Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: e pr download-dist <number> #679

Open
wants to merge 21 commits into
base: main
Choose a base branch
from
Open

feat: e pr download-dist <number> #679

wants to merge 21 commits into from

Conversation

samuelmaddock
Copy link
Member

@samuelmaddock samuelmaddock commented Nov 15, 2024

e pr download-dist <number> will download a pull request's dist artifacts to ~/.electron_build_tools/artifacts/pr_{number}_{platform}_{arch}

As a followup, we could add a electron-fiddle:// command to register it as a local build for easier testing. With that, this command could register the downloaded artifact.

@samuelmaddock samuelmaddock requested review from ckerr and a team as code owners November 15, 2024 00:22
src/e-pr.js Outdated Show resolved Hide resolved
src/e-pr.js Outdated Show resolved Hide resolved
src/e-pr.js Outdated
if (!(await fs.promises.stat(electronAppPath).catch(() => false))) {
fatal(`Electron.app not found within the extracted dist.zip.`);
return;
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For Mac versions, do we want to automatically remove the quarantine with xattr -c Electron.app since the app will be unsigned, or do we want to leave that to the developer?

I suppose we could either prompt the caller, or add a CLI flag if it doesn't seem safe to automatically remove it

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was also wondering about this. When I run the script, and double-click the .app, it doesn't seem to show me the popup about it being downloaded from the internet 🤔

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe when I manually downloaded the artifact, that attribute was added by Chrome to the .zip and then propagated to the .app when I extracted the zip. If downloading it via a script doesn't encounter the same problem, then all the better :)

Copy link
Member

@dsanders11 dsanders11 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Can we implement this without it being a breaking change to e pr? I know we don't guarantee CLI stability, but it's nice to avoid breaking it in case others are using it (such as other tooling like the Electron Build Tools VS Code extension)
  • This won't support Windows until we migrate from AppVeyor to GHA (should be soon), might be worth calling out

@samuelmaddock
Copy link
Member Author

Can we implement this without it being a breaking change to e pr? I know we don't guarantee CLI stability, but it's nice to avoid breaking it in case others are using it (such as other tooling like the Electron Build Tools VS Code extension)

Agreed. I was able to find a way to do this in 9e2ad26 👍

This won't support Windows until we migrate from AppVeyor to GHA (should be soon), might be worth calling out

For now this will fail when it can't the artifacts.

$ e pr download-dist 44411 --platform=win32 --arch=x64
Failed to find artifact: generated_artifacts_win32_x64

Copy link
Member

@dsanders11 dsanders11 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm a +1 on the general concept, but a couple of thoughts on the implementation:

  • Would be nice if there was a built-in way to clean out downloaded artifacts so they don't build up over time.
  • I think some guard rails around this would be good, to prevent a user from fat fingering a PR number and potentially running code they didn't intend to on their local machine. Perhaps a confirmation prompt that displays the title of the PR, the author, indicates if it's a fork, etc?

@@ -28,6 +28,7 @@
"command-exists": "^1.2.8",
"commander": "^9.0.0",
"debug": "^4.3.1",
"extract-zip": "^2.0.1",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

extract-zip is unmaintained and the last release was 4 years ago, so I'd prefer to use a maintained alternative if we're adding a new dependency.

IMO https://www.npmjs.com/package/adm-zip is a solid alternative, and it can extract to a Buffer in-memory which could be useful to avoid the temp dir logic (at the expense of higher memory usage) and get straight to the dist.zip file. Quick pseudo-code example:

const distZipEntry = artifactZip.getEntry('dist.zip');
if (!distZipEntry) {
  fatal(`dist.zip not found within the artifact.`);
  return;
}

const distZip = new AdmZip(artifactZip.readFile(distZipEntry));
distZip.extractAllTo(outputDir);

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is validating actually 👍 I would have reached for that package first, but saw we were using extract-zip in many other places so I was aiming for consistency.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yea, historically we've used it but probably time to move on given it's unmaintained. I have loose plans to migrate our other usages of it as appropriate.

src/e Outdated Show resolved Hide resolved
src/e-pr.js Show resolved Hide resolved
@samuelmaddock
Copy link
Member Author

samuelmaddock commented Nov 16, 2024

@dsanders11 here's sample output from the confirmation prompt I added

$ e pr download-dist 44598            
? You are about to download artifacts from:

“feat: add query-session-end and improve session-end events on Windows (#44598)” by savely-krasovsky
https://github.com/savely-krasovsky/electron (fork)

Proceed? (Y/n)
$ e pr download-dist 44411            
? You are about to download artifacts from:

“feat: service worker preload scripts (#44411)” by samuelmaddock
https://github.com/electron/electron

Proceed? (Y/n)

I'm still thinking about how I want to approach cleaning up. Whether it should be another command or automatically checked each time any build-tools command is issued.

Also, excellent recommendation with extracting in-memory. It cleaned up a lot of code!

Comment on lines -4785 to +4781
"strip-ansi-cjs@npm:strip-ansi@^6.0.1":
version "6.0.1"
resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9"
integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==
dependencies:
ansi-regex "^5.0.1"

strip-ansi@^6.0.0, strip-ansi@^6.0.1:
"strip-ansi-cjs@npm:strip-ansi@^6.0.1", strip-ansi@^6.0.0, strip-ansi@^6.0.1:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you're using an older version of Yarn so these are getting folded back into one, which can actually cause some weird issues (not sure it will in this specific case). If I revert these changes and run yarn install with v1.22.22 the only change I get is the adm-zip addition.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're correct, I was on v1.22.17 🧠
I'll update and fix.

@samuelmaddock
Copy link
Member Author

Opened #680 for cleaning up artifacts.

@samuelmaddock
Copy link
Member Author

Bad news regarding adm-zip, it doesn't support symlinks (cthackers/adm-zip#455) which Electron.app contains once extracted. I may have to switch back to extract-zip for this reason.

@dsanders11
Copy link
Member

@samuelmaddock, ah, unfortunate. Thanks for the update, makes sense.

Copy link
Member

@dsanders11 dsanders11 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Blocking on the lockfile change regarding wrap-ansi and friends.

As another safety mechanism I think it would be good to not allow downloading dist for closed PRs. An option could allow it if we think that's a valid use case, but if someone puts up a malicious PR I don't want it to be easy to download the artifacts after we close it.

It's also not clear to me how this PR handles changes to PRs. I think the short SHA should be worked into the artifact names to avoid confusion? There's currently no indicator which commit the artifacts are for, which seems like a recipe for getting confused about which changes are running.

src/e-pr.js Show resolved Hide resolved
Comment on lines +414 to +419
// Cleanup temporary files
try {
await fs.promises.rm(tempDir, { recursive: true });
} catch {
// ignore
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this can just go in a finally block rather than repeating it in both blocks?

Copy link
Member Author

@samuelmaddock samuelmaddock Nov 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The issue is that fatal() will call process.exit(1) and the cleanup won't happen. I'll refactor this to use process.exitCode = 1

src/e-pr.js Outdated
Comment on lines 248 to 259
const { proceed } = await inquirer.prompt([
{
type: 'confirm',
name: 'proceed',
message: `You are about to download artifacts from:

“${pullRequest.title} (#${pullRequest.number})” by ${pullRequest.user.login}
${pullRequest.head.repo.html_url}${isElectronRepo ? ' (fork)' : ''}

Proceed?`,
},
]);
Copy link
Member

@dsanders11 dsanders11 Nov 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Personally I think I'd prefer this default to false so users can't fat finger through, but it's not a sticking point.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reasonable preference, I'll add it 👍

@samuelmaddock
Copy link
Member Author

@dsanders11 how would you feel about a prompt like this regarding the closed PR issue

? You are about to download artifacts from:

“feat: service worker preload scripts (#44411)” by samuelmaddock
https://github.com/electron/electron

❗❗❗ The pull request is closed, only proceed if you trust the source ❗❗❗

Proceed? (y/N)

@dsanders11
Copy link
Member

@samuelmaddock, with that and the default being N, I think I'm good with that. 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants