Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
gitpod-io
GitHub Repository: gitpod-io/gitpod
 Path: blob/main/components/BUILD.yaml
2486 views
1
# Copyright (c) 2021 Gitpod GmbH. All rights reserved.

2
# Licensed under the GNU Affero General Public License (AGPL).

3
# See License.AGPL.txt in the project root for license information.

4


5
packages:

6
  - name: all

7
    type: generic

8
    argdeps:

9
      - version

10
    deps:

11
      - :all-docker

12
      - :needs-vuln-scan

13
      - :docker-versions

14
      - :publish-api

15
      - dev:all-app

16
      - install/installer:docker

17
      - components/gitpod-protocol:all

18
  - name: docker-versions

19
    type: docker

20
    config:

21
      dockerfile: leeway.Dockerfile

22
      image:

23
        - ${imageRepoBase}/versions:${version}

24
    deps:

25
      - :all-docker

26
  - name: all-docker

27
    type: generic

28
    argdeps:

29
      - version

30
      - imageRepoBase

31
    deps:

32
      - components/blobserve:docker

33
      - components/content-service:docker

34
      - components/dashboard:docker

35
      - components/docker-up:docker

36
      - components/ee/agent-smith:docker

37
      - components/gitpod-db:docker

38
      - components/ide/code-desktop:docker

39
      - components/ide/code-desktop:docker-insiders

40
      - components/ide/code:docker

41
      - components/ide/code/codehelper:docker

42
      - components/ide/code/gitpod-web-extension:docker

43
      - components/ide/xterm:docker

44
      - components/ide/jetbrains/launcher:docker

45
      - components/ide/jetbrains/backend-plugin:stable

46
      - components/ide/jetbrains/backend-plugin:latest

47
      - components/ide/jetbrains/backend-plugin:stable-rider

48
      - components/ide/jetbrains/backend-plugin:latest-rider

49
      - components/ide/jetbrains/image:goland

50
      - components/ide/jetbrains/image:goland-latest

51
      - components/ide/jetbrains/image:intellij

52
      - components/ide/jetbrains/image:intellij-latest

53
      - components/ide/jetbrains/image:phpstorm

54
      - components/ide/jetbrains/image:phpstorm-latest

55
      - components/ide/jetbrains/image:pycharm

56
      - components/ide/jetbrains/image:pycharm-latest

57
      - components/ide/jetbrains/image:rubymine

58
      - components/ide/jetbrains/image:rubymine-latest

59
      - components/ide/jetbrains/image:webstorm

60
      - components/ide/jetbrains/image:webstorm-latest

61
      - components/ide/jetbrains/image:rider

62
      - components/ide/jetbrains/image:rider-latest

63
      - components/ide/jetbrains/image:clion

64
      - components/ide/jetbrains/image:clion-latest

65
      - components/ide/jetbrains/image:rustrover

66
      - components/ide/jetbrains/image:rustrover-latest

67
      - components/image-builder-bob:docker

68
      - components/image-builder-mk3:docker

69
      - components/ipfs/ipfs-cluster:docker

70
      - components/ipfs/kubo:docker

71
      - components/local-app:docker

72
      - components/public-api-server:docker

73
      - components/usage:docker

74
      - components/openvsx-proxy:docker

75
      - components/proxy:docker

76
      - components/registry-facade:docker

77
      - components/scheduler-extender:docker

78
      - components/server:docker

79
      - components/service-waiter:docker

80
      - components/supervisor:docker

81
      - components/workspacekit:docker

82
      - components/ws-daemon:docker

83
      - components/ws-daemon/seccomp-profile-installer:docker

84
      - components/ws-manager-bridge:docker

85
      - components/ws-manager-mk2:docker

86
      - components/ws-proxy:docker

87
      - components/ide-proxy:docker

88
      - components/ide-metrics:docker

89
      - components/ide-service:docker

90
      - components/node-labeler:docker

91
      - test:docker

92
      - dev/version-manifest:app

93
    config:

94
      commands:

95
        - ["sh", "-c", "echo \"commit: ${__git_commit}\" > versions.yaml"]

96
        - ["sh", "-c", "echo \"version: ${version}\" >> versions.yaml"]

97
        - ["sh", "-c", "dev-version-manifest--app/version-manifest >> versions.yaml"]

98
        - ["sh", "-c", "rm -r components* dev-*"]

99
  - name: needs-vuln-scan

100
    type: generic

101
    deps:

102
      - components/blobserve:docker

103
      - components/content-service:docker

104
      - components/dashboard:docker

105
      - components/docker-up:docker

106
      - components/ee/agent-smith:docker

107
      - components/gitpod-db:docker

108
      - components/ide-metrics:docker

109
      - components/ide-proxy:docker

110
      - components/ide-service:docker

111
      - components/image-builder-bob:docker

112
      - components/image-builder-mk3:docker

113
      - components/node-labeler:docker

114
      - components/openvsx-proxy:docker

115
      - components/proxy:docker

116
      - components/public-api-server:docker

117
      - components/registry-facade:docker

118
      - components/server:docker

119
      - components/service-waiter:docker

120
      - components/supervisor:docker

121
      - components/workspacekit:docker

122
      - components/ws-daemon:docker

123
      - components/ws-manager-bridge:docker

124
      - components/ws-manager-mk2:docker

125
      - components/ws-proxy:docker

126
  - name: publish-api

127
    type: generic

128
    deps:

129
      - components/ide-metrics-api/typescript-grpc:publish

130
      - components/ide-metrics-api/typescript-grpcweb:publish

131
      - components/gitpod-protocol:publish

132
      - components/local-app-api/typescript-grpcweb:publish

133
      - components/supervisor-api/typescript-grpc:publish

134
      - components/supervisor-api/typescript-grpcweb:publish

135
      - components/ide/jetbrains/gateway-plugin:publish-stable

136
      - components/ide/jetbrains/gateway-plugin:publish-latest

137
      - components/public-api/typescript:publish

138
  - name: all-apps

139
    type: generic

140
    deps:

141
      - components/blobserve:app

142
      - components/content-service:app

143
      - components/dashboard:app

144
      - components/docker-up:app

145
      - components/ee/agent-smith:app

146
      - components/image-builder-mk3:app

147
      - components/openvsx-proxy:app

148
      - components/public-api-server:app

149
      - components/registry-facade:app

150
      - components/server:app

151
      - components/service-waiter:app

152
      - components/supervisor:app

153
      - components/supervisor/frontend:app

154
      - components/workspacekit:app

155
      - components/ws-daemon:app

156
      - components/ws-manager-bridge:app

157
      - components/ide-metrics:app

158
      - components/ide-service:app

159
      - components/ide/jetbrains/launcher:app

160
      - components/node-labeler:app

161
scripts:

162
  - name: update-license-header

163
    description: Updates the license header in all source files

164
    deps:

165
      - dev/addlicense:app

166
    script: |

167
      # set `export LICENCE_HEADER_CHECK_ONLY=true` to just check if all headers are there (and exit with status code 1 if not)

168
      check=$([ "$LICENCE_HEADER_CHECK_ONLY" = true ] && printf "%s" '-check')

169


170
      leeway collect files --format-string '{{ range . }}{{ .Name }}{{"\n"}}{{ end }}' | sort | uniq | while read f; do echo "$PWD/../$f"; done | addlicense $check -s -l agpl  . || exit 1

171
  - name: dejson-log-output

172
    script: |-

173
      jq -Rr '. as $line |

174
      try (

175
          fromjson |

176
          .time + " " + .component + " " + .severity

177
              + if .message == null then "" else .message | " \"" + tostring + "\"" end

178
              + if .context == null then "" else .context | " context:" + tostring end

179
              + if .payload == null then "" else .payload | " payload:" + tostring end

180
              + if .error == null then "" else .error | "\n" + tostring end

181
      ) catch $line'

182
  - name: generate-code-from-protobuf

183
    srcs:

184
      - components/**/*

185
    script: |

186
      GO_COMPONENTS=( local-app-api content-service-api image-builder-api registry-facade-api supervisor-api ws-daemon-api ws-manager-api ws-manager-bridge-api usage-api spicedb )

187


188
      for COMPONENT in "${GO_COMPONENTS[@]}";do

189
        echo "Generating code for component $COMPONENT..."

190
        pushd $COMPONENT > /dev/null

191
        ./generate.sh

192
        popd > /dev/null

193
      done

194


195
      WEB_COMPONENTS=( local-app-api/typescript-grpcweb supervisor-api/typescript-grpc supervisor-api/typescript-grpcweb spicedb/typescript )

196
      for COMPONENT in "${WEB_COMPONENTS[@]}";do

197
        echo "Generating code for component $COMPONENT..."

198
        pushd $COMPONENT > /dev/null

199
        yarn install

200
        ./build.sh

201
        popd > /dev/null

202
      done

203


204
  - name: update-go-modules

205
    srcs:

206
      - components/**/*

207
      - test/**/*

208
      - dev/**/*

209
    script: |

210
      leeway exec --filter-type go -v -- go mod tidy -compat=1.22

211


212
      # not all the code is present in leeway.

213
      # ensure we update everything containing a go.mod file

214
      for COMPONENT in $(find . -name go.mod); do

215
        DIRECTORY=$(dirname $COMPONENT)

216
        echo "$DIRECTORY"

217
        pushd $DIRECTORY > /dev/null

218
        go mod tidy -compat=1.22 -v

219
        popd > /dev/null

220
      done

221


222
  - name: check-mocha-no-only

223
    srcs:

224
      - components/**/*

225
    script: |

226
      if [ "$(git diff --cached | grep "+" | grep "\w+\.only(")" != "" ]; then

227
        echo ""

228
        echo "COMMIT FAILED:"

229
        echo "Some spec files have .only. Please remove only and try committing again."

230
        exit 1

231
      else

232
        exit 0

233
      fi

234


235
  - name: unblock-user

236
    deps:

237
      - components/service-waiter:app

238
    script: |

239
      export DB_USERNAME=$(kubectl get secrets mysql -o jsonpath="{.data.username}" | base64 -d)

240
      export DB_PASSWORD=$(kubectl get secrets mysql -o jsonpath="{.data.password}" | base64 -d)

241
      kubectl port-forward statefulset/mysql 3306 &

242
      PID=$!

243
      service-waiter database -t 10s

244
      if [ $? -ne 0 ]; then

245
        echo "could not connect to DB"

246
        kill $PID || true

247
        exit 1

248
      fi

249
      query="select name, blocked from d_b_user limit 10;"

250
      result=$(mysql -e "$query" -u$DB_USERNAME -p$DB_PASSWORD -h 127.0.0.1 gitpod)

251


252
      printf "\nCurrent context:           $(kubectx -c)"

253
      printf "\nCurrent namespace:         $(kubens -c)\n"

254


255
      printf "\nAvailable users (max 10):\n$result\n\n"

256
      printf "Enter user to unblock (empty to abort): "

257
      read user

258
      if [[ -z "$user" ]]; then

259
        echo "No input."

260
      else

261
        echo "User: $user"

262
        query="update d_b_user set blocked=0 where name=\"$user\";"

263
        mysql -e "$query" -u$DB_USERNAME -p$DB_PASSWORD -h 127.0.0.1 gitpod

264
      fi

265


266
      printf "\nFGA: Reset fgaRelationshipsVersion for $user...\n"

267
      query="update d_b_user set additionalData = JSON_REMOVE(additionalData, '$.fgaRelationshipsVersion') where name=\"$user\";"

268
      mysql -e "$query" -u$DB_USERNAME -p$DB_PASSWORD -h 127.0.0.1 gitpod

269
      if [ $? -ne 0 ]; then

270
        echo "error resetting fgaRelationshipsVersion"

271
        kill $PID || true

272
        exit 1

273
      fi

274
      kill $PID || true

275


276
      printf "\nRestarting server and redis to pick up DB changes...\n"

277
      kubectl rollout restart deployment/server deployment/redis

278


279
  - name: make-user-admin

280
    deps:

281
      - components/service-waiter:app

282
    script: |

283
      export DB_USERNAME=$(kubectl get secrets mysql -o jsonpath="{.data.username}" | base64 -d)

284
      export DB_PASSWORD=$(kubectl get secrets mysql -o jsonpath="{.data.password}" | base64 -d)

285
      kubectl port-forward statefulset/mysql 3306 &

286
      PID=$!

287
      service-waiter database -t 10s

288
      if [ $? -ne 0 ]; then

289
        echo "could not connect to DB"

290
        kill $PID || true

291
        exit 1

292
      fi

293
      query="select name, rolesOrPermissions from d_b_user limit 10;"

294
      result=$(mysql -e "$query" -u$DB_USERNAME -p$DB_PASSWORD -h 127.0.0.1 gitpod)

295


296
      printf "\nCurrent context:           $(kubectx -c)"

297
      printf "\nCurrent namespace:         $(kubens -c)\n"

298


299
      printf "\nAvailable users (max 10):\n$result\n\n"

300
      printf "Enter user to make admin (empty to abort): "

301
      read user

302
      if [[ -z "$user" ]]; then

303
        echo "No input."

304
      else

305
        echo "User: $user"

306
        query="update d_b_user set rolesOrPermissions = '[\"admin\", \"admin-permissions\"]', fgaRelationshipsVersion=0 where name=\"$user\";"

307
        mysql -e "$query" -u$DB_USERNAME -p$DB_PASSWORD -h 127.0.0.1 gitpod

308
      fi

309
      kill $PID || true

310


311
      printf "\nRestarting server and redis to pick up DB changes...\n"

312
      kubectl rollout restart deployment/server deployment/redis

313


314
  - name: add-smith-token

315
    deps:

316
      - components/service-waiter:app

317
    script: |

318
      echo "$"

319
      export DB_USERNAME=$(\

320
        kubectl \

321
          --kubeconfig "${PREVIEW_K3S_KUBE_PATH}" \

322
          --context "${PREVIEW_K3S_KUBE_CONTEXT}" \

323
          --namespace "${PREVIEW_NAMESPACE}" \

324
          get secrets mysql -o jsonpath="{.data.username}" \

325
        | base64 -d \

326
      )

327
      export DB_PASSWORD=$(\

328
        kubectl \

329
          --kubeconfig "${PREVIEW_K3S_KUBE_PATH}" \

330
          --context "${PREVIEW_K3S_KUBE_CONTEXT}" \

331
          --namespace "${PREVIEW_NAMESPACE}" \

332
          get secrets mysql -o jsonpath="{.data.password}" \

333
        | base64 -d \

334
      )

335
      kubectl \

336
        --kubeconfig "${PREVIEW_K3S_KUBE_PATH}" \

337
        --context "${PREVIEW_K3S_KUBE_CONTEXT}" \

338
        --namespace "${PREVIEW_NAMESPACE}" \

339
        port-forward statefulset/mysql 3306 &

340
      PID=$!

341
      service-waiter database -t 20s

342
      if [ $? -ne 0 ]; then

343
        echo "could not connect to DB"

344
        kill $PID || true

345
        exit 1

346
      fi

347


348
      query="insert into d_b_user(id,name,creationDate,rolesOrPermissions,additionalData) values('builtin-user-agent-smith-0000000', 'agent-smith', DATE_FORMAT(NOW(3), '%Y-%m-%dT%T.%fZ'),'[\"admin\"]','{\"emailNotificationSettings\": {\"allowsChangelogMail\": false, \"allowsOnboardingMail\": true}}') on duplicate key update id=id;"

349
      mysql -e "$query" -u$DB_USERNAME -p$DB_PASSWORD -h 127.0.0.1 gitpod

350


351
      query="insert into d_b_gitpod_token(tokenHash,name,type,userId,scopes,created,deleted) VALUES('${TOKEN}','agent-smith',0,'builtin-user-agent-smith-0000000','function:adminBlockUser', '2021-03-16T10:28:57.608Z', false) on duplicate key update tokenHash=tokenHash;"

352
      mysql -e "$query" -u$DB_USERNAME -p$DB_PASSWORD -h 127.0.0.1 gitpod

353


354
      kill $PID || true

355


356