[FOLIO-2947] Update NodeJs in Jenkins build image Created: 05/Jan/21  Updated: 30/Nov/21  Resolved: 06/Jan/21

Status: Closed
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Task Priority: TBD
Reporter: John Malconian Assignee: John Malconian
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Gantt End to Start
has to be done before STCOR-497 Node.js TLS, HTTP and OpenSSL securit... Closed
Relates
relates to MODGQL-142 Update node.js version from 10 to 14 Closed
Sprint: DevOps: Sprint 105
Development Team: FOLIO DevOps

 Description   

Originally requested by Julian Ladisch on Slack:

"can one of the DevOps rebuild and deploy jenkins-slave-all? This will use latest Node 12.20.1 with a fix for 3 security issues: https://github.com/folio-org/folio-tools/pull/140
jenkins-slave-all currently uses Node 12.20.0 that is vulnerable and stripes-core will reject this vulnerable version as shown in this pull request: https://jenkins-aws.indexdata.com/blue/organizations/jenkins/folio-org%2Fstripes-core/detail/PR-982/5/pipeline/"



 Comments   
Comment by John Malconian [ 05/Jan/21 ]

Julian Ladisch has opened a PR, however, we need to update the 'jenkins-agent-java11' image instead of 'jenkins-slave-all' which is now deprecated.

Comment by David Crossley [ 06/Jan/21 ]

Julian has only updated the NEWS and README for the general name of the image.

I gather that he intends for us to update the actual Dockerfile for the 2.x series, i.e. java-11 tag.

Comment by David Crossley [ 06/Jan/21 ]

The purpose of this area has changed when we started to support Java 11, so the names have become a bit confusing.

When i deployed these recently, i related to them as this:

The Dockerfile.xenial-java-8 is for the original image, which is deployed as "jenkins-slave-all:latest" and tag "1.2.2". This equates in CI to the buildNode "jenkins-slave-all" for Java 8.

The Dockerfile.focal-java-11 is for the current image, which is deployed as "jenkins-slave-all:java-11" and tag "2.6.0". This equates in CI to the buildNode "jenkins-agent-java11" for Java 11.

However the other file Dockerfile.agent-focal-java-11, i do not know its purpose. I have not been updating this file.

Comment by John Malconian [ 06/Jan/21 ]

Exactly right, David Crossley. Dockerfile.agent-focal-java-11 is an experiment of mine - a Jenkins slave build image that uses JNLP to connect instead of SSH.

Comment by Julian Ladisch [ 06/Jan/21 ]

There is no need to change the Dockerfile because

ARG NODEJS_VERSION=12
RUN curl -sL https://deb.nodesource.com/setup_${NODEJS_VERSION}.x | bash -

automatically uses the latest 12 version. Rebuilding the image and deploying it as a new version should be sufficient.

Please do this for all images that actually are in use. I might have misunderstood the README.

Comment by John Malconian [ 06/Jan/21 ]

New java-11 based build images updated to Nodejs v12.20.1.

Comment by Julian Ladisch [ 08/Jan/21 ]

Thanks, it works now! https://jenkins-aws.indexdata.com/job/folio-org/job/stripes-core/job/STCOR-497-node-12.20.1/

Generated at Thu Feb 08 23:24:26 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.