From 01610f81c9909a6451667e5894e0a2d91de4cda2 Mon Sep 17 00:00:00 2001 From: Scott J Dickerson Date: Fri, 15 Mar 2024 20:54:33 -0400 Subject: [PATCH 1/3] :ghost: force npm9 during image build Ever since the build container we use [1] updated to use `npm@10`, the image builder github action has encountered a number of problems. The first was solved with #1746. The second more random problem has been with network connections erroring out when installing dependencies. To work around the network error, force the build to use `npm@9`. Alternative solutions: - Add the force to `npm@9`` directly in the Dockerfile for use in all circumstances - Use the `:1-88` version of the build container instead of `:latest` - Find a way to use something like verdaccio to proxy/mirror the npmjs repo during the build so npmjs fetches can be pooled across the parallel image builds [1] registry.access.redhat.com/ubi9/nodejs-18:latest Signed-off-by: Scott J Dickerson --- .github/workflows/image-build.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/image-build.yaml b/.github/workflows/image-build.yaml index 3e67b3fcf2..93226af123 100644 --- a/.github/workflows/image-build.yaml +++ b/.github/workflows/image-build.yaml @@ -22,6 +22,8 @@ jobs: containerfile: "./Dockerfile" architectures: '[ "amd64", "arm64", "ppc64le", "s390x" ]' extra-args: "--ulimit nofile=4096:4096" + pre_build_cmd: | + sed -i '/RUN npm clean-install/i RUN npm install -g npm@9' Dockerfile secrets: registry_username: ${{ secrets.QUAY_PUBLISH_ROBOT }} registry_password: ${{ secrets.QUAY_PUBLISH_TOKEN }} From 5ef5fcea9bd40b7e0b3499b9cc0fc086faa81f46 Mon Sep 17 00:00:00 2001 From: Scott J Dickerson Date: Tue, 19 Mar 2024 13:42:18 -0400 Subject: [PATCH 2/3] npm version check, use 1-88, comment in image-build Signed-off-by: Scott J Dickerson --- .github/workflows/image-build.yaml | 9 ++++----- Dockerfile | 13 +++++++++++-- package-lock.json | 2 +- package.json | 2 +- 4 files changed, 17 insertions(+), 9 deletions(-) diff --git a/.github/workflows/image-build.yaml b/.github/workflows/image-build.yaml index 93226af123..4db993a897 100644 --- a/.github/workflows/image-build.yaml +++ b/.github/workflows/image-build.yaml @@ -4,10 +4,10 @@ on: workflow_dispatch: push: branches: - - 'main' - - 'release-*' + - "main" + - "release-*" tags: - - 'v*' + - "v*" concurrency: group: build-${{ github.ref }} @@ -21,9 +21,8 @@ jobs: image_name: "tackle2-ui" containerfile: "./Dockerfile" architectures: '[ "amd64", "arm64", "ppc64le", "s390x" ]' + # 2023-03-19: currently needed for npm@10 extra-args: "--ulimit nofile=4096:4096" - pre_build_cmd: | - sed -i '/RUN npm clean-install/i RUN npm install -g npm@9' Dockerfile secrets: registry_username: ${{ secrets.QUAY_PUBLISH_ROBOT }} registry_password: ${{ secrets.QUAY_PUBLISH_TOKEN }} diff --git a/Dockerfile b/Dockerfile index 17edb1680c..c8450525ff 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,21 @@ +# NOTE: Since the `:latest` tag can have npm version changes, we are using +# a specific version tag. Container build errors have come up locally +# and via github action workflow when `:latest` is updated. +# +# Image info: https://catalog.redhat.com/software/containers/ubi9/nodejs-18/62e8e7ed22d1d3c2dfe2ca01 +# Relevant PRs: +# - https://github.com/konveyor/tackle2-ui/pull/1746 +# - https://github.com/konveyor/tackle2-ui/pull/1781 + # Builder image -FROM registry.access.redhat.com/ubi9/nodejs-18:latest as builder +FROM registry.access.redhat.com/ubi9/nodejs-18:1-88 as builder USER 1001 COPY --chown=1001 . . RUN npm clean-install --ignore-scripts && npm run build && npm run dist # Runner image -FROM registry.access.redhat.com/ubi9/nodejs-18-minimal:latest +FROM registry.access.redhat.com/ubi9/nodejs-18-minimal:1-88 # Add ps package to allow liveness probe for k8s cluster # Add tar package to allow copying files with kubectl scp diff --git a/package-lock.json b/package-lock.json index 6ccdc97416..61214d0546 100644 --- a/package-lock.json +++ b/package-lock.json @@ -51,7 +51,7 @@ }, "engines": { "node": ">=18.14.2", - "npm": ">=9.5.0" + "npm": "^9.5.0" } }, "client": { diff --git a/package.json b/package.json index 10e5f67dbc..fef8b741e9 100644 --- a/package.json +++ b/package.json @@ -36,7 +36,7 @@ ], "engines": { "node": ">=18.14.2", - "npm": ">=9.5.0" + "npm": "^9.5.0" }, "devDependencies": { "@rollup/plugin-commonjs": "^25.0.7", From d57ef0709349a6962689da8a33b0a9bb533f8688 Mon Sep 17 00:00:00 2001 From: Scott J Dickerson Date: Tue, 19 Mar 2024 14:15:38 -0400 Subject: [PATCH 3/3] Dockerfile version tag tweak, ci-repo force use npm9 Signed-off-by: Scott J Dickerson --- .github/workflows/ci-repo.yml | 3 +++ Dockerfile | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci-repo.yml b/.github/workflows/ci-repo.yml index e06d93da75..abe3ce1dfe 100644 --- a/.github/workflows/ci-repo.yml +++ b/.github/workflows/ci-repo.yml @@ -27,6 +27,9 @@ jobs: node-version: ${{ env.node-version }} cache: "npm" + - name: Force install npm@9 to match Dockerfile build container ubi9/nodejs-18:1-88 + run: npm install -g npm@9 + - name: Verify package-lock.json run: ./scripts/verify_lock.mjs diff --git a/Dockerfile b/Dockerfile index c8450525ff..281f3995d8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,7 +15,7 @@ COPY --chown=1001 . . RUN npm clean-install --ignore-scripts && npm run build && npm run dist # Runner image -FROM registry.access.redhat.com/ubi9/nodejs-18-minimal:1-88 +FROM registry.access.redhat.com/ubi9/nodejs-18-minimal:1-93 # Add ps package to allow liveness probe for k8s cluster # Add tar package to allow copying files with kubectl scp