commit
b706e85efb
3
.github/workflows/ci.yaml
vendored
3
.github/workflows/ci.yaml
vendored
@ -81,7 +81,8 @@ jobs:
|
||||
- run: ./ci/steps/release-static.sh
|
||||
env:
|
||||
# Otherwise we get rate limited when fetching the ripgrep binary.
|
||||
GITHUB_TOKEN: ${{ secrets.github_token }}
|
||||
# For whatever reason only MacOS needs it.
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Upload release artifacts
|
||||
uses: actions/upload-artifact@v2
|
||||
with:
|
||||
|
41
.github/workflows/publish.yaml
vendored
Normal file
41
.github/workflows/publish.yaml
vendored
Normal file
@ -0,0 +1,41 @@
|
||||
name: publish
|
||||
|
||||
on:
|
||||
release:
|
||||
types: [published]
|
||||
|
||||
jobs:
|
||||
npm:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- name: Run ./ci/steps/publish-npm.sh
|
||||
uses: ./ci/container
|
||||
with:
|
||||
args: ./ci/steps/publish-npm.sh
|
||||
env:
|
||||
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
|
||||
|
||||
docker-amd64:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- name: Run ./ci/steps/publish-docker.sh
|
||||
uses: ./ci/container
|
||||
with:
|
||||
args: ./ci/steps/publish-docker.sh
|
||||
env:
|
||||
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
||||
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
||||
|
||||
docker-arm64:
|
||||
runs-on: ubuntu-arm64-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- name: Run ./ci/steps/publish-docker.sh
|
||||
uses: ./ci/container
|
||||
with:
|
||||
args: ./ci/steps/publish-docker.sh
|
||||
env:
|
||||
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
||||
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
42
ci/README.md
42
ci/README.md
@ -8,17 +8,17 @@ Any file and directory added into this tree should be documented here.
|
||||
|
||||
## Publishing a release
|
||||
|
||||
1. Change the version of code-server in `package.json` and push this commit.
|
||||
1. CI will run and generate an NPM package and release packages that you can download
|
||||
as artifacts on Github Actions.
|
||||
1. Create a new draft release with the built release packages.
|
||||
1. Run some basic sanity tests on one of the released packages.
|
||||
1. Publish.
|
||||
1. Download the built npm package and publish it.
|
||||
1. Place the debian releases into `./release-packages` and then push the docker
|
||||
image with `./ci/release-container/push.sh`.
|
||||
1. This will need to be ran on an ARM64 instance as well.
|
||||
1. At some point we need to automate this.
|
||||
1. Update the version of code-server in `package.json` and push a commit
|
||||
1. CI will run and generate the `npm-package` and `release-packages` artifacts on the GH actions workflow
|
||||
1. Create a new draft release and attach all files in `release-packages`
|
||||
1. Run some basic sanity tests on one of the released packages
|
||||
1. Summarize the major changes in the release notes and link to the relevant issues.
|
||||
1. Make sure to mention the VS Code version in the release notes
|
||||
1. Publish the release
|
||||
1. CI will automatically grab the artifacts and then
|
||||
1. Publish the NPM package
|
||||
1. Publish the AMD64 docker image
|
||||
1. Publish the ARM64 docker image
|
||||
|
||||
## dev
|
||||
|
||||
@ -65,9 +65,9 @@ You can disable minification by setting `MINIFY=`.
|
||||
- Useful to do a clean build.
|
||||
- [./build/code-server.sh](./build/code-server.sh)
|
||||
- Copied into static releases to run code-server with the bundled node binary.
|
||||
- [./build/test-release.sh](./build/test-static-release.sh)
|
||||
- [./build/test-static-release.sh](./build/test-static-release.sh) (`yarn test:static-release`)
|
||||
- Ensures code-server in the `./release-static` directory runs
|
||||
- [./build/build-packages.sh](./build/build-static-pkgs.sh) (`yarn package`)
|
||||
- [./build/build-packages.sh](./build/build-packages.sh) (`yarn package`)
|
||||
- Packages `./release-static` into an archive in `./release-packages`
|
||||
- If on linux, [nfpm](https://github.com/goreleaser/nfpm) is used to generate .deb and .rpm
|
||||
- [./build/nfpm.yaml](./build/nfpm.yaml)
|
||||
@ -79,6 +79,12 @@ You can disable minification by setting `MINIFY=`.
|
||||
|
||||
This directory contains the release docker container.
|
||||
|
||||
- [./release-container/build.sh](./release-container/build.sh)
|
||||
- Builds the release container
|
||||
- Assumes debian releases are ready in `./release-packages`
|
||||
- [./release-container/push.sh](./release-container/push.sh)
|
||||
- Pushes the built release container to docker hub and updates the latest tag
|
||||
|
||||
## container
|
||||
|
||||
This directory contains the container for CI.
|
||||
@ -86,7 +92,7 @@ This directory contains the container for CI.
|
||||
## steps
|
||||
|
||||
This directory contains a few scripts used in CI.
|
||||
Just helps avoid clobbering .travis.yml.
|
||||
Just helps avoid clobbering the CI configuration.
|
||||
|
||||
- [./steps/test.sh](./steps/test.sh)
|
||||
- Runs `yarn ci` after ensuring VS Code is patched
|
||||
@ -95,3 +101,11 @@ Just helps avoid clobbering .travis.yml.
|
||||
- Generates the npm package at `./release`
|
||||
- [./steps/static-release.sh](./steps/static-release.sh)
|
||||
- Takes the output of the previous script and generates a static release and packages
|
||||
- [./steps/lib.sh](./steps/lib.sh)
|
||||
- Contains helpers to download artifacts from github actions workflow runs
|
||||
- [./steps/publish-npm.sh](./steps/publish-npm.sh)
|
||||
- Grabs the `npm-package` release artifact for the current commit and publishes it on NPM
|
||||
- [./steps/publish-docker.sh](./steps/publish-docker.sh)
|
||||
- Grabs the `release-packages` release artifact for the current commit and
|
||||
builds a docker image with it and publishes that onto docker hub with the
|
||||
correct tag and updates latest
|
||||
|
@ -6,11 +6,11 @@ RUN apt-get update
|
||||
RUN apt-get install -y curl gnupg
|
||||
|
||||
# Installs node.
|
||||
RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - && \
|
||||
RUN curl -sSL https://deb.nodesource.com/setup_14.x | bash - && \
|
||||
apt-get install -y nodejs
|
||||
|
||||
# Installs yarn.
|
||||
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
|
||||
RUN curl -sSL https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
|
||||
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
|
||||
apt-get update && apt-get install -y yarn
|
||||
|
||||
@ -27,14 +27,14 @@ RUN apt-get install -y gettext-base
|
||||
RUN apt-get install -y jq git rsync
|
||||
|
||||
# Installs shellcheck.
|
||||
RUN curl -L https://github.com/koalaman/shellcheck/releases/download/v0.7.1/shellcheck-v0.7.1.linux.$(uname -m).tar.xz | \
|
||||
RUN curl -sSL https://github.com/koalaman/shellcheck/releases/download/v0.7.1/shellcheck-v0.7.1.linux.$(uname -m).tar.xz | \
|
||||
tar -xJ && \
|
||||
mv shellcheck*/shellcheck /usr/local/bin && \
|
||||
rm -R shellcheck*
|
||||
|
||||
# Install Go dependencies
|
||||
RUN ARCH="$(dpkg --print-architecture)" && \
|
||||
curl "https://dl.google.com/go/go1.14.2.linux-$ARCH.tar.gz" | tar -C /usr/local -xz
|
||||
curl -sSL "https://dl.google.com/go/go1.14.2.linux-$ARCH.tar.gz" | tar -C /usr/local -xz
|
||||
ENV PATH=/usr/local/go/bin:/root/go/bin:$PATH
|
||||
ENV GO111MODULE=on
|
||||
RUN go get mvdan.cc/sh/v3/cmd/shfmt
|
||||
|
@ -28,14 +28,14 @@ RUN adduser --gecos '' --disabled-password coder && \
|
||||
echo "coder ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/nopasswd
|
||||
|
||||
RUN ARCH="$(dpkg --print-architecture)" && \
|
||||
curl -L "https://github.com/boxboat/fixuid/releases/download/v0.4.1/fixuid-0.4.1-linux-$ARCH.tar.gz" | tar -C /usr/local/bin -xzf - && \
|
||||
curl -sSL "https://github.com/boxboat/fixuid/releases/download/v0.4.1/fixuid-0.4.1-linux-$ARCH.tar.gz" | tar -C /usr/local/bin -xzf - && \
|
||||
chown root:root /usr/local/bin/fixuid && \
|
||||
chmod 4755 /usr/local/bin/fixuid && \
|
||||
mkdir -p /etc/fixuid && \
|
||||
printf "user: coder\ngroup: coder\n" > /etc/fixuid/config.yml
|
||||
|
||||
COPY release-packages/code-server*.deb /tmp/
|
||||
RUN dpkg -i /tmp/code-server*.deb && rm /tmp/code-server*.deb
|
||||
RUN dpkg -i /tmp/code-server*-$(dpkg --print-architecture).deb && rm /tmp/code-server*.deb
|
||||
|
||||
EXPOSE 8080
|
||||
USER coder
|
||||
|
14
ci/release-container/build.sh
Executable file
14
ci/release-container/build.sh
Executable file
@ -0,0 +1,14 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
main() {
|
||||
cd "$(dirname "$0")/../.."
|
||||
source ./ci/lib.sh
|
||||
VERSION="$(pkg_json_version)"
|
||||
|
||||
imageTag="codercom/code-server:$VERSION"
|
||||
|
||||
docker build -t "$imageTag" -f ./ci/release-container/Dockerfile .
|
||||
}
|
||||
|
||||
main "$@"
|
@ -1,5 +1,4 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
main() {
|
||||
@ -7,19 +6,11 @@ main() {
|
||||
source ./ci/lib.sh
|
||||
VERSION="$(pkg_json_version)"
|
||||
|
||||
if [[ ${CI-} ]]; then
|
||||
echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
|
||||
fi
|
||||
|
||||
imageTag="codercom/code-server:$VERSION"
|
||||
if [[ $(arch) == "arm64" ]]; then
|
||||
imageTag+="-arm64"
|
||||
fi
|
||||
|
||||
docker build \
|
||||
-t "$imageTag" \
|
||||
-f ./ci/release-container/Dockerfile .
|
||||
docker push "$imageTag"
|
||||
docker tag "$imageTag" codercom/code-server:latest
|
||||
docker push codercom/code-server:latest
|
||||
}
|
||||
|
||||
main "$@"
|
||||
|
29
ci/steps/lib.sh
Executable file
29
ci/steps/lib.sh
Executable file
@ -0,0 +1,29 @@
|
||||
#!/usr/bin/env bash
|
||||
source ./ci/lib.sh
|
||||
|
||||
# Grabs the most recent ci.yaml github workflow run that was successful and triggered from the same commit being pushd.
|
||||
# This will contain the artifacts we want.
|
||||
# https://developer.github.com/v3/actions/workflow-runs/#list-workflow-runs
|
||||
get_artifacts_url() {
|
||||
curl -sSL 'https://api.github.com/repos/cdr/code-server/actions/workflows/ci.yaml/runs?status=success&event=push' | jq -r ".workflow_runs[] | select(.head_sha == \"$(git rev-parse HEAD)\") | .artifacts_url" | head -n 1
|
||||
}
|
||||
|
||||
# Grabs the artifact's download url.
|
||||
# https://developer.github.com/v3/actions/artifacts/#list-workflow-run-artifacts
|
||||
get_artifact_url() {
|
||||
local artifact_name="$1"
|
||||
curl -sSL "$(get_artifacts_url)" | jq -r ".artifacts[] | select(.name == \"$artifact_name\") | .archive_download_url" | head -n 1
|
||||
}
|
||||
|
||||
# Uses the above two functions to download a artifact into a directory.
|
||||
download_artifact() {
|
||||
local artifact_name="$1"
|
||||
local dst="$2"
|
||||
|
||||
local tmp_file
|
||||
tmp_file="$(mktemp)"
|
||||
|
||||
curl -sSL "$(get_artifact_url "$artifact_name")" > "$tmp_file"
|
||||
unzip -o "$tmp_file" -d "$dst"
|
||||
rm "$tmp_file"
|
||||
}
|
17
ci/steps/publish-docker.sh
Executable file
17
ci/steps/publish-docker.sh
Executable file
@ -0,0 +1,17 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
main() {
|
||||
cd "$(dirname "$0")/../.."
|
||||
source ./ci/steps/lib.sh
|
||||
|
||||
if [[ ${CI-} ]]; then
|
||||
echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
|
||||
fi
|
||||
|
||||
download_artifact release-packages ./release-packages
|
||||
./ci/release-container/build.sh
|
||||
./ci/release-container/push.sh
|
||||
}
|
||||
|
||||
main "$@"
|
16
ci/steps/publish-npm.sh
Executable file
16
ci/steps/publish-npm.sh
Executable file
@ -0,0 +1,16 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
main() {
|
||||
cd "$(dirname "$0")/../.."
|
||||
source ./ci/steps/lib.sh
|
||||
|
||||
if [[ ${CI-} ]]; then
|
||||
echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc
|
||||
fi
|
||||
|
||||
download_artifact npm-package ./release
|
||||
yarn publish --non-interactive release
|
||||
}
|
||||
|
||||
main "$@"
|
@ -5,7 +5,7 @@ main() {
|
||||
cd "$(dirname "$0")/../.."
|
||||
|
||||
yarn release:static
|
||||
./ci/build/test-static-release.sh
|
||||
yarn test:static-release
|
||||
yarn package
|
||||
}
|
||||
|
||||
|
@ -41,5 +41,7 @@ yarn vscode
|
||||
yarn build
|
||||
yarn build:vscode
|
||||
yarn release
|
||||
node ./release # Run the built JavaScript with Node.
|
||||
cd release
|
||||
yarn --production
|
||||
node . # Run the built JavaScript with Node.
|
||||
```
|
||||
|
@ -17,6 +17,7 @@
|
||||
"build:vscode": "./ci/build/build-vscode.sh",
|
||||
"release": "./ci/build/build-release.sh",
|
||||
"release:static": "./ci/build/build-static-release.sh",
|
||||
"test:static-release": "./ci/build/test-static-release.sh",
|
||||
"package": "./ci/build/build-packages.sh",
|
||||
"_____": "",
|
||||
"fmt": "./ci/dev/fmt.sh",
|
||||
|
Reference in New Issue
Block a user