From 1957d38907f8aba9da7a9ddf4213c3213d8e4f02 Mon Sep 17 00:00:00 2001
From: Pavel Lobashov <ShockwaveNN@gmail.com>
Date: Mon, 31 Oct 2022 16:38:53 +0200
Subject: [PATCH 1/4] Actualize state of JWT variables (#535)

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 4c384e3..39e3a71 100644
--- a/README.md
+++ b/README.md
@@ -191,8 +191,8 @@ Below is the complete list of parameters that can be set using environment varia
 - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
 - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
 - **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
-- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`.
-- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`.
+- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `true`.
+- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to random value.
 - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
 - **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`.
 - **WOPI_ENABLED**: Specifies the enabling the wopi handlers. Defaults to `false`.

From 730dd71ac572d523bd93e1ef423f15fa907f5206 Mon Sep 17 00:00:00 2001
From: Danil Titarenko <77471369+danilapog@users.noreply.github.com>
Date: Mon, 31 Oct 2022 11:53:24 +0300
Subject: [PATCH 2/4] Add ucs build on older image version (#531)

(cherry picked from commit 92dd2833d1479ebe25afe3da85a78d308e6e06ff)
---
 .github/workflows/stable-build.yml | 36 ++++++++++++++++++++++++++++++
 docker-bake.hcl                    | 30 +++++++++++++++++++++++++
 2 files changed, 66 insertions(+)

diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml
index a15f551..d8278f2 100644
--- a/.github/workflows/stable-build.yml
+++ b/.github/workflows/stable-build.yml
@@ -92,3 +92,39 @@ jobs:
           export TAG=${{ github.event.inputs.tag }}
           docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
         shell: bash
+
+  build-ucs-ubuntu20:
+    name: "Release image: DocumentServer${{ matrix.edition }}-ucs"
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        edition: ["", "-ee"]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: build UCS
+        run: |
+           set -eux
+           export PRODUCT_EDITION=${{ matrix.edition }}
+           export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/testing/ubuntu
+           export DOCKERFILE=Dockerfile
+           export BASE_IMAGE=ubuntu:20.04
+           export PG_VERSION=12
+           export TAG=${{ github.event.inputs.tag }}
+           export PACKAGE_VERSION=$( echo ${TAG} |  sed -E 's/(.*)\./\1-/')
+           docker buildx bake -f docker-bake.hcl documentserver-ucs --push
+        shell: bash
diff --git a/docker-bake.hcl b/docker-bake.hcl
index ee9175e..529a8fd 100644
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -50,6 +50,18 @@ variable "RELEASE_BRANCH" {
     default = ""
 }
 
+### ↓ Variables for UCS build ↓
+
+variable "BASE_IMAGE" {
+    default     = ""
+}
+
+variable "PG_VERSION" {
+    default     = ""
+}
+
+### ↑ Variables for UCS build ↑
+
 target "documentserver" {
     target = "documentserver"
     dockerfile = "${DOCKERFILE}"
@@ -85,6 +97,24 @@ target "documentserver-stable" {
     }
 }
 
+target "documentserver-ucs" {
+    target = "documentserver"
+    dockerfile = "${DOCKERFILE}"
+    tags = [
+           "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PRODUCT_EDITION}-ucs:${TAG}"
+           ]
+    platforms = ["linux/amd64", "linux/arm64"]
+    args = {
+        "PRODUCT_EDITION": "${PRODUCT_EDITION}"
+        "PRODUCT_NAME": "${PRODUCT_NAME}"
+        "COMPANY_NAME": "${COMPANY_NAME}"
+        "PACKAGE_VERSION": "${PACKAGE_VERSION}"
+        "PACKAGE_BASEURL": "${PACKAGE_BASEURL}"
+        "BASE_IMAGE": "${BASE_IMAGE}"
+        "PG_VERSION": "${PG_VERSION}"
+    }
+}
+
 target "documentserver-nonexample" {
     target = "documentserver-nonexample"
     dockerfile = "production.dockerfile"

From c7090252ff6470a57fd0ed4881bd70ff3df0b4f9 Mon Sep 17 00:00:00 2001
From: Danil Titarenko <77471369+danilapog@users.noreply.github.com>
Date: Mon, 31 Oct 2022 15:24:17 +0300
Subject: [PATCH 3/4] Add base image and postgresql version build arguments
 (#524)

(cherry picked from commit e1d7cfd5e86bf143d25b019fd72ec2849df15a03)
---
 Dockerfile | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 7aa158a..5ebd56d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,11 @@
-FROM ubuntu:22.04 as documentserver
+ARG BASE_IMAGE=ubuntu:22.04
+
+FROM ${BASE_IMAGE} as documentserver
 LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
 
-ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=14
+ARG PG_VERSION=14
+
+ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=${PG_VERSION}
 
 ARG ONLYOFFICE_VALUE=onlyoffice
 

From 7fa2f598a19a56d06b234c46f94748a81b7e4313 Mon Sep 17 00:00:00 2001
From: Danil Titarenko <77471369+danilapog@users.noreply.github.com>
Date: Tue, 20 Dec 2022 14:54:23 +0300
Subject: [PATCH 4/4] Fix ucs build (#537)

* Fix ucs build

* Change rabbitmq version on lower

* Remove rabbimq version argument

* Rename variable
---
 Dockerfile | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 55e4b6e..eeab60d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,13 +11,14 @@ ARG ONLYOFFICE_VALUE=onlyoffice
 
 RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
     apt-get -y update && \
-    apt-get -yq install wget apt-transport-https gnupg locales && \
+    apt-get -yq install wget apt-transport-https gnupg locales lsb-release && \
     mkdir -p $HOME/.gnupg && \
     gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/onlyoffice.gpg --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
     chmod 644 /etc/apt/trusted.gpg.d/onlyoffice.gpg && \
     locale-gen en_US.UTF-8 && \
     echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \
     wget -O - https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.deb.sh | bash && \
+    if [ $(lsb_release -cs) = focal ]; then RABBITMQ_VERSION=3.8.11-1; else RABBITMQ_VERSION=3.10 ; fi && \
     apt-get -yq install \
         adduser \
         apt-utils \
@@ -46,7 +47,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
         postgresql \
         postgresql-client \
         pwgen \
-        rabbitmq-server=3.10* \
+        rabbitmq-server=${RABBITMQ_VERSION}* \
         redis-server \
         software-properties-common \
         sudo \