186 lines
7.6 KiB
YAML
186 lines
7.6 KiB
YAML
parameters:
|
|
- name: VSCODE_BUILD_ALPINE
|
|
type: boolean
|
|
default: false
|
|
- name: VSCODE_BUILD_ALPINE_ARM64
|
|
type: boolean
|
|
default: false
|
|
|
|
steps:
|
|
- task: NodeTool@0
|
|
inputs:
|
|
versionSource: fromFile
|
|
versionFilePath: .nvmrc
|
|
nodejsMirror: https://github.com/joaomoreno/node-mirror/releases/download
|
|
|
|
- template: ../distro/download-distro.yml
|
|
|
|
- task: AzureKeyVault@1
|
|
displayName: "Azure Key Vault: Get Secrets"
|
|
inputs:
|
|
azureSubscription: "vscode-builds-subscription"
|
|
KeyVaultName: vscode-build-secrets
|
|
SecretsFilter: "github-distro-mixin-password"
|
|
|
|
- task: DownloadPipelineArtifact@2
|
|
inputs:
|
|
artifact: Compilation
|
|
path: $(Build.ArtifactStagingDirectory)
|
|
displayName: Download compilation output
|
|
|
|
- script: tar -xzf $(Build.ArtifactStagingDirectory)/compilation.tar.gz
|
|
displayName: Extract compilation output
|
|
|
|
- script: node build/setup-npm-registry.js $NPM_REGISTRY
|
|
condition: and(succeeded(), ne(variables['NPM_REGISTRY'], 'none'))
|
|
displayName: Setup NPM Registry
|
|
|
|
- script: mkdir -p .build && node build/azure-pipelines/common/computeNodeModulesCacheKey.js alpine $VSCODE_ARCH > .build/yarnlockhash
|
|
displayName: Prepare node_modules cache key
|
|
|
|
- task: Cache@2
|
|
inputs:
|
|
key: '"node_modules" | .build/yarnlockhash'
|
|
path: .build/node_modules_cache
|
|
cacheHitVar: NODE_MODULES_RESTORED
|
|
displayName: Restore node_modules cache
|
|
|
|
- script: tar -xzf .build/node_modules_cache/cache.tgz
|
|
condition: and(succeeded(), eq(variables.NODE_MODULES_RESTORED, 'true'))
|
|
displayName: Extract node_modules cache
|
|
|
|
- script: |
|
|
set -e
|
|
npm config set registry "$NPM_REGISTRY" --location=project
|
|
# npm >v7 deprecated the `always-auth` config option, refs npm/cli@72a7eeb
|
|
# following is a workaround for yarn to send authorization header
|
|
# for GET requests to the registry.
|
|
echo "always-auth=true" >> .npmrc
|
|
yarn config set registry "$NPM_REGISTRY"
|
|
condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'), ne(variables['NPM_REGISTRY'], 'none'))
|
|
displayName: Setup NPM & Yarn
|
|
|
|
- task: npmAuthenticate@0
|
|
inputs:
|
|
workingFile: .npmrc
|
|
condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'), ne(variables['NPM_REGISTRY'], 'none'))
|
|
displayName: Setup NPM Authentication
|
|
|
|
- task: Docker@1
|
|
inputs:
|
|
azureSubscriptionEndpoint: "vscode-builds-subscription"
|
|
azureContainerRegistry: vscodehub.azurecr.io
|
|
command: "Run an image"
|
|
imageName: "vscode-linux-build-agent:alpine-$(VSCODE_ARCH)"
|
|
containerCommand: uname
|
|
displayName: "Pull image"
|
|
condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'))
|
|
|
|
- script: sudo apt-get update && sudo apt-get install -y libkrb5-dev
|
|
displayName: Install build dependencies
|
|
condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'))
|
|
|
|
- script: |
|
|
set -e
|
|
for i in {1..5}; do # try 5 times
|
|
yarn --frozen-lockfile --check-files && break
|
|
if [ $i -eq 3 ]; then
|
|
echo "Yarn failed too many times" >&2
|
|
exit 1
|
|
fi
|
|
echo "Yarn failed $i, trying again..."
|
|
done
|
|
env:
|
|
npm_config_arch: $(NPM_ARCH)
|
|
ELECTRON_SKIP_BINARY_DOWNLOAD: 1
|
|
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
|
|
GITHUB_TOKEN: "$(github-distro-mixin-password)"
|
|
${{ if eq(parameters.VSCODE_BUILD_ALPINE_ARM64, true) }}:
|
|
VSCODE_REMOTE_DEPENDENCIES_CONTAINER_NAME: vscodehub.azurecr.io/vscode-linux-build-agent@sha256:9460a68ee75616af694fbfcb44705f3a9e2d2428d1c485cec69d574326db85a6
|
|
${{ if eq(parameters.VSCODE_BUILD_ALPINE, true) }}:
|
|
VSCODE_REMOTE_DEPENDENCIES_CONTAINER_NAME: vscodehub.azurecr.io/vscode-linux-build-agent@sha256:363166a7958f99ff581a62d94dec42217c16f1aed00e11875e30a59c178e52f9
|
|
VSCODE_HOST_MOUNT: "/mnt/vss/_work/1/s"
|
|
displayName: Install dependencies
|
|
condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'))
|
|
|
|
- script: node build/azure-pipelines/distro/mixin-npm
|
|
displayName: Mixin distro node modules
|
|
condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'))
|
|
|
|
- script: |
|
|
set -e
|
|
node build/azure-pipelines/common/listNodeModules.js .build/node_modules_list.txt
|
|
mkdir -p .build/node_modules_cache
|
|
tar -czf .build/node_modules_cache/cache.tgz --files-from .build/node_modules_list.txt
|
|
condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'))
|
|
displayName: Create node_modules archive
|
|
|
|
- script: node build/azure-pipelines/distro/mixin-quality
|
|
displayName: Mixin distro quality
|
|
|
|
- template: ../common/install-builtin-extensions.yml
|
|
|
|
- script: |
|
|
set -e
|
|
TARGET=$([ "$VSCODE_ARCH" == "x64" ] && echo "linux-alpine" || echo "alpine-arm64") # TODO@joaomoreno
|
|
yarn gulp vscode-reh-$TARGET-min-ci
|
|
(cd .. && mv vscode-reh-$TARGET vscode-server-$TARGET) # TODO@joaomoreno
|
|
ARCHIVE_PATH=".build/linux/server/vscode-server-$TARGET.tar.gz"
|
|
mkdir -p $(dirname $ARCHIVE_PATH)
|
|
tar --owner=0 --group=0 -czf $ARCHIVE_PATH -C .. vscode-server-$TARGET
|
|
echo "##vso[task.setvariable variable=SERVER_PATH]$ARCHIVE_PATH"
|
|
env:
|
|
GITHUB_TOKEN: "$(github-distro-mixin-password)"
|
|
displayName: Build server
|
|
|
|
- script: |
|
|
set -e
|
|
TARGET=$([ "$VSCODE_ARCH" == "x64" ] && echo "linux-alpine" || echo "alpine-arm64")
|
|
yarn gulp vscode-reh-web-$TARGET-min-ci
|
|
(cd .. && mv vscode-reh-web-$TARGET vscode-server-$TARGET-web) # TODO@joaomoreno
|
|
ARCHIVE_PATH=".build/linux/web/vscode-server-$TARGET-web.tar.gz"
|
|
mkdir -p $(dirname $ARCHIVE_PATH)
|
|
tar --owner=0 --group=0 -czf $ARCHIVE_PATH -C .. vscode-server-$TARGET-web
|
|
echo "##vso[task.setvariable variable=WEB_PATH]$ARCHIVE_PATH"
|
|
env:
|
|
GITHUB_TOKEN: "$(github-distro-mixin-password)"
|
|
displayName: Build server (web)
|
|
|
|
- script: echo "##vso[task.setvariable variable=ARTIFACT_PREFIX]attempt$(System.JobAttempt)_"
|
|
condition: and(succeededOrFailed(), notIn(variables['Agent.JobStatus'], 'Succeeded', 'SucceededWithIssues'))
|
|
displayName: Generate artifact prefix
|
|
|
|
- script: mkdir $(agent.builddirectory)/vscode-alpine-$(VSCODE_ARCH)
|
|
displayName: Make folder for SBOM
|
|
|
|
- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
|
|
displayName: Generate SBOM
|
|
inputs:
|
|
BuildDropPath: $(agent.builddirectory)/vscode-alpine-$(VSCODE_ARCH)
|
|
PackageName: Visual Studio Code Server
|
|
|
|
- publish: $(agent.builddirectory)/vscode-alpine-$(VSCODE_ARCH)/_manifest
|
|
displayName: Publish SBOM
|
|
artifact: $(ARTIFACT_PREFIX)sbom_vscode_alpine_$(VSCODE_ARCH)
|
|
|
|
- publish: $(SERVER_PATH)
|
|
artifact: $(ARTIFACT_PREFIX)vscode_server_alpine_$(VSCODE_ARCH)_archive-unsigned
|
|
displayName: Publish server archive
|
|
condition: and(succeededOrFailed(), ne(variables['SERVER_PATH'], ''), ne(variables['VSCODE_ARCH'], 'x64'))
|
|
|
|
- publish: $(WEB_PATH)
|
|
artifact: $(ARTIFACT_PREFIX)vscode_web_alpine_$(VSCODE_ARCH)_archive-unsigned
|
|
displayName: Publish web server archive
|
|
condition: and(succeededOrFailed(), ne(variables['WEB_PATH'], ''), ne(variables['VSCODE_ARCH'], 'x64'))
|
|
|
|
# Legacy x64 artifact name
|
|
- publish: $(SERVER_PATH)
|
|
artifact: $(ARTIFACT_PREFIX)vscode_server_linux_alpine_archive-unsigned
|
|
displayName: Publish x64 server archive
|
|
condition: and(succeededOrFailed(), ne(variables['SERVER_PATH'], ''), eq(variables['VSCODE_ARCH'], 'x64'))
|
|
|
|
- publish: $(WEB_PATH)
|
|
artifact: $(ARTIFACT_PREFIX)vscode_web_linux_alpine_archive-unsigned
|
|
displayName: Publish x64 web server archive
|
|
condition: and(succeededOrFailed(), ne(variables['WEB_PATH'], ''), eq(variables['VSCODE_ARCH'], 'x64'))
|