-
-
Notifications
You must be signed in to change notification settings - Fork 175
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump OpenSSH version to v9.5.0.0p1-Beta #388
Bump OpenSSH version to v9.5.0.0p1-Beta #388
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This updates looks good for Windows Server Core images (2019 and 2022).
However it makes the test fails for the 3 nanoserver images (1809, 2019 and 2022). Need to be investigated (I won't have time to spend on this analysis)
Tried with version v9.2.2.0p1-Beta like in #319 with 84c9755, all green ✅ Trying out with the next version before the v9.5.0.0p1-Beta, the https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.4.0.0p1-Beta |
Good news (ahem), the nanoserver image builds fail with version v9.4.0.0p1-Beta, less changes to take in account 😅
https://ci.jenkins.io/job/Packaging/job/docker-ssh-agent/job/PR-388/4/ Will take a look later, we can meanwhile merge with v9.2.2.0p1-Beta. WDYT @jenkinsci/team-docker-packaging? |
Got more details about the failing tests starting with OpenSSH v9.4.0.0p1-beta, working on it. Tests error logs:
|
Almost certain the issue comes from the vendored From a VM created with one of our packer image template: PS C:\Users\herve\docker-ssh-agent\tests> ssh.exe -V
OpenSSH_9.2p1, OpenSSL 1.1.1t 7 Feb 2023
PS C:\Users\herve\docker-ssh-agent\tests> .\ssh.exe -V
OpenSSH_for_Windows_8.1p1, LibreSSL 2.9.2 EDIT: same error with ssh.exe OpenSSH_9.2p1 & 9.4p1, my assumption was wrong.
|
Trying to log in the docker image including OpenSSH v9.5.0.0p-beta1 with the same command as the
Continuing around there... |
I don't understand yet why but login in the image, re-running C:/Program Files/OpenSSH-Win64/install-sshd.ps1 then re-running the setup-sshd.ps1 entry script resolves the issue, the sshd service can be started properly 🤔🤷 Current workaround: 76140cd 😅 |
After scratching my head why SSH tests were working on Nanoserver with my dirty hack 8a8e0fc but not on Windows Server Core, opening #391 which made me dig in #292 again with working results when running test commands locally, I finally found the root cause: we have to wait a bit for the SSH server to be ready before trying to connect to it 😅 Opened #391 to restore and fix them. |
While working on #388 I remembered we disabled SSH specific tests for Windows Server Core image in order to deliver a new image cf notes of #289. This PR removes this skip and fix them by waiting 10s before trying to connect with SSH (5s wasn't enough), as discovered in #388 (comment).
Opened #396 will all changes unrelated to the bump of OpenSSH v9.5.0.0p-beta1. |
Restored the branch state to only include my workaround in nanoserver Dockerfile and the bump of OpenSSH to v9.5.0.0p-beta1. |
With the less dirty hack 1239b46, install-sshd.ps1 manages to fix permissions so sshd service can be started without the following error described in #388 (comment) Unfortunately install-sshd.ps1 throws the following error (that I'm catching):
It seems to come from the fact that the folder C:\ProgramData\ssh has in its ACL the following one, not supported by this OpenSSH script:
pwsh -command "(Get-Acl 'C:\ProgramData\ssh').Access"
I haven't found (yet?) how to properly fix this but the result is still that sshd is starting correctly. |
1239b46
to
3690ade
Compare
Damn, it took its time but updatecli finally overridden my changes 🥲 Will open my own pull request, let's keep this one in draft meanwhile. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nanoserver failing.
e33cdd7
to
43823fa
Compare
dad7a2d
to
26922fd
Compare
f0bb47d
to
9e7802d
Compare
ee927f5
to
110b752
Compare
Bump OpenSSH version
Update the OpenSSH version for Windows Nanoserver
changed lines [98] of file "/tmp/updatecli/github/jenkinsci/docker-ssh-agent/windows/nanoserver/Dockerfile"
v9.5.0.0p1-Beta
Update the OpenSSH version for Windows Server Core
changed lines [86] of file "/tmp/updatecli/github/jenkinsci/docker-ssh-agent/windows/windowsservercore/Dockerfile"
v9.5.0.0p1-Beta
Created automatically by Updatecli
Options:
Most of Updatecli configuration is done via its manifest(s).
Feel free to report any issues at github.com/updatecli/updatecli.
If you find this tool useful, do not hesitate to star our GitHub repository as a sign of appreciation, and/or to tell us directly on our chat!