OCram85/code-server
Archived
1
0
Fork 0
Code Pull Requests 2 Activity

feat(ci): refactor build workflow (#5572)

Browse Source 
* refactor: remove stylelint

* refactor: move shellcheck to separate job

* refactor: add helm script and job

* refactor: add eslint job and yarn script

* fix(test/tsconfig): exclude test-plugin

* refactor: delete lint, add typecheck job

* refactor: remove prebuild

* wip: add notes about unit test refactor

* refactor: delete buggy socket test

This test was really added to in get cover specific lines but it's buggy
and only passes sometimes locally. I think it's okay to remove because:
- it's an implementation detail (not user facing)
- not preventing any specific regressions

* refactor: move test-plugin to integration suite

This seems more appropriate given this tests how a plugin might work
within code-server.

* wip

* wip: refactor vscode integration tests

* refactor: move unit tests to separate job

* fix: formatting

* Revert "wip: refactor vscode integration tests"

This reverts commit 13286bf4c9.

* Revert "refactor: move unit tests to separate job"

This reverts commit 6c87b540b4.

* feat: collect codecov integration tests

* fixup! feat: collect codecov integration tests

* fixup! feat: collect codecov integration tests

* fixup!: move helm step

* fixup!: update ids for caching

* trigger ci

* trigger ci

* chore: clean up names in security.yaml

* fixup!: remove .tsx

* fixup!: change to src/**"

* fixup!: move helm cmd to yaml

* fixup!: always build test plugin

* fixup!: fix plugin typings

* fixup! add back flakey test

* fixup!: only install helm deps if changes

* fixup!: revert node mod caching

* dont keep, test for asher

* fixup!: add make to centos

* refactor: add test:native

This adds a new script to run native tests (i.e. --help which should run
in ci on all platforms).

* try updating glibc

* try 2.25

* Revert "refactor: move test-plugin to integration suite"

This reverts commit bc02005dc0.

I couldn't get past some GLIBC errors in CI so moving back to unit
tests.

* Revert "try updating glibc"

This reverts commit 02ed560f22.

* fixup!

* asher: again

* try this for ts changes

* fixup

* refactor: scripts.yml -> scripts.yaml

* fixup!: move lint-sh to scripts.yaml

* fixup!: use apk for lint scripts

* fixup! fixup!: use apk for lint scripts

* fixup!: remove typecheck step

* fix: pattern for lint ts files

* test: lint should fail

* fixup! fixup!: use apk for lint scripts

* Revert "test: lint should fail"

This reverts commit 158c64db04.

* fixup!: skip cancel workflow on forks

Looks like the cancel action workflow can't run on forks due to secrets.

See https://github.com/andymckay/cancel-action/issues/4

* fixup: remove cancel-workflow

* fixup! fixup! fixup!: use apk for lint scripts

* fixup! fixup! fixup!: use apk for lint scripts

* fixup!: fix yarn key

* fixup!: add fetch-depth 0
This commit is contained in:
Joe Previte
2022-09-22 12:33:32 -07:00
committed by GitHub
parent 4223cf6e2b
commit 51677f0819
11 changed files with 188 additions and 1070 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
.github/workflows/build.yaml vendored
View File

@ -22,10 +22,10 @@ concurrency:
# will skip running `yarn install` if it successfully fetched from cache
jobs:
prebuild:
name: Pre-build checks
fmt:
name: Format with Prettier
runs-on: ubuntu-latest
timeout-minutes: 20
timeout-minutes: 5
steps:
- name: Checkout repo
uses: actions/checkout@v3
@ -35,14 +35,6 @@ jobs:
with:
node-version: "16"
- name: Install helm
uses: azure/setup-helm@v3.3
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install helm kubeval plugin
run: helm plugin install https://github.com/instrumenta/helm-kubeval
- name: Fetch dependencies from cache
id: cache-node-modules
uses: actions/cache@v3
@ -56,17 +48,86 @@ jobs:
if: steps.cache-node-modules.outputs.cache-hit != 'true'
run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
- name: Run yarn fmt
- name: Format files with Prettier
run: yarn fmt
if: success()
- name: Run yarn lint
run: yarn lint
if: success()
lint-helm:
name: Lint Helm chart
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
fetch-depth: 2
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v23.2
with:
files: |
ci/helm-chart/**
- name: Install helm
if: steps.changed-files.outputs.any_changed == 'true'
uses: azure/setup-helm@v3.3
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install helm kubeval plugin
if: steps.changed-files.outputs.any_changed == 'true'
run: helm plugin install https://github.com/instrumenta/helm-kubeval
- name: Lint Helm chart
if: steps.changed-files.outputs.any_changed == 'true'
run: helm kubeval ci/helm-chart
lint-ts:
name: Lint TypeScript files
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
fetch-depth: 2
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v23.2
with:
files: |
**/*.ts
**/*.js
files_ignore: |
lib/vscode/**
- name: Install Node.js v16
if: steps.changed-files.outputs.any_changed == 'true'
uses: actions/setup-node@v3
with:
node-version: "16"
- name: Fetch dependencies from cache
if: steps.changed-files.outputs.any_changed == 'true'
id: cache-node-modules
uses: actions/cache@v3
with:
path: "**/node_modules"
key: yarn-build-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
yarn-build-
- name: Install dependencies
if: steps.changed-files.outputs.any_changed == 'true' && steps.cache-node-modules.outputs.cache-hit != 'true'
run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
- name: Lint TypeScript files
if: steps.changed-files.outputs.any_changed == 'true'
run: yarn lint:ts
build:
name: Build
needs: prebuild
runs-on: ubuntu-latest
timeout-minutes: 30
env:
@ -222,6 +283,8 @@ jobs:
runs-on: ubuntu-latest
timeout-minutes: 15
container: "centos:7"
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
steps:
- name: Checkout repo
@ -234,7 +297,7 @@ jobs:
- name: Install development tools
run: |
yum install -y epel-release centos-release-scl
yum install -y epel-release centos-release-scl make
yum install -y devtoolset-9-{make,gcc,gcc-c++} jq rsync python3
- name: Install nfpm and envsubst
@ -278,6 +341,12 @@ jobs:
- name: Run integration tests on standalone release
run: yarn test:integration
- name: Upload coverage report to Codecov
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
if: success()
- name: Build packages with nfpm
run: yarn package
@ -417,8 +486,8 @@ jobs:
if: steps.cache-node-modules.outputs.cache-hit != 'true'
run: SKIP_SUBMODULE_DEPS=1 yarn install
- name: Run integration tests on standalone release
run: yarn test:integration
- name: Run native module tests on standalone release
run: yarn test:native
- name: Build packages with nfpm
run: yarn package

14
.github/workflows/scripts.yml → .github/workflows/scripts.yaml vendored
View File

@ -51,3 +51,17 @@ jobs:
- name: Run script unit tests
run: ./ci/dev/test-scripts.sh
lint:
name: Lint shell files
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Install lint utilities
run: sudo apt install shellcheck
- name: Lint shell files
run: ./ci/dev/lint-scripts.sh

7
.github/workflows/security.yaml vendored
View File

@ -1,4 +1,4 @@
name: "Security Scanning"
name: Security
on:
push:
@ -19,7 +19,7 @@ concurrency:
jobs:
audit-ci:
name: Run audit-ci
name: Audit node modules
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
@ -51,6 +51,7 @@ jobs:
if: success()
trivy-scan-repo:
name: Scan repo with Trivy
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
@ -82,7 +83,7 @@ jobs:
actions: read # for github/codeql-action/init to get workflow details
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/autobuild to send a status report
name: Analyze
name: Analyze with CodeQL
runs-on: ubuntu-20.04
steps: