite
 
+    - name: Configure dirmgr
+      run: |
+        mkdir -p ~/.gnupg/
+        touch ~/.gnupg/dirmngr.conf
+        echo "standard-resolver" >  ~/.gnupg/dirmngr.conf
+
     - name: Install Ansible
       run: brew install ansible
 
-    # This is to fix an issue with the github macos14 runner, that cant resolve keyserver.ubuntu.com
-    # but this does work when replaced with the IP address. Spotted during the GPG verification of ANT step
-    # Upstream Bug : https://github.com/actions/runner-images/issues/9777
-    - name: Replace keyserver address with IP address
-      run: |
-        sed -i '' 's/keyserver\.ubuntu\.com/185.125.188.27/g' ansible/playbooks/Supporting_Scripts/package_signature_verification.sh
-
     - name: Run Ansible Playbook
       run: |
         echo "localhost ansible_user=runner ansible_connection=local" > ansible/hosts

.github/workflows/build_qemu.yml

@@ -36,10 +36,10 @@ jobs:
           #   distro: jessie
 
     steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Run on architecture
-        uses: uraimo/run-on-arch-action@b0ffb25eb00af00468375982384441f063da1741 # v2.7.2
+        uses: uraimo/run-on-arch-action@5397f9e30a9b62422f302092631c99ae1effcd9e # v2.8.1
         with:
           arch: ${{ matrix.arch }}
           distro: ${{ matrix.distro }}

.github/workflows/build_vagrant.yml

@@ -19,18 +19,18 @@ permissions:
 jobs:
   build-solaris:
     name: Solaris
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-20.04
     steps:
 
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
     # As Solaris Needs An Older Version Of Ansible/Python
     # Use Python2 & Pip To Install On Ubuntu 22.04
     # Rather Than The System Packages
-    
+
     - name: Install Python 2
       run: sudo apt-get install python2
-    
+
     - name: Python 2 Get Pip Bootstrap Script
       run: curl https://bootstrap.pypa.io/pip/2.7/get-pip.py --output get-pip.py
 
@@ -40,18 +40,27 @@ jobs:
     - name: Install Ansible Using PIP2
       run: pip2 install ansible
 
-    - name: Update Repos
-      run: sudo apt-get update
-
     - name: Install VirtualBox
       run: sudo apt-get install virtualbox
 
+    - name: Add Hashicorp GPG Key
+      run: wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
+
+    - name: Add Hashicorp Repository
+      run: echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
+
+    - name: Update Repos
+      run: sudo apt-get update
+
     - name: Install Vagrant
       run: sudo apt-get install vagrant
 
+    - name: Add User To VBOX group
+      run: sudo usermod -a -G vboxusers $USER
+
     - name: Cache Solaris10.box
       id: solaris-10-cache
-      uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
+      uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
       with:
         path: Solaris10.box
         key: sol10boxcache
@@ -87,7 +96,7 @@ jobs:
         # Copy the machine's ssh key for the VMs to use, after removing prior files
         ssh-keygen -q -f $PWD/id_rsa -t rsa -N ''
         vagrant plugin install vagrant-vbguest
-        vagrant up
+        vagrant up --provider=virtualbox
         vagrantPORT=$(vagrant port | grep host | awk '{ print $4 }')
         rm -f playbooks/AdoptOpenJDK_Unix_Playbook/hosts.unx
         echo "[127.0.0.1]:${vagrantPORT}" >> playbooks/AdoptOpenJDK_Unix_Playbook/hosts.unx

.github/workflows/build_wsl.yml

@@ -29,21 +29,29 @@ jobs:
     name: Windows
     runs-on: ${{ matrix.os }}
     steps:
-
-    - name: Setup WinRM and Password
+    - name: Setup WinRM and Password (checksum verified)
       shell: powershell
       run: |
         Set-LocalUser -Name "runneradmin" -Password (ConvertTo-SecureString -AsPlainText "Ansible_password123!" -Force)
         New-NetFirewallRule -DisplayName "ALLOW TCP PORT 5986" -Direction inbound -Profile Any -Action Allow -LocalPort 5986 -Protocol TCP
         Invoke-WebRequest https://raw.githubusercontent.com/ansible/ansible-documentation/devel/examples/scripts/ConfigureRemotingForAnsible.ps1 -OutFile .\ConfigureRemotingForAnsible.ps1
-        .\ConfigureRemotingForAnsible.ps1 -CertValidityDays 9999
-        .\ConfigureRemotingForAnsible.ps1 -EnableCredSSP
-        .\ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert
-        .\ConfigureRemotingForAnsible.ps1 -SkipNetworkProfileCheck
+        $expectedChecksum = "EBA72DF06E3E77709595F75D1D5B4D95B06602429DD2A3F7867406DF875B0C70"
+        $actualChecksum = Get-FileHash -Path ".\ConfigureRemotingForAnsible.ps1" -Algorithm SHA256 | Select-Object -ExpandProperty Hash        
+        if ($actualChecksum -ne $expectedChecksum) {
+            Write-Output "Checksum mismatch"
+            Write-Output "Actual Checksum: $actualChecksum"
+            Write-Output "Expect Checksum: $expectedChecksum"
+            exit 1
+        } else {
+            .\ConfigureRemotingForAnsible.ps1 -CertValidityDays 9999
+            .\ConfigureRemotingForAnsible.ps1 -EnableCredSSP
+            .\ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert
+            .\ConfigureRemotingForAnsible.ps1 -SkipNetworkProfileCheck       
+        }
 
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
-    - uses: Vampire/setup-wsl@6f87de3102a29ac6b92800f33bf1e8d9164ac0a1 # v3.1.1
+    - uses: Vampire/setup-wsl@23f94bc31caaddc08bd1230a00b89f872633d8d7 # v3.1.3
 
     - name: Install dependencies
       run: |

.github/workflows/check_dockerstatic.yml

@@ -25,10 +25,10 @@ jobs:
       max-parallel: 4
       matrix:
        include:
-         - os: alpine3.19
-           dockerfile: "Dockerfile.alp319"
+         - os: alpine3.20
+           dockerfile: "Dockerfile.alp320"
     steps:
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
     - name: Test Dockerfile on ${{ matrix.os }}
       env:
         DOCKERFILE: ${{ matrix.dockerfile }}
@@ -44,8 +44,10 @@ jobs:
        include:
          - os: centos8
            dockerfile: "Dockerfile.cent8"
+         - os: centos-stream-9
+           dockerfile: "Dockerfile.centstream9"
     steps:
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
     - name: Test Dockerfile on ${{ matrix.os }}
       env:
         DOCKERFILE: ${{ matrix.dockerfile }}
@@ -59,10 +61,10 @@ jobs:
       max-parallel: 4
       matrix:
        include:
-         - os: fedora39
-           dockerfile: "Dockerfile.f39"
+         - os: fedora41
+           dockerfile: "Dockerfile.f41"
     steps:
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
     - name: Test Dockerfile on ${{ matrix.os }}
       env:
         DOCKERFILE: ${{ matrix.dockerfile }}
@@ -76,14 +78,14 @@ jobs:
       max-parallel: 4
       matrix:
        include:
-         - os: ubuntu18.04
-           dockerfile: "Dockerfile.u1804"
          - os: ubuntu20.04
            dockerfile: "Dockerfile.u2004"
          - os: ubuntu22.04
            dockerfile: "Dockerfile.u2204"
+         - os: ubuntu24.04
+           dockerfile: "Dockerfile.u2404"
     steps:
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
     - name: Test Dockerfile on ${{ matrix.os }}
       env:
         DOCKERFILE: ${{ matrix.dockerfile }}

.github/workflows/linter.yml

@@ -25,7 +25,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
 
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
     - name: 'Yamllint'
       uses: karancode/yamllint-github-action@fdef6bc189425ecc84cc4543b2674566c0827053 # v2.1.1
@@ -39,10 +39,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
 
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
     - name: Set up Python 3.x
-      uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
+      uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
       with:
         python-version: '3.x'
 

.github/workflows/packer.yml

@@ -18,7 +18,7 @@ jobs:
       matrix:
         os: [sonoma-arm64, sonoma-intel]
     steps:
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
     # This is to fix an issue with the github macos14 runner, that cant resolve keyserver.ubuntu.com
     # but this does work when replaced with the IP address. Spotted during the GPG verification of ANT step

ONBOARDING.md

@@ -18,13 +18,13 @@ Add the user to the correct Infrastructure team:
 - [@adoptopenjdk-infrastructure](https://github.com/orgs/AdoptOpenJDK/teams/adoptopenjdk-infrastructure) - Can be assigned Infra Issues
 - [@jenkins-admins](https://github.com/orgs/AdoptOpenJDK/teams/jenkins-admins) - Super users on Jenkins
 
-### [Secrets](https://github.com/AdoptOpenJDK/secrets)
+### [Secrets](https://github.com/adoptium/secrets)
 
 For [@admin_infrastructure](https://github.com/orgs/AdoptOpenJDK/teams/admin_infrastructure) and
 [@infrastructure](https://github.com/orgs/AdoptOpenJDK/teams/infrastructure) teams only.
 
 - Show user how to access the secrets repo and also how to use dotGPG to read files.
-- Adding a new user to dotGPG can be done following the instructions [here](https://github.com/AdoptOpenJDK/secrets#adding-users.)
+- Adding a new user to dotGPG can be done following the instructions [here](https://github.com/adoptium/secrets#adding-users.)
 
 ## External Services
 

README.md

@@ -24,7 +24,7 @@ See our current [Chaos Monkey Status](CHAOS_MONKEY.md).
 
 ## Related Repositories
 
-* [secrets](https://www.github.com/adoptopenjdk/secrets/) - A private repo containing encrypted secrets.
+* [secrets](https://www.github.com/adoptium/secrets/) - A private repo containing encrypted secrets.
 * [openjdk-jenkins-helper](https://www.github.com/adoptopenjdk/openjdk-jenkins-helper/) - A repo containing helper scripts for out Jenkins CI.
 
 ## Important Documentation

ansible/DockerInventory.json

@@ -15,6 +15,10 @@
                 "nodeName": "test-docker-alpine320-x64-1",
                 "port": "32784"
             },
+            {
+                "nodeName": "test-docker-centos7-x64-1",
+                "port": "No port"
+            },
             {
                 "nodeName": "test-docker-fedora39-x64-2",
                 "port": "32779"
@@ -40,7 +44,7 @@
                 "port": "32782"
             }
         ],
-        "containersCount": 9
+        "containersCount": 10
     },
     {
         "name": "dockerhost-azure-ubuntu2404-x64-1",
@@ -97,6 +101,12 @@
         ],
         "containersCount": 12
     },
+    {
+        "name": "dockerhost-azure-win2022-x64-1",
+        "ip": "No ip",
+        "containers": [],
+        "containersCount": 0
+    },
     {
         "name": "dockerhost-equinix-ubuntu2204-armv8-1",
         "ip": "139.178.86.243",
@@ -232,7 +242,7 @@
         "containersCount": 15
     },
     {
-        "name": "dockerhost-marist-ubuntu2204-s390x-1",
+        "name": "dockerhost-marist-ubuntu2404-s390x-1",
         "ip": "148.100.74.237",
         "containers": [
             {
@@ -255,7 +265,18 @@
         "containersCount": 4
     },
     {
-        "name": "dockerhost-osuosl-ubuntu2004-ppc64le-1",
+        "name": "dockerhost-osuosl-ubuntu2404-aarch64-1",
+        "ip": "140.211.167.67",
+        "containers": [
+            {
+                "nodeName": "test-docker-ubuntu2404-armv7-1",
+                "port": "32000"
+            }
+        ],
+        "containersCount": 1
+    },
+    {
+        "name": "dockerhost-osuosl-ubuntu2404-ppc64le-1",
         "ip": "140.211.168.214",
         "containers": [
             {
@@ -277,17 +298,6 @@
         ],
         "containersCount": 4
     },
-    {
-        "name": "dockerhost-osuosl-ubuntu2404-aarch64-1",
-        "ip": "140.211.167.67",
-        "containers": [
-            {
-                "nodeName": "test-docker-ubuntu2404-armv7-1",
-                "port": "32000"
-            }
-        ],
-        "containersCount": 1
-    },
     {
         "name": "dockerhost-skytap-ubuntu2004-ppc64le-1",
         "ip": "20.61.136.212",