mirror of https://github.com/zulip/zulip.git
install-node: Stop using NVM.
NVM doesn’t check hashes or signatures and really just adds complexity we don’t need. Signed-off-by: Anders Kaseorg <anders@zulip.com>
This commit is contained in:
Anders Kaseorg
Tim Abbott
parent
bf64cb2d1c
commit
2f993f1a79
|
|
@ -247,18 +247,19 @@ reasoning here.
|
||||||
these checked-in versions of dependencies and instead use versions
|
these checked-in versions of dependencies and instead use versions
|
||||||
managed by the npm repositories.
|
managed by the npm repositories.
|
||||||
|
|
||||||
## Node and Yarn
|
## Node.js and Yarn
|
||||||
|
|
||||||
These are installed by `scripts/lib/install-node` (which in turn uses
|
Node.js is installed by `scripts/lib/install-node` to
|
||||||
the standard third-party `nvm` installer to download `node` and pin
|
`/srv/zulip-node` and symlinked to `/usr/local/bin/node`. Yarn is
|
||||||
its version) and `scripts/lib/install-yarn`.
|
installed by `scripts/lib/install-yarn` to `/srv/zulip-yarn` and
|
||||||
|
symlinked to `/usr/bin/yarn`.
|
||||||
|
|
||||||
- `nvm` has its own system for installing each version of `node` at
|
We don't do anything special to try to manage multiple versions of
|
||||||
its own path, which we use, though we install a `/usr/local/bin/node`
|
Node.js or Yarn. (Previous versions of Zulip installed multiple
|
||||||
wrapper to access the desired version conveniently and efficiently
|
versions of Node.js using the third-party `nvm` installer, but the
|
||||||
(`nvm` has a lot of startup overhead).
|
current version no longer uses `nvm`; if it’s present in
|
||||||
- We install `yarn` at `/srv/zulip-yarn`. We don't do anything
|
`/usr/local/nvm` where previous versions installed it, it will now be
|
||||||
special to try to manage multiple versions of `yarn`.
|
removed.)
|
||||||
|
|
||||||
## ShellCheck and shfmt
|
## ShellCheck and shfmt
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,55 +1,39 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
set -eo pipefail
|
set -euo pipefail
|
||||||
|
|
||||||
node_version=14.17.6
|
version=14.17.6
|
||||||
nvm_version=0.38.0
|
arch="$(uname -m)"
|
||||||
|
|
||||||
# This is a fix for the fact that nvm uses $HOME to determine which
|
case $arch in
|
||||||
# user account's home directory to ~/.config to. Ideally, we'd have a
|
x86_64)
|
||||||
# more systematic fix, like using `sudo -H` everywhere.
|
tarball="node-v$version-linux-x64.tar.xz"
|
||||||
export HOME=/root
|
sha256=3bbe4faf356738d88b45be222bf5e858330541ff16bd0d4cfad36540c331461b
|
||||||
|
;;
|
||||||
|
|
||||||
current_node_version="none"
|
aarch64)
|
||||||
if node_wrapper_path="$(command -v node)"; then
|
tarball="node-v$version-linux-arm64.tar.xz"
|
||||||
current_node_version="$(node --version)"
|
sha256=9c4f3a651e03cd9b5bddd33a80e8be6a6eb15e518513e410bb0852a658699156
|
||||||
fi
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
if [ "$current_node_version" = "v$node_version" ] && [ -L "$node_wrapper_path" ]; then
|
check_version() {
|
||||||
echo "Node version $node_version is already installed."
|
out="$(node --version)" && [ "$out" = "v$version" ]
|
||||||
exit 0
|
}
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "$current_node_version" != "v$node_version" ] || ! [ -L "$node_wrapper_path" ]; then
|
if ! check_version; then
|
||||||
export NVM_DIR=/usr/local/nvm
|
tmpdir="$(mktemp -d)"
|
||||||
# shellcheck source=/dev/null
|
trap 'rm -r "$tmpdir"' EXIT
|
||||||
if ! [ -e "$NVM_DIR/nvm.sh" ] || {
|
cd "$tmpdir"
|
||||||
. "$NVM_DIR/nvm.sh"
|
curl_opts=(-fLO)
|
||||||
[ "$(nvm --version)" != "$nvm_version" ]
|
if [ -n "${CUSTOM_CA_CERTIFICATES:-}" ]; then
|
||||||
}; then
|
curl_opts+=(--cacert "${CUSTOM_CA_CERTIFICATES}")
|
||||||
mkdir -p "$NVM_DIR"
|
|
||||||
curl_opts=(-fL)
|
|
||||||
if [ -n "${CUSTOM_CA_CERTIFICATES:-}" ]; then
|
|
||||||
curl_opts+=(--cacert "${CUSTOM_CA_CERTIFICATES}")
|
|
||||||
fi
|
|
||||||
curl "${curl_opts[@]}" "https://raw.githubusercontent.com/nvm-sh/nvm/v$nvm_version/install.sh" | bash
|
|
||||||
# shellcheck source=/dev/null
|
|
||||||
. "$NVM_DIR/nvm.sh"
|
|
||||||
fi
|
fi
|
||||||
|
curl "${curl_opts[@]}" "https://nodejs.org/dist/v$version/$tarball"
|
||||||
# Tell NVM that we don't want it messing around with $PATH; we'll
|
sha256sum -c <<<"$sha256 $tarball"
|
||||||
# adjust which npm to use by symlinks below.
|
rm -rf /srv/zulip-node
|
||||||
nvm alias default system
|
mkdir -p /srv/zulip-node
|
||||||
|
tar -xJf "$tarball" --no-same-owner --strip-components=1 -C /srv/zulip-node
|
||||||
nvm install "$node_version"
|
ln -sf /srv/zulip-node/bin/{node,npm,npx} /usr/local/bin
|
||||||
NODE_BIN="$(nvm which $node_version)"
|
rm -rf /usr/local/nvm
|
||||||
|
check_version
|
||||||
# Fix messed-up uid=500 and group write bits produced by nvm
|
|
||||||
n=${NODE_BIN%/bin/node}
|
|
||||||
chown -R root:root "$n"
|
|
||||||
chmod -R go-w "$n"
|
|
||||||
|
|
||||||
# Install node symlink to /usr/local/bin
|
|
||||||
ln -nsf "$NODE_BIN" /usr/local/bin/node
|
|
||||||
ln -nsf "$(dirname "$NODE_BIN")/npm" /usr/local/bin/npm
|
|
||||||
ln -nsf "$(dirname "$NODE_BIN")/npx" /usr/local/bin/npx
|
|
||||||
fi
|
fi
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue