TheLanc3/code-server
1
0
Fork 0
mirror of https://github.com/coder/code-server.git synced 2026-05-05 03:55:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
51677f0819e1070273ab973b1aa5bc2071cf9636
code-server/.github/workflows/build.yaml
Joe Previte 51677f0819 feat(ci): refactor build workflow (#5572) 
* refactor: remove stylelint

* refactor: move shellcheck to separate job

* refactor: add helm script and job

* refactor: add eslint job and yarn script

* fix(test/tsconfig): exclude test-plugin

* refactor: delete lint, add typecheck job

* refactor: remove prebuild

* wip: add notes about unit test refactor

* refactor: delete buggy socket test

This test was really added to in get cover specific lines but it's buggy
and only passes sometimes locally. I think it's okay to remove because:
- it's an implementation detail (not user facing)
- not preventing any specific regressions

* refactor: move test-plugin to integration suite

This seems more appropriate given this tests how a plugin might work
within code-server.

* wip

* wip: refactor vscode integration tests

* refactor: move unit tests to separate job

* fix: formatting

* Revert "wip: refactor vscode integration tests"

This reverts commit 13286bf4c9.

* Revert "refactor: move unit tests to separate job"

This reverts commit 6c87b540b4.

* feat: collect codecov integration tests

* fixup! feat: collect codecov integration tests

* fixup! feat: collect codecov integration tests

* fixup!: move helm step

* fixup!: update ids for caching

* trigger ci

* trigger ci

* chore: clean up names in security.yaml

* fixup!: remove .tsx

* fixup!: change to src/**"

* fixup!: move helm cmd to yaml

* fixup!: always build test plugin

* fixup!: fix plugin typings

* fixup! add back flakey test

* fixup!: only install helm deps if changes

* fixup!: revert node mod caching

* dont keep, test for asher

* fixup!: add make to centos

* refactor: add test:native

This adds a new script to run native tests (i.e. --help which should run
in ci on all platforms).

* try updating glibc

* try 2.25

* Revert "refactor: move test-plugin to integration suite"

This reverts commit bc02005dc0.

I couldn't get past some GLIBC errors in CI so moving back to unit
tests.

* Revert "try updating glibc"

This reverts commit 02ed560f22.

* fixup!

* asher: again

* try this for ts changes

* fixup

* refactor: scripts.yml -> scripts.yaml

* fixup!: move lint-sh to scripts.yaml

* fixup!: use apk for lint scripts

* fixup! fixup!: use apk for lint scripts

* fixup!: remove typecheck step

* fix: pattern for lint ts files

* test: lint should fail

* fixup! fixup!: use apk for lint scripts

* Revert "test: lint should fail"

This reverts commit 158c64db04.

* fixup!: skip cancel workflow on forks

Looks like the cancel action workflow can't run on forks due to secrets.

See https://github.com/andymckay/cancel-action/issues/4

* fixup: remove cancel-workflow

* fixup! fixup! fixup!: use apk for lint scripts

* fixup! fixup! fixup!: use apk for lint scripts

* fixup!: fix yarn key

* fixup!: add fetch-depth 0
2022-09-22 12:33:32 -07:00

646 lines
20 KiB
YAML
Raw Blame History

name: Build
on:
push:
branches:
- main
pull_request:
branches:
- main
# Cancel in-progress runs for pull requests when developers push
# additional changes, and serialize builds in branches.
# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-concurrency-to-cancel-any-in-progress-job-or-run
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
# Note: if: success() is used in several jobs -
# this ensures that it only executes if all previous jobs succeeded.
# if: steps.cache-node-modules.outputs.cache-hit != 'true'
# will skip running `yarn install` if it successfully fetched from cache
jobs:
fmt:
name: Format with Prettier
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Install Node.js v16
uses: actions/setup-node@v3
with:
node-version: "16"
- name: Fetch dependencies from cache
id: cache-node-modules
uses: actions/cache@v3
with:
path: "**/node_modules"
key: yarn-build-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
yarn-build-
- name: Install dependencies
if: steps.cache-node-modules.outputs.cache-hit != 'true'
run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
- name: Format files with Prettier
run: yarn fmt
lint-helm:
name: Lint Helm chart
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
fetch-depth: 2
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v23.2
with:
files: |
ci/helm-chart/**
- name: Install helm
if: steps.changed-files.outputs.any_changed == 'true'
uses: azure/setup-helm@v3.3
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install helm kubeval plugin
if: steps.changed-files.outputs.any_changed == 'true'
run: helm plugin install https://github.com/instrumenta/helm-kubeval
- name: Lint Helm chart
if: steps.changed-files.outputs.any_changed == 'true'
run: helm kubeval ci/helm-chart
lint-ts:
name: Lint TypeScript files
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
fetch-depth: 2
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v23.2
with:
files: |
**/*.ts
**/*.js
files_ignore: |
lib/vscode/**
- name: Install Node.js v16
if: steps.changed-files.outputs.any_changed == 'true'
uses: actions/setup-node@v3
with:
node-version: "16"
- name: Fetch dependencies from cache
if: steps.changed-files.outputs.any_changed == 'true'
id: cache-node-modules
uses: actions/cache@v3
with:
path: "**/node_modules"
key: yarn-build-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
yarn-build-
- name: Install dependencies
if: steps.changed-files.outputs.any_changed == 'true' && steps.cache-node-modules.outputs.cache-hit != 'true'
run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
- name: Lint TypeScript files
if: steps.changed-files.outputs.any_changed == 'true'
run: yarn lint:ts
build:
name: Build
runs-on: ubuntu-latest
timeout-minutes: 30
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
submodules: true
- name: Install quilt
uses: awalsh128/cache-apt-pkgs-action@latest
with:
packages: quilt
version: 1.0
- name: Patch Code
run: quilt push -a
- name: Install Node.js v16
uses: actions/setup-node@v3
with:
node-version: "16"
- name: Fetch dependencies from cache
id: cache-node-modules
uses: actions/cache@v3
with:
path: "**/node_modules"
key: yarn-build-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
yarn-build-
- name: Install dependencies
if: steps.cache-node-modules.outputs.cache-hit != 'true'
run: yarn --frozen-lockfile
- name: Build code-server
run: yarn build
# Get Code's git hash. When this changes it means the content is
# different and we need to rebuild.
- name: Get latest lib/vscode rev
id: vscode-rev
run: echo "::set-output name=rev::$(git rev-parse HEAD:./lib/vscode)"
- name: Get version
id: version
run: echo "::set-output name=version::$(jq -r .version package.json)"
# We need to rebuild when we have a new version of Code, when any of
# the patches changed, or when the code-server version changes (since
# it gets embedded into the code). Use VSCODE_CACHE_VERSION to
# force a rebuild.
- name: Fetch prebuilt Code package from cache
id: cache-vscode
uses: actions/cache@v3
with:
path: lib/vscode-reh-web-*
key: vscode-reh-package-${{ secrets.VSCODE_CACHE_VERSION }}-${{ steps.vscode-rev.outputs.rev }}-${{ steps.version.outputs.version }}-${{ hashFiles('patches/*.diff', 'ci/build/build-vscode.sh') }}
- name: Build vscode
if: steps.cache-vscode.outputs.cache-hit != 'true'
run: yarn build:vscode
# Our code imports code from VS Code's `out` directory meaning VS Code
# must be built before running these tests.
# TODO: Move to its own step?
- name: Run code-server unit tests
run: yarn test:unit
if: success()
- name: Upload coverage report to Codecov
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
if: success()
# The release package does not contain any native modules
# and is neutral to architecture/os/libc version.
- name: Create release package
run: yarn release
if: success()
# https://github.com/actions/upload-artifact/issues/38
- name: Compress release package
run: tar -czf package.tar.gz release
- name: Upload npm package artifact
uses: actions/upload-artifact@v3
with:
name: npm-package
path: ./package.tar.gz
npm:
# the npm-package gets uploaded as an artifact in Build
# so we need that to complete before this runs
needs: build
# This environment "npm" requires someone from
# coder/code-server-reviewers to approve the PR before this job runs.
environment: npm
# Only run if PR comes from base repo or event is not a PR
# Reason: forks cannot access secrets and this will always fail
if: github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request'
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
id: download
with:
name: "npm-package"
path: release-npm-package
- name: Run ./ci/steps/publish-npm.sh
run: yarn publish:npm
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
# NOTE@jsjoeio
# NPM_ENVIRONMENT intentionally not set here.
# Instead, itis determined in publish-npm.sh script
# using GITHUB environment variables
- name: Comment npm information
uses: marocchino/sticky-pull-request-comment@v2
with:
GITHUB_TOKEN: ${{ github.token }}
header: npm-dev-build
message: |
✨ code-server dev build published to npm for PR #${{ github.event.number }}!
* _Last publish status_: success
* _Commit_: ${{ github.event.pull_request.head.sha }}
To install in a local project, run:
```shell-session
npm install @coder/code-server-pr@${{ github.event.number }}
```
To install globally, run:
```shell-session
npm install -g @coder/code-server-pr@${{ github.event.number }}
```
# TODO: cache building yarn --production
# possibly 2m30s of savings(?)
# this requires refactoring our release scripts
package-linux-amd64:
name: x86-64 Linux build
needs: build
runs-on: ubuntu-latest
timeout-minutes: 15
container: "centos:7"
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Install Node.js v16
uses: actions/setup-node@v3
with:
node-version: "16"
- name: Install development tools
run: |
yum install -y epel-release centos-release-scl make
yum install -y devtoolset-9-{make,gcc,gcc-c++} jq rsync python3
- name: Install nfpm and envsubst
run: |
mkdir -p ~/.local/bin
curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
curl -sSfL https://github.com/a8m/envsubst/releases/download/v1.1.0/envsubst-`uname -s`-`uname -m` -o envsubst
chmod +x envsubst
mv envsubst ~/.local/bin
echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: Install yarn
run: npm install -g yarn
- name: Download npm package
uses: actions/download-artifact@v3
with:
name: npm-package
- name: Decompress npm package
run: tar -xzf package.tar.gz
# NOTE: && here is deliberate - GitHub puts each line in its own `.sh`
# file when running inside a docker container.
- name: Build standalone release
run: source scl_source enable devtoolset-9 && yarn release:standalone
- name: Fetch dependencies from cache
id: cache-node-modules
uses: actions/cache@v3
with:
path: "**/node_modules"
key: yarn-build-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
yarn-build-
- name: Install test dependencies
if: steps.cache-node-modules.outputs.cache-hit != 'true'
run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
- name: Run integration tests on standalone release
run: yarn test:integration
- name: Upload coverage report to Codecov
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
if: success()
- name: Build packages with nfpm
run: yarn package
- name: Upload release artifacts
uses: actions/upload-artifact@v3
with:
name: release-packages
path: ./release-packages
# NOTE@oxy:
# We use Ubuntu 16.04 here, so that our build is more compatible
# with older libc versions. We used to (Q1'20) use CentOS 7 here,
# but it has a full update EOL of Q4'20 and a 'critical security'
# update EOL of 2024. We're dropping full support a few years before
# the final EOL, but I don't believe CentOS 7 has a large arm64 userbase.
# It is not feasible to cross-compile with CentOS.
# Cross-compile notes: To compile native dependencies for arm64,
# we install the aarch64/armv7l cross toolchain and then set it as the default
# compiler/linker/etc. with the AR/CC/CXX/LINK environment variables.
# qemu-user-static on ubuntu-16.04 currently doesn't run Node correctly,
# so we just build with "native"/x86_64 node, then download arm64/armv7l node
# and then put it in our release. We can't smoke test the cross build this way,
# but this means we don't need to maintain a self-hosted runner!
# NOTE@jsjoeio:
# We used to use 16.04 until GitHub deprecated it on September 20, 2021
# See here: https://github.com/actions/virtual-environments/pull/3862/files
package-linux-cross:
name: Linux cross-compile builds
needs: build
runs-on: ubuntu-18.04
timeout-minutes: 15
strategy:
matrix:
include:
- prefix: aarch64-linux-gnu
arch: arm64
- prefix: arm-linux-gnueabihf
arch: armv7l
env:
AR: ${{ format('{0}-ar', matrix.prefix) }}
CC: ${{ format('{0}-gcc', matrix.prefix) }}
CXX: ${{ format('{0}-g++', matrix.prefix) }}
LINK: ${{ format('{0}-g++', matrix.prefix) }}
NPM_CONFIG_ARCH: ${{ matrix.arch }}
NODE_VERSION: v16.13.0
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Install Node.js v16
uses: actions/setup-node@v3
with:
node-version: "16"
- name: Install nfpm
run: |
mkdir -p ~/.local/bin
curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: Install cross-compiler
run: sudo apt update && sudo apt install $PACKAGE
env:
PACKAGE: ${{ format('g++-{0}', matrix.prefix) }}
- name: Download npm package
uses: actions/download-artifact@v3
with:
name: npm-package
- name: Decompress npm package
run: tar -xzf package.tar.gz
- name: Build standalone release
run: yarn release:standalone
- name: Replace node with cross-compile equivalent
run: |
wget https://nodejs.org/dist/${NODE_VERSION}/node-${NODE_VERSION}-linux-${NPM_CONFIG_ARCH}.tar.xz
tar -xf node-${NODE_VERSION}-linux-${NPM_CONFIG_ARCH}.tar.xz node-${NODE_VERSION}-linux-${NPM_CONFIG_ARCH}/bin/node --strip-components=2
mv ./node ./release-standalone/lib/node
- name: Build packages with nfpm
run: yarn package ${NPM_CONFIG_ARCH}
- name: Upload release artifacts
uses: actions/upload-artifact@v3
with:
name: release-packages
path: ./release-packages
package-macos-amd64:
name: x86-64 macOS build
needs: build
runs-on: macos-latest
timeout-minutes: 15
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Install Node.js v16
uses: actions/setup-node@v3
with:
node-version: "16"
- name: Install nfpm
run: |
mkdir -p ~/.local/bin
curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: Download npm package
uses: actions/download-artifact@v3
with:
name: npm-package
- name: Decompress npm package
run: tar -xzf package.tar.gz
- name: Build standalone release
run: yarn release:standalone
- name: Fetch dependencies from cache
id: cache-node-modules
uses: actions/cache@v3
with:
path: "**/node_modules"
key: yarn-build-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
yarn-build-
- name: Install test dependencies
if: steps.cache-node-modules.outputs.cache-hit != 'true'
run: SKIP_SUBMODULE_DEPS=1 yarn install
- name: Run native module tests on standalone release
run: yarn test:native
- name: Build packages with nfpm
run: yarn package
- name: Upload release artifacts
uses: actions/upload-artifact@v3
with:
name: release-packages
path: ./release-packages
test-e2e:
name: End-to-end tests
needs: package-linux-amd64
runs-on: ubuntu-latest
timeout-minutes: 15
env:
# Since we build code-server we might as well run tests from the release
# since VS Code will load faster due to the bundling.
CODE_SERVER_TEST_ENTRY: "./release-packages/code-server-linux-amd64"
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Install Node.js v16
uses: actions/setup-node@v3
with:
node-version: "16"
- name: Fetch dependencies from cache
id: cache-node-modules
uses: actions/cache@v3
with:
path: "**/node_modules"
key: yarn-build-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
yarn-build-
- name: Download release packages
uses: actions/download-artifact@v3
with:
name: release-packages
path: ./release-packages
- name: Untar code-server release
run: |
cd release-packages
tar -xzf code-server*-linux-amd64.tar.gz
mv code-server*-linux-amd64 code-server-linux-amd64
- name: Install dependencies
if: steps.cache-node-modules.outputs.cache-hit != 'true'
run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
- name: Install Playwright OS dependencies
run: |
./test/node_modules/.bin/playwright install-deps
./test/node_modules/.bin/playwright install
- name: Run end-to-end tests
run: yarn test:e2e --global-timeout 840000
- name: Upload test artifacts
if: always()
uses: actions/upload-artifact@v3
with:
name: failed-test-videos
path: ./test/test-results
- name: Remove release packages and test artifacts
run: rm -rf ./release-packages ./test/test-results
test-e2e-proxy:
name: End-to-end tests behind proxy
needs: package-linux-amd64
runs-on: ubuntu-latest
timeout-minutes: 25
env:
# Since we build code-server we might as well run tests from the release
# since VS Code will load faster due to the bundling.
CODE_SERVER_TEST_ENTRY: "./release-packages/code-server-linux-amd64"
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Install Node.js v16
uses: actions/setup-node@v3
with:
node-version: "16"
- name: Fetch dependencies from cache
id: cache-node-modules
uses: actions/cache@v3
with:
path: "**/node_modules"
key: yarn-build-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
yarn-build-
- name: Download release packages
uses: actions/download-artifact@v3
with:
name: release-packages
path: ./release-packages
- name: Untar code-server release
run: |
cd release-packages
tar -xzf code-server*-linux-amd64.tar.gz
mv code-server*-linux-amd64 code-server-linux-amd64
- name: Install dependencies
if: steps.cache-node-modules.outputs.cache-hit != 'true'
run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
- name: Install Playwright OS dependencies
run: |
./test/node_modules/.bin/playwright install-deps
./test/node_modules/.bin/playwright install
- name: Cache Caddy
uses: actions/cache@v2
id: caddy-cache
with:
path: |
~/.cache/caddy
key: cache-caddy-2.5.2
- name: Install Caddy
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: steps.caddy-cache.outputs.cache-hit != 'true'
run: |
gh release download v2.5.2 --repo caddyserver/caddy --pattern "caddy_2.5.2_linux_amd64.tar.gz"
mkdir -p ~/.cache/caddy
tar -xzf caddy_2.5.2_linux_amd64.tar.gz --directory ~/.cache/caddy
- name: Start Caddy
run: sudo ~/.cache/caddy/caddy start --config ./ci/Caddyfile
- name: Run end-to-end tests
run: yarn test:e2e:proxy
- name: Stop Caddy
if: always()
run: sudo ~/.cache/caddy/caddy stop --config ./ci/Caddyfile
- name: Upload test artifacts
if: always()
uses: actions/upload-artifact@v3
with:
name: failed-test-videos-proxy
path: ./test/test-results
- name: Remove release packages and test artifacts
run: rm -rf ./release-packages ./test/test-results
Reference in New Issue View Git Blame Copy Permalink