search

dotnet / aspnetcore

ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux.
https://asp.net
MIT License
35.21k stars 9.95k forks source link

The latest 11.x JDK does not appear to be used on helix #57476

Open halter73 opened 4 weeks ago

halter73 commented 4 weeks ago

56210 and #56211 both intended to update our repo to use the latest 11.x JDK, but those changes do not appear to affect our helix runs. I'm guessing we want to use the same JDK everywhere.

https://github.com/dotnet/aspnetcore/blob/30fb87ca055beb5997ab3f28d02bbc7866e8b683/eng/targets/Helix.targets#L3-L4

I do not think our InstallJdk.ps1 or installjdk.sh scripts support leaving the minor version and patch unspecified. If you try, you get 404 responses from https://netcorenativeassets.blob.core.windows.net.

This can also hinder local development, because unlike in release/8.0, .\eng\scripts\InstallJdk.ps1 fails in main and release/9.0 unless a version with a patch is explicitly specified, since it only reads JDK version "11" in global.json. It's unclear what JDK versions are available. 11.0.3 appears to exist for Windows, but not 11.0.23, and it doesn't appear to be possible to anonymously list available versions.

@wtgodbe @BrennanConroy

wtgodbe commented 3 weeks ago

global.json can read msbuild properties, so maybe we could move it out to Versions.props & update it manually every 6 months or so? e.g. https://github.com/dotnet/aspnetcore/blob/63c492e22b06d4903cb4e7aee037295c71e1ec37/global.json#L9

We could then have the .ps1/.sh files read it from Versions.props as well

wtgodbe commented 2 weeks ago

@halter73 @BrennanConroy what do you think the priority on this one is?

halter73 commented 1 week ago

It's not a huge problem for me personally, but I figure it should have similar priority to other component governance issues. It just looks like component governance hasn't caught this since the version isn't specified in a conventional place.

It'd be nice if we could move the version to a place where component governance can track it as part of the fix.

wtgodbe commented 1 week ago

Since it's only relevant for Helix, I'd dismiss this if it was a CG alert, because it's test-only. I think it moreso has value as a means of making sure we test with the same stuff we build with. I'll move it to 10 planning

adityamandaleeka commented 6 days ago

In addition to unifying how we get the JDK, it would be good to get onto a more current version. 21 is the latest LTS and it looks like we use 11 or 10 depending on what job we're running.