diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 0716979..306b6e1 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -29,6 +29,7 @@ jobs: uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx + id: buildx uses: docker/setup-buildx-action@v2 - name: Login to Docker Hub @@ -38,38 +39,55 @@ jobs: password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Get Tag Name - id: tag_name run: | - echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} + echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - name: Build 4testing run: | - DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' ) - PACKAGE_VERSION=$(echo $DOCKER_TAG | sed 's/\./-/3') - PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_amd64.deb - STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") - if [[ "$STATUS" = "200" ]]; then - echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access" - else - echo "FAILED: Have no access to documentserver${{ matrix.edition }} amd64 arch" - exit 1 - fi - PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb - STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") - if [[ "$STATUS" = "200" ]]; then - echo "Have access to documentserver${{ matrix.edition }} arm64 arch" - echo "All architecture are available >> build is starting." - sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile - PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \ - PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \ - PREFIX_NAME=4testing- TAG=$DOCKER_TAG \ - docker buildx bake \ - -f docker-bake.hcl ${{ matrix.images }} \ - --push - echo "DONE: Build success >> exit with 0" - exit 0 - else - echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Exit with 0." - exit 1 + ### ==>> At this step build variable declaration ### + DOCKER_TAG=$( echo ${{ env.RELEASE_VERSION }} | sed 's/^.//' ) + PACKAGE_VERSION=$( echo $DOCKER_TAG | sed -E 's/(.*)\./\1-/' ) + NODE_PLATFORMS=$( echo ${{ steps.buildx.outputs.platforms }} | sed 's/linux\///g' | sed 's/,/ /g' ) + echo "Start check avalivable build platforms >>" + + ### ==>> In this loop we will check all avalivable documentserver architectures. After that all accessed arch will be added to build-platforms list. ### + for ARCH in ${NODE_PLATFORMS}; do + REPO_URL=${{ secrets.REPO_URL }} + if [[ ${{ env.RELEASE_VERSION }} == v99.* ]]; then + REPO_URL=${{ secrets.UNSTABLE_REPO_URL }} + fi + PACKAGE_URL_CHECK=${REPO_URL}${{ matrix.edition }}_"$PACKAGE_VERSION"_${ARCH}.deb + STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "${PACKAGE_URL_CHECK}") + if [[ "$STATUS" = "200" ]]; then + echo "✔ ${ARCH} is avalivable >> set like one of build platforms" + PLATFORMS+=(linux/${ARCH},) + BUILD_PLATFORMS=$( echo ${PLATFORMS[@]} | sed 's/ //g' | sed 's/\(.*\),/\1/' ) + else + echo "${ARCH} in not avalivable" + fi + done + PACKAGE_URL_BUILD=$( echo ${PACKAGE_URL_CHECK} | sed -e "s/${PACKAGE_VERSION}_.*.deb/${PACKAGE_VERSION}_TARGETARCH.deb/g" ) + + ### ==>> At this step if there is no access to any platform and platform list is empty, build will exit with 1. ### + if [[ -z ${BUILD_PLATFORMS} ]]; then + echo "Have no access to any platform >> exit with 1" + exit 1 fi + echo "DONE: Check passed >> Build for platforms: ${BUILD_PLATFORMS}" + echo "Build is starting ... >>" + + ### ==>> Build and push images at this step ### + PRODUCT_EDITION=${{ matrix.edition }} \ + PACKAGE_URL=$PACKAGE_URL_BUILD \ + PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ + DOCKERFILE=Dockerfile \ + PREFIX_NAME=4testing- \ + TAG=$DOCKER_TAG \ + PLATFORM=$BUILD_PLATFORMS \ + COMPANY_NAME=${{ env.COMPANY_NAME }} \ + docker buildx bake \ + -f docker-bake.hcl ${{ matrix.images }} \ + --push + echo "DONE: Build success >> exit with 0" + exit 0 shell: bash diff --git a/Dockerfile b/Dockerfile index 7405b2b..dc73ab6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -81,7 +81,8 @@ ENV COMPANY_NAME=$COMPANY_NAME \ PRODUCT_NAME=$PRODUCT_NAME \ PRODUCT_EDITION=$PRODUCT_EDITION -RUN wget -q -P /tmp "$PACKAGE_URL" && \ +RUN PACKAGE_URL=$( echo ${PACKAGE_URL} | sed "s/TARGETARCH/"${TARGETARCH}"/g") && \ + wget -q -P /tmp "$PACKAGE_URL" && \ apt-get -y update && \ service postgresql start && \ apt-get -yq install /tmp/$(basename "$PACKAGE_URL") && \ diff --git a/README.md b/README.md index a7bc84d..5020dfd 100644 --- a/README.md +++ b/README.md @@ -185,6 +185,7 @@ Below is the complete list of parameters that can be set using environment varia - **AMQP_TYPE**: The message broker type. Supported values are `rabbitmq` or `activemq`. Defaults to `rabbitmq`. - **REDIS_SERVER_HOST**: The IP address or the name of the host where the Redis server is running. - **REDIS_SERVER_PORT**: The Redis server port number. +- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default. - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes. - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process. - **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`. diff --git a/docker-bake.hcl b/docker-bake.hcl index 04ed4a0..b03711e 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -30,15 +30,25 @@ variable "DOCKERFILE" { default = "" } +variable "PLATFORM" { + default = "" +} + +variable "PACKAGE_URL" { + default = "" +} + target "documentserver" { target = "documentserver" dockerfile= "${DOCKERFILE}" tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"] - platforms = ["linux/amd64", "linux/arm64"] + platforms = ["${PLATFORM}"] args = { "PRODUCT_EDITION": "${PRODUCT_EDITION}" "PRODUCT_NAME": "${PRODUCT_NAME}" "COMPANY_NAME": "${COMPANY_NAME}" + "PACKAGE_URL": "${PACKAGE_URL}" + "PLATFORM": "${PLATFORM}" } } diff --git a/run-document-server.sh b/run-document-server.sh index 2b2e386..cfba7a0 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -39,9 +39,11 @@ fi SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds" mkdir -p ${SSL_CERTIFICATES_DIR} -cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR} -chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem -chmod 400 ${SSL_CERTIFICATES_DIR}/*.key +if [[ -d ${DATA_DIR}/certs ]] && [ -e ${DATA_DIR}/certs/*.crt ]; then + cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR} + chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem + chmod 400 ${SSL_CERTIFICATES_DIR}/*.key +fi if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt @@ -300,6 +302,11 @@ update_redis_settings(){ ${JSON} -I -e "if(this.services.CoAuthoring.redis===undefined)this.services.CoAuthoring.redis={};" ${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'" ${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'" + + if [ -n "${REDIS_SERVER_PASS}" ]; then + ${JSON} -I -e "this.services.CoAuthoring.redis.options = {'password':'${REDIS_SERVER_PASS}'}" + fi + } update_ds_settings(){