Merge pull request #1961 from tgstation/dev [TGSDeploy]

v6.11.0 Release

.github/CONTRIBUTING.md

@@ -191,7 +191,7 @@ This prevents nesting levels from getting deeper then they need to be.
 
 - Some terminology to help understand the architecture:
   - An instance can be thought of as a separate server. It has a separate directory, repository, set of byond installations, etc... The only thing shared amongst instances is API surface, users, global configuration, the active tgstation-server version, and the host machine.
-  - API refers to the HTTP API unless otherwise specified.
+  - API refers to the REST API unless otherwise specified.
   - The entirety of server functionality resides in the host (Tgstation.Server.Host) project.
   - A Component is a service running in tgstation-server to help with instance functionality. These can only be communicated with via the HTTP or DM APIs.
   - There is a difference between Watchdog and Host Watchdog. The former monitors DreamDaemon uptime, the latter handles updating tgstation-server.
@@ -247,7 +247,7 @@ Warning: You may need to temporarily set valid MySql credentials in [MySqlDesign
 
 OAuth providers are hardcoded but it is fairly easy to add new ones. The flow doesn't need to be strict OAuth either (r.e. /tg/ forums). Follow the following steps:
 
-1. Add the name to the [Tgstation.Server.Api.Models.OAuthProviders](../src/Tgstation.Server.Api/Models/OAuthProviders.cs) enum (Also necessitates a minor HTTP API version bump).
+1. Add the name to the [Tgstation.Server.Api.Models.OAuthProviders](../src/Tgstation.Server.Api/Models/OAuthProviders.cs) enum (Also necessitates a minor API version bump to the HTTP APIs (REST/GraphQL)).
 1. Create an implementation of [IOAuthValidator](../src/Tgstation.Server.Host/Security/OAuth/IOAuthValidator.cs).
    - Most providers can simply override the [GenericOAuthValidator](../src/Tgstation.Server.Host/Security/OAuth/GenericOAuthValidator.cs).
 1. Construct the implementation in the [OAuthProviders](../src/Tgstation.Server.Host/Security/OAuth/OAuthProviders.cs) class.
@@ -275,7 +275,8 @@ Major changes should be committed to the `VX` branch created when the time for a
 
 We have several subcomponent APIs we ship with the core server that have their own versions.
 
-- HTTP API
+- REST API
+- GraphQL API
 - DreamMaker API
 - Interop API
 - Configuration File
@@ -308,7 +309,7 @@ Word commit names descriptively. Only submit work through pull requests (With th
 
 At the time of this writing, the repository is configured to automate much of the deployment/release process.
 
-When the new API, client, or DMAPI is ready to be released, update the `Version.props` file appropriately and merge the pull request with the text `[APIDeploy]`, `[NuGetDeploy]`, or `[DMDeploy]` respectively in the commit message (or all three!). The release will be published automatically.
+When the new API, client, or DMAPI is ready to be released, update the `Version.props` file appropriately and merge the pull request with the text `[RESTDeploy]`, `[GQLDeploy]`, `[NugetDeploy]`, or `[DMDeploy]` respectively in the commit message (or all three!). The release will be published automatically.
 
 That step should be taken for the latest API and client before releasing the core version that uses them if applicable.
 

.github/PULL_REQUEST_TEMPLATE.md

@@ -16,7 +16,7 @@ They will be amalgamated together in the end.
 Categories are used by [the release notes tool](../tools/Tgstation.Server.ReleaseNotes) to generate formatted changelists used in releases.
 The default category is Core.
 Only one category may be specified for a 🆑 block.
-Valid categories are Core, DreamMaker API, HTTP API, Host Watchdog, Web Control Panel, Configuration, Nuget: Api, Nuget: Client, and Nuget: Common.
+Valid categories are Core, DreamMaker API, REST API, GraphQL API, Host Watchdog, Web Control Panel, Configuration, Nuget: Api, Nuget: Client, and Nuget: Common.
 /🆑
 
 [Why]: # (If this does not close or work on an existing GitHub issue, please add a short description [two lines down] of why you think these changes would benefit the server. If you can't justify it in words, it might not be worth adding.)

.github/workflows/ci-pipeline.yml

@@ -10,7 +10,8 @@
 # - Checks commit tags for deployment intents
 # - Deploys DreamMaker API zip [DMDeploy] (dev/master)
 # - Deploys Nuget Packages [NugetDeploy] (dev/master)
-# - Deploys HTTP API swagger.json [APIDeploy] (dev/master)
+# - Deploys HTTP API swagger.json [RESTDeploy] (dev/master)
+# - Deploys GraphQL API schema.graphql [GQLDeploy] (dev/master)
 # - Deploys tgstation-server [TGSDeploy] (master)
 #   - GitHub Releases: https://github.com/tgstation/tgstation-server/releases
 #   - Docker: https://hub.docker.com/r/tgstation/server
@@ -578,7 +579,6 @@ jobs:
         configuration: ["Debug", "Release"]
     env:
       TGS_TELEMETRY_KEY_FILE: C:/tgs_telemetry_key.txt
-      TGS_TEST_GRAPHQL: true
     runs-on: windows-latest
     steps:
       - name: Setup dotnet
@@ -627,6 +627,7 @@ jobs:
         run: |
           echo "TGS_TEST_DATABASE_TYPE=PostgresSql" >> $GITHUB_ENV
           echo "TGS_TEST_CONNECTION_STRING=Application Name=tgstation-server;Host=127.0.0.1;Username=$USER;Database=TGS__${{ matrix.watchdog-type }}_${{ matrix.configuration }}" >> $GITHUB_ENV
+          echo "TGS_TEST_GRAPHQL=true" >> $GITHUB_ENV
 
       - name: Setup MariaDB
         uses: ankane/setup-mariadb@v1
@@ -638,6 +639,7 @@ jobs:
         run: |
           echo "TGS_TEST_DATABASE_TYPE=MariaDB" >> $GITHUB_ENV
           echo "TGS_TEST_CONNECTION_STRING=Server=127.0.0.1;uid=root;database=tgs__${{ matrix.watchdog-type }}_${{ matrix.configuration }}" >> $GITHUB_ENV
+          echo "TGS_TEST_GRAPHQL=true" >> $GITHUB_ENV
 
       - name: Setup MySQL
         uses: ankane/setup-mysql@v1
@@ -657,6 +659,7 @@ jobs:
           TGS_CONNSTRING_VALUE="Server=(localdb)\MSSQLLocalDB;Encrypt=false;Integrated Security=true;Initial Catalog=TGS_${{ matrix.watchdog-type }}_${{ matrix.configuration }};Application Name=tgstation-server"
           echo "TGS_TEST_CONNECTION_STRING=$(echo $TGS_CONNSTRING_VALUE)" >> $GITHUB_ENV
           echo "TGS_TEST_DATABASE_TYPE=SqlServer" >> $GITHUB_ENV
+          echo "TGS_TEST_GRAPHQL=true" >> $GITHUB_ENV
 
       - name: Checkout (Branch)
         uses: actions/checkout@v4
@@ -739,6 +742,13 @@ jobs:
           name: openapi-spec
           path: C:/tgs_api.json
 
+      - name: Store GraphQL Schema
+        if: ${{ matrix.configuration == 'Release' && matrix.watchdog-type == 'Advanced' && matrix.database-type == 'SqlServer' }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: graphql-schema
+          path: ./artifacts/tgs-api.graphql
+
       - name: Package Server Service
         if: ${{ matrix.configuration == 'Release' && matrix.watchdog-type == 'Basic' && matrix.database-type == 'PostgresSql' }}
         run: |
@@ -855,6 +865,7 @@ jobs:
         run: |
           echo "TGS_TEST_DATABASE_TYPE=Sqlite" >> $GITHUB_ENV
           echo "TGS_TEST_CONNECTION_STRING=Data Source=TGS_${{ matrix.watchdog-type }}_${{ matrix.configuration }}.sqlite3;Mode=ReadWriteCreate" >> $GITHUB_ENV
+          echo "TGS_TEST_GRAPHQL=true" >> $GITHUB_ENV
 
       - name: Set PostgresSql Connection Info
         if: ${{ matrix.database-type == 'PostgresSql' }}
@@ -874,6 +885,7 @@ jobs:
           echo "TGS_TEST_DATABASE_TYPE=MySql" >> $GITHUB_ENV
           echo "TGS_TEST_CONNECTION_STRING=Server=127.0.0.1;Port=3307;uid=root;pwd=mysql;database=tgs__${{ matrix.watchdog-type }}_${{ matrix.configuration }}" >> $GITHUB_ENV
           echo "Database__ServerVersion=5.7.31" >> $GITHUB_ENV
+          echo "TGS_TEST_GRAPHQL=true" >> $GITHUB_ENV
 
       - name: Set General__UseBasicWatchdog
         if: ${{ matrix.watchdog-type == 'Basic' }}
@@ -1607,11 +1619,11 @@ jobs:
       - name: GitHub Requires at Least One Step for a Job
         run: exit 0
 
-  deploy-http:
-    name: Deploy HTTP API
+  deploy-rest:
+    name: Deploy REST API
     needs: deployment-gate
     runs-on: windows-latest
-    if: contains(github.event.head_commit.message, '[APIDeploy]')
+    if: contains(github.event.head_commit.message, '[RESTDeploy]')
     steps:
       - name: Setup dotnet
         uses: actions/setup-dotnet@v4
@@ -1626,7 +1638,7 @@ jobs:
         shell: powershell
         run: |
           [XML]$versionXML = Get-Content build/Version.props
-          $apiVersion = $versionXML.Project.PropertyGroup.TgsApiVersion
+          $apiVersion = $versionXML.Project.PropertyGroup.TgsRestVersion
           echo "TGS_API_VERSION=$apiVersion" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
 
       - name: Retrieve OpenAPI Spec
@@ -1657,7 +1669,7 @@ jobs:
       - name: Generate Release Notes
         env:
           TGS_RELEASE_NOTES_TOKEN: ${{ steps.app-token-generation.outputs.token }}
-        run: dotnet release_notes_bins/Tgstation.Server.ReleaseNotes.dll ${{ env.TGS_API_VERSION }} --httpapi
+        run: dotnet release_notes_bins/Tgstation.Server.ReleaseNotes.dll ${{ env.TGS_API_VERSION }} --restapi
 
       - name: Create GitHub Release
         uses: actions/create-release@v1
@@ -1666,7 +1678,7 @@ jobs:
           GITHUB_TOKEN: ${{ steps.app-token-generation.outputs.token }}
         with:
           tag_name: api-v${{ env.TGS_API_VERSION }}
-          release_name: tgstation-server API v${{ env.TGS_API_VERSION }}
+          release_name: tgstation-server REST API v${{ env.TGS_API_VERSION }}
           body_path: release_notes.md
           commitish: ${{ github.event.head_commit.id }}
 
@@ -1680,6 +1692,86 @@ jobs:
           asset_name: swagger.json
           asset_content_type: application/json
 
+  deploy-gql:
+    name: Deploy GraphQL API
+    needs: deployment-gate
+    runs-on: windows-latest
+    if: contains(github.event.head_commit.message, '[GQLDeploy]')
+    steps:
+      - name: Setup dotnet
+        uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: ${{ env.TGS_DOTNET_VERSION }}.0.x
+          dotnet-quality: ${{ env.TGS_DOTNET_QUALITY }}
+
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Parse API version
+        shell: powershell
+        run: |
+          [XML]$versionXML = Get-Content build/Version.props
+          $apiVersion = $versionXML.Project.PropertyGroup.TgsGraphQLVersion
+          echo "TGS_API_VERSION=$apiVersion" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
+          [Version]$parsedVersion = $apiVersion
+          if ($parsedVersion.Major -eq 0) {
+            echo "TGS_GRAPHQL_PRERELEASE=true" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
+          } else {
+            echo "TGS_GRAPHQL_PRERELEASE=false" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
+          }
+
+      - name: Retrieve GraphQL Schema
+        uses: actions/download-artifact@v4
+        with:
+          name: graphql-schema
+          path: schema
+
+      - name: Grab Most Recent Changelog
+        shell: powershell
+        run: |
+          $ProgressPreference = 'SilentlyContinue'
+          Invoke-WebRequest -Uri https://raw.githubusercontent.com/tgstation/tgstation-server/gh-pages/changelog.yml -OutFile changelog.yml
+
+      - name: Retrieve ReleaseNotes Binaries
+        uses: actions/download-artifact@v4
+        with:
+          name: release_notes_bins
+          path: release_notes_bins
+
+      - name: Generate App Token
+        id: app-token-generation
+        uses: actions/create-github-app-token@v1
+        with:
+          app-id: ${{ secrets.APP_ID }}
+          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+
+      - name: Generate Release Notes
+        env:
+          TGS_RELEASE_NOTES_TOKEN: ${{ steps.app-token-generation.outputs.token }}
+        run: dotnet release_notes_bins/Tgstation.Server.ReleaseNotes.dll ${{ env.TGS_API_VERSION }} --graphqlapi
+
+      - name: Create GitHub Release
+        uses: actions/create-release@v1
+        id: create_release
+        env:
+          GITHUB_TOKEN: ${{ steps.app-token-generation.outputs.token }}
+        with:
+          tag_name: graphql-v${{ env.TGS_API_VERSION }}
+          release_name: tgstation-server GraphQL API v${{ env.TGS_API_VERSION }}
+          body_path: release_notes.md
+          commitish: ${{ github.event.head_commit.id }}
+          prerelease: ${{ env.TGS_GRAPHQL_PRERELEASE }}
+
+      - name: Upload GraphQL Schema
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ steps.app-token-generation.outputs.token }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ./schema/tgs-api.graphql
+          asset_name: tgs-api.graphql
+          asset_content_type: text/plain
+
   deploy-dm:
     name: Deploy DreamMaker API
     needs: deployment-gate
@@ -1814,9 +1906,9 @@ jobs:
 
   ensure-release:
     name: Ensure TGS Release is Latest GitHub Release
-    needs: [deploy-dm, deploy-http]
+    needs: [deploy-dm, deploy-rest, deploy-gql]
     runs-on: ubuntu-latest
-    if: (!(cancelled() || failure())) && (!contains(github.event.head_commit.message, '[TGSDeploy]')) && (needs.deploy-dm.result == 'success' || needs.deploy-http.result == 'success')
+    if: (!(cancelled() || failure())) && (!contains(github.event.head_commit.message, '[TGSDeploy]')) && (needs.deploy-dm.result == 'success' || needs.deploy-rest.result == 'success' || needs.deploy-gql.result == 'success')
     steps:
       - name: Setup dotnet
         uses: actions/setup-dotnet@v4
@@ -1844,7 +1936,7 @@ jobs:
 
   deploy-tgs:
     name: Deploy TGS
-    needs: [deploy-dm, deploy-http, deployment-gate]
+    needs: [deploy-dm, deploy-rest, deploy-gql, deployment-gate]
     runs-on: windows-latest
     if: (!(cancelled() || failure())) && github.event.ref == 'refs/heads/master' && contains(github.event.head_commit.message, '[TGSDeploy]') && needs.deployment-gate.result == 'success'
     env:
@@ -1936,6 +2028,12 @@ jobs:
           name: openapi-spec
           path: swagger
 
+      - name: Retrieve GraphQL Schema
+        uses: actions/download-artifact@v4
+        with:
+          name: graphql-schema
+          path: schema
+
       - name: Retrieve Debian Packaging Archive
         uses: actions/download-artifact@v4
         with:
@@ -2031,7 +2129,7 @@ jobs:
           asset_name: DMAPI.zip
           asset_content_type: application/zip
 
-      - name: Upload OpenApi Spec Artifact
+      - name: Upload REST API Artifact
         uses: actions/upload-release-asset@v1
         env:
           GITHUB_TOKEN: ${{ steps.app-token-generation.outputs.token }}
@@ -2041,6 +2139,16 @@ jobs:
           asset_name: swagger.json
           asset_content_type: application/json
 
+      - name: Upload GraphQL API Artifact
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ steps.app-token-generation.outputs.token }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ./schema/tgs-api.graphql
+          asset_name: tgs-api.graphql
+          asset_content_type: text/plain
+
       - name: Upload Server Update Package Artifact
         uses: actions/upload-release-asset@v1
         env:

.github/workflows/ci-security.yml

@@ -32,20 +32,6 @@ jobs:
           app-id: ${{ secrets.APP_ID }}
           private-key: ${{ secrets.APP_PRIVATE_KEY }}
 
-      - name: Comment on new Fork PR
-        if: github.event.action == 'opened' && !contains(github.event.pull_request.labels.*.name, 'CI Cleared') && github.event.pull_request.user.id != 49699333
-        uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6
-        with:
-          message: Thank you for contributing to ${{ github.event.pull_request.base.repo.name }}! The workflow '${{ github.workflow }}' requires repository secrets and will not run without approval. Maintainers can add the `CI Cleared` label to allow it to run. Note that any changes to ci-security.yml and ci-pipeline.yml will not be reflected.
-          GITHUB_TOKEN: ${{ steps.app-token-generation.outputs.token }}
-
-      - name: Comment on dependabot PR
-        if: github.event.action == 'opened' && !contains(github.event.pull_request.labels.*.name, 'CI Cleared') && github.event.pull_request.user.id == 49699333
-        uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6
-        with:
-          message: Set the milestone to the next ${{ (github.head_ref == 'master' && 'patch') || 'minor' }} version, check for supply chain attacks, and then add the `CI Cleared` label to allow CI to run.
-          GITHUB_TOKEN: ${{ steps.app-token-generation.outputs.token }}
-
       - name: "Remove Stale 'CI Cleared' Label"
         if: github.event.action == 'synchronize' || github.event.action == 'reopened'
         uses: actions-ecosystem/action-remove-labels@2ce5d41b4b6aa8503e285553f75ed56e0a40bae0

.github/workflows/new-pr-comments.yml

@@ -0,0 +1,36 @@
+name: CI Gated PR Comments
+
+on:
+  pull_request_target:
+    types:
+      - opened
+    branches:
+      - dev
+      - master
+
+jobs:
+  comment-on-new-pr:
+    name: Comment New PR
+    if: github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id || github.event.pull_request.user.id == 49699333
+    runs-on: ubuntu-latest
+    steps:
+      - name: Generate App Token
+        id: app-token-generation
+        uses: actions/create-github-app-token@v1
+        with:
+          app-id: ${{ secrets.APP_ID }}
+          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+
+      - name: Comment on new Fork PR
+        if: github.event.pull_request.user.id != 49699333
+        uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6
+        with:
+          message: Thank you for contributing to ${{ github.event.pull_request.base.repo.name }}! The workflow '${{ github.workflow }}' requires repository secrets and will not run without approval. Maintainers can add the `CI Cleared` label to allow it to run. Note that any changes to ci-security.yml and ci-pipeline.yml will not be reflected.
+          GITHUB_TOKEN: ${{ steps.app-token-generation.outputs.token }}
+
+      - name: Comment on dependabot PR
+        if: github.event.pull_request.user.id == 49699333
+        uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6
+        with:
+          message: Set the milestone to the next ${{ (github.head_ref == 'master' && 'patch') || 'minor' }} version, check for supply chain attacks, and then add the `CI Cleared` label to allow CI to run.
+          GITHUB_TOKEN: ${{ steps.app-token-generation.outputs.token }}

README.md

@@ -251,6 +251,8 @@ Create an `appsettings.Production.yml` file next to `appsettings.yml`. This will
 
 - `FileLogging:LogLevel`: Can be one of `Trace`, `Debug`, `Information`, `Warning`, `Error`, or `Critical`. Restricts what is put into the log files. Currently `Debug` is reccommended for help with error reporting.
 
+- `FileLogging:ProviderNetworkDebug`: Boolean controlling whether or not Chat bot providers should log their raw network traffic. Currently only applies to IrcProvider.
+
 - `Kestrel:Endpoints:Http:Url`: The URL (i.e. interface and ports) your application should listen on. General use case should be `http://localhost:<port>` for restricted local connections. See the Remote Access section for configuring public access to the World Wide Web. This doesn't need to be changed using the docker setup and should be mapped with the `-p` option instead
 
 - `Database:DatabaseType`: Can be one of `SqlServer`, `MariaDB`, `MySql`, `PostgresSql`, or `Sqlite`.

build/TestCommon.props

@@ -18,9 +18,9 @@
     <!-- Pinned: Be VERY careful about updating https://github.com/moq/moq/issues/1372 -->
     <PackageReference Include="Moq" Version="4.20.72" />
     <!-- Usage: MSTest execution -->
-    <PackageReference Include="MSTest.TestAdapter" Version="3.6.0" />
+    <PackageReference Include="MSTest.TestAdapter" Version="3.6.1" />
     <!-- Usage: MSTest asserts etc... -->
-    <PackageReference Include="MSTest.TestFramework" Version="3.6.0" />
+    <PackageReference Include="MSTest.TestFramework" Version="3.6.1" />
   </ItemGroup>
 
 </Project>