commit
b706e85efb
3
.github/workflows/ci.yaml
vendored
3
.github/workflows/ci.yaml
vendored
@ -81,7 +81,8 @@ jobs:
|
|||||||
- run: ./ci/steps/release-static.sh
|
- run: ./ci/steps/release-static.sh
|
||||||
env:
|
env:
|
||||||
# Otherwise we get rate limited when fetching the ripgrep binary.
|
# Otherwise we get rate limited when fetching the ripgrep binary.
|
||||||
GITHUB_TOKEN: ${{ secrets.github_token }}
|
# For whatever reason only MacOS needs it.
|
||||||
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
- name: Upload release artifacts
|
- name: Upload release artifacts
|
||||||
uses: actions/upload-artifact@v2
|
uses: actions/upload-artifact@v2
|
||||||
with:
|
with:
|
||||||
|
41
.github/workflows/publish.yaml
vendored
Normal file
41
.github/workflows/publish.yaml
vendored
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
name: publish
|
||||||
|
|
||||||
|
on:
|
||||||
|
release:
|
||||||
|
types: [published]
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
npm:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v1
|
||||||
|
- name: Run ./ci/steps/publish-npm.sh
|
||||||
|
uses: ./ci/container
|
||||||
|
with:
|
||||||
|
args: ./ci/steps/publish-npm.sh
|
||||||
|
env:
|
||||||
|
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
|
||||||
|
|
||||||
|
docker-amd64:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v1
|
||||||
|
- name: Run ./ci/steps/publish-docker.sh
|
||||||
|
uses: ./ci/container
|
||||||
|
with:
|
||||||
|
args: ./ci/steps/publish-docker.sh
|
||||||
|
env:
|
||||||
|
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
||||||
|
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
||||||
|
|
||||||
|
docker-arm64:
|
||||||
|
runs-on: ubuntu-arm64-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v1
|
||||||
|
- name: Run ./ci/steps/publish-docker.sh
|
||||||
|
uses: ./ci/container
|
||||||
|
with:
|
||||||
|
args: ./ci/steps/publish-docker.sh
|
||||||
|
env:
|
||||||
|
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
||||||
|
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
42
ci/README.md
42
ci/README.md
@ -8,17 +8,17 @@ Any file and directory added into this tree should be documented here.
|
|||||||
|
|
||||||
## Publishing a release
|
## Publishing a release
|
||||||
|
|
||||||
1. Change the version of code-server in `package.json` and push this commit.
|
1. Update the version of code-server in `package.json` and push a commit
|
||||||
1. CI will run and generate an NPM package and release packages that you can download
|
1. CI will run and generate the `npm-package` and `release-packages` artifacts on the GH actions workflow
|
||||||
as artifacts on Github Actions.
|
1. Create a new draft release and attach all files in `release-packages`
|
||||||
1. Create a new draft release with the built release packages.
|
1. Run some basic sanity tests on one of the released packages
|
||||||
1. Run some basic sanity tests on one of the released packages.
|
1. Summarize the major changes in the release notes and link to the relevant issues.
|
||||||
1. Publish.
|
1. Make sure to mention the VS Code version in the release notes
|
||||||
1. Download the built npm package and publish it.
|
1. Publish the release
|
||||||
1. Place the debian releases into `./release-packages` and then push the docker
|
1. CI will automatically grab the artifacts and then
|
||||||
image with `./ci/release-container/push.sh`.
|
1. Publish the NPM package
|
||||||
1. This will need to be ran on an ARM64 instance as well.
|
1. Publish the AMD64 docker image
|
||||||
1. At some point we need to automate this.
|
1. Publish the ARM64 docker image
|
||||||
|
|
||||||
## dev
|
## dev
|
||||||
|
|
||||||
@ -65,9 +65,9 @@ You can disable minification by setting `MINIFY=`.
|
|||||||
- Useful to do a clean build.
|
- Useful to do a clean build.
|
||||||
- [./build/code-server.sh](./build/code-server.sh)
|
- [./build/code-server.sh](./build/code-server.sh)
|
||||||
- Copied into static releases to run code-server with the bundled node binary.
|
- Copied into static releases to run code-server with the bundled node binary.
|
||||||
- [./build/test-release.sh](./build/test-static-release.sh)
|
- [./build/test-static-release.sh](./build/test-static-release.sh) (`yarn test:static-release`)
|
||||||
- Ensures code-server in the `./release-static` directory runs
|
- Ensures code-server in the `./release-static` directory runs
|
||||||
- [./build/build-packages.sh](./build/build-static-pkgs.sh) (`yarn package`)
|
- [./build/build-packages.sh](./build/build-packages.sh) (`yarn package`)
|
||||||
- Packages `./release-static` into an archive in `./release-packages`
|
- Packages `./release-static` into an archive in `./release-packages`
|
||||||
- If on linux, [nfpm](https://github.com/goreleaser/nfpm) is used to generate .deb and .rpm
|
- If on linux, [nfpm](https://github.com/goreleaser/nfpm) is used to generate .deb and .rpm
|
||||||
- [./build/nfpm.yaml](./build/nfpm.yaml)
|
- [./build/nfpm.yaml](./build/nfpm.yaml)
|
||||||
@ -79,6 +79,12 @@ You can disable minification by setting `MINIFY=`.
|
|||||||
|
|
||||||
This directory contains the release docker container.
|
This directory contains the release docker container.
|
||||||
|
|
||||||
|
- [./release-container/build.sh](./release-container/build.sh)
|
||||||
|
- Builds the release container
|
||||||
|
- Assumes debian releases are ready in `./release-packages`
|
||||||
|
- [./release-container/push.sh](./release-container/push.sh)
|
||||||
|
- Pushes the built release container to docker hub and updates the latest tag
|
||||||
|
|
||||||
## container
|
## container
|
||||||
|
|
||||||
This directory contains the container for CI.
|
This directory contains the container for CI.
|
||||||
@ -86,7 +92,7 @@ This directory contains the container for CI.
|
|||||||
## steps
|
## steps
|
||||||
|
|
||||||
This directory contains a few scripts used in CI.
|
This directory contains a few scripts used in CI.
|
||||||
Just helps avoid clobbering .travis.yml.
|
Just helps avoid clobbering the CI configuration.
|
||||||
|
|
||||||
- [./steps/test.sh](./steps/test.sh)
|
- [./steps/test.sh](./steps/test.sh)
|
||||||
- Runs `yarn ci` after ensuring VS Code is patched
|
- Runs `yarn ci` after ensuring VS Code is patched
|
||||||
@ -95,3 +101,11 @@ Just helps avoid clobbering .travis.yml.
|
|||||||
- Generates the npm package at `./release`
|
- Generates the npm package at `./release`
|
||||||
- [./steps/static-release.sh](./steps/static-release.sh)
|
- [./steps/static-release.sh](./steps/static-release.sh)
|
||||||
- Takes the output of the previous script and generates a static release and packages
|
- Takes the output of the previous script and generates a static release and packages
|
||||||
|
- [./steps/lib.sh](./steps/lib.sh)
|
||||||
|
- Contains helpers to download artifacts from github actions workflow runs
|
||||||
|
- [./steps/publish-npm.sh](./steps/publish-npm.sh)
|
||||||
|
- Grabs the `npm-package` release artifact for the current commit and publishes it on NPM
|
||||||
|
- [./steps/publish-docker.sh](./steps/publish-docker.sh)
|
||||||
|
- Grabs the `release-packages` release artifact for the current commit and
|
||||||
|
builds a docker image with it and publishes that onto docker hub with the
|
||||||
|
correct tag and updates latest
|
||||||
|
@ -6,11 +6,11 @@ RUN apt-get update
|
|||||||
RUN apt-get install -y curl gnupg
|
RUN apt-get install -y curl gnupg
|
||||||
|
|
||||||
# Installs node.
|
# Installs node.
|
||||||
RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - && \
|
RUN curl -sSL https://deb.nodesource.com/setup_14.x | bash - && \
|
||||||
apt-get install -y nodejs
|
apt-get install -y nodejs
|
||||||
|
|
||||||
# Installs yarn.
|
# Installs yarn.
|
||||||
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
|
RUN curl -sSL https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
|
||||||
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
|
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
|
||||||
apt-get update && apt-get install -y yarn
|
apt-get update && apt-get install -y yarn
|
||||||
|
|
||||||
@ -27,14 +27,14 @@ RUN apt-get install -y gettext-base
|
|||||||
RUN apt-get install -y jq git rsync
|
RUN apt-get install -y jq git rsync
|
||||||
|
|
||||||
# Installs shellcheck.
|
# Installs shellcheck.
|
||||||
RUN curl -L https://github.com/koalaman/shellcheck/releases/download/v0.7.1/shellcheck-v0.7.1.linux.$(uname -m).tar.xz | \
|
RUN curl -sSL https://github.com/koalaman/shellcheck/releases/download/v0.7.1/shellcheck-v0.7.1.linux.$(uname -m).tar.xz | \
|
||||||
tar -xJ && \
|
tar -xJ && \
|
||||||
mv shellcheck*/shellcheck /usr/local/bin && \
|
mv shellcheck*/shellcheck /usr/local/bin && \
|
||||||
rm -R shellcheck*
|
rm -R shellcheck*
|
||||||
|
|
||||||
# Install Go dependencies
|
# Install Go dependencies
|
||||||
RUN ARCH="$(dpkg --print-architecture)" && \
|
RUN ARCH="$(dpkg --print-architecture)" && \
|
||||||
curl "https://dl.google.com/go/go1.14.2.linux-$ARCH.tar.gz" | tar -C /usr/local -xz
|
curl -sSL "https://dl.google.com/go/go1.14.2.linux-$ARCH.tar.gz" | tar -C /usr/local -xz
|
||||||
ENV PATH=/usr/local/go/bin:/root/go/bin:$PATH
|
ENV PATH=/usr/local/go/bin:/root/go/bin:$PATH
|
||||||
ENV GO111MODULE=on
|
ENV GO111MODULE=on
|
||||||
RUN go get mvdan.cc/sh/v3/cmd/shfmt
|
RUN go get mvdan.cc/sh/v3/cmd/shfmt
|
||||||
|
@ -28,14 +28,14 @@ RUN adduser --gecos '' --disabled-password coder && \
|
|||||||
echo "coder ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/nopasswd
|
echo "coder ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/nopasswd
|
||||||
|
|
||||||
RUN ARCH="$(dpkg --print-architecture)" && \
|
RUN ARCH="$(dpkg --print-architecture)" && \
|
||||||
curl -L "https://github.com/boxboat/fixuid/releases/download/v0.4.1/fixuid-0.4.1-linux-$ARCH.tar.gz" | tar -C /usr/local/bin -xzf - && \
|
curl -sSL "https://github.com/boxboat/fixuid/releases/download/v0.4.1/fixuid-0.4.1-linux-$ARCH.tar.gz" | tar -C /usr/local/bin -xzf - && \
|
||||||
chown root:root /usr/local/bin/fixuid && \
|
chown root:root /usr/local/bin/fixuid && \
|
||||||
chmod 4755 /usr/local/bin/fixuid && \
|
chmod 4755 /usr/local/bin/fixuid && \
|
||||||
mkdir -p /etc/fixuid && \
|
mkdir -p /etc/fixuid && \
|
||||||
printf "user: coder\ngroup: coder\n" > /etc/fixuid/config.yml
|
printf "user: coder\ngroup: coder\n" > /etc/fixuid/config.yml
|
||||||
|
|
||||||
COPY release-packages/code-server*.deb /tmp/
|
COPY release-packages/code-server*.deb /tmp/
|
||||||
RUN dpkg -i /tmp/code-server*.deb && rm /tmp/code-server*.deb
|
RUN dpkg -i /tmp/code-server*-$(dpkg --print-architecture).deb && rm /tmp/code-server*.deb
|
||||||
|
|
||||||
EXPOSE 8080
|
EXPOSE 8080
|
||||||
USER coder
|
USER coder
|
||||||
|
14
ci/release-container/build.sh
Executable file
14
ci/release-container/build.sh
Executable file
@ -0,0 +1,14 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
main() {
|
||||||
|
cd "$(dirname "$0")/../.."
|
||||||
|
source ./ci/lib.sh
|
||||||
|
VERSION="$(pkg_json_version)"
|
||||||
|
|
||||||
|
imageTag="codercom/code-server:$VERSION"
|
||||||
|
|
||||||
|
docker build -t "$imageTag" -f ./ci/release-container/Dockerfile .
|
||||||
|
}
|
||||||
|
|
||||||
|
main "$@"
|
@ -1,5 +1,4 @@
|
|||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
|
|
||||||
main() {
|
main() {
|
||||||
@ -7,19 +6,11 @@ main() {
|
|||||||
source ./ci/lib.sh
|
source ./ci/lib.sh
|
||||||
VERSION="$(pkg_json_version)"
|
VERSION="$(pkg_json_version)"
|
||||||
|
|
||||||
if [[ ${CI-} ]]; then
|
|
||||||
echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
|
|
||||||
fi
|
|
||||||
|
|
||||||
imageTag="codercom/code-server:$VERSION"
|
imageTag="codercom/code-server:$VERSION"
|
||||||
if [[ $(arch) == "arm64" ]]; then
|
|
||||||
imageTag+="-arm64"
|
|
||||||
fi
|
|
||||||
|
|
||||||
docker build \
|
|
||||||
-t "$imageTag" \
|
|
||||||
-f ./ci/release-container/Dockerfile .
|
|
||||||
docker push "$imageTag"
|
docker push "$imageTag"
|
||||||
|
docker tag "$imageTag" codercom/code-server:latest
|
||||||
|
docker push codercom/code-server:latest
|
||||||
}
|
}
|
||||||
|
|
||||||
main "$@"
|
main "$@"
|
||||||
|
29
ci/steps/lib.sh
Executable file
29
ci/steps/lib.sh
Executable file
@ -0,0 +1,29 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
source ./ci/lib.sh
|
||||||
|
|
||||||
|
# Grabs the most recent ci.yaml github workflow run that was successful and triggered from the same commit being pushd.
|
||||||
|
# This will contain the artifacts we want.
|
||||||
|
# https://developer.github.com/v3/actions/workflow-runs/#list-workflow-runs
|
||||||
|
get_artifacts_url() {
|
||||||
|
curl -sSL 'https://api.github.com/repos/cdr/code-server/actions/workflows/ci.yaml/runs?status=success&event=push' | jq -r ".workflow_runs[] | select(.head_sha == \"$(git rev-parse HEAD)\") | .artifacts_url" | head -n 1
|
||||||
|
}
|
||||||
|
|
||||||
|
# Grabs the artifact's download url.
|
||||||
|
# https://developer.github.com/v3/actions/artifacts/#list-workflow-run-artifacts
|
||||||
|
get_artifact_url() {
|
||||||
|
local artifact_name="$1"
|
||||||
|
curl -sSL "$(get_artifacts_url)" | jq -r ".artifacts[] | select(.name == \"$artifact_name\") | .archive_download_url" | head -n 1
|
||||||
|
}
|
||||||
|
|
||||||
|
# Uses the above two functions to download a artifact into a directory.
|
||||||
|
download_artifact() {
|
||||||
|
local artifact_name="$1"
|
||||||
|
local dst="$2"
|
||||||
|
|
||||||
|
local tmp_file
|
||||||
|
tmp_file="$(mktemp)"
|
||||||
|
|
||||||
|
curl -sSL "$(get_artifact_url "$artifact_name")" > "$tmp_file"
|
||||||
|
unzip -o "$tmp_file" -d "$dst"
|
||||||
|
rm "$tmp_file"
|
||||||
|
}
|
17
ci/steps/publish-docker.sh
Executable file
17
ci/steps/publish-docker.sh
Executable file
@ -0,0 +1,17 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
main() {
|
||||||
|
cd "$(dirname "$0")/../.."
|
||||||
|
source ./ci/steps/lib.sh
|
||||||
|
|
||||||
|
if [[ ${CI-} ]]; then
|
||||||
|
echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
|
||||||
|
fi
|
||||||
|
|
||||||
|
download_artifact release-packages ./release-packages
|
||||||
|
./ci/release-container/build.sh
|
||||||
|
./ci/release-container/push.sh
|
||||||
|
}
|
||||||
|
|
||||||
|
main "$@"
|
16
ci/steps/publish-npm.sh
Executable file
16
ci/steps/publish-npm.sh
Executable file
@ -0,0 +1,16 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
main() {
|
||||||
|
cd "$(dirname "$0")/../.."
|
||||||
|
source ./ci/steps/lib.sh
|
||||||
|
|
||||||
|
if [[ ${CI-} ]]; then
|
||||||
|
echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc
|
||||||
|
fi
|
||||||
|
|
||||||
|
download_artifact npm-package ./release
|
||||||
|
yarn publish --non-interactive release
|
||||||
|
}
|
||||||
|
|
||||||
|
main "$@"
|
@ -5,7 +5,7 @@ main() {
|
|||||||
cd "$(dirname "$0")/../.."
|
cd "$(dirname "$0")/../.."
|
||||||
|
|
||||||
yarn release:static
|
yarn release:static
|
||||||
./ci/build/test-static-release.sh
|
yarn test:static-release
|
||||||
yarn package
|
yarn package
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -41,5 +41,7 @@ yarn vscode
|
|||||||
yarn build
|
yarn build
|
||||||
yarn build:vscode
|
yarn build:vscode
|
||||||
yarn release
|
yarn release
|
||||||
node ./release # Run the built JavaScript with Node.
|
cd release
|
||||||
|
yarn --production
|
||||||
|
node . # Run the built JavaScript with Node.
|
||||||
```
|
```
|
||||||
|
@ -17,6 +17,7 @@
|
|||||||
"build:vscode": "./ci/build/build-vscode.sh",
|
"build:vscode": "./ci/build/build-vscode.sh",
|
||||||
"release": "./ci/build/build-release.sh",
|
"release": "./ci/build/build-release.sh",
|
||||||
"release:static": "./ci/build/build-static-release.sh",
|
"release:static": "./ci/build/build-static-release.sh",
|
||||||
|
"test:static-release": "./ci/build/test-static-release.sh",
|
||||||
"package": "./ci/build/build-packages.sh",
|
"package": "./ci/build/build-packages.sh",
|
||||||
"_____": "",
|
"_____": "",
|
||||||
"fmt": "./ci/dev/fmt.sh",
|
"fmt": "./ci/dev/fmt.sh",
|
||||||
|
Loading…
Reference in New Issue
Block a user