Update universal image to .NET 8 #855
Conversation
Still a WIP |
|
I'm not familiar with Oryx enough to figure out why it's failing to build in the smoke test. |
|
Here's the error message I'm seeing in the smoke test: If you look at the Oryx repo, they are indeed using version 1.8.2 of Azure.Identity: If you look at NuGet, that version has a security vulnerability and that's being thrown as an error here and may be a warning elsewhere: |
|
Oryx tool needs to be built with .NET 7, however, looking at https://github.com/devcontainers/images/actions/runs/6895550673/job/18760553721?pr=855#step:3:18052, it's getting built with .NET 8. This is definitely a bug in the oryx Feature which needs to be fixed to unblock this PR.
I'll reach out to the Oryx team and mention this security vulnerability. Thanks for pointing it out. |
Fix - microsoft/Oryx#2263 🎉 |
|
@samruddhikhandale, did the PR from the Oryx team resolve this issue? |
It did resolve the issue we were seeing in #855 (comment)
(From #855 (comment)) However, this ^ is another issue which is currently blocking this PR. I have opened devcontainers/features#760 for tracking, but have been super busy and wasn't able to get to it. Apologies for that and thanks for your patience. I am hoping to fix devcontainers/features#760 sometime this week. However, in case you are interested in contributing a fix for devcontainers/features#760, we'd really appreciate that. ✨ |
|
I missed that follow-up issue. It looks like the Oryx feature auto-builds with the primary (latest?) version of .NET and we're only putting .NET 6 & 8 on the image. Forgive me if this seems like an obvious question, but how should this be resolved:
Sorry, if you can't answer those questions. Oryx is still a bit of a mystery to me as I only ever encountered it with Azure App Service. I'm happy to contribute if I can, but I don't have a ton of experience with that project. |
|
No worries, and thank you for your willingness to help @seesharprun, appreciate it.
Currently, the oryx tool is built with .Net 7, they would switch it to .Net 8 sometime in the future, but I don't think it's worth waiting/ getting blocked because of it. In the meanwhile, we can update the Oryx Feature to do the following -
Ideally, the Oryx Feature should be doing that ^, see https://github.com/devcontainers/features/blob/main/src/oryx/install.sh#L136-L143 but maybe there is a bug? Previously, we had .Net 7 in the
Nope, I don't expect changes to the image code.
Yes, about right |
Co-authored-by: Samruddhi Khandale <samruddhikhandale@github.com>
|
Unfortunately, I can't test the image locally. I'm using Windows and it doesn't seem to let me install the local NVS feature. |
|
This error makes me assume I need bash locally to test out the devcontainer:
EDIT: I'm getting the same error message trying to build the image using
|
|
In the interim, would adding .NET 7 back solve the Oryx build error? "ghcr.io/devcontainers/features/dotnet:1": {
"version": "8.0",
"additionalVersions": "7.0, 6.0"
},or "ghcr.io/devcontainers/features/dotnet:2": {
"version": "8.0",
"additionalVersions": "7.0, 6.0"
},I'm going to change to the |
|
Another update, it looks like using the older version of the feature causes an error when installing multiple versions of .NET. I'm attempting to smoke test on my end with the latest version of the feature: "ghcr.io/devcontainers/features/dotnet:1": {
"version": "8.0",
"additionalVersions": "7.0, 6.0"
},For now, I will mark this PR as draft until there's a solution. |
To unblock, can you use a diff base image and add the notebook features you need? |
|
Related to #919 |
|
Update: Engaged the oryx team with microsoft/Oryx#2272 which is needed to fix the oryx version compatibility issue. Currently, they are resolving issues with their own Oryx build pipelines. Once that is fixed and validations pass on ^ the PR, they are ready to merge it in. |
|
I switched to just .NET 7 and 8 per the PR suggestions. |
microsoft/Oryx#2272 was merged today. Hence, opened devcontainers/features#825 which unblocks this PR. |
|
#855 is merged, and new Oryx Feature is released. @seesharprun Can you help update src/universal/.devcontainer/devcontainer-lock.json ? |
Done: |
|
@seesharprun Let me know if you need help with fixing the failing checks! |
I can't seem to figure it out. I would appreciate the assistance. I have selected the option to allow maintainers to edit.
|
.NET 8 is now the LTS version of .NET: https://dotnet.microsoft.com/platform/support/policy/dotnet-core#lifecycle
This PR proposes to update the universal image to install .NET 8 along with 7 and 6.
installUsingAptoption as it's not available anymore for the feature: https://github.com/devcontainers/features/blob/main/src/dotnet/devcontainer-feature.json#L7-L36