coder/code-server
1
0
Fork 0
mirror of https://github.com/coder/code-server.git synced 2026-02-06 09:20:52 -06:00
Code Issues Packages Projects Releases 202 Wiki Activity

Compare commits

base: coder:main
Branches Tags
coder:main
coder:dependabot/npm_and_yarn/eslint-9.39.2
coder:dependabot/npm_and_yarn/typescript-eslint-8.54.0
coder:dependabot/npm_and_yarn/eslint-config-prettier-10.1.8
coder:dependabot/npm_and_yarn/eslint-plugin-import-2.32.0
coder:dependabot/npm_and_yarn/multi-8fbbf17b7b
coder:dependabot/github_actions/heyhusen/archlinux-package-action-3.0.0
coder:docker-test
coder:release/v4.9.0-rc.1
coder:release/v4.8.2
coder:release/v4.6.0
coder:release/v4.5.0
coder:v4.3.0
coder:v4.1.0
coder:bpmct/link-check
coder:v4.0.2
coder:v4.0.1
coder:v4.0.0
coder:v4.108.2
coder:v4.108.1
coder:v4.108.0
coder:v4.108.0-rc.1
coder:v4.107.1
coder:v4.107.0
coder:v4.107.0-rc.1
coder:v4.106.3
coder:v4.106.2
coder:v4.106.0
coder:v4.105.1
coder:v4.105.0
coder:v4.105.0-rc.1
coder:v4.104.3
coder:v4.104.2
coder:v4.104.1
coder:v4.104.0
coder:v4.104.0-rc.1
coder:v4.103.2
coder:v4.103.1
coder:v4.103.0
coder:v4.103.0-rc.1
coder:v4.102.3
coder:v4.102.2
coder:v4.102.1
coder:v4.102.0
coder:v4.102.0-rc.1
coder:v4.101.2
coder:v4.101.1
coder:v4.101.0
coder:v4.101.0-rc.1
coder:4.101.0
coder:4.101.0-rc.1
coder:v4.100.3
coder:v4.100.2
coder:v4.100.1
coder:v4.100.0-rc.1
coder:v4.100.0
coder:v4.99.4
coder:v4.99.3
coder:v4.99.2
coder:v4.99.1
coder:v4.99.0
coder:v4.99.0-rc.1
coder:v4.98.2
coder:v4.98.0-rc.1
coder:v4.98.0
coder:v4.97.2
coder:v4.97.1-rc.1
coder:v4.96.4
coder:v4.96.2
coder:v4.96.1
coder:v4.95.3
coder:v4.95.2
coder:v4.95.1-rc.2
coder:v4.95.1
coder:v4.95.1-rc.1
coder:v4.94.2-rc.1
coder:v4.93.1
coder:v4.93.1-rc.1
coder:v4.92.2
coder:v4.92.2-rc.1
coder:v4.91.1
coder:v4.91.0
coder:v4.91.0-rc.1
coder:v4.90.3
coder:v4.90.2
coder:v4.90.1
coder:v4.90.0
coder:v4.90.0-rc.1
coder:v4.89.1
coder:v4.89.0-rc.1
coder:v4.89.0
coder:v4.23.1
coder:v4.23.0
coder:v4.23.0-rc.2
coder:v4.23.0-rc.1
coder:v4.22.1-rc.2
coder:v4.22.1
coder:v4.22.1-rc.1
coder:v4.22.0
coder:v4.22.0-rc.1
coder:v4.21.2
coder:v4.21.1
coder:v4.21.1-rc.1
coder:v4.21.0
coder:v4.21.0-rc.1
coder:v4.20.1
coder:v4.20.0-rc.1
coder:v4.20.0
coder:v4.19.1-rc.2
coder:v4.19.1
coder:v4.19.1-rc.1
coder:v4.19.0
coder:v4.19.0-rc.1
coder:v4.18.0
coder:v4.18.0-rc.1
coder:v4.17.1
coder:v4.17.1-rc.1
coder:v4.17.0
coder:v4.17.0-rc.1
coder:v4.16.1
coder:v4.16.0
coder:v4.16.0-rc.1
coder:v4.15.0
coder:v4.15.0-rc.1
coder:v4.14.1
coder:v4.14.1-rc.2
coder:v4.14.1-rc.1
coder:v4.14.0-rc.1
coder:v4.14.0
coder:v4.13.0-rc.2
coder:v4.13.0
coder:v4.13.0-rc.1
coder:v4.12.0-rc.2
coder:v4.12.0
coder:v4.12.0-rc.1
coder:v4.11.0
coder:v4.11.0-rc.1
coder:v4.10.1
coder:v4.10.1-rc.1
coder:v4.10.0
coder:v4.10.0-rc.2
coder:v4.10.0-rc.1
coder:v4.9.0-rc.0
coder:v4.9.1
coder:v4.9.1-rc.1
coder:v4.9.0
coder:v4.9.0-rc.4
coder:v4.9.0-rc.3
coder:v4.9.0-rc.2
coder:v4.9.0-rc.1
coder:v4.8.3
coder:v4.8.2
coder:v4.8.2-rc.1
coder:v4.8.1
coder:v4.8.1-rc.1
coder:v4.8.0
coder:v4.7.1
coder:v4.7.0
coder:v4.6.1
coder:v4.6.0-rc.1
coder:v4.6.0
coder:v4.5.2
coder:v4.5.2-rc.1
coder:v4.5.1
coder:v4.5.0
coder:v4.4.0
coder:v4.3.0
coder:v4.2.0
coder:v4.1.0
coder:v4.0.2
coder:v4.0.1
coder:v4.0.0
coder:v3.12.0
coder:v3.11.1
coder:v3.11.0
coder:v3.10.2
coder:v3.10.1
coder:v3.10.0
coder:v3.9.3
coder:v3.9.2
coder:v3.9.1
coder:v3.9.0
coder:v3.8.1
coder:v3.8.0
coder:v3.7.4
coder:v3.7.3
coder:v3.7.2
coder:v3.7.1
coder:v3.7.0
coder:v3.6.2
coder:v3.6.1
coder:v3.6.0
coder:v3.5.0
coder:3.4.1
coder:v3.4.1
coder:3.4.0
coder:v3.4.0
coder:v3.3.1
coder:v3.3.0
coder:3.2.0
coder:3.1.1
coder:3.1.0
coder:3.0.2
coder:3.0.1
coder:3.0.0
coder:2.1698
coder:2.1692-vsc1.39.2
coder:2.1688-vsc1.39.2
coder:2.1665-vsc1.39.2
coder:2.1662-vsc1.39.2
coder:2.1655-vsc1.39.2
coder:2.1650-vsc1.39.2
coder:2.1638-vsc1.39.2
coder:2.1637-vsc1.39.2
coder:2.1523-vsc1.38.1
coder:2.1485-vsc1.38.1
coder:2.1478-vsc1.38.1
coder:2.1472-vsc1.38.1
coder:1.1156-vsc1.33.1
coder:1.1140-vsc1.33.1
coder:1.1119-vsc1.33.1
coder:1.1106-vsc1.33.1
coder:1.1099-vsc1.33.1
coder:1.939-vsc1.33.1
coder:1.903-vsc1.33.1
coder:1.868-vsc1.33.1
coder:1.854-vsc1.33.1
coder:1.790-vsc1.33.1
coder:1.792-vsc1.33.1
coder:1.696-vsc1.33.0
coder:1.691-vsc1.33.0
coder:1.604-vsc1.32.0
coder:1.408-vsc1.32.0
coder:1.32.0-310
coder:1.32.0-282
coder:1.32.0-275
coder:1.32.0-245
coder:1.31.1-100
coder:1.31.0-20
coder:1.31.0
..
compare: coder:1.1099-vsc1.33.1
Branches Tags
coder:dependabot/npm_and_yarn/eslint-9.39.2
coder:dependabot/npm_and_yarn/typescript-eslint-8.54.0
coder:dependabot/npm_and_yarn/eslint-config-prettier-10.1.8
coder:dependabot/npm_and_yarn/eslint-plugin-import-2.32.0
coder:dependabot/npm_and_yarn/multi-8fbbf17b7b
coder:dependabot/github_actions/heyhusen/archlinux-package-action-3.0.0
coder:main
coder:docker-test
coder:release/v4.9.0-rc.1
coder:release/v4.8.2
coder:release/v4.6.0
coder:release/v4.5.0
coder:v4.3.0
coder:v4.1.0
coder:bpmct/link-check
coder:v4.0.2
coder:v4.0.1
coder:v4.0.0
coder:v4.108.2
coder:v4.108.1
coder:v4.108.0
coder:v4.108.0-rc.1
coder:v4.107.1
coder:v4.107.0
coder:v4.107.0-rc.1
coder:v4.106.3
coder:v4.106.2
coder:v4.106.0
coder:v4.105.1
coder:v4.105.0
coder:v4.105.0-rc.1
coder:v4.104.3
coder:v4.104.2
coder:v4.104.1
coder:v4.104.0
coder:v4.104.0-rc.1
coder:v4.103.2
coder:v4.103.1
coder:v4.103.0
coder:v4.103.0-rc.1
coder:v4.102.3
coder:v4.102.2
coder:v4.102.1
coder:v4.102.0
coder:v4.102.0-rc.1
coder:v4.101.2
coder:v4.101.1
coder:v4.101.0
coder:v4.101.0-rc.1
coder:4.101.0
coder:4.101.0-rc.1
coder:v4.100.3
coder:v4.100.2
coder:v4.100.1
coder:v4.100.0-rc.1
coder:v4.100.0
coder:v4.99.4
coder:v4.99.3
coder:v4.99.2
coder:v4.99.1
coder:v4.99.0
coder:v4.99.0-rc.1
coder:v4.98.2
coder:v4.98.0-rc.1
coder:v4.98.0
coder:v4.97.2
coder:v4.97.1-rc.1
coder:v4.96.4
coder:v4.96.2
coder:v4.96.1
coder:v4.95.3
coder:v4.95.2
coder:v4.95.1-rc.2
coder:v4.95.1
coder:v4.95.1-rc.1
coder:v4.94.2-rc.1
coder:v4.93.1
coder:v4.93.1-rc.1
coder:v4.92.2
coder:v4.92.2-rc.1
coder:v4.91.1
coder:v4.91.0
coder:v4.91.0-rc.1
coder:v4.90.3
coder:v4.90.2
coder:v4.90.1
coder:v4.90.0
coder:v4.90.0-rc.1
coder:v4.89.1
coder:v4.89.0-rc.1
coder:v4.89.0
coder:v4.23.1
coder:v4.23.0
coder:v4.23.0-rc.2
coder:v4.23.0-rc.1
coder:v4.22.1-rc.2
coder:v4.22.1
coder:v4.22.1-rc.1
coder:v4.22.0
coder:v4.22.0-rc.1
coder:v4.21.2
coder:v4.21.1
coder:v4.21.1-rc.1
coder:v4.21.0
coder:v4.21.0-rc.1
coder:v4.20.1
coder:v4.20.0-rc.1
coder:v4.20.0
coder:v4.19.1-rc.2
coder:v4.19.1
coder:v4.19.1-rc.1
coder:v4.19.0
coder:v4.19.0-rc.1
coder:v4.18.0
coder:v4.18.0-rc.1
coder:v4.17.1
coder:v4.17.1-rc.1
coder:v4.17.0
coder:v4.17.0-rc.1
coder:v4.16.1
coder:v4.16.0
coder:v4.16.0-rc.1
coder:v4.15.0
coder:v4.15.0-rc.1
coder:v4.14.1
coder:v4.14.1-rc.2
coder:v4.14.1-rc.1
coder:v4.14.0-rc.1
coder:v4.14.0
coder:v4.13.0-rc.2
coder:v4.13.0
coder:v4.13.0-rc.1
coder:v4.12.0-rc.2
coder:v4.12.0
coder:v4.12.0-rc.1
coder:v4.11.0
coder:v4.11.0-rc.1
coder:v4.10.1
coder:v4.10.1-rc.1
coder:v4.10.0
coder:v4.10.0-rc.2
coder:v4.10.0-rc.1
coder:v4.9.0-rc.0
coder:v4.9.1
coder:v4.9.1-rc.1
coder:v4.9.0
coder:v4.9.0-rc.4
coder:v4.9.0-rc.3
coder:v4.9.0-rc.2
coder:v4.9.0-rc.1
coder:v4.8.3
coder:v4.8.2
coder:v4.8.2-rc.1
coder:v4.8.1
coder:v4.8.1-rc.1
coder:v4.8.0
coder:v4.7.1
coder:v4.7.0
coder:v4.6.1
coder:v4.6.0-rc.1
coder:v4.6.0
coder:v4.5.2
coder:v4.5.2-rc.1
coder:v4.5.1
coder:v4.5.0
coder:v4.4.0
coder:v4.3.0
coder:v4.2.0
coder:v4.1.0
coder:v4.0.2
coder:v4.0.1
coder:v4.0.0
coder:v3.12.0
coder:v3.11.1
coder:v3.11.0
coder:v3.10.2
coder:v3.10.1
coder:v3.10.0
coder:v3.9.3
coder:v3.9.2
coder:v3.9.1
coder:v3.9.0
coder:v3.8.1
coder:v3.8.0
coder:v3.7.4
coder:v3.7.3
coder:v3.7.2
coder:v3.7.1
coder:v3.7.0
coder:v3.6.2
coder:v3.6.1
coder:v3.6.0
coder:v3.5.0
coder:3.4.1
coder:v3.4.1
coder:3.4.0
coder:v3.4.0
coder:v3.3.1
coder:v3.3.0
coder:3.2.0
coder:3.1.1
coder:3.1.0
coder:3.0.2
coder:3.0.1
coder:3.0.0
coder:2.1698
coder:2.1692-vsc1.39.2
coder:2.1688-vsc1.39.2
coder:2.1665-vsc1.39.2
coder:2.1662-vsc1.39.2
coder:2.1655-vsc1.39.2
coder:2.1650-vsc1.39.2
coder:2.1638-vsc1.39.2
coder:2.1637-vsc1.39.2
coder:2.1523-vsc1.38.1
coder:2.1485-vsc1.38.1
coder:2.1478-vsc1.38.1
coder:2.1472-vsc1.38.1
coder:1.1156-vsc1.33.1
coder:1.1140-vsc1.33.1
coder:1.1119-vsc1.33.1
coder:1.1106-vsc1.33.1
coder:1.1099-vsc1.33.1
coder:1.939-vsc1.33.1
coder:1.903-vsc1.33.1
coder:1.868-vsc1.33.1
coder:1.854-vsc1.33.1
coder:1.790-vsc1.33.1
coder:1.792-vsc1.33.1
coder:1.696-vsc1.33.0
coder:1.691-vsc1.33.0
coder:1.604-vsc1.32.0
coder:1.408-vsc1.32.0
coder:1.32.0-310
coder:1.32.0-282
coder:1.32.0-275
coder:1.32.0-245
coder:1.31.1-100
coder:1.31.0-20
coder:1.31.0

No commits in common. "main" and "1.1099-vsc1.33.1" have entirely different histories.
main ... 1.1099-vsc

525 changed files with 41258 additions and 35610 deletions
Show Stats Expand all files Collapse all files

13
.dockerignore
View File

@ -1,3 +1,10 @@
**
!release-packages
!ci
Dockerfile
# Docs
doc/
# GitHub stuff
.github
.gitignore
.travis.yml
LICENSE
README.md
node_modules

6
.editorconfig
View File

@ -1,6 +0,0 @@
root = true
[*]
indent_style = space
trim_trailing_whitespace = true
indent_size = 2

2
.git-blame-ignore-revs
View File

@ -1,2 +0,0 @@
# Prettier 3.4.2
9b0340a09276f93c054d705d1b9a5f24cc5dbc97

1
.gitattributes vendored
View File

@ -1 +0,0 @@
*.afdesign filter=lfs diff=lfs merge=lfs -text

9
.github/CODEOWNERS vendored
View File

@ -1,7 +1,2 @@
* @coder/code-server
ci/helm-chart/ @Matthew-Beckett @alexgorbatchev
docs/install.md @GNUxeava
src/node/i18n/locales/zh-cn.json @zhaozhiming
* @code-asher @kylecarbs
Dockerfile @nhooyr

126
.github/ISSUE_TEMPLATE/bug-report.yml vendored
View File

@ -1,126 +0,0 @@
name: Bug report
description: File a bug report
labels: ["bug", "triage"]
body:
- type: checkboxes
attributes:
label: Is there an existing issue for this?
description: Please search to see if an issue already exists for the bug you encountered.
options:
- label: I have searched the existing issues
required: true
- type: textarea
attributes:
label: OS/Web Information
description: |
examples:
- **Web Browser**: Chrome
- **Local OS**: macOS
- **Remote OS**: Ubuntu
- **Remote Architecture**: amd64
- **`code-server --version`**: 4.0.1
Please do not just put "latest" for the version.
value: |
- Web Browser:
- Local OS:
- Remote OS:
- Remote Architecture:
- `code-server --version`:
validations:
required: true
- type: textarea
attributes:
label: Steps to Reproduce
description: |
Please describe exactly how to reproduce the bug. For example:
1. Open code-server in Firefox
2. Install extension `foo.bar` from the extensions sidebar
3. Run command `foo.bar.baz`
value: |
1.
2.
3.
validations:
required: true
- type: textarea
attributes:
label: Expected
description: What should happen?
validations:
required: true
- type: textarea
attributes:
label: Actual
description: What actually happens?
validations:
required: true
- type: textarea
id: logs
attributes:
label: Logs
description: Run code-server with the --verbose flag and then paste any relevant logs from the server, from the browser console and/or the browser network tab. For issues with installation, include installation logs (i.e. output of `npm install -g code-server`).
render: shell
- type: textarea
attributes:
label: Screenshot/Video
description: Please include a screenshot, gif or screen recording of your issue.
validations:
required: false
- type: dropdown
attributes:
label: Does this bug reproduce in native VS Code?
description: If the bug reproduces in native VS Code, submit the issue upstream instead (https://github.com/microsoft/vscode).
options:
- Yes, this is also broken in native VS Code
- No, this works as expected in native VS Code
- This cannot be tested in native VS Code
- I did not test native VS Code
validations:
required: true
- type: dropdown
attributes:
label: Does this bug reproduce in VS Code web?
description: If the bug reproduces in VS Code web, submit the issue upstream instead (https://github.com/microsoft/vscode). You can run VS Code web with `code serve-web` (this is not the same as vscode.dev).
options:
- Yes, this is also broken in VS Code web
- No, this works as expected in VS Code web
- This cannot be tested in VS Code web
- I did not test VS Code web
validations:
required: true
- type: dropdown
attributes:
label: Does this bug reproduce in GitHub Codespaces?
description: If the bug reproduces in GitHub Codespaces, submit the issue upstream instead (https://github.com/microsoft/vscode).
options:
- Yes, this is also broken in GitHub Codespaces
- No, this works as expected in GitHub Codespaces
- This cannot be tested in GitHub Codespaces
- I did not test GitHub Codespaces
validations:
required: true
- type: checkboxes
attributes:
label: Are you accessing code-server over a secure context?
description: code-server relies on service workers (which only work in secure contexts) for many features. Double-check that you are using a secure context like HTTPS or localhost.
options:
- label: I am using a secure context.
required: false
- type: textarea
attributes:
label: Notes
description: Please include any addition notes that will help us resolve this issue.
validations:
required: false

22
.github/ISSUE_TEMPLATE/bug_report.md vendored Normal file
View File

@ -0,0 +1,22 @@
---
name: Bug Report
about: Report problems and unexpected behavior.
title: ''
labels: 'bug'
assignees: ''
---
<!-- Please search existing issues to avoid creating duplicates. -->
<!-- All extension-specific issues should be created with the `Extension Bug` template. -->
- `code-server` version: <!-- The version of code-server -->
- OS Version: <!-- OS version, cloud provider, -->
## Description
<!-- Describes the problem here -->
## Steps to Reproduce
1. <!-- step 1: click ... -->
1. <!-- step 2: ... -->

8
.github/ISSUE_TEMPLATE/config.yml vendored
View File

@ -1,8 +0,0 @@
blank_issues_enabled: false
contact_links:
- name: Question?
url: https://github.com/coder/code-server/discussions/new?category_id=22503114
about: Ask the community for help on our GitHub Discussions board
- name: code-server Slack Community
about: Need immediate help or just want to talk? Hop in our Slack. Note - this Slack is not actively monitored by code-server maintainers.
url: https://cdr.co/join-community

11
.github/ISSUE_TEMPLATE/doc.md vendored
View File

@ -1,11 +0,0 @@
---
name: Documentation improvement
about: Suggest a documentation improvement
labels: "docs"
---
## What is your suggestion?
## How will this improve the docs?
## Are you interested in submitting a PR for this?

22
.github/ISSUE_TEMPLATE/extension_bug.md vendored Normal file
View File

@ -0,0 +1,22 @@
---
name: Extension Bug
about: Report problems and unexpected behavior with extensions.
title: ''
labels: 'extension-specific'
assignees: ''
---
<!-- Please search existing issues to avoid creating duplicates. -->
- `code-server` version: <!-- The version of code-server -->
- OS Version: <!-- OS version, cloud provider, -->
- Extension: <!-- Link to extension -->
## Description
<!-- Describes the problem here -->
## Steps to Reproduce
1. <!-- step 1: click ... -->
1. <!-- step 2: ... -->

13
.github/ISSUE_TEMPLATE/feature-request.md vendored
View File

@ -1,13 +0,0 @@
---
name: Feature request
about: Suggest an idea to improve code-server
labels: enhancement
---
## What is your suggestion?
## Why do you want this feature?
## Are there any workarounds to get this functionality today?
## Are you interested in submitting a PR for this?

11
.github/ISSUE_TEMPLATE/feature_request.md vendored Normal file
View File

@ -0,0 +1,11 @@
---
name: Feature Request
about: Suggest an idea for this project.
title: ''
labels: 'feature'
assignees: ''
---
<!-- Please search existing issues to avoid creating duplicates. -->
<!-- Describe the feature you'd like. -->

17
.github/ISSUE_TEMPLATE/question.md vendored Normal file
View File

@ -0,0 +1,17 @@
---
name: Question
about: Ask a question.
title: ''
labels: 'question'
assignees: ''
---
<!-- Please search existing issues to avoid creating duplicates. -->
## Description
<!-- A description of the the question. -->
## Related Issues
<!-- Any issues related to your question. -->

8
.github/PULL_REQUEST_TEMPLATE.md vendored
View File

@ -1,8 +0,0 @@
<!--
Please link to the issue this PR solves.
If there is no existing issue, please first create one unless the fix is minor.
Please make sure the base of your PR is the default branch!
-->
Fixes #

31
.github/codecov.yml vendored
View File

@ -1,31 +0,0 @@
codecov:
require_ci_to_pass: yes
allow_coverage_offsets: True
coverage:
precision: 2
round: down
range: "40...70"
status:
patch: off
notify:
slack:
default:
url: secret:v1::tXC7VwEIKYjNU8HRgRv2GdKOSCt5UzpykKZb+o1eCDqBgb2PEqwE3A26QUPYMLo4BO2qtrJhFIvwhUvlPwyzDCNGoNiuZfXr0UeZZ0y1TcZu672R/NBNMwEPO/e1Ye0pHxjzKHnuH7HqbjFucox/RBQLtiL3J56SWGE3JtbkC6o=
threshold: 1%
only_pulls: false
branches:
- "main"
parsers:
gcov:
branch_detection:
conditional: yes
loop: yes
method: no
macro: no
comment:
layout: "reach,diff,flags,files,footer"
behavior: default
require_changes: no

1
.github/codeql-config.yml vendored
View File

@ -1 +0,0 @@
name: "code-server CodeQL config"

31
.github/dependabot.yaml vendored
View File

@ -1,31 +0,0 @@
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "monthly"
time: "06:00"
timezone: "America/Chicago"
labels: []
commit-message:
prefix: "chore"
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "monthly"
time: "06:00"
timezone: "America/Chicago"
commit-message:
prefix: "chore"
labels: []
ignore:
# Ignore patch updates for all dependencies
- dependency-name: "*"
update-types:
- version-update:semver-patch
# Ignore major updates to Node.js types, because they need to
# correspond to the Node.js engine version
- dependency-name: "@types/node"
update-types:
- version-update:semver-major

6
.github/pull_request_template.md vendored Normal file
View File

@ -0,0 +1,6 @@
<!-- Please answer these questions before submitting your PR. Thanks! -->
### Describe in detail the problem you had and how this PR fixes it
### Is there an open issue you can link to?

66
.github/semantic.yaml vendored
View File

@ -1,66 +0,0 @@
###############################################################################
# This file configures "Semantic Pull Requests", which is documented here:
# https://github.com/zeke/semantic-pull-requests
###############################################################################
# Scopes are optionally supplied after a 'type'. For example, in
#
# feat(docs): autostart ui
#
# '(docs)' is the scope. Scopes are used to signify where the change occurred.
scopes:
# docs: changes to the code-server documentation.
- docs
# vendor: changes to vendored dependencies.
- vendor
# deps: changes to code-server's dependencies.
- deps
# cs: changes to code specific to code-server.
- cs
# cli: changes to the command-line interface.
- cli
# We only check that the PR title is semantic. The PR title is automatically
# applied to the "Squash & Merge" flow as the suggested commit message, so this
# should suffice unless someone drastically alters the message in that flow.
titleOnly: true
# Types are the 'tag' types in a commit or PR title. For example, in
#
# chore: fix thing
#
# 'chore' is the type.
types:
# A build of any kind.
- build
# A user-facing change that corrects a defect in code-server.
- fix
# Any code task that is ignored for changelog purposes. Examples include
# devbin scripts and internal-only configurations.
- chore
# Any work performed on CI.
- ci
# Work that directly implements or supports the implementation of a feature.
- feat
# A refactor changes code structure without any behavioral change.
- refactor
# A git revert for any style of commit.
- revert
# Adding tests of any kind. Should be separate from feature or fix
# implementations. For example, if a commit adds a fix + test, it's a fix
# commit. If a commit is simply bumping coverage, it's a test commit.
- test
# A new release.
- release

12
.github/stale.yml vendored
View File

@ -1,12 +0,0 @@
# Number of days of inactivity before an issue becomes stale
daysUntilStale: 180
# Number of days of inactivity before a stale issue is closed
daysUntilClose: 5
# Label to apply when stale.
staleLabel: stale
# Comment to post when marking an issue as stale. Set to `false` to disable
markComment: >
This issue has been automatically marked as stale because it has not had
recent activity. It will be closed if no activity occurs in the next 5 days.
# Comment to post when closing a stale issue. Set to `false` to disable
closeComment: false

311
.github/workflows/build.yaml vendored
View File

@ -1,311 +0,0 @@
name: Build
on:
push:
branches:
- main
pull_request:
branches:
- main
# Cancel in-progress runs for pull requests when developers push
# additional changes, and serialize builds in branches.
# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-concurrency-to-cancel-any-in-progress-job-or-run
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
# Note: if: success() is used in several jobs -
# this ensures that it only executes if all previous jobs succeeded.
# if: steps.cache-node-modules.outputs.cache-hit != 'true'
# will skip running `npm install` if it successfully fetched from cache
jobs:
changes:
runs-on: ubuntu-latest
outputs:
ci: ${{ steps.filter.outputs.ci }}
code: ${{ steps.filter.outputs.code }}
deps: ${{ steps.filter.outputs.deps }}
docs: ${{ steps.filter.outputs.docs }}
helm: ${{ steps.filter.outputs.helm }}
steps:
- name: Checkout repo
uses: actions/checkout@v6
- name: Check changed files
uses: dorny/paths-filter@v3
id: filter
with:
filters: |
ci:
- ".github/**"
- "ci/**"
docs:
- "docs/**"
- "README.md"
- "CHANGELOG.md"
helm:
- "ci/helm-chart/**"
code:
- "src/**"
- "test/**"
deps:
- "lib/**"
- "patches/**"
- "package-lock.json"
- "test/package-lock.json"
- id: debug
run: |
echo "${{ toJSON(steps.filter )}}"
prettier:
name: Run prettier check
runs-on: ubuntu-22.04
timeout-minutes: 5
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version-file: .node-version
cache: npm
cache-dependency-path: |
package-lock.json
test/package-lock.json
- run: SKIP_SUBMODULE_DEPS=1 npm ci
- run: npx prettier --check .
doctoc:
name: Doctoc markdown files
runs-on: ubuntu-22.04
timeout-minutes: 5
needs: changes
if: needs.changes.outputs.docs == 'true'
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version-file: .node-version
cache: npm
cache-dependency-path: |
package-lock.json
test/package-lock.json
- run: SKIP_SUBMODULE_DEPS=1 npm ci
- run: npm run doctoc
lint-helm:
name: Lint Helm chart
runs-on: ubuntu-22.04
timeout-minutes: 5
needs: changes
if: needs.changes.outputs.helm == 'true'
steps:
- uses: actions/checkout@v6
- uses: azure/setup-helm@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- run: helm plugin install https://github.com/instrumenta/helm-kubeval
- run: helm kubeval ci/helm-chart
lint-ts:
name: Lint TypeScript files
runs-on: ubuntu-22.04
timeout-minutes: 5
needs: changes
if: needs.changes.outputs.code == 'true'
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version-file: .node-version
cache: npm
cache-dependency-path: |
package-lock.json
test/package-lock.json
- run: SKIP_SUBMODULE_DEPS=1 npm ci
- run: npm run lint:ts
lint-actions:
name: Lint GitHub Actions
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.ci == 'true'
steps:
- name: Checkout repo
uses: actions/checkout@v6
- name: Check workflow files
run: |
bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) 1.7.9
./actionlint -color -shellcheck= -ignore "softprops/action-gh-release"
shell: bash
test-unit:
name: Run unit tests
runs-on: ubuntu-22.04
timeout-minutes: 5
needs: changes
if: needs.changes.outputs.code == 'true'
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version-file: .node-version
cache: npm
cache-dependency-path: |
package-lock.json
test/package-lock.json
- run: SKIP_SUBMODULE_DEPS=1 npm ci
- run: npm run test:unit
- uses: codecov/codecov-action@v5
if: success()
with:
token: ${{ secrets.CODECOV_TOKEN }}
build:
name: Build code-server
runs-on: ubuntu-22.04
timeout-minutes: 70
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
DISABLE_V8_COMPILE_CACHE: 1
steps:
- uses: actions/checkout@v6
with:
submodules: true
- run: sudo apt update && sudo apt install -y libkrb5-dev
- uses: awalsh128/cache-apt-pkgs-action@latest
with:
packages: quilt
version: 1.0
- run: quilt push -a
- uses: actions/setup-node@v6
with:
node-version-file: .node-version
cache: npm
cache-dependency-path: |
package-lock.json
test/package-lock.json
- run: SKIP_SUBMODULE_DEPS=1 npm ci
- run: npm run build
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Get Code's git hash. When this changes it means the content is
# different and we need to rebuild.
- name: Get latest lib/vscode rev
id: vscode-rev
run: echo "rev=$(git rev-parse HEAD:./lib/vscode)" >> $GITHUB_OUTPUT
# We need to rebuild when we have a new version of Code, when any of
# the patches changed, or when the code-server version changes (since
# it gets embedded into the code). Use VSCODE_CACHE_VERSION to
# force a rebuild.
- name: Fetch prebuilt Code package from cache
id: cache-vscode
uses: actions/cache@v4
with:
path: lib/vscode-reh-web-*
key: vscode-reh-package-${{ secrets.VSCODE_CACHE_VERSION }}-${{ steps.vscode-rev.outputs.rev }}-${{ hashFiles('patches/*.diff', 'ci/build/build-vscode.sh') }}
- name: Build vscode
env:
VERSION: "0.0.0"
if: steps.cache-vscode.outputs.cache-hit != 'true'
run: |
pushd lib/vscode
npm ci
popd
npm run build:vscode
# The release package does not contain any native modules
# and is neutral to architecture/os/libc version.
- run: npm run release
if: success()
# https://github.com/actions/upload-artifact/issues/38
- run: tar -czf package.tar.gz release
- uses: actions/upload-artifact@v4
with:
name: npm-package
path: ./package.tar.gz
test-e2e:
name: Run e2e tests
runs-on: ubuntu-22.04
timeout-minutes: 25
needs: [changes, build]
if: needs.changes.outputs.code == 'true' || needs.changes.outputs.deps == 'true'
steps:
- uses: actions/checkout@v6
- run: sudo apt update && sudo apt install -y libkrb5-dev
- uses: actions/setup-node@v6
with:
node-version-file: .node-version
cache: npm
cache-dependency-path: |
package-lock.json
test/package-lock.json
- run: SKIP_SUBMODULE_DEPS=1 npm ci
- uses: actions/download-artifact@v5
with:
name: npm-package
- run: tar -xzf package.tar.gz
- run: cd release && npm install --unsafe-perm --omit=dev
- name: Install Playwright OS dependencies
run: |
./test/node_modules/.bin/playwright install-deps
./test/node_modules/.bin/playwright install
- run: CODE_SERVER_TEST_ENTRY=./release npm run test:e2e
- uses: actions/upload-artifact@v4
if: always()
with:
name: failed-test-videos
path: ./test/test-results
- run: rm -rf ./release ./test/test-results
test-e2e-proxy:
name: Run e2e tests behind proxy
runs-on: ubuntu-22.04
timeout-minutes: 25
needs: [changes, build]
if: needs.changes.outputs.code == 'true' || needs.changes.outputs.deps == 'true'
steps:
- uses: actions/checkout@v6
- run: sudo apt update && sudo apt install -y libkrb5-dev
- uses: actions/setup-node@v6
with:
node-version-file: .node-version
cache: npm
cache-dependency-path: |
package-lock.json
test/package-lock.json
- run: SKIP_SUBMODULE_DEPS=1 npm ci
- uses: actions/download-artifact@v5
with:
name: npm-package
- run: tar -xzf package.tar.gz
- run: cd release && npm install --unsafe-perm --omit=dev
- name: Install Playwright OS dependencies
run: |
./test/node_modules/.bin/playwright install-deps
./test/node_modules/.bin/playwright install
- name: Cache Caddy
uses: actions/cache@v4
id: caddy-cache
with:
path: |
~/.cache/caddy
key: cache-caddy-2.5.2
- name: Install Caddy
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: steps.caddy-cache.outputs.cache-hit != 'true'
run: |
gh release download v2.5.2 --repo caddyserver/caddy --pattern "caddy_2.5.2_linux_amd64.tar.gz"
mkdir -p ~/.cache/caddy
tar -xzf caddy_2.5.2_linux_amd64.tar.gz --directory ~/.cache/caddy
- run: ~/.cache/caddy/caddy start --config ./ci/Caddyfile
- run: CODE_SERVER_TEST_ENTRY=./release npm run test:e2e:proxy
- run: ~/.cache/caddy/caddy stop --config ./ci/Caddyfile
if: always()
- uses: actions/upload-artifact@v4
if: always()
with:
name: failed-test-videos-proxy
path: ./test/test-results

76
.github/workflows/installer.yaml vendored
View File

@ -1,76 +0,0 @@
name: Installer integration
on:
push:
branches:
- main
paths:
- "install.sh"
- ".github/workflows/installer.yaml"
pull_request:
branches:
- main
paths:
- "install.sh"
- ".github/workflows/installer.yaml"
# Cancel in-progress runs for pull requests when developers push
# additional changes, and serialize builds in branches.
# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-concurrency-to-cancel-any-in-progress-job-or-run
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
permissions:
contents: read
jobs:
ubuntu:
name: Test installer on Ubuntu
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v6
- name: Install code-server
run: ./install.sh
- name: Test code-server was installed globally
run: code-server --help
alpine:
name: Test installer on Alpine
runs-on: ubuntu-latest
container: "alpine:3.17"
steps:
- name: Checkout repo
uses: actions/checkout@v6
- name: Install curl
run: apk add curl
- name: Add user
run: adduser coder --disabled-password
# Standalone should work without root.
- name: Test standalone to a non-existent prefix
run: su coder -c "./install.sh --method standalone --prefix /tmp/does/not/yet/exist"
# We do not actually have Alpine standalone builds so running code-server
# will not work.
- name: Test code-server was installed to prefix
run: test -f /tmp/does/not/yet/exist/bin/code-server
macos:
name: Test installer on macOS
runs-on: macos-latest
steps:
- name: Checkout repo
uses: actions/checkout@v6
- name: Install code-server
run: ./install.sh
- name: Test code-server was installed globally
run: code-server --help

166
.github/workflows/publish.yaml vendored
View File

@ -1,166 +0,0 @@
name: Publish code-server
on:
# Shows the manual trigger in GitHub UI
# helpful as a back-up in case the GitHub Actions Workflow fails
workflow_dispatch:
inputs:
version:
description: The version to publish (include "v", i.e. "v4.9.1").
type: string
required: true
release:
types: [released]
# Cancel in-progress runs for pull requests when developers push
# additional changes, and serialize builds in branches.
# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-concurrency-to-cancel-any-in-progress-job-or-run
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
jobs:
npm:
runs-on: ubuntu-latest
steps:
- name: Checkout code-server
uses: actions/checkout@v6
- name: Install Node.js
uses: actions/setup-node@v6
with:
node-version-file: .node-version
- name: Download npm package from release artifacts
uses: robinraju/release-downloader@v1.12
with:
repository: "coder/code-server"
tag: ${{ github.event.inputs.version || github.ref_name }}
fileName: "package.tar.gz"
out-file-path: "release-npm-package"
# Strip out the v (v4.9.1 -> 4.9.1).
- name: Get and set VERSION
run: |
TAG="${{ github.event.inputs.version || github.ref_name }}"
echo "VERSION=${TAG#v}" >> $GITHUB_ENV
- run: npm run publish:npm
env:
VERSION: ${{ env.VERSION }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_ENVIRONMENT: "production"
aur:
runs-on: ubuntu-latest
timeout-minutes: 10
env:
GH_TOKEN: ${{ secrets.HOMEBREW_GITHUB_API_TOKEN }}
steps:
# We need to checkout code-server so we can get the version
- name: Checkout code-server
uses: actions/checkout@v6
with:
fetch-depth: 0
path: "./code-server"
- name: Checkout code-server-aur repo
uses: actions/checkout@v6
with:
repository: "cdrci/code-server-aur"
token: ${{ secrets.HOMEBREW_GITHUB_API_TOKEN }}
ref: "master"
- name: Merge in master
run: |
git remote add upstream https://github.com/coder/code-server-aur.git
git fetch upstream
git merge upstream/master
- name: Configure git
run: |
git config --global user.name cdrci
git config --global user.email opensource@coder.com
# Strip out the v (v4.9.1 -> 4.9.1).
- name: Get and set VERSION
run: |
TAG="${{ github.event.inputs.version || github.ref_name }}"
echo "VERSION=${TAG#v}" >> $GITHUB_ENV
- name: Validate package
uses: heyhusen/archlinux-package-action@v2.4.0
env:
VERSION: ${{ env.VERSION }}
with:
pkgver: ${{ env.VERSION }}
updpkgsums: true
srcinfo: true
- name: Open PR
# We need to git push -u otherwise gh will prompt
# asking where to push the branch.
env:
VERSION: ${{ env.VERSION }}
run: |
git checkout -b update-version-${{ env.VERSION }}
git add .
git commit -m "chore: updating version to ${{ env.VERSION }}"
git push -u origin $(git branch --show)
gh pr create --repo coder/code-server-aur --title "chore: bump version to ${{ env.VERSION }}" --body "PR opened by @$GITHUB_ACTOR" --assignee $GITHUB_ACTOR
docker:
runs-on: ubuntu-latest
steps:
- name: Checkout code-server
uses: actions/checkout@v6
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Strip out the v (v4.9.1 -> 4.9.1).
- name: Get and set VERSION
run: |
TAG="${{ github.event.inputs.version || github.ref_name }}"
echo "VERSION=${TAG#v}" >> $GITHUB_ENV
- name: Download deb artifacts
uses: robinraju/release-downloader@v1.12
with:
repository: "coder/code-server"
tag: v${{ env.VERSION }}
fileName: "*.deb"
out-file-path: "release-packages"
- name: Download rpm artifacts
uses: robinraju/release-downloader@v1.12
with:
repository: "coder/code-server"
tag: v${{ env.VERSION }}
fileName: "*.rpm"
out-file-path: "release-packages"
- name: Publish to Docker
run: ./ci/steps/docker-buildx-push.sh
env:
VERSION: ${{ env.VERSION }}
GITHUB_TOKEN: ${{ github.token }}

309
.github/workflows/release.yaml vendored
View File

@ -1,309 +0,0 @@
name: Draft release
on:
workflow_dispatch:
inputs:
version:
description: The version to publish (include "v", i.e. "v4.9.1").
type: string
required: true
permissions:
contents: write # For creating releases.
discussions: write # For creating a discussion.
# Cancel in-progress runs for pull requests when developers push
# additional changes
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
jobs:
package-linux-cross:
name: ${{ matrix.prefix }}
runs-on: ubuntu-latest
timeout-minutes: 15
needs: npm-version
container: "python:3.8-slim-buster"
strategy:
matrix:
include:
- prefix: x86_64-linux-gnu
npm_arch: x64
apt_arch: amd64
package_arch: amd64
- prefix: aarch64-linux-gnu
npm_arch: arm64
apt_arch: arm64
package_arch: arm64
- prefix: arm-linux-gnueabihf
npm_arch: armv7l
apt_arch: armhf
package_arch: armv7l
env:
AR: ${{ format('{0}-ar', matrix.prefix) }}
AS: ${{ format('{0}-as', matrix.prefix) }}
CC: ${{ format('{0}-gcc', matrix.prefix) }}
CPP: ${{ format('{0}-cpp', matrix.prefix) }}
CXX: ${{ format('{0}-g++', matrix.prefix) }}
FC: ${{ format('{0}-gfortran', matrix.prefix) }}
LD: ${{ format('{0}-ld', matrix.prefix) }}
STRIP: ${{ format('{0}-strip', matrix.prefix) }}
PKG_CONFIG_PATH: ${{ format('/usr/lib/{0}/pkgconfig', matrix.prefix) }}
TARGET_ARCH: ${{ matrix.apt_arch }}
npm_config_arch: ${{ matrix.npm_arch }}
PKG_ARCH: ${{ matrix.package_arch }}
# Not building from source results in an x86_64 argon2, as if
# npm_config_arch is being ignored.
npm_config_build_from_source: true
steps:
- name: Checkout repo
uses: actions/checkout@v6
- name: Install Node.js
uses: actions/setup-node@v6
with:
node-version-file: .node-version
cache: npm
cache-dependency-path: |
package-lock.json
test/package-lock.json
- name: Install cross-compiler and system dependencies
run: |
sed -i 's/deb\.debian\.org/archive.debian.org/g' /etc/apt/sources.list
dpkg --add-architecture $TARGET_ARCH
apt update && apt install -y --no-install-recommends \
crossbuild-essential-$TARGET_ARCH \
libx11-dev:$TARGET_ARCH \
libx11-xcb-dev:$TARGET_ARCH \
libxkbfile-dev:$TARGET_ARCH \
libsecret-1-dev:$TARGET_ARCH \
libkrb5-dev:$TARGET_ARCH \
ca-certificates \
curl wget rsync gettext-base
- run: SKIP_SUBMODULE_DEPS=1 npm ci
- name: Install nfpm
run: |
mkdir -p ~/.local/bin
curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: Download npm package
uses: actions/download-artifact@v5
with:
name: npm-release-package
- run: tar -xzf package.tar.gz
- run: npm run release:standalone
- name: Replace node with cross-compile equivalent
run: |
node_version=$(node --version)
wget https://nodejs.org/dist/${node_version}/node-${node_version}-linux-${npm_config_arch}.tar.xz
tar -xf node-${node_version}-linux-${npm_config_arch}.tar.xz node-${node_version}-linux-${npm_config_arch}/bin/node --strip-components=2
mv ./node ./release-standalone/lib/node
# Strip out the v (v4.9.1 -> 4.9.1).
- name: Get and set VERSION
run: |
TAG="${{ inputs.version || github.ref_name }}"
echo "VERSION=${TAG#v}" >> $GITHUB_ENV
- env:
VERSION: ${{ env.VERSION }}
run: npm run package $PKG_ARCH
- uses: softprops/action-gh-release@v1
with:
draft: true
discussion_category_name: "📣 Announcements"
files: ./release-packages/*
package-macos-amd64:
name: x86-64 macOS build
runs-on: macos-15-intel
timeout-minutes: 15
needs: npm-version
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Checkout repo
uses: actions/checkout@v6
- name: Install Node.js
uses: actions/setup-node@v6
with:
node-version-file: .node-version
cache: npm
cache-dependency-path: |
package-lock.json
test/package-lock.json
- run: SKIP_SUBMODULE_DEPS=1 npm ci
- name: Install nfpm
run: |
mkdir -p ~/.local/bin
curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
echo "$HOME/.local/bin" >> $GITHUB_PATH
# The version of node-gyp we use depends on distutils but it was removed
# in Python 3.12. It seems to be fixed in the latest node-gyp so when we
# next update Node we can probably remove this. For now, install
# setuptools since it contains distutils.
- run: brew install python-setuptools
- name: Download npm package
uses: actions/download-artifact@v5
with:
name: npm-release-package
- run: tar -xzf package.tar.gz
- run: npm run release:standalone
- run: npm run test:native
# Strip out the v (v4.9.1 -> 4.9.1).
- name: Get and set VERSION
run: |
TAG="${{ inputs.version || github.ref_name }}"
echo "VERSION=${TAG#v}" >> $GITHUB_ENV
- name: Build packages with nfpm
env:
VERSION: ${{ env.VERSION }}
run: npm run package
- uses: softprops/action-gh-release@v1
with:
draft: true
discussion_category_name: "📣 Announcements"
files: ./release-packages/*
package-macos-arm64:
name: arm64 macOS build
runs-on: macos-latest
timeout-minutes: 15
needs: npm-version
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Checkout repo
uses: actions/checkout@v6
- name: Install Node.js
uses: actions/setup-node@v6
with:
node-version-file: .node-version
cache: npm
cache-dependency-path: |
package-lock.json
test/package-lock.json
- run: SKIP_SUBMODULE_DEPS=1 npm ci
- name: Install nfpm
run: |
mkdir -p ~/.local/bin
curl -sSfL https://github.com/goreleaser/nfpm/releases/download/v2.3.1/nfpm_2.3.1_`uname -s`_`uname -m`.tar.gz | tar -C ~/.local/bin -zxv nfpm
echo "$HOME/.local/bin" >> $GITHUB_PATH
# The version of node-gyp we use depends on distutils but it was removed
# in Python 3.12. It seems to be fixed in the latest node-gyp so when we
# next update Node we can probably remove this. For now, install
# setuptools since it contains distutils.
- run: brew install python-setuptools
- name: Download npm package
uses: actions/download-artifact@v5
with:
name: npm-release-package
- run: tar -xzf package.tar.gz
- run: npm run release:standalone
- run: npm run test:native
# Strip out the v (v4.9.1 -> 4.9.1).
- name: Get and set VERSION
run: |
TAG="${{ inputs.version || github.ref_name }}"
echo "VERSION=${TAG#v}" >> $GITHUB_ENV
- name: Build packages with nfpm
env:
VERSION: ${{ env.VERSION }}
run: npm run package
- uses: softprops/action-gh-release@v1
with:
draft: true
discussion_category_name: "📣 Announcements"
files: ./release-packages/*
npm-package:
name: Upload npm package
runs-on: ubuntu-latest
timeout-minutes: 15
needs: npm-version
steps:
- name: Download npm package
uses: actions/download-artifact@v5
with:
name: npm-release-package
- uses: softprops/action-gh-release@v1
with:
draft: true
discussion_category_name: "📣 Announcements"
files: ./package.tar.gz
npm-version:
name: Modify package.json version
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- name: Download artifacts
uses: dawidd6/action-download-artifact@v12
id: download
with:
branch: ${{ github.ref }}
workflow: build.yaml
workflow_conclusion: completed
name: npm-package
check_artifacts: false
if_no_artifact_found: fail
- run: tar -xzf package.tar.gz
# Strip out the v (v4.9.1 -> 4.9.1).
- name: Get and set VERSION
run: |
TAG="${{ inputs.version || github.ref_name }}"
echo "VERSION=${TAG#v}" >> $GITHUB_ENV
- name: Modify version
env:
VERSION: ${{ env.VERSION }}
run: |
echo "Updating version in root package.json"
npm version --prefix release "$VERSION"
echo "Updating version in lib/vscode/product.json"
tmp=$(mktemp)
jq ".codeServerVersion = \"$VERSION\"" release/lib/vscode/product.json > "$tmp" && mv "$tmp" release/lib/vscode/product.json
# Ensure it has the same permissions as before
chmod 644 release/lib/vscode/product.json
- run: tar -czf package.tar.gz release
- name: Upload npm package artifact
uses: actions/upload-artifact@v4
with:
name: npm-release-package
path: ./package.tar.gz

67
.github/workflows/scripts.yaml vendored
View File

@ -1,67 +0,0 @@
name: Script unit tests
on:
push:
branches:
- main
paths:
- "**.sh"
- "**.bats"
pull_request:
branches:
- main
paths:
- "**.sh"
- "**.bats"
permissions:
actions: none
checks: none
contents: read
deployments: none
issues: none
packages: none
pull-requests: none
repository-projects: none
security-events: none
statuses: none
# Cancel in-progress runs for pull requests when developers push
# additional changes, and serialize builds in branches.
# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-concurrency-to-cancel-any-in-progress-job-or-run
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
jobs:
test:
name: Run script unit tests
runs-on: ubuntu-latest
# This runs on Alpine to make sure we're testing with actual sh.
container: "alpine:3.17"
steps:
- name: Checkout repo
uses: actions/checkout@v6
- name: Install test utilities
run: apk add bats checkbashisms
- name: Check Bashisms
run: checkbashisms ./install.sh
- name: Run script unit tests
run: ./ci/dev/test-scripts.sh
lint:
name: Lint shell files
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout repo
uses: actions/checkout@v6
- name: Install lint utilities
run: sudo apt install shellcheck
- name: Lint shell files
run: ./ci/dev/lint-scripts.sh

92
.github/workflows/security.yaml vendored
View File

@ -1,92 +0,0 @@
name: Security
on:
push:
branches: [main]
paths:
- "package.json"
pull_request:
paths:
- "package.json"
schedule:
# Runs every Monday morning PST
- cron: "17 15 * * 1"
# Cancel in-progress runs for pull requests when developers push additional
# changes, and serialize builds in branches.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
jobs:
audit:
name: Audit node modules
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- name: Checkout repo
uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Install Node.js
uses: actions/setup-node@v6
with:
node-version-file: .node-version
- name: Audit npm for vulnerabilities
run: npm audit
if: success()
trivy-scan-repo:
name: Scan repo with Trivy
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
runs-on: ubuntu-22.04
steps:
- name: Checkout repo
uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
with:
scan-type: "fs"
scan-ref: "."
ignore-unfixed: true
format: "template"
template: "@/contrib/sarif.tpl"
output: "trivy-repo-results.sarif"
severity: "HIGH,CRITICAL"
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v4
with:
sarif_file: "trivy-repo-results.sarif"
codeql-analyze:
permissions:
actions: read # for github/codeql-action/init to get workflow details
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/autobuild to send a status report
name: Analyze with CodeQL
runs-on: ubuntu-22.04
steps:
- name: Checkout repository
uses: actions/checkout@v6
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
with:
config-file: ./.github/codeql-config.yml
languages: javascript
- name: Autobuild
uses: github/codeql-action/autobuild@v4
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4

65
.github/workflows/trivy-docker.yaml vendored
View File

@ -1,65 +0,0 @@
name: Trivy Nightly Docker Scan
on:
# Run scans if the workflow is modified, in order to test the
# workflow itself. This results in some spurious notifications,
# but seems okay for testing.
pull_request:
branches:
- main
paths:
- .github/workflows/trivy-docker.yaml
# Run scans against master whenever changes are merged.
push:
branches:
- main
paths:
- .github/workflows/trivy-docker.yaml
schedule:
# Run at 10:15 am UTC (3:15am PT/5:15am CT)
# Run at 0 minutes 0 hours of every day.
- cron: "15 10 * * *"
workflow_dispatch:
permissions:
actions: none
checks: none
contents: read
deployments: none
issues: none
packages: none
pull-requests: none
repository-projects: none
security-events: write
statuses: none
# Cancel in-progress runs for pull requests when developers push
# additional changes, and serialize builds in branches.
# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-concurrency-to-cancel-any-in-progress-job-or-run
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
jobs:
trivy-scan-image:
runs-on: ubuntu-22.04
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Run Trivy vulnerability scanner in image mode
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
with:
image-ref: "docker.io/codercom/code-server:latest"
ignore-unfixed: true
format: "sarif"
output: "trivy-image-results.sarif"
severity: "HIGH,CRITICAL"
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v4
with:
sarif_file: "trivy-image-results.sarif"

31
.gitignore vendored
View File

@ -1,25 +1,8 @@
.tsbuildinfo
.cache
/out*/
release/
release-npm-package/
release-standalone/
release-packages/
release-gcp/
release-images/
/lib
node_modules
/plugins
/lib/coder-cloud-agent
.home
coverage
**/.DS_Store
# Code packages itself here.
/lib/vscode-reh-web-*
# Failed e2e test videos are saved here
test/test-results
# Quilt's internal data.
/.pc
/patches/*.diff~
dist
out
.DS_Store
release
.vscode
.cache

3
.gitmodules vendored
View File

@ -1,3 +0,0 @@
[submodule "lib/vscode"]
path = lib/vscode
url = https://github.com/microsoft/vscode

2
.node-version
View File

@ -1 +1 @@
22.21.1
10.15.1

1
.nvmrc
View File

@ -1 +0,0 @@
.node-version

10
.prettierignore
View File

@ -1,10 +0,0 @@
lib/vscode
lib/vscode-reh-web-linux-x64
release-standalone
release-packages
release
helm-chart
test/scripts
test/e2e/extensions/test-extension
.pc
package-lock.json

6
.prettierrc.yaml
View File

@ -1,6 +0,0 @@
printWidth: 120
semi: false
trailingComma: all
arrowParens: always
singleQuote: false
useTabs: false

151
.tours/contributing.tour
View File

@ -1,151 +0,0 @@
{
"$schema": "https://aka.ms/codetour-schema",
"title": "Contributing",
"steps": [
{
"directory": "src",
"line": 1,
"description": "Hello world! code-server's source code lives here in `src` (see the explorer). It's broadly arranged into browser code, Node code, and code shared between both."
},
{
"file": "src/node/entry.ts",
"line": 157,
"description": "code-server begins execution here. CLI arguments are parsed, special flags like --help are handled, then the HTTP server is started."
},
{
"file": "src/node/cli.ts",
"line": 28,
"description": "This describes all of the code-server CLI options and how they will be parsed."
},
{
"file": "src/node/cli.ts",
"line": 233,
"description": "Here's the actual CLI parser."
},
{
"file": "src/node/settings.ts",
"line": 1,
"description": "code-server maintains a settings file that is read and written here."
},
{
"file": "src/node/app.ts",
"line": 11,
"description": "The core of code-server are HTTP and web socket servers which are created here. They provide authentication, file access, an API, and serve web-based applications like VS Code."
},
{
"file": "src/node/wsRouter.ts",
"line": 38,
"description": "This is an analog to Express's Router that handles web socket routes."
},
{
"file": "src/node/http.ts",
"line": 1,
"description": "This file provides various HTTP utility functions."
},
{
"file": "src/node/coder_cloud.ts",
"line": 9,
"description": "The cloud agent spawned here provides the --link functionality."
},
{
"file": "src/node/heart.ts",
"line": 7,
"description": "code-server's heart beats to indicate recent activity.\n\nAlso documented here: [https://github.com/coder/code-server/blob/main/docs/FAQ.md#heartbeat-file](https://github.com/coder/code-server/blob/main/docs/FAQ.md#heartbeat-file)"
},
{
"file": "src/node/socket.ts",
"line": 13,
"description": "We pass sockets to child processes, however we can't pass TLS sockets so when code-server is handling TLS (via --cert) we use this to create a proxy that can be passed to the child."
},
{
"directory": "src/node/routes",
"line": 1,
"description": "code-server's routes live here in `src/node/routes` (see the explorer)."
},
{
"file": "src/node/routes/index.ts",
"line": 123,
"description": "The architecture of code-server allows it to be extended with applications via plugins. Each application is registered at its own route and handles requests at and below that route. Currently we have only VS Code (although it is not yet actually split out into a plugin)."
},
{
"file": "src/node/plugin.ts",
"line": 103,
"description": "The previously mentioned plugins are loaded here."
},
{
"file": "src/node/routes/apps.ts",
"line": 12,
"description": "This provides a list of the applications registered with code-server."
},
{
"file": "src/node/routes/domainProxy.ts",
"line": 18,
"description": "code-server provides a built-in proxy to help in developing web-based applications. This is the code for the domain-based proxy.\n\nAlso documented here: [https://github.com/coder/code-server/blob/main/docs/FAQ.md#how-do-i-securely-access-web-services](https://github.com/coder/code-server/blob/main/docs/FAQ.md#how-do-i-securely-access-web-services)"
},
{
"file": "src/node/routes/pathProxy.ts",
"line": 19,
"description": "Here is the path-based version of the proxy.\n\nAlso documented here: [https://github.com/coder/code-server/blob/main/docs/FAQ.md#how-do-i-securely-access-web-services](https://github.com/coder/code-server/blob/main/docs/FAQ.md#how-do-i-securely-access-web-services)"
},
{
"file": "src/node/proxy.ts",
"line": 4,
"description": "Both the domain and path proxy use the single proxy instance created here."
},
{
"file": "src/node/routes/health.ts",
"line": 5,
"description": "A simple endpoint that lets you see if code-server is up.\n\nAlso documented here: [https://github.com/coder/code-server/blob/main/docs/FAQ.md#healthz-endpoint](https://github.com/coder/code-server/blob/main/docs/FAQ.md#healthz-endpoint)"
},
{
"file": "src/node/routes/login.ts",
"line": 46,
"description": "code-server supports a password-based login here."
},
{
"file": "src/node/routes/static.ts",
"line": 16,
"description": "This serves static assets. Anything under the code-server directory can be fetched. Anything outside requires authentication."
},
{
"file": "src/node/routes/update.ts",
"line": 10,
"description": "This endpoint lets you query for the latest code-server version. It's used to power the update popup you see in VS Code."
},
{
"file": "src/node/routes/vscode.ts",
"line": 15,
"description": "This is the endpoint that serves VS Code's HTML, handles VS Code's websockets, and handles a few VS Code-specific endpoints for fetching static files."
},
{
"file": "src/node/vscode.ts",
"line": 13,
"description": "The actual VS Code spawn and initialization is handled here. VS Code runs in a separate child process. We communicate via IPC and by passing it web sockets."
},
{
"file": "src/browser/serviceWorker.ts",
"line": 1,
"description": "The service worker only exists to provide PWA functionality."
},
{
"directory": "src/browser/pages",
"line": 1,
"description": "HTML, CSS, and JavaScript for each page lives in here `src/browser/pages` (see the explorer). Currently our HTML uses a simple search and replace template system with variables that {{LOOK_LIKE_THIS}}."
},
{
"file": "src/browser/pages/vscode.html",
"line": 1,
"description": "The VS Code HTML is based off VS Code's own `workbench.html`."
},
{
"directory": "src/browser/media",
"line": 1,
"description": "Static images and the manifest live here in `src/browser/media` (see the explorer)."
},
{
"directory": "lib/vscode",
"line": 1,
"description": "code-server makes use of VS Code's frontend web/remote support. Most of the modifications implement the remote server since that portion of the code is closed source and not released with VS Code.\n\nWe also have a few bug fixes and have added some features (like client-side extensions). See [https://github.com/coder/code-server/blob/main/docs/CONTRIBUTING.md#modifications-to-vs-code](https://github.com/coder/code-server/blob/main/docs/CONTRIBUTING.md#modifications-to-vs-code) for a list.\n\nWe make an effort to keep the modifications as few as possible."
}
]
}

26
.tours/start-development.tour
View File

@ -1,26 +0,0 @@
{
"$schema": "https://aka.ms/codetour-schema",
"title": "Start Development",
"steps": [
{
"file": "package.json",
"line": 31,
"description": "## Commands\n\nTo start developing, make sure you have Node 16+ and the [required dependencies](https://github.com/Microsoft/vscode/wiki/How-to-Contribute#prerequisites) installed. Then, run the following commands:\n\n1. Install dependencies:\n>> npm\n\n3. Start development mode (and watch for changes):\n>> npm run watch"
},
{
"file": "src/node/app.ts",
"line": 68,
"description": "## Visit the web server\n\nIf all goes well, you should see something like this in your terminal. code-server should be live in development mode.\n\n---\n```bash\n[2020-12-09T21:03:37.156Z] info code-server 3.7.4 development\n[2020-12-09T21:03:37.157Z] info Using user-data-dir ~/.local/share/code-server\n[2020-12-09T21:03:37.165Z] info Using config file ~/.config/code-server/config.yaml\n[2020-12-09T21:03:37.165Z] info HTTP server listening on http://127.0.0.1:8080 \n[2020-12-09T21:03:37.165Z] info - Authentication is enabled\n[2020-12-09T21:03:37.165Z] info - Using password from ~/.config/code-server/config.yaml\n[2020-12-09T21:03:37.165Z] info - Not serving HTTPS\n```\n\n---\n\nIf you have the default configuration, you can access it at [http://localhost:8080](http://localhost:8080)."
},
{
"file": "src/browser/pages/login.html",
"line": 26,
"description": "## Make a change\n\nThis is the login page, let's make a change and see it update on our web server! Perhaps change the text :)\n\n```html\n<div class=\"sub\">Modifying the login page 👨🏼‍💻</div>\n```\n\nReminder, you can likely preview at [http://localhost:8080](http://localhost:8080)"
},
{
"file": "src/node/app.ts",
"line": 62,
"description": "## That's it!\n\n\nThat's all there is to it! When this tour ends, your terminal session may stop, but just use `npm run watch` to start developing from here on out!\n\n\nIf you haven't already, be sure to check out these resources:\n- [Tour: Contributing](command:codetour.startTourByTitle?[\"Contributing\"])\n- [Docs: FAQ.md](https://github.com/coder/code-server/blob/main/docs/FAQ.md)\n- [Docs: CONTRIBUTING.md](https://github.com/coder/code-server/blob/main/docs/CONTRIBUTING.md)\n- [Community: GitHub Discussions](https://github.com/coder/code-server/discussions)\n- [Community: Slack](https://community.coder.com)"
}
]
}

51
.travis.yml Normal file
View File

@ -0,0 +1,51 @@
language: node_js
node_js:
- 10.15.1
services:
- docker
matrix:
include:
- os: linux
dist: trusty
env:
- VSCODE_VERSION="1.33.1" MAJOR_VERSION="1" VERSION="$MAJOR_VERSION.$TRAVIS_BUILD_NUMBER-vsc$VSCODE_VERSION" TARGET="centos"
- os: linux
dist: trusty
env:
- VSCODE_VERSION="1.33.1" MAJOR_VERSION="1" VERSION="$MAJOR_VERSION.$TRAVIS_BUILD_NUMBER-vsc$VSCODE_VERSION" TARGET="alpine"
- os: osx
env:
- VSCODE_VERSION="1.33.1" MAJOR_VERSION="1" VERSION="$MAJOR_VERSION.$TRAVIS_BUILD_NUMBER-vsc$VSCODE_VERSION"
before_install:
- if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then sudo apt-get install libxkbfile-dev
libsecret-1-dev; fi
- npm install -g yarn@1.12.3
script:
- scripts/build.sh
before_deploy:
- echo "$VERSION" "$TRAVIS_COMMIT"
- git config --local user.name "$USER_NAME"
- git config --local user.email "$USER_EMAIL"
- git tag "$VERSION" "$TRAVIS_COMMIT"
- if [[ “$TRAVIS_OS_NAME” == “osx” ]]; then yarn task package $VERSION; fi
deploy:
provider: releases
file_glob: true
draft: true
tag_name: "$VERSION"
target_commitish: "$TRAVIS_COMMIT"
name: "$VERSION"
skip_cleanup: true
api_key:
secure: YL/x24KjYjgYXPcJWk3FV7FGxI79Mh6gBECQEcdlf3fkLEoKFVgzHBoUNWrFPzyR4tgLyWNAgcpD9Lkme1TRWTom7UPjXcwMNyLcLa+uec7ciSAnYD9ntLTpiCuPDD1u0LtRGclSi/EHQ+F8YVq+HZJpXTsJeAmOmihma3GVbGKSZr+BRum+0YZSG4w+o4TOlYzw/4bLWS52MogZcwpjd+hemBbgXLuGU2ziKv2vEKCZFbEeA16II4x1WLI4mutDdCeh7+3aLzGLwDa49NxtsVYNjyNFF75JhCTCNA55e2YMiLz9Uq69IXe/mi5F7xUaFfhIqqLNyKBnKeEOzu3dYnc+8n3LjnQ+00PmkF05nx9kBn3UfV1kwQGh6QbyDmTtBP07rtUMyI14aeQqHjxsaVRdMnwj9Q2DjXRr8UDqESZF0rmK3pHCXS2fBhIzLE8tLVW5Heiba2pQRFMHMZW+KBE97FzcFh7is90Ait3T8enfcd/PWFPYoBejDAdjwxwOkezh5N5ZkYquEfDYuWrFi6zRFCktsruaAcA+xGtTf9oilBBzUqu8Ie+YFWH5me83xakcblJWdaW/D2rLJAJH3m6LFm8lBqyUgDX5t/etob6CpDuYHu5D1J3XINOj/+aLAcadq6qlh70PMZS3zYffUu3JlzaD2amlSHIT8b5YXFc=
file:
- release/*.tar.gz
- release/*.zip
on:
repo: cdr/code-server
branch: master
cache:
yarn: true
timeout: 1000
directories:
- .cache

1270
CHANGELOG.md
View File

File diff suppressed because it is too large Load Diff

53
Dockerfile Normal file
View File

@ -0,0 +1,53 @@
FROM node:10.15.1
# Install VS Code's deps. These are the only two it seems we need.
RUN apt-get update && apt-get install -y \
libxkbfile-dev \
libsecret-1-dev
# Ensure latest yarn.
RUN npm install -g yarn@1.13
WORKDIR /src
COPY . .
# In the future, we can use https://github.com/yarnpkg/rfcs/pull/53 to make yarn use the node_modules
# directly which should be fast as it is slow because it populates its own cache every time.
RUN yarn && NODE_ENV=production yarn task build:server:binary
# We deploy with ubuntu so that devs have a familiar environment.
FROM ubuntu:18.04
RUN apt-get update && apt-get install -y \
openssl \
net-tools \
git \
locales \
sudo \
dumb-init \
vim \
curl \
wget
RUN locale-gen en_US.UTF-8
# We unfortunately cannot use update-locale because docker will not use the env variables
# configured in /etc/default/locale so we need to set it manually.
ENV LC_ALL=en_US.UTF-8
RUN adduser --gecos '' --disabled-password coder && \
echo "coder ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/nopasswd
USER coder
# We create first instead of just using WORKDIR as when WORKDIR creates, the user is root.
RUN mkdir -p /home/coder/project
WORKDIR /home/coder/project
# This assures we have a volume mounted even if the user forgot to do bind mount.
# So that they do not lose their data if they delete the container.
VOLUME [ "/home/coder/project" ]
COPY --from=0 /src/packages/server/cli-linux-x64 /usr/local/bin/code-server
EXPOSE 8443
ENTRYPOINT ["dumb-init", "code-server"]

90
README.md Normal file
View File

@ -0,0 +1,90 @@
# code-server
[!["Open Issues"](https://img.shields.io/github/issues-raw/cdr/code-server.svg)](https://github.com/cdr/code-server/issues)
[!["Latest Release"](https://img.shields.io/github/release/cdr/code-server.svg)](https://github.com/cdr/code-server/releases/latest)
[![MIT license](https://img.shields.io/badge/license-MIT-green.svg)](https://github.com/cdr/code-server/blob/master/LICENSE)
[![Discord](https://img.shields.io/discord/463752820026376202.svg?label=&logo=discord&logoColor=ffffff&color=7389D8&labelColor=6A7EC2)](https://discord.gg/zxSwN8Z)
`code-server` is [VS Code](https://github.com/Microsoft/vscode) running on a remote server, accessible through the browser.
Try it out:
```bash
docker run -it -p 127.0.0.1:8443:8443 -v "${PWD}:/home/coder/project" codercom/code-server --allow-http --no-auth
```
- Code on your Chromebook, tablet, and laptop with a consistent dev environment.
- If you have a Windows or Mac workstation, more easily develop for Linux.
- Take advantage of large cloud servers to speed up tests, compilations, downloads, and more.
- Preserve battery life when you're on the go.
- All intensive computation runs on your server.
- You're no longer running excess instances of Chrome.
![Screenshot](/doc/assets/ide.png)
## Getting Started
### Run over SSH
Use [sshcode](https://github.com/codercom/sshcode) for a simple setup.
### Docker
See docker oneliner mentioned above. Dockerfile is at [/Dockerfile](/Dockerfile).
### Binaries
1. [Download a binary](https://github.com/cdr/code-server/releases) (Linux and OS X supported. Windows coming soon)
2. Start the binary with the project directory as the first argument
```
code-server <initial directory to open>
```
> You will be prompted to enter the password shown in the CLI
`code-server` should now be running at https://localhost:8443.
> code-server uses a self-signed SSL certificate that may prompt your browser to ask you some additional questions before you proceed. Please [read here](doc/self-hosted/index.md) for more information.
For detailed instructions and troubleshooting, see the [self-hosted quick start guide](doc/self-hosted/index.md).
Quickstart guides for [Google Cloud](doc/admin/install/google_cloud.md), [AWS](doc/admin/install/aws.md), and [DigitalOcean](doc/admin/install/digitalocean.md).
How to [secure your setup](/doc/security/ssl.md).
## Development
### Known Issues
- Creating custom VS Code extensions and debugging them doesn't work.
### Future
- **Stay up to date!** Get notified about new releases of code-server.
![Screenshot](/doc/assets/release.gif)
- Windows support.
- Electron and Chrome OS applications to bridge the gap between local<->remote.
- Run VS Code unit tests against our builds to ensure features work as expected.
### Extensions
At the moment we can't use the official VSCode Marketplace. We've created a custom extension marketplace focused around open-sourced extensions. However, if you have access to the `.vsix` file, you can manually install the extension.
## Telemetry
Use the `--disable-telemetry` flag or set `DISABLE_TELEMETRY=true` to disable tracking ENTIRELY.
We use data collected to improve code-server.
## Contributing
Development guides are coming soon.
## License
[MIT](LICENSE)
## Enterprise
Visit [our enterprise page](https://coder.com/enterprise) for more information about our enterprise offering.
## Commercialization
If you would like to commercialize code-server, please contact contact@coder.com.

22
ThirdPartyNotices.txt
View File

@ -1,22 +0,0 @@
code-server
THIRD-PARTY SOFTWARE NOTICES AND INFORMATION
Do Not Translate or Localize
1. Microsoft/vscode version 1.47.0 (https://github.com/Microsoft/vscode)
%% Microsoft/vscode NOTICES AND INFORMATION BEGIN HERE
=========================================
MIT License
Copyright (c) 2015 - present Microsoft Corporation
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

42
build/platform.ts Normal file
View File

@ -0,0 +1,42 @@
/**
* Script that detects platform name and arch.
* Cannot use os.platform() as that won't detect libc version
*/
import * as cp from "child_process";
import * as fs from "fs";
import * as os from "os";
enum Lib {
GLIBC,
MUSL,
}
const CLIB: Lib | undefined = ((): Lib | undefined => {
if (os.platform() !== "linux") {
return;
}
const glibc = cp.spawnSync("getconf", ["GNU_LIBC_VERSION"]);
if (glibc.status === 0) {
return Lib.GLIBC;
}
const ldd = cp.spawnSync("ldd", ["--version"]);
if (ldd.stdout && ldd.stdout.indexOf("musl") !== -1) {
return Lib.MUSL;
}
const muslFile = fs.readdirSync("/lib").find((value) => value.startsWith("libc.musl"));
if (muslFile) {
return Lib.MUSL;
}
return Lib.GLIBC;
})();
export const platform = (): NodeJS.Platform | "musl" => {
if (CLIB === Lib.MUSL) {
return "musl";
}
return os.platform();
};

203
build/tasks.ts Normal file
View File

@ -0,0 +1,203 @@
import { register, run } from "@coder/runner";
import * as fs from "fs";
import * as fse from "fs-extra";
import * as os from "os";
import { platform } from "./platform";
import * as path from "path";
import * as zlib from "zlib";
import * as https from "https";
import * as tar from "tar";
const isWin = os.platform() === "win32";
const libPath = path.join(__dirname, "../lib");
const vscodePath = path.join(libPath, "vscode");
const defaultExtensionsPath = path.join(libPath, "extensions");
const pkgsPath = path.join(__dirname, "../packages");
const vscodeVersion = process.env.VSCODE_VERSION || "1.33.1";
const vsSourceUrl = `https://codesrv-ci.cdr.sh/vstar-${vscodeVersion}.tar.gz`;
const buildServerBinary = register("build:server:binary", async (runner) => {
await ensureInstalled();
await Promise.all([
buildBootstrapFork(),
buildWeb(),
buildServerBundle(),
buildAppBrowser(),
]);
await buildServerBinaryPackage();
});
const buildServerBinaryPackage = register("build:server:binary:package", async (runner) => {
const cliPath = path.join(pkgsPath, "server");
runner.cwd = cliPath;
if (!fs.existsSync(path.join(cliPath, "out"))) {
throw new Error("Cannot build binary without server bundle built");
}
await buildServerBinaryCopy();
const resp = await runner.execute(isWin ? "npm.cmd" : "npm", ["run", "build:binary"]);
if (resp.exitCode !== 0) {
throw new Error(`Failed to package binary: ${resp.stderr}`);
}
});
const buildServerBinaryCopy = register("build:server:binary:copy", async (runner) => {
const cliPath = path.join(pkgsPath, "server");
const cliBuildPath = path.join(cliPath, "build");
fse.removeSync(cliBuildPath);
fse.mkdirpSync(path.join(cliBuildPath, "extensions"));
const bootstrapForkPath = path.join(pkgsPath, "vscode", "out", "bootstrap-fork.js");
const webOutputPath = path.join(pkgsPath, "web", "out");
const browserAppOutputPath = path.join(pkgsPath, "app", "browser", "out");
let ripgrepPath = path.join(pkgsPath, "..", "lib", "vscode", "node_modules", "vscode-ripgrep", "bin", "rg");
if (isWin) {
ripgrepPath += ".exe";
}
if (!fs.existsSync(webOutputPath)) {
throw new Error("Web bundle must be built");
}
if (!fs.existsSync(defaultExtensionsPath)) {
throw new Error("Default extensions must be built");
}
if (!fs.existsSync(bootstrapForkPath)) {
throw new Error("Bootstrap fork must exist");
}
if (!fs.existsSync(ripgrepPath)) {
throw new Error("Ripgrep must exist");
}
fse.copySync(defaultExtensionsPath, path.join(cliBuildPath, "extensions"));
fs.writeFileSync(path.join(cliBuildPath, "bootstrap-fork.js.gz"), zlib.gzipSync(fs.readFileSync(bootstrapForkPath)));
const cpDir = (dir: string, rootPath: string, subdir?: "login"): void => {
const stat = fs.statSync(dir);
if (stat.isDirectory()) {
const paths = fs.readdirSync(dir);
paths.forEach((p) => cpDir(path.join(dir, p), rootPath, subdir));
} else if (stat.isFile()) {
const newPath = path.join(cliBuildPath, "web", subdir || "", path.relative(rootPath, dir));
fse.mkdirpSync(path.dirname(newPath));
fs.writeFileSync(newPath + ".gz", zlib.gzipSync(fs.readFileSync(dir)));
} else {
// Nothing
}
};
cpDir(webOutputPath, webOutputPath);
cpDir(browserAppOutputPath, browserAppOutputPath, "login");
fse.mkdirpSync(path.join(cliBuildPath, "dependencies"));
fse.copySync(ripgrepPath, path.join(cliBuildPath, "dependencies", "rg"));
});
const buildServerBundle = register("build:server:bundle", async (runner) => {
const cliPath = path.join(pkgsPath, "server");
runner.cwd = cliPath;
await runner.execute(isWin ? "npm.cmd" : "npm", ["run", "build"]);
});
const buildBootstrapFork = register("build:bootstrap-fork", async (runner) => {
await ensureInstalled();
await ensurePatched();
const vscodePkgPath = path.join(pkgsPath, "vscode");
runner.cwd = vscodePkgPath;
await runner.execute(isWin ? "npm.cmd" : "npm", ["run", "build:bootstrap-fork"]);
});
const buildAppBrowser = register("build:app:browser", async (runner) => {
await ensureInstalled();
const appPath = path.join(pkgsPath, "app/browser");
runner.cwd = appPath;
fse.removeSync(path.join(appPath, "out"));
await runner.execute(isWin ? "npm.cmd" : "npm", ["run", "build"]);
});
const buildWeb = register("build:web", async (runner) => {
await ensureInstalled();
await ensurePatched();
const webPath = path.join(pkgsPath, "web");
runner.cwd = webPath;
fse.removeSync(path.join(webPath, "out"));
await runner.execute(isWin ? "npm.cmd" : "npm", ["run", "build"]);
});
const ensureInstalled = register("vscode:install", async (runner) => {
runner.cwd = libPath;
if (fs.existsSync(vscodePath) && fs.existsSync(defaultExtensionsPath)) {
const pkgVersion = JSON.parse(fs.readFileSync(path.join(vscodePath, "package.json")).toString("utf8")).version;
if (pkgVersion === vscodeVersion) {
runner.cwd = vscodePath;
const reset = await runner.execute("git", ["reset", "--hard"]);
if (reset.exitCode !== 0) {
throw new Error(`Failed to clean git repository: ${reset.stderr}`);
}
return;
}
}
fse.removeSync(libPath);
fse.mkdirpSync(libPath);
await new Promise<void>((resolve, reject): void => {
https.get(vsSourceUrl, (res) => {
if (res.statusCode !== 200) {
return reject(res.statusMessage);
}
res.pipe(tar.x({
C: libPath,
}).on("finish", () => {
resolve();
}).on("error", (err: Error) => {
reject(err);
}));
}).on("error", (err) => {
reject(err);
});
});
});
const ensurePatched = register("vscode:patch", async (runner) => {
if (!fs.existsSync(vscodePath)) {
throw new Error("vscode must be cloned to patch");
}
await ensureInstalled();
runner.cwd = vscodePath;
const patchPath = path.join(__dirname, "../scripts/vscode.patch");
const apply = await runner.execute("git", ["apply", "--unidiff-zero", patchPath]);
if (apply.exitCode !== 0) {
throw new Error(`Failed to apply patches: ${apply.stderr}`);
}
});
register("package", async (runner, releaseTag) => {
if (!releaseTag) {
throw new Error("Please specify the release tag.");
}
const releasePath = path.resolve(__dirname, "../release");
const archiveName = `code-server${releaseTag}-${platform()}-${os.arch()}`;
const archiveDir = path.join(releasePath, archiveName);
fse.removeSync(archiveDir);
fse.mkdirpSync(archiveDir);
const binaryPath = path.join(__dirname, `../packages/server/cli-${platform()}-${os.arch()}`);
const binaryDestination = path.join(archiveDir, "code-server");
fse.copySync(binaryPath, binaryDestination);
fs.chmodSync(binaryDestination, "755");
["README.md", "LICENSE"].forEach((fileName) => {
fse.copySync(path.resolve(__dirname, `../${fileName}`), path.join(archiveDir, fileName));
});
runner.cwd = releasePath;
await (os.platform() === "linux"
? runner.execute("tar", ["-cvzf", `${archiveName}.tar.gz`, `${archiveName}`])
: runner.execute("zip", ["-r", `${archiveName}.zip`, `${archiveName}`]));
});
run();

15
ci/Caddyfile
View File

@ -1,15 +0,0 @@
{
admin localhost:4444
}
:8000 {
@portLocalhost path_regexp port ^/([0-9]+)\/ide
handle @portLocalhost {
uri strip_prefix {re.port.1}/ide
reverse_proxy localhost:{re.port.1}
}
handle {
respond "Bad hostname" 400
}
}

112
ci/README.md
View File

@ -1,112 +0,0 @@
# ci
This directory contains scripts used for code-server's continuous integration infrastructure.
Some of these scripts contain more detailed documentation and options
in header comments.
Any file or directory in this subdirectory should be documented here.
- [./ci/lib.sh](./lib.sh)
- Contains code duplicated across these scripts.
## dev
This directory contains scripts used for the development of code-server.
- [./ci/dev/image](./dev/image)
- See [./docs/CONTRIBUTING.md](../docs/CONTRIBUTING.md) for docs on the development container.
- [./ci/dev/fmt.sh](./dev/fmt.sh) (`npm run fmt`)
- Runs formatters.
- [./ci/dev/lint.sh](./dev/lint.sh) (`npm run lint`)
- Runs linters.
- [./ci/dev/test-unit.sh](./dev/test-unit.sh) (`npm run test:unit`)
- Runs unit tests.
- [./ci/dev/test-e2e.sh](./dev/test-e2e.sh) (`npm run test:e2e`)
- Runs end-to-end tests.
- [./ci/dev/watch.ts](./dev/watch.ts) (`npm run watch`)
- Starts a process to build and launch code-server and restart on any code changes.
- Example usage in [./docs/CONTRIBUTING.md](../docs/CONTRIBUTING.md).
- [./ci/dev/gen_icons.sh](./dev/gen_icons.sh) (`npm run icons`)
- Generates the various icons from a single `.svg` favicon in
`src/browser/media/favicon.svg`.
- Requires [imagemagick](https://imagemagick.org/index.php)
## build
This directory contains the scripts used to build and release code-server.
You can disable minification by setting `MINIFY=`.
- [./ci/build/build-code-server.sh](./build/build-code-server.sh) (`npm run build`)
- Builds code-server into `./out` and bundles the frontend into `./dist`.
- [./ci/build/build-vscode.sh](./build/build-vscode.sh) (`npm run build:vscode`)
- Builds vscode into `./lib/vscode/out-vscode`.
- [./ci/build/build-release.sh](./build/build-release.sh) (`npm run release`)
- Bundles the output of the above two scripts into a single node module at `./release`.
- [./ci/build/clean.sh](./build/clean.sh) (`npm run clean`)
- Removes all build artifacts.
- Useful to do a clean build.
- [./ci/build/code-server.sh](./build/code-server.sh)
- Copied into standalone releases to run code-server with the bundled node binary.
- [./ci/build/test-standalone-release.sh](./build/test-standalone-release.sh) (`npm run test:standalone-release`)
- Ensures code-server in the `./release-standalone` directory works by installing an extension.
- [./ci/build/build-packages.sh](./build/build-packages.sh) (`npm run package`)
- Packages `./release-standalone` into a `.tar.gz` archive in `./release-packages`.
- If on linux, [nfpm](https://github.com/goreleaser/nfpm) is used to generate `.deb` and `.rpm`.
- [./ci/build/nfpm.yaml](./build/nfpm.yaml)
- Used to configure [nfpm](https://github.com/goreleaser/nfpm) to generate `.deb` and `.rpm`.
- [./ci/build/code-server-nfpm.sh](./build/code-server-nfpm.sh)
- Entrypoint script for code-server for `.deb` and `.rpm`.
- [./ci/build/code-server.service](./build/code-server.service)
- systemd user service packaged into the `.deb` and `.rpm`.
- [./ci/build/release-github-draft.sh](./build/release-github-draft.sh) (`npm run release:github-draft`)
- Uses [gh](https://github.com/cli/cli) to create a draft release with a template description.
- [./ci/build/release-github-assets.sh](./build/release-github-assets.sh) (`npm run release:github-assets`)
- Downloads the release-package artifacts for the current commit from CI.
- Uses [gh](https://github.com/cli/cli) to upload the artifacts to the release
specified in `package.json`.
- [./ci/build/npm-postinstall.sh](./build/npm-postinstall.sh)
- Post install script for the npm package.
- Bundled by`npm run release`.
## release-image
This directory contains the release docker container image.
- [./ci/steps/build-docker-buildx-push.sh](./steps/docker-buildx-push.sh)
- Builds the release containers with tags `codercom/code-server-$ARCH:$VERSION` for amd64 and arm64 with `docker buildx` and pushes them.
- Assumes debian releases are ready in `./release-packages`.
## images
This directory contains the images for CI.
## steps
This directory contains the scripts used in CI.
Helps avoid clobbering the CI configuration.
- [./steps/fmt.sh](./steps/fmt.sh)
- Runs `npm run fmt`.
- [./steps/lint.sh](./steps/lint.sh)
- Runs `npm run lint`.
- [./steps/test-unit.sh](./steps/test-unit.sh)
- Runs `npm run test:unit`.
- [./steps/test-integration.sh](./steps/test-integration.sh)
- Runs `npm run test:integration`.
- [./steps/test-e2e.sh](./steps/test-e2e.sh)
- Runs `npm run test:e2e`.
- [./steps/release.sh](./steps/release.sh)
- Runs the release process.
- Generates the npm package at `./release`.
- [./steps/release-packages.sh](./steps/release-packages.sh)
- Takes the output of the previous script and generates a standalone release and
release packages into `./release-packages`.
- [./steps/publish-npm.sh](./steps/publish-npm.sh)
- Grabs the `npm-package` release artifact for the current commit and publishes it on npm.
- [./steps/docker-buildx-push.sh](./steps/docker-buildx-push.sh)
- Builds the docker image and then pushes it.
- [./steps/push-docker-manifest.sh](./steps/push-docker-manifest.sh)
- Loads all images in `./release-images` and then builds and pushes a multi architecture
docker manifest for the amd64 and arm64 images to `codercom/code-server:$VERSION` and
`codercom/code-server:latest`.

19
ci/build/build-code-server.sh
View File

@ -1,19 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
# Builds code-server into out and the frontend into dist.
main() {
cd "$(dirname "${0}")/../.."
tsc
# If out/node/entry.js does not already have the shebang,
# we make sure to add it and make it executable.
if ! grep -q -m1 "^#!/usr/bin/env node" out/node/entry.js; then
sed -i.bak "1s;^;#!/usr/bin/env node\n;" out/node/entry.js && rm out/node/entry.js.bak
chmod +x out/node/entry.js
fi
}
main "$@"

28
ci/build/build-lib.sh
View File

@ -1,28 +0,0 @@
#!/usr/bin/env bash
# This is a library which contains functions used inside ci/build
#
# We separated it into it's own file so that we could easily unit test
# these functions and helpers.
# On some CPU architectures (notably node/uname "armv7l", default on Raspberry Pis),
# different package managers have different labels for the same CPU (deb=armhf, rpm=armhfp).
# This function returns the overriden arch on platforms
# with alternate labels, or the same arch otherwise.
get_nfpm_arch() {
local PKG_FORMAT="${1:-}"
local ARCH="${2:-}"
case "$ARCH" in
armv7l)
if [ "$PKG_FORMAT" = "deb" ]; then
echo armhf
elif [ "$PKG_FORMAT" = "rpm" ]; then
echo armhfp
fi
;;
*)
echo "$ARCH"
;;
esac
}

70
ci/build/build-packages.sh
View File

@ -1,70 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
# Given a platform-specific release found in ./release-standalone, generate an
# compressed archives and bundles (as appropriate for the platform) named after
# the platform's architecture and OS and place them in ./release-packages and
# ./release-gcp.
main() {
cd "$(dirname "${0}")/../.."
source ./ci/lib.sh
source ./ci/build/build-lib.sh
# Allow us to override architecture
# we use this for our Linux ARM64 cross compile builds
if [ "$#" -eq 1 ] && [ "$1" ]; then
ARCH=$1
fi
mkdir -p release-packages
release_archive
if [[ $OS == "linux" ]]; then
release_nfpm
fi
}
release_archive() {
local release_name="code-server-$VERSION-$OS-$ARCH"
if [[ $OS == "linux" ]]; then
tar -czf "release-packages/$release_name.tar.gz" --owner=0 --group=0 --transform "s/^\.\/release-standalone/$release_name/" ./release-standalone
else
tar -czf "release-packages/$release_name.tar.gz" -s "/^release-standalone/$release_name/" release-standalone
fi
echo "done (release-packages/$release_name)"
release_gcp
}
release_gcp() {
mkdir -p "release-gcp/$VERSION"
cp "release-packages/$release_name.tar.gz" "./release-gcp/$VERSION/$OS-$ARCH.tar.gz"
mkdir -p "release-gcp/latest"
cp "./release-packages/$release_name.tar.gz" "./release-gcp/latest/$OS-$ARCH.tar.gz"
}
# Generates deb and rpm packages.
release_nfpm() {
local nfpm_config
export NFPM_ARCH
PKG_FORMAT="deb"
NFPM_ARCH="$(get_nfpm_arch $PKG_FORMAT "$ARCH")"
nfpm_config="$(envsubst < ./ci/build/nfpm.yaml)"
echo "Building deb"
echo "$nfpm_config" | head --lines=4
nfpm pkg -f <(echo "$nfpm_config") --target "release-packages/code-server_${VERSION}_${NFPM_ARCH}.deb"
PKG_FORMAT="rpm"
NFPM_ARCH="$(get_nfpm_arch $PKG_FORMAT "$ARCH")"
nfpm_config="$(envsubst < ./ci/build/nfpm.yaml)"
echo "Building rpm"
echo "$nfpm_config" | head --lines=4
nfpm pkg -f <(echo "$nfpm_config") --target "release-packages/code-server-$VERSION-$NFPM_ARCH.rpm"
}
main "$@"

136
ci/build/build-release.sh
View File

@ -1,136 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
# Once both code-server and VS Code have been built, use this script to copy
# them into a single directory (./release), prepare the package.json and
# product.json, and add shrinkwraps. This results in a generic NPM package that
# we published to NPM and also use to compile platform-specific packages.
# MINIFY controls whether minified VS Code is bundled. It must match the value
# used when VS Code was built.
MINIFY="${MINIFY-true}"
# node_modules are not copied by default. Set KEEP_MODULES=1 to copy them.
KEEP_MODULES="${KEEP_MODULES-0}"
main() {
cd "$(dirname "${0}")/../.."
source ./ci/lib.sh
VSCODE_SRC_PATH="lib/vscode"
VSCODE_OUT_PATH="$RELEASE_PATH/lib/vscode"
create_shrinkwraps
mkdir -p "$RELEASE_PATH"
bundle_code_server
bundle_vscode
rsync ./docs/README.md "$RELEASE_PATH"
rsync LICENSE "$RELEASE_PATH"
rsync ./lib/vscode/ThirdPartyNotices.txt "$RELEASE_PATH"
}
bundle_code_server() {
rsync out "$RELEASE_PATH"
# For source maps and images.
mkdir -p "$RELEASE_PATH/src/browser"
rsync src/browser/media/ "$RELEASE_PATH/src/browser/media"
mkdir -p "$RELEASE_PATH/src/browser/pages"
rsync src/browser/pages/*.html "$RELEASE_PATH/src/browser/pages"
rsync src/browser/pages/*.css "$RELEASE_PATH/src/browser/pages"
rsync src/browser/robots.txt "$RELEASE_PATH/src/browser"
# Adds the commit to package.json
jq --slurp '(.[0] | del(.scripts,.jest,.devDependencies)) * .[1]' package.json <(
cat << EOF
{
"commit": "$(git rev-parse HEAD)",
"scripts": {
"postinstall": "sh ./postinstall.sh"
}
}
EOF
) > "$RELEASE_PATH/package.json"
mv npm-shrinkwrap.json "$RELEASE_PATH"
rsync ci/build/npm-postinstall.sh "$RELEASE_PATH/postinstall.sh"
if [ "$KEEP_MODULES" = 1 ]; then
rsync node_modules/ "$RELEASE_PATH/node_modules"
fi
}
bundle_vscode() {
mkdir -p "$VSCODE_OUT_PATH"
local rsync_opts=()
if [[ ${DEBUG-} = 1 ]]; then
rsync_opts+=(-vh)
fi
# Some extensions have a .gitignore which excludes their built source from the
# npm package so exclude any .gitignore files.
rsync_opts+=(--exclude .gitignore)
# Exclude Node as we will add it ourselves for the standalone and will not
# need it for the npm package.
rsync_opts+=(--exclude /node)
# Exclude Node modules.
if [[ $KEEP_MODULES = 0 ]]; then
rsync_opts+=(--exclude node_modules)
fi
rsync "${rsync_opts[@]}" ./lib/vscode-reh-web-*/ "$VSCODE_OUT_PATH"
# Merge the package.json for the web/remote server so we can include
# dependencies, since we want to ship this via NPM.
jq --slurp '.[0] * .[1]' \
"$VSCODE_SRC_PATH/remote/package.json" \
"$VSCODE_OUT_PATH/package.json" > "$VSCODE_OUT_PATH/package.json.merged"
mv "$VSCODE_OUT_PATH/package.json.merged" "$VSCODE_OUT_PATH/package.json"
cp "$VSCODE_SRC_PATH/remote/npm-shrinkwrap.json" "$VSCODE_OUT_PATH/npm-shrinkwrap.json"
# Include global extension dependencies as well.
rsync "$VSCODE_SRC_PATH/extensions/package.json" "$VSCODE_OUT_PATH/extensions/package.json"
cp "$VSCODE_SRC_PATH/extensions/npm-shrinkwrap.json" "$VSCODE_OUT_PATH/extensions/npm-shrinkwrap.json"
rsync "$VSCODE_SRC_PATH/extensions/postinstall.mjs" "$VSCODE_OUT_PATH/extensions/postinstall.mjs"
}
create_shrinkwraps() {
# package-lock.json files (used to ensure deterministic versions of
# dependencies) are not packaged when publishing to the NPM registry.
#
# To ensure deterministic dependency versions (even when code-server is
# installed with NPM), we create an npm-shrinkwrap.json file from the
# currently installed node_modules. This ensures the versions used from
# development (that the package-lock.json guarantees) are also the ones
# installed by end-users. These will include devDependencies, but those will
# be ignored when installing globally (for code-server), and because we use
# --omit=dev (for VS Code).
# We first generate the shrinkwrap file for code-server itself - which is the
# current directory.
cp package-lock.json package-lock.json.temp
npm shrinkwrap
mv package-lock.json.temp package-lock.json
# Then the shrinkwrap files for the bundled VS Code.
pushd "$VSCODE_SRC_PATH/remote/"
cp package-lock.json package-lock.json.temp
npm shrinkwrap
mv package-lock.json.temp package-lock.json
popd
pushd "$VSCODE_SRC_PATH/extensions/"
cp package-lock.json package-lock.json.temp
npm shrinkwrap
mv package-lock.json.temp package-lock.json
popd
}
main "$@"

37
ci/build/build-standalone-release.sh
View File

@ -1,37 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
# Once we have an NPM package, use this script to copy it to a separate
# directory (./release-standalone) and install the dependencies. This new
# directory can then be packaged as a platform-specific release.
main() {
cd "$(dirname "${0}")/../.."
source ./ci/lib.sh
rsync "$RELEASE_PATH/" "$RELEASE_PATH-standalone"
RELEASE_PATH+=-standalone
# Package managers may shim their own "node" wrapper into the PATH, so run
# node and ask it for its true path.
local node_path
node_path="$(node -p process.execPath)"
mkdir -p "$RELEASE_PATH/bin"
mkdir -p "$RELEASE_PATH/lib"
rsync ./ci/build/code-server.sh "$RELEASE_PATH/bin/code-server"
rsync "$node_path" "$RELEASE_PATH/lib/node"
chmod 755 "$RELEASE_PATH/lib/node"
pushd "$RELEASE_PATH"
npm install --unsafe-perm --omit=dev
# Code deletes some files from the extension node_modules directory which
# leaves broken symlinks in the corresponding .bin directory. nfpm will fail
# on these broken symlinks so clean them up.
rm -fr "./lib/vscode/extensions/node_modules/.bin"
popd
}
main "$@"

149
ci/build/build-vscode.sh
View File

@ -1,149 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
# Builds vscode into lib/vscode/out-vscode.
# MINIFY controls whether a minified version of vscode is built.
MINIFY=${MINIFY-true}
delete-bin-script() {
rm -f "lib/vscode-reh-web-linux-x64/bin/$1"
}
copy-bin-script() {
local script="$1"
local dest="lib/vscode-reh-web-linux-x64/bin/$script"
cp "lib/vscode/resources/server/bin/$script" "$dest"
sed -i.bak "s/@@VERSION@@/$(vscode_version)/g" "$dest"
sed -i.bak "s/@@COMMIT@@/$BUILD_SOURCEVERSION/g" "$dest"
sed -i.bak "s/@@APPNAME@@/code-server/g" "$dest"
# Fix Node path on Darwin and Linux.
# We do not want expansion here; this text should make it to the file as-is.
# shellcheck disable=SC2016
sed -i.bak 's/^ROOT=\(.*\)$/VSROOT=\1\nROOT="$(dirname "$(dirname "$VSROOT")")"/g' "$dest"
sed -i.bak 's/ROOT\/out/VSROOT\/out/g' "$dest"
# We do not want expansion here; this text should make it to the file as-is.
# shellcheck disable=SC2016
sed -i.bak 's/$ROOT\/node/${NODE_EXEC_PATH:-$ROOT\/lib\/node}/g' "$dest"
# Fix Node path on Windows.
sed -i.bak 's/^set ROOT_DIR=\(.*\)$/set ROOT_DIR=%~dp0..\\..\\..\\..\r\nset VSROOT_DIR=\1/g' "$dest"
sed -i.bak 's/%ROOT_DIR%\\out/%VSROOT_DIR%\\out/g' "$dest"
chmod +x "$dest"
rm "$dest.bak"
}
main() {
cd "$(dirname "${0}")/../.."
source ./ci/lib.sh
# Set the commit Code will embed into the product.json. We need to do this
# since Code tries to get the commit from the `.git` directory which will fail
# as it is a submodule.
#
# Also, we use code-server's commit rather than VS Code's otherwise it would
# not update when only our patch files change, and that will cause caching
# issues where the browser keeps using outdated code.
export BUILD_SOURCEVERSION
BUILD_SOURCEVERSION=$(git rev-parse HEAD)
pushd lib/vscode
if [[ ! ${VERSION-} ]]; then
echo "VERSION not set. Please set before running this script:"
echo "VERSION='0.0.0' npm run build:vscode"
exit 1
fi
# Add the date, our name, links, enable telemetry (this just makes telemetry
# available; telemetry can still be disabled by flag or setting), and
# configure trusted extensions (since some, like github.copilot-chat, never
# ask to be trusted and this is the only way to get auth working).
#
# This needs to be done before building as Code will read this file and embed
# it into the client-side code.
git checkout product.json # Reset in case the script exited early.
cp product.json product.original.json # Since jq has no inline edit.
jq --slurp '.[0] * .[1]' product.original.json <(
cat << EOF
{
"enableTelemetry": true,
"quality": "stable",
"codeServerVersion": "$VERSION",
"nameShort": "code-server",
"nameLong": "code-server",
"applicationName": "code-server",
"dataFolderName": ".code-server",
"win32MutexName": "codeserver",
"licenseUrl": "https://github.com/coder/code-server/blob/main/LICENSE",
"win32DirName": "code-server",
"win32NameVersion": "code-server",
"win32AppUserModelId": "coder.code-server",
"win32ShellNameShort": "c&ode-server",
"darwinBundleIdentifier": "com.coder.code.server",
"linuxIconName": "com.coder.code.server",
"reportIssueUrl": "https://github.com/coder/code-server/issues/new",
"documentationUrl": "https://go.microsoft.com/fwlink/?LinkID=533484#vscode",
"keyboardShortcutsUrlMac": "https://go.microsoft.com/fwlink/?linkid=832143",
"keyboardShortcutsUrlLinux": "https://go.microsoft.com/fwlink/?linkid=832144",
"keyboardShortcutsUrlWin": "https://go.microsoft.com/fwlink/?linkid=832145",
"introductoryVideosUrl": "https://go.microsoft.com/fwlink/?linkid=832146",
"tipsAndTricksUrl": "https://go.microsoft.com/fwlink/?linkid=852118",
"newsletterSignupUrl": "https://www.research.net/r/vsc-newsletter",
"linkProtectionTrustedDomains": [
"https://open-vsx.org"
],
"trustedExtensionAuthAccess": [
"vscode.git", "vscode.github",
"github.vscode-pull-request-github",
"github.copilot", "github.copilot-chat"
],
"aiConfig": {
"ariaKey": "code-server"
}
}
EOF
) > product.json
# Any platform here works since we will do our own packaging. We have to do
# this because we have an NPM package that could be installed on any platform.
# The correct platform dependencies and scripts will be installed as part of
# the post-install during `npm install` or when building a standalone release.
node --max-old-space-size=16384 --optimize-for-size \
./node_modules/gulp/bin/gulp.js \
"vscode-reh-web-linux-x64${MINIFY:+-min}"
# Reset so if you develop after building you will not be stuck with the wrong
# commit (the dev client will use `oss-dev` but the dev server will still use
# product.json which will have `stable-$commit`).
git checkout product.json
popd
pushd lib/vscode-reh-web-linux-x64
# Make sure Code took the version we set in the environment variable. Not
# having a version will break display languages.
if ! jq -e .commit product.json; then
echo "'commit' is missing from product.json"
exit 1
fi
popd
# These provide a `code-server` command in the integrated terminal to open
# files in the current instance.
delete-bin-script remote-cli/code-server
copy-bin-script remote-cli/code-darwin.sh
copy-bin-script remote-cli/code-linux.sh
copy-bin-script remote-cli/code.cmd
# These provide a way for terminal applications to open browser windows.
delete-bin-script helpers/browser.sh
copy-bin-script helpers/browser-darwin.sh
copy-bin-script helpers/browser-linux.sh
copy-bin-script helpers/browser.cmd
}
main "$@"

11
ci/build/clean.sh
View File

@ -1,11 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
main() {
cd "$(dirname "${0}")/../.."
source ./ci/lib.sh
git clean -Xffd
}
main "$@"

3
ci/build/code-server-nfpm.sh
View File

@ -1,3 +0,0 @@
#!/usr/bin/env sh
exec /usr/lib/code-server/bin/code-server "$@"

11
ci/build/code-server-user.service
View File

@ -1,11 +0,0 @@
[Unit]
Description=code-server
After=network.target
[Service]
Type=exec
ExecStart=/usr/bin/code-server
Restart=always
[Install]
WantedBy=default.target

28
ci/build/code-server.sh
View File

@ -1,28 +0,0 @@
#!/bin/sh
set -eu
# This script is intended to be bundled into the standalone releases.
# Runs code-server with the bundled node binary.
_realpath() {
# See https://github.com/coder/code-server/issues/1537 on why no realpath or readlink -f.
script="$1"
cd "$(dirname "$script")"
while [ -L "$(basename "$script")" ]; do
script="$(readlink "$(basename "$script")")"
cd "$(dirname "$script")"
done
echo "$PWD/$(basename "$script")"
}
root() {
script="$(_realpath "$0")"
bin_dir="$(dirname "$script")"
dirname "$bin_dir"
}
ROOT="$(root)"
exec "$ROOT/lib/node" "$ROOT" "$@"

12
ci/build/code-server@.service
View File

@ -1,12 +0,0 @@
[Unit]
Description=code-server
After=network.target
[Service]
Type=exec
ExecStart=/usr/bin/code-server
Restart=always
User=%i
[Install]
WantedBy=default.target

25
ci/build/nfpm.yaml
View File

@ -1,25 +0,0 @@
name: "code-server"
arch: "${NFPM_ARCH}"
platform: "linux"
version: "v${VERSION}"
section: "devel"
priority: "optional"
maintainer: "Joe Previte <joe@coder.com>"
description: |
Run VS Code in the browser.
vendor: "Coder"
homepage: "https://github.com/coder/code-server"
license: "MIT"
contents:
- src: ./ci/build/code-server-nfpm.sh
dst: /usr/bin/code-server
- src: ./ci/build/code-server@.service
dst: /usr/lib/systemd/system/code-server@.service
- src: ./ci/build/code-server-user.service
dst: /usr/lib/systemd/user/code-server.service
- src: ./release-standalone/*
dst: /usr/lib/code-server

160
ci/build/npm-postinstall.sh
View File

@ -1,160 +0,0 @@
#!/usr/bin/env sh
set -eu
# Copied from ../lib.sh except we do not rename Darwin and we do not need to
# detect Alpine.
os() {
osname=$(uname | tr '[:upper:]' '[:lower:]')
case $osname in
cygwin* | mingw*) osname="windows" ;;
esac
echo "$osname"
}
# Create a symlink at $2 pointing to $1 on any platform. Anything that
# currently exists at $2 will be deleted.
symlink() {
source="$1"
dest="$2"
rm -rf "$dest"
case $OS in
windows) mklink /J "$dest" "$source" ;;
*) ln -s "$source" "$dest" ;;
esac
}
# VS Code bundles some modules into an asar which is an archive format that
# works like tar. It then seems to get unpacked into node_modules.asar.
#
# I don't know why they do this but all the dependencies they bundle already
# exist in node_modules so just symlink it. We have to do this since not only
# Code itself but also extensions will look specifically in this directory for
# files (like the ripgrep binary or the oniguruma wasm).
symlink_asar() {
symlink node_modules node_modules.asar
}
# Make a symlink at bin/$1/$3 pointing to the platform-specific version of the
# script in $2. The extension of the link will be .cmd for Windows otherwise it
# will be whatever is in $4 (or no extension if $4 is not set).
symlink_bin_script() {
oldpwd="$(pwd)"
cd "bin/$1"
source="$2"
dest="$3"
ext="${4-}"
case $OS in
windows) symlink "$source.cmd" "$dest.cmd" ;;
darwin | macos) symlink "$source-darwin.sh" "$dest$ext" ;;
*) symlink "$source-linux.sh" "$dest$ext" ;;
esac
cd "$oldpwd"
}
command_exists() {
if [ ! "$1" ]; then return 1; fi
command -v "$@" > /dev/null
}
is_root() {
if command_exists id && [ "$(id -u)" = 0 ]; then
return 0
fi
return 1
}
OS="$(os)"
main() {
# Grabs the major version of node from $npm_config_user_agent which looks like
# yarn/1.21.1 npm/? node/v14.2.0 darwin x64
major_node_version=$(echo "$npm_config_user_agent" | sed -n 's/.*node\/v\([^.]*\).*/\1/p')
if [ -n "${FORCE_NODE_VERSION:-}" ]; then
echo "WARNING: Overriding required Node.js version to v$FORCE_NODE_VERSION"
echo "This could lead to broken functionality, and is unsupported."
echo "USE AT YOUR OWN RISK!"
fi
if [ "$major_node_version" -ne "${FORCE_NODE_VERSION:-22}" ]; then
echo "ERROR: code-server currently requires node v22."
if [ -n "$FORCE_NODE_VERSION" ]; then
echo "However, you have overrided the version check to use v$FORCE_NODE_VERSION."
fi
echo "We have detected that you are on node v$major_node_version"
echo "You can override this version check by setting \$FORCE_NODE_VERSION,"
echo "but configurations that do not use the same node version are unsupported."
exit 1
fi
# Under npm, if we are running as root, we need --unsafe-perm otherwise
# post-install scripts will not have sufficient permissions to do their thing.
if is_root; then
case "${npm_config_user_agent-}" in npm*)
if [ "${npm_config_unsafe_perm-}" != "true" ]; then
echo "Please pass --unsafe-perm to npm to install code-server"
echo "Otherwise post-install scripts will not have permissions to run"
echo "See https://docs.npmjs.com/misc/config#unsafe-perm"
echo "See https://stackoverflow.com/questions/49084929/npm-sudo-global-installation-unsafe-perm"
exit 1
fi
;;
esac
fi
if ! vscode_install; then
echo "You may not have the required dependencies to build the native modules."
echo "Please see https://github.com/coder/code-server/blob/main/docs/npm.md"
exit 1
fi
if [ -n "${FORCE_NODE_VERSION:-}" ]; then
echo "WARNING: The required Node.js version was overriden to v$FORCE_NODE_VERSION"
echo "This could lead to broken functionality, and is unsupported."
echo "USE AT YOUR OWN RISK!"
fi
}
install_with_yarn_or_npm() {
echo "User agent: ${npm_config_user_agent-none}"
# For development we enforce npm, but for installing the package as an
# end-user we want to keep using whatever package manager is in use.
case "${npm_config_user_agent-}" in
npm*)
if ! npm install --unsafe-perm --omit=dev; then
return 1
fi
;;
yarn*)
if ! yarn --production --frozen-lockfile --no-default-rc; then
return 1
fi
;;
*)
echo "Could not determine which package manager is being used to install code-server"
exit 1
;;
esac
return 0
}
vscode_install() {
echo 'Installing Code dependencies...'
cd lib/vscode
if ! install_with_yarn_or_npm; then
return 1
fi
symlink_asar
symlink_bin_script remote-cli code code-server
symlink_bin_script helpers browser browser .sh
cd extensions
if ! install_with_yarn_or_npm; then
return 1
fi
return 0
}
main "$@"

26
ci/dev/doctoc.sh
View File

@ -1,26 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
main() {
cd "$(dirname "$0")/../.."
doctoc --title '# FAQ' docs/FAQ.md > /dev/null
doctoc --title '# Setup Guide' docs/guide.md > /dev/null
doctoc --title '# Install' docs/install.md > /dev/null
doctoc --title '# npm Install Requirements' docs/npm.md > /dev/null
doctoc --title '# Contributing' docs/CONTRIBUTING.md > /dev/null
doctoc --title '# Maintaining' docs/MAINTAINING.md > /dev/null
doctoc --title '# Contributor Covenant Code of Conduct' docs/CODE_OF_CONDUCT.md > /dev/null
doctoc --title '# iPad' docs/ipad.md > /dev/null
doctoc --title '# Termux' docs/termux.md > /dev/null
if [[ ${CI-} && $(git ls-files --other --modified --exclude-standard) ]]; then
echo "Files need generation or are formatted incorrectly:"
git -c color.ui=always status | grep --color=no '\[31m'
echo "Please run the following locally:"
echo " npm run doctoc"
exit 1
fi
}
main "$@"

50
ci/dev/gen_icons.sh
View File

@ -1,50 +0,0 @@
#!/bin/sh
set -eu
# Generate icons from a single favicon.svg. favicon.svg should have no fill
# colors set.
main() {
cd src/browser/media
# We need .ico for backwards compatibility. The other two are the only icon
# sizes required by Chrome and we use them for stuff like apple-touch-icon as
# well. https://web.dev/add-manifest/
#
# This should be enough and we can always add more if there are problems.
#
# -quiet to avoid https://github.com/ImageMagick/ImageMagick/issues/884
# -background defaults to white but we want it transparent.
# -density somehow makes the image both sharper and smaller in file size.
#
# https://imagemagick.org/script/command-line-options.php#background
convert -quiet -background transparent \
-resize 256x256 -density 256x256 \
favicon.svg favicon.ico
# Generate PWA icons. There should be enough padding to support masking.
convert -quiet -border 60x60 -bordercolor white -background white \
-resize 192x192 -density 192x192 \
favicon.svg pwa-icon-maskable-192.png
convert -quiet -border 160x160 -bordercolor white -background white \
-resize 512x512 -density 512x512 \
favicon.svg pwa-icon-maskable-512.png
# Generate non-maskable PWA icons.
magick pwa-icon-maskable-192.png \
\( +clone -threshold 101% -fill white -draw "roundRectangle 0,0 %[fx:int(w)],%[fx:int(h)] 50,50" \) \
-channel-fx "| gray=>alpha" \
pwa-icon-192.png
magick pwa-icon-maskable-512.png \
\( +clone -threshold 101% -fill white -draw "roundRectangle 0,0 %[fx:int(w)],%[fx:int(h)] 100,100" \) \
-channel-fx "| gray=>alpha" \
pwa-icon-512.png
# The following adds dark mode support for the favicon as
# favicon-dark-support.svg There is no similar capability for pwas or .ico so
# we can only add support to the svg.
favicon_dark_style="<style>@media (prefers-color-scheme: dark) {* { fill: white; }}</style>"
cp favicon.svg favicon-dark-support.svg
sed "s%<path%$favicon_dark_style\n <path%" favicon.svg > favicon-dark-support.svg
}
main "$@"

9
ci/dev/lint-scripts.sh
View File

@ -1,9 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
main() {
cd "$(dirname "$0")/../.."
shellcheck -e SC2046,SC2164,SC2154,SC1091,SC1090,SC2002 $(git ls-files '*.sh' | grep -v 'lib/vscode')
}
main "$@"

38
ci/dev/postinstall.sh
View File

@ -1,38 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
# Install dependencies in $1.
install-deps() {
local args=()
if [[ ${CI-} ]]; then
args+=(ci)
else
args+=(install)
fi
# If there is no package.json then npm will look upward and end up installing
# from the root resulting in an infinite loop (this can happen if you have not
# checked out the submodule yet for example).
if [[ ! -f "$1/package.json" ]]; then
echo "$1/package.json is missing; did you run git submodule update --init?"
exit 1
fi
pushd "$1"
echo "Installing dependencies for $PWD"
npm "${args[@]}"
popd
}
main() {
cd "$(dirname "$0")/../.."
source ./ci/lib.sh
install-deps test
install-deps test/e2e/extensions/test-extension
# We don't need these when running the integration tests
# so you can pass SKIP_SUBMODULE_DEPS
if [[ ! ${SKIP_SUBMODULE_DEPS-} ]]; then
install-deps lib/vscode
fi
}
main "$@"

3
ci/dev/preinstall.js
View File

@ -1,3 +0,0 @@
if (process.env.npm_execpath.includes("yarn")) {
throw new Error("`yarn` is no longer supported; please use `npm install` instead")
}

50
ci/dev/test-e2e.sh
View File

@ -1,50 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
help() {
echo >&2 " You can build with 'npm run watch' or you can build a release"
echo >&2 " For example: 'npm run build && npm run build:vscode && KEEP_MODULES=1 npm run release'"
echo >&2 " Then 'CODE_SERVER_TEST_ENTRY=./release npm run test:e2e'"
echo >&2 " You can manually run that release with 'node ./release'"
}
main() {
cd "$(dirname "$0")/../.."
source ./ci/lib.sh
pushd test/e2e/extensions/test-extension
echo "Building test extension"
npm run build
popd
local dir="$PWD"
if [[ ! ${CODE_SERVER_TEST_ENTRY-} ]]; then
echo "Set CODE_SERVER_TEST_ENTRY to test another build of code-server"
else
pushd "$CODE_SERVER_TEST_ENTRY"
dir="$PWD"
popd
fi
echo "Testing build in '$dir'"
# Simple sanity checks to see that we've built. There could still be things
# wrong (native modules version issues, incomplete build, etc).
if [[ ! -d $dir/out ]]; then
echo >&2 "No code-server build detected"
help
exit 1
fi
if [[ ! -d $dir/lib/vscode/out ]]; then
echo >&2 "No VS Code build detected"
help
exit 1
fi
cd test
./node_modules/.bin/playwright test "$@"
}
main "$@"

39
ci/dev/test-integration.sh
View File

@ -1,39 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
help() {
echo >&2 " You can build the standalone release with 'npm run release:standalone'"
echo >&2 " Or you can pass in a custom path."
echo >&2 " CODE_SERVER_PATH='/var/tmp/coder/code-server/bin/code-server' npm run test:integration"
}
# Make sure a code-server release works. You can pass in the path otherwise it
# will look for release-standalone in the current directory.
#
# This is to make sure we don't have Node version errors or any other
# compilation-related errors.
main() {
cd "$(dirname "$0")/../.."
source ./ci/lib.sh
local path="$RELEASE_PATH-standalone/bin/code-server"
if [[ ! ${CODE_SERVER_PATH-} ]]; then
echo "Set CODE_SERVER_PATH to test another build of code-server"
else
path="$CODE_SERVER_PATH"
fi
echo "Running tests with code-server binary: '$path'"
if [[ ! -f $path ]]; then
echo >&2 "No code-server build detected"
echo >&2 "Looked in $path"
help
exit 1
fi
CODE_SERVER_PATH="$path" ./test/node_modules/.bin/jest "$@" --coverage=false --testRegex "./test/integration" --testPathIgnorePatterns "./test/integration/fixtures"
}
main "$@"

39
ci/dev/test-native.sh
View File

@ -1,39 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
help() {
echo >&2 " You can build the standalone release with 'npm run release:standalone'"
echo >&2 " Or you can pass in a custom path."
echo >&2 " CODE_SERVER_PATH='/var/tmp/coder/code-server/bin/code-server' npm run test:integration"
}
# Make sure a code-server release works. You can pass in the path otherwise it
# will look for release-standalone in the current directory.
#
# This is to make sure we don't have Node version errors or any other
# compilation-related errors.
main() {
cd "$(dirname "$0")/../.."
source ./ci/lib.sh
local path="$RELEASE_PATH-standalone/bin/code-server"
if [[ ! ${CODE_SERVER_PATH-} ]]; then
echo "Set CODE_SERVER_PATH to test another build of code-server"
else
path="$CODE_SERVER_PATH"
fi
echo "Running tests with code-server binary: '$path'"
if [[ ! -f $path ]]; then
echo >&2 "No code-server build detected"
echo >&2 "Looked in $path"
help
exit 1
fi
CODE_SERVER_PATH="$path" ./test/node_modules/.bin/jest "$@" --coverage=false --testRegex "./test/integration/help.test.ts"
}
main "$@"

9
ci/dev/test-scripts.sh
View File

@ -1,9 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
main() {
cd "$(dirname "$0")/../.."
bats ./test/scripts
}
main "$@"

15
ci/dev/test-unit.sh
View File

@ -1,15 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
main() {
cd "$(dirname "$0")/../.."
source ./ci/lib.sh
# We must keep jest in a sub-directory. See ../../test/package.json for more
# information. We must also run it from the root otherwise coverage will not
# include our source files.
./test/node_modules/.bin/jest "$@" --testRegex "./test/unit/.*ts"
}
main "$@"

143
ci/dev/watch.ts
View File

@ -1,143 +0,0 @@
import { spawn, ChildProcess } from "child_process"
import * as path from "path"
import { onLine, OnLineCallback } from "../../src/node/util"
interface DevelopmentCompilers {
[key: string]: ChildProcess | undefined
vscode: ChildProcess
vscodeWebExtensions: ChildProcess
codeServer: ChildProcess
plugins: ChildProcess | undefined
}
class Watcher {
private rootPath = path.resolve(process.cwd())
private readonly paths = {
/** Path to uncompiled VS Code source. */
vscodeDir: path.join(this.rootPath, "lib/vscode"),
pluginDir: process.env.PLUGIN_DIR,
}
//#region Web Server
/** Development web server. */
private webServer: ChildProcess | undefined
private reloadWebServer = (): void => {
if (this.webServer) {
this.webServer.kill()
}
// Pass CLI args, save for `node` and the initial script name.
const args = process.argv.slice(2)
this.webServer = spawn("node", [path.join(this.rootPath, "out/node/entry.js"), ...args])
onLine(this.webServer, (line) => console.log("[code-server]", line))
const { pid } = this.webServer
this.webServer.on("exit", () => console.log("[code-server]", `Web process ${pid} exited`))
console.log("\n[code-server]", `Spawned web server process ${pid}`)
}
//#endregion
//#region Compilers
private readonly compilers: DevelopmentCompilers = {
codeServer: spawn("tsc", ["--watch", "--pretty", "--preserveWatchOutput"], { cwd: this.rootPath }),
vscode: spawn("npm", ["run", "watch"], { cwd: this.paths.vscodeDir }),
vscodeWebExtensions: spawn("npm", ["run", "watch-web"], { cwd: this.paths.vscodeDir }),
plugins: this.paths.pluginDir
? spawn("npm", ["run", "build", "--watch"], { cwd: this.paths.pluginDir })
: undefined,
}
public async initialize(): Promise<void> {
for (const event of ["SIGINT", "SIGTERM"]) {
process.on(event, () => this.dispose(0))
}
for (const [processName, devProcess] of Object.entries(this.compilers)) {
if (!devProcess) continue
devProcess.on("exit", (code) => {
console.log(`[${processName}]`, "Terminated unexpectedly")
this.dispose(code)
})
if (devProcess.stderr) {
devProcess.stderr.on("data", (d: string | Uint8Array) => process.stderr.write(d))
}
}
onLine(this.compilers.vscode, this.parseVSCodeLine)
onLine(this.compilers.codeServer, this.parseCodeServerLine)
if (this.compilers.plugins) {
onLine(this.compilers.plugins, this.parsePluginLine)
}
}
//#endregion
//#region Line Parsers
private parseVSCodeLine: OnLineCallback = (strippedLine, originalLine) => {
if (!strippedLine.length) return
console.log("[Code OSS]", originalLine)
if (strippedLine.includes("Finished compilation with")) {
console.log("[Code OSS] ✨ Finished compiling! ✨", "(Refresh your web browser ♻️)")
this.reloadWebServer()
}
}
private parseCodeServerLine: OnLineCallback = (strippedLine, originalLine) => {
if (!strippedLine.length) return
console.log("[Compiler][code-server]", originalLine)
if (strippedLine.includes("Watching for file changes")) {
console.log("[Compiler][code-server]", "Finished compiling!", "(Refresh your web browser ♻️)")
this.reloadWebServer()
}
}
private parsePluginLine: OnLineCallback = (strippedLine, originalLine) => {
if (!strippedLine.length) return
console.log("[Compiler][Plugin]", originalLine)
if (strippedLine.includes("Watching for file changes...")) {
this.reloadWebServer()
}
}
//#endregion
//#region Utilities
private dispose(code: number | null): void {
for (const [processName, devProcess] of Object.entries(this.compilers)) {
console.log(`[${processName}]`, "Killing...\n")
devProcess?.removeAllListeners()
devProcess?.kill()
}
process.exit(typeof code === "number" ? code : 0)
}
//#endregion
}
async function main(): Promise<void> {
try {
const watcher = new Watcher()
await watcher.initialize()
} catch (error: any) {
console.error(error.message)
process.exit(1)
}
}
main()

23
ci/helm-chart/.helmignore
View File

@ -1,23 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

23
ci/helm-chart/Chart.yaml
View File

@ -1,23 +0,0 @@
apiVersion: v2
name: code-server
description: A Helm chart for coder/code-server
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 3.32.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 4.108.0

24
ci/helm-chart/templates/NOTES.txt
View File

@ -1,24 +0,0 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range $host := .Values.ingress.hosts }}
{{- range .paths }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }}
{{- end }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "code-server.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "code-server.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "code-server.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl port-forward --namespace {{ .Release.Namespace }} service/{{ include "code-server.fullname" . }} 8080:http
{{- end }}
Administrator credentials:
Password: echo $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "code-server.fullname" . }} -o jsonpath="{.data.password}" | base64 --decode)

63
ci/helm-chart/templates/_helpers.tpl
View File

@ -1,63 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "code-server.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "code-server.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "code-server.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Common labels
*/}}
{{- define "code-server.labels" -}}
helm.sh/chart: {{ include "code-server.chart" . }}
{{ include "code-server.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "code-server.selectorLabels" -}}
app.kubernetes.io/name: {{ include "code-server.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "code-server.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "code-server.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}

188
ci/helm-chart/templates/deployment.yaml
View File

@ -1,188 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "code-server.fullname" . }}
labels:
{{- include "code-server.labels" . | nindent 4 }}
{{- if .Values.annotations }}
annotations: {{- toYaml .Values.annotations | nindent 4 }}
{{- end }}
spec:
replicas: {{ .Values.replicaCount | default 1 }}
strategy:
type: Recreate
selector:
matchLabels:
{{- include "code-server.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "code-server.selectorLabels" . | nindent 8 }}
{{- if .Values.podAnnotations }}
annotations: {{- toYaml .Values.podAnnotations | nindent 8 }}
{{- end }}
spec:
imagePullSecrets: {{- toYaml .Values.imagePullSecrets | nindent 8 }}
{{- if .Values.hostnameOverride }}
hostname: {{ .Values.hostnameOverride }}
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
{{- end }}
{{- if or (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.extraInitContainers }}
initContainers:
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
- name: init-chmod-data
image: busybox:latest
imagePullPolicy: IfNotPresent
command:
- sh
- -c
- |
chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} /home/coder
securityContext:
runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }}
volumeMounts:
- name: data
mountPath: /home/coder
{{- end }}
{{- if .Values.extraInitContainers }}
{{ tpl .Values.extraInitContainers . | indent 6}}
{{- end }}
{{- end }}
containers:
{{- if .Values.extraContainers }}
{{ tpl .Values.extraContainers . | indent 8}}
{{- end }}
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
{{- if .Values.lifecycle.enabled }}
lifecycle:
{{- if .Values.lifecycle.postStart }}
postStart:
{{ toYaml .Values.lifecycle.postStart | nindent 14 }}
{{- end }}
{{- if .Values.lifecycle.preStop }}
preStop:
{{ toYaml .Values.lifecycle.preStop | nindent 14 }}
{{- end }}
{{- end }}
env:
{{- if .Values.extraVars }}
{{ toYaml .Values.extraVars | indent 10 }}
{{- end }}
- name: PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.existingSecret }}
name: {{ .Values.existingSecret }}
{{- else }}
name: {{ template "code-server.fullname" . }}
{{- end }}
key: password
{{- if .Values.extraArgs }}
args:
{{ toYaml .Values.extraArgs | indent 10 }}
{{- end }}
volumeMounts:
- name: data
mountPath: /home/coder
{{- range .Values.extraConfigmapMounts }}
- name: {{ .name }}
mountPath: {{ .mountPath }}
subPath: {{ .subPath | default "" }}
readOnly: {{ .readOnly }}
{{- end }}
{{- range .Values.extraSecretMounts }}
- name: {{ .name }}
mountPath: {{ .mountPath }}
subPath: {{ .subPath | default "" }}
readOnly: {{ .readOnly }}
{{- end }}
{{- range .Values.extraVolumeMounts }}
- name: {{ .name }}
mountPath: {{ .mountPath }}
subPath: {{ .subPath | default "" }}
readOnly: {{ .readOnly }}
{{- end }}
ports:
- name: http
containerPort: 8080
protocol: TCP
{{- range .Values.extraPorts }}
- name: {{ .name }}
containerPort: {{ .port }}
protocol: {{ .protocol }}
{{- end }}
livenessProbe:
httpGet:
path: /healthz
port: http
readinessProbe:
httpGet:
path: /healthz
port: http
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- tpl . $ | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ template "code-server.serviceAccountName" . }}
volumes:
- name: data
{{- if .Values.persistence.enabled }}
{{- if not .Values.persistence.hostPath }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim | default (include "code-server.fullname" .) }}
{{- else }}
hostPath:
path: {{ .Values.persistence.hostPath }}
type: Directory
{{- end -}}
{{- else }}
emptyDir: {}
{{- end -}}
{{- range .Values.extraSecretMounts }}
- name: {{ .name }}
secret:
secretName: {{ .secretName }}
defaultMode: {{ .defaultMode }}
{{- end }}
{{- range .Values.extraConfigmapMounts }}
- name: {{ .name }}
configMap:
name: {{ .configMap }}
defaultMode: {{ .defaultMode }}
{{- end }}
{{- range .Values.extraVolumeMounts }}
- name: {{ .name }}
{{- if .existingClaim }}
persistentVolumeClaim:
claimName: {{ .existingClaim }}
{{- else if .hostPath }}
hostPath:
path: {{ .hostPath }}
type: Directory
{{- else }}
emptyDir:
{{- toYaml .emptyDir | nindent 10 }}
{{- end }}
{{- end }}

63
ci/helm-chart/templates/ingress.yaml
View File

@ -1,63 +0,0 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "code-server.fullname" . -}}
{{- $svcPort := .Values.service.port -}}
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "code-server.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.ingressClassName }}
ingressClassName: {{ .Values.ingress.ingressClassName }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion -}}
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ . }}
pathType: Prefix
backend:
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
{{- end }}
{{- end }}
{{- else -}}
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ . }}
backend:
serviceName: {{ $fullName }}
servicePort: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

26
ci/helm-chart/templates/pvc.yaml
View File

@ -1,26 +0,0 @@
{{- if and (and .Values.persistence.enabled (not .Values.persistence.existingClaim)) (not .Values.persistence.hostPath) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "code-server.fullname" . }}
namespace: {{ .Release.Namespace }}
{{- with .Values.persistence.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
labels:
{{- include "code-server.labels" . | nindent 4 }}
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- if .Values.persistence.storageClass }}
{{- if (eq "-" .Values.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end }}

17
ci/helm-chart/templates/secrets.yaml
View File

@ -1,17 +0,0 @@
{{- if not .Values.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "code-server.fullname" . }}
annotations:
"helm.sh/hook": "pre-install"
labels:
{{- include "code-server.labels" . | nindent 4 }}
type: Opaque
data:
{{- if .Values.password }}
password: "{{ .Values.password | b64enc }}"
{{- else }}
password: "{{ randAlphaNum 24 | b64enc }}"
{{- end }}
{{- end }}

22
ci/helm-chart/templates/service.yaml
View File

@ -1,22 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "code-server.fullname" . }}
labels:
{{- include "code-server.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
{{- range .Values.extraPorts }}
- port: {{ .port }}
targetPort: {{ .port }}
protocol: {{ .protocol }}
name: {{ .name }}
{{- end }}
selector:
app.kubernetes.io/name: {{ include "code-server.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}

8
ci/helm-chart/templates/serviceaccount.yaml
View File

@ -1,8 +0,0 @@
{{- if or .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
{{- include "code-server.labels" . | nindent 4 }}
name: {{ template "code-server.serviceAccountName" . }}
{{- end -}}

15
ci/helm-chart/templates/tests/test-connection.yaml
View File

@ -1,15 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: "{{ include "code-server.fullname" . }}-test-connection"
labels:
{{- include "code-server.labels" . | nindent 4 }}
annotations:
"helm.sh/hook": test
spec:
containers:
- name: wget
image: busybox
command: ['wget']
args: ['{{ include "code-server.fullname" . }}:{{ .Values.service.port }}/healthz']
restartPolicy: Never

226
ci/helm-chart/values.yaml
View File

@ -1,226 +0,0 @@
# Default values for code-server.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
image:
repository: codercom/code-server
tag: '4.108.0'
pullPolicy: Always
# Specifies one or more secrets to be used when pulling images from a
# private container repository
# https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry
imagePullSecrets: []
# - name: registry-creds
nameOverride: ""
fullnameOverride: ""
hostnameOverride: ""
# The existing secret to use for code-server authentication in the frontend. the password is stored in the secret under the key `password`
# existingSecret: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
# Specifies annotations for deployment
annotations: {}
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
priorityClassName: ""
service:
type: ClusterIP
port: 8080
ingress:
enabled: false
#annotations:
# kubernetes.io/tls-acme: "true"
#hosts:
# - host: code-server.example.loc
# paths:
# - /
ingressClassName: ""
#tls:
# - secretName: code-server
# hosts:
# - code-server.example.loc
# Optional additional arguments
extraArgs: []
# These are the arguments normally passed to code-server; run
# code-server --help for a list of available options.
#
# Each argument and parameter must have its own entry; if you use
# --param value on the command line, then enter it here as:
#
# - --param
# - value
#
# If you receive an error like "Unknown option --param value", it may be
# because both the parameter and value are specified as a single argument,
# rather than two separate arguments (e.g. "- --param value" on a line).
# Optional additional environment variables
extraVars: []
# - name: DISABLE_TELEMETRY
# value: "true"
# if dind is desired:
# - name: DOCKER_HOST
# value: "tcp://localhost:2376"
##
## Init containers parameters:
## volumePermissions: Change the owner of the persist volume mountpoint to RunAsUser:fsGroup
##
volumePermissions:
enabled: true
securityContext:
runAsUser: 0
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
enabled: true
fsGroup: 1000
runAsUser: 1000
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 1000Mi
nodeSelector: {}
tolerations: []
affinity: {}
## Persist data to a persistent volume
persistence:
enabled: true
## code-server data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 10Gi
annotations: {}
# existingClaim: ""
# hostPath: /data
lifecycle:
enabled: false
# postStart:
# exec:
# command:
# - /bin/bash
# - -c
# - curl -s -L SOME_SCRIPT | bash
# for dind, the following may be helpful
# postStart:
# exec:
# command:
# - /bin/sh
# - -c
# - |
# sudo apt-get update \
# && sudo apt-get install -y docker.io
## Enable an Specify container in extraContainers.
## This is meant to allow adding code-server dependencies, like docker-dind.
extraContainers: |
# If docker-dind is used, DOCKER_HOST env is mandatory to set in "extraVars"
# - name: docker-dind
# image: docker:28.3.2-dind
# imagePullPolicy: IfNotPresent
# resources:
# requests:
# cpu: 1
# ephemeral-storage: "50Gi"
# memory: 10Gi
# securityContext:
# privileged: true
# procMount: Default
# env:
# - name: DOCKER_TLS_CERTDIR
# value: "" # disable TLS setup
# command:
# - dockerd
# - --host=unix:///var/run/docker.sock
# - --host=tcp://0.0.0.0:2376
extraInitContainers: |
# - name: customization
# image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
# imagePullPolicy: IfNotPresent
# env:
# - name: SERVICE_URL
# value: https://open-vsx.org/vscode/gallery
# - name: ITEM_URL
# value: https://open-vsx.org/vscode/item
# command:
# - sh
# - -c
# - |
# code-server --install-extension ms-python.python
# code-server --install-extension golang.Go
# volumeMounts:
# - name: data
# mountPath: /home/coder
## Additional code-server secret mounts
extraSecretMounts: []
# - name: secret-files
# mountPath: /etc/secrets
# subPath: private.key # (optional)
# secretName: code-server-secret-files
# readOnly: true
## Additional code-server volume mounts
extraVolumeMounts: []
# - name: extra-volume
# mountPath: /mnt/volume
# readOnly: true
# existingClaim: volume-claim
# hostPath: ""
# emptyDir: {}
extraConfigmapMounts: []
# - name: certs-configmap
# mountPath: /etc/code-server/ssl/
# subPath: certificates.crt # (optional)
# configMap: certs-configmap
# readOnly: true
extraPorts: []
# - name: minecraft
# port: 25565
# protocol: tcp

54
ci/lib.sh
View File

@ -1,54 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
pushd() {
builtin pushd "$@" > /dev/null
}
popd() {
builtin popd > /dev/null
}
vscode_version() {
jq -r .version lib/vscode/package.json
}
os() {
osname=$(uname | tr '[:upper:]' '[:lower:]')
case $osname in
linux)
# Alpine's ldd doesn't have a version flag but if you use an invalid flag
# (like --version) it outputs the version to stderr and exits with 1.
# TODO: Better to check /etc/os-release; see ../install.sh.
ldd_output=$(ldd --version 2>&1 || true)
if echo "$ldd_output" | grep -iq musl; then
osname="alpine"
fi
;;
darwin) osname="macos" ;;
cygwin* | mingw*) osname="windows" ;;
esac
echo "$osname"
}
arch() {
cpu="$(uname -m)"
case "$cpu" in
aarch64) cpu=arm64 ;;
x86_64) cpu=amd64 ;;
esac
echo "$cpu"
}
rsync() {
command rsync -a --del "$@"
}
ARCH="$(arch)"
export ARCH
OS=$(os)
export OS
# RELEASE_PATH is the destination directory for the release from the root.
# Defaults to release
RELEASE_PATH="${RELEASE_PATH-release}"

61
ci/release-image/Dockerfile
View File

@ -1,61 +0,0 @@
# syntax=docker/dockerfile:experimental
ARG BASE=debian:12
FROM scratch AS packages
COPY release-packages/code-server*.deb /tmp/
FROM $BASE
RUN apt-get update \
&& apt-get install -y \
curl \
dumb-init \
git \
git-lfs \
htop \
locales \
lsb-release \
man-db \
nano \
openssh-client \
procps \
sudo \
vim-tiny \
wget \
zsh \
&& git lfs install \
&& rm -rf /var/lib/apt/lists/*
# https://wiki.debian.org/Locale#Manually
RUN sed -i "s/# en_US.UTF-8/en_US.UTF-8/" /etc/locale.gen \
&& locale-gen
ENV LANG=en_US.UTF-8
RUN if grep -q 1000 /etc/passwd; then \
userdel -r "$(id -un 1000)"; \
fi \
&& adduser --gecos '' --disabled-password coder \
&& echo "coder ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/nopasswd
RUN ARCH="$(dpkg --print-architecture)" \
&& curl -fsSL "https://github.com/boxboat/fixuid/releases/download/v0.6.0/fixuid-0.6.0-linux-$ARCH.tar.gz" | tar -C /usr/local/bin -xzf - \
&& chown root:root /usr/local/bin/fixuid \
&& chmod 4755 /usr/local/bin/fixuid \
&& mkdir -p /etc/fixuid \
&& printf "user: coder\ngroup: coder\n" > /etc/fixuid/config.yml
COPY ci/release-image/entrypoint.sh /usr/bin/entrypoint.sh
RUN --mount=from=packages,src=/tmp,dst=/tmp/packages dpkg -i /tmp/packages/code-server*$(dpkg --print-architecture).deb
# Allow users to have scripts run on container startup to prepare workspace.
# https://github.com/coder/code-server/issues/5177
ENV ENTRYPOINTD=${HOME}/entrypoint.d
EXPOSE 8080
# This way, if someone sets $DOCKER_USER, docker-exec will still work as
# the uid will remain the same. note: only relevant if -u isn't passed to
# docker-run.
USER 1000
ENV USER=coder
WORKDIR /home/coder
ENTRYPOINT ["/usr/bin/entrypoint.sh", "--bind-addr", "0.0.0.0:8080", "."]

51
ci/release-image/Dockerfile.fedora
View File

@ -1,51 +0,0 @@
# syntax=docker/dockerfile:experimental
ARG BASE=fedora:39
FROM scratch AS packages
COPY release-packages/code-server*.rpm /tmp/
FROM $BASE
RUN dnf update -y \
&& dnf install -y \
curl \
git \
git-lfs \
htop \
nano \
openssh-clients \
procps \
wget \
zsh \
dumb-init \
glibc-langpack-en \
&& rm -rf /var/cache/dnf
RUN git lfs install
ENV LANG=en_US.UTF-8
RUN echo 'LANG="en_US.UTF-8"' > /etc/locale.conf
RUN useradd -u 1000 coder && echo "coder ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/nopasswd
RUN ARCH="$(uname -m | sed 's/x86_64/amd64/g' | sed 's/aarch64/arm64/g')" \
&& curl -fsSL "https://github.com/boxboat/fixuid/releases/download/v0.6.0/fixuid-0.6.0-linux-$ARCH.tar.gz" | tar -C /usr/local/bin -xzf - \
&& chown root:root /usr/local/bin/fixuid \
&& chmod 4755 /usr/local/bin/fixuid \
&& mkdir -p /etc/fixuid \
&& printf "user: coder\ngroup: coder\n" > /etc/fixuid/config.yml
COPY ci/release-image/entrypoint.sh /usr/bin/entrypoint.sh
RUN --mount=from=packages,src=/tmp,dst=/tmp/packages rpm -i /tmp/packages/code-server*$(uname -m | sed 's/x86_64/amd64/g' | sed 's/aarch64/arm64/g').rpm
# Allow users to have scripts run on container startup to prepare workspace.
# https://github.com/coder/code-server/issues/5177
ENV ENTRYPOINTD=${HOME}/entrypoint.d
EXPOSE 8080
# This way, if someone sets $DOCKER_USER, docker-exec will still work as
# the uid will remain the same. note: only relevant if -u isn't passed to
# docker-run.
USER 1000
ENV USER=coder
WORKDIR /home/coder
ENTRYPOINT ["/usr/bin/entrypoint.sh", "--bind-addr", "0.0.0.0:8080", "."]

51
ci/release-image/Dockerfile.opensuse
View File

@ -1,51 +0,0 @@
# syntax=docker/dockerfile:experimental
ARG BASE=opensuse/tumbleweed
FROM scratch AS packages
COPY release-packages/code-server*.rpm /tmp/
FROM $BASE
RUN zypper dup -y \
&& zypper in -y \
curl \
git \
git-lfs \
htop \
nano \
openssh-clients \
procps \
wget \
zsh \
sudo \
catatonit \
&& rm -rf /var/cache/zypp /var/cache/zypper
RUN git lfs install
ENV LANG=en_US.UTF-8
RUN echo 'LANG="en_US.UTF-8"' > /etc/locale.conf
RUN useradd -u 1000 coder && echo "coder ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/nopasswd
RUN ARCH="$(uname -m | sed 's/x86_64/amd64/g' | sed 's/aarch64/arm64/g')" \
&& curl -fsSL "https://github.com/boxboat/fixuid/releases/download/v0.6.0/fixuid-0.6.0-linux-$ARCH.tar.gz" | tar -C /usr/local/bin -xzf - \
&& chown root:root /usr/local/bin/fixuid \
&& chmod 4755 /usr/local/bin/fixuid \
&& mkdir -p /etc/fixuid \
&& printf "user: coder\ngroup: coder\n" > /etc/fixuid/config.yml
COPY ci/release-image/entrypoint-catatonit.sh /usr/bin/entrypoint-catatonit.sh
RUN --mount=from=packages,src=/tmp,dst=/tmp/packages rpm -i /tmp/packages/code-server*$(uname -m | sed 's/x86_64/amd64/g' | sed 's/aarch64/arm64/g').rpm
# Allow users to have scripts run on container startup to prepare workspace.
# https://github.com/coder/code-server/issues/5177
ENV ENTRYPOINTD=${HOME}/entrypoint.d
EXPOSE 8080
# This way, if someone sets $DOCKER_USER, docker-exec will still work as
# the uid will remain the same. note: only relevant if -u isn't passed to
# docker-run.
USER 1000
ENV USER=coder
WORKDIR /home/coder
ENTRYPOINT ["/usr/bin/entrypoint-catatonit.sh", "--bind-addr", "0.0.0.0:8080", "."]

106
ci/release-image/docker-bake.hcl
View File

@ -1,106 +0,0 @@
# Use this file from the top of the repo, with `-f ci/release-image/docker-bake.hcl`
# Uses env var VERSION if set;
# normally, this is set by ci/lib.sh
variable "VERSION" {
default = "latest"
}
variable "DOCKER_REGISTRY" {
default = "docker.io/codercom/code-server"
}
variable "GITHUB_REGISTRY" {
default = "ghcr.io/coder/code-server"
}
group "default" {
targets = [
"code-server-debian-12",
"code-server-ubuntu-focal",
"code-server-ubuntu-noble",
"code-server-fedora-39",
"code-server-opensuse-tumbleweed",
]
}
function "prepend_hyphen_if_not_null" {
params = [tag]
result = notequal("","${tag}") ? "-${tag}" : "${tag}"
}
# use empty tag (tag="") to generate default tags
function "gen_tags" {
params = [registry, tag]
result = notequal("","${registry}") ? [
notequal("", "${tag}") ? "${registry}:${tag}" : "${registry}:latest",
notequal("latest",VERSION) ? "${registry}:${VERSION}${prepend_hyphen_if_not_null(tag)}" : "",
] : []
}
# helper function to generate tags for docker registry and github registry.
# set (DOCKER|GITHUB)_REGISTRY="" to disable corresponding registry
function "gen_tags_for_docker_and_ghcr" {
params = [tag]
result = concat(
gen_tags("${DOCKER_REGISTRY}", "${tag}"),
gen_tags("${GITHUB_REGISTRY}", "${tag}"),
)
}
target "code-server-debian-12" {
dockerfile = "ci/release-image/Dockerfile"
tags = concat(
gen_tags_for_docker_and_ghcr(""),
gen_tags_for_docker_and_ghcr("debian"),
gen_tags_for_docker_and_ghcr("bookworm"),
)
platforms = ["linux/amd64", "linux/arm64"]
}
target "code-server-ubuntu-focal" {
dockerfile = "ci/release-image/Dockerfile"
tags = concat(
gen_tags_for_docker_and_ghcr("ubuntu"),
gen_tags_for_docker_and_ghcr("focal"),
)
args = {
BASE = "ubuntu:focal"
}
platforms = ["linux/amd64", "linux/arm64"]
}
target "code-server-ubuntu-noble" {
dockerfile = "ci/release-image/Dockerfile"
tags = concat(
gen_tags_for_docker_and_ghcr("noble"),
)
args = {
BASE = "ubuntu:noble"
}
platforms = ["linux/amd64", "linux/arm64"]
}
target "code-server-fedora-39" {
dockerfile = "ci/release-image/Dockerfile.fedora"
tags = concat(
gen_tags_for_docker_and_ghcr("fedora"),
gen_tags_for_docker_and_ghcr("39"),
)
args = {
BASE = "fedora:39"
}
platforms = ["linux/amd64", "linux/arm64"]
}
target "code-server-opensuse-tumbleweed" {
dockerfile = "ci/release-image/Dockerfile.opensuse"
tags = concat(
gen_tags_for_docker_and_ghcr("opensuse"),
gen_tags_for_docker_and_ghcr("tumbleweed"),
)
args = {
BASE = "opensuse/tumbleweed"
}
platforms = ["linux/amd64", "linux/arm64"]
}

27
ci/release-image/entrypoint-catatonit.sh
View File

@ -1,27 +0,0 @@
#!/bin/sh
set -eu
# We do this first to ensure sudo works below when renaming the user.
# Otherwise the current container UID may not exist in the passwd database.
eval "$(fixuid -q)"
if [ "${DOCKER_USER-}" ]; then
USER="$DOCKER_USER"
if [ "$DOCKER_USER" != "$(whoami)" ]; then
echo "$DOCKER_USER ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/nopasswd > /dev/null
# Unfortunately we cannot change $HOME as we cannot move any bind mounts
# nor can we bind mount $HOME into a new home as that requires a privileged container.
sudo usermod --login "$DOCKER_USER" coder
sudo groupmod -n "$DOCKER_USER" coder
sudo sed -i "/coder/d" /etc/sudoers.d/nopasswd
fi
fi
# Allow users to have scripts run on container startup to prepare workspace.
# https://github.com/coder/code-server/issues/5177
if [ -d "${ENTRYPOINTD}" ]; then
find "${ENTRYPOINTD}" -type f -executable -print -exec {} \;
fi
exec catatonit -- /usr/bin/code-server "$@"

27
ci/release-image/entrypoint.sh
View File

@ -1,27 +0,0 @@
#!/bin/sh
set -eu
# We do this first to ensure sudo works below when renaming the user.
# Otherwise the current container UID may not exist in the passwd database.
eval "$(fixuid -q)"
if [ "${DOCKER_USER-}" ]; then
USER="$DOCKER_USER"
if [ -z "$(id -u "$DOCKER_USER" 2>/dev/null)" ]; then
echo "$DOCKER_USER ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/nopasswd > /dev/null
# Unfortunately we cannot change $HOME as we cannot move any bind mounts
# nor can we bind mount $HOME into a new home as that requires a privileged container.
sudo usermod --login "$DOCKER_USER" coder
sudo groupmod -n "$DOCKER_USER" coder
sudo sed -i "/coder/d" /etc/sudoers.d/nopasswd
fi
fi
# Allow users to have scripts run on container startup to prepare workspace.
# https://github.com/coder/code-server/issues/5177
if [ -d "${ENTRYPOINTD}" ]; then
find "${ENTRYPOINTD}" -type f -executable -print -exec {} \;
fi
exec dumb-init /usr/bin/code-server "$@"

37
ci/steps/brew-bump.sh
View File

@ -1,37 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
main() {
# Only sourcing this so we get access to $VERSION
source ./ci/lib.sh
source ./ci/steps/steps-lib.sh
echo "Checking environment variables"
# We need VERSION to bump the brew formula
if ! is_env_var_set "VERSION"; then
echo "VERSION is not set"
exit 1
fi
# We need HOMEBREW_GITHUB_API_TOKEN to push up commits
if ! is_env_var_set "HOMEBREW_GITHUB_API_TOKEN"; then
echo "HOMEBREW_GITHUB_API_TOKEN is not set"
exit 1
fi
# Find the docs for bump-formula-pr here
# https://github.com/Homebrew/brew/blob/master/Library/Homebrew/dev-cmd/bump-formula-pr.rb#L18
local output
if ! output=$(brew bump-formula-pr --version="${VERSION}" code-server --no-browse --no-audit --message="PR opened by @${GITHUB_ACTOR}" 2>&1); then
if [[ $output == *"Duplicate PRs should not be opened"* ]]; then
echo "$VERSION is already submitted"
exit 0
else
echo "$output"
exit 1
fi
fi
}
main "$@"

15
ci/steps/docker-buildx-push.sh
View File

@ -1,15 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
main() {
cd "$(dirname "$0")/../.."
# NOTE@jsjoeio - this script assumes VERSION exists as an
# environment variable.
# NOTE@jsjoeio - this script assumes that you've downloaded
# the release-packages artifact to ./release-packages before
# running this docker buildx step
docker buildx bake -f ci/release-image/docker-bake.hcl --push
}
main "$@"

149
ci/steps/publish-npm.sh
View File

@ -1,149 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
main() {
cd "$(dirname "$0")/../.."
source ./ci/lib.sh
source ./ci/steps/steps-lib.sh
## Authentication tokens
# Needed to publish on NPM
if ! is_env_var_set "NPM_TOKEN"; then
echo "NPM_TOKEN is not set. Cannot publish to npm without credentials."
exit 1
fi
## Publishing Information
# All the variables below are used to determine how we should publish
# the npm package. We also use this information for bumping the version.
# This is because npm won't publish your package unless it's a new version.
# i.e. for development, we bump the version to <current version>-<pr number>-<commit sha>
# example: "version": "4.0.1-4769-ad7b23cfe6ffd72914e34781ef7721b129a23040"
# We use this to grab the PR_NUMBER
if ! is_env_var_set "GITHUB_REF"; then
echo "GITHUB_REF is not set. Are you running this locally? We rely on values provided by GitHub."
exit 1
fi
# We use this when setting NPM_VERSION
if ! is_env_var_set "GITHUB_SHA"; then
echo "GITHUB_SHA is not set. Are you running this locally? We rely on values provided by GitHub."
exit 1
fi
# We use this to determine the NPM_ENVIRONMENT
if ! is_env_var_set "GITHUB_EVENT_NAME"; then
echo "GITHUB_EVENT_NAME is not set. Are you running this locally? We rely on values provided by GitHub."
exit 1
fi
# Check that we're using at least v7 of npm CLI
if ! command -v jq &> /dev/null; then
echo "Couldn't find jq"
echo "We need this in order to modify the package.json for dev builds."
exit 1
fi
# This allows us to publish to npm in CI workflows
if [[ ${CI-} ]]; then
echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc
fi
## Environment
# This string is used to determine how we should tag the npm release.
# Environment can be one of three choices:
# "development" - this means we tag with the PR number, allowing
# a developer to install this version with `npm install code-server@<pr-number>`
# "staging" - this means we tag with `beta`, allowing
# a developer to install this version with `npm install code-server@beta`
# "production" - this means we tag with `latest` (default), allowing
# a developer to install this version with `npm install code-server@latest`
if ! is_env_var_set "NPM_ENVIRONMENT"; then
echo "NPM_ENVIRONMENT is not set."
echo "Determining in script based on GITHUB environment variables."
if [[ "$GITHUB_EVENT_NAME" == 'push' && "$GITHUB_REF" == 'refs/heads/main' ]]; then
NPM_ENVIRONMENT="staging"
else
NPM_ENVIRONMENT="development"
fi
fi
# NOTE@jsjoeio - this script assumes we have the artifact downloaded on disk
# That happens in CI as a step before we run this.
# https://github.com/actions/upload-artifact/issues/38
tar -xzf release-npm-package/package.tar.gz
# We use this to set the name of the package in the
# package.json
PACKAGE_NAME="code-server"
# NOTES:@jsjoeio
# We only need to run npm version for "development" and "staging".
# This is because our release:prep script automatically bumps the version
# in the package.json and we commit it as part of the release PR.
if [[ "$NPM_ENVIRONMENT" == "production" ]]; then
NPM_VERSION="$VERSION"
# This means the npm version will be published as "stable"
# and installed when a user runs `npm install code-server`
NPM_TAG="latest"
else
COMMIT_SHA="$GITHUB_SHA"
if [[ "$NPM_ENVIRONMENT" == "staging" ]]; then
NPM_VERSION="$VERSION-beta-$COMMIT_SHA"
# This means the npm version will be tagged with "beta"
# and installed when a user runs `npm install code-server@beta`
NPM_TAG="beta"
PACKAGE_NAME="@coder/code-server-pr"
fi
if [[ "$NPM_ENVIRONMENT" == "development" ]]; then
# Source: https://github.com/actions/checkout/issues/58#issuecomment-614041550
PR_NUMBER=$(echo "$GITHUB_REF" | awk 'BEGIN { FS = "/" } ; { print $3 }')
NPM_VERSION="$VERSION-$PR_NUMBER-$COMMIT_SHA"
PACKAGE_NAME="@coder/code-server-pr"
# This means the npm version will be tagged with "<pr number>"
# and installed when a user runs `npm install code-server@<pr number>`
NPM_TAG="$PR_NUMBER"
fi
echo "- tag: $NPM_TAG"
echo "- version: $NPM_VERSION"
echo "- package name: $PACKAGE_NAME"
echo "- npm environment: $NPM_ENVIRONMENT"
# We modify the version in the package.json
# to be the current version + the PR number + commit SHA
# or we use current version + beta + commit SHA
# Example: "version": "4.0.1-4769-ad7b23cfe6ffd72914e34781ef7721b129a23040"
# Example: "version": "4.0.1-beta-ad7b23cfe6ffd72914e34781ef7721b129a23040"
pushd release
npm version "$NPM_VERSION"
# Use the development package name
# This is so we don't clutter the code-server versions on npm
# with development versions.
# jq can't edit in place so we must store in memory and echo
local contents
contents="$(jq ".name |= \"$PACKAGE_NAME\"" package.json)"
echo "${contents}" > package.json
popd
fi
# We need to make sure we haven't already published the version.
# If we get error, continue with script because we want to publish
# If version is valid, we check if we're publishing the same one
local hasVersion
if hasVersion=$(npm view "$PACKAGE_NAME@$NPM_VERSION" version 2> /dev/null) && [[ $hasVersion == "$NPM_VERSION" ]]; then
echo "$NPM_VERSION is already published under $PACKAGE_NAME"
return
fi
# Since the dev builds are scoped to @coder
# We pass --access public to ensure npm knows it's not private.
cd release
npm publish --tag "$NPM_TAG" --access public
}
main "$@"

47
ci/steps/steps-lib.sh
View File

@ -1,47 +0,0 @@
#!/usr/bin/env bash
# This is a library which contains functions used inside ci/steps
#
# We separated it into it's own file so that we could easily unit test
# these functions and helpers
# Checks whether and environment variable is set.
# Source: https://stackoverflow.com/a/62210688/3015595
is_env_var_set() {
local name="${1:-}"
if test -n "${!name:-}"; then
return 0
else
return 1
fi
}
# Checks whether a directory exists.
directory_exists() {
local dir="${1:-}"
if [[ -d "${dir:-}" ]]; then
return 0
else
return 1
fi
}
# Checks whether a file exists.
file_exists() {
local file="${1:-}"
if test -f "${file:-}"; then
return 0
else
return 1
fi
}
# Checks whether a file is executable.
is_executable() {
local file="${1:-}"
if [ -f "${file}" ] && [ -r "${file}" ] && [ -x "${file}" ]; then
return 0
else
return 1
fi
}

74
deployment/aws/deployment.yaml Normal file
View File

@ -0,0 +1,74 @@
apiVersion: v1
kind: Namespace
metadata:
name: code-server
---
apiVersion: v1
kind: Service
metadata:
name: code-server
namespace: code-server
spec:
ports:
- port: 8443
name: https
protocol: TCP
selector:
app: code-server
type: ClusterIP
---
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: gp2
annotations:
storageclass.kubernetes.io/is-default-class: "true"
provisioner: kubernetes.io/aws-ebs
parameters:
type: gp2
fsType: ext4
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: code-store
namespace: code-server
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 60Gi
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: code-server
name: code-server
namespace: code-server
spec:
selector:
matchLabels:
app: code-server
replicas: 1
template:
metadata:
labels:
app: code-server
spec:
containers:
- image: codercom/code-server
imagePullPolicy: Always
name: code-servery
ports:
- containerPort: 8443
name: https
volumeMounts:
- name: code-server-storage
mountPath: /go/src
volumes:
- name: code-server-storage
persistentVolumeClaim:
claimName: code-store

43
deployment/deployment.yaml Normal file
View File

@ -0,0 +1,43 @@
apiVersion: v1
kind: Namespace
metadata:
name: code-server
---
apiVersion: v1
kind: Service
metadata:
name: code-server
namespace: code-server
spec:
ports:
- port: 8443
name: https
protocol: TCP
selector:
app: code-server
type: ClusterIP
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: code-server
name: code-server
namespace: code-server
spec:
selector:
matchLabels:
app: code-server
replicas: 1
template:
metadata:
labels:
app: code-server
spec:
containers:
- image: codercom/code-server
imagePullPolicy: Always
name: code-server
ports:
- containerPort: 8443
name: https

69
doc/admin/install/aws.md Normal file
View File

@ -0,0 +1,69 @@
# Deploy on AWS
This tutorial shows you how to deploy `code-server` on an EC2 AWS instance.
If you're just starting out, we recommend [installing code-server locally](../../self-hosted/index.md). It takes only a few minutes and lets you try out all of the features.
---
## Deploy to EC2
### Use the AWS wizard
- Click **Launch Instance** from your [EC2 dashboard](https://console.aws.amazon.com/ec2/v2/home).
- Select the Ubuntu Server 16.04 LTS (HVM), SSD Volume Type (`ami-0f9cf087c1f27d9b1)` at this time of writing)
- Select an appropriate instance size (we recommend t2.medium/large, depending on team size and number of repositories/languages enabled), then **Next: Configure Instance Details**
- Select **Next: ...** until you get to the **Configure Security Group** page, then add the default **HTTP** rule (port range "80", source "0.0.0.0/0, ::/0")
> Rules with source of 0.0.0.0/0 allow all IP addresses to access your instance. We recommend setting [security group rules](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html?icmpid=docs_ec2_console) to allow access from known IP addresses only.
- Click **Launch**
- You will be prompted to create a key pair
> A key pair consists of a public key that AWS stores, and a private key file that you store. Together, they allow you to connect to your instance securely. For Windows AMIs, the private key file is required to obtain the password used to log into your instance. For Linux AMIs, the private key file allows you to securely SSH into your instance.
- From the dropdown choose "create a new pair", give the key pair a name
- Click **Download Key Pair**
> This is necessary before you proceed. A `.pem` file will be downloaded. make sure you store is in a safe location because it can't be retrieved once we move on.
- Finally, click **Launch Instances**
---
### SSH Into EC2 Instance
- First head to your [EC2 dashboard](https://console.aws.amazon.com/ec2/v2/home) and choose instances from the left panel
- In the description of your EC2 instance copy the public DNS (iPv4) address using the copy to clipboard button
- Open a terminal on your computer and use the following command to SSH into your EC2 instance
```
ssh -i "path/to/your/keypair.pem" ubuntu@(paste the public DNS here)
```
>example: `ssh -i "/Users/John/Downloads/TestInstance.pem" ubuntu@ec2-3-45-678-910.compute-1.amazonaws.co`
- You should see a prompt for your EC2 instance like so<img src="../../assets/aws_ubuntu.png">
- At this point it is time to download the `code-server` binary. We will of course want the linux version.
- Find the latest Linux release from this URL:
```
https://github.com/cdr/code-server/releases/latest
```
- Replace {version} in the following command with the version found on the releases page and run it (or just copy the download URL from the releases page):
```
wget https://github.com/cdr/code-server/releases/download/{version}/code-server-{version}-linux-x64.tar.gz
```
- Extract the downloaded tar.gz file with this command, for example:
```
tar -xvzf code-server-{version}-linux-x64.tar.gz
```
- Navigate to extracted directory with this command:
```
cd code-server-{version}-linux-x64
```
- If you run into any permission errors, make the binary executable by running:
```
chmod +x code-server
```
> To ensure the connection between you and your server is encrypted view our guide on [securing your setup](../../security/ssl.md)
- Finally, run
```
sudo ./code-server -p 80
```
- When you visit the public IP for your AWS instance, you will be greeted with this page. Code-server is using a self-signed SSL certificate for easy setup. To proceed to the IDE, click **"Advanced"**<img src ="../../assets/chrome_warning.png">
- Then click **"proceed anyway"**<img src="../../assets/chrome_confirm.png">
> For instructions on how to keep the server running after you end your SSH session please checkout [how to use systemd](https://www.linode.com/docs/quick-answers/linux/start-service-at-boot/) to start linux based services if they are killed
> The `-p 80` flag is necessary in order to make the IDE accessible from the public IP of your instance (also available from the description in the instances page.
---
> NOTE: If you get stuck or need help, [file an issue](https://github.com/cdr/code-server/issues/new?&title=Improve+self-hosted+quickstart+guide), [tweet (@coderhq)](https://twitter.com/coderhq) or [email](mailto:support@coder.com?subject=Self-hosted%20quickstart%20guide).

49
doc/admin/install/digitalocean.md Normal file
View File

@ -0,0 +1,49 @@
# Deploy on DigitalOcean
This tutorial shows you how to deploy `code-server` to a single node running on DigitalOcean.
If you're just starting out, we recommend [installing code-server locally](../../self-hosted/index.md). It takes only a few minutes and lets you try out all of the features.
---
## Use the "Create Droplets" wizard
[Open your DigitalOcean dashboard](https://cloud.digitalocean.com/droplets/new) to create a new droplet
- **Choose an image -** Select the **Distributions** tab and then choose Ubuntu
- **Choose a size -** We recommend at least 4GB RAM and 2 CPU, more depending on team size and number of repositories/languages enabled.
- Launch your instance
- Open a terminal on your computer and SSH into your instance
> example: ssh root@203.0.113.0
- Once in the SSH session, visit code-server [releases page](https://github.com/cdr/code-server/releases/) and copy the link to the download for the latest linux release
- Find the latest Linux release from this URL:
```
https://github.com/cdr/code-server/releases/latest
```
- Replace {version} in the following command with the version found on the releases page and run it (or just copy the download URL from the releases page):
```
wget https://github.com/cdr/code-server/releases/download/{version}/code-server-{version}-linux-x64.tar.gz
```
- Extract the downloaded tar.gz file with this command, for example:
```
tar -xvzf code-server-{version}-linux-x64.tar.gz
```
- Navigate to extracted directory with this command:
```
cd code-server-{version}-linux-x64
```
- If you run into any permission errors when attempting to run the binary:
```
chmod +x code-server
```
> To ensure the connection between you and your server is encrypted view our guide on [securing your setup](../../security/ssl.md)
- Finally start the code-server
```
sudo ./code-server -p 80
```
> For instructions on how to keep the server running after you end your SSH session please checkout [how to use systemd](https://www.linode.com/docs/quick-answers/linux/start-service-at-boot/) to start linux based services if they are killed
- When you visit the public IP for your Digital Ocean instance, you will be greeted with this page. Code-server is using a self-signed SSL certificate for easy setup. To proceed to the IDE, click **"Advanced"**<img src ="../../assets/chrome_warning.png">
- Then click **"proceed anyway"**<img src="../../assets/chrome_confirm.png">
---
> NOTE: If you get stuck or need help, [file an issue](https://github.com/cdr/code-server/issues/new?&title=Improve+self-hosted+quickstart+guide), [tweet (@coderhq)](https://twitter.com/coderhq) or [email](mailto:support@coder.com?subject=Self-hosted%20quickstart%20guide).

71
doc/admin/install/google_cloud.md Normal file
View File

@ -0,0 +1,71 @@
# Deploy on Google Cloud
This tutorial shows you how to deploy `code-server` to a single node running on Google Cloud.
If you're just starting out, we recommend [installing code-server locally](../../self-hosted/index.md). It takes only a few minutes and lets you try out all of the features.
---
## Deploy to Google Cloud VM
> Pre-requisite: Please [set up Google Cloud SDK](https://cloud.google.com/sdk/docs/) on your local machine
- [Open your Google Cloud console](https://console.cloud.google.com/compute/instances) to create a new VM instance and click **Create Instance**
- Choose an appropriate machine type (we recommend 2 vCPU and 7.5 GB RAM, more depending on team size and number of repositories/languages enabled)
- Choose Ubuntu 16.04 LTS as your boot disk
- Check the boxes for **Allow HTTP traffic** and **Allow HTTPS traffic** in the **Firewall** section
- Create your VM, and **take note** of its public IP address.
- Copy the link to download the latest Linux binary from our [releases page](https://github.com/cdr/code-server/releases)
---
## Final Steps
- SSH into your Google Cloud VM
```
gcloud compute ssh --zone [region] [instance name]
```
- Find the latest Linux release from this URL:
```
https://github.com/cdr/code-server/releases/latest
```
- Replace {version} in the following command with the version found on the releases page and run it (or just copy the download URL from the releases page):
```
wget https://github.com/cdr/code-server/releases/download/{version}/code-server-{version}-linux-x64.tar.gz
```
- Extract the downloaded tar.gz file with this command, for example:
```
tar -xvzf code-server-{version}-linux-x64.tar.gz
```
- Navigate to extracted directory with this command:
```
cd code-server-{version}-linux-x64
```
- Make the binary executable if you run into any errors regarding permission:
```
chmod +x code-server
```
> To ensure the connection between you and your server is encrypted view our guide on [securing your setup](../security/ssl.md)
- Start the code-server
```
sudo ./code-server -p 80
```
> For instructions on how to keep the server running after you end your SSH session please checkout [how to use systemd](https://www.linode.com/docs/quick-answers/linux/start-service-at-boot/) to start linux based services if they are killed
- Access code-server from the public IP of your Google Cloud instance we noted earlier in your browser.
> example: 32.32.32.234
- You will be greeted with this page. Code-server is using a self-signed SSL certificate for easy setup. To proceed to the IDE, click **"Advanced"**<img src ="../../assets/chrome_warning.png">
- Then click **"proceed anyway"**<img src="../../assets/chrome_confirm.png">
---
> NOTE: If you get stuck or need help, [file an issue](https://github.com/cdr/code-server/issues/new?&title=Improve+self-hosted+quickstart+guide), [tweet (@coderhq)](https://twitter.com/coderhq) or [email](mailto:support@coder.com?subject=Self-hosted%20quickstart%20guide).

BIN
doc/assets/aws_ubuntu.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 44 KiB

BIN
doc/assets/chrome_confirm.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 19 KiB

BIN
doc/assets/chrome_warning.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 30 KiB

BIN
doc/assets/cli.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 137 KiB

Some files were not shown because too many files have changed in this diff Show More