Skip to content

Commit

Permalink
chore(mojaloop/#3450): nodejs upgrade (#161)
Browse files Browse the repository at this point in the history 
chore(mojaloop/#3450): NodeJS version upgrade - mojaloop/project#3450
- Upgraded NodeJS from v16 to v18 LTS
- Updated CI config to use NodeJS latest LTS version
- Updated CI config to display runtime versions for each job
- Upgraded NPM dependencies
- Fixed CI bugs caused by the NodeJS upgrade
- Upgraded CircleCI orbs versions
- Replaced `audit-resolver` with `audit-ci`
-  Updated CI pipeline use NVM to select node version from` .nvmrc` file
  • Loading branch information
@oderayi
oderayi authored Aug 23, 2023
1 parent 833db81 commit d2b8e5c
Show file tree
Hide file tree
Showing 6 changed files with 5,415 additions and 13,350 deletions.
138 changes: 115 additions & 23 deletions .circleci/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,22 +7,21 @@ version: 2.1
# Orbs used in this pipeline
##
orbs:
slack: circleci/slack@4.9.3 # Ref: https://github.com/mojaloop/ci-config/tree/master/slack-templates
slack: circleci/slack@4.12.5 # Ref: https://github.com/mojaloop/ci-config/tree/master/slack-templates
pr-tools: mojaloop/pr-tools@0.1.10 # Ref: https://github.com/mojaloop/ci-config/
gh: circleci/github-cli@2.1.0
gh: circleci/github-cli@2.2.0

##
# defaults
#
# YAML defaults templates, in alphabetical order
##
defaults_Dependencies: &defaults_Dependencies |
defaults_docker_Dependencies: &defaults_docker_Dependencies |
apk --no-cache add git
apk --no-cache add ca-certificates
apk --no-cache add curl
apk --no-cache add openssh-client
apk add --no-cache -t build-dependencies make gcc g++ python3 libtool autoconf automake jq
npm config set unsafe-perm true
apk add --no-cache -t build-dependencies make gcc g++ python3 libtool autoconf automake bash jq
npm install -g node-gyp

defaults_awsCliDependencies: &defaults_awsCliDependencies |
Expand Down Expand Up @@ -59,6 +58,62 @@ defaults_configure_git: &defaults_configure_git
git config user.email ${GIT_CI_EMAIL}
git config user.name ${GIT_CI_USER}
defaults_configure_nvm: &defaults_configure_nvm
name: Configure NVM
command: |
cd $HOME
export ENV_DOT_PROFILE=$HOME/.profile
touch $ENV_DOT_PROFILE
echo "1. Export env variable"
export NVM_DIR="$HOME/.nvm"
if [ -z "$NVMRC_VERSION" ]; then
echo "==> Configuring NVMRC_VERSION!"
export NVMRC_VERSION=$(cat $CIRCLE_WORKING_DIRECTORY/.nvmrc)
echo "export NVMRC_VERSION=$NVMRC_VERSION" >> $ENV_DOT_PROFILE
fi
if [ -f "$NVM_DIR" ]; then
echo "==> $NVM_DIR exists. Skipping steps 2-4!"
else
echo "==> $NVM_DIR does not exists. Executing steps 2-4!"
echo "2. Installing NVM"
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.3/install.sh | bash
echo "3. Executing $NVM_DIR/nvm.sh"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
# echo "4. Update $ENV_DOT_PROFILE"
# echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"' >> $ENV_DOT_PROFILE
# echo "export NVM_DIR=$NVM_DIR" >> $ENV_DOT_PROFILE
fi
## Ref: https://github.com/nvm-sh/nvm/issues/1102#issuecomment-550572252
if [ ! -z "$NVM_ARCH_UNOFFICIAL_OVERRIDE" ]; then
echo "==> Handle NVM_ARCH_UNOFFICIAL_OVERRIDE=$NVM_ARCH_UNOFFICIAL_OVERRIDE!"
echo "nvm_get_arch() { nvm_echo \"${NVM_ARCH_UNOFFICIAL_OVERRIDE}\"; }" >> $ENV_DOT_PROFILE
echo "export NVM_NODEJS_ORG_MIRROR=https://unofficial-builds.nodejs.org/download/release" >> $ENV_DOT_PROFILE
source $ENV_DOT_PROFILE
fi
echo "4. Installing Node version: $NVMRC_VERSION"
nvm install $NVMRC_VERSION
nvm alias default $NVMRC_VERSION
nvm use $NVMRC_VERSION
cd $CIRCLE_WORKING_DIRECTORY
defaults_display_versions: &defaults_display_versions
name: Display Versions
command: |
echo "What is the active version of Nodejs?"
echo "node: $(node --version)"
echo "yarn: $(yarn --version)"
echo "npm: $(npm --version)"
echo "nvm: $(nvm --version)"
##
# Executors
#
Expand All @@ -67,26 +122,36 @@ defaults_configure_git: &defaults_configure_git
executors:
default-docker:
working_directory: &WORKING_DIR /home/circleci/project
shell: "/bin/sh -leo pipefail" ## Ref: https://circleci.com/docs/env-vars/#alpine-linux
environment:
BASH_ENV: /etc/profile ## Ref: https://circleci.com/docs/env-vars/#alpine-linux
NVM_ARCH_UNOFFICIAL_OVERRIDE: x64-musl ## Ref: https://github.com/nvm-sh/nvm/issues/1102#issuecomment-550572252
docker:
- image: node:16.15.0-alpine
- image: node:lts-alpine # Ref: https://hub.docker.com/_/node?tab=tags&page=1&name=alpine

default-machine:
working_directory: *WORKING_DIR
shell: "/bin/bash -leo pipefail"
machine:
image: ubuntu-2004:current
image: ubuntu-2204:2023.04.2 # Ref: https://circleci.com/developer/machine/image/ubuntu-2204

jobs:
setup:
executor: default-docker
steps:
- run:
name: Install general dependencies
command: *defaults_Dependencies
command: *defaults_docker_Dependencies
- checkout
- run:
name: Update NPM install
<<: *defaults_configure_nvm
- run:
<<: *defaults_display_versions
- run:
name: Install NPM dependencies
command: npm ci
- save_cache:
name: Save dependency cache
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
paths:
- node_modules
Expand All @@ -96,9 +161,14 @@ jobs:
steps:
- run:
name: Install general dependencies
command: *defaults_Dependencies
command: *defaults_docker_Dependencies
- checkout
- run:
<<: *defaults_configure_nvm
- run:
<<: *defaults_display_versions
- restore_cache:
name: Restore dependency cache
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
- run:
name: Execute dependency tests
Expand All @@ -109,9 +179,14 @@ jobs:
steps:
- run:
name: Install general dependencies
command: *defaults_Dependencies
command: *defaults_docker_Dependencies
- checkout
- run:
<<: *defaults_configure_nvm
- run:
<<: *defaults_display_versions
- restore_cache:
name: Restore dependency cache
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
- run:
name: Execute lint tests
Expand All @@ -122,9 +197,14 @@ jobs:
steps:
- run:
name: Install general dependencies
command: *defaults_Dependencies
command: *defaults_docker_Dependencies
- checkout
- run:
<<: *defaults_configure_nvm
- run:
<<: *defaults_display_versions
- restore_cache:
name: Restore dependency cache
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
- run:
# This is needed for legacy core tests. Remove this once 'tape' is fully deprecated.
Expand All @@ -138,7 +218,7 @@ jobs:
command: npm -s run test:xunit
- store_artifacts:
path: ./test/results
prefix: test
destination: test
- store_test_results:
path: ./test/results

Expand All @@ -147,19 +227,24 @@ jobs:
steps:
- run:
name: Install general dependencies
command: *defaults_Dependencies
command: *defaults_docker_Dependencies
- run:
name: Install AWS CLI dependencies
command: *defaults_awsCliDependencies
- checkout
- run:
<<: *defaults_configure_nvm
- run:
<<: *defaults_display_versions
- restore_cache:
name: Restore dependency cache
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
- run:
name: Execute code coverage check
command: npm -s run test:coverage-check
- store_artifacts:
path: coverage
prefix: test
destination: test
- store_test_results:
path: coverage
- run:
Expand All @@ -178,44 +263,51 @@ jobs:
steps:
- run:
name: Install general dependencies
command: *defaults_Dependencies
command: *defaults_docker_Dependencies
- checkout
- run:
<<: *defaults_configure_nvm
- run:
<<: *defaults_display_versions
- restore_cache:
name: Restore dependency cache
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
- run:
name: Create dir for test results
command: mkdir -p ./audit/results
- run:
name: Check for new npm vulnerabilities
command: npm run audit:check --silent -- --json > ./audit/results/auditResults.json
command: npm run audit:check -- -o json > ./audit/results/auditResults.json
- store_artifacts:
path: ./audit/results
prefix: audit
destination: audit

audit-licenses:
executor: default-docker
steps:
- run:
name: Install general dependencies
command: *defaults_Dependencies
command: *defaults_docker_Dependencies
- run:
<<: *defaults_license_scanner
- checkout
- restore_cache:
name: Restore dependency cache
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
- run:
name: Run the license-scanner
command: cd /tmp/license-scanner && pathToRepo=$CIRCLE_WORKING_DIRECTORY make run
- store_artifacts:
name: Store license-scanner results
path: /tmp/license-scanner/results
prefix: licenses
destination: licenses

release:
executor: default-docker
steps:
- run:
name: Install general dependencies
command: *defaults_Dependencies
command: *defaults_docker_Dependencies
- checkout
- restore_cache:
keys:
Expand Down Expand Up @@ -287,7 +379,7 @@ jobs:
steps:
- run:
name: Install general dependencies
command: *defaults_Dependencies
command: *defaults_docker_Dependencies
- checkout
- restore_cache:
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
Expand Down Expand Up @@ -325,7 +417,7 @@ jobs:
steps:
- run:
name: Install general dependencies
command: *defaults_Dependencies
command: *defaults_docker_Dependencies
- checkout
- restore_cache:
key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
Expand Down
2 changes: 1 addition & 1 deletion .nvmrc
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
16.15.0
18.17.1
9 changes: 9 additions & 0 deletions audit-ci.jsonc
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
{
"$schema": "https://github.com/IBM/audit-ci/raw/main/docs/schema.json",
// audit-ci supports reading JSON, JSONC, and JSON5 config files.
// Only use one of ["low": true, "moderate": true, "high": true, "critical": true]
"moderate": true,
"allowlist": [
"GHSA-w5p7-h5w8-2hfq"
]
}
40 changes: 0 additions & 40 deletions audit-resolve.json
View file

This file was deleted.

Loading

0 comments on commit d2b8e5c

Please sign in to comment.