From ccbe1911d2d6592ebd58711c934fdcfbc7f55fd5 Mon Sep 17 00:00:00 2001 From: Andrew Pareles Date: Tue, 25 Mar 2025 20:04:19 -0700 Subject: [PATCH] change build --- .github/workflows/b2.yml | 412 ----------------- .github/workflows/insider-linux.yml | 543 ++++++++++++++++++++++ .github/workflows/insider-macos.yml | 134 ++++++ .github/workflows/insider-spearhead.yml | 90 ++++ .github/workflows/insider-windows.yml | 311 +++++++++++++ .github/workflows/lock.yml | 16 + .github/workflows/stable-linux.yml | 574 ++++++++++++++++++++++++ .github/workflows/stable-macos.yml | 132 ++++++ .github/workflows/stable-spearhead.yml | 85 ++++ .github/workflows/stable-windows.yml | 307 +++++++++++++ .github/workflows/stale.yml | 25 ++ .github/workflows/void-build.yml | 412 +++++++++++++++++ 12 files changed, 2629 insertions(+), 412 deletions(-) delete mode 100644 .github/workflows/b2.yml create mode 100644 .github/workflows/insider-linux.yml create mode 100644 .github/workflows/insider-macos.yml create mode 100644 .github/workflows/insider-spearhead.yml create mode 100644 .github/workflows/insider-windows.yml create mode 100644 .github/workflows/lock.yml create mode 100644 .github/workflows/stable-linux.yml create mode 100644 .github/workflows/stable-macos.yml create mode 100644 .github/workflows/stable-spearhead.yml create mode 100644 .github/workflows/stable-windows.yml create mode 100644 .github/workflows/stale.yml create mode 100644 .github/workflows/void-build.yml diff --git a/.github/workflows/b2.yml b/.github/workflows/b2.yml deleted file mode 100644 index 17e3c236..00000000 --- a/.github/workflows/b2.yml +++ /dev/null @@ -1,412 +0,0 @@ -name: VS Code Build - -on: - push: - branches: [ main, release/*, github-workflow ] - pull_request: - branches: [ main ] - - workflow_dispatch: - inputs: - build_macos: - description: 'Build macOS' - type: boolean - default: true - build_macos_arm64: - description: 'Build macOS ARM64' - type: boolean - default: true - build_macos_universal: - description: 'Build macOS Universal' - type: boolean - default: true - build_linux: - description: 'Build Linux x64' - type: boolean - default: true - build_linux_arm64: - description: 'Build Linux ARM64' - type: boolean - default: false - build_windows: - description: 'Build Windows' - type: boolean - default: true - quality: - description: 'Quality (insider or stable)' - type: choice - options: - - insider - - stable - default: 'insider' - -env: - VSCODE_QUALITY: ${{ github.event.inputs.quality }} - NPM_REGISTRY: 'https://registry.npmjs.org/' - VSCODE_ARCH: 'x64' - VSCODE_CIBUILD: false - -jobs: - compile: - runs-on: macos-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - - - name: Install Dependencies - run: | - npm ci - - - name: Compile - run: | - npm run compile - - - name: Package Compilation Output - run: | - mkdir -p .build - tar -czf compilation.tar.gz .build out-* test/integration/browser/out test/smoke/out test/automation/out - - - name: Upload Compilation Artifact - uses: actions/upload-artifact@v4 - with: - name: compilation - path: compilation.tar.gz - - compile-cli: - runs-on: ubuntu-latest - needs: compile - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - - - name: Setup Rust - uses: actions-rs/toolchain@v1 - with: - toolchain: stable - - - name: Install Dependencies - run: | - npm ci - - - name: Build CLI - run: | - cd cli - cargo build --release --bin=code - - - name: Upload CLI Artifacts - uses: actions/upload-artifact@v4 - with: - name: vscode_cli - path: cli/target/release/code - - build-macos: - if: ${{ github.event.inputs.build_macos == 'true' }} - runs-on: macos-latest - needs: [compile, compile-cli] - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - - - name: Download Compilation - uses: actions/download-artifact@v4 - with: - name: compilation - - - name: Extract Compilation - run: tar -xzf compilation.tar.gz - - - name: Install Dependencies - run: npm ci - - - name: Build macOS x64 - run: | - npm run gulp vscode-darwin-x64-min-ci - - - name: Download CLI - uses: actions/download-artifact@v4 - with: - name: vscode_cli - path: cli-bin - - - name: Integrate CLI - run: | - APP_ROOT="$(pwd)/../VSCode-darwin-x64" - APP_NAME="`ls $APP_ROOT | head -n 1`" - APP_PATH="$APP_ROOT/$APP_NAME" - CLI_APP_NAME=$(node -p "require(\"$APP_PATH/Contents/Resources/app/product.json\").tunnelApplicationName") - mkdir -p "$APP_PATH/Contents/Resources/app/bin" - cp cli-bin/code "$APP_PATH/Contents/Resources/app/bin/$CLI_APP_NAME" - chmod +x "$APP_PATH/Contents/Resources/app/bin/$CLI_APP_NAME" - - - name: Package macOS App - run: | - ARCHIVE_PATH="VSCode-darwin-x64.zip" - (cd ../VSCode-darwin-x64 && zip -r -X -y $(pwd)/$ARCHIVE_PATH *) - - - name: Upload macOS App - uses: actions/upload-artifact@v4 - with: - name: vscode-darwin-x64 - path: VSCode-darwin-x64.zip - - build-macos-arm64: - if: ${{ github.event.inputs.build_macos_arm64 == 'true' }} - runs-on: macos-latest - needs: [compile, compile-cli] - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - - - name: Download Compilation - uses: actions/download-artifact@v4 - with: - name: compilation - - - name: Extract Compilation - run: tar -xzf compilation.tar.gz - - - name: Install Dependencies - run: npm ci - - - name: Build macOS ARM64 - run: | - npm run gulp vscode-darwin-arm64-min-ci - - - name: Download CLI - uses: actions/download-artifact@v4 - with: - name: vscode_cli - path: cli-bin - - - name: Integrate CLI - run: | - APP_ROOT="$(pwd)/../VSCode-darwin-arm64" - APP_NAME="`ls $APP_ROOT | head -n 1`" - APP_PATH="$APP_ROOT/$APP_NAME" - CLI_APP_NAME=$(node -p "require(\"$APP_PATH/Contents/Resources/app/product.json\").tunnelApplicationName") - mkdir -p "$APP_PATH/Contents/Resources/app/bin" - cp cli-bin/code "$APP_PATH/Contents/Resources/app/bin/$CLI_APP_NAME" - chmod +x "$APP_PATH/Contents/Resources/app/bin/$CLI_APP_NAME" - - - name: Package macOS App - run: | - ARCHIVE_PATH="VSCode-darwin-arm64.zip" - (cd ../VSCode-darwin-arm64 && zip -r -X -y $(pwd)/$ARCHIVE_PATH *) - - - name: Upload macOS App - uses: actions/upload-artifact@v4 - with: - name: vscode-darwin-arm64 - path: VSCode-darwin-arm64.zip - - build-macos-universal: - if: ${{ github.event.inputs.build_macos_universal == 'true' && github.event.inputs.build_macos == 'true' && github.event.inputs.build_macos_arm64 == 'true' }} - runs-on: macos-latest - needs: [build-macos, build-macos-arm64] - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - - - name: Download x64 Build - uses: actions/download-artifact@v4 - with: - name: vscode-darwin-x64 - - - name: Download ARM64 Build - uses: actions/download-artifact@v4 - with: - name: vscode-darwin-arm64 - - - name: Extract Builds - run: | - mkdir -p VSCode-darwin-x64 - mkdir -p VSCode-darwin-arm64 - unzip VSCode-darwin-x64.zip -d VSCode-darwin-x64 - unzip VSCode-darwin-arm64.zip -d VSCode-darwin-arm64 - - - name: Install Dependencies - run: npm ci - - - name: Create Universal Build - run: | - node build/darwin/create-universal-app.js $(pwd) - - - name: Package Universal App - run: | - ARCHIVE_PATH="VSCode-darwin-universal.zip" - (cd VSCode-darwin-universal && zip -r -X -y $(pwd)/$ARCHIVE_PATH *) - - - name: Upload Universal App - uses: actions/upload-artifact@v4 - with: - name: vscode-darwin-universal - path: VSCode-darwin-universal.zip - - build-linux: - if: ${{ github.event.inputs.build_linux == 'true' }} - runs-on: ubuntu-latest - needs: [compile, compile-cli] - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - - - name: Install Dependencies - run: | - sudo apt-get update - sudo apt-get install -y libxkbfile-dev pkg-config libsecret-1-dev libxss1 dbus xvfb libgtk-3-0 libgbm1 - npm ci - - - name: Download Compilation - uses: actions/download-artifact@v4 - with: - name: compilation - - - name: Extract Compilation - run: tar -xzf compilation.tar.gz - - - name: Build Linux x64 - run: | - npm run gulp vscode-linux-x64-min-ci - - - name: Download CLI - uses: actions/download-artifact@v4 - with: - name: vscode_cli - path: cli-bin - - - name: Integrate CLI - run: | - CLI_APP_NAME=$(node -p "require(\"../VSCode-linux-x64/resources/app/product.json\").tunnelApplicationName") - mkdir -p "../VSCode-linux-x64/bin" - cp cli-bin/code "../VSCode-linux-x64/bin/$CLI_APP_NAME" - chmod +x "../VSCode-linux-x64/bin/$CLI_APP_NAME" - - - name: Create .tar.gz Archive - run: | - ARCHIVE_PATH="VSCode-linux-x64.tar.gz" - (cd .. && tar -czf $(pwd)/$ARCHIVE_PATH VSCode-linux-x64) - - - name: Upload Linux Build - uses: actions/upload-artifact@v4 - with: - name: vscode-linux-x64-archive - path: VSCode-linux-x64.tar.gz - - - name: Build .deb Package - run: | - npm run gulp vscode-linux-x64-prepare-deb - npm run gulp vscode-linux-x64-build-deb - - - name: Upload .deb Package - uses: actions/upload-artifact@v4 - with: - name: vscode-linux-x64-deb - path: .build/linux/deb/*/deb/*.deb - - - name: Build .rpm Package - run: | - npm run gulp vscode-linux-x64-prepare-rpm - npm run gulp vscode-linux-x64-build-rpm - - - name: Upload .rpm Package - uses: actions/upload-artifact@v4 - with: - name: vscode-linux-x64-rpm - path: .build/linux/rpm/*/*.rpm - - build-windows: - if: ${{ github.event.inputs.build_windows == 'true' }} - runs-on: windows-latest - needs: [compile, compile-cli] - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - - - name: Download Compilation - uses: actions/download-artifact@v4 - with: - name: compilation - - - name: Extract Compilation - shell: powershell - run: tar -xzf compilation.tar.gz - - - name: Install Dependencies - run: npm ci - - - name: Build Windows x64 - run: | - npm run gulp vscode-win32-x64-min-ci - npm run gulp vscode-win32-x64-inno-updater - - - name: Download CLI - uses: actions/download-artifact@v4 - with: - name: vscode_cli - path: cli-bin - - - name: Integrate CLI - shell: powershell - run: | - $AppProductJson = Get-Content -Raw -Path "../VSCode-win32-x64/resources/app/product.json" | ConvertFrom-Json - $CliAppName = $AppProductJson.tunnelApplicationName - $AppName = $AppProductJson.applicationName - mkdir -Force "../VSCode-win32-x64/bin" - Copy-Item -Path "cli-bin/code" -Destination "../VSCode-win32-x64/bin/$CliAppName.exe" - - - name: Package Windows Build - shell: powershell - run: | - $ArchivePath = "VSCode-win32-x64.zip" - Compress-Archive -Path "../VSCode-win32-x64/*" -DestinationPath $ArchivePath - - - name: Upload Windows Build - uses: actions/upload-artifact@v4 - with: - name: vscode-win32-x64-archive - path: VSCode-win32-x64.zip - - - name: Build User Setup - run: | - npm run gulp vscode-win32-x64-user-setup - - - name: Upload User Setup - uses: actions/upload-artifact@v4 - with: - name: vscode-win32-x64-user-setup - path: .build/win32-x64/user-setup/VSCodeSetup.exe diff --git a/.github/workflows/insider-linux.yml b/.github/workflows/insider-linux.yml new file mode 100644 index 00000000..a9e9cc95 --- /dev/null +++ b/.github/workflows/insider-linux.yml @@ -0,0 +1,543 @@ +name: insider-linux + +on: + workflow_dispatch: + inputs: + force_version: + type: boolean + description: Force update version + generate_assets: + type: boolean + description: Generate assets + checkout_pr: + type: string + description: Checkout PR + repository_dispatch: + types: [insider] + push: + branches: [ insider ] + paths-ignore: + - '**/*.md' + - 'upstream/*.json' + pull_request: + branches: [ insider ] + paths-ignore: + - '**/*.md' + +env: + ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true + APP_NAME: VSCodium + ASSETS_REPOSITORY: ${{ github.repository }}-insiders + BINARY_NAME: codium-insiders + DISABLE_UPDATE: 'yes' + GH_REPO_PATH: ${{ github.repository_owner }}/${{ github.repository }} + GITHUB_BRANCH: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || 'insider' }} + ORG_NAME: ${{ github.repository_owner }} + OS_NAME: linux + VERSIONS_REPOSITORY: ${{ github.repository_owner }}/versions + VSCODE_QUALITY: insider + +jobs: + check: + runs-on: ubuntu-latest + outputs: + MS_COMMIT: ${{ env.MS_COMMIT }} + MS_TAG: ${{ env.MS_TAG }} + RELEASE_VERSION: ${{ env.RELEASE_VERSION }} + SHOULD_BUILD: ${{ env.SHOULD_BUILD }} + SHOULD_DEPLOY: ${{ env.SHOULD_DEPLOY }} + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + + - name: Clone VSCode repo + run: ./get_repo.sh + + - name: Check PR or cron + env: + GENERATE_ASSETS: ${{ github.event.inputs.generate_assets }} + run: ./check_cron_or_pr.sh + + - name: Check existing VSCodium tags/releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CHECK_ALL: 'yes' + run: ./check_tags.sh + + compile: + needs: + - check + runs-on: ubuntu-20.04 + env: + MS_COMMIT: ${{ needs.check.outputs.MS_COMMIT }} + MS_TAG: ${{ needs.check.outputs.MS_TAG }} + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SHOULD_BUILD: ${{ (needs.check.outputs.SHOULD_BUILD == 'yes' || github.event.inputs.generate_assets == 'true') && 'yes' || 'no' }} + VSCODE_ARCH: 'x64' + outputs: + BUILD_SOURCEVERSION: ${{ env.BUILD_SOURCEVERSION }} + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + if: env.SHOULD_BUILD == 'yes' + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + + - name: Setup GCC + uses: egor-tensin/setup-gcc@v1 + with: + version: 10 + platform: x64 + + - name: Setup Node.js environment + uses: actions/setup-node@v4 + with: + node-version: '20.18.2' + if: env.SHOULD_BUILD == 'yes' + + - name: Install Yarn + run: npm install -g yarn + if: env.SHOULD_BUILD == 'yes' + + - name: Setup Python 3 + uses: actions/setup-python@v5 + with: + python-version: '3.11' + if: env.SHOULD_BUILD == 'yes' + + - name: Install libkrb5-dev + run: sudo apt-get update -y && sudo apt-get install -y libkrb5-dev + if: env.SHOULD_BUILD == 'yes' + + - name: Clone VSCode repo + run: ./get_repo.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Build + env: + SHOULD_BUILD_REH: 'no' + SHOULD_BUILD_REH_WEB: 'no' + run: ./build.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Compress vscode artifact + run: | + find vscode -type f -not -path "*/node_modules/*" -not -path "vscode/.build/node/*" -not -path "vscode/.git/*" > vscode.txt + echo "vscode/.build/extensions/node_modules" >> vscode.txt + echo "vscode/.git" >> vscode.txt + tar -czf vscode.tar.gz -T vscode.txt + if: env.SHOULD_BUILD == 'yes' + + - name: Upload vscode artifact + uses: actions/upload-artifact@v4 + with: + name: vscode + path: ./vscode.tar.gz + retention-days: ${{ needs.check.outputs.SHOULD_DEPLOY == 'yes' && 30 || 1 }} + if: env.SHOULD_BUILD == 'yes' + + build: + needs: + - check + - compile + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + include: + - slug: X64 + vscode_arch: x64 + npm_arch: x64 + image: vscodium/vscodium-linux-build-agent:focal-x64 + - slug: ARM64 + vscode_arch: arm64 + npm_arch: arm64 + image: vscodium/vscodium-linux-build-agent:focal-arm64 + - slug: ARM32 + vscode_arch: armhf + npm_arch: arm + image: vscodium/vscodium-linux-build-agent:focal-armhf + - slug: RISCV64 + vscode_arch: riscv64 + npm_arch: riscv64 + image: vscodium/vscodium-linux-build-agent:focal-riscv64 + - slug: LOONG64 + vscode_arch: loong64 + npm_arch: loong64 + image: vscodium/vscodium-linux-build-agent:beige-loong64 + - slug: PPC64 + vscode_arch: ppc64le + npm_arch: ppc64 + image: vscodium/vscodium-linux-build-agent:focal-ppc64le + container: + image: ${{ matrix.image }} + env: + BUILD_SOURCEVERSION: ${{ needs.compile.outputs.BUILD_SOURCEVERSION }} + DISABLED: ${{ vars[format('DISABLE_INSIDER_LINUX_APP_{0}', matrix.slug)] }} + MS_COMMIT: ${{ needs.check.outputs.MS_COMMIT }} + MS_TAG: ${{ needs.check.outputs.MS_TAG }} + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SHOULD_BUILD: ${{ (needs.check.outputs.SHOULD_BUILD == 'yes' || github.event.inputs.generate_assets == 'true') && 'yes' || 'no' }} + SHOULD_DEPLOY: ${{ needs.check.outputs.SHOULD_DEPLOY }} + VSCODE_ARCH: ${{ matrix.vscode_arch }} + outputs: + RELEASE_VERSION: ${{ env.RELEASE_VERSION }} + SHOULD_BUILD: ${{ env.SHOULD_BUILD }} + SHOULD_DEPLOY: ${{ env.SHOULD_DEPLOY }} + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' + + - name: Install GH + run: ./install_gh.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Check existing VSCodium tags/releases + env: + CHECK_REH: 'no' + DISABLE_APPIMAGE: ${{ vars.DISABLE_INSIDER_APPIMAGE }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: ./check_tags.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' + + - name: Install libkrb5-dev + run: sudo apt-get update -y && sudo apt-get install -y libkrb5-dev + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' + + - name: Download vscode artifact + uses: actions/download-artifact@v4 + with: + name: vscode + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' + + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + npm_config_arch: ${{ matrix.npm_arch }} + run: ./build/linux/package_bin.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' + + - name: Prepare assets + env: + SHOULD_BUILD_REH: 'no' + SHOULD_BUILD_REH_WEB: 'no' + run: ./prepare_assets.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && (env.SHOULD_DEPLOY == 'yes' || github.event.inputs.generate_assets == 'true') + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./release.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Update versions repo + env: + FORCE_UPDATE: ${{ github.event.inputs.force_version }} + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./update_version.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Upload assets + uses: actions/upload-artifact@v4 + with: + name: bin-${{ matrix.vscode_arch }} + path: assets/ + retention-days: 3 + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'no' && github.event.inputs.generate_assets == 'true' + + reh_linux: + needs: + - check + - compile + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: + include: + - slug: X64 + vscode_arch: x64 + npm_arch: x64 + - slug: ARM64 + vscode_arch: arm64 + npm_arch: arm64 + - slug: ARM32 + vscode_arch: armhf + npm_arch: arm + - slug: PPC64 + vscode_arch: ppc64le + npm_arch: ppc64 + - slug: RISCV64 + vscode_arch: riscv64 + npm_arch: riscv64 + - slug: LOONG64 + vscode_arch: loong64 + npm_arch: loong64 + - slug: S390X + vscode_arch: s390x + npm_arch: s390x + env: + BUILD_SOURCEVERSION: ${{ needs.compile.outputs.BUILD_SOURCEVERSION }} + DISABLED: ${{ vars[format('DISABLE_INSIDER_LINUX_REH_{0}', matrix.slug)] }} + MS_COMMIT: ${{ needs.check.outputs.MS_COMMIT }} + MS_TAG: ${{ needs.check.outputs.MS_TAG }} + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SHOULD_BUILD: ${{ needs.check.outputs.SHOULD_BUILD }} + SHOULD_DEPLOY: ${{ needs.check.outputs.SHOULD_DEPLOY }} + VSCODE_ARCH: ${{ matrix.vscode_arch }} + if: needs.check.outputs.SHOULD_BUILD == 'yes' || github.event.inputs.generate_assets == 'true' + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + if: env.DISABLED != 'yes' + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + if: env.DISABLED != 'yes' + + - name: Setup GCC + uses: egor-tensin/setup-gcc@v1 + with: + version: 10 + platform: x64 + if: env.DISABLED != 'yes' + + - name: Setup Node.js environment + uses: actions/setup-node@v4 + with: + node-version: '20.18.2' + if: env.DISABLED != 'yes' + + - name: Setup Python 3 + uses: actions/setup-python@v5 + with: + python-version: '3.11' + if: env.DISABLED != 'yes' + + - name: Install libkrb5-dev + run: sudo apt-get update -y && sudo apt-get install -y libkrb5-dev + if: env.DISABLED != 'yes' + + - name: Install GH + run: ./install_gh.sh + if: env.DISABLED != 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Check existing VSCodium tags/releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CHECK_ONLY_REH: 'yes' + run: ./check_tags.sh + if: env.DISABLED != 'yes' + + - name: Download vscode artifact + uses: actions/download-artifact@v4 + with: + name: vscode + if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no' || github.event.inputs.generate_assets == 'true') + + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + npm_config_arch: ${{ matrix.npm_arch }} + run: ./build/linux/package_reh.sh + if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no' || github.event.inputs.generate_assets == 'true') + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./release.sh + if: env.DISABLED != 'yes' && env.SHOULD_DEPLOY == 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no') + + - name: Upload assets + uses: actions/upload-artifact@v4 + with: + name: reh-linux-${{ matrix.vscode_arch }} + path: assets/ + retention-days: 3 + if: env.DISABLED != 'yes' && env.SHOULD_DEPLOY == 'no' && github.event.inputs.generate_assets == 'true' + + reh_alpine: + needs: + - check + - compile + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: + include: + - slug: X64 + vscode_arch: x64 + npm_arch: x64 + - slug: ARM64 + vscode_arch: arm64 + npm_arch: arm64 + env: + BUILD_SOURCEVERSION: ${{ needs.compile.outputs.BUILD_SOURCEVERSION }} + DISABLED: ${{ vars[format('DISABLE_INSIDER_ALPINE_REH_{0}', matrix.slug)] }} + MS_COMMIT: ${{ needs.check.outputs.MS_COMMIT }} + MS_TAG: ${{ needs.check.outputs.MS_TAG }} + OS_NAME: alpine + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SHOULD_BUILD: ${{ needs.check.outputs.SHOULD_BUILD }} + SHOULD_DEPLOY: ${{ needs.check.outputs.SHOULD_DEPLOY }} + VSCODE_ARCH: ${{ matrix.vscode_arch }} + if: needs.check.outputs.SHOULD_BUILD == 'yes' || github.event.inputs.generate_assets == 'true' + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + + - name: Setup GCC + uses: egor-tensin/setup-gcc@v1 + with: + version: 10 + platform: x64 + + - name: Install GH + run: ./install_gh.sh + if: env.SHOULD_DEPLOY == 'yes' + + - name: Check existing VSCodium tags/releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CHECK_ONLY_REH: 'yes' + run: ./check_tags.sh + + - name: Install libkrb5-dev + run: sudo apt-get update -y && sudo apt-get install -y libkrb5-dev + if: env.SHOULD_BUILD == 'yes' + + - name: Download vscode artifact + uses: actions/download-artifact@v4 + with: + name: vscode + if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no' || github.event.inputs.generate_assets == 'true') + + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + npm_config_arch: ${{ matrix.npm_arch }} + run: ./build/alpine/package_reh.sh + if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no' || github.event.inputs.generate_assets == 'true') + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./release.sh + if: env.DISABLED != 'yes' && env.SHOULD_DEPLOY == 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no') + + - name: Upload assets + uses: actions/upload-artifact@v4 + with: + name: reh-alpine-${{ matrix.vscode_arch }} + path: assets/ + retention-days: 3 + if: env.DISABLED != 'yes' && env.SHOULD_DEPLOY == 'no' && github.event.inputs.generate_assets == 'true' + + aur: + needs: + - check + - build + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + include: + - package_name: vscodium-insiders-bin + - package_name: vscodium-insiders + if: needs.check.outputs.SHOULD_DEPLOY == 'yes' && github.event.inputs.generate_assets != 'true' + + steps: + - name: Get version + env: + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + run: echo "PACKAGE_VERSION=${RELEASE_VERSION/-*/}" >> "${GITHUB_ENV}" + + - name: Publish ${{ matrix.package_name }} + uses: zokugun/github-actions-aur-releaser@v1 + with: + package_name: ${{ matrix.package_name }} + package_version: ${{ env.PACKAGE_VERSION }} + aur_private_key: ${{ secrets.AUR_PRIVATE_KEY }} + aur_username: ${{ secrets.AUR_USERNAME }} + aur_email: ${{ secrets.AUR_EMAIL }} + + snap: + needs: + - check + - build + runs-on: ubuntu-latest + env: + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SNAP_NAME: codium-insiders + strategy: + fail-fast: false + matrix: + platform: + - amd64 + - arm64 + if: needs.check.outputs.SHOULD_DEPLOY == 'yes' && needs.check.outputs.SHOULD_BUILD_SNAP != 'no' && vars.DISABLE_INSIDER_SNAP != 'yes' + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + + - uses: docker/setup-qemu-action@v3 + + - uses: diddlesnaps/snapcraft-multiarch-action@v1 + with: + path: stores/snapcraft/insider + architecture: ${{ matrix.platform }} + id: build + + - uses: diddlesnaps/snapcraft-review-action@v1 + with: + snap: ${{ steps.build.outputs.snap }} + isClassic: 'true' + + - uses: svenstaro/upload-release-action@v2 + with: + repo_name: ${{ env.ASSETS_REPOSITORY }} + repo_token: ${{ secrets.STRONGER_GITHUB_TOKEN }} + file: ${{ steps.build.outputs.snap }} + tag: ${{ env.RELEASE_VERSION }} diff --git a/.github/workflows/insider-macos.yml b/.github/workflows/insider-macos.yml new file mode 100644 index 00000000..e8751c77 --- /dev/null +++ b/.github/workflows/insider-macos.yml @@ -0,0 +1,134 @@ +name: insider-macos + +on: + workflow_dispatch: + inputs: + force_version: + type: boolean + description: Force update version + generate_assets: + type: boolean + description: Generate assets + checkout_pr: + type: string + description: Checkout PR + repository_dispatch: + types: [insider] + push: + branches: [ insider ] + paths-ignore: + - '**/*.md' + - 'upstream/*.json' + pull_request: + branches: [ insider ] + paths-ignore: + - '**/*.md' + +env: + APP_NAME: VSCodium + ASSETS_REPOSITORY: ${{ github.repository }}-insiders + BINARY_NAME: codium-insiders + GITHUB_BRANCH: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || 'insider' }} + GH_REPO_PATH: ${{ github.repository_owner }}/${{ github.repository }} + ORG_NAME: ${{ github.repository_owner }} + OS_NAME: osx + VERSIONS_REPOSITORY: ${{ github.repository_owner }}/versions + VSCODE_QUALITY: insider + +jobs: + build: + runs-on: ${{ matrix.runner }} + env: + VSCODE_ARCH: ${{ matrix.vscode_arch }} + strategy: + fail-fast: false + matrix: + include: + - runner: macos-13 + vscode_arch: x64 + - runner: [self-hosted, macOS, ARM64] + vscode_arch: arm64 + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: . get_pr.sh + + - name: Setup Node.js environment + uses: actions/setup-node@v4 + with: + node-version: '20.18.2' + + - name: Setup Python 3 + uses: actions/setup-python@v5 + with: + python-version: '3.11' + if: env.VSCODE_ARCH == 'x64' + + - name: Clone VSCode repo + run: . get_repo.sh + + - name: Check PR or cron + env: + GENERATE_ASSETS: ${{ github.event.inputs.generate_assets }} + run: . check_cron_or_pr.sh + + - name: Check existing VSCodium tags/releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: . check_tags.sh + if: env.SHOULD_DEPLOY == 'yes' + + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: ./build.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Prepare assets + env: + CERTIFICATE_OSX_APP_PASSWORD: ${{ secrets.CERTIFICATE_OSX_NEW_APP_PASSWORD }} + CERTIFICATE_OSX_ID: ${{ secrets.CERTIFICATE_OSX_NEW_ID }} + CERTIFICATE_OSX_P12_DATA: ${{ secrets.CERTIFICATE_OSX_NEW_P12_DATA }} + CERTIFICATE_OSX_P12_PASSWORD: ${{ secrets.CERTIFICATE_OSX_NEW_P12_PASSWORD }} + CERTIFICATE_OSX_TEAM_ID: ${{ secrets.CERTIFICATE_OSX_NEW_TEAM_ID }} + run: ./prepare_assets.sh + if: env.SHOULD_BUILD == 'yes' && (env.SHOULD_DEPLOY == 'yes' || github.event.inputs.generate_assets == 'true') + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./release.sh + if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Update versions repo + env: + FORCE_UPDATE: ${{ github.event.inputs.force_version }} + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./update_version.sh + if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Upload assets + uses: actions/upload-artifact@v4 + with: + name: bin-${{ matrix.vscode_arch }} + path: assets/ + retention-days: 3 + if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'no' && github.event.inputs.generate_assets == 'true' + + - name: Clean up keychain + if: always() + run: | + KEYCHAIN=$RUNNER_TEMP/build.keychain + + if [ -f "$KEYCHAIN" ]; + then + security delete-keychain $KEYCHAIN + fi diff --git a/.github/workflows/insider-spearhead.yml b/.github/workflows/insider-spearhead.yml new file mode 100644 index 00000000..726acae2 --- /dev/null +++ b/.github/workflows/insider-spearhead.yml @@ -0,0 +1,90 @@ +name: insider-spearhead + +on: + workflow_dispatch: + inputs: + new_release: + type: boolean + description: Force new Release + force_dispatch: + type: boolean + description: Force dispatch + dont_update: + type: boolean + description: Don't update VSCode + dont_dispatch: + type: boolean + description: Disable dispatch + schedule: + - cron: '0 7 * * *' + +jobs: + build: + runs-on: macos-14 + env: + APP_NAME: VSCodium + ASSETS_REPOSITORY: ${{ github.repository }}-insiders + BINARY_NAME: codium-insiders + GH_REPO_PATH: ${{ github.repository_owner }}/${{ github.repository }} + ORG_NAME: ${{ github.repository_owner }} + OS_NAME: osx + VERSIONS_REPOSITORY: ${{ github.repository_owner }}/versions + VSCODE_ARCH: arm64 + VSCODE_LATEST: ${{ github.event.inputs.dont_update == 'true' && 'no' || 'yes' }} + VSCODE_QUALITY: insider + + steps: + - uses: actions/checkout@v4 + with: + ref: insider + + - name: Setup Node.js environment + uses: actions/setup-node@v4 + with: + node-version: '20.18.2' + + - name: Clone VSCode repo + run: . get_repo.sh + + - name: Check existing VSCodium tags/releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NEW_RELEASE: ${{ github.event.inputs.new_release }} + IS_SPEARHEAD: 'yes' + run: . check_tags.sh + + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: ./build.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@v6 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + if: env.SHOULD_BUILD == 'yes' && github.event.inputs.dont_update != 'true' + + - name: Update upstream version + run: ./update_upstream.sh + if: env.SHOULD_BUILD == 'yes' && github.event.inputs.dont_update != 'true' + + - name: Prepare source + run: ./prepare_src.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Release source + env: + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./release.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Dispatch builds + uses: peter-evans/repository-dispatch@v3 + with: + event-type: 'insider' + if: github.event.inputs.dont_dispatch != 'true' && (env.SHOULD_BUILD == 'yes' || github.event.inputs.force_dispatch == 'true') diff --git a/.github/workflows/insider-windows.yml b/.github/workflows/insider-windows.yml new file mode 100644 index 00000000..dac313a8 --- /dev/null +++ b/.github/workflows/insider-windows.yml @@ -0,0 +1,311 @@ +name: insider-windows + +on: + workflow_dispatch: + inputs: + force_version: + type: boolean + description: Force update version + generate_assets: + type: boolean + description: Generate assets + checkout_pr: + type: string + description: Checkout PR + repository_dispatch: + types: [insider] + push: + branches: [ insider ] + paths-ignore: + - '**/*.md' + - 'upstream/*.json' + pull_request: + branches: [ insider ] + paths-ignore: + - '**/*.md' + +env: + APP_NAME: VSCodium + ASSETS_REPOSITORY: ${{ github.repository }}-insiders + BINARY_NAME: codium-insiders + GITHUB_BRANCH: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || 'insider' }} + GH_REPO_PATH: ${{ github.repository_owner }}/${{ github.repository }} + ORG_NAME: ${{ github.repository_owner }} + OS_NAME: windows + VERSIONS_REPOSITORY: ${{ github.repository_owner }}/versions + VSCODE_QUALITY: insider + +jobs: + check: + runs-on: ubuntu-latest + outputs: + MS_COMMIT: ${{ env.MS_COMMIT }} + MS_TAG: ${{ env.MS_TAG }} + RELEASE_VERSION: ${{ env.RELEASE_VERSION }} + SHOULD_BUILD: ${{ env.SHOULD_BUILD }} + SHOULD_DEPLOY: ${{ env.SHOULD_DEPLOY }} + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + + - name: Clone VSCode repo + run: ./get_repo.sh + + - name: Check PR or cron + env: + GENERATE_ASSETS: ${{ github.event.inputs.generate_assets }} + run: ./check_cron_or_pr.sh + + - name: Check existing VSCodium tags/releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CHECK_ALL: 'yes' + run: ./check_tags.sh + + compile: + needs: + - check + runs-on: ubuntu-20.04 + env: + MS_COMMIT: ${{ needs.check.outputs.MS_COMMIT }} + MS_TAG: ${{ needs.check.outputs.MS_TAG }} + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SHOULD_BUILD: ${{ (needs.check.outputs.SHOULD_BUILD == 'yes' || github.event.inputs.generate_assets == 'true') && 'yes' || 'no' }} + VSCODE_ARCH: 'x64' + outputs: + BUILD_SOURCEVERSION: ${{ env.BUILD_SOURCEVERSION }} + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + if: env.SHOULD_BUILD == 'yes' + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + + - name: Setup GCC + uses: egor-tensin/setup-gcc@v1 + with: + version: 10 + platform: x64 + + - name: Setup Node.js environment + uses: actions/setup-node@v4 + with: + node-version: '20.18.2' + if: env.SHOULD_BUILD == 'yes' + + - name: Install Yarn + run: npm install -g yarn + if: env.SHOULD_BUILD == 'yes' + + - name: Setup Python 3 + uses: actions/setup-python@v5 + with: + python-version: '3.11' + if: env.SHOULD_BUILD == 'yes' + + - name: Install libkrb5-dev + run: sudo apt-get update -y && sudo apt-get install -y libkrb5-dev + if: env.SHOULD_BUILD == 'yes' + + - name: Clone VSCode repo + run: ./get_repo.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Build + env: + SHOULD_BUILD_REH: 'no' + SHOULD_BUILD_REH_WEB: 'no' + run: ./build.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Compress vscode artifact + run: | + find vscode -type f -not -path "*/node_modules/*" -not -path "vscode/.build/node/*" -not -path "vscode/.git/*" > vscode.txt + echo "vscode/.build/extensions/node_modules" >> vscode.txt + echo "vscode/.git" >> vscode.txt + tar -czf vscode.tar.gz -T vscode.txt + if: env.SHOULD_BUILD == 'yes' + + - name: Upload vscode artifact + uses: actions/upload-artifact@v4 + with: + name: vscode + path: ./vscode.tar.gz + retention-days: ${{ needs.check.outputs.SHOULD_DEPLOY == 'yes' && 30 || 1 }} + if: env.SHOULD_BUILD == 'yes' + + build: + needs: + - check + - compile + runs-on: windows-2019 + strategy: + fail-fast: false + matrix: + vscode_arch: + - x64 + - arm64 + defaults: + run: + shell: bash + env: + BUILD_SOURCEVERSION: ${{ needs.compile.outputs.BUILD_SOURCEVERSION }} + MS_COMMIT: ${{ needs.check.outputs.MS_COMMIT }} + MS_TAG: ${{ needs.check.outputs.MS_TAG }} + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SHOULD_BUILD: ${{ (needs.check.outputs.SHOULD_BUILD == 'yes' || github.event.inputs.generate_assets == 'true') && 'yes' || 'no' }} + SHOULD_DEPLOY: ${{ needs.check.outputs.SHOULD_DEPLOY }} + VSCODE_ARCH: ${{ matrix.vscode_arch }} + outputs: + RELEASE_VERSION: ${{ env.RELEASE_VERSION }} + SHOULD_DEPLOY: ${{ env.SHOULD_DEPLOY }} + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + if: env.SHOULD_BUILD == 'yes' + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Setup Node.js environment + uses: actions/setup-node@v4 + with: + node-version: '20.18.2' + if: env.SHOULD_BUILD == 'yes' + + - name: Install Yarn + run: npm install -g yarn + if: env.SHOULD_BUILD == 'yes' + + - name: Setup Python 3 + uses: actions/setup-python@v5 + with: + python-version: '3.11' + if: env.SHOULD_BUILD == 'yes' + + - name: Check existing VSCodium tags/releases + env: + DISABLE_MSI: ${{ vars.DISABLE_INSIDER_MSI }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: ./check_tags.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Download vscode artifact + uses: actions/download-artifact@v4 + with: + name: vscode + if: env.SHOULD_BUILD == 'yes' + + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + npm_config_arch: ${{ matrix.vscode_arch }} + npm_config_target_arch: ${{ matrix.vscode_arch }} + run: ./build/windows/package.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Prepare assets + run: ./prepare_assets.sh + if: env.SHOULD_BUILD == 'yes' && (env.SHOULD_DEPLOY == 'yes' || github.event.inputs.generate_assets == 'true') + + - name: Upload unsigned artifacts + id: upload-unsigned-artifacts + uses: actions/upload-artifact@v4 + with: + name: unsigned-${{ matrix.vscode_arch }} + path: | + assets/*.exe + assets/*.msi + retention-days: 1 + if: env.SHOULD_BUILD == 'yes' && vars.DISABLE_INSIDER_WINDOWS_SIGNING != 'yes' && (env.SHOULD_DEPLOY == 'yes' || github.event.inputs.generate_assets == 'true') + + - name: Signing + uses: signpath/github-action-submit-signing-request@v1 + with: + api-token: ${{ secrets.SIGNPATH_API_TOKEN }} + organization-id: ${{ secrets.SIGNPATH_ORGANIZATION_ID }} + project-slug: ${{ secrets.SIGNPATH_PROJECT_SLUG }} + signing-policy-slug: ${{ secrets.SIGNPATH_POLICY_SLUG }} + github-artifact-id: ${{ steps.upload-unsigned-artifacts.outputs.artifact-id }} + artifact-configuration-slug: ${{ matrix.vscode_arch }} + wait-for-completion: true + # 3h to manually approve the request + wait-for-completion-timeout-in-seconds: 10800 + output-artifact-directory: assets/ + if: env.SHOULD_BUILD == 'yes' && vars.DISABLE_INSIDER_WINDOWS_SIGNING != 'yes' && (env.SHOULD_DEPLOY == 'yes' || github.event.inputs.generate_assets == 'true') + + - name: Prepare checksums + run: ./prepare_checksums.sh + if: env.SHOULD_BUILD == 'yes' && (env.SHOULD_DEPLOY == 'yes' || github.event.inputs.generate_assets == 'true') + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./release.sh + if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Update versions repo + env: + FORCE_UPDATE: ${{ github.event.inputs.force_version }} + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./update_version.sh + if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Upload assets + uses: actions/upload-artifact@v4 + with: + name: bin-${{ matrix.vscode_arch }} + path: assets/ + retention-days: 3 + if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'no' && github.event.inputs.generate_assets == 'true' + + winget: + needs: build + runs-on: windows-latest + defaults: + run: + shell: bash + env: + APP_IDENTIFIER: VSCodium.VSCodium.Insiders + ASSETS_REPOSITORY: vscodium-insiders + if: needs.build.outputs.SHOULD_DEPLOY == 'yes' + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + + - name: Check version + run: ./stores/winget/check_version.sh + env: + RELEASE_VERSION: ${{ needs.build.outputs.RELEASE_VERSION }} + + - name: Release to WinGet + uses: vedantmgoyal9/winget-releaser@main + with: + identifier: ${{ env.APP_IDENTIFIER }} + version: ${{ env.RELEASE_VERSION }} + release-repository: ${{ env.ASSETS_REPOSITORY }} + release-tag: ${{ env.RELEASE_VERSION }}-insider + installers-regex: '\.exe$' # only .exe files + token: ${{ secrets.STRONGER_GITHUB_TOKEN }} + if: env.SHOULD_DEPLOY == 'yes' diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml new file mode 100644 index 00000000..7ea85c41 --- /dev/null +++ b/.github/workflows/lock.yml @@ -0,0 +1,16 @@ +name: Lock Issues + +on: + schedule: + - cron: '0 2 * * *' + +jobs: + lock: + runs-on: ubuntu-latest + steps: + - uses: dessant/lock-threads@v5 + with: + github-token: ${{ github.token }} + issue-inactive-days: '90' + pr-inactive-days: '90' + log-output: true diff --git a/.github/workflows/stable-linux.yml b/.github/workflows/stable-linux.yml new file mode 100644 index 00000000..41c6519a --- /dev/null +++ b/.github/workflows/stable-linux.yml @@ -0,0 +1,574 @@ +name: stable-linux + +on: + workflow_dispatch: + inputs: + force_version: + type: boolean + description: Force update version + generate_assets: + type: boolean + description: Generate assets + checkout_pr: + type: string + description: Checkout PR + repository_dispatch: + types: [stable] + push: + branches: [ master ] + paths-ignore: + - '**/*.md' + - 'upstream/*.json' + pull_request: + branches: [ master ] + paths-ignore: + - '**/*.md' + +env: + ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true + APP_NAME: VSCodium + ASSETS_REPOSITORY: ${{ github.repository }} + BINARY_NAME: codium + DISABLE_UPDATE: 'yes' + GH_REPO_PATH: ${{ github.repository_owner }}/${{ github.repository }} + ORG_NAME: ${{ github.repository_owner }} + OS_NAME: linux + VERSIONS_REPOSITORY: ${{ github.repository_owner }}/versions + VSCODE_QUALITY: stable + +jobs: + check: + runs-on: ubuntu-latest + outputs: + MS_COMMIT: ${{ env.MS_COMMIT }} + MS_TAG: ${{ env.MS_TAG }} + RELEASE_VERSION: ${{ env.RELEASE_VERSION }} + SHOULD_BUILD: ${{ env.SHOULD_BUILD }} + SHOULD_DEPLOY: ${{ env.SHOULD_DEPLOY }} + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + + - name: Clone VSCode repo + run: ./get_repo.sh + + - name: Check PR or cron + env: + GENERATE_ASSETS: ${{ github.event.inputs.generate_assets }} + run: ./check_cron_or_pr.sh + + - name: Check existing VSCodium tags/releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CHECK_ALL: 'yes' + run: ./check_tags.sh + + compile: + needs: + - check + runs-on: ubuntu-20.04 + env: + MS_COMMIT: ${{ needs.check.outputs.MS_COMMIT }} + MS_TAG: ${{ needs.check.outputs.MS_TAG }} + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SHOULD_BUILD: ${{ (needs.check.outputs.SHOULD_BUILD == 'yes' || github.event.inputs.generate_assets == 'true') && 'yes' || 'no' }} + VSCODE_ARCH: 'x64' + outputs: + BUILD_SOURCEVERSION: ${{ env.BUILD_SOURCEVERSION }} + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + if: env.SHOULD_BUILD == 'yes' + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Setup GCC + uses: egor-tensin/setup-gcc@v1 + with: + version: 10 + platform: x64 + if: env.SHOULD_BUILD == 'yes' + + - name: Setup Node.js environment + uses: actions/setup-node@v4 + with: + node-version: '20.18.2' + if: env.SHOULD_BUILD == 'yes' + + - name: Install Yarn + run: npm install -g yarn + if: env.SHOULD_BUILD == 'yes' + + - name: Setup Python 3 + uses: actions/setup-python@v5 + with: + python-version: '3.11' + if: env.SHOULD_BUILD == 'yes' + + - name: Install libkrb5-dev + run: sudo apt-get update -y && sudo apt-get install -y libkrb5-dev + if: env.SHOULD_BUILD == 'yes' + + - name: Clone VSCode repo + run: ./get_repo.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Build + env: + SHOULD_BUILD_REH: 'no' + SHOULD_BUILD_REH_WEB: 'no' + run: ./build.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Compress vscode artifact + run: | + find vscode -type f -not -path "*/node_modules/*" -not -path "vscode/.build/node/*" -not -path "vscode/.git/*" > vscode.txt + echo "vscode/.build/extensions/node_modules" >> vscode.txt + echo "vscode/.git" >> vscode.txt + tar -czf vscode.tar.gz -T vscode.txt + if: env.SHOULD_BUILD == 'yes' + + - name: Upload vscode artifact + uses: actions/upload-artifact@v4 + with: + name: vscode + path: ./vscode.tar.gz + retention-days: ${{ needs.check.outputs.SHOULD_DEPLOY == 'yes' && 30 || 1 }} + if: env.SHOULD_BUILD == 'yes' + + build: + needs: + - check + - compile + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + include: + - slug: X64 + vscode_arch: x64 + npm_arch: x64 + image: vscodium/vscodium-linux-build-agent:focal-x64 + - slug: ARM64 + vscode_arch: arm64 + npm_arch: arm64 + image: vscodium/vscodium-linux-build-agent:focal-arm64 + - slug: ARM32 + vscode_arch: armhf + npm_arch: arm + image: vscodium/vscodium-linux-build-agent:focal-armhf + - slug: RISCV64 + vscode_arch: riscv64 + npm_arch: riscv64 + image: vscodium/vscodium-linux-build-agent:focal-riscv64 + - slug: LOONG64 + vscode_arch: loong64 + npm_arch: loong64 + image: vscodium/vscodium-linux-build-agent:beige-loong64 + - slug: PPC64 + vscode_arch: ppc64le + npm_arch: ppc64 + image: vscodium/vscodium-linux-build-agent:focal-ppc64le + container: + image: ${{ matrix.image }} + env: + BUILD_SOURCEVERSION: ${{ needs.compile.outputs.BUILD_SOURCEVERSION }} + DISABLED: ${{ vars[format('DISABLE_STABLE_LINUX_APP_{0}', matrix.slug)] }} + MS_COMMIT: ${{ needs.check.outputs.MS_COMMIT }} + MS_TAG: ${{ needs.check.outputs.MS_TAG }} + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SHOULD_BUILD: ${{ (needs.check.outputs.SHOULD_BUILD == 'yes' || github.event.inputs.generate_assets == 'true') && 'yes' || 'no' }} + SHOULD_DEPLOY: ${{ needs.check.outputs.SHOULD_DEPLOY }} + VSCODE_ARCH: ${{ matrix.vscode_arch }} + outputs: + RELEASE_VERSION: ${{ env.RELEASE_VERSION }} + SHOULD_BUILD: ${{ env.SHOULD_BUILD }} + SHOULD_DEPLOY: ${{ env.SHOULD_DEPLOY }} + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + if: env.DISABLED != 'yes' + + - name: Install GH + run: ./install_gh.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Check existing VSCodium tags/releases + env: + CHECK_REH: 'no' + DISABLE_APPIMAGE: ${{ vars.DISABLE_STABLE_APPIMAGE }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: ./check_tags.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' + + - name: Install libkrb5-dev + run: sudo apt-get update -y && sudo apt-get install -y libkrb5-dev + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' + + - name: Download vscode artifact + uses: actions/download-artifact@v4 + with: + name: vscode + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' + + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + npm_config_arch: ${{ matrix.npm_arch }} + run: ./build/linux/package_bin.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' + + - name: Prepare assets + env: + SHOULD_BUILD_REH: 'no' + SHOULD_BUILD_REH_WEB: 'no' + run: ./prepare_assets.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && (env.SHOULD_DEPLOY == 'yes' || github.event.inputs.generate_assets == 'true') + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./release.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Update versions repo + env: + FORCE_UPDATE: ${{ github.event.inputs.force_version }} + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./update_version.sh + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Upload assets + uses: actions/upload-artifact@v4 + with: + name: bin-${{ matrix.vscode_arch }} + path: assets/ + retention-days: 3 + if: env.DISABLED != 'yes' && env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'no' && github.event.inputs.generate_assets == 'true' + + reh_linux: + needs: + - check + - compile + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: + include: + - slug: X64 + vscode_arch: x64 + npm_arch: x64 + - slug: ARM64 + vscode_arch: arm64 + npm_arch: arm64 + - slug: ARM32 + vscode_arch: armhf + npm_arch: arm + - slug: PPC64 + vscode_arch: ppc64le + npm_arch: ppc64 + - slug: RISCV64 + vscode_arch: riscv64 + npm_arch: riscv64 + - slug: LOONG64 + vscode_arch: loong64 + npm_arch: loong64 + - slug: S390X + vscode_arch: s390x + npm_arch: s390x + env: + BUILD_SOURCEVERSION: ${{ needs.compile.outputs.BUILD_SOURCEVERSION }} + DISABLED: ${{ vars[format('DISABLE_STABLE_LINUX_REH_{0}', matrix.slug)] }} + MS_COMMIT: ${{ needs.check.outputs.MS_COMMIT }} + MS_TAG: ${{ needs.check.outputs.MS_TAG }} + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SHOULD_BUILD: ${{ needs.check.outputs.SHOULD_BUILD }} + SHOULD_DEPLOY: ${{ needs.check.outputs.SHOULD_DEPLOY }} + VSCODE_ARCH: ${{ matrix.vscode_arch }} + if: needs.check.outputs.SHOULD_BUILD == 'yes' || github.event.inputs.generate_assets == 'true' + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + if: env.DISABLED != 'yes' + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + if: env.DISABLED != 'yes' + + - name: Setup GCC + uses: egor-tensin/setup-gcc@v1 + with: + version: 10 + platform: x64 + if: env.DISABLED != 'yes' + + - name: Setup Node.js environment + uses: actions/setup-node@v4 + with: + node-version: '20.18.2' + if: env.DISABLED != 'yes' + + - name: Setup Python 3 + uses: actions/setup-python@v5 + with: + python-version: '3.11' + if: env.DISABLED != 'yes' + + - name: Install libkrb5-dev + run: sudo apt-get update -y && sudo apt-get install -y libkrb5-dev + if: env.DISABLED != 'yes' + + - name: Install GH + run: ./install_gh.sh + if: env.DISABLED != 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Check existing VSCodium tags/releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CHECK_ONLY_REH: 'yes' + run: ./check_tags.sh + if: env.DISABLED != 'yes' + + - name: Download vscode artifact + uses: actions/download-artifact@v4 + with: + name: vscode + if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no' || github.event.inputs.generate_assets == 'true') + + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + npm_config_arch: ${{ matrix.npm_arch }} + run: ./build/linux/package_reh.sh + if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no' || github.event.inputs.generate_assets == 'true') + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./release.sh + if: env.DISABLED != 'yes' && env.SHOULD_DEPLOY == 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no') + + - name: Upload assets + uses: actions/upload-artifact@v4 + with: + name: reh-linux-${{ matrix.vscode_arch }} + path: assets/ + retention-days: 3 + if: env.DISABLED != 'yes' && env.SHOULD_DEPLOY == 'no' && github.event.inputs.generate_assets == 'true' + + reh_alpine: + needs: + - check + - compile + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: + include: + - slug: X64 + vscode_arch: x64 + npm_arch: x64 + - slug: ARM64 + vscode_arch: arm64 + npm_arch: arm64 + env: + BUILD_SOURCEVERSION: ${{ needs.compile.outputs.BUILD_SOURCEVERSION }} + DISABLED: ${{ vars[format('DISABLE_STABLE_ALPINE_REH_{0}', matrix.slug)] }} + MS_COMMIT: ${{ needs.check.outputs.MS_COMMIT }} + MS_TAG: ${{ needs.check.outputs.MS_TAG }} + OS_NAME: alpine + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SHOULD_BUILD: ${{ needs.check.outputs.SHOULD_BUILD }} + SHOULD_DEPLOY: ${{ needs.check.outputs.SHOULD_DEPLOY }} + VSCODE_ARCH: ${{ matrix.vscode_arch }} + if: needs.check.outputs.SHOULD_BUILD == 'yes' || github.event.inputs.generate_assets == 'true' + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + + - name: Setup GCC + uses: egor-tensin/setup-gcc@v1 + with: + version: 10 + platform: x64 + + - name: Install GH + run: ./install_gh.sh + if: env.SHOULD_DEPLOY == 'yes' + + - name: Check existing VSCodium tags/releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CHECK_ONLY_REH: 'yes' + run: ./check_tags.sh + + - name: Install libkrb5-dev + run: sudo apt-get update -y && sudo apt-get install -y libkrb5-dev + if: env.SHOULD_BUILD == 'yes' + + - name: Download vscode artifact + uses: actions/download-artifact@v4 + with: + name: vscode + if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no' || github.event.inputs.generate_assets == 'true') + + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + npm_config_arch: ${{ matrix.npm_arch }} + run: ./build/alpine/package_reh.sh + if: env.DISABLED != 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no' || github.event.inputs.generate_assets == 'true') + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./release.sh + if: env.DISABLED != 'yes' && env.SHOULD_DEPLOY == 'yes' && (env.SHOULD_BUILD_REH != 'no' || env.SHOULD_BUILD_REH_WEB != 'no') + + - name: Upload assets + uses: actions/upload-artifact@v4 + with: + name: reh-alpine-${{ matrix.vscode_arch }} + path: assets/ + retention-days: 3 + if: env.DISABLED != 'yes' && env.SHOULD_DEPLOY == 'no' && github.event.inputs.generate_assets == 'true' + + aur: + needs: + - check + - build + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + include: + - package_name: vscodium + package_type: stable + # - package_name: vscodium-git + # package_type: rolling + if: needs.check.outputs.SHOULD_DEPLOY == 'yes' + + steps: + - name: Publish ${{ matrix.package_name }} + uses: zokugun/github-actions-aur-releaser@v1 + with: + package_name: ${{ matrix.package_name }} + package_type: ${{ matrix.package_type }} + aur_private_key: ${{ secrets.AUR_PRIVATE_KEY }} + aur_username: ${{ secrets.AUR_USERNAME }} + aur_email: ${{ secrets.AUR_EMAIL }} + + snap: + needs: + - check + - build + runs-on: ubuntu-latest + env: + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SNAP_NAME: codium + strategy: + fail-fast: false + matrix: + platform: + - amd64 + - arm64 + if: needs.check.outputs.SHOULD_DEPLOY == 'yes' && needs.check.outputs.SHOULD_BUILD_SNAP != 'no' && vars.DISABLE_STABLE_SNAP != 'yes' + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + + - name: Check version + env: + ARCHITECTURE: ${{ matrix.platform }} + GENERATE_ASSETS: ${{ github.event.inputs.generate_assets }} + SNAPCRAFT_STORE_CHANNEL: ${{ vars.SNAP_STORE_CHANNEL }} + SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAP_STORE_LOGIN }} + run: ./stores/snapcraft/check_version.sh + + - uses: docker/setup-qemu-action@v3 + if: env.SHOULD_BUILD == 'yes' + + - uses: diddlesnaps/snapcraft-multiarch-action@v1 + with: + path: stores/snapcraft/stable + architecture: ${{ matrix.platform }} + id: build + if: env.SHOULD_BUILD == 'yes' + + - uses: diddlesnaps/snapcraft-review-action@v1 + with: + snap: ${{ steps.build.outputs.snap }} + isClassic: 'true' + if: env.SHOULD_DEPLOY_TO_RELEASE == 'yes' || env.SHOULD_DEPLOY_TO_STORE == 'yes' + + - uses: svenstaro/upload-release-action@v2 + with: + repo_name: ${{ env.ASSETS_REPOSITORY }} + repo_token: ${{ secrets.STRONGER_GITHUB_TOKEN }} + file: ${{ steps.build.outputs.snap }} + tag: ${{ env.RELEASE_VERSION }} + if: env.SHOULD_DEPLOY_TO_RELEASE == 'yes' + + - uses: snapcore/action-publish@master + env: + SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAP_STORE_LOGIN }} + with: + snap: ${{ steps.build.outputs.snap }} + release: ${{ vars.SNAP_STORE_CHANNEL }} + if: env.SHOULD_DEPLOY_TO_STORE == 'yes' + + deb-rpm-repo-hook: + needs: + - check + - build + runs-on: ubuntu-latest + if: needs.check.outputs.SHOULD_DEPLOY == 'yes' + + steps: + - name: Trigger repository rebuild + env: + GL_PAGES_TOKEN: ${{ secrets.GL_PAGES_TOKEN }} + run: curl -X POST --fail -F token="${GL_PAGES_TOKEN}" -F ref=master https://gitlab.com/api/v4/projects/8762263/trigger/pipeline diff --git a/.github/workflows/stable-macos.yml b/.github/workflows/stable-macos.yml new file mode 100644 index 00000000..2290f4b2 --- /dev/null +++ b/.github/workflows/stable-macos.yml @@ -0,0 +1,132 @@ +name: stable-macos + +on: + workflow_dispatch: + inputs: + force_version: + type: boolean + description: Force update version + generate_assets: + type: boolean + description: Generate assets + checkout_pr: + type: string + description: Checkout PR + repository_dispatch: + types: [stable] + push: + branches: [ master ] + paths-ignore: + - '**/*.md' + - 'upstream/*.json' + pull_request: + branches: [ master ] + paths-ignore: + - '**/*.md' + +env: + APP_NAME: VSCodium + ASSETS_REPOSITORY: ${{ github.repository }} + BINARY_NAME: codium + GH_REPO_PATH: ${{ github.repository_owner }}/${{ github.repository }} + ORG_NAME: ${{ github.repository_owner }} + OS_NAME: osx + VERSIONS_REPOSITORY: ${{ github.repository_owner }}/versions + VSCODE_QUALITY: stable + +jobs: + build: + runs-on: ${{ matrix.runner }} + env: + VSCODE_ARCH: ${{ matrix.vscode_arch }} + strategy: + fail-fast: false + matrix: + include: + - runner: macos-13 + vscode_arch: x64 + - runner: [self-hosted, macOS, ARM64] + vscode_arch: arm64 + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: . get_pr.sh + + - name: Setup Node.js environment + uses: actions/setup-node@v4 + with: + node-version: '20.18.2' + + - name: Setup Python 3 + uses: actions/setup-python@v5 + with: + python-version: '3.11' + if: env.VSCODE_ARCH == 'x64' + + - name: Clone VSCode repo + run: . get_repo.sh + + - name: Check PR or cron + env: + GENERATE_ASSETS: ${{ github.event.inputs.generate_assets }} + run: . check_cron_or_pr.sh + + - name: Check existing VSCodium tags/releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: . check_tags.sh + if: env.SHOULD_DEPLOY == 'yes' + + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: ./build.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Prepare assets + env: + CERTIFICATE_OSX_APP_PASSWORD: ${{ secrets.CERTIFICATE_OSX_NEW_APP_PASSWORD }} + CERTIFICATE_OSX_ID: ${{ secrets.CERTIFICATE_OSX_NEW_ID }} + CERTIFICATE_OSX_P12_DATA: ${{ secrets.CERTIFICATE_OSX_NEW_P12_DATA }} + CERTIFICATE_OSX_P12_PASSWORD: ${{ secrets.CERTIFICATE_OSX_NEW_P12_PASSWORD }} + CERTIFICATE_OSX_TEAM_ID: ${{ secrets.CERTIFICATE_OSX_NEW_TEAM_ID }} + run: ./prepare_assets.sh + if: env.SHOULD_BUILD == 'yes' && (env.SHOULD_DEPLOY == 'yes' || github.event.inputs.generate_assets == 'true') + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: ./release.sh + if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Update versions repo + env: + FORCE_UPDATE: ${{ github.event.inputs.force_version }} + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./update_version.sh + if: env.SHOULD_DEPLOY == 'yes' + + - name: Upload assets + uses: actions/upload-artifact@v4 + with: + name: bin-${{ matrix.vscode_arch }} + path: assets/ + retention-days: 3 + if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'no' && github.event.inputs.generate_assets == 'true' + + - name: Clean up keychain + if: always() + run: | + KEYCHAIN=$RUNNER_TEMP/build.keychain + + if [ -f "$KEYCHAIN" ]; + then + security delete-keychain $KEYCHAIN + fi diff --git a/.github/workflows/stable-spearhead.yml b/.github/workflows/stable-spearhead.yml new file mode 100644 index 00000000..b7d745ee --- /dev/null +++ b/.github/workflows/stable-spearhead.yml @@ -0,0 +1,85 @@ +name: stable-spearhead + +on: + workflow_dispatch: + inputs: + new_release: + type: boolean + description: Force new Release + force_dispatch: + type: boolean + description: Force dispatch + dont_update: + type: boolean + description: Don't update VSCode + schedule: + - cron: '0 18 * * *' + +jobs: + build: + runs-on: macos-14 + env: + APP_NAME: VSCodium + ASSETS_REPOSITORY: ${{ github.repository }} + BINARY_NAME: codium + GH_REPO_PATH: ${{ github.repository_owner }}/${{ github.repository }} + ORG_NAME: ${{ github.repository_owner }} + OS_NAME: osx + VERSIONS_REPOSITORY: ${{ github.repository_owner }}/versions + VSCODE_ARCH: arm64 + VSCODE_LATEST: ${{ github.event.inputs.dont_update == 'true' && 'no' || 'yes' }} + VSCODE_QUALITY: stable + + steps: + - uses: actions/checkout@v4 + + - name: Setup Node.js environment + uses: actions/setup-node@v4 + with: + node-version: '20.18.2' + + - name: Clone VSCode repo + run: . get_repo.sh + + - name: Check existing VSCodium tags/releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NEW_RELEASE: ${{ github.event.inputs.new_release }} + IS_SPEARHEAD: 'yes' + run: . check_tags.sh + + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: ./build.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@v6 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + if: env.SHOULD_BUILD == 'yes' && github.event.inputs.dont_update != 'true' + + - name: Update upstream version + run: ./update_upstream.sh + if: env.SHOULD_BUILD == 'yes' && github.event.inputs.dont_update != 'true' + + - name: Prepare source + run: ./prepare_src.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Release source + env: + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./release.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Dispatch builds + uses: peter-evans/repository-dispatch@v3 + with: + event-type: 'stable' + if: env.SHOULD_BUILD == 'yes' || github.event.inputs.force_dispatch == 'true' diff --git a/.github/workflows/stable-windows.yml b/.github/workflows/stable-windows.yml new file mode 100644 index 00000000..28931ec9 --- /dev/null +++ b/.github/workflows/stable-windows.yml @@ -0,0 +1,307 @@ +name: stable-windows + +on: + workflow_dispatch: + inputs: + force_version: + type: boolean + description: Force update version + generate_assets: + type: boolean + description: Generate assets + checkout_pr: + type: string + description: Checkout PR + repository_dispatch: + types: [stable] + push: + branches: [ master ] + paths-ignore: + - '**/*.md' + - 'upstream/*.json' + pull_request: + branches: [ master ] + paths-ignore: + - '**/*.md' + +env: + APP_NAME: VSCodium + ASSETS_REPOSITORY: ${{ github.repository }} + BINARY_NAME: codium + GH_REPO_PATH: ${{ github.repository_owner }}/${{ github.repository }} + ORG_NAME: ${{ github.repository_owner }} + OS_NAME: windows + VERSIONS_REPOSITORY: ${{ github.repository_owner }}/versions + VSCODE_QUALITY: stable + +jobs: + check: + runs-on: ubuntu-latest + outputs: + MS_COMMIT: ${{ env.MS_COMMIT }} + MS_TAG: ${{ env.MS_TAG }} + RELEASE_VERSION: ${{ env.RELEASE_VERSION }} + SHOULD_BUILD: ${{ env.SHOULD_BUILD }} + SHOULD_DEPLOY: ${{ env.SHOULD_DEPLOY }} + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + + - name: Clone VSCode repo + run: ./get_repo.sh + + - name: Check PR or cron + env: + GENERATE_ASSETS: ${{ github.event.inputs.generate_assets }} + run: ./check_cron_or_pr.sh + + - name: Check existing VSCodium tags/releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CHECK_ALL: 'yes' + run: ./check_tags.sh + + compile: + needs: + - check + runs-on: ubuntu-20.04 + env: + MS_COMMIT: ${{ needs.check.outputs.MS_COMMIT }} + MS_TAG: ${{ needs.check.outputs.MS_TAG }} + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SHOULD_BUILD: ${{ (needs.check.outputs.SHOULD_BUILD == 'yes' || github.event.inputs.generate_assets == 'true') && 'yes' || 'no' }} + VSCODE_ARCH: 'x64' + outputs: + BUILD_SOURCEVERSION: ${{ env.BUILD_SOURCEVERSION }} + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + if: env.SHOULD_BUILD == 'yes' + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + + - name: Setup GCC + uses: egor-tensin/setup-gcc@v1 + with: + version: 10 + platform: x64 + + - name: Setup Node.js environment + uses: actions/setup-node@v4 + with: + node-version: '20.18.2' + if: env.SHOULD_BUILD == 'yes' + + - name: Install Yarn + run: npm install -g yarn + if: env.SHOULD_BUILD == 'yes' + + - name: Setup Python 3 + uses: actions/setup-python@v5 + with: + python-version: '3.11' + if: env.SHOULD_BUILD == 'yes' + + - name: Install libkrb5-dev + run: sudo apt-get update -y && sudo apt-get install -y libkrb5-dev + if: env.SHOULD_BUILD == 'yes' + + - name: Clone VSCode repo + run: ./get_repo.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Build + env: + SHOULD_BUILD_REH: 'no' + SHOULD_BUILD_REH_WEB: 'no' + run: ./build.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Compress vscode artifact + run: | + find vscode -type f -not -path "*/node_modules/*" -not -path "vscode/.build/node/*" -not -path "vscode/.git/*" > vscode.txt + echo "vscode/.build/extensions/node_modules" >> vscode.txt + echo "vscode/.git" >> vscode.txt + tar -czf vscode.tar.gz -T vscode.txt + if: env.SHOULD_BUILD == 'yes' + + - name: Upload vscode artifact + uses: actions/upload-artifact@v4 + with: + name: vscode + path: ./vscode.tar.gz + retention-days: ${{ needs.check.outputs.SHOULD_DEPLOY == 'yes' && 30 || 1 }} + if: env.SHOULD_BUILD == 'yes' + + build: + needs: + - check + - compile + runs-on: windows-2019 + strategy: + fail-fast: false + matrix: + vscode_arch: + - x64 + - arm64 + defaults: + run: + shell: bash + env: + BUILD_SOURCEVERSION: ${{ needs.compile.outputs.BUILD_SOURCEVERSION }} + MS_COMMIT: ${{ needs.check.outputs.MS_COMMIT }} + MS_TAG: ${{ needs.check.outputs.MS_TAG }} + RELEASE_VERSION: ${{ needs.check.outputs.RELEASE_VERSION }} + SHOULD_BUILD: ${{ (needs.check.outputs.SHOULD_BUILD == 'yes' || github.event.inputs.generate_assets == 'true') && 'yes' || 'no' }} + SHOULD_DEPLOY: ${{ needs.check.outputs.SHOULD_DEPLOY }} + VSCODE_ARCH: ${{ matrix.vscode_arch }} + outputs: + RELEASE_VERSION: ${{ env.RELEASE_VERSION }} + SHOULD_DEPLOY: ${{ env.SHOULD_DEPLOY }} + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + if: env.SHOULD_BUILD == 'yes' + + - name: Switch to relevant branch + env: + PULL_REQUEST_ID: ${{ github.event.inputs.checkout_pr }} + run: ./get_pr.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Setup Node.js environment + uses: actions/setup-node@v4 + with: + node-version: '20.18.2' + if: env.SHOULD_BUILD == 'yes' + + - name: Install Yarn + run: npm install -g yarn + if: env.SHOULD_BUILD == 'yes' + + - name: Setup Python 3 + uses: actions/setup-python@v5 + with: + python-version: '3.11' + if: env.SHOULD_BUILD == 'yes' + + - name: Check existing VSCodium tags/releases + env: + DISABLE_MSI: ${{ vars.DISABLE_STABLE_MSI }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: ./check_tags.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Download vscode artifact + uses: actions/download-artifact@v4 + with: + name: vscode + if: env.SHOULD_BUILD == 'yes' + + - name: Build + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + npm_config_arch: ${{ matrix.vscode_arch }} + npm_config_target_arch: ${{ matrix.vscode_arch }} + run: ./build/windows/package.sh + if: env.SHOULD_BUILD == 'yes' + + - name: Prepare assets + run: ./prepare_assets.sh + if: env.SHOULD_BUILD == 'yes' && (env.SHOULD_DEPLOY == 'yes' || github.event.inputs.generate_assets == 'true') + + - name: Upload unsigned artifacts + id: upload-unsigned-artifacts + uses: actions/upload-artifact@v4 + with: + name: unsigned-${{ matrix.vscode_arch }} + path: | + assets/*.exe + assets/*.msi + retention-days: 1 + if: env.SHOULD_BUILD == 'yes' && (env.SHOULD_DEPLOY == 'yes' || github.event.inputs.generate_assets == 'true') + + - name: Signing + uses: signpath/github-action-submit-signing-request@v1 + with: + api-token: ${{ secrets.SIGNPATH_API_TOKEN }} + organization-id: ${{ secrets.SIGNPATH_ORGANIZATION_ID }} + project-slug: ${{ secrets.SIGNPATH_PROJECT_SLUG }} + signing-policy-slug: ${{ secrets.SIGNPATH_POLICY_SLUG }} + github-artifact-id: ${{ steps.upload-unsigned-artifacts.outputs.artifact-id }} + artifact-configuration-slug: ${{ matrix.vscode_arch }} + wait-for-completion: true + # 3h to manually approve the request + wait-for-completion-timeout-in-seconds: 10800 + output-artifact-directory: assets/ + if: env.SHOULD_BUILD == 'yes' && (env.SHOULD_DEPLOY == 'yes' || github.event.inputs.generate_assets == 'true') + + - name: Prepare checksums + run: ./prepare_checksums.sh + if: env.SHOULD_BUILD == 'yes' && (env.SHOULD_DEPLOY == 'yes' || github.event.inputs.generate_assets == 'true') + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: ./release.sh + if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Update versions repo + env: + FORCE_UPDATE: ${{ github.event.inputs.force_version }} + GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} + GITHUB_USERNAME: ${{ github.repository_owner }} + run: ./update_version.sh + if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' + + - name: Upload assets + uses: actions/upload-artifact@v4 + with: + name: bin-${{ matrix.vscode_arch }} + path: assets/ + retention-days: 3 + if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'no' && github.event.inputs.generate_assets == 'true' + + winget: + needs: build + runs-on: windows-latest + defaults: + run: + shell: bash + env: + APP_IDENTIFIER: VSCodium.VSCodium + if: needs.build.outputs.SHOULD_DEPLOY == 'yes' + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ env.GITHUB_BRANCH }} + + - name: Check version + run: ./stores/winget/check_version.sh + env: + RELEASE_VERSION: ${{ needs.build.outputs.RELEASE_VERSION }} + + - name: Release to WinGet + uses: vedantmgoyal9/winget-releaser@main + with: + identifier: ${{ env.APP_IDENTIFIER }} + version: ${{ env.RELEASE_VERSION }} + release-tag: ${{ env.RELEASE_VERSION }} + installers-regex: '\.exe$' # only .exe files + token: ${{ secrets.STRONGER_GITHUB_TOKEN }} + if: env.SHOULD_DEPLOY == 'yes' diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml new file mode 100644 index 00000000..28d2f414 --- /dev/null +++ b/.github/workflows/stale.yml @@ -0,0 +1,25 @@ +name: Stale Issues + +on: + schedule: + - cron: '0 1 * * *' + +permissions: + issues: write + +jobs: + stale: + runs-on: ubuntu-latest + steps: + - uses: actions/stale@v9 + with: + days-before-stale: 180 + days-before-close: 30 + stale-issue-label: stale + operations-per-run: 1024 + stale-issue-message: > + This issue has been automatically marked as stale. **If this issue is still affecting you, please leave any comment**, and we'll keep it open. If you have any new additional information, please include it with your comment! + close-issue-message: > + This issue has been closed due to inactivity, and will not be monitored. If this is a bug and you can reproduce this issue, please open a new issue. + exempt-issue-labels: discussion,never-stale + only-pr-labels: needs-information diff --git a/.github/workflows/void-build.yml b/.github/workflows/void-build.yml new file mode 100644 index 00000000..bdc32735 --- /dev/null +++ b/.github/workflows/void-build.yml @@ -0,0 +1,412 @@ +name: Build Void + +on: + push: + branches: [ main, release/*, github-workflow ] + pull_request: + branches: [ main ] + workflow_dispatch: + +jobs: + check-for-artifacts: + runs-on: ubuntu-latest + outputs: + linux-x64-exists: ${{ steps.check-artifacts.outputs.linux-x64-exists }} + linux-arm64-exists: ${{ steps.check-artifacts.outputs.linux-arm64-exists }} + win32-x64-exists: ${{ steps.check-artifacts.outputs.win32-x64-exists }} + win32-arm64-exists: ${{ steps.check-artifacts.outputs.win32-arm64-exists }} + darwin-x64-exists: ${{ steps.check-artifacts.outputs.darwin-x64-exists }} + darwin-arm64-exists: ${{ steps.check-artifacts.outputs.darwin-arm64-exists }} + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version-file: '.nvmrc' + cache: 'npm' + + - name: Install dependencies + run: | + sudo apt-get update + sudo apt-get install -y pkg-config libx11-dev libxkbfile-dev libsecret-1-dev libkrb5-dev + # Set npm config to use GitHub token for authentication to avoid rate limits + npm config set //github.com/:_authToken=${{ github.token }} + npm config set //api.github.com/:_authToken=${{ github.token }} + npm config set //npm.pkg.github.com/:_authToken=${{ github.token }} + # Configure npm to use the GitHub token for all requests to github.com domains + npm config set @microsoft:registry https://npm.pkg.github.com + npm config set @vscode:registry https://npm.pkg.github.com + # Increase network timeout to handle slow connections + npm config set fetch-timeout 300000 + npm config set fetch-retry-mintimeout 20000 + npm config set fetch-retry-maxtimeout 120000 + npm install + npm install -g node-gyp + npm install -g gulp-cli + + - name: Build + run: | + npm run buildreact + npm run gulp vscode-linux-x64-min + + - name: Package + run: | + mkdir -p .build/linux/client + ARCHIVE_PATH=".build/linux/client/void-linux-x64.tar.gz" + tar -czf $ARCHIVE_PATH -C .. VSCode-linux-x64 + + - name: Generate checksum + run: | + cd .build/linux/client + sha256sum void-linux-x64.tar.gz > void-linux-x64.tar.gz.sha256 + + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: void-linux-x64 + path: | + .build/linux/client/void-linux-x64.tar.gz + .build/linux/client/void-linux-x64.tar.gz.sha256 + + build-linux-arm64: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version-file: '.nvmrc' + cache: 'npm' + + - name: Install dependencies + run: | + sudo apt-get update + sudo apt-get install -y pkg-config libx11-dev libxkbfile-dev libsecret-1-dev libkrb5-dev + # Set npm config to use GitHub token for authentication to avoid rate limits + npm config set //github.com/:_authToken=${{ github.token }} + npm config set //api.github.com/:_authToken=${{ github.token }} + npm config set //npm.pkg.github.com/:_authToken=${{ github.token }} + # Configure npm to use the GitHub token for all requests to github.com domains + npm config set @microsoft:registry https://npm.pkg.github.com + npm config set @vscode:registry https://npm.pkg.github.com + # Increase network timeout to handle slow connections + npm config set fetch-timeout 300000 + npm config set fetch-retry-mintimeout 20000 + npm config set fetch-retry-maxtimeout 120000 + npm install + npm install -g node-gyp + npm install -g gulp-cli + + - name: Build + run: | + npm run buildreact + npm run gulp vscode-linux-arm64-min + + - name: Package + run: | + mkdir -p .build/linux/client + ARCHIVE_PATH=".build/linux/client/void-linux-arm64.tar.gz" + tar -czf $ARCHIVE_PATH -C .. VSCode-linux-arm64 + + - name: Generate checksum + run: | + cd .build/linux/client + sha256sum void-linux-arm64.tar.gz > void-linux-arm64.tar.gz.sha256 + + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: void-linux-arm64 + path: | + .build/linux/client/void-linux-arm64.tar.gz + .build/linux/client/void-linux-arm64.tar.gz.sha256 + + build-windows: + runs-on: windows-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version-file: '.nvmrc' + cache: 'npm' + + - name: Install dependencies + run: | + # Set npm config to use GitHub token for authentication to avoid rate limits + npm config set //github.com/:_authToken=${{ github.token }} + npm config set //api.github.com/:_authToken=${{ github.token }} + npm config set //npm.pkg.github.com/:_authToken=${{ github.token }} + # Configure npm to use the GitHub token for all requests to github.com domains + npm config set @microsoft:registry https://npm.pkg.github.com + npm config set @vscode:registry https://npm.pkg.github.com + # Increase network timeout to handle slow connections + npm config set fetch-timeout 300000 + npm config set fetch-retry-mintimeout 20000 + npm config set fetch-retry-maxtimeout 120000 + npm install + npm install -g node-gyp + npm install -g gulp-cli + + - name: Build + run: | + npm run buildreact + npm run gulp vscode-win32-x64-min + + - name: Package + run: | + mkdir -p .build/win32-x64 + Compress-Archive -Path ..\VSCode-win32-x64\* -DestinationPath .build\win32-x64\void-win32-x64.zip + shell: pwsh + + - name: Generate checksum + run: | + cd .build/win32-x64 + $hash = Get-FileHash -Algorithm SHA256 void-win32-x64.zip + $hash.Hash | Out-File -Encoding ascii void-win32-x64.zip.sha256 + shell: pwsh + + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: void-win32-x64 + path: | + .build/win32-x64/void-win32-x64.zip + .build/win32-x64/void-win32-x64.zip.sha256 + + build-windows-arm64: + runs-on: windows-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version-file: '.nvmrc' + cache: 'npm' + + - name: Install dependencies + run: | + # Set npm config to use GitHub token for authentication to avoid rate limits + npm config set //github.com/:_authToken=${{ github.token }} + npm config set //api.github.com/:_authToken=${{ github.token }} + npm config set //npm.pkg.github.com/:_authToken=${{ github.token }} + # Configure npm to use the GitHub token for all requests to github.com domains + npm config set @microsoft:registry https://npm.pkg.github.com + npm config set @vscode:registry https://npm.pkg.github.com + # Increase network timeout to handle slow connections + npm config set fetch-timeout 300000 + npm config set fetch-retry-mintimeout 20000 + npm config set fetch-retry-maxtimeout 120000 + npm install + npm install -g node-gyp + npm install -g gulp-cli + + - name: Build + run: | + npm run buildreact + npm run gulp vscode-win32-arm64-min + + - name: Package + run: | + mkdir -p .build/win32-arm64 + Compress-Archive -Path ..\VSCode-win32-arm64\* -DestinationPath .build\win32-arm64\void-win32-arm64.zip + shell: pwsh + + - name: Generate checksum + run: | + cd .build/win32-arm64 + $hash = Get-FileHash -Algorithm SHA256 void-win32-arm64.zip + $hash.Hash | Out-File -Encoding ascii void-win32-arm64.zip.sha256 + shell: pwsh + + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: void-win32-arm64 + path: | + .build/win32-arm64/void-win32-arm64.zip + .build/win32-arm64/void-win32-arm64.zip.sha256 + + build-macos: + runs-on: macos-latest-large + strategy: + matrix: + arch: [arm64, x64] + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version-file: '.nvmrc' + cache: 'npm' + + - name: Install dependencies + run: | + # Set npm config to use GitHub token for authentication to avoid rate limits + npm config set //github.com/:_authToken=${{ github.token }} + npm config set //api.github.com/:_authToken=${{ github.token }} + npm config set //npm.pkg.github.com/:_authToken=${{ github.token }} + # Configure npm to use the GitHub token for all requests to github.com domains + npm config set @microsoft:registry https://npm.pkg.github.com + npm config set @vscode:registry https://npm.pkg.github.com + # Increase network timeout to handle slow connections + npm config set fetch-timeout 300000 + npm config set fetch-retry-mintimeout 20000 + npm config set fetch-retry-maxtimeout 120000 + npm install + npm install -g node-gyp + npm install -g gulp-cli + npm install -g create-dmg + + - name: Build + run: | + npm run buildreact + npm run gulp vscode-darwin-${{ matrix.arch }}-min + + - name: Create temporary working directory + run: | + WORKING_DIR="${{ runner.temp }}/VoidSign-${{ matrix.arch }}" + KEYCHAIN_DIR="${WORKING_DIR}/1_Keychain" + SIGN_DIR="${WORKING_DIR}/2_Signed" + mkdir -p "${WORKING_DIR}" "${KEYCHAIN_DIR}" "${SIGN_DIR}" + cp -Rp "$(pwd)/../VSCode-darwin-${{ matrix.arch }}" "${SIGN_DIR}" + echo "WORKING_DIR=${WORKING_DIR}" >> $GITHUB_ENV + echo "KEYCHAIN_DIR=${KEYCHAIN_DIR}" >> $GITHUB_ENV + echo "SIGN_DIR=${SIGN_DIR}" >> $GITHUB_ENV + echo "SIGNED_DOTAPP_DIR=${SIGN_DIR}/VSCode-darwin-${{ matrix.arch }}" >> $GITHUB_ENV + echo "SIGNED_DOTAPP=${SIGN_DIR}/VSCode-darwin-${{ matrix.arch }}/Void.app" >> $GITHUB_ENV + + - name: Import certificate + if: ${{ github.event_name != 'pull_request' && github.repository == 'voideditor/void' }} + env: + P12_BASE64: ${{ secrets.MACOS_CERTIFICATE }} + P12_PASSWORD: ${{ secrets.MACOS_CERTIFICATE_PWD }} + KEYCHAIN_PASSWORD: "temporary-password" + run: | + KEYCHAIN="${KEYCHAIN_DIR}/buildagent.keychain" + echo "KEYCHAIN=${KEYCHAIN}" >> $GITHUB_ENV + + # Create a new keychain + security create-keychain -p "${KEYCHAIN_PASSWORD}" "${KEYCHAIN}" + security set-keychain-settings -lut 21600 "${KEYCHAIN}" + security unlock-keychain -p "${KEYCHAIN_PASSWORD}" "${KEYCHAIN}" + + # Import certificate + echo "${P12_BASE64}" | base64 --decode > "${KEYCHAIN_DIR}/certificate.p12" + security import "${KEYCHAIN_DIR}/certificate.p12" -k "${KEYCHAIN}" -P "${P12_PASSWORD}" -T /usr/bin/codesign + security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "${KEYCHAIN_PASSWORD}" "${KEYCHAIN}" > /dev/null + + # Add to keychain list + security list-keychains -d user -s "${KEYCHAIN}" $(security list-keychains -d user | sed s/\"//g) + + - name: Sign Application + if: ${{ github.event_name != 'pull_request' && github.repository == 'voideditor/void' }} + env: + CODESIGN_IDENTITY: ${{ secrets.MACOS_SIGNING_IDENTITY }} + VSCODE_ARCH: ${{ matrix.arch }} + run: | + export AGENT_TEMPDIRECTORY="${KEYCHAIN_DIR}" + cd $(pwd)/build/darwin + node sign.js "${SIGN_DIR}" + codesign --verify --verbose=4 "${SIGNED_DOTAPP}" + + - name: Create Unsigned App (for PR builds) + if: ${{ github.event_name == 'pull_request' || github.repository != 'voideditor/void' }} + run: | + cp -Rp "$(pwd)/../VSCode-darwin-${{ matrix.arch }}" "${SIGN_DIR}" + echo "SIGNED_DOTAPP_DIR=$(pwd)/../VSCode-darwin-${{ matrix.arch }}" >> $GITHUB_ENV + echo "SIGNED_DOTAPP=$(pwd)/../VSCode-darwin-${{ matrix.arch }}/Void.app" >> $GITHUB_ENV + + - name: Create DMG + run: | + cd "${SIGNED_DOTAPP_DIR}" + npx create-dmg --volname "Void Installer" "${SIGNED_DOTAPP}" . || true + GENERATED_DMG=$(ls *.dmg) + mv "${GENERATED_DMG}" "Void-Installer-darwin-${{ matrix.arch }}.dmg" + + if [[ "${{ github.event_name }}" != "pull_request" && "${{ github.repository }}" == "voideditor/void" ]]; then + codesign --verify --verbose=4 "Void-Installer-darwin-${{ matrix.arch }}.dmg" + fi + + echo "SIGNED_DMG=${SIGNED_DOTAPP_DIR}/Void-Installer-darwin-${{ matrix.arch }}.dmg" >> $GITHUB_ENV + + - name: Notarize + if: ${{ github.event_name != 'pull_request' && github.repository == 'voideditor/void' }} + env: + APPLE_ID: ${{ secrets.APPLE_ID }} + TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} + APP_PASSWORD: ${{ secrets.APPLE_APP_PWD }} + KEYCHAIN_PASSWORD: "temporary-password" + run: | + # Store credentials for notarization + xcrun notarytool store-credentials "Void" \ + --apple-id "${APPLE_ID}" \ + --team-id "${TEAM_ID}" \ + --password "${APP_PASSWORD}" \ + --keychain "${KEYCHAIN}" + + # Submit for notarization with a timeout + xcrun notarytool submit "${SIGNED_DMG}" \ + --keychain-profile "Void" \ + --keychain "${KEYCHAIN}" \ + --wait --timeout 2h + + # Staple the notarization ticket + xcrun stapler staple "${SIGNED_DMG}" + + - name: Create Raw App Archive + run: | + cd "${SIGNED_DOTAPP_DIR}" + VOIDAPP=$(basename "${SIGNED_DOTAPP}") + ditto -c -k --sequesterRsrc --keepParent "${VOIDAPP}" "Void-RawApp-darwin-${{ matrix.arch }}.zip" + + - name: Generate Hash File + run: | + cd "${SIGNED_DOTAPP_DIR}" + SHA1=$(shasum -a 1 "Void-RawApp-darwin-${{ matrix.arch }}.zip" | cut -d' ' -f1) + SHA256=$(shasum -a 256 "Void-RawApp-darwin-${{ matrix.arch }}.zip" | cut -d' ' -f1) + TIMESTAMP=$(date +%s) + + cat > "Void-UpdJSON-darwin-${{ matrix.arch }}.json" << EOF + { + "sha256hash": "${SHA256}", + "hash": "${SHA1}", + "timestamp": ${TIMESTAMP} + } + EOF + + - name: Generate checksum for DMG + run: | + cd "${SIGNED_DOTAPP_DIR}" + shasum -a 256 "Void-Installer-darwin-${{ matrix.arch }}.dmg" > "Void-Installer-darwin-${{ matrix.arch }}.dmg.sha256" + + - name: Upload DMG + uses: actions/upload-artifact@v4 + with: + name: void-darwin-${{ matrix.arch }}-dmg + path: | + ${{ env.SIGNED_DMG }} + ${{ env.SIGNED_DOTAPP_DIR }}/Void-Installer-darwin-${{ matrix.arch }}.dmg.sha256 + + - name: Upload Raw App + uses: actions/upload-artifact@v4 + with: + name: void-darwin-${{ matrix.arch }}-rawapp + path: ${{ env.SIGNED_DOTAPP_DIR }}/Void-RawApp-darwin-${{ matrix.arch }}.zip + + - name: Upload Hash File + uses: actions/upload-artifact@v4 + with: + name: void-darwin-${{ matrix.arch }}-hash + path: ${{ env.SIGNED_DOTAPP_DIR }}/Void-UpdJSON-darwin-${{ matrix.arch }}.json +