Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
microsoft
GitHub Repository: microsoft/vscode
 Path: blob/main/build/azure-pipelines/product-quality-checks.yml
13379 views
1
jobs:

2
  - job: Quality

3
    displayName: Quality Checks

4
    timeoutInMinutes: 20

5
    variables:

6
      - name: skipComponentGovernanceDetection

7
        value: true

8
      - name: Codeql.SkipTaskAutoInjection

9
        value: true

10
    steps:

11
      - template: ./common/checkout.yml@self

12


13
      - task: NodeTool@0

14
        inputs:

15
          versionSource: fromFile

16
          versionFilePath: .nvmrc

17


18
      - template: ./distro/download-distro.yml@self

19


20
      - task: AzureKeyVault@2

21
        displayName: "Azure Key Vault: Get Secrets"

22
        inputs:

23
          azureSubscription: vscode

24
          KeyVaultName: vscode-build-secrets

25
          SecretsFilter: "github-distro-mixin-password"

26


27
      - script: node build/setup-npm-registry.ts $NPM_REGISTRY

28
        condition: and(succeeded(), ne(variables['NPM_REGISTRY'], 'none'))

29
        displayName: Setup NPM Registry

30


31
      - script: mkdir -p .build && node build/azure-pipelines/common/computeNodeModulesCacheKey.ts quality $(node -p process.arch) > .build/packagelockhash

32
        displayName: Prepare node_modules cache key

33


34
      - task: Cache@2

35
        inputs:

36
          key: '"node_modules" | .build/packagelockhash'

37
          path: .build/node_modules_cache

38
          cacheHitVar: NODE_MODULES_RESTORED

39
        displayName: Restore node_modules cache

40


41
      - script: tar -xzf .build/node_modules_cache/cache.tgz

42
        condition: and(succeeded(), eq(variables.NODE_MODULES_RESTORED, 'true'))

43
        displayName: Extract node_modules cache

44


45
      - script: |

46
          set -e

47
          npm config set registry "$NPM_REGISTRY"

48
          echo "##vso[task.setvariable variable=NPMRC_PATH]$(npm config get userconfig)"

49
        condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'), ne(variables['NPM_REGISTRY'], 'none'))

50
        displayName: Setup NPM

51


52
      - task: npmAuthenticate@0

53
        inputs:

54
          workingFile: $(NPMRC_PATH)

55
        condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'), ne(variables['NPM_REGISTRY'], 'none'))

56
        displayName: Setup NPM Authentication

57


58
      - script: |

59
          set -e

60


61
          for i in {1..5}; do # try 5 times

62
            npm ci && break

63
            if [ $i -eq 5 ]; then

64
              echo "Npm install failed too many times" >&2

65
              exit 1

66
            fi

67
            echo "Npm install failed $i, trying again..."

68
          done

69
        workingDirectory: build

70
        env:

71
          GITHUB_TOKEN: "$(github-distro-mixin-password)"

72
        displayName: Install build dependencies

73
        condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'))

74


75
      - script: |

76
          set -e

77
          export VSCODE_SYSROOT_DIR=$(Build.SourcesDirectory)/.build/sysroots/glibc-2.28-gcc-8.5.0

78
          SYSROOT_ARCH="amd64" VSCODE_SYSROOT_PREFIX="-glibc-2.28-gcc-8.5.0" node -e 'import { getVSCodeSysroot } from "./build/linux/debian/install-sysroot.ts"; (async () => { await getVSCodeSysroot(process.env["SYSROOT_ARCH"]); })()'

79
        env:

80
          VSCODE_ARCH: x64

81
          GITHUB_TOKEN: "$(github-distro-mixin-password)"

82
        displayName: Download vscode sysroots

83


84
      - script: |

85
          set -e

86


87
          source ./build/azure-pipelines/linux/setup-env.sh

88
          node build/npm/preinstall.ts

89


90
          for i in {1..5}; do # try 5 times

91
            npm ci && break

92
            if [ $i -eq 5 ]; then

93
              echo "Npm install failed too many times" >&2

94
              exit 1

95
            fi

96
            echo "Npm install failed $i, trying again..."

97
          done

98
        env:

99
          npm_config_arch: x64

100
          VSCODE_ARCH: x64

101
          ELECTRON_SKIP_BINARY_DOWNLOAD: 1

102
          PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1

103
          GITHUB_TOKEN: "$(github-distro-mixin-password)"

104
        displayName: Install dependencies

105
        condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'))

106


107
      - script: node build/azure-pipelines/distro/mixin-npm.ts

108
        condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'))

109
        displayName: Mixin distro node modules

110


111
      - script: |

112
          set -e

113
          node build/azure-pipelines/common/listNodeModules.ts .build/node_modules_list.txt

114
          mkdir -p .build/node_modules_cache

115
          tar -czf .build/node_modules_cache/cache.tgz --files-from .build/node_modules_list.txt

116
        condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'))

117
        displayName: Create node_modules archive

118


119
      - script: node build/azure-pipelines/distro/mixin-quality.ts

120
        displayName: Mixin distro quality

121


122
      - script: node build/azure-pipelines/common/checkDistroCommit.ts

123
        displayName: Check distro commit

124
        env:

125
          GITHUB_TOKEN: "$(github-distro-mixin-password)"

126
          BUILD_SOURCEBRANCH: "$(Build.SourceBranch)"

127
        continueOnError: true

128
        condition: and(succeeded(), eq(lower(variables['VSCODE_PUBLISH']), 'true'))

129


130
      - script: npm exec -- npm-run-all2 -lp core-ci hygiene eslint valid-layers-check define-class-fields-check vscode-dts-compile-check tsec-compile-check test-build-scripts

131
        env:

132
          GITHUB_TOKEN: "$(github-distro-mixin-password)"

133
        displayName: Compile & Hygiene

134


135
      - script: npm run download-builtin-extensions-cg

136
        env:

137
          GITHUB_TOKEN: "$(github-distro-mixin-password)"

138
        displayName: Download component details of built-in extensions

139
        condition: and(succeeded(), eq(lower(variables['VSCODE_PUBLISH']), 'true'))

140


141
      - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0

142
        displayName: "Component Detection"

143
        inputs:

144
          sourceScanPath: $(Build.SourcesDirectory)

145
          alertWarningLevel: Medium

146
        continueOnError: true

147
        condition: and(succeeded(), eq(lower(variables['VSCODE_PUBLISH']), 'true'))

148


149
      - task: AzureCLI@2

150
        displayName: Fetch secrets

151
        inputs:

152
          azureSubscription: vscode

153
          scriptType: pscore

154
          scriptLocation: inlineScript

155
          addSpnToEnvironment: true

156
          inlineScript: |

157
            Write-Host "##vso[task.setvariable variable=AZURE_TENANT_ID]$env:tenantId"

158
            Write-Host "##vso[task.setvariable variable=AZURE_CLIENT_ID]$env:servicePrincipalId"

159
            Write-Host "##vso[task.setvariable variable=AZURE_ID_TOKEN;issecret=true]$env:idToken"

160
        condition: and(succeeded(), eq(lower(variables['VSCODE_PUBLISH']), 'true'))

161


162
      - script: |

163
          set -e

164
          AZURE_STORAGE_ACCOUNT="vscodeweb" \

165
          AZURE_TENANT_ID="$(AZURE_TENANT_ID)" \

166
          AZURE_CLIENT_ID="$(AZURE_CLIENT_ID)" \

167
          AZURE_ID_TOKEN="$(AZURE_ID_TOKEN)" \

168
            node build/azure-pipelines/upload-sourcemaps.ts

169
        displayName: Upload sourcemaps to Azure

170
        condition: and(succeeded(), eq(lower(variables['VSCODE_PUBLISH']), 'true'))

171


172