delete commit id from release version

.backportrc.json

@@ -1,6 +0,0 @@
-{
-  "repoOwner": "opencloud-eu",
-  "repoName": "opencloud",
-  "targetBranchChoices": ["main", "stable-2.0", "stable-4.0"],
-  "fork": false
-}

.bingo/go-xgettext.mod

@@ -3,5 +3,3 @@ module _ // Auto generated by https://github.com/bwplotka/bingo. DO NOT EDIT
 go 1.23.4
 
 require github.com/gosexy/gettext v0.0.0-20160830220431-74466a0a0c4a // go-xgettext
-
-require github.com/jessevdk/go-flags v1.6.1 // indirect

.codacy.yml

@@ -16,7 +16,7 @@ exclude_paths:
   - 'tests/acceptance/expected-failures-*.md'
   - 'tests/acceptance/bootstrap/**'
   - 'tests/acceptance/TestHelpers/**'
-  - 'tests/acceptance/scripts/run.sh'
+  - 'tests/acceptance/run.sh'
   - 'vendor/**/*'
   - 'tests/ocwrapper/vendor/**'
 ...

.dockerignore

@@ -1,8 +1,6 @@
 .bingo
 !.bingo/*.mod
 !.bingo/Variables.mk
-.git
 **/bin
-**/node_modules
-**/tmp
 docs
+**/node_modules

.github/settings.yml

@@ -1,4 +1 @@
 _extends: gh-labels
-
-
-

.gitignore

@@ -38,7 +38,6 @@ vendor-php
 # API acceptance tests - auto-generated files
 .php-cs-fixer.cache
 suite-logs
-tests/acceptance/filesForUpload/filesWithVirus/
 
 # QA activity reports
 tests/qa-activity-report/reports/

.make/go.mk

@@ -29,6 +29,8 @@ ifeq ($(VERSION), daily)
 	STRING ?= $(shell git rev-parse --short HEAD)
 else ifeq ($(VERSION),)
 	STRING ?= $(shell git rev-parse --short HEAD)
+else
+	STRING := 
 endif
 
 
@@ -36,18 +38,8 @@ ifndef DATE
 	DATE := $(shell date -u '+%Y%m%d')
 endif
 
-LDFLAGS += -X google.golang.org/protobuf/reflect/protoregistry.conflictPolicy=warn -s -w \
-	-X "$(OC_REPO)/pkg/version.Edition=$(EDITION)" \
-	-X "$(OC_REPO)/pkg/version.String=$(STRING)" \
-	-X "$(OC_REPO)/pkg/version.Tag=$(VERSION)" \
-	-X "$(OC_REPO)/pkg/version.Date=$(DATE)"
-
-DEBUG_LDFLAGS += -X google.golang.org/protobuf/reflect/protoregistry.conflictPolicy=warn \
-	-X "$(OC_REPO)/pkg/version.Edition=$(EDITION)" \
-	-X "$(OC_REPO)/pkg/version.String=$(STRING)" \
-	-X "$(OC_REPO)/pkg/version.Tag=$(VERSION)" \
-	-X "$(OC_REPO)/pkg/version.Date=$(DATE)"
-
+LDFLAGS += -X google.golang.org/protobuf/reflect/protoregistry.conflictPolicy=warn -s -w -X "$(OC_REPO)/pkg/version.String=$(STRING)" -X "$(OC_REPO)/pkg/version.Tag=$(VERSION)" -X "$(OC_REPO)/pkg/version.Date=$(DATE)"
+DEBUG_LDFLAGS += -X google.golang.org/protobuf/reflect/protoregistry.conflictPolicy=warn -X "$(OC_REPO)/pkg/version.String=$(STRING)" -X "$(OC_REPO)/pkg/version.Tag=$(VERSION)" -X "$(OC_REPO)/pkg/version.Date=$(DATE)"
 DOCKER_LDFLAGS += -X "$(OC_REPO)/pkg/config/defaults.BaseDataPathType=path" -X "$(OC_REPO)/pkg/config/defaults.BaseDataPathValue=/var/lib/opencloud"
 DOCKER_LDFLAGS += -X "$(OC_REPO)/pkg/config/defaults.BaseConfigPathType=path" -X "$(OC_REPO)/pkg/config/defaults.BaseConfigPathValue=/etc/opencloud"
 

.vscode/launch.json

@@ -53,7 +53,7 @@
         "OC_MACHINE_AUTH_API_KEY": "some-opencloud-machine-auth-api-key",
         "OC_TRANSFER_SECRET": "some-opencloud-transfer-secret",
         // collaboration
-        "COLLABORATION_WOPI_SECRET": "some-wopi-secret",
+        "COLLABORATION_WOPIAPP_SECRET": "some-wopi-secret",
         // idm ldap
         "IDM_SVC_PASSWORD": "some-ldap-idm-password",
         "GRAPH_LDAP_BIND_PASSWORD": "some-ldap-idm-password",
@@ -193,21 +193,20 @@
         "OC_LOG_COLOR": "true",
         "PROXY_ENABLE_BASIC_AUTH": "true",
         "IDM_CREATE_DEMO_USERS": "true",
-        "OC_ADMIN_USER_ID": "fed-admin-user-id-0000-000000000000",
+        "OC_ADMIN_USER_ID": "some-admin-user-id-0000-000000000000",
         "IDM_ADMIN_PASSWORD": "admin",
-        "OC_SYSTEM_USER_ID": "fed-system-user-id-000-000000000000",
-        "OC_SYSTEM_USER_API_KEY": "fed-system-user-machine-auth-api-key",
-        "OC_JWT_SECRET": "fed-opencloud-jwt-secret",
-        "OC_MACHINE_AUTH_API_KEY": "fed-opencloud-machine-auth-api-key",
-        "OC_TRANSFER_SECRET": "fed-opencloud-transfer-secret",
-        "COLLABORATION_WOPI_SECRET": "fed-wopi-secret",
-        "IDM_SVC_PASSWORD": "fed-ldap-idm-password",
-        "GRAPH_LDAP_BIND_PASSWORD": "fed-ldap-idm-password",
-        "IDM_REVASVC_PASSWORD": "fed-ldap-reva-password",
-        "GROUPS_LDAP_BIND_PASSWORD": "fed-ldap-reva-password",
-        "USERS_LDAP_BIND_PASSWORD": "fed-ldap-reva-password",
-        "AUTH_BASIC_LDAP_BIND_PASSWORD": "fed-ldap-reva-password",
-        "IDM_IDPSVC_PASSWORD": "fed-ldap-idp-password",
+        "OC_SYSTEM_USER_ID": "some-system-user-id-000-000000000000",
+        "OC_SYSTEM_USER_API_KEY": "some-system-user-machine-auth-api-key",
+        "OC_JWT_SECRET": "some-opencloud-jwt-secret",
+        "OC_MACHINE_AUTH_API_KEY": "some-opencloud-machine-auth-api-key",
+        "OC_TRANSFER_SECRET": "some-opencloud-transfer-secret",
+        "IDM_SVC_PASSWORD": "some-ldap-idm-password",
+        "GRAPH_LDAP_BIND_PASSWORD": "some-ldap-idm-password",
+        "IDM_REVASVC_PASSWORD": "some-ldap-reva-password",
+        "GROUPS_LDAP_BIND_PASSWORD": "some-ldap-reva-password",
+        "USERS_LDAP_BIND_PASSWORD": "some-ldap-reva-password",
+        "AUTH_BASIC_LDAP_BIND_PASSWORD": "some-ldap-reva-password",
+        "IDM_IDPSVC_PASSWORD": "some-ldap-idp-password",
         "IDP_LDAP_BIND_PASSWORD": "some-ldap-idp-password",
         "GRAPH_APPLICATION_ID": "application-1"
       }

.woodpecker.env

@@ -1,4 +1,3 @@
 # The test runner source for UI tests
-WEB_COMMITID=3120ea384c7a9d1f1ea0c328965951fc06d66900
+WEB_COMMITID=0dca6b808d191ddf15503f20a6594a77e50a68e2
 WEB_BRANCH=main
-

CHANGELOG.md

@@ -1,444 +1,5 @@
 # Changelog
 
-## [4.2.0](https://github.com/opencloud-eu/opencloud/releases/tag/v4.2.0) - 2025-12-24
-
-### ❤️ Thanks to all contributors! ❤️
-
-@ScharfViktor, @butonic, @dragonchaser, @fschade, @rhafer, @saw-jan
-
-### 🐛 Bug Fixes
-
-- Remove sub-service binary entrypoints and fix antivirus only server cmd [[#2043](https://github.com/opencloud-eu/opencloud/pull/2043)]
-- fix(thumbnailer): respect image boundaries and text wrappings [[#2062](https://github.com/opencloud-eu/opencloud/pull/2062)]
-- fix: cobra viper flags and env [[#2047](https://github.com/opencloud-eu/opencloud/pull/2047)]
-- fix service name in suture logs [[#2052](https://github.com/opencloud-eu/opencloud/pull/2052)]
-
-### ✅ Tests
-
-- [full-ci] use graph api in the enforcePasswordPublicLink.feature [[#2050](https://github.com/opencloud-eu/opencloud/pull/2050)]
-- [full-ci][tests-only] test: check last email content with retries as emails can be delayed [[#2038](https://github.com/opencloud-eu/opencloud/pull/2038)]
-- skip collaborativePosix tests in CI [[#2039](https://github.com/opencloud-eu/opencloud/pull/2039)]
-
-### 📈 Enhancement
-
-- allow http2 connections to proxy [[#2040](https://github.com/opencloud-eu/opencloud/pull/2040)]
-- migrate from urfave/cli to spf13/cobra [[#1954](https://github.com/opencloud-eu/opencloud/pull/1954)]
-
-### 📦️ Dependencies
-
-- build(deps): bump github.com/testcontainers/testcontainers-go/modules/opensearch from 0.39.0 to 0.40.0 [[#1967](https://github.com/opencloud-eu/opencloud/pull/1967)]
-- build(deps): bump golang.org/x/net from 0.47.0 to 0.48.0 [[#2061](https://github.com/opencloud-eu/opencloud/pull/2061)]
-- build(deps): bump github.com/open-policy-agent/opa from 1.10.1 to 1.11.0 [[#1930](https://github.com/opencloud-eu/opencloud/pull/1930)]
-
-## [4.1.0](https://github.com/opencloud-eu/opencloud/releases/tag/v4.1.0) - 2025-12-15
-
-### ❤️ Thanks to all contributors! ❤️
-
-@JammingBen, @ScharfViktor, @Svanvith, @butonic, @flimmy, @fschade, @individual-it, @kulmann, @micbar, @prashant-gurung899, @saw-jan
-
-### 📚 Documentation
-
-- fix typo [[#2024](https://github.com/opencloud-eu/opencloud/pull/2024)]
-- [docs] update policies link [[#1996](https://github.com/opencloud-eu/opencloud/pull/1996)]
-- fix the link in quickstart script for itself [[#1956](https://github.com/opencloud-eu/opencloud/pull/1956)]
-
-### ✅ Tests
-
-- [full-ci][tests-only] test: fix some test flakiness [[#2003](https://github.com/opencloud-eu/opencloud/pull/2003)]
-- [tests-only] Skip test related pipelines for ready-release-go PRs [[#2011](https://github.com/opencloud-eu/opencloud/pull/2011)]
-- [full-ci][tests-only] test: add test to check mismatch offset during TUS upload [[#1993](https://github.com/opencloud-eu/opencloud/pull/1993)]
-- [full-ci][tests-only] test: proper resource existence check [[#1990](https://github.com/opencloud-eu/opencloud/pull/1990)]
-- check propfing after renaming data in file system [[#1809](https://github.com/opencloud-eu/opencloud/pull/1809)]
-- fix-get-attribute-test [[#1974](https://github.com/opencloud-eu/opencloud/pull/1974)]
-
-### 📈 Enhancement
-
-- Show edition in opencloud version command [[#2019](https://github.com/opencloud-eu/opencloud/pull/2019)]
-
-### 🐛 Bug Fixes
-
-- fix: enforce trailing slash for server url [[#1995](https://github.com/opencloud-eu/opencloud/pull/1995)]
-- fix: enhance resource creation with detailed process information [[#1978](https://github.com/opencloud-eu/opencloud/pull/1978)]
-
-### 📦️ Dependencies
-
-- chore: bump web to v4.3.0 [[#2030](https://github.com/opencloud-eu/opencloud/pull/2030)]
-- reva-bump-2.41.0 [[#2032](https://github.com/opencloud-eu/opencloud/pull/2032)]
-- build(deps): bump github.com/testcontainers/testcontainers-go from 0.39.0 to 0.40.0 [[#1931](https://github.com/opencloud-eu/opencloud/pull/1931)]
-
-## [4.0.0](https://github.com/opencloud-eu/opencloud/releases/tag/v4.0.0) - 2025-12-01
-
-### ❤️ Thanks to all contributors! ❤️
-
-@AlexAndBear, @MahdiBaghbani, @ScharfViktor, @butonic, @dragonchaser, @flimmy, @fschade, @individual-it, @jnweiger, @kulmann, @micbar, @mikelolasagasti, @pbleser-oc, @rhafer, @schweigisito
-
-### 💥 Breaking changes
-
-- collaboration: Enable `InsertRemoteImage` option [[#1692](https://github.com/opencloud-eu/opencloud/pull/1692)]
-
-### 📚 Documentation
-
-- Fix typos in antivirus README documentation [[#1940](https://github.com/opencloud-eu/opencloud/pull/1940)]
-- fix: add missing service README.md files with basic description [[#1859](https://github.com/opencloud-eu/opencloud/pull/1859)]
-- Fix README.md files which contain broken or missing links [[#1854](https://github.com/opencloud-eu/opencloud/pull/1854)]
-
-### 🐛 Bug Fixes
-
-- introduce OC_EVENTS_TLS_INSECURE [[#1936](https://github.com/opencloud-eu/opencloud/pull/1936)]
-- kill unused env vars [[#1888](https://github.com/opencloud-eu/opencloud/pull/1888)]
-- rc-handling was only active for the dryrun, not the real build-and-push [[#1919](https://github.com/opencloud-eu/opencloud/pull/1919)]
-- handle objectguid endianess [[#1901](https://github.com/opencloud-eu/opencloud/pull/1901)]
-- fix: add update server to default csp rules [[#1875](https://github.com/opencloud-eu/opencloud/pull/1875)]
-- fix: add missing capability flag support-radicale [[#1891](https://github.com/opencloud-eu/opencloud/pull/1891)]
-- fix opensearch client certificate [[#1890](https://github.com/opencloud-eu/opencloud/pull/1890)]
-- Bump reva [[#1882](https://github.com/opencloud-eu/opencloud/pull/1882)]
-- load two yaml configs [[#1617](https://github.com/opencloud-eu/opencloud/pull/1617)]
-- make user cache tenant aware [[#1732](https://github.com/opencloud-eu/opencloud/pull/1732)]
-- fix: sanitise markdow code to make docusaurus happy [[#1851](https://github.com/opencloud-eu/opencloud/pull/1851)]
-- update launch.json [[#1843](https://github.com/opencloud-eu/opencloud/pull/1843)]
-- docs: Fix auth-app examples in README [[#1844](https://github.com/opencloud-eu/opencloud/pull/1844)]
-- fix: fix typo in treesize logging [[#1826](https://github.com/opencloud-eu/opencloud/pull/1826)]
-- fix: set global signing secret fallback correctly [[#1781](https://github.com/opencloud-eu/opencloud/pull/1781)]
-
-### 📈 Enhancement
-
-- feat(ocm): add WAYF configuration for reva OCM service [[#1714](https://github.com/opencloud-eu/opencloud/pull/1714)]
-- log missing name or id attributes [[#1914](https://github.com/opencloud-eu/opencloud/pull/1914)]
-- collabora: Set IsAdminUser and IsAnonymousUser in CheckFileInfo [[#1745](https://github.com/opencloud-eu/opencloud/pull/1745)]
-
-### ✅ Tests
-
-- [full-ci] disable running ci with watch fs when full-ci [[#1902](https://github.com/opencloud-eu/opencloud/pull/1902)]
-- api-tests: delete spaces before users [[#1877](https://github.com/opencloud-eu/opencloud/pull/1877)]
-- update tika version [[#1872](https://github.com/opencloud-eu/opencloud/pull/1872)]
-- add share sync to collaborativePosix suite [[#1806](https://github.com/opencloud-eu/opencloud/pull/1806)]
-- removed test virus files from repo [[#1812](https://github.com/opencloud-eu/opencloud/pull/1812)]
-- increase timeouts waiting for notification & search [[#1802](https://github.com/opencloud-eu/opencloud/pull/1802)]
-- Sync share before action [[#1795](https://github.com/opencloud-eu/opencloud/pull/1795)]
-- correct STORAGE_USERS_POSIX_WATCH_FS env typo in CI [[#1746](https://github.com/opencloud-eu/opencloud/pull/1746)]
-
-### 📦️ Dependencies
-
-- [full-ci] revaBump-v2.40.1 [[#1927](https://github.com/opencloud-eu/opencloud/pull/1927)]
-- [full-ci] chore: bump web to v4.2.1 [[#1938](https://github.com/opencloud-eu/opencloud/pull/1938)]
-- build(deps): bump google.golang.org/grpc from 1.76.0 to 1.77.0 [[#1923](https://github.com/opencloud-eu/opencloud/pull/1923)]
-- build(deps): bump github.com/nats-io/nats-server/v2 from 2.12.1 to 2.12.2 [[#1922](https://github.com/opencloud-eu/opencloud/pull/1922)]
-- build(deps): bump github.com/kovidgoyal/imaging from 1.7.2 to 1.8.17 [[#1912](https://github.com/opencloud-eu/opencloud/pull/1912)]
-- build(deps): bump golang.org/x/crypto from 0.44.0 to 0.45.0 [[#1911](https://github.com/opencloud-eu/opencloud/pull/1911)]
-- [decomposed]Update version 4.0.0 rc.2 [[#1917](https://github.com/opencloud-eu/opencloud/pull/1917)]
-- chore: bump web to v4.2.1-rc.1 [[#1900](https://github.com/opencloud-eu/opencloud/pull/1900)]
-- revaBump-getting#428 [[#1887](https://github.com/opencloud-eu/opencloud/pull/1887)]
-- build(deps): bump github.com/blevesearch/bleve/v2 from 2.5.4 to 2.5.5 [[#1884](https://github.com/opencloud-eu/opencloud/pull/1884)]
-- build(deps): bump github.com/olekukonko/tablewriter from 1.1.0 to 1.1.1 [[#1869](https://github.com/opencloud-eu/opencloud/pull/1869)]
-- build(deps): bump golang.org/x/term from 0.36.0 to 0.37.0 [[#1845](https://github.com/opencloud-eu/opencloud/pull/1845)]
-- reva-bump-2.39.2. update opencloud 4.0.0-rc.1 [[#1849](https://github.com/opencloud-eu/opencloud/pull/1849)]
-- build(deps): bump golang.org/x/sync from 0.17.0 to 0.18.0 [[#1836](https://github.com/opencloud-eu/opencloud/pull/1836)]
-- build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.33.0 [[#1828](https://github.com/opencloud-eu/opencloud/pull/1828)]
-- build(deps): bump github.com/KimMachineGun/automemlimit from 0.7.4 to 0.7.5 [[#1787](https://github.com/opencloud-eu/opencloud/pull/1787)]
-- build(deps): bump github.com/open-policy-agent/opa from 1.9.0 to 1.10.1 [[#1788](https://github.com/opencloud-eu/opencloud/pull/1788)]
-- Bump reva [[#1786](https://github.com/opencloud-eu/opencloud/pull/1786)]
-- build(deps): bump github.com/gabriel-vasile/mimetype from 1.4.10 to 1.4.11 [[#1775](https://github.com/opencloud-eu/opencloud/pull/1775)]
-- build(deps): bump github.com/nats-io/nats-server/v2 from 2.12.0 to 2.12.1 [[#1706](https://github.com/opencloud-eu/opencloud/pull/1706)]
-- build(deps): bump github.com/onsi/ginkgo/v2 from 2.27.1 to 2.27.2 [[#1754](https://github.com/opencloud-eu/opencloud/pull/1754)]
-
-## [3.7.0](https://github.com/opencloud-eu/opencloud/releases/tag/v3.7.0) - 2025-11-03
-
-### ❤️ Thanks to all contributors! ❤️
-
-@ScharfViktor, @individual-it, @kulmann, @rhafer, @schweigisito, @sdwilsh
-
-### ✅ Tests
-
-- check status of postprocessing before accesing the file [[#1762](https://github.com/opencloud-eu/opencloud/pull/1762)]
-
-### 📈 Enhancement
-
-- multi-tenancy: Optional attributes on provision API [[#1663](https://github.com/opencloud-eu/opencloud/pull/1663)]
-- fix: fix #1698 - Notification email doesn't contain Message-Id header [[#1708](https://github.com/opencloud-eu/opencloud/pull/1708)]
-
-### 🐛 Bug Fixes
-
-- fix: only search LDAP group by name [[#1724](https://github.com/opencloud-eu/opencloud/pull/1724)]
-
-### 📦️ Dependencies
-
-- [full-ci] bump web 4.2.0 and opencloud 3.7.0 version [[#1765](https://github.com/opencloud-eu/opencloud/pull/1765)]
-
-## [3.6.0](https://github.com/opencloud-eu/opencloud/releases/tag/v3.6.0) - 2025-10-27
-
-### ❤️ Thanks to all contributors! ❤️
-
-@AlexAndBear, @ScharfViktor, @butonic, @dragonchaser, @fschade, @micbar, @prashant-gurung899, @rhafer, @schweigisito, @tammi-23
-
-### 📈 Enhancement
-
-- allow specifying a shutdown order [[#1622](https://github.com/opencloud-eu/opencloud/pull/1622)]
-- change: use 404 as status when thumbnail can not be fetched [[#1582](https://github.com/opencloud-eu/opencloud/pull/1582)]
-- feat: add dedicated logo (web) for mobile view to theme [[#1579](https://github.com/opencloud-eu/opencloud/pull/1579)]
-- feat: make it possible to start the collaboration service in the single process [[#1569](https://github.com/opencloud-eu/opencloud/pull/1569)]
-- introduce AppURLs helper for atomic backgroud updates [[#1542](https://github.com/opencloud-eu/opencloud/pull/1542)]
-- chore: add config for capability CheckForUpdates [[#1556](https://github.com/opencloud-eu/opencloud/pull/1556)]
-
-### ✅ Tests
-
-- [full-ci] feat: implement OIDC authentication option [[#1676](https://github.com/opencloud-eu/opencloud/pull/1676)]
-- apiTest-coverage for #1523 [[#1660](https://github.com/opencloud-eu/opencloud/pull/1660)]
-- [full-ci] deleted unused step definitions [[#1639](https://github.com/opencloud-eu/opencloud/pull/1639)]
-- check thumbnails in the share with me response [[#1605](https://github.com/opencloud-eu/opencloud/pull/1605)]
-- [full-ci][tests-only] fix restore browsers cache workflow [[#1615](https://github.com/opencloud-eu/opencloud/pull/1615)]
-- [full-ci] Enhance getSpaceByName: check local cache before Graph API calls [[#1574](https://github.com/opencloud-eu/opencloud/pull/1574)]
-- [full-ci] getting personal space by userId instead of userName [[#1553](https://github.com/opencloud-eu/opencloud/pull/1553)]
-- apiTest-flaky: sync share before checking [[#1550](https://github.com/opencloud-eu/opencloud/pull/1550)]
-- [decomposed] use Alpine for opencloud starting [[#1547](https://github.com/opencloud-eu/opencloud/pull/1547)]
-
-### 🐛 Bug Fixes
-
-- fix: apply changes from other fixes in compose repo [[#1707](https://github.com/opencloud-eu/opencloud/pull/1707)]
-- fix(settings): env var precedence [[#1625](https://github.com/opencloud-eu/opencloud/pull/1625)]
-- fix(antivirus): update icap-client library which fixes tcp socket reuse [[#1589](https://github.com/opencloud-eu/opencloud/pull/1589)]
-- fix: use valid autocomplete values (axe autocomplete-valid) [[#1588](https://github.com/opencloud-eu/opencloud/pull/1588)]
-- Fix collaboration service name [[#1577](https://github.com/opencloud-eu/opencloud/pull/1577)]
-- let the runtime always create a cancel context [[#1565](https://github.com/opencloud-eu/opencloud/pull/1565)]
-- Bump reva and cs3apis [[#1538](https://github.com/opencloud-eu/opencloud/pull/1538)]
-- use correct endpoint in nats check [[#1533](https://github.com/opencloud-eu/opencloud/pull/1533)]
-
-### 📚 Documentation
-
-- adr: use eduation api for multi-tenancy provisioning [[#1548](https://github.com/opencloud-eu/opencloud/pull/1548)]
-- fix: remove deprecated web ui feature "OpenAppsInTab" [[#1575](https://github.com/opencloud-eu/opencloud/pull/1575)]
-
-### 📦️ Dependencies
-
-- build(deps): bump github.com/onsi/ginkgo/v2 from 2.26.0 to 2.27.1 [[#1705](https://github.com/opencloud-eu/opencloud/pull/1705)]
-- [decomposed] bump-version-v3.6.0 [[#1719](https://github.com/opencloud-eu/opencloud/pull/1719)]
-- revaBump-2.39.1 [[#1718](https://github.com/opencloud-eu/opencloud/pull/1718)]
-- chore: bump reva [[#1701](https://github.com/opencloud-eu/opencloud/pull/1701)]
-- build(deps): bump github.com/kovidgoyal/imaging from 1.6.4 to 1.7.2 [[#1696](https://github.com/opencloud-eu/opencloud/pull/1696)]
-- build(deps): bump github.com/blevesearch/bleve/v2 from 2.5.3 to 2.5.4 [[#1697](https://github.com/opencloud-eu/opencloud/pull/1697)]
-- build(deps): bump golang.org/x/oauth2 from 0.31.0 to 0.32.0 [[#1634](https://github.com/opencloud-eu/opencloud/pull/1634)]
-- build(deps): bump golang.org/x/net from 0.44.0 to 0.46.0 [[#1638](https://github.com/opencloud-eu/opencloud/pull/1638)]
-- revaBumb: add groupware capabilities [[#1689](https://github.com/opencloud-eu/opencloud/pull/1689)]
-- revaUpdate: adding groupware capabilities [[#1659](https://github.com/opencloud-eu/opencloud/pull/1659)]
-- chore/bump-web-4.1.0 [[#1652](https://github.com/opencloud-eu/opencloud/pull/1652)]
-- build(deps): bump google.golang.org/grpc from 1.75.1 to 1.76.0 [[#1628](https://github.com/opencloud-eu/opencloud/pull/1628)]
-- build(deps): bump github.com/coreos/go-oidc/v3 from 3.15.0 to 3.16.0 [[#1627](https://github.com/opencloud-eu/opencloud/pull/1627)]
-- build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.27.2 to 2.27.3 [[#1608](https://github.com/opencloud-eu/opencloud/pull/1608)]
-- build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.11 to 3.4.12 [[#1609](https://github.com/opencloud-eu/opencloud/pull/1609)]
-- build(deps): bump google.golang.org/protobuf from 1.36.9 to 1.36.10 [[#1604](https://github.com/opencloud-eu/opencloud/pull/1604)]
-- build(deps): bump github.com/onsi/ginkgo/v2 from 2.25.3 to 2.26.0 [[#1603](https://github.com/opencloud-eu/opencloud/pull/1603)]
-- build(deps): bump github.com/nats-io/nats.go from 1.46.0 to 1.46.1 [[#1590](https://github.com/opencloud-eu/opencloud/pull/1590)]
-- build(deps): bump github.com/olekukonko/tablewriter from 1.0.9 to 1.1.0 [[#1584](https://github.com/opencloud-eu/opencloud/pull/1584)]
-- build(deps): bump github.com/open-policy-agent/opa from 1.8.0 to 1.9.0 [[#1576](https://github.com/opencloud-eu/opencloud/pull/1576)]
-- build(deps): bump github.com/nats-io/nats-server/v2 from 2.11.9 to 2.12.0 [[#1568](https://github.com/opencloud-eu/opencloud/pull/1568)]
-- build(deps): bump golang.org/x/net from 0.43.0 to 0.44.0 [[#1567](https://github.com/opencloud-eu/opencloud/pull/1567)]
-- reva bump. getting #327 [[#1555](https://github.com/opencloud-eu/opencloud/pull/1555)]
-- build(deps): bump golang.org/x/image from 0.30.0 to 0.31.0 [[#1552](https://github.com/opencloud-eu/opencloud/pull/1552)]
-- build(deps): bump github.com/nats-io/nats.go from 1.45.0 to 1.46.0 [[#1551](https://github.com/opencloud-eu/opencloud/pull/1551)]
-- build(deps): bump golang.org/x/crypto from 0.41.0 to 0.42.0 [[#1545](https://github.com/opencloud-eu/opencloud/pull/1545)]
-- build(deps): bump github.com/testcontainers/testcontainers-go/modules/opensearch from 0.38.0 to 0.39.0 [[#1544](https://github.com/opencloud-eu/opencloud/pull/1544)]
-- build(deps): bump github.com/open-policy-agent/opa from 1.6.0 to 1.8.0 [[#1510](https://github.com/opencloud-eu/opencloud/pull/1510)]
-- build(deps): bump google.golang.org/grpc from 1.75.0 to 1.75.1 [[#1534](https://github.com/opencloud-eu/opencloud/pull/1534)]
-
-## [3.5.0](https://github.com/opencloud-eu/opencloud/releases/tag/v3.5.0) - 2025-09-22
-
-### ❤️ Thanks to all contributors! ❤️
-
-@JammingBen, @ScharfViktor, @Svanvith, @aduffeck, @butonic, @fschade, @individual-it, @prashant-gurung899, @rhafer
-
-### 📚 Documentation
-
-- enhancement(docs): describe what and why ADRs [[#1518](https://github.com/opencloud-eu/opencloud/pull/1518)]
-- enhancement(docs): add branch naming styleguide and clean up the contribution guidelines [[#1520](https://github.com/opencloud-eu/opencloud/pull/1520)]
-- fix(search): readme typos and mention the lack of scalability [[#1516](https://github.com/opencloud-eu/opencloud/pull/1516)]
-- enhancement(search): simplify search docs and document opensearch backend [[#1513](https://github.com/opencloud-eu/opencloud/pull/1513)]
-- remove opencloud_full from the read.me and add opencloud-compose instead [[#1474](https://github.com/opencloud-eu/opencloud/pull/1474)]
-
-### ✅ Tests
-
-- [full-ci][tests-only] revert behat version and fix regex on test script [[#1507](https://github.com/opencloud-eu/opencloud/pull/1507)]
-- update behat version in `composer.json` [[#1501](https://github.com/opencloud-eu/opencloud/pull/1501)]
-- Apitest. file extension change [[#1482](https://github.com/opencloud-eu/opencloud/pull/1482)]
-- [full-ci] run tests with VIPS enabled [[#1420](https://github.com/opencloud-eu/opencloud/pull/1420)]
-- [full-ci] add pipeline to purge go-bin cache [[#1445](https://github.com/opencloud-eu/opencloud/pull/1445)]
-- [full-ci] purge browsers, opencloud web and playwright tracing cache [[#1403](https://github.com/opencloud-eu/opencloud/pull/1403)]
-
-### 📈 Enhancement
-
-- Insecure opensearch client [[#1509](https://github.com/opencloud-eu/opencloud/pull/1509)]
-- Allow disabling search servers [[#1495](https://github.com/opencloud-eu/opencloud/pull/1495)]
-- Tracing improvements [[#1436](https://github.com/opencloud-eu/opencloud/pull/1436)]
-
-### 🐛 Bug Fixes
-
-- fix(graph): Set the full CS3 user id in the Create Share request [[#1464](https://github.com/opencloud-eu/opencloud/pull/1464)]
-- Remove items from the index when they are purged from the trashbin [[#1347](https://github.com/opencloud-eu/opencloud/pull/1347)]
-- Do not intertwine different batch operations [[#1317](https://github.com/opencloud-eu/opencloud/pull/1317)]
-
-### 📦️ Dependencies
-
-- [decomposed] bump-version-v3.5.0 [[#1532](https://github.com/opencloud-eu/opencloud/pull/1532)]
-- revaBump-2.38.0 [[#1530](https://github.com/opencloud-eu/opencloud/pull/1530)]
-- chore/bump-web-4.0.0 [[#1531](https://github.com/opencloud-eu/opencloud/pull/1531)]
-- build(deps): bump github.com/onsi/ginkgo/v2 from 2.25.2 to 2.25.3 [[#1515](https://github.com/opencloud-eu/opencloud/pull/1515)]
-- build(deps): bump google.golang.org/protobuf from 1.36.8 to 1.36.9 [[#1491](https://github.com/opencloud-eu/opencloud/pull/1491)]
-- build(deps): bump go.opentelemetry.io/contrib/zpages from 0.62.0 to 0.63.0 [[#1490](https://github.com/opencloud-eu/opencloud/pull/1490)]
-- build(deps): bump golang.org/x/text from 0.28.0 to 0.29.0 [[#1484](https://github.com/opencloud-eu/opencloud/pull/1484)]
-- build(deps): bump github.com/spf13/afero from 1.14.0 to 1.15.0 [[#1483](https://github.com/opencloud-eu/opencloud/pull/1483)]
-- build(deps): bump github.com/prometheus/client_golang from 1.23.0 to 1.23.2 [[#1476](https://github.com/opencloud-eu/opencloud/pull/1476)]
-- build(deps): bump golang.org/x/sync from 0.16.0 to 0.17.0 [[#1477](https://github.com/opencloud-eu/opencloud/pull/1477)]
-- build(deps): bump go.etcd.io/bbolt from 1.4.2 to 1.4.3 [[#1463](https://github.com/opencloud-eu/opencloud/pull/1463)]
-- build(deps): bump github.com/go-chi/chi/v5 from 5.2.2 to 5.2.3 [[#1460](https://github.com/opencloud-eu/opencloud/pull/1460)]
-- build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.27.1 to 2.27.2 [[#1461](https://github.com/opencloud-eu/opencloud/pull/1461)]
-- build(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1 [[#1459](https://github.com/opencloud-eu/opencloud/pull/1459)]
-- build(deps): bump github.com/riandyrn/otelchi from 0.12.1 to 0.12.2 [[#1456](https://github.com/opencloud-eu/opencloud/pull/1456)]
-- build(deps): bump github.com/beevik/etree from 1.5.1 to 1.6.0 [[#1453](https://github.com/opencloud-eu/opencloud/pull/1453)]
-- build(deps): bump github.com/blevesearch/bleve/v2 from 2.5.2 to 2.5.3 [[#1450](https://github.com/opencloud-eu/opencloud/pull/1450)]
-- build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.62.0 to 0.63.0 [[#1448](https://github.com/opencloud-eu/opencloud/pull/1448)]
-- build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.62.0 to 0.63.0 [[#1446](https://github.com/opencloud-eu/opencloud/pull/1446)]
-- build(deps): bump github.com/nats-io/nats-server/v2 from 2.11.7 to 2.11.8 [[#1410](https://github.com/opencloud-eu/opencloud/pull/1410)]
-- build(deps): bump github.com/gabriel-vasile/mimetype from 1.4.9 to 1.4.10 [[#1413](https://github.com/opencloud-eu/opencloud/pull/1413)]
-
-## [3.4.0](https://github.com/opencloud-eu/opencloud/releases/tag/v3.4.0) - 2025-09-02
-
-### ❤️ Thanks to all contributors! ❤️
-
-@ScharfViktor, @butonic, @dragonchaser, @fschade, @individual-it, @kulmann, @pbleser-oc, @prashant-gurung899, @rhafer, @tammi-23, @tylerlm
-
-### ✨ Features
-
-- feat: added capability for Edit Login Allowed [[#1406](https://github.com/opencloud-eu/opencloud/pull/1406)]
-- Search-service: add opensearch as distributed search backend [[#1290](https://github.com/opencloud-eu/opencloud/pull/1290)]
-- initial skel for user soft delete [[#1344](https://github.com/opencloud-eu/opencloud/pull/1344)]
-
-### 🐛 Bug Fixes
-
-- fix(antivirus): the file bytesize differs if the file is larger than … [[#1408](https://github.com/opencloud-eu/opencloud/pull/1408)]
-- Correct app store URL [[#1412](https://github.com/opencloud-eu/opencloud/pull/1412)]
-- ack tag events [[#1381](https://github.com/opencloud-eu/opencloud/pull/1381)]
-- fix(proxy): First login fails in auto provision setups [[#1353](https://github.com/opencloud-eu/opencloud/pull/1353)]
-
-### 📈 Enhancement
-
-- directly connect to frontend [[#1373](https://github.com/opencloud-eu/opencloud/pull/1373)]
-- Dockerfile cleanup [[#1352](https://github.com/opencloud-eu/opencloud/pull/1352)]
-- feat: add defaultAppId option for the web config.json [[#1354](https://github.com/opencloud-eu/opencloud/pull/1354)]
-
-### ✅ Tests
-
-- tests for collaborativePosixFS [[#1342](https://github.com/opencloud-eu/opencloud/pull/1342)]
-- [full-ci] add pipeline to send CI notifications to matrix [[#1249](https://github.com/opencloud-eu/opencloud/pull/1249)]
-
-### 📦️ Dependencies
-
-- [decomposed] bump-version-v3.4.0 [[#1442](https://github.com/opencloud-eu/opencloud/pull/1442)]
-- [full-ci] revaBump-2.37.0 [[#1433](https://github.com/opencloud-eu/opencloud/pull/1433)]
-- Use bitnamilegacy [[#1418](https://github.com/opencloud-eu/opencloud/pull/1418)]
-- build(deps): bump github.com/nats-io/nats.go from 1.44.0 to 1.45.0 [[#1401](https://github.com/opencloud-eu/opencloud/pull/1401)]
-- build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0 [[#1400](https://github.com/opencloud-eu/opencloud/pull/1400)]
-- build(deps): bump github.com/olekukonko/tablewriter from 1.0.8 to 1.0.9 [[#1376](https://github.com/opencloud-eu/opencloud/pull/1376)]
-- build(deps): bump github.com/onsi/ginkgo/v2 from 2.24.0 to 2.25.1 [[#1396](https://github.com/opencloud-eu/opencloud/pull/1396)]
-- [full-ci] Bump reva to latest main [[#1372](https://github.com/opencloud-eu/opencloud/pull/1372)]
-- build(deps): bump github.com/prometheus/client_golang from 1.22.0 to 1.23.0 [[#1385](https://github.com/opencloud-eu/opencloud/pull/1385)]
-- build(deps): bump github.com/onsi/ginkgo/v2 from 2.23.4 to 2.24.0 [[#1375](https://github.com/opencloud-eu/opencloud/pull/1375)]
-- build(deps): bump github.com/gookit/config/v2 from 2.2.6 to 2.2.7 [[#1359](https://github.com/opencloud-eu/opencloud/pull/1359)]
-- build(deps): bump golang.org/x/net from 0.42.0 to 0.43.0 [[#1356](https://github.com/opencloud-eu/opencloud/pull/1356)]
-- chore(dependencies): bump reva 19625996460b2e68da3bbaf539e554366c59e111 [[#1357](https://github.com/opencloud-eu/opencloud/pull/1357)]
-- build(deps): bump golang.org/x/image from 0.28.0 to 0.30.0 [[#1323](https://github.com/opencloud-eu/opencloud/pull/1323)]
-- build(deps): bump github.com/nats-io/nats-server/v2 from 2.11.6 to 2.11.7 [[#1339](https://github.com/opencloud-eu/opencloud/pull/1339)]
-- build(deps): bump github.com/onsi/gomega from 1.37.0 to 1.38.0 [[#1266](https://github.com/opencloud-eu/opencloud/pull/1266)]
-
-## [3.3.0](https://github.com/opencloud-eu/opencloud/releases/tag/v3.3.0) - 2025-08-12
-
-### ❤️ Thanks to all contributors! ❤️
-
-@ScharfViktor, @aduffeck, @michaelstingl
-
-### ✨ Features
-
-- Tenant [[#1274](https://github.com/opencloud-eu/opencloud/pull/1274)]
-
-### 📈 Enhancement
-
-- chore: bump web to v3.3.0 [[#1329](https://github.com/opencloud-eu/opencloud/pull/1329)]
-
-### ✅ Tests
-
-- multiTenancyTests [[#1313](https://github.com/opencloud-eu/opencloud/pull/1313)]
-
-### 📚 Documentation
-
-- Fix posix driver documentation in STORAGE_USERS_DRIVER description [[#1305](https://github.com/opencloud-eu/opencloud/pull/1305)]
-
-### 🐛 Bug Fixes
-
-- Improve indexing performance using batches [[#1306](https://github.com/opencloud-eu/opencloud/pull/1306)]
-- Do not run the timout func if the work func has run [[#1302](https://github.com/opencloud-eu/opencloud/pull/1302)]
-- Make sure to register prometheus collectors only once [[#1295](https://github.com/opencloud-eu/opencloud/pull/1295)]
-
-### 📦️ Dependencies
-
-- [decomposed] bump-version-v3.3.0 [[#1332](https://github.com/opencloud-eu/opencloud/pull/1332)]
-- [full-ci] Reva bump 2.36.0 [[#1328](https://github.com/opencloud-eu/opencloud/pull/1328)]
-- Bump reva [[#1315](https://github.com/opencloud-eu/opencloud/pull/1315)]
-
-## [3.2.1](https://github.com/opencloud-eu/opencloud/releases/tag/v3.2.1) - 2025-07-30
-
-### ❤️ Thanks to all contributors! ❤️
-
-@aduffeck, @dragonchaser, @individual-it
-
-### 🐛 Bug Fixes
-
-- Do not try to log metrics when we failed to get the consumer info [[#1289](https://github.com/opencloud-eu/opencloud/pull/1289)]
-- Add thumbnails to sharedWithMe and sharedByMe requests [[#1257](https://github.com/opencloud-eu/opencloud/pull/1257)]
-
-## [3.2.0](https://github.com/opencloud-eu/opencloud/releases/tag/v3.2.0) - 2025-07-21
-
-### ❤️ Thanks to all contributors! ❤️
-
-@AlexAndBear, @JammingBen, @ScharfViktor, @Svanvith, @aduffeck, @butonic, @dragonchaser, @fschade, @individual-it, @jnweiger, @micbar, @rhafer
-
-### ✨ Features
-
-- Metrics [[#1242](https://github.com/opencloud-eu/opencloud/pull/1242)]
-- Add `HasTrashedItems` property to /me/drives endpoint [[#1163](https://github.com/opencloud-eu/opencloud/pull/1163)]
-
-### 📈 Enhancement
-
-- [full-ci] chore: bump web to v3.2.0 [[#1253](https://github.com/opencloud-eu/opencloud/pull/1253)]
-- proxy(sign_url_auth): Allow to verify server signed URLs [[#1191](https://github.com/opencloud-eu/opencloud/pull/1191)]
-- Switch to the raw nats consumer instead of the go-micro events [[#1171](https://github.com/opencloud-eu/opencloud/pull/1171)]
-- change: adjust default values for the S3 Uploads [[#1224](https://github.com/opencloud-eu/opencloud/pull/1224)]
-- feat(web): add dark mode and adjust light theme colors [[#1188](https://github.com/opencloud-eu/opencloud/pull/1188)]
-- change: set better decomposedS3 defaults for multipart upload [[#1200](https://github.com/opencloud-eu/opencloud/pull/1200)]
-- add missing full username mapper to the full example [[#1181](https://github.com/opencloud-eu/opencloud/pull/1181)]
-
-### 🐛 Bug Fixes
-
-- fix ready checks [[#1222](https://github.com/opencloud-eu/opencloud/pull/1222)]
-- Update config.go [[#1183](https://github.com/opencloud-eu/opencloud/pull/1183)]
-- Fix wrong build version [[#1210](https://github.com/opencloud-eu/opencloud/pull/1210)]
-- Update Makefile [[#1187](https://github.com/opencloud-eu/opencloud/pull/1187)]
-- fix(collaboration): re register app providers in a configurable interval [[#1035](https://github.com/opencloud-eu/opencloud/pull/1035)]
-- Fix lico idp doesn't load opencloud font anymore [[#1153](https://github.com/opencloud-eu/opencloud/pull/1153)]
-
-### 📦️ Dependencies
-
-- [decomposed] bump-version-v3.2.0 [[#1258](https://github.com/opencloud-eu/opencloud/pull/1258)]
-- [full-ci] Reva bump 2.35.0 [[#1255](https://github.com/opencloud-eu/opencloud/pull/1255)]
-- build(deps): bump golang.org/x/net from 0.41.0 to 0.42.0 [[#1232](https://github.com/opencloud-eu/opencloud/pull/1232)]
-- build(deps): bump github.com/KimMachineGun/automemlimit from 0.7.3 to 0.7.4 [[#1226](https://github.com/opencloud-eu/opencloud/pull/1226)]
-- build(deps): bump golang.org/x/text from 0.26.0 to 0.27.0 [[#1227](https://github.com/opencloud-eu/opencloud/pull/1227)]
-- build(deps): bump golang.org/x/sync from 0.15.0 to 0.16.0 [[#1209](https://github.com/opencloud-eu/opencloud/pull/1209)]
-- build(deps): bump golang.org/x/term from 0.32.0 to 0.33.0 [[#1208](https://github.com/opencloud-eu/opencloud/pull/1208)]
-- build(deps): bump github.com/olekukonko/tablewriter from 1.0.7 to 1.0.8 [[#1174](https://github.com/opencloud-eu/opencloud/pull/1174)]
-- build(deps): bump github.com/nats-io/nats-server/v2 from 2.11.5 to 2.11.6 [[#1164](https://github.com/opencloud-eu/opencloud/pull/1164)]
-- build(deps): bump github.com/go-playground/validator/v10 from 10.26.0 to 10.27.0 [[#1165](https://github.com/opencloud-eu/opencloud/pull/1165)]
-- build(deps): bump github.com/pkg/xattr from 0.4.11 to 0.4.12 [[#1156](https://github.com/opencloud-eu/opencloud/pull/1156)]
-- build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.61.0 to 0.62.0 [[#1155](https://github.com/opencloud-eu/opencloud/pull/1155)]
-- build(deps): bump github.com/open-policy-agent/opa from 1.5.1 to 1.6.0 [[#1148](https://github.com/opencloud-eu/opencloud/pull/1148)]
-- build(deps): bump github.com/oklog/run from 1.1.0 to 1.2.0 [[#1150](https://github.com/opencloud-eu/opencloud/pull/1150)]
-
 ## [3.1.0](https://github.com/opencloud-eu/opencloud/releases/tag/v3.1.0) - 2025-06-30
 
 ### ❤️ Thanks to all contributors! ❤️

CONTRIBUTING.md

@@ -1,25 +1,21 @@
 # OpenCloud Contribution Guidelines
 
-First, thank you for taking the time to read this and your interest in contributing to OpenCloud!
+First of all, thank you for taking the time to read this and your interest in contributing to OpenCloud!
 
-The following is a set of guidelines suitable to most of the projects hosted in the [OpenCloud Organization](https://github.com/opencloud-eu).
-These are mostly guidelines, not rules.
+The following is a set of guidelines suitable to most of the projects hosted in the [OpenCloud Organization](https://github.com/opencloud-eu). These are mostly guidelines, not rules. Use your best judgement, and feel free to propose changes to this document in a pull request.
 
-Use your best judgment and feel free to propose changes to this document in a [pull request](https://github.com/opencloud-eu/opencloud/pulls).
-
-For simplicity reasons, this document mostly refers to the [opencloud repository](https://www.github.com/opencloud-eu/opencloud),
-but it should be easily transferable to other (sub)projects.
+For simplicity reasons, this document mostly refers to the [opencloud repository](https://www.github.com/opencloud-eu/opencloud), but it should be easily transferable to other (sub)projects.
 
 #### Table Of Contents
 
 [I don't want to read this whole thing, I just have a question](#i-dont-want-to-read-this-whole-thing-i-just-have-a-question)
 
-[What to know before getting started](#what-to-know-before-getting-started)
+[What should I know before I get started](#what-should-i-know-before-i-get-started)
 *   [OpenCloud is hosted on GitHub](#opencloud-is-hosted-on-github)
-*   [OpenCloud Company, Engineering Partners and Community](#opencloud-company-engineering-partners-and-community)
+*   [OpenCloud Company, Engineering Partners and Community](#opencloud-company,-engineering-partners-and-community)
 *   [Licensing and CLA](#licensing-and-cla)
 
-[How to Contribute](#how-to-contribute)
+[How Can I Contribute](#how-can-i-contribute)
 *   [Help spreading the word](#help-spreading-the-word)
 *   [Reporting Bugs](#reporting-bugs)
 *   [Suggesting Enhancements](#suggesting-enhancements)
@@ -28,9 +24,8 @@ but it should be easily transferable to other (sub)projects.
 *   [Documentation Contributions](#documentation-contributions)
 *   [Internationalization](#internationalization)
 
-[Styleguide](#styleguide)
-*   [Commit Messages](#commit-messages)
-*   [Branch Naming](#branch-naming)
+[Styleguides](#styleguides)
+*   [Git Commit Messages](#git-commit-messages)
 *   [Golang Styleguide](#golang-styleguide)
 
 [Additional Notes](#additional-notes)
@@ -42,38 +37,35 @@ but it should be easily transferable to other (sub)projects.
 
 For general questions, please refer to [OpenCloud's FAQs](https://opencloud.eu/faq/) or check the [project page](https://github.com/opencloud-eu) for communication channels.
 
-## What to know before getting started
+## What should I know before I get started
 
 ### OpenCloud is hosted on GitHub
 
-To effectively contribute to OpenCloud, you need a GitHub account. You can get that for free at [GitHub](https://github.com/join). You can find howtos on the internet, for example, [here](https://www.wikihow.com/Create-an-Account-on-GitHub).
+To effectively contribute to OpenCloud, you need a GitHub account. You can get that for free at [GitHub](https://github.com/join). You can find howtos on the internet, for example [here](https://www.wikihow.com/Create-an-Account-on-GitHub).
 
-For other ways of contributing, for example, with translations, other systems require you to have an account as well, for example [Transifex](https://www.transifex.com).
+For other ways of contributing, for example with translations, other systems require you to have an account as well, for example [Transifex](https://www.transifex.com).
 
 The OpenCloud project follows the strict GitHub workflow of development as briefly [described here](https://guides.github.com/introduction/flow/).
 
 ### OpenCloud Company, Engineering Partners and Community
 
-OpenCloud is largely created by developers who are employed by the [OpenCloud company](https://opencloud.eu), which is located in Germany.
-It is providing support for OpenCloud for customers mainly in the EU. In addition, there are engineering partners who also work full-time on OpenCloud related code, for example, on the component [REVA](https://github.com/cs3org/reva/).
+OpenCloud is largely created by developers who are employed by the [OpenCloud company](https://opencloud.eu), which is located in Germany. It is providing support for OpenCloud for customers mainly in the EU. In addition, there are engineering partners who also work full time on OpenCloud related code, for example on the component [REVA](https://github.com/cs3org/reva/).
 
-Because of that fact, the pace that the development is moving forward is sometimes high for people who are not willing and/or able to spend a comparable amount of time to contribute.
-Even though this can be a challenge, it should not scare anybody away. Here is our clear commitment that we feel honored by everybody who is interested in our work and improves it, no matter how big the contribution might be.
+Because of that fact, the pace that the development is moving forward is sometimes high for people who are not willing and/or able to spend a comparable amount of time to contribute. Even though this can be a challenge, it should not scare anybody away. Here is our clear commitment that we feel honored by everybody who is interested in our work and improves it, no matter how big the contribution might be.
 
-We as the full-time devs from either organization are doing our best to listen, review and consider all changes that are brought forward following this guideline and make sense for the project.
+We as the full time devs from either organization are doing our best to listen, review and consider all changes that are brought forward following this guideline and make sense for the project.
 
 ### Licensing and CLA
 
  There is *no CLA* required for any of the public code of OpenCloud.
 
-## How to Contribute
+## How Can I Contribute
 
 There are many ways to contribute to open source projects, and all are equally valuable and appreciated.
 
 ### Help spreading the word
 
-This way to contribute to the project cannot be overestimated:
-People who talk about their experience with OpenCloud and help others with that are the key to the success of the project.
+This way to contribute to the project can not be overestimated: People who talk about their experience with OpenCloud and help others with that are the key to success of the project.
 
 There are too many ways of doing that to line them up here, but examples are answering questions in any social media or in the [OpenCloud Matrix channel](https://matrix.to/#/#opencloud:matrix.org), writing blog posts etc. pp.
 
@@ -81,11 +73,9 @@ There is no formal guideline to this, just do it :-)
 
 ### Reporting Bugs
 
-This section guides you through submitting a bug report for OpenCloud. Following these guidelines help maintainers and the community understand your report :pencil:,
-reproduce the behavior :computer: :computer:, and find related reports :mag_right:.
+This section guides you through submitting a bug report for OpenCloud. Following these guidelines helps maintainers and the community understand your report :pencil:, reproduce the behavior :computer: :computer:, and find related reports :mag_right:.
 
-Before creating bug reports, please check [this list](#before-submitting-a-bug-report) as you might find out that you don't need to create one.
-When you are creating a bug report, please [include as many details as possible](#how-to-submit-a-good-bug-report). Fill out [the required template](https://github.com/opencloud-eu/opencloud/issues/new?Type%3ABug&template=bug_report.md), the information it asks for helps to resolve issues faster.
+Before creating bug reports, please check [this list](#before-submitting-a-bug-report) as you might find out that you don't need to create one. When you are creating a bug report, please [include as many details as possible](#how-do-i-submit-a-good-bug-report). Fill out [the required template](https://github.com/opencloud-eu/opencloud/issues/new?Type%3ABug&template=bug_report.md), the information it asks for helps to resolve issues faster.
 
 > **Note:** If you find a **Closed** issue that seems like it is the same thing that you're experiencing, open a new issue and include a link to the original issue in the body of your new one. If you have permission to reopen the issue, feel free to do so.
 
@@ -93,9 +83,9 @@ When you are creating a bug report, please [include as many details as possible]
 
 *   **Make sure you are running a recent version** Usually, developers' interest in old versions of software drops very fast once a new version has been released. So the general requirement is: Use the latest released version or even the current master to reproduce problems that you might encounter. That helps a lot to attract developers attention.
 *   **Determine which [repository](https://github.com/opencloud-eu) the problem should be reported in**.
-*   **Perform a [cursory search](https://github.com/search?q=org%3Aopencloud-eu+type%3Aissue+&type=issues)** with possibly a more granular filter on the repository to see if the problem has already been reported. If it has **and the issue is still open**, add a comment to the existing issue instead of opening a new one **if you have new information**. Please abstain from adding "+1" comments. Instead, use the GitHub reaction emojis to indicate that you are affected by the issue as well.
+*   **Perform a [cursory search](https://github.com/search?q=org%3Aopencloud-eu+type%3Aissue+&type=issues)** with possibly a more granular filter on the repository, to see if the problem has already been reported. If it has **and the issue is still open**, add a comment to the existing issue instead of opening a new one **if you have new information**. Please abstain from adding "+1" comments. Instead use the GitHub reaction emojis to indicate that you are affected by the issue as well.
 
-#### How to Submit A (Good) Bug Report
+#### How Do I Submit A (Good) Bug Report
 
 Bugs are tracked as [GitHub issues](https://guides.github.com/features/issues/). After you've determined [which repository](https://github.com/opencloud-eu) your bug is related to, create an issue on that repository and provide the following information by filling in [the template](https://github.com/opencloud-eu/opencloud/issues/new?Type%3ABug&template=bug_report.md).
 
@@ -120,19 +110,16 @@ Include details about your configuration and environment as asked for in the tem
 
 ### Suggesting Enhancements
 
-This section guides you through submitting an enhancement suggestion for OpenCloud, including completely new features and minor improvements to existing functionality.
-Following these guidelines help maintainers and the community understand your suggestion :pencil: and find related suggestions :mag_right:.
+This section guides you through submitting an enhancement suggestion for OpenCloud, including completely new features and minor improvements to existing functionality. Following these guidelines helps maintainers and the community understand your suggestion :pencil: and find related suggestions :mag_right:.
 
-Before creating enhancement suggestions, please check [this list](#before-submitting-an-enhancement-suggestion) as you might find out that you don't need to create one.
-When you are creating an enhancement suggestion, please [include as many details as possible](#how-to-submit-a-good-enhancement-suggestion).
-Fill in [the template](https://github.com/opencloud-eu/opencloud/issues/new?template=feature_request.md), including the steps that you imagine you would take if the feature you're requesting existed.
+Before creating enhancement suggestions, please check [this list](#before-submitting-an-enhancement-suggestion) as you might find out that you don't need to create one. When you are creating an enhancement suggestion, please [include as many details as possible](#how-do-i-submit-a-good-enhancement-suggestion). Fill in [the template](https://github.com/opencloud-eu/opencloud/issues/new?template=feature_request.md), including the steps that you imagine you would take if the feature you're requesting existed.
 
 #### Before Submitting An Enhancement Suggestion
 
-*   **Check if there's already an extension or other component that provides that enhancement, even differently.**
-*   **Perform a [cursory search](https://github.com/search?q=+is%3Aissue+user%3Aopencloud)** to see if the enhancement has already been suggested. If it has, add a comment to the existing issue instead of opening a new one. Feel free to use the GitHub emojis to indicate that you are in favor of an enhancement request.
+*   **Check if there's already an extension or other component which provides that enhancement, even in a different way.**
+*   **Perform a [cursory search](https://github.com/search?q=+is%3Aissue+user%3Aopencloud)** to see if the enhancement has already been suggested. If it has, add a comment to the existing issue instead of opening a new one. Feel free to use the GitHub emojis to indicate that you are in favour of an enhancement request.
 
-#### How to Submit A (Good) Enhancement Suggestion
+#### How Do I Submit A (Good) Enhancement Suggestion
 
 Enhancement suggestions are tracked as [GitHub issues](https://guides.github.com/features/issues/). After you've determined [which repository](https://github.com/opencloud-eu) your enhancement suggestion is related to, create an issue on that repository and provide the following information:
 
@@ -150,11 +137,9 @@ Unsure where to begin contributing to OpenCloud? You can start by looking throug
 *   [Tests needed](https://github.com/opencloud-eu/opencloud/labels/Interaction%3ANeeds-tests) - issues which would benefit from a test.
 *   [Help wanted issues](https://github.com/opencloud-eu/opencloud/labels/Interaction%3ANeeds-help) - issues which should be a bit more involved.
 
-It is fine to pick one of the lists following personal preference.
-While not perfect, the number of comments is a reasonable proxy for the impact a given change will have.
+It is fine to pick one of the list following personal preference. While not perfect, number of comments is a reasonable proxy for impact a given change will have.
 
-To find out how to set up OpenCloud for local development, please refer to the [Developer Documentation](https://docs.opencloud.eu/docs/dev/web/getting-started).
-It contains a lot of information that will come in handy when starting to work on the project.
+To find out how to set up OpenCloud for local development please refer to the [Developer Documentation](https://docs.opencloud.eu/docs/dev/web/getting-started). It contains a lot of information that will come in handy when starting to work on the project.
 
 ### Pull Requests
 
@@ -163,7 +148,7 @@ All contributions to OpenClouds projects use so-called pull requests following t
 Please follow these steps to have your contribution considered by the maintainers:
 
 *   Follow all instructions in [the template](https://github.com/opencloud-eu/opencloud/blob/main/.github/pull_request_template.md)
-*   Follow the [styleguide](#styleguide) where applicable
+*   Follow the [styleguides](#styleguides) where applicable
 *   After you submit your pull request, verify that all [status checks](https://help.github.com/articles/about-status-checks/) are passing <details><summary>What if the status checks are failing?</summary>If a status check is failing, and you believe that the failure is unrelated to your change, please leave a comment on the pull request explaining why you believe the failure is unrelated. A maintainer will re-run the status check for you. If we conclude that the failure was a false positive, then we will open an issue to track that problem with our status check suite.</details>
 
 While the prerequisites above must be satisfied prior to having your pull request reviewed, the reviewer(s) may ask you to complete additional design work, tests, or other changes before your pull request can be ultimately accepted.
@@ -176,38 +161,25 @@ You find more guidance in the [Documentation Repo](https://github.com/opencloud-
 
 ### Internationalization
 
-Our projects are getting translated into many languages to allow people from all over the world to use OpenCloud in their native language.
-For translations, OpenCloud uses [Transifex](https://www.transifex.com) as a community-based collaboration platform for internationalization.
+Our projects are getting translated into many languages to allow people from all over the world to use OpenCloud in their native language. For translations, OpenCloud uses [Transifex](https://www.transifex.com) as a community based collaboration platform for internationalization.
 
 For contributions please refer to the [Transifex Resources](https://www.transifex.com/resources/) to learn how to improve OpenClouds translations there.
 
-## Styleguide
+## Styleguides
 
-To keep up with a consistent code and tooling landscape, some OpenCloud modules maintain styleguide for contributions.
-It is mandatory to follow them in contributions.
+To keep up with a consistent code and tooling landscape, some OpenCloud modules maintain styleguides for contributions. It is mandatory to follow them in contributions.
 
-### Commit Messages
+### Git Commit Messages
 
 *   Use the present tense ("Add feature" not "Added feature")
 *   Use the imperative mood ("Move cursor to..." not "Moves cursor to...")
 *   Limit the first line to 72 characters or less
 *   Reference issues and pull requests liberally after the first line
 *   When only changing documentation, include `[docs-only]` in the commit title
-*   Use conventional commit messages, see https://www.conventionalcommits.org/en/v1.0.0/
-
-### Branch Naming
-
-* Use short, descriptive names for your branches. For example, use `fix-login-bug` instead of `bugfix123`.
-* Use hyphens to separate words in branch names. For example, use `add-new-feature` instead of `add_new_feature`.
-* Avoid using special characters or spaces in branch names.
-* Consider including the issue number in the branch name for easy reference. For example, use `issue-45-fix-login-bug` if the branch addresses issue #45.
-* Keep branch names concise and to the point, ideally under 30 characters.
-* Use lowercase letters to maintain consistency and avoid confusion.
 
 ### Golang Styleguide
 
-Use the built-in golang code formatter before submitting the patch.
-Also, consulting documentation like [Effective Go](https://golang.org/doc/effective_go) or [Practical Go](http://bit.ly/gcsg-2019) helps to improve the code quality.
+Use the built-in golang code formatter before submitting the patch. Also, consulting documentation like [Effective Go](https://golang.org/doc/effective_go) or [Practical Go](http://bit.ly/gcsg-2019) helps to improve the code quality.
 
 ## Additional Notes
 
@@ -215,13 +187,11 @@ Also, consulting documentation like [Effective Go](https://golang.org/doc/effect
 
 This section lists the labels we use to help us track and manage issues and pull requests. Most labels are used across all OpenCloud repositories, but some are specific.
 
-[GitHub search](https://help.github.com/articles/searching-issues/) makes it easy to use labels for finding groups of issues or pull requests you're interested in.
-To help you find issues and pull requests, each label can be used in search links for finding open items with that label in the OpenCloud repositories.
+[GitHub search](https://help.github.com/articles/searching-issues/) makes it easy to use labels for finding groups of issues or pull requests you're interested in. To help you find issues and pull requests, each label can be used in search links for finding open items with that label in the OpenCloud repositories.
 
 The labels are loosely grouped by their purpose, but it's not required that every issue has a label from every group or that an issue can't have more than one label from the same group.
 
-The list here contains all the more general categories of issues which are followed by a colon and a specific value.
-For example, severity 1 looks like `Severity:sev1-critical`.
+The list here contains all the more general categories of issues which are followed by a colon and a specific value. For example severity 1 looks like `Severity:sev1-critical`.
 
 #### Platform
 
@@ -241,11 +211,11 @@ Flags to indicate the internal QA status in terms of process and priority. Pleas
 
 #### Severity
 
-Severity for the product, mostly impacts on the user.
+Severity for the product, mostly impact on user.
 
 #### Type
 
-The issue type helps to structure the issues in the agile categories (Epic, Story...) but also organizational ones.
+The issue type, helps to structure the issues in the agile categories (Epic, Story...) but also organizational ones.
 
 #### Topic
 
@@ -265,8 +235,8 @@ Another label that indicates the type of the issue.
 
 #### Browser
 
-Important for browser-dependent web issues. It specifies the browser that shows the error.
+Important for browser dependent web issues. It specifies the browser that shows the error.
 
 #### Early-Adopter
 
-Tags issues reported by one of the OpenCloud early adopters, i.e. customers and users who start using OpenCloud before its general availability.
+Tags issues that were reported by one of the OpenCloud early adopters, i.e. customers and users who start using OpenCloud before its general availability.

Makefile

@@ -124,7 +124,7 @@ BEHAT_BIN=vendor-bin/behat/vendor/bin/behat
 
 .PHONY: test-acceptance-api
 test-acceptance-api: vendor-bin/behat/vendor
-	BEHAT_BIN=$(BEHAT_BIN) tests/acceptance/scripts/run.sh
+	BEHAT_BIN=$(BEHAT_BIN) tests/acceptance/run.sh
 
 vendor/bamarni/composer-bin-plugin: composer.lock
 	composer install
@@ -198,10 +198,6 @@ go-mod-tidy:
 test:
 	@go test -v -tags '$(TAGS)' -coverprofile coverage.out ./...
 
-.PHONY: test-with-race
-test-with-race:
-	@go test -race -v -tags '$(TAGS)' -coverprofile coverage.out ./...
-
 .PHONY: go-coverage
 go-coverage:
 	@if [ ! -f coverage.out ]; then $(MAKE) test  &>/dev/null; fi;

README.md

@@ -10,30 +10,17 @@
 > [!TIP]
 > For general information about OpenCloud and how to install please visit [OpenCloud on Github](https://github.com/opencloud-eu/) and [OpenCloud GmbH](https://opencloud.eu).
 
-This is the main repository of the OpenCloud server.
-It contains the golang codebase for the backend services.
+This the main repository of the OpenCloud server. It contains the golang codebase for the backend services.
 
 ## Getting Involved
 
-The OpenCloud server is released under [Apache 2.0](https://github.com/opencloud-eu/opencloud/blob/main/LICENSE).
-The project is thrilled to receive contributions in all forms.
-Start hacking now, there are many ways to get involved such as:
+The OpenCloud server is released under [Apache 2.0](https://github.com/opencloud-eu/opencloud/blob/main/LICENSE). The project is very happy to receive contributions in all forms. Start hacking now 😃
 
-- Reporting [issues or bugs](https://github.com/opencloud-eu/opencloud/issues)
-- Requesting [features](https://github.com/opencloud-eu/opencloud/issues)
-- [Writing documentation](https://github.com/opencloud-eu/docs)
-- [Writing code or extend our tests](https://github.com/opencloud-eu/opencloud/pulls)
-- [Reviewing code](https://github.com/opencloud-eu/opencloud/pulls)
-- Helping others in the [community](https://app.element.io/#/room/#opencloud:matrix.org)
-
-Every contribution is meaningful and appreciated!
-Please refer to our [Contribution Guidelines](https://github.com/opencloud-eu/opencloud/blob/main/CONTRIBUTING.md) if you want to get started.
-
-## Build OpenCloud
+### Build OpenCloud
 
 To build the backend, follow these instructions:
 
-Generate the assets needed by e.g., the web UI and the builtin IDP
+Generate the assets needed by e.g. the web UI and the builtin IDP
 
 ``` console
 make generate
@@ -53,6 +40,10 @@ This creates a server configuration (by default in `$HOME/.opencloud`) and start
 
 For more setup- and installation options consult the [Development Documentation](https://docs.opencloud.eu/).
 
+### Contribute
+
+We very much appreciate contributions from the community. Please refer to our [Contribution Guidelines](https://github.com/opencloud-eu/opencloud/blob/main/CONTRIBUTING.md) on how to get started.
+
 ## Technology
 
 Important information for contributors about the technology in use.
@@ -67,4 +58,4 @@ The OpenCloud backend does not use a database. It stores all data in the filesys
 
 ## Security
 
-If you find a security-related issue, please contact [security@opencloud.eu](mailto:security@opencloud.eu) immediately.
+If you find a security related issue, please contact [security@opencloud.eu](mailto:security@opencloud.eu) immediately.

changelog/unreleased/add-ocm-wayf-configuration.md

@@ -1,7 +0,0 @@
-Enhancement: Add WAYF configuration for reva OCM service
-
-Add WAYF configuration support for the Reva OCM service,
-enabling federation discovery functionality for Open Cloud Mesh.
-This includes configuration for federations file storage and invite accept dialog URL.
-
-https://github.com/opencloud-eu/opencloud/pull/1714

deployments/continuous-deployment-config/opencloud_full/master.yml

@@ -0,0 +1,49 @@
+---
+- name: continuous-deployment-opencloud-master
+  server:
+    server_type: cx22
+    image: ubuntu-24.04
+    location: nbg1
+    initial_ssh_key_names:
+      - opencloud@drone.opencloud.com
+    labels:
+      owner: opencloud-team
+      for: opencloud-continuous-deployment-examples
+    rebuild: $REBUILD
+    rebuild_carry_paths:
+      - /var/lib/docker/volumes/opencloud_certs
+
+  domains:
+    - "*.cloud.main.opencloud.works"
+
+  vars:
+    ssh_authorized_keys:
+      - https://github.com/micbar.keys
+    docker_compose_projects:
+      - name: opencloud
+        git_url: https://github.com/opencloud-eu/opencloud.git
+        ref: main
+        docker_compose_path: deployments/examples/opencloud_full
+        env:
+          INSECURE: "false"
+          TRAEFIK_ACME_MAIL: devops@opencloud.eu
+          OC_DOCKER_TAG: main
+          OC_DOCKER_IMAGE: opencloudeu/opencloud-rolling:latest
+          OC_DOMAIN: cloud.main.opencloud.rocks
+          COMPANION_DOMAIN: companion.main.opencloud.rocks
+          COMPANION_IMAGE: transloadit/companion:5.5.0
+          WOPISERVER_DOMAIN: wopiserver.main.opencloud.rocks
+          COLLABORA_DOMAIN: collabora.main.opencloud.rocks
+          INBUCKET_DOMAIN: mail.main.opencloud.rocks
+          DEMO_USERS: "true"
+          COMPOSE_FILE: docker-compose.yml:opencloud.yml:tika.yml:collabora.yml:web_extensions/extensions.yml:web_extensions/unzip.yml:web_extensions/importer.yml:inbucket.yml:monitoring_tracing/monitoring.yml
+      - name: monitoring
+        git_url: https://github.com/opencloud-devops/monitoring-tracing-client.git
+        ref: master
+        env:
+          NETWORK_NAME: opencloud-net
+          TELEMETRY_SERVE_DOMAIN: telemetry.main.opencloud.rocks
+          JAEGER_COLLECTOR: jaeger-collector.infra.opencloud.works:443
+          TELEGRAF_SPECIFIC_CONFIG: opencloud_full
+          OC_URL: opencloud.main.opencloud.rocks
+          OC_DEPLOYMENT_ID: continuous-deployment-opencloud-master

deployments/examples/README.md

@@ -1,3 +1,3 @@
 # Deployment Examples
-Please note: The docker-compose deployment examples that lived in this directory have been moved over to the
-[opencloud-compose](https://github.com/opencloud-eu/opencloud-compose) repository.
+
+These docker-compose deployment examples are referenced in the documentation on [docs.opencloud.eu](https://docs.opencloud.eu/opencloud/next/). Therefore, please create an issue on the documentation [issue tracker](https://github.com/opencloud-eu/docs/issues) prior to major changes like moving, renaming or massively changing deployment examples.

deployments/examples/bare-metal-simple/install.sh

@@ -11,7 +11,7 @@ set -euo pipefail
 #   OC_VERSION: Version to download, e.g. OC_VERSION="1.2.0"
 
 # Call this script directly from opencloud:
-# curl -L https://opencloud.eu/install | /bin/bash
+# curl -L https://opencloud.eu/quickinstall.sh | /bin/bash
 
 # This function is borrowed from openSUSEs /usr/bin/old, thanks.
 function backup_file () {
@@ -58,15 +58,14 @@ mkdir ${sandbox} && cd ${sandbox}
 # The operating system
 os="linux"
 
-if [[ "$OSTYPE" == 'darwin'* ]]; then
+if [[ $OSTYPE == 'darwin'* ]]; then
   os="darwin"
 fi
 
 # The platform
 dlarch="amd64"
 
-if [[ ( "$(uname -s)" == "Darwin" && "$(uname -m)" == "arm64" ) ||
-      ( "$(uname -s)" == "Linux"  && "$(uname -m)" == "aarch64" ) ]]; then
+if [[ $(uname -s) == "Darwin" && $(uname -m) == "arm64" ]]; then
     dlarch="arm64"
 fi
 

deployments/examples/opencloud_full/.env

@@ -309,4 +309,4 @@ KEYCLOAK_ADMIN_PASSWORD=
 # This MUST be the last line as it assembles the supplemental compose files to be used.
 # ALL supplemental configs must be added here, whether commented or not.
 # Each var must either be empty or contain :path/file.yml
-COMPOSE_FILE=docker-compose.yml${OPENCLOUD:-}${TIKA:-}${DECOMPOSEDS3:-}${DECOMPOSEDS3_MINIO:-}${DECOMPOSED:-}${COLLABORA:-}${MONITORING:-}${IMPORTER:-}${CLAMAV:-}${INBUCKET:-}${EXTENSIONS:-}${UNZIP:-}${DRAWIO:-}${JSONVIEWER:-}${PROGRESSBARS:-}${EXTERNALSITES:-}${KEYCLOAK:-}${LDAP:-}${KEYCLOAK_AUTOPROVISIONING:-}${LDAP_MANAGER:-}${RADICALE:-}
+COMPOSE_FILE=docker-compose.yml${OPENCLOUD:-}${TIKA:-}${DECOMPOSEDS3:-}${DECOMPOSEDS3_MINIO:-}${DECOMPOSED:-}${COLLABORA:-}${MONITORING:-}${IMPORTER:-}${CLAMAV:-}${INBUCKET:-}${EXTENSIONS:-}${UNZIP:-}${DRAWIO:-}${JSONVIEWER:-}${PROGRESSBARS:-}${EXTERNALSITES:-}${KEYCLOAK:-}${LDAP:-}${KEYCLOAK_AUTOPROVISIONING:-}${LDAP_MANAGER:-}${RADICALE:-}

deployments/examples/opencloud_full/config/keycloak/clients/web.json

@@ -71,4 +71,4 @@
     "configure": true,
     "manage": true
   }
-}
+}

deployments/examples/opencloud_full/config/keycloak/opencloud-realm.dist.json

@@ -663,7 +663,6 @@
         "profile",
         "roles",
         "groups",
-        "OpenCloudUnique_ID",
         "basic",
         "email"
       ],
@@ -2167,23 +2166,6 @@
                 ]
               }
             },
-            {
-              "id": "96bc2621-a714-4f15-ac1d-bc32df94382d",
-              "name": "display name",
-              "providerId": "full-name-ldap-mapper",
-              "subComponents": {},
-              "config": {
-                "read.only": [
-                  "false"
-                ],
-                "write.only": [
-                  "true"
-                ],
-                "ldap.full.name.attribute": [
-                  "displayName"
-                ]
-              }
-            },
             {
               "id": "cab8b569-0f50-4e13-b2a5-d24ee513cd8b",
               "name": "first name",
@@ -2309,7 +2291,7 @@
             "always"
           ],
           "usePasswordModifyExtendedOp": [
-            "true"
+            "false"
           ],
           "trustEmail": [
             "false"

deployments/examples/opencloud_full/docker-compose.yml

@@ -19,11 +19,6 @@ services:
       - "--entryPoints.http.http.redirections.entryPoint.to=https"
       - "--entryPoints.http.http.redirections.entryPoint.scheme=https"
       - "--entryPoints.https.address=:443"
-      # http2 optimizations
-      - "--entryPoints.https.http2.maxConcurrentStreams=512"
-      - "--serversTransport.maxIdleConnsPerHost=100"
-      # allow self signed certificate from OpenCloud
-      - "--serversTransport.insecureSkipVerify=true"
       # change default timeouts for long-running requests
       # this is needed for webdav clients that do not support the TUS protocol
       - "--entryPoints.https.transport.respondingTimeouts.readTimeout=12h"

deployments/examples/opencloud_full/ldap.yml

@@ -26,7 +26,7 @@ services:
       OC_EXCLUDE_RUN_SERVICES: idm
 
   ldap-server:
-    image: bitnamilegacy/openldap:2.6
+    image: bitnami/openldap:2.6
     networks:
       opencloud-net:
     entrypoint: ["/bin/sh", "/opt/bitnami/scripts/openldap/docker-entrypoint-override.sh", "/opt/bitnami/scripts/openldap/run.sh" ]

deployments/examples/opencloud_full/opencloud.yml

@@ -25,7 +25,7 @@ services:
       OC_LOG_COLOR: "${LOG_PRETTY:-false}"
       OC_LOG_PRETTY: "${LOG_PRETTY:-false}"
       # do not use SSL between Traefik and OpenCloud
-      PROXY_TLS: "true"
+      PROXY_TLS: "false"
       # make the REVA gateway accessible to the app drivers
       GATEWAY_GRPC_ADDR: 0.0.0.0:9142
       # INSECURE: needed if OpenCloud / Traefik is using self generated certificates
@@ -72,7 +72,6 @@ services:
       - "traefik.http.routers.opencloud.tls.certresolver=http"
       - "traefik.http.routers.opencloud.service=opencloud"
       - "traefik.http.services.opencloud.loadbalancer.server.port=9200"
-      - "traefik.http.services.opencloud.loadbalancer.server.scheme=https"
     logging:
       driver: ${LOG_DRIVER:-local}
     restart: always

devtools/deployments/README.md

@@ -1,4 +0,0 @@
-# Docker Compose Deployments for development use
-
-The docker-compose deployments in this directory are for developement purposes only. They are
-not actively maintained and not to be used in production.

docs/adr/0001-simple-multi-tenancy-using-a-single-opencloud-instance.md

@@ -1,151 +0,0 @@
----
-title: "1. Simple Multi-Tenancy using a single OpenCloud Instance"
----
-
-* Status: proposed
-* Deciders: [@micbar @butonic @dragotin @rhafer]
-* Date: 2025-05-20
-
-Technical Story: https://github.com/opencloud-eu/opencloud/issues/877
-
-## Context and Problem Statement
-
-To reduce resource usage and cost service providers want a single OpenCloud
-instance to host multiple tenants. Members of the same tenant should be able to
-only see each other when trying to share resources. A user can only be a member
-of a single tenant. Moving a user from one tenant to another is not supported.
-
-OpenCloud does currently not have any concept of multi-tenancy. All users able to
-login to an OpenCloud instance are able to see each other and share resources with
-everybody. This ADR is supposed to layout a concept for a minimal multi-tenancy
-solution that implements the characteristics mentioned above.
-
-To further limit the scope there are a couple of constraints:
-
-- Tenants are rather small (sometimes just a single user, often less than 10)
-- There is just a single IDP with a single "realm".
-- The user-management is external to OpenCloud
-- The membership of a user to a tenant is represented by a tenant id
-  that is provided via a claim in the users' Access Token/UserInfo or by a per User
-  Attribute in the LDAP directory.
-- There is no need to support per tenant groups
-- There is no need to isolate the storage of the tenants from each other
-- Role Assignment happens at first login via OIDC claims
-
-## Decision Drivers
-
-* Low Resource Overhead: The solution should not require much additional
-  resources (CPU, Memory, Storage) per tenant on the OpenCloud instance.
-* Implementation effort: The solution should be easy to implement and maintain.
-* Security: The solution should prevent users from seeing or accessing anything
-  from other tenants.
-
-## Considered Options
-
-### Option 1: Tenant ID as a new property of the CS3 UserId
-
-The CS3 UserId (https://buf.build/cs3org-buf/cs3apis/docs/main:cs3.identity.user.v1beta1#cs3.identity.user.v1beta1.UserId)
-is extended by a new property "tenantId".
-
-#### Pros:
-
-* Everywhere the UserID is used the tenant id is also available.
-  * This might allow implementing more sophisticated checks e.g. on permission
-    grants and to a certain extend during share creation.
-  * the tenant id is immediately available e.g. in Events/Auditlog without an additional
-    user lookup
-
-#### Cons:
-
-* Requires changes to the CS3 API
-* Adds even more semantics to the UserId. Ideally the UserID would just be an
-  opaque identifier without carrying and specific semantics other than being
-  globally unique.
-* on the GraphAPI the ID of a User is just a opaque string without any additional
-  meaning. (Currently it is just using the `OpaqueId` property of the CS3 UserId,
-  without considering the `idp` property.)
-
-### Option 2: Tenant ID is stored as the `idp` value of the CS3 UserId
-
-Instead of introducing a new property the on the CS3 UserId we'll just override
-the `idp` value with the tenant id.
-
-#### Pros
-
-* No changes to the CS3 API required
-* The pros of Option 1 apply here as well
-
-#### Cons:
-
-* It's a crutch, we're already "abusing" the `idp` property of the CS3 UserId
-  to have a different meaning in the context of federated sharing. Adding an
-  additiona meaning could make the code even more complicated.
-* Apart from the API change the Cons of Option 1 apply here as well.
-
-### Option 3: Tenant ID is a property of the CS3 User Object
-
-A new (optional) property "tenantId" is added to the CS3 User Object.
-
-#### Pros:
-
-* Avoid overloading CS3 UserId with additional semantics.
-* The tenant id is available everywhere the User Object is used.
-
-#### Cons:
-
-* Requires changes to the CS3 API
-* Might require more user lookups in places where we need to find out the
-  tenant id of a specific user
-
-### Option 4: Tenant ID is invisible to the CS3 API
-
-Reva Tokens would get a new property `tenantId`. To have the tenant id available
-of the signed in user available with every request.
-While not being part of the CS3 API objects the `users` service will be made "tenant aware"
-so that is only returns users of the same tenant as the requesting user e.g. by using
-proper LDAP filters or subtree searches.
-
-#### Pros:
-
-* No changes to the CS3 API required
-* Code changes could be limited to the `users` and`share-provider` services and the reva token manager
-* The tenant id of the current user is available everywhere the reva token is used.
-
-#### Cons:
-
-* Can this work with the App Token feature if the Tenant Id is not part of the User Object in
-  any way, how can the the token manager know with Id to add to the token?
-* What about places where the system user is doing stuff on behalf of a user
-
-### Option 5: Tenant membership via LDAP group membership
-
-All members of a tenant are assigned to the same group. The `users` service gets a config
-switch to only allow users to search for users that are part of the same group.
-
-#### Pros:
-
-* ?
-
-#### Cons:
-
-* The group needs to be hidden somehow from the `groups` service as this is not supposed to be a
-  "sharing group".
-
-## Decision Outcome
-
-### Chosen option: Option 1 - Tenant ID as a new property of the CS3 UserId
-
-As part of the OIDC Connect Authentication OpenCloud will receive a tenant id via the
-Access Token or Userinfo endpoint. For the initial implementation it is assume that OpenCloud
-has read access to a shared LDAP server, that contains all users of all tenants. Users in
-LDAP will have a the tenant id as an dedicated attribute.
-
-### Implementation Steps
-
-* Extend the CS3 UserId with a new property "tenantId"
-* Adapt the `users` service` to only return users that are part of the same tenant
-* To cleanup technical debt and reduce code duplication the `cs3` users backend in the
-  graph service is being improved so that is can fully replace the `LDAP` users backend for
-  read operations.
-* The reva `share-provider` service only allow shares between users of the same tenant
-

docs/adr/0002-use-education-api-for-multitenant-user-provisioning.md

@@ -1,79 +0,0 @@
----
-title: "Use the graph education API for multi-tenant user provisioning"
----
-
-* Status: approved
-* Deciders: [@micbar, @butonic, @rhafer]
-* Date: 2025-09-23
-
-Reference: https://github.com/opencloud-eu/opencloud/issues/877
-
-## Context and Problem Statement
-
-With the current multi-tenancy implementation, the user-management is mostly external
-to the OpenCloud instance. Up to [now](../0001-simple-multi-tenancy-using-a-single-opencloud-instance.md)
-we relied on some external LDAP server providing the users including their tenant assignment.
-We'd like multi-tenancy to also work in environments where no such LDAP server is available.
-
-## Decision Drivers
-
-* Multi-tenancy must work without some existing external (as in not managed by us) LDAP server
-* keep the implementation effort low
-* allow integration with existing (de)provisioning systems
-
-## Considered Options
-
-### Use the auto-provisioning feature of OpenCloud
-
-We already have basic auto-provsioning features implemented in OpenCloud.
-Currently this is not tenant-aware, but it could be extended to support that.
-This would require some changes in the way that the users are managed by the
-auto-proviosioning code.
-
-The auto-provisioning code does currently use the "normal" graph API to create
-users. That API is not tenant-aware and would need to be significantly changed
-to support multi-tenancy. However currently there is no real need to put
-tenant-awareness into that API (and it would drive us even further a away from
-compatibility with the MS Graph API). We could also switch away from the Graph API
-for auto-provisioning and use some direct calls to the underlying LDAP server.
-
-Also, using the auto-provisioning feature means that users are only created
-when they first login. This means it is not possible to share files with users that
-have not yet logged in. This is a significant limitation.
-
-Also we don't currently have any de-provisioning features implemented.
-
-### Use the existing Eudcation API of the Graph Service
-
-We already implemented the Graph Education API in OpenCloud (based on the MS Graph Education API).
-This, apart from the somewhat different naming, does already bring most of what is needed
-for provisioning users in a multi-tenant environment.
-
-The customer would just need to hookup their existing (de)provisioning system to call the
-Education API to create/delete users and assign them to tenants (schools/classes).
-
-The main drawback of this approach is that the customer needs to create some code to
-hookup their existing system to the Education API.
-
-The main advantage is that it would give the customer much more control over the users' lifecycle.
-
-## Decision Outcome
-
-Use the existing Education API of the Graph Service.
-
-* Allows integration with existing (de)provisioning systems
-* hopefully keeps the implementation effort low
-
-Note: For now this means that the auto-provisioning feature will not be available for
-multi-tenant setups. We might want to revisit this in the future.
-
-### Implementation Steps
-
-* re-vive the existing Education API implementation and run it as a separate service
-* (maybe) allow to create tenants with a customer specified ID. The tenant id might also be
-  part of the user's claims (provided by the customer's identity provider). It would be better
-  if the tenant ids in our system match the tenant ids in the customer's identity provider.
-* For de-provisioning to work we need to implement a way to lookup users by an external ID as
-  that is only unique identfier the customer's system knows for a user. While the MS Graph API
-  already provides an `externalId` Attribute we don't currently support that on our APIs.
-

docs/adr/README.md

@@ -1,91 +0,0 @@
-# Architecture Decision Records (ADRs)
-
-## Purpose
-
-This folder contains Architecture Decision Records (ADRs) for the OpenCloud related topics.
-ADRs capture important architectural decisions, their context, alternatives, and rationale.
-
-They help us:
-
-- Document the reasoning behind significant technical choices.
-- Share knowledge and context with current and future team members.
-- Ensure transparency and continuity in our architectural evolution.
-
-## Why Use ADRs?
-
-ADRs provide a structured way to record, discuss, and find architectural decisions over time.
-They make it easier to:
-
-- Understand why certain approaches were chosen.
-- Avoid revisiting previous discussions without context.
-- Onboard new contributors efficiently.
-
-## When to Create an ADR
-
-Not every technical or architectural decision needs a dedicated ADR.
-Use an ADR to document decisions which are significant, such as:
-
-* It substantially affects the architecture, design, or direction of OpenCloud.
-* It involves trade-offs between multiple options.
-* It needs Team consensus or input from multiple stakeholders.
-
-## Writing ADRs
-
-- **Location**: Store all ADRs as Markdown files in this folder.
-- **Format**: Use [Markdown](https://commonmark.org/).
-- **Naming**: Adhere to the naming convention, e.g., `0001-descriptive-title.md`.
-
-### ADR Template
-
-```markdown
----
-title: "Some Descriptive Title"
----
-
-* Status: proposed / accepted / deprecated / superseded
-* Deciders: [@user1, @user2]
-* Date: YYYY-MM-DD
-
-Reference: (link to relevant epic, story, issue)
-
-## Context and Problem Statement
-
-Describe the background and why this decision is needed.
-
-## Decision Drivers
-
-Describe the criteria that explains why this decision has to be made.
-
-## Considered Options
-
-Describe single or multiple options that were considered or could be considered.
-
-## Decision Outcome
-
-Describe the chosen option and why it was selected.
-
-### Implementation Steps
-
-Describe the steps needed to implement the decision.
-```
-
-## Process
-
-### New ADRs
-
-1. Write a new ADR as a Markdown file.
-2. Submit it via pull request for review.
-3. Decision is made collaboratively, details will be discussed in the PR, which can lead to further changes.
-4. Update the ADR status once a decision is reached.
-5. Reference ADRs in code, documentation, or issues where relevant.
-
-### Updating ADRs
-
-1. If an ADR needs to be updated, create a new ADR that references the original.
-2. Follow the same process as for new ADRs.
-3. Once accepted, update the status of the original ADR and reference that new ADR.
-
-## References
-
-- [ADR GitHub Template](https://github.com/joelparkerhenderson/architecture_decision_record)
-- [Wikipedia on ADRs](https://en.wikipedia.org/wiki/Architectural_decision)

go.mod

@@ -1,29 +1,29 @@
 module github.com/opencloud-eu/opencloud
 
-go 1.24.6
+go 1.24.1
 
 require (
 	dario.cat/mergo v1.0.2
 	github.com/CiscoM31/godata v1.0.11
-	github.com/KimMachineGun/automemlimit v0.7.5
+	github.com/KimMachineGun/automemlimit v0.7.3
 	github.com/Masterminds/semver v1.5.0
 	github.com/MicahParks/keyfunc/v2 v2.1.0
 	github.com/Nerzal/gocloak/v13 v13.9.0
 	github.com/bbalet/stopwords v1.0.0
-	github.com/beevik/etree v1.6.0
-	github.com/blevesearch/bleve/v2 v2.5.5
+	github.com/beevik/etree v1.5.1
+	github.com/blevesearch/bleve/v2 v2.5.2
 	github.com/cenkalti/backoff v2.2.1+incompatible
-	github.com/coreos/go-oidc/v3 v3.17.0
-	github.com/cs3org/go-cs3apis v0.0.0-20250908152307-4ca807afe54e
+	github.com/coreos/go-oidc/v3 v3.14.1
+	github.com/cs3org/go-cs3apis v0.0.0-20250218144737-544dd3919658
 	github.com/davidbyttow/govips/v2 v2.16.0
 	github.com/dhowden/tag v0.0.0-20240417053706-3d75831295e8
 	github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e
-	github.com/gabriel-vasile/mimetype v1.4.11
+	github.com/egirna/icap-client v0.1.1
+	github.com/gabriel-vasile/mimetype v1.4.9
 	github.com/ggwhite/go-masker v1.1.0
-	github.com/go-chi/chi/v5 v5.2.3
+	github.com/go-chi/chi/v5 v5.2.2
 	github.com/go-chi/render v1.0.3
-	github.com/go-jose/go-jose/v3 v3.0.4
-	github.com/go-ldap/ldap/v3 v3.4.12
+	github.com/go-ldap/ldap/v3 v3.4.11
 	github.com/go-ldap/ldif v0.0.0-20200320164324-fd88d9b715b3
 	github.com/go-micro/plugins/v4/client/grpc v1.2.1
 	github.com/go-micro/plugins/v4/logger/zerolog v1.2.0
@@ -33,88 +33,82 @@ require (
 	github.com/go-micro/plugins/v4/store/nats-js-kv v0.0.0-20240726082623-6831adfdcdc4
 	github.com/go-micro/plugins/v4/wrapper/monitoring/prometheus v1.2.0
 	github.com/go-micro/plugins/v4/wrapper/trace/opentelemetry v1.2.0
-	github.com/go-playground/validator/v10 v10.28.0
-	github.com/golang-jwt/jwt/v5 v5.3.0
+	github.com/go-playground/validator/v10 v10.27.0
+	github.com/gofrs/uuid v4.4.0+incompatible
+	github.com/golang-jwt/jwt/v5 v5.2.2
 	github.com/golang/protobuf v1.5.4
 	github.com/google/go-cmp v0.7.0
 	github.com/google/go-tika v0.3.1
 	github.com/google/uuid v1.6.0
-	github.com/gookit/config/v2 v2.2.7
+	github.com/gookit/config/v2 v2.2.6
 	github.com/gorilla/mux v1.8.1
-	github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.1
 	github.com/invopop/validation v0.8.0
 	github.com/jellydator/ttlcache/v2 v2.11.1
 	github.com/jellydator/ttlcache/v3 v3.4.0
 	github.com/jinzhu/now v1.1.5
 	github.com/justinas/alice v1.2.0
-	github.com/kovidgoyal/imaging v1.8.17
+	github.com/kovidgoyal/imaging v1.6.4
 	github.com/leonelquinteros/gotext v1.7.2
 	github.com/libregraph/idm v0.5.0
 	github.com/libregraph/lico v0.66.0
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/mna/pigeon v1.3.0
 	github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826
-	github.com/nats-io/nats-server/v2 v2.12.2
-	github.com/nats-io/nats.go v1.47.0
+	github.com/nats-io/nats-server/v2 v2.11.6
+	github.com/nats-io/nats.go v1.43.0
 	github.com/oklog/run v1.2.0
-	github.com/olekukonko/tablewriter v1.1.1
+	github.com/olekukonko/tablewriter v1.0.7
 	github.com/onsi/ginkgo v1.16.5
-	github.com/onsi/ginkgo/v2 v2.27.2
-	github.com/onsi/gomega v1.38.2
-	github.com/open-policy-agent/opa v1.11.1
-	github.com/opencloud-eu/icap-client v0.0.0-20250930132611-28a2afe62d89
-	github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76
-	github.com/opencloud-eu/reva/v2 v2.41.0
-	github.com/opensearch-project/opensearch-go/v4 v4.5.0
+	github.com/onsi/ginkgo/v2 v2.23.4
+	github.com/onsi/gomega v1.37.0
+	github.com/open-policy-agent/opa v1.6.0
+	github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250603072916-fa601fb14450
+	github.com/opencloud-eu/reva/v2 v2.34.0
 	github.com/orcaman/concurrent-map v1.0.0
 	github.com/pkg/errors v0.9.1
 	github.com/pkg/xattr v0.4.12
-	github.com/prometheus/client_golang v1.23.2
+	github.com/prometheus/client_golang v1.22.0
 	github.com/r3labs/sse/v2 v2.10.0
-	github.com/riandyrn/otelchi v0.12.2
+	github.com/riandyrn/otelchi v0.12.1
 	github.com/rogpeppe/go-internal v1.14.1
 	github.com/rs/cors v1.11.1
 	github.com/rs/zerolog v1.34.0
-	github.com/sirupsen/logrus v1.9.4-0.20230606125235-dd1b4c2e81af
-	github.com/spf13/afero v1.15.0
-	github.com/spf13/cobra v1.10.1
-	github.com/spf13/pflag v1.0.10
-	github.com/spf13/viper v1.21.0
-	github.com/stretchr/testify v1.11.1
+	github.com/sirupsen/logrus v1.9.3
+	github.com/spf13/afero v1.14.0
+	github.com/spf13/cobra v1.9.1
+	github.com/stretchr/testify v1.10.0
 	github.com/test-go/testify v1.1.4
-	github.com/testcontainers/testcontainers-go v0.40.0
-	github.com/testcontainers/testcontainers-go/modules/opensearch v0.40.0
 	github.com/theckman/yacspin v0.13.12
 	github.com/thejerf/suture/v4 v4.0.6
 	github.com/tidwall/gjson v1.18.0
-	github.com/tidwall/sjson v1.2.5
 	github.com/tus/tusd/v2 v2.8.0
 	github.com/unrolled/secure v1.16.0
+	github.com/urfave/cli/v2 v2.27.7
 	github.com/vmihailenco/msgpack/v5 v5.4.1
 	github.com/xhit/go-simple-mail/v2 v2.16.0
 	go-micro.dev/v4 v4.11.0
-	go.etcd.io/bbolt v1.4.3
-	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.63.0
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0
-	go.opentelemetry.io/contrib/zpages v0.63.0
-	go.opentelemetry.io/otel v1.38.0
-	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0
-	go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.38.0
-	go.opentelemetry.io/otel/sdk v1.38.0
-	go.opentelemetry.io/otel/trace v1.38.0
-	golang.org/x/crypto v0.46.0
+	go.etcd.io/bbolt v1.4.2
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.62.0
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0
+	go.opentelemetry.io/contrib/zpages v0.62.0
+	go.opentelemetry.io/otel v1.37.0
+	go.opentelemetry.io/otel/exporters/jaeger v1.17.0
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.37.0
+	go.opentelemetry.io/otel/sdk v1.37.0
+	go.opentelemetry.io/otel/trace v1.37.0
+	golang.org/x/crypto v0.39.0
 	golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac
-	golang.org/x/image v0.33.0
-	golang.org/x/net v0.48.0
-	golang.org/x/oauth2 v0.33.0
-	golang.org/x/sync v0.19.0
-	golang.org/x/term v0.38.0
-	golang.org/x/text v0.32.0
-	google.golang.org/genproto/googleapis/api v0.0.0-20251022142026-3a174f9686a8
-	google.golang.org/grpc v1.77.0
-	google.golang.org/protobuf v1.36.10
+	golang.org/x/image v0.28.0
+	golang.org/x/net v0.41.0
+	golang.org/x/oauth2 v0.30.0
+	golang.org/x/sync v0.15.0
+	golang.org/x/term v0.32.0
+	golang.org/x/text v0.26.0
+	google.golang.org/genproto/googleapis/api v0.0.0-20250603155806-513f23925822
+	google.golang.org/grpc v1.73.0
+	google.golang.org/protobuf v1.36.6
 	gopkg.in/yaml.v2 v2.4.0
-	gopkg.in/yaml.v3 v3.0.1
 	gotest.tools/v3 v3.5.2
 	stash.kopano.io/kgol/rndm v1.1.2
 )
@@ -122,11 +116,9 @@ require (
 require (
 	contrib.go.opencensus.io/exporter/prometheus v0.4.2 // indirect
 	filippo.io/edwards25519 v1.1.0 // indirect
-	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
 	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
 	github.com/BurntSushi/toml v1.5.0 // indirect
 	github.com/Masterminds/goutils v1.1.1 // indirect
-	github.com/Masterminds/semver/v3 v3.4.0 // indirect
 	github.com/Masterminds/sprig v2.22.0+incompatible // indirect
 	github.com/Microsoft/go-winio v0.6.2 // indirect
 	github.com/ProtonMail/go-crypto v1.1.5 // indirect
@@ -135,19 +127,19 @@ require (
 	github.com/ajg/form v1.5.1 // indirect
 	github.com/alexedwards/argon2id v1.0.0 // indirect
 	github.com/amoghe/go-crypt v0.0.0-20220222110647-20eada5f5964 // indirect
-	github.com/antithesishq/antithesis-sdk-go v0.4.3-default-no-op // indirect
 	github.com/armon/go-radix v1.0.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
+	github.com/aws/aws-sdk-go v1.55.7 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/bitly/go-simplejson v0.5.0 // indirect
 	github.com/bits-and-blooms/bitset v1.22.0 // indirect
-	github.com/blevesearch/bleve_index_api v1.2.11 // indirect
-	github.com/blevesearch/geo v0.2.4 // indirect
-	github.com/blevesearch/go-faiss v1.0.26 // indirect
+	github.com/blevesearch/bleve_index_api v1.2.8 // indirect
+	github.com/blevesearch/geo v0.2.3 // indirect
+	github.com/blevesearch/go-faiss v1.0.25 // indirect
 	github.com/blevesearch/go-porterstemmer v1.0.3 // indirect
 	github.com/blevesearch/gtreap v0.1.1 // indirect
 	github.com/blevesearch/mmap-go v1.0.4 // indirect
-	github.com/blevesearch/scorch_segment_api/v2 v2.3.13 // indirect
+	github.com/blevesearch/scorch_segment_api/v2 v2.3.10 // indirect
 	github.com/blevesearch/segment v0.9.1 // indirect
 	github.com/blevesearch/snowballstem v0.9.0 // indirect
 	github.com/blevesearch/upsidedown_store_api v1.0.2 // indirect
@@ -157,47 +149,32 @@ require (
 	github.com/blevesearch/zapx/v13 v13.4.2 // indirect
 	github.com/blevesearch/zapx/v14 v14.4.2 // indirect
 	github.com/blevesearch/zapx/v15 v15.4.2 // indirect
-	github.com/blevesearch/zapx/v16 v16.2.7 // indirect
+	github.com/blevesearch/zapx/v16 v16.2.4 // indirect
 	github.com/bluele/gcache v0.0.2 // indirect
 	github.com/bombsimon/logrusr/v3 v3.1.0 // indirect
-	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
-	github.com/cenkalti/backoff/v5 v5.0.3 // indirect
-	github.com/ceph/go-ceph v0.36.0 // indirect
+	github.com/cenkalti/backoff/v5 v5.0.2 // indirect
+	github.com/ceph/go-ceph v0.34.0 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/cevaris/ordered_map v0.0.0-20190319150403-3adeae072e73 // indirect
-	github.com/clipperhouse/displaywidth v0.3.1 // indirect
-	github.com/clipperhouse/stringish v0.1.1 // indirect
-	github.com/clipperhouse/uax29/v2 v2.2.0 // indirect
 	github.com/cloudflare/circl v1.6.1 // indirect
-	github.com/containerd/errdefs v1.0.0 // indirect
-	github.com/containerd/errdefs/pkg v0.3.0 // indirect
-	github.com/containerd/log v0.1.0 // indirect
-	github.com/containerd/platforms v1.0.0-rc.2 // indirect
 	github.com/coreos/go-semver v0.3.1 // indirect
-	github.com/coreos/go-systemd/v22 v22.6.0 // indirect
+	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
 	github.com/cornelk/hashmap v1.0.8 // indirect
-	github.com/cpuguy83/dockercfg v0.3.2 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect
 	github.com/crewjam/httperr v0.2.0 // indirect
 	github.com/crewjam/saml v0.4.14 // indirect
 	github.com/cyphar/filepath-securejoin v0.3.6 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/deckarep/golang-set v1.8.0 // indirect
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect
 	github.com/desertbit/timer v0.0.0-20180107155436-c41aec40b27f // indirect
 	github.com/dgraph-io/ristretto v0.2.0 // indirect
 	github.com/dgryski/go-farm v0.0.0-20240924180020-3414d57e47da // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
-	github.com/distribution/reference v0.6.0 // indirect
 	github.com/dlclark/regexp2 v1.4.0 // indirect
-	github.com/docker/docker v28.5.1+incompatible // indirect
-	github.com/docker/go-connections v0.6.0 // indirect
-	github.com/docker/go-units v0.5.0 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
-	github.com/ebitengine/purego v0.8.4 // indirect
 	github.com/egirna/icap v0.0.0-20181108071049-d5ee18bd70bc // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
-	github.com/emvi/iso-639-1 v1.1.1 // indirect
+	github.com/emvi/iso-639-1 v1.1.0 // indirect
 	github.com/evanphx/json-patch/v5 v5.5.0 // indirect
 	github.com/fatih/color v1.18.0 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
@@ -209,7 +186,8 @@ require (
 	github.com/go-git/go-billy/v5 v5.6.2 // indirect
 	github.com/go-git/go-git/v5 v5.13.2 // indirect
 	github.com/go-ini/ini v1.67.0 // indirect
-	github.com/go-jose/go-jose/v4 v4.1.3 // indirect
+	github.com/go-jose/go-jose/v3 v3.0.4 // indirect
+	github.com/go-jose/go-jose/v4 v4.0.5 // indirect
 	github.com/go-kit/log v0.2.1 // indirect
 	github.com/go-logfmt/logfmt v0.5.1 // indirect
 	github.com/go-logr/logr v1.4.3 // indirect
@@ -217,7 +195,6 @@ require (
 	github.com/go-micro/plugins/v4/events/natsjs v1.2.2 // indirect
 	github.com/go-micro/plugins/v4/store/nats-js v1.2.1 // indirect
 	github.com/go-micro/plugins/v4/store/redis v1.2.1 // indirect
-	github.com/go-ole/go-ole v1.2.6 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-redis/redis/v8 v8.11.5 // indirect
@@ -226,184 +203,149 @@ require (
 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
 	github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
 	github.com/go-test/deep v1.1.0 // indirect
-	github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
 	github.com/gobwas/glob v0.2.3 // indirect
 	github.com/gobwas/httphead v0.1.0 // indirect
 	github.com/gobwas/pool v0.2.1 // indirect
 	github.com/gobwas/ws v1.2.1 // indirect
 	github.com/goccy/go-json v0.10.5 // indirect
-	github.com/goccy/go-yaml v1.18.0 // indirect
-	github.com/gofrs/flock v0.13.0 // indirect
-	github.com/gofrs/uuid v4.4.0+incompatible // indirect
+	github.com/goccy/go-yaml v1.12.0 // indirect
+	github.com/gofrs/flock v0.12.1 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
-	github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/snappy v0.0.4 // indirect
-	github.com/gomodule/redigo v1.9.3 // indirect
+	github.com/gomodule/redigo v1.9.2 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
-	github.com/google/go-tpm v0.9.6 // indirect
+	github.com/google/go-tpm v0.9.5 // indirect
 	github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 // indirect
-	github.com/google/renameio/v2 v2.0.1 // indirect
-	github.com/gookit/goutil v0.7.1 // indirect
+	github.com/google/renameio/v2 v2.0.0 // indirect
+	github.com/gookit/color v1.5.4 // indirect
+	github.com/gookit/goutil v0.6.18 // indirect
 	github.com/gorilla/handlers v1.5.1 // indirect
 	github.com/gorilla/schema v1.4.1 // indirect
 	github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
 	github.com/hashicorp/go-hclog v1.6.3 // indirect
-	github.com/hashicorp/go-plugin v1.7.0 // indirect
-	github.com/hashicorp/yamux v0.1.2 // indirect
+	github.com/hashicorp/go-plugin v1.6.3 // indirect
+	github.com/hashicorp/yamux v0.1.1 // indirect
 	github.com/huandu/xstrings v1.5.0 // indirect
 	github.com/iancoleman/strcase v0.3.0 // indirect
 	github.com/imdario/mergo v0.3.15 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/jonboulle/clockwork v0.5.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/juliangruber/go-intersect v1.1.0 // indirect
 	github.com/kevinburke/ssh_config v1.2.0 // indirect
-	github.com/klauspost/compress v1.18.1 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.11 // indirect
-	github.com/klauspost/crc32 v1.3.0 // indirect
-	github.com/kovidgoyal/go-parallel v1.1.1 // indirect
-	github.com/kovidgoyal/go-shm v1.0.0 // indirect
+	github.com/klauspost/compress v1.18.0 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.10 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
-	github.com/lestrrat-go/blackmagic v1.0.4 // indirect
-	github.com/lestrrat-go/dsig v1.0.0 // indirect
-	github.com/lestrrat-go/dsig-secp256k1 v1.0.0 // indirect
-	github.com/lestrrat-go/httpcc v1.0.1 // indirect
-	github.com/lestrrat-go/httprc/v3 v3.0.1 // indirect
-	github.com/lestrrat-go/jwx/v3 v3.0.12 // indirect
-	github.com/lestrrat-go/option v1.0.1 // indirect
-	github.com/lestrrat-go/option/v2 v2.0.0 // indirect
 	github.com/libregraph/oidc-go v1.1.0 // indirect
 	github.com/longsleep/go-metrics v1.0.0 // indirect
 	github.com/longsleep/rndm v1.2.0 // indirect
-	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
-	github.com/magiconair/properties v1.8.10 // indirect
 	github.com/mattermost/xml-roundtrip-validator v0.1.0 // indirect
 	github.com/mattn/go-colorable v0.1.14 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/mattn/go-runewidth v0.0.19 // indirect
-	github.com/mattn/go-sqlite3 v1.14.32 // indirect
+	github.com/mattn/go-runewidth v0.0.16 // indirect
+	github.com/mattn/go-sqlite3 v1.14.28 // indirect
 	github.com/maxymania/go-system v0.0.0-20170110133659-647cc364bf0b // indirect
 	github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103 // indirect
 	github.com/miekg/dns v1.1.57 // indirect
 	github.com/mileusna/useragent v1.3.5 // indirect
-	github.com/minio/crc64nvme v1.1.0 // indirect
-	github.com/minio/highwayhash v1.0.4-0.20251030100505-070ab1a87a76 // indirect
+	github.com/minio/crc64nvme v1.0.1 // indirect
+	github.com/minio/highwayhash v1.0.3 // indirect
 	github.com/minio/md5-simd v1.1.2 // indirect
-	github.com/minio/minio-go/v7 v7.0.97 // indirect
+	github.com/minio/minio-go/v7 v7.0.94 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
-	github.com/moby/docker-image-spec v1.3.1 // indirect
-	github.com/moby/go-archive v0.1.0 // indirect
-	github.com/moby/patternmatcher v0.6.0 // indirect
-	github.com/moby/sys/sequential v0.6.0 // indirect
-	github.com/moby/sys/user v0.4.0 // indirect
-	github.com/moby/sys/userns v0.1.0 // indirect
-	github.com/moby/term v0.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
-	github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect
-	github.com/morikuni/aec v1.0.0 // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/mschoch/smat v0.2.0 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
-	github.com/nats-io/jwt/v2 v2.8.0 // indirect
+	github.com/nats-io/jwt/v2 v2.7.4 // indirect
 	github.com/nats-io/nkeys v0.4.11 // indirect
 	github.com/nats-io/nuid v1.0.1 // indirect
 	github.com/nxadm/tail v1.4.8 // indirect
-	github.com/olekukonko/cat v0.0.0-20250911104152-50322a0618f6 // indirect
-	github.com/olekukonko/errors v1.1.0 // indirect
-	github.com/olekukonko/ll v0.1.2 // indirect
-	github.com/opencontainers/go-digest v1.0.0 // indirect
-	github.com/opencontainers/image-spec v1.1.1 // indirect
+	github.com/olekukonko/errors v0.0.0-20250405072817-4e6d85265da6 // indirect
+	github.com/olekukonko/ll v0.0.8 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
 	github.com/oxtoacart/bpool v0.0.0-20190530202638-03653db5a59c // indirect
 	github.com/pablodz/inotifywaitgo v0.0.9 // indirect
 	github.com/patrickmn/go-cache v2.1.0+incompatible // indirect
 	github.com/pbnjay/memory v0.0.0-20210728143218-7b4eea64cf58 // indirect
-	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
-	github.com/philhofer/fwd v1.2.0 // indirect
+	github.com/philhofer/fwd v1.1.3-0.20240916144458-20a13a1f6b7c // indirect
 	github.com/pierrec/lz4/v4 v4.1.15 // indirect
 	github.com/pjbgf/sha1cd v0.3.2 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
-	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
 	github.com/pquerna/cachecontrol v0.2.0 // indirect
-	github.com/prometheus/alertmanager v0.29.0 // indirect
+	github.com/prometheus/alertmanager v0.28.1 // indirect
 	github.com/prometheus/client_model v0.6.2 // indirect
-	github.com/prometheus/common v0.67.1 // indirect
-	github.com/prometheus/procfs v0.17.0 // indirect
+	github.com/prometheus/common v0.62.0 // indirect
+	github.com/prometheus/procfs v0.15.1 // indirect
 	github.com/prometheus/statsd_exporter v0.22.8 // indirect
-	github.com/rcrowley/go-metrics v0.0.0-20250401214520-65e299d6c5c9 // indirect
+	github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
 	github.com/rs/xid v1.6.0 // indirect
 	github.com/russellhaering/goxmldsig v1.5.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd // indirect
-	github.com/sagikazarmark/locafero v0.11.0 // indirect
-	github.com/samber/lo v1.51.0 // indirect
-	github.com/samber/slog-common v0.19.0 // indirect
-	github.com/samber/slog-zerolog/v2 v2.9.0 // indirect
-	github.com/segmentio/asm v1.2.1 // indirect
-	github.com/segmentio/kafka-go v0.4.49 // indirect
+	github.com/segmentio/kafka-go v0.4.48 // indirect
 	github.com/segmentio/ksuid v1.0.4 // indirect
 	github.com/sercand/kuberesolver/v5 v5.1.1 // indirect
-	github.com/sergi/go-diff v1.4.0 // indirect
+	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
 	github.com/sethvargo/go-diceware v0.5.0 // indirect
 	github.com/sethvargo/go-password v0.3.1 // indirect
-	github.com/shamaton/msgpack/v2 v2.4.0 // indirect
-	github.com/shirou/gopsutil/v4 v4.25.6 // indirect
+	github.com/shamaton/msgpack/v2 v2.2.3 // indirect
 	github.com/shurcooL/httpfs v0.0.0-20230704072500-f1e31cf0ba5c // indirect
 	github.com/shurcooL/vfsgen v0.0.0-20230704071429-0000e147ea92 // indirect
 	github.com/skeema/knownhosts v1.3.0 // indirect
-	github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 // indirect
 	github.com/spacewander/go-suffix-tree v0.0.0-20191010040751-0865e368c784 // indirect
-	github.com/spf13/cast v1.10.0 // indirect
+	github.com/spf13/pflag v1.0.6 // indirect
 	github.com/stretchr/objx v0.5.2 // indirect
 	github.com/studio-b12/gowebdav v0.9.0 // indirect
-	github.com/subosito/gotenv v1.6.0 // indirect
-	github.com/tchap/go-patricia/v2 v2.3.3 // indirect
+	github.com/tchap/go-patricia/v2 v2.3.2 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/tinylib/msgp v1.3.0 // indirect
-	github.com/tklauser/go-sysconf v0.3.14 // indirect
-	github.com/tklauser/numcpus v0.8.0 // indirect
 	github.com/toorop/go-dkim v0.0.0-20201103131630-e1cd1a0a5208 // indirect
 	github.com/trustelem/zxcvbn v1.0.1 // indirect
-	github.com/urfave/cli/v2 v2.27.7 // indirect
-	github.com/valyala/fastjson v1.6.4 // indirect
-	github.com/vektah/gqlparser/v2 v2.5.31 // indirect
+	github.com/vektah/gqlparser/v2 v2.5.28 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
 	github.com/wk8/go-ordered-map v1.0.0 // indirect
 	github.com/xanzy/ssh-agent v0.3.3 // indirect
 	github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
+	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
 	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
 	github.com/yashtewari/glob-intersection v0.2.0 // indirect
-	github.com/yusufpapurcu/wmi v1.2.4 // indirect
-	go.etcd.io/etcd/api/v3 v3.6.6 // indirect
-	go.etcd.io/etcd/client/pkg/v3 v3.6.6 // indirect
-	go.etcd.io/etcd/client/v3 v3.6.6 // indirect
+	go.etcd.io/etcd/api/v3 v3.6.1 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.6.1 // indirect
+	go.etcd.io/etcd/client/v3 v3.6.1 // indirect
 	go.opencensus.io v0.24.0 // indirect
-	go.opentelemetry.io/auto/sdk v1.2.1 // indirect
-	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0 // indirect
-	go.opentelemetry.io/otel/metric v1.38.0 // indirect
-	go.opentelemetry.io/proto/otlp v1.7.1 // indirect
+	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0 // indirect
+	go.opentelemetry.io/otel/metric v1.37.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.7.0 // indirect
+	go.uber.org/automaxprocs v1.6.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
-	go.yaml.in/yaml/v2 v2.4.3 // indirect
-	go.yaml.in/yaml/v3 v3.0.4 // indirect
-	golang.org/x/mod v0.30.0 // indirect
-	golang.org/x/sys v0.39.0 // indirect
-	golang.org/x/time v0.14.0 // indirect
-	golang.org/x/tools v0.39.0 // indirect
+	golang.org/x/mod v0.25.0 // indirect
+	golang.org/x/sys v0.33.0 // indirect
+	golang.org/x/time v0.12.0 // indirect
+	golang.org/x/tools v0.33.0 // indirect
+	golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
 	google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20251022142026-3a174f9686a8 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 // indirect
 	gopkg.in/cenkalti/backoff.v1 v1.1.0 // indirect
 	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
-	sigs.k8s.io/yaml v1.6.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	sigs.k8s.io/yaml v1.4.0 // indirect
 )
 
 replace github.com/studio-b12/gowebdav => github.com/kobergj/gowebdav v0.0.0-20250102091030-aa65266db202
 
+replace github.com/egirna/icap-client => github.com/fschade/icap-client v0.0.0-20240802074440-aade4a234387
+
 replace github.com/unrolled/secure => github.com/DeepDiver1975/secure v0.0.0-20240611112133-abc838fb797c
 
 replace go-micro.dev/v4 => github.com/butonic/go-micro/v4 v4.11.1-0.20241115112658-b5d4de5ed9b3
@@ -413,6 +355,3 @@ replace go-micro.dev/v4 => github.com/butonic/go-micro/v4 v4.11.1-0.202411151126
 exclude github.com/mattn/go-sqlite3 v2.0.3+incompatible
 
 replace github.com/go-micro/plugins/v4/store/nats-js-kv => github.com/opencloud-eu/go-micro-plugins/v4/store/nats-js-kv v0.0.0-20250512152754-23325793059a
-
-// to get the logger injection (https://github.com/pablodz/inotifywaitgo/pull/11)
-replace github.com/pablodz/inotifywaitgo v0.0.9 => github.com/opencloud-eu/inotifywaitgo v0.0.0-20251111171128-a390bae3c5e9

opencloud/Makefile

@@ -17,7 +17,8 @@ include ../.make/docs.mk
 
 .PHONY: dev-docker
 dev-docker:
-	docker build -f docker/Dockerfile.multiarch -t opencloudeu/opencloud:dev ../..
+	$(MAKE) --no-print-directory release-linux-docker-$(GOARCH)
+	docker build -f docker/Dockerfile.linux.$(GOARCH) -t opencloudeu/opencloud:dev .
 
 .PHONY: dev-docker-multiarch
 dev-docker-multiarch:
@@ -28,7 +29,7 @@ dev-docker-multiarch:
 	docker buildx rm opencloudbuilder || true
 	docker buildx create --platform linux/arm64,linux/amd64 --name opencloudbuilder
 	docker buildx use opencloudbuilder
-	docker buildx build --platform linux/arm64,linux/amd64 --output type=docker --file docker/Dockerfile.multiarch --tag opencloudeu/opencloud:dev-multiarch ../..
+	cd .. && docker buildx build --platform linux/arm64,linux/amd64 --output type=docker --file opencloud/docker/Dockerfile.multiarch --tag opencloudeu/opencloud:dev-multiarch .
 	docker buildx rm opencloudbuilder
 
 .PHONY: debug-docker

opencloud/docker/Dockerfile.linux.amd64

@@ -0,0 +1,43 @@
+FROM amd64/alpine:3.21
+
+ARG VERSION=""
+ARG REVISION=""
+
+RUN apk add --no-cache attr bash ca-certificates curl inotify-tools libc6-compat mailcap tree vips patch && \
+	echo 'hosts: files dns' >| /etc/nsswitch.conf
+
+LABEL maintainer="openCloud GmbH <devops@opencloud.eu>" \
+  org.opencontainers.image.title="OpenCloud" \
+  org.opencontainers.image.vendor="OpenCloud GmbH" \
+  org.opencontainers.image.authors="OpenCloud GmbH" \
+  org.opencontainers.image.description="OpenCloud is a modern file-sync and share platform" \
+  org.opencontainers.image.licenses="Apache-2.0" \
+  org.opencontainers.image.documentation="https://github.com/opencloud-eu/opencloud" \
+  org.opencontainers.image.url="https://hub.docker.com/r/opencloud-eu/opencloud" \
+  org.opencontainers.image.source="https://github.com/opencloud-eu/opencloud" \
+  org.opencontainers.image.version="${VERSION}" \
+  org.opencontainers.image.revision="${REVISION}"
+
+RUN addgroup -g 1000 -S opencloud-group && \
+  adduser -S --ingroup opencloud-group --uid 1000 opencloud-user --home /var/lib/opencloud
+
+RUN mkdir -p /var/lib/opencloud && \
+# Pre-create the web directory to avoid permission issues
+ mkdir -p /var/lib/opencloud/web/assets/apps && \
+ chown -R opencloud-user:opencloud-group /var/lib/opencloud && \
+ chmod -R 751 /var/lib/opencloud && \
+ mkdir -p /etc/opencloud && \
+ chown -R opencloud-user:opencloud-group /etc/opencloud && \
+ chmod -R 751 /etc/opencloud
+
+VOLUME [ "/var/lib/opencloud", "/etc/opencloud" ]
+WORKDIR /var/lib/opencloud
+
+USER 1000
+
+EXPOSE 9200/tcp
+
+ENTRYPOINT ["/usr/bin/opencloud"]
+CMD ["server"]
+
+COPY dist/binaries/opencloud-linux-amd64 /usr/bin/opencloud

opencloud/docker/Dockerfile.linux.arm64

@@ -0,0 +1,43 @@
+FROM arm64v8/alpine:3.21
+
+ARG VERSION=""
+ARG REVISION=""
+
+RUN apk add --no-cache attr bash ca-certificates curl inotify-tools libc6-compat mailcap tree vips patch && \
+	echo 'hosts: files dns' >| /etc/nsswitch.conf
+
+LABEL maintainer="openCloud GmbH <devops@opencloud.eu>" \
+  org.opencontainers.image.title="OpenCloud" \
+  org.opencontainers.image.vendor="OpenCloud GmbH" \
+  org.opencontainers.image.authors="OpenCloud GmbH" \
+  org.opencontainers.image.description="OpenCloud a modern file-sync and share platform" \
+  org.opencontainers.image.licenses="Apache-2.0" \
+  org.opencontainers.image.documentation="https://github.com/opencloud-eu/opencloud" \
+  org.opencontainers.image.url="https://hub.docker.com/r/opencloud-eu/opencloud" \
+  org.opencontainers.image.source="https://github.com/opencloud-eu/opencloud" \
+  org.opencontainers.image.version="${VERSION}" \
+  org.opencontainers.image.revision="${REVISION}"
+
+RUN addgroup -g 1000 -S opencloud-group && \
+  adduser -S --ingroup opencloud-group --uid 1000 opencloud-user --home /var/lib/opencloud
+
+RUN mkdir -p /var/lib/opencloud && \
+# Pre-create the web directory to avoid permission issues
+ mkdir -p /var/lib/opencloud/web/assets/apps && \
+ chown -R opencloud-user:opencloud-group /var/lib/opencloud && \
+ chmod -R 751 /var/lib/opencloud && \
+ mkdir -p /etc/opencloud && \
+ chown -R opencloud-user:opencloud-group /etc/opencloud && \
+ chmod -R 751 /etc/opencloud
+
+VOLUME [ "/var/lib/opencloud", "/etc/opencloud" ]
+WORKDIR /var/lib/opencloud
+
+USER 1000
+
+EXPOSE 9200/tcp
+
+ENTRYPOINT ["/usr/bin/opencloud"]
+CMD ["server"]
+
+COPY dist/binaries/opencloud-linux-arm64 /usr/bin/opencloud

opencloud/docker/Dockerfile.multiarch

@@ -1,20 +1,18 @@
-FROM golang:alpine3.22 AS build
+FROM golang:alpine3.21 AS build
 ARG TARGETOS
 ARG TARGETARCH
 ARG VERSION
 ARG STRING
-ARG EDITION="dev"
 
 RUN apk add bash make git curl gcc musl-dev libc-dev binutils-gold inotify-tools vips-dev
 
-WORKDIR /build
-RUN --mount=type=bind,target=/build,rw \
-    --mount=type=cache,target=/go/pkg/mod \
-    --mount=type=cache,target=/root/.cache \
-    GOOS="${TARGETOS:-linux}" GOARCH="${TARGETARCH:-amd64}" ; \
-    make -C opencloud/opencloud release-linux-docker-${TARGETARCH} ENABLE_VIPS=true DIST=/dist
+COPY ../ /opencloud/
 
-FROM alpine:3.22
+WORKDIR /opencloud
+RUN GOOS="${TARGETOS:-linux}" GOARCH="${TARGETARCH:-amd64}" ; \
+    make -C opencloud release-linux-docker-${TARGETARCH} ENABLE_VIPS=true
+
+FROM alpine:3.20
 ARG VERSION
 ARG REVISION
 ARG TARGETOS
@@ -57,4 +55,4 @@ EXPOSE 9200/tcp
 ENTRYPOINT ["/usr/bin/opencloud"]
 CMD ["server"]
 
-COPY --from=build /dist/binaries/opencloud-linux-${TARGETARCH} /usr/bin/opencloud
+COPY --from=build /opencloud/opencloud/dist/binaries/opencloud-linux-${TARGETARCH} /usr/bin/opencloud

opencloud/pkg/command/backup.go

@@ -4,8 +4,6 @@ import (
 	"errors"
 	"fmt"
 
-	"github.com/spf13/cobra"
-
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/backup"
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/register"
 	"github.com/opencloud-eu/opencloud/pkg/config"
@@ -13,34 +11,62 @@ import (
 	"github.com/opencloud-eu/opencloud/pkg/config/parser"
 	decomposedbs "github.com/opencloud-eu/reva/v2/pkg/storage/fs/decomposed/blobstore"
 	decomposeds3bs "github.com/opencloud-eu/reva/v2/pkg/storage/fs/decomposeds3/blobstore"
+	"github.com/urfave/cli/v2"
 )
 
 // BackupCommand is the entrypoint for the backup command
-func BackupCommand(cfg *config.Config) *cobra.Command {
-	bckCmd := &cobra.Command{
-		Use:   "backup",
-		Short: "OpenCloud backup functionality",
-		PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
+func BackupCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "backup",
+		Usage: "OpenCloud backup functionality",
+		Subcommands: []*cli.Command{
+			ConsistencyCommand(cfg),
+		},
+		Before: func(c *cli.Context) error {
 			return configlog.ReturnError(parser.ParseConfig(cfg, true))
 		},
+		Action: func(_ *cli.Context) error {
+			fmt.Println("Read the docs")
+			return nil
+		},
 	}
-	bckCmd.AddCommand(ConsistencyCommand(cfg))
-	return bckCmd
 }
 
 // ConsistencyCommand is the entrypoint for the consistency Command
-func ConsistencyCommand(cfg *config.Config) *cobra.Command {
-	consCmd := &cobra.Command{
-		Use:   "consistency",
-		Short: "check backup consistency",
-		RunE: func(cmd *cobra.Command, args []string) error {
+func ConsistencyCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "consistency",
+		Usage: "check backup consistency",
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:     "basepath",
+				Aliases:  []string{"p"},
+				Usage:    "the basepath of the decomposedfs (e.g. /var/tmp/opencloud/storage/users)",
+				Required: true,
+			},
+			&cli.StringFlag{
+				Name:    "blobstore",
+				Aliases: []string{"b"},
+				Usage:   "the blobstore type. Can be (none, decomposed, decomposeds3). Default decomposed",
+				Value:   "decomposed",
+			},
+			&cli.BoolFlag{
+				Name:  "fail",
+				Usage: "exit with non-zero status if consistency check fails",
+			},
+		},
+		Action: func(c *cli.Context) error {
+			basePath := c.String("basepath")
+			if basePath == "" {
+				fmt.Println("basepath is required")
+				return cli.ShowCommandHelp(c, "consistency")
+			}
+
 			var (
 				bs  backup.ListBlobstore
 				err error
 			)
-			basePath, _ := cmd.Flags().GetString("basepath")
-			blobstoreFlag, _ := cmd.Flags().GetString("blobstore")
-			switch blobstoreFlag {
+			switch c.String("blobstore") {
 			case "decomposeds3":
 				bs, err = decomposeds3bs.New(
 					cfg.StorageUsers.Drivers.DecomposedS3.Endpoint,
@@ -61,8 +87,7 @@ func ConsistencyCommand(cfg *config.Config) *cobra.Command {
 				fmt.Println(err)
 				return err
 			}
-			fail, _ := cmd.Flags().GetBool("fail")
-			if err := backup.CheckProviderConsistency(basePath, bs, fail); err != nil {
+			if err := backup.CheckProviderConsistency(basePath, bs, c.Bool("fail")); err != nil {
 				fmt.Println(err)
 				return err
 			}
@@ -70,11 +95,6 @@ func ConsistencyCommand(cfg *config.Config) *cobra.Command {
 			return nil
 		},
 	}
-	consCmd.Flags().StringP("basepath", "p", "", "the basepath of the decomposedfs (e.g. /var/tmp/opencloud/storage/users)")
-	_ = consCmd.MarkFlagRequired("basepath")
-	consCmd.Flags().StringP("blobstore", "b", "decomposed", "the blobstore type. Can be (none, decomposed, decomposeds3). Default decomposed")
-	consCmd.Flags().Bool("fail", false, "exit with non-zero status if consistency check fails")
-	return consCmd
 }
 
 func init() {

opencloud/pkg/command/benchmark.go

@@ -21,47 +21,105 @@ import (
 	"github.com/opencloud-eu/opencloud/pkg/version"
 	"github.com/pkg/xattr"
 	"github.com/rogpeppe/go-internal/lockedfile"
-	"github.com/spf13/cobra"
+	"github.com/urfave/cli/v2"
 )
 
 // BenchmarkCommand is the entrypoint for the benchmark commands.
-func BenchmarkCommand(cfg *config.Config) *cobra.Command {
-	benchCmd := &cobra.Command{
-		Use:   "benchmark",
-		Short: "cli tools to test low and high level performance",
+func BenchmarkCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:        "benchmark",
+		Usage:       "cli tools to test low and high level performance",
+		Category:    "benchmark",
+		Subcommands: []*cli.Command{BenchmarkClientCommand(cfg), BenchmarkSyscallsCommand(cfg)},
 	}
-	benchCmd.AddCommand(BenchmarkClientCommand(cfg), BenchmarkSyscallsCommand(cfg))
-	return benchCmd
 }
 
 // BenchmarkClientCommand is the entrypoint for the benchmark client command.
-func BenchmarkClientCommand(cfg *config.Config) *cobra.Command {
-	benchClientCmd := &cobra.Command{
-		Use:   "client",
-		Short: "Start a client that continuously makes web requests and prints stats. The options mimic curl, but URL must be at the end.",
-		RunE: func(cmd *cobra.Command, args []string) error {
-			jobs, err := cmd.Flags().GetInt("jobs")
-			if err != nil {
-				return err
-			}
-			insecure, _ := cmd.Flags().GetBool("insecure")
+func BenchmarkClientCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name: "client",
+
+		Usage: "Start a client that continuously makes web requests and prints stats. The options mimic curl, but URL must be at the end.",
+		Flags: []cli.Flag{
+
+			// TODO with v3 'flag.Persistent: true' can be set to make the order of flags no longer relevant \o/
+			// flags mimicing curl
+			&cli.StringFlag{
+				Name:    "request",
+				Aliases: []string{"X"},
+				Value:   "PROPFIND",
+				Usage:   "Specifies a custom request method to use when communicating with the HTTP server.",
+			},
+			&cli.StringFlag{
+				Name:    "user",
+				Aliases: []string{"u"},
+				Value:   "admin:admin",
+				Usage:   "Specify the user name and password to use for server authentication.",
+			},
+			&cli.BoolFlag{
+				Name:    "insecure",
+				Aliases: []string{"k"},
+				Usage:   "Skip the TLS verification step and proceed without checking.",
+			},
+			&cli.StringFlag{
+				Name:    "data",
+				Aliases: []string{"d"},
+				Usage:   "Sends the specified data in a request to the HTTP server.",
+				// TODE support multiple data flags, support data-binary, data-raw
+			},
+			&cli.StringSliceFlag{
+				Name:    "header",
+				Aliases: []string{"H"},
+				Usage:   "Extra header to include in information sent.",
+			},
+			&cli.StringFlag{
+				Name: "rate",
+				Usage: `Specify the maximum transfer frequency you allow a client to use - in number of transfer starts per time unit (sometimes called request rate).
+	The request rate is provided as "N/U" where N is an integer number and U is a time unit. Supported units are 's' (second), 'm' (minute), 'h' (hour) and 'd' /(day, as in a 24 hour unit). The default time unit, if no "/U" is provided, is number of transfers per hour.`,
+			},
+			/*
+				&cli.StringFlag{
+					Name:    "oauth2-bearer",
+					Usage:   "Specify the Bearer Token for OAUTH 2.0 server authentication.",
+				},
+				&cli.StringFlag{
+					Name:    "user-agent",
+					Aliases: []string{"A"},
+					Value:   "admin:admin",
+					Usage:   "Specify the User-Agent string to send to the HTTP	server.",
+				},
+			*/
+			// other flags
+			&cli.StringFlag{
+				Name:  "bearer-token-command",
+				Usage: "Command to execute for a bearer token, e.g. 'oidc-token opencloud'. When set, disables basic auth.",
+			},
+			&cli.IntFlag{
+				Name:  "every",
+				Usage: "Aggregate stats every time this amount of seconds has passed.",
+			},
+			&cli.IntFlag{
+				Name:    "jobs",
+				Aliases: []string{"j"},
+				Value:   1,
+				Usage:   "Number of parallel clients to start.",
+			},
+		},
+		Category: "benchmark",
+		Action: func(c *cli.Context) error {
 			opt := clientOptions{
-				request:  cmd.Flag("request").Value.String(),
-				url:      args[0],
-				insecure: insecure,
-				jobs:     jobs,
+				request:  c.String("request"),
+				url:      c.Args().First(),
+				insecure: c.Bool("insecure"),
+				jobs:     c.Int("jobs"),
 				headers:  make(map[string]string),
-				data:     []byte(cmd.Flag("data").Value.String()),
+				data:     []byte(c.String("data")),
 			}
 			if opt.url == "" {
 				log.Fatal(errors.New("no URL specified"))
 			}
 
-			headersSlice, err := cmd.Flags().GetStringSlice("headers")
-			if err != nil {
-				return err
-			}
-			for _, h := range headersSlice {
+			for _, h := range c.StringSlice("headers") {
 				parts := strings.SplitN(h, ":", 2)
 				if len(parts) != 2 {
 					log.Fatal(errors.New("invalid header '" + h + "'"))
@@ -69,7 +127,7 @@ func BenchmarkClientCommand(cfg *config.Config) *cobra.Command {
 				opt.headers[parts[0]] = strings.TrimSpace(parts[1])
 			}
 
-			rate, _ := cmd.Flags().GetString("rate")
+			rate := c.String("rate")
 			if rate != "" {
 				parts := strings.SplitN(rate, "/", 2)
 				num, err := strconv.Atoi(parts[0])
@@ -92,12 +150,12 @@ func BenchmarkClientCommand(cfg *config.Config) *cobra.Command {
 				opt.rateDelay = unit / time.Duration(num)
 			}
 
-			user, _ := cmd.Flags().GetString("user")
+			user := c.String("user")
 			opt.auth = func() string {
 				return "Basic " + base64.StdEncoding.EncodeToString([]byte(user))
 			}
 
-			btc, _ := cmd.Flags().GetString("bearer-token-command")
+			btc := c.String("bearer-token-command")
 			if btc != "" {
 				parts := strings.SplitN(btc, " ", 2)
 				var cmd *exec.Cmd
@@ -115,10 +173,7 @@ func BenchmarkClientCommand(cfg *config.Config) *cobra.Command {
 				}
 			}
 
-			every, err := cmd.Flags().GetInt("every")
-			if err != nil {
-				return err
-			}
+			every := c.Int("every")
 			if every != 0 {
 				opt.ticker = time.NewTicker(time.Second * time.Duration(every))
 				defer opt.ticker.Stop()
@@ -128,22 +183,6 @@ func BenchmarkClientCommand(cfg *config.Config) *cobra.Command {
 
 		},
 	}
-
-	// TODO with v3 'flag.Persistent: true' can be set to make the order of flags no longer relevant \o/
-	// flags mimicing curl
-	benchClientCmd.Flags().StringP("request", "X", "PROPFIND", "Specifies a custom request method to use when communicating with the HTTP server.")
-	benchClientCmd.Flags().StringP("user", "u", "admin:admin", "Specify the user name and password to use for server authentication.")
-	benchClientCmd.Flags().BoolP("insecure", "k", false, "Skip the TLS verification step and proceed without checking.")
-	benchClientCmd.Flags().StringP("data", "d", "", "Sends the specified data in a request to the HTTP server.")
-	benchClientCmd.Flags().StringSliceP("headers", "H", []string{}, "Extra header to include in information sent.")
-	benchClientCmd.Flags().String("rate", "", "Specify the maximum transfer frequency you allow a client to use - in number of transfer starts per time unit (sometimes called request rate). The request rate is provided as \"N/U\" where N is an integer number and U is a time unit. Supported units are 's' (second), 'm' (minute), 'h' (hour) and 'd' /(day, as in a 24 hour unit). The default time unit, if no \"/U\" is provided, is number of transfers per hour.")
-
-	// other flags
-	benchClientCmd.Flags().IntP("jobs", "j", 1, "Number of parallel clients to start. Defaults to 1.")
-	benchClientCmd.Flags().Int("every", 0, "Aggregate stats every time this amount of seconds has passed.")
-	benchClientCmd.Flags().String("bearer-token-command", "", "Command to execute for a bearer token, e.g. 'oidc-token opencloud'. When set, disables basic auth.")
-
-	return benchClientCmd
 }
 
 type clientOptions struct {
@@ -241,13 +280,25 @@ func client(o clientOptions) error {
 }
 
 // BenchmarkSyscallsCommand is the entrypoint for the benchmark syscalls command.
-func BenchmarkSyscallsCommand(cfg *config.Config) *cobra.Command {
-	benchSysCallCmd := &cobra.Command{
-		Use:   "syscalls",
-		Short: "test the performance of syscalls",
-		RunE: func(cmd *cobra.Command, args []string) error {
+func BenchmarkSyscallsCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "syscalls",
+		Usage: "test the performance of syscalls",
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:  "path",
+				Usage: "Path to test",
+			},
+			&cli.StringFlag{
+				Name:  "iterations",
+				Value: "100",
+				Usage: "Number of iterations to execute",
+			},
+		},
+		Category: "benchmark",
+		Action: func(c *cli.Context) error {
 
-			path, _ := cmd.Flags().GetString("path")
+			path := c.String("path")
 			if path == "" {
 				f, err := os.CreateTemp("", "opencloud-bench-temp-")
 				if err != nil {
@@ -258,16 +309,11 @@ func BenchmarkSyscallsCommand(cfg *config.Config) *cobra.Command {
 				defer os.Remove(path)
 			}
 
-			iterations, err := cmd.Flags().GetInt("iterations")
-			if err != nil {
-				return err
-			}
+			iterations := c.Int("iterations")
+
 			return benchmark(iterations, path)
 		},
 	}
-	benchSysCallCmd.Flags().String("path", "", "Path to test")
-	benchSysCallCmd.Flags().Int("iterations", 100, "Number of iterations to execute")
-	return benchSysCallCmd
 }
 
 func benchmark(iterations int, path string) error {

opencloud/pkg/command/command.go

@@ -1,7 +0,0 @@
-package command
-
-const (
-	CommandGroupServer   = "Server"
-	CommandGroupServices = "Service"
-	CommandGroupStorage  = "Storage"
-)

opencloud/pkg/command/decomposedfs.go

@@ -9,6 +9,8 @@ import (
 	"sort"
 	"strings"
 
+	userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
+	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/register"
 	"github.com/opencloud-eu/opencloud/pkg/config"
 	revactx "github.com/opencloud-eu/reva/v2/pkg/ctx"
@@ -23,57 +25,69 @@ import (
 	"github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/tree"
 	"github.com/opencloud-eu/reva/v2/pkg/storagespace"
 	"github.com/opencloud-eu/reva/v2/pkg/store"
-
-	userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
-	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
 	"github.com/rs/zerolog"
-	"github.com/spf13/cobra"
+	"github.com/urfave/cli/v2"
 )
 
 // DecomposedfsCommand is the entrypoint for the groups command.
-func DecomposedfsCommand(cfg *config.Config) *cobra.Command {
-	decomposedCmd := &cobra.Command{
-		Use:     "decomposedfs",
-		Short:   `cli tools to inspect and manipulate a decomposedfs storage.`,
-		GroupID: CommandGroupStorage,
+func DecomposedfsCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:     "decomposedfs",
+		Usage:    `cli tools to inspect and manipulate a decomposedfs storage.`,
+		Category: "maintenance",
+		Subcommands: []*cli.Command{
+			metadataCmd(cfg),
+			checkCmd(cfg),
+		},
 	}
-	decomposedCmd.AddCommand(metadataCmd(cfg), checkCmd(cfg))
-	return decomposedCmd
 }
 
 func init() {
 	register.AddCommand(DecomposedfsCommand)
 }
 
-func checkCmd(_ *config.Config) *cobra.Command {
-	cCmd := &cobra.Command{
-		Use:   "check-treesize",
-		Short: `cli tool to check the treesize metadata of a Space`,
-		RunE:  check,
+func checkCmd(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "check-treesize",
+		Usage: `cli tool to check the treesize metadata of a Space`,
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:     "root",
+				Aliases:  []string{"r"},
+				Required: true,
+				Usage:    "Path to the root directory of the decomposedfs",
+			},
+			&cli.StringFlag{
+				Name:     "node",
+				Required: true,
+				Aliases:  []string{"n"},
+				Usage:    "Space ID of the Space to inspect",
+			},
+			&cli.BoolFlag{
+				Name:  "repair",
+				Usage: "Try to repair nodes with incorrect treesize metadata. IMPORTANT: Only use this while OpenCloud is not running.",
+			},
+			&cli.BoolFlag{
+				Name:  "force",
+				Usage: "Do not prompt for confirmation when running in repair mode.",
+			},
+		},
+		Action: check,
 	}
-	cCmd.Flags().StringP("root", "r", "", "Path to the root directory of the decomposedfs")
-	_ = cCmd.MarkFlagRequired("root")
-	cCmd.Flags().StringP("node", "n", "", "Space ID of the Space to inspect")
-	_ = cCmd.MarkFlagRequired("node")
-	cCmd.Flags().Bool("repair", false, "Try to repair nodes with incorrect treesize metadata. IMPORTANT: Only use this while OpenCloud is not running.")
-	cCmd.Flags().Bool("force", false, "Do not prompt for confirmation when running in repair mode.")
-
-	return cCmd
 }
 
-func check(cmd *cobra.Command, args []string) error {
-	rootFlag, _ := cmd.Flags().GetString("root")
-	repairFlag, _ := cmd.Flags().GetBool("repair")
-	forceFlag, _ := cmd.Flags().GetBool("force")
+func check(c *cli.Context) error {
+	rootFlag := c.String("root")
+	repairFlag := c.Bool("repair")
 
-	if repairFlag && !forceFlag {
+	if repairFlag && !c.Bool("force") {
 		answer := strings.ToLower(stringPrompt("IMPORTANT: Only use '--repair' when OpenCloud is not running. Do you want to continue? [yes | no = default]"))
 		if answer != "yes" && answer != "y" {
 			return nil
 		}
 	}
 
-	lu, backend := getBackend(cmd)
+	lu, backend := getBackend(c)
 	o := &options.Options{
 		MetadataBackend: backend.Name(),
 		MaxConcurrency:  100,
@@ -86,7 +100,7 @@ func check(cmd *cobra.Command, args []string) error {
 
 	tree := tree.New(lu, bs, o, permissions.Permissions{}, store.Create(), &zerolog.Logger{})
 
-	nId, _ := cmd.Flags().GetString("node")
+	nId := c.String("node")
 	n, err := lu.NodeFromSpaceID(context.Background(), nId)
 	if err != nil || !n.Exists {
 		fmt.Println("Can not find node '" + nId + "'")
@@ -102,10 +116,7 @@ func check(cmd *cobra.Command, args []string) error {
 		})
 
 	treeSize, err := walkTree(ctx, tree, lu, n, repairFlag)
-	if err != nil {
-		fmt.Printf("failed to walk tree of node %s: %s\n", n.ID, err)
-	}
-	treesizeFromMetadata, err := n.GetTreeSize(cmd.Context())
+	treesizeFromMetadata, err := n.GetTreeSize(c.Context)
 	if err != nil {
 		fmt.Printf("failed to read treesize of node: %s: %s\n", n.ID, err)
 	}
@@ -115,7 +126,7 @@ func check(cmd *cobra.Command, args []string) error {
 		if repairFlag {
 			fmt.Printf("Fixing tree size for node: %s. Calculated treesize: %d\n",
 				n.ID, treeSize)
-			n.SetTreeSize(cmd.Context(), treeSize)
+			n.SetTreeSize(c.Context, treeSize)
 		}
 	}
 	return nil
@@ -174,79 +185,105 @@ func walkTree(ctx context.Context, tree *tree.Tree, lu *lookup.Lookup, root *nod
 	return treesize, nil
 }
 
-func metadataCmd(cfg *config.Config) *cobra.Command {
-	metaCmd := &cobra.Command{
-		Use:   "metadata",
-		Short: `cli tools to inspect and manipulate node metadata`,
+func metadataCmd(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "metadata",
+		Usage: `cli tools to inspect and manipulate node metadata`,
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:     "root",
+				Aliases:  []string{"r"},
+				Required: true,
+				Usage:    "Path to the decomposedfs",
+			},
+			&cli.StringFlag{
+				Name:     "node",
+				Required: true,
+				Aliases:  []string{"n"},
+				Usage:    "Path to or ID of the node to inspect",
+			},
+		},
+		Subcommands: []*cli.Command{dumpCmd(cfg), getCmd(cfg), setCmd(cfg)},
 	}
-	metaCmd.AddCommand(dumpCmd(cfg), getCmd(cfg), setCmd(cfg))
-	metaCmd.Flags().StringP("root", "r", "", "Path to the root directory of the decomposedfs")
-	_ = metaCmd.MarkFlagRequired("root")
-	metaCmd.Flags().StringP("node", "n", "", "Path to or ID of the node to inspect")
-	_ = metaCmd.MarkFlagRequired("node")
-	return metaCmd
 }
 
-func dumpCmd(_ *config.Config) *cobra.Command {
-	return &cobra.Command{
-		Use:   "dump",
-		Short: `print the metadata of the given node. String attributes will be enclosed in quotes. Binary attributes will be returned encoded as base64 with their value being prefixed with '0s'.`,
-		RunE: func(cmd *cobra.Command, args []string) error {
-			lu, backend := getBackend(cmd)
-			path, err := getNode(cmd, lu)
+func dumpCmd(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "dump",
+		Usage: `print the metadata of the given node. String attributes will be enclosed in quotes. Binary attributes will be returned encoded as base64 with their value being prefixed with '0s'.`,
+		Action: func(c *cli.Context) error {
+			lu, backend := getBackend(c)
+			path, err := getNode(c, lu)
 			if err != nil {
 				return err
 			}
 
-			attribs, err := backend.All(cmd.Context(), path)
+			attribs, err := backend.All(c.Context, path)
 			if err != nil {
 				fmt.Println("Error reading attributes")
 				return err
 			}
-			attributeFlag, _ := cmd.Flags().GetString("attribute")
-			printAttribs(attribs, attributeFlag)
+			printAttribs(attribs, c.String("attribute"))
 			return nil
 		},
 	}
 }
 
-func getCmd(_ *config.Config) *cobra.Command {
-	gCmd := &cobra.Command{
-		Use:   "get",
-		Short: `print a specific attribute of the given node. String attributes will be enclosed in quotes. Binary attributes will be returned encoded as base64 with their value being prefixed with '0s'.`,
-		RunE: func(cmd *cobra.Command, args []string) error {
-			lu, backend := getBackend(cmd)
-			path, err := getNode(cmd, lu)
+func getCmd(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "get",
+		Usage: `print a specific attribute of the given node. String attributes will be enclosed in quotes. Binary attributes will be returned encoded as base64 with their value being prefixed with '0s'.`,
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:    "attribute",
+				Aliases: []string{"a"},
+				Usage:   "attribute to inspect",
+			},
+		},
+		Action: func(c *cli.Context) error {
+			lu, backend := getBackend(c)
+			path, err := getNode(c, lu)
 			if err != nil {
 				return err
 			}
 
-			attribs, err := backend.All(cmd.Context(), path)
+			attribs, err := backend.All(c.Context, path)
 			if err != nil {
 				fmt.Println("Error reading attributes")
 				return err
 			}
-			attributeFlag, _ := cmd.Flags().GetString("attribute")
-			printAttribs(attribs, attributeFlag)
+			printAttribs(attribs, c.String("attribute"))
 			return nil
 		},
 	}
-	gCmd.Flags().StringP("attribute", "a", "", "attribute to inspect, can be a glob pattern (e.g. 'user.*' will match all attributes starting with 'user.').")
-	return gCmd
 }
 
-func setCmd(_ *config.Config) *cobra.Command {
-	sCmd := &cobra.Command{
-		Use:   "set",
-		Short: `manipulate metadata of the given node. Binary attributes can be given hex encoded (prefix by '0x') or base64 encoded (prefix by '0s').`,
-		RunE: func(cmd *cobra.Command, args []string) error {
-			lu, backend := getBackend(cmd)
-			n, err := getNode(cmd, lu)
+func setCmd(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "set",
+		Usage: `manipulate metadata of the given node. Binary attributes can be given hex encoded (prefix by '0x') or base64 encoded (prefix by '0s').`,
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:     "attribute",
+				Required: true,
+				Aliases:  []string{"a"},
+				Usage:    "attribute to inspect",
+			},
+			&cli.StringFlag{
+				Name:     "value",
+				Required: true,
+				Aliases:  []string{"v"},
+				Usage:    "value to set",
+			},
+		},
+		Action: func(c *cli.Context) error {
+			lu, backend := getBackend(c)
+			n, err := getNode(c, lu)
 			if err != nil {
 				return err
 			}
 
-			v, _ := cmd.Flags().GetString("value")
+			v := c.String("value")
 			if strings.HasPrefix(v, "0s") {
 				b64, err := base64.StdEncoding.DecodeString(v[2:])
 				if err == nil {
@@ -263,8 +300,7 @@ func setCmd(_ *config.Config) *cobra.Command {
 				}
 			}
 
-			attributeFlag, _ := cmd.Flags().GetString("attribute")
-			err = backend.Set(cmd.Context(), n, attributeFlag, []byte(v))
+			err = backend.Set(c.Context, n, c.String("attribute"), []byte(v))
 			if err != nil {
 				fmt.Println("Error setting attribute")
 				return err
@@ -272,16 +308,9 @@ func setCmd(_ *config.Config) *cobra.Command {
 			return nil
 		},
 	}
-	sCmd.Flags().StringP("attribute", "a", "", "attribute to inspect, can be a glob pattern (e.g. 'user.*' will match all attributes starting with 'user.').")
-	_ = sCmd.MarkFlagRequired("attribute")
-
-	sCmd.Flags().StringP("value", "v", "", "value to set")
-	_ = sCmd.MarkFlagRequired("value")
-
-	return sCmd
 }
 
-func backend(backend string) metadata.Backend {
+func backend(root, backend string) metadata.Backend {
 	switch backend {
 	case "xattrs":
 		return metadata.NewXattrsBackend(cache.Config{})
@@ -291,11 +320,11 @@ func backend(backend string) metadata.Backend {
 	return metadata.NullBackend{}
 }
 
-func getBackend(cmd *cobra.Command) (*lookup.Lookup, metadata.Backend) {
-	rootFlag, _ := cmd.Flags().GetString("root")
+func getBackend(c *cli.Context) (*lookup.Lookup, metadata.Backend) {
+	rootFlag := c.String("root")
 
 	bod := lookup.DetectBackendOnDisk(rootFlag)
-	backend := backend(bod)
+	backend := backend(rootFlag, bod)
 	lu := lookup.New(backend, &options.Options{
 		Root:            rootFlag,
 		MetadataBackend: bod,
@@ -303,8 +332,8 @@ func getBackend(cmd *cobra.Command) (*lookup.Lookup, metadata.Backend) {
 	return lu, backend
 }
 
-func getNode(cmd *cobra.Command, lu *lookup.Lookup) (*node.Node, error) {
-	nodeFlag, _ := cmd.Flags().GetString("node")
+func getNode(c *cli.Context, lu *lookup.Lookup) (*node.Node, error) {
+	nodeFlag := c.String("node")
 
 	id, err := storagespace.ParseID(nodeFlag)
 	if err != nil {

opencloud/pkg/command/helper/common.go

@@ -0,0 +1,9 @@
+package helper
+
+import (
+	"fmt"
+)
+
+func SubcommandDescription(serviceName string) string {
+	return fmt.Sprintf("%s service commands", serviceName)
+}

opencloud/pkg/command/init.go

@@ -11,19 +11,49 @@ import (
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/register"
 	"github.com/opencloud-eu/opencloud/pkg/config"
 	"github.com/opencloud-eu/opencloud/pkg/config/defaults"
-
-	"github.com/spf13/cobra"
-	"github.com/spf13/viper"
+	cli "github.com/urfave/cli/v2"
 )
 
 // InitCommand is the entrypoint for the init command
-func InitCommand(_ *config.Config) *cobra.Command {
-	initCmd := &cobra.Command{
-		Use:     "init",
-		Short:   "initialise an OpenCloud config",
-		GroupID: CommandGroupServer,
-		RunE: func(cmd *cobra.Command, args []string) error {
-			insecureFlag := viper.GetString("insecure")
+func InitCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "init",
+		Usage: "initialise an OpenCloud config",
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:    "insecure",
+				EnvVars: []string{"OC_INSECURE"},
+				Value:   "ask",
+				Usage:   "Allow insecure OpenCloud config",
+			},
+			&cli.BoolFlag{
+				Name:    "diff",
+				Aliases: []string{"d"},
+				Usage:   "Show the difference between the current config and the new one",
+				Value:   false,
+			},
+			&cli.BoolFlag{
+				Name:    "force-overwrite",
+				Aliases: []string{"f"},
+				EnvVars: []string{"OC_FORCE_CONFIG_OVERWRITE"},
+				Value:   false,
+				Usage:   "Force overwrite existing config file",
+			},
+			&cli.StringFlag{
+				Name:    "config-path",
+				Value:   defaults.BaseConfigPath(),
+				Usage:   "Config path for the OpenCloud runtime",
+				EnvVars: []string{"OC_CONFIG_DIR", "OC_BASE_DATA_PATH"},
+			},
+			&cli.StringFlag{
+				Name:    "admin-password",
+				Aliases: []string{"ap"},
+				EnvVars: []string{"ADMIN_PASSWORD", "IDM_ADMIN_PASSWORD"},
+				Usage:   "Set admin password instead of using a random generated one",
+			},
+		},
+		Action: func(c *cli.Context) error {
+			insecureFlag := c.String("insecure")
 			insecure := false
 			if insecureFlag == "ask" {
 				answer := strings.ToLower(stringPrompt("Do you want to configure OpenCloud with certificate checking disabled?\n This is not recommended for public instances! [yes | no = default]"))
@@ -33,37 +63,13 @@ func InitCommand(_ *config.Config) *cobra.Command {
 			} else if insecureFlag == strings.ToLower("true") || insecureFlag == strings.ToLower("yes") || insecureFlag == strings.ToLower("y") {
 				insecure = true
 			}
-			forceOverwriteFlag := viper.GetBool("force-overwrite")
-			diffFlag, _ := cmd.Flags().GetBool("diff")
-			configPathFlag := viper.GetString("config-path")
-			adminPasswordFlag := viper.GetString("admin-password")
-			err := ocinit.CreateConfig(insecure, forceOverwriteFlag, diffFlag, configPathFlag, adminPasswordFlag)
+			err := ocinit.CreateConfig(insecure, c.Bool("force-overwrite"), c.Bool("diff"), c.String("config-path"), c.String("admin-password"))
 			if err != nil {
 				log.Fatalf("Could not create config: %s", err)
 			}
 			return nil
 		},
 	}
-	initCmd.Flags().String("insecure", "ask", "Allow insecure OpenCloud config")
-	_ = viper.BindEnv("insecure", "OC_INSECURE")
-	_ = viper.BindPFlag("insecure", initCmd.Flags().Lookup("insecure"))
-
-	initCmd.Flags().BoolP("diff", "d", false, "Show the difference between the current config and the new one")
-
-	initCmd.Flags().BoolP("force-overwrite", "f", false, "Force overwrite existing config file")
-	_ = viper.BindEnv("force-overwrite", "OC_FORCE_CONFIG_OVERWRITE")
-	_ = viper.BindPFlag("force-overwrite", initCmd.Flags().Lookup("force-overwrite"))
-
-	initCmd.Flags().String("config-path", defaults.BaseConfigPath(), "Config path for the OpenCloud runtime")
-	_ = viper.BindEnv("config-path", "OC_CONFIG_DIR")
-	_ = viper.BindEnv("config-path", "OC_BASE_DATA_PATH")
-	_ = viper.BindPFlag("config-path", initCmd.Flags().Lookup("config-path"))
-
-	initCmd.Flags().String("admin-password", "", "Set admin password instead of using a random generated one")
-	_ = viper.BindEnv("admin-password", "ADMIN_PASSWORD")
-	_ = viper.BindEnv("admin-password", "IDM_ADMIN_PASSWORD")
-	_ = viper.BindPFlag("admin-password", initCmd.Flags().Lookup("admin-password"))
-	return initCmd
 }
 
 func init() {
@@ -74,7 +80,7 @@ func stringPrompt(label string) string {
 	input := ""
 	reader := bufio.NewReader(os.Stdin)
 	for {
-		_, _ = fmt.Fprint(os.Stderr, label+" ")
+		fmt.Fprint(os.Stderr, label+" ")
 		input, _ = reader.ReadString('\n')
 		if input != "" {
 			break

opencloud/pkg/command/list.go

@@ -8,26 +8,31 @@ import (
 
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/register"
 	"github.com/opencloud-eu/opencloud/pkg/config"
-	"github.com/opencloud-eu/opencloud/pkg/config/configlog"
-	"github.com/opencloud-eu/opencloud/pkg/config/parser"
-
-	"github.com/spf13/cobra"
-	"github.com/spf13/viper"
+	"github.com/urfave/cli/v2"
 )
 
 // ListCommand is the entrypoint for the list command.
-func ListCommand(cfg *config.Config) *cobra.Command {
-	listCmd := &cobra.Command{
-		Use:   "list",
-		Short: "list OpenCloud services running in the runtime (supervised mode)",
-		PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
-			return configlog.ReturnError(parser.ParseConfig(cfg, true))
+func ListCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:     "list",
+		Usage:    "list OpenCloud services running in the runtime (supervised mode)",
+		Category: "runtime",
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:        "hostname",
+				Value:       "localhost",
+				EnvVars:     []string{"OC_RUNTIME_HOST"},
+				Destination: &cfg.Runtime.Host,
+			},
+			&cli.StringFlag{
+				Name:        "port",
+				Value:       "9250",
+				EnvVars:     []string{"OC_RUNTIME_PORT"},
+				Destination: &cfg.Runtime.Port,
+			},
 		},
-		RunE: func(cmd *cobra.Command, args []string) error {
-			host := viper.GetString("hostname")
-			port := viper.GetString("port")
-
-			client, err := rpc.DialHTTP("tcp", net.JoinHostPort(host, port))
+		Action: func(c *cli.Context) error {
+			client, err := rpc.DialHTTP("tcp", net.JoinHostPort(cfg.Runtime.Host, cfg.Runtime.Port))
 			if err != nil {
 				log.Fatalf("Failed to connect to the runtime. Has the runtime been started and did you configure the right runtime address (\"%s\")", cfg.Runtime.Host+":"+cfg.Runtime.Port)
 			}
@@ -43,15 +48,6 @@ func ListCommand(cfg *config.Config) *cobra.Command {
 			return nil
 		},
 	}
-
-	listCmd.Flags().String("hostname", "localhost", "hostname of the runtime")
-	_ = viper.BindEnv("hostname", "OC_RUNTIME_HOST")
-	_ = viper.BindPFlag("hostname", listCmd.Flags().Lookup("hostname"))
-
-	listCmd.Flags().String("port", "9250", "port of the runtime")
-	_ = viper.BindEnv("port", "OC_RUNTIME_PORT")
-	_ = viper.BindPFlag("port", listCmd.Flags().Lookup("port"))
-	return listCmd
 }
 
 func init() {

opencloud/pkg/command/posixfs.go

@@ -10,10 +10,9 @@ import (
 
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/register"
 	"github.com/opencloud-eu/opencloud/pkg/config"
-
 	"github.com/pkg/xattr"
-	"github.com/spf13/cobra"
 	"github.com/theckman/yacspin"
+	"github.com/urfave/cli/v2"
 	"github.com/vmihailenco/msgpack/v5"
 )
 
@@ -38,16 +37,15 @@ type EntryInfo struct {
 }
 
 // PosixfsCommand is the entrypoint for the posixfs command.
-func PosixfsCommand(cfg *config.Config) *cobra.Command {
-	posixCmd := &cobra.Command{
-		Use:     "posixfs",
-		Short:   `cli tools to inspect and manipulate a posixfs storage.`,
-		GroupID: CommandGroupStorage,
+func PosixfsCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:     "posixfs",
+		Usage:    `cli tools to inspect and manipulate a posixfs storage.`,
+		Category: "maintenance",
+		Subcommands: []*cli.Command{
+			consistencyCmd(cfg),
+		},
 	}
-
-	posixCmd.AddCommand(consistencyCmd(cfg))
-
-	return posixCmd
 }
 
 func init() {
@@ -55,23 +53,27 @@ func init() {
 }
 
 // consistencyCmd returns a command to check the consistency of the posixfs storage.
-func consistencyCmd(cfg *config.Config) *cobra.Command {
-	consCmd := &cobra.Command{
-		Use:   "consistency",
-		Short: "check the consistency of the posixfs storage",
-		RunE: func(cmd *cobra.Command, args []string) error {
-			return checkPosixfsConsistency(cmd, cfg)
+func consistencyCmd(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "consistency",
+		Usage: "check the consistency of the posixfs storage",
+		Action: func(c *cli.Context) error {
+			return checkPosixfsConsistency(c, cfg)
+		},
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:     "root",
+				Aliases:  []string{"r"},
+				Required: true,
+				Usage:    "Path to the root directory of the posixfs storage",
+			},
 		},
 	}
-	consCmd.Flags().StringP("root", "r", "", "Path to the root directory of the posixfs storage")
-	_ = consCmd.MarkFlagRequired("root")
-
-	return consCmd
 }
 
 // checkPosixfsConsistency checks the consistency of the posixfs storage.
-func checkPosixfsConsistency(cmd *cobra.Command, cfg *config.Config) error {
-	rootPath, _ := cmd.Flags().GetString("root")
+func checkPosixfsConsistency(c *cli.Context, cfg *config.Config) error {
+	rootPath := c.String("root")
 	indexesPath := filepath.Join(rootPath, "indexes")
 
 	_, err := os.Stat(indexesPath)

opencloud/pkg/command/revisions.go

@@ -6,7 +6,6 @@ import (
 	"path/filepath"
 
 	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
-
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/register"
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/revisions"
 	"github.com/opencloud-eu/opencloud/pkg/config"
@@ -16,8 +15,7 @@ import (
 	decomposeds3bs "github.com/opencloud-eu/reva/v2/pkg/storage/fs/decomposeds3/blobstore"
 	"github.com/opencloud-eu/reva/v2/pkg/storage/fs/posix/lookup"
 	"github.com/opencloud-eu/reva/v2/pkg/storagespace"
-
-	"github.com/spf13/cobra"
+	"github.com/urfave/cli/v2"
 )
 
 var (
@@ -26,33 +24,75 @@ var (
 )
 
 // RevisionsCommand is the entrypoint for the revisions command.
-func RevisionsCommand(cfg *config.Config) *cobra.Command {
-	revCmd := &cobra.Command{
-		Use:   "revisions",
-		Short: "OpenCloud revisions functionality",
-		PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
+func RevisionsCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "revisions",
+		Usage: "OpenCloud revisions functionality",
+		Subcommands: []*cli.Command{
+			PurgeRevisionsCommand(cfg),
+		},
+		Before: func(_ *cli.Context) error {
 			return configlog.ReturnError(parser.ParseConfig(cfg, true))
 		},
+		Action: func(_ *cli.Context) error {
+			fmt.Println("Read the docs")
+			return nil
+		},
 	}
-	revCmd.AddCommand(PurgeRevisionsCommand(cfg))
-
-	return revCmd
 }
 
 // PurgeRevisionsCommand allows removing all revisions from a storage provider.
-func PurgeRevisionsCommand(cfg *config.Config) *cobra.Command {
-	revCmd := &cobra.Command{
-		Use:   "purge",
-		Short: "purge revisions",
-		RunE: func(cmd *cobra.Command, args []string) error {
-			basePath, _ := cmd.Flags().GetString("basepath")
+func PurgeRevisionsCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "purge",
+		Usage: "purge revisions",
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:     "basepath",
+				Aliases:  []string{"p"},
+				Usage:    "the basepath of the decomposedfs (e.g. /var/tmp/opencloud/storage/metadata)",
+				Required: true,
+			},
+			&cli.StringFlag{
+				Name:    "blobstore",
+				Aliases: []string{"b"},
+				Usage:   "the blobstore type. Can be (none, decomposed, decomposeds3). Default decomposed. Note: When using decomposeds3 this needs same configuration as the storage-users service",
+				Value:   "decomposed",
+			},
+			&cli.BoolFlag{
+				Name:  "dry-run",
+				Usage: "do not delete anything, just print what would be deleted",
+				Value: true,
+			},
+			&cli.BoolFlag{
+				Name:    "verbose",
+				Aliases: []string{"v"},
+				Usage:   "print verbose output",
+				Value:   false,
+			},
+			&cli.StringFlag{
+				Name:    "resource-id",
+				Aliases: []string{"r"},
+				Usage:   "purge all revisions of this file/space. If not set, all revisions will be purged",
+			},
+			&cli.StringFlag{
+				Name:  "glob-mechanism",
+				Usage: "the glob mechanism to find all nodes. Can be 'glob', 'list' or 'workers'. 'glob' uses globbing with a single worker. 'workers' spawns multiple go routines, accelatering the command drastically but causing high cpu and ram usage. 'list' looks for references by listing directories with multiple workers. Default is 'glob'",
+				Value: "glob",
+			},
+		},
+		Action: func(c *cli.Context) error {
+			basePath := c.String("basepath")
+			if basePath == "" {
+				fmt.Println("basepath is required")
+				return cli.ShowCommandHelp(c, "revisions")
+			}
 
 			var (
 				bs  revisions.DelBlobstore
 				err error
 			)
-			blobstoreFlag, _ := cmd.Flags().GetString("blobstore")
-			switch blobstoreFlag {
+			switch c.String("blobstore") {
 			case "decomposeds3":
 				bs, err = decomposeds3bs.New(
 					cfg.StorageUsers.Drivers.DecomposedS3.Endpoint,
@@ -75,13 +115,12 @@ func PurgeRevisionsCommand(cfg *config.Config) *cobra.Command {
 			}
 
 			var rid *provider.ResourceId
-			resourceIDFlag, _ := cmd.Flags().GetString("resource-id")
-			resid, err := storagespace.ParseID(resourceIDFlag)
+			resid, err := storagespace.ParseID(c.String("resource-id"))
 			if err == nil {
 				rid = &resid
 			}
 
-			mechanism, _ := cmd.Flags().GetString("glob-mechanism")
+			mechanism := c.String("glob-mechanism")
 			if rid.GetOpaqueId() != "" {
 				mechanism = "glob"
 			}
@@ -107,30 +146,11 @@ func PurgeRevisionsCommand(cfg *config.Config) *cobra.Command {
 				ch = revisions.List(p, 10)
 			}
 
-			flagDryRun, err := cmd.Flags().GetBool("dry-run")
-			if err != nil {
-				return err
-			}
-
-			flagVerbose, err := cmd.Flags().GetBool("verbose")
-			if err != nil {
-				return err
-			}
-
-			files, blobs, revisionResults := revisions.PurgeRevisions(ch, bs, flagDryRun, flagVerbose)
-			printResults(files, blobs, revisionResults, flagDryRun)
+			files, blobs, revisions := revisions.PurgeRevisions(ch, bs, c.Bool("dry-run"), c.Bool("verbose"))
+			printResults(files, blobs, revisions, c.Bool("dry-run"))
 			return nil
 		},
 	}
-	revCmd.Flags().StringP("basepath", "p", "", "the basepath of the decomposedfs (e.g. /var/tmp/opencloud/storage/metadata)")
-	_ = revCmd.MarkFlagRequired("basepath")
-	revCmd.Flags().StringP("blobstore", "b", "decomposed", "the blobstore type. Can be (none, decomposed, decomposeds3). Default decomposed")
-	revCmd.Flags().Bool("dry-run", true, "do not delete anything, just print what would be deleted")
-	revCmd.Flags().BoolP("verbose", "v", false, "print verbose output")
-	revCmd.Flags().StringP("resource-id", "r", "", "purge all revisions of this file/space. If not set, all revisions will be purged")
-	revCmd.Flags().String("glob-mechanism", "glob", "the glob mechanism to find all nodes. Can be 'glob', 'list' or 'workers'. 'glob' uses globbing with a single worker. 'workers' spawns multiple go routines, accelatering the command drastically but causing high cpu and ram usage. 'list' looks for references by listing directories with multiple workers. Default is 'glob'")
-
-	return revCmd
 }
 
 func printResults(countFiles, countBlobs, countRevisions int, dryRun bool) {

opencloud/pkg/command/root.go

@@ -9,32 +9,25 @@ import (
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/register"
 	"github.com/opencloud-eu/opencloud/pkg/clihelper"
 	"github.com/opencloud-eu/opencloud/pkg/config"
-
-	"github.com/spf13/cobra"
+	"github.com/urfave/cli/v2"
 )
 
 // Execute is the entry point for the opencloud command.
 func Execute() error {
 	cfg := config.DefaultConfig()
 
-	app := clihelper.DefaultApp(&cobra.Command{
-		Use:   "opencloud",
-		Short: "opencloud",
+	app := clihelper.DefaultApp(&cli.App{
+		Name:  "opencloud",
+		Usage: "opencloud",
 	})
 
-	for _, commandFactory := range register.Commands {
-		command := commandFactory(cfg)
-
-		if command.GroupID != "" && !app.ContainsGroup(command.GroupID) {
-			app.AddGroup(&cobra.Group{
-				ID:    command.GroupID,
-				Title: command.GroupID,
-			})
-		}
-
-		app.AddCommand(command)
+	for _, fn := range register.Commands {
+		app.Commands = append(
+			app.Commands,
+			fn(cfg),
+		)
 	}
-	app.SetArgs(os.Args[1:])
+
 	ctx, _ := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM, syscall.SIGQUIT, syscall.SIGHUP)
-	return app.ExecuteContext(ctx)
+	return app.RunContext(ctx, os.Args)
 }

opencloud/pkg/command/server.go

@@ -6,23 +6,22 @@ import (
 	"github.com/opencloud-eu/opencloud/pkg/config"
 	"github.com/opencloud-eu/opencloud/pkg/config/configlog"
 	"github.com/opencloud-eu/opencloud/pkg/config/parser"
-
-	"github.com/spf13/cobra"
+	"github.com/urfave/cli/v2"
 )
 
 // Server is the entrypoint for the server command.
-func Server(cfg *config.Config) *cobra.Command {
-	return &cobra.Command{
-		Use:   "server",
-		Short: "start a fullstack server (runtime and all services in supervised mode)",
-		PreRunE: func(cmd *cobra.Command, args []string) error {
+func Server(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:     "server",
+		Usage:    "start a fullstack server (runtime and all services in supervised mode)",
+		Category: "fullstack",
+		Before: func(c *cli.Context) error {
 			return configlog.ReturnError(parser.ParseConfig(cfg, false))
 		},
-		GroupID: CommandGroupServer,
-		RunE: func(cmd *cobra.Command, args []string) error {
+		Action: func(c *cli.Context) error {
 			// Prefer the in-memory registry as the default when running in single-binary mode
 			r := runtime.New(cfg)
-			return r.Start(cmd.Context())
+			return r.Start(c.Context)
 		},
 	}
 }

opencloud/pkg/command/services.go

@@ -1,8 +1,9 @@
 package command
 
 import (
-	"fmt"
+	"github.com/urfave/cli/v2"
 
+	"github.com/opencloud-eu/opencloud/opencloud/pkg/command/helper"
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/register"
 	"github.com/opencloud-eu/opencloud/pkg/config"
 	"github.com/opencloud-eu/opencloud/pkg/config/configlog"
@@ -49,243 +50,238 @@ import (
 	web "github.com/opencloud-eu/opencloud/services/web/pkg/command"
 	webdav "github.com/opencloud-eu/opencloud/services/webdav/pkg/command"
 	webfinger "github.com/opencloud-eu/opencloud/services/webfinger/pkg/command"
-
-	"github.com/spf13/cobra"
 )
 
-var serviceCommands = []register.Command{
-	func(cfg *config.Config) *cobra.Command {
+var svccmds = []register.Command{
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Activitylog.Service.Name, activitylog.GetCommands(cfg.Activitylog), func(c *config.Config) {
 			cfg.Activitylog.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Antivirus.Service.Name, antivirus.GetCommands(cfg.Antivirus), func(c *config.Config) {
-			cfg.Antivirus.Commons = cfg.Commons
+			// cfg.Antivirus.Commons = cfg.Commons // antivirus needs no commons atm
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.AppProvider.Service.Name, appprovider.GetCommands(cfg.AppProvider), func(c *config.Config) {
 			cfg.AppProvider.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.AppRegistry.Service.Name, appregistry.GetCommands(cfg.AppRegistry), func(c *config.Config) {
 			cfg.AppRegistry.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Audit.Service.Name, audit.GetCommands(cfg.Audit), func(c *config.Config) {
 			cfg.Audit.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.AuthApp.Service.Name, authapp.GetCommands(cfg.AuthApp), func(_ *config.Config) {
 			cfg.AuthApp.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.AuthBasic.Service.Name, authbasic.GetCommands(cfg.AuthBasic), func(c *config.Config) {
 			cfg.AuthBasic.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.AuthBearer.Service.Name, authbearer.GetCommands(cfg.AuthBearer), func(c *config.Config) {
 			cfg.AuthBearer.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.AuthMachine.Service.Name, authmachine.GetCommands(cfg.AuthMachine), func(c *config.Config) {
 			cfg.AuthMachine.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.AuthService.Service.Name, authservice.GetCommands(cfg.AuthService), func(c *config.Config) {
 			cfg.AuthService.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Clientlog.Service.Name, clientlog.GetCommands(cfg.Clientlog), func(c *config.Config) {
 			cfg.Clientlog.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Collaboration.Service.Name, collaboration.GetCommands(cfg.Collaboration), func(c *config.Config) {
 			cfg.Collaboration.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.EventHistory.Service.Name, eventhistory.GetCommands(cfg.EventHistory), func(c *config.Config) {
 			cfg.EventHistory.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Frontend.Service.Name, frontend.GetCommands(cfg.Frontend), func(c *config.Config) {
 			cfg.Frontend.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Gateway.Service.Name, gateway.GetCommands(cfg.Gateway), func(c *config.Config) {
 			cfg.Gateway.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Graph.Service.Name, graph.GetCommands(cfg.Graph), func(c *config.Config) {
 			cfg.Graph.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Groups.Service.Name, groups.GetCommands(cfg.Groups), func(c *config.Config) {
 			cfg.Groups.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.IDM.Service.Name, idm.GetCommands(cfg.IDM), func(c *config.Config) {
 			cfg.IDM.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.IDP.Service.Name, idp.GetCommands(cfg.IDP), func(c *config.Config) {
 			cfg.IDP.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Invitations.Service.Name, invitations.GetCommands(cfg.Invitations), func(c *config.Config) {
 			cfg.Invitations.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Nats.Service.Name, nats.GetCommands(cfg.Nats), func(c *config.Config) {
 			cfg.Nats.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Notifications.Service.Name, notifications.GetCommands(cfg.Notifications), func(c *config.Config) {
 			cfg.Notifications.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.OCDav.Service.Name, ocdav.GetCommands(cfg.OCDav), func(c *config.Config) {
 			cfg.OCDav.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.OCM.Service.Name, ocm.GetCommands(cfg.OCM), func(c *config.Config) {
 			cfg.OCM.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.OCS.Service.Name, ocs.GetCommands(cfg.OCS), func(c *config.Config) {
 			cfg.OCS.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Policies.Service.Name, policies.GetCommands(cfg.Policies), func(c *config.Config) {
 			cfg.Policies.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Postprocessing.Service.Name, postprocessing.GetCommands(cfg.Postprocessing), func(c *config.Config) {
 			cfg.Postprocessing.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Proxy.Service.Name, proxy.GetCommands(cfg.Proxy), func(c *config.Config) {
 			cfg.Proxy.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Search.Service.Name, search.GetCommands(cfg.Search), func(c *config.Config) {
 			cfg.Search.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Settings.Service.Name, settings.GetCommands(cfg.Settings), func(c *config.Config) {
 			cfg.Settings.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Sharing.Service.Name, sharing.GetCommands(cfg.Sharing), func(c *config.Config) {
 			cfg.Sharing.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.SSE.Service.Name, sse.GetCommands(cfg.SSE), func(c *config.Config) {
 			cfg.SSE.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.StoragePublicLink.Service.Name, storagepubliclink.GetCommands(cfg.StoragePublicLink), func(c *config.Config) {
 			cfg.StoragePublicLink.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.StorageShares.Service.Name, storageshares.GetCommands(cfg.StorageShares), func(c *config.Config) {
 			cfg.StorageShares.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.StorageSystem.Service.Name, storagesystem.GetCommands(cfg.StorageSystem), func(c *config.Config) {
 			cfg.StorageSystem.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.StorageUsers.Service.Name, storageusers.GetCommands(cfg.StorageUsers), func(c *config.Config) {
 			cfg.StorageUsers.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Thumbnails.Service.Name, thumbnails.GetCommands(cfg.Thumbnails), func(c *config.Config) {
 			cfg.Thumbnails.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Userlog.Service.Name, userlog.GetCommands(cfg.Userlog), func(c *config.Config) {
 			cfg.Userlog.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Users.Service.Name, users.GetCommands(cfg.Users), func(c *config.Config) {
 			cfg.Users.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Web.Service.Name, web.GetCommands(cfg.Web), func(c *config.Config) {
 			cfg.Web.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.WebDAV.Service.Name, webdav.GetCommands(cfg.WebDAV), func(c *config.Config) {
 			cfg.WebDAV.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cobra.Command {
+	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.Webfinger.Service.Name, webfinger.GetCommands(cfg.Webfinger), func(c *config.Config) {
 			cfg.Webfinger.Commons = cfg.Commons
 		})
 	},
 }
 
-// ServiceCommand composes a cobra command from the given inputs.
-func ServiceCommand(cfg *config.Config, serviceName string, subCommands []*cobra.Command, f func(*config.Config)) *cobra.Command {
-	command := &cobra.Command{
-		Use:     serviceName,
-		Short:   fmt.Sprintf("%s service commands", serviceName),
-		GroupID: CommandGroupServices,
-		PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
+// ServiceCommand is the entry point for the all service commands.
+func ServiceCommand(cfg *config.Config, serviceName string, subcommands []*cli.Command, f func(*config.Config)) *cli.Command {
+	return &cli.Command{
+		Name:     serviceName,
+		Usage:    helper.SubcommandDescription(serviceName),
+		Category: "services",
+		Before: func(c *cli.Context) error {
 			configlog.Error(parser.ParseConfig(cfg, true))
 			f(cfg)
 			return nil
 		},
+		Subcommands: subcommands,
 	}
-
-	command.AddCommand(subCommands...)
-
-	return command
 }
 
 func init() {
-	for _, c := range serviceCommands {
+	for _, c := range svccmds {
 		register.AddCommand(c)
 	}
 }

opencloud/pkg/command/shares.go

@@ -3,7 +3,13 @@ package command
 import (
 	"errors"
 
-	"github.com/spf13/viper"
+	"github.com/rs/zerolog"
+	"github.com/urfave/cli/v2"
+
+	"github.com/opencloud-eu/reva/v2/pkg/rgrpc/todo/pool"
+	"github.com/opencloud-eu/reva/v2/pkg/share/manager/jsoncs3"
+	"github.com/opencloud-eu/reva/v2/pkg/share/manager/registry"
+	"github.com/opencloud-eu/reva/v2/pkg/utils"
 
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/register"
 	"github.com/opencloud-eu/opencloud/pkg/config"
@@ -13,21 +19,15 @@ import (
 	mregistry "github.com/opencloud-eu/opencloud/pkg/registry"
 	sharing "github.com/opencloud-eu/opencloud/services/sharing/pkg/config"
 	sharingparser "github.com/opencloud-eu/opencloud/services/sharing/pkg/config/parser"
-	"github.com/opencloud-eu/reva/v2/pkg/rgrpc/todo/pool"
-	"github.com/opencloud-eu/reva/v2/pkg/share/manager/jsoncs3"
-	"github.com/opencloud-eu/reva/v2/pkg/share/manager/registry"
-	"github.com/opencloud-eu/reva/v2/pkg/utils"
-
-	"github.com/rs/zerolog"
-	"github.com/spf13/cobra"
 )
 
 // SharesCommand is the entrypoint for the groups command.
-func SharesCommand(cfg *config.Config) *cobra.Command {
-	sharesCmd := &cobra.Command{
-		Use:   "shares",
-		Short: `cli tools to manage entries in the share manager.`,
-		PreRunE: func(cmd *cobra.Command, args []string) error {
+func SharesCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:     "shares",
+		Usage:    `cli tools to manage entries in the share manager.`,
+		Category: "maintenance",
+		Before: func(c *cli.Context) error {
 			// Parse base config
 			if err := parser.ParseConfig(cfg, true); err != nil {
 				return configlog.ReturnError(err)
@@ -37,21 +37,37 @@ func SharesCommand(cfg *config.Config) *cobra.Command {
 			cfg.Sharing.Commons = cfg.Commons
 			return configlog.ReturnError(sharingparser.ParseConfig(cfg.Sharing))
 		},
+		Subcommands: []*cli.Command{
+			cleanupCmd(cfg),
+		},
 	}
-	sharesCmd.AddCommand(cleanupCmd(cfg))
-
-	return sharesCmd
 }
 
 func init() {
 	register.AddCommand(SharesCommand)
 }
 
-func cleanupCmd(cfg *config.Config) *cobra.Command {
-	cleanCmd := &cobra.Command{
-		Use:   "cleanup",
-		Short: `clean up stale entries in the share manager.`,
-		PreRunE: func(cmd *cobra.Command, args []string) error {
+func cleanupCmd(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "cleanup",
+		Usage: `clean up stale entries in the share manager.`,
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:     "service-account-id",
+				Value:    "",
+				Usage:    "Name of the service account to use for the cleanup",
+				EnvVars:  []string{"OC_SERVICE_ACCOUNT_ID"},
+				Required: true,
+			},
+			&cli.StringFlag{
+				Name:     "service-account-secret",
+				Value:    "",
+				Usage:    "Secret for the service account",
+				EnvVars:  []string{"OC_SERVICE_ACCOUNT_SECRET"},
+				Required: true,
+			},
+		},
+		Before: func(c *cli.Context) error {
 			// Parse base config
 			if err := parser.ParseConfig(cfg, true); err != nil {
 				return configlog.ReturnError(err)
@@ -61,24 +77,13 @@ func cleanupCmd(cfg *config.Config) *cobra.Command {
 			cfg.Sharing.Commons = cfg.Commons
 			return configlog.ReturnError(sharingparser.ParseConfig(cfg.Sharing))
 		},
-		RunE: func(cmd *cobra.Command, args []string) error {
-			return cleanup(cmd, cfg)
+		Action: func(c *cli.Context) error {
+			return cleanup(c, cfg)
 		},
 	}
-	cleanCmd.Flags().String("service-account-id", "", "Name of the service account to use for the cleanup")
-	_ = cleanCmd.MarkFlagRequired("service-account-id")
-	_ = viper.BindEnv("service-account-id", "OC_SERVICE_ACCOUNT_ID")
-	_ = viper.BindPFlag("service-account-id", cleanCmd.Flags().Lookup("service-account-id"))
-
-	cleanCmd.Flags().String("service-account-secret", "", "Secret for the service account")
-	_ = cleanCmd.MarkFlagRequired("service-account-secret")
-	_ = viper.BindEnv("service-account-secret", "OC_SERVICE_ACCOUNT_SECRET")
-	_ = viper.BindPFlag("service-account-secret", cleanCmd.Flags().Lookup("service-account-secret"))
-
-	return cleanCmd
 }
 
-func cleanup(_ *cobra.Command, cfg *config.Config) error {
+func cleanup(c *cli.Context, cfg *config.Config) error {
 	driver := cfg.Sharing.UserSharingDriver
 	// cleanup is only implemented for the jsoncs3 share manager
 	if driver != "jsoncs3" {
@@ -109,9 +114,7 @@ func cleanup(_ *cobra.Command, cfg *config.Config) error {
 		return configlog.ReturnError(err)
 	}
 
-	serviceAccountIDFlag := viper.GetString("service-account-id")
-	serviceAccountSecretFlag := viper.GetString("service-account-secret")
-	serviceUserCtx, err := utils.GetServiceUserContext(serviceAccountIDFlag, client, serviceAccountSecretFlag)
+	serviceUserCtx, err := utils.GetServiceUserContext(c.String("service-account-id"), client, c.String("service-account-secret"))
 	if err != nil {
 		return configlog.ReturnError(err)
 	}
@@ -168,6 +171,39 @@ func revaShareConfig(cfg *sharing.Config) map[string]interface{} {
 	}
 }
 
+func revaPublicShareConfig(cfg *sharing.Config) map[string]interface{} {
+	return map[string]interface{}{
+		"json": map[string]interface{}{
+			"file":         cfg.PublicSharingDrivers.JSON.File,
+			"gateway_addr": cfg.Reva.Address,
+		},
+		"jsoncs3": map[string]interface{}{
+			"gateway_addr":        cfg.Reva.Address,
+			"provider_addr":       cfg.PublicSharingDrivers.JSONCS3.ProviderAddr,
+			"service_user_id":     cfg.PublicSharingDrivers.JSONCS3.SystemUserID,
+			"service_user_idp":    cfg.PublicSharingDrivers.JSONCS3.SystemUserIDP,
+			"machine_auth_apikey": cfg.PublicSharingDrivers.JSONCS3.SystemUserAPIKey,
+		},
+		"sql": map[string]interface{}{
+			"db_username":                   cfg.PublicSharingDrivers.SQL.DBUsername,
+			"db_password":                   cfg.PublicSharingDrivers.SQL.DBPassword,
+			"db_host":                       cfg.PublicSharingDrivers.SQL.DBHost,
+			"db_port":                       cfg.PublicSharingDrivers.SQL.DBPort,
+			"db_name":                       cfg.PublicSharingDrivers.SQL.DBName,
+			"password_hash_cost":            cfg.PublicSharingDrivers.SQL.PasswordHashCost,
+			"enable_expired_shares_cleanup": cfg.PublicSharingDrivers.SQL.EnableExpiredSharesCleanup,
+			"janitor_run_interval":          cfg.PublicSharingDrivers.SQL.JanitorRunInterval,
+		},
+		"cs3": map[string]interface{}{
+			"gateway_addr":        cfg.PublicSharingDrivers.CS3.ProviderAddr,
+			"provider_addr":       cfg.PublicSharingDrivers.CS3.ProviderAddr,
+			"service_user_id":     cfg.PublicSharingDrivers.CS3.SystemUserID,
+			"service_user_idp":    cfg.PublicSharingDrivers.CS3.SystemUserIDP,
+			"machine_auth_apikey": cfg.PublicSharingDrivers.CS3.SystemUserAPIKey,
+		},
+	}
+}
+
 func logger() *zerolog.Logger {
 	log := oclog.NewLogger(
 		oclog.Name("migrate"),

opencloud/pkg/command/trash.go

@@ -3,40 +3,57 @@ package command
 import (
 	"fmt"
 
-	"github.com/opencloud-eu/opencloud/opencloud/pkg/register"
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/trash"
+
+	"github.com/opencloud-eu/opencloud/opencloud/pkg/register"
 	"github.com/opencloud-eu/opencloud/pkg/config"
 	"github.com/opencloud-eu/opencloud/pkg/config/configlog"
 	"github.com/opencloud-eu/opencloud/pkg/config/parser"
-
-	"github.com/spf13/cobra"
+	"github.com/urfave/cli/v2"
 )
 
-func TrashCommand(cfg *config.Config) *cobra.Command {
-	trashCmd := &cobra.Command{
-		Use:   "trash",
-		Short: "OpenCloud trash functionality",
-		PreRunE: func(cmd *cobra.Command, args []string) error {
+func TrashCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "trash",
+		Usage: "OpenCloud trash functionality",
+		Subcommands: []*cli.Command{
+			TrashPurgeEmptyDirsCommand(cfg),
+		},
+		Before: func(c *cli.Context) error {
 			return configlog.ReturnError(parser.ParseConfig(cfg, true))
 		},
-		RunE: func(cmd *cobra.Command, args []string) error {
+		Action: func(_ *cli.Context) error {
 			fmt.Println("Read the docs")
 			return nil
 		},
 	}
-	trashCmd.AddCommand(TrashPurgeEmptyDirsCommand(cfg))
-
-	return trashCmd
 }
 
-func TrashPurgeEmptyDirsCommand(cfg *config.Config) *cobra.Command {
-	trashPurgeCmd := &cobra.Command{
-		Use:   "purge-empty-dirs",
-		Short: "purge empty directories",
-		RunE: func(cmd *cobra.Command, args []string) error {
-			basePath, _ := cmd.Flags().GetString("basepath")
-			dryRun, _ := cmd.Flags().GetBool("dry-run")
-			if err := trash.PurgeTrashEmptyPaths(basePath, dryRun); err != nil {
+func TrashPurgeEmptyDirsCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "purge-empty-dirs",
+		Usage: "purge empty directories",
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:     "basepath",
+				Aliases:  []string{"p"},
+				Usage:    "the basepath of the decomposedfs (e.g. /var/tmp/opencloud/storage/users)",
+				Required: true,
+			},
+			&cli.BoolFlag{
+				Name:  "dry-run",
+				Usage: "do not delete anything, just print what would be deleted",
+				Value: true,
+			},
+		},
+		Action: func(c *cli.Context) error {
+			basePath := c.String("basepath")
+			if basePath == "" {
+				fmt.Println("basepath is required")
+				return cli.ShowCommandHelp(c, "trash")
+			}
+
+			if err := trash.PurgeTrashEmptyPaths(basePath, c.Bool("dry-run")); err != nil {
 				fmt.Println(err)
 				return err
 			}
@@ -44,12 +61,6 @@ func TrashPurgeEmptyDirsCommand(cfg *config.Config) *cobra.Command {
 			return nil
 		},
 	}
-	trashPurgeCmd.Flags().StringP("basepath", "p", "", "the basepath of the decomposedfs (e.g. /var/tmp/opencloud/storage/users)")
-	_ = trashPurgeCmd.MarkFlagRequired("basepath")
-
-	trashPurgeCmd.Flags().Bool("dry-run", true, "do not delete anything, just print what would be deleted")
-
-	return trashPurgeCmd
 }
 
 func init() {

opencloud/pkg/command/version.go

@@ -4,16 +4,15 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/spf13/cobra"
+	"github.com/olekukonko/tablewriter"
+	"github.com/olekukonko/tablewriter/tw"
+	"github.com/urfave/cli/v2"
+	mreg "go-micro.dev/v4/registry"
 
 	"github.com/opencloud-eu/opencloud/opencloud/pkg/register"
 	"github.com/opencloud-eu/opencloud/pkg/config"
 	"github.com/opencloud-eu/opencloud/pkg/registry"
 	"github.com/opencloud-eu/opencloud/pkg/version"
-
-	"github.com/olekukonko/tablewriter"
-	"github.com/olekukonko/tablewriter/tw"
-	mreg "go-micro.dev/v4/registry"
 )
 
 const (
@@ -21,18 +20,22 @@ const (
 )
 
 // VersionCommand is the entrypoint for the version command.
-func VersionCommand(cfg *config.Config) *cobra.Command {
-	versionCmd := &cobra.Command{
-		Use:     "version",
-		Short:   "print the version of this binary and all running service instances",
-		GroupID: CommandGroupServer,
-		RunE: func(cmd *cobra.Command, args []string) error {
+func VersionCommand(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "version",
+		Usage: "print the version of this binary and all running service instances",
+		Flags: []cli.Flag{
+			&cli.BoolFlag{
+				Name:  _skipServiceListingFlagName,
+				Usage: "skip service listing",
+			},
+		},
+		Category: "info",
+		Action: func(c *cli.Context) error {
 			fmt.Println("Version: " + version.GetString())
-			fmt.Printf("Edition: %s\n", version.Edition)
 			fmt.Printf("Compiled: %s\n", version.Compiled())
 
-			skipServiceListing, _ := cmd.Flags().GetBool(_skipServiceListingFlagName)
-			if skipServiceListing {
+			if c.Bool(_skipServiceListingFlagName) {
 				return nil
 			}
 
@@ -71,8 +74,6 @@ func VersionCommand(cfg *config.Config) *cobra.Command {
 			return nil
 		},
 	}
-	versionCmd.Flags().Bool(_skipServiceListingFlagName, false, "skip service listing")
-	return versionCmd
 }
 
 func init() {

opencloud/pkg/init/init.go

@@ -5,7 +5,7 @@ import (
 	"os"
 	"path"
 
-	"github.com/google/uuid"
+	"github.com/gofrs/uuid"
 	"gopkg.in/yaml.v2"
 
 	"github.com/opencloud-eu/opencloud/pkg/generators"
@@ -68,7 +68,7 @@ func CreateConfig(insecure, forceOverwrite, diff bool, configPath, adminPassword
 		systemUserID, adminUserID, graphApplicationID, storageUsersMountID, serviceAccountID string
 		idmServicePassword, idpServicePassword, ocAdminServicePassword, revaServicePassword  string
 		tokenManagerJwtSecret, collaborationWOPISecret, machineAuthAPIKey, systemUserAPIKey  string
-		revaTransferSecret, thumbnailsTransferSecret, serviceAccountSecret, urlSigningSecret string
+		revaTransferSecret, thumbnailsTransferSecret, serviceAccountSecret                   string
 	)
 
 	if diff {
@@ -95,19 +95,12 @@ func CreateConfig(insecure, forceOverwrite, diff bool, configPath, adminPassword
 		revaTransferSecret = oldCfg.TransferSecret
 		thumbnailsTransferSecret = oldCfg.Thumbnails.Thumbnail.TransferSecret
 		serviceAccountSecret = oldCfg.Graph.ServiceAccount.ServiceAccountSecret
-		urlSigningSecret = oldCfg.URLSigningSecret
-		if urlSigningSecret == "" {
-			urlSigningSecret, err = generators.GenerateRandomPassword(passwordLength)
-			if err != nil {
-				return fmt.Errorf("could not generate random secret for urlSigningSecret: %s", err)
-			}
-		}
 	} else {
-		systemUserID = uuid.NewString()
-		adminUserID = uuid.NewString()
-		graphApplicationID = uuid.NewString()
-		storageUsersMountID = uuid.NewString()
-		serviceAccountID = uuid.NewString()
+		systemUserID = uuid.Must(uuid.NewV4()).String()
+		adminUserID = uuid.Must(uuid.NewV4()).String()
+		graphApplicationID = uuid.Must(uuid.NewV4()).String()
+		storageUsersMountID = uuid.Must(uuid.NewV4()).String()
+		serviceAccountID = uuid.Must(uuid.NewV4()).String()
 
 		idmServicePassword, err = generators.GenerateRandomPassword(passwordLength)
 		if err != nil {
@@ -149,17 +142,13 @@ func CreateConfig(insecure, forceOverwrite, diff bool, configPath, adminPassword
 		if err != nil {
 			return fmt.Errorf("could not generate random password for revaTransferSecret: %s", err)
 		}
-		urlSigningSecret, err = generators.GenerateRandomPassword(passwordLength)
-		if err != nil {
-			return fmt.Errorf("could not generate random secret for urlSigningSecret: %s", err)
-		}
 		thumbnailsTransferSecret, err = generators.GenerateRandomPassword(passwordLength)
 		if err != nil {
 			return fmt.Errorf("could not generate random password for thumbnailsTransferSecret: %s", err)
 		}
 		serviceAccountSecret, err = generators.GenerateRandomPassword(passwordLength)
 		if err != nil {
-			return fmt.Errorf("could not generate random secret for serviceAccountSecret: %s", err)
+			return fmt.Errorf("could not generate random password for thumbnailsTransferSecret: %s", err)
 		}
 	}
 
@@ -175,7 +164,6 @@ func CreateConfig(insecure, forceOverwrite, diff bool, configPath, adminPassword
 		MachineAuthAPIKey: machineAuthAPIKey,
 		SystemUserAPIKey:  systemUserAPIKey,
 		TransferSecret:    revaTransferSecret,
-		URLSigningSecret:  urlSigningSecret,
 		SystemUserID:      systemUserID,
 		AdminUserID:       adminUserID,
 		Idm: IdmService{

opencloud/pkg/init/structs.go

@@ -19,7 +19,6 @@ type OpenCloudConfig struct {
 	MachineAuthAPIKey string                `yaml:"machine_auth_api_key"`
 	SystemUserAPIKey  string                `yaml:"system_user_api_key"`
 	TransferSecret    string                `yaml:"transfer_secret"`
-	URLSigningSecret  string                `yaml:"url_signing_secret"`
 	SystemUserID      string                `yaml:"system_user_id"`
 	AdminUserID       string                `yaml:"admin_user_id"`
 	Graph             GraphService          `yaml:"graph"`

opencloud/pkg/register/command.go

@@ -1,18 +1,17 @@
 package register
 
 import (
-	"github.com/spf13/cobra"
-
 	"github.com/opencloud-eu/opencloud/pkg/config"
+	"github.com/urfave/cli/v2"
 )
 
 var (
-	// Commands define the slice of commands.
-	Commands []Command
+	// Commands defines the slice of commands.
+	Commands = []Command{}
 )
 
 // Command defines the register command.
-type Command func(*config.Config) *cobra.Command
+type Command func(*config.Config) *cli.Command
 
 // AddCommand appends a command to Commands.
 func AddCommand(cmd Command) {

opencloud/pkg/runtime/options.go

@@ -2,12 +2,14 @@ package runtime
 
 import (
 	"github.com/opencloud-eu/opencloud/pkg/log"
+	"github.com/urfave/cli/v2"
 )
 
 // Options is a runtime option
 type Options struct {
 	Services []string
 	Logger   log.Logger
+	Context  *cli.Context
 }
 
 // Option undocumented
@@ -19,3 +21,10 @@ func Services(s []string) Option {
 		o.Services = append(o.Services, s...)
 	}
 }
+
+// Context option
+func Context(c *cli.Context) Option {
+	return func(o *Options) {
+		o.Context = c
+	}
+}

opencloud/pkg/runtime/service/service.go

@@ -2,13 +2,13 @@ package service
 
 import (
 	"context"
-	"errors"
+	"fmt"
 	"net"
 	"net/http"
 	"net/rpc"
+	"os"
 	"sort"
 	"strings"
-	"sync"
 	"time"
 
 	"github.com/cenkalti/backoff"
@@ -16,7 +16,6 @@ import (
 	"github.com/olekukonko/tablewriter"
 	occfg "github.com/opencloud-eu/opencloud/pkg/config"
 	"github.com/opencloud-eu/opencloud/pkg/log"
-	"github.com/opencloud-eu/opencloud/pkg/runner"
 	ogrpc "github.com/opencloud-eu/opencloud/pkg/service/grpc"
 	"github.com/opencloud-eu/opencloud/pkg/shared"
 	activitylog "github.com/opencloud-eu/opencloud/services/activitylog/pkg/command"
@@ -29,7 +28,6 @@ import (
 	authmachine "github.com/opencloud-eu/opencloud/services/auth-machine/pkg/command"
 	authservice "github.com/opencloud-eu/opencloud/services/auth-service/pkg/command"
 	clientlog "github.com/opencloud-eu/opencloud/services/clientlog/pkg/command"
-	collaboration "github.com/opencloud-eu/opencloud/services/collaboration/pkg/command"
 	eventhistory "github.com/opencloud-eu/opencloud/services/eventhistory/pkg/command"
 	frontend "github.com/opencloud-eu/opencloud/services/frontend/pkg/command"
 	gateway "github.com/opencloud-eu/opencloud/services/gateway/pkg/command"
@@ -72,11 +70,6 @@ var (
 
 	// wait funcs run after the service group has been started.
 	_waitFuncs = []func(*occfg.Config) error{pingNats, pingGateway, nil, wait(time.Second), nil}
-
-	// Use the runner.DefaultInterruptDuration as defaults for the individual service shutdown timeouts.
-	_defaultShutdownTimeoutDuration = runner.DefaultInterruptDuration
-	// Use the runner.DefaultGroupInterruptDuration as defaults for the server interruption timeout.
-	_defaultInterruptTimeoutDuration = runner.DefaultGroupInterruptDuration
 )
 
 type serviceFuncMap map[string]func(*occfg.Config) suture.Service
@@ -89,6 +82,8 @@ type Service struct {
 	Log        log.Logger
 
 	serviceToken map[string][]suture.ServiceToken
+	context      context.Context
+	cancel       context.CancelFunc
 	cfg          *occfg.Config
 }
 
@@ -110,12 +105,16 @@ func NewService(ctx context.Context, options ...Option) (*Service, error) {
 		log.Level(opts.Config.Log.Level),
 	)
 
+	globalCtx, cancelGlobal := context.WithCancel(ctx)
+
 	s := &Service{
 		Services:   make([]serviceFuncMap, len(_waitFuncs)),
 		Additional: make(serviceFuncMap),
 		Log:        l,
 
 		serviceToken: make(map[string][]suture.ServiceToken),
+		context:      globalCtx,
+		cancel:       cancelGlobal,
 		cfg:          opts.Config,
 	}
 
@@ -124,7 +123,7 @@ func NewService(ctx context.Context, options ...Option) (*Service, error) {
 		if s.Services[priority] == nil {
 			s.Services[priority] = make(serviceFuncMap)
 		}
-		s.Services[priority][name] = NewSutureServiceBuilder(name, exec)
+		s.Services[priority][name] = NewSutureServiceBuilder(exec)
 	}
 
 	// nats is in priority group 0. It needs to start before all other services
@@ -316,11 +315,11 @@ func NewService(ctx context.Context, options ...Option) (*Service, error) {
 
 	// populate optional services
 	areg := func(name string, exec func(context.Context, *occfg.Config) error) {
-		s.Additional[name] = NewSutureServiceBuilder(name, exec)
+		s.Additional[name] = NewSutureServiceBuilder(exec)
 	}
 	areg(opts.Config.Antivirus.Service.Name, func(ctx context.Context, cfg *occfg.Config) error {
 		cfg.Antivirus.Context = ctx
-		cfg.Antivirus.Commons = cfg.Commons
+		// cfg.Antivirus.Commons = cfg.Commons // antivirus holds no Commons atm
 		return antivirus.Execute(cfg.Antivirus)
 	})
 	areg(opts.Config.Audit.Service.Name, func(ctx context.Context, cfg *occfg.Config) error {
@@ -328,11 +327,6 @@ func NewService(ctx context.Context, options ...Option) (*Service, error) {
 		cfg.Audit.Commons = cfg.Commons
 		return audit.Execute(cfg.Audit)
 	})
-	areg(opts.Config.Collaboration.Service.Name, func(ctx context.Context, cfg *occfg.Config) error {
-		cfg.Collaboration.Context = ctx
-		cfg.Collaboration.Commons = cfg.Commons
-		return collaboration.Execute(cfg.Collaboration)
-	})
 	areg(opts.Config.Policies.Service.Name, func(ctx context.Context, cfg *occfg.Config) error {
 		cfg.Policies.Context = ctx
 		cfg.Policies.Commons = cfg.Commons
@@ -364,9 +358,8 @@ func Start(ctx context.Context, o ...Option) error {
 		return err
 	}
 
-	// create a context that will be cancelled when too many backoff cycles on one of the services happens
+	// get a cancel function to stop the service
 	ctx, cancel := context.WithCancel(ctx)
-	defer cancel()
 
 	// tolerance controls backoff cycles from the supervisor.
 	tolerance := 5
@@ -381,32 +374,7 @@ func Start(ctx context.Context, o ...Option) error {
 					cancel()
 				}
 			}
-			switch ev := e.(type) {
-			case suture.EventServicePanic:
-				l := s.Log.Fatal()
-				if ev.Restarting {
-					l = s.Log.Error()
-				}
-				l.Str("event", e.String()).Str("service", ev.ServiceName).Str("supervisor", ev.SupervisorName).
-					Bool("restarting", ev.Restarting).Float64("failures", ev.CurrentFailures).Float64("threshold", ev.FailureThreshold).
-					Str("message", ev.PanicMsg).Msg("service panic")
-			case suture.EventServiceTerminate:
-				l := s.Log.Fatal()
-				if ev.Restarting {
-					l = s.Log.Error()
-				}
-				l.Str("event", e.String()).Str("service", ev.ServiceName).Str("supervisor", ev.SupervisorName).
-					Bool("restarting", ev.Restarting).Float64("failures", ev.CurrentFailures).Float64("threshold", ev.FailureThreshold).
-					Interface("error", ev.Err).Msg("service terminated")
-			case suture.EventBackoff:
-				s.Log.Warn().Str("event", e.String()).Str("supervisor", ev.SupervisorName).Msg("service backoff")
-			case suture.EventResume:
-				s.Log.Info().Str("event", e.String()).Str("supervisor", ev.SupervisorName).Msg("service resume")
-			case suture.EventStopTimeout:
-				s.Log.Warn().Str("event", e.String()).Str("service", ev.ServiceName).Str("supervisor", ev.SupervisorName).Msg("service resume")
-			default:
-				s.Log.Warn().Str("event", e.String()).Msgf("supervisor: %v", e.Map()["supervisor_name"])
-			}
+			s.Log.Info().Str("event", e.String()).Msg(fmt.Sprintf("supervisor: %v", e.Map()["supervisor_name"]))
 		},
 		FailureThreshold: 5,
 		FailureBackoff:   3 * time.Second,
@@ -429,17 +397,30 @@ func Start(ctx context.Context, o ...Option) error {
 	if err != nil {
 		s.Log.Fatal().Err(err).Msg("could not start listener")
 	}
-	srv := new(http.Server)
+
+	defer func() {
+		if r := recover(); r != nil {
+			reason := strings.Builder{}
+			if _, err = net.Dial("tcp", net.JoinHostPort(s.cfg.Runtime.Host, s.cfg.Runtime.Port)); err != nil {
+				reason.WriteString("runtime address already in use")
+			}
+
+			fmt.Println(reason.String())
+		}
+	}()
 
 	// prepare the set of services to run
 	s.generateRunSet(s.cfg)
 
-	// There are reasons not to do this, but we have race conditions ourselves. Until we resolve them, mind the following disclaimer:
+	// there are reasons not to do this, but we have race conditions ourselves. Until we resolve them, mind the following disclaimer:
 	// Calling ServeBackground will CORRECTLY start the supervisor running in a new goroutine. It is risky to directly run
 	// go supervisor.Serve()
 	// because that will briefly create a race condition as it starts up, if you try to .Add() services immediately afterward.
 	// https://pkg.go.dev/github.com/thejerf/suture/v4@v4.0.0#Supervisor
-	go s.Supervisor.ServeBackground(ctx)
+	go s.Supervisor.ServeBackground(s.context)
+
+	// trap will block on context done channel for interruptions.
+	go trap(s, ctx)
 
 	for i, service := range s.Services {
 		scheduleServiceTokens(s, service)
@@ -453,14 +434,7 @@ func Start(ctx context.Context, o ...Option) error {
 	// schedule services that are optional
 	scheduleServiceTokens(s, s.Additional)
 
-	go func() {
-		if err = srv.Serve(l); err != nil && !errors.Is(err, http.ErrServerClosed) {
-			s.Log.Fatal().Err(err).Msg("could not start rpc server")
-		}
-	}()
-
-	// trapShutdownCtx will block on the context-done channel for interruptions.
-	return trapShutdownCtx(s, srv, ctx)
+	return http.Serve(l, nil)
 }
 
 // scheduleServiceTokens adds service tokens to the service supervisor.
@@ -527,87 +501,27 @@ func (s *Service) List(_ struct{}, reply *string) error {
 	return nil
 }
 
-func trapShutdownCtx(s *Service, srv *http.Server, ctx context.Context) error {
+// trap blocks on halt channel. When the runtime is interrupted it
+// signals the controller to stop any supervised process.
+func trap(s *Service, ctx context.Context) {
 	<-ctx.Done()
-	s.Log.Info().Msg("starting graceful shutdown")
-	start := time.Now()
-	wg := sync.WaitGroup{}
-	wg.Add(1)
-	go func() {
-		defer wg.Done()
-		ctx, cancel := context.WithTimeout(context.Background(), _defaultShutdownTimeoutDuration)
-		defer cancel()
-		s.Log.Debug().Msg("starting runtime listener shutdown")
-		if err := srv.Shutdown(ctx); err != nil {
-			s.Log.Error().Err(err).Msg("could not shutdown runtime listener")
-			return
-		}
-		s.Log.Debug().Msg("runtime listener shutdown done")
-	}()
-
-	// shutdown services in the order defined in the config
-	// any services not listed will be shutdown in parallel afterwards
-	for _, sName := range s.cfg.Runtime.ShutdownOrder {
-		if _, ok := s.serviceToken[sName]; !ok {
-			s.Log.Warn().Str("service", sName).Msg("unknown service for ordered shutdown, skipping")
-			continue
-		}
-		for i := range s.serviceToken[sName] {
-			if err := s.Supervisor.RemoveAndWait(s.serviceToken[sName][i], _defaultShutdownTimeoutDuration); err != nil && !errors.Is(err, suture.ErrSupervisorNotRunning) {
-				s.Log.Error().Err(err).Str("service", sName).Msg("could not shutdown service in order, skipping to next")
-				// continue shutting down other services
-				continue
-			}
-			s.Log.Debug().Str("service", sName).Msg("graceful ordered shutdown for service done")
-		}
-		delete(s.serviceToken, sName)
-	}
-
 	for sName := range s.serviceToken {
 		for i := range s.serviceToken[sName] {
-			wg.Add(1)
-			go func() {
-				s.Log.Debug().Str("service", sName).Msg("starting graceful shutdown for service")
-				defer wg.Done()
-				if err := s.Supervisor.RemoveAndWait(s.serviceToken[sName][i], _defaultShutdownTimeoutDuration); err != nil && !errors.Is(err, suture.ErrSupervisorNotRunning) {
-					s.Log.Error().Err(err).Str("service", sName).Msg("could not shutdown service")
-					return
-				}
-				s.Log.Debug().Str("service", sName).Msg("graceful shutdown for service done")
-			}()
+			if err := s.Supervisor.Remove(s.serviceToken[sName][i]); err != nil {
+				s.Log.Error().Err(err).Str("service", "runtime service").Msgf("terminating with signal: %v", s)
+			}
 		}
 	}
-
-	done := make(chan struct{})
-	go func() {
-		wg.Wait()
-		close(done)
-	}()
-
-	select {
-	case <-time.After(_defaultInterruptTimeoutDuration):
-		s.Log.Error().Dur("timeoutDuration", _defaultInterruptTimeoutDuration).Msg("graceful shutdown timeout reached, terminating")
-		return errors.New("graceful shutdown timeout reached, terminating")
-	case <-done:
-		duration := time.Since(start)
-		s.Log.Info().Dur("duration", duration).Msg("graceful shutdown done")
-		return nil
-	}
+	s.Log.Debug().Str("service", "runtime service").Msgf("terminating with signal: %v", s)
+	time.Sleep(3 * time.Second) // give the services time to deregister
+	os.Exit(0)                  // FIXME this cause an early exit that prevents services from shitting down properly
 }
 
 // pingNats will attempt to connect to nats, blocking until a connection is established
 func pingNats(cfg *occfg.Config) error {
 	// We need to get a natsconfig from somewhere. We can use any one.
 	evcfg := cfg.Postprocessing.Postprocessing.Events
-	_, err := stream.NatsFromConfig("initial", true, stream.NatsConfig{
-		Endpoint:             evcfg.Endpoint,
-		Cluster:              evcfg.Cluster,
-		EnableTLS:            evcfg.EnableTLS,
-		TLSInsecure:          evcfg.TLSInsecure,
-		TLSRootCACertificate: evcfg.TLSRootCACertificate,
-		AuthUsername:         evcfg.AuthUsername,
-		AuthPassword:         evcfg.AuthPassword,
-	})
+	_, err := stream.NatsFromConfig("initial", true, stream.NatsConfig(evcfg))
 	return err
 }
 
@@ -623,7 +537,7 @@ func pingGateway(cfg *occfg.Config) error {
 		n := b.NextBackOff()
 		_, err := pool.GetGatewayServiceClient(cfg.Reva.Address)
 		if err != nil && n > time.Second {
-			logger.New().Error().Err(err).Dur("backoff", n).Msg("can't connect to gateway service, retrying")
+			logger.New().Error().Err(err).Msgf("can't connect to gateway service, retrying in %s", n)
 		}
 		return err
 	}

opencloud/pkg/runtime/service/sutureservice.go

@@ -10,17 +10,15 @@ import (
 // SutureService allows for the settings command to be embedded and supervised by a suture supervisor tree.
 type SutureService struct {
 	exec func(ctx context.Context) error
-	name string
 }
 
 // NewSutureServiceBuilder creates a new suture service
-func NewSutureServiceBuilder(name string, f func(context.Context, *occfg.Config) error) func(*occfg.Config) suture.Service {
+func NewSutureServiceBuilder(f func(context.Context, *occfg.Config) error) func(*occfg.Config) suture.Service {
 	return func(cfg *occfg.Config) suture.Service {
 		return SutureService{
 			exec: func(ctx context.Context) error {
 				return f(ctx, cfg)
 			},
-			name: name,
 		}
 	}
 }
@@ -29,8 +27,3 @@ func NewSutureServiceBuilder(name string, f func(context.Context, *occfg.Config)
 func (s SutureService) Serve(ctx context.Context) error {
 	return s.exec(ctx)
 }
-
-// String to fullfil fmt.Stringer interface, used to log the service name
-func (s SutureService) String() string {
-	return s.name
-}