From 1fea7a23f0b27cfaf7db97750eded4f643a10258 Mon Sep 17 00:00:00 2001 From: Aiday Marlen Kyzy Date: Thu, 21 Mar 2024 12:04:48 +0100 Subject: [PATCH 1/6] increment the test suite --- .../test/browser/indentation.test.ts | 90 +++++++++++++++++++ 1 file changed, 90 insertions(+) diff --git a/src/vs/editor/contrib/indentation/test/browser/indentation.test.ts b/src/vs/editor/contrib/indentation/test/browser/indentation.test.ts index 6ef21225b56..7f4f64dfb70 100644 --- a/src/vs/editor/contrib/indentation/test/browser/indentation.test.ts +++ b/src/vs/editor/contrib/indentation/test/browser/indentation.test.ts @@ -735,6 +735,96 @@ suite('`Full` Auto Indent On Type - TypeScript/JavaScript', () => { }); }); + test.skip('issue #43244: indent after equal sign is detected', () => { + + // https://github.com/microsoft/vscode/issues/43244 + // issue: Indent after an equal sign is detected followed by whitespace. + // This should be outdented when a semi-colon is detected indicating the end of the assignment. + + const model = createTextModel([ + 'const array =' + ].join('\n'), languageId, {}); + disposables.add(model); + + withTestCodeEditor(model, { autoIndent: "full" }, (editor, viewModel, instantiationService) => { + registerLanguage(instantiationService, languageId, Language.TypeScript, disposables); + editor.setSelection(new Selection(1, 14, 1, 14)); + viewModel.type("\n", 'keyboard'); + assert.strictEqual(model.getValue(), [ + 'const array =', + ' ' + ].join('\n')); + }); + }); + + test.skip('issue #43244: indent after dot detected after object/array signifying a method call', () => { + + // https://github.com/microsoft/vscode/issues/43244 + // issue: When a dot is written, we should detect that this is a method call and indent accordingly + + const model = createTextModel([ + 'const array = [1, 2, 3];', + 'array.' + ].join('\n'), languageId, {}); + disposables.add(model); + + withTestCodeEditor(model, { autoIndent: "full" }, (editor, viewModel, instantiationService) => { + registerLanguage(instantiationService, languageId, Language.TypeScript, disposables); + editor.setSelection(new Selection(2, 7, 2, 7)); + viewModel.type("\n", 'keyboard'); + assert.strictEqual(model.getValue(), [ + 'const array = [1, 2, 3];', + 'array.', + ' ' + ].join('\n')); + }); + }); + + test.skip('issue #43244: indent after dot detected on a subsequent line after object/array signifying a method call', () => { + + // https://github.com/microsoft/vscode/issues/43244 + // issue: when a dot is written, we should detect that this is a method call and indent accordingly + + const model = createTextModel([ + 'const array = [1, 2, 3]', + ].join('\n'), languageId, {}); + disposables.add(model); + + withTestCodeEditor(model, { autoIndent: "full" }, (editor, viewModel, instantiationService) => { + registerLanguage(instantiationService, languageId, Language.TypeScript, disposables); + editor.setSelection(new Selection(2, 7, 2, 7)); + viewModel.type("\n", 'keyboard'); + viewModel.type("."); + assert.strictEqual(model.getValue(), [ + 'const array = [1, 2, 3]', + ' .' + ].join('\n')); + }); + }); + + test.skip('issue #43244: keep indentation when methods called on object/array', () => { + + // https://github.com/microsoft/vscode/issues/43244 + // Currently passes, but should pass with all the tests above too + + const model = createTextModel([ + 'const array = [1, 2, 3]', + ' .filter(() => true)' + ].join('\n'), languageId, {}); + disposables.add(model); + + withTestCodeEditor(model, { autoIndent: "full" }, (editor, viewModel, instantiationService) => { + registerLanguage(instantiationService, languageId, Language.TypeScript, disposables); + editor.setSelection(new Selection(2, 24, 2, 24)); + viewModel.type("\n", 'keyboard'); + assert.strictEqual(model.getValue(), [ + 'const array = [1, 2, 3]', + ' .filter(() => true)', + ' ' + ].join('\n')); + }); + }); + // Add tests for: // https://github.com/microsoft/vscode/issues/88638 // https://github.com/microsoft/vscode/issues/63388 From 8a19756adf1b689e4f490a871d5067e6c54e3d01 Mon Sep 17 00:00:00 2001 From: Benjamin Pasero Date: Thu, 21 Mar 2024 13:01:42 +0100 Subject: [PATCH 2/6] [Bug] /var/folders/** files can't be excluded from search (fix #203872) (#208296) --- .../history/browser/historyService.ts | 63 ++++++++++++------- 1 file changed, 39 insertions(+), 24 deletions(-) diff --git a/src/vs/workbench/services/history/browser/historyService.ts b/src/vs/workbench/services/history/browser/historyService.ts index 6b67a036cb5..7fde1ff6a00 100644 --- a/src/vs/workbench/services/history/browser/historyService.ts +++ b/src/vs/workbench/services/history/browser/historyService.ts @@ -819,35 +819,43 @@ export class HistoryService extends Disposable implements IHistoryService { this.editorHelper.clearOnEditorDispose(this.history.pop()!, this.editorHistoryListeners); } - // React to editor input disposing if this is a typed editor - if (isEditorInput(historyInput)) { - this.editorHelper.onEditorDispose(historyInput, () => this.updateHistoryOnEditorDispose(historyInput), this.editorHistoryListeners); + // React to editor input disposing + if (isEditorInput(editor)) { + this.editorHelper.onEditorDispose(editor, () => this.updateHistoryOnEditorDispose(historyInput), this.editorHistoryListeners); } } - private updateHistoryOnEditorDispose(editor: EditorInput): void { + private updateHistoryOnEditorDispose(editor: EditorInput | IResourceEditorInput): void { + if (isEditorInput(editor)) { - // Any non side-by-side editor input gets removed directly on dispose - if (!isSideBySideEditorInput(editor)) { - this.removeFromHistory(editor); - } - - // Side-by-side editors get special treatment: we try to distill the - // possibly untyped resource inputs from both sides to be able to - // offer these entries from the history to the user still. - else { - const resourceInputs: IResourceEditorInput[] = []; - const sideInputs = editor.primary.matches(editor.secondary) ? [editor.primary] : [editor.primary, editor.secondary]; - for (const sideInput of sideInputs) { - const candidateResourceInput = this.editorHelper.preferResourceEditorInput(sideInput); - if (isResourceEditorInput(candidateResourceInput)) { - resourceInputs.push(candidateResourceInput); - } + // Any non side-by-side editor input gets removed directly on dispose + if (!isSideBySideEditorInput(editor)) { + this.removeFromHistory(editor); } - // Insert the untyped resource inputs where our disposed - // side-by-side editor input is in the history stack - this.replaceInHistory(editor, ...resourceInputs); + // Side-by-side editors get special treatment: we try to distill the + // possibly untyped resource inputs from both sides to be able to + // offer these entries from the history to the user still. + else { + const resourceInputs: IResourceEditorInput[] = []; + const sideInputs = editor.primary.matches(editor.secondary) ? [editor.primary] : [editor.primary, editor.secondary]; + for (const sideInput of sideInputs) { + const candidateResourceInput = this.editorHelper.preferResourceEditorInput(sideInput); + if (isResourceEditorInput(candidateResourceInput)) { + resourceInputs.push(candidateResourceInput); + } + } + + // Insert the untyped resource inputs where our disposed + // side-by-side editor input is in the history stack + this.replaceInHistory(editor, ...resourceInputs); + } + } else { + + // Remove any editor that should not be included in history + if (!this.includeInHistory(editor)) { + this.removeFromHistory(editor); + } } } @@ -1019,7 +1027,10 @@ export class HistoryService extends Disposable implements IHistoryService { // We check on resource and `editorId` (from `override`) // to figure out if the editor has been already added. for (const editor of storedEditorHistory) { - if (!handledEditors.has(`${editor.resource.toString()}/${editor.options?.override}`)) { + if ( + !handledEditors.has(`${editor.resource.toString()}/${editor.options?.override}`) && + this.includeInHistory(editor) + ) { this.addToHistory(editor, false /* at the end */); } } @@ -1162,6 +1173,10 @@ export class HistoryService extends Disposable implements IHistoryService { stack.disposable.dispose(); } } + + for (const [, listener] of this.editorHistoryListeners) { + listener.dispose(); + } } } From 055bf7b221668d1f0e752c4f92eff628dcfbec28 Mon Sep 17 00:00:00 2001 From: Aiday Marlen Kyzy Date: Thu, 21 Mar 2024 13:06:55 +0100 Subject: [PATCH 3/6] adding more tests --- .../test/browser/indentation.test.ts | 49 ++++++++++++++++++- .../supports/javascriptIndentationRules.ts | 2 +- .../codeEditor/test/node/autoindent.test.ts | 16 ++++++ 3 files changed, 64 insertions(+), 3 deletions(-) diff --git a/src/vs/editor/contrib/indentation/test/browser/indentation.test.ts b/src/vs/editor/contrib/indentation/test/browser/indentation.test.ts index 7f4f64dfb70..a9bae82ae00 100644 --- a/src/vs/editor/contrib/indentation/test/browser/indentation.test.ts +++ b/src/vs/editor/contrib/indentation/test/browser/indentation.test.ts @@ -738,7 +738,7 @@ suite('`Full` Auto Indent On Type - TypeScript/JavaScript', () => { test.skip('issue #43244: indent after equal sign is detected', () => { // https://github.com/microsoft/vscode/issues/43244 - // issue: Indent after an equal sign is detected followed by whitespace. + // issue: Should indent after an equal sign is detected followed by whitespace characters. // This should be outdented when a semi-colon is detected indicating the end of the assignment. const model = createTextModel([ @@ -783,7 +783,7 @@ suite('`Full` Auto Indent On Type - TypeScript/JavaScript', () => { test.skip('issue #43244: indent after dot detected on a subsequent line after object/array signifying a method call', () => { // https://github.com/microsoft/vscode/issues/43244 - // issue: when a dot is written, we should detect that this is a method call and indent accordingly + // issue: When a dot is written, we should detect that this is a method call and indent accordingly const model = createTextModel([ 'const array = [1, 2, 3]', @@ -825,6 +825,51 @@ suite('`Full` Auto Indent On Type - TypeScript/JavaScript', () => { }); }); + test.skip('issue #43244: outdent when a semi-color is detected indicating the end of the assignment', () => { + + // https://github.com/microsoft/vscode/issues/43244 + + const model = createTextModel([ + 'const array = [1, 2, 3]', + ' .filter(() => true);' + ].join('\n'), languageId, {}); + disposables.add(model); + + withTestCodeEditor(model, { autoIndent: "full" }, (editor, viewModel, instantiationService) => { + registerLanguage(instantiationService, languageId, Language.TypeScript, disposables); + editor.setSelection(new Selection(2, 25, 2, 25)); + viewModel.type("\n", 'keyboard'); + assert.strictEqual(model.getValue(), [ + 'const array = [1, 2, 3]', + ' .filter(() => true);', + '' + ].join('\n')); + }); + }); + + test.skip('issue #43244: indent when lambda arrow function is detected, outdent when end is reached', () => { + + // https://github.com/microsoft/vscode/issues/43244 + + const model = createTextModel([ + 'const array = [1, 2, 3, 4, 5];', + 'array.map(v =>)' + ].join('\n'), languageId, {}); + disposables.add(model); + + withTestCodeEditor(model, { autoIndent: "full" }, (editor, viewModel, instantiationService) => { + registerLanguage(instantiationService, languageId, Language.TypeScript, disposables); + editor.setSelection(new Selection(2, 15, 2, 15)); + viewModel.type("\n", 'keyboard'); + assert.strictEqual(model.getValue(), [ + 'const array = [1, 2, 3, 4, 5];', + 'array.map(v =>', + ' ', + ')' + ].join('\n')); + }); + }); + // Add tests for: // https://github.com/microsoft/vscode/issues/88638 // https://github.com/microsoft/vscode/issues/63388 diff --git a/src/vs/editor/test/common/modes/supports/javascriptIndentationRules.ts b/src/vs/editor/test/common/modes/supports/javascriptIndentationRules.ts index 12fb83c4925..2ed27c3dff9 100644 --- a/src/vs/editor/test/common/modes/supports/javascriptIndentationRules.ts +++ b/src/vs/editor/test/common/modes/supports/javascriptIndentationRules.ts @@ -4,7 +4,7 @@ *--------------------------------------------------------------------------------------------*/ export const javascriptIndentationRules = { - decreaseIndentPattern: /^((?!.*?\/\*).*\*\/)?\s*[\}\]].*$/, + decreaseIndentPattern: /^((?!.*?\/\*).*\*\/)?\s*[\}\]\)].*$/, increaseIndentPattern: /^((?!\/\/).)*(\{([^}"'`]*|(\t|[ ])*\/\/.*)|\([^)"'`]*|\[[^\]"'`]*)$/, // e.g. * ...| or */| or *-----*/| unIndentedLinePattern: /^(\t|[ ])*[ ]\*[^/]*\*\/\s*$|^(\t|[ ])*[ ]\*\/\s*$|^(\t|[ ])*[ ]\*([ ]([^\*]|\*(?!\/))*)?$/ diff --git a/src/vs/workbench/contrib/codeEditor/test/node/autoindent.test.ts b/src/vs/workbench/contrib/codeEditor/test/node/autoindent.test.ts index 8f08b401e60..0378af3ac75 100644 --- a/src/vs/workbench/contrib/codeEditor/test/node/autoindent.test.ts +++ b/src/vs/workbench/contrib/codeEditor/test/node/autoindent.test.ts @@ -309,4 +309,20 @@ suite('Auto-Reindentation - TypeScript/JavaScript', () => { const editOperations = getReindentEditOperations(model, languageConfigurationService, 1, model.getLineCount()); assert.deepStrictEqual(editOperations.length, 0); }); + + test.skip('Issue 43244: incorrect indentation when signature of function call spans several lines', () => { + + // issue: https://github.com/microsoft/vscode/issues/43244 + + const fileContents = [ + 'function callSomeOtherFunction(one: number, two: number) { }', + 'function someFunction() {', + ' callSomeOtherFunction(4,', + ' 5)', + '}', + ].join('\n'); + const model = disposables.add(instantiateTextModel(instantiationService, fileContents, languageId, options)); + const editOperations = getReindentEditOperations(model, languageConfigurationService, 1, model.getLineCount()); + assert.deepStrictEqual(editOperations.length, 0); + }); }); From 5e0394c8d16cf23bf5d407ef5999d607e1857fe7 Mon Sep 17 00:00:00 2001 From: Robo Date: Thu, 21 Mar 2024 22:11:57 +0900 Subject: [PATCH 4/6] fix: don't package detection script in legacy server (#208274) * fix: don't package detection script in legacy server * chore: address review feedback * chore: rename download asset name --- build/azure-pipelines/common/publish.js | 4 ++-- build/azure-pipelines/common/publish.ts | 4 ++-- .../linux/product-build-linux.yml | 2 -- build/gulpfile.reh.js | 8 +++++++- resources/server/bin/code-server-linux.sh | 20 ------------------- .../check-requirements-linux-legacy.sh | 9 +++++++++ 6 files changed, 20 insertions(+), 27 deletions(-) create mode 100755 resources/server/bin/helpers/check-requirements-linux-legacy.sh diff --git a/build/azure-pipelines/common/publish.js b/build/azure-pipelines/common/publish.js index e2f3a2e0e6f..28f60dc71c2 100644 --- a/build/azure-pipelines/common/publish.js +++ b/build/azure-pipelines/common/publish.js @@ -421,12 +421,12 @@ function getPlatform(product, os, arch, type, isLegacy) { case 'client': return `linux-${arch}`; case 'server': - return isLegacy ? `legacy-server-linux-${arch}` : `server-linux-${arch}`; + return isLegacy ? `server-linux-legacy-${arch}` : `server-linux-${arch}`; case 'web': if (arch === 'standalone') { return 'web-standalone'; } - return isLegacy ? `legacy-server-linux-${arch}-web` : `server-linux-${arch}-web`; + return isLegacy ? `server-linux-legacy-${arch}-web` : `server-linux-${arch}-web`; default: throw new Error(`Unrecognized: ${product} ${os} ${arch} ${type}`); } diff --git a/build/azure-pipelines/common/publish.ts b/build/azure-pipelines/common/publish.ts index bd9b0cb1037..02b50d405cf 100644 --- a/build/azure-pipelines/common/publish.ts +++ b/build/azure-pipelines/common/publish.ts @@ -582,12 +582,12 @@ function getPlatform(product: string, os: string, arch: string, type: string, is case 'client': return `linux-${arch}`; case 'server': - return isLegacy ? `legacy-server-linux-${arch}` : `server-linux-${arch}`; + return isLegacy ? `server-linux-legacy-${arch}` : `server-linux-${arch}`; case 'web': if (arch === 'standalone') { return 'web-standalone'; } - return isLegacy ? `legacy-server-linux-${arch}-web` : `server-linux-${arch}-web`; + return isLegacy ? `server-linux-legacy-${arch}-web` : `server-linux-${arch}-web`; default: throw new Error(`Unrecognized: ${product} ${os} ${arch} ${type}`); } diff --git a/build/azure-pipelines/linux/product-build-linux.yml b/build/azure-pipelines/linux/product-build-linux.yml index a85cf60cf5e..13edfccdb55 100644 --- a/build/azure-pipelines/linux/product-build-linux.yml +++ b/build/azure-pipelines/linux/product-build-linux.yml @@ -223,7 +223,6 @@ steps: - script: | set -e - export VSCODE_NODE_GLIBC='-glibc-2.17' yarn gulp vscode-reh-linux-$(VSCODE_ARCH)-min-ci mv ../vscode-reh-linux-$(VSCODE_ARCH) ../vscode-server-linux-$(VSCODE_ARCH) # TODO@joaomoreno ARCHIVE_PATH=".build/linux/server/vscode-server-linux-$(VSCODE_ARCH).tar.gz" @@ -236,7 +235,6 @@ steps: - script: | set -e - export VSCODE_NODE_GLIBC='-glibc-2.17' yarn gulp vscode-reh-web-linux-$(VSCODE_ARCH)-min-ci mv ../vscode-reh-web-linux-$(VSCODE_ARCH) ../vscode-server-linux-$(VSCODE_ARCH)-web # TODO@joaomoreno ARCHIVE_PATH=".build/linux/web/vscode-server-linux-$(VSCODE_ARCH)-web.tar.gz" diff --git a/build/gulpfile.reh.js b/build/gulpfile.reh.js index 32daed28146..5a7d4cfb4e8 100644 --- a/build/gulpfile.reh.js +++ b/build/gulpfile.reh.js @@ -373,7 +373,13 @@ function packageTask(type, platform, arch, sourceFolderName, destinationFolderNa ); } - if (platform === 'linux' || platform === 'alpine') { + if (platform === 'linux' && process.env['VSCODE_NODE_GLIBC'] === '-glibc-2.17') { + result = es.merge(result, + gulp.src(`resources/server/bin/helpers/check-requirements-linux-legacy.sh`, { base: '.' }) + .pipe(rename(`bin/helpers/check-requirements.sh`)) + .pipe(util.setExecutableBit()) + ); + } else if (platform === 'linux' || platform === 'alpine') { result = es.merge(result, gulp.src(`resources/server/bin/helpers/check-requirements-linux.sh`, { base: '.' }) .pipe(replace('@@SERVER_APPLICATION_NAME@@', product.serverApplicationName)) diff --git a/resources/server/bin/code-server-linux.sh b/resources/server/bin/code-server-linux.sh index e3d96bdadf2..3df32dfd43c 100644 --- a/resources/server/bin/code-server-linux.sh +++ b/resources/server/bin/code-server-linux.sh @@ -9,24 +9,4 @@ esac ROOT="$(dirname "$(dirname "$(readlink -f "$0")")")" -# Do not remove this check. -# Provides a way to skip the server requirements check from -# outside the install flow. A system process can create this -# file before the server is downloaded and installed. -skip_check=0 -if [ -f "/tmp/vscode-skip-server-requirements-check" ]; then - echo "!!! WARNING: Skipping server pre-requisite check !!!" - echo "!!! Server stability is not guaranteed. Proceed at your own risk. !!!" - skip_check=1 -fi - -# Check platform requirements -if [ "$(echo "$@" | grep -c -- "--skip-requirements-check")" -eq 0 ] && [ $skip_check -eq 0 ]; then - $ROOT/bin/helpers/check-requirements.sh - exit_code=$? - if [ $exit_code -ne 0 ]; then - exit $exit_code - fi -fi - "$ROOT/node" ${INSPECT:-} "$ROOT/out/server-main.js" "$@" diff --git a/resources/server/bin/helpers/check-requirements-linux-legacy.sh b/resources/server/bin/helpers/check-requirements-linux-legacy.sh new file mode 100755 index 00000000000..0db77676965 --- /dev/null +++ b/resources/server/bin/helpers/check-requirements-linux-legacy.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env sh +# +# Copyright (c) Microsoft Corporation. All rights reserved. +# + +set -e + +echo "!!! WARNING: Using legacy server, please check https://aka.ms/vscode-remote/faq/old-linux for additional information !!!" +exit 0 From e3cf2530e65eb0f6523c8d8c0e59093c07831c57 Mon Sep 17 00:00:00 2001 From: Don Jayamanne Date: Fri, 22 Mar 2024 00:14:33 +1100 Subject: [PATCH 5/6] Include execution count in jupyter notebook diff (#208292) * Include execution count in notebook diff * Fix tests * Misc changes * Fix tests * Fix more tests --- extensions/ipynb/src/common.ts | 4 + extensions/ipynb/src/deserializers.ts | 9 +++ .../ipynb/src/notebookModelStoreSync.ts | 74 ++++++++++++------- extensions/ipynb/src/serializers.ts | 54 ++++++++++---- .../src/test/notebookModelStoreSync.test.ts | 12 ++- extensions/ipynb/src/test/serializers.test.ts | 4 +- 6 files changed, 111 insertions(+), 46 deletions(-) diff --git a/extensions/ipynb/src/common.ts b/extensions/ipynb/src/common.ts index f92e55edffc..a25973e95a6 100644 --- a/extensions/ipynb/src/common.ts +++ b/extensions/ipynb/src/common.ts @@ -60,6 +60,10 @@ export interface CellMetadata { * Stores cell metadata. */ metadata?: Partial & { vscode?: { languageId?: string } }; + /** + * The code cell's prompt number. Will be null if the cell has not been run. + */ + execution_count?: number; } export function useCustomPropertyInMetadata() { diff --git a/extensions/ipynb/src/deserializers.ts b/extensions/ipynb/src/deserializers.ts index 326634136cb..920689c748c 100644 --- a/extensions/ipynb/src/deserializers.ts +++ b/extensions/ipynb/src/deserializers.ts @@ -159,6 +159,11 @@ function getNotebookCellMetadata(cell: nbformat.IBaseCell): { // We put this only for VSC to display in diff view. // Else we don't use this. const custom: CellMetadata = {}; + + if (cell.cell_type === 'code' && typeof cell['execution_count'] === 'number') { + custom.execution_count = cell['execution_count']; + } + if (cell['metadata']) { custom['metadata'] = JSON.parse(JSON.stringify(cell['metadata'])); } @@ -177,6 +182,10 @@ function getNotebookCellMetadata(cell: nbformat.IBaseCell): { // We put this only for VSC to display in diff view. // Else we don't use this. const cellMetadata: CellMetadata = {}; + if (cell.cell_type === 'code' && typeof cell['execution_count'] === 'number') { + cellMetadata.execution_count = cell['execution_count']; + } + if (cell['metadata']) { cellMetadata['metadata'] = JSON.parse(JSON.stringify(cell['metadata'])); } diff --git a/extensions/ipynb/src/notebookModelStoreSync.ts b/extensions/ipynb/src/notebookModelStoreSync.ts index 24693476bdc..737034266f0 100644 --- a/extensions/ipynb/src/notebookModelStoreSync.ts +++ b/extensions/ipynb/src/notebookModelStoreSync.ts @@ -4,7 +4,7 @@ *--------------------------------------------------------------------------------------------*/ import { ExtensionContext, NotebookCellKind, NotebookDocument, NotebookDocumentChangeEvent, NotebookEdit, workspace, WorkspaceEdit, type NotebookCell, type NotebookDocumentWillSaveEvent } from 'vscode'; -import { getCellMetadata, getVSCodeCellLanguageId, removeVSCodeCellLanguageId, setVSCodeCellLanguageId } from './serializers'; +import { getCellMetadata, getVSCodeCellLanguageId, removeVSCodeCellLanguageId, setVSCodeCellLanguageId, sortObjectPropertiesRecursively } from './serializers'; import { CellMetadata, useCustomPropertyInMetadata } from './common'; import { getNotebookMetadata } from './notebookSerializer'; import type * as nbformat from '@jupyterlab/nbformat'; @@ -53,15 +53,25 @@ function cleanup(notebook: NotebookDocument, promise: PromiseLike) { } } } -function trackAndUpdateCellMetadata(notebook: NotebookDocument, cell: NotebookCell, metadata: CellMetadata & { vscode?: { languageId: string } }) { +function trackAndUpdateCellMetadata(notebook: NotebookDocument, updates: { cell: NotebookCell; metadata: CellMetadata & { vscode?: { languageId: string } } }[]) { const pendingUpdates = pendingNotebookCellModelUpdates.get(notebook) ?? new Set>(); pendingNotebookCellModelUpdates.set(notebook, pendingUpdates); const edit = new WorkspaceEdit(); - if (useCustomPropertyInMetadata()) { - edit.set(cell.notebook.uri, [NotebookEdit.updateCellMetadata(cell.index, { ...(cell.metadata), custom: metadata })]); - } else { - edit.set(cell.notebook.uri, [NotebookEdit.updateCellMetadata(cell.index, { ...cell.metadata, ...metadata })]); - } + updates.forEach(({ cell, metadata }) => { + let newMetadata: any = {}; + if (useCustomPropertyInMetadata()) { + newMetadata = { ...(cell.metadata), custom: metadata }; + } else { + newMetadata = { ...cell.metadata, ...metadata }; + if (!metadata.execution_count && newMetadata.execution_count) { + delete newMetadata.execution_count; + } + if (!metadata.attachments && newMetadata.attachments) { + delete newMetadata.attachments; + } + } + edit.set(cell.notebook.uri, [NotebookEdit.updateCellMetadata(cell.index, sortObjectPropertiesRecursively(newMetadata))]); + }); const promise = workspace.applyEdit(edit).then(noop, noop); pendingUpdates.add(promise); const clean = () => cleanup(notebook, promise); @@ -78,7 +88,7 @@ function onDidChangeNotebookCells(e: NotebookDocumentChangeEvent) { // use the preferred language from document metadata or the first cell language as the notebook preferred cell language const preferredCellLanguage = notebookMetadata.metadata?.language_info?.name; - + const updates: { cell: NotebookCell; metadata: CellMetadata & { vscode?: { languageId: string } } }[] = []; // When we change the language of a cell, // Ensure the metadata in the notebook cell has been updated as well, // Else model will be out of sync with ipynb https://github.com/microsoft/vscode/issues/207968#issuecomment-2002858596 @@ -86,23 +96,33 @@ function onDidChangeNotebookCells(e: NotebookDocumentChangeEvent) { if (!preferredCellLanguage || e.cell.kind !== NotebookCellKind.Code) { return; } - const languageIdInMetadata = getVSCodeCellLanguageId(getCellMetadata(e.cell)); - if (e.cell.document.languageId !== preferredCellLanguage && e.cell.document.languageId !== languageIdInMetadata) { - const metadata: CellMetadata = JSON.parse(JSON.stringify(getCellMetadata(e.cell))); - metadata.metadata = metadata.metadata || {}; - setVSCodeCellLanguageId(metadata, e.cell.document.languageId); - trackAndUpdateCellMetadata(notebook, e.cell, metadata); + const currentMetadata = e.metadata ? getCellMetadata({ metadata: e.metadata }) : getCellMetadata({ cell: e.cell }); + const languageIdInMetadata = getVSCodeCellLanguageId(currentMetadata); + const metadata: CellMetadata = JSON.parse(JSON.stringify(currentMetadata)); + metadata.metadata = metadata.metadata || {}; + let metadataUpdated = false; + if (e.executionSummary?.executionOrder && typeof e.executionSummary.success === 'boolean' && currentMetadata.execution_count !== e.executionSummary?.executionOrder) { + metadata.execution_count = e.executionSummary.executionOrder; + metadataUpdated = true; + } else if (!e.executionSummary && !e.metadata && e.outputs?.length === 0 && currentMetadata.execution_count) { + // Clear all. + delete metadata.execution_count; + metadataUpdated = true; + } - } else if (e.cell.document.languageId === preferredCellLanguage && languageIdInMetadata) { - const metadata: CellMetadata = JSON.parse(JSON.stringify(getCellMetadata(e.cell))); - metadata.metadata = metadata.metadata || {}; + if (e.document?.languageId && e.document?.languageId !== preferredCellLanguage && e.document?.languageId !== languageIdInMetadata) { + setVSCodeCellLanguageId(metadata, e.document.languageId); + metadataUpdated = true; + } else if (e.document?.languageId && e.document.languageId === preferredCellLanguage && languageIdInMetadata) { removeVSCodeCellLanguageId(metadata); - trackAndUpdateCellMetadata(notebook, e.cell, metadata); - } else if (e.cell.document.languageId === preferredCellLanguage && e.cell.document.languageId === languageIdInMetadata) { - const metadata: CellMetadata = JSON.parse(JSON.stringify(getCellMetadata(e.cell))); - metadata.metadata = metadata.metadata || {}; + metadataUpdated = true; + } else if (e.document?.languageId && e.document.languageId === preferredCellLanguage && e.document.languageId === languageIdInMetadata) { removeVSCodeCellLanguageId(metadata); - trackAndUpdateCellMetadata(notebook, e.cell, metadata); + metadataUpdated = true; + } + + if (metadataUpdated) { + updates.push({ cell: e.cell, metadata }); } }); @@ -112,7 +132,7 @@ function onDidChangeNotebookCells(e: NotebookDocumentChangeEvent) { change.addedCells.forEach(cell => { // When ever a cell is added, always update the metadata // as metadata is always an empty `{}` in ipynb JSON file - const cellMetadata = getCellMetadata(cell); + const cellMetadata = getCellMetadata({ cell }); // Avoid updating the metadata if it's not required. if (cellMetadata.metadata) { @@ -131,9 +151,13 @@ function onDidChangeNotebookCells(e: NotebookDocumentChangeEvent) { if (isCellIdRequired(notebookMetadata) && !cellMetadata?.id) { metadata.id = generateCellId(e.notebook); } - trackAndUpdateCellMetadata(notebook, cell, metadata); + updates.push({ cell, metadata }); }); }); + + if (updates.length) { + trackAndUpdateCellMetadata(notebook, updates); + } } @@ -158,7 +182,7 @@ function generateCellId(notebook: NotebookDocument) { let duplicate = false; for (let index = 0; index < notebook.cellCount; index++) { const cell = notebook.cellAt(index); - const existingId = getCellMetadata(cell)?.id; + const existingId = getCellMetadata({ cell })?.id; if (!existingId) { continue; } diff --git a/extensions/ipynb/src/serializers.ts b/extensions/ipynb/src/serializers.ts index 5cba71da62c..3eb6e90eabd 100644 --- a/extensions/ipynb/src/serializers.ts +++ b/extensions/ipynb/src/serializers.ts @@ -54,26 +54,48 @@ export function sortObjectPropertiesRecursively(obj: any): any { return obj; } -export function getCellMetadata(cell: NotebookCell | NotebookCellData): CellMetadata { - if (useCustomPropertyInMetadata()) { +export function getCellMetadata(options: { cell: NotebookCell | NotebookCellData } | { metadata?: { [key: string]: any } }): CellMetadata { + if ('cell' in options) { + const cell = options.cell; + if (useCustomPropertyInMetadata()) { + const metadata: CellMetadata = { + // it contains the cell id, and the cell metadata, along with other nb cell metadata + ...(cell.metadata?.custom ?? {}) + }; + // promote the cell attachments to the top level + const attachments = cell.metadata?.custom?.attachments ?? cell.metadata?.attachments; + if (attachments) { + metadata.attachments = attachments; + } + return metadata; + } const metadata = { // it contains the cell id, and the cell metadata, along with other nb cell metadata - ...(cell.metadata?.custom ?? {}) + ...(cell.metadata ?? {}) }; - // promote the cell attachments to the top level - const attachments = cell.metadata?.custom?.attachments ?? cell.metadata?.attachments; - if (attachments) { - metadata.attachments = attachments; + return metadata; + } else { + const cell = options; + if (useCustomPropertyInMetadata()) { + const metadata: CellMetadata = { + // it contains the cell id, and the cell metadata, along with other nb cell metadata + ...(cell.metadata?.custom ?? {}) + }; + // promote the cell attachments to the top level + const attachments = cell.metadata?.custom?.attachments ?? cell.metadata?.attachments; + if (attachments) { + metadata.attachments = attachments; + } + return metadata; } + const metadata = { + // it contains the cell id, and the cell metadata, along with other nb cell metadata + ...(cell.metadata ?? {}) + }; + return metadata; } - const metadata = { - // it contains the cell id, and the cell metadata, along with other nb cell metadata - ...(cell.metadata ?? {}) - }; - - return metadata; } export function getVSCodeCellLanguageId(metadata: CellMetadata): string | undefined { @@ -90,7 +112,7 @@ export function removeVSCodeCellLanguageId(metadata: CellMetadata) { } function createCodeCellFromNotebookCell(cell: NotebookCellData, preferredLanguage: string | undefined): nbformat.ICodeCell { - const cellMetadata: CellMetadata = JSON.parse(JSON.stringify(getCellMetadata(cell))); + const cellMetadata: CellMetadata = JSON.parse(JSON.stringify(getCellMetadata({ cell }))); cellMetadata.metadata = cellMetadata.metadata || {}; // This cannot be empty. if (cell.languageId !== preferredLanguage) { setVSCodeCellLanguageId(cellMetadata, cell.languageId); @@ -113,7 +135,7 @@ function createCodeCellFromNotebookCell(cell: NotebookCellData, preferredLanguag } function createRawCellFromNotebookCell(cell: NotebookCellData): nbformat.IRawCell { - const cellMetadata = getCellMetadata(cell); + const cellMetadata = getCellMetadata({ cell }); const rawCell: any = { cell_type: 'raw', source: splitMultilineString(cell.value.replace(/\r\n/g, '\n')), @@ -364,7 +386,7 @@ function convertOutputMimeToJupyterOutput(mime: string, value: Uint8Array) { } export function createMarkdownCellFromNotebookCell(cell: NotebookCellData): nbformat.IMarkdownCell { - const cellMetadata = getCellMetadata(cell); + const cellMetadata = getCellMetadata({ cell }); const markdownCell: any = { cell_type: 'markdown', source: splitMultilineString(cell.value.replace(/\r\n/g, '\n')), diff --git a/extensions/ipynb/src/test/notebookModelStoreSync.test.ts b/extensions/ipynb/src/test/notebookModelStoreSync.test.ts index 834ac44d32b..1afca8c1239 100644 --- a/extensions/ipynb/src/test/notebookModelStoreSync.test.ts +++ b/extensions/ipynb/src/test/notebookModelStoreSync.test.ts @@ -330,7 +330,9 @@ import { activate } from '../notebookModelStoreSync'; cellChanges: [ { cell, - document: undefined, + document: { + languageId: 'javascript' + } as any, metadata: undefined, outputs: undefined, executionSummary: undefined @@ -465,7 +467,9 @@ import { activate } from '../notebookModelStoreSync'; cellChanges: [ { cell, - document: undefined, + document: { + languageId: 'javascript' + } as any, metadata: undefined, outputs: undefined, executionSummary: undefined @@ -540,7 +544,9 @@ import { activate } from '../notebookModelStoreSync'; cellChanges: [ { cell, - document: undefined, + document: { + languageId: 'powershell' + } as any, metadata: undefined, outputs: undefined, executionSummary: undefined diff --git a/extensions/ipynb/src/test/serializers.test.ts b/extensions/ipynb/src/test/serializers.test.ts index 098708fca3f..cc7f53fe442 100644 --- a/extensions/ipynb/src/test/serializers.test.ts +++ b/extensions/ipynb/src/test/serializers.test.ts @@ -64,7 +64,7 @@ function deepStripProperties(obj: any, props: string[]) { const expectedCodeCell = new vscode.NotebookCellData(vscode.NotebookCellKind.Code, 'print(1)', 'python'); expectedCodeCell.outputs = []; - expectedCodeCell.metadata = useCustomPropertyInMetadata ? { custom: { metadata: {} } } : { metadata: {} }; + expectedCodeCell.metadata = useCustomPropertyInMetadata ? { custom: { execution_count: 10, metadata: {} } } : { execution_count: 10, metadata: {} }; expectedCodeCell.executionSummary = { executionOrder: 10 }; const expectedMarkdownCell = new vscode.NotebookCellData(vscode.NotebookCellKind.Markup, '# HEAD', 'markdown'); @@ -105,7 +105,7 @@ function deepStripProperties(obj: any, props: string[]) { } }; - const cellMetadata = getCellMetadata(markdownCell); + const cellMetadata = getCellMetadata({ cell: markdownCell }); assert.deepStrictEqual(cellMetadata, { id: '123', metadata: { From e5515ac702c6ace9a8f73c52d8cb67d482bf3775 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Moreno?= Date: Thu, 21 Mar 2024 14:16:32 +0100 Subject: [PATCH 6/6] Adopt 1ES PT (#207844) * extend 1es pipeline template * oops * fix template references * argh * hmm * hm * hm * use outputs for compilation artifact * this * use 1ES.PublishPipelineArtifact@1 instead of publish * more 1ES.PublishPipelineArtifact@1 adoption * provide windows pool for sdl sources * sdl * fix pools * fix macos * disable sbom for intermediate artifacts * use mariner linux * try inline tsa options * fix credscan * hm * sudo it * more suppressions * be explicit with SBOM build drop paths * fix indentation * fix file extensions * fix cli sbom build drop paths * fix more build * fix unzip cli * careful with _manifest in artifacts * do not close file * add logging * debug * use snapcraft container * remove size check * fix macos cli step * fix snap permissions * fix macos * better logs * fix snap * more cred scan suppressions * even more supressiong * alpine-arm64: try using x64 * Revert "alpine-arm64: try using x64" This reverts commit bf2003bf600c5f8ae26c9b3a9cd44a0fd6da3a8d. * test docker * I wonder * logs * hm * fix indentation * hm * hm * fix snap finds * remove auth * use hostArchitecture * snap: limit find * hm * sudo * Add validateToolOutput: None to the build pipeline * bring back sdl-scan * try all tools: true * use release * Update Azure Pipelines YAML file for Linux product build and test * hm * hm * same for win32 * hm * hm * Revert "hm" This reverts commit 1b9dcae85b54386dcd62c3d55ba8a37cad2ffdf5. * use branch * fix template file * fix template paths --- .../alpine/cli-build-alpine.yml | 37 +- .../alpine/product-build-alpine.yml | 54 +- .../azure-pipelines/cli/cli-apply-patches.yml | 2 +- build/azure-pipelines/cli/cli-compile.yml | 47 +- build/azure-pipelines/cli/cli-darwin-sign.yml | 15 +- build/azure-pipelines/cli/cli-publish.yml | 28 - build/azure-pipelines/cli/cli-win32-sign.yml | 9 +- build/azure-pipelines/cli/test.yml | 2 +- build/azure-pipelines/common/publish.js | 18 +- build/azure-pipelines/common/publish.ts | 21 +- .../config/CredScanSuppressions.json | 31 +- build/azure-pipelines/config/tsaoptions.json | 21 - .../darwin/cli-build-darwin.yml | 37 +- .../darwin/product-build-darwin-cli-sign.yml | 2 +- .../darwin/product-build-darwin-sign.yml | 11 +- .../darwin/product-build-darwin-test.yml | 9 +- .../darwin/product-build-darwin-universal.yml | 11 +- .../darwin/product-build-darwin.yml | 56 +- build/azure-pipelines/distro-build.yml | 2 +- .../azure-pipelines/linux/cli-build-linux.yml | 53 +- .../product-build-linux-legacy-server.yml | 43 +- .../linux/product-build-linux-test.yml | 12 +- .../linux/product-build-linux.yml | 79 +- .../linux/snap-build-linux.yml | 36 +- build/azure-pipelines/product-build-pr.yml | 26 +- build/azure-pipelines/product-build.yml | 1146 +++++++++-------- build/azure-pipelines/product-compile.yml | 7 +- build/azure-pipelines/product-onebranch.yml | 46 - build/azure-pipelines/product-publish.yml | 7 +- .../azure-pipelines/web/product-build-web.yml | 21 +- .../azure-pipelines/win32/cli-build-win32.yml | 37 +- .../win32/product-build-win32-cli-sign.yml | 2 +- .../win32/product-build-win32-test.yml | 12 +- .../win32/product-build-win32.yml | 74 +- 34 files changed, 1040 insertions(+), 974 deletions(-) delete mode 100644 build/azure-pipelines/cli/cli-publish.yml delete mode 100644 build/azure-pipelines/config/tsaoptions.json delete mode 100644 build/azure-pipelines/product-onebranch.yml diff --git a/build/azure-pipelines/alpine/cli-build-alpine.yml b/build/azure-pipelines/alpine/cli-build-alpine.yml index 5d4e79424d2..a6442dfe290 100644 --- a/build/azure-pipelines/alpine/cli-build-alpine.yml +++ b/build/azure-pipelines/alpine/cli-build-alpine.yml @@ -33,7 +33,7 @@ steps: workingDirectory: build displayName: Install pipeline build - - template: ../cli/cli-apply-patches.yml + - template: ../cli/cli-apply-patches.yml@self - task: Npm@1 displayName: Download openssl prebuilt @@ -58,7 +58,7 @@ steps: sudo ln -s "/usr/bin/g++" "/usr/bin/musl-g++" || echo "link exists" displayName: Install musl build dependencies - - template: ../cli/install-rust-posix.yml + - template: ../cli/install-rust-posix.yml@self parameters: targets: - ${{ if eq(parameters.VSCODE_BUILD_ALPINE_ARM64, true) }}: @@ -67,7 +67,7 @@ steps: - x86_64-unknown-linux-musl - ${{ if eq(parameters.VSCODE_BUILD_ALPINE_ARM64, true) }}: - - template: ../cli/cli-compile.yml + - template: ../cli/cli-compile.yml@self parameters: VSCODE_CLI_TARGET: aarch64-unknown-linux-musl VSCODE_CLI_ARTIFACT: vscode_cli_alpine_arm64_cli @@ -80,7 +80,7 @@ steps: OPENSSL_STATIC: "1" - ${{ if eq(parameters.VSCODE_BUILD_ALPINE, true) }}: - - template: ../cli/cli-compile.yml + - template: ../cli/cli-compile.yml@self parameters: VSCODE_CLI_TARGET: x86_64-unknown-linux-musl VSCODE_CLI_ARTIFACT: vscode_cli_alpine_x64_cli @@ -92,14 +92,23 @@ steps: OPENSSL_INCLUDE_DIR: $(Build.ArtifactStagingDirectory)/openssl/x64-linux-musl/include OPENSSL_STATIC: "1" - - ${{ if eq(parameters.VSCODE_BUILD_ALPINE_ARM64, true) }}: - - template: ../cli/cli-publish.yml - parameters: - VSCODE_CLI_ARTIFACT: vscode_cli_alpine_arm64_cli - VSCODE_CHECK_ONLY: ${{ parameters.VSCODE_CHECK_ONLY }} + - ${{ if not(parameters.VSCODE_CHECK_ONLY) }}: + - ${{ if eq(parameters.VSCODE_BUILD_ALPINE_ARM64, true) }}: + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Build.ArtifactStagingDirectory)/vscode_cli_alpine_arm64_cli.tar.gz + artifactName: vscode_cli_alpine_arm64_cli + sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/cli + sbomPackageName: "VS Code Alpine arm64 CLI" + sbomPackageVersion: $(Build.SourceVersion) + displayName: Publish vscode_cli_alpine_arm64_cli artifact - - ${{ if eq(parameters.VSCODE_BUILD_ALPINE, true) }}: - - template: ../cli/cli-publish.yml - parameters: - VSCODE_CLI_ARTIFACT: vscode_cli_alpine_x64_cli - VSCODE_CHECK_ONLY: ${{ parameters.VSCODE_CHECK_ONLY }} + - ${{ if eq(parameters.VSCODE_BUILD_ALPINE, true) }}: + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Build.ArtifactStagingDirectory)/vscode_cli_alpine_x64_cli.tar.gz + artifactName: vscode_cli_alpine_x64_cli + sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/cli + sbomPackageName: "VS Code Alpine x64 CLI" + sbomPackageVersion: $(Build.SourceVersion) + displayName: Publish vscode_cli_alpine_x64_cli artifact diff --git a/build/azure-pipelines/alpine/product-build-alpine.yml b/build/azure-pipelines/alpine/product-build-alpine.yml index b055a0ae3d0..2c55132a9f9 100644 --- a/build/azure-pipelines/alpine/product-build-alpine.yml +++ b/build/azure-pipelines/alpine/product-build-alpine.yml @@ -5,7 +5,7 @@ steps: versionFilePath: .nvmrc nodejsMirror: https://github.com/joaomoreno/node-mirror/releases/download - - template: ../distro/download-distro.yml + - template: ../distro/download-distro.yml@self - task: AzureKeyVault@1 displayName: "Azure Key Vault: Get Secrets" @@ -107,7 +107,7 @@ steps: - script: node build/azure-pipelines/distro/mixin-quality displayName: Mixin distro quality - - template: ../common/install-builtin-extensions.yml + - template: ../common/install-builtin-extensions.yml@self - script: | set -e @@ -115,8 +115,10 @@ steps: yarn gulp vscode-reh-$TARGET-min-ci (cd .. && mv vscode-reh-$TARGET vscode-server-$TARGET) # TODO@joaomoreno ARCHIVE_PATH=".build/linux/server/vscode-server-$TARGET.tar.gz" + DIR_PATH="$(realpath ../vscode-server-$TARGET)" mkdir -p $(dirname $ARCHIVE_PATH) tar --owner=0 --group=0 -czf $ARCHIVE_PATH -C .. vscode-server-$TARGET + echo "##vso[task.setvariable variable=SERVER_DIR_PATH]$DIR_PATH" echo "##vso[task.setvariable variable=SERVER_PATH]$ARCHIVE_PATH" env: GITHUB_TOKEN: "$(github-distro-mixin-password)" @@ -128,8 +130,10 @@ steps: yarn gulp vscode-reh-web-$TARGET-min-ci (cd .. && mv vscode-reh-web-$TARGET vscode-server-$TARGET-web) # TODO@joaomoreno ARCHIVE_PATH=".build/linux/web/vscode-server-$TARGET-web.tar.gz" + DIR_PATH="$(realpath ../vscode-server-$TARGET-web)" mkdir -p $(dirname $ARCHIVE_PATH) tar --owner=0 --group=0 -czf $ARCHIVE_PATH -C .. vscode-server-$TARGET-web + echo "##vso[task.setvariable variable=WEB_DIR_PATH]$DIR_PATH" echo "##vso[task.setvariable variable=WEB_PATH]$ARCHIVE_PATH" env: GITHUB_TOKEN: "$(github-distro-mixin-password)" @@ -139,36 +143,40 @@ steps: condition: and(succeededOrFailed(), notIn(variables['Agent.JobStatus'], 'Succeeded', 'SucceededWithIssues')) displayName: Generate artifact prefix - - script: mkdir $(agent.builddirectory)/vscode-alpine-$(VSCODE_ARCH) - displayName: Make folder for SBOM - - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate SBOM + - task: 1ES.PublishPipelineArtifact@1 inputs: - BuildDropPath: $(agent.builddirectory)/vscode-alpine-$(VSCODE_ARCH) - PackageName: Visual Studio Code Server - - - publish: $(agent.builddirectory)/vscode-alpine-$(VSCODE_ARCH)/_manifest - displayName: Publish SBOM - artifact: $(ARTIFACT_PREFIX)sbom_vscode_alpine_$(VSCODE_ARCH) - - - publish: $(SERVER_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_server_alpine_$(VSCODE_ARCH)_archive-unsigned + targetPath: $(SERVER_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_server_alpine_$(VSCODE_ARCH)_archive-unsigned + sbomBuildDropPath: $(SERVER_DIR_PATH) + sbomPackageName: "VS Code Alpine $(VSCODE_ARCH) Server" + sbomPackageVersion: $(Build.SourceVersion) displayName: Publish server archive condition: and(succeededOrFailed(), ne(variables['SERVER_PATH'], ''), ne(variables['VSCODE_ARCH'], 'x64')) - - publish: $(WEB_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_web_alpine_$(VSCODE_ARCH)_archive-unsigned + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(WEB_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_web_alpine_$(VSCODE_ARCH)_archive-unsigned + sbomBuildDropPath: $(WEB_DIR_PATH) + sbomPackageName: "VS Code Alpine $(VSCODE_ARCH) Web" + sbomPackageVersion: $(Build.SourceVersion) displayName: Publish web server archive condition: and(succeededOrFailed(), ne(variables['WEB_PATH'], ''), ne(variables['VSCODE_ARCH'], 'x64')) - # Legacy x64 artifact name - - publish: $(SERVER_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_server_linux_alpine_archive-unsigned + # same as above, keep legacy name + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(SERVER_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_server_linux_alpine_archive-unsigned + sbomEnabled: false displayName: Publish x64 server archive condition: and(succeededOrFailed(), ne(variables['SERVER_PATH'], ''), eq(variables['VSCODE_ARCH'], 'x64')) - - publish: $(WEB_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_web_linux_alpine_archive-unsigned + # same as above, keep legacy name + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(WEB_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_web_linux_alpine_archive-unsigned + sbomEnabled: false displayName: Publish x64 web server archive condition: and(succeededOrFailed(), ne(variables['WEB_PATH'], ''), eq(variables['VSCODE_ARCH'], 'x64')) diff --git a/build/azure-pipelines/cli/cli-apply-patches.yml b/build/azure-pipelines/cli/cli-apply-patches.yml index b96aa4ef7dd..2815124efb6 100644 --- a/build/azure-pipelines/cli/cli-apply-patches.yml +++ b/build/azure-pipelines/cli/cli-apply-patches.yml @@ -1,5 +1,5 @@ steps: - - template: ../distro/download-distro.yml + - template: ../distro/download-distro.yml@self - script: node build/azure-pipelines/distro/mixin-quality displayName: Mixin distro quality diff --git a/build/azure-pipelines/cli/cli-compile.yml b/build/azure-pipelines/cli/cli-compile.yml index 8d8b313253e..267682f7f6d 100644 --- a/build/azure-pipelines/cli/cli-compile.yml +++ b/build/azure-pipelines/cli/cli-compile.yml @@ -110,13 +110,14 @@ steps: Write-Host "##vso[task.setvariable variable=VSCODE_CLI_APPLICATION_NAME]$env:VSCODE_CLI_APPLICATION_NAME" - Move-Item -Path $(Build.SourcesDirectory)/cli/target/${{ parameters.VSCODE_CLI_TARGET }}/release/code.exe -Destination "$(Build.ArtifactStagingDirectory)/${env:VSCODE_CLI_APPLICATION_NAME}.exe" + New-Item -ItemType Directory -Force -Path "$(Build.ArtifactStagingDirectory)/cli" + Move-Item -Path $(Build.SourcesDirectory)/cli/target/${{ parameters.VSCODE_CLI_TARGET }}/release/code.exe -Destination "$(Build.ArtifactStagingDirectory)/cli/${env:VSCODE_CLI_APPLICATION_NAME}.exe" displayName: Stage CLI - task: ArchiveFiles@2 displayName: Archive CLI inputs: - rootFolderOrFile: $(Build.ArtifactStagingDirectory)/$(VSCODE_CLI_APPLICATION_NAME).exe + rootFolderOrFile: $(Build.ArtifactStagingDirectory)/cli/$(VSCODE_CLI_APPLICATION_NAME).exe includeRootFolder: false archiveType: zip archiveFile: $(Build.ArtifactStagingDirectory)/${{ parameters.VSCODE_CLI_ARTIFACT }}.zip @@ -127,43 +128,19 @@ steps: VSCODE_CLI_APPLICATION_NAME=$(node -p "require(\"$VSCODE_CLI_PRODUCT_JSON\").applicationName") echo "##vso[task.setvariable variable=VSCODE_CLI_APPLICATION_NAME]$VSCODE_CLI_APPLICATION_NAME" - mv $(Build.SourcesDirectory)/cli/target/${{ parameters.VSCODE_CLI_TARGET }}/release/code $(Build.ArtifactStagingDirectory)/$VSCODE_CLI_APPLICATION_NAME + mkdir -p $(Build.ArtifactStagingDirectory)/cli + mv $(Build.SourcesDirectory)/cli/target/${{ parameters.VSCODE_CLI_TARGET }}/release/code $(Build.ArtifactStagingDirectory)/cli/$VSCODE_CLI_APPLICATION_NAME displayName: Stage CLI - - ${{ if contains(parameters.VSCODE_CLI_TARGET, '-darwin') }}: - - task: ArchiveFiles@2 - displayName: Archive CLI - inputs: - rootFolderOrFile: $(Build.ArtifactStagingDirectory)/$(VSCODE_CLI_APPLICATION_NAME) - includeRootFolder: false + - task: ArchiveFiles@2 + displayName: Archive CLI + inputs: + rootFolderOrFile: $(Build.ArtifactStagingDirectory)/cli/$(VSCODE_CLI_APPLICATION_NAME) + includeRootFolder: false + ${{ if contains(parameters.VSCODE_CLI_TARGET, '-darwin') }}: archiveType: zip archiveFile: $(Build.ArtifactStagingDirectory)/${{ parameters.VSCODE_CLI_ARTIFACT }}.zip - - - ${{ else }}: - - task: ArchiveFiles@2 - displayName: Archive CLI - inputs: - rootFolderOrFile: $(Build.ArtifactStagingDirectory)/$(VSCODE_CLI_APPLICATION_NAME) - includeRootFolder: false + ${{ else }}: archiveType: tar tarCompression: gz archiveFile: $(Build.ArtifactStagingDirectory)/${{ parameters.VSCODE_CLI_ARTIFACT }}.tar.gz - - # Make a folder for the SBOM for the specific artifact - - ${{ if contains(parameters.VSCODE_CLI_TARGET, '-windows-') }}: - - powershell: mkdir $(Build.ArtifactStagingDirectory)/sbom_${{ parameters.VSCODE_CLI_ARTIFACT }} - displayName: Make folder for SBOM (Windows) - - - ${{ else }}: - - script: mkdir $(Build.ArtifactStagingDirectory)/sbom_${{ parameters.VSCODE_CLI_ARTIFACT }} - displayName: Make folder for SBOM (non-Windows) - - # The if cases above are for different OSes, - # but we're still in the branch where the cli is being published in general. - # Generate and publish an SBOM. - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate SBOM - inputs: - BuildComponentPath: $(Build.SourcesDirectory)/cli - BuildDropPath: $(Build.ArtifactStagingDirectory)/sbom_${{ parameters.VSCODE_CLI_ARTIFACT }} - PackageName: Visual Studio Code CLI diff --git a/build/azure-pipelines/cli/cli-darwin-sign.yml b/build/azure-pipelines/cli/cli-darwin-sign.yml index 925d8435dae..75a8235ff3a 100644 --- a/build/azure-pipelines/cli/cli-darwin-sign.yml +++ b/build/azure-pipelines/cli/cli-darwin-sign.yml @@ -26,6 +26,12 @@ steps: artifact: ${{ target }} path: $(Build.ArtifactStagingDirectory)/pkg/${{ target }} + - task: ExtractFiles@1 + displayName: Extract artifact + inputs: + archiveFilePatterns: $(Build.ArtifactStagingDirectory)/pkg/${{ target }}/*.zip + destinationFolder: $(Build.ArtifactStagingDirectory)/sign/${{ target }} + - script: node build/azure-pipelines/common/sign $(Agent.ToolsDirectory)/esrpclient/*/*/net6.0/esrpcli.dll sign-darwin $(ESRP-PKI) $(esrp-aad-username) $(esrp-aad-password) $(Build.ArtifactStagingDirectory)/pkg "*.zip" displayName: Codesign @@ -40,6 +46,11 @@ steps: echo "##vso[task.setvariable variable=ASSET_ID]$ASSET_ID" displayName: Set asset id variable - - publish: $(Build.ArtifactStagingDirectory)/pkg/${{ target }}/$(ASSET_ID).zip + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Build.ArtifactStagingDirectory)/pkg/${{ target }}/$(ASSET_ID).zip + artifactName: $(ASSET_ID) + sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/sign/${{ target }} + sbomPackageName: "VS Code macOS ${{ target }} CLI" + sbomPackageVersion: $(Build.SourceVersion) displayName: Publish signed artifact with ID $(ASSET_ID) - artifact: $(ASSET_ID) diff --git a/build/azure-pipelines/cli/cli-publish.yml b/build/azure-pipelines/cli/cli-publish.yml deleted file mode 100644 index fa3eacd0f96..00000000000 --- a/build/azure-pipelines/cli/cli-publish.yml +++ /dev/null @@ -1,28 +0,0 @@ -parameters: - - name: VSCODE_CLI_ARTIFACT - type: string - - name: VSCODE_CHECK_ONLY - type: boolean - default: false - -steps: - - ${{ if not(parameters.VSCODE_CHECK_ONLY) }}: - - ${{ if contains(parameters.VSCODE_CLI_ARTIFACT, 'win32') }}: - - publish: $(Build.ArtifactStagingDirectory)/${{ parameters.VSCODE_CLI_ARTIFACT }}.zip - artifact: ${{ parameters.VSCODE_CLI_ARTIFACT }} - displayName: Publish ${{ parameters.VSCODE_CLI_ARTIFACT }} artifact - - - ${{ else }}: - - ${{ if contains(parameters.VSCODE_CLI_ARTIFACT, 'darwin') }}: - - publish: $(Build.ArtifactStagingDirectory)/${{ parameters.VSCODE_CLI_ARTIFACT }}.zip - artifact: ${{ parameters.VSCODE_CLI_ARTIFACT }} - displayName: Publish ${{ parameters.VSCODE_CLI_ARTIFACT }} artifact - - - ${{ else }}: - - publish: $(Build.ArtifactStagingDirectory)/${{ parameters.VSCODE_CLI_ARTIFACT }}.tar.gz - artifact: ${{ parameters.VSCODE_CLI_ARTIFACT }} - displayName: Publish ${{ parameters.VSCODE_CLI_ARTIFACT }} artifact - - - publish: $(Build.ArtifactStagingDirectory)/sbom_${{ parameters.VSCODE_CLI_ARTIFACT }}/_manifest - displayName: Publish SBOM - artifact: sbom_${{ parameters.VSCODE_CLI_ARTIFACT }} diff --git a/build/azure-pipelines/cli/cli-win32-sign.yml b/build/azure-pipelines/cli/cli-win32-sign.yml index 10d305b92b3..f8d11e806f2 100644 --- a/build/azure-pipelines/cli/cli-win32-sign.yml +++ b/build/azure-pipelines/cli/cli-win32-sign.yml @@ -59,6 +59,11 @@ steps: archiveType: zip archiveFile: $(Build.ArtifactStagingDirectory)/$(ASSET_ID).zip - - publish: $(Build.ArtifactStagingDirectory)/$(ASSET_ID).zip + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Build.ArtifactStagingDirectory)/$(ASSET_ID).zip + artifactName: $(ASSET_ID) + sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/sign/${{ target }} + sbomPackageName: "VS Code Windows ${{ target }} CLI" + sbomPackageVersion: $(Build.SourceVersion) displayName: Publish signed artifact with ID $(ASSET_ID) - artifact: $(ASSET_ID) diff --git a/build/azure-pipelines/cli/test.yml b/build/azure-pipelines/cli/test.yml index 29dcf502f6a..8b525845548 100644 --- a/build/azure-pipelines/cli/test.yml +++ b/build/azure-pipelines/cli/test.yml @@ -1,5 +1,5 @@ steps: - - template: ./install-rust-posix.yml + - template: ./install-rust-posix.yml@self - script: cargo clippy -- -D warnings workingDirectory: cli diff --git a/build/azure-pipelines/common/publish.js b/build/azure-pipelines/common/publish.js index 28f60dc71c2..c682a6a285b 100644 --- a/build/azure-pipelines/common/publish.js +++ b/build/azure-pipelines/common/publish.js @@ -340,10 +340,11 @@ async function downloadArtifact(artifact, downloadPath) { } async function unzip(packagePath, outputPath) { return new Promise((resolve, reject) => { - yauzl.open(packagePath, { lazyEntries: true }, (err, zipfile) => { + yauzl.open(packagePath, { lazyEntries: true, autoClose: true }, (err, zipfile) => { if (err) { return reject(err); } + const result = []; zipfile.on('entry', entry => { if (/\/$/.test(entry.fileName)) { zipfile.readEntry(); @@ -357,14 +358,15 @@ async function unzip(packagePath, outputPath) { fs.mkdirSync(path.dirname(filePath), { recursive: true }); const ostream = fs.createWriteStream(filePath); ostream.on('finish', () => { - zipfile.close(); - resolve(filePath); + result.push(filePath); + zipfile.readEntry(); }); istream?.on('error', err => reject(err)); istream.pipe(ostream); }); } }); + zipfile.on('close', () => resolve(result)); zipfile.readEntry(); }); }); @@ -495,7 +497,7 @@ async function processArtifact(artifact, artifactFilePath) { const [hash, sha256hash] = await Promise.all([hashStream('sha1', stream), hashStream('sha256', stream)]); // CodeQL [SM04514] Using SHA1 only for legacy reasons, we are actually only respecting SHA256 const url = await releaseAndProvision(log, e('RELEASE_TENANT_ID'), e('RELEASE_CLIENT_ID'), e('RELEASE_AUTH_CERT_SUBJECT_NAME'), e('RELEASE_REQUEST_SIGNING_CERT_SUBJECT_NAME'), e('PROVISION_TENANT_ID'), e('PROVISION_AAD_USERNAME'), e('PROVISION_AAD_PASSWORD'), commit, quality, artifactFilePath); const asset = { platform, type, url, hash, sha256hash, size, supportsFastUpdate: true }; - log('Creating asset...', JSON.stringify(asset)); + log('Creating asset...', JSON.stringify(asset, undefined, 2)); await (0, retry_1.retry)(async (attempt) => { log(`Creating asset in Cosmos DB (attempt ${attempt})...`); const aadCredentials = new identity_1.ClientSecretCredential(e('AZURE_TENANT_ID'), e('AZURE_CLIENT_ID'), e('AZURE_CLIENT_SECRET')); @@ -572,12 +574,8 @@ async function main() { const downloadSpeedKBS = Math.round((archiveSize / 1024) / downloadDurationS); console.log(`[${artifact.name}] Successfully downloaded after ${Math.floor(downloadDurationS)} seconds(${downloadSpeedKBS} KB/s).`); }); - const artifactFilePath = await unzip(artifactZipPath, e('AGENT_TEMPDIRECTORY')); - const artifactSize = fs.statSync(artifactFilePath).size; - if (artifactSize !== Number(artifact.resource.properties.artifactsize)) { - console.log(`[${artifact.name}] Artifact size mismatch.Expected ${artifact.resource.properties.artifactsize}. Actual ${artifactSize} `); - throw new Error(`Artifact size mismatch.`); - } + const artifactFilePaths = await unzip(artifactZipPath, e('AGENT_TEMPDIRECTORY')); + const artifactFilePath = artifactFilePaths.filter(p => !/_manifest/.test(p))[0]; processing.add(artifact.name); const promise = new Promise((resolve, reject) => { const worker = new node_worker_threads_1.Worker(__filename, { workerData: { artifact, artifactFilePath } }); diff --git a/build/azure-pipelines/common/publish.ts b/build/azure-pipelines/common/publish.ts index 02b50d405cf..dbf0c823ee4 100644 --- a/build/azure-pipelines/common/publish.ts +++ b/build/azure-pipelines/common/publish.ts @@ -483,13 +483,14 @@ async function downloadArtifact(artifact: Artifact, downloadPath: string): Promi } } -async function unzip(packagePath: string, outputPath: string): Promise { +async function unzip(packagePath: string, outputPath: string): Promise { return new Promise((resolve, reject) => { - yauzl.open(packagePath, { lazyEntries: true }, (err, zipfile) => { + yauzl.open(packagePath, { lazyEntries: true, autoClose: true }, (err, zipfile) => { if (err) { return reject(err); } + const result: string[] = []; zipfile!.on('entry', entry => { if (/\/$/.test(entry.fileName)) { zipfile!.readEntry(); @@ -504,8 +505,8 @@ async function unzip(packagePath: string, outputPath: string): Promise { const ostream = fs.createWriteStream(filePath); ostream.on('finish', () => { - zipfile!.close(); - resolve(filePath); + result.push(filePath); + zipfile!.readEntry(); }); istream?.on('error', err => reject(err)); istream!.pipe(ostream); @@ -513,6 +514,7 @@ async function unzip(packagePath: string, outputPath: string): Promise { } }); + zipfile!.on('close', () => resolve(result)); zipfile!.readEntry(); }); }); @@ -674,7 +676,7 @@ async function processArtifact(artifact: Artifact, artifactFilePath: string): Pr ); const asset: Asset = { platform, type, url, hash, sha256hash, size, supportsFastUpdate: true }; - log('Creating asset...', JSON.stringify(asset)); + log('Creating asset...', JSON.stringify(asset, undefined, 2)); await retry(async (attempt) => { log(`Creating asset in Cosmos DB (attempt ${attempt})...`); @@ -752,13 +754,8 @@ async function main() { console.log(`[${artifact.name}] Successfully downloaded after ${Math.floor(downloadDurationS)} seconds(${downloadSpeedKBS} KB/s).`); }); - const artifactFilePath = await unzip(artifactZipPath, e('AGENT_TEMPDIRECTORY')); - const artifactSize = fs.statSync(artifactFilePath).size; - - if (artifactSize !== Number(artifact.resource.properties.artifactsize)) { - console.log(`[${artifact.name}] Artifact size mismatch.Expected ${artifact.resource.properties.artifactsize}. Actual ${artifactSize} `); - throw new Error(`Artifact size mismatch.`); - } + const artifactFilePaths = await unzip(artifactZipPath, e('AGENT_TEMPDIRECTORY')); + const artifactFilePath = artifactFilePaths.filter(p => !/_manifest/.test(p))[0]; processing.add(artifact.name); const promise = new Promise((resolve, reject) => { diff --git a/build/azure-pipelines/config/CredScanSuppressions.json b/build/azure-pipelines/config/CredScanSuppressions.json index 312a5560cbd..96061477983 100644 --- a/build/azure-pipelines/config/CredScanSuppressions.json +++ b/build/azure-pipelines/config/CredScanSuppressions.json @@ -3,9 +3,36 @@ "suppressions": [ { "file": [ - "src/vs/base/test/common/uri.test.ts" + "src/vs/base/test/common/uri.test.ts", + "src/vs/workbench/api/test/browser/extHostTelemetry.test.ts" ], - "_justification": "These are not passwords, they are URIs." + "_justification": "These are dummy credentials in tests." + }, + { + "file": [ + ".build/web/extensions/github-authentication/dist/browser/extension.js", + ".build/web/extensions/emmet/dist/browser/emmetBrowserMain.js.map", + ".build/web/extensions/emmet/dist/browser/emmetBrowserMain.js", + ".build/linux/rpm/x86_64/rpmbuild/BUILD/usr/share/code-insiders/resources/app/extensions/github-authentication/dist/extension.js", + ".build/linux/rpm/x86_64/rpmbuild/BUILD/usr/share/code-insiders/resources/app/extensions/emmet/dist/node/emmetNodeMain.js", + ".build/linux/rpm/armv7hl/rpmbuild/BUILD/usr/share/code-insiders/resources/app/extensions/github-authentication/dist/extension.js", + ".build/linux/rpm/armv7hl/rpmbuild/BUILD/usr/share/code-insiders/resources/app/extensions/emmet/dist/node/emmetNodeMain.js", + ".build/linux/rpm/aarch64/rpmbuild/BUILD/usr/share/code-insiders/resources/app/extensions/github-authentication/dist/extension.js", + ".build/linux/rpm/aarch64/rpmbuild/BUILD/usr/share/code-insiders/resources/app/extensions/emmet/dist/node/emmetNodeMain.js", + ".build/linux/snap/x64/code-insiders-x64/usr/share/code-insiders/resources/app/extensions/github-authentication/dist/extension.js", + ".build/linux/snap/x64/code-insiders-x64/usr/share/code-insiders/resources/app/extensions/emmet/dist/node/emmetNodeMain.js", + ".build/linux/snap/x64/code-insiders-x64/stage/usr/share/code-insiders/resources/app/extensions/github-authentication/dist/extension.js", + ".build/linux/snap/x64/code-insiders-x64/stage/usr/share/code-insiders/resources/app/extensions/emmet/dist/node/emmetNodeMain.js", + ".build/linux/snap/x64/code-insiders-x64/prime/usr/share/code-insiders/resources/app/extensions/github-authentication/dist/extension.js", + ".build/linux/snap/x64/code-insiders-x64/prime/usr/share/code-insiders/resources/app/extensions/emmet/dist/node/emmetNodeMain.js", + ".build/linux/snap/x64/code-insiders-x64/parts/code/build/usr/share/code-insiders/resources/app/extensions/github-authentication/dist/extension.js", + ".build/linux/snap/x64/code-insiders-x64/parts/code/install/usr/share/code-insiders/resources/app/extensions/github-authentication/dist/extension.js", + ".build/linux/snap/x64/code-insiders-x64/parts/code/src/usr/share/code-insiders/resources/app/extensions/github-authentication/dist/extension.js", + ".build/linux/snap/x64/code-insiders-x64/parts/code/build/usr/share/code-insiders/resources/app/extensions/emmet/dist/node/emmetNodeMain.js", + ".build/linux/snap/x64/code-insiders-x64/parts/code/install/usr/share/code-insiders/resources/app/extensions/emmet/dist/node/emmetNodeMain.js", + ".build/linux/snap/x64/code-insiders-x64/parts/code/src/usr/share/code-insiders/resources/app/extensions/emmet/dist/node/emmetNodeMain.js" + ], + "_justification": "These are safe to ignore, since they are built artifacts." } ] } diff --git a/build/azure-pipelines/config/tsaoptions.json b/build/azure-pipelines/config/tsaoptions.json deleted file mode 100644 index fa8e182d8f3..00000000000 --- a/build/azure-pipelines/config/tsaoptions.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "codebaseName": "devdiv_vscode-client", - "ppe": false, - "notificationAliases": [ - "sbatten@microsoft.com" - ], - "codebaseAdmins": [ - "REDMOND\\stbatt", - "REDMOND\\monacotools" - ], - "instanceUrl": "https://devdiv.visualstudio.com/defaultcollection", - "projectName": "DevDiv", - "areaPath": "DevDiv\\VS Code (compliance tracking only)\\Visual Studio Code Client", - "notifyAlways": true, - "template": "TFSDEVDIV", - "tools": [ - "BinSkim", - "CredScan", - "CodeQL" - ] -} diff --git a/build/azure-pipelines/darwin/cli-build-darwin.yml b/build/azure-pipelines/darwin/cli-build-darwin.yml index ac5adaec175..1d8dffc464d 100644 --- a/build/azure-pipelines/darwin/cli-build-darwin.yml +++ b/build/azure-pipelines/darwin/cli-build-darwin.yml @@ -19,7 +19,7 @@ steps: nodejsMirror: https://github.com/joaomoreno/node-mirror/releases/download - ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: - - template: ../cli/cli-apply-patches.yml + - template: ../cli/cli-apply-patches.yml@self - task: Npm@1 displayName: Download openssl prebuilt @@ -36,7 +36,7 @@ steps: tar -xvzf $(Build.ArtifactStagingDirectory)/vscode-internal-openssl-prebuilt-0.0.11.tgz --strip-components=1 --directory=$(Build.ArtifactStagingDirectory)/openssl displayName: Extract openssl prebuilt - - template: ../cli/install-rust-posix.yml + - template: ../cli/install-rust-posix.yml@self parameters: targets: - ${{ if eq(parameters.VSCODE_BUILD_MACOS, true) }}: @@ -45,7 +45,7 @@ steps: - aarch64-apple-darwin - ${{ if eq(parameters.VSCODE_BUILD_MACOS, true) }}: - - template: ../cli/cli-compile.yml + - template: ../cli/cli-compile.yml@self parameters: VSCODE_QUALITY: ${{ parameters.VSCODE_QUALITY }} VSCODE_CLI_TARGET: x86_64-apple-darwin @@ -56,7 +56,7 @@ steps: OPENSSL_INCLUDE_DIR: $(Build.ArtifactStagingDirectory)/openssl/x64-osx/include - ${{ if eq(parameters.VSCODE_BUILD_MACOS_ARM64, true) }}: - - template: ../cli/cli-compile.yml + - template: ../cli/cli-compile.yml@self parameters: VSCODE_QUALITY: ${{ parameters.VSCODE_QUALITY }} VSCODE_CLI_TARGET: aarch64-apple-darwin @@ -66,14 +66,23 @@ steps: OPENSSL_LIB_DIR: $(Build.ArtifactStagingDirectory)/openssl/arm64-osx/lib OPENSSL_INCLUDE_DIR: $(Build.ArtifactStagingDirectory)/openssl/arm64-osx/include - - ${{ if eq(parameters.VSCODE_BUILD_MACOS, true) }}: - - template: ../cli/cli-publish.yml - parameters: - VSCODE_CLI_ARTIFACT: unsigned_vscode_cli_darwin_x64_cli - VSCODE_CHECK_ONLY: ${{ parameters.VSCODE_CHECK_ONLY }} + - ${{ if not(parameters.VSCODE_CHECK_ONLY) }}: + - ${{ if eq(parameters.VSCODE_BUILD_MACOS, true) }}: + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Build.ArtifactStagingDirectory)/unsigned_vscode_cli_darwin_x64_cli.zip + artifactName: unsigned_vscode_cli_darwin_x64_cli + sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/cli + sbomPackageName: "VS Code macOS x64 CLI (unsigned)" + sbomPackageVersion: $(Build.SourceVersion) + displayName: Publish unsigned_vscode_cli_darwin_x64_cli artifact - - ${{ if eq(parameters.VSCODE_BUILD_MACOS_ARM64, true) }}: - - template: ../cli/cli-publish.yml - parameters: - VSCODE_CLI_ARTIFACT: unsigned_vscode_cli_darwin_arm64_cli - VSCODE_CHECK_ONLY: ${{ parameters.VSCODE_CHECK_ONLY }} + - ${{ if eq(parameters.VSCODE_BUILD_MACOS_ARM64, true) }}: + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Build.ArtifactStagingDirectory)/unsigned_vscode_cli_darwin_arm64_cli.zip + artifactName: unsigned_vscode_cli_darwin_arm64_cli + sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/cli + sbomPackageName: "VS Code macOS arm64 CLI (unsigned)" + sbomPackageVersion: $(Build.SourceVersion) + displayName: Publish unsigned_vscode_cli_darwin_arm64_cli artifact diff --git a/build/azure-pipelines/darwin/product-build-darwin-cli-sign.yml b/build/azure-pipelines/darwin/product-build-darwin-cli-sign.yml index 6f4132f45ff..80e90a52bac 100644 --- a/build/azure-pipelines/darwin/product-build-darwin-cli-sign.yml +++ b/build/azure-pipelines/darwin/product-build-darwin-cli-sign.yml @@ -46,7 +46,7 @@ steps: workingDirectory: build displayName: Install build dependencies - - template: ../cli/cli-darwin-sign.yml + - template: ../cli/cli-darwin-sign.yml@self parameters: VSCODE_CLI_ARTIFACTS: - ${{ if eq(parameters.VSCODE_BUILD_MACOS, true) }}: diff --git a/build/azure-pipelines/darwin/product-build-darwin-sign.yml b/build/azure-pipelines/darwin/product-build-darwin-sign.yml index 3f31ac7bd35..fb8cf8341c3 100644 --- a/build/azure-pipelines/darwin/product-build-darwin-sign.yml +++ b/build/azure-pipelines/darwin/product-build-darwin-sign.yml @@ -32,7 +32,6 @@ steps: - script: unzip $(Pipeline.Workspace)/unsigned_vscode_client_darwin_$(VSCODE_ARCH)_archive/VSCode-darwin-$(VSCODE_ARCH).zip -d $(Agent.BuildDirectory)/VSCode-darwin-$(VSCODE_ARCH) displayName: Extract signed app - condition: and(succeeded(), ne(variables['VSCODE_ARCH'], 'arm64')) - script: | set -e @@ -58,5 +57,11 @@ steps: displayName: Rename x64 build to its legacy name condition: and(succeeded(), eq(variables['VSCODE_ARCH'], 'x64')) - - publish: $(Pipeline.Workspace)/unsigned_vscode_client_darwin_$(VSCODE_ARCH)_archive/VSCode-$(ASSET_ID).zip - artifact: vscode_client_darwin_$(VSCODE_ARCH)_archive + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Pipeline.Workspace)/unsigned_vscode_client_darwin_$(VSCODE_ARCH)_archive/VSCode-$(ASSET_ID).zip + artifactName: vscode_client_darwin_$(VSCODE_ARCH)_archive + sbomBuildDropPath: $(Agent.BuildDirectory)/VSCode-darwin-$(VSCODE_ARCH) + sbomPackageName: "VS Code macOS $(VSCODE_ARCH)" + sbomPackageVersion: $(Build.SourceVersion) + displayName: Publish client archive diff --git a/build/azure-pipelines/darwin/product-build-darwin-test.yml b/build/azure-pipelines/darwin/product-build-darwin-test.yml index 1ca8c9ec1a9..ed6d0236516 100644 --- a/build/azure-pipelines/darwin/product-build-darwin-test.yml +++ b/build/azure-pipelines/darwin/product-build-darwin-test.yml @@ -155,7 +155,7 @@ steps: condition: succeededOrFailed() - ${{ if or(eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, true)) }}: - - task: PublishPipelineArtifact@0 + - task: 1ES.PublishPipelineArtifact@1 inputs: targetPath: .build/crashes ${{ if and(eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, false)) }}: @@ -164,13 +164,14 @@ steps: artifactName: crash-dump-macos-$(VSCODE_ARCH)-smoke-$(System.JobAttempt) ${{ else }}: artifactName: crash-dump-macos-$(VSCODE_ARCH)-$(System.JobAttempt) + sbomEnabled: false displayName: "Publish Crash Reports" continueOnError: true condition: failed() # In order to properly symbolify above crash reports # (if any), we need the compiled native modules too - - task: PublishPipelineArtifact@0 + - task: 1ES.PublishPipelineArtifact@1 inputs: targetPath: node_modules ${{ if and(eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, false)) }}: @@ -179,11 +180,12 @@ steps: artifactName: node-modules-macos-$(VSCODE_ARCH)-smoke-$(System.JobAttempt) ${{ else }}: artifactName: node-modules-macos-$(VSCODE_ARCH)-$(System.JobAttempt) + sbomEnabled: false displayName: "Publish Node Modules" continueOnError: true condition: failed() - - task: PublishPipelineArtifact@0 + - task: 1ES.PublishPipelineArtifact@1 inputs: targetPath: .build/logs ${{ if and(eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, false)) }}: @@ -192,6 +194,7 @@ steps: artifactName: logs-macos-$(VSCODE_ARCH)-smoke-$(System.JobAttempt) ${{ else }}: artifactName: logs-macos-$(VSCODE_ARCH)-$(System.JobAttempt) + sbomEnabled: false displayName: "Publish Log Files" continueOnError: true condition: succeededOrFailed() diff --git a/build/azure-pipelines/darwin/product-build-darwin-universal.yml b/build/azure-pipelines/darwin/product-build-darwin-universal.yml index 1c21bb778ce..f8b201f40d4 100644 --- a/build/azure-pipelines/darwin/product-build-darwin-universal.yml +++ b/build/azure-pipelines/darwin/product-build-darwin-universal.yml @@ -5,7 +5,7 @@ steps: versionFilePath: .nvmrc nodejsMirror: https://github.com/joaomoreno/node-mirror/releases/download - - template: ../distro/download-distro.yml + - template: ../distro/download-distro.yml@self - task: AzureKeyVault@1 displayName: "Azure Key Vault: Get Secrets" @@ -82,6 +82,11 @@ steps: - script: pushd $(agent.builddirectory)/VSCode-darwin-$(VSCODE_ARCH) && zip -r -X -y $(agent.builddirectory)/VSCode-darwin-$(VSCODE_ARCH).zip * && popd displayName: Archive build - - publish: $(Agent.BuildDirectory)/VSCode-darwin-$(VSCODE_ARCH).zip - artifact: unsigned_vscode_client_darwin_$(VSCODE_ARCH)_archive + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Agent.BuildDirectory)/VSCode-darwin-$(VSCODE_ARCH).zip + artifactName: unsigned_vscode_client_darwin_$(VSCODE_ARCH)_archive + sbomBuildDropPath: $(Agent.BuildDirectory)/VSCode-darwin-$(VSCODE_ARCH) + sbomPackageName: "VS Code macOS $(VSCODE_ARCH) (unsigned)" + sbomPackageVersion: $(Build.SourceVersion) displayName: Publish client archive diff --git a/build/azure-pipelines/darwin/product-build-darwin.yml b/build/azure-pipelines/darwin/product-build-darwin.yml index 6bd68712c9d..11aa7605f63 100644 --- a/build/azure-pipelines/darwin/product-build-darwin.yml +++ b/build/azure-pipelines/darwin/product-build-darwin.yml @@ -23,7 +23,7 @@ steps: nodejsMirror: https://github.com/joaomoreno/node-mirror/releases/download - ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: - - template: ../distro/download-distro.yml + - template: ../distro/download-distro.yml@self - task: AzureKeyVault@1 displayName: "Azure Key Vault: Get Secrets" @@ -114,7 +114,7 @@ steps: - script: node build/azure-pipelines/distro/mixin-quality displayName: Mixin distro quality - - template: ../common/install-builtin-extensions.yml + - template: ../common/install-builtin-extensions.yml@self - ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: - script: | @@ -156,7 +156,7 @@ steps: displayName: Transpile - ${{ if or(eq(parameters.VSCODE_RUN_UNIT_TESTS, true), eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, true)) }}: - - template: product-build-darwin-test.yml + - template: product-build-darwin-test.yml@self parameters: VSCODE_QUALITY: ${{ parameters.VSCODE_QUALITY }} VSCODE_RUN_UNIT_TESTS: ${{ parameters.VSCODE_RUN_UNIT_TESTS }} @@ -176,8 +176,7 @@ steps: APP_ROOT="$(Agent.BuildDirectory)/VSCode-darwin-$(VSCODE_ARCH)" APP_NAME="`ls $APP_ROOT | head -n 1`" APP_PATH="$APP_ROOT/$APP_NAME" - ARCHIVE_NAME=$(ls "$(Build.ArtifactStagingDirectory)/cli" | head -n 1) - unzip "$(Build.ArtifactStagingDirectory)/cli/$ARCHIVE_NAME" -d "$(Build.ArtifactStagingDirectory)/cli" + unzip $(Build.ArtifactStagingDirectory)/cli/*.zip -d $(Build.ArtifactStagingDirectory)/cli CLI_APP_NAME=$(node -p "require(\"$APP_PATH/Contents/Resources/app/product.json\").tunnelApplicationName") APP_NAME=$(node -p "require(\"$APP_PATH/Contents/Resources/app/product.json\").applicationName") mv "$(Build.ArtifactStagingDirectory)/cli/$APP_NAME" "$APP_PATH/Contents/Resources/app/bin/$CLI_APP_NAME" @@ -212,38 +211,31 @@ steps: condition: and(succeededOrFailed(), notIn(variables['Agent.JobStatus'], 'Succeeded', 'SucceededWithIssues')) displayName: Generate artifact prefix - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate SBOM (client) + - task: 1ES.PublishPipelineArtifact@1 inputs: - BuildDropPath: $(agent.builddirectory)/VSCode-darwin-$(VSCODE_ARCH) - PackageName: Visual Studio Code - - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate SBOM (server) - inputs: - BuildComponentPath: $(Build.SourcesDirectory)/remote - BuildDropPath: $(agent.builddirectory)/vscode-server-darwin-$(VSCODE_ARCH) - PackageName: Visual Studio Code Server - - - publish: $(agent.builddirectory)/VSCode-darwin-$(VSCODE_ARCH)/_manifest - displayName: Publish SBOM (client) - artifact: $(ARTIFACT_PREFIX)sbom_vscode_client_darwin_$(VSCODE_ARCH) - - - publish: $(agent.builddirectory)/vscode-server-darwin-$(VSCODE_ARCH)/_manifest - displayName: Publish SBOM (server) - artifact: $(ARTIFACT_PREFIX)sbom_vscode_server_darwin_$(VSCODE_ARCH) - - - publish: $(CLIENT_PATH) - artifact: $(ARTIFACT_PREFIX)unsigned_vscode_client_darwin_$(VSCODE_ARCH)_archive - condition: and(succeededOrFailed(), ne(variables['CLIENT_PATH'], '')) + targetPath: $(CLIENT_PATH) + artifactName: $(ARTIFACT_PREFIX)unsigned_vscode_client_darwin_$(VSCODE_ARCH)_archive + sbomBuildDropPath: $(Agent.BuildDirectory)/VSCode-darwin-$(VSCODE_ARCH) + sbomPackageName: "VS Code macOS $(VSCODE_ARCH) (unsigned)" + sbomPackageVersion: $(Build.SourceVersion) displayName: Publish client archive - - publish: $(SERVER_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_server_darwin_$(VSCODE_ARCH)_archive-unsigned + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(SERVER_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_server_darwin_$(VSCODE_ARCH)_archive-unsigned + sbomBuildDropPath: $(Agent.BuildDirectory)/vscode-server-darwin-$(VSCODE_ARCH) + sbomPackageName: "VS Code macOS $(VSCODE_ARCH) Server" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['SERVER_PATH'], '')) displayName: Publish server archive - - publish: $(WEB_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_web_darwin_$(VSCODE_ARCH)_archive-unsigned + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(WEB_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_web_darwin_$(VSCODE_ARCH)_archive-unsigned + sbomBuildDropPath: $(Agent.BuildDirectory)/vscode-server-darwin-$(VSCODE_ARCH)-web + sbomPackageName: "VS Code macOS $(VSCODE_ARCH) Web" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['WEB_PATH'], '')) displayName: Publish web server archive diff --git a/build/azure-pipelines/distro-build.yml b/build/azure-pipelines/distro-build.yml index c0a8e354c7b..ee5dd5d9919 100644 --- a/build/azure-pipelines/distro-build.yml +++ b/build/azure-pipelines/distro-build.yml @@ -12,4 +12,4 @@ steps: versionSource: fromFile versionFilePath: .nvmrc nodejsMirror: https://github.com/joaomoreno/node-mirror/releases/download - - template: ./distro/download-distro.yml + - template: ./distro/download-distro.yml@self diff --git a/build/azure-pipelines/linux/cli-build-linux.yml b/build/azure-pipelines/linux/cli-build-linux.yml index ff851c63c96..f3e2ef88b9d 100644 --- a/build/azure-pipelines/linux/cli-build-linux.yml +++ b/build/azure-pipelines/linux/cli-build-linux.yml @@ -22,7 +22,7 @@ steps: nodejsMirror: https://github.com/joaomoreno/node-mirror/releases/download - ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: - - template: ../cli/cli-apply-patches.yml + - template: ../cli/cli-apply-patches.yml@self - task: Npm@1 displayName: Download openssl prebuilt @@ -79,7 +79,7 @@ steps: mkdir -p $(Build.SourcesDirectory)/.build displayName: Create .build folder for misc dependencies - - template: ../cli/install-rust-posix.yml + - template: ../cli/install-rust-posix.yml@self parameters: targets: - ${{ if eq(parameters.VSCODE_BUILD_LINUX_ARM64, true) }}: @@ -90,7 +90,7 @@ steps: - armv7-unknown-linux-gnueabihf - ${{ if eq(parameters.VSCODE_BUILD_LINUX_ARM64, true) }}: - - template: ../cli/cli-compile.yml + - template: ../cli/cli-compile.yml@self parameters: VSCODE_QUALITY: ${{ parameters.VSCODE_QUALITY }} VSCODE_CLI_TARGET: aarch64-unknown-linux-gnu @@ -102,7 +102,7 @@ steps: SYSROOT_ARCH: arm64 - ${{ if eq(parameters.VSCODE_BUILD_LINUX, true) }}: - - template: ../cli/cli-compile.yml + - template: ../cli/cli-compile.yml@self parameters: VSCODE_QUALITY: ${{ parameters.VSCODE_QUALITY }} VSCODE_CLI_TARGET: x86_64-unknown-linux-gnu @@ -114,7 +114,7 @@ steps: SYSROOT_ARCH: amd64 - ${{ if eq(parameters.VSCODE_BUILD_LINUX_ARMHF, true) }}: - - template: ../cli/cli-compile.yml + - template: ../cli/cli-compile.yml@self parameters: VSCODE_QUALITY: ${{ parameters.VSCODE_QUALITY }} VSCODE_CLI_TARGET: armv7-unknown-linux-gnueabihf @@ -125,20 +125,33 @@ steps: OPENSSL_INCLUDE_DIR: $(Build.ArtifactStagingDirectory)/openssl/arm-linux/include SYSROOT_ARCH: armhf - - ${{ if eq(parameters.VSCODE_BUILD_LINUX_ARMHF, true) }}: - - template: ../cli/cli-publish.yml - parameters: - VSCODE_CLI_ARTIFACT: vscode_cli_linux_armhf_cli - VSCODE_CHECK_ONLY: ${{ parameters.VSCODE_CHECK_ONLY }} + - ${{ if not(parameters.VSCODE_CHECK_ONLY) }}: + - ${{ if eq(parameters.VSCODE_BUILD_LINUX_ARMHF, true) }}: + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Build.ArtifactStagingDirectory)/vscode_cli_linux_armhf_cli.tar.gz + artifactName: vscode_cli_linux_armhf_cli + sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/cli + sbomPackageName: "VS Code Linux armhf CLI" + sbomPackageVersion: $(Build.SourceVersion) + displayName: Publish vscode_cli_linux_armhf_cli artifact - - ${{ if eq(parameters.VSCODE_BUILD_LINUX, true) }}: - - template: ../cli/cli-publish.yml - parameters: - VSCODE_CLI_ARTIFACT: vscode_cli_linux_x64_cli - VSCODE_CHECK_ONLY: ${{ parameters.VSCODE_CHECK_ONLY }} + - ${{ if eq(parameters.VSCODE_BUILD_LINUX, true) }}: + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Build.ArtifactStagingDirectory)/vscode_cli_linux_x64_cli.tar.gz + artifactName: vscode_cli_linux_x64_cli + sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/cli + sbomPackageName: "VS Code Linux x64 CLI" + sbomPackageVersion: $(Build.SourceVersion) + displayName: Publish vscode_cli_linux_x64_cli artifact - - ${{ if eq(parameters.VSCODE_BUILD_LINUX_ARM64, true) }}: - - template: ../cli/cli-publish.yml - parameters: - VSCODE_CLI_ARTIFACT: vscode_cli_linux_arm64_cli - VSCODE_CHECK_ONLY: ${{ parameters.VSCODE_CHECK_ONLY }} + - ${{ if eq(parameters.VSCODE_BUILD_LINUX_ARM64, true) }}: + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Build.ArtifactStagingDirectory)/vscode_cli_linux_arm64_cli.tar.gz + artifactName: vscode_cli_linux_arm64_cli + sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/cli + sbomPackageName: "VS Code Linux arm64 CLI" + sbomPackageVersion: $(Build.SourceVersion) + displayName: Publish vscode_cli_linux_arm64_cli artifact diff --git a/build/azure-pipelines/linux/product-build-linux-legacy-server.yml b/build/azure-pipelines/linux/product-build-linux-legacy-server.yml index a046853fb6b..90f16ccaaba 100644 --- a/build/azure-pipelines/linux/product-build-linux-legacy-server.yml +++ b/build/azure-pipelines/linux/product-build-linux-legacy-server.yml @@ -174,7 +174,7 @@ steps: ARCHIVE_PATH=".build/linux/server/legacy-vscode-server-linux-$(VSCODE_ARCH).tar.gz" mkdir -p $(dirname $ARCHIVE_PATH) tar --owner=0 --group=0 -czf $ARCHIVE_PATH -C .. vscode-server-linux-$(VSCODE_ARCH) - echo "##vso[task.setvariable variable=LEGACY_SERVER_PATH]$ARCHIVE_PATH" + echo "##vso[task.setvariable variable=SERVER_PATH]$ARCHIVE_PATH" env: GITHUB_TOKEN: "$(github-distro-mixin-password)" displayName: Build server @@ -187,7 +187,7 @@ steps: ARCHIVE_PATH=".build/linux/web/legacy-vscode-server-linux-$(VSCODE_ARCH)-web.tar.gz" mkdir -p $(dirname $ARCHIVE_PATH) tar --owner=0 --group=0 -czf $ARCHIVE_PATH -C .. vscode-server-linux-$(VSCODE_ARCH)-web - echo "##vso[task.setvariable variable=LEGACY_WEB_PATH]$ARCHIVE_PATH" + echo "##vso[task.setvariable variable=WEB_PATH]$ARCHIVE_PATH" env: GITHUB_TOKEN: "$(github-distro-mixin-password)" displayName: Build server (web) @@ -199,24 +199,25 @@ steps: VSCODE_RUN_UNIT_TESTS: false VSCODE_RUN_INTEGRATION_TESTS: ${{ parameters.VSCODE_RUN_INTEGRATION_TESTS }} VSCODE_RUN_SMOKE_TESTS: false + ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: + PUBLISH_TASK_NAME: 1ES.PublishPipelineArtifact@1 - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate SBOM (server) - inputs: - BuildComponentPath: $(Build.SourcesDirectory)/remote - BuildDropPath: $(agent.builddirectory)/vscode-server-linux-$(VSCODE_ARCH) - PackageName: Legacy Visual Studio Code Server + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(SERVER_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_legacy_server_linux_$(VSCODE_ARCH)_archive-unsigned + sbomBuildDropPath: $(Agent.BuildDirectory)/vscode-server-linux-$(VSCODE_ARCH) + sbomPackageName: "VS Code Linux $(VSCODE_ARCH) Legacy Server" + sbomPackageVersion: $(Build.SourceVersion) + condition: and(succeededOrFailed(), ne(variables['SERVER_PATH'], '')) + displayName: Publish server archive - - publish: $(agent.builddirectory)/vscode-server-linux-$(VSCODE_ARCH)/_manifest - displayName: Publish SBOM (server) - artifact: $(ARTIFACT_PREFIX)sbom_vscode_legacy_server_linux_$(VSCODE_ARCH) - - - publish: $(LEGACY_SERVER_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_legacy_server_linux_$(VSCODE_ARCH)_archive-unsigned - condition: and(succeededOrFailed(), ne(variables['LEGACY_SERVER_PATH'], '')) - displayName: Publish server archive - - - publish: $(LEGACY_WEB_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_legacy_web_linux_$(VSCODE_ARCH)_archive-unsigned - condition: and(succeededOrFailed(), ne(variables['LEGACY_WEB_PATH'], '')) - displayName: Publish web server archive + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(WEB_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_legacy_web_linux_$(VSCODE_ARCH)_archive-unsigned + sbomBuildDropPath: $(Agent.BuildDirectory)/vscode-server-linux-$(VSCODE_ARCH)-web + sbomPackageName: "VS Code Linux $(VSCODE_ARCH) Legacy Web" + sbomPackageVersion: $(Build.SourceVersion) + condition: and(succeededOrFailed(), ne(variables['WEB_PATH'], '')) + displayName: Publish web server archive diff --git a/build/azure-pipelines/linux/product-build-linux-test.yml b/build/azure-pipelines/linux/product-build-linux-test.yml index 74ebb91e344..f5c00aa0cf0 100644 --- a/build/azure-pipelines/linux/product-build-linux-test.yml +++ b/build/azure-pipelines/linux/product-build-linux-test.yml @@ -7,6 +7,9 @@ parameters: type: boolean - name: VSCODE_RUN_SMOKE_TESTS type: boolean + - name: PUBLISH_TASK_NAME + type: string + default: PublishPipelineArtifact@0 steps: - script: yarn npm-run-all -lp "electron $(VSCODE_ARCH)" "playwright-install" @@ -197,7 +200,7 @@ steps: condition: succeededOrFailed() - ${{ if or(eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, true)) }}: - - task: PublishPipelineArtifact@0 + - task: ${{ parameters.PUBLISH_TASK_NAME }} inputs: targetPath: .build/crashes ${{ if and(eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, false)) }}: @@ -206,13 +209,14 @@ steps: artifactName: crash-dump-linux-$(VSCODE_ARCH)-smoke-$(System.JobAttempt) ${{ else }}: artifactName: crash-dump-linux-$(VSCODE_ARCH)-$(System.JobAttempt) + sbomEnabled: false displayName: "Publish Crash Reports" continueOnError: true condition: failed() # In order to properly symbolify above crash reports # (if any), we need the compiled native modules too - - task: PublishPipelineArtifact@0 + - task: ${{ parameters.PUBLISH_TASK_NAME }} inputs: targetPath: node_modules ${{ if and(eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, false)) }}: @@ -221,11 +225,12 @@ steps: artifactName: node-modules-linux-$(VSCODE_ARCH)-smoke-$(System.JobAttempt) ${{ else }}: artifactName: node-modules-linux-$(VSCODE_ARCH)-$(System.JobAttempt) + sbomEnabled: false displayName: "Publish Node Modules" continueOnError: true condition: failed() - - task: PublishPipelineArtifact@0 + - task: ${{ parameters.PUBLISH_TASK_NAME }} inputs: targetPath: .build/logs ${{ if and(eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, false)) }}: @@ -234,6 +239,7 @@ steps: artifactName: logs-linux-$(VSCODE_ARCH)-smoke-$(System.JobAttempt) ${{ else }}: artifactName: logs-linux-$(VSCODE_ARCH)-$(System.JobAttempt) + sbomEnabled: false displayName: "Publish Log Files" continueOnError: true condition: succeededOrFailed() diff --git a/build/azure-pipelines/linux/product-build-linux.yml b/build/azure-pipelines/linux/product-build-linux.yml index 13edfccdb55..cdc687fe7ac 100644 --- a/build/azure-pipelines/linux/product-build-linux.yml +++ b/build/azure-pipelines/linux/product-build-linux.yml @@ -25,7 +25,7 @@ steps: nodejsMirror: https://github.com/joaomoreno/node-mirror/releases/download - ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: - - template: ../distro/download-distro.yml + - template: ../distro/download-distro.yml@self - task: AzureKeyVault@1 displayName: "Azure Key Vault: Get Secrets" @@ -185,7 +185,7 @@ steps: - script: node build/azure-pipelines/distro/mixin-quality displayName: Mixin distro quality - - template: ../common/install-builtin-extensions.yml + - template: ../common/install-builtin-extensions.yml@self - ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: - script: | @@ -252,12 +252,14 @@ steps: displayName: Transpile client and extensions - ${{ if or(eq(parameters.VSCODE_RUN_UNIT_TESTS, true), eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, true)) }}: - - template: product-build-linux-test.yml + - template: product-build-linux-test.yml@self parameters: VSCODE_QUALITY: ${{ parameters.VSCODE_QUALITY }} VSCODE_RUN_UNIT_TESTS: ${{ parameters.VSCODE_RUN_UNIT_TESTS }} VSCODE_RUN_INTEGRATION_TESTS: ${{ parameters.VSCODE_RUN_INTEGRATION_TESTS }} VSCODE_RUN_SMOKE_TESTS: ${{ parameters.VSCODE_RUN_SMOKE_TESTS }} + ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: + PUBLISH_TASK_NAME: 1ES.PublishPipelineArtifact@1 - ${{ if and(ne(parameters.VSCODE_CIBUILD, true), ne(parameters.VSCODE_QUALITY, 'oss')) }}: - script: | @@ -311,53 +313,60 @@ steps: condition: and(succeededOrFailed(), notIn(variables['Agent.JobStatus'], 'Succeeded', 'SucceededWithIssues')) displayName: Generate artifact prefix - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate SBOM (client) + - task: 1ES.PublishPipelineArtifact@1 inputs: - BuildDropPath: $(agent.builddirectory)/VSCode-linux-$(VSCODE_ARCH) - PackageName: Visual Studio Code - - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate SBOM (server) - inputs: - BuildComponentPath: $(Build.SourcesDirectory)/remote - BuildDropPath: $(agent.builddirectory)/vscode-server-linux-$(VSCODE_ARCH) - PackageName: Visual Studio Code Server - - - publish: $(agent.builddirectory)/VSCode-linux-$(VSCODE_ARCH)/_manifest - displayName: Publish SBOM (client) - artifact: $(ARTIFACT_PREFIX)sbom_vscode_client_linux_$(VSCODE_ARCH) - - - publish: $(agent.builddirectory)/vscode-server-linux-$(VSCODE_ARCH)/_manifest - displayName: Publish SBOM (server) - artifact: $(ARTIFACT_PREFIX)sbom_vscode_server_linux_$(VSCODE_ARCH) - - - publish: $(CLIENT_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_client_linux_$(VSCODE_ARCH)_archive-unsigned + targetPath: $(CLIENT_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_client_linux_$(VSCODE_ARCH)_archive-unsigned + sbomBuildDropPath: $(Agent.BuildDirectory)/VSCode-linux-$(VSCODE_ARCH) + sbomPackageName: "VS Code Linux $(VSCODE_ARCH) (unsigned)" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['CLIENT_PATH'], '')) displayName: Publish client archive - - publish: $(SERVER_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_server_linux_$(VSCODE_ARCH)_archive-unsigned + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(SERVER_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_server_linux_$(VSCODE_ARCH)_archive-unsigned + sbomBuildDropPath: $(Agent.BuildDirectory)/vscode-server-linux-$(VSCODE_ARCH) + sbomPackageName: "VS Code Linux $(VSCODE_ARCH) Server" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['SERVER_PATH'], '')) displayName: Publish server archive - - publish: $(WEB_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_web_linux_$(VSCODE_ARCH)_archive-unsigned + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(WEB_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_web_linux_$(VSCODE_ARCH)_archive-unsigned + sbomBuildDropPath: $(Agent.BuildDirectory)/vscode-server-linux-$(VSCODE_ARCH)-web + sbomPackageName: "VS Code Linux $(VSCODE_ARCH) Web" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['WEB_PATH'], '')) displayName: Publish web server archive - - publish: $(DEB_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_client_linux_$(VSCODE_ARCH)_deb-package + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(DEB_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_client_linux_$(VSCODE_ARCH)_deb-package + sbomBuildDropPath: .build/linux/deb + sbomPackageName: "VS Code Linux $(VSCODE_ARCH) DEB" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['DEB_PATH'], '')) displayName: Publish deb package - - publish: $(RPM_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_client_linux_$(VSCODE_ARCH)_rpm-package + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(RPM_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_client_linux_$(VSCODE_ARCH)_rpm-package + sbomBuildDropPath: .build/linux/rpm + sbomPackageName: "VS Code Linux $(VSCODE_ARCH) RPM" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['RPM_PATH'], '')) displayName: Publish rpm package - - publish: $(SNAP_PATH) - artifact: $(ARTIFACT_PREFIX)snap-$(VSCODE_ARCH) + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(SNAP_PATH) + artifactName: $(ARTIFACT_PREFIX)snap-$(VSCODE_ARCH) + sbomEnabled: false condition: and(succeededOrFailed(), ne(variables['SNAP_PATH'], '')) displayName: Publish snap pre-package diff --git a/build/azure-pipelines/linux/snap-build-linux.yml b/build/azure-pipelines/linux/snap-build-linux.yml index 6fc16833921..033058163f9 100644 --- a/build/azure-pipelines/linux/snap-build-linux.yml +++ b/build/azure-pipelines/linux/snap-build-linux.yml @@ -46,24 +46,28 @@ steps: *) SNAPCRAFT_TARGET_ARGS="--target-arch $(VSCODE_ARCH)" ;; esac (cd $SNAP_ROOT/code-* && sudo --preserve-env snapcraft snap $SNAPCRAFT_TARGET_ARGS --output "$SNAP_PATH") - - # Export SNAP_PATH - echo "##vso[task.setvariable variable=SNAP_PATH]$SNAP_PATH" displayName: Prepare for publish - - script: mkdir -p $(agent.builddirectory)/vscode-snap-linux-$(VSCODE_ARCH) - displayName: Make folder for SBOM + - script: | + set -e + SNAP_ROOT="$(pwd)/.build/linux/snap/$(VSCODE_ARCH)" + SNAP_EXTRACTED_PATH=$(find $SNAP_ROOT -maxdepth 1 -type d -name 'code-*') + SNAP_PATH=$(find $SNAP_ROOT -maxdepth 1 -type f -name '*.snap') - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate SBOM + # SBOM tool doesn't like recursive symlinks + sudo find $SNAP_EXTRACTED_PATH -type l -delete + + echo "##vso[task.setvariable variable=SNAP_EXTRACTED_PATH]$SNAP_EXTRACTED_PATH" + echo "##vso[task.setvariable variable=SNAP_PATH]$SNAP_PATH" + target: + container: host + displayName: Find host snap path & prepare for SBOM + + - task: 1ES.PublishPipelineArtifact@1 inputs: - BuildDropPath: $(agent.builddirectory)/vscode-snap-linux-$(VSCODE_ARCH) - PackageName: Visual Studio Code Snap - - - publish: $(agent.builddirectory)/vscode-snap-linux-$(VSCODE_ARCH)/_manifest - displayName: Publish SBOM - artifact: $(ARTIFACT_PREFIX)sbom_vscode_client_linux_snap_$(VSCODE_ARCH) - - - publish: $(SNAP_PATH) - artifact: vscode_client_linux_$(VSCODE_ARCH)_snap + targetPath: $(SNAP_PATH) + artifactName: vscode_client_linux_$(VSCODE_ARCH)_snap + sbomBuildDropPath: $(SNAP_EXTRACTED_PATH) + sbomPackageName: "VS Code Linux $(VSCODE_ARCH) SNAP" + sbomPackageVersion: $(Build.SourceVersion) displayName: Publish snap package diff --git a/build/azure-pipelines/product-build-pr.yml b/build/azure-pipelines/product-build-pr.yml index b5036070730..7dce4d20265 100644 --- a/build/azure-pipelines/product-build-pr.yml +++ b/build/azure-pipelines/product-build-pr.yml @@ -31,7 +31,7 @@ jobs: variables: VSCODE_ARCH: x64 steps: - - template: product-compile.yml + - template: product-compile.yml@self parameters: VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} @@ -44,7 +44,7 @@ jobs: NPM_ARCH: x64 DISPLAY: ":10" steps: - - template: linux/product-build-linux.yml + - template: linux/product-build-linux.yml@self parameters: VSCODE_ARCH: x64 VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} @@ -62,7 +62,7 @@ jobs: NPM_ARCH: x64 DISPLAY: ":10" steps: - - template: linux/product-build-linux.yml + - template: linux/product-build-linux.yml@self parameters: VSCODE_ARCH: x64 VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} @@ -80,7 +80,7 @@ jobs: NPM_ARCH: x64 DISPLAY: ":10" steps: - - template: linux/product-build-linux.yml + - template: linux/product-build-linux.yml@self parameters: VSCODE_ARCH: x64 VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} @@ -94,7 +94,7 @@ jobs: pool: 1es-oss-ubuntu-20.04-x64 timeoutInMinutes: 30 steps: - - template: cli/test.yml + - template: cli/test.yml@self - job: Windowsx64UnitTests displayName: Windows (Unit Tests) @@ -104,7 +104,7 @@ jobs: VSCODE_ARCH: x64 NPM_ARCH: x64 steps: - - template: win32/product-build-win32.yml + - template: win32/product-build-win32.yml@self parameters: VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} VSCODE_ARCH: x64 @@ -121,7 +121,7 @@ jobs: VSCODE_ARCH: x64 NPM_ARCH: x64 steps: - - template: win32/product-build-win32.yml + - template: win32/product-build-win32.yml@self parameters: VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} VSCODE_ARCH: x64 @@ -138,7 +138,7 @@ jobs: # VSCODE_ARCH: x64 # NPM_ARCH: x64 # steps: - # - template: win32/product-build-win32.yml + # - template: win32/product-build-win32.yml@self # parameters: # VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} # VSCODE_ARCH: x64 @@ -154,7 +154,7 @@ jobs: variables: VSCODE_ARCH: x64 steps: - - template: oss/product-build-pr-cache-linux.yml + - template: oss/product-build-pr-cache-linux.yml@self - job: Windowsx64MaintainNodeModulesCache displayName: Windows (Maintain node_modules cache) @@ -163,7 +163,7 @@ jobs: variables: VSCODE_ARCH: x64 steps: - - template: oss/product-build-pr-cache-win32.yml + - template: oss/product-build-pr-cache-win32.yml@self # - job: macOSUnitTest # displayName: macOS (Unit Tests) @@ -174,7 +174,7 @@ jobs: # BUILDSECMON_OPT_IN: true # VSCODE_ARCH: x64 # steps: - # - template: darwin/product-build-darwin.yml + # - template: darwin/product-build-darwin.yml@self # parameters: # VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} # VSCODE_RUN_UNIT_TESTS: true @@ -189,7 +189,7 @@ jobs: # BUILDSECMON_OPT_IN: true # VSCODE_ARCH: x64 # steps: - # - template: darwin/product-build-darwin.yml + # - template: darwin/product-build-darwin.yml@self # parameters: # VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} # VSCODE_RUN_UNIT_TESTS: false @@ -204,7 +204,7 @@ jobs: # BUILDSECMON_OPT_IN: true # VSCODE_ARCH: x64 # steps: - # - template: darwin/product-build-darwin.yml + # - template: darwin/product-build-darwin.yml@self # parameters: # VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} # VSCODE_RUN_UNIT_TESTS: false diff --git a/build/azure-pipelines/product-build.yml b/build/azure-pipelines/product-build.yml index d529b159c48..1d2d2b97506 100644 --- a/build/azure-pipelines/product-build.yml +++ b/build/azure-pipelines/product-build.yml @@ -156,569 +156,633 @@ variables: name: "$(Date:yyyyMMdd).$(Rev:r) (${{ parameters.VSCODE_QUALITY }})" resources: - containers: - - container: snapcraft - image: vscodehub.azurecr.io/vscode-linux-build-agent:snapcraft-x64 - endpoint: VSCodeHub pipelines: - pipeline: vscode-7pm-kick-off source: 'VS Code 7PM Kick-Off' trigger: true + repositories: + - repository: 1ESPipelines + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/heads/joao/disable-tsa-linux-arm64 -stages: - - stage: Compile - jobs: - - job: Compile - pool: 1es-ubuntu-20.04-x64 - variables: - VSCODE_ARCH: x64 - steps: - - template: product-compile.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - - - stage: CompileCLI - dependsOn: [] - jobs: - - ${{ if eq(parameters.VSCODE_BUILD_LINUX, true) }}: - - job: CLILinuxX64 - pool: 1es-ubuntu-20.04-x64 - steps: - - template: ./linux/cli-build-linux.yml - parameters: - VSCODE_CHECK_ONLY: ${{ variables.VSCODE_CIBUILD }} - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_BUILD_LINUX: ${{ parameters.VSCODE_BUILD_LINUX }} - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), or(eq(parameters.VSCODE_BUILD_LINUX_ARMHF, true), eq(parameters.VSCODE_BUILD_LINUX_ARM64, true))) }}: - - job: CLILinuxGnuARM - pool: 1es-ubuntu-20.04-x64 - steps: - - template: ./linux/cli-build-linux.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_BUILD_LINUX_ARMHF: ${{ parameters.VSCODE_BUILD_LINUX_ARMHF }} - VSCODE_BUILD_LINUX_ARM64: ${{ parameters.VSCODE_BUILD_LINUX_ARM64 }} - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_ALPINE, true)) }}: - - job: CLIAlpineX64 - pool: 1es-ubuntu-20.04-x64 - steps: - - template: ./alpine/cli-build-alpine.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_BUILD_ALPINE: ${{ parameters.VSCODE_BUILD_ALPINE }} - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_ALPINE_ARM64, true)) }}: - - job: CLIAlpineARM64 - pool: 1es-ubuntu-20.04-arm64 - steps: - - bash: sudo apt update && sudo apt install -y unzip - displayName: Install unzip - - template: ./alpine/cli-build-alpine.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_BUILD_ALPINE_ARM64: ${{ parameters.VSCODE_BUILD_ALPINE_ARM64 }} - - - ${{ if eq(parameters.VSCODE_BUILD_MACOS, true) }}: - - job: CLIMacOSX64 - pool: - vmImage: macOS-11 - steps: - - template: ./darwin/cli-build-darwin.yml - parameters: - VSCODE_CHECK_ONLY: ${{ variables.VSCODE_CIBUILD }} - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_BUILD_MACOS: ${{ parameters.VSCODE_BUILD_MACOS }} - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_MACOS_ARM64, true)) }}: - - job: CLIMacOSARM64 - pool: - vmImage: macOS-11 - steps: - - template: ./darwin/cli-build-darwin.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_BUILD_MACOS_ARM64: ${{ parameters.VSCODE_BUILD_MACOS_ARM64 }} - - - ${{ if eq(parameters.VSCODE_BUILD_WIN32, true) }}: - - job: CLIWindowsX64 - pool: 1es-windows-2019-x64 - steps: - - template: ./win32/cli-build-win32.yml - parameters: - VSCODE_CHECK_ONLY: ${{ variables.VSCODE_CIBUILD }} - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_BUILD_WIN32: ${{ parameters.VSCODE_BUILD_WIN32 }} - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_WIN32_ARM64, true)) }}: - - job: CLIWindowsARM64 - pool: 1es-windows-2019-x64 - steps: - - template: ./win32/cli-build-win32.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_BUILD_WIN32_ARM64: ${{ parameters.VSCODE_BUILD_WIN32_ARM64 }} - - - ${{ if and(eq(parameters.VSCODE_COMPILE_ONLY, false), eq(variables['VSCODE_BUILD_STAGE_WINDOWS'], true)) }}: - - stage: Windows - dependsOn: - - Compile - - CompileCLI - pool: 1es-windows-2019-x64 - jobs: - - ${{ if eq(variables['VSCODE_CIBUILD'], true) }}: - - job: WindowsUnitTests - displayName: Unit Tests - timeoutInMinutes: 60 +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines + parameters: + sdl: + tsa: + enabled: true + config: + codebaseName: 'devdiv_$(Build.Repository.Name)' + serviceTreeID: '79c048b2-322f-4ed5-a1ea-252a1250e4b3' + instanceUrl: 'https://devdiv.visualstudio.com/defaultcollection' + projectName: 'DevDiv' + areaPath: "DevDiv\\VS Code (compliance tracking only)\\Visual Studio Code Client" + notificationAliases: ['monacotools@microsoft.com'] + validateToolOutput: None + allTools: true + credscan: + suppressionsFile: $(Build.SourcesDirectory)/build/azure-pipelines/config/CredScanSuppressions.json + sourceAnalysisPool: 1es-windows-2022-x64 + containers: + snapcraft: + image: vscodehub.azurecr.io/vscode-linux-build-agent:snapcraft-x64 + ubuntu-2004-arm64: + image: onebranch.azurecr.io/linux/ubuntu-2004-arm64:latest + authenticatedContainerRegistries: + - registry: onebranch.azurecr.io + tenant: AME + identity: 1ESPipelineIdentity + stages: + - stage: Compile + jobs: + - job: Compile + pool: + name: 1es-ubuntu-20.04-x64 + os: linux variables: VSCODE_ARCH: x64 steps: - - template: win32/product-build-win32.yml + - template: build/azure-pipelines/product-compile.yml@self parameters: VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_ARCH: x64 - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: true - VSCODE_RUN_INTEGRATION_TESTS: false - VSCODE_RUN_SMOKE_TESTS: false - - job: WindowsIntegrationTests - displayName: Integration Tests - timeoutInMinutes: 60 - variables: - VSCODE_ARCH: x64 - steps: - - template: win32/product-build-win32.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_ARCH: x64 - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: false - VSCODE_RUN_INTEGRATION_TESTS: true - VSCODE_RUN_SMOKE_TESTS: false - - job: WindowsSmokeTests - displayName: Smoke Tests - timeoutInMinutes: 60 - variables: - VSCODE_ARCH: x64 - steps: - - template: win32/product-build-win32.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_ARCH: x64 - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: false - VSCODE_RUN_INTEGRATION_TESTS: false - VSCODE_RUN_SMOKE_TESTS: true - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_WIN32, true)) }}: - - job: Windows - timeoutInMinutes: 120 - variables: - VSCODE_ARCH: x64 - steps: - - template: win32/product-build-win32.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_ARCH: x64 - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} - VSCODE_RUN_INTEGRATION_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} - VSCODE_RUN_SMOKE_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} - - - job: WindowsCLISign - timeoutInMinutes: 90 - steps: - - template: win32/product-build-win32-cli-sign.yml - parameters: - VSCODE_BUILD_WIN32: ${{ parameters.VSCODE_BUILD_WIN32 }} - VSCODE_BUILD_WIN32_ARM64: ${{ parameters.VSCODE_BUILD_WIN32_ARM64 }} - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_WIN32_ARM64, true)) }}: - - job: WindowsARM64 - timeoutInMinutes: 90 - variables: - VSCODE_ARCH: arm64 - steps: - - template: win32/product-build-win32.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_ARCH: arm64 - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: false - VSCODE_RUN_INTEGRATION_TESTS: false - VSCODE_RUN_SMOKE_TESTS: false - - - ${{ if and(eq(parameters.VSCODE_COMPILE_ONLY, false), eq(variables['VSCODE_BUILD_STAGE_LINUX'], true)) }}: - - stage: Linux - dependsOn: - - Compile - - CompileCLI - pool: 1es-ubuntu-20.04-x64 - jobs: - - ${{ if eq(variables['VSCODE_CIBUILD'], true) }}: - - job: Linuxx64UnitTest - displayName: Unit Tests - variables: - VSCODE_ARCH: x64 - NPM_ARCH: x64 - DISPLAY: ":10" - steps: - - template: linux/product-build-linux.yml - parameters: - VSCODE_ARCH: x64 - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: true - VSCODE_RUN_INTEGRATION_TESTS: false - VSCODE_RUN_SMOKE_TESTS: false - - job: Linuxx64IntegrationTest - displayName: Integration Tests - variables: - VSCODE_ARCH: x64 - NPM_ARCH: x64 - DISPLAY: ":10" - steps: - - template: linux/product-build-linux.yml - parameters: - VSCODE_ARCH: x64 - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: false - VSCODE_RUN_INTEGRATION_TESTS: true - VSCODE_RUN_SMOKE_TESTS: false - - job: Linuxx64SmokeTest - displayName: Smoke Tests - variables: - VSCODE_ARCH: x64 - NPM_ARCH: x64 - DISPLAY: ":10" - steps: - - template: linux/product-build-linux.yml - parameters: - VSCODE_ARCH: x64 - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: false - VSCODE_RUN_INTEGRATION_TESTS: false - VSCODE_RUN_SMOKE_TESTS: true - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_LINUX, true)) }}: - - job: Linuxx64 - variables: - VSCODE_ARCH: x64 - NPM_ARCH: x64 - DISPLAY: ":10" - steps: - - template: linux/product-build-linux.yml - parameters: - VSCODE_ARCH: x64 - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} - VSCODE_RUN_INTEGRATION_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} - VSCODE_RUN_SMOKE_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_LINUX, true)) }}: - - job: LinuxSnap - dependsOn: - - Linuxx64 - container: snapcraft - variables: - VSCODE_ARCH: x64 - steps: - - template: linux/snap-build-linux.yml - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_LINUX_ARMHF, true)) }}: - - job: LinuxArmhf - variables: - VSCODE_ARCH: armhf - NPM_ARCH: arm - steps: - - template: linux/product-build-linux.yml - parameters: - VSCODE_ARCH: armhf - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: false - VSCODE_RUN_INTEGRATION_TESTS: false - VSCODE_RUN_SMOKE_TESTS: false - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_LINUX_ARM64, true)) }}: - - job: LinuxArm64 - variables: - VSCODE_ARCH: arm64 - NPM_ARCH: arm64 - steps: - - template: linux/product-build-linux.yml - parameters: - VSCODE_ARCH: arm64 - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: false - VSCODE_RUN_INTEGRATION_TESTS: false - VSCODE_RUN_SMOKE_TESTS: false - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_COMPILE_ONLY, false), eq(variables['VSCODE_BUILD_STAGE_LINUX_LEGACY_SERVER'], true)) }}: - - stage: LinuxLegacyServer - dependsOn: - - Compile - pool: 1es-ubuntu-20.04-x64 - jobs: - - ${{ if eq(parameters.VSCODE_BUILD_LINUX_X64_LEGACY_SERVER, true) }}: - - job: Linuxx64LegacyServer - variables: - VSCODE_ARCH: x64 - NPM_ARCH: x64 - DISPLAY: ":10" - steps: - - template: linux/product-build-linux-legacy-server.yml - parameters: - VSCODE_ARCH: x64 - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_RUN_INTEGRATION_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} - - - ${{ if eq(parameters.VSCODE_BUILD_LINUX_ARMHF_LEGACY_SERVER, true) }}: - - job: LinuxArmhfLegacyServer - variables: - VSCODE_ARCH: armhf - NPM_ARCH: arm - steps: - - template: linux/product-build-linux-legacy-server.yml - parameters: - VSCODE_ARCH: armhf - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_RUN_INTEGRATION_TESTS: false - - - ${{ if eq(parameters.VSCODE_BUILD_LINUX_ARM64_LEGACY_SERVER, true) }}: - - job: LinuxArm64LegacyServer - variables: - VSCODE_ARCH: arm64 - NPM_ARCH: arm64 - steps: - - template: linux/product-build-linux-legacy-server.yml - parameters: - VSCODE_ARCH: arm64 - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_RUN_INTEGRATION_TESTS: false - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_COMPILE_ONLY, false), eq(variables['VSCODE_BUILD_STAGE_ALPINE'], true)) }}: - - stage: Alpine - dependsOn: - - Compile - - CompileCLI - pool: 1es-ubuntu-20.04-x64 - jobs: - - ${{ if eq(parameters.VSCODE_BUILD_ALPINE, true) }}: - - job: LinuxAlpine - variables: - VSCODE_ARCH: x64 - NPM_ARCH: x64 - steps: - - template: alpine/product-build-alpine.yml - - - ${{ if eq(parameters.VSCODE_BUILD_ALPINE_ARM64, true) }}: - - job: LinuxAlpineArm64 - timeoutInMinutes: 120 - variables: - VSCODE_ARCH: arm64 - NPM_ARCH: arm64 - steps: - - template: alpine/product-build-alpine.yml - - - ${{ if and(eq(parameters.VSCODE_COMPILE_ONLY, false), eq(variables['VSCODE_BUILD_STAGE_MACOS'], true)) }}: - - stage: macOS - dependsOn: - - Compile - - CompileCLI - pool: - vmImage: macOS-11 - variables: - BUILDSECMON_OPT_IN: true - jobs: - - ${{ if eq(variables['VSCODE_CIBUILD'], true) }}: - - job: macOSUnitTest - displayName: Unit Tests - timeoutInMinutes: 90 - variables: - VSCODE_ARCH: x64 - steps: - - template: darwin/product-build-darwin.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: true - VSCODE_RUN_INTEGRATION_TESTS: false - VSCODE_RUN_SMOKE_TESTS: false - - job: macOSIntegrationTest - displayName: Integration Tests - timeoutInMinutes: 90 - variables: - VSCODE_ARCH: x64 - steps: - - template: darwin/product-build-darwin.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: false - VSCODE_RUN_INTEGRATION_TESTS: true - VSCODE_RUN_SMOKE_TESTS: false - - job: macOSSmokeTest - displayName: Smoke Tests - timeoutInMinutes: 90 - variables: - VSCODE_ARCH: x64 - steps: - - template: darwin/product-build-darwin.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: false - VSCODE_RUN_INTEGRATION_TESTS: false - VSCODE_RUN_SMOKE_TESTS: true - - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_MACOS, true)) }}: - - job: macOS - timeoutInMinutes: 90 - variables: - VSCODE_ARCH: x64 - steps: - - template: darwin/product-build-darwin.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: false - VSCODE_RUN_INTEGRATION_TESTS: false - VSCODE_RUN_SMOKE_TESTS: false - - - ${{ if eq(parameters.VSCODE_STEP_ON_IT, false) }}: - - job: macOSTest - timeoutInMinutes: 90 - variables: - VSCODE_ARCH: x64 + - stage: CompileCLI + dependsOn: [] + jobs: + - ${{ if eq(parameters.VSCODE_BUILD_LINUX, true) }}: + - job: CLILinuxX64 + pool: + name: 1es-ubuntu-20.04-x64 + os: linux steps: - - template: darwin/product-build-darwin.yml + - template: build/azure-pipelines/linux/cli-build-linux.yml@self + parameters: + VSCODE_CHECK_ONLY: ${{ variables.VSCODE_CIBUILD }} + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_BUILD_LINUX: ${{ parameters.VSCODE_BUILD_LINUX }} + + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), or(eq(parameters.VSCODE_BUILD_LINUX_ARMHF, true), eq(parameters.VSCODE_BUILD_LINUX_ARM64, true))) }}: + - job: CLILinuxGnuARM + pool: + name: 1es-ubuntu-20.04-x64 + os: linux + steps: + - template: build/azure-pipelines/linux/cli-build-linux.yml@self parameters: VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} - VSCODE_RUN_INTEGRATION_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} - VSCODE_RUN_SMOKE_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} + VSCODE_BUILD_LINUX_ARMHF: ${{ parameters.VSCODE_BUILD_LINUX_ARMHF }} + VSCODE_BUILD_LINUX_ARM64: ${{ parameters.VSCODE_BUILD_LINUX_ARM64 }} - - job: macOSSign - dependsOn: - - macOS - timeoutInMinutes: 90 - variables: - VSCODE_ARCH: x64 - steps: - - template: darwin/product-build-darwin-sign.yml + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_ALPINE, true)) }}: + - job: CLIAlpineX64 + pool: + name: 1es-ubuntu-20.04-x64 + os: linux + steps: + - template: build/azure-pipelines/alpine/cli-build-alpine.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_BUILD_ALPINE: ${{ parameters.VSCODE_BUILD_ALPINE }} - - job: macOSCLISign - timeoutInMinutes: 90 - steps: - - template: darwin/product-build-darwin-cli-sign.yml - parameters: - VSCODE_BUILD_MACOS: ${{ parameters.VSCODE_BUILD_MACOS }} - VSCODE_BUILD_MACOS_ARM64: ${{ parameters.VSCODE_BUILD_MACOS_ARM64 }} + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_ALPINE_ARM64, true)) }}: + - job: CLIAlpineARM64 + pool: + name: 1es-mariner-2.0-arm64 + os: linux + hostArchitecture: arm64 + container: ubuntu-2004-arm64 + steps: + - template: build/azure-pipelines/alpine/cli-build-alpine.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_BUILD_ALPINE_ARM64: ${{ parameters.VSCODE_BUILD_ALPINE_ARM64 }} - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_MACOS_ARM64, true)) }}: - - job: macOSARM64 - timeoutInMinutes: 90 - variables: - VSCODE_ARCH: arm64 - steps: - - template: darwin/product-build-darwin.yml - parameters: - VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} - VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} - VSCODE_RUN_UNIT_TESTS: false - VSCODE_RUN_INTEGRATION_TESTS: false - VSCODE_RUN_SMOKE_TESTS: false + - ${{ if eq(parameters.VSCODE_BUILD_MACOS, true) }}: + - job: CLIMacOSX64 + pool: + name: Azure Pipelines + image: macOS-11 + os: macOS + steps: + - template: build/azure-pipelines/darwin/cli-build-darwin.yml@self + parameters: + VSCODE_CHECK_ONLY: ${{ variables.VSCODE_CIBUILD }} + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_BUILD_MACOS: ${{ parameters.VSCODE_BUILD_MACOS }} - - job: macOSARM64Sign - dependsOn: - - macOSARM64 - timeoutInMinutes: 90 - variables: - VSCODE_ARCH: arm64 - steps: - - template: darwin/product-build-darwin-sign.yml + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_MACOS_ARM64, true)) }}: + - job: CLIMacOSARM64 + pool: + name: Azure Pipelines + image: macOS-11 + os: macOS + steps: + - template: build/azure-pipelines/darwin/cli-build-darwin.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_BUILD_MACOS_ARM64: ${{ parameters.VSCODE_BUILD_MACOS_ARM64 }} - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(variables['VSCODE_BUILD_MACOS_UNIVERSAL'], true)) }}: - - job: macOSUniversal - dependsOn: - - macOS - - macOSARM64 - timeoutInMinutes: 90 - variables: - VSCODE_ARCH: universal - steps: - - template: darwin/product-build-darwin-universal.yml + - ${{ if eq(parameters.VSCODE_BUILD_WIN32, true) }}: + - job: CLIWindowsX64 + pool: + name: 1es-windows-2019-x64 + os: windows + steps: + - template: build/azure-pipelines/win32/cli-build-win32.yml@self + parameters: + VSCODE_CHECK_ONLY: ${{ variables.VSCODE_CIBUILD }} + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_BUILD_WIN32: ${{ parameters.VSCODE_BUILD_WIN32 }} - - job: macOSUniversalSign - dependsOn: - - macOSUniversal - timeoutInMinutes: 90 - variables: - VSCODE_ARCH: universal - steps: - - template: darwin/product-build-darwin-sign.yml + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_WIN32_ARM64, true)) }}: + - job: CLIWindowsARM64 + pool: + name: 1es-windows-2019-x64 + os: windows + steps: + - template: build/azure-pipelines/win32/cli-build-win32.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_BUILD_WIN32_ARM64: ${{ parameters.VSCODE_BUILD_WIN32_ARM64 }} - - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_COMPILE_ONLY, false), eq(variables['VSCODE_BUILD_STAGE_WEB'], true)) }}: - - stage: Web - dependsOn: - - Compile - pool: 1es-ubuntu-20.04-x64 - jobs: - - ${{ if eq(parameters.VSCODE_BUILD_WEB, true) }}: - - job: Web - variables: - VSCODE_ARCH: x64 - steps: - - template: web/product-build-web.yml + - ${{ if and(eq(parameters.VSCODE_COMPILE_ONLY, false), eq(variables['VSCODE_BUILD_STAGE_WINDOWS'], true)) }}: + - stage: Windows + dependsOn: + - Compile + - CompileCLI + pool: + name: 1es-windows-2019-x64 + os: windows + jobs: + - ${{ if eq(variables['VSCODE_CIBUILD'], true) }}: + - job: WindowsUnitTests + displayName: Unit Tests + timeoutInMinutes: 60 + variables: + VSCODE_ARCH: x64 + steps: + - template: build/azure-pipelines/win32/product-build-win32.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_ARCH: x64 + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: true + VSCODE_RUN_INTEGRATION_TESTS: false + VSCODE_RUN_SMOKE_TESTS: false + - job: WindowsIntegrationTests + displayName: Integration Tests + timeoutInMinutes: 60 + variables: + VSCODE_ARCH: x64 + steps: + - template: build/azure-pipelines/win32/product-build-win32.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_ARCH: x64 + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: false + VSCODE_RUN_INTEGRATION_TESTS: true + VSCODE_RUN_SMOKE_TESTS: false + - job: WindowsSmokeTests + displayName: Smoke Tests + timeoutInMinutes: 60 + variables: + VSCODE_ARCH: x64 + steps: + - template: build/azure-pipelines/win32/product-build-win32.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_ARCH: x64 + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: false + VSCODE_RUN_INTEGRATION_TESTS: false + VSCODE_RUN_SMOKE_TESTS: true - - ${{ if eq(variables['VSCODE_PUBLISH'], 'true') }}: - - stage: Publish - dependsOn: [] - pool: 1es-windows-2019-x64 - variables: - - name: BUILDS_API_URL - value: $(System.CollectionUri)$(System.TeamProject)/_apis/build/builds/$(Build.BuildId)/ - jobs: - - job: PublishBuild - timeoutInMinutes: 180 - displayName: Publish Build - steps: - - template: product-publish.yml + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_WIN32, true)) }}: + - job: Windows + timeoutInMinutes: 120 + variables: + VSCODE_ARCH: x64 + steps: + - template: build/azure-pipelines/win32/product-build-win32.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_ARCH: x64 + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} + VSCODE_RUN_INTEGRATION_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} + VSCODE_RUN_SMOKE_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} - - ${{ if and(parameters.VSCODE_RELEASE, eq(variables['VSCODE_PRIVATE_BUILD'], false)) }}: - - stage: ApproveRelease - dependsOn: [] # run in parallel to compile stage - pool: 1es-ubuntu-20.04-x64 - jobs: - - deployment: ApproveRelease - displayName: "Approve Release" - environment: "vscode" - variables: - skipComponentGovernanceDetection: true - strategy: - runOnce: - deploy: + - job: WindowsCLISign + timeoutInMinutes: 90 + steps: + - template: build/azure-pipelines/win32/product-build-win32-cli-sign.yml@self + parameters: + VSCODE_BUILD_WIN32: ${{ parameters.VSCODE_BUILD_WIN32 }} + VSCODE_BUILD_WIN32_ARM64: ${{ parameters.VSCODE_BUILD_WIN32_ARM64 }} + + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_WIN32_ARM64, true)) }}: + - job: WindowsARM64 + timeoutInMinutes: 90 + variables: + VSCODE_ARCH: arm64 + steps: + - template: build/azure-pipelines/win32/product-build-win32.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_ARCH: arm64 + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: false + VSCODE_RUN_INTEGRATION_TESTS: false + VSCODE_RUN_SMOKE_TESTS: false + + - ${{ if and(eq(parameters.VSCODE_COMPILE_ONLY, false), eq(variables['VSCODE_BUILD_STAGE_LINUX'], true)) }}: + - stage: Linux + dependsOn: + - Compile + - CompileCLI + pool: + name: 1es-ubuntu-20.04-x64 + os: linux + jobs: + - ${{ if eq(variables['VSCODE_CIBUILD'], true) }}: + - job: Linuxx64UnitTest + displayName: Unit Tests + variables: + VSCODE_ARCH: x64 + NPM_ARCH: x64 + DISPLAY: ":10" + steps: + - template: build/azure-pipelines/linux/product-build-linux.yml@self + parameters: + VSCODE_ARCH: x64 + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: true + VSCODE_RUN_INTEGRATION_TESTS: false + VSCODE_RUN_SMOKE_TESTS: false + - job: Linuxx64IntegrationTest + displayName: Integration Tests + variables: + VSCODE_ARCH: x64 + NPM_ARCH: x64 + DISPLAY: ":10" + steps: + - template: build/azure-pipelines/linux/product-build-linux.yml@self + parameters: + VSCODE_ARCH: x64 + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: false + VSCODE_RUN_INTEGRATION_TESTS: true + VSCODE_RUN_SMOKE_TESTS: false + - job: Linuxx64SmokeTest + displayName: Smoke Tests + variables: + VSCODE_ARCH: x64 + NPM_ARCH: x64 + DISPLAY: ":10" + steps: + - template: build/azure-pipelines/linux/product-build-linux.yml@self + parameters: + VSCODE_ARCH: x64 + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: false + VSCODE_RUN_INTEGRATION_TESTS: false + VSCODE_RUN_SMOKE_TESTS: true + + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_LINUX, true)) }}: + - job: Linuxx64 + variables: + VSCODE_ARCH: x64 + NPM_ARCH: x64 + DISPLAY: ":10" + steps: + - template: build/azure-pipelines/linux/product-build-linux.yml@self + parameters: + VSCODE_ARCH: x64 + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} + VSCODE_RUN_INTEGRATION_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} + VSCODE_RUN_SMOKE_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} + + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_LINUX, true)) }}: + - job: LinuxSnap + dependsOn: + - Linuxx64 + container: snapcraft + variables: + VSCODE_ARCH: x64 + steps: + - template: build/azure-pipelines/linux/snap-build-linux.yml@self + + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_LINUX_ARMHF, true)) }}: + - job: LinuxArmhf + variables: + VSCODE_ARCH: armhf + NPM_ARCH: arm + steps: + - template: build/azure-pipelines/linux/product-build-linux.yml@self + parameters: + VSCODE_ARCH: armhf + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: false + VSCODE_RUN_INTEGRATION_TESTS: false + VSCODE_RUN_SMOKE_TESTS: false + + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_LINUX_ARM64, true)) }}: + - job: LinuxArm64 + variables: + VSCODE_ARCH: arm64 + NPM_ARCH: arm64 + steps: + - template: build/azure-pipelines/linux/product-build-linux.yml@self + parameters: + VSCODE_ARCH: arm64 + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: false + VSCODE_RUN_INTEGRATION_TESTS: false + VSCODE_RUN_SMOKE_TESTS: false + + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_COMPILE_ONLY, false), eq(variables['VSCODE_BUILD_STAGE_LINUX_LEGACY_SERVER'], true)) }}: + - stage: LinuxLegacyServer + dependsOn: + - Compile + pool: + name: 1es-ubuntu-20.04-x64 + os: linux + jobs: + - ${{ if eq(parameters.VSCODE_BUILD_LINUX_X64_LEGACY_SERVER, true) }}: + - job: Linuxx64LegacyServer + variables: + VSCODE_ARCH: x64 + NPM_ARCH: x64 + DISPLAY: ":10" + steps: + - template: build/azure-pipelines/linux/product-build-linux-legacy-server.yml@self + parameters: + VSCODE_ARCH: x64 + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_RUN_INTEGRATION_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} + + - ${{ if eq(parameters.VSCODE_BUILD_LINUX_ARMHF_LEGACY_SERVER, true) }}: + - job: LinuxArmhfLegacyServer + variables: + VSCODE_ARCH: armhf + NPM_ARCH: arm + steps: + - template: build/azure-pipelines/linux/product-build-linux-legacy-server.yml@self + parameters: + VSCODE_ARCH: armhf + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_RUN_INTEGRATION_TESTS: false + + - ${{ if eq(parameters.VSCODE_BUILD_LINUX_ARM64_LEGACY_SERVER, true) }}: + - job: LinuxArm64LegacyServer + variables: + VSCODE_ARCH: arm64 + NPM_ARCH: arm64 + steps: + - template: build/azure-pipelines/linux/product-build-linux-legacy-server.yml@self + parameters: + VSCODE_ARCH: arm64 + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_RUN_INTEGRATION_TESTS: false + + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_COMPILE_ONLY, false), eq(variables['VSCODE_BUILD_STAGE_ALPINE'], true)) }}: + - stage: Alpine + dependsOn: + - Compile + - CompileCLI + pool: + name: 1es-ubuntu-20.04-x64 + os: linux + jobs: + - ${{ if eq(parameters.VSCODE_BUILD_ALPINE, true) }}: + - job: LinuxAlpine + variables: + VSCODE_ARCH: x64 + NPM_ARCH: x64 + steps: + - template: build/azure-pipelines/alpine/product-build-alpine.yml@self + + - ${{ if eq(parameters.VSCODE_BUILD_ALPINE_ARM64, true) }}: + - job: LinuxAlpineArm64 + timeoutInMinutes: 120 + variables: + VSCODE_ARCH: arm64 + NPM_ARCH: arm64 + steps: + - template: build/azure-pipelines/alpine/product-build-alpine.yml@self + + - ${{ if and(eq(parameters.VSCODE_COMPILE_ONLY, false), eq(variables['VSCODE_BUILD_STAGE_MACOS'], true)) }}: + - stage: macOS + dependsOn: + - Compile + - CompileCLI + pool: + name: Azure Pipelines + image: macOS-11 + os: macOS + variables: + BUILDSECMON_OPT_IN: true + jobs: + - ${{ if eq(variables['VSCODE_CIBUILD'], true) }}: + - job: macOSUnitTest + displayName: Unit Tests + timeoutInMinutes: 90 + variables: + VSCODE_ARCH: x64 + steps: + - template: build/azure-pipelines/darwin/product-build-darwin.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: true + VSCODE_RUN_INTEGRATION_TESTS: false + VSCODE_RUN_SMOKE_TESTS: false + - job: macOSIntegrationTest + displayName: Integration Tests + timeoutInMinutes: 90 + variables: + VSCODE_ARCH: x64 + steps: + - template: build/azure-pipelines/darwin/product-build-darwin.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: false + VSCODE_RUN_INTEGRATION_TESTS: true + VSCODE_RUN_SMOKE_TESTS: false + - job: macOSSmokeTest + displayName: Smoke Tests + timeoutInMinutes: 90 + variables: + VSCODE_ARCH: x64 + steps: + - template: build/azure-pipelines/darwin/product-build-darwin.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: false + VSCODE_RUN_INTEGRATION_TESTS: false + VSCODE_RUN_SMOKE_TESTS: true + + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_MACOS, true)) }}: + - job: macOS + timeoutInMinutes: 90 + variables: + VSCODE_ARCH: x64 + steps: + - template: build/azure-pipelines/darwin/product-build-darwin.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: false + VSCODE_RUN_INTEGRATION_TESTS: false + VSCODE_RUN_SMOKE_TESTS: false + + - ${{ if eq(parameters.VSCODE_STEP_ON_IT, false) }}: + - job: macOSTest + timeoutInMinutes: 90 + variables: + VSCODE_ARCH: x64 steps: - - checkout: none + - template: build/azure-pipelines/darwin/product-build-darwin.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} + VSCODE_RUN_INTEGRATION_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} + VSCODE_RUN_SMOKE_TESTS: ${{ eq(parameters.VSCODE_STEP_ON_IT, false) }} - - ${{ if or(and(parameters.VSCODE_RELEASE, eq(variables['VSCODE_PRIVATE_BUILD'], false)), and(in(parameters.VSCODE_QUALITY, 'insider', 'exploration'), eq(variables['VSCODE_SCHEDULEDBUILD'], true))) }}: - - stage: Release - dependsOn: - - Publish - - ${{ if and(parameters.VSCODE_RELEASE, eq(variables['VSCODE_PRIVATE_BUILD'], false)) }}: - - ApproveRelease - pool: 1es-ubuntu-20.04-x64 - jobs: - - job: ReleaseBuild - displayName: Release Build - steps: - - template: product-release.yml - parameters: - VSCODE_RELEASE: ${{ parameters.VSCODE_RELEASE }} + - job: macOSSign + dependsOn: + - macOS + timeoutInMinutes: 90 + variables: + VSCODE_ARCH: x64 + steps: + - template: build/azure-pipelines/darwin/product-build-darwin-sign.yml@self + + - job: macOSCLISign + timeoutInMinutes: 90 + steps: + - template: build/azure-pipelines/darwin/product-build-darwin-cli-sign.yml@self + parameters: + VSCODE_BUILD_MACOS: ${{ parameters.VSCODE_BUILD_MACOS }} + VSCODE_BUILD_MACOS_ARM64: ${{ parameters.VSCODE_BUILD_MACOS_ARM64 }} + + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_BUILD_MACOS_ARM64, true)) }}: + - job: macOSARM64 + timeoutInMinutes: 90 + variables: + VSCODE_ARCH: arm64 + steps: + - template: build/azure-pipelines/darwin/product-build-darwin.yml@self + parameters: + VSCODE_QUALITY: ${{ variables.VSCODE_QUALITY }} + VSCODE_CIBUILD: ${{ variables.VSCODE_CIBUILD }} + VSCODE_RUN_UNIT_TESTS: false + VSCODE_RUN_INTEGRATION_TESTS: false + VSCODE_RUN_SMOKE_TESTS: false + + - job: macOSARM64Sign + dependsOn: + - macOSARM64 + timeoutInMinutes: 90 + variables: + VSCODE_ARCH: arm64 + steps: + - template: build/azure-pipelines/darwin/product-build-darwin-sign.yml@self + + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(variables['VSCODE_BUILD_MACOS_UNIVERSAL'], true)) }}: + - job: macOSUniversal + dependsOn: + - macOS + - macOSARM64 + timeoutInMinutes: 90 + variables: + VSCODE_ARCH: universal + steps: + - template: build/azure-pipelines/darwin/product-build-darwin-universal.yml@self + + - job: macOSUniversalSign + dependsOn: + - macOSUniversal + timeoutInMinutes: 90 + variables: + VSCODE_ARCH: universal + steps: + - template: build/azure-pipelines/darwin/product-build-darwin-sign.yml@self + + - ${{ if and(eq(variables['VSCODE_CIBUILD'], false), eq(parameters.VSCODE_COMPILE_ONLY, false), eq(variables['VSCODE_BUILD_STAGE_WEB'], true)) }}: + - stage: Web + dependsOn: + - Compile + pool: + name: 1es-ubuntu-20.04-x64 + os: linux + jobs: + - ${{ if eq(parameters.VSCODE_BUILD_WEB, true) }}: + - job: Web + variables: + VSCODE_ARCH: x64 + steps: + - template: build/azure-pipelines/web/product-build-web.yml@self + + - ${{ if eq(variables['VSCODE_PUBLISH'], 'true') }}: + - stage: Publish + dependsOn: [] + pool: + name: 1es-windows-2019-x64 + os: windows + variables: + - name: BUILDS_API_URL + value: $(System.CollectionUri)$(System.TeamProject)/_apis/build/builds/$(Build.BuildId)/ + jobs: + - job: PublishBuild + timeoutInMinutes: 180 + displayName: Publish Build + steps: + - template: build/azure-pipelines/product-publish.yml@self + + - ${{ if and(parameters.VSCODE_RELEASE, eq(variables['VSCODE_PRIVATE_BUILD'], false)) }}: + - stage: ApproveRelease + dependsOn: [] # run in parallel to compile stage + pool: + name: 1es-ubuntu-20.04-x64 + os: linux + jobs: + - deployment: ApproveRelease + displayName: "Approve Release" + environment: "vscode" + variables: + skipComponentGovernanceDetection: true + strategy: + runOnce: + deploy: + steps: + - checkout: none + + - ${{ if or(and(parameters.VSCODE_RELEASE, eq(variables['VSCODE_PRIVATE_BUILD'], false)), and(in(parameters.VSCODE_QUALITY, 'insider', 'exploration'), eq(variables['VSCODE_SCHEDULEDBUILD'], true))) }}: + - stage: Release + dependsOn: + - Publish + - ${{ if and(parameters.VSCODE_RELEASE, eq(variables['VSCODE_PRIVATE_BUILD'], false)) }}: + - ApproveRelease + pool: + name: 1es-ubuntu-20.04-x64 + os: linux + jobs: + - job: ReleaseBuild + displayName: Release Build + steps: + - template: build/azure-pipelines/product-release.yml@self + parameters: + VSCODE_RELEASE: ${{ parameters.VSCODE_RELEASE }} diff --git a/build/azure-pipelines/product-compile.yml b/build/azure-pipelines/product-compile.yml index ac95819f7a9..5fd12caf017 100644 --- a/build/azure-pipelines/product-compile.yml +++ b/build/azure-pipelines/product-compile.yml @@ -10,7 +10,7 @@ steps: nodejsMirror: https://github.com/joaomoreno/node-mirror/releases/download - ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: - - template: ./distro/download-distro.yml + - template: ./distro/download-distro.yml@self - task: AzureKeyVault@1 displayName: "Azure Key Vault: Get Secrets" @@ -98,7 +98,7 @@ steps: - script: node build/azure-pipelines/distro/mixin-quality displayName: Mixin distro quality - - template: common/install-builtin-extensions.yml + - template: common/install-builtin-extensions.yml@self - ${{ if eq(parameters.VSCODE_QUALITY, 'oss') }}: - script: yarn npm-run-all -lp core-ci-pr extensions-ci-pr hygiene eslint valid-layers-check vscode-dts-compile-check tsec-compile-check @@ -146,10 +146,11 @@ steps: - script: tar -cz --ignore-failed-read --exclude='.build/node_modules_cache' --exclude='.build/node_modules_list.txt' --exclude='.build/distro' -f $(Build.ArtifactStagingDirectory)/compilation.tar.gz .build out-* test/integration/browser/out test/smoke/out test/automation/out displayName: Compress compilation artifact - - task: PublishPipelineArtifact@1 + - task: 1ES.PublishPipelineArtifact@1 inputs: targetPath: $(Build.ArtifactStagingDirectory)/compilation.tar.gz artifactName: Compilation + sbomEnabled: false displayName: Publish compilation artifact - script: yarn download-builtin-extensions-cg diff --git a/build/azure-pipelines/product-onebranch.yml b/build/azure-pipelines/product-onebranch.yml deleted file mode 100644 index 6241e0c0ee4..00000000000 --- a/build/azure-pipelines/product-onebranch.yml +++ /dev/null @@ -1,46 +0,0 @@ -trigger: none -pr: none - -variables: - LinuxContainerImage: "onebranch.azurecr.io/linux/ubuntu-2004:latest" - -resources: - repositories: - - repository: templates - type: git - name: OneBranch.Pipelines/GovernedTemplates - ref: refs/heads/main - - - repository: distro - type: github - name: microsoft/vscode-distro - ref: refs/heads/distro - endpoint: Monaco - -extends: - template: v2/OneBranch.NonOfficial.CrossPlat.yml@templates - parameters: - git: - fetchDepth: 1 - lfs: true - retryCount: 3 - - globalSdl: - policheck: - break: true - credscan: - suppressionsFile: $(Build.SourcesDirectory)\build\azure-pipelines\config\CredScanSuppressions.json - - stages: - - stage: Compile - - jobs: - - job: Compile - pool: - type: linux - - variables: - ob_outputDirectory: '$(Build.SourcesDirectory)' - - steps: - - checkout: distro diff --git a/build/azure-pipelines/product-publish.yml b/build/azure-pipelines/product-publish.yml index 1cf0209aa63..a3081431b44 100644 --- a/build/azure-pipelines/product-publish.yml +++ b/build/azure-pipelines/product-publish.yml @@ -101,8 +101,11 @@ steps: displayName: Process artifacts retryCountOnTaskFailure: 3 - - publish: $(Pipeline.Workspace)/artifacts_processed_$(System.StageAttempt)/artifacts_processed_$(System.StageAttempt).txt - artifact: artifacts_processed_$(System.StageAttempt) + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Pipeline.Workspace)/artifacts_processed_$(System.StageAttempt)/artifacts_processed_$(System.StageAttempt).txt + artifactName: artifacts_processed_$(System.StageAttempt) + sbomEnabled: false displayName: Publish the artifacts processed for this stage attempt condition: always() diff --git a/build/azure-pipelines/web/product-build-web.yml b/build/azure-pipelines/web/product-build-web.yml index 1cff98f82e1..72ded6bcc11 100644 --- a/build/azure-pipelines/web/product-build-web.yml +++ b/build/azure-pipelines/web/product-build-web.yml @@ -5,7 +5,7 @@ steps: versionFilePath: .nvmrc nodejsMirror: https://github.com/joaomoreno/node-mirror/releases/download - - template: ../distro/download-distro.yml + - template: ../distro/download-distro.yml@self - task: AzureKeyVault@1 displayName: "Azure Key Vault: Get Secrets" @@ -94,7 +94,7 @@ steps: - script: node build/azure-pipelines/distro/mixin-quality displayName: Mixin distro quality - - template: ../common/install-builtin-extensions.yml + - template: ../common/install-builtin-extensions.yml@self - script: | set -e @@ -153,17 +153,12 @@ steps: condition: and(succeededOrFailed(), notIn(variables['Agent.JobStatus'], 'Succeeded', 'SucceededWithIssues')) displayName: Generate artifact prefix - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate SBOM + - task: 1ES.PublishPipelineArtifact@1 inputs: - BuildDropPath: $(agent.builddirectory)/vscode-web - PackageName: Visual Studio Code Web - - - publish: $(agent.builddirectory)/vscode-web/_manifest - displayName: Publish SBOM (client) - artifact: $(ARTIFACT_PREFIX)sbom_vscode_web - - - publish: $(WEB_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_web_linux_standalone_archive-unsigned + targetPath: $(WEB_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_web_linux_standalone_archive-unsigned + sbomBuildDropPath: $(Agent.BuildDirectory)/vscode-web + sbomPackageName: "VS Code Web" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['WEB_PATH'], '')) displayName: Publish web archive diff --git a/build/azure-pipelines/win32/cli-build-win32.yml b/build/azure-pipelines/win32/cli-build-win32.yml index 1210b1555c0..19409272ff0 100644 --- a/build/azure-pipelines/win32/cli-build-win32.yml +++ b/build/azure-pipelines/win32/cli-build-win32.yml @@ -19,7 +19,7 @@ steps: nodejsMirror: https://github.com/joaomoreno/node-mirror/releases/download - ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: - - template: ../cli/cli-apply-patches.yml + - template: ../cli/cli-apply-patches.yml@self - task: Npm@1 displayName: Download openssl prebuilt @@ -35,7 +35,7 @@ steps: tar -xvzf $(Build.ArtifactStagingDirectory)/vscode-internal-openssl-prebuilt-0.0.11.tgz --strip-components=1 --directory=$(Build.ArtifactStagingDirectory)/openssl displayName: Extract openssl prebuilt - - template: ../cli/install-rust-win32.yml + - template: ../cli/install-rust-win32.yml@self parameters: targets: - ${{ if eq(parameters.VSCODE_BUILD_WIN32, true) }}: @@ -44,7 +44,7 @@ steps: - aarch64-pc-windows-msvc - ${{ if eq(parameters.VSCODE_BUILD_WIN32, true) }}: - - template: ../cli/cli-compile.yml + - template: ../cli/cli-compile.yml@self parameters: VSCODE_QUALITY: ${{ parameters.VSCODE_QUALITY }} VSCODE_CLI_TARGET: x86_64-pc-windows-msvc @@ -56,7 +56,7 @@ steps: RUSTFLAGS: "-C target-feature=+crt-static" - ${{ if eq(parameters.VSCODE_BUILD_WIN32_ARM64, true) }}: - - template: ../cli/cli-compile.yml + - template: ../cli/cli-compile.yml@self parameters: VSCODE_QUALITY: ${{ parameters.VSCODE_QUALITY }} VSCODE_CLI_TARGET: aarch64-pc-windows-msvc @@ -67,14 +67,23 @@ steps: OPENSSL_INCLUDE_DIR: $(Build.ArtifactStagingDirectory)/openssl/arm64-windows-static/include RUSTFLAGS: "-C target-feature=+crt-static" - - ${{ if eq(parameters.VSCODE_BUILD_WIN32_ARM64, true) }}: - - template: ../cli/cli-publish.yml - parameters: - VSCODE_CLI_ARTIFACT: unsigned_vscode_cli_win32_arm64_cli - VSCODE_CHECK_ONLY: ${{ parameters.VSCODE_CHECK_ONLY }} + - ${{ if not(parameters.VSCODE_CHECK_ONLY) }}: + - ${{ if eq(parameters.VSCODE_BUILD_WIN32_ARM64, true) }}: + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Build.ArtifactStagingDirectory)/unsigned_vscode_cli_win32_arm64_cli.zip + artifactName: unsigned_vscode_cli_win32_arm64_cli + sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/cli + sbomPackageName: "VS Code Windows arm64 CLI (unsigned)" + sbomPackageVersion: $(Build.SourceVersion) + displayName: Publish unsigned_vscode_cli_win32_arm64_cli artifact - - ${{ if eq(parameters.VSCODE_BUILD_WIN32, true) }}: - - template: ../cli/cli-publish.yml - parameters: - VSCODE_CLI_ARTIFACT: unsigned_vscode_cli_win32_x64_cli - VSCODE_CHECK_ONLY: ${{ parameters.VSCODE_CHECK_ONLY }} + - ${{ if eq(parameters.VSCODE_BUILD_WIN32, true) }}: + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(Build.ArtifactStagingDirectory)/unsigned_vscode_cli_win32_x64_cli.zip + artifactName: unsigned_vscode_cli_win32_x64_cli + sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/cli + sbomPackageName: "VS Code Windows x64 CLI (unsigned)" + sbomPackageVersion: $(Build.SourceVersion) + displayName: Publish unsigned_vscode_cli_win32_x64_cli artifact diff --git a/build/azure-pipelines/win32/product-build-win32-cli-sign.yml b/build/azure-pipelines/win32/product-build-win32-cli-sign.yml index 75b855288b0..3b5668d0082 100644 --- a/build/azure-pipelines/win32/product-build-win32-cli-sign.yml +++ b/build/azure-pipelines/win32/product-build-win32-cli-sign.yml @@ -44,7 +44,7 @@ steps: workingDirectory: build displayName: Install build dependencies - - template: ../cli/cli-win32-sign.yml + - template: ../cli/cli-win32-sign.yml@self parameters: VSCODE_CLI_ARTIFACTS: - ${{ if eq(parameters.VSCODE_BUILD_WIN32, true) }}: diff --git a/build/azure-pipelines/win32/product-build-win32-test.yml b/build/azure-pipelines/win32/product-build-win32-test.yml index cc9867ef4fc..a3b251b71ac 100644 --- a/build/azure-pipelines/win32/product-build-win32-test.yml +++ b/build/azure-pipelines/win32/product-build-win32-test.yml @@ -9,6 +9,9 @@ parameters: type: boolean - name: VSCODE_RUN_SMOKE_TESTS type: boolean + - name: PUBLISH_TASK_NAME + type: string + default: PublishPipelineArtifact@0 steps: - powershell: yarn npm-run-all -lp "electron $(VSCODE_ARCH)" "playwright-install" @@ -162,7 +165,7 @@ steps: condition: succeededOrFailed() - ${{ if or(eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, true)) }}: - - task: PublishPipelineArtifact@0 + - task: ${{ parameters.PUBLISH_TASK_NAME }} inputs: targetPath: .build\crashes ${{ if and(eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, false)) }}: @@ -171,13 +174,14 @@ steps: artifactName: crash-dump-windows-$(VSCODE_ARCH)-smoke-$(System.JobAttempt) ${{ else }}: artifactName: crash-dump-windows-$(VSCODE_ARCH)-$(System.JobAttempt) + sbomEnabled: false displayName: "Publish Crash Reports" continueOnError: true condition: failed() # In order to properly symbolify above crash reports # (if any), we need the compiled native modules too - - task: PublishPipelineArtifact@0 + - task: ${{ parameters.PUBLISH_TASK_NAME }} inputs: targetPath: node_modules ${{ if and(eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, false)) }}: @@ -186,11 +190,12 @@ steps: artifactName: node-modules-windows-$(VSCODE_ARCH)-smoke-$(System.JobAttempt) ${{ else }}: artifactName: node-modules-windows-$(VSCODE_ARCH)-$(System.JobAttempt) + sbomEnabled: false displayName: "Publish Node Modules" continueOnError: true condition: failed() - - task: PublishPipelineArtifact@0 + - task: ${{ parameters.PUBLISH_TASK_NAME }} inputs: targetPath: .build\logs ${{ if and(eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, false)) }}: @@ -199,6 +204,7 @@ steps: artifactName: logs-windows-$(VSCODE_ARCH)-smoke-$(System.JobAttempt) ${{ else }}: artifactName: logs-windows-$(VSCODE_ARCH)-$(System.JobAttempt) + sbomEnabled: false displayName: "Publish Log Files" continueOnError: true condition: succeededOrFailed() diff --git a/build/azure-pipelines/win32/product-build-win32.yml b/build/azure-pipelines/win32/product-build-win32.yml index ed316e721bc..3c92499b2a6 100644 --- a/build/azure-pipelines/win32/product-build-win32.yml +++ b/build/azure-pipelines/win32/product-build-win32.yml @@ -30,7 +30,7 @@ steps: addToPath: true - ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: - - template: ../distro/download-distro.yml + - template: ../distro/download-distro.yml@self - task: AzureKeyVault@1 displayName: "Azure Key Vault: Get Secrets" @@ -127,7 +127,7 @@ steps: - powershell: node build/azure-pipelines/distro/mixin-quality displayName: Mixin distro quality - - template: ../common/install-builtin-extensions.yml + - template: ../common/install-builtin-extensions.yml@self - ${{ if and(ne(parameters.VSCODE_CIBUILD, true), ne(parameters.VSCODE_QUALITY, 'oss')) }}: - powershell: node build\lib\policies @@ -180,13 +180,15 @@ steps: condition: and(succeeded(), ne(variables['VSCODE_ARCH'], 'arm64')) - ${{ if or(eq(parameters.VSCODE_RUN_UNIT_TESTS, true), eq(parameters.VSCODE_RUN_INTEGRATION_TESTS, true), eq(parameters.VSCODE_RUN_SMOKE_TESTS, true)) }}: - - template: product-build-win32-test.yml + - template: product-build-win32-test.yml@self parameters: VSCODE_QUALITY: ${{ parameters.VSCODE_QUALITY }} VSCODE_ARCH: ${{ parameters.VSCODE_ARCH }} VSCODE_RUN_UNIT_TESTS: ${{ parameters.VSCODE_RUN_UNIT_TESTS }} VSCODE_RUN_INTEGRATION_TESTS: ${{ parameters.VSCODE_RUN_INTEGRATION_TESTS }} VSCODE_RUN_SMOKE_TESTS: ${{ parameters.VSCODE_RUN_SMOKE_TESTS }} + ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: + PUBLISH_TASK_NAME: 1ES.PublishPipelineArtifact@1 - ${{ if ne(parameters.VSCODE_CIBUILD, true) }}: - ${{ if ne(parameters.VSCODE_QUALITY, 'oss') }}: @@ -299,50 +301,52 @@ steps: condition: and(succeededOrFailed(), notIn(variables['Agent.JobStatus'], 'Succeeded', 'SucceededWithIssues')) displayName: Generate artifact prefix - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate SBOM (client) + - task: 1ES.PublishPipelineArtifact@1 inputs: - BuildDropPath: $(agent.builddirectory)/VSCode-win32-$(VSCODE_ARCH) - PackageName: Visual Studio Code - - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate SBOM (server) - inputs: - BuildComponentPath: $(Build.SourcesDirectory)/remote - BuildDropPath: $(agent.builddirectory)/vscode-server-win32-$(VSCODE_ARCH) - PackageName: Visual Studio Code Server - condition: and(succeeded(), ne(variables['VSCODE_ARCH'], 'arm64')) - - - publish: $(agent.builddirectory)/VSCode-win32-$(VSCODE_ARCH)/_manifest - displayName: Publish SBOM (client) - artifact: $(ARTIFACT_PREFIX)sbom_vscode_client_win32_$(VSCODE_ARCH) - - - publish: $(agent.builddirectory)/vscode-server-win32-$(VSCODE_ARCH)/_manifest - displayName: Publish SBOM (server) - artifact: $(ARTIFACT_PREFIX)sbom_vscode_server_win32_$(VSCODE_ARCH) - condition: and(succeeded(), ne(variables['VSCODE_ARCH'], 'arm64')) - - - publish: $(CLIENT_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_client_win32_$(VSCODE_ARCH)_archive + targetPath: $(CLIENT_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_client_win32_$(VSCODE_ARCH)_archive + sbomBuildDropPath: $(Agent.BuildDirectory)/VSCode-win32-$(VSCODE_ARCH) + sbomPackageName: "VS Code Windows $(VSCODE_ARCH)" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['CLIENT_PATH'], '')) displayName: Publish archive - - publish: $(SERVER_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_server_win32_$(VSCODE_ARCH)_archive + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(SERVER_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_server_win32_$(VSCODE_ARCH)_archive + sbomBuildDropPath: $(Agent.BuildDirectory)/vscode-server-win32-$(VSCODE_ARCH) + sbomPackageName: "VS Code Windows $(VSCODE_ARCH) Server" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['SERVER_PATH'], ''), ne(variables['VSCODE_ARCH'], 'arm64')) displayName: Publish server archive - - publish: $(WEB_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_web_win32_$(VSCODE_ARCH)_archive + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(WEB_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_web_win32_$(VSCODE_ARCH)_archive + sbomBuildDropPath: $(Agent.BuildDirectory)/vscode-server-win32-$(VSCODE_ARCH)-web + sbomPackageName: "VS Code Windows $(VSCODE_ARCH) Web" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['WEB_PATH'], ''), ne(variables['VSCODE_ARCH'], 'arm64')) displayName: Publish web server archive - - publish: $(SYSTEM_SETUP_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_client_win32_$(VSCODE_ARCH)_setup + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(SYSTEM_SETUP_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_client_win32_$(VSCODE_ARCH)_setup + sbomBuildDropPath: $(Agent.BuildDirectory)/VSCode-win32-$(VSCODE_ARCH) + sbomPackageName: "VS Code Windows $(VSCODE_ARCH) System Setup" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['SYSTEM_SETUP_PATH'], '')) displayName: Publish system setup - - publish: $(USER_SETUP_PATH) - artifact: $(ARTIFACT_PREFIX)vscode_client_win32_$(VSCODE_ARCH)_user-setup + - task: 1ES.PublishPipelineArtifact@1 + inputs: + targetPath: $(USER_SETUP_PATH) + artifactName: $(ARTIFACT_PREFIX)vscode_client_win32_$(VSCODE_ARCH)_user-setup + sbomBuildDropPath: $(Agent.BuildDirectory)/VSCode-win32-$(VSCODE_ARCH) + sbomPackageName: "VS Code Windows $(VSCODE_ARCH) User Setup" + sbomPackageVersion: $(Build.SourceVersion) condition: and(succeededOrFailed(), ne(variables['USER_SETUP_PATH'], '')) displayName: Publish user setup