Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit30c181b

Browse files
committed
Merge remote-tracking branch 'origin/main' into quickstart-guide
2 parentsf39b2f6 +57386ed commit30c181b

File tree

267 files changed

+6955
-3062
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

267 files changed

+6955
-3062
lines changed

‎.github/workflows/ci.yaml

Lines changed: 115 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,11 @@ jobs:
4242
offlinedocs:${{ steps.filter.outputs.offlinedocs }}
4343
tailnet-integration:${{ steps.filter.outputs.tailnet-integration }}
4444
steps:
45+
-name:Harden Runner
46+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
47+
with:
48+
egress-policy:audit
49+
4550
-name:Checkout
4651
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
4752
with:
@@ -157,6 +162,11 @@ jobs:
157162
if:needs.changes.outputs.offlinedocs-only == 'false' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
158163
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
159164
steps:
165+
-name:Harden Runner
166+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
167+
with:
168+
egress-policy:audit
169+
160170
-name:Checkout
161171
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
162172
with:
@@ -213,12 +223,23 @@ jobs:
213223
./actionlint -color -shellcheck= -ignore "set-output"
214224
shell:bash
215225

226+
-name:Check for unstaged files
227+
run:|
228+
rm -f ./actionlint ./typos
229+
./scripts/check_unstaged.sh
230+
shell:bash
231+
216232
gen:
217233
timeout-minutes:8
218234
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
219235
needs:changes
220236
if:needs.changes.outputs.docs-only == 'false' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
221237
steps:
238+
-name:Harden Runner
239+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
240+
with:
241+
egress-policy:audit
242+
222243
-name:Checkout
223244
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
224245
with:
@@ -268,6 +289,11 @@ jobs:
268289
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
269290
timeout-minutes:7
270291
steps:
292+
-name:Harden Runner
293+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
294+
with:
295+
egress-policy:audit
296+
271297
-name:Checkout
272298
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
273299
with:
@@ -304,6 +330,11 @@ jobs:
304330
-macos-latest
305331
-windows-2022
306332
steps:
333+
-name:Harden Runner
334+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
335+
with:
336+
egress-policy:audit
337+
307338
-name:Checkout
308339
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
309340
with:
@@ -358,6 +389,11 @@ jobs:
358389
# even if some of the preceding steps are slow.
359390
timeout-minutes:25
360391
steps:
392+
-name:Harden Runner
393+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
394+
with:
395+
egress-policy:audit
396+
361397
-name:Checkout
362398
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
363399
with:
@@ -398,6 +434,11 @@ jobs:
398434
# even if some of the preceding steps are slow.
399435
timeout-minutes:25
400436
steps:
437+
-name:Harden Runner
438+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
439+
with:
440+
egress-policy:audit
441+
401442
-name:Checkout
402443
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
403444
with:
@@ -425,11 +466,16 @@ jobs:
425466
api-key:${{ secrets.DATADOG_API_KEY }}
426467

427468
test-go-race:
428-
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
469+
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-16' || 'ubuntu-latest' }}
429470
needs:changes
430471
if:needs.changes.outputs.go == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
431472
timeout-minutes:25
432473
steps:
474+
-name:Harden Runner
475+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
476+
with:
477+
egress-policy:audit
478+
433479
-name:Checkout
434480
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
435481
with:
@@ -441,9 +487,13 @@ jobs:
441487
-name:Setup Terraform
442488
uses:./.github/actions/setup-tf
443489

490+
# We run race tests with reduced parallelism because they use more CPU and we were finding
491+
# instances where tests appear to hang for multiple seconds, resulting in flaky tests when
492+
# short timeouts are used.
493+
# c.f. discussion on https://github.com/coder/coder/pull/15106
444494
-name:Run Tests
445495
run:|
446-
gotestsum --junitfile="gotests.xml" -- -race ./...
496+
gotestsum --junitfile="gotests.xml" -- -race-parallel 4 -p 4./...
447497
448498
-name:Upload test stats to Datadog
449499
timeout-minutes:1
@@ -466,6 +516,11 @@ jobs:
466516
if:needs.changes.outputs.tailnet-integration == 'true' || needs.changes.outputs.ci == 'true'
467517
timeout-minutes:20
468518
steps:
519+
-name:Harden Runner
520+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
521+
with:
522+
egress-policy:audit
523+
469524
-name:Checkout
470525
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
471526
with:
@@ -487,6 +542,11 @@ jobs:
487542
if:needs.changes.outputs.ts == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
488543
timeout-minutes:20
489544
steps:
545+
-name:Harden Runner
546+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
547+
with:
548+
egress-policy:audit
549+
490550
-name:Checkout
491551
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
492552
with:
@@ -499,21 +559,26 @@ jobs:
499559
working-directory:site
500560

501561
test-e2e:
502-
runs-on:${{ github.repository_owner == 'coder' && (matrix.variant.enterprise && 'depot-ubuntu-22.04' || 'depot-ubuntu-22.04-4') || 'ubuntu-latest' }}
503562
# test-e2e fails on 2-core 8GB runners, so we use the 4-core 16GB runner
563+
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-4' || 'ubuntu-latest' }}
504564
needs:changes
505565
if:needs.changes.outputs.go == 'true' || needs.changes.outputs.ts == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
506566
timeout-minutes:20
507567
strategy:
508568
fail-fast:false
509569
matrix:
510570
variant:
511-
-enterprise:false
571+
-premium:false
512572
name:test-e2e
513-
-enterprise:true
514-
name:test-e2e-enterprise
573+
-premium:true
574+
name:test-e2e-premium
515575
name:${{ matrix.variant.name }}
516576
steps:
577+
-name:Harden Runner
578+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
579+
with:
580+
egress-policy:audit
581+
517582
-name:Checkout
518583
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
519584
with:
@@ -535,38 +600,35 @@ jobs:
535600
-run:pnpm playwright:install
536601
working-directory:site
537602

538-
# Run tests that don't requirean enterprise license withoutan enterprise license
603+
# Run tests that don't requirea premium license withouta premium license
539604
-run:pnpm playwright:test --forbid-only --workers 1
540-
if:${{ !matrix.variant.enterprise }}
605+
if:${{ !matrix.variant.premium }}
541606
env:
542607
DEBUG:pw:api
543608
working-directory:site
544609

545-
# Run all of the tests withan enterprise license
610+
# Run all of the tests witha premium license
546611
-run:pnpm playwright:test --forbid-only --workers 1
547-
if:${{ matrix.variant.enterprise }}
612+
if:${{ matrix.variant.premium }}
548613
env:
549614
DEBUG:pw:api
550-
CODER_E2E_ENTERPRISE_LICENSE:${{ secrets.CODER_E2E_ENTERPRISE_LICENSE }}
551-
CODER_E2E_REQUIRE_ENTERPRISE_TESTS:"1"
615+
CODER_E2E_LICENSE:${{ secrets.CODER_E2E_LICENSE }}
616+
CODER_E2E_REQUIRE_PREMIUM_TESTS:"1"
552617
working-directory:site
553-
# Temporarily allow these to fail so that I can gather data about which
554-
# tests are failing.
555-
continue-on-error:true
556618

557619
-name:Upload Playwright Failed Tests
558620
if:always() && github.actor != 'dependabot[bot]' && runner.os == 'Linux' && !github.event.pull_request.head.repo.fork
559621
uses:actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9# v4.4.1
560622
with:
561-
name:failed-test-videos${{ matrix.variant.enterprise && '-enterprise' || '-agpl' }}
623+
name:failed-test-videos${{ matrix.variant.premium && '-premium' || '' }}
562624
path:./site/test-results/**/*.webm
563625
retention-days:7
564626

565627
-name:Upload pprof dumps
566628
if:always() && github.actor != 'dependabot[bot]' && runner.os == 'Linux' && !github.event.pull_request.head.repo.fork
567629
uses:actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9# v4.4.1
568630
with:
569-
name:debug-pprof-dumps${{ matrix.variant.enterprise && '-enterprise' || '-agpl' }}
631+
name:debug-pprof-dumps${{ matrix.variant.premium && '-premium' || '' }}
570632
path:./site/test-results/**/debug-pprof-*.txt
571633
retention-days:7
572634

@@ -576,6 +638,11 @@ jobs:
576638
needs:changes
577639
if:needs.changes.outputs.ts == 'true' || needs.changes.outputs.ci == 'true'
578640
steps:
641+
-name:Harden Runner
642+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
643+
with:
644+
egress-policy:audit
645+
579646
-name:Checkout
580647
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
581648
with:
@@ -648,6 +715,11 @@ jobs:
648715
if:needs.changes.outputs.offlinedocs == 'true' || needs.changes.outputs.ci == 'true' || needs.changes.outputs.docs == 'true'
649716

650717
steps:
718+
-name:Harden Runner
719+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
720+
with:
721+
egress-policy:audit
722+
651723
-name:Checkout
652724
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
653725
with:
@@ -716,6 +788,11 @@ jobs:
716788
# cancelled.
717789
if:always()
718790
steps:
791+
-name:Harden Runner
792+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
793+
with:
794+
egress-policy:audit
795+
719796
-name:Ensure required checks
720797
run:|
721798
echo "Checking required checks"
@@ -749,6 +826,11 @@ jobs:
749826
outputs:
750827
IMAGE:ghcr.io/coder/coder-preview:${{ steps.build-docker.outputs.tag }}
751828
steps:
829+
-name:Harden Runner
830+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
831+
with:
832+
egress-policy:audit
833+
752834
-name:Checkout
753835
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
754836
with:
@@ -868,6 +950,11 @@ jobs:
868950
contents:read
869951
id-token:write
870952
steps:
953+
-name:Harden Runner
954+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
955+
with:
956+
egress-policy:audit
957+
871958
-name:Checkout
872959
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
873960
with:
@@ -883,7 +970,7 @@ jobs:
883970
uses:google-github-actions/setup-gcloud@f0990588f1e5b5af6827153b93673613abdc6ec7# v2.1.1
884971

885972
-name:Set up Flux CLI
886-
uses:fluxcd/flux2/action@9b3958825a314eb79495c6993ef397ddbf87f32f# v2.2.1
973+
uses:fluxcd/flux2/action@5350425cdcd5fa015337e09fa502153c0275bd4b# v2.4.0
887974
with:
888975
# Keep this and the github action up to date with the version of flux installed in dogfood cluster
889976
version:"2.2.1"
@@ -925,6 +1012,11 @@ jobs:
9251012
needs:build
9261013
if:github.ref == 'refs/heads/main' && !github.event.pull_request.head.repo.fork
9271014
steps:
1015+
-name:Harden Runner
1016+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
1017+
with:
1018+
egress-policy:audit
1019+
9281020
-name:Checkout
9291021
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
9301022
with:
@@ -955,6 +1047,11 @@ jobs:
9551047
needs:changes
9561048
if:needs.changes.outputs.db == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
9571049
steps:
1050+
-name:Harden Runner
1051+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
1052+
with:
1053+
egress-policy:audit
1054+
9581055
-name:Checkout
9591056
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
9601057
with:

‎.github/workflows/contrib.yaml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,13 +27,23 @@ jobs:
2727
permissions:
2828
pull-requests:write
2929
steps:
30+
-name:Harden Runner
31+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
32+
with:
33+
egress-policy:audit
34+
3035
-name:auto-approve dependabot
3136
uses:hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363# v4.0.0
3237
if:github.actor == 'dependabot[bot]'
3338

3439
cla:
3540
runs-on:ubuntu-latest
3641
steps:
42+
-name:Harden Runner
43+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
44+
with:
45+
egress-policy:audit
46+
3747
-name:cla
3848
if:(github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target'
3949
uses:contributor-assistant/github-action@ca4a40a7d1004f18d9960b404b97e5f30a505a08# v2.6.1
@@ -56,6 +66,11 @@ jobs:
5666
# Skip tagging for draft PRs.
5767
if:${{ github.event_name == 'pull_request_target' && !github.event.pull_request.draft }}
5868
steps:
69+
-name:Harden Runner
70+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
71+
with:
72+
egress-policy:audit
73+
5974
-name:release-labels
6075
uses:actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea# v7.0.1
6176
with:

‎.github/workflows/docker-base.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,11 @@ jobs:
3636
runs-on:ubuntu-latest
3737
if:github.repository_owner == 'coder'
3838
steps:
39+
-name:Harden Runner
40+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
41+
with:
42+
egress-policy:audit
43+
3944
-name:Checkout
4045
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
4146

‎.github/workflows/dogfood.yaml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,11 @@ jobs:
2626
if:github.actor != 'dependabot[bot]'# Skip Dependabot PRs
2727
runs-on:ubuntu-latest
2828
steps:
29+
-name:Harden Runner
30+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
31+
with:
32+
egress-policy:audit
33+
2934
-name:Checkout
3035
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
3136

@@ -83,6 +88,11 @@ jobs:
8388
needs:build_image
8489
runs-on:ubuntu-latest
8590
steps:
91+
-name:Harden Runner
92+
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
93+
with:
94+
egress-policy:audit
95+
8696
-name:Checkout
8797
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
8898

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp