From 143e77fdfcc3b6e462ca62b19fb8edfb81c37b49 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Mon, 18 Jul 2022 17:11:06 +0300 Subject: [PATCH 1/4] Fix Big #57286 / Add redis password config settings (#466) * Add redis password settings * Add variable description * Change variable descriptions * Change variable descriptions * Change variable descriptions --- README.md | 1 + run-document-server.sh | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/README.md b/README.md index a7bc84d..5020dfd 100644 --- a/README.md +++ b/README.md @@ -185,6 +185,7 @@ Below is the complete list of parameters that can be set using environment varia - **AMQP_TYPE**: The message broker type. Supported values are `rabbitmq` or `activemq`. Defaults to `rabbitmq`. - **REDIS_SERVER_HOST**: The IP address or the name of the host where the Redis server is running. - **REDIS_SERVER_PORT**: The Redis server port number. +- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default. - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes. - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process. - **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`. diff --git a/run-document-server.sh b/run-document-server.sh index 2b2e386..0ae0764 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -300,6 +300,11 @@ update_redis_settings(){ ${JSON} -I -e "if(this.services.CoAuthoring.redis===undefined)this.services.CoAuthoring.redis={};" ${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'" ${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'" + + if [ -n "${REDIS_SERVER_PASS}" ]; then + ${JSON} -I -e "this.services.CoAuthoring.redis.options = {'password':'${REDIS_SERVER_PASS}'}" + fi + } update_ds_settings(){ From 06a05223b5faea3491298aef5716b7c88d22791f Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 19 Jul 2022 15:51:46 +0300 Subject: [PATCH 2/4] Fix bug #58032 / Fix moves certificates alarm messages (#461) * Add some checks before replace certificates * Change if check key * Refactoring code * Refactoring code * Add checking exist files * Refactor: refactoring code * Remove check files conditions --- run-document-server.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index 0ae0764..cfba7a0 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -39,9 +39,11 @@ fi SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds" mkdir -p ${SSL_CERTIFICATES_DIR} -cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR} -chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem -chmod 400 ${SSL_CERTIFICATES_DIR}/*.key +if [[ -d ${DATA_DIR}/certs ]] && [ -e ${DATA_DIR}/certs/*.crt ]; then + cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR} + chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem + chmod 400 ${SSL_CERTIFICATES_DIR}/*.key +fi if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt From 2213fc70f5ab693e0f6b0292d22900799440ef68 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Thu, 21 Jul 2022 18:44:06 +0300 Subject: [PATCH 3/4] Add another tags processing (#464) * Add support for processing other tags * Print build-info before build start * Cosmetic changes * Add architecture and URL processing * Refactoring action code * Refactoring code * Refactoring code * Cosmetic changes * Remove some check package version * Refactoring code * Redefining url variable for dockerfile * Cosmetic changes * Changes platform conditions check * Set to use default TARGETARCH in build --- .github/workflows/4testing-build.yml | 76 +++++++++++++++++----------- Dockerfile | 3 +- docker-bake.hcl | 12 ++++- 3 files changed, 60 insertions(+), 31 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 0716979..306b6e1 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -29,6 +29,7 @@ jobs: uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx + id: buildx uses: docker/setup-buildx-action@v2 - name: Login to Docker Hub @@ -38,38 +39,55 @@ jobs: password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Get Tag Name - id: tag_name run: | - echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} + echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - name: Build 4testing run: | - DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' ) - PACKAGE_VERSION=$(echo $DOCKER_TAG | sed 's/\./-/3') - PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_amd64.deb - STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") - if [[ "$STATUS" = "200" ]]; then - echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access" - else - echo "FAILED: Have no access to documentserver${{ matrix.edition }} amd64 arch" - exit 1 - fi - PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb - STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") - if [[ "$STATUS" = "200" ]]; then - echo "Have access to documentserver${{ matrix.edition }} arm64 arch" - echo "All architecture are available >> build is starting." - sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile - PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \ - PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \ - PREFIX_NAME=4testing- TAG=$DOCKER_TAG \ - docker buildx bake \ - -f docker-bake.hcl ${{ matrix.images }} \ - --push - echo "DONE: Build success >> exit with 0" - exit 0 - else - echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Exit with 0." - exit 1 + ### ==>> At this step build variable declaration ### + DOCKER_TAG=$( echo ${{ env.RELEASE_VERSION }} | sed 's/^.//' ) + PACKAGE_VERSION=$( echo $DOCKER_TAG | sed -E 's/(.*)\./\1-/' ) + NODE_PLATFORMS=$( echo ${{ steps.buildx.outputs.platforms }} | sed 's/linux\///g' | sed 's/,/ /g' ) + echo "Start check avalivable build platforms >>" + + ### ==>> In this loop we will check all avalivable documentserver architectures. After that all accessed arch will be added to build-platforms list. ### + for ARCH in ${NODE_PLATFORMS}; do + REPO_URL=${{ secrets.REPO_URL }} + if [[ ${{ env.RELEASE_VERSION }} == v99.* ]]; then + REPO_URL=${{ secrets.UNSTABLE_REPO_URL }} + fi + PACKAGE_URL_CHECK=${REPO_URL}${{ matrix.edition }}_"$PACKAGE_VERSION"_${ARCH}.deb + STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "${PACKAGE_URL_CHECK}") + if [[ "$STATUS" = "200" ]]; then + echo "✔ ${ARCH} is avalivable >> set like one of build platforms" + PLATFORMS+=(linux/${ARCH},) + BUILD_PLATFORMS=$( echo ${PLATFORMS[@]} | sed 's/ //g' | sed 's/\(.*\),/\1/' ) + else + echo "${ARCH} in not avalivable" + fi + done + PACKAGE_URL_BUILD=$( echo ${PACKAGE_URL_CHECK} | sed -e "s/${PACKAGE_VERSION}_.*.deb/${PACKAGE_VERSION}_TARGETARCH.deb/g" ) + + ### ==>> At this step if there is no access to any platform and platform list is empty, build will exit with 1. ### + if [[ -z ${BUILD_PLATFORMS} ]]; then + echo "Have no access to any platform >> exit with 1" + exit 1 fi + echo "DONE: Check passed >> Build for platforms: ${BUILD_PLATFORMS}" + echo "Build is starting ... >>" + + ### ==>> Build and push images at this step ### + PRODUCT_EDITION=${{ matrix.edition }} \ + PACKAGE_URL=$PACKAGE_URL_BUILD \ + PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ + DOCKERFILE=Dockerfile \ + PREFIX_NAME=4testing- \ + TAG=$DOCKER_TAG \ + PLATFORM=$BUILD_PLATFORMS \ + COMPANY_NAME=${{ env.COMPANY_NAME }} \ + docker buildx bake \ + -f docker-bake.hcl ${{ matrix.images }} \ + --push + echo "DONE: Build success >> exit with 0" + exit 0 shell: bash diff --git a/Dockerfile b/Dockerfile index 7405b2b..dc73ab6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -81,7 +81,8 @@ ENV COMPANY_NAME=$COMPANY_NAME \ PRODUCT_NAME=$PRODUCT_NAME \ PRODUCT_EDITION=$PRODUCT_EDITION -RUN wget -q -P /tmp "$PACKAGE_URL" && \ +RUN PACKAGE_URL=$( echo ${PACKAGE_URL} | sed "s/TARGETARCH/"${TARGETARCH}"/g") && \ + wget -q -P /tmp "$PACKAGE_URL" && \ apt-get -y update && \ service postgresql start && \ apt-get -yq install /tmp/$(basename "$PACKAGE_URL") && \ diff --git a/docker-bake.hcl b/docker-bake.hcl index 04ed4a0..6932d4b 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -30,15 +30,25 @@ variable "DOCKERFILE" { default = "" } +variable "PLATFORM" { + default = "" +} + +variable "PACKAGE_URL" { + default = "" +} + target "documentserver" { target = "documentserver" dockerfile= "${DOCKERFILE}" tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"] - platforms = ["linux/amd64", "linux/arm64"] + platforms = ["${PLATFORM}"] args = { "PRODUCT_EDITION": "${PRODUCT_EDITION}" "PRODUCT_NAME": "${PRODUCT_NAME}" "COMPANY_NAME": "${COMPANY_NAME}" + "PACKAGE_URL": "{PACKAGE_URL}" + "PLATFORM": "${PLATFORM}" } } From 05c50429856343439a277a9218bbc2c421334ab6 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Fri, 22 Jul 2022 09:44:59 +0300 Subject: [PATCH 4/4] Add the missing variable (#467) --- docker-bake.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-bake.hcl b/docker-bake.hcl index 6932d4b..b03711e 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -47,7 +47,7 @@ target "documentserver" { "PRODUCT_EDITION": "${PRODUCT_EDITION}" "PRODUCT_NAME": "${PRODUCT_NAME}" "COMPANY_NAME": "${COMPANY_NAME}" - "PACKAGE_URL": "{PACKAGE_URL}" + "PACKAGE_URL": "${PACKAGE_URL}" "PLATFORM": "${PLATFORM}" } }