-
Notifications
You must be signed in to change notification settings - Fork 41
Expand file tree
/
Copy pathbuild-windows-image.ps1
More file actions
116 lines (103 loc) · 3.76 KB
/
build-windows-image.ps1
File metadata and controls
116 lines (103 loc) · 3.76 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
# clVersion, cudaVersion, OS edition, isolation mode
Param(
[Parameter(Mandatory=$true)]
[string]
$clVersion="latest",
[Parameter(Mandatory=$false)]
[string]
$cudaVersion="latest",
[Parameter(Mandatory=$false)]
[ValidateSet('windows2019', 'windows2022')]
[string]
$edition="windows",
[Parameter(Mandatory=$false)]
[ValidateSet('hyperv', 'process')]
[string]
$isolation="hyperv",
[Parameter(Mandatory=$false)]
[string]
$repo="local",
[Parameter(Mandatory=$false)]
[string]
$repoVersion="latest"
)
function TestReturnCode {
if (-not $?) {
throw 'Step Failed'
}
}
Push-location "$PSScriptRoot"
$rootWindowsImage = @{
"windows2022" = "mcr.microsoft.com/windows/servercore:ltsc2022"
"windows2019" = "mcr.microsoft.com/windows/servercore:ltsc2019"
}[$edition]
try {
# Source version matrix
.\vs-version-matrix.ps1
$vsVer = $vsYearToVer[$vsCompilersToYear[$clVersion]]
# Override defaults in .env.
$ENV:IMAGE_NAME="$(.\generate-image-name.ps1 -clVersion $clVersion -cudaVersion $cudaVersion -edition $edition -repo $repo -repoVersion $repoVersion)"
$ENV:ISOLATION="$isolation"
$ENV:MSVC_VER="$vsVer"
$ENV:MSVC_COMPILER_VER="$clVersion"
$ENV:CUDA_VER="$cudaVersion"
$ENV:ROOT_IMAGE="$rootWindowsImage"
$ENV:BUILDKIT_PROGRESS="plain"
Write-Output "Building $ENV:IMAGE_NAME"
Write-Output "with args:"
Write-Output "ENV:IMAGE_NAME $ENV:IMAGE_NAME"
Write-Output "ENV:ISOLATION $ENV:ISOLATION"
Write-Output "ENV:MSVC_VER $ENV:MSVC_VER"
Write-Output "ENV:MSVC_COMPILER_VER $ENV:MSVC_COMPILER_VER"
Write-Output "ENV:CUDA_VER $ENV:CUDA_VER"
Write-Output "ENV:ROOT_IMAGE $ENV:ROOT_IMAGE"
docker build --file .\windows.Dockerfile --tag "$ENV:IMAGE_NAME" --isolation "$ENV:ISOLATION" --build-arg MSVC_VER="$ENV:MSVC_VER" --build-arg MSVC_COMPILER_VER="$ENV:MSVC_COMPILER_VER" --build-arg CUDA_VER="$ENV:CUDA_VER" --build-arg ROOT_IMAGE="$ENV:ROOT_IMAGE" .\image
}
catch {
Pop-Location
throw
}
finally {
Pop-Location
}
$syftVersion = "1.32.0"
$arch = switch ($env:PROCESSOR_ARCHITECTURE.ToLower()) {
"amd64" { "windows_amd64" }
"arm64" { "windows_arm64" }
default { throw "Unsupported PROCESSOR_ARCHITECTURE '$env:PROCESSOR_ARCHITECTURE'" }
}
$syftZipName = "syft_${syftVersion}_${arch}.zip"
$syftDownload = "https://github.com/anchore/syft/releases/download/v$syftVersion/$syftZipName"
$tempRoot = Join-Path $env:TEMP ("sbom-" + [guid]::NewGuid())
$syftArchive = Join-Path $tempRoot $syftZipName
$sbomJson = Join-Path $tempRoot "sbom.json"
$contextDir = Join-Path $tempRoot "context"
New-Item -ItemType Directory -Path $tempRoot, $contextDir | Out-Null
try {
Invoke-WebRequest `
-Uri $syftDownload `
-OutFile $syftArchive `
-UseBasicParsing
Expand-Archive -Path $syftArchive -DestinationPath $tempRoot -Force
$syftExe = Get-ChildItem -Path $tempRoot -Filter syft.exe -Recurse |
Select-Object -First 1 |
ForEach-Object FullName
if (-not $syftExe) {
throw "syft.exe not found after extracting $syftZipName"
}
& $syftExe `
"docker:$ENV:IMAGE_NAME" `
--scope all-layers `
--source-name "$ENV:IMAGE_NAME" `
"--output" "cyclonedx-json@1.6=$sbomJson"
Copy-Item -Path $sbomJson -Destination (Join-Path $contextDir "sbom.json")
Copy-Item -Path (Join-Path $PSScriptRoot "sbom.Dockerfile") -Destination (Join-Path $contextDir "Dockerfile")
docker build `
--file (Join-Path $contextDir "Dockerfile") `
--build-arg BASE_IMAGE=$ENV:IMAGE_NAME `
--tag $ENV:IMAGE_NAME `
$contextDir
}
finally {
Remove-Item -Path $tempRoot -Recurse -Force
}