mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2025-12-24 22:59:51 -05:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: mirror:remove-workspace
Branches Tags
mirror:main mirror:next-release/main mirror:replaceCIImages mirror:test/test-hook-failure mirror:dependabot/go_modules/go.opentelemetry.io/otel/sdk-1.39.0 mirror:dependabot/go_modules/github.com/opensearch-project/opensearch-go/v4-4.6.0 mirror:nats-tls-options mirror:groupware mirror:ocdav-to-frontent mirror:next-release/stable-4.0 mirror:stable-4.0 mirror:reduce-build-context mirror:stavros-k/main mirror:ocm-work mirror:benchmark-client mirror:bump-pkg-tracing-semconv-1.37.0 mirror:disableRunningCIWithWatchFS mirror:autodecode-base64-uuid mirror:triggerCi mirror:readtimeout mirror:stable-2.0 mirror:revaBump-2.39.0 mirror:dependabot/npm_and_yarn/services/idp/webpack-5.102.1 mirror:feat/app-provider-open-css-variables mirror:copilot/vscode1759406832111 mirror:dragonchaser/store-user-state-in-system-storage mirror:fix-dev-docker mirror:rolling-3.5.0 mirror:make-auth-bearer-runnable mirror:dependabot/npm_and_yarn/services/idp/postcss-preset-env-10.4.0 mirror:rolling-3.3.0 mirror:useLdapASServices mirror:thumbnailer-dimensions-env-alias mirror:bump-version-v2.0.3 mirror:deleteCommitIdFromReleaseVersion mirror:dragonchaser-patch-1 mirror:userPhotoTests mirror:adjust-frontend-config mirror:caseSearchWhenUserHasDowblePersonalSpaces mirror:remove-workspace mirror:docs-stable-2.0 mirror:update-labels mirror:debug-ci-failure mirror:runTestsInPosixAndDecomposed mirror:runTestInCIWithPosix mirror:fixTranslation mirror:localApiTests-CI mirror:run-dev-doc-pipelines mirror:delete#3099FromExpectedFailuresFile mirror:woodpecker-env mirror:hybrid-metadata-backend
mirror:v4.1.0 mirror:v4.0.1 mirror:4.0.1-rc.1 mirror:v4.0.1-rc.1 mirror:v4.0.0 mirror:v4.0.0-rc.5 mirror:v4.0.0-rc.4 mirror:4.0.0-rc.3 mirror:4.0.0-rc.2 mirror:4.0.0-rc.1 mirror:v3.7.0 mirror:v2.0.5 mirror:v3.6.0 mirror:v3.5.0 mirror:v3.4.0 mirror:v3.3.0 mirror:v3.2.1 mirror:v3.2.0 mirror:v2.0.4 mirror:v2.0.4-rc.1 mirror:v3.2.0-alpha.2 mirror:v3.2.0-alpha.1 mirror:v2.0.3 mirror:v3.1.0 mirror:v3.0.0 mirror:v2.3.0 mirror:v2.0.2 mirror:v2.2.0 mirror:v2.0.1 mirror:v2.1.0 mirror:v2.0.0 mirror:v2.0.0-beta.1 mirror:v1.1.0 mirror:v1.1.0-alpha.4 mirror:v1.1.0-alpha.3 mirror:v1.1.0-alpha.2 mirror:v1.1.0-alpha.1 mirror:v1.0.0 mirror:public_avail
..
compare: mirror:update-labels
Branches Tags
mirror:next-release/main mirror:main mirror:replaceCIImages mirror:test/test-hook-failure mirror:dependabot/go_modules/go.opentelemetry.io/otel/sdk-1.39.0 mirror:dependabot/go_modules/github.com/opensearch-project/opensearch-go/v4-4.6.0 mirror:nats-tls-options mirror:groupware mirror:ocdav-to-frontent mirror:next-release/stable-4.0 mirror:stable-4.0 mirror:reduce-build-context mirror:stavros-k/main mirror:ocm-work mirror:benchmark-client mirror:bump-pkg-tracing-semconv-1.37.0 mirror:disableRunningCIWithWatchFS mirror:autodecode-base64-uuid mirror:triggerCi mirror:readtimeout mirror:stable-2.0 mirror:revaBump-2.39.0 mirror:dependabot/npm_and_yarn/services/idp/webpack-5.102.1 mirror:feat/app-provider-open-css-variables mirror:copilot/vscode1759406832111 mirror:dragonchaser/store-user-state-in-system-storage mirror:fix-dev-docker mirror:rolling-3.5.0 mirror:make-auth-bearer-runnable mirror:dependabot/npm_and_yarn/services/idp/postcss-preset-env-10.4.0 mirror:rolling-3.3.0 mirror:useLdapASServices mirror:thumbnailer-dimensions-env-alias mirror:bump-version-v2.0.3 mirror:deleteCommitIdFromReleaseVersion mirror:dragonchaser-patch-1 mirror:userPhotoTests mirror:adjust-frontend-config mirror:caseSearchWhenUserHasDowblePersonalSpaces mirror:remove-workspace mirror:docs-stable-2.0 mirror:update-labels mirror:debug-ci-failure mirror:runTestsInPosixAndDecomposed mirror:runTestInCIWithPosix mirror:fixTranslation mirror:localApiTests-CI mirror:run-dev-doc-pipelines mirror:delete#3099FromExpectedFailuresFile mirror:woodpecker-env mirror:hybrid-metadata-backend
mirror:v4.1.0 mirror:v4.0.1 mirror:4.0.1-rc.1 mirror:v4.0.1-rc.1 mirror:v4.0.0 mirror:v4.0.0-rc.5 mirror:v4.0.0-rc.4 mirror:4.0.0-rc.3 mirror:4.0.0-rc.2 mirror:4.0.0-rc.1 mirror:v3.7.0 mirror:v2.0.5 mirror:v3.6.0 mirror:v3.5.0 mirror:v3.4.0 mirror:v3.3.0 mirror:v3.2.1 mirror:v3.2.0 mirror:v2.0.4 mirror:v2.0.4-rc.1 mirror:v3.2.0-alpha.2 mirror:v3.2.0-alpha.1 mirror:v2.0.3 mirror:v3.1.0 mirror:v3.0.0 mirror:v2.3.0 mirror:v2.0.2 mirror:v2.2.0 mirror:v2.0.1 mirror:v2.1.0 mirror:v2.0.0 mirror:v2.0.0-beta.1 mirror:v1.1.0 mirror:v1.1.0-alpha.4 mirror:v1.1.0-alpha.3 mirror:v1.1.0-alpha.2 mirror:v1.1.0-alpha.1 mirror:v1.0.0 mirror:public_avail

1 Commits
remove-wor ... update-lab

Author SHA1 Message Date
Michael Barz
ae3967d2e5 Update settings.yml 2025-03-26 16:07:09 +01:00
290 changed files with 3899 additions and 15246 deletions
Expand all files Collapse all files

28
.github/workflows/labels.yml vendored
View File

@@ -1,28 +0,0 @@
name: Require Pull Request Labels
on:
pull_request:
types: [opened, labeled, unlabeled, synchronize]
jobs:
label:
runs-on: ubuntu-latest
permissions:
issues: write
pull-requests: write
steps:
- uses: mheap/github-action-required-labels@v5
with:
mode: minimum
count: 1
labels: |
Type:Bug
Type:Enhancement
Type:Feature
Type:Breaking-Change
Type:Test
Type:Documentation
Type:Maintenance
Type:Security
Type:Dependencies
Type:DevOps
dependencies
add_comment: true

15
.make/go.mk
View File

@@ -18,20 +18,21 @@ SOURCES ?= $(shell find . -name "*.go" -type f -not -path "./node_modules/*")
TAGS ?=
ifndef OUTPUT
ifneq ($(CI_COMMIT_TAG),)
OUTPUT ?= $(subst v,,$(CI_COMMIT_TAG))
ifneq ($(DRONE_TAG),)
OUTPUT ?= $(subst v,,$(DRONE_TAG))
else
OUTPUT ?= testing
endif
endif
ifeq ($(VERSION), daily)
STRING ?= $(shell git rev-parse --short HEAD)
else ifeq ($(VERSION),)
STRING ?= $(shell git rev-parse --short HEAD)
ifndef VERSION
ifneq ($(DRONE_TAG),)
VERSION ?= $(subst v,,$(DRONE_TAG))
else
STRING ?= $(shell git rev-parse --short HEAD)
endif
endif
ifndef DATE
DATE := $(shell date -u '+%Y%m%d')
endif

2
.woodpecker.env
View File

@@ -1,3 +1,3 @@
# The test runner source for UI tests
WEB_COMMITID=25629bf0d846051ec0ed6f56ddbeb1a4de6f9ba0
WEB_COMMITID=a85b8b2f0b22d2e8fa133fee2dae8cc866c0c8c2
WEB_BRANCH=main

358
.woodpecker.star
View File

@@ -23,6 +23,7 @@ OC_CI_ALPINE = "owncloudci/alpine:latest"
OC_CI_BAZEL_BUILDIFIER = "owncloudci/bazel-buildifier:latest"
OC_CI_CLAMAVD = "owncloudci/clamavd"
OC_CI_DRONE_ANSIBLE = "owncloudci/drone-ansible:latest"
OC_CI_DRONE_SKIP_PIPELINE = "owncloudci/drone-skip-pipeline"
OC_CI_GOLANG = "docker.io/golang:1.24"
OC_CI_NODEJS = "owncloudci/nodejs:%s"
OC_CI_PHP = "owncloudci/php:%s"
@@ -31,12 +32,18 @@ OC_CS3_API_VALIDATOR = "opencloudeu/cs3api-validator:latest"
OC_LITMUS = "owncloudci/litmus:latest"
OC_UBUNTU = "owncloud/ubuntu:20.04"
ONLYOFFICE_DOCUMENT_SERVER = "onlyoffice/documentserver:7.5.1"
PLUGINS_CODACY = "plugins/codacy:1"
PLUGINS_DOCKER_BUILDX = "woodpeckerci/plugin-docker-buildx:latest"
PLUGINS_GH_PAGES = "plugins/gh-pages:1"
PLUGINS_GITHUB_RELEASE = "woodpeckerci/plugin-release"
PLUGINS_GIT_ACTION = "plugins/git-action:1"
PLUGINS_GIT_PUSH = "appleboy/drone-git-push"
PLUGINS_MANIFEST = "plugins/manifest:1"
PLUGINS_S3 = "plugins/s3:1"
PLUGINS_S3_CACHE = "plugins/s3-cache:1"
PLUGINS_SLACK = "plugins/slack:1"
REDIS = "redis:6-alpine"
SONARSOURCE_SONAR_SCANNER_CLI = "sonarsource/sonar-scanner-cli:11.0"
READY_RELEASE_GO = "woodpeckerci/plugin-ready-release-go:latest"
DEFAULT_PHP_VERSION = "8.2"
@@ -48,8 +55,11 @@ dirs = {
"zip": "/woodpecker/src/github.com/opencloud-eu/opencloud/zip",
"webZip": "/woodpecker/src/github.com/opencloud-eu/opencloud/zip/web.tar.gz",
"webPnpmZip": "/woodpecker/src/github.com/opencloud-eu/opencloud/zip/web-pnpm.tar.gz",
"baseGo": "/go/src/github.com/opencloud-eu/opencloud",
"gobinTar": "go-bin.tar.gz",
"gobinTarPath": "/go/src/github.com/opencloud-eu/opencloud/go-bin.tar.gz",
"opencloudConfig": "tests/config/woodpecker/opencloud-config.json",
"ocis": "/woodpecker/src/github.com/opencloud-eu/opencloud/srv/app/tmp/ocis",
"opencloudRevaDataRoot": "/woodpecker/src/github.com/opencloud-eu/opencloud/srv/app/tmp/ocis/owncloud/data",
"multiServiceOcBaseDataPath": "/woodpecker/src/github.com/opencloud-eu/opencloud/multiServiceData",
"ocWrapper": "/woodpecker/src/github.com/opencloud-eu/opencloud/tests/ocwrapper",
@@ -68,19 +78,6 @@ FED_OC_SERVER_NAME = "federation-opencloud-server"
OC_FED_URL = "https://%s:10200" % FED_OC_SERVER_NAME
OC_FED_DOMAIN = "%s:10200" % FED_OC_SERVER_NAME
event = {
"base": {
"event": ["push", "manual"],
"branch": "main",
},
"pull_request": {
"event": "pull_request",
},
"tag": {
"event": "tag",
},
}
# configuration
config = {
"cs3ApiTests": {
@@ -348,6 +345,14 @@ config = {
GRAPH_AVAILABLE_ROLES = "b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5,a8d5fe5e-96e3-418d-825b-534dbdf22b99,fb6c3e19-e378-47e5-b277-9732f9de6e21,58c63c02-1d89-4572-916a-870abc5a1b7d,2d00ce52-1fc2-4dbc-8b95-a73b73395f5a,1c996275-f1c9-4e71-abdf-a42f6495e960,312c0871-5ef7-4b3a-85b6-0e4074c64049,aa97fe03-7980-45ac-9e50-b325749fd7e6,63e64e19-8d43-42ec-a738-2b6af2610efa"
# workspace for pipeline to cache Go dependencies between steps of a pipeline
# to be used in combination with stepVolumeGo
workspace = \
{
"base": "/go",
"path": "src/github.com/opencloud-eu/opencloud/",
}
# minio mc environment variables
MINIO_MC_ENV = {
"CACHE_BUCKET": {
@@ -411,6 +416,8 @@ def main(ctx):
none
"""
pipelines = []
build_release_helpers = \
readyReleaseGo() + \
docs()
@@ -424,8 +431,8 @@ def main(ctx):
test_pipelines = \
codestyle(ctx) + \
checkGherkinLint() + \
checkTestSuitesInExpectedFailures() + \
checkGherkinLint(ctx) + \
checkTestSuitesInExpectedFailures(ctx) + \
buildWebCache(ctx) + \
getGoBinForTesting(ctx) + \
buildOpencloudBinaryForTesting(ctx) + \
@@ -467,7 +474,7 @@ def main(ctx):
),
)
pipelineSanityChecks(pipelines)
pipelineSanityChecks(ctx, pipelines)
return pipelines
def cachePipeline(name, steps):
@@ -480,7 +487,9 @@ def cachePipeline(name, steps):
"event": ["push", "manual"],
"branch": ["main", "stable-*"],
},
event["pull_request"],
{
"event": "pull_request",
},
],
}
@@ -538,7 +547,6 @@ def getGoBinForTesting(ctx):
"steps": checkGoBinCache() +
cacheGoBin(),
"when": [
event["tag"],
{
"event": ["push", "manual"],
"branch": ["main", "stable-*"],
@@ -549,7 +557,11 @@ def getGoBinForTesting(ctx):
"exclude": skipIfUnchanged(ctx, "unit-tests"),
},
},
{
"event": "tag",
},
],
"workspace": workspace,
}]
def checkGoBinCache():
@@ -558,7 +570,7 @@ def checkGoBinCache():
"image": MINIO_MC,
"environment": MINIO_MC_ENV,
"commands": [
"bash -x %s/tests/config/woodpecker/check_go_bin_cache.sh %s %s" % (dirs["base"], dirs["base"], dirs["gobinTar"]),
"bash -x %s/tests/config/woodpecker/check_go_bin_cache.sh %s %s" % (dirs["baseGo"], dirs["baseGo"], dirs["gobinTar"]),
],
}]
@@ -576,13 +588,12 @@ def cacheGoBin():
},
{
"name": "archive-go-bin",
"image": OC_CI_GOLANG,
"image": OC_UBUNTU,
"commands": [
". ./.env",
"if $BIN_CACHE_FOUND; then exit 0; fi",
"tar -czvf %s/%s /go/bin " % (dirs["base"], dirs["gobinTar"]),
"tar -czvf %s /go/bin" % dirs["gobinTarPath"],
],
"environment": CI_HTTP_PROXY_ENV,
},
{
"name": "cache-go-bin",
@@ -593,10 +604,10 @@ def cacheGoBin():
"if $BIN_CACHE_FOUND; then exit 0; fi",
# .bingo folder will change after 'bingo-get'
# so get the stored hash of a .bingo folder
"BINGO_HASH=$(cat %s/.bingo_hash)" % dirs["base"],
"BINGO_HASH=$(cat %s/.bingo_hash)" % dirs["baseGo"],
# cache using the minio client to the public bucket (long term bucket)
"mc alias set s3 $MC_HOST $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY",
"mc cp -r %s/%s s3/$CACHE_BUCKET/opencloud/go-bin/$BINGO_HASH" % (dirs["base"], dirs["gobinTar"]),
"mc cp -r %s s3/$CACHE_BUCKET/opencloud/go-bin/$BINGO_HASH" % (dirs["gobinTarPath"]),
],
},
]
@@ -608,32 +619,22 @@ def restoreGoBinCache():
"image": MINIO_MC,
"environment": MINIO_MC_ENV,
"commands": [
"BINGO_HASH=$(cat %s/.bingo/* | sha256sum | cut -d ' ' -f 1)" % dirs["base"],
"BINGO_HASH=$(cat %s/.bingo/* | sha256sum | cut -d ' ' -f 1)" % dirs["baseGo"],
"mc alias set s3 $MC_HOST $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY",
"mc cp -r -a s3/$CACHE_BUCKET/opencloud/go-bin/$BINGO_HASH/%s %s" % (dirs["gobinTar"], dirs["base"]),
"mc cp -r -a s3/$CACHE_BUCKET/opencloud/go-bin/$BINGO_HASH/%s %s" % (dirs["gobinTar"], dirs["baseGo"]),
],
},
{
"name": "extract-go-bin-cache",
"image": OC_CI_GOLANG,
"image": OC_UBUNTU,
"commands": [
"tar -xvmf %s/%s -C %s" % (dirs["base"], dirs["gobinTar"], dirs["base"]),
"tar -xvmf %s -C /" % dirs["gobinTarPath"],
],
},
]
def testOpencloud(ctx):
# environment = CI_HTTP_PROXY_ENV
# environment["GOBIN"] = "/woodpecker/src/github.com/opencloud-eu/opencloud/go/bin"
steps = restoreGoBinCache() + [
{
"name": "generate-go",
"image": OC_CI_GOLANG,
"commands": [
"for i in $(seq 3); do %s go-generate && break || sleep 1; done" % make,
],
"environment": CI_HTTP_PROXY_ENV,
},
steps = restoreGoBinCache() + makeGoGenerate("") + [
{
"name": "golangci-lint",
"image": OC_CI_GOLANG,
@@ -679,7 +680,10 @@ def testOpencloud(ctx):
"name": "linting_and_unitTests",
"steps": steps,
"when": [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {
@@ -688,6 +692,7 @@ def testOpencloud(ctx):
},
],
"depends_on": getPipelineNames(getGoBinForTesting(ctx)),
"workspace": workspace,
}
def scanOpencloud(ctx):
@@ -706,7 +711,10 @@ def scanOpencloud(ctx):
"name": "go-vulnerability-scanning",
"steps": steps,
"when": [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {
@@ -714,6 +722,8 @@ def scanOpencloud(ctx):
},
},
],
"depends_on": getPipelineNames(getGoBinForTesting(ctx)),
"workspace": workspace,
}
def buildOpencloudBinaryForTesting(ctx):
@@ -724,7 +734,10 @@ def buildOpencloudBinaryForTesting(ctx):
build() +
rebuildBuildArtifactCache(ctx, dirs["opencloudBinArtifact"], dirs["opencloudBinPath"]),
"when": [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {
@@ -732,6 +745,7 @@ def buildOpencloudBinaryForTesting(ctx):
},
},
],
"workspace": workspace,
}]
def vendorbinCodestyle(phpVersion):
@@ -758,7 +772,7 @@ def vendorbinCodesniffer(phpVersion):
],
}]
def checkTestSuitesInExpectedFailures():
def checkTestSuitesInExpectedFailures(ctx):
return [{
"name": "check-suites-in-expected-failures",
"steps": [
@@ -770,10 +784,14 @@ def checkTestSuitesInExpectedFailures():
],
},
],
"when": [event["pull_request"]],
"when": [
{
"event": "pull_request",
},
],
}]
def checkGherkinLint():
def checkGherkinLint(ctx):
return [{
"name": "check-gherkin-standard",
"steps": [
@@ -786,7 +804,11 @@ def checkGherkinLint():
],
},
],
"when": [event["pull_request"]],
"when": [
{
"event": "pull_request",
},
],
}]
def codestyle(ctx):
@@ -847,7 +869,10 @@ def codestyle(ctx):
],
"depends_on": [],
"when": [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {
@@ -901,20 +926,23 @@ def localApiTestPipeline(ctx):
"steps": restoreBuildArtifactCache(ctx, dirs["opencloudBinArtifact"], dirs["opencloudBinPath"]) +
(tikaService() if params["tikaNeeded"] else []) +
(waitForServices("online-offices", ["collabora:9980", "onlyoffice:443", "fakeoffice:8080"]) if params["collaborationServiceNeeded"] else []) +
opencloudServer(storage, params["accounts_hash_difficulty"], extra_server_environment = params["extraServerEnvironment"], with_wrapper = True, tika_enabled = params["tikaNeeded"]) +
(waitForClamavService() if params["antivirusNeeded"] else []) +
(waitForEmailService() if params["emailNeeded"] else []) +
opencloudServer(storage, params["accounts_hash_difficulty"], extra_server_environment = params["extraServerEnvironment"], with_wrapper = True, tika_enabled = params["tikaNeeded"]) +
(opencloudServer(storage, params["accounts_hash_difficulty"], deploy_type = "federation", extra_server_environment = params["extraServerEnvironment"]) if params["federationServer"] else []) +
((wopiCollaborationService("fakeoffice") + wopiCollaborationService("collabora") + wopiCollaborationService("onlyoffice")) if params["collaborationServiceNeeded"] else []) +
(openCloudHealthCheck("wopi", ["wopi-collabora:9304", "wopi-onlyoffice:9304", "wopi-fakeoffice:9304"]) if params["collaborationServiceNeeded"] else []) +
localApiTests(name, params["suites"], storage, params["extraEnvironment"], run_with_remote_php) +
localApiTests(ctx, name, params["suites"], storage, params["extraEnvironment"], run_with_remote_php) +
logRequests(),
"services": (emailService() if params["emailNeeded"] else []) +
(clamavService() if params["antivirusNeeded"] else []) +
((fakeOffice() + collaboraService() + onlyofficeService()) if params["collaborationServiceNeeded"] else []),
"depends_on": getPipelineNames(buildOpencloudBinaryForTesting(ctx)),
"when": [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {
@@ -926,9 +954,9 @@ def localApiTestPipeline(ctx):
pipelines.append(pipeline)
return pipelines
def localApiTests(name, suites, storage = "decomposed", extra_environment = {}, with_remote_php = False):
def localApiTests(ctx, name, suites, storage = "decomposed", extra_environment = {}, with_remote_php = False):
test_dir = "%s/tests/acceptance" % dirs["base"]
expected_failures_file = "%s/expected-failures-localAPI-on-decomposed-storage.md" % test_dir
expected_failures_file = "%s/expected-failures-localAPI-on-decomposed-storage.md" % (test_dir)
environment = {
"TEST_SERVER_URL": OC_URL,
@@ -962,7 +990,7 @@ def cs3ApiTests(ctx, storage, accounts_hash_difficulty = 4):
return {
"name": "cs3ApiTests-%s" % storage,
"steps": restoreBuildArtifactCache(ctx, dirs["opencloudBinArtifact"], dirs["opencloudBinPath"]) +
opencloudServer(storage, accounts_hash_difficulty, deploy_type = "cs3api_validator") +
opencloudServer(storage, accounts_hash_difficulty, [], [], "cs3api_validator") +
[
{
"name": "cs3ApiTests",
@@ -977,7 +1005,10 @@ def cs3ApiTests(ctx, storage, accounts_hash_difficulty = 4):
],
"depends_on": getPipelineNames(buildOpencloudBinaryForTesting(ctx)),
"when": [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {
@@ -1005,6 +1036,7 @@ def wopiValidatorTests(ctx, storage, wopiServerType, accounts_hash_difficulty =
]
validatorTests = []
wopiServer = []
extra_server_environment = {}
if wopiServerType == "cs3":
@@ -1090,7 +1122,10 @@ def wopiValidatorTests(ctx, storage, wopiServerType, accounts_hash_difficulty =
validatorTests,
"depends_on": getPipelineNames(buildOpencloudBinaryForTesting(ctx)),
"when": [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {
@@ -1141,7 +1176,10 @@ def coreApiTests(ctx, part_number = 1, number_of_parts = 1, with_remote_php = Fa
"services": redisForOCStorage(storage),
"depends_on": getPipelineNames(buildOpencloudBinaryForTesting(ctx)),
"when": [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {
@@ -1166,7 +1204,7 @@ def apiTests(ctx):
for runPart in range(1, config["apiTests"]["numberOfParts"] + 1):
for run_with_remote_php in defaults["withRemotePhp"]:
if not debugPartsEnabled or (debugPartsEnabled and runPart in debugParts):
if (not debugPartsEnabled or (debugPartsEnabled and runPart in debugParts)):
pipelines.append(coreApiTests(ctx, runPart, config["apiTests"]["numberOfParts"], run_with_remote_php))
return pipelines
@@ -1188,7 +1226,10 @@ def e2eTestPipeline(ctx):
}
e2e_trigger = [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {
@@ -1203,10 +1244,10 @@ def e2eTestPipeline(ctx):
pipelines = []
if "skip-e2e" in ctx.build.title.lower():
if ("skip-e2e" in ctx.build.title.lower()):
return pipelines
if ctx.build.event == "tag":
if (ctx.build.event == "tag"):
return pipelines
storage = "posix"
@@ -1294,7 +1335,10 @@ def multiServiceE2ePipeline(ctx):
}
e2e_trigger = [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {
@@ -1303,11 +1347,11 @@ def multiServiceE2ePipeline(ctx):
},
]
if "skip-e2e" in ctx.build.title.lower():
if ("skip-e2e" in ctx.build.title.lower()):
return pipelines
# run this pipeline only for cron jobs and full-ci PRs
if not "full-ci" in ctx.build.title.lower() and ctx.build.event != "cron":
if (not "full-ci" in ctx.build.title.lower() and ctx.build.event != "cron"):
return pipelines
storage = "posix"
@@ -1411,7 +1455,7 @@ def multiServiceE2ePipeline(ctx):
})
return pipelines
def uploadTracingResult():
def uploadTracingResult(ctx):
return [{
"name": "upload-tracing-result",
"image": PLUGINS_S3,
@@ -1505,7 +1549,7 @@ def dockerReleases(ctx):
def dockerRelease(ctx, repo, build_type):
build_args = [
"REVISION=%s" % ctx.build.commit,
"REVISION=%s" % (ctx.build.commit),
"VERSION=%s" % (ctx.build.ref.replace("refs/tags/", "") if ctx.build.event == "tag" else "daily"),
]
@@ -1538,7 +1582,11 @@ def dockerRelease(ctx, repo, build_type):
"from_secret": "ci_http_proxy",
},
},
"when": [event["pull_request"]],
"when": [
{
"event": ["pull_request"],
},
],
},
{
"name": "build-and-push",
@@ -1580,21 +1628,31 @@ def dockerRelease(ctx, repo, build_type):
],
},
"when": [
event["base"],
event["tag"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "tag",
},
],
},
],
"depends_on": depends_on,
"when": [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {
"exclude": skipIfUnchanged(ctx, "build-docker"),
},
},
event["tag"],
{
"event": "tag",
},
],
}
@@ -1628,8 +1686,13 @@ def binaryRelease(ctx, arch, depends_on = []):
"make -C opencloud release-finish",
],
"when": [
event["base"],
event["tag"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "tag",
},
],
},
{
@@ -1643,29 +1706,35 @@ def binaryRelease(ctx, arch, depends_on = []):
"opencloud/dist/release/*",
],
"title": ctx.build.ref.replace("refs/tags/v", ""),
"overwrite": True,
"prerelease": len(ctx.build.ref.split("-")) > 1,
},
"when": [
event["tag"],
{
"event": "tag",
},
],
},
],
"depends_on": depends_on,
"when": [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {
"exclude": skipIfUnchanged(ctx, "build-binary"),
},
},
event["tag"],
{
"event": "tag",
},
],
}
def licenseCheck(ctx):
environment = CI_HTTP_PROXY_ENV
environment["GOBIN"] = "/woodpecker/src/github.com/opencloud-eu/opencloud/go/bin"
return {
"name": "check-licenses",
"steps": restoreGoBinCache() + [
@@ -1686,7 +1755,7 @@ def licenseCheck(ctx):
{
"name": "go-check-licenses",
"image": OC_CI_GOLANG,
"environment": environment,
"environment": CI_HTTP_PROXY_ENV,
"commands": [
"make ci-go-check-licenses",
],
@@ -1694,7 +1763,7 @@ def licenseCheck(ctx):
{
"name": "go-save-licenses",
"image": OC_CI_GOLANG,
"environment": environment,
"environment": CI_HTTP_PROXY_ENV,
"commands": [
"make ci-go-save-licenses",
],
@@ -1717,18 +1786,29 @@ def licenseCheck(ctx):
"third-party-licenses.tar.gz",
],
"title": ctx.build.ref.replace("refs/tags/v", ""),
"overwrite": True,
"prerelease": len(ctx.build.ref.split("-")) > 1,
},
"when": [
event["tag"],
{
"event": "tag",
},
],
},
],
"when": [
event["base"],
event["pull_request"],
event["tag"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
},
{
"event": "tag",
},
],
"workspace": workspace,
}
def readyReleaseGo():
@@ -1747,7 +1827,12 @@ def readyReleaseGo():
},
},
],
"when": [event["base"]],
"when": [
{
"event": ["push", "manual"],
"branch": "main",
},
],
}]
def releaseDockerReadme(repo, build_type):
@@ -1765,7 +1850,7 @@ def releaseDockerReadme(repo, build_type):
"from_secret": "docker_password",
},
"PUSHRM_TARGET": repo,
"PUSHRM_SHORT": "Docker images for %s" % repo,
"PUSHRM_SHORT": "Docker images for %s" % (repo),
"PUSHRM_FILE": "README.md",
},
},
@@ -1783,8 +1868,13 @@ def releaseDockerReadme(repo, build_type):
},
],
"when": [
event["base"],
event["tag"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "tag",
},
],
}
@@ -1820,17 +1910,17 @@ def makeNodeGenerate(module):
if module == "":
make = "make"
else:
make = "make -C %s" % module
make = "make -C %s" % (module)
return [
{
"name": "generate-nodejs",
"name": "generate nodejs",
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"environment": {
"CHROMEDRIVER_SKIP_DOWNLOAD": True, # install fails on arm and chromedriver is a test only dependency
},
"commands": [
"pnpm config set store-dir ./.pnpm-store",
"for i in $(seq 3); do %s node-generate-prod && break || sleep 1; done" % make,
"for i in $(seq 3); do %s node-generate-prod && break || sleep 1; done" % (make),
],
},
]
@@ -1839,13 +1929,13 @@ def makeGoGenerate(module):
if module == "":
make = "make"
else:
make = "make -C %s" % module
make = "make -C %s" % (module)
return [
{
"name": "generate-go",
"name": "generate go",
"image": OC_CI_GOLANG,
"commands": [
"for i in $(seq 3); do %s go-generate && break || sleep 1; done" % make,
"for i in $(seq 3); do %s go-generate && break || sleep 1; done" % (make),
],
"environment": CI_HTTP_PROXY_ENV,
},
@@ -1877,18 +1967,20 @@ def notify(ctx):
"event": ["push", "manual"],
"branch": ["main", "release-*"],
},
event["tag"],
{
"event": "tag",
},
],
"runs_on": status,
}
def opencloudServer(storage = "decomposed", accounts_hash_difficulty = 4, depends_on = [], deploy_type = "", extra_server_environment = {}, with_wrapper = False, tika_enabled = False):
def opencloudServer(storage = "decomposed", accounts_hash_difficulty = 4, volumes = [], depends_on = [], deploy_type = "", extra_server_environment = {}, with_wrapper = False, tika_enabled = False):
user = "0:0"
container_name = OC_SERVER_NAME
environment = {
"OC_URL": OC_URL,
"OC_CONFIG_DIR": "/root/.opencloud/config", # needed for checking config later
"STORAGE_USERS_DRIVER": "%s" % storage,
"STORAGE_USERS_DRIVER": "%s" % (storage),
"PROXY_ENABLE_BASIC_AUTH": True,
"WEB_UI_CONFIG_FILE": "%s/%s" % (dirs["base"], dirs["opencloudConfig"]),
"OC_LOG_LEVEL": "error",
@@ -1978,27 +2070,20 @@ def opencloudServer(storage = "decomposed", accounts_hash_difficulty = 4, depend
# That will allow OpenCloud to use whatever its built-in default is.
# Otherwise pass in a value from 4 to about 11 or 12 (default 4, for making regular tests fast)
# The high values cause lots of CPU to be used when hashing passwords, and really slow down the tests.
if accounts_hash_difficulty != "default":
if (accounts_hash_difficulty != "default"):
environment["ACCOUNTS_HASH_DIFFICULTY"] = accounts_hash_difficulty
for item in extra_server_environment:
environment[item] = extra_server_environment[item]
server_commands = [
wrapper_commands = [
"make -C %s build" % dirs["ocWrapper"],
"env | sort",
"%s/bin/ocwrapper serve --bin %s --url %s --admin-username admin --admin-password admin" % (dirs["ocWrapper"], dirs["opencloudBin"], environment["OC_URL"]),
]
if with_wrapper:
server_commands += [
"make -C %s build" % dirs["ocWrapper"],
"%s/bin/ocwrapper serve --bin %s --url %s --admin-username admin --admin-password admin" % (dirs["ocWrapper"], dirs["opencloudBin"], environment["OC_URL"]),
]
else:
server_commands += [
"%s server" % dirs["opencloudBin"],
]
wait_for_opencloud = {
"name": "wait-for-%s" % container_name,
"name": "wait-for-%s" % (container_name),
"image": OC_CI_ALPINE,
"commands": [
# wait for opencloud-server to be ready (5 minutes)
@@ -2022,7 +2107,7 @@ def opencloudServer(storage = "decomposed", accounts_hash_difficulty = 4, depend
"%s init --insecure true" % dirs["opencloudBin"],
"cat $OC_CONFIG_DIR/opencloud.yaml",
"cp tests/config/woodpecker/app-registry.yaml $OC_CONFIG_DIR/app-registry.yaml",
] + server_commands,
] + (wrapper_commands),
}
steps = [
@@ -2094,6 +2179,11 @@ def build():
]
def skipIfUnchanged(ctx, type):
## FIXME: the 'exclude' feature (https://woodpecker-ci.org/docs/usage/workflow-syntax#path) does not seem to provide
# what we need. It seems to skip the build as soon as one of the changed files matches an exclude pattern, we only
# want to skip of ALL changed files match. So skip this condition for now:
return []
if "full-ci" in ctx.build.title.lower() or ctx.build.event == "tag" or ctx.build.event == "cron":
return []
@@ -2123,6 +2213,8 @@ def skipIfUnchanged(ctx, type):
skip = base + unit + acceptance
elif type == "cache":
skip = base
else:
return []
return skip
@@ -2154,13 +2246,13 @@ def example_deploys(ctx):
deploys = []
for config in configs:
deploys.append(deploy(config, rebuild))
deploys.append(deploy(ctx, config, rebuild))
return deploys
def deploy(config, rebuild):
def deploy(ctx, config, rebuild):
return {
"name": "deploy_%s" % config,
"name": "deploy_%s" % (config),
"steps": [
{
"name": "clone continuous deployment playbook",
@@ -2175,7 +2267,7 @@ def deploy(config, rebuild):
"image": OC_CI_DRONE_ANSIBLE,
"failure": "ignore",
"environment": {
"CONTINUOUS_DEPLOY_SERVERS_CONFIG": "../%s" % config,
"CONTINUOUS_DEPLOY_SERVERS_CONFIG": "../%s" % (config),
"REBUILD": rebuild,
"HCLOUD_API_TOKEN": {
"from_secret": "hcloud_api_token",
@@ -2196,8 +2288,13 @@ def deploy(config, rebuild):
},
],
"when": [
event["base"],
event["tag"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "tag",
},
],
}
@@ -2227,7 +2324,11 @@ def checkStarlark():
},
],
"depends_on": [],
"when": [event["pull_request"]],
"when": [
{
"event": "pull_request",
},
],
}]
def genericCache(name, action, mounts, cache_path):
@@ -2256,7 +2357,7 @@ def genericCache(name, action, mounts, cache_path):
"secret_key": {
"from_secret": "cache_s3_secret_key",
},
"filename": "%s.tar" % name,
"filename": "%s.tar" % (name),
"path": cache_path,
"fallback_path": cache_path,
},
@@ -2287,8 +2388,13 @@ def genericCachePurge(flush_path):
},
],
"when": [
event["base"],
event["pull_request"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
},
],
"runs_on": ["success", "failure"],
}
@@ -2296,7 +2402,7 @@ def genericCachePurge(flush_path):
def genericBuildArtifactCache(ctx, name, action, path):
if action == "rebuild" or action == "restore":
cache_path = "%s/%s/%s" % ("cache", repo_slug, ctx.build.commit + "-${CI_PIPELINE_NUMBER}")
name = "%s_build_artifact_cache" % name
name = "%s_build_artifact_cache" % (name)
return genericCache(name, action, [path], cache_path)
if action == "purge":
@@ -2313,13 +2419,14 @@ def rebuildBuildArtifactCache(ctx, name, path):
def purgeBuildArtifactCache(ctx):
return genericBuildArtifactCache(ctx, "", "purge", [])
def pipelineSanityChecks(pipelines):
def pipelineSanityChecks(ctx, pipelines):
"""pipelineSanityChecks helps the CI developers to find errors before running it
These sanity checks are only executed on when converting starlark to yaml.
Error outputs are only visible when the conversion is done with the woodpecker cli.
Args:
ctx: woodpecker passes a context with information which the pipeline can be adapted to
pipelines: pipelines to be checked, normally you should run this on the return value of main()
Returns:
@@ -2331,7 +2438,7 @@ def pipelineSanityChecks(pipelines):
for pipeline in pipelines:
pipeline_name = pipeline["name"]
if len(pipeline_name) > max_name_length:
print("Error: pipeline name %s is longer than 50 characters" % pipeline_name)
print("Error: pipeline name %s is longer than 50 characters" % (pipeline_name))
for step in pipeline["steps"]:
step_name = step["name"]
@@ -2382,7 +2489,7 @@ def pipelineSanityChecks(pipelines):
def litmus(ctx, storage):
pipelines = []
if not config["litmus"]:
if (config["litmus"] == False):
return pipelines
environment = {
@@ -2467,7 +2574,10 @@ def litmus(ctx, storage):
"services": redisForOCStorage(storage),
"depends_on": getPipelineNames(buildOpencloudBinaryForTesting(ctx)),
"when": [
event["base"],
{
"event": ["push", "manual"],
"branch": "main",
},
{
"event": "pull_request",
"path": {

16
.woodpecker/docs.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
when:
- event: ["push", "manual"]
branch: main
steps:
- name: devdocs
image: codeberg.org/xfix/plugin-codeberg-pages-deploy:1
settings:
folder: docs
branch: docs
git_config_email: ${CI_COMMIT_AUTHOR_EMAIL}
git_config_name: ${CI_COMMIT_AUTHOR}
ssh_key:
from_secret: ssh_key

106
CHANGELOG.md
View File

@@ -1,106 +1,2 @@
# Changelog
# Table of Contents
## [2.1.0](https://github.com/opencloud-eu/opencloud/releases/tag/v2.1.0) - 2025-04-07
### ❤️ Thanks to all contributors! ❤️
@AlexAndBear, @JammingBen, @ScharfViktor, @aduffeck, @butonic, @fschade, @individual-it, @kulmann, @micbar, @michaelstingl, @rhafer
### 🐛 Bug Fixes
- feat(antivirus): add partial scanning mode [[#559](https://github.com/opencloud-eu/opencloud/pull/559)]
- Simplify item-trashed SSEs. Also fixes it for coll. posix fs. [[#565](https://github.com/opencloud-eu/opencloud/pull/565)]
- fix(opencloud_full): add missing SMTP env vars [[#563](https://github.com/opencloud-eu/opencloud/pull/563)]
- fix: full deployment tika description is wrong [[#553](https://github.com/opencloud-eu/opencloud/pull/553)]
- fix: traefik credentials [[#555](https://github.com/opencloud-eu/opencloud/pull/555)]
- Enable scan/watch in the storageprovider only [[#546](https://github.com/opencloud-eu/opencloud/pull/546)]
- fix: typo in dev docs [[#540](https://github.com/opencloud-eu/opencloud/pull/540)]
### 📈 Enhancement
- [full-ci] reva bump 2.31.0 [[#599](https://github.com/opencloud-eu/opencloud/pull/599)]
- feat: support svg as icon [[#538](https://github.com/opencloud-eu/opencloud/pull/538)]
- feat: change theme.json primary color [[#536](https://github.com/opencloud-eu/opencloud/pull/536)]
- graph: reduce memory allocations [[#494](https://github.com/opencloud-eu/opencloud/pull/494)]
### ✅ Tests
- [full-ci] fix expected spanish string in test [[#596](https://github.com/opencloud-eu/opencloud/pull/596)]
- Revert "Disable the 'exclude' patterns on the path conditional for now" [[#561](https://github.com/opencloud-eu/opencloud/pull/561)]
### 📦️ Dependencies
- build(deps): bump github.com/go-playground/validator/v10 from 10.25.0 to 10.26.0 [[#571](https://github.com/opencloud-eu/opencloud/pull/571)]
- build(deps): bump github.com/nats-io/nats.go from 1.39.1 to 1.41.0 [[#567](https://github.com/opencloud-eu/opencloud/pull/567)]
- [full-ci] chore(web): bump web to v2.2.0 [[#570](https://github.com/opencloud-eu/opencloud/pull/570)]
- build(deps): bump github.com/onsi/gomega from 1.36.3 to 1.37.0 [[#566](https://github.com/opencloud-eu/opencloud/pull/566)]
- build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 [[#557](https://github.com/opencloud-eu/opencloud/pull/557)]
- build(deps-dev): bump eslint-plugin-jsx-a11y from 6.9.0 to 6.10.2 in /services/idp [[#542](https://github.com/opencloud-eu/opencloud/pull/542)]
- build(deps): bump web-vitals from 3.5.2 to 4.2.4 in /services/idp [[#541](https://github.com/opencloud-eu/opencloud/pull/541)]
- build(deps): bump github.com/open-policy-agent/opa from 1.2.0 to 1.3.0 [[#508](https://github.com/opencloud-eu/opencloud/pull/508)]
- build(deps): bump github.com/urfave/cli/v2 from 2.27.5 to 2.27.6 [[#509](https://github.com/opencloud-eu/opencloud/pull/509)]
- fix keycloak example #465 [[#535](https://github.com/opencloud-eu/opencloud/pull/535)]
## [2.0.0](https://github.com/opencloud-eu/opencloud/releases/tag/v2.0.0) - 2025-03-26
### ❤️ Thanks to all contributors! ❤️
@JammingBen, @ScharfViktor, @aduffeck, @amrita-shrestha, @butonic, @dragonchaser, @dragotin, @individual-it, @kulmann, @micbar, @prashant-gurung899, @rhafer
### 💥 Breaking changes
- [posix] change storage users default to posixfs [[#237](https://github.com/opencloud-eu/opencloud/pull/237)]
### 🐛 Bug Fixes
- Bump reva to 2.29.1 [[#501](https://github.com/opencloud-eu/opencloud/pull/501)]
- remove workaround for translation formatting [[#491](https://github.com/opencloud-eu/opencloud/pull/491)]
- [full-ci] fix(collaboration): hide SaveAs and ExportAs buttons in web office [[#471](https://github.com/opencloud-eu/opencloud/pull/471)]
- fix: add missing debug docker [[#481](https://github.com/opencloud-eu/opencloud/pull/481)]
- Downgrade nats.go to 1.39.1 [[#479](https://github.com/opencloud-eu/opencloud/pull/479)]
- fix cli driver initialization for "posix" [[#459](https://github.com/opencloud-eu/opencloud/pull/459)]
- Do not cache when there was an error gathering the data [[#462](https://github.com/opencloud-eu/opencloud/pull/462)]
- fix(storage-users): 'uploads sessions' command crash [[#446](https://github.com/opencloud-eu/opencloud/pull/446)]
- fix: org name in multiarch dev build [[#431](https://github.com/opencloud-eu/opencloud/pull/431)]
- fix local setup [[#440](https://github.com/opencloud-eu/opencloud/pull/440)]
### 📈 Enhancement
- [full-ci] chore(web): update web to v2.1.0 [[#497](https://github.com/opencloud-eu/opencloud/pull/497)]
- Bump reva [[#474](https://github.com/opencloud-eu/opencloud/pull/474)]
- Bump reva to pull in the latest fixes [[#451](https://github.com/opencloud-eu/opencloud/pull/451)]
- Switch to jsoncs3 backend for app tokens and enable service by default [[#433](https://github.com/opencloud-eu/opencloud/pull/433)]
- Completely remove "edition" from capabilities [[#434](https://github.com/opencloud-eu/opencloud/pull/434)]
- feat: add post logout redirect uris for mobile clients [[#411](https://github.com/opencloud-eu/opencloud/pull/411)]
- chore: bump version to v1.1.0 [[#422](https://github.com/opencloud-eu/opencloud/pull/422)]
### ✅ Tests
- [full-ci] add one more TUS test to expected to fail file [[#489](https://github.com/opencloud-eu/opencloud/pull/489)]
- [full-ci]Remove mtime 500 issue from expected failure [[#467](https://github.com/opencloud-eu/opencloud/pull/467)]
- add auth app to ocm test setup [[#472](https://github.com/opencloud-eu/opencloud/pull/472)]
- use opencloudeu/cs3api-validator in CI [[#469](https://github.com/opencloud-eu/opencloud/pull/469)]
- fix(test): Run app-auth test with jsoncs3 backend [[#460](https://github.com/opencloud-eu/opencloud/pull/460)]
- Always run CLI tests with the decomposed storage driver [[#435](https://github.com/opencloud-eu/opencloud/pull/435)]
- Disable the 'exclude' patterns on the path conditional for now [[#439](https://github.com/opencloud-eu/opencloud/pull/439)]
- run CS3 API tests in CI [[#415](https://github.com/opencloud-eu/opencloud/pull/415)]
- fix: fix path exclusion glob patterns [[#427](https://github.com/opencloud-eu/opencloud/pull/427)]
- Cleanup woodpecker [[#430](https://github.com/opencloud-eu/opencloud/pull/430)]
- enable main API test suite to run in CI [[#419](https://github.com/opencloud-eu/opencloud/pull/419)]
- Run wopi tests in CI [[#416](https://github.com/opencloud-eu/opencloud/pull/416)]
- Run `cliCommands` tests pipeline in CI [[#413](https://github.com/opencloud-eu/opencloud/pull/413)]
### 📚 Documentation
- docs(idp): Document how to add custom OIDC clients [[#476](https://github.com/opencloud-eu/opencloud/pull/476)]
- Clean invalid documentation links [[#466](https://github.com/opencloud-eu/opencloud/pull/466)]
### 📦️ Dependencies
- build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.26.1 to 2.26.3 [[#480](https://github.com/opencloud-eu/opencloud/pull/480)]
- chore: update alpine to 3.21 [[#483](https://github.com/opencloud-eu/opencloud/pull/483)]
- build(deps): bump github.com/nats-io/nats.go from 1.39.1 to 1.40.0 [[#464](https://github.com/opencloud-eu/opencloud/pull/464)]
- build(deps): bump github.com/spf13/afero from 1.12.0 to 1.14.0 [[#436](https://github.com/opencloud-eu/opencloud/pull/436)]
- build(deps): bump github.com/KimMachineGun/automemlimit from 0.7.0 to 0.7.1 [[#437](https://github.com/opencloud-eu/opencloud/pull/437)]
- build(deps): bump golang.org/x/image from 0.24.0 to 0.25.0 [[#426](https://github.com/opencloud-eu/opencloud/pull/426)]
- build(deps): bump go.opentelemetry.io/contrib/zpages from 0.57.0 to 0.60.0 [[#425](https://github.com/opencloud-eu/opencloud/pull/425)]

16
deployments/examples/bare-metal-simple/README.md
View File

@@ -26,26 +26,14 @@ This script should **NOT** be run as user root.
Set the environment variable `OC_VERSION` to the version you want
to download. If not set, there is a reasonable default.
## Data Location
Set the environment variable `OC_BASE_DIR` to a directory where the
`data` and `config` subdirectories shall be located. Per default,
both configuration and storage data are within a sandbox subdirectory
in the current working directory.
## Server Address
Set the environment variable `OC_HOST` to the fully qualified hostname
of this server to allow remote accesse. Default: `localhost`.
# Example
Call
```
OC_VERSION="2.0.0" ./install.sh
OC_VERSION="1.0.0" ./install.sh
```
to install the OpenCloud version 2.0.0
to install the OpenCloud version 1.0.0
There is also a hosted version of this script that makes it even
easier:

12
deployments/examples/bare-metal-simple/install.sh
View File

@@ -37,7 +37,7 @@ function backup_file () {
# URL pattern of the download file
# https://github.com/opencloud-eu/opencloud/releases/download/v1.0.0/opencloud-1.0.0-linux-amd64
dlversion="${OC_VERSION:-2.0.0}"
dlversion="${OC_VERSION:-1.1.0}"
dlurl="https://github.com/opencloud-eu/opencloud/releases/download/v${dlversion}/"
sandbox="opencloud-sandbox-${dlversion}"
@@ -69,14 +69,14 @@ echo "Downloading ${dlurl}/${dlfile}"
curl -L -o "${dlfile}" --progress-bar "${dlurl}/${dlfile}"
chmod 755 ${dlfile}
basedir="${OC_BASE_DIR:-$(pwd)}"
export OC_CONFIG_DIR="$basedir/config"
export OC_BASE_DATA_PATH="$basedir/data"
mkdir -p "$OC_CONFIG_DIR" "$OC_BASE_DATA_PATH"
mkdir data config
export OC_CONFIG_DIR="$(pwd)/config"
export OC_BASE_DATA_PATH="$(pwd)/data"
# It is bound to localhost for now to deal with non existing routes
# to certain host names for example in WSL
host="${OC_HOST:-localhost}"
host="localhost"
./${dlfile} init --insecure yes --ap admin

46
deployments/examples/opencloud_full/.env
View File

@@ -17,9 +17,7 @@ TRAEFIK_DASHBOARD=
# Defaults to "traefik.opencloud.test"
TRAEFIK_DOMAIN=
# Basic authentication for the traefik dashboard.
# Defaults to user "admin" and password "admin" (written as: "admin:$2y$05$KDHu3xq92SPaO3G8Ybkc7edd51pPLJcG1nWk3lmlrIdANQ/B6r5pq").
# To create user:password pair, it's possible to use this command:
# echo $(htpasswd -nB user) | sed -e s/\\$/\\$\\$/g
# Defaults to user "admin" and password "admin" (written as: "admin:admin").
TRAEFIK_BASIC_AUTH_USERS=
# Email address for obtaining LetsEncrypt certificates.
# Needs only be changed if this is a public facing server.
@@ -64,8 +62,6 @@ LOG_LEVEL=
# LOG_PRETTY=true
#
# Define the openCloud storage location. Set the paths for config and data to a local path.
# Ensure that the configuration and data directories are owned by the user and group with ID 1000:1000.
# This matches the default user inside the container and avoids permission issues when accessing files.
# Note that especially the data directory can grow big.
# Leaving it default stores data in docker internal volumes.
# OC_CONFIG_DIR=/your/local/opencloud/config
@@ -102,8 +98,8 @@ MINIO_DOMAIN=
# Note: the leading colon is required to enable the service.
#DECOMPOSED=:decomposed.yml
# Define SMTP settings if you would like to send OpenCloud email notifications.
#
# Define SMPT settings if you would like to send OpenCloud email notifications.
#
# NOTE: when configuring Inbucket, these settings have no effect, see inbucket.yml for details.
# SMTP host to connect to.
SMTP_HOST=
@@ -118,8 +114,6 @@ SMTP_USERNAME=
SMTP_PASSWORD=
# Authentication method for the SMTP communication.
SMTP_AUTHENTICATION=
# Encryption method for the SMTP communication. Possible values are 'starttls', 'ssltls' and 'none'
SMTP_TRANSPORT_ENCRYPTION=
# Allow insecure connections to the SMTP server. Defaults to false.
SMTP_INSECURE=
@@ -163,7 +157,7 @@ COMPANION_ONEDRIVE_SECRET=
## Default Enabled Services ##
### Apache Tika Content Analysis Toolkit ###
# Tika (search) is disabled by default due to performance reasons.
# Tika (search) is enabled by default, comment if not required.
# Note: the leading colon is required to enable the service.
#TIKA=:tika.yml
# Set the desired docker image tag or digest.
@@ -216,13 +210,6 @@ COLLABORA_SSL_VERIFICATION=false
# envvar in the OpenCloud Settings above by adding 'antivirus' to the list.
# Note: the leading colon is required to enable the service.
#CLAMAV=:clamav.yml
# The maximum scan size the virus scanner can handle, needs adjustment in the scanner config as well.
# Usable common abbreviations: [KB, KiB, MB, MiB, GB, GiB, TB, TiB, PB, PiB, EB, EiB], example: 2GB.
# Defaults to "100MB"
#ANTIVIRUS_MAX_SCAN_SIZE=
# Usable modes: partial, skip.
# Defaults to "partial"
#ANTIVIRUS_MAX_SCAN_SIZE_MODE=
# Image version of the ClamAV container.
# Defaults to "latest"
CLAMAV_DOCKER_TAG=
@@ -250,31 +237,8 @@ INBUCKET_DOMAIN=
# Path separator for supplemental compose files specified in COMPOSE_FILE.
COMPOSE_PATH_SEPARATOR=:
### Keycloak Settings ###
# Note: the leading colon is required to enable the service.
#KEYCLOAK=:keycloak.yml
# Domain for Keycloak. Defaults to "keycloak.opencloud.test".
KEYCLOAK_DOMAIN=
# Realm which to be used with OpenCloud. Defaults to "OpenCloud"
KEYCLOAK_REALM=
# Admin user login name. Defaults to "admin"
KEYCLOAK_ADMIN_USER=
# Admin user login password. Defaults to "admin"
KEYCLOAK_ADMIN_PASSWORD=
### Ldap Settings ###
# Note: the leading colon is required to enable the service.
#LDAP=:ldap.yml
# Password of LDAP user "cn=admin,dc=opencloud,dc=eu". Defaults to "admin"
LDAP_ADMIN_PASSWORD=
# LDAP manager
# login with uid ldapadmin and password
#LDAP_MANAGER=:../shared/config/ldap/docker-compose.yml
# LDAP manager domain. Defaults to "ldap.opencloud.test"
LDAP_MANAGER_DOMAIN=
## IMPORTANT ##
# This MUST be the last line as it assembles the supplemental compose files to be used.
# ALL supplemental configs must be added here, whether commented or not.
# Each var must either be empty or contain :path/file.yml
COMPOSE_FILE=docker-compose.yml${OPENCLOUD:-}${TIKA:-}${DECOMPOSEDS3:-}${DECOMPOSEDS3_MINIO:-}${DECOMPOSED:-}${COLLABORA:-}${MONITORING:-}${IMPORTER:-}${CLAMAV:-}${ONLYOFFICE:-}${INBUCKET:-}${EXTENSIONS:-}${UNZIP:-}${DRAWIO:-}${JSONVIEWER:-}${PROGRESSBARS:-}${EXTERNALSITES:-}${KEYCLOAK:-}${LDAP:-}${LDAP_MANAGER:-}
COMPOSE_FILE=docker-compose.yml${OPENCLOUD:-}${TIKA:-}${DECOMPOSEDS3:-}${DECOMPOSEDS3_MINIO:-}${DECOMPOSED:-}${COLLABORA:-}${MONITORING:-}${IMPORTER:-}${CLAMAV:-}${ONLYOFFICE:-}${INBUCKET:-}${EXTENSIONS:-}${UNZIP:-}${DRAWIO:-}${JSONVIEWER:-}${PROGRESSBARS:-}${EXTERNALSITES:-}

2
deployments/examples/opencloud_full/clamav.yml
View File

@@ -4,8 +4,6 @@ services:
environment:
ANTIVIRUS_SCANNER_TYPE: "clamav"
ANTIVIRUS_CLAMAV_SOCKET: "/var/run/clamav/clamd.sock"
ANTIVIRUS_MAX_SCAN_SIZE_MODE: ${ANTIVIRUS_MAX_SCAN_SIZE_MODE:-partial}
ANTIVIRUS_MAX_SCAN_SIZE: ${ANTIVIRUS_MAX_SCAN_SIZE:-100MB}
# the antivirus service needs manual startup, see .env and opencloud.yaml for START_ADDITIONAL_SERVICES
# configure the antivirus service
POSTPROCESSING_STEPS: "virusscan"

63
deployments/examples/opencloud_full/config/keycloak/clients/OpenCloudAndroid.json
View File

@@ -1,63 +0,0 @@
{
"clientId": "OpenCloudAndroid",
"name": "OpenCloud Android App",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"oc://android.opencloud.eu"
],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"post.logout.redirect.uris": "oc://android.opencloud.eu",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"exclude.session.state.from.auth.response": "false",
"backchannel.logout.session.required": "true",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"web-origins",
"profile",
"roles",
"groups",
"basic",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
],
"access": {
"view": true,
"configure": true,
"manage": true
}
}

64
deployments/examples/opencloud_full/config/keycloak/clients/OpenCloudDesktop.json
View File

@@ -1,64 +0,0 @@
{
"clientId": "OpenCloudDesktop",
"name": "OpenCloud Desktop Client",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"http://127.0.0.1",
"http://localhost"
],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"post.logout.redirect.uris": "+",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"exclude.session.state.from.auth.response": "false",
"backchannel.logout.session.required": "true",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"web-origins",
"profile",
"roles",
"groups",
"basic",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
],
"access": {
"view": true,
"configure": true,
"manage": true
}
}

63
deployments/examples/opencloud_full/config/keycloak/clients/OpenCloudIOS.json
View File

@@ -1,63 +0,0 @@
{
"clientId": "OpenCloudIOS",
"name": "OpenCloud iOS App",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"oc://ios.opencloud.eu"
],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"post.logout.redirect.uris": "oc://ios.opencloud.eu",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"exclude.session.state.from.auth.response": "false",
"backchannel.logout.session.required": "true",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"web-origins",
"profile",
"roles",
"groups",
"basic",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
],
"access": {
"view": true,
"configure": true,
"manage": true
}
}

66
deployments/examples/opencloud_full/config/keycloak/clients/cyberduck.json
View File

@@ -1,66 +0,0 @@
{
"clientId": "Cyberduck",
"name": "Cyberduck",
"description": "File transfer utility client",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"x-cyberduck-action:oauth",
"x-mountainduck-action:oauth"
],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"oauth2.device.authorization.grant.enabled": "false",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"exclude.session.state.from.auth.response": "false",
"oidc.ciba.grant.enabled": "false",
"backchannel.logout.session.required": "true",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"web-origins",
"profile",
"roles",
"groups",
"basic",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
],
"access": {
"view": true,
"configure": true,
"manage": true
}
}

74
deployments/examples/opencloud_full/config/keycloak/clients/web.json
View File

@@ -1,74 +0,0 @@
{
"clientId": "web",
"name": "OpenCloud Web App",
"description": "",
"rootUrl": "{{OC_URL}}",
"adminUrl": "{{OC_URL}}",
"baseUrl": "",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"{{OC_URL}}/",
"{{OC_URL}}/oidc-callback.html",
"{{OC_URL}}/oidc-silent-redirect.html"
],
"webOrigins": [
"{{OC_URL}}"
],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"post.logout.redirect.uris": "+",
"oauth2.device.authorization.grant.enabled": "false",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"exclude.session.state.from.auth.response": "false",
"oidc.ciba.grant.enabled": "false",
"backchannel.logout.url": "{{OC_URL}}/backchannel_logout",
"backchannel.logout.session.required": "true",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"web-origins",
"profile",
"roles",
"groups",
"basic",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
],
"access": {
"view": true,
"configure": true,
"manage": true
}
}

8
deployments/examples/opencloud_full/config/keycloak/docker-entrypoint-override.sh
View File

@@ -1,8 +0,0 @@
#!/bin/bash
printenv
# replace openCloud domain in keycloak realm import
mkdir /opt/keycloak/data/import
sed -e "s/cloud.opencloud.test/${OC_DOMAIN}/g" /opt/keycloak/data/import-dist/opencloud-realm.json > /opt/keycloak/data/import/opencloud-realm.json
# run original docker-entrypoint
/opt/keycloak/bin/kc.sh "$@"

2265
deployments/examples/opencloud_full/config/keycloak/opencloud-realm.dist.json
View File

File diff suppressed because it is too large Load Diff

9
deployments/examples/opencloud_full/config/ldap/docker-entrypoint-override.sh
View File

@@ -1,9 +0,0 @@
#!/bin/bash
printenv
if [ ! -f /opt/bitnami/openldap/share/openldap.key ]
then
openssl req -x509 -newkey rsa:4096 -keyout /opt/bitnami/openldap/share/openldap.key -out /opt/bitnami/openldap/share/openldap.crt -sha256 -days 365 -batch -nodes
fi
# run original docker-entrypoint
/opt/bitnami/scripts/openldap/entrypoint.sh "$@"

20
deployments/examples/opencloud_full/config/ldap/ldif/10_base.ldif
View File

@@ -1,20 +0,0 @@
dn: dc=opencloud,dc=eu
objectClass: organization
objectClass: dcObject
dc: opencloud
o: openCloud
dn: ou=users,dc=opencloud,dc=eu
objectClass: organizationalUnit
ou: users
dn: cn=admin,dc=opencloud,dc=eu
objectClass: inetOrgPerson
objectClass: person
cn: admin
sn: admin
uid: ldapadmin
dn: ou=groups,dc=opencloud,dc=eu
objectClass: organizationalUnit
ou: groups

125
deployments/examples/opencloud_full/config/ldap/ldif/20_users.ldif
View File

@@ -1,125 +0,0 @@
# Start dn with uid (user identifier / login), not cn (Firstname + Surname)
dn: uid=alan,ou=users,dc=opencloud,dc=eu
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: openCloudUser
objectClass: person
objectClass: posixAccount
objectClass: top
uid: alan
givenName: Alan
sn: Turing
cn: alan
displayName: Alan Turing
description: An English mathematician, computer scientist, logician, cryptanalyst, philosopher and theoretical biologist. He was highly influential in the development of theoretical computer science, providing a formalisation of the concepts of algorithm and computation with the Turing machine.
mail: alan@example.org
uidNumber: 20000
gidNumber: 30000
homeDirectory: /home/alan
openCloudUUID: b1f74ec4-dd7e-11ef-a543-03775734d0f7
userPassword:: e1NTSEF9Y2ZMdVlqMTBDUFpLWE44VC9mQ0FzYnFHQmtyZExJeGg=
dn: uid=lynn,ou=users,dc=opencloud,dc=eu
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: openCloudUser
objectClass: person
objectClass: posixAccount
objectClass: top
uid: lynn
givenName: Lynn
sn: Conway
cn: lynn
displayName: Lynn Conway
description: An American computer scientist, electrical engineer, and transgender activist.
mail: lynn@example.org
uidNumber: 20001
gidNumber: 30000
homeDirectory: /home/lynn
openCloudUserEnabled: TRUE
openCloudUUID: 60708dda-e897-11ef-919f-bbb7437d6ec2
userPassword:: e1NTSEF9Y2ZMdVlqMTBDUFpLWE44VC9mQ0FzYnFHQmtyZExJeGg=
dn: uid=mary,ou=users,dc=opencloud,dc=eu
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: openCloudUser
objectClass: person
objectClass: posixAccount
objectClass: top
uid: mary
givenName: Mary
sn: Kenneth Keller
cn: mary
displayName: Mary Kenneth Keller
description: Mary Kenneth Keller of the Sisters of Charity of the Blessed Virgin Mary was a pioneer in computer science.
mail: mary@example.org
uidNumber: 20002
gidNumber: 30000
homeDirectory: /home/mary
openCloudUserEnabled: TRUE
openCloudUUID: 056fc874-dd7f-11ef-ba84-af6fca4b7289
userPassword:: e1NTSEF9Y2ZMdVlqMTBDUFpLWE44VC9mQ0FzYnFHQmtyZExJeGg=
dn: uid=margaret,ou=users,dc=opencloud,dc=eu
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: openCloudUser
objectClass: person
objectClass: posixAccount
objectClass: top
uid: margaret
givenName: Margaret
sn: Hamilton
cn: margaret
displayName: Margaret Hamilton
description: A director of the Software Engineering Division of the MIT Instrumentation Laboratory, which developed on-board flight software for NASA's Apollo program.
mail: margaret@example.org
uidNumber: 20003
gidNumber: 30000
homeDirectory: /home/margaret
openCloudUserEnabled: TRUE
openCloudUUID: 801abee4-dd7f-11ef-a324-83f55a754b62
userPassword:: e1NTSEF9Y2ZMdVlqMTBDUFpLWE44VC9mQ0FzYnFHQmtyZExJeGg=
dn: uid=dennis,ou=users,dc=opencloud,dc=eu
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: openCloudUser
objectClass: person
objectClass: posixAccount
objectClass: top
uid: dennis
givenName: Dennis
sn: Ritchie
cn: dennis
displayName: Dennis Ritchie
description: American computer scientist. He created the C programming language and the Unix operating system and B language with long-time colleague Ken Thompson.
mail: dennis@example.org
uidNumber: 20004
gidNumber: 30000
homeDirectory: /home/dennis
openCloudUserEnabled: TRUE
openCloudUUID: cd88bf9a-dd7f-11ef-a609-7f78deb2345f
userPassword:: e1NTSEF9Y2ZMdVlqMTBDUFpLWE44VC9mQ0FzYnFHQmtyZExJeGg=
dn: uid=admin,ou=users,dc=opencloud,dc=eu
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: openCloudUser
objectClass: person
objectClass: posixAccount
objectClass: top
uid: admin
givenName: Admin
sn: Admin
cn: admin
displayName: Admin
description: An admin for this OpenCloud instance.
mail: admin@example.org
uidNumber: 20005
gidNumber: 30000
homeDirectory: /home/admin
openCloudUserEnabled: TRUE
openCloudUUID: f7fc96f6-ceb4-4387-bd69-07a6d7992973
userPassword:: e1NTSEF9UWhmaFB3dERydTUydURoWFFObDRMbzVIckI3TkI5Nmo==

88
deployments/examples/opencloud_full/config/ldap/ldif/30_groups.ldif
View File

@@ -1,88 +0,0 @@
dn: cn=users,ou=groups,dc=opencloud,dc=eu
objectClass: groupOfNames
objectClass: openCloudObject
objectClass: top
cn: users
description: Users
openCloudUUID: 509a9dcd-bb37-4f4f-a01a-19dca27d9cfa
member: uid=alan,ou=users,dc=opencloud,dc=eu
member: uid=mary,ou=users,dc=opencloud,dc=eu
member: uid=margaret,ou=users,dc=opencloud,dc=eu
member: uid=dennis,ou=users,dc=opencloud,dc=eu
member: uid=lynn,ou=users,dc=opencloud,dc=eu
member: uid=admin,ou=users,dc=opencloud,dc=eu
dn: cn=chess-lovers,ou=groups,dc=opencloud,dc=eu
objectClass: groupOfNames
objectClass: openCloudObject
objectClass: top
cn: chess-lovers
description: Chess lovers
openCloudUUID: 9d31ec04-dd80-11ef-ac47-a38ba68cc36d
member: uid=alan,ou=users,dc=opencloud,dc=eu
dn: cn=machine-lovers,ou=groups,dc=opencloud,dc=eu
objectClass: groupOfNames
objectClass: openCloudObject
objectClass: top
cn: machine-lovers
description: Machine Lovers
openCloudUUID: d901562a-dd80-11ef-a510-fba1ed43fb21
member: uid=alan,ou=users,dc=opencloud,dc=eu
dn: cn=bible-readers,ou=groups,dc=opencloud,dc=eu
objectClass: groupOfNames
objectClass: openCloudObject
objectClass: top
cn: bible-readers
description: Bible readers
openCloudUUID: 2fc6ba22-dd81-11ef-89e6-e3eff494a998
member: uid=mary,ou=users,dc=opencloud,dc=eu
dn: cn=apollos,ou=groups,dc=opencloud,dc=eu
objectClass: groupOfNames
objectClass: openCloudObject
objectClass: top
cn: apollos
description: Contributors to the Appollo mission
openCloudUUID: 6f9bab36-dd94-11ef-a252-dbbdd20299dd
member: uid=margaret,ou=users,dc=opencloud,dc=eu
dn: cn=unix-lovers,ou=groups,dc=opencloud,dc=eu
objectClass: groupOfNames
objectClass: openCloudObject
objectClass: top
cn: unix-lovers
description: Unix lovers
openCloudUUID: 75bc3882-dd94-11ef-ad60-335f3df6cef3
member: uid=dennis,ou=users,dc=opencloud,dc=eu
dn: cn=basic-haters,ou=groups,dc=opencloud,dc=eu
objectClass: groupOfNames
objectClass: openCloudObject
objectClass: top
cn: basic-haters
description: Haters of the Basic programming language
openCloudUUID: a4eb2c12-dd94-11ef-9ebe-eb96f938d517
member: uid=dennis,ou=users,dc=opencloud,dc=eu
dn: cn=vlsi-lovers,ou=groups,dc=opencloud,dc=eu
objectClass: groupOfNames
objectClass: openCloudObject
objectClass: top
cn: vlsi-lovers
description: Lovers of VLSI microchip design
openCloudUUID: 914ce3de-e899-11ef-9a4b-732fbb2acc42
member: uid=lynn,ou=users,dc=opencloud,dc=eu
dn: cn=programmers,ou=groups,dc=opencloud,dc=eu
objectClass: groupOfNames
objectClass: openCloudObject
objectClass: top
cn: programmers
description: Computer Programmers
openCloudUUID: ce4aa240-dd94-11ef-82b8-4f4828849072
member: uid=alan,ou=users,dc=opencloud,dc=eu
member: uid=margaret,ou=users,dc=opencloud,dc=eu
member: uid=dennis,ou=users,dc=opencloud,dc=eu
member: uid=lynn,ou=users,dc=opencloud,dc=eu

1
deployments/examples/opencloud_full/config/opencloud/csp.yaml
View File

@@ -7,7 +7,6 @@ directives:
- 'https://${COMPANION_DOMAIN|companion.opencloud.test}/'
- 'wss://${COMPANION_DOMAIN|companion.opencloud.test}/'
- 'https://raw.githubusercontent.com/opencloud-eu/awesome-apps/'
- 'https://${KEYCLOAK_DOMAIN|keycloak.opencloud.test}/'
default-src:
- '''none'''
font-src:

77
deployments/examples/opencloud_full/keycloak.yml
View File

@@ -1,77 +0,0 @@
---
services:
traefik:
networks:
opencloud-net:
aliases:
- ${KEYCLOAK_DOMAIN:-keycloak.opencloud.test}
opencloud:
environment:
# Keycloak IDP specific configuration
PROXY_AUTOPROVISION_ACCOUNTS: "true"
PROXY_ROLE_ASSIGNMENT_DRIVER: "oidc"
OC_OIDC_ISSUER: https://${KEYCLOAK_DOMAIN:-keycloak.opencloud.test}/realms/${KEYCLOAK_REALM:-openCloud}
PROXY_OIDC_REWRITE_WELLKNOWN: "true"
WEB_OIDC_CLIENT_ID: ${OC_OIDC_CLIENT_ID:-web}
PROXY_USER_OIDC_CLAIM: "preferred_username"
PROXY_USER_CS3_CLAIM: "username"
OC_EXCLUDE_RUN_SERVICES: "idp"
# admin and demo accounts must be created in Keycloak
OC_ADMIN_USER_ID: ""
SETTINGS_SETUP_DEFAULT_ASSIGNMENTS: "false"
GRAPH_ASSIGN_DEFAULT_USER_ROLE: "false"
GRAPH_USERNAME_MATCH: "none"
KEYCLOAK_DOMAIN: ${KEYCLOAK_DOMAIN:-keycloak.opencloud.test}
postgres:
image: postgres:alpine
networks:
opencloud-net:
volumes:
- keycloak_postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: keycloak
logging:
driver: ${LOG_DRIVER:-local}
restart: always
keycloak:
image: quay.io/keycloak/keycloak:25.0.0
networks:
opencloud-net:
command: ["start", "--proxy=edge", "--spi-connections-http-client-default-disable-trust-manager=${INSECURE:-false}", "--import-realm"]
entrypoint: ["/bin/sh", "/opt/keycloak/bin/docker-entrypoint-override.sh"]
volumes:
- "./config/keycloak/docker-entrypoint-override.sh:/opt/keycloak/bin/docker-entrypoint-override.sh"
- "./config/keycloak/opencloud-realm.dist.json:/opt/keycloak/data/import-dist/opencloud-realm.json"
environment:
OC_DOMAIN: ${OC_DOMAIN:-cloud.opencloud.test}
KC_HOSTNAME: ${KEYCLOAK_DOMAIN:-keycloak.opencloud.test}
KC_DB: postgres
KC_DB_URL: "jdbc:postgresql://postgres:5432/keycloak"
KC_DB_USERNAME: keycloak
KC_DB_PASSWORD: keycloak
KC_FEATURES: impersonation
KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN_USER:-admin}
KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:-admin}
labels:
- "traefik.enable=true"
- "traefik.http.routers.keycloak.entrypoints=https"
- "traefik.http.routers.keycloak.rule=Host(`${KEYCLOAK_DOMAIN:-keycloak.opencloud.test}`)"
- "traefik.http.routers.keycloak.tls.certresolver=http"
- "traefik.http.routers.keycloak.service=keycloak"
- "traefik.http.services.keycloak.loadbalancer.server.port=8080"
depends_on:
- postgres
logging:
driver: ${LOG_DRIVER:-local}
restart: always
volumes:
keycloak_postgres_data:

62
deployments/examples/opencloud_full/ldap.yml
View File

@@ -1,62 +0,0 @@
---
services:
traefik:
networks:
opencloud-net:
opencloud:
environment:
# Ldap IDP specific configuration
OC_LDAP_URI: ldaps://ldap-server:1636
OC_LDAP_INSECURE: "true"
OC_LDAP_BIND_DN: "cn=admin,dc=opencloud,dc=eu"
OC_LDAP_BIND_PASSWORD: ${LDAP_ADMIN_PASSWORD:-admin}
OC_LDAP_GROUP_BASE_DN: "ou=groups,dc=opencloud,dc=eu"
OC_LDAP_GROUP_FILTER: "(objectclass=opencloudobject)"
OC_LDAP_GROUP_OBJECTCLASS: "groupOfNames"
OC_LDAP_USER_BASE_DN: "ou=users,dc=opencloud,dc=eu"
OC_LDAP_USER_FILTER: "(objectclass=openclouduser)"
OC_LDAP_USER_OBJECTCLASS: "inetOrgPerson"
LDAP_LOGIN_ATTRIBUTES: "uid"
OC_ADMIN_USER_ID: "f7fc96f6-ceb4-4387-bd69-07a6d7992973"
IDP_LDAP_LOGIN_ATTRIBUTE: "uid"
IDP_LDAP_UUID_ATTRIBUTE: "openclouduuid"
IDP_LDAP_UUID_ATTRIBUTE_TYPE: binary
GRAPH_LDAP_SERVER_WRITE_ENABLED: "true" # assuming the external ldap is writable
GRAPH_LDAP_REFINT_ENABLED: "true" # osixia has refint enabled.
# OC_RUN_SERVICES specifies to start all services except glauth, idm and accounts. These are replaced by external services
OC_EXCLUDE_RUN_SERVICES: idm
ldap-server:
image: bitnami/openldap:2.6
networks:
opencloud-net:
entrypoint: ["/bin/sh", "/opt/bitnami/scripts/openldap/docker-entrypoint-override.sh", "/opt/bitnami/scripts/openldap/run.sh" ]
environment:
BITNAMI_DEBUG: true
LDAP_TLS_VERIFY_CLIENT: never
LDAP_ENABLE_TLS: "yes"
LDAP_TLS_CA_FILE: /opt/bitnami/openldap/share/openldap.crt
LDAP_TLS_CERT_FILE: /opt/bitnami/openldap/share/openldap.crt
LDAP_TLS_KEY_FILE: /opt/bitnami/openldap/share/openldap.key
LDAP_ROOT: "dc=opencloud,dc=eu"
LDAP_ADMIN_PASSWORD: ${LDAP_ADMIN_PASSWORD:-admin}
ports:
- "127.0.0.1:389:1389"
- "127.0.0.1:636:1636"
volumes:
- ./config/ldap/ldif:/ldifs
- ../shared/config/ldap/schemas/10_opencloud_schema.ldif:/schemas/10_opencloud_schema.ldif
- ./config/ldap/docker-entrypoint-override.sh:/opt/bitnami/scripts/openldap/docker-entrypoint-override.sh
- ldap-certs:/opt/bitnami/openldap/share
- ldap-data:/bitnami/openldap
logging:
driver: ${LOG_DRIVER:-local}
restart: always
volumes:
ldap-certs:
ldap-data:
networks:
opencloud-net:

4
deployments/examples/opencloud_full/opencloud.yml
View File

@@ -41,11 +41,7 @@ services:
NOTIFICATIONS_SMTP_PORT: "${SMTP_PORT}"
NOTIFICATIONS_SMTP_SENDER: "${SMTP_SENDER:-OpenCloud notifications <notifications@${OC_DOMAIN:-cloud.opencloud.test}>}"
NOTIFICATIONS_SMTP_USERNAME: "${SMTP_USERNAME}"
NOTIFICATIONS_SMTP_PASSWORD: "${SMTP_PASSWORD}"
NOTIFICATIONS_SMTP_INSECURE: "${SMTP_INSECURE}"
NOTIFICATIONS_SMTP_AUTHENTICATION: "${SMTP_AUTHENTICATION}"
NOTIFICATIONS_SMTP_ENCRYPTION: "${SMTP_TRANSPORT_ENCRYPTION:-none}"
FRONTEND_ARCHIVER_MAX_SIZE: "10000000000"
# make the registry available to the app provider containers
MICRO_REGISTRY_ADDRESS: 127.0.0.1:9233
NATS_NATS_HOST: 0.0.0.0

4
deployments/examples/opencloud_full/web_extensions/unzip.yml
View File

@@ -6,10 +6,12 @@ services:
condition: service_completed_successfully
unzip-init:
image: opencloudeu/web-extensions:unzip-1.0.2
image: opencloudeu/web-extensions:unzip-1.0.0
user: root
volumes:
- opencloud-apps:/apps
entrypoint:
- /bin/sh
command: ["-c", "cp -R /usr/share/nginx/html/unzip/ /apps"]

24
deployments/examples/shared/config/ldap/docker-compose.yml
View File

@@ -1,24 +0,0 @@
---
# This file can be used to be added to the opencloud_full example
# to browse the LDAP server with a web interface.
# This is not a production ready setup.
services:
ldap-manager:
image: phpldapadmin/phpldapadmin:latest
networks:
opencloud-net:
environment:
LDAP_HOST: ldap-server
LDAP_PORT: 1389
LDAP_LOGIN_OBJECTCLASS: "inetOrgPerson"
APP_URL: "https://${LDAP_MANAGER_DOMAIN:-ldap.opencloud.test}"
labels:
- "traefik.enable=true"
- "traefik.http.routers.ldap-manager.entrypoints=https"
- "traefik.http.routers.ldap-manager.rule=Host(`${LDAP_MANAGER_DOMAIN:-ldap.opencloud.test}`)"
- "traefik.http.routers.ldap-manager.tls.certresolver=http"
- "traefik.http.routers.ldap-manager.service=ldap-manager"
- "traefik.http.services.ldap-manager.loadbalancer.server.port=8080"
logging:
driver: ${LOG_DRIVER:-local}
restart: always

17
docs/intro.md Normal file
View File

@@ -0,0 +1,17 @@
---
sidebar_position: 1
id: intro
title: OpenCloud Developer Docs
custom_edit_url: https://github.com/opencloud-eu/opencloud/edit/main/docs/intro.md
---
# Welcome
Welcome to the OpenCloud Developer Documentation.
Please be patient, we are working on the content.
If you want to contribute to the dev docs, please visit [OpenCloud on Github](https://github.com/opencloud-eu/).
Contents will be transferred, during the build process.

39
go.mod
View File

@@ -13,7 +13,7 @@ require (
github.com/beevik/etree v1.5.0
github.com/blevesearch/bleve/v2 v2.4.4
github.com/cenkalti/backoff v2.2.1+incompatible
github.com/coreos/go-oidc/v3 v3.14.1
github.com/coreos/go-oidc/v3 v3.13.0
github.com/cs3org/go-cs3apis v0.0.0-20241105092511-3ad35d174fc1
github.com/davidbyttow/govips/v2 v2.16.0
github.com/dhowden/tag v0.0.0-20240417053706-3d75831295e8
@@ -33,7 +33,7 @@ require (
github.com/go-micro/plugins/v4/store/nats-js-kv v0.0.0-20240726082623-6831adfdcdc4
github.com/go-micro/plugins/v4/wrapper/monitoring/prometheus v1.2.0
github.com/go-micro/plugins/v4/wrapper/trace/opentelemetry v1.2.0
github.com/go-playground/validator/v10 v10.26.0
github.com/go-playground/validator/v10 v10.25.0
github.com/gofrs/uuid v4.4.0+incompatible
github.com/golang-jwt/jwt/v5 v5.2.2
github.com/golang/protobuf v1.5.4
@@ -56,14 +56,14 @@ require (
github.com/mna/pigeon v1.3.0
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826
github.com/nats-io/nats-server/v2 v2.11.0
github.com/nats-io/nats.go v1.41.0
github.com/nats-io/nats.go v1.39.1
github.com/oklog/run v1.1.0
github.com/olekukonko/tablewriter v0.0.5
github.com/onsi/ginkgo v1.16.5
github.com/onsi/ginkgo/v2 v2.23.4
github.com/onsi/gomega v1.37.0
github.com/open-policy-agent/opa v1.3.0
github.com/opencloud-eu/reva/v2 v2.31.0
github.com/onsi/ginkgo/v2 v2.23.3
github.com/onsi/gomega v1.36.3
github.com/open-policy-agent/opa v1.2.0
github.com/opencloud-eu/reva/v2 v2.28.1-0.20250325103543-f3ec73475a58
github.com/orcaman/concurrent-map v1.0.0
github.com/owncloud/libre-graph-api-go v1.0.5-0.20240829135935-80dc00d6f5ea
github.com/pkg/errors v0.9.1
@@ -73,7 +73,7 @@ require (
github.com/riandyrn/otelchi v0.12.1
github.com/rogpeppe/go-internal v1.14.1
github.com/rs/cors v1.11.1
github.com/rs/zerolog v1.34.0
github.com/rs/zerolog v1.33.0
github.com/shamaton/msgpack/v2 v2.2.3
github.com/sirupsen/logrus v1.9.3
github.com/spf13/afero v1.14.0
@@ -82,9 +82,9 @@ require (
github.com/test-go/testify v1.1.4
github.com/thejerf/suture/v4 v4.0.6
github.com/tidwall/gjson v1.18.0
github.com/tus/tusd/v2 v2.8.0
github.com/tus/tusd/v2 v2.7.1
github.com/unrolled/secure v1.16.0
github.com/urfave/cli/v2 v2.27.6
github.com/urfave/cli/v2 v2.27.5
github.com/xhit/go-simple-mail/v2 v2.16.0
go-micro.dev/v4 v4.11.0
go.etcd.io/bbolt v1.4.0
@@ -99,14 +99,14 @@ require (
golang.org/x/crypto v0.36.0
golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac
golang.org/x/image v0.25.0
golang.org/x/net v0.38.0
golang.org/x/net v0.37.0
golang.org/x/oauth2 v0.28.0
golang.org/x/sync v0.12.0
golang.org/x/term v0.30.0
golang.org/x/text v0.23.0
google.golang.org/genproto/googleapis/api v0.0.0-20250303144028-a0af3efb3deb
google.golang.org/grpc v1.71.1
google.golang.org/protobuf v1.36.6
google.golang.org/grpc v1.71.0
google.golang.org/protobuf v1.36.5
gopkg.in/yaml.v2 v2.4.0
gotest.tools/v3 v3.5.2
stash.kopano.io/kgol/rndm v1.1.2
@@ -216,7 +216,7 @@ require (
github.com/gomodule/redigo v1.9.2 // indirect
github.com/google/go-querystring v1.1.0 // indirect
github.com/google/go-tpm v0.9.3 // indirect
github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 // indirect
github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad // indirect
github.com/google/renameio/v2 v2.0.0 // indirect
github.com/gookit/color v1.5.4 // indirect
github.com/gookit/goutil v0.6.15 // indirect
@@ -237,7 +237,7 @@ require (
github.com/juliangruber/go-intersect v1.1.0 // indirect
github.com/kevinburke/ssh_config v1.2.0 // indirect
github.com/klauspost/compress v1.18.0 // indirect
github.com/klauspost/cpuid/v2 v2.2.10 // indirect
github.com/klauspost/cpuid/v2 v2.2.9 // indirect
github.com/leodido/go-urn v1.4.0 // indirect
github.com/libregraph/oidc-go v1.1.0 // indirect
github.com/longsleep/go-metrics v1.0.0 // indirect
@@ -246,7 +246,7 @@ require (
github.com/mattn/go-colorable v0.1.14 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/mattn/go-runewidth v0.0.16 // indirect
github.com/mattn/go-sqlite3 v1.14.27 // indirect
github.com/mattn/go-sqlite3 v1.14.24 // indirect
github.com/maxymania/go-system v0.0.0-20170110133659-647cc364bf0b // indirect
github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103 // indirect
github.com/miekg/dns v1.1.57 // indirect
@@ -254,7 +254,7 @@ require (
github.com/minio/crc64nvme v1.0.1 // indirect
github.com/minio/highwayhash v1.0.3 // indirect
github.com/minio/md5-simd v1.1.2 // indirect
github.com/minio/minio-go/v7 v7.0.89 // indirect
github.com/minio/minio-go/v7 v7.0.88 // indirect
github.com/mitchellh/copystructure v1.2.0 // indirect
github.com/mitchellh/reflectwalk v1.0.2 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
@@ -318,15 +318,14 @@ require (
go.opentelemetry.io/otel/metric v1.35.0 // indirect
go.opentelemetry.io/proto/otlp v1.5.0 // indirect
go.uber.org/atomic v1.11.0 // indirect
go.uber.org/automaxprocs v1.6.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.23.0 // indirect
golang.org/x/mod v0.24.0 // indirect
golang.org/x/sys v0.32.0 // indirect
golang.org/x/sys v0.31.0 // indirect
golang.org/x/time v0.11.0 // indirect
golang.org/x/tools v0.31.0 // indirect
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb // indirect
google.golang.org/genproto v0.0.0-20241118233622-e639e219e697 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20250303144028-a0af3efb3deb // indirect
gopkg.in/cenkalti/backoff.v1 v1.1.0 // indirect
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect

91
go.sum
View File

@@ -222,8 +222,8 @@ github.com/cloudflare/cloudflare-go v0.14.0/go.mod h1:EnwdgGMaFOruiPZRFSgn+TsQ3h
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
github.com/coreos/go-oidc/v3 v3.14.1 h1:9ePWwfdwC4QKRlCXsJGou56adA/owXczOzwKdOumLqk=
github.com/coreos/go-oidc/v3 v3.14.1/go.mod h1:HaZ3szPaZ0e4r6ebqvsLWlk2Tn+aejfmrfah6hnSYEU=
github.com/coreos/go-oidc/v3 v3.13.0 h1:M66zd0pcc5VxvBNM4pB331Wrsanby+QomQYjN8HamW8=
github.com/coreos/go-oidc/v3 v3.13.0/go.mod h1:HaZ3szPaZ0e4r6ebqvsLWlk2Tn+aejfmrfah6hnSYEU=
github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmfM=
github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
@@ -258,8 +258,8 @@ github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS3
github.com/deepmap/oapi-codegen v1.3.11/go.mod h1:suMvK7+rKlx3+tpa8ByptmvoXbAV70wERKTOGH3hLp0=
github.com/desertbit/timer v0.0.0-20180107155436-c41aec40b27f h1:U5y3Y5UE0w7amNe7Z5G/twsBW0KEalRQXZzf8ufSh9I=
github.com/desertbit/timer v0.0.0-20180107155436-c41aec40b27f/go.mod h1:xH/i4TFMt8koVQZ6WFms69WAsDWr2XsYL3Hkl7jkoLE=
github.com/dgraph-io/badger/v4 v4.6.0 h1:acOwfOOZ4p1dPRnYzvkVm7rUk2Y21TgPVepCy5dJdFQ=
github.com/dgraph-io/badger/v4 v4.6.0/go.mod h1:KSJ5VTuZNC3Sd+YhvVjk2nYua9UZnnTr/SkXvdtiPgI=
github.com/dgraph-io/badger/v4 v4.5.1 h1:7DCIXrQjo1LKmM96YD+hLVJ2EEsyyoWxJfpdd56HLps=
github.com/dgraph-io/badger/v4 v4.5.1/go.mod h1:qn3Be0j3TfV4kPbVoK0arXCD1/nr1ftth6sbL5jxdoA=
github.com/dgraph-io/ristretto v0.2.0 h1:XAfl+7cmoUDWW/2Lx8TGZQjjxIQ2Ley9DSf52dru4WE=
github.com/dgraph-io/ristretto v0.2.0/go.mod h1:8uBHCU/PBV4Ag0CJrP47b9Ofby5dqWNh4FicAdoqFNU=
github.com/dgraph-io/ristretto/v2 v2.1.0 h1:59LjpOJLNDULHh8MC4UaegN52lC4JnO2dITsie/Pa8I=
@@ -411,8 +411,8 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o
github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
github.com/go-playground/validator/v10 v10.26.0 h1:SP05Nqhjcvz81uJaRfEV0YBSSSGMc/iMaVtFbr3Sw2k=
github.com/go-playground/validator/v10 v10.26.0/go.mod h1:I5QpIEbmr8On7W0TktmJAumgzX4CA1XNl4ZmDuVHKKo=
github.com/go-playground/validator/v10 v10.25.0 h1:5Dh7cjvzR7BRZadnsVOzPhWsrwUr0nmsZJxEAnFLNO8=
github.com/go-playground/validator/v10 v10.25.0/go.mod h1:GGzBIJMuE98Ic/kJsBXbz1x/7cByt++cQ+YOuDM5wus=
github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI=
github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo=
github.com/go-resty/resty/v2 v2.1.1-0.20191201195748-d7b97669fe48/go.mod h1:dZGr0i9PLlaaTD4H/hoZIDjQ+r6xq8mgbRzHZf7f2J8=
@@ -504,8 +504,8 @@ github.com/gomodule/redigo v1.9.2 h1:HrutZBLhSIU8abiSfW8pj8mPhOyMYjZT/wcA4/L9L9s
github.com/gomodule/redigo v1.9.2/go.mod h1:KsU3hiK/Ay8U42qpaJk+kuNa3C+spxapWpM+ywhcgtw=
github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/flatbuffers v25.2.10+incompatible h1:F3vclr7C3HpB1k9mxCGRMXq6FdUalZ6H/pNX4FP1v0Q=
github.com/google/flatbuffers v25.2.10+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
github.com/google/flatbuffers v24.12.23+incompatible h1:ubBKR94NR4pXUCY/MUsRVzd9umNW7ht7EG9hHfS9FX8=
github.com/google/flatbuffers v24.12.23+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
@@ -540,8 +540,8 @@ github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hf
github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 h1:BHT72Gu3keYf3ZEu2J0b1vyeLSOYI8bm5wbJM/8yDe8=
github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA=
github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad h1:a6HEuzUHeKH6hwfN/ZoQgRgVIWFJljSWa/zetS2WTvg=
github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
github.com/google/renameio/v2 v2.0.0 h1:UifI23ZTGY8Tt29JbYFiuyIU3eX+RNFtUwefq9qAhxg=
github.com/google/renameio/v2 v2.0.0/go.mod h1:BtmJXm5YlszgC+TD4HOEEUFgkJP3nLxehU6hfe7jRt4=
@@ -689,8 +689,8 @@ github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHU
github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
github.com/klauspost/cpuid/v2 v2.0.1/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
github.com/klauspost/cpuid/v2 v2.2.10 h1:tBs3QSyvjDyFTq3uoc/9xFpCuOsJQFNPiAhYdw2skhE=
github.com/klauspost/cpuid/v2 v2.2.10/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0=
github.com/klauspost/cpuid/v2 v2.2.9 h1:66ze0taIn2H33fBvCkXuv9BmCwDfafmiIVpKV9kKGuY=
github.com/klauspost/cpuid/v2 v2.2.9/go.mod h1:rqkxqrZ1EhYM9G+hXH7YdowN5R5RGN6NK4QwQ3WMXF8=
github.com/kobergj/gowebdav v0.0.0-20250102091030-aa65266db202 h1:A1xJ2NKgiYFiaHiLl9B5yw/gUBACSs9crDykTS3GuQI=
github.com/kobergj/gowebdav v0.0.0-20250102091030-aa65266db202/go.mod h1:bHA7t77X/QFExdeAnDzK6vKM34kEZAcE1OX4MfiwjkE=
github.com/kobergj/plugins/v4/store/nats-js-kv v0.0.0-20240807130109-f62bb67e8c90 h1:pfI8Z5yavO6fU6vDGlWhZ4BgDlvj8c6xB7J57HfTPwA=
@@ -768,8 +768,8 @@ github.com/mattn/go-runewidth v0.0.6/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m
github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI=
github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc=
github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
github.com/mattn/go-sqlite3 v1.14.27 h1:drZCnuvf37yPfs95E5jd9s3XhdVWLal+6BOK6qrv6IU=
github.com/mattn/go-sqlite3 v1.14.27/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
github.com/mattn/go-sqlite3 v1.14.24 h1:tpSp2G2KyMnnQu99ngJ47EIkWVmliIizyZBfPrBWDRM=
github.com/mattn/go-sqlite3 v1.14.24/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
github.com/mattn/go-tty v0.0.0-20180219170247-931426f7535a/go.mod h1:XPvLUNfbS4fJH25nqRHfWLMa1ONC8Amw+mIA639KxkE=
github.com/mattn/go-tty v0.0.3/go.mod h1:ihxohKRERHTVzN+aSVRwACLCeqIoZAWpoICkkvrWyR0=
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
@@ -789,8 +789,8 @@ github.com/minio/highwayhash v1.0.3 h1:kbnuUMoHYyVl7szWjSxJnxw11k2U709jqFPPmIUyD
github.com/minio/highwayhash v1.0.3/go.mod h1:GGYsuwP/fPD6Y9hMiXuapVvlIUEhFhMTh0rxU3ik1LQ=
github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34=
github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM=
github.com/minio/minio-go/v7 v7.0.89 h1:hx4xV5wwTUfyv8LarhJAwNecnXpoTsj9v3f3q/ZkiJU=
github.com/minio/minio-go/v7 v7.0.89/go.mod h1:2rFnGAp02p7Dddo1Fq4S2wYOfpF0MUTSeLTRC90I204=
github.com/minio/minio-go/v7 v7.0.88 h1:v8MoIJjwYxOkehp+eiLIuvXk87P2raUtoU5klrAAshs=
github.com/minio/minio-go/v7 v7.0.88/go.mod h1:33+O8h0tO7pCeCWwBVa07RhVVfB/3vS4kEX7rwYKmIg=
github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s=
@@ -829,8 +829,8 @@ github.com/nats-io/jwt/v2 v2.7.3 h1:6bNPK+FXgBeAqdj4cYQ0F8ViHRbi7woQLq4W29nUAzE=
github.com/nats-io/jwt/v2 v2.7.3/go.mod h1:GvkcbHhKquj3pkioy5put1wvPxs78UlZ7D/pY+BgZk4=
github.com/nats-io/nats-server/v2 v2.11.0 h1:fdwAT1d6DZW/4LUz5rkvQUe5leGEwjjOQYntzVRKvjE=
github.com/nats-io/nats-server/v2 v2.11.0/go.mod h1:leXySghbdtXSUmWem8K9McnJ6xbJOb0t9+NQ5HTRZjI=
github.com/nats-io/nats.go v1.41.0 h1:PzxEva7fflkd+n87OtQTXqCTyLfIIMFJBpyccHLE2Ko=
github.com/nats-io/nats.go v1.41.0/go.mod h1:wV73x0FSI/orHPSYoyMeJB+KajMDoWyXmFaRrrYaaTo=
github.com/nats-io/nats.go v1.39.1 h1:oTkfKBmz7W047vRxV762M67ZdXeOtUgvbBaNoQ+3PPk=
github.com/nats-io/nats.go v1.39.1/go.mod h1:MgRb8oOdigA6cYpEPhXJuRVH6UE/V4jblJ2jQ27IXYM=
github.com/nats-io/nkeys v0.4.10 h1:glmRrpCmYLHByYcePvnTBEAwawwapjCPMjy2huw20wc=
github.com/nats-io/nkeys v0.4.10/go.mod h1:OjRrnIKnWBFl+s4YK5ChQfvHP2fxqZexrKJoVVyWB3U=
github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw=
@@ -856,17 +856,17 @@ github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W
github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
github.com/onsi/ginkgo/v2 v2.23.4 h1:ktYTpKJAVZnDT4VjxSbiBenUjmlL/5QkBEocaWXiQus=
github.com/onsi/ginkgo/v2 v2.23.4/go.mod h1:Bt66ApGPBFzHyR+JO10Zbt0Gsp4uWxu5mIOTusL46e8=
github.com/onsi/ginkgo/v2 v2.23.3 h1:edHxnszytJ4lD9D5Jjc4tiDkPBZ3siDeJJkUZJJVkp0=
github.com/onsi/ginkgo/v2 v2.23.3/go.mod h1:zXTP6xIp3U8aVuXN8ENK9IXRaTjFnpVB9mGmaSRvxnM=
github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
github.com/onsi/gomega v1.37.0 h1:CdEG8g0S133B4OswTDC/5XPSzE1OeP29QOioj2PID2Y=
github.com/onsi/gomega v1.37.0/go.mod h1:8D9+Txp43QWKhM24yyOBEdpkzN8FvJyAwecBgsU4KU0=
github.com/open-policy-agent/opa v1.3.0 h1:zVvQvQg+9+FuSRBt4LgKNzJwsWl/c85kD5jPozJTydY=
github.com/open-policy-agent/opa v1.3.0/go.mod h1:t9iPNhaplD2qpiBqeudzJtEX3fKHK8zdA29oFvofAHo=
github.com/opencloud-eu/reva/v2 v2.31.0 h1:UVgeb0hSPoaDdqcKSJ7XZAhXCtHaVK9qm/JtFtJM/7U=
github.com/opencloud-eu/reva/v2 v2.31.0/go.mod h1:8MT1a/WJASZZhlSMC0oeE3ECQdjqFw3BUiiAIZ/JR8I=
github.com/onsi/gomega v1.36.3 h1:hID7cr8t3Wp26+cYnfcjR6HpJ00fdogN6dqZ1t6IylU=
github.com/onsi/gomega v1.36.3/go.mod h1:8D9+Txp43QWKhM24yyOBEdpkzN8FvJyAwecBgsU4KU0=
github.com/open-policy-agent/opa v1.2.0 h1:88NDVCM0of1eO6Z4AFeL3utTEtMuwloFmWWU7dRV1z0=
github.com/open-policy-agent/opa v1.2.0/go.mod h1:30euUmOvuBoebRCcJ7DMF42bRBOPznvt0ACUMYDUGVY=
github.com/opencloud-eu/reva/v2 v2.28.1-0.20250325103543-f3ec73475a58 h1:sWVVkEAz3EQOigCRQqbpgd+YzArj6HWbVUyDqtj4Frw=
github.com/opencloud-eu/reva/v2 v2.28.1-0.20250325103543-f3ec73475a58/go.mod h1:BBTT/JIHofRQu1VdFStlXRlrwAMD3wCnVkNAx3jsfO8=
github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs=
github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc=
@@ -911,8 +911,6 @@ github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndr
github.com/pquerna/cachecontrol v0.2.0 h1:vBXSNuE5MYP9IJ5kjsdo8uq+w41jSPgvba2DEnkRx9k=
github.com/pquerna/cachecontrol v0.2.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI=
github.com/pquerna/otp v1.3.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg=
github.com/prashantv/gostub v1.1.0 h1:BTyx3RfQjRHnUWaGF9oQos79AlQ5k8WNktv7VGvVH4g=
github.com/prashantv/gostub v1.1.0/go.mod h1:A5zLQHz7ieHGG7is6LLXLz7I8+3LZzsrV0P1IAHhP5U=
github.com/prometheus/alertmanager v0.28.1 h1:BK5pCoAtaKg01BYRUJhEDV1tqJMEtYBGzPw8QdvnnvA=
github.com/prometheus/alertmanager v0.28.1/go.mod h1:0StpPUDDHi1VXeM7p2yYfeZgLVi/PPlt39vo9LQUHxM=
github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
@@ -984,10 +982,11 @@ github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0t
github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
github.com/rs/cors v1.11.1 h1:eU3gRzXLRK57F5rKMGMZURNdIG4EoAmX8k94r9wXWHA=
github.com/rs/cors v1.11.1/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU=
github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
github.com/rs/xid v1.6.0 h1:fV591PaemRlL6JfRxGDEPl69wICngIQ3shQtzfy2gxU=
github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0=
github.com/rs/zerolog v1.34.0 h1:k43nTLIwcTVQAncfCw4KZ2VY6ukYoZaBPNOE8txlOeY=
github.com/rs/zerolog v1.34.0/go.mod h1:bJsvje4Z08ROH4Nhs5iH600c3IkWhwp44iRc54W6wYQ=
github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8=
github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
github.com/russellhaering/goxmldsig v1.4.0 h1:8UcDh/xGyQiyrW+Fq5t8f+l2DLB1+zlhYzkPUJ7Qhys=
github.com/russellhaering/goxmldsig v1.4.0/go.mod h1:gM4MDENBQf7M+V824SGfyIUVFWydB7n0KkEubVJl+Tw=
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
@@ -1100,13 +1099,13 @@ github.com/toorop/go-dkim v0.0.0-20201103131630-e1cd1a0a5208/go.mod h1:BzWtXXrXz
github.com/transip/gotransip/v6 v6.2.0/go.mod h1:pQZ36hWWRahCUXkFWlx9Hs711gLd8J4qdgLdRzmtY+g=
github.com/trustelem/zxcvbn v1.0.1 h1:mp4JFtzdDYGj9WYSD3KQSkwwUumWNFzXaAjckaTYpsc=
github.com/trustelem/zxcvbn v1.0.1/go.mod h1:zonUyKeh7sw6psPf/e3DtRqkRyZvAbOfjNz/aO7YQ5s=
github.com/tus/tusd/v2 v2.8.0 h1:X2jGxQ05jAW4inDd2ogmOKqwnb4c/D0lw2yhgHayWyU=
github.com/tus/tusd/v2 v2.8.0/go.mod h1:3/zEOVQQIwmJhvNam8phV4x/UQt68ZmZiTzeuJUNhVo=
github.com/tus/tusd/v2 v2.7.1 h1:TGJjhv9RYXDmsTz8ug/qSd9vQpmD0Ik0G0IPo80Qmc0=
github.com/tus/tusd/v2 v2.7.1/go.mod h1:PLdIMQ/ge+5ADgGKcL3FgTaPs+7wB0JIiI5HQXAiJE8=
github.com/uber-go/atomic v1.3.2/go.mod h1:/Ct5t2lcmbJ4OSe/waGBoaVvVqtO0bmtfVNex1PFV8g=
github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
github.com/urfave/cli/v2 v2.27.6 h1:VdRdS98FNhKZ8/Az8B7MTyGQmpIr36O1EHybx/LaZ4g=
github.com/urfave/cli/v2 v2.27.6/go.mod h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ=
github.com/urfave/cli/v2 v2.27.5 h1:WoHEJLdsXr6dDWoJgMq/CboDmyY/8HMMH1fTECbih+w=
github.com/urfave/cli/v2 v2.27.5/go.mod h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ=
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
github.com/valyala/fasttemplate v1.1.0/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
@@ -1179,8 +1178,6 @@ go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0 h1:1fTNlAIJZGWLP5FVu0f
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0/go.mod h1:zjPK58DtkqQFn+YUMbx0M2XV3QgKU0gS9LeGohREyK4=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.35.0 h1:m639+BofXTvcY1q8CGs4ItwQarYtJPOWmVobfM1HpVI=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.35.0/go.mod h1:LjReUci/F4BUyv+y4dwnq3h/26iNOeC3wAIqgvTIZVo=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.35.0 h1:xJ2qHD0C1BeYVTLLR9sX12+Qb95kfeD/byKj6Ky1pXg=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.35.0/go.mod h1:u5BF1xyjstDowA1R5QAO9JHzqK+ublenEW/dyqTjBVk=
go.opentelemetry.io/otel/metric v1.35.0 h1:0znxYu2SNyuMSQT4Y9WDWej0VpcsxkuklLa4/siN90M=
go.opentelemetry.io/otel/metric v1.35.0/go.mod h1:nKVFgxBZ2fReX6IlyW28MgZojkoAkJGaE8CpgeAU3oE=
go.opentelemetry.io/otel/sdk v1.35.0 h1:iPctf8iprVySXSKJffSS79eOjl9pvxV9ZqOWT0QejKY=
@@ -1196,8 +1193,6 @@ go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs=
go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8=
go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
@@ -1334,8 +1329,8 @@ golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8=
golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
golang.org/x/net v0.37.0 h1:1zLorHbz+LYj7MQlSf1+2tPIIgibq2eL5xkrGk6f+2c=
golang.org/x/net v0.37.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -1446,8 +1441,8 @@ golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20=
golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik=
golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
@@ -1603,8 +1598,8 @@ google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7Fc
google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb h1:ITgPrl429bc6+2ZraNSzMDk3I95nmQln2fuPstKwFDE=
google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb/go.mod h1:sAo5UzpjUwgFBCzupwhcLcxHVDK7vG5IqI30YnwX2eE=
google.golang.org/genproto v0.0.0-20241118233622-e639e219e697 h1:ToEetK57OidYuqD4Q5w+vfEnPvPpuTwedCNVohYJfNk=
google.golang.org/genproto v0.0.0-20241118233622-e639e219e697/go.mod h1:JJrvXBWRZaFMxBufik1a4RpFw4HhgVtBBWQeQgUj2cc=
google.golang.org/genproto/googleapis/api v0.0.0-20250303144028-a0af3efb3deb h1:p31xT4yrYrSM/G4Sn2+TNUkVhFCbG9y8itM2S6Th950=
google.golang.org/genproto/googleapis/api v0.0.0-20250303144028-a0af3efb3deb/go.mod h1:jbe3Bkdp+Dh2IrslsFCklNhweNTBgSYanP1UXhJDhKg=
google.golang.org/genproto/googleapis/rpc v0.0.0-20250303144028-a0af3efb3deb h1:TLPQVbx1GJ8VKZxz52VAxl1EBgKXXbTiU9Fc5fZeLn4=
@@ -1624,8 +1619,8 @@ google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3Iji
google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
google.golang.org/grpc v1.71.1 h1:ffsFWr7ygTUscGPI0KKK6TLrGz0476KUvvsbqWK0rPI=
google.golang.org/grpc v1.71.1/go.mod h1:H0GRtasmQOh9LkFoCPDu3ZrwUtD1YGE+b2vYBYd/8Ec=
google.golang.org/grpc v1.71.0 h1:kF77BGdPTQ4/JZWMlb9VpJ5pa25aqvVqogsxNHHdeBg=
google.golang.org/grpc v1.71.0/go.mod h1:H0GRtasmQOh9LkFoCPDu3ZrwUtD1YGE+b2vYBYd/8Ec=
google.golang.org/grpc/examples v0.0.0-20211102180624-670c133e568e h1:m7aQHHqd0q89mRwhwS9Bx2rjyl/hsFAeta+uGrHsQaU=
google.golang.org/grpc/examples v0.0.0-20211102180624-670c133e568e/go.mod h1:gID3PKrg7pWKntu9Ss6zTLJ0ttC0X9IHgREOCZwbCVU=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
@@ -1642,8 +1637,8 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM=
google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
gopkg.in/cenkalti/backoff.v1 v1.1.0 h1:Arh75ttbsvlpVA7WtVpH4u9h6Zl46xuptxqLxPiSo4Y=
gopkg.in/cenkalti/backoff.v1 v1.1.0/go.mod h1:J6Vskwqd+OMVJl8C33mmtxTBs2gyzfv7UDAkHu8BrjI=

2
pkg/kql/dictionary_gen.go
View File

@@ -2716,7 +2716,7 @@ var (
// errMaxExprCnt is used to signal that the maximum number of
// expressions have been parsed.
errMaxExprCnt = errors.New("max number of expressions parsed")
errMaxExprCnt = errors.New("max number of expresssions parsed")
)
// Option is a function that can set an option on the parser. It returns

2
pkg/oidc/mocks/oidc_client.go
View File

@@ -1,4 +1,4 @@
// Code generated by mockery v2.53.2. DO NOT EDIT.
// Code generated by mockery v2.53.0. DO NOT EDIT.
package mocks

11
pkg/version/version.go
View File

@@ -16,7 +16,7 @@ var (
// LatestTag is the latest released version plus the dev meta version.
// Will be overwritten by the release pipeline
// Needs a manual change for every tagged release
LatestTag = "2.1.0+dev"
LatestTag = "1.1.0+dev"
// Date indicates the build date.
// This has been removed, it looks like you can only replace static strings with recent go versions
@@ -46,17 +46,18 @@ func GetString() string {
// Parsed returns a semver Version
func Parsed() (version *semver.Version) {
versionToParse := LatestTag
// use the placeholder version if the tag is empty or when we are creating a daily build
if Tag != "" && Tag != "daily" {
if Tag != "" {
versionToParse = Tag
}
version, err := semver.NewVersion(versionToParse)
// We have no semver version but a commitid
if err != nil {
// this should never happen
return &semver.Version{}
if err != nil {
return &semver.Version{}
}
}
if String != "" {
// We have no tagged version but a commitid
nVersion, err := version.SetMetadata(String)
if err != nil {
return &semver.Version{}

171
release-config.ts
View File

@@ -1,124 +1,49 @@
export default {
changeTypes: [
{
title: "💥 Breaking changes",
labels: ["breaking", "Type:Breaking-Change"],
bump: "major",
weight: 3,
},
{
title: "🔒 Security",
labels: ["security", "Type:Security"],
bump: "patch",
weight: 2,
},
{
title: "✨ Features",
labels: ["feature", "Type:Feature"],
bump: "minor",
weight: 1,
},
{
title: "📈 Enhancement",
labels: ["enhancement", "refactor", "Type:Enhancement"],
bump: "minor",
},
{
title: "🐛 Bug Fixes",
labels: ["bug", "Type:Bug"],
bump: "patch",
},
{
title: "📚 Documentation",
labels: ["docs", "documentation", "Type:Documentation"],
bump: "patch",
},
{
title: "✅ Tests",
labels: ["test", "tests", "Type:Test"],
bump: "patch",
},
{
title: "📦️ Dependencies",
labels: ["dependency", "dependencies", "Type:Dependencies"],
bump: "patch",
weight: -1,
},
],
useVersionPrefixV: true,
getLatestTag: ({ exec }) => {
// the plugin uses the latest tag to determine the next version
// and the changes that are included in the upcoming release.
const branch = getBranch(exec);
let tags = getTags(exec);
if (branch.startsWith("stable-")) {
const [_, majorAndMinor] = branch.split("-");
// we only care about tags that are within the range of the current stable branch.
// e.g. if the branch is stable-1.2, we only care about tags that are v1.2.x.
const matchingTags = tags.filter((t) =>
t.startsWith(`v${majorAndMinor}`)
);
if (matchingTags.length) {
tags = matchingTags;
}
}
return tags.pop() || "v0.0.0";
},
useLatestRelease: ({ exec, nextVersion }) => {
// check if the release should be marked as latest release on GitHub.
const tags = getTags(exec);
const latestTag = tags.pop() || "v0.0.0";
return compareVersions(latestTag, nextVersion) === -1;
},
};
const parseVersion = (tag: string) => {
const version = tag.startsWith("v") ? tag.slice(1) : tag;
const [main, pre] = version.split("-");
const [major, minor, patch] = main.split(".").map(Number);
return { major, minor, patch, pre };
};
const getBranch = (exec: any): string => {
return exec("git rev-parse --abbrev-ref HEAD", {
silent: true,
}).stdout.trim();
};
const getTags = (exec: any) => {
exec("git fetch --tags", { silent: true });
const tagsOutput = exec("git tag", { silent: true }).stdout.trim();
const tags: string[] = tagsOutput ? tagsOutput.split("\n") : [];
return tags.filter((tag) => tag.startsWith("v")).sort(compareVersions);
};
const compareVersions = (a: string, b: string) => {
const va = parseVersion(a);
const vb = parseVersion(b);
if (va.major !== vb.major) {
return va.major - vb.major;
}
if (va.minor !== vb.minor) {
return va.minor - vb.minor;
}
if (va.patch !== vb.patch) {
return va.patch - vb.patch;
}
if (va.pre && !vb.pre) {
return -1;
}
if (!va.pre && vb.pre) {
return 1;
}
if (va.pre && vb.pre) {
return va.pre.localeCompare(vb.pre);
}
return 0;
};
changeTypes: [
{
title: '💥 Breaking changes',
labels: ['breaking', 'Type:Breaking-Change'],
bump: 'major',
weight: 3
},
{
title: '🔒 Security',
labels: ['security', 'Type:Security'],
bump: 'patch',
weight: 2
},
{
title: '✨ Features',
labels: ['feature', 'Type:Feature'],
bump: 'minor',
weight: 1
},
{
title: '📈 Enhancement',
labels: ['enhancement', 'refactor', 'Type:Enhancement'],
bump: 'minor'
},
{
title: '🐛 Bug Fixes',
labels: ['bug', 'Type:Bug'],
bump: 'patch'
},
{
title: '📚 Documentation',
labels: ['docs', 'documentation', 'Type:Documentation'],
bump: 'patch'
},
{
title: '✅ Tests',
labels: ['test', 'tests', 'Type:Test'],
bump: 'patch'
},
{
title: '📦️ Dependencies',
labels: ['dependency', 'dependencies', 'Type:Dependencies'],
bump: 'patch',
weight: -1
}
],
useVersionPrefixV: true,
}

27
services/antivirus/README.md
View File

@@ -4,10 +4,7 @@ The `antivirus` service is responsible for scanning files for viruses.
## Memory Considerations
The antivirus service can consume considerable amounts of memory.
This is relevant to provide or define sufficient memory for the deployment selected.
To avoid out of memory (OOM) situations, the following equation gives a rough overview based on experiences made.
The memory calculation comes without any guarantee, is intended as overview only and subject of change.
The antivirus service can consume considerably amounts of memory. This is relevant to provide or define sufficient memory for the deployment selected. To avoid out of memory (OOM) situations, the following equation gives a rough overview based on experiences made. The memory calculation comes without any guarantee, is intended as overview only and subject of change.
`memory limit` = `max file size` x `workers` x `factor 8 - 14`
@@ -22,31 +19,17 @@ With:
### Antivirus Scanner Type
The antivirus service currently supports [ICAP](https://tools.ietf.org/html/rfc3507) and [ClamAV](http://www.clamav.net/index.html) as antivirus scanners.
The `ANTIVIRUS_SCANNER_TYPE` environment variable is used to select the scanner.
The detailed configuration for each scanner heavily depends on the scanner type selected.
See the environment variables for more details.
The antivirus service currently supports [ICAP](https://tools.ietf.org/html/rfc3507) and [ClamAV](http://www.clamav.net/index.html) as antivirus scanners. The `ANTIVIRUS_SCANNER_TYPE` environment variable is used to select the scanner. The detailed configuration for each scanner heavily depends on the scanner type selected. See the environment variables for more details.
- For `icap`, only scanners using the `X-Infection-Found` header are currently supported.
- For `clamav` only local sockets can currently be configured.
### Maximum Scan Size
Several factors can make it necessary to limit the maximum filesize the antivirus service uses for scanning.
Use the `ANTIVIRUS_MAX_SCAN_SIZE` environment variable to scan only a given number of bytes,
or to skip the whole resource.
Even if it's recommended to scan the whole file, several factors like scanner type and version,
bandwidth, performance issues, etc. might make a limit necessary.
In such cases, the antivirus the max scan size mode can be handy, the following modes are available:
- `partial`: The file is scanned up to the given size. The rest of the file is not scanned. This is the default mode `ANTIVIRUS_MAX_SCAN_SIZE=partial`
- `skip`: The file is skipped and not scanned. `ANTIVIRUS_MAX_SCAN_SIZE=skip`
Several factors can make it necessary to limit the maximum filesize the antivirus service will use for scanning. Use the `ANTIVIRUS_MAX_SCAN_SIZE` environment variable to scan only a given amount of bytes. Obviously, it is recommended to scan the whole file, but several factors like scanner type and version, bandwidth, performance issues, etc. might make a limit necessary.
**IMPORTANT**
> Streaming of files to the virus scan service still [needs to be implemented](https://github.com/owncloud/ocis/issues/6803).
> To prevent OOM errors `ANTIVIRUS_MAX_SCAN_SIZE` needs to be set lower than available ram and or the maximum file size that can be scanned by the virus scanner.
> Streaming of files to the virus scan service still [needs to be implemented](https://github.com/owncloud/ocis/issues/6803). To prevent OOM errors `ANTIVIRUS_MAX_SCAN_SIZE` needs to be set lower than available ram.
### Antivirus Workers
@@ -58,7 +41,7 @@ The antivirus service allows three different ways of handling infected files. Th
- `delete`: (default): Infected files will be deleted immediately, further postprocessing is cancelled.
- `abort`: (advanced option): Infected files will be kept, further postprocessing is cancelled. Files can be manually retrieved and inspected by an admin. To identify the file for further investigation, the antivirus service logs the abort/infected state including the file ID. The file is located in the `storage/users/uploads` folder of the OpenCloud data directory and persists until it is manually deleted by the admin via the [Manage Unfinished Uploads](https://github.com/opencloud-eu/opencloud/tree/main/services/storage-users#manage-unfinished-uploads) command.
- `continue`: (not recommended): Infected files will be marked via metadata as infected, but postprocessing continues normally. Note: Infected Files are moved to their final destination and therefore not prevented from download, which includes the risk of spreading viruses.
- `continue`: (obviously not recommended): Infected files will be marked via metadata as infected but postprocessing continues normally. Note: Infected Files are moved to their final destination and therefore not prevented from download which includes the risk of spreading viruses.
In all cases, a log entry is added declaring the infection and handling method and a notification via the `userlog` service sent.

2
services/antivirus/pkg/command/server.go
View File

@@ -45,7 +45,7 @@ func Server(cfg *config.Config) *cli.Command {
{
svc, err := service.NewAntivirus(cfg, logger, traceProvider)
if err != nil {
return cli.Exit(err.Error(), 1)
return err
}
gr.Add(svc.Run, func(_ error) {

30
services/antivirus/pkg/config/config.go
View File

@@ -5,26 +5,6 @@ import (
"time"
)
// ScannerType gives info which scanner is used
type ScannerType string
const (
// ScannerTypeClamAV defines that clamav is used
ScannerTypeClamAV ScannerType = "clamav"
// ScannerTypeICap defines that icap is used
ScannerTypeICap ScannerType = "icap"
)
// MaxScanSizeMode defines the mode of handling files that exceed the maximum scan size
type MaxScanSizeMode string
const (
// MaxScanSizeModeSkip defines that files that are bigger than the max scan size will be skipped
MaxScanSizeModeSkip MaxScanSizeMode = "skip"
// MaxScanSizeModePartial defines that only the file up to the max size will be used
MaxScanSizeModePartial MaxScanSizeMode = "partial"
)
// Config combines all available configuration parts.
type Config struct {
File string
@@ -40,9 +20,8 @@ type Config struct {
Events Events
Workers int `yaml:"workers" env:"ANTIVIRUS_WORKERS" desc:"The number of concurrent go routines that fetch events from the event queue." introductionVersion:"1.0.0"`
Scanner Scanner
MaxScanSize string `yaml:"max-scan-size" env:"ANTIVIRUS_MAX_SCAN_SIZE" desc:"The maximum scan size the virus scanner can handle.0 means unlimited. Usable common abbreviations: [KB, KiB, MB, MiB, GB, GiB, TB, TiB, PB, PiB, EB, EiB], example: 2GB." introductionVersion:"1.0.0"`
MaxScanSizeMode MaxScanSizeMode `yaml:"max-scan-size-mode" env:"ANTIVIRUS_MAX_SCAN_SIZE_MODE" desc:"Defines the mode of handling files that exceed the maximum scan size. Supported options are: 'skip', which skips files that are bigger than the max scan size, and 'truncate' (default), which only uses the file up to the max size." introductionVersion:"2.1.0"`
Scanner Scanner
MaxScanSize string `yaml:"max-scan-size" env:"ANTIVIRUS_MAX_SCAN_SIZE" desc:"The maximum scan size the virus scanner can handle. Only this many bytes of a file will be scanned. 0 means unlimited and is the default. Usable common abbreviations: [KB, KiB, MB, MiB, GB, GiB, TB, TiB, PB, PiB, EB, EiB], example: 2GB." introductionVersion:"1.0.0"`
Context context.Context `json:"-" yaml:"-"`
@@ -83,7 +62,7 @@ type Events struct {
// Scanner provides configuration options for the virus scanner
type Scanner struct {
Type ScannerType `yaml:"type" env:"ANTIVIRUS_SCANNER_TYPE" desc:"The antivirus scanner to use. Supported values are 'clamav' and 'icap'." introductionVersion:"1.0.0"`
Type string `yaml:"type" env:"ANTIVIRUS_SCANNER_TYPE" desc:"The antivirus scanner to use. Supported values are 'clamav' and 'icap'." introductionVersion:"1.0.0"`
ClamAV ClamAV // only if Type == clamav
ICAP ICAP // only if Type == icap
@@ -91,8 +70,7 @@ type Scanner struct {
// ClamAV provides configuration option for clamav
type ClamAV struct {
Socket string `yaml:"socket" env:"ANTIVIRUS_CLAMAV_SOCKET" desc:"The socket clamav is running on. Note the default value is an example which needs adaption according your OS." introductionVersion:"1.0.0"`
Timeout time.Duration `yaml:"scan_timeout" env:"ANTIVIRUS_CLAMAV_SCAN_TIMEOUT" desc:"Scan timeout for the ClamAV client. Defaults to '5m' (5 minutes). See the Environment Variable Types description for more details." introductionVersion:"2.1.0"`
Socket string `yaml:"socket" env:"ANTIVIRUS_CLAMAV_SOCKET" desc:"The socket clamav is running on. Note the default value is an example which needs adaption according your OS." introductionVersion:"1.0.0"`
}
// ICAP provides configuration options for icap

14
services/antivirus/pkg/config/defaults/defaultconfig.go
View File

@@ -30,15 +30,10 @@ func DefaultConfig() *config.Config {
},
Workers: 10,
InfectedFileHandling: "delete",
// defaults from clamav sample conf: MaxScanSize=400M, MaxFileSize=100M, StreamMaxLength=100M
// https://github.com/Cisco-Talos/clamav/blob/main/etc/clamd.conf.sample
MaxScanSize: "100MB",
MaxScanSizeMode: config.MaxScanSizeModePartial,
Scanner: config.Scanner{
Type: config.ScannerTypeClamAV,
Type: "clamav",
ClamAV: config.ClamAV{
Socket: "/run/clamav/clamd.ctl",
Timeout: 5 * time.Minute,
Socket: "/run/clamav/clamd.ctl",
},
ICAP: config.ICAP{
URL: "icap://127.0.0.1:1344",
@@ -62,9 +57,4 @@ func EnsureDefaults(cfg *config.Config) {
// Sanitize sanitizes the configuration
func Sanitize(cfg *config.Config) {
defaultConfig := DefaultConfig()
if cfg.MaxScanSize == "" {
cfg.MaxScanSize = defaultConfig.MaxScanSize
}
}

39
services/antivirus/pkg/scanners/clamav.go
View File

@@ -1,51 +1,34 @@
package scanners
import (
"fmt"
"time"
"github.com/dutchcoders/go-clamd"
)
// NewClamAV returns a Scanner talking to clamAV via socket
func NewClamAV(socket string, timeout time.Duration) (*ClamAV, error) {
c := clamd.NewClamd(socket)
if err := c.Ping(); err != nil {
return nil, fmt.Errorf("%w: %w", ErrScannerNotReachable, err)
}
func NewClamAV(socket string) *ClamAV {
return &ClamAV{
clamd: clamd.NewClamd(socket),
timeout: timeout,
}, nil
clamd: clamd.NewClamd(socket),
}
}
// ClamAV is a Scanner based on clamav
type ClamAV struct {
clamd *clamd.Clamd
timeout time.Duration
clamd *clamd.Clamd
}
// Scan to fulfill Scanner interface
func (s ClamAV) Scan(in Input) (Result, error) {
abort := make(chan bool, 1)
defer close(abort)
ch, err := s.clamd.ScanStream(in.Body, abort)
ch, err := s.clamd.ScanStream(in.Body, make(chan bool))
if err != nil {
return Result{}, err
}
select {
case <-time.After(s.timeout):
abort <- true
return Result{}, fmt.Errorf("%w: %s", ErrScanTimeout, in.Url)
case s := <-ch:
return Result{
Infected: s.Status == clamd.RES_FOUND,
Description: s.Description,
ScanTime: time.Now(),
}, nil
}
r := <-ch
return Result{
Infected: r.Status == clamd.RES_FOUND,
Description: r.Description,
ScanTime: time.Now(),
}, nil
}

120
services/antivirus/pkg/scanners/clamav_test.go
View File

@@ -1,120 +0,0 @@
package scanners_test
import (
"context"
"net"
"os"
"path/filepath"
"strings"
"testing"
"time"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/opencloud-eu/opencloud/services/antivirus/pkg/scanners"
)
func newUnixListener(t testing.TB, lc net.ListenConfig, v ...string) net.Listener {
d, err := os.MkdirTemp("", "")
assert.NoError(t, err)
t.Cleanup(func() {
require.NoError(t, os.RemoveAll(d))
})
nl, err := lc.Listen(context.Background(), "unix", filepath.Join(d, "sock"))
require.NoError(t, err)
go func() {
i := 0
for {
if len(v) == i {
break
}
conn, err := nl.Accept()
require.NoError(t, err)
time.Sleep(100 * time.Millisecond)
_, err = conn.Write([]byte(v[i]))
require.NoError(t, err)
require.NoError(t, conn.Close())
i++
}
}()
return nl
}
func TestNewClamAV(t *testing.T) {
t.Run("returns a scanner", func(t *testing.T) {
ul := newUnixListener(t, net.ListenConfig{}, "PONG\n")
defer func() {
assert.NoError(t, ul.Close())
}()
done := make(chan bool, 1)
go func() {
_, err := scanners.NewClamAV(ul.Addr().String(), 10*time.Second)
assert.NoError(t, err)
done <- true
}()
assert.True(t, <-done)
})
t.Run("fails if scanner is not pingable", func(t *testing.T) {
_, err := scanners.NewClamAV("", 0)
assert.ErrorIs(t, err, scanners.ErrScannerNotReachable)
})
}
func TestNewClamAV_Scan(t *testing.T) {
t.Run("returns a result", func(t *testing.T) {
ul := newUnixListener(t, net.ListenConfig{}, "PONG\n", "stream: Win.Test.EICAR_HDB-1 FOUND\n")
defer func() {
assert.NoError(t, ul.Close())
}()
done := make(chan bool, 1)
go func() {
scanner, err := scanners.NewClamAV(ul.Addr().String(), 10*time.Second)
assert.NoError(t, err)
result, err := scanner.Scan(scanners.Input{Body: strings.NewReader("DATA")})
assert.NoError(t, err)
assert.Equal(t, result.Description, "Win.Test.EICAR_HDB-1")
assert.True(t, result.Infected)
done <- true
}()
assert.True(t, <-done)
})
t.Run("aborts after a certain time", func(t *testing.T) {
ul := newUnixListener(t, net.ListenConfig{}, "PONG\n", "stream: Win.Test.EICAR_HDB-1 FOUND\n")
defer func() {
assert.NoError(t, ul.Close())
}()
done := make(chan bool, 1)
go func() {
scanner, err := scanners.NewClamAV(ul.Addr().String(), 10*time.Second)
assert.NoError(t, err)
result, err := scanner.Scan(scanners.Input{Body: strings.NewReader("DATA")})
assert.NoError(t, err)
assert.Equal(t, result.Description, "Win.Test.EICAR_HDB-1")
assert.True(t, result.Infected)
done <- true
}()
assert.True(t, <-done)
})
}

36
services/antivirus/pkg/scanners/scanners.go
View File

@@ -1,31 +1,21 @@
package scanners
import (
"errors"
"io"
"time"
)
var (
// ErrScanTimeout is returned when a scan times out
ErrScanTimeout = errors.New("time out waiting for clamav to respond while scanning")
// ErrScannerNotReachable is returned when the scanner is not reachable
ErrScannerNotReachable = errors.New("failed to reach the scanner")
)
// The Result is the common scan result to all scanners
type Result struct {
Infected bool
ScanTime time.Time
Description string
}
type (
// The Result is the common scan result to all scanners
Result struct {
Infected bool
ScanTime time.Time
Description string
}
// The Input is the common input to all scanners
Input struct {
Body io.Reader
Size int64
Url string
Name string
}
)
// The Input is the common input to all scanners
type Input struct {
Body io.Reader
Size int64
Url string
Name string
}

154
services/antivirus/pkg/service/service.go
View File

@@ -9,7 +9,6 @@ import (
"io"
"net/http"
"os"
"slices"
"sync"
"time"
@@ -38,44 +37,38 @@ type Scanner interface {
}
// NewAntivirus returns a service implementation for Service.
func NewAntivirus(cfg *config.Config, logger log.Logger, tracerProvider trace.TracerProvider) (Antivirus, error) {
func NewAntivirus(c *config.Config, l log.Logger, tp trace.TracerProvider) (Antivirus, error) {
var scanner Scanner
var err error
switch cfg.Scanner.Type {
switch c.Scanner.Type {
default:
return Antivirus{}, fmt.Errorf("unknown av scanner: '%s'", cfg.Scanner.Type)
case config.ScannerTypeClamAV:
scanner, err = scanners.NewClamAV(cfg.Scanner.ClamAV.Socket, cfg.Scanner.ClamAV.Timeout)
case config.ScannerTypeICap:
scanner, err = scanners.NewICAP(cfg.Scanner.ICAP.URL, cfg.Scanner.ICAP.Service, cfg.Scanner.ICAP.Timeout)
return Antivirus{}, fmt.Errorf("unknown av scanner: '%s'", c.Scanner.Type)
case "clamav":
scanner = scanners.NewClamAV(c.Scanner.ClamAV.Socket)
case "icap":
scanner, err = scanners.NewICAP(c.Scanner.ICAP.URL, c.Scanner.ICAP.Service, c.Scanner.ICAP.Timeout)
}
if err != nil {
return Antivirus{}, err
}
av := Antivirus{config: cfg, log: logger, tracerProvider: tracerProvider, scanner: scanner, client: rhttp.GetHTTPClient(rhttp.Insecure(true))}
av := Antivirus{c: c, l: l, tp: tp, s: scanner, client: rhttp.GetHTTPClient(rhttp.Insecure(true))}
switch mode := cfg.MaxScanSizeMode; mode {
case config.MaxScanSizeModeSkip, config.MaxScanSizeModePartial:
break
default:
return av, fmt.Errorf("unknown max scan size mode '%s'", cfg.MaxScanSizeMode)
}
switch outcome := events.PostprocessingOutcome(cfg.InfectedFileHandling); outcome {
switch o := events.PostprocessingOutcome(c.InfectedFileHandling); o {
case events.PPOutcomeContinue, events.PPOutcomeAbort, events.PPOutcomeDelete:
av.outcome = outcome
av.o = o
default:
return av, fmt.Errorf("unknown infected file handling '%s'", outcome)
return av, fmt.Errorf("unknown infected file handling '%s'", o)
}
if cfg.MaxScanSize != "" {
b, err := bytesize.Parse(cfg.MaxScanSize)
if c.MaxScanSize != "" {
b, err := bytesize.Parse(c.MaxScanSize)
if err != nil {
return av, err
}
av.maxScanSize = b.Bytes()
av.m = b.Bytes()
}
return av, nil
@@ -83,23 +76,23 @@ func NewAntivirus(cfg *config.Config, logger log.Logger, tracerProvider trace.Tr
// Antivirus defines implements the business logic for Service.
type Antivirus struct {
config *config.Config
log log.Logger
scanner Scanner
outcome events.PostprocessingOutcome
maxScanSize uint64
tracerProvider trace.TracerProvider
c *config.Config
l log.Logger
s Scanner
o events.PostprocessingOutcome
m uint64
tp trace.TracerProvider
client *http.Client
}
// Run runs the service
func (av Antivirus) Run() error {
eventsCfg := av.config.Events
evtsCfg := av.c.Events
var rootCAPool *x509.CertPool
if av.config.Events.TLSRootCACertificate != "" {
rootCrtFile, err := os.Open(eventsCfg.TLSRootCACertificate)
if av.c.Events.TLSRootCACertificate != "" {
rootCrtFile, err := os.Open(evtsCfg.TLSRootCACertificate)
if err != nil {
return err
}
@@ -111,10 +104,10 @@ func (av Antivirus) Run() error {
rootCAPool = x509.NewCertPool()
rootCAPool.AppendCertsFromPEM(certBytes.Bytes())
av.config.Events.TLSInsecure = false
av.c.Events.TLSInsecure = false
}
natsStream, err := stream.NatsFromConfig(av.config.Service.Name, false, stream.NatsConfig(av.config.Events))
natsStream, err := stream.NatsFromConfig(av.c.Service.Name, false, stream.NatsConfig(av.c.Events))
if err != nil {
return err
}
@@ -125,7 +118,7 @@ func (av Antivirus) Run() error {
}
wg := sync.WaitGroup{}
for i := 0; i < av.config.Workers; i++ {
for i := 0; i < av.c.Workers; i++ {
wg.Add(1)
go func() {
defer wg.Done()
@@ -134,11 +127,11 @@ func (av Antivirus) Run() error {
if err != nil {
switch {
case errors.Is(err, ErrFatal):
av.log.Fatal().Err(err).Msg("fatal error - exiting")
av.l.Fatal().Err(err).Msg("fatal error - exiting")
case errors.Is(err, ErrEvent):
av.log.Error().Err(err).Msg("continuing")
av.l.Error().Err(err).Msg("continuing")
default:
av.log.Fatal().Err(err).Msg("unknown error - exiting")
av.l.Fatal().Err(err).Msg("unknown error - exiting")
}
}
}
@@ -150,20 +143,20 @@ func (av Antivirus) Run() error {
}
func (av Antivirus) processEvent(e events.Event, s events.Publisher) error {
ctx, span := av.tracerProvider.Tracer("antivirus").Start(e.GetTraceContext(context.Background()), "processEvent")
ctx := e.GetTraceContext(context.Background())
ctx, span := av.tp.Tracer("antivirus").Start(ctx, "processEvent")
defer span.End()
av.log.Info().Str("traceID", span.SpanContext().TraceID().String()).Msg("TraceID")
av.l.Info().Str("traceID", span.SpanContext().TraceID().String()).Msg("TraceID")
ev := e.Event.(events.StartPostprocessingStep)
if ev.StepToStart != events.PPStepAntivirus {
return nil
}
if av.config.DebugScanOutcome != "" {
av.log.Warn().Str("antivir, clamav", ">>>>>>> ANTIVIRUS_DEBUG_SCAN_OUTCOME IS SET NO ACTUAL VIRUS SCAN IS PERFORMED!").Send()
if av.c.DebugScanOutcome != "" {
av.l.Warn().Str("antivir, clamav", ">>>>>>> ANTIVIRUS_DEBUG_SCAN_OUTCOME IS SET NO ACTUAL VIRUS SCAN IS PERFORMED!").Send()
if err := events.Publish(ctx, s, events.PostprocessingStepFinished{
FinishedStep: events.PPStepAntivirus,
Outcome: events.PostprocessingOutcome(av.config.DebugScanOutcome),
Outcome: events.PostprocessingOutcome(av.c.DebugScanOutcome),
UploadID: ev.UploadID,
ExecutingUser: ev.ExecutingUser,
Filename: ev.Filename,
@@ -174,14 +167,13 @@ func (av Antivirus) processEvent(e events.Event, s events.Publisher) error {
ResourceID: ev.ResourceID,
},
}); err != nil {
av.log.Fatal().Err(err).Str("uploadid", ev.UploadID).Interface("resourceID", ev.ResourceID).Msg("cannot publish events - exiting")
av.l.Fatal().Err(err).Str("uploadid", ev.UploadID).Interface("resourceID", ev.ResourceID).Msg("cannot publish events - exiting")
return fmt.Errorf("%w: cannot publish events", ErrFatal)
}
return fmt.Errorf("%w: no actual virus scan performed", ErrEvent)
}
av.log.Debug().Str("uploadid", ev.UploadID).Str("filename", ev.Filename).Msg("Starting virus scan.")
av.l.Debug().Str("uploadid", ev.UploadID).Str("filename", ev.Filename).Msg("Starting virus scan.")
var errmsg string
start := time.Now()
res, err := av.process(ev)
@@ -193,17 +185,17 @@ func (av Antivirus) processEvent(e events.Event, s events.Publisher) error {
var outcome events.PostprocessingOutcome
switch {
case res.Infected:
outcome = av.outcome
outcome = av.o
case !res.Infected && err == nil:
outcome = events.PPOutcomeContinue
case err != nil:
outcome = events.PPOutcomeRetry
default:
// Not sure what this is about. Abort.
// Not sure what this is about. abort.
outcome = events.PPOutcomeAbort
}
av.log.Info().Str("uploadid", ev.UploadID).Interface("resourceID", ev.ResourceID).Str("virus", res.Description).Str("outcome", string(outcome)).Str("filename", ev.Filename).Str("user", ev.ExecutingUser.GetId().GetOpaqueId()).Bool("infected", res.Infected).Dur("duration", duration).Msg("File scanned")
av.l.Info().Str("uploadid", ev.UploadID).Interface("resourceID", ev.ResourceID).Str("virus", res.Description).Str("outcome", string(outcome)).Str("filename", ev.Filename).Str("user", ev.ExecutingUser.GetId().GetOpaqueId()).Bool("infected", res.Infected).Dur("duration", duration).Msg("File scanned")
if err := events.Publish(ctx, s, events.PostprocessingStepFinished{
FinishedStep: events.PPStepAntivirus,
Outcome: outcome,
@@ -218,7 +210,7 @@ func (av Antivirus) processEvent(e events.Event, s events.Publisher) error {
ErrorMsg: errmsg,
},
}); err != nil {
av.log.Fatal().Err(err).Str("uploadid", ev.UploadID).Interface("resourceID", ev.ResourceID).Msg("cannot publish events - exiting")
av.l.Fatal().Err(err).Str("uploadid", ev.UploadID).Interface("resourceID", ev.ResourceID).Msg("cannot publish events - exiting")
return fmt.Errorf("%w: %s", ErrFatal, err)
}
return nil
@@ -226,24 +218,11 @@ func (av Antivirus) processEvent(e events.Event, s events.Publisher) error {
// process the scan
func (av Antivirus) process(ev events.StartPostprocessingStep) (scanners.Result, error) {
if ev.Filesize == 0 {
av.log.Info().Str("uploadid", ev.UploadID).Msg("Skipping file to be virus scanned, file size is 0.")
return scanners.Result{ScanTime: time.Now()}, nil
}
headers := make(map[string]string)
switch {
case av.maxScanSize == 0:
// there is no size limit
break
case av.config.MaxScanSizeMode == config.MaxScanSizeModeSkip && ev.Filesize > av.maxScanSize:
// skip the file if it is bigger than the max scan size
av.log.Info().Str("uploadid", ev.UploadID).Uint64("filesize", ev.Filesize).
Msg("Skipping file to be virus scanned, file size is bigger than max scan size.")
return scanners.Result{ScanTime: time.Now()}, nil
case av.config.MaxScanSizeMode == config.MaxScanSizeModePartial && ev.Filesize > av.maxScanSize:
// set the range header to only download the first maxScanSize bytes
headers["Range"] = fmt.Sprintf("bytes=0-%d", av.maxScanSize-1)
if ev.Filesize == 0 || (0 < av.m && av.m < ev.Filesize) {
av.l.Info().Str("uploadid", ev.UploadID).Uint64("limit", av.m).Uint64("filesize", ev.Filesize).Msg("Skipping file to be virus scanned because its file size is higher than the defined limit.")
return scanners.Result{
ScanTime: time.Now(),
}, nil
}
var err error
@@ -251,61 +230,56 @@ func (av Antivirus) process(ev events.StartPostprocessingStep) (scanners.Result,
switch ev.UploadID {
default:
rrc, err = av.downloadViaToken(ev.URL, headers)
rrc, err = av.downloadViaToken(ev.URL)
case "":
rrc, err = av.downloadViaReva(ev.URL, ev.Token, ev.RevaToken, headers)
rrc, err = av.downloadViaReva(ev.URL, ev.Token, ev.RevaToken)
}
if err != nil {
av.log.Error().Err(err).Str("uploadid", ev.UploadID).Msg("error downloading file")
av.l.Error().Err(err).Str("uploadid", ev.UploadID).Msg("error downloading file")
return scanners.Result{}, err
}
defer func() {
_ = rrc.Close()
}()
defer rrc.Close()
av.l.Debug().Str("uploadid", ev.UploadID).Msg("Downloaded file successfully, starting virusscan")
av.log.Debug().Str("uploadid", ev.UploadID).Msg("Downloaded file successfully, starting virusscan")
res, err := av.scanner.Scan(scanners.Input{Body: rrc, Size: int64(ev.Filesize), Url: ev.URL, Name: ev.Filename})
res, err := av.s.Scan(scanners.Input{Body: rrc, Size: int64(ev.Filesize), Url: ev.URL, Name: ev.Filename})
if err != nil {
av.log.Error().Err(err).Str("uploadid", ev.UploadID).Msg("error scanning file")
av.l.Error().Err(err).Str("uploadid", ev.UploadID).Msg("error scanning file")
}
return res, err
}
// download will download the file
func (av Antivirus) downloadViaToken(url string, headers map[string]string) (io.ReadCloser, error) {
func (av Antivirus) downloadViaToken(url string) (io.ReadCloser, error) {
req, err := http.NewRequest(http.MethodGet, url, nil)
if err != nil {
return nil, err
}
return av.doDownload(req, headers)
return av.doDownload(req)
}
// download will download the file
func (av Antivirus) downloadViaReva(url string, dltoken string, revatoken string, headers map[string]string) (io.ReadCloser, error) {
req, err := rhttp.NewRequest(ctxpkg.ContextSetToken(context.Background(), revatoken), http.MethodGet, url, nil)
func (av Antivirus) downloadViaReva(url string, dltoken string, revatoken string) (io.ReadCloser, error) {
ctx := ctxpkg.ContextSetToken(context.Background(), revatoken)
req, err := rhttp.NewRequest(ctx, http.MethodGet, url, nil)
if err != nil {
return nil, err
}
req.Header.Set("X-Reva-Transfer", dltoken)
return av.doDownload(req, headers)
return av.doDownload(req)
}
func (av Antivirus) doDownload(req *http.Request, headers map[string]string) (io.ReadCloser, error) {
for k, v := range headers {
req.Header.Add(k, v)
}
func (av Antivirus) doDownload(req *http.Request) (io.ReadCloser, error) {
res, err := av.client.Do(req)
if err != nil {
return nil, err
}
if !slices.Contains([]int{http.StatusOK, http.StatusPartialContent}, res.StatusCode) {
_ = res.Body.Close()
if res.StatusCode != http.StatusOK {
res.Body.Close()
return nil, fmt.Errorf("unexpected status code from Download %v", res.StatusCode)
}

34
services/clientlog/pkg/service/service.go
View File

@@ -11,6 +11,7 @@ import (
gateway "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
group "github.com/cs3org/go-cs3apis/cs3/identity/group/v1beta1"
user "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
"go.opentelemetry.io/otel/trace"
@@ -218,16 +219,33 @@ func processShareEvent(ctx context.Context, ref *provider.Reference, gwc gateway
// custom logic for item trashed event
func processItemTrashedEvent(ctx context.Context, ref *provider.Reference, gwc gateway.GatewayAPIClient, initiatorid string, itemID *provider.ResourceId) ([]string, FileEvent, error) {
data := FileEvent{
ItemID: storagespace.FormatResourceID(itemID),
// TODO: check with web if parentID is needed
// ParentItemID: storagespace.FormatResourceID(*item.GetRef().GetResourceId()),
SpaceID: storagespace.FormatStorageID(itemID.GetStorageId(), itemID.GetSpaceId()),
InitiatorID: initiatorid,
resp, err := gwc.ListRecycle(ctx, &provider.ListRecycleRequest{
Ref: ref,
Key: itemID.GetOpaqueId(),
})
if err != nil {
return nil, FileEvent{}, err
}
if resp.GetStatus().GetCode() != rpc.Code_CODE_OK {
return nil, FileEvent{}, fmt.Errorf("error listing recycle: %s", resp.GetStatus().GetMessage())
}
users, err := utils.GetSpaceMembers(ctx, itemID.GetSpaceId(), gwc, utils.ViewerRole)
return users, data, err
for _, item := range resp.GetRecycleItems() {
if item.GetKey() == itemID.GetOpaqueId() {
data := FileEvent{
ItemID: storagespace.FormatResourceID(itemID),
// TODO: check with web if parentID is needed
// ParentItemID: storagespace.FormatResourceID(*item.GetRef().GetResourceId()),
SpaceID: storagespace.FormatStorageID(itemID.GetStorageId(), itemID.GetSpaceId()),
InitiatorID: initiatorid,
}
users, err := utils.GetSpaceMembers(ctx, itemID.GetSpaceId(), gwc, utils.ViewerRole)
return users, data, err
}
}
return nil, FileEvent{}, errors.New("item not found in recycle bin")
}
// adds share related data to the FileEvent

1
services/frontend/pkg/config/config.go
View File

@@ -34,7 +34,6 @@ type Config struct {
EnableFederatedSharingIncoming bool `yaml:"enable_federated_sharing_incoming" env:"OC_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING" desc:"Changing this value is NOT supported. Enables support for incoming federated sharing for clients. The backend behaviour is not changed." introductionVersion:"1.0.0"`
EnableFederatedSharingOutgoing bool `yaml:"enable_federated_sharing_outgoing" env:"OC_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING" desc:"Changing this value is NOT supported. Enables support for outgoing federated sharing for clients. The backend behaviour is not changed." introductionVersion:"1.0.0"`
SearchMinLength int `yaml:"search_min_length" env:"FRONTEND_SEARCH_MIN_LENGTH" desc:"Minimum number of characters to enter before a client should start a search for Share receivers. This setting can be used to customize the user experience if e.g too many results are displayed." introductionVersion:"1.0.0"`
Edition string `yaml:"edition" env:"OC_EDITION;FRONTEND_EDITION" desc:"Edition of OpenCloud. Used for branding purposes." introductionVersion:"1.0.0"`
DisableSSE bool `yaml:"disable_sse" env:"OC_DISABLE_SSE;FRONTEND_DISABLE_SSE" desc:"When set to true, clients are informed that the Server-Sent Events endpoint is not accessible." introductionVersion:"1.0.0"`
DefaultLinkPermissions int `yaml:"default_link_permissions" env:"FRONTEND_DEFAULT_LINK_PERMISSIONS" desc:"Defines the default permissions a link is being created with. Possible values are 0 (= internal link, for instance members only) and 1 (= public link with viewer permissions). Defaults to 1." introductionVersion:"1.0.0"`

1
services/frontend/pkg/config/defaults/defaultconfig.go
View File

@@ -87,7 +87,6 @@ func DefaultConfig() *config.Config {
DefaultUploadProtocol: "tus",
DefaultLinkPermissions: 1,
SearchMinLength: 3,
Edition: "",
Checksums: config.Checksums{
SupportedTypes: []string{"sha1", "md5", "adler32"},
PreferredUploadType: "sha1",

1
services/frontend/pkg/revaconfig/config.go
View File

@@ -208,7 +208,6 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
"needsDbUpgrade": false,
"version": version.Legacy,
"versionstring": version.LegacyString,
"edition": cfg.Edition,
"productname": "OpenCloud",
"product": "OpenCloud",
"productversion": version.GetString(),

1
services/graph/pkg/service/v0/api_driveitem_permissions.go
View File

@@ -83,7 +83,6 @@ func NewDriveItemPermissionsService(logger log.Logger, gatewaySelector pool.Sele
gatewaySelector: gatewaySelector,
identityCache: identityCache,
config: config,
availableRoles: unifiedrole.GetRoles(unifiedrole.RoleFilterIDs(config.UnifiedRoles.AvailableRoles...)),
},
}, nil
}

7
services/graph/pkg/service/v0/api_driveitem_permissions_test.go
View File

@@ -441,6 +441,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
})
It("returns role denied", func() {
statResponse.Info.PermissionSet = roleconversions.NewManagerRole().CS3ResourcePermissions()
cfg.UnifiedRoles.AvailableRoles = []string{unifiedrole.UnifiedRoleViewerID, unifiedrole.UnifiedRoleDeniedID, unifiedrole.UnifiedRoleManagerID}
listSharesResponse.Shares = []*collaboration.Share{
{
Id: &collaboration.ShareId{OpaqueId: "1"},
@@ -464,15 +465,11 @@ var _ = Describe("DriveItemPermissionsService", func() {
}
listPublicSharesResponse.Share = []*link.PublicShare{}
cfg = defaults.FullDefaultConfig()
cfg.UnifiedRoles.AvailableRoles = []string{unifiedrole.UnifiedRoleViewerID, unifiedrole.UnifiedRoleDeniedID, unifiedrole.UnifiedRoleManagerID}
service, err := svc.NewDriveItemPermissionsService(log.NewLogger(), gatewaySelector, cache, cfg)
gatewayClient.On("Stat", mock.Anything, mock.Anything).Return(statResponse, nil)
gatewayClient.On("ListShares", mock.Anything, mock.Anything).Return(listSharesResponse, nil)
gatewayClient.On("GetUser", mock.Anything, mock.Anything).Return(getUserResponse, nil)
gatewayClient.On("ListPublicShares", mock.Anything, mock.Anything).Return(listPublicSharesResponse, nil)
permissions, err := service.ListPermissions(context.Background(), itemID, false, false)
permissions, err := driveItemPermissionsService.ListPermissions(context.Background(), itemID, false, false)
Expect(err).ToNot(HaveOccurred())
Expect(len(permissions.LibreGraphPermissionsActionsAllowedValues)).ToNot(BeZero())
Expect(len(permissions.LibreGraphPermissionsRolesAllowedValues)).ToNot(BeZero())

15
services/graph/pkg/service/v0/base.go
View File

@@ -46,7 +46,6 @@ type BaseGraphService struct {
gatewaySelector pool.Selectable[gateway.GatewayAPIClient]
identityCache identity.IdentityCache
config *config.Config
availableRoles []*libregraph.UnifiedRoleDefinition
}
func (g BaseGraphService) getSpaceRootPermissions(ctx context.Context, spaceID *storageprovider.StorageSpaceId) ([]libregraph.Permission, error) {
@@ -87,7 +86,8 @@ func (g BaseGraphService) CS3ReceivedSharesToDriveItems(ctx context.Context, rec
return nil, err
}
return cs3ReceivedSharesToDriveItems(ctx, g.logger, gatewayClient, g.identityCache, receivedShares, g.availableRoles)
availableRoles := unifiedrole.GetRoles(unifiedrole.RoleFilterIDs(g.config.UnifiedRoles.AvailableRoles...))
return cs3ReceivedSharesToDriveItems(ctx, g.logger, gatewayClient, g.identityCache, receivedShares, availableRoles)
}
func (g BaseGraphService) CS3ReceivedOCMSharesToDriveItems(ctx context.Context, receivedShares []*ocm.ReceivedShare) ([]libregraph.DriveItem, error) {
@@ -96,7 +96,8 @@ func (g BaseGraphService) CS3ReceivedOCMSharesToDriveItems(ctx context.Context,
return nil, err
}
return cs3ReceivedOCMSharesToDriveItems(ctx, g.logger, gatewayClient, g.identityCache, receivedShares, g.availableRoles)
availableRoles := unifiedrole.GetRoles(unifiedrole.RoleFilterIDs(g.config.UnifiedRoles.AvailableRoles...))
return cs3ReceivedOCMSharesToDriveItems(ctx, g.logger, gatewayClient, g.identityCache, receivedShares, availableRoles)
}
func (g BaseGraphService) cs3SpacePermissionsToLibreGraph(ctx context.Context, space *storageprovider.StorageSpace, apiVersion APIVersion) []libregraph.Permission {
@@ -195,8 +196,9 @@ func (g BaseGraphService) cs3SpacePermissionsToLibreGraph(ctx context.Context, s
p.SetExpirationDateTime(time.Unix(int64(exp.GetSeconds()), int64(exp.GetNanos())))
}
availableRoles := unifiedrole.GetRoles(unifiedrole.RoleFilterIDs(g.config.UnifiedRoles.AvailableRoles...))
if role := unifiedrole.CS3ResourcePermissionsToRole(
g.availableRoles,
availableRoles,
perm,
unifiedrole.UnifiedRoleConditionDrive,
false,
@@ -599,7 +601,7 @@ func (g BaseGraphService) cs3UserShareToPermission(ctx context.Context, share *c
perm.SetCreatedDateTime(cs3TimestampToTime(share.GetCtime()))
}
role := unifiedrole.CS3ResourcePermissionsToRole(
g.availableRoles,
unifiedrole.GetRoles(unifiedrole.RoleFilterIDs(g.config.UnifiedRoles.AvailableRoles...)),
share.GetPermissions().GetPermissions(),
roleCondition,
false,
@@ -687,8 +689,9 @@ func (g BaseGraphService) cs3OCMShareToPermission(ctx context.Context, share *oc
}
}
availableRoles := unifiedrole.GetRoles(unifiedrole.RoleFilterIDs(g.config.UnifiedRoles.AvailableRoles...))
role := unifiedrole.CS3ResourcePermissionsToRole(
g.availableRoles,
availableRoles,
permissions,
roleCondition,
true,

2
services/graph/pkg/service/v0/rolemanagement.go
View File

@@ -14,7 +14,7 @@ import (
// GetRoleDefinitions a list of permission roles than can be used when sharing with users or groups
func (g Graph) GetRoleDefinitions(w http.ResponseWriter, r *http.Request) {
render.Status(r, http.StatusOK)
render.JSON(w, r, g.availableRoles)
render.JSON(w, r, unifiedrole.GetRoles(unifiedrole.RoleFilterIDs(g.config.UnifiedRoles.AvailableRoles...)))
}
// GetRoleDefinition a permission role than can be used when sharing with users or groups

2
services/graph/pkg/service/v0/service.go
View File

@@ -31,7 +31,6 @@ import (
"github.com/opencloud-eu/opencloud/services/graph/pkg/identity"
"github.com/opencloud-eu/opencloud/services/graph/pkg/identity/ldap"
graphm "github.com/opencloud-eu/opencloud/services/graph/pkg/middleware"
"github.com/opencloud-eu/opencloud/services/graph/pkg/unifiedrole"
)
const (
@@ -149,7 +148,6 @@ func NewService(opts ...Option) (Graph, error) { //nolint:maintidx
identityCache: identityCache,
gatewaySelector: options.GatewaySelector,
config: options.Config,
availableRoles: unifiedrole.GetRoles(unifiedrole.RoleFilterIDs(options.Config.UnifiedRoles.AvailableRoles...)),
},
mux: m,
specialDriveItemsCache: spacePropertiesCache,

6
services/graph/pkg/service/v0/sharedwithme.go
View File

@@ -10,6 +10,7 @@ import (
libregraph "github.com/owncloud/libre-graph-api-go"
"github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode"
"github.com/opencloud-eu/opencloud/services/graph/pkg/unifiedrole"
)
// ListSharedWithMe lists the files shared with the current user.
@@ -39,7 +40,8 @@ func (g Graph) listSharedWithMe(ctx context.Context) ([]libregraph.DriveItem, er
g.logger.Error().Err(err).Msg("listing shares failed")
return nil, err
}
driveItems, err := cs3ReceivedSharesToDriveItems(ctx, g.logger, gatewayClient, g.identityCache, listReceivedSharesResponse.GetShares(), g.availableRoles)
availableRoles := unifiedrole.GetRoles(unifiedrole.RoleFilterIDs(g.config.UnifiedRoles.AvailableRoles...))
driveItems, err := cs3ReceivedSharesToDriveItems(ctx, g.logger, gatewayClient, g.identityCache, listReceivedSharesResponse.GetShares(), availableRoles)
if err != nil {
g.logger.Error().Err(err).Msg("could not convert received shares to drive items")
return nil, err
@@ -51,7 +53,7 @@ func (g Graph) listSharedWithMe(ctx context.Context) ([]libregraph.DriveItem, er
g.logger.Error().Err(err).Msg("listing shares failed")
return nil, err
}
ocmDriveItems, err := cs3ReceivedOCMSharesToDriveItems(ctx, g.logger, gatewayClient, g.identityCache, listReceivedOCMSharesResponse.GetShares(), g.availableRoles)
ocmDriveItems, err := cs3ReceivedOCMSharesToDriveItems(ctx, g.logger, gatewayClient, g.identityCache, listReceivedOCMSharesResponse.GetShares(), availableRoles)
if err != nil {
g.logger.Error().Err(err).Msg("could not convert received ocm shares to drive items")
return nil, err

9
services/idp/Makefile
View File

@@ -17,16 +17,15 @@ node-generate-prod: assets
.PHONY: assets
assets: pnpm-build \
assets/identifier/static \
assets/identifier/static/favicon.svg \
assets/identifier/static/favicon.ico \
assets/identifier/static/icon-lilac.svg
assets/identifier/static:
mkdir -p assets/identifier/static
.PHONY: assets/identifier/static/favicon.svg # force overwrite
assets/identifier/static/favicon.svg:
cp src/images/favicon.svg assets/identifier/static/favicon.svg
rm assets/identifier/static/favicon.ico
.PHONY: assets/identifier/static/favicon.ico # force overwrite
assets/identifier/static/favicon.ico:
cp src/images/favicon.ico assets/identifier/static/favicon.ico
.PHONY: assets/identifier/static/icon-lilac.svg
assets/identifier/static/icon-lilac.svg:

6
services/idp/package.json
View File

@@ -102,7 +102,7 @@
"redux-logger": "^3.0.6",
"redux-thunk": "^2.4.2",
"render-if": "^0.1.1",
"web-vitals": "^4.2.4"
"web-vitals": "^3.5.2"
},
"devDependencies": {
"@babel/core": "7.26.10",
@@ -125,7 +125,7 @@
"eslint-plugin-i18next": "^6.1.1",
"eslint-plugin-import": "^2.30.0",
"eslint-plugin-jest": "^24.7.0",
"eslint-plugin-jsx-a11y": "^6.10.2",
"eslint-plugin-jsx-a11y": "^6.9.0",
"eslint-plugin-react": "^7.37.2",
"eslint-plugin-react-hooks": "^4.6.2",
"eslint-plugin-testing-library": "^3.10.2",
@@ -148,7 +148,7 @@
"resolve-url-loader": "^5.0.0",
"sass-loader": "^16.0.4",
"source-map-explorer": "^2.5.3",
"typescript": "^5.8.3",
"typescript": "^5.7.3",
"url-loader": "4.1.1",
"webpack": "5.96.1",
"webpack-manifest-plugin": "5.0.0",

1207
services/idp/pnpm-lock.yaml generated
View File

File diff suppressed because it is too large Load Diff

2
services/idp/public/index.html
View File

@@ -4,7 +4,7 @@
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="theme-color" content="#1b223d">
<link rel="icon" href="%PUBLIC_URL%/static/favicon.svg" type="image/svg+xml">
<link rel="shortcut icon" href="%PUBLIC_URL%/static/favicon.ico" type="image/x-icon">
<meta property="csp-nonce" content="__CSP_NONCE__">
<title>Sign in - OpenCloud</title>
</head>

BIN
services/idp/src/images/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

3
services/idp/src/images/favicon.svg
View File

@@ -1,3 +0,0 @@
<svg xmlns="http://www.w3.org/2000/svg" version="1.1" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:svgjs="http://svgjs.dev/svgjs" width="512" height="512"><svg id="SvgjsSvg1001" xmlns="http://www.w3.org/2000/svg" width="512" height="512" viewBox="0 0 512 512"><rect x=".02" y="0" width="512" height="512" fill="#20434f"></rect><polygon points="255.98 342.75 271.89 333.57 271.89 267.12 329.08 234.1 329.08 215.78 313.18 206.6 255.6 239.84 198.83 207.06 182.93 216.24 182.93 234.56 240.12 267.58 240.12 333.59 255.98 342.75" fill="#e2baff"></polygon><polygon points="401.95 150.82 256 66.56 256 66.56 256 66.56 110.05 150.82 110.05 187.5 256 103.24 401.95 187.5 401.95 150.82" fill="#e2baff"></polygon><polygon points="401.95 324.5 256 408.76 110.06 324.5 110.06 361.17 256 445.43 256 445.43 256 445.43 401.95 361.17 401.95 324.5" fill="#e2baff"></polygon></svg><style>@media (prefers-color-scheme: light) { :root { filter: none; } }
@media (prefers-color-scheme: dark) { :root { filter: none; } }
</style></svg>
Side by Side

Before

Width:  |  Height:  |  Size: 1015 B

28
services/notifications/pkg/email/composer.go
View File

@@ -21,19 +21,19 @@ var (
func NewTextTemplate(mt MessageTemplate, locale, defaultLocale string, translationPath string, vars map[string]string) (MessageTemplate, error) {
var err error
t := l10n.NewTranslatorFromCommonConfig(defaultLocale, _domain, translationPath, _translationFS, "l10n/locale").Locale(locale)
mt.Subject, err = composeMessage(t.Get(mt.Subject, []interface{}{}...), vars)
mt.Subject, err = composeMessage(t.Get("%s", mt.Subject), vars)
if err != nil {
return mt, err
}
mt.Greeting, err = composeMessage(t.Get(mt.Greeting, []interface{}{}...), vars)
mt.Greeting, err = composeMessage(t.Get("%s", mt.Greeting), vars)
if err != nil {
return mt, err
}
mt.MessageBody, err = composeMessage(t.Get(mt.MessageBody, []interface{}{}...), vars)
mt.MessageBody, err = composeMessage(t.Get("%s", mt.MessageBody), vars)
if err != nil {
return mt, err
}
mt.CallToAction, err = composeMessage(t.Get(mt.CallToAction, []interface{}{}...), vars)
mt.CallToAction, err = composeMessage(t.Get("%s", mt.CallToAction), vars)
if err != nil {
return mt, err
}
@@ -44,19 +44,19 @@ func NewTextTemplate(mt MessageTemplate, locale, defaultLocale string, translati
func NewHTMLTemplate(mt MessageTemplate, locale, defaultLocale string, translationPath string, vars map[string]string) (MessageTemplate, error) {
var err error
t := l10n.NewTranslatorFromCommonConfig(defaultLocale, _domain, translationPath, _translationFS, "l10n/locale").Locale(locale)
mt.Subject, err = composeMessage(t.Get(mt.Subject, []interface{}{}...), vars)
mt.Subject, err = composeMessage(t.Get("%s", mt.Subject), vars)
if err != nil {
return mt, err
}
mt.Greeting, err = composeMessage(newlineToBr(t.Get(mt.Greeting, []interface{}{}...)), vars)
mt.Greeting, err = composeMessage(newlineToBr(t.Get("%s", mt.Greeting)), vars)
if err != nil {
return mt, err
}
mt.MessageBody, err = composeMessage(newlineToBr(t.Get(mt.MessageBody, []interface{}{}...)), vars)
mt.MessageBody, err = composeMessage(newlineToBr(t.Get("%s", mt.MessageBody)), vars)
if err != nil {
return mt, err
}
mt.CallToAction, err = composeMessage(callToActionToHTML(t.Get(mt.CallToAction, []interface{}{}...)), vars)
mt.CallToAction, err = composeMessage(callToActionToHTML(t.Get("%s", mt.CallToAction)), vars)
if err != nil {
return mt, err
}
@@ -71,18 +71,18 @@ func NewGroupedTextTemplate(gmt GroupedMessageTemplate, vars map[string]string,
var err error
t := l10n.NewTranslatorFromCommonConfig(defaultLocale, _domain, translationPath, _translationFS, "l10n/locale").Locale(locale)
gmt.Subject, err = composeMessage(t.Get(gmt.Subject, []interface{}{}...), vars)
gmt.Subject, err = composeMessage(t.Get("%s", gmt.Subject), vars)
if err != nil {
return gmt, err
}
gmt.Greeting, err = composeMessage(t.Get(gmt.Greeting, []interface{}{}...), vars)
gmt.Greeting, err = composeMessage(t.Get("%s", gmt.Greeting), vars)
if err != nil {
return gmt, err
}
bodyParts := make([]string, 0, len(mtsVars))
for i, mt := range mts {
bodyPart, err := composeMessage(t.Get(mt.MessageBody, []interface{}{}...), mtsVars[i])
bodyPart, err := composeMessage(t.Get("%s", mt.MessageBody), mtsVars[i])
if err != nil {
return gmt, err
}
@@ -100,18 +100,18 @@ func NewGroupedHTMLTemplate(gmt GroupedMessageTemplate, vars map[string]string,
var err error
t := l10n.NewTranslatorFromCommonConfig(defaultLocale, _domain, translationPath, _translationFS, "l10n/locale").Locale(locale)
gmt.Subject, err = composeMessage(t.Get(gmt.Subject, []interface{}{}...), vars)
gmt.Subject, err = composeMessage(t.Get("%s", gmt.Subject), vars)
if err != nil {
return gmt, err
}
gmt.Greeting, err = composeMessage(newlineToBr(t.Get(gmt.Greeting, []interface{}{}...)), vars)
gmt.Greeting, err = composeMessage(newlineToBr(t.Get("%s", gmt.Greeting)), vars)
if err != nil {
return gmt, err
}
bodyParts := make([]string, 0, len(mtsVars))
for i, mt := range mts {
bodyPart, err := composeMessage(t.Get(mt.MessageBody, []interface{}{}...), mtsVars[i])
bodyPart, err := composeMessage(t.Get("%s", mt.MessageBody), mtsVars[i])
if err != nil {
return gmt, err
}

1
services/ocdav/pkg/command/server.go
View File

@@ -77,7 +77,6 @@ func Server(cfg *config.Config) *cli.Command {
ocdav.Product(cfg.Status.Product),
ocdav.Version(cfg.Status.Version),
ocdav.VersionString(cfg.Status.VersionString),
ocdav.Edition(cfg.Status.Edition),
ocdav.MachineAuthAPIKey(cfg.MachineAuthAPIKey),
ocdav.Broker(broker.NoOp{}),
// ocdav.FavoriteManager() // FIXME needs a proper persistence implementation https://github.com/owncloud/ocis/issues/1228

1
services/ocdav/pkg/config/config.go
View File

@@ -81,5 +81,4 @@ type Status struct {
Product string
ProductName string
ProductVersion string
Edition string `yaml:"edition" env:"OC_EDITION;OCDAV_EDITION" desc:"Edition of OpenCloud. Used for branding purposes." introductionVersion:"1.0.0"`
}

1
services/ocdav/pkg/config/defaults/defaultconfig.go
View File

@@ -92,7 +92,6 @@ func DefaultConfig() *config.Config {
ProductVersion: version.GetString(),
Product: "OpenCloud",
ProductName: "OpenCloud",
Edition: "",
},
}
}

2
services/search/pkg/content/mocks/extractor.go
View File

@@ -1,4 +1,4 @@
// Code generated by mockery v2.53.2. DO NOT EDIT.
// Code generated by mockery v2.53.0. DO NOT EDIT.
package mocks

2
services/search/pkg/content/mocks/retriever.go
View File

@@ -1,4 +1,4 @@
// Code generated by mockery v2.53.2. DO NOT EDIT.
// Code generated by mockery v2.53.0. DO NOT EDIT.
package mocks

2
services/search/pkg/engine/mocks/engine.go
View File

@@ -1,4 +1,4 @@
// Code generated by mockery v2.53.2. DO NOT EDIT.
// Code generated by mockery v2.53.0. DO NOT EDIT.
package mocks

2
services/search/pkg/search/mocks/searcher.go
View File

@@ -1,4 +1,4 @@
// Code generated by mockery v2.53.2. DO NOT EDIT.
// Code generated by mockery v2.53.0. DO NOT EDIT.
package mocks

6
services/settings/pkg/service/v0/service.go
View File

@@ -697,7 +697,7 @@ func translateBundle(bundle *settingsmsg.Bundle, t *gotext.Locale) *settingsmsg.
// translate interval names ('Instant', 'Daily', 'Weekly', 'Never')
value := set.GetSingleChoiceValue()
for i, v := range value.GetOptions() {
value.Options[i].DisplayValue = t.Get(v.GetDisplayValue(), []interface{}{}...)
value.Options[i].DisplayValue = t.Get("%s", v.GetDisplayValue())
}
set.Value = &settingsmsg.Setting_SingleChoiceValue{SingleChoiceValue: value}
fallthrough
@@ -710,9 +710,9 @@ func translateBundle(bundle *settingsmsg.Bundle, t *gotext.Locale) *settingsmsg.
defaults.SettingUUIDProfileEventSpaceDisabled,
defaults.SettingUUIDProfileEventSpaceDeleted:
// translate event names ('Share Received', 'Share Removed', ...)
set.DisplayName = t.Get(set.GetDisplayName(), []interface{}{}...)
set.DisplayName = t.Get("%s", set.GetDisplayName())
// translate event descriptions ('Notify me when I receive a share', ...)
set.Description = t.Get(set.GetDescription(), []interface{}{}...)
set.Description = t.Get("%s", set.GetDescription())
bundle.Settings[i] = set
}
}

2
services/settings/pkg/settings/mocks/manager.go
View File

@@ -1,4 +1,4 @@
// Code generated by mockery v2.53.2. DO NOT EDIT.
// Code generated by mockery v2.53.0. DO NOT EDIT.
package mocks

2
services/storage-users/pkg/command/uploads.go
View File

@@ -108,7 +108,7 @@ func ListUploadSessions(cfg *config.Config) *cli.Command {
var fsStream events.Stream
if cfg.Driver == "posix" {
// We need to init the posix driver with 'scanfs' disabled
drivers["posix"] = revaconfig.Posix(cfg, false, false)
drivers["posix"] = revaconfig.Posix(cfg, false)
// Also posix refuses to start without an events stream
fsStream, err = event.NewStream(cfg)
if err != nil {

4
services/storage-users/pkg/revaconfig/drivers.go
View File

@@ -85,7 +85,7 @@ func Local(cfg *config.Config) map[string]interface{} {
}
// Posix is the config mapping for the Posix storage driver
func Posix(cfg *config.Config, enableFSScan, enableFSWatch bool) map[string]interface{} {
func Posix(cfg *config.Config, enableFSScan bool) map[string]interface{} {
return map[string]interface{}{
"root": cfg.Drivers.Posix.Root,
"personalspacepath_template": cfg.Drivers.Posix.PersonalSpacePathTemplate,
@@ -137,7 +137,7 @@ func Posix(cfg *config.Config, enableFSScan, enableFSWatch bool) map[string]inte
"use_space_groups": cfg.Drivers.Posix.UseSpaceGroups,
"enable_fs_revisions": cfg.Drivers.Posix.EnableFSRevisions,
"scan_fs": enableFSScan,
"watch_fs": enableFSWatch,
"watch_fs": cfg.Drivers.Posix.WatchFS,
"watch_type": cfg.Drivers.Posix.WatchType,
"watch_path": cfg.Drivers.Posix.WatchPath,
"watch_folder_kafka_brokers": cfg.Drivers.Posix.WatchFolderKafkaBrokers,

4
services/storage-users/pkg/revaconfig/user.go
View File

@@ -16,7 +16,7 @@ func StorageProviderDrivers(cfg *config.Config) map[string]interface{} {
"decomposed": DecomposedNoEvents(cfg),
"s3": S3(cfg),
"decomposeds3": DecomposedS3NoEvents(cfg),
"posix": Posix(cfg, true, cfg.Drivers.Posix.WatchFS),
"posix": Posix(cfg, true),
"ocis": Decomposed(cfg), // deprecated: use decomposed
"s3ng": DecomposedS3NoEvents(cfg), // deprecated: use decomposeds3
@@ -36,7 +36,7 @@ func DataProviderDrivers(cfg *config.Config) map[string]interface{} {
"decomposed": Decomposed(cfg),
"s3": S3(cfg),
"decomposeds3": DecomposedS3(cfg),
"posix": Posix(cfg, false, false),
"posix": Posix(cfg, false),
"ocis": Decomposed(cfg), // deprecated: use decomposed
"s3ng": DecomposedS3NoEvents(cfg), // deprecated: use decomposeds3

2
services/userlog/pkg/service/conversion.go
View File

@@ -376,7 +376,7 @@ func composeMessage(nt NotificationTemplate, locale, defaultLocale, path string,
func loadTemplates(nt NotificationTemplate, locale, defaultLocale, path string) (string, string) {
t := l10n.NewTranslatorFromCommonConfig(defaultLocale, _domain, path, _translationFS, "l10n/locale").Locale(locale)
return t.Get(nt.Subject, []interface{}{}...), t.Get(nt.Message, []interface{}{}...)
return t.Get("%s", nt.Subject), t.Get("%s", nt.Message)
}
func executeTemplate(raw string, vars map[string]interface{}) (string, error) {

2
services/web/Makefile
View File

@@ -1,6 +1,6 @@
SHELL := bash
NAME := web
WEB_ASSETS_VERSION = v2.2.0
WEB_ASSETS_VERSION = v2.0.0
WEB_ASSETS_BRANCH = main
ifneq (, $(shell command -v go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI

BIN
services/web/assets/themes/opencloud-dev/assets/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

3
services/web/assets/themes/opencloud-dev/assets/favicon.svg
View File

@@ -1,3 +0,0 @@
<svg xmlns="http://www.w3.org/2000/svg" version="1.1" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:svgjs="http://svgjs.dev/svgjs" width="512" height="512"><svg id="SvgjsSvg1001" xmlns="http://www.w3.org/2000/svg" width="512" height="512" viewBox="0 0 512 512"><rect x=".02" y="0" width="512" height="512" fill="#20434f"></rect><polygon points="255.98 342.75 271.89 333.57 271.89 267.12 329.08 234.1 329.08 215.78 313.18 206.6 255.6 239.84 198.83 207.06 182.93 216.24 182.93 234.56 240.12 267.58 240.12 333.59 255.98 342.75" fill="#e2baff"></polygon><polygon points="401.95 150.82 256 66.56 256 66.56 256 66.56 110.05 150.82 110.05 187.5 256 103.24 401.95 187.5 401.95 150.82" fill="#e2baff"></polygon><polygon points="401.95 324.5 256 408.76 110.06 324.5 110.06 361.17 256 445.43 256 445.43 256 445.43 401.95 361.17 401.95 324.5" fill="#e2baff"></polygon></svg><style>@media (prefers-color-scheme: light) { :root { filter: none; } }
@media (prefers-color-scheme: dark) { :root { filter: none; } }
</style></svg>
Side by Side

Before

Width:  |  Height:  |  Size: 1015 B

2
services/web/assets/themes/opencloud-dev/theme.json
View File

@@ -43,7 +43,7 @@
}
},
"logo": "themes/opencloud-dev/assets/logo.svg",
"favicon": "themes/opencloud-dev/assets/favicon.svg"
"favicon": "themes/opencloud-dev/assets/favicon.jpg"
},
"themes": [
{

BIN
services/web/assets/themes/opencloud/assets/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

3
services/web/assets/themes/opencloud/assets/favicon.svg
View File

@@ -1,3 +0,0 @@
<svg xmlns="http://www.w3.org/2000/svg" version="1.1" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:svgjs="http://svgjs.dev/svgjs" width="512" height="512"><svg id="SvgjsSvg1001" xmlns="http://www.w3.org/2000/svg" width="512" height="512" viewBox="0 0 512 512"><rect x=".02" y="0" width="512" height="512" fill="#20434f"></rect><polygon points="255.98 342.75 271.89 333.57 271.89 267.12 329.08 234.1 329.08 215.78 313.18 206.6 255.6 239.84 198.83 207.06 182.93 216.24 182.93 234.56 240.12 267.58 240.12 333.59 255.98 342.75" fill="#e2baff"></polygon><polygon points="401.95 150.82 256 66.56 256 66.56 256 66.56 110.05 150.82 110.05 187.5 256 103.24 401.95 187.5 401.95 150.82" fill="#e2baff"></polygon><polygon points="401.95 324.5 256 408.76 110.06 324.5 110.06 361.17 256 445.43 256 445.43 256 445.43 401.95 361.17 401.95 324.5" fill="#e2baff"></polygon></svg><style>@media (prefers-color-scheme: light) { :root { filter: none; } }
@media (prefers-color-scheme: dark) { :root { filter: none; } }
</style></svg>
Side by Side

Before

Width:  |  Height:  |  Size: 1015 B

58
services/web/assets/themes/opencloud/theme.json
View File

@@ -50,7 +50,7 @@
"web": {
"defaults": {
"logo": "themes/opencloud/assets/logo.svg",
"favicon": "themes/opencloud/assets/favicon.svg",
"favicon": "themes/opencloud/assets/favicon.ico",
"designTokens": {
"breakpoints": {
"xsmall-max": "",
@@ -94,9 +94,9 @@
"label": "Light Theme",
"designTokens": {
"roles": {
"primary": "#E2BAFF",
"primary": "#07677F",
"surfaceTint": "#07677F",
"onPrimary": "#19353F",
"onPrimary": "#FFFFFF",
"primaryContainer": "#B7EAFF",
"onPrimaryContainer": "#001F28",
"secondary": "#20434f",
@@ -147,6 +147,17 @@
"onChrome": "#ffffff"
},
"colorPalette": {
"background-accentuate": "rgba(255, 255, 5, 0.1)",
"background-default": "#ffffff",
"background-highlight": "#f1f3f4",
"background-hover": "#f4e5ff",
"background-muted": "#f8f8f8",
"background-secondary": "#ffffff",
"background-chrome": "#20434F",
"background-sidebar": "#F1F3F4",
"border": "#ecebee",
"color-components-apptopbar-background": "transparent",
"color-components-apptopbar-border": "#ceddee",
"icon-archive": "#fbbe54",
"icon-audio": "#700460",
"icon-document": "#3b44a6",
@@ -156,7 +167,46 @@
"icon-pdf": "#ec0d47",
"icon-presentation": "#ee6b3b",
"icon-spreadsheet": "#15c286",
"icon-video": "#045459"
"icon-video": "#045459",
"input-bg": "#ffffff",
"input-border": "#396676",
"input-text-default": "#19353f",
"input-text-muted": "#20434f",
"swatch-brand-contrast": "#19353f",
"swatch-brand-default": "#E2BAFF",
"swatch-brand-hover": "#f4e5ff",
"swatch-brand-muted": "#CA8DF5",
"swatch-primary-contrast": "#ffffff",
"swatch-primary-default": "#20434f",
"swatch-primary-gradient": "#20434f",
"swatch-primary-gradient-hover": "#20434f",
"swatch-primary-hover": "#20434f",
"swatch-primary-muted": "#20434f",
"swatch-primary-muted-hover": "#20434f",
"swatch-passive-contrast": "#ffffff",
"swatch-passive-default": "#19353f",
"swatch-passive-hover": "#19353f",
"swatch-passive-hover-outline": "#ffffff",
"swatch-passive-muted": "#19353f",
"swatch-inverse-contrast": "#19353f",
"swatch-inverse-default": "#ffffff",
"swatch-inverse-hover": "#ffffff",
"swatch-inverse-muted": "#dadada",
"swatch-danger-contrast": "#ffffff",
"swatch-danger-default": "#ba1a1a",
"swatch-danger-hover": "#b12b2b",
"swatch-danger-muted": "rgb(204, 117, 117)",
"swatch-success-contrast": "#ffffff",
"swatch-success-default": "rgb(3, 84, 63)",
"swatch-success-hover": "#023b2c",
"swatch-success-muted": "rgb(83, 150, 10)",
"swatch-warning-contrast": "#ffffff",
"swatch-warning-default": "rgb(183, 76, 27)",
"swatch-warning-hover": "#a04318",
"swatch-warning-muted": "rgba(183, 76, 27, .5)",
"text-default": "#19353f",
"text-inverse": "#ffffff",
"text-muted": "#19353f"
}
}
}

6
tests/README.md
View File

@@ -466,7 +466,7 @@ ANTIVIRUS_SCANNER_TYPE="clamav" \
ANTIVIRUS_CLAMAV_SOCKET="tcp://host.docker.internal:3310" \
POSTPROCESSING_STEPS="virusscan" \
OC_ASYNC_UPLOADS=true \
OC_ADD_RUN_SERVICES="antivirus" \
OC_ADD_RUN_SERVICES="antivirus"
opencloud/bin/opencloud server
```
@@ -474,7 +474,7 @@ Note:
The value for `ANTIVIRUS_CLAMAV_SOCKET` is an example which needs adaption according your OS.
For antivirus running localy on Linux OS, use `ANTIVIRUS_CLAMAV_SOCKET= "/var/run/clamav/clamd.ctl"`.
For antivirus running localy on Mac OS, use `ANTIVIRUS_CLAMAV_SOCKET= "/tmp/clamd.sock"`.
For antivirus running localy on Mac OS, use `ANTIVIRUS_CLAMAV_SOCKET= "/tmp/clamd.socket"`.
For antivirus running with docker, use `ANTIVIRUS_CLAMAV_SOCKET= "tcp://host.docker.internal:3310"`
#### Run the Acceptance Test
@@ -576,7 +576,7 @@ make -C opencloud dev-docker
```
### Choose STORAGE_DRIVER
By default, the system uses `posix` storage. However, you can override this by setting the `STORAGE_DRIVER` environment variable.
By default, the system uses `decomposed` storage. However, you can override this by setting the `STORAGE_DRIVER` environment variable.
### Run a script that starts the openCloud server in the docker and runs the API tests locally (for debugging purposes)

6
tests/acceptance/bootstrap/CapabilitiesContext.php
View File

@@ -214,11 +214,6 @@ class CapabilitiesContext implements Context {
$this->featureContext->theHTTPStatusCodeShouldBe(200, '', $response);
$responseXmlObject = HttpRequestHelper::getResponseXml($response, __METHOD__)->data->capabilities;
$edition = $this->getParameterValueFromXml(
$responseXmlObject,
'core',
'status@@@edition'
);
$product = $this->getParameterValueFromXml(
$responseXmlObject,
@@ -243,7 +238,6 @@ class CapabilitiesContext implements Context {
);
}
$jsonExpectedDecoded['edition'] = $edition;
$jsonExpectedDecoded['product'] = $product;
$jsonExpectedDecoded['productname'] = $productName;

19
tests/acceptance/bootstrap/FeatureContext.php
View File

@@ -2042,17 +2042,6 @@ class FeatureContext extends BehatVariablesContext {
);
}
/**
* @return string
*/
public function getEditionFromStatus(): string {
$decodedResponse = $this->getJsonDecodedStatusPhp();
if (isset($decodedResponse['edition'])) {
return $decodedResponse['edition'];
}
return '';
}
/**
* @return string|null
*/
@@ -2282,14 +2271,6 @@ class FeatureContext extends BehatVariablesContext {
],
"parameter" => []
],
[
"code" => "%edition%",
"function" => [
$this,
"getEditionFromStatus"
],
"parameter" => []
],
[
"code" => "%version%",
"function" => [

19
tests/acceptance/expected-failures-localAPI-on-decomposed-storage.md
View File

@@ -193,6 +193,25 @@
- [apiServiceAvailability/serviceAvailabilityCheck.feature:125](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiServiceAvailability/serviceAvailabilityCheck.feature#L125)
#### [Skip tests for different languages](https://github.com/opencloud-eu/opencloud/issues/183)
- [apiAntivirus/antivirus.feature:309](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiAntivirus/antivirus.feature#L309)
- [apiAntivirus/antivirus.feature:310](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiAntivirus/antivirus.feature#L310)
- [apiAntivirus/antivirus.feature:311](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiAntivirus/antivirus.feature#L311)
- [apiAntivirus/antivirus.feature:312](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiAntivirus/antivirus.feature#L312)
- [apiAntivirus/antivirus.feature:313](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiAntivirus/antivirus.feature#L313)
- [apiAntivirus/antivirus.feature:314](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiAntivirus/antivirus.feature#L314)
- [apiNotification/deprovisioningNotification.feature:126](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/deprovisioningNotification.feature#L126)
- [apiNotification/deprovisioningNotification.feature:127](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/deprovisioningNotification.feature#L127)
- [apiNotification/notification.feature:282](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/notification.feature#L282)
- [apiNotification/notification.feature:283](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/notification.feature#L283)
- [apiNotification/notification.feature:284](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/notification.feature#L284)
- [apiNotification/notification.feature:285](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/notification.feature#L285)
- [apiNotification/notification.feature:288](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/notification.feature#L288)
- [apiNotification/spaceNotification.feature:434](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/spaceNotification.feature#L434)
- [apiNotification/spaceNotification.feature:435](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/spaceNotification.feature#L435)
- [apiNotification/emailNotification.feature:84](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/emailNotification.feature#L84)
- [apiNotification/emailNotification.feature:117](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/emailNotification.feature#L117)
- [apiNotification/emailNotification.feature:150](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/emailNotification.feature#L150)
- [apiNotification/emailNotification.feature:205](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiNotification/emailNotification.feature#L205)
- [apiActivities/activities.feature:2598](https://github.com/opencloud-eu/opencloud/blob/main/tests/acceptance/features/apiActivities/activities.feature#L2598)

2
tests/acceptance/features/apiAntivirus/antivirus.feature
View File

@@ -308,7 +308,7 @@ Feature: antivirus
| dav-path-version | language | subject | message |
| old | es | Virus encontrado | Virus encontrado en aFileWithVirus.txt. La subida no ha sido posible. Virus: Eicar-Signature |
| new | es | Virus encontrado | Virus encontrado en aFileWithVirus.txt. La subida no ha sido posible. Virus: Eicar-Signature |
| spaces | es | Virus encontrado | Virus encontrado en aFileWithVirus.txt. La subida no ha sido posible. Virus: Eicar-Signature |
| spaces | es | Virus encontrado | Virus encontrado en aFileWithVirus.txt. La subida no ha sido posible. Eicar-Signature |
| old | de | Virus gefunden | In aFileWithVirus.txt wurde potenziell schädlicher Code gefunden. Das Hochladen wurde abgebrochen. Grund: Eicar-Signature |
| new | de | Virus gefunden | In aFileWithVirus.txt wurde potenziell schädlicher Code gefunden. Das Hochladen wurde abgebrochen. Grund: Eicar-Signature |
| spaces | de | Virus gefunden | In aFileWithVirus.txt wurde potenziell schädlicher Code gefunden. Das Hochladen wurde abgebrochen. Grund: Eicar-Signature |

6
tests/acceptance/features/apiAuthApp/token.feature
View File

@@ -58,7 +58,7 @@ Feature: create auth-app token
],
"properties": {
"token": {
"pattern": "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"
"pattern": "^\\$argon2id\\$v=19\\$m=65536,t=1,p=16\\$.+$"
},
"label": {
"const": "Generated via API"
@@ -75,7 +75,7 @@ Feature: create auth-app token
],
"properties": {
"token": {
"pattern": "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"
"pattern": "^\\$argon2id\\$v=19\\$m=65536,t=1,p=16\\$.+$"
},
"label": {
"const": "Generated via CLI"
@@ -92,7 +92,7 @@ Feature: create auth-app token
],
"properties": {
"token": {
"pattern": "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"
"pattern": "^\\$argon2id\\$v=19\\$m=65536,t=1,p=16\\$.+$"
},
"label": {
"const": "Generated via API (Impersonation)"

10
tests/acceptance/features/coreApiCapabilities/capabilities.feature
View File

@@ -193,17 +193,12 @@ Feature: capabilities
"status": {
"type": "object",
"required": [
"edition",
"product",
"productname",
"version",
"versionstring"
],
"properties": {
"edition": {
"type": "string",
"enum": ["%edition%"]
},
"product": {
"type": "string",
"enum": ["%productname%"]
@@ -230,7 +225,6 @@ Feature: capabilities
"type": "object",
"required": [
"string",
"edition",
"product"
],
"properties": {
@@ -238,10 +232,6 @@ Feature: capabilities
"type": "string",
"enum": ["%versionstring%"]
},
"edition": {
"type": "string",
"enum": ["%edition%"]
},
"product": {
"type": "string",
"enum": ["%productname%"]

4
tests/acceptance/features/coreApiCapabilities/capabilitiesWithNormalUser.feature
View File

@@ -47,7 +47,6 @@ Feature: default capabilities for normal user
"required": [
"version",
"versionstring",
"edition",
"productname"
],
"properties": {
@@ -57,9 +56,6 @@ Feature: default capabilities for normal user
"versionstring": {
"const": "%versionstring%"
},
"edition": {
"const": "%edition%"
},
"productname": {
"const": "%productname%"
}

2
tests/acceptance/features/coreApiMain/status.feature
View File

@@ -8,5 +8,5 @@ Feature: Status
When the administrator requests status.php
Then the status.php response should include
"""
{"installed":true,"maintenance":false,"needsDbUpgrade":false,"version":"$CURRENT_VERSION","versionstring":"$CURRENT_VERSION_STRING","edition":"$EDITION","productname":"$PRODUCTNAME","product":"$PRODUCT"}
{"installed":true,"maintenance":false,"needsDbUpgrade":false,"version":"$CURRENT_VERSION","versionstring":"$CURRENT_VERSION_STRING","productname":"$PRODUCTNAME","product":"$PRODUCT"}
"""

2
tests/acceptance/run_api_tests.sh
View File

@@ -4,7 +4,7 @@
export LOCAL_TEST=true
export START_EMAIL=true
export WITH_WRAPPER=true
export STORAGE_DRIVER=${STORAGE_DRIVER:-posix}
export STORAGE_DRIVER=${STORAGE_DRIVER:-decomposed}
export TEST_ROOT_PATH="/drone/src/tests"
# LOCAL TEST WITHOUT EXTRA ENVS

4
tests/config/woodpecker/check_go_bin_cache.sh
View File

@@ -7,13 +7,15 @@
ROOT_PATH="$1"
if [ -z "$1" ]; then
ROOT_PATH="/woodpecker/src/github.com/opencloud-eu/opencloud"
ROOT_PATH="/drone/src"
fi
BINGO_DIR="$ROOT_PATH/.bingo"
# generate hash of a .bingo folder
BINGO_HASH=$(cat "$BINGO_DIR"/* | sha256sum | cut -d ' ' -f 1)
URL="$CACHE_ENDPOINT/$CACHE_BUCKET/opencloud/go-bin/$BINGO_HASH/$2"
mc alias set s3 "$MC_HOST" "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY"
if mc ls --json s3/"$CACHE_BUCKET"/opencloud/go-bin/"$BINGO_HASH"/$2 | grep "\"status\":\"success\""; then

102
vendor/github.com/go-playground/validator/v10/.golangci.yaml generated vendored
View File

@@ -1,102 +0,0 @@
version: "2"
linters:
default: all
disable:
- asasalint
- asciicheck
- bidichk
- bodyclose
- canonicalheader
- containedctx
- contextcheck
- copyloopvar
- cyclop
- decorder
- depguard
- dogsled
- dupl
- dupword
- durationcheck
- err113
- errcheck
- errchkjson
- errname
- errorlint
- exhaustive
- exhaustruct
- exptostd
- fatcontext
- forbidigo
- forcetypeassert
- funlen
- ginkgolinter
- gocheckcompilerdirectives
- gochecknoglobals
- gochecknoinits
- gochecksumtype
- gocognit
- goconst
- gocritic
- gocyclo
- godot
- godox
- goheader
- gomoddirectives
- gomodguard
- goprintffuncname
- gosec
- gosmopolitan
- govet
- grouper
- iface
- importas
- inamedparam
- ineffassign
- interfacebloat
- intrange
- ireturn
- lll
- loggercheck
- maintidx
- makezero
- mirror
- misspell
- mnd
- musttag
- nakedret
- nestif
- nilerr
- nilnesserr
- nilnil
- nlreturn
- noctx
- nolintlint
- nonamedreturns
- nosprintfhostport
- paralleltest
- perfsprint
- prealloc
- predeclared
- promlinter
- protogetter
- reassign
- recvcheck
- revive
- rowserrcheck
- sloglint
- spancheck
- sqlclosecheck
- staticcheck
- tagalign
- tagliatelle
- testableexamples
- testifylint
- testpackage
- thelper
- tparallel
- unparam
- varnamelen
- whitespace
- wrapcheck
- wsl
- zerologlint

2
vendor/github.com/go-playground/validator/v10/Makefile generated vendored
View File

@@ -3,7 +3,7 @@ GOCMD=go
linters-install:
@golangci-lint --version >/dev/null 2>&1 || { \
echo "installing linting tools..."; \
curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh| sh -s v2.0.2; \
curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh| sh -s v1.41.1; \
}
lint: linters-install

4
vendor/github.com/go-playground/validator/v10/README.md generated vendored
View File

@@ -1,6 +1,7 @@
Package validator
=================
<img align="right" src="logo.png">![Project status](https://img.shields.io/badge/version-10.25.0-green.svg)
<img align="right" src="logo.png">[![Join the chat at https://gitter.im/go-playground/validator](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/go-playground/validator?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
![Project status](https://img.shields.io/badge/version-10.25.0-green.svg)
[![Build Status](https://github.com/go-playground/validator/actions/workflows/workflow.yml/badge.svg)](https://github.com/go-playground/validator/actions)
[![Coverage Status](https://coveralls.io/repos/go-playground/validator/badge.svg?branch=master&service=github)](https://coveralls.io/github/go-playground/validator?branch=master)
[![Go Report Card](https://goreportcard.com/badge/github.com/go-playground/validator)](https://goreportcard.com/report/github.com/go-playground/validator)
@@ -172,7 +173,6 @@ validate := validator.New(validator.WithRequiredStructEnabled())
| spicedb | SpiceDb ObjectID/Permission/Type |
| datetime | Datetime |
| e164 | e164 formatted phone number |
| ein | U.S. Employeer Identification Number |
| email | E-mail String
| eth_addr | Ethereum Address |
| hexadecimal | Hexadecimal String |

35
vendor/github.com/go-playground/validator/v10/baked_in.go generated vendored
View File

@@ -9,7 +9,6 @@ import (
"fmt"
"io/fs"
"net"
"net/mail"
"net/url"
"os"
"reflect"
@@ -243,7 +242,6 @@ var (
"mongodb_connection_string": isMongoDBConnectionString,
"cron": isCron,
"spicedb": isSpiceDB,
"ein": isEIN,
}
)
@@ -260,7 +258,7 @@ func parseOneOfParam2(s string) []string {
oneofValsCacheRWLock.Lock()
vals = splitParamsRegex().FindAllString(s, -1)
for i := 0; i < len(vals); i++ {
vals[i] = strings.ReplaceAll(vals[i], "'", "")
vals[i] = strings.Replace(vals[i], "'", "", -1)
}
oneofValsCache[s] = vals
oneofValsCacheRWLock.Unlock()
@@ -1378,6 +1376,7 @@ func isEqIgnoreCase(fl FieldLevel) bool {
param := fl.Param()
switch field.Kind() {
case reflect.String:
return strings.EqualFold(field.String(), param)
}
@@ -1607,6 +1606,7 @@ func isImage(fl FieldLevel) bool {
case reflect.String:
filePath := field.String()
fileInfo, err := os.Stat(filePath)
if err != nil {
return false
}
@@ -1619,9 +1619,7 @@ func isImage(fl FieldLevel) bool {
if err != nil {
return false
}
defer func() {
_ = file.Close()
}()
defer file.Close()
mime, err := mimetype.DetectReader(file)
if err != nil {
@@ -1637,6 +1635,7 @@ func isImage(fl FieldLevel) bool {
// isFilePath is the validation function for validating if the current field's value is a valid file path.
func isFilePath(fl FieldLevel) bool {
var exists bool
var err error
@@ -1696,10 +1695,6 @@ func isE164(fl FieldLevel) bool {
// isEmail is the validation function for validating if the current field's value is a valid email address.
func isEmail(fl FieldLevel) bool {
_, err := mail.ParseAddress(fl.Field().String())
if err != nil {
return false
}
return emailRegex().MatchString(fl.Field().String())
}
@@ -2232,6 +2227,7 @@ func isGt(fl FieldLevel) bool {
case reflect.Struct:
if field.Type().ConvertibleTo(timeType) {
return field.Convert(timeType).Interface().(time.Time).After(time.Now().UTC())
}
}
@@ -2468,6 +2464,7 @@ func isLt(fl FieldLevel) bool {
case reflect.Struct:
if field.Type().ConvertibleTo(timeType) {
return field.Convert(timeType).Interface().(time.Time).Before(time.Now().UTC())
}
}
@@ -2647,6 +2644,7 @@ func isDir(fl FieldLevel) bool {
// isDirPath is the validation function for validating if the current field's value is a valid directory.
func isDirPath(fl FieldLevel) bool {
var exists bool
var err error
@@ -2959,12 +2957,6 @@ func isCveFormat(fl FieldLevel) bool {
// a valid dns RFC 1035 label, defined in RFC 1035.
func isDnsRFC1035LabelFormat(fl FieldLevel) bool {
val := fl.Field().String()
size := len(val)
if size > 63 {
return false
}
return dnsRegexRFC1035Label().MatchString(val)
}
@@ -3068,14 +3060,3 @@ func isCron(fl FieldLevel) bool {
cronString := fl.Field().String()
return cronRegex().MatchString(cronString)
}
// isEIN is the validation function for validating if the current field's value is a valid U.S. Employer Identification Number (EIN)
func isEIN(fl FieldLevel) bool {
field := fl.Field()
if field.Len() != 10 {
return false
}
return einRegex().MatchString(field.String())
}

2
vendor/github.com/go-playground/validator/v10/cache.go generated vendored
View File

@@ -309,7 +309,7 @@ func (v *Validate) parseFieldTagsRecursive(tag string, fieldName string, alias s
}
if len(vals) > 1 {
current.param = strings.ReplaceAll(strings.ReplaceAll(vals[1], utf8HexComma, ","), utf8Pipe, "|")
current.param = strings.Replace(strings.Replace(vals[1], utf8HexComma, ",", -1), utf8Pipe, "|", -1)
}
}
current.isBlockEnd = true

8
vendor/github.com/go-playground/validator/v10/doc.go generated vendored
View File

@@ -959,7 +959,7 @@ Although an empty string is a valid base64 URL safe value, this will report
an empty string as an error, if you wish to accept an empty string as valid
you can use this with the omitempty tag.
Usage: base64rawurl
Usage: base64url
# Bitcoin Address
@@ -1134,12 +1134,6 @@ This validates that a string value contains a valid longitude.
Usage: longitude
# Employeer Identification Number EIN
This validates that a string value contains a valid U.S. Employer Identification Number.
Usage: ein
# Social Security Number SSN
This validates that a string value contains a valid U.S. Social Security Number.

4
vendor/github.com/go-playground/validator/v10/regexes.go generated vendored
View File

@@ -69,7 +69,7 @@ const (
splitParamsRegexString = `'[^']*'|\S+`
bicRegexString = `^[A-Za-z]{6}[A-Za-z0-9]{2}([A-Za-z0-9]{3})?$`
semverRegexString = `^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$` // numbered capture groups https://semver.org/
dnsRegexStringRFC1035Label = "^[a-z]([-a-z0-9]*[a-z0-9])?$"
dnsRegexStringRFC1035Label = "^[a-z]([-a-z0-9]*[a-z0-9]){0,62}$"
cveRegexString = `^CVE-(1999|2\d{3})-(0[^0]\d{2}|0\d[^0]\d{1}|0\d{2}[^0]|[1-9]{1}\d{3,})$` // CVE Format Id https://cve.mitre.org/cve/identifiers/syntaxchange.html
mongodbIdRegexString = "^[a-f\\d]{24}$"
mongodbConnStringRegexString = "^mongodb(\\+srv)?:\\/\\/(([a-zA-Z\\d]+):([a-zA-Z\\d$:\\/?#\\[\\]@]+)@)?(([a-z\\d.-]+)(:[\\d]+)?)((,(([a-z\\d.-]+)(:(\\d+))?))*)?(\\/[a-zA-Z-_]{1,64})?(\\?(([a-zA-Z]+)=([a-zA-Z\\d]+))(&(([a-zA-Z\\d]+)=([a-zA-Z\\d]+))?)*)?$"
@@ -77,7 +77,6 @@ const (
spicedbIDRegexString = `^(([a-zA-Z0-9/_|\-=+]{1,})|\*)$`
spicedbPermissionRegexString = "^([a-z][a-z0-9_]{1,62}[a-z0-9])?$"
spicedbTypeRegexString = "^([a-z][a-z0-9_]{1,61}[a-z0-9]/)?[a-z][a-z0-9_]{1,62}[a-z0-9]$"
einRegexString = "^(\\d{2}-\\d{7})$"
)
func lazyRegexCompile(str string) func() *regexp.Regexp {
@@ -161,5 +160,4 @@ var (
spicedbIDRegex = lazyRegexCompile(spicedbIDRegexString)
spicedbPermissionRegex = lazyRegexCompile(spicedbPermissionRegexString)
spicedbTypeRegex = lazyRegexCompile(spicedbTypeRegexString)
einRegex = lazyRegexCompile(einRegexString)
)

6
vendor/github.com/go-playground/validator/v10/struct_level.go generated vendored
View File

@@ -46,9 +46,9 @@ type StructLevel interface {
//
// NOTES:
//
// fieldName and structFieldName get appended to the existing
// namespace that validator is on. e.g. pass 'FirstName' or
// 'Names[0]' depending on the nesting
// fieldName and altName get appended to the existing namespace that
// validator is on. e.g. pass 'FirstName' or 'Names[0]' depending
// on the nesting
//
// tag can be an existing validation tag or just something you make up
// and process on the flip side it's up to you.

70
vendor/github.com/go-playground/validator/v10/translations/en/en.go generated vendored
View File

@@ -217,18 +217,17 @@ func RegisterDefaultTranslations(v *validator.Validate, trans ut.Translator) (er
customTransFunc: func(ut ut.Translator, fe validator.FieldError) string {
var err error
var t string
var f64 float64
var digits uint64
var kind reflect.Kind
fn := func() (err error) {
if idx := strings.Index(fe.Param(), "."); idx != -1 {
digits = uint64(len(fe.Param()[idx+1:]))
}
if idx := strings.Index(fe.Param(), "."); idx != -1 {
digits = uint64(len(fe.Param()[idx+1:]))
}
f64, err = strconv.ParseFloat(fe.Param(), 64)
return
f64, err := strconv.ParseFloat(fe.Param(), 64)
if err != nil {
goto END
}
kind = fe.Kind()
@@ -241,11 +240,6 @@ func RegisterDefaultTranslations(v *validator.Validate, trans ut.Translator) (er
var c string
err = fn()
if err != nil {
goto END
}
c, err = ut.C("min-string-character", f64, digits, ut.FmtNumber(f64, digits))
if err != nil {
goto END
@@ -256,11 +250,6 @@ func RegisterDefaultTranslations(v *validator.Validate, trans ut.Translator) (er
case reflect.Slice, reflect.Map, reflect.Array:
var c string
err = fn()
if err != nil {
goto END
}
c, err = ut.C("min-items-item", f64, digits, ut.FmtNumber(f64, digits))
if err != nil {
goto END
@@ -269,16 +258,6 @@ func RegisterDefaultTranslations(v *validator.Validate, trans ut.Translator) (er
t, err = ut.T("min-items", fe.Field(), c)
default:
if fe.Type() == reflect.TypeOf(time.Duration(0)) {
t, err = ut.T("min-number", fe.Field(), fe.Param())
goto END
}
err = fn()
if err != nil {
goto END
}
t, err = ut.T("min-number", fe.Field(), ut.FmtNumber(f64, digits))
}
@@ -326,18 +305,17 @@ func RegisterDefaultTranslations(v *validator.Validate, trans ut.Translator) (er
customTransFunc: func(ut ut.Translator, fe validator.FieldError) string {
var err error
var t string
var f64 float64
var digits uint64
var kind reflect.Kind
fn := func() (err error) {
if idx := strings.Index(fe.Param(), "."); idx != -1 {
digits = uint64(len(fe.Param()[idx+1:]))
}
if idx := strings.Index(fe.Param(), "."); idx != -1 {
digits = uint64(len(fe.Param()[idx+1:]))
}
f64, err = strconv.ParseFloat(fe.Param(), 64)
return
f64, err := strconv.ParseFloat(fe.Param(), 64)
if err != nil {
goto END
}
kind = fe.Kind()
@@ -350,11 +328,6 @@ func RegisterDefaultTranslations(v *validator.Validate, trans ut.Translator) (er
var c string
err = fn()
if err != nil {
goto END
}
c, err = ut.C("max-string-character", f64, digits, ut.FmtNumber(f64, digits))
if err != nil {
goto END
@@ -365,11 +338,6 @@ func RegisterDefaultTranslations(v *validator.Validate, trans ut.Translator) (er
case reflect.Slice, reflect.Map, reflect.Array:
var c string
err = fn()
if err != nil {
goto END
}
c, err = ut.C("max-items-item", f64, digits, ut.FmtNumber(f64, digits))
if err != nil {
goto END
@@ -378,16 +346,6 @@ func RegisterDefaultTranslations(v *validator.Validate, trans ut.Translator) (er
t, err = ut.T("max-items", fe.Field(), c)
default:
if fe.Type() == reflect.TypeOf(time.Duration(0)) {
t, err = ut.T("max-number", fe.Field(), fe.Param())
goto END
}
err = fn()
if err != nil {
goto END
}
t, err = ut.T("max-number", fe.Field(), ut.FmtNumber(f64, digits))
}

23
vendor/github.com/klauspost/cpuid/v2/.goreleaser.yml generated vendored
View File

@@ -1,4 +1,5 @@
version: 2
# This is an example goreleaser.yaml file with some sane defaults.
# Make sure to check the documentation at http://goreleaser.com
builds:
-
@@ -26,7 +27,16 @@ builds:
archives:
-
id: cpuid
name_template: "cpuid-{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
name_template: "cpuid-{{ .Os }}_{{ .Arch }}_{{ .Version }}"
replacements:
aix: AIX
darwin: OSX
linux: Linux
windows: Windows
386: i386
amd64: x86_64
freebsd: FreeBSD
netbsd: NetBSD
format_overrides:
- goos: windows
format: zip
@@ -34,6 +44,8 @@ archives:
- LICENSE
checksum:
name_template: 'checksums.txt'
snapshot:
name_template: "{{ .Tag }}-next"
changelog:
sort: asc
filters:
@@ -46,7 +58,7 @@ changelog:
nfpms:
-
file_name_template: "cpuid_package_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
file_name_template: "cpuid_package_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
vendor: Klaus Post
homepage: https://github.com/klauspost/cpuid
maintainer: Klaus Post <klauspost@gmail.com>
@@ -55,3 +67,8 @@ nfpms:
formats:
- deb
- rpm
replacements:
darwin: Darwin
linux: Linux
freebsd: FreeBSD
amd64: x86_64

Some files were not shown because too many files have changed in this diff Show More