From 8887cb7a2650f02d186f119f94d830efa1a634b6 Mon Sep 17 00:00:00 2001
From: Evgeniy Antonyuk <antonyuk.evgenyiy@onlyoffice.com>
Date: Mon, 22 Aug 2022 20:27:10 +0300
Subject: [PATCH 1/3] Enable JWT by default and add a JWT status message (#482)

* Enable JWT by default and add a JWT status message

* Correct JWT message

* Add a condition for displaying a JWT message

* Minor correction

* Minor correction
---
 run-document-server.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/run-document-server.sh b/run-document-server.sh
index cfba7a0..f18aa1c 100755
--- a/run-document-server.sh
+++ b/run-document-server.sh
@@ -73,7 +73,7 @@ NGINX_CONFIG_PATH="/etc/nginx/nginx.conf"
 NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1}
 NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)}
 
-JWT_ENABLED=${JWT_ENABLED:-false}
+JWT_ENABLED=${JWT_ENABLED:-true}
 
 # validate user's vars before usinig in json
 if [ "${JWT_ENABLED}" == "true" ]; then
@@ -82,7 +82,9 @@ else
   JWT_ENABLED="false"
 fi
 
-JWT_SECRET=${JWT_SECRET:-secret}
+[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh' to get information about JWT."
+
+JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)}
 JWT_HEADER=${JWT_HEADER:-Authorization}
 JWT_IN_BODY=${JWT_IN_BODY:-false}
 
@@ -641,3 +643,5 @@ documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
 
 tail -f /var/log/${COMPANY_NAME}/**/*.log &
 wait $!
+
+echo "${JWT_MESSAGE}" 

From 34180710cf4278cb58a0ebf59d331dc439408b2c Mon Sep 17 00:00:00 2001
From: Evgeniy Antonyuk <antonyuk.evgenyiy@onlyoffice.com>
Date: Mon, 22 Aug 2022 20:56:45 +0300
Subject: [PATCH 2/3] Fix command to get container id (#483)

---
 run-document-server.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/run-document-server.sh b/run-document-server.sh
index f18aa1c..83aeb00 100755
--- a/run-document-server.sh
+++ b/run-document-server.sh
@@ -82,7 +82,7 @@ else
   JWT_ENABLED="false"
 fi
 
-[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh' to get information about JWT."
+[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(cut -c9-20 < /proc/1/cpuset) sudo documentserver-jwt-status.sh' to get information about JWT."
 
 JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)}
 JWT_HEADER=${JWT_HEADER:-Authorization}
@@ -641,7 +641,7 @@ if [ "${GENERATE_FONTS}" == "true" ]; then
 fi
 documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
 
+echo "${JWT_MESSAGE}" 
+
 tail -f /var/log/${COMPANY_NAME}/**/*.log &
 wait $!
-
-echo "${JWT_MESSAGE}" 

From 083ab2c6a66b34050ef975c20b373f7cf7a46a3d Mon Sep 17 00:00:00 2001
From: Danil Titarenko <77471369+danilapog@users.noreply.github.com>
Date: Wed, 24 Aug 2022 11:14:59 +0300
Subject: [PATCH 3/3] Add latest tag for develop build (#484)

---
 .github/workflows/4testing-build.yml | 4 +++-
 docker-bake.hcl                      | 9 ++++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml
index 306b6e1..4532411 100644
--- a/.github/workflows/4testing-build.yml
+++ b/.github/workflows/4testing-build.yml
@@ -55,6 +55,7 @@ jobs:
             REPO_URL=${{ secrets.REPO_URL }} 
             if [[ ${{ env.RELEASE_VERSION }} == v99.* ]]; then
               REPO_URL=${{ secrets.UNSTABLE_REPO_URL }}
+              DEVELOP_BUILD=true
             fi
             PACKAGE_URL_CHECK=${REPO_URL}${{ matrix.edition }}_"$PACKAGE_VERSION"_${ARCH}.deb
             STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "${PACKAGE_URL_CHECK}")
@@ -63,7 +64,7 @@ jobs:
               PLATFORMS+=(linux/${ARCH},)
               BUILD_PLATFORMS=$( echo ${PLATFORMS[@]} | sed 's/ //g' | sed 's/\(.*\),/\1/' )
             else
-              echo "${ARCH} in not avalivable"
+              echo "Х ${ARCH} in not avalivable"
             fi
           done
           PACKAGE_URL_BUILD=$( echo ${PACKAGE_URL_CHECK} | sed -e "s/${PACKAGE_VERSION}_.*.deb/${PACKAGE_VERSION}_TARGETARCH.deb/g" )
@@ -85,6 +86,7 @@ jobs:
           TAG=$DOCKER_TAG \
           PLATFORM=$BUILD_PLATFORMS \
           COMPANY_NAME=${{ env.COMPANY_NAME }} \
+          DEVELOP_BUILD=$DEVELOP_BUILD \ ### If value $DEVELOP_BUILD is present add another tag for develop build
             docker buildx bake \
             -f docker-bake.hcl ${{ matrix.images }} \
             --push
diff --git a/docker-bake.hcl b/docker-bake.hcl
index b03711e..0302790 100644
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -38,10 +38,17 @@ variable "PACKAGE_URL" {
     default = ""
 }
 
+variable "DEVELOP_BUILD" {
+    default = ""
+}
+
 target "documentserver" {
     target = "documentserver"
     dockerfile= "${DOCKERFILE}"
-    tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"]
+    tags = [
+           "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
+           notequal("",DEVELOP_BUILD) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "",
+           ]
     platforms = ["${PLATFORM}"]
     args = {
         "PRODUCT_EDITION": "${PRODUCT_EDITION}"