Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit9d64cf5

Browse files
committed
Merge branch 'main' of github.com:/coder/coder into dk/cors-ps
2 parentsc074238 +d35de45 commit9d64cf5

File tree

299 files changed

+16618
-5337
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

299 files changed

+16618
-5337
lines changed

‎.github/.linkspector.yml‎

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,5 +18,6 @@ ignorePatterns:
1818
-pattern:"i.imgur.com"
1919
-pattern:"code.visualstudio.com"
2020
-pattern:"www.emacswiki.org"
21+
-pattern:"linux.die.net/man"
2122
aliveStatusCodes:
2223
-200
Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
name:"Setup ImDisk"
2+
if:runner.os == 'Windows'
3+
description:|
4+
Sets up the ImDisk toolkit for Windows and creates a RAM disk on drive R:.
5+
runs:
6+
using:"composite"
7+
steps:
8+
-name:Download ImDisk
9+
if:runner.os == 'Windows'
10+
shell:bash
11+
run:|
12+
mkdir imdisk
13+
cd imdisk
14+
curl -L -o files.cab https://github.com/coder/imdisk-artifacts/raw/92a17839ebc0ee3e69be019f66b3e9b5d2de4482/files.cab
15+
curl -L -o install.bat https://github.com/coder/imdisk-artifacts/raw/92a17839ebc0ee3e69be019f66b3e9b5d2de4482/install.bat
16+
cd ..
17+
18+
-name:Install ImDisk
19+
shell:cmd
20+
run:|
21+
cd imdisk
22+
install.bat /silent
23+
24+
-name:Create RAM Disk
25+
shell:cmd
26+
run:|
27+
imdisk -a -s 4096M -m R: -p "/fs:ntfs /q /y"

‎.github/workflows/ci.yaml‎

Lines changed: 97 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -188,7 +188,7 @@ jobs:
188188
189189
# Check for any typos
190190
-name:Check for typos
191-
uses:crate-ci/typos@b74202f74b4346efdbce7801d187ec57b266bac8# v1.27.3
191+
uses:crate-ci/typos@2872c382bb9668d4baa5eade234dcbc0048ca2cf# v1.28.2
192192
with:
193193
config:.github/workflows/typos.toml
194194

@@ -370,15 +370,20 @@ jobs:
370370
api-key:${{ secrets.DATADOG_API_KEY }}
371371

372372
test-go-pg:
373-
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
374-
needs:
375-
-changes
373+
runs-on:${{ matrix.os == 'ubuntu-latest' && github.repository_owner == 'coder' && 'depot-ubuntu-22.04-4' || matrix.os == 'macos-latest' && github.repository_owner == 'coder' && 'macos-latest-xlarge' || matrix.os == 'windows-2022' && github.repository_owner == 'coder' && 'windows-latest-16-cores' || matrix.os }}
374+
needs:changes
376375
if:needs.changes.outputs.go == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
377376
# This timeout must be greater than the timeout set by `go test` in
378377
# `make test-postgres` to ensure we receive a trace of running
379378
# goroutines. Setting this to the timeout +5m should work quite well
380379
# even if some of the preceding steps are slow.
381380
timeout-minutes:25
381+
strategy:
382+
matrix:
383+
os:
384+
-ubuntu-latest
385+
-macos-latest
386+
-windows-2022
382387
steps:
383388
-name:Harden Runner
384389
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
@@ -396,12 +401,46 @@ jobs:
396401
-name:Setup Terraform
397402
uses:./.github/actions/setup-tf
398403

404+
# Sets up the ImDisk toolkit for Windows and creates a RAM disk on drive R:.
405+
-name:Setup ImDisk
406+
if:runner.os == 'Windows'
407+
uses:./.github/actions/setup-imdisk
408+
399409
-name:Test with PostgreSQL Database
400410
env:
401411
POSTGRES_VERSION:"13"
402412
TS_DEBUG_DISCO:"true"
413+
shell:bash
403414
run:|
404-
make test-postgres
415+
# if macOS, install google-chrome for scaletests
416+
# As another concern, should we really have this kind of external dependency
417+
# requirement on standard CI?
418+
if [ "${{ matrix.os }}" == "macos-latest" ]; then
419+
brew install google-chrome
420+
fi
421+
422+
# By default Go will use the number of logical CPUs, which
423+
# is a fine default.
424+
PARALLEL_FLAG=""
425+
426+
# macOS will output "The default interactive shell is now zsh"
427+
# intermittently in CI...
428+
if [ "${{ matrix.os }}" == "macos-latest" ]; then
429+
touch ~/.bash_profile && echo "export BASH_SILENCE_DEPRECATION_WARNING=1" >> ~/.bash_profile
430+
fi
431+
432+
if [ "${{ runner.os }}" == "Linux" ]; then
433+
make test-postgres
434+
elif [ "${{ runner.os }}" == "Windows" ]; then
435+
# Create a temp dir on the R: ramdisk drive for Windows. The default
436+
# C: drive is extremely slow: https://github.com/actions/runner-images/issues/8755
437+
mkdir -p "R:/temp/embedded-pg"
438+
go run scripts/embedded-pg/main.go -path "R:/temp/embedded-pg"
439+
DB=ci gotestsum --format standard-quiet -- -v -short -count=1 ./...
440+
else
441+
go run scripts/embedded-pg/main.go
442+
DB=ci gotestsum --format standard-quiet -- -v -short -count=1 ./...
443+
fi
405444
406445
-name:Upload test stats to Datadog
407446
timeout-minutes:1
@@ -494,6 +533,47 @@ jobs:
494533
with:
495534
api-key:${{ secrets.DATADOG_API_KEY }}
496535

536+
test-go-race-pg:
537+
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-16' || 'ubuntu-latest' }}
538+
needs:changes
539+
if:needs.changes.outputs.go == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
540+
timeout-minutes:25
541+
steps:
542+
-name:Harden Runner
543+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
544+
with:
545+
egress-policy:audit
546+
547+
-name:Checkout
548+
uses:actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871# v4.2.1
549+
with:
550+
fetch-depth:1
551+
552+
-name:Setup Go
553+
uses:./.github/actions/setup-go
554+
555+
-name:Setup Terraform
556+
uses:./.github/actions/setup-tf
557+
558+
# We run race tests with reduced parallelism because they use more CPU and we were finding
559+
# instances where tests appear to hang for multiple seconds, resulting in flaky tests when
560+
# short timeouts are used.
561+
# c.f. discussion on https://github.com/coder/coder/pull/15106
562+
-name:Run Tests
563+
env:
564+
POSTGRES_VERSION:"16"
565+
run:|
566+
make test-postgres-docker
567+
DB=ci gotestsum --junitfile="gotests.xml" -- -race -parallel 4 -p 4 ./...
568+
569+
-name:Upload test stats to Datadog
570+
timeout-minutes:1
571+
continue-on-error:true
572+
uses:./.github/actions/upload-datadog
573+
if:always()
574+
with:
575+
api-key:${{ secrets.DATADOG_API_KEY }}
576+
497577
# Tailnet integration tests only run when the `tailnet` directory or `go.sum`
498578
# and `go.mod` are changed. These tests are to ensure we don't add regressions
499579
# to tailnet, either due to our code or due to updating dependencies.
@@ -550,11 +630,8 @@ jobs:
550630
working-directory:site
551631

552632
test-e2e:
553-
# test-e2e fails on 2-core 8GB runners, so we use the 4-core 16GB runner
554633
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-4' || 'ubuntu-latest' }}
555634
needs:changes
556-
if:needs.changes.outputs.go == 'true' || needs.changes.outputs.ts == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
557-
timeout-minutes:20
558635
strategy:
559636
fail-fast:false
560637
matrix:
@@ -563,6 +640,9 @@ jobs:
563640
name:test-e2e
564641
-premium:true
565642
name:test-e2e-premium
643+
# Skip test-e2e on forks as they don't have access to CI secrets
644+
if:(needs.changes.outputs.go == 'true' || needs.changes.outputs.ts == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main') && !(github.event.pull_request.head.repo.fork)
645+
timeout-minutes:20
566646
name:${{ matrix.variant.name }}
567647
steps:
568648
-name:Harden Runner
@@ -586,6 +666,8 @@ jobs:
586666
name:make gen
587667

588668
-run:pnpm build
669+
env:
670+
NODE_OPTIONS:${{ github.repository_owner == 'coder' && '--max_old_space_size=8192' || '' }}
589671
working-directory:site
590672

591673
-run:pnpm playwright:install
@@ -667,7 +749,7 @@ jobs:
667749
# Prevent excessive build runs on minor version changes
668750
skip:"@(renovate/**|dependabot/**)"
669751
# Run TurboSnap to trace file dependencies to related stories
670-
# and tell chromatic to only take snapshots ofrelevent stories
752+
# and tell chromatic to only take snapshots ofrelevant stories
671753
onlyChanged:true
672754
# Avoid uploading single files, because that's very slow
673755
zip:true
@@ -694,7 +776,7 @@ jobs:
694776
workingDir:"./site"
695777
storybookBaseDir:"./site"
696778
# Run TurboSnap to trace file dependencies to related stories
697-
# and tell chromatic to only take snapshots ofrelevent stories
779+
# and tell chromatic to only take snapshots ofrelevant stories
698780
onlyChanged:true
699781
# Avoid uploading single files, because that's very slow
700782
zip:true
@@ -771,6 +853,7 @@ jobs:
771853
-test-go
772854
-test-go-pg
773855
-test-go-race
856+
-test-go-race-pg
774857
-test-js
775858
-test-e2e
776859
-offlinedocs
@@ -793,6 +876,7 @@ jobs:
793876
echo "- test-go: ${{ needs.test-go.result }}"
794877
echo "- test-go-pg: ${{ needs.test-go-pg.result }}"
795878
echo "- test-go-race: ${{ needs.test-go-race.result }}"
879+
echo "- test-go-race-pg: ${{ needs.test-go-race-pg.result }}"
796880
echo "- test-js: ${{ needs.test-js.result }}"
797881
echo "- test-e2e: ${{ needs.test-e2e.result }}"
798882
echo "- offlinedocs: ${{ needs.offlinedocs.result }}"
@@ -811,7 +895,7 @@ jobs:
811895
needs:changes
812896
# We always build the dylibs on Go changes to verify we're not merging unbuildable code,
813897
# but they need only be signed and uploaded on coder/coder main.
814-
if:needs.changes.outputs.docs-only == 'false' || github.ref == 'refs/heads/main'
898+
if:needs.changes.outputs.go == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
815899
runs-on:${{ github.repository_owner == 'coder' && 'depot-macos-latest' || 'macos-latest' }}
816900
steps:
817901
-name:Harden Runner
@@ -892,7 +976,7 @@ jobs:
892976
-changes
893977
-build-dylib
894978
if:github.ref == 'refs/heads/main' && needs.changes.outputs.docs-only == 'false' && !github.event.pull_request.head.repo.fork
895-
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
979+
runs-on:"ubuntu-22.04"
896980
permissions:
897981
packages:write# Needed to push images to ghcr.io
898982
env:
@@ -1062,7 +1146,7 @@ jobs:
10621146
version:"2.2.1"
10631147

10641148
-name:Get Cluster Credentials
1065-
uses:google-github-actions/get-gke-credentials@206d64b64b0eba0a6e2f25113d044c31776ca8d6# v2.2.2
1149+
uses:google-github-actions/get-gke-credentials@9025e8f90f2d8e0c3dafc3128cc705a26d992a6a# v2.3.0
10661150
with:
10671151
cluster_name:dogfood-v2
10681152
location:us-central1-a

‎.github/workflows/contrib.yaml‎

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,8 @@ jobs:
4141

4242
cla:
4343
runs-on:ubuntu-latest
44+
permissions:
45+
pull-requests:write
4446
steps:
4547
-name:Harden Runner
4648
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
@@ -53,7 +55,7 @@ jobs:
5355
env:
5456
GITHUB_TOKEN:${{ secrets.GITHUB_TOKEN }}
5557
# the below token should have repo scope and must be manually added by you in the repository's secret
56-
PERSONAL_ACCESS_TOKEN:${{ secrets.CDRCOMMUNITY_GITHUB_TOKEN }}
58+
PERSONAL_ACCESS_TOKEN:${{ secrets.CDRCI2_GITHUB_TOKEN }}
5759
with:
5860
remote-organization-name:"coder"
5961
remote-repository-name:"cla"

‎.github/workflows/release.yaml‎

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,14 @@ jobs:
4646
with:
4747
fetch-depth:0
4848

49+
# If the event that triggered the build was an annotated tag (which our
50+
# tags are supposed to be), actions/checkout has a bug where the tag in
51+
# question is only a lightweight tag and not a full annotated tag. This
52+
# command seems to fix it.
53+
# https://github.com/actions/checkout/issues/290
54+
-name:Fetch git tags
55+
run:git fetch --tags --force
56+
4957
-name:Setup build tools
5058
run:|
5159
brew install bash gnu-getopt make

‎.github/workflows/scorecard.yml‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,6 @@ jobs:
4747

4848
# Upload the results to GitHub's code scanning dashboard.
4949
-name:"Upload to code-scanning"
50-
uses:github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88# v3.27.5
50+
uses:github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195# v3.27.6
5151
with:
5252
sarif_file:results.sarif

‎.github/workflows/security.yaml‎

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ jobs:
3838
uses:./.github/actions/setup-go
3939

4040
-name:Initialize CodeQL
41-
uses:github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88# v3.27.5
41+
uses:github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195# v3.27.6
4242
with:
4343
languages:go, javascript
4444

@@ -48,7 +48,7 @@ jobs:
4848
rm Makefile
4949
5050
-name:Perform CodeQL Analysis
51-
uses:github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88# v3.27.5
51+
uses:github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195# v3.27.6
5252

5353
-name:Send Slack notification on failure
5454
if:${{ failure() }}
@@ -144,7 +144,7 @@ jobs:
144144
severity:"CRITICAL,HIGH"
145145

146146
-name:Upload Trivy scan results to GitHub Security tab
147-
uses:github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88# v3.27.5
147+
uses:github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195# v3.27.6
148148
with:
149149
sarif_file:trivy-results.sarif
150150
category:"Trivy"

‎.golangci.yaml‎

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -175,8 +175,6 @@ linters-settings:
175175
-name:modifies-value-receiver
176176
-name:package-comments
177177
-name:range
178-
-name:range-val-address
179-
-name:range-val-in-closure
180178
-name:receiver-naming
181179
-name:redefines-builtin-id
182180
-name:string-of-int
@@ -199,6 +197,10 @@ linters-settings:
199197
govet:
200198
disable:
201199
-loopclosure
200+
gosec:
201+
excludes:
202+
# Implicit memory aliasing of items from a range statement (irrelevant as of Go v1.22)
203+
-G601
202204

203205
issues:
204206
# Rules listed here: https://github.com/securego/gosec#available-rules
@@ -238,7 +240,6 @@ linters:
238240
-errname
239241
-errorlint
240242
-exhaustruct
241-
-exportloopref
242243
-forcetypeassert
243244
-gocritic
244245
# gocyclo is may be useful in the future when we start caring

‎Makefile‎

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -640,7 +640,9 @@ vpn/vpn.pb.go: vpn/vpn.proto
640640
./vpn/vpn.proto
641641

642642
site/src/api/typesGenerated.ts:$(wildcard scripts/apitypings/*)$(shell find ./codersdk$(FIND_EXCLUSIONS) -type f -name '*.go')
643-
go run ./scripts/apitypings/>$@
643+
# -C sets the directory for the go run command
644+
go run -C ./scripts/apitypings main.go>$@
645+
(cd ./site&& npx biome format --write ./src/api/typesGenerated.ts)
644646
./scripts/pnpm_install.sh
645647

646648
site/e2e/provisionerGenerated.ts: provisionerd/proto/provisionerd.pb.go provisionersdk/proto/provisioner.pb.go

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp