Merge branch 'main' into jsjoeio/fix-password-hash

coder · Jun 1, 2021 · 9316f61 · 9316f61
2 parents cc6e284 + 58622cc
commit 9316f61
Show file tree

Hide file tree

Showing 15 changed files with 192 additions and 220 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -24,10 +24,10 @@ jobs:
       - name: Checkout repo
         uses: actions/checkout@v2
 
-      - name: Install Node.js v12
+      - name: Install Node.js v14
         uses: actions/setup-node@v2
         with:
-          node-version: "12"
+          node-version: "14"
 
       - name: Install helm
         uses: azure/[email protected]
@@ -67,10 +67,10 @@ jobs:
       - name: Checkout repo
         uses: actions/checkout@v2
 
-      - name: Install Node.js v12
+      - name: Install Node.js v14
         uses: actions/setup-node@v2
         with:
-          node-version: "12"
+          node-version: "14"
 
       - name: Fetch dependencies from cache
         id: cache-yarn
@@ -96,10 +96,10 @@ jobs:
         with:
           fetch-depth: 0
 
-      - name: Install Node.js v12
+      - name: Install Node.js v14
         uses: actions/setup-node@v2
         with:
-          node-version: "12"
+          node-version: "14"
 
       - name: Fetch dependencies from cache
         id: cache-yarn
@@ -169,10 +169,10 @@ jobs:
     steps:
       - uses: actions/checkout@v2
 
-      - name: Install Node.js v12
+      - name: Install Node.js v14
         uses: actions/setup-node@v2
         with:
-          node-version: "12"
+          node-version: "14"
 
       - name: Install development tools
         run: |
@@ -244,10 +244,10 @@ jobs:
     steps:
       - uses: actions/checkout@v2
 
-      - name: Install Node.js v12
+      - name: Install Node.js v14
         uses: actions/setup-node@v2
         with:
-          node-version: "12"
+          node-version: "14"
 
       - name: Install nfpm
         run: |
@@ -270,8 +270,8 @@ jobs:
 
       - name: Replace node with arm64 equivalent
         run: |
-          wget https://nodejs.org/dist/v12.18.4/node-v12.18.4-linux-arm64.tar.gz
-          tar -xzf node-v12.18.4-linux-arm64.tar.gz node-v12.18.4-linux-arm64/bin/node --strip-components=2
+          wget https://nodejs.org/dist/v14.17.0/node-v14.17.0-linux-arm64.tar.xz
+          tar -xf node-v14.17.0-linux-arm64.tar.xz node-v14.17.0-linux-arm64/bin/node --strip-components=2
           mv ./node ./release-standalone/lib/node
 
       - name: Build packages with nfpm
@@ -290,10 +290,10 @@ jobs:
     steps:
       - uses: actions/checkout@v2
 
-      - name: Install Node.js v12
+      - name: Install Node.js v14
         uses: actions/setup-node@v2
         with:
-          node-version: "12"
+          node-version: "14"
 
       - name: Install nfpm
         run: |
@@ -333,10 +333,10 @@ jobs:
     steps:
       - uses: actions/checkout@v2
 
-      - name: Install Node.js v12
+      - name: Install Node.js v14
         uses: actions/setup-node@v2
         with:
-          node-version: "12"
+          node-version: "14"
 
       - name: Install playwright
         uses: microsoft/playwright-github-action@v1
@@ -386,9 +386,10 @@ jobs:
       - name: Remove release packages and test artifacts
         run: rm -rf ./release-packages ./test/test-results
 
-  docker-amd64:
+  # Builds both amd64 and arm64 images
+  docker-images:
     runs-on: ubuntu-latest
-    needs: package-linux-amd64
+    needs: [package-linux-amd64, package-linux-arm64]
     steps:
       - uses: actions/checkout@v2
 
@@ -398,42 +399,24 @@ jobs:
           name: release-packages
           path: ./release-packages
 
-      - name: Run ./ci/steps/build-docker-image.sh
-        run: ./ci/steps/build-docker-image.sh
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
 
-      - name: Upload release image
-        uses: actions/upload-artifact@v2
-        with:
-          name: release-images
-          path: ./release-images
-
-  # TODO: this is the last place where we use our self-hosted arm64 runner.
-  # In the future, consider switching to docker buildx + qemu,
-  # thus removing the requirement for us to maintain the runner.
-  docker-arm64:
-    runs-on: ubuntu-arm64-latest
-    needs: package-linux-arm64
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Download release package
-        uses: actions/download-artifact@v2
-        with:
-          name: release-packages
-          path: ./release-packages
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
 
       - name: Run ./ci/steps/build-docker-image.sh
         run: ./ci/steps/build-docker-image.sh
 
-      - name: Upload release image
+      - name: Upload release images
         uses: actions/upload-artifact@v2
         with:
           name: release-images
           path: ./release-images
 
   trivy-scan-image:
     runs-on: ubuntu-20.04
-    needs: docker-amd64
+    needs: docker-images
     # NOTE@jsjoeio: disabling due to a memory issue upstream
     # See: https://github.com/github/codeql-action/issues/528
     if: 1 == 2
@@ -449,7 +432,7 @@ jobs:
 
       - name: Run Trivy vulnerability scanner in image mode
         # Commit SHA for v0.0.17
-        uses: aquasecurity/trivy-action@dba83feec810c70bacbc4bead308ae1e466c572b
+        uses: aquasecurity/trivy-action@ac8de07fd168680dd0331bef43681c0e150e9ad1
         with:
           input: "./release-images/code-server-amd64-*.tar"
           scan-type: "image"
@@ -466,6 +449,7 @@ jobs:
         uses: github/codeql-action/upload-sarif@v1
         with:
           sarif_file: "trivy-image-results.sarif"
+
   # We have to use two trivy jobs
   # because GitHub only allows
   # codeql/upload-sarif action per job
@@ -476,7 +460,7 @@ jobs:
         uses: actions/checkout@v2
       - name: Run Trivy vulnerability scanner in repo mode
         #Commit SHA for v0.0.17
-        uses: aquasecurity/trivy-action@dba83feec810c70bacbc4bead308ae1e466c572b
+        uses: aquasecurity/trivy-action@ac8de07fd168680dd0331bef43681c0e150e9ad1
         with:
           scan-type: "fs"
           scan-ref: "."

diff --git a/.tours/start-development.tour b/.tours/start-development.tour
@@ -5,7 +5,7 @@
     {
       "file": "package.json",
       "line": 31,
-      "description": "## Commands\n\nTo start developing, make sure you have Node 12+ and the [required dependencies](https://github.com/Microsoft/vscode/wiki/How-to-Contribute#prerequisites) installed. Then, run the following commands:\n\n1. Install dependencies:\n>> yarn\n\n3. Start development mode (and watch for changes):\n>> yarn watch"
+      "description": "## Commands\n\nTo start developing, make sure you have Node 14+ and the [required dependencies](https://github.com/Microsoft/vscode/wiki/How-to-Contribute#prerequisites) installed. Then, run the following commands:\n\n1. Install dependencies:\n>> yarn\n\n3. Start development mode (and watch for changes):\n>> yarn watch"
     },
     {
       "file": "src/node/app.ts",

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,31 +1,3 @@
-<!-- START doctoc generated TOC please keep comment here to allow auto update -->
-<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
-# Changelog
-
-- [Changelog](#changelog)
-  - [Next Version](#next-version)
-    - [New Features](#new-features)
-    - [Bug Fixes](#bug-fixes)
-    - [Documentation](#documentation)
-    - [Development](#development)
-  - [3.10.2](#3102)
-    - [New Features](#new-features-1)
-    - [Bug Fixes](#bug-fixes-1)
-    - [Development](#development-1)
-    - [Documentation](#documentation-1)
-  - [3.10.1](#3101)
-    - [Bug Fixes](#bug-fixes-2)
-    - [Documentation](#documentation-2)
-    - [Development](#development-2)
-  - [3.10.0](#3100)
-    - [New Features](#new-features-2)
-    - [Bug Fixes](#bug-fixes-3)
-    - [Documentation](#documentation-3)
-    - [Development](#development-3)
-  - [Previous versions](#previous-versions)
-
-<!-- END doctoc generated TOC please keep comment here to allow auto update -->
-
 # Changelog
 
 <!--
@@ -75,10 +47,15 @@ VS Code v0.00.0
 
 ### Documentation
 
-- docs: fix confusing sentence in pull requests section #3460 @shiv-tyag
+- docs: add Pomerium #3424 @desimone
+- docs: fix confusing sentence in pull requests section #3460 @shiv-tyagi
+- docs: remove toc from changelog @oxy @jsjoeio
+- docs(MAINTAINING): add information about CHANGELOG #3467 @jsjoeio
 
 ### Development
 
+- chore: cross-compile docker images with buildx #3166 @oxy
+- chore: update node to v14 #3458 @oxy
 - fix: use sufficient computational effort for password hash #3422 @jsjoeio
 
 ## 3.10.2

diff --git a/ci/README.md b/ci/README.md
@@ -100,8 +100,8 @@ You can disable minification by setting `MINIFY=`.
 
 This directory contains the release docker container image.
 
-- [./release-image/build.sh](./release-image/build.sh)
-  - Builds the release container with the tag `codercom/code-server-$ARCH:$VERSION`.
+- [./ci/steps/build-docker-image.sh](./ci/steps/build-docker-image.sh)
+  - Builds the release containers with tags `codercom/code-server-$ARCH:$VERSION` for amd64 and arm64 with `docker buildx`.
   - Assumes debian releases are ready in `./release-packages`.
 
 ## images

diff --git a/ci/build/npm-postinstall.sh b/ci/build/npm-postinstall.sh
@@ -23,10 +23,21 @@ main() {
   # Grabs the major version of node from $npm_config_user_agent which looks like
   # yarn/1.21.1 npm/? node/v14.2.0 darwin x64
   major_node_version=$(echo "$npm_config_user_agent" | sed -n 's/.*node\/v\([^.]*\).*/\1/p')
-  if [ "$major_node_version" -lt 12 ]; then
-    echo "code-server currently requires at least node v12"
+
+  if [ -n "${FORCE_NODE_VERSION:-}" ]; then
+    echo "WARNING: Overriding required Node.js version to v$FORCE_NODE_VERSION"
+    echo "This could lead to broken functionality, and is unsupported."
+    echo "USE AT YOUR OWN RISK!"
+  fi
+
+  if [ "$major_node_version" -ne "${FORCE_NODE_VERSION:-14}" ]; then
+    echo "ERROR: code-server currently requires node v14."
+    if [ -n "$FORCE_NODE_VERSION" ]; then
+      echo "However, you have overrided the version check to use v$FORCE_NODE_VERSION."
+    fi
     echo "We have detected that you are on node v$major_node_version"
-    echo "See https://github.com/cdr/code-server/issues/1633"
+    echo "You can override this version check by setting \$FORCE_NODE_VERSION,"
+    echo "but configurations that do not use the same node version are unsupported."
     exit 1
   fi
 
@@ -54,6 +65,12 @@ main() {
     echo "Please see https://github.com/cdr/code-server/blob/master/docs/npm.md"
     exit 1
   fi
+
+  if [ -n "${FORCE_NODE_VERSION:-}" ]; then
+    echo "WARNING: The required Node.js version was overriden to v$FORCE_NODE_VERSION"
+    echo "This could lead to broken functionality, and is unsupported."
+    echo "USE AT YOUR OWN RISK!"
+  fi
 }
 
 # This is a copy of symlink_asar in ../lib.sh. Look there for details.

diff --git a/ci/dev/fmt.sh b/ci/dev/fmt.sh
@@ -31,7 +31,6 @@ main() {
   doctoc --title '# Contributor Covenant Code of Conduct' docs/CODE_OF_CONDUCT.md >/dev/null
   doctoc --title '# iPad' docs/ipad.md >/dev/null
   doctoc --title '# Termux' docs/termux.md >/dev/null
-  doctoc --title '# Changelog' CHANGELOG.md >/dev/null
 
   if [[ ${CI-} && $(git ls-files --other --modified --exclude-standard) ]]; then
     echo "Files need generation or are formatted incorrectly:"

diff --git a/ci/release-image/build.sh b/ci/release-image/build.sh
diff --git a/ci/release-image/docker-bake.hcl b/ci/release-image/docker-bake.hcl
@@ -0,0 +1,25 @@
+# Use this file from the top of the repo, with `-f ci/release-image/docker-bake.hcl`
+
+# Uses env var VERSION if set;
+# normally, this is set by ci/lib.sh
+variable "VERSION" {
+    default = "latest"
+}
+
+group "default" {
+    targets = ["code-server-amd64", "code-server-arm64"]
+}
+
+target "code-server-amd64" {
+    dockerfile = "ci/release-image/Dockerfile"
+    tags = ["docker.io/codercom/code-server-amd64:${VERSION}"]
+    platforms = ["linux/amd64"]
+    output = ["type=tar,dest=./release-images/code-server-amd64-${VERSION}.tar"]
+}
+
+target "code-server-arm64" {
+    dockerfile = "ci/release-image/Dockerfile"
+    tags = ["docker.io/codercom/code-server-arm64:${VERSION}"]
+    platforms = ["linux/arm64"]
+    output = ["type=tar,dest=./release-images/code-server-arm64-${VERSION}.tar"]
+}
diff --git a/ci/steps/build-docker-image.sh b/ci/steps/build-docker-image.sh
@@ -5,10 +5,8 @@ main() {
   cd "$(dirname "$0")/../.."
   source ./ci/lib.sh
 
-  ./ci/release-image/build.sh
-
   mkdir -p release-images
-  docker save "codercom/code-server-$ARCH:$VERSION" >"release-images/code-server-$ARCH-$VERSION.tar"
+  docker buildx bake -f ci/release-image/docker-bake.hcl
 }
 
 main "$@"
diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md
@@ -35,7 +35,7 @@ The prerequisites for contributing to code-server are almost the same as those f
 [VS Code](https://github.com/Microsoft/vscode/wiki/How-to-Contribute#prerequisites).
 There are several differences, however. Here is what is needed:
 
-- `node` v12.x or greater
+- `node` v14.x or greater
 - `git` v2.x or greater
 - [`yarn`](https://classic.yarnpkg.com/en/)
   - used to install JS packages and run scripts
@@ -74,6 +74,7 @@ To update VS Code, follow these steps:
 4. There will be merge conflicts. First commit them.
    1. We do this because if we don't, it will be impossible to review your PR.
 5. Once they're all fixed, test code-server locally and make sure it all works.
+6. Check the version of Node.js that the version of Electron shipped with VSCode uses, and update the version of Node.js if necessary.
 
 #### Notes about Changes
 

diff --git a/docs/MAINTAINING.md b/docs/MAINTAINING.md
@@ -10,6 +10,7 @@
   - [Versioning](#versioning)
   - [Pull Requests](#pull-requests)
     - [Merge Strategies](#merge-strategies)
+    - [Changelog](#changelog)
   - [Release](#release)
     - [Release Manager Rotation](#release-manager-rotation)
 
@@ -79,6 +80,14 @@ If a PR does fix an issue, don't add it to the version milestone. Otherwise, the
 For most things, we recommend "Squash and Merge". If you're updating `lib/vscode`, we suggest using the "Rebase and Merge" strategy. There may be times where "Create a merge commit" makes sense as well. Use your best judgement. If you're unsure, you can always discuss in the PR with the team.
 The code-server project follows traditional [semantic versioning](ttps://semver.org/), with the objective of minimizing major changes that break backward compatibility. We increment the patch level for all releases, except when the upstream Visual Studio Code project increments its minor version or we change the plugin API in a backward-compatible manner. In those cases, we increment the minor version rather than the patch level.
 
+### Changelog
+
+To save time when creating a new release for code-server, we keep a running changelog at `CHANGELOG.md`.
+
+If either author or reviewer of a PR believe the change should be mentioned in the `CHANGELOG`, then it should be added.
+
+If there is not a "Next Version" when you modify `CHANGELOG`, please add it using the template you see near the top of `CHANGELOG`. You can use the suggested format: `<pr title> <pr #> <author> Example: `fix: Check the logged user instead of $USER #3330 @videlanicolas`
+
 ## Release
 
 ### Release Manager Rotation