coder
diff --git a/‎.github/ISSUE_TEMPLATE/bug-report.yml
+1-1 b/‎.github/ISSUE_TEMPLATE/bug-report.yml
+1-1
diff --git a/‎.github/workflows/ci.yaml
+75-62 b/‎.github/workflows/ci.yaml
+75-62
diff --git a/‎.github/workflows/docker.yaml
+14 b/‎.github/workflows/docker.yaml
+14
diff --git a/‎.github/workflows/docs-preview.yaml
+7-72 b/‎.github/workflows/docs-preview.yaml
+7-72
@@ -57,7 +57,7 @@ body:
     id: logs
     attributes:
       label: Logs
-      description: Run code-server with the --verbose flag and then paste any relevant logs from the server, from the browser console and/or the browser network tab. For issues with installation, include installation logs (i.e. output of `yarn global add code-server`).
+      description: Run code-server with the --verbose flag and then paste any relevant logs from the server, from the browser console and/or the browser network tab. For issues with installation, include installation logs (i.e. output of `npm install -g code-server`).
   - type: textarea
     attributes:
       label: Screenshot/Video
 
@@ -29,6 +29,9 @@ jobs:
     steps:
       - name: Checkout repo
         uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          submodules: true
 
       - name: Install Node.js v14
         uses: actions/setup-node@v3
@@ -38,21 +41,17 @@ jobs:
       - name: Install helm
         uses: azure/[email protected]
 
-      # NOTE@jsjoeio
-      # disabling this until we can audit the build process
-      # and the usefulness of this step
-      # See: https://github.com/coder/code-server/issues/4287
-      # - name: Fetch dependencies from cache
-      #   id: cache-yarn
-      #   uses: actions/cache@v2
-      #   with:
-      #     path: "**/node_modules"
-      #     key: yarn-build-${{ hashFiles('**/yarn.lock') }}
-      #     restore-keys: |
-      #       yarn-build-
+      - name: Fetch dependencies from cache
+        id: cache-yarn
+        uses: actions/cache@v3
+        with:
+          path: "**/node_modules"
+          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+            yarn-build-
 
       - name: Install dependencies
-        # if: steps.cache-yarn.outputs.cache-hit != 'true'
+        if: steps.cache-yarn.outputs.cache-hit != 'true'
         run: yarn --frozen-lockfile
 
       - name: Run yarn fmt
@@ -71,6 +70,9 @@ jobs:
     steps:
       - name: Checkout repo
         uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          submodules: true
 
       - name: Install Node.js v14
         uses: actions/setup-node@v3
@@ -79,7 +81,7 @@ jobs:
 
       - name: Fetch dependencies from cache
         id: cache-yarn
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: "**/node_modules"
           key: yarn-build-${{ hashFiles('**/yarn.lock') }}
@@ -102,60 +104,56 @@ jobs:
     env:
       CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout repo
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
+          submodules: true
+
+      - name: Install quilt
+        run: sudo apt update && sudo apt install quilt
+
+      - name: Patch Code
+        run: quilt push -a
 
       - name: Install Node.js v14
         uses: actions/setup-node@v3
         with:
           node-version: "14"
 
-      # TODO@Teffen investigate why this omits code-oss-dev/node_modules
-      # - name: Fetch dependencies from cache
-      #   id: cache-yarn
-      #   uses: actions/cache@v2
-      #   with:
-      #     path: |
-      #       "**/node_modules"
-      #       "**/vendor/modules"
-      #       "**/vendor/modules/code-oss-dev/node_modules"
-      #     key: yarn-build-${{ hashFiles('**/yarn.lock') }}-${{ hashFiles('**/vendor/yarn.lock') }}
-      #     restore-keys: |
-      #       yarn-build-
+      - name: Fetch dependencies from cache
+        id: cache-yarn
+        uses: actions/cache@v3
+        with:
+          path: "**/node_modules"
+          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+            yarn-build-
 
       - name: Install dependencies
-        # if: steps.cache-yarn.outputs.cache-hit != 'true'
+        if: steps.cache-yarn.outputs.cache-hit != 'true'
         run: yarn --frozen-lockfile
 
       - name: Build code-server
         run: yarn build
 
-      # Parse the hash of the latest commit inside vendor/modules/code-oss-dev
-      # use this to avoid rebuilding it if nothing changed
-      # How it works: the `git log` command fetches the hash of the last commit
-      # that changed a file inside `vendor/modules/code-oss-dev`. If a commit changes any file in there,
-      # the hash returned will change, and we rebuild vscode. If the hash did not change,
-      # (for example, a change to `src/` or `docs/`), we reuse the same build as last time.
-      # This saves a lot of time in CI, as compiling VSCode can take anywhere from 5-10 minutes.
-      - name: Get latest vendor/modules/code-oss-dev rev
+      # Get Code's git hash.  When this changes it means the content is
+      # different and we need to rebuild.
+      - name: Get latest lib/vscode rev
         id: vscode-rev
-        run: echo "::set-output name=rev::$(jq -r '.devDependencies["code-oss-dev"]' vendor/package.json | sed -r 's|.*#(.*)$|\1|')"
+        run: echo "::set-output name=rev::$(git rev-parse HEAD:./lib/vscode)"
 
-      - name: Attempt to fetch vscode build from cache
-        id: cache-vscode-2
-        uses: actions/cache@v2
+        # We need to rebuild when we have a new version of Code or when any of
+        # the patches changed.  Use VSCODE_CACHE_VERSION to force a rebuild.
+      - name: Fetch prebuilt Code package from cache
+        id: cache-vscode
+        uses: actions/cache@v3
         with:
-          path: |
-            vendor/modules/code-oss-dev/.build
-            vendor/modules/code-oss-dev/package.json
-            vendor/modules/code-oss-dev/out-build
-            vendor/modules/code-oss-dev/out-vscode-reh-web
-            vendor/modules/code-oss-dev/out-vscode-reh-web-min
-          key: vscode-reh-build-${{ secrets.VSCODE_CACHE_VERSION }}-${{ steps.vscode-rev.outputs.rev }}
+          path: lib/vscode-reh-web-*
+          key: vscode-reh-package-${{ secrets.VSCODE_CACHE_VERSION }}-${{ steps.vscode-rev.outputs.rev }}-${{ hashFiles('patches/*.diff') }}
 
       - name: Build vscode
-        if: steps.cache-vscode-2.outputs.cache-hit != 'true'
+        if: steps.cache-vscode.outputs.cache-hit != 'true'
         run: yarn build:vscode
 
       # Our code imports code from VS Code's `out` directory meaning VS Code
@@ -197,9 +195,13 @@ jobs:
     if: github.event.pull_request.head.repo.full_name == github.repository
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
 
-      - uses: actions/download-artifact@v3
+      - name: Download artifact
+        uses: actions/download-artifact@v3
         id: download
         with:
           name: "npm-package"
@@ -226,7 +228,10 @@ jobs:
     container: "centos:7"
 
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
 
       - name: Install Node.js v14
         uses: actions/setup-node@v3
@@ -315,7 +320,10 @@ jobs:
       NODE_VERSION: v14.17.4
 
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
 
       - name: Install Node.js v14
         uses: actions/setup-node@v3
@@ -364,7 +372,10 @@ jobs:
     runs-on: macos-latest
     timeout-minutes: 15
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
 
       - name: Install Node.js v14
         uses: actions/setup-node@v3
@@ -409,7 +420,11 @@ jobs:
       # since VS Code will load faster due to the bundling.
       CODE_SERVER_TEST_ENTRY: "./release-packages/code-server-linux-amd64"
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          submodules: true
 
       - name: Install Node.js v14
         uses: actions/setup-node@v3
@@ -418,7 +433,7 @@ jobs:
 
       - name: Fetch dependencies from cache
         id: cache-yarn
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: "**/node_modules"
           key: yarn-build-${{ hashFiles('**/yarn.lock') }}
@@ -446,12 +461,6 @@ jobs:
           ./test/node_modules/.bin/playwright install-deps
           ./test/node_modules/.bin/playwright install
 
-      # TODO@jsjoeio - remove once we switch to submodules.
-      - name: Create package.json for testing
-        run: |
-          mkdir -p ./vendor/modules/code-oss-dev
-          echo '{ "version": "test" }' > ./vendor/modules/code-oss-dev/package.json
-
       - name: Run end-to-end tests
         run: yarn test:e2e
 
@@ -468,8 +477,11 @@ jobs:
   trivy-scan-repo:
     runs-on: ubuntu-20.04
     steps:
-      - name: Checkout code
+      - name: Checkout repo
         uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
       - name: Run Trivy vulnerability scanner in repo mode
         uses: aquasecurity/trivy-action@296212627a1e693efa09c00adc3e03b2ba8edf18
         with:
@@ -480,6 +492,7 @@ jobs:
           template: "@/contrib/sarif.tpl"
           output: "trivy-repo-results.sarif"
           severity: "HIGH,CRITICAL"
+
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v1
         with:
 
@@ -35,6 +35,20 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
+      - name: Get version
+        id: version
+        run: echo "::set-output name=version::$(jq -r .version package.json)"
+
+      - name: Download artifact
+        uses: dawidd6/action-download-artifact@v2
+        id: download
+        with:
+          branch: v${{ steps.version.outputs.version }}
+          workflow: ci.yaml
+          workflow_conclusion: completed
+          name: "release-packages"
+          path: release-packages
+
       - name: Run ./ci/steps/docker-buildx-push.sh
         run: ./ci/steps/docker-buildx-push.sh
         env:
 
@@ -17,89 +17,24 @@ permissions:
   security-events: none
   statuses: none
 
-# Cancel in-progress runs for pull requests when developers push
-# additional changes, and serialize builds in branches.
-# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-concurrency-to-cancel-any-in-progress-job-or-run
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
-
 jobs:
   preview:
     name: Docs preview
     runs-on: ubuntu-20.04
-    environment: CI
-    # Only run if PR comes from base repo
-    # Reason: forks cannot access secrets and this will always fail
-    if: github.event.pull_request.head.repo.full_name == github.repository
     steps:
-      - name: Cancel Previous Runs
-        uses: styfle/[email protected]
-
-      - name: Checkout m
-        uses: actions/checkout@v3
-        with:
-          repository: coder/m
-          ref: refs/heads/master
-          ssh-key: ${{ secrets.READONLY_M_DEPLOY_KEY }}
-          submodules: true
-          fetch-depth: 0
-
-      - name: Install Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: 14
-
-      - name: Cache Node Modules
-        uses: actions/cache@v2
-        with:
-          path: "/node_modules"
-          key: node-${{ hashFiles('yarn.lock') }}
-
-      - name: Create Deployment
-        id: deployment
-        run: ./ci/scripts/github_deployment.sh create
-        env:
-          GITHUB_TOKEN: ${{ github.token }}
-          DEPLOY_ENVIRONMENT: codercom-preview-docs
-
-      - name: Deploy Preview to Vercel
-        id: preview
-        run: ./ci/scripts/deploy_vercel.sh
-        env:
-          VERCEL_ORG_ID: team_tGkWfhEGGelkkqUUm9nXq17r
-          VERCEL_PROJECT_ID: QmZRucMRh3GFk1817ZgXjRVuw5fhTspHPHKct3JNQDEPGd
-          VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }}
-          CODE_SERVER_DOCS_MAIN_BRANCH: ${{ github.event.pull_request.head.sha }}
+      - uses: actions/checkout@v3
 
-      - name: Install node_modules
-        run: yarn install
-
-      - name: Check docs
-        run: yarn ts-node ./product/coder.com/site/scripts/checkDocs.ts
-        env:
-          BASE_URL: ${{ steps.preview.outputs.url }}
-
-      - name: Update Deployment
-        # If we don't specify always, it won't run this check if failed.
-        # This means the deployment would be stuck pending.
-        if: always()
-        run: ./ci/scripts/github_deployment.sh update
-        env:
-          GITHUB_DEPLOYMENT: ${{ steps.deployment.outputs.id }}
-          GITHUB_TOKEN: ${{ github.token }}
-          DEPLOY_STATUS: ${{ steps.preview.outcome }}
-          DEPLOY_URL: ${{ steps.preview.outputs.url }}
+      - name: Set outputs
+        id: vars
+        run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
 
       - name: Comment Credentials
         uses: marocchino/sticky-pull-request-comment@v2
-        if: always()
         with:
           header: codercom-preview-docs
           message: |
-            ✨ Coder.com for PR #${{ github.event.number }} deployed! It will be updated on every commit.
-
-            * _Host_: ${{ steps.preview.outputs.url }}/docs/code-server
-            * _Last deploy status_: ${{ steps.preview.outcome }}
+            ✨ code-server docs for PR #${{ github.event.number }} is ready! It will be updated on every commit.
+            * _Host_: https://coder.com/docs/code-server/${{ steps.vars.outputs.sha_short }}
+            * _Last deploy status_: success
             * _Commit_: ${{ github.event.pull_request.head.sha }}
             * _Workflow status_: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}