diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8f3f95f53..7118a666b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -82,12 +82,24 @@ jobs: echo "| **Branch** | \`${{ needs.prepare.outputs.BRANCH_NAME }}\` |" >> $GITHUB_STEP_SUMMARY - name: Cache NPM dependencies - uses: SonarSource/ci-github-actions/cache@v1 + uses: SonarSource/gh-action_cache@v1 with: - path: ~/.npm + path: | + ~/.npm + node_modules/ key: npm-${{ runner.os }}-${{ hashFiles('**/package-lock.json') }} restore-keys: npm-${{ runner.os }} + - name: Cache JAR dependencies + uses: SonarSource/gh-action_cache@v1 + with: + path: | + server/ + analyzers/ + eslint-bridge/ + key: jars-${{ runner.os }}-${{ hashFiles('package.json') }} + restore-keys: jars-${{ runner.os }} + - name: Prepare build env: ARTIFACTORY_PRIVATE_READER_USERNAME: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_USER }} @@ -133,6 +145,13 @@ jobs: GITHUB_BRANCH: ${{ github.head_ref || github.ref_name }} run: npm run deploy-all-marketplaces + - name: Upload VSIX artifact for QA tests + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + with: + name: universal-vsix-qa-artifact + path: sonarlint-vscode-${{ steps.project_version.outputs.PACKAGE_VERSION }}.vsix + retention-days: 1 + test-linux: runs-on: github-ubuntu-latest-m name: Run tests on Linux @@ -157,12 +176,24 @@ jobs: - uses: SonarSource/ci-github-actions/get-build-number@v1 - name: Cache NPM dependencies - uses: SonarSource/ci-github-actions/cache@v1 + uses: SonarSource/gh-action_cache@v1 with: - path: ~/.npm + path: | + ~/.npm + node_modules/ key: npm-${{ runner.os }}-${{ hashFiles('**/package-lock.json') }} restore-keys: npm-${{ runner.os }} + - name: Cache JAR dependencies + uses: SonarSource/gh-action_cache@v1 + with: + path: | + server/ + analyzers/ + eslint-bridge/ + key: jars-${{ runner.os }}-${{ hashFiles('package.json') }} + restore-keys: jars-${{ runner.os }} + - name: Prepare xvfb and ffmpeg run: mise run install-system-deps @@ -186,7 +217,7 @@ jobs: - name: Upload tests recording if: ${{ !cancelled() }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: linux-test-recording path: vscode_test-linux_${{ github.run_id }}.mp4 @@ -221,12 +252,24 @@ jobs: development/kv/data/next token | SONAR_TOKEN; - name: Cache NPM dependencies - uses: SonarSource/ci-github-actions/cache@v1 + uses: SonarSource/gh-action_cache@v1 with: - path: ~/.npm + path: | + ~/.npm + node_modules/ key: npm-${{ runner.os }}-${{ hashFiles('**/package-lock.json') }} restore-keys: npm-${{ runner.os }} + - name: Cache JAR dependencies + uses: SonarSource/gh-action_cache@v1 + with: + path: | + server/ + analyzers/ + eslint-bridge/ + key: jars-${{ runner.os }}-${{ hashFiles('package.json') }} + restore-keys: jars-${{ runner.os }} + - name: Run tests with coverage env: ARTIFACTORY_PRIVATE_READER_USERNAME: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_USER }} @@ -274,27 +317,31 @@ jobs: development/kv/data/slack token | SLACK_BOT_TOKEN; - name: Cache NPM dependencies - uses: SonarSource/ci-github-actions/cache@v1 + uses: SonarSource/gh-action_cache@v1 with: - path: ~/.npm + path: | + ~/.npm + node_modules/ key: npm-${{ runner.os }}-${{ hashFiles('**/package-lock.json') }} restore-keys: npm-${{ runner.os }} + - name: Cache JAR dependencies + uses: SonarSource/gh-action_cache@v1 + with: + path: | + server/ + analyzers/ + eslint-bridge/ + key: jars-${{ runner.os }}-${{ hashFiles('package.json') }} + restore-keys: jars-${{ runner.os }} + - name: Prepare xvfb and ffmpeg run: mise run install-system-deps - - name: Download VSIX from Artifactory - env: - ARTIFACTORY_URL: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_URL }} - ARTIFACTORY_PRIVATE_USERNAME: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_USER }} - ARTIFACTORY_PRIVATE_PASSWORD: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }} - PACKAGE_VERSION: ${{ needs.build.outputs.PACKAGE_VERSION }} - PROJECT_VERSION: ${{ needs.build.outputs.PROJECT_VERSION }} - run: | - echo "Downloading staged VSIX for ${PROJECT_VERSION}" - curl -u "${ARTIFACTORY_PRIVATE_USERNAME}:${ARTIFACTORY_PRIVATE_PASSWORD}" \ - -o "sonarlint-vscode-${PACKAGE_VERSION}.vsix" \ - "${ARTIFACTORY_URL}/sonarsource-public-qa/org/sonarsource/sonarlint/vscode/sonarlint-vscode/${PROJECT_VERSION}/sonarlint-vscode-${PACKAGE_VERSION}.vsix" + - name: Download VSIX artifact + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + with: + name: universal-vsix-qa-artifact - name: Prepare integration tests env: @@ -321,7 +368,7 @@ jobs: - name: Upload test recording if: ${{ !cancelled() }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: its-test-recording-${{ matrix.qa_category }} path: its/vscode_qa-tests-${{ matrix.qa_category }}_${{ github.run_id }}.mp4 diff --git a/.github/workflows/credcheck.yml b/.github/workflows/credcheck.yml index a284f8b2d..8cbc1f885 100644 --- a/.github/workflows/credcheck.yml +++ b/.github/workflows/credcheck.yml @@ -30,6 +30,15 @@ jobs: development/kv/data/visualstudio VSCE_TOKEN | VISUALSTUDIO_PAT; development/team/sonarlint/kv/data/openvsx token | OPENVSX_TOKEN; + - name: Cache NPM dependencies + uses: SonarSource/gh-action_cache@v1 + with: + path: | + ~/.npm + node_modules/ + key: npm-${{ runner.os }}-credcheck-${{ hashFiles('.github/actions/vsce-publish/package-lock.json', '.github/actions/ovsx-publish/package-lock.json') }} + restore-keys: npm-${{ runner.os }}-credcheck- + - name: Check marketplace publisher personal access token if: ${{ !cancelled() }} env: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 311944cc0..518e7b2c5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -49,11 +49,17 @@ jobs: secrets: | development/artifactory/token/{REPO_OWNER_NAME_DASH}-private-reader access_token | ARTIFACTORY_ACCESS_TOKEN; development/kv/data/visualstudio VSCE_TOKEN | VISUALSTUDIO_PAT; + - name: Cache NPM dependencies + uses: SonarSource/gh-action_cache@v1 + with: + path: ~/.npm + key: npm-${{ runner.os }}-vsce-publish-${{ hashFiles('.github/actions/vsce-publish/package-lock.json') }} + restore-keys: npm-${{ runner.os }}-vsce-publish- - name: Install dependencies for vsce-publish run: | cp ${GITHUB_WORKSPACE}/.github/scripts/.npmrc ./.npmrc export ARTIFACTORY_ACCESS_TOKEN=${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }} - npm install + npm ci working-directory: ./.github/actions/vsce-publish - name: Extract version, file name and download URL id: extract_version @@ -131,11 +137,19 @@ jobs: secrets: | development/artifactory/token/{REPO_OWNER_NAME_DASH}-private-reader access_token | ARTIFACTORY_ACCESS_TOKEN; development/team/sonarlint/kv/data/openvsx token | OPENVSX_TOKEN; + - name: Cache NPM dependencies + uses: SonarSource/gh-action_cache@v1 + with: + path: | + ~/.npm + node_modules/ + key: npm-${{ runner.os }}-ovsx-publish-${{ hashFiles('.github/actions/ovsx-publish/package-lock.json') }} + restore-keys: npm-${{ runner.os }}-ovsx-publish- - name: Install dependencies for ovsx-publish run: | cp ${GITHUB_WORKSPACE}/.github/scripts/.npmrc ./.npmrc export ARTIFACTORY_ACCESS_TOKEN=${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }} - npm install + npm ci working-directory: ./.github/actions/ovsx-publish - name: Extract version, file name and download URL id: extract_version diff --git a/.github/workflows/shadow-scans.yml b/.github/workflows/shadow-scans.yml index ee706c7dd..00250f662 100644 --- a/.github/workflows/shadow-scans.yml +++ b/.github/workflows/shadow-scans.yml @@ -38,12 +38,24 @@ jobs: - uses: SonarSource/ci-github-actions/get-build-number@v1 - name: Cache NPM dependencies - uses: SonarSource/ci-github-actions/cache@v1 + uses: SonarSource/gh-action_cache@v1 with: - path: ~/.npm + path: | + ~/.npm + node_modules/ key: npm-${{ runner.os }}-${{ hashFiles('**/package-lock.json') }} restore-keys: npm-${{ runner.os }} + - name: Cache JAR dependencies + uses: SonarSource/gh-action_cache@v1 + with: + path: | + server/ + analyzers/ + eslint-bridge/ + key: jars-${{ runner.os }}-${{ hashFiles('package.json') }} + restore-keys: jars-${{ runner.os }} + - name: Prepare project env: ARTIFACTORY_URL: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_URL }}