From 01606746c146b298a39f7f57ced85c23bea834a7 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Tue, 7 Jun 2022 16:16:05 +0300 Subject: [PATCH 01/25] Fix Bug 53170 / Add the ability to set secure_link_secret (#444) * Add securelink generation * Add ability to configure securelink_secret * Add a description of SECURE_LINK_SECRET * Update README.md --- README.md | 1 + run-document-server.sh | 2 ++ 2 files changed, 3 insertions(+) diff --git a/README.md b/README.md index 18fb96e..a7bc84d 100644 --- a/README.md +++ b/README.md @@ -187,6 +187,7 @@ Below is the complete list of parameters that can be set using environment varia - **REDIS_SERVER_PORT**: The Redis server port number. - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes. - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process. +- **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`. - **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`. - **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`. - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`. diff --git a/run-document-server.sh b/run-document-server.sh index c8dcf39..8011b54 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -468,6 +468,8 @@ update_nginx_settings(){ if [ -f "${NGINX_ONLYOFFICE_EXAMPLE_CONF}" ]; then sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF} fi + + documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} } update_supervisor_settings(){ From a6562f4017a8e199904493e7010554f2b93dd38c Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Thu, 9 Jun 2022 13:27:39 +0300 Subject: [PATCH 02/25] Add multiarch build with action (#445) * Update run-document-server.sh (#439) * Revert "Update run-document-server.sh (#439)" This reverts commit 5c17c711b1a14e39a2836bec0fee49044433c3a5. * Add bake config * Add targets for multiarch build * Add multiarch workflows * Cosmetic changes * Refactoring * Cosmetic changes * Cosmetic changes * Change URL for test repo * Refactor: refactoring code * Refactoring sed * Remove -ie build * Add special tag for package * Cosmetic changes Co-authored-by: papacarlo Co-authored-by: Roger Shieh Co-authored-by: Alexey Golubev --- .github/workflows/build-4testing.yml | 70 ++++++++++++++++++++++++++++ .github/workflows/build-stable.yml | 58 +++++++++++++++++++++++ Dockerfile | 6 ++- docker-bake.hcl | 47 +++++++++++++++++++ 4 files changed, 179 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/build-4testing.yml create mode 100644 .github/workflows/build-stable.yml create mode 100644 docker-bake.hcl diff --git a/.github/workflows/build-4testing.yml b/.github/workflows/build-4testing.yml new file mode 100644 index 0000000..215fe8d --- /dev/null +++ b/.github/workflows/build-4testing.yml @@ -0,0 +1,70 @@ +### This workflow setup instance then build and push images ### +name: Multi-arch build 4testing + +on: + push: + tags: + - "v*" + - "!v*-stable" + +env: + COMPANY_NAME: "onlyoffice" + PRODUCT_NAME: "documentserver" + +jobs: + build: + name: Build + runs-on: ubuntu-latest + strategy: + matrix: + edition: ["", "-ee", "-de"] + images: ["documentserver"] + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: Get Tag Name + id: tag_name + run: | + echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} + + - name: Build documentserver-4testing + run: | + DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' ) + PACKAGE_VERSION=$(echo $DOCKER_TAG | sed 's/\./-/3') + PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_amd64.deb + STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") + if [[ "$STATUS" = "200" ]]; then + echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access" + PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb + STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") + if [[ "$STATUS" = "200" ]]; then + echo "Have access to documentserver${{ matrix.edition }} arm64 arch" + echo "All architecture are available >> Build is starting." + sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile + PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \ + PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \ + PREFIX_NAME=4testing- TAG=$DOCKER_TAG \ + docker buildx bake \ + -f docker-bake.hcl ${{ matrix.images }} \ + --push + echo "DONE: Build success >> exit with 0" + exit 0 + else + echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Build did't started >> Exit with 0." + exit 0 + fi + fi + shell: bash diff --git a/.github/workflows/build-stable.yml b/.github/workflows/build-stable.yml new file mode 100644 index 0000000..bb5b1d1 --- /dev/null +++ b/.github/workflows/build-stable.yml @@ -0,0 +1,58 @@ +### This workflow setup instance then build and push images ### +name: Multi-arch build stable + +on: + push: + tags: + - "v*-stable" + +env: + COMPANY_NAME: "onlyoffice" + PRODUCT_NAME: "documentserver" + +jobs: + build: + name: Build + runs-on: ubuntu-latest + strategy: + matrix: + edition: ["", "-ee", "-de"] + images: ["documentserver-stable"] + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: Get Tag Name + id: tag_name + run: | + echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} + + - name: Build documentserver-stable + run: | + DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') + IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$DOCKER_TAG > /dev/null ; echo $?) + if [[ "$IMAGE_STATUS" = "0" ]]; then + echo "Image present on docker.hub >> start build stable version" + echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$DOCKER_TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable + PRODUCT_EDITION=${{ matrix.edition }} PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ + COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable TAG=$DOCKER_TAG \ + docker buildx bake \ + -f docker-bake.hcl ${{ matrix.images }} \ + --push ; + else + echo "FAILED: Image with tag $DOCKER_TAG do not presented on docker.hub >> build will not started >> exit with 0" + exit 0 + fi + shell: bash diff --git a/Dockerfile b/Dockerfile index 69e2e2a..5f1bf17 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:20.04 +FROM ubuntu:20.04 as documentserver LABEL maintainer Ascensio System SIA ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12 @@ -71,9 +71,11 @@ COPY run-document-server.sh /app/ds/run-document-server.sh EXPOSE 80 443 +ARG TARGETARCH +ARG PRODUCT_EDITION= ARG COMPANY_NAME=onlyoffice ARG PRODUCT_NAME=documentserver -ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}_amd64.deb" +ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_$TARGETARCH.deb" ENV COMPANY_NAME=$COMPANY_NAME \ PRODUCT_NAME=$PRODUCT_NAME diff --git a/docker-bake.hcl b/docker-bake.hcl new file mode 100644 index 0000000..9e89642 --- /dev/null +++ b/docker-bake.hcl @@ -0,0 +1,47 @@ +variable "TAG" { + default = "" +} + +variable "COMPANY_NAME" { + default = "" +} + +variable "PREFIX_NAME" { + default = "" +} + +variable "PRODUCT_EDITION" { + default = "" +} + +variable "PRODUCT_NAME" { + default = "" +} + +variable "DOCKERFILE" { + default = "" +} + +target "documentserver" { + target = "documentserver" + dockerfile= "${DOCKERFILE}" + tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"] + platforms = ["linux/amd64", "linux/arm64"] + args = { + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "COMPANY_NAME": "${COMPANY_NAME}" + } +} + +target "documentserver-stable" { + target = "documentserver-stable" + dockerfile= "${DOCKERFILE}" + tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"] + platforms = ["linux/amd64", "linux/arm64"] + args = { + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "COMPANY_NAME": "${COMPANY_NAME}" + } +} From 86cbb01bbfbc6d4d49ec34af4628f102e0380535 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Fri, 10 Jun 2022 15:43:50 +0300 Subject: [PATCH 03/25] Add short tags for released images (#446) * Add short tags for images * Edit workflow tags --- .github/workflows/build-stable.yml | 17 +++++++++++------ docker-bake.hcl | 13 ++++++++++++- 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build-stable.yml b/.github/workflows/build-stable.yml index bb5b1d1..f1bbe5e 100644 --- a/.github/workflows/build-stable.yml +++ b/.github/workflows/build-stable.yml @@ -16,8 +16,8 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - edition: ["", "-ee", "-de"] images: ["documentserver-stable"] + edition: ["", "-ee", "-de"] steps: - name: Checkout code uses: actions/checkout@v3 @@ -41,18 +41,23 @@ jobs: - name: Build documentserver-stable run: | - DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') - IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$DOCKER_TAG > /dev/null ; echo $?) + TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') + SHORTER_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+\.[\d]+') + SHORTEST_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+') + IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG > /dev/null ; echo $?) if [[ "$IMAGE_STATUS" = "0" ]]; then echo "Image present on docker.hub >> start build stable version" - echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$DOCKER_TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable + echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable PRODUCT_EDITION=${{ matrix.edition }} PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ - COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable TAG=$DOCKER_TAG \ + COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable \ + TAG=$TAG \ + SHORTER_TAG=$SHORTER_TAG \ + SHORTEST_TAG=$SHORTEST_TAG \ docker buildx bake \ -f docker-bake.hcl ${{ matrix.images }} \ --push ; else - echo "FAILED: Image with tag $DOCKER_TAG do not presented on docker.hub >> build will not started >> exit with 0" + echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 0" exit 0 fi shell: bash diff --git a/docker-bake.hcl b/docker-bake.hcl index 9e89642..04ed4a0 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -2,6 +2,14 @@ variable "TAG" { default = "" } +variable "SHORTER_TAG" { + default = "" +} + +variable "SHORTEST_TAG" { + default = "" +} + variable "COMPANY_NAME" { default = "" } @@ -37,7 +45,10 @@ target "documentserver" { target "documentserver-stable" { target = "documentserver-stable" dockerfile= "${DOCKERFILE}" - tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"] + tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}", + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}", + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"] platforms = ["linux/amd64", "linux/arm64"] args = { "PRODUCT_EDITION": "${PRODUCT_EDITION}" From 9494e08e8f4b3a1808cf528265e997d9b9d7bae1 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Wed, 15 Jun 2022 10:30:18 +0300 Subject: [PATCH 04/25] Fix for redis correct work (#449) * Fix for redis correct work * Refactoring code * Refactoring code * Refactoring code * Refactor: refactoring code --- Dockerfile | 3 ++- run-document-server.sh | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5f1bf17..708b4a6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -78,7 +78,8 @@ ARG PRODUCT_NAME=documentserver ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_$TARGETARCH.deb" ENV COMPANY_NAME=$COMPANY_NAME \ - PRODUCT_NAME=$PRODUCT_NAME + PRODUCT_NAME=$PRODUCT_NAME \ + PRODUCT_EDITION=$PRODUCT_EDITION RUN wget -q -P /tmp "$PACKAGE_URL" && \ apt-get -y update && \ diff --git a/run-document-server.sh b/run-document-server.sh index 8011b54..c9747f8 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -83,7 +83,7 @@ WOPI_ENABLED=${WOPI_ENABLED:-false} GENERATE_FONTS=${GENERATE_FONTS:-true} -if [[ ${PRODUCT_NAME} == "documentserver" ]]; then +if [[ ${PRODUCT_NAME}${PRODUCT_EDITION} == "documentserver" ]]; then REDIS_ENABLED=false else REDIS_ENABLED=true From c4ddb9971045784c880b1963a46ab1816daebe79 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 5 Jul 2022 14:41:20 +0300 Subject: [PATCH 05/25] Update base image version (#447) --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 708b4a6..7405b2b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ -FROM ubuntu:20.04 as documentserver +FROM ubuntu:22.04 as documentserver LABEL maintainer Ascensio System SIA -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12 +ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=14 ARG ONLYOFFICE_VALUE=onlyoffice From c7a1fd04a436bc563b63d961b09dc30e9e8db8fc Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Tue, 5 Jul 2022 14:56:42 +0300 Subject: [PATCH 06/25] fix Bug 50138 / Fix SSL key access error (#455) * Fix SSL key access error * Change name of directory --- run-document-server.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index c9747f8..aca2d89 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -37,7 +37,12 @@ if [ "${RELEASE_DATE}" != "${PREV_RELEASE_DATE}" ]; then fi fi -SSL_CERTIFICATES_DIR="${DATA_DIR}/certs" +SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds" +mkdir -p ${SSL_CERTIFICATES_DIR} +cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR} +chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem +chmod 400 ${SSL_CERTIFICATES_DIR}/*.key + if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt else @@ -505,7 +510,7 @@ for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${ done # change folder rights -for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do +for i in ${LOG_DIR} ${LIB_DIR}; do chown -R ds:ds "$i" chmod -R 755 "$i" done From 29e4ec3027128fc45530639b868d1a05786c51b1 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Mon, 11 Jul 2022 13:27:43 +0300 Subject: [PATCH 07/25] Refactoring workflow (#448) --- ...{build-4testing.yml => 4testing-build.yml} | 45 ++++++++++--------- .../{build-stable.yml => stable-build.yml} | 12 +++-- 2 files changed, 33 insertions(+), 24 deletions(-) rename .github/workflows/{build-4testing.yml => 4testing-build.yml} (53%) rename .github/workflows/{build-stable.yml => stable-build.yml} (88%) diff --git a/.github/workflows/build-4testing.yml b/.github/workflows/4testing-build.yml similarity index 53% rename from .github/workflows/build-4testing.yml rename to .github/workflows/4testing-build.yml index 215fe8d..0716979 100644 --- a/.github/workflows/build-4testing.yml +++ b/.github/workflows/4testing-build.yml @@ -1,5 +1,5 @@ ### This workflow setup instance then build and push images ### -name: Multi-arch build 4testing +name: 4testing multiarch-build on: push: @@ -15,10 +15,12 @@ jobs: build: name: Build runs-on: ubuntu-latest + continue-on-error: ${{ matrix.condition }} strategy: matrix: - edition: ["", "-ee", "-de"] images: ["documentserver"] + edition: ["", "-ee", "-de"] + condition: [true] steps: - name: Checkout code uses: actions/checkout@v3 @@ -40,7 +42,7 @@ jobs: run: | echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} - - name: Build documentserver-4testing + - name: Build 4testing run: | DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' ) PACKAGE_VERSION=$(echo $DOCKER_TAG | sed 's/\./-/3') @@ -48,23 +50,26 @@ jobs: STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") if [[ "$STATUS" = "200" ]]; then echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access" - PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb - STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") - if [[ "$STATUS" = "200" ]]; then - echo "Have access to documentserver${{ matrix.edition }} arm64 arch" - echo "All architecture are available >> Build is starting." - sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile - PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \ - PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \ - PREFIX_NAME=4testing- TAG=$DOCKER_TAG \ - docker buildx bake \ - -f docker-bake.hcl ${{ matrix.images }} \ - --push - echo "DONE: Build success >> exit with 0" - exit 0 - else - echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Build did't started >> Exit with 0." - exit 0 + else + echo "FAILED: Have no access to documentserver${{ matrix.edition }} amd64 arch" + exit 1 fi + PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb + STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") + if [[ "$STATUS" = "200" ]]; then + echo "Have access to documentserver${{ matrix.edition }} arm64 arch" + echo "All architecture are available >> build is starting." + sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile + PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \ + PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \ + PREFIX_NAME=4testing- TAG=$DOCKER_TAG \ + docker buildx bake \ + -f docker-bake.hcl ${{ matrix.images }} \ + --push + echo "DONE: Build success >> exit with 0" + exit 0 + else + echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Exit with 0." + exit 1 fi shell: bash diff --git a/.github/workflows/build-stable.yml b/.github/workflows/stable-build.yml similarity index 88% rename from .github/workflows/build-stable.yml rename to .github/workflows/stable-build.yml index f1bbe5e..7fd434a 100644 --- a/.github/workflows/build-stable.yml +++ b/.github/workflows/stable-build.yml @@ -14,10 +14,12 @@ jobs: build: name: Build runs-on: ubuntu-latest + continue-on-error: ${{ matrix.condition }} strategy: matrix: images: ["documentserver-stable"] edition: ["", "-ee", "-de"] + condition: [true] steps: - name: Checkout code uses: actions/checkout@v3 @@ -39,7 +41,7 @@ jobs: run: | echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} - - name: Build documentserver-stable + - name: Build documentserver-release run: | TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') SHORTER_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+\.[\d]+') @@ -55,9 +57,11 @@ jobs: SHORTEST_TAG=$SHORTEST_TAG \ docker buildx bake \ -f docker-bake.hcl ${{ matrix.images }} \ - --push ; - else - echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 0" + --push + echo "DONE: Build success >> exit with 0" exit 0 + else + echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 1" + exit 1 fi shell: bash From c16635ea71e3df248fd58efd2182aa8eb5769bae Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 12 Jul 2022 12:37:48 +0300 Subject: [PATCH 08/25] Fix supervisor socket messages (#459) --- run-document-server.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/run-document-server.sh b/run-document-server.sh index aca2d89..2b2e386 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -474,7 +474,7 @@ update_nginx_settings(){ sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF} fi - documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} + documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} -r false } update_supervisor_settings(){ From 143e77fdfcc3b6e462ca62b19fb8edfb81c37b49 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Mon, 18 Jul 2022 17:11:06 +0300 Subject: [PATCH 09/25] Fix Big #57286 / Add redis password config settings (#466) * Add redis password settings * Add variable description * Change variable descriptions * Change variable descriptions * Change variable descriptions --- README.md | 1 + run-document-server.sh | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/README.md b/README.md index a7bc84d..5020dfd 100644 --- a/README.md +++ b/README.md @@ -185,6 +185,7 @@ Below is the complete list of parameters that can be set using environment varia - **AMQP_TYPE**: The message broker type. Supported values are `rabbitmq` or `activemq`. Defaults to `rabbitmq`. - **REDIS_SERVER_HOST**: The IP address or the name of the host where the Redis server is running. - **REDIS_SERVER_PORT**: The Redis server port number. +- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default. - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes. - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process. - **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`. diff --git a/run-document-server.sh b/run-document-server.sh index 2b2e386..0ae0764 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -300,6 +300,11 @@ update_redis_settings(){ ${JSON} -I -e "if(this.services.CoAuthoring.redis===undefined)this.services.CoAuthoring.redis={};" ${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'" ${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'" + + if [ -n "${REDIS_SERVER_PASS}" ]; then + ${JSON} -I -e "this.services.CoAuthoring.redis.options = {'password':'${REDIS_SERVER_PASS}'}" + fi + } update_ds_settings(){ From 06a05223b5faea3491298aef5716b7c88d22791f Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 19 Jul 2022 15:51:46 +0300 Subject: [PATCH 10/25] Fix bug #58032 / Fix moves certificates alarm messages (#461) * Add some checks before replace certificates * Change if check key * Refactoring code * Refactoring code * Add checking exist files * Refactor: refactoring code * Remove check files conditions --- run-document-server.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index 0ae0764..cfba7a0 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -39,9 +39,11 @@ fi SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds" mkdir -p ${SSL_CERTIFICATES_DIR} -cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR} -chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem -chmod 400 ${SSL_CERTIFICATES_DIR}/*.key +if [[ -d ${DATA_DIR}/certs ]] && [ -e ${DATA_DIR}/certs/*.crt ]; then + cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR} + chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem + chmod 400 ${SSL_CERTIFICATES_DIR}/*.key +fi if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt From 2213fc70f5ab693e0f6b0292d22900799440ef68 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Thu, 21 Jul 2022 18:44:06 +0300 Subject: [PATCH 11/25] Add another tags processing (#464) * Add support for processing other tags * Print build-info before build start * Cosmetic changes * Add architecture and URL processing * Refactoring action code * Refactoring code * Refactoring code * Cosmetic changes * Remove some check package version * Refactoring code * Redefining url variable for dockerfile * Cosmetic changes * Changes platform conditions check * Set to use default TARGETARCH in build --- .github/workflows/4testing-build.yml | 76 +++++++++++++++++----------- Dockerfile | 3 +- docker-bake.hcl | 12 ++++- 3 files changed, 60 insertions(+), 31 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 0716979..306b6e1 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -29,6 +29,7 @@ jobs: uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx + id: buildx uses: docker/setup-buildx-action@v2 - name: Login to Docker Hub @@ -38,38 +39,55 @@ jobs: password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Get Tag Name - id: tag_name run: | - echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} + echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - name: Build 4testing run: | - DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' ) - PACKAGE_VERSION=$(echo $DOCKER_TAG | sed 's/\./-/3') - PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_amd64.deb - STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") - if [[ "$STATUS" = "200" ]]; then - echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access" - else - echo "FAILED: Have no access to documentserver${{ matrix.edition }} amd64 arch" - exit 1 - fi - PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb - STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") - if [[ "$STATUS" = "200" ]]; then - echo "Have access to documentserver${{ matrix.edition }} arm64 arch" - echo "All architecture are available >> build is starting." - sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile - PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \ - PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \ - PREFIX_NAME=4testing- TAG=$DOCKER_TAG \ - docker buildx bake \ - -f docker-bake.hcl ${{ matrix.images }} \ - --push - echo "DONE: Build success >> exit with 0" - exit 0 - else - echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Exit with 0." - exit 1 + ### ==>> At this step build variable declaration ### + DOCKER_TAG=$( echo ${{ env.RELEASE_VERSION }} | sed 's/^.//' ) + PACKAGE_VERSION=$( echo $DOCKER_TAG | sed -E 's/(.*)\./\1-/' ) + NODE_PLATFORMS=$( echo ${{ steps.buildx.outputs.platforms }} | sed 's/linux\///g' | sed 's/,/ /g' ) + echo "Start check avalivable build platforms >>" + + ### ==>> In this loop we will check all avalivable documentserver architectures. After that all accessed arch will be added to build-platforms list. ### + for ARCH in ${NODE_PLATFORMS}; do + REPO_URL=${{ secrets.REPO_URL }} + if [[ ${{ env.RELEASE_VERSION }} == v99.* ]]; then + REPO_URL=${{ secrets.UNSTABLE_REPO_URL }} + fi + PACKAGE_URL_CHECK=${REPO_URL}${{ matrix.edition }}_"$PACKAGE_VERSION"_${ARCH}.deb + STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "${PACKAGE_URL_CHECK}") + if [[ "$STATUS" = "200" ]]; then + echo "✔ ${ARCH} is avalivable >> set like one of build platforms" + PLATFORMS+=(linux/${ARCH},) + BUILD_PLATFORMS=$( echo ${PLATFORMS[@]} | sed 's/ //g' | sed 's/\(.*\),/\1/' ) + else + echo "${ARCH} in not avalivable" + fi + done + PACKAGE_URL_BUILD=$( echo ${PACKAGE_URL_CHECK} | sed -e "s/${PACKAGE_VERSION}_.*.deb/${PACKAGE_VERSION}_TARGETARCH.deb/g" ) + + ### ==>> At this step if there is no access to any platform and platform list is empty, build will exit with 1. ### + if [[ -z ${BUILD_PLATFORMS} ]]; then + echo "Have no access to any platform >> exit with 1" + exit 1 fi + echo "DONE: Check passed >> Build for platforms: ${BUILD_PLATFORMS}" + echo "Build is starting ... >>" + + ### ==>> Build and push images at this step ### + PRODUCT_EDITION=${{ matrix.edition }} \ + PACKAGE_URL=$PACKAGE_URL_BUILD \ + PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ + DOCKERFILE=Dockerfile \ + PREFIX_NAME=4testing- \ + TAG=$DOCKER_TAG \ + PLATFORM=$BUILD_PLATFORMS \ + COMPANY_NAME=${{ env.COMPANY_NAME }} \ + docker buildx bake \ + -f docker-bake.hcl ${{ matrix.images }} \ + --push + echo "DONE: Build success >> exit with 0" + exit 0 shell: bash diff --git a/Dockerfile b/Dockerfile index 7405b2b..dc73ab6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -81,7 +81,8 @@ ENV COMPANY_NAME=$COMPANY_NAME \ PRODUCT_NAME=$PRODUCT_NAME \ PRODUCT_EDITION=$PRODUCT_EDITION -RUN wget -q -P /tmp "$PACKAGE_URL" && \ +RUN PACKAGE_URL=$( echo ${PACKAGE_URL} | sed "s/TARGETARCH/"${TARGETARCH}"/g") && \ + wget -q -P /tmp "$PACKAGE_URL" && \ apt-get -y update && \ service postgresql start && \ apt-get -yq install /tmp/$(basename "$PACKAGE_URL") && \ diff --git a/docker-bake.hcl b/docker-bake.hcl index 04ed4a0..6932d4b 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -30,15 +30,25 @@ variable "DOCKERFILE" { default = "" } +variable "PLATFORM" { + default = "" +} + +variable "PACKAGE_URL" { + default = "" +} + target "documentserver" { target = "documentserver" dockerfile= "${DOCKERFILE}" tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"] - platforms = ["linux/amd64", "linux/arm64"] + platforms = ["${PLATFORM}"] args = { "PRODUCT_EDITION": "${PRODUCT_EDITION}" "PRODUCT_NAME": "${PRODUCT_NAME}" "COMPANY_NAME": "${COMPANY_NAME}" + "PACKAGE_URL": "{PACKAGE_URL}" + "PLATFORM": "${PLATFORM}" } } From 05c50429856343439a277a9218bbc2c421334ab6 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Fri, 22 Jul 2022 09:44:59 +0300 Subject: [PATCH 12/25] Add the missing variable (#467) --- docker-bake.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-bake.hcl b/docker-bake.hcl index 6932d4b..b03711e 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -47,7 +47,7 @@ target "documentserver" { "PRODUCT_EDITION": "${PRODUCT_EDITION}" "PRODUCT_NAME": "${PRODUCT_NAME}" "COMPANY_NAME": "${COMPANY_NAME}" - "PACKAGE_URL": "{PACKAGE_URL}" + "PACKAGE_URL": "${PACKAGE_URL}" "PLATFORM": "${PLATFORM}" } } From 8887cb7a2650f02d186f119f94d830efa1a634b6 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Mon, 22 Aug 2022 20:27:10 +0300 Subject: [PATCH 13/25] Enable JWT by default and add a JWT status message (#482) * Enable JWT by default and add a JWT status message * Correct JWT message * Add a condition for displaying a JWT message * Minor correction * Minor correction --- run-document-server.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index cfba7a0..f18aa1c 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -73,7 +73,7 @@ NGINX_CONFIG_PATH="/etc/nginx/nginx.conf" NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1} NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)} -JWT_ENABLED=${JWT_ENABLED:-false} +JWT_ENABLED=${JWT_ENABLED:-true} # validate user's vars before usinig in json if [ "${JWT_ENABLED}" == "true" ]; then @@ -82,7 +82,9 @@ else JWT_ENABLED="false" fi -JWT_SECRET=${JWT_SECRET:-secret} +[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh' to get information about JWT." + +JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)} JWT_HEADER=${JWT_HEADER:-Authorization} JWT_IN_BODY=${JWT_IN_BODY:-false} @@ -641,3 +643,5 @@ documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER} tail -f /var/log/${COMPANY_NAME}/**/*.log & wait $! + +echo "${JWT_MESSAGE}" From 34180710cf4278cb58a0ebf59d331dc439408b2c Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Mon, 22 Aug 2022 20:56:45 +0300 Subject: [PATCH 14/25] Fix command to get container id (#483) --- run-document-server.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index f18aa1c..83aeb00 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -82,7 +82,7 @@ else JWT_ENABLED="false" fi -[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh' to get information about JWT." +[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(cut -c9-20 < /proc/1/cpuset) sudo documentserver-jwt-status.sh' to get information about JWT." JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)} JWT_HEADER=${JWT_HEADER:-Authorization} @@ -641,7 +641,7 @@ if [ "${GENERATE_FONTS}" == "true" ]; then fi documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER} +echo "${JWT_MESSAGE}" + tail -f /var/log/${COMPANY_NAME}/**/*.log & wait $! - -echo "${JWT_MESSAGE}" From 083ab2c6a66b34050ef975c20b373f7cf7a46a3d Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Wed, 24 Aug 2022 11:14:59 +0300 Subject: [PATCH 15/25] Add latest tag for develop build (#484) --- .github/workflows/4testing-build.yml | 4 +++- docker-bake.hcl | 9 ++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 306b6e1..4532411 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -55,6 +55,7 @@ jobs: REPO_URL=${{ secrets.REPO_URL }} if [[ ${{ env.RELEASE_VERSION }} == v99.* ]]; then REPO_URL=${{ secrets.UNSTABLE_REPO_URL }} + DEVELOP_BUILD=true fi PACKAGE_URL_CHECK=${REPO_URL}${{ matrix.edition }}_"$PACKAGE_VERSION"_${ARCH}.deb STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "${PACKAGE_URL_CHECK}") @@ -63,7 +64,7 @@ jobs: PLATFORMS+=(linux/${ARCH},) BUILD_PLATFORMS=$( echo ${PLATFORMS[@]} | sed 's/ //g' | sed 's/\(.*\),/\1/' ) else - echo "${ARCH} in not avalivable" + echo "Х ${ARCH} in not avalivable" fi done PACKAGE_URL_BUILD=$( echo ${PACKAGE_URL_CHECK} | sed -e "s/${PACKAGE_VERSION}_.*.deb/${PACKAGE_VERSION}_TARGETARCH.deb/g" ) @@ -85,6 +86,7 @@ jobs: TAG=$DOCKER_TAG \ PLATFORM=$BUILD_PLATFORMS \ COMPANY_NAME=${{ env.COMPANY_NAME }} \ + DEVELOP_BUILD=$DEVELOP_BUILD \ ### If value $DEVELOP_BUILD is present add another tag for develop build docker buildx bake \ -f docker-bake.hcl ${{ matrix.images }} \ --push diff --git a/docker-bake.hcl b/docker-bake.hcl index b03711e..0302790 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -38,10 +38,17 @@ variable "PACKAGE_URL" { default = "" } +variable "DEVELOP_BUILD" { + default = "" +} + target "documentserver" { target = "documentserver" dockerfile= "${DOCKERFILE}" - tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"] + tags = [ + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", + notequal("",DEVELOP_BUILD) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", + ] platforms = ["${PLATFORM}"] args = { "PRODUCT_EDITION": "${PRODUCT_EDITION}" From 2379128240d28048b7a5d6aac295369388e31a10 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Wed, 24 Aug 2022 12:47:47 +0300 Subject: [PATCH 16/25] fix build (#486) --- .github/workflows/4testing-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 4532411..1a985db 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -86,7 +86,7 @@ jobs: TAG=$DOCKER_TAG \ PLATFORM=$BUILD_PLATFORMS \ COMPANY_NAME=${{ env.COMPANY_NAME }} \ - DEVELOP_BUILD=$DEVELOP_BUILD \ ### If value $DEVELOP_BUILD is present add another tag for develop build + DEVELOP_BUILD=$DEVELOP_BUILD \ docker buildx bake \ -f docker-bake.hcl ${{ matrix.images }} \ --push From 207bd5dac709a7313689e83d260500a9bf244577 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Mon, 29 Aug 2022 11:40:25 +0300 Subject: [PATCH 17/25] Add build Documentserver without example (#473) * Add dockerfile for non-example build * Create new symlink for supervisor config * Add ARG for dynamic images specification * Update action version * Add build nonexample after stable build success * Add targets for nonexample build * Cosmetic changes * Update FROM instruction * Add default tag * Remove needless welcome nginx location * Change nonexample image tags * Set correct nonexample image tag * Change tag for nonexample image * Change dockerfile name * Rename dockerfile for release images * Move stable build to dockerfile * Refactoring bake file --- .github/workflows/4testing-build.yml | 4 +-- .github/workflows/stable-build.yml | 53 +++++++++++++++++++++++++--- Dockerfile.production | 24 +++++++++++++ docker-bake.hcl | 20 +++++++++-- 4 files changed, 91 insertions(+), 10 deletions(-) create mode 100644 Dockerfile.production diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 1a985db..b5a9956 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -13,7 +13,7 @@ env: jobs: build: - name: Build + name: "Build image: DocumentServer${{ matrix.edition }}" runs-on: ubuntu-latest continue-on-error: ${{ matrix.condition }} strategy: @@ -33,7 +33,7 @@ jobs: uses: docker/setup-buildx-action@v2 - name: Login to Docker Hub - uses: docker/login-action@v1 + uses: docker/login-action@v2 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index 7fd434a..9d7f6df 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -12,7 +12,7 @@ env: jobs: build: - name: Build + name: "Release image: DocumentServer${{ matrix.edition }}" runs-on: ubuntu-latest continue-on-error: ${{ matrix.condition }} strategy: @@ -31,7 +31,7 @@ jobs: uses: docker/setup-buildx-action@v2 - name: Login to Docker Hub - uses: docker/login-action@v1 + uses: docker/login-action@v2 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} @@ -49,9 +49,9 @@ jobs: IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG > /dev/null ; echo $?) if [[ "$IMAGE_STATUS" = "0" ]]; then echo "Image present on docker.hub >> start build stable version" - echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable - PRODUCT_EDITION=${{ matrix.edition }} PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ - COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable \ + PRODUCT_EDITION=${{ matrix.edition }} \ + PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ + COMPANY_NAME=${{ env.COMPANY_NAME}} \ TAG=$TAG \ SHORTER_TAG=$SHORTER_TAG \ SHORTEST_TAG=$SHORTEST_TAG \ @@ -65,3 +65,46 @@ jobs: exit 1 fi shell: bash + + build-nonExample: + name: "Release image: DocumentServer${{ matrix.edition }}-nonExample" + runs-on: ubuntu-latest + needs: [build] + continue-on-error: ${{ matrix.condition }} + strategy: + matrix: + images: ["documentserver-nonexample"] + edition: ["", "-ee", "-de"] + condition: [true] + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: Get Tag Name + id: tag_name + run: | + echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} + + - name: build image + run: | + TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') + PRODUCT_EDITION=${{ matrix.edition }} \ + PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ + COMPANY_NAME=${{ env.COMPANY_NAME }} \ + TAG=$TAG \ + docker buildx bake \ + -f docker-bake.hcl ${{ matrix.images }} \ + --push + shell: bash diff --git a/Dockerfile.production b/Dockerfile.production new file mode 100644 index 0000000..3c7b3bd --- /dev/null +++ b/Dockerfile.production @@ -0,0 +1,24 @@ +### Arguments avavlivable only for FROM instruction ### +ARG TAG=latest +ARG COMPANY_NAME=onlyoffice +ARG PRODUCT_EDITION= + +### Build main-release ### + +FROM ${COMPANY_NAME}/4testing-documentserver${PRODUCT_EDITION}:${TAG} as documentserver-stable + +### Build nonexample ### + +FROM ${COMPANY_NAME}/documentserver${PRODUCT_EDITION}:${TAG} as documentserver-nonexample + +ARG COMPANY_NAME=onlyoffice +ARG PRODUCT_NAME=documentserver +ARG DS_SUPERVISOR_CONF=/etc/supervisor/conf.d/ds.conf + +### Remove all documentserver-example data ### + +RUN rm -rf /var/www/$COMPANY_NAME/$PRODUCT_NAME-example \ + && rm -rf /etc/$COMPANY_NAME/$PRODUCT_NAME-example \ + && rm -f $DS_SUPERVISOR_CONF \ + && rm -f /etc/nginx/includes/ds-example.conf \ + && ln -s /etc/$COMPANY_NAME/$PRODUCT_NAME/supervisor/ds.conf $DS_SUPERVISOR_CONF diff --git a/docker-bake.hcl b/docker-bake.hcl index 0302790..e7827f8 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -61,15 +61,29 @@ target "documentserver" { target "documentserver-stable" { target = "documentserver-stable" - dockerfile= "${DOCKERFILE}" + dockerfile= "Dockerfile.production" tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"] platforms = ["linux/amd64", "linux/arm64"] args = { - "PRODUCT_EDITION": "${PRODUCT_EDITION}" - "PRODUCT_NAME": "${PRODUCT_NAME}" + "TAG": "${TAG}" "COMPANY_NAME": "${COMPANY_NAME}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "PRODUCT_EDITION": "${PRODUCT_EDITION}" } } + +target "documentserver-nonexample" { + target = "documentserver-nonexample" + dockerfile = "Dockerfile.production" + tags = [ "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PREFIX_NAME}${PRODUCT_EDITION}:${TAG}-nonexample" ] + platforms = ["linux/amd64", "linux/arm64"] + args = { + "TAG": "${TAG}" + "COMPANY_NAME": "${COMPANY_NAME}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + } +} From 3626f8cc6c697bc3a84a2c9b4b895d67f0c37a85 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 30 Aug 2022 14:33:23 +0300 Subject: [PATCH 18/25] Build: Set job fail status if some build failed (#488) --- .github/workflows/4testing-build.yml | 3 +-- .github/workflows/stable-build.yml | 7 +++---- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index b5a9956..cd420b9 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -15,12 +15,11 @@ jobs: build: name: "Build image: DocumentServer${{ matrix.edition }}" runs-on: ubuntu-latest - continue-on-error: ${{ matrix.condition }} strategy: + fail-fast: false matrix: images: ["documentserver"] edition: ["", "-ee", "-de"] - condition: [true] steps: - name: Checkout code uses: actions/checkout@v3 diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index 9d7f6df..34d27ad 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -14,12 +14,11 @@ jobs: build: name: "Release image: DocumentServer${{ matrix.edition }}" runs-on: ubuntu-latest - continue-on-error: ${{ matrix.condition }} strategy: + fail-fast: false matrix: images: ["documentserver-stable"] edition: ["", "-ee", "-de"] - condition: [true] steps: - name: Checkout code uses: actions/checkout@v3 @@ -70,12 +69,12 @@ jobs: name: "Release image: DocumentServer${{ matrix.edition }}-nonExample" runs-on: ubuntu-latest needs: [build] - continue-on-error: ${{ matrix.condition }} + if: always() strategy: + fail-fast: false matrix: images: ["documentserver-nonexample"] edition: ["", "-ee", "-de"] - condition: [true] steps: - name: Checkout code uses: actions/checkout@v3 From e44acbebf7a1be2cccda7a912d1f761310d865bc Mon Sep 17 00:00:00 2001 From: Roman Demidov Date: Wed, 31 Aug 2022 12:13:30 +0300 Subject: [PATCH 19/25] Fix KylinOS start error (#471) * Fix KylinOS start error * Small changes * Small changes --- run-document-server.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/run-document-server.sh b/run-document-server.sh index 83aeb00..f0fbd87 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -1,5 +1,7 @@ #!/bin/bash +umask 0022 + function clean_exit { /usr/bin/documentserver-prepare4shutdown.sh } @@ -593,6 +595,8 @@ else update_welcome_page fi +find /etc/${COMPANY_NAME} -exec chown ds:ds {} \; + #start needed local services for i in ${LOCAL_SERVICES[@]}; do service $i start From 713a06e999569e1e94b6973e3de32dd6a585d1a2 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Thu, 8 Sep 2022 15:56:49 +0300 Subject: [PATCH 20/25] Add expected build arch (#489) * Add fail status if build unexpected platforms * Build: set exit code for action * Build: Change expected platforms message --- .github/workflows/4testing-build.yml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index cd420b9..0753466 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -47,6 +47,7 @@ jobs: DOCKER_TAG=$( echo ${{ env.RELEASE_VERSION }} | sed 's/^.//' ) PACKAGE_VERSION=$( echo $DOCKER_TAG | sed -E 's/(.*)\./\1-/' ) NODE_PLATFORMS=$( echo ${{ steps.buildx.outputs.platforms }} | sed 's/linux\///g' | sed 's/,/ /g' ) + EXPECTED_PLATFORMS="linux/amd64,linux/arm64" echo "Start check avalivable build platforms >>" ### ==>> In this loop we will check all avalivable documentserver architectures. After that all accessed arch will be added to build-platforms list. ### @@ -76,6 +77,15 @@ jobs: echo "DONE: Check passed >> Build for platforms: ${BUILD_PLATFORMS}" echo "Build is starting ... >>" + ### == >> Set exit code for action + if [ ${BUILD_PLATFORMS} == ${EXPECTED_PLATFORMS} ]; then + EXIT_CODE=0 + echo "OK: Build platforms is expected" + else + EXIT_CODE=1 + echo "WARNING: Build platforms is unexpected action is gonna be marked as Failed" + fi + ### ==>> Build and push images at this step ### PRODUCT_EDITION=${{ matrix.edition }} \ PACKAGE_URL=$PACKAGE_URL_BUILD \ @@ -89,6 +99,6 @@ jobs: docker buildx bake \ -f docker-bake.hcl ${{ matrix.images }} \ --push - echo "DONE: Build success >> exit with 0" - exit 0 + echo "DONE: Build success >> exit with ${EXIT_CODE}" + exit ${EXIT_CODE} shell: bash From 61a5a021cf8ce03bb5b2d83758f8f1750ca4c9eb Mon Sep 17 00:00:00 2001 From: Semyon Bezrukov Date: Mon, 12 Sep 2022 16:04:56 +0300 Subject: [PATCH 21/25] Refactoring stable build (#490) * Refactoring stable build * Build: setting up push 4enterprise images * Cosmetic change * Remove needless tag * Rename dockerfile * Small fix * Rename dockerfile for nonexample Co-authored-by: danilapog --- .github/workflows/4testing-build.yml | 1 - .github/workflows/stable-build.yml | 71 ++++++++----------- docker-bake.hcl | 9 +-- ...erfile.production => production.dockerfile | 0 4 files changed, 33 insertions(+), 48 deletions(-) rename Dockerfile.production => production.dockerfile (100%) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 0753466..3d70142 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -5,7 +5,6 @@ on: push: tags: - "v*" - - "!v*-stable" env: COMPANY_NAME: "onlyoffice" diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index 34d27ad..0b6918e 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -2,9 +2,12 @@ name: Multi-arch build stable on: - push: - tags: - - "v*-stable" + workflow_dispatch: + inputs: + tag: + description: 'Tag for release (ex. 1.2.3.45)' + type: string + required: true env: COMPANY_NAME: "onlyoffice" @@ -35,37 +38,28 @@ jobs: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - - name: Get Tag Name - id: tag_name - run: | - echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} - - name: Build documentserver-release run: | - TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') - SHORTER_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+\.[\d]+') - SHORTEST_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+') - IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG > /dev/null ; echo $?) - if [[ "$IMAGE_STATUS" = "0" ]]; then - echo "Image present on docker.hub >> start build stable version" - PRODUCT_EDITION=${{ matrix.edition }} \ - PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ - COMPANY_NAME=${{ env.COMPANY_NAME}} \ - TAG=$TAG \ - SHORTER_TAG=$SHORTER_TAG \ - SHORTEST_TAG=$SHORTEST_TAG \ - docker buildx bake \ - -f docker-bake.hcl ${{ matrix.images }} \ - --push - echo "DONE: Build success >> exit with 0" - exit 0 - else - echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 1" - exit 1 - fi + set -eux + VERSION=${{ github.event.inputs.tag }} + PRODUCT_EDITION=${{ matrix.edition }} + TESTING_IMAGE=${COMPANY_NAME}/4testing-${PRODUCT_NAME}${PRODUCT_EDITION} + if docker manifest inspect ${TESTING_IMAGE}:${VERSION} > /dev/null; then + echo "Image present on docker.hub >> start build stable version" + export PRODUCT_EDITION + export TAG=${VERSION} + export SHORTER_TAG=${VERSION%.*} + export SHORTEST_TAG=${VERSION%.*.*} + docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push + echo "DONE: Build success >> exit with 0" + exit 0 + else + echo "FAILED: Image with tag ${VERSION} do not presented on docker.hub >> build will not started >> exit with 1" + exit 1 + fi shell: bash - build-nonExample: + build-nonexample: name: "Release image: DocumentServer${{ matrix.edition }}-nonExample" runs-on: ubuntu-latest needs: [build] @@ -91,19 +85,10 @@ jobs: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - - name: Get Tag Name - id: tag_name - run: | - echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} - - name: build image run: | - TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') - PRODUCT_EDITION=${{ matrix.edition }} \ - PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ - COMPANY_NAME=${{ env.COMPANY_NAME }} \ - TAG=$TAG \ - docker buildx bake \ - -f docker-bake.hcl ${{ matrix.images }} \ - --push + set -eux + export PRODUCT_EDITION=${{ matrix.edition }} + export TAG=${{ github.event.inputs.tag }} + docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push shell: bash diff --git a/docker-bake.hcl b/docker-bake.hcl index e7827f8..a7ee963 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -44,7 +44,7 @@ variable "DEVELOP_BUILD" { target "documentserver" { target = "documentserver" - dockerfile= "${DOCKERFILE}" + dockerfile = "${DOCKERFILE}" tags = [ "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", notequal("",DEVELOP_BUILD) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", @@ -61,11 +61,12 @@ target "documentserver" { target "documentserver-stable" { target = "documentserver-stable" - dockerfile= "Dockerfile.production" + dockerfile = "production.dockerfile" tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}", - "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"] + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest", + equal("-ee",PRODUCT_EDITION) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",] platforms = ["linux/amd64", "linux/arm64"] args = { "TAG": "${TAG}" @@ -77,7 +78,7 @@ target "documentserver-stable" { target "documentserver-nonexample" { target = "documentserver-nonexample" - dockerfile = "Dockerfile.production" + dockerfile = "production.dockerfile" tags = [ "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PREFIX_NAME}${PRODUCT_EDITION}:${TAG}-nonexample" ] platforms = ["linux/amd64", "linux/arm64"] args = { diff --git a/Dockerfile.production b/production.dockerfile similarity index 100% rename from Dockerfile.production rename to production.dockerfile From b9bfa7b90c34545b1ca2a7f626be99211213ece5 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Tue, 13 Sep 2022 11:08:04 +0300 Subject: [PATCH 22/25] fix Bug 58778 - Correct the display of container ID for 22.04 (#494) --- run-document-server.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/run-document-server.sh b/run-document-server.sh index f0fbd87..fd183a3 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -84,7 +84,7 @@ else JWT_ENABLED="false" fi -[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(cut -c9-20 < /proc/1/cpuset) sudo documentserver-jwt-status.sh' to get information about JWT." +[ -z $JWT_SECRET ] && JWT_MESSAGE='JWT is enabled by default. A random secret is generated automatically. Run the command "docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh" to get information about JWT.' JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)} JWT_HEADER=${JWT_HEADER:-Authorization} @@ -426,12 +426,15 @@ update_welcome_page() { WELCOME_PAGE="${APP_DIR}-example/welcome/docker.html" if [[ -e $WELCOME_PAGE ]]; then DOCKER_CONTAINER_ID=$(basename $(cat /proc/1/cpuset)) + (( ${#DOCKER_CONTAINER_ID} < 12 )) && DOCKER_CONTAINER_ID=$(hostname) if (( ${#DOCKER_CONTAINER_ID} >= 12 )); then if [[ -x $(command -v docker) ]]; then DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID) sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE + JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/') else sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE + JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/') fi fi fi From bac88530c1c1a187e0eadf8b1074dcdda74d9cfc Mon Sep 17 00:00:00 2001 From: Semyon Bezrukov Date: Fri, 16 Sep 2022 12:28:44 +0300 Subject: [PATCH 23/25] Refactoring testing build (#496) * Fix dockerfile args * Refactoring testing build action * Secret repo baseurl * Fix package version --- .github/workflows/4testing-build.yml | 162 ++++++++++++++++----------- Dockerfile | 15 +-- docker-bake.hcl | 21 +++- 3 files changed, 122 insertions(+), 76 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 3d70142..4343507 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -2,23 +2,78 @@ name: 4testing multiarch-build on: - push: - tags: - - "v*" + workflow_dispatch: + inputs: + build: + description: 'Build number (ex. 45)' + type: string + required: true + amd64: + type: boolean + description: 'Build AMD64' + default: true + arm64: + type: boolean + description: 'Build ARM64' + default: true + community: + type: boolean + description: 'Build Community Edition' + default: true + enterprise: + type: boolean + description: 'Build Enterprise Edition' + default: true + developer: + type: boolean + description: 'Build Developer Edition' + default: true env: COMPANY_NAME: "onlyoffice" PRODUCT_NAME: "documentserver" jobs: - build: - name: "Build image: DocumentServer${{ matrix.edition }}" + prepare: runs-on: ubuntu-latest + steps: + - id: matrix + run: | + set -ex + + BRANCH_NAME=${GITHUB_REF#refs/heads/} + if ! [[ $BRANCH_NAME == develop || $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then + echo "Wrong branch." + exit 1 + fi + + [ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64") + [ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64") + if [ -z ${PLATFORMS} ]; then + echo "None of the platforms are selected." + exit 1 + fi + + [ ${{ github.event.inputs.community }} = true ] && EDITIONS+=("community") + [ ${{ github.event.inputs.enterprise }} = true ] && EDITIONS+=("enterprise") + [ ${{ github.event.inputs.developer }} = true ] && EDITIONS+=("developer") + if [ -z ${EDITIONS} ]; then + echo "None of the editions are selected." + exit 1 + fi + echo "::set-output name=editions::$(jq -n -c --arg s "${EDITIONS[*]}" '($s|split(" "))')" + outputs: + editions: ${{ steps.matrix.outputs.editions }} + + build: + name: "Build ${{ matrix.image }}-${{ matrix.edition }}" + runs-on: ubuntu-latest + needs: prepare strategy: fail-fast: false matrix: - images: ["documentserver"] - edition: ["", "-ee", "-de"] + image: ["documentserver"] + edition: ${{ fromJSON(needs.prepare.outputs.editions) }} steps: - name: Checkout code uses: actions/checkout@v3 @@ -36,68 +91,49 @@ jobs: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - - name: Get Tag Name - run: | - echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - - name: Build 4testing run: | + set -eux + ### ==>> At this step build variable declaration ### - DOCKER_TAG=$( echo ${{ env.RELEASE_VERSION }} | sed 's/^.//' ) - PACKAGE_VERSION=$( echo $DOCKER_TAG | sed -E 's/(.*)\./\1-/' ) - NODE_PLATFORMS=$( echo ${{ steps.buildx.outputs.platforms }} | sed 's/linux\///g' | sed 's/,/ /g' ) - EXPECTED_PLATFORMS="linux/amd64,linux/arm64" - echo "Start check avalivable build platforms >>" - ### ==>> In this loop we will check all avalivable documentserver architectures. After that all accessed arch will be added to build-platforms list. ### - for ARCH in ${NODE_PLATFORMS}; do - REPO_URL=${{ secrets.REPO_URL }} - if [[ ${{ env.RELEASE_VERSION }} == v99.* ]]; then - REPO_URL=${{ secrets.UNSTABLE_REPO_URL }} - DEVELOP_BUILD=true - fi - PACKAGE_URL_CHECK=${REPO_URL}${{ matrix.edition }}_"$PACKAGE_VERSION"_${ARCH}.deb - STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "${PACKAGE_URL_CHECK}") - if [[ "$STATUS" = "200" ]]; then - echo "✔ ${ARCH} is avalivable >> set like one of build platforms" - PLATFORMS+=(linux/${ARCH},) - BUILD_PLATFORMS=$( echo ${PLATFORMS[@]} | sed 's/ //g' | sed 's/\(.*\),/\1/' ) - else - echo "Х ${ARCH} in not avalivable" - fi - done - PACKAGE_URL_BUILD=$( echo ${PACKAGE_URL_CHECK} | sed -e "s/${PACKAGE_VERSION}_.*.deb/${PACKAGE_VERSION}_TARGETARCH.deb/g" ) + case ${{ matrix.edition }} in + community) + PRODUCT_EDITION="" + ;; + enterprise) + PRODUCT_EDITION="-ee" + ;; + developer) + PRODUCT_EDITION="-de" + ;; + esac - ### ==>> At this step if there is no access to any platform and platform list is empty, build will exit with 1. ### - if [[ -z ${BUILD_PLATFORMS} ]]; then - echo "Have no access to any platform >> exit with 1" - exit 1 + [ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64") + [ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64") + PLATFORM=$(echo ${PLATFORMS[*]/#/linux/} | tr ' ' ',') + + BRANCH_NAME=${GITHUB_REF#refs/heads/} + if [ $BRANCH_NAME = develop ]; then + RELEASE_BRANCH=unstable + PRODUCT_VERSION=99.99.99 + elif [[ $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then + RELEASE_BRANCH=testing + PRODUCT_VERSION=${BRANCH_NAME#*/v} fi - echo "DONE: Check passed >> Build for platforms: ${BUILD_PLATFORMS}" - echo "Build is starting ... >>" + BUILD_NUMBER=${{ github.event.inputs.build }} - ### == >> Set exit code for action - if [ ${BUILD_PLATFORMS} == ${EXPECTED_PLATFORMS} ]; then - EXIT_CODE=0 - echo "OK: Build platforms is expected" - else - EXIT_CODE=1 - echo "WARNING: Build platforms is unexpected action is gonna be marked as Failed" - fi + export PRODUCT_EDITION + export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER} + export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/${RELEASE_BRANCH}/ubuntu + export RELEASE_BRANCH + export PLATFORM + export DOCKERFILE=Dockerfile + export PREFIX_NAME=4testing- + export TAG=${PRODUCT_VERSION}.${BUILD_NUMBER} - ### ==>> Build and push images at this step ### - PRODUCT_EDITION=${{ matrix.edition }} \ - PACKAGE_URL=$PACKAGE_URL_BUILD \ - PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ - DOCKERFILE=Dockerfile \ - PREFIX_NAME=4testing- \ - TAG=$DOCKER_TAG \ - PLATFORM=$BUILD_PLATFORMS \ - COMPANY_NAME=${{ env.COMPANY_NAME }} \ - DEVELOP_BUILD=$DEVELOP_BUILD \ - docker buildx bake \ - -f docker-bake.hcl ${{ matrix.images }} \ - --push - echo "DONE: Build success >> exit with ${EXIT_CODE}" - exit ${EXIT_CODE} + ### ==>> Build and push images at this step ### + + docker buildx bake -f docker-bake.hcl ${{ matrix.image }} --push + echo "DONE: Build success" shell: bash diff --git a/Dockerfile b/Dockerfile index dc73ab6..66a9137 100644 --- a/Dockerfile +++ b/Dockerfile @@ -71,25 +71,26 @@ COPY run-document-server.sh /app/ds/run-document-server.sh EXPOSE 80 443 -ARG TARGETARCH -ARG PRODUCT_EDITION= ARG COMPANY_NAME=onlyoffice ARG PRODUCT_NAME=documentserver -ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_$TARGETARCH.deb" +ARG PRODUCT_EDITION= +ARG PACKAGE_VERSION=0.0.0-0 +ARG TARGETARCH +ARG PACKAGE_BASEURL="http://download.onlyoffice.com/install/documentserver/linux" +ARG PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_${PACKAGE_VERSION}_${TARGETARCH}.deb" ENV COMPANY_NAME=$COMPANY_NAME \ PRODUCT_NAME=$PRODUCT_NAME \ PRODUCT_EDITION=$PRODUCT_EDITION -RUN PACKAGE_URL=$( echo ${PACKAGE_URL} | sed "s/TARGETARCH/"${TARGETARCH}"/g") && \ - wget -q -P /tmp "$PACKAGE_URL" && \ +RUN wget -q -P /tmp "$PACKAGE_BASEURL/$PACKAGE_FILE" && \ apt-get -y update && \ service postgresql start && \ - apt-get -yq install /tmp/$(basename "$PACKAGE_URL") && \ + apt-get -yq install /tmp/$PACKAGE_FILE && \ service postgresql stop && \ service supervisor stop && \ chmod 755 /app/ds/*.sh && \ - rm -f /tmp/$(basename "$PACKAGE_URL") && \ + rm -f /tmp/$PACKAGE_FILE && \ rm -rf /var/log/$COMPANY_NAME && \ rm -rf /var/lib/apt/lists/* diff --git a/docker-bake.hcl b/docker-bake.hcl index a7ee963..b797d46 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -26,6 +26,10 @@ variable "PRODUCT_NAME" { default = "" } +variable "PACKAGE_VERSION" { + default = "" +} + variable "DOCKERFILE" { default = "" } @@ -34,11 +38,15 @@ variable "PLATFORM" { default = "" } -variable "PACKAGE_URL" { +variable "PACKAGE_BASEURL" { default = "" } -variable "DEVELOP_BUILD" { +variable "PACKAGE_FILE" { + default = "" +} + +variable "RELEASE_BRANCH" { default = "" } @@ -47,14 +55,15 @@ target "documentserver" { dockerfile = "${DOCKERFILE}" tags = [ "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", - notequal("",DEVELOP_BUILD) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", + equal("testing",RELEASE_BRANCH) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", ] platforms = ["${PLATFORM}"] args = { - "PRODUCT_EDITION": "${PRODUCT_EDITION}" - "PRODUCT_NAME": "${PRODUCT_NAME}" "COMPANY_NAME": "${COMPANY_NAME}" - "PACKAGE_URL": "${PACKAGE_URL}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + "PACKAGE_VERSION": "${PACKAGE_VERSION}" + "PACKAGE_BASEURL": "${PACKAGE_BASEURL}" "PLATFORM": "${PLATFORM}" } } From 67fbd9d9c80fb2108c143d509b0e61c4ef612e15 Mon Sep 17 00:00:00 2001 From: Semyon Bezrukov Date: Sun, 18 Sep 2022 16:20:15 +0300 Subject: [PATCH 24/25] Fix makefile (#498) --- Makefile | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index f840a15..ab7f2c2 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,7 @@ COMPANY_NAME ?= ONLYOFFICE GIT_BRANCH ?= develop PRODUCT_NAME ?= DocumentServer +PRODUCT_EDITION ?= PRODUCT_VERSION ?= 0.0.0 BUILD_NUMBER ?= 0 ONLYOFFICE_VALUE ?= onlyoffice @@ -11,9 +12,9 @@ COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z) PRODUCT_NAME_LOW = $(shell echo $(PRODUCT_NAME) | tr A-Z a-z) COMPANY_NAME_LOW_ESCAPED = $(subst -,,$(COMPANY_NAME_LOW)) -PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW) +PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION) PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER) -PACKAGE_URL := http://$(S3_BUCKET).s3.amazonaws.com/$(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/ubuntu/$(PACKAGE_NAME)_$(PACKAGE_VERSION)_amd64.deb +PACKAGE_BASEURL := https://s3.eu-west-1.amazonaws.com/$(S3_BUCKET)/$(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/ubuntu ifeq ($(RELEASE_BRANCH),$(filter $(RELEASE_BRANCH),unstable testing)) DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION)) @@ -22,7 +23,7 @@ else endif DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW) -DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)__$(DOCKER_TAG).dummy +DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(PACKAGE_VERSION).tar.gz DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKER_ARCH)) @@ -31,9 +32,12 @@ DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKE $(DOCKER_DUMMY): docker pull ubuntu:20.04 docker build \ - --build-arg PACKAGE_URL=$(PACKAGE_URL) \ --build-arg COMPANY_NAME=$(COMPANY_NAME_LOW) \ --build-arg PRODUCT_NAME=$(PRODUCT_NAME_LOW) \ + --build-arg PRODUCT_EDITION=$(PRODUCT_EDITION) \ + --build-arg PACKAGE_VERSION=$(PACKAGE_VERSION) \ + --build-arg PACKAGE_BASEURL=$(PACKAGE_BASEURL) \ + --build-arg TARGETARCH=amd64 \ --build-arg ONLYOFFICE_VALUE=$(ONLYOFFICE_VALUE) \ -t $(DOCKER_IMAGE):$(DOCKER_TAG) . && \ mkdir -p $$(dirname $@) && \ From 29bb07d2cb53b832c2e4bc200bd292168ab9487a Mon Sep 17 00:00:00 2001 From: Semyon Bezrukov Date: Tue, 20 Sep 2022 14:20:10 +0300 Subject: [PATCH 25/25] Fix makefile docker image (#499) --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index ab7f2c2..e255521 100644 --- a/Makefile +++ b/Makefile @@ -22,7 +22,7 @@ else DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH)) endif -DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW) +DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION) DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(PACKAGE_VERSION).tar.gz DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKER_ARCH))