From 01606746c146b298a39f7f57ced85c23bea834a7 Mon Sep 17 00:00:00 2001
From: Evgeniy Antonyuk <antonyuk.evgenyiy@onlyoffice.com>
Date: Tue, 7 Jun 2022 16:16:05 +0300
Subject: [PATCH 1/8] Fix Bug 53170 / Add the ability to set secure_link_secret
 (#444)

* Add securelink generation

* Add ability to configure securelink_secret

* Add a description of SECURE_LINK_SECRET

* Update README.md
---
 README.md              | 1 +
 run-document-server.sh | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/README.md b/README.md
index 18fb96e..a7bc84d 100644
--- a/README.md
+++ b/README.md
@@ -187,6 +187,7 @@ Below is the complete list of parameters that can be set using environment varia
 - **REDIS_SERVER_PORT**:  The Redis server port number.
 - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
 - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
+- **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
 - **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`.
 - **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`.
 - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
diff --git a/run-document-server.sh b/run-document-server.sh
index c8dcf39..8011b54 100755
--- a/run-document-server.sh
+++ b/run-document-server.sh
@@ -468,6 +468,8 @@ update_nginx_settings(){
   if [ -f "${NGINX_ONLYOFFICE_EXAMPLE_CONF}" ]; then
     sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF}
   fi
+
+  documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)}
 }
 
 update_supervisor_settings(){

From a6562f4017a8e199904493e7010554f2b93dd38c Mon Sep 17 00:00:00 2001
From: Danil Titarenko <77471369+danilapog@users.noreply.github.com>
Date: Thu, 9 Jun 2022 13:27:39 +0300
Subject: [PATCH 2/8] Add multiarch build with action (#445)

* Update run-document-server.sh (#439)

* Revert "Update run-document-server.sh (#439)"

This reverts commit 5c17c711b1a14e39a2836bec0fee49044433c3a5.

* Add bake config

* Add targets for multiarch build

* Add multiarch workflows

* Cosmetic changes

* Refactoring

* Cosmetic changes

* Cosmetic changes

* Change URL for test repo

* Refactor: refactoring code

* Refactoring sed

* Remove -ie build

* Add special tag for package

* Cosmetic changes

Co-authored-by: papacarlo <builder@onlyoffice.com>
Co-authored-by: Roger Shieh <sh.rog@protonmail.ch>
Co-authored-by: Alexey Golubev <alexey.golubev@onlyoffice.com>
---
 .github/workflows/build-4testing.yml | 70 ++++++++++++++++++++++++++++
 .github/workflows/build-stable.yml   | 58 +++++++++++++++++++++++
 Dockerfile                           |  6 ++-
 docker-bake.hcl                      | 47 +++++++++++++++++++
 4 files changed, 179 insertions(+), 2 deletions(-)
 create mode 100644 .github/workflows/build-4testing.yml
 create mode 100644 .github/workflows/build-stable.yml
 create mode 100644 docker-bake.hcl

diff --git a/.github/workflows/build-4testing.yml b/.github/workflows/build-4testing.yml
new file mode 100644
index 0000000..215fe8d
--- /dev/null
+++ b/.github/workflows/build-4testing.yml
@@ -0,0 +1,70 @@
+### This workflow setup instance then build and push images ###
+name: Multi-arch build 4testing
+
+on:
+  push:
+    tags:
+      - "v*"
+      - "!v*-stable"
+
+env: 
+  COMPANY_NAME: "onlyoffice"
+  PRODUCT_NAME: "documentserver"
+      
+jobs:
+  build:
+    name: Build 
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        edition: ["", "-ee", "-de"]
+        images: ["documentserver"]
+    steps:
+      - name: Checkout code 
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+     
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: Get Tag Name
+        id: tag_name
+        run: |
+          echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/}
+
+      - name: Build documentserver-4testing
+        run: |
+          DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' )
+          PACKAGE_VERSION=$(echo $DOCKER_TAG | sed  's/\./-/3')
+          PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_amd64.deb
+          STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL")
+          if [[ "$STATUS" = "200" ]]; then
+             echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access"
+             PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb
+             STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") 
+                 if [[ "$STATUS" = "200" ]]; then
+                 echo "Have access to documentserver${{ matrix.edition }} arm64 arch"
+                 echo "All architecture are available >> Build is starting."
+                 sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile
+                 PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \
+                    PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \
+                    PREFIX_NAME=4testing- TAG=$DOCKER_TAG \
+                    docker buildx bake \
+                    -f docker-bake.hcl ${{ matrix.images }} \
+                    --push
+                 echo "DONE: Build success >> exit with 0"
+                 exit 0  
+          else
+             echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }}  >> Build did't started >> Exit with 0."
+             exit 0
+          fi
+          fi
+        shell: bash
diff --git a/.github/workflows/build-stable.yml b/.github/workflows/build-stable.yml
new file mode 100644
index 0000000..bb5b1d1
--- /dev/null
+++ b/.github/workflows/build-stable.yml
@@ -0,0 +1,58 @@
+### This workflow setup instance then build and push images ###
+name: Multi-arch build stable
+
+on:
+  push:
+    tags:
+      - "v*-stable"
+
+env:
+  COMPANY_NAME: "onlyoffice"
+  PRODUCT_NAME: "documentserver" 
+
+jobs:
+  build:
+    name: Build 
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        edition: ["", "-ee", "-de"]
+        images: ["documentserver-stable"]
+    steps:
+      - name: Checkout code 
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+     
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: Get Tag Name
+        id: tag_name
+        run: |
+          echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/}
+
+      - name: Build documentserver-stable
+        run: |
+          DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//')
+          IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$DOCKER_TAG > /dev/null ; echo $?)
+             if [[ "$IMAGE_STATUS" = "0" ]]; then
+                echo "Image present on docker.hub >> start build stable version"
+                echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$DOCKER_TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable
+                PRODUCT_EDITION=${{ matrix.edition }} PRODUCT_NAME=${{ env.PRODUCT_NAME }} \
+                COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable TAG=$DOCKER_TAG \
+                   docker buildx bake \
+                   -f docker-bake.hcl ${{ matrix.images }} \
+                   --push ;
+             else
+                echo "FAILED: Image with tag $DOCKER_TAG do not presented on docker.hub >> build will not started >> exit with 0"
+                exit 0
+             fi
+        shell: bash
diff --git a/Dockerfile b/Dockerfile
index 69e2e2a..5f1bf17 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM ubuntu:20.04
+FROM ubuntu:20.04 as documentserver
 LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
 
 ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12
@@ -71,9 +71,11 @@ COPY run-document-server.sh /app/ds/run-document-server.sh
 
 EXPOSE 80 443
 
+ARG TARGETARCH
+ARG PRODUCT_EDITION=
 ARG COMPANY_NAME=onlyoffice
 ARG PRODUCT_NAME=documentserver
-ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}_amd64.deb"
+ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_$TARGETARCH.deb"
 
 ENV COMPANY_NAME=$COMPANY_NAME \
     PRODUCT_NAME=$PRODUCT_NAME
diff --git a/docker-bake.hcl b/docker-bake.hcl
new file mode 100644
index 0000000..9e89642
--- /dev/null
+++ b/docker-bake.hcl
@@ -0,0 +1,47 @@
+variable "TAG" {
+    default = ""
+}
+
+variable "COMPANY_NAME" {
+    default = ""
+}
+
+variable "PREFIX_NAME" {
+    default = ""
+}
+
+variable "PRODUCT_EDITION" {
+    default = ""
+}
+
+variable "PRODUCT_NAME" {
+    default = ""
+}
+
+variable "DOCKERFILE" {
+    default = ""
+}
+
+target "documentserver" {
+    target = "documentserver"
+    dockerfile= "${DOCKERFILE}"
+    tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"]
+    platforms = ["linux/amd64", "linux/arm64"]
+    args = {
+        "PRODUCT_EDITION": "${PRODUCT_EDITION}"
+        "PRODUCT_NAME": "${PRODUCT_NAME}"
+        "COMPANY_NAME": "${COMPANY_NAME}"
+    }
+}
+
+target "documentserver-stable" {
+    target = "documentserver-stable"
+    dockerfile= "${DOCKERFILE}"
+    tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"]
+    platforms = ["linux/amd64", "linux/arm64"]
+    args = {
+        "PRODUCT_EDITION": "${PRODUCT_EDITION}"
+        "PRODUCT_NAME": "${PRODUCT_NAME}"
+        "COMPANY_NAME": "${COMPANY_NAME}"
+    }
+}

From 86cbb01bbfbc6d4d49ec34af4628f102e0380535 Mon Sep 17 00:00:00 2001
From: Danil Titarenko <77471369+danilapog@users.noreply.github.com>
Date: Fri, 10 Jun 2022 15:43:50 +0300
Subject: [PATCH 3/8] Add short tags for released images (#446)

* Add short tags for images

* Edit workflow tags
---
 .github/workflows/build-stable.yml | 17 +++++++++++------
 docker-bake.hcl                    | 13 ++++++++++++-
 2 files changed, 23 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/build-stable.yml b/.github/workflows/build-stable.yml
index bb5b1d1..f1bbe5e 100644
--- a/.github/workflows/build-stable.yml
+++ b/.github/workflows/build-stable.yml
@@ -16,8 +16,8 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        edition: ["", "-ee", "-de"]
         images: ["documentserver-stable"]
+        edition: ["", "-ee", "-de"]
     steps:
       - name: Checkout code 
         uses: actions/checkout@v3
@@ -41,18 +41,23 @@ jobs:
 
       - name: Build documentserver-stable
         run: |
-          DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//')
-          IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$DOCKER_TAG > /dev/null ; echo $?)
+          TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//')
+          SHORTER_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+\.[\d]+')
+          SHORTEST_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+')
+          IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG > /dev/null ; echo $?)
              if [[ "$IMAGE_STATUS" = "0" ]]; then
                 echo "Image present on docker.hub >> start build stable version"
-                echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$DOCKER_TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable
+                echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable
                 PRODUCT_EDITION=${{ matrix.edition }} PRODUCT_NAME=${{ env.PRODUCT_NAME }} \
-                COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable TAG=$DOCKER_TAG \
+                COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable \
+                   TAG=$TAG \
+                   SHORTER_TAG=$SHORTER_TAG \
+                   SHORTEST_TAG=$SHORTEST_TAG \
                    docker buildx bake \
                    -f docker-bake.hcl ${{ matrix.images }} \
                    --push ;
              else
-                echo "FAILED: Image with tag $DOCKER_TAG do not presented on docker.hub >> build will not started >> exit with 0"
+                echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 0"
                 exit 0
              fi
         shell: bash
diff --git a/docker-bake.hcl b/docker-bake.hcl
index 9e89642..04ed4a0 100644
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -2,6 +2,14 @@ variable "TAG" {
     default = ""
 }
 
+variable "SHORTER_TAG" {
+    default = ""
+}
+
+variable "SHORTEST_TAG" {
+    default = ""
+}
+
 variable "COMPANY_NAME" {
     default = ""
 }
@@ -37,7 +45,10 @@ target "documentserver" {
 target "documentserver-stable" {
     target = "documentserver-stable"
     dockerfile= "${DOCKERFILE}"
-    tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"]
+    tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
+            "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}",
+            "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}",
+            "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"]
     platforms = ["linux/amd64", "linux/arm64"]
     args = {
         "PRODUCT_EDITION": "${PRODUCT_EDITION}"

From 9494e08e8f4b3a1808cf528265e997d9b9d7bae1 Mon Sep 17 00:00:00 2001
From: Danil Titarenko <77471369+danilapog@users.noreply.github.com>
Date: Wed, 15 Jun 2022 10:30:18 +0300
Subject: [PATCH 4/8] Fix for redis correct work (#449)

* Fix for redis correct work

* Refactoring code

* Refactoring code

* Refactoring code

* Refactor: refactoring code
---
 Dockerfile             | 3 ++-
 run-document-server.sh | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 5f1bf17..708b4a6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -78,7 +78,8 @@ ARG PRODUCT_NAME=documentserver
 ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_$TARGETARCH.deb"
 
 ENV COMPANY_NAME=$COMPANY_NAME \
-    PRODUCT_NAME=$PRODUCT_NAME
+    PRODUCT_NAME=$PRODUCT_NAME \
+    PRODUCT_EDITION=$PRODUCT_EDITION
 
 RUN wget -q -P /tmp "$PACKAGE_URL" && \
     apt-get -y update && \
diff --git a/run-document-server.sh b/run-document-server.sh
index 8011b54..c9747f8 100755
--- a/run-document-server.sh
+++ b/run-document-server.sh
@@ -83,7 +83,7 @@ WOPI_ENABLED=${WOPI_ENABLED:-false}
 
 GENERATE_FONTS=${GENERATE_FONTS:-true}
 
-if [[ ${PRODUCT_NAME} == "documentserver" ]]; then
+if [[ ${PRODUCT_NAME}${PRODUCT_EDITION} == "documentserver" ]]; then
   REDIS_ENABLED=false
 else
   REDIS_ENABLED=true

From c4ddb9971045784c880b1963a46ab1816daebe79 Mon Sep 17 00:00:00 2001
From: Danil Titarenko <77471369+danilapog@users.noreply.github.com>
Date: Tue, 5 Jul 2022 14:41:20 +0300
Subject: [PATCH 5/8] Update base image version (#447)

---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 708b4a6..7405b2b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,7 @@
-FROM ubuntu:20.04 as documentserver
+FROM ubuntu:22.04 as documentserver
 LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
 
-ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12
+ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=14
 
 ARG ONLYOFFICE_VALUE=onlyoffice
 

From c7a1fd04a436bc563b63d961b09dc30e9e8db8fc Mon Sep 17 00:00:00 2001
From: Evgeniy Antonyuk <antonyuk.evgenyiy@onlyoffice.com>
Date: Tue, 5 Jul 2022 14:56:42 +0300
Subject: [PATCH 6/8] fix Bug 50138 / Fix SSL key access error (#455)

* Fix SSL key access error

* Change name of directory
---
 run-document-server.sh | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/run-document-server.sh b/run-document-server.sh
index c9747f8..aca2d89 100755
--- a/run-document-server.sh
+++ b/run-document-server.sh
@@ -37,7 +37,12 @@ if [ "${RELEASE_DATE}" != "${PREV_RELEASE_DATE}" ]; then
   fi
 fi
 
-SSL_CERTIFICATES_DIR="${DATA_DIR}/certs"
+SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds"
+mkdir -p ${SSL_CERTIFICATES_DIR}
+cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR}
+chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem
+chmod 400 ${SSL_CERTIFICATES_DIR}/*.key
+
 if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then
   SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt
 else
@@ -505,7 +510,7 @@ for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${
 done
 
 # change folder rights
-for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do
+for i in ${LOG_DIR} ${LIB_DIR}; do
   chown -R ds:ds "$i"
   chmod -R 755 "$i"
 done

From 29e4ec3027128fc45530639b868d1a05786c51b1 Mon Sep 17 00:00:00 2001
From: Danil Titarenko <77471369+danilapog@users.noreply.github.com>
Date: Mon, 11 Jul 2022 13:27:43 +0300
Subject: [PATCH 7/8] Refactoring workflow (#448)

---
 ...{build-4testing.yml => 4testing-build.yml} | 45 ++++++++++---------
 .../{build-stable.yml => stable-build.yml}    | 12 +++--
 2 files changed, 33 insertions(+), 24 deletions(-)
 rename .github/workflows/{build-4testing.yml => 4testing-build.yml} (53%)
 rename .github/workflows/{build-stable.yml => stable-build.yml} (88%)

diff --git a/.github/workflows/build-4testing.yml b/.github/workflows/4testing-build.yml
similarity index 53%
rename from .github/workflows/build-4testing.yml
rename to .github/workflows/4testing-build.yml
index 215fe8d..0716979 100644
--- a/.github/workflows/build-4testing.yml
+++ b/.github/workflows/4testing-build.yml
@@ -1,5 +1,5 @@
 ### This workflow setup instance then build and push images ###
-name: Multi-arch build 4testing
+name: 4testing multiarch-build
 
 on:
   push:
@@ -15,10 +15,12 @@ jobs:
   build:
     name: Build 
     runs-on: ubuntu-latest
+    continue-on-error: ${{ matrix.condition }}
     strategy:
       matrix:
-        edition: ["", "-ee", "-de"]
         images: ["documentserver"]
+        edition: ["", "-ee", "-de"]
+        condition: [true]
     steps:
       - name: Checkout code 
         uses: actions/checkout@v3
@@ -40,7 +42,7 @@ jobs:
         run: |
           echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/}
 
-      - name: Build documentserver-4testing
+      - name: Build 4testing
         run: |
           DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' )
           PACKAGE_VERSION=$(echo $DOCKER_TAG | sed  's/\./-/3')
@@ -48,23 +50,26 @@ jobs:
           STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL")
           if [[ "$STATUS" = "200" ]]; then
              echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access"
-             PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb
-             STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") 
-                 if [[ "$STATUS" = "200" ]]; then
-                 echo "Have access to documentserver${{ matrix.edition }} arm64 arch"
-                 echo "All architecture are available >> Build is starting."
-                 sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile
-                 PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \
-                    PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \
-                    PREFIX_NAME=4testing- TAG=$DOCKER_TAG \
-                    docker buildx bake \
-                    -f docker-bake.hcl ${{ matrix.images }} \
-                    --push
-                 echo "DONE: Build success >> exit with 0"
-                 exit 0  
-          else
-             echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }}  >> Build did't started >> Exit with 0."
-             exit 0
+          else 
+             echo "FAILED: Have no access to documentserver${{ matrix.edition }} amd64 arch"
+             exit 1
           fi
+          PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb
+          STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") 
+          if [[ "$STATUS" = "200" ]]; then
+             echo "Have access to documentserver${{ matrix.edition }} arm64 arch"
+             echo "All architecture are available >> build is starting."
+             sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile
+             PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \
+                PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \
+                PREFIX_NAME=4testing- TAG=$DOCKER_TAG \
+                docker buildx bake \
+                -f docker-bake.hcl ${{ matrix.images }} \
+                --push
+             echo "DONE: Build success >> exit with 0"
+             exit 0  
+          else
+             echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Exit with 0."
+             exit 1
           fi
         shell: bash
diff --git a/.github/workflows/build-stable.yml b/.github/workflows/stable-build.yml
similarity index 88%
rename from .github/workflows/build-stable.yml
rename to .github/workflows/stable-build.yml
index f1bbe5e..7fd434a 100644
--- a/.github/workflows/build-stable.yml
+++ b/.github/workflows/stable-build.yml
@@ -14,10 +14,12 @@ jobs:
   build:
     name: Build 
     runs-on: ubuntu-latest
+    continue-on-error: ${{ matrix.condition }}
     strategy:
       matrix:
         images: ["documentserver-stable"]
         edition: ["", "-ee", "-de"]
+        condition: [true]
     steps:
       - name: Checkout code 
         uses: actions/checkout@v3
@@ -39,7 +41,7 @@ jobs:
         run: |
           echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/}
 
-      - name: Build documentserver-stable
+      - name: Build documentserver-release
         run: |
           TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//')
           SHORTER_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+\.[\d]+')
@@ -55,9 +57,11 @@ jobs:
                    SHORTEST_TAG=$SHORTEST_TAG \
                    docker buildx bake \
                    -f docker-bake.hcl ${{ matrix.images }} \
-                   --push ;
-             else
-                echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 0"
+                   --push 
+                echo "DONE: Build success >> exit with 0"
                 exit 0
+             else
+                echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 1"
+                exit 1
              fi
         shell: bash

From c16635ea71e3df248fd58efd2182aa8eb5769bae Mon Sep 17 00:00:00 2001
From: Danil Titarenko <77471369+danilapog@users.noreply.github.com>
Date: Tue, 12 Jul 2022 12:37:48 +0300
Subject: [PATCH 8/8] Fix supervisor socket messages (#459)

---
 run-document-server.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/run-document-server.sh b/run-document-server.sh
index aca2d89..2b2e386 100755
--- a/run-document-server.sh
+++ b/run-document-server.sh
@@ -474,7 +474,7 @@ update_nginx_settings(){
     sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF}
   fi
 
-  documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)}
+  documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} -r false
 }
 
 update_supervisor_settings(){