Automate release process

This commit is contained in:
Anmol Sethi 2020-05-08 03:08:30 -04:00
parent 4590c3a3db
commit 231e31656a
No known key found for this signature in database
GPG Key ID: 8CEF1878FF10ADEB
9 changed files with 125 additions and 22 deletions

View File

@ -81,7 +81,7 @@ jobs:
- run: ./ci/steps/release-static.sh
env:
# Otherwise we get rate limited when fetching the ripgrep binary.
GITHUB_TOKEN: ${{ secrets.github_token }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload release artifacts
uses: actions/upload-artifact@v2
with:

41
.github/workflows/publish.yaml vendored Normal file
View File

@ -0,0 +1,41 @@
name: publish
on:
release:
types: [published]
jobs:
npm:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Run ./ci/steps/publish-npm.sh
uses: ./ci/container
with:
args: ./ci/steps/publish-npm.sh
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
docker-amd64:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Run ./ci/steps/publish-docker.sh
uses: ./ci/container
with:
args: ./ci/steps/publish-docker.sh
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
docker-arm64:
runs-on: ubuntu-arm64-latest
steps:
- uses: actions/checkout@v1
- name: Run ./ci/steps/publish-docker.sh
uses: ./ci/container
with:
args: ./ci/steps/publish-docker.sh
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}

View File

@ -8,17 +8,15 @@ Any file and directory added into this tree should be documented here.
## Publishing a release
1. Change the version of code-server in `package.json` and push this commit.
1. CI will run and generate an NPM package and release packages that you can download
as artifacts on Github Actions.
1. Create a new draft release with the built release packages.
1. Run some basic sanity tests on one of the released packages.
1. Publish.
1. Download the built npm package and publish it.
1. Place the debian releases into `./release-packages` and then push the docker
image with `./ci/release-container/push.sh`.
1. This will need to be ran on an ARM64 instance as well.
1. At some point we need to automate this.
1. Update the version of code-server in `package.json` and push a commit
1. CI will run and generate the `npm-package` and `release-packages` artifacts on the GH actions workflow
1. Create a new draft release and attach all the files in `release-packages`
1. Run some basic sanity tests on one of the released packages
1. Publish the release
1. CI will automatically grab the artifacts and then
1. Publish the NPM package.
1. Publish the AMD64 docker image.
1. Publish the ARM64 docker image.
## dev
@ -95,3 +93,10 @@ Just helps avoid clobbering .travis.yml.
- Generates the npm package at `./release`
- [./steps/static-release.sh](./steps/static-release.sh)
- Takes the output of the previous script and generates a static release and packages
- [./steps/lib.sh](./steps/lib.sh)
- Contains helpers to download artifacts from github actions workflow runs
- [./steps/publish-npm.sh](./steps/publish-npm.sh)
- Grabs the `npm-package` release artifact for the current commit and publishes it on NPM
- [./steps/publish-docker.sh](./steps/publish-docker.sh)
- Grabs the `release-packages` release artifact for the current commit and builds a docker
image with it and publishes that onto docker hub

View File

@ -6,11 +6,11 @@ RUN apt-get update
RUN apt-get install -y curl gnupg
# Installs node.
RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - && \
RUN curl -sSL https://deb.nodesource.com/setup_14.x | bash - && \
apt-get install -y nodejs
# Installs yarn.
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
RUN curl -sSL https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
apt-get update && apt-get install -y yarn
@ -27,14 +27,14 @@ RUN apt-get install -y gettext-base
RUN apt-get install -y jq git rsync
# Installs shellcheck.
RUN curl -L https://github.com/koalaman/shellcheck/releases/download/v0.7.1/shellcheck-v0.7.1.linux.$(uname -m).tar.xz | \
RUN curl -sSL https://github.com/koalaman/shellcheck/releases/download/v0.7.1/shellcheck-v0.7.1.linux.$(uname -m).tar.xz | \
tar -xJ && \
mv shellcheck*/shellcheck /usr/local/bin && \
rm -R shellcheck*
# Install Go dependencies
RUN ARCH="$(dpkg --print-architecture)" && \
curl "https://dl.google.com/go/go1.14.2.linux-$ARCH.tar.gz" | tar -C /usr/local -xz
curl -sSL "https://dl.google.com/go/go1.14.2.linux-$ARCH.tar.gz" | tar -C /usr/local -xz
ENV PATH=/usr/local/go/bin:/root/go/bin:$PATH
ENV GO111MODULE=on
RUN go get mvdan.cc/sh/v3/cmd/shfmt

View File

@ -28,14 +28,14 @@ RUN adduser --gecos '' --disabled-password coder && \
echo "coder ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/nopasswd
RUN ARCH="$(dpkg --print-architecture)" && \
curl -L "https://github.com/boxboat/fixuid/releases/download/v0.4.1/fixuid-0.4.1-linux-$ARCH.tar.gz" | tar -C /usr/local/bin -xzf - && \
curl -sSL "https://github.com/boxboat/fixuid/releases/download/v0.4.1/fixuid-0.4.1-linux-$ARCH.tar.gz" | tar -C /usr/local/bin -xzf - && \
chown root:root /usr/local/bin/fixuid && \
chmod 4755 /usr/local/bin/fixuid && \
mkdir -p /etc/fixuid && \
printf "user: coder\ngroup: coder\n" > /etc/fixuid/config.yml
COPY release-packages/code-server*.deb /tmp/
RUN dpkg -i /tmp/code-server*.deb && rm /tmp/code-server*.deb
RUN dpkg -i /tmp/code-server*-$(dpkg --print-architecture).deb && rm /tmp/code-server*.deb
EXPOSE 8080
USER coder

View File

@ -7,10 +7,6 @@ main() {
source ./ci/lib.sh
VERSION="$(pkg_json_version)"
if [[ ${CI-} ]]; then
echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
fi
imageTag="codercom/code-server:$VERSION"
if [[ $(arch) == "arm64" ]]; then
imageTag+="-arm64"

29
ci/steps/lib.sh Executable file
View File

@ -0,0 +1,29 @@
#!/usr/bin/env bash
source ./ci/lib.sh
# Grabs the most recent ci.yaml github workflow run that was successful and triggered from the same commit being pushd.
# This will contain the artifacts we want.
# https://developer.github.com/v3/actions/workflow-runs/#list-workflow-runs
get_artifacts_url() {
curl -sSL 'https://api.github.com/repos/cdr/code-server/actions/workflows/ci.yaml/runs?status=success&event=push' | jq -r ".workflow_runs[] | select(.head_sha == \"$(git rev-parse HEAD)\") | .artifacts_url" | head -n 1
}
# Grabs the artifact's download url.
# https://developer.github.com/v3/actions/artifacts/#list-workflow-run-artifacts
get_artifact_url() {
local artifact_name="$1"
curl -sSL "$(get_artifacts_url)" | jq -r ".artifacts[] | select(.name == \"$artifact_name\") | .archive_download_url" | head -n 1
}
# Uses the above two functions to download a artifact into a directory.
download_artifact() {
local artifact_name="$1"
local dst="$2"
local tmp_file
tmp_file="$(mktemp)"
curl -sSL "$(get_artifact_url "$artifact_name")" > "$tmp_file"
unzip -o "$tmp_file" -d "$dst"
rm "$tmp_file"
}

16
ci/steps/publish-docker.sh Executable file
View File

@ -0,0 +1,16 @@
#!/usr/bin/env bash
set -euo pipefail
main() {
cd "$(dirname "$0")/../.."
source ./ci/steps/lib.sh
if [[ ${CI-} ]]; then
echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
fi
download_artifact release-packages ./release-packages
./ci/release-container/push.sh
}
main "$@"

16
ci/steps/publish-npm.sh Executable file
View File

@ -0,0 +1,16 @@
#!/usr/bin/env bash
set -euo pipefail
main() {
cd "$(dirname "$0")/../.."
source ./ci/steps/lib.sh
if [[ ${CI-} ]]; then
echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc
fi
download_artifact npm-package ./release
yarn publish --non-interactive release
}
main "$@"