coder
diff --git a/‎.github/lock.yml
-37 b/‎.github/lock.yml
-37
diff --git a/‎.github/workflows/ci.yaml
+34-34 b/‎.github/workflows/ci.yaml
+34-34
diff --git a/‎.github/workflows/docker.yaml
+1-1 b/‎.github/workflows/docker.yaml
+1-1
diff --git a/‎.github/workflows/installer.yml
+3-1 b/‎.github/workflows/installer.yml
+3-1
diff --git a/‎.github/workflows/npm-brew.yaml
+1-1 b/‎.github/workflows/npm-brew.yaml
+1-1
diff --git a/‎.github/workflows/scripts.yml
+5-1 b/‎.github/workflows/scripts.yml
+5-1
diff --git a/‎.gitignore
-1 b/‎.gitignore
-1
diff --git a/‎ci/build/build-code-server.sh
+2-9 b/‎ci/build/build-code-server.sh
+2-9
diff --git a/‎ci/build/build-release.sh
+5-6 b/‎ci/build/build-release.sh
+5-6
diff --git a/‎ci/build/build-vscode.sh
+2-7 b/‎ci/build/build-vscode.sh
+2-7
diff --git a/‎ci/build/npm-postinstall.sh
+3-6 b/‎ci/build/npm-postinstall.sh
+3-6
diff --git a/‎ci/dev/postinstall.sh
+15-14 b/‎ci/dev/postinstall.sh
+15-14
@@ -19,8 +19,6 @@ jobs:
     name: Pre-build checks
     runs-on: ubuntu-latest
     timeout-minutes: 15
-    env:
-      CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
     steps:
       - name: Checkout repo
         uses: actions/checkout@v2
@@ -33,14 +31,18 @@ jobs:
       - name: Install helm
         uses: azure/setup-helm@v1.1
 
-      - name: Fetch dependencies from cache
-        id: cache-yarn
-        uses: actions/cache@v2
-        with:
-          path: "**/node_modules"
-          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            yarn-build-
+      # NOTE@jsjoeio
+      # disabling this until we can audit the build process
+      # and the usefulness of this step
+      # See: https://github.com/cdr/code-server/issues/4287
+      # - name: Fetch dependencies from cache
+      #   id: cache-yarn
+      #   uses: actions/cache@v2
+      #   with:
+      #     path: "**/node_modules"
+      #     key: yarn-build-${{ hashFiles('**/yarn.lock') }}
+      #     restore-keys: |
+      #       yarn-build-
 
       - name: Install dependencies
         # if: steps.cache-yarn.outputs.cache-hit != 'true'
@@ -54,19 +56,11 @@ jobs:
         run: yarn lint
         if: success()
 
-      - name: Run code-server unit tests
-        run: yarn test:unit
-        if: success()
-
-      - name: Upload coverage report to Codecov
-        run: yarn coverage
-        if: success()
-
   audit-ci:
     name: Run audit-ci
     needs: prebuild
     runs-on: ubuntu-latest
-    timeout-minutes: 5
+    timeout-minutes: 15
     steps:
       - name: Checkout repo
         uses: actions/checkout@v2
@@ -98,6 +92,8 @@ jobs:
     needs: prebuild
     runs-on: ubuntu-latest
     timeout-minutes: 30
+    env:
+      CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
     steps:
       - uses: actions/checkout@v2
         with:
@@ -146,14 +142,25 @@ jobs:
           path: |
             vendor/modules/code-oss-dev/.build
             vendor/modules/code-oss-dev/out-build
-            vendor/modules/code-oss-dev/out-vscode
-            vendor/modules/code-oss-dev/out-vscode-min
-          key: vscode-build-${{ steps.vscode-rev.outputs.rev }}
+            vendor/modules/code-oss-dev/out-vscode-reh-web
+            vendor/modules/code-oss-dev/out-vscode-reh-web-min
+          key: vscode-reh-build-${{ steps.vscode-rev.outputs.rev }}
 
       - name: Build vscode
         if: steps.cache-vscode.outputs.cache-hit != 'true'
         run: yarn build:vscode
 
+      # Our code imports code from VS Code's `out` directory meaning VS Code
+      # must be built before running these tests.
+      # TODO: Move to its own step?
+      - name: Run code-server unit tests
+        run: yarn test:unit
+        if: success()
+
+      - name: Upload coverage report to Codecov
+        run: yarn coverage
+        if: success()
+
       # The release package does not contain any native modules
       # and is neutral to architecture/os/libc version.
       - name: Create release package
@@ -283,7 +290,7 @@ jobs:
           echo "$HOME/.local/bin" >> $GITHUB_PATH
 
       - name: Install cross-compiler
-        run: sudo apt install $PACKAGE
+        run: sudo apt update && sudo apt install $PACKAGE
         env:
           PACKAGE: ${{ format('g++-{0}', matrix.prefix) }}
 
@@ -371,9 +378,6 @@ jobs:
         with:
           node-version: "14"
 
-      - name: Install playwright OS dependencies
-        run: npx playwright install-deps
-
       - name: Fetch dependencies from cache
         id: cache-yarn
         uses: actions/cache@v2
@@ -399,14 +403,10 @@ jobs:
         if: steps.cache-yarn.outputs.cache-hit != 'true'
         run: yarn --frozen-lockfile
 
-      # HACK: this shouldn't need to exist, but put it here anyway
-      # in an attempt to solve Playwright cache failures.
-      - name: Reinstall playwright
-        if: steps.cache-yarn.outputs.cache-hit == 'true'
+      - name: Install Playwright OS dependencies
         run: |
-          cd test/
-          rm -r node_modules/playwright
-          yarn install --check-files
+          ./test/node_modules/.bin/playwright install-deps
+          ./test/node_modules/.bin/playwright install
 
       - name: Run end-to-end tests
         run: yarn test:e2e
@@ -428,7 +428,7 @@ jobs:
         uses: actions/checkout@v2
       - name: Run Trivy vulnerability scanner in repo mode
         #Commit SHA for v0.0.17
-        uses: aquasecurity/trivy-action@8eccb5539730451af599c84f444c6d6cf0fc2bb0
+        uses: aquasecurity/trivy-action@1ccef265f594a7555a720f623a461a3d69b45bf7
         with:
           scan-type: "fs"
           scan-ref: "."
 
@@ -6,7 +6,7 @@ on:
   workflow_dispatch:
 
   release:
-    types: [published]
+    types: [released]
 
 jobs:
   docker-images:
 
@@ -5,10 +5,12 @@ on:
     branches:
       - main
     paths:
-      - "installer.sh"
+      - "install.sh"
   pull_request:
     branches:
       - main
+    paths:
+      - "install.sh"
 
 jobs:
   ubuntu:
 
@@ -6,7 +6,7 @@ on:
   workflow_dispatch:
 
   release:
-    types: [published]
+    types: [released]
 
 jobs:
   # NOTE: this job requires curl, jq and yarn
 
@@ -5,10 +5,14 @@ on:
     branches:
       - main
     paths:
-      - "installer.sh"
+      - "**.sh"
+      - "**.bats"
   pull_request:
     branches:
       - main
+    paths:
+      - "**.sh"
+      - "**.bats"
 
 jobs:
   test:
 
@@ -12,7 +12,6 @@ vendor/modules
 node-*
 /plugins
 /lib/coder-cloud-agent
-/lib/linkup
 .home
 coverage
 **/.DS_Store
 
@@ -20,6 +20,8 @@ main() {
   source ./ci/lib.sh
   OS="$(uname | tr '[:upper:]' '[:lower:]')"
 
+  mkdir -p ./lib
+
   if ! [ -f ./lib/coder-cloud-agent ]; then
     echo "Downloading the cloud agent..."
 
@@ -28,15 +30,6 @@ main() {
     chmod +x ./lib/coder-cloud-agent
     set -e
   fi
-
-  if ! [ -f ./lib/linkup ]; then
-    echo "Downloading Link agent..."
-
-    set +e
-    curl -fsSL "https://storage.googleapis.com/coder-link-releases/latest/linkup-$OS-$ARCH" -o ./lib/linkup
-    chmod +x ./lib/linkup
-    set -e
-  fi
 }
 
 main "$@"
@@ -61,14 +61,13 @@ EOF
     rsync node_modules/ "$RELEASE_PATH/node_modules"
     mkdir -p "$RELEASE_PATH/lib"
     rsync ./lib/coder-cloud-agent "$RELEASE_PATH/lib"
-    rsync ./lib/linkup "$RELEASE_PATH/lib"
   fi
 }
 
 bundle_vscode() {
   mkdir -p "$VSCODE_OUT_PATH"
   rsync "$VSCODE_SRC_PATH/yarn.lock" "$VSCODE_OUT_PATH"
-  rsync "$VSCODE_SRC_PATH/out-vscode${MINIFY:+-min}/" "$VSCODE_OUT_PATH/out"
+  rsync "$VSCODE_SRC_PATH/out-vscode-reh-web${MINIFY:+-min}/" "$VSCODE_OUT_PATH/out"
 
   rsync "$VSCODE_SRC_PATH/.build/extensions/" "$VSCODE_OUT_PATH/extensions"
   if [ "$KEEP_MODULES" = 0 ]; then
@@ -80,17 +79,17 @@ bundle_vscode() {
   rsync "$VSCODE_SRC_PATH/extensions/yarn.lock" "$VSCODE_OUT_PATH/extensions"
   rsync "$VSCODE_SRC_PATH/extensions/postinstall.js" "$VSCODE_OUT_PATH/extensions"
 
-  mkdir -p "$VSCODE_OUT_PATH/resources/"{linux,web}
-  rsync "$VSCODE_SRC_PATH/resources/linux/" "$VSCODE_OUT_PATH/resources/linux/"
-  rsync "$VSCODE_SRC_PATH/resources/web/" "$VSCODE_OUT_PATH/resources/web/"
+  mkdir -p "$VSCODE_OUT_PATH/resources/"
+  rsync "$VSCODE_SRC_PATH/resources/" "$VSCODE_OUT_PATH/resources/"
 
   # Add the commit and date and enable telemetry. This just makes telemetry
   # available; telemetry can still be disabled by flag or setting.
   jq --slurp '.[0] * .[1]' "$VSCODE_SRC_PATH/product.json" <(
     cat << EOF
   {
     "enableTelemetry": true,
-    "commit": "$(git rev-parse HEAD)",
+    "commit": "$(cd "$VSCODE_SRC_PATH" && git rev-parse HEAD)",
+    "quality": "stable",
     "date": $(jq -n 'now | todate')
   }
 EOF
 
@@ -11,13 +11,8 @@ main() {
 
   cd vendor/modules/code-oss-dev
 
-  yarn gulp compile-build compile-extensions-build compile-extension-media compile-web
-
-  yarn gulp optimize --gulpfile ./coder.js
-
-  if [[ $MINIFY ]]; then
-    yarn gulp minify --gulpfile ./coder.js
-  fi
+  # Any platform works since we have our own packaging step (for now).
+  yarn gulp "vscode-reh-web-linux-x64${MINIFY:+-min}"
 }
 
 main "$@"
@@ -57,18 +57,15 @@ main() {
   esac
 
   OS="$(uname | tr '[:upper:]' '[:lower:]')"
+
+  mkdir -p ./lib
+
   if curl -fsSL "https://github.com/cdr/cloud-agent/releases/latest/download/cloud-agent-$OS-$ARCH" -o ./lib/coder-cloud-agent; then
     chmod +x ./lib/coder-cloud-agent
   else
     echo "Failed to download cloud agent; --link will not work"
   fi
 
-  if curl -fsSL "https://storage.googleapis.com/coder-link-releases/latest/linkup-$OS-$ARCH" -o ./lib/linkup; then
-    chmod +x ./lib/linkup
-  else
-    echo "Failed to download Link agent; the Link extension will not work"
-  fi
-
   if ! vscode_yarn; then
     echo "You may not have the required dependencies to build the native modules."
     echo "Please see https://github.com/cdr/code-server/blob/master/docs/npm.md"
 
@@ -6,27 +6,28 @@ main() {
 
   echo "Installing code-server test dependencies..."
 
+  local args=(install)
+  if [[ ${CI-} ]]; then
+    args+=(--frozen-lockfile)
+  fi
+
   cd test
-  yarn install
+  yarn "${args[@]}"
   cd ..
 
   cd vendor
   echo "Installing vendor dependencies..."
 
-  # * We install in 'modules' instead of 'node_modules' because VS Code's extensions
-  # use a webpack config which cannot differentiate between its own node_modules
-  # and itself being in a directory with the same name.
-  #
-  # * We ignore scripts because NPM/Yarn's default behavior is to assume that
-  # devDependencies are not needed, and that even git repo based packages are
-  # assumed to be compiled. Because the default behavior for VS Code's `postinstall`
-  # assumes we're also compiled, this needs to be ignored.
+  # We install in 'modules' instead of 'node_modules' because VS Code's
+  # extensions use a webpack config which cannot differentiate between its own
+  # node_modules and itself being in a directory with the same name.
+  args+=(--modules-folder modules)
 
-  local args=(install --modules-folder modules --ignore-scripts)
-
-  if [[ ${CI-} ]]; then
-    args+=("--frozen-lockfile")
-  fi
+  # We ignore scripts because NPM/Yarn's default behavior is to assume that
+  # devDependencies are not needed, and that even git repo based packages are
+  # assumed to be compiled. Because the default behavior for VS Code's
+  # `postinstall` assumes we're also compiled, this needs to be ignored.
+  args+=(--ignore-scripts)
 
   yarn "${args[@]}"