diff --git a/.github/workflows/basic.yml b/.github/workflows/basic.yml new file mode 100644 index 000000000000..36d8c3b16ca2 --- /dev/null +++ b/.github/workflows/basic.yml @@ -0,0 +1,190 @@ +name: Basic checks + +on: + push: + branches: + - main + pull_request: + branches: + - main + +jobs: + main: + if: github.ref != 'refs/heads/main' + name: Compilation, Unit and Integration Tests + runs-on: ubuntu-latest + timeout-minutes: 40 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: 16 + - uses: actions/setup-python@v4 + with: + python-version: "3.11.x" + + # TODO: rename azure-pipelines/linux/xvfb.init to github-actions + - name: Setup Build Environment + run: | + sudo apt-get update + sudo apt-get install -y libxkbfile-dev pkg-config libsecret-1-dev libkrb5-dev libxss1 dbus xvfb libgtk-3-0 libgbm1 + sudo cp build/azure-pipelines/linux/xvfb.init /etc/init.d/xvfb + sudo chmod +x /etc/init.d/xvfb + sudo update-rc.d xvfb defaults + sudo service xvfb start + + + - name: Compute node modules cache key + id: nodeModulesCacheKey + run: echo "value=$(node build/azure-pipelines/common/sql-computeNodeModulesCacheKey.js)" >> $GITHUB_OUTPUT + - name: Cache node modules + id: cacheNodeModules + uses: actions/cache@v3 + with: + path: "**/node_modules" + key: ${{ runner.os }}-cacheNodeModules23-${{ steps.nodeModulesCacheKey.outputs.value }} + restore-keys: ${{ runner.os }}-cacheNodeModules23- + - name: Get yarn cache directory path + id: yarnCacheDirPath + if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT + - name: Cache yarn directory + if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + uses: actions/cache@v3 + with: + path: ${{ steps.yarnCacheDirPath.outputs.dir }} + key: ${{ runner.os }}-yarnCacheDir-${{ steps.nodeModulesCacheKey.outputs.value }} + restore-keys: ${{ runner.os }}-yarnCacheDir- + - name: Execute yarn + if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + env: + PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1 + ELECTRON_SKIP_BINARY_DOWNLOAD: 1 + run: yarn --frozen-lockfile --network-timeout 180000 + + - name: Compile and Download + run: yarn npm-run-all --max_old_space_size=4095 -lp compile "electron x64" + + - name: Run Unit Tests + id: electron-unit-tests + run: DISPLAY=:10 ./scripts/test.sh + + - name: Run Integration Tests (Electron) + id: electron-integration-tests + run: DISPLAY=:10 ./scripts/test-integration.sh + + hygiene: + if: github.ref != 'refs/heads/main' + name: Hygiene and Layering + runs-on: ubuntu-latest + timeout-minutes: 40 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: 16 + - uses: actions/setup-python@v4 + with: + python-version: "3.11.x" + + - name: Compute node modules cache key + id: nodeModulesCacheKey + # {{ SQL Carbon Edit}} Use sql-computeNodeModulesCacheKey + run: echo "value=$(node build/azure-pipelines/common/sql-computeNodeModulesCacheKey.js)" >> $GITHUB_OUTPUT + - name: Cache node modules + id: cacheNodeModules + uses: actions/cache@v3 + with: + path: "**/node_modules" + key: ${{ runner.os }}-cacheNodeModules20-${{ steps.nodeModulesCacheKey.outputs.value }} + restore-keys: ${{ runner.os }}-cacheNodeModules20- + - name: Get yarn cache directory path + id: yarnCacheDirPath + if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT + - name: Cache yarn directory + if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + uses: actions/cache@v3 + with: + path: ${{ steps.yarnCacheDirPath.outputs.dir }} + key: ${{ runner.os }}-yarnCacheDir-${{ steps.nodeModulesCacheKey.outputs.value }} + restore-keys: ${{ runner.os }}-yarnCacheDir- + - name: Install libkrb5-dev + if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + run: sudo apt install -y libkrb5-dev + - name: Execute yarn + if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + env: + PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1 + ELECTRON_SKIP_BINARY_DOWNLOAD: 1 + run: yarn --frozen-lockfile --network-timeout 180000 + + - name: Run Hygiene Checks + run: yarn gulp hygiene + + - name: Run Valid Layers Checks + run: yarn valid-layers-check + + - name: Compile /build/ + run: yarn --cwd build compile + + - name: Check clean git state + run: ./.github/workflows/check-clean-git-state.sh + + - name: Run eslint + run: yarn eslint + + # {{SQL CARBON EDIT}} Add linting for our folders + - name: Run sqllint + run: yarn sqllint + + - name: Run vscode-dts Compile Checks + run: yarn vscode-dts-compile-check + + - name: Run Trusted Types Checks + run: yarn tsec-compile-check + + # {{SQL CARBON TODO}} Update node modules caching to work with our cache keys + # warm-cache: + # name: Warm up node modules cache + # if: github.ref == 'refs/heads/main' + # runs-on: ubuntu-latest + # timeout-minutes: 40 + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # steps: + # - uses: actions/checkout@v4 + # - uses: actions/setup-node@v4 + # with: + # node-version: 18.15 + + # - name: Compute node modules cache key + # id: nodeModulesCacheKey + # run: echo "value=$(node build/azure-pipelines/common/sql-computeNodeModulesCacheKey.js)" >> $GITHUB_OUTPUT + # - name: Cache node modules + # id: cacheNodeModules + # uses: actions/cache@v3 + # with: + # path: "**/node_modules" + # key: ${{ runner.os }}-cacheNodeModulesLinux-${{ steps.nodeModulesCacheKey.outputs.value }} + # - name: Get yarn cache directory path + # id: yarnCacheDirPath + # if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + # run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT + # - name: Cache yarn directory + # if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + # uses: actions/cache@v3 + # with: + # path: ${{ steps.yarnCacheDirPath.outputs.dir }} + # key: ${{ runner.os }}-yarnCacheDir-${{ steps.nodeModulesCacheKey.outputs.value }} + # restore-keys: ${{ runner.os }}-yarnCacheDir- + # - name: Execute yarn + # if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + # env: + # PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1 + # ELECTRON_SKIP_BINARY_DOWNLOAD: 1 + # run: yarn --frozen-lockfile --network-timeout 180000 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3a95a2ef83ca..0a0a8f9433c7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,15 +19,13 @@ jobs: CHILD_CONCURRENCY: "1" GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: actions/checkout@v2 - - - uses: actions/setup-node@v2 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: node-version: 16 - - - uses: actions/setup-python@v2 + - uses: actions/setup-python@v4 with: - python-version: "2.x" + python-version: "3.11.x" # {{SQL CARBON EDIT}} Skip caching for now # - name: Compute node modules cache key @@ -88,7 +86,13 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: actions/checkout@v2.2.0 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: 16 + - uses: actions/setup-python@v4 + with: + python-version: "3.11.x" # TODO: rename azure-pipelines/linux/xvfb.init to github-actions - name: Setup Build Environment @@ -100,31 +104,31 @@ jobs: sudo update-rc.d xvfb defaults sudo service xvfb start - - uses: actions/setup-node@v2 + - name: Compute node modules cache key + id: nodeModulesCacheKey + # {{ SQL Carbon Edit}} Use sql-computeNodeModulesCacheKey + run: echo "value=$(node build/azure-pipelines/common/sql-computeNodeModulesCacheKey.js)" >> $GITHUB_OUTPUT + - name: Cache node modules + id: cacheNodeModules + uses: actions/cache@v3 with: - node-version: 16 - # {{SQL CARBON EDIT}} Skip caching for now - # - name: Compute node modules cache key - # id: nodeModulesCacheKey - # run: echo "::set-output name=value::$(node build/azure-pipelines/common/computeNodeModulesCacheKey.js)" - # - name: Cache node modules - # id: cacheNodeModules - # uses: actions/cache@v2 - # with: - # path: "**/node_modules" - # key: ${{ runner.os }}-cacheNodeModules14-${{ steps.nodeModulesCacheKey.outputs.value }} - # restore-keys: ${{ runner.os }}-cacheNodeModules14- - # - name: Get yarn cache directory path - # id: yarnCacheDirPath - # if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} - # run: echo "::set-output name=dir::$(yarn cache dir)" - # - name: Cache yarn directory - # if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} - # uses: actions/cache@v2 - # with: - # path: ${{ steps.yarnCacheDirPath.outputs.dir }} - # key: ${{ runner.os }}-yarnCacheDir-${{ steps.nodeModulesCacheKey.outputs.value }} - # restore-keys: ${{ runner.os }}-yarnCacheDir- + path: "**/node_modules" + key: ${{ runner.os }}-cacheNodeModules20-${{ steps.nodeModulesCacheKey.outputs.value }} + restore-keys: ${{ runner.os }}-cacheNodeModules20- + - name: Get yarn cache directory path + id: yarnCacheDirPath + if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT + - name: Cache yarn directory + if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + uses: actions/cache@v3 + with: + path: ${{ steps.yarnCacheDirPath.outputs.dir }} + key: ${{ runner.os }}-yarnCacheDir-${{ steps.nodeModulesCacheKey.outputs.value }} + restore-keys: ${{ runner.os }}-yarnCacheDir- + - name: Install libkrb5-dev + if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + run: sudo apt install -y libkrb5-dev - name: Execute yarn # if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} {{SQL CARBON EDIT}} Skip caching for now env: @@ -171,9 +175,31 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: actions/checkout@v2.2.0 - - - uses: actions/setup-node@v2 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: 16 + - uses: actions/setup-python@v4 + with: + python-version: "3.11.x" + - name: Compute node modules cache key + id: nodeModulesCacheKey + # {{ SQL Carbon Edit}} Use sql-computeNodeModulesCacheKey + run: echo "value=$(node build/azure-pipelines/common/sql-computeNodeModulesCacheKey.js)" >> $GITHUB_OUTPUT + - name: Cache node modules + id: cacheNodeModules + uses: actions/cache@v3 + with: + path: "**/node_modules" + key: ${{ runner.os }}-cacheNodeModules20-${{ steps.nodeModulesCacheKey.outputs.value }} + restore-keys: ${{ runner.os }}-cacheNodeModules20- + - name: Get yarn cache directory path + id: yarnCacheDirPath + if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT + - name: Cache yarn directory + if: ${{ steps.cacheNodeModules.outputs.cache-hit != 'true' }} + uses: actions/cache@v3 with: node-version: 16 @@ -234,11 +260,13 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: actions/checkout@v2 - - - uses: actions/setup-node@v2 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: node-version: 16 + - uses: actions/setup-python@v4 + with: + python-version: "3.11.x" - name: Compute node modules cache key id: nodeModulesCacheKey diff --git a/build/azure-pipelines/darwin/sql-product-build-darwin-signing.yml b/build/azure-pipelines/darwin/sql-product-build-darwin-signing.yml index 91957dc0124b..1ccaf4d62ce1 100644 --- a/build/azure-pipelines/darwin/sql-product-build-darwin-signing.yml +++ b/build/azure-pipelines/darwin/sql-product-build-darwin-signing.yml @@ -17,14 +17,7 @@ steps: mv azuredatastudio-darwin-$(VSCODE_ARCH)-unsigned.zip azuredatastudio-darwin-$(VSCODE_ARCH).zip displayName: 'Rename the file' - - task: UseDotNet@2 - displayName: 'Install .NET Core sdk for signing' - inputs: - packageType: sdk - version: 2.1.x - installationPath: $(Agent.ToolsDirectory)/dotnet - - - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1 + - task: EsrpCodeSigning@3 displayName: 'ESRP CodeSigning' inputs: ConnectedServiceName: 'Code Signing' @@ -51,7 +44,7 @@ steps: displayName: Clean Archive condition: and(succeeded(), eq(variables['signed'], true)) - - task: EsrpCodeSigning@1 + - task: EsrpCodeSigning@3 displayName: 'ESRP Notarization' inputs: ConnectedServiceName: 'Code Signing' diff --git a/build/azure-pipelines/darwin/sql-product-build-darwin.yml b/build/azure-pipelines/darwin/sql-product-build-darwin.yml index fb5082ecafd4..4de7b8bfbef9 100644 --- a/build/azure-pipelines/darwin/sql-product-build-darwin.yml +++ b/build/azure-pipelines/darwin/sql-product-build-darwin.yml @@ -23,6 +23,11 @@ steps: inputs: versionSpec: "1.x" + - task: UsePythonVersion@0 + inputs: + versionSpec: '3.11.x' + addToPath: true + - task: AzureKeyVault@1 displayName: 'Azure Key Vault: Get Secrets' inputs: diff --git a/build/azure-pipelines/linux/sql-product-build-linux.yml b/build/azure-pipelines/linux/sql-product-build-linux.yml index 5f29358cc56f..efa768335d2e 100644 --- a/build/azure-pipelines/linux/sql-product-build-linux.yml +++ b/build/azure-pipelines/linux/sql-product-build-linux.yml @@ -192,13 +192,13 @@ steps: condition: and(succeeded(), ne(variables['EXTENSIONS_ONLY'], 'true')) - task: UseDotNet@2 - displayName: 'Install .NET Core sdk for signing' + displayName: 'Install .NET SDK for signing' inputs: packageType: sdk - version: 5.0.x + version: 6.0.x installationPath: $(Agent.ToolsDirectory)/dotnet - - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1 + - task: EsrpCodeSigning@3 inputs: ConnectedServiceName: 'Code Signing' FolderPath: '$(Build.SourcesDirectory)/.build' diff --git a/build/azure-pipelines/web/sql-product-build-web.yml b/build/azure-pipelines/web/sql-product-build-web.yml index bfeef6daf213..d6bba6e319fb 100644 --- a/build/azure-pipelines/web/sql-product-build-web.yml +++ b/build/azure-pipelines/web/sql-product-build-web.yml @@ -179,13 +179,13 @@ steps: displayName: Build Rpm - task: UseDotNet@2 - displayName: 'Install .NET Core sdk for signing' + displayName: 'Install .NET SDK for signing' inputs: packageType: sdk - version: 5.0.x + version: 6.0.x installationPath: $(Agent.ToolsDirectory)/dotnet -- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1 +- task: EsrpCodeSigning@3 inputs: ConnectedServiceName: 'Code Signing' FolderPath: '$(Build.SourcesDirectory)/.build' diff --git a/build/azure-pipelines/win32/sql-product-build-win32.yml b/build/azure-pipelines/win32/sql-product-build-win32.yml index 3156f7855b33..cd35d95e2929 100644 --- a/build/azure-pipelines/win32/sql-product-build-win32.yml +++ b/build/azure-pipelines/win32/sql-product-build-win32.yml @@ -9,14 +9,14 @@ steps: - task: UsePythonVersion@0 inputs: - versionSpec: '2.x' + versionSpec: '3.11.x' addToPath: true - task: AzureKeyVault@1 inputs: azureSubscription: 'ClientToolsInfra_670062 (88d5392f-a34f-4769-b405-f597fc533613)' KeyVaultName: ado-secrets - SecretsFilter: 'github-distro-mixin-password,standalone-extensions-uri' + SecretsFilter: 'github-distro-mixin-password,standalone-extensions-uri,esrp-pki,esrp-aad-username,esrp-aad-password' displayName: 'Azure Key Vault: Get Secrets' - task: DownloadPipelineArtifact@2 @@ -155,7 +155,7 @@ steps: # displayName: Run core integration tests # condition: and(succeeded(), eq(variables['RUN_TESTS'], 'true')) - - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1 + - task: EsrpCodeSigning@3 displayName: 'Sign out code' inputs: ConnectedServiceName: 'Code Signing' @@ -229,15 +229,50 @@ steps: MaxRetryAttempts: 20 condition: and(succeeded(), eq(variables['signed'], true)) + - task: UseDotNet@2 + displayName: 'Install .NET 6.x for ESRP signing' + inputs: + version: 6.x + condition: and(succeeded(), eq(variables['signed'], true)) + + - task: EsrpClientTool@1 + displayName: Download ESRPClient + condition: and(succeeded(), eq(variables['signed'], true)) + + - powershell: | + . build/azure-pipelines/win32/exec.ps1 + $ErrorActionPreference = "Stop" + $EsrpClientTool = (gci -directory -filter EsrpClientTool_* $(Agent.RootDirectory)\_tasks | Select-Object -last 1).FullName + $EsrpCliZip = (gci -recurse -filter esrpcli.*.zip $EsrpClientTool | Select-Object -last 1).FullName + mkdir -p $(Agent.TempDirectory)\esrpcli + Expand-Archive -Path $EsrpCliZip -DestinationPath $(Agent.TempDirectory)\esrpcli + $EsrpCliDllPath = (gci -recurse -filter esrpcli.dll $(Agent.TempDirectory)\esrpcli | Select-Object -last 1).FullName + echo "##vso[task.setvariable variable=EsrpCliDllPath]$EsrpCliDllPath" + displayName: Find ESRP CLI + condition: and(succeeded(), eq(variables['signed'], true)) + - powershell: | . build/azure-pipelines/win32/exec.ps1 $ErrorActionPreference = "Stop" exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-user-setup" } exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-system-setup" } exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-archive" } - displayName: Archive & User & System setup + displayName: Archive & User & System setup (Unsigned) + condition: and(succeeded(), eq(variables['signed'], false)) + + - powershell: | + . build/azure-pipelines/win32/exec.ps1 + $ErrorActionPreference = "Stop" + $env:ESRPPKI = "$(ESRP-PKI)" + $env:ESRPAADUsername = "$(esrp-aad-username)" + $env:ESRPAADPassword = "$(esrp-aad-password)" + exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-user-setup" --sign } + exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-system-setup" --sign } + exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-archive" --sign } + displayName: Archive & User & System setup (Signed) + condition: and(succeeded(), eq(variables['signed'], true)) - - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1 + - task: EsrpCodeSigning@3 displayName: 'Sign installers' inputs: ConnectedServiceName: 'Code Signing' diff --git a/package.json b/package.json index 5777b8c122e6..509a92d058e2 100755 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "azuredatastudio", - "version": "1.41.2", + "version": "1.41.3", "distro": "c6da977529b6719ff1974faa53a73abe01ec13ac", "author": { "name": "Microsoft Corporation"