Add Drone CI caching
This commit is contained in:
parent
3ce7129492
commit
92da02ef3e
350
.drone.yml
350
.drone.yml
@ -1,29 +1,45 @@
|
|||||||
kind: pipeline
|
kind: pipeline
|
||||||
type: docker
|
type: docker
|
||||||
name: build-amd64
|
name: amd64:linux
|
||||||
|
|
||||||
platform:
|
platform:
|
||||||
arch: amd64
|
arch: amd64
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
|
- name: cache:restore
|
||||||
|
image: node:12
|
||||||
|
commands:
|
||||||
|
- ./scripts/cacher.sh
|
||||||
|
|
||||||
- name: build
|
- name: build
|
||||||
image: node:12
|
image: node:12
|
||||||
commands:
|
commands:
|
||||||
- apt update && apt install -y build-essential git libsecret-1-dev libx11-dev libxkbfile-dev
|
- apt update && apt install -y build-essential git libsecret-1-dev libx11-dev libxkbfile-dev
|
||||||
- if [ -z $DRONE_TAG ]; then yarn build 1.41.1 daily ; else yarn build 1.41.1 $DRONE_TAG; fi
|
- timeout 50m ./scripts/ci.bash || echo 'Timed out or failed; continuing so we can preserve cache for the next run'
|
||||||
- if [ -z $DRONE_TAG ]; then yarn binary 1.41.1 daily ; else yarn binary 1.41.1 $DRONE_TAG; fi
|
|
||||||
- if [ -z $DRONE_TAG ]; then yarn package 1.41.1 daily ; else yarn package 1.41.1 $DRONE_TAG; fi
|
|
||||||
|
|
||||||
- name: build-alpine
|
- name: cache:package
|
||||||
image: node:12-alpine
|
image: node:12
|
||||||
commands:
|
commands:
|
||||||
- apk add libxkbfile-dev libsecret-dev build-base git
|
- ./scripts/cacher.sh
|
||||||
- if [ -z $DRONE_TAG ]; then yarn build 1.41.1 daily ; else yarn build 1.41.1 $DRONE_TAG; fi
|
when:
|
||||||
- if [ -z $DRONE_TAG ]; then yarn binary 1.41.1 daily ; else yarn binary 1.41.1 $DRONE_TAG; fi
|
event: push
|
||||||
- if [ -z $DRONE_TAG ]; then yarn package 1.41.1 daily ; else yarn package 1.41.1 $DRONE_TAG; fi
|
|
||||||
|
|
||||||
- name: publish
|
- name: cache:push
|
||||||
|
image: plugins/gcs
|
||||||
|
settings:
|
||||||
|
source: cache-upload/
|
||||||
|
target: codesrv-ci.cdr.sh
|
||||||
|
token:
|
||||||
|
from_secret: gcs-token
|
||||||
|
when:
|
||||||
|
event: push
|
||||||
|
|
||||||
|
- name: test
|
||||||
|
image: node:12
|
||||||
|
commands:
|
||||||
|
- yarn test
|
||||||
|
|
||||||
|
- name: publish:github
|
||||||
image: plugins/github-release
|
image: plugins/github-release
|
||||||
settings:
|
settings:
|
||||||
api_key:
|
api_key:
|
||||||
@ -32,7 +48,7 @@ steps:
|
|||||||
when:
|
when:
|
||||||
event: tag
|
event: tag
|
||||||
|
|
||||||
- name: docker-publish
|
- name: publish:docker
|
||||||
image: banzaicloud/drone-kaniko
|
image: banzaicloud/drone-kaniko
|
||||||
settings:
|
settings:
|
||||||
username:
|
username:
|
||||||
@ -41,6 +57,7 @@ steps:
|
|||||||
from_secret: docker_password
|
from_secret: docker_password
|
||||||
tags:
|
tags:
|
||||||
- latest
|
- latest
|
||||||
|
- v2
|
||||||
- ${DRONE_TAG}
|
- ${DRONE_TAG}
|
||||||
build_args:
|
build_args:
|
||||||
- codeServerVersion=${DRONE_TAG}
|
- codeServerVersion=${DRONE_TAG}
|
||||||
@ -51,30 +68,46 @@ steps:
|
|||||||
---
|
---
|
||||||
kind: pipeline
|
kind: pipeline
|
||||||
type: docker
|
type: docker
|
||||||
name: build-arm64
|
name: amd64:alpine
|
||||||
|
|
||||||
platform:
|
platform:
|
||||||
arch: arm64
|
arch: amd64
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
|
- name: cache:restore
|
||||||
- name: build
|
|
||||||
image: node:12
|
|
||||||
commands:
|
|
||||||
- apt update && apt install -y build-essential git libsecret-1-dev libx11-dev libxkbfile-dev
|
|
||||||
- if [ -z $DRONE_TAG ]; then yarn build 1.41.1 daily ; else yarn build 1.41.1 $DRONE_TAG; fi
|
|
||||||
- if [ -z $DRONE_TAG ]; then yarn binary 1.41.1 daily ; else yarn binary 1.41.1 $DRONE_TAG; fi
|
|
||||||
- if [ -z $DRONE_TAG ]; then yarn package 1.41.1 daily ; else yarn package 1.41.1 $DRONE_TAG; fi
|
|
||||||
|
|
||||||
- name: build-alpine
|
|
||||||
image: node:12-alpine
|
image: node:12-alpine
|
||||||
commands:
|
commands:
|
||||||
- apk add libxkbfile-dev libsecret-dev build-base git
|
- ./scripts/cacher.sh
|
||||||
- if [ -z $DRONE_TAG ]; then yarn build 1.41.1 daily ; else yarn build 1.41.1 $DRONE_TAG; fi
|
|
||||||
- if [ -z $DRONE_TAG ]; then yarn binary 1.41.1 daily ; else yarn binary 1.41.1 $DRONE_TAG; fi
|
|
||||||
- if [ -z $DRONE_TAG ]; then yarn package 1.41.1 daily ; else yarn package 1.41.1 $DRONE_TAG; fi
|
|
||||||
|
|
||||||
- name: publish
|
- name: build
|
||||||
|
image: node:12-alpine
|
||||||
|
commands:
|
||||||
|
- apk add libxkbfile-dev libsecret-dev build-base git bash python
|
||||||
|
- timeout 50m ./scripts/ci.bash || echo 'Timed out or failed; continuing so we can preserve cache for the next run'
|
||||||
|
|
||||||
|
- name: cache:package
|
||||||
|
image: node:12-alpine
|
||||||
|
commands:
|
||||||
|
- ./scripts/cacher.sh
|
||||||
|
when:
|
||||||
|
event: push
|
||||||
|
|
||||||
|
- name: cache:push
|
||||||
|
image: plugins/gcs
|
||||||
|
settings:
|
||||||
|
source: cache-upload/
|
||||||
|
target: codesrv-ci.cdr.sh
|
||||||
|
token:
|
||||||
|
from_secret: gcs-token
|
||||||
|
when:
|
||||||
|
event: push
|
||||||
|
|
||||||
|
- name: test
|
||||||
|
image: node:12-alpine
|
||||||
|
commands:
|
||||||
|
- yarn test
|
||||||
|
|
||||||
|
- name: publish:github
|
||||||
image: plugins/github-release
|
image: plugins/github-release
|
||||||
settings:
|
settings:
|
||||||
api_key:
|
api_key:
|
||||||
@ -83,7 +116,58 @@ steps:
|
|||||||
when:
|
when:
|
||||||
event: tag
|
event: tag
|
||||||
|
|
||||||
- name: docker-publish
|
---
|
||||||
|
kind: pipeline
|
||||||
|
type: docker
|
||||||
|
name: arm64:linux
|
||||||
|
|
||||||
|
platform:
|
||||||
|
arch: arm64
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: cache:restore
|
||||||
|
image: node:12
|
||||||
|
commands:
|
||||||
|
- ./scripts/cacher.sh
|
||||||
|
|
||||||
|
- name: build
|
||||||
|
image: node:12
|
||||||
|
commands:
|
||||||
|
- apt update && apt install -y build-essential git libsecret-1-dev libx11-dev libxkbfile-dev
|
||||||
|
- timeout 50m ./scripts/ci.bash || echo 'Timed out or failed; continuing so we can preserve cache for the next run'
|
||||||
|
|
||||||
|
- name: cache:package
|
||||||
|
image: node:12
|
||||||
|
commands:
|
||||||
|
- ./scripts/cacher.sh
|
||||||
|
when:
|
||||||
|
event: push
|
||||||
|
|
||||||
|
- name: cache:push
|
||||||
|
image: plugins/gcs
|
||||||
|
settings:
|
||||||
|
source: cache-upload/
|
||||||
|
target: codesrv-ci.cdr.sh
|
||||||
|
token:
|
||||||
|
from_secret: gcs-token
|
||||||
|
when:
|
||||||
|
event: push
|
||||||
|
|
||||||
|
- name: test
|
||||||
|
image: node:12
|
||||||
|
commands:
|
||||||
|
- yarn test
|
||||||
|
|
||||||
|
- name: publish:github
|
||||||
|
image: plugins/github-release
|
||||||
|
settings:
|
||||||
|
api_key:
|
||||||
|
from_secret: github_token
|
||||||
|
files: release/*.tar.gz
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
|
||||||
|
- name: publish:docker
|
||||||
image: banzaicloud/drone-kaniko
|
image: banzaicloud/drone-kaniko
|
||||||
settings:
|
settings:
|
||||||
username:
|
username:
|
||||||
@ -91,7 +175,7 @@ steps:
|
|||||||
password:
|
password:
|
||||||
from_secret: docker_password
|
from_secret: docker_password
|
||||||
tags:
|
tags:
|
||||||
- latest-arm64
|
- arm64
|
||||||
- ${DRONE_TAG}-arm64
|
- ${DRONE_TAG}-arm64
|
||||||
build_args:
|
build_args:
|
||||||
- codeServerVersion=$DRONE_TAG
|
- codeServerVersion=$DRONE_TAG
|
||||||
@ -99,37 +183,171 @@ steps:
|
|||||||
when:
|
when:
|
||||||
event: tag
|
event: tag
|
||||||
|
|
||||||
# ---
|
---
|
||||||
# kind: pipeline
|
kind: pipeline
|
||||||
# type: docker
|
type: docker
|
||||||
# name: build-arm
|
name: arm64:alpine
|
||||||
#
|
|
||||||
# platform:
|
platform:
|
||||||
# arch: arm
|
arch: arm64
|
||||||
#
|
|
||||||
# steps:
|
steps:
|
||||||
#
|
- name: cache:restore
|
||||||
# - name: build
|
image: node:12-alpine
|
||||||
# image: node:12
|
commands:
|
||||||
# commands:
|
- ./scripts/cacher.sh
|
||||||
# - apt update && apt install -y build-essential git libsecret-1-dev libx11-dev libxkbfile-dev
|
|
||||||
# - yarn
|
- name: build
|
||||||
# - if [ -z $DRONE_TAG ]; then yarn build 1.41.1 daily ; else yarn build 1.41.1 $DRONE_TAG; fi
|
image: node:12-alpine
|
||||||
# - if [ -z $DRONE_TAG ]; then yarn binary 1.41.1 daily ; else yarn binary 1.41.1 $DRONE_TAG; fi
|
commands:
|
||||||
#
|
- apk add libxkbfile-dev libsecret-dev build-base git bash python
|
||||||
# - name: build-alpine
|
- timeout 50m ./scripts/ci.bash || echo 'Timed out or failed; continuing so we can preserve cache for the next run'
|
||||||
# image: node:12-alpine
|
|
||||||
# commands:
|
- name: cache:package
|
||||||
# - apk add libxkbfile-dev libsecret-dev build-base git
|
image: node:12-alpine
|
||||||
# - if [ -z $DRONE_TAG ]; then yarn build 1.41.1 daily ; else yarn build 1.41.1 $DRONE_TAG; fi
|
commands:
|
||||||
# - if [ -z $DRONE_TAG ]; then yarn binary 1.41.1 daily ; else yarn binary 1.41.1 $DRONE_TAG; fi
|
- ./scripts/cacher.sh
|
||||||
# - if [ -z $DRONE_TAG ]; then yarn package 1.41.1 daily ; else yarn package 1.41.1 $DRONE_TAG; fi
|
when:
|
||||||
#
|
event: push
|
||||||
# - name: publish
|
|
||||||
# image: plugins/github-release
|
- name: cache:push
|
||||||
# settings:
|
image: plugins/gcs
|
||||||
# api_key:
|
settings:
|
||||||
# from_secret: github_token
|
source: cache-upload/
|
||||||
# files: release/*.tar.gz
|
target: codesrv-ci.cdr.sh
|
||||||
# when:
|
token:
|
||||||
# event: tag
|
from_secret: gcs-token
|
||||||
|
when:
|
||||||
|
event: push
|
||||||
|
|
||||||
|
- name: test
|
||||||
|
image: node:12-alpine
|
||||||
|
commands:
|
||||||
|
- yarn test
|
||||||
|
|
||||||
|
- name: publish:github
|
||||||
|
image: plugins/github-release
|
||||||
|
settings:
|
||||||
|
api_key:
|
||||||
|
from_secret: github_token
|
||||||
|
files: release/*.tar.gz
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: pipeline
|
||||||
|
type: docker
|
||||||
|
name: arm:linux
|
||||||
|
|
||||||
|
platform:
|
||||||
|
arch: arm
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: cache:restore
|
||||||
|
image: node:12
|
||||||
|
commands:
|
||||||
|
- ./scripts/cacher.sh
|
||||||
|
|
||||||
|
- name: build
|
||||||
|
image: node:12
|
||||||
|
commands:
|
||||||
|
- apt update && apt install -y build-essential git libsecret-1-dev libx11-dev libxkbfile-dev
|
||||||
|
- timeout 50m ./scripts/ci.bash || echo 'Timed out or failed; continuing so we can preserve cache for the next run'
|
||||||
|
|
||||||
|
- name: cache:package
|
||||||
|
image: node:12
|
||||||
|
commands:
|
||||||
|
- ./scripts/cacher.sh
|
||||||
|
when:
|
||||||
|
event: push
|
||||||
|
|
||||||
|
- name: cache:push
|
||||||
|
image: plugins/gcs
|
||||||
|
settings:
|
||||||
|
source: cache-upload/
|
||||||
|
target: codesrv-ci.cdr.sh
|
||||||
|
token:
|
||||||
|
from_secret: gcs-token
|
||||||
|
when:
|
||||||
|
event: push
|
||||||
|
|
||||||
|
- name: test
|
||||||
|
image: node:12
|
||||||
|
commands:
|
||||||
|
- yarn test
|
||||||
|
|
||||||
|
- name: publish:github
|
||||||
|
image: plugins/github-release
|
||||||
|
settings:
|
||||||
|
api_key:
|
||||||
|
from_secret: github_token
|
||||||
|
files: release/*.tar.gz
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
|
||||||
|
- name: publish:docker
|
||||||
|
image: banzaicloud/drone-kaniko
|
||||||
|
settings:
|
||||||
|
username:
|
||||||
|
from_secret: docker_user
|
||||||
|
password:
|
||||||
|
from_secret: docker_password
|
||||||
|
tags:
|
||||||
|
- arm
|
||||||
|
- ${DRONE_TAG}-arm
|
||||||
|
build_args:
|
||||||
|
- codeServerVersion=$DRONE_TAG
|
||||||
|
- vscodeVersion=1.41.1
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: pipeline
|
||||||
|
type: docker
|
||||||
|
name: arm:alpine
|
||||||
|
|
||||||
|
platform:
|
||||||
|
arch: arm
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: cache:restore
|
||||||
|
image: node:12-alpine
|
||||||
|
commands:
|
||||||
|
- ./scripts/cacher.sh
|
||||||
|
|
||||||
|
- name: build
|
||||||
|
image: node:12-alpine
|
||||||
|
commands:
|
||||||
|
- apk add libxkbfile-dev libsecret-dev build-base git bash python
|
||||||
|
- timeout 50m ./scripts/ci.bash || echo 'Timed out or failed; continuing so we can preserve cache for the next run'
|
||||||
|
|
||||||
|
- name: cache:package
|
||||||
|
image: node:12-alpine
|
||||||
|
commands:
|
||||||
|
- ./scripts/cacher.sh
|
||||||
|
when:
|
||||||
|
event: push
|
||||||
|
|
||||||
|
- name: cache:push
|
||||||
|
image: plugins/gcs
|
||||||
|
settings:
|
||||||
|
source: cache-upload/
|
||||||
|
target: codesrv-ci.cdr.sh
|
||||||
|
token:
|
||||||
|
from_secret: gcs-token
|
||||||
|
when:
|
||||||
|
event: push
|
||||||
|
|
||||||
|
- name: test
|
||||||
|
image: node:12-alpine
|
||||||
|
commands:
|
||||||
|
- yarn test
|
||||||
|
|
||||||
|
- name: publish:github
|
||||||
|
image: plugins/github-release
|
||||||
|
settings:
|
||||||
|
api_key:
|
||||||
|
from_secret: github_token
|
||||||
|
files: release/*.tar.gz
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
8
.gitignore
vendored
8
.gitignore
vendored
@ -1,5 +1,5 @@
|
|||||||
node_modules
|
node_modules
|
||||||
build
|
/build
|
||||||
release
|
/release
|
||||||
binaries
|
/binaries
|
||||||
source
|
/lib
|
||||||
|
@ -59,4 +59,4 @@ cache:
|
|||||||
timeout: 1000
|
timeout: 1000
|
||||||
yarn: true
|
yarn: true
|
||||||
directories:
|
directories:
|
||||||
- source
|
- source/vscode-1.41.1-source
|
||||||
|
@ -49,11 +49,6 @@ RUN mkdir -p /home/coder/project
|
|||||||
# To avoid EACCES issues on f.ex Crostini (ChromeOS)
|
# To avoid EACCES issues on f.ex Crostini (ChromeOS)
|
||||||
RUN mkdir -p /home/coder/.local/share/code-server
|
RUN mkdir -p /home/coder/.local/share/code-server
|
||||||
|
|
||||||
# FIXME: permission fix required for bind-mounts
|
|
||||||
# See GH-1270
|
|
||||||
RUN sudo chmod -R g+rw /home/coder/project && sudo chmod -R g+rw /home/coder/.local/share/code-server && \
|
|
||||||
sudo chown -R coder:coder /home/coder
|
|
||||||
|
|
||||||
WORKDIR /home/coder/project
|
WORKDIR /home/coder/project
|
||||||
|
|
||||||
# This ensures we have a volume mounted even if the user forgot to do bind
|
# This ensures we have a volume mounted even if the user forgot to do bind
|
||||||
|
@ -65,10 +65,10 @@ before building.
|
|||||||
|
|
||||||
```shell
|
```shell
|
||||||
export OUT=/path/to/output/build # Optional if only building. Required if also developing.
|
export OUT=/path/to/output/build # Optional if only building. Required if also developing.
|
||||||
yarn build ${vscodeVersion} ${codeServerVersion} # See travis.yml for the VS Code version to use.
|
yarn build $vscodeVersion $codeServerVersion # See travis.yml for the VS Code version to use.
|
||||||
# The code-server version can be anything you want.
|
# The code-server version can be anything you want.
|
||||||
node /path/to/output/build/out/vs/server/main.js # You can run the built JavaScript with Node.
|
node /path/to/output/build/out/vs/server/main.js # You can run the built JavaScript with Node.
|
||||||
yarn binary ${vscodeVersion} ${codeServerVersion} # Or you can package it into a binary.
|
yarn binary $vscodeVersion $codeServerVersion # Or you can package it into a binary.
|
||||||
```
|
```
|
||||||
|
|
||||||
## Security
|
## Security
|
||||||
|
53
scripts/cacher.sh
Normal file
53
scripts/cacher.sh
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
# cacher.sh -- Restore and rebuild cache.
|
||||||
|
# Cache paths are designed to work with multi-arch builds and are organized
|
||||||
|
# based on the branch or tag. The master branch cache is used as a fallback.
|
||||||
|
# This will download and package the cache but it will not upload it.
|
||||||
|
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
# Try restoring from each argument in turn until we get something.
|
||||||
|
restore() {
|
||||||
|
for branch in "$@" ; do
|
||||||
|
if [ -n "$branch" ] ; then
|
||||||
|
cache_path="https://codesrv-ci.cdr.sh/cache/$branch/$tar.tar.gz"
|
||||||
|
if wget "$cache_path" ; then
|
||||||
|
tar xzvf "$tar.tar.gz"
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
# We need to cache the built-in extensions and Node modules. Everything inside
|
||||||
|
# the cache-upload directory will be uploaded as-is to the code-server bucket.
|
||||||
|
package() {
|
||||||
|
mkdir -p "cache-upload/cache/$1"
|
||||||
|
tar czfv "cache-upload/cache/$1/$tar.tar.gz" node_modules source/vscode-1.41.1-source
|
||||||
|
}
|
||||||
|
|
||||||
|
main() {
|
||||||
|
cd "$(dirname "$0")/.."
|
||||||
|
|
||||||
|
# Get the branch for this build.
|
||||||
|
branch=${DRONE_BRANCH:-${DRONE_SOURCE_BRANCH:-${DRONE_TAG:-}}}
|
||||||
|
|
||||||
|
# The cache will be named based on the arch, platform, and libc.
|
||||||
|
arch=$DRONE_STAGE_ARCH
|
||||||
|
platform=${PLATFORM:-linux}
|
||||||
|
case $DRONE_STAGE_NAME in
|
||||||
|
*alpine*) libc=musl ;;
|
||||||
|
* ) libc=glibc ;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
tar="$platform-$arch-$libc"
|
||||||
|
|
||||||
|
# The action is determined by the name of the step.
|
||||||
|
case $DRONE_STEP_NAME in
|
||||||
|
*restore*) restore "$branch" "$DRONE_REPO_BRANCH" ;;
|
||||||
|
*rebuild*|*package*) package "$branch" ;;
|
||||||
|
*) exit 1 ;;
|
||||||
|
esac
|
||||||
|
}
|
||||||
|
|
||||||
|
main "$@"
|
Reference in New Issue
Block a user