Provide Node.js for running VS Code #471
Conversation
Signed-off-by: Roman Nikitenko <rnikiten@redhat.com>
| if [ -n "$NODE_ARCH" ]; then \ | ||
| NODE_URL="${NODE_LOCATION}/dist/v${NODE_VERSION}/node-v${NODE_VERSION}-${PLATFORM}-${NODE_ARCH}.tar.gz"; \ | ||
| echo "Downloading Node.js from ${NODE_URL}"; \ | ||
| wget -q "${NODE_URL}"; \ |
There was a problem hiding this comment.
@nickboldt
I would like to know your opinion about current PR.
We need it for eclipse-che/che#21778.
The main difference is: Node.js is going to be downloaded at the building libc-content-provider.Dockerfile step.
There was a problem hiding this comment.
Node.js is going to be downloaded at the building
Sounds like the opposite of what was done for https://issues.redhat.com/browse/CRW-3160 ... you can't download random stuff from the internet anymore, you can only use rpms :(
Do you require a specific version of nodejs that's not available from UBI 8 or UBI 9 rpm content sets? If so the workaround is to use fetch-artifacts-url.yaml with content we have pre-uploaded to download.devel server.
There was a problem hiding this comment.
thank you for the quick answer!
Do you require a specific version of nodejs that's not available from UBI 8 or UBI 9 rpm content sets?
ubi-8 brings nodejs that incompatible with ubi-9.
I tested in the che-code that starting VS Code works well for both (ubi-8 and ubi-9) when Node.js is downloaded...
There was a problem hiding this comment.
One more question:
in the upstream we can use From docker.io/node:16.17.1-alpine3.15
If I'm not mistaken we can not use From docker.io/node:16.17.1-alpine3.15 for the Devspaces-Code.
Do you know a workaround for such use case?
There was a problem hiding this comment.
Correct.
You can use any of UBI8 based images in https://catalog.redhat.com/software/containers/search?q=ubi8/nodejs-16
If you need a RHEL9-based image for downstream we'll probably have to migrate to UBI9 as the deployment layer.
I'm not sure if you can BUILD with RHEL9/UBI9 and then set the runtime/deployment later to be FROM UBI8. That might break the build pipeline in Brew/OSBS.
Side question: why are we using Node 16 when 18 is available?
https://catalog.redhat.com/software/containers/search?q=nodejs-18&p=1
There was a problem hiding this comment.
Side question: why are we using Node 16 when 18 is available?
It's VS Code requirement: https://github.com/microsoft/vscode/wiki/How-to-Contribute#prerequisites
There was a problem hiding this comment.
ok, well ubi8/nodejs-16 contains nodejs-16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 ... which should be compatible with required Node.JS, x64, version >=16.17.x and <17
Meanwhile the ubi9/nodejs-16 container has nodejs-16.19.1-2.el9_2.x86_64
Are you saying these versions don't work for your build?
https://catalog.redhat.com/software/containers/ubi8/nodejs-16/615aee9fc739c0a4123a87e1?tag=1-72.1669834625&push_date=1669927389000 contains 16.17.1 but it's 6mo old and is rated D because of security issues. NOT recommended to use this older version of nodejs 16.
There was a problem hiding this comment.
Are you saying these versions don't work for your build?
Let's say I've built libc docker image from the dockerfile based on the ubi-8 - it contains Node.js 16 that requires OpenSSL 1.
- we run VS Code in the
ubi-8based container - it works - no problem! - we run VS Code in the
ubi-9based container - it doesn't work -ubi-9image usesOpenSSL 3
The same problem when I build libc docker image from the dockerfile based on the ubi-9, but user tries to run VS Code in the ubi-8 based container!
I don't have such problems when I just download required version of Node.js - the workspace can be started in both: ubi-8 and ubi-9 based containers...
|
I wonder if the libc build can be set up to NOT directly depend on a specific openssl implementation, or to include its own embedded one?
Are you downloading the 66MB node-v16.20.1.tar.gz or the 33MB node-v16.20.1-linux-x64.tar.gz ? Looks like the larger tarball includes:
But the smaller one only includes:
So... maybe it's the openssl wrapper that's solving your problem for RHEL 8 vs. 9? Both tarballs include these:
Alternatively, perhaps it's time to migrate Dev Spaces to RHEL 9 so we don't have to worry about RHEL 8 anymore. (This will take a few releases to achieve, however, but is ultimately where DS will end up.) |
https://nodejs.org/dist/v16.17.1/node-v16.17.1-linux-x64.tar.gz The process of running VS Code is:
As far as I understand the problem:
Currently we copy already installed 
If the libs are absent in the My idea was to download Node.js (instead of copying already installed one in the libc image). 
You can see that:
|
|
Note that a dependency on libssl or libcrypto indicates that there are FIPS implications here. We need to be careful that the node we're using is FIPS-friendly. Static links are generally not preferred over dynamic links, if I understand correcty based on the recent discussions about golang + FIPS. |
Provide Node.js for running VS Code.
We need this change for eclipse-che/che#21778