Update FreeBSD hosts to 13

[targos]

FreeBSD 12 will be EoL on Dec 31, 2023

V8 updates are blocked because clang is too old.

Refs: https://github.com/nodejs/build/issues/3134 Refs: https://www.freebsd.org/security/#sup

[targos]

Note that DigitalOcean don't provide images for FreeBSD anymore so we'll have to upload a custom image to rebuild the droplets

[targos]

There are prebuilt images of FreeBSD 13.2 on https://bsd-cloud-image.org/

[targos]

@nodejs/platform-freebsd WDYT?

[richardlau]

I've uploaded the FreeBSD 13.3 zfs image from https://bsd-cloud-image.org/ to DigitalOcean and was able to create test-digitalocean-freebsd13-x64-1 with it. Just attempted to do a build of main but hit https://github.com/nodejs/node/issues/54576 (clang 17.0.6).

[richardlau]

The FreeBSD 12 machines are running Java 11 -- Jenkins LTS is planning to drop support for Java 11 in October (https://github.com/nodejs/build/issues/3916).

[richardlau]

I'm temporarily trying FreeBSD 14.0, but that has an older(!) version of clang than FreeBSD 13.3:

FreeBSD clang version 16.0.6 (https://github.com/llvm/llvm-project.git llvmorg-16.0.6-0-g7cbf1a259152)
Target: x86_64-unknown-freebsd14.0
Thread model: posix
InstalledDir: /usr/bin

compared to

FreeBSD clang version 17.0.6 (https://github.com/llvm/llvm-project.git llvmorg-17.0.6-0-g6009708b4367)
Target: x86_64-unknown-freebsd13.3
Thread model: posix
InstalledDir: /usr/bin

(see also https://forums.freebsd.org/threads/freebsd-13-3-release-llvm-and-clang-updated-to-17-0-6.92738/#post-647602 and

[richardlau]

FWIW FreeBSD 14 (with the older clang 16.0.6) hits the same compilation failure attempting to build main.

[richardlau]

Trying to update Ansible for FreeBSD 13. Getting this error in the playbook:

TASK [github : write github.com entry in known_hosts] ***********************************************************************************************************************************************************
fatal: [test-digitalocean-freebsd13-x64-1]: FAILED! => {"msg": "Failed to set permissions on the temporary files Ansible needs to create when becoming an unprivileged user (rc: 1, err: chmod: invalid file mode: A+user:iojs:rx:allow\n}). For information on working around this, see https://docs.ansible.com/ansible-core/2.16/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user"}

i.e. https://github.com/nodejs/build/issues/3340. Looking at https://docs.ansible.com/ansible-core/2.16/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user:

Although the Solaris ZFS filesystem has filesystem ACLs, the ACLs are not POSIX.1e filesystem acls (they are NFSv4 ACLs instead). Ansible cannot use these ACLs to manage its temp file permissions so you may have to resort to the world_readable_temp option if the remote machines use ZFS.

and indeed setting allow_world_readable_tmpfiles = True appears to work around the issue. But I could only get that to work when set under the defaults section in ansible.cfg (doesn't work when placed under hosts:freebsd) which means it affects all hosts. I might try the UFS FreeBSD image instead of the ZFS one.

[richardlau]

and indeed setting allow_world_readable_tmpfiles = True appears to work around the issue. But I could only get that to work when set under the defaults section in ansible.cfg (doesn't work when placed under hosts:freebsd) which means it affects all hosts. I might try the UFS FreeBSD image instead of the ZFS one.

UFS image hits the same error. I have found that ansible_shell_allow_world_readable_temp can be set under hosts:freebsd, which appears to work. I'm going to swap the machine back to ZFS, check my Ansible changes still work (with ZFS) and then open the PR to update the scripts.

[emaste]

I'm temporarily trying FreeBSD 14.0

14.0 is close to EOL - is there a reason you're looking at that version specifically rather than 14.1?

[richardlau]

I'm temporarily trying FreeBSD 14.0

14.0 is close to EOL - is there a reason you're looking at that version specifically rather than 14.1?

https://bsd-cloud-image.org/