Stable Release PR For 1.5.10.1584 - 2024-08-16

.github/workflows/stable-releases-1_pull-request.yml

@@ -3,20 +3,37 @@ name: Stable Release Step 1 - Create PR
 on:
   workflow_dispatch:
   schedule:
-  - cron: "0 10 15 * *"
+  - cron: "0 15 16 * *"
+
 jobs:
   create-release-pull-request:
-    runs-on: ubuntu-latest
     if: github.ref == 'refs/heads/stable'
+    runs-on: ubuntu-22.04
+
     steps:
-    - uses: actions/checkout@v4
-      with:
-        ref: dev-branch
-    - name: create pull request
-      run: | 
-        echo 'Get version to be released and create PR with that in the name'
-        system_file="$(git rev-parse --show-toplevel)/packages/web/lib/fog/system.class.php"
-        tag=$(grep "define('FOG_VERSION'" $system_file | sed "s/.*FOG_VERSION', '\([^']*\)');/\1/")
-        gh pr create -B stable -H dev-branch --title "Stable Release PR For ${tag} - $(date '+%Y-%m-%d')" --body "Pull Request for creating the latest stable release from staged security fixes, bug fixes, and minor enhancements in dev-branch. Created as needed or monthly on 15th of every month, released once tests are passing"
-      env:
+      - uses: actions/checkout@v4
+        with:
+          ref: dev-branch
+
+      - name: Create pull request
+        run: | 
+          echo 'Get version to be released and create PR with that in the name'
+          system_file="$(git rev-parse --show-toplevel)/packages/web/lib/fog/system.class.php"
+          tag=$(grep "define('FOG_VERSION'" $system_file | sed "s/.*FOG_VERSION', '\([^']*\)');/\1/")
+          gh pr create -B stable -H dev-branch --title "Stable Release PR For ${tag} - $(date '+%Y-%m-%d')" --body "Pull Request for creating the latest stable release from staged security fixes, bug fixes, and minor enhancements in dev-branch. Created as needed or monthly on 15th of every month, released once tests are passing"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  call-test-validation-workflow:
+    needs: create-release-pull-request
+    runs-on: ubuntu-22.04
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: dev-branch
+
+      - name: Call test validity workflow
+        run: gh workflow run stable-releases-2_test-validity.yml
+        env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/stable-releases-2_test-validity.yml

@@ -2,36 +2,111 @@ name: Stable Release Step 2 - Validate PR
 
 on:
     workflow_dispatch:
-    # pull_request:
-    #     types:
-    #       - open
-    #     branches:
-    #       - dev-branch
-    #       - stable
+    workflow_call:
 
 jobs:
-  Merge-After-All-Tests-Passed:
-    runs-on: ubuntu-latest
+  run-install-tests:
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: Call main workflow that calls all the distros
+        run: gh workflow run --repo FOGProject/fogproject-install-validation run_all_distros.yml
+        env:
+          GITHUB_TOKEN: ${{ secrets.INSTALL_VALIDATION_REPO_TOKEN }}
+
+  check-all-tests-completed-successfully:
+    needs: run-install-tests
+    runs-on: ubuntu-22.04
+
+    env:
+      GITHUB_TOKEN: ${{ secrets.INSTALL_VALIDATION_REPO_TOKEN }}
+
+    steps:
+      - name: Wait a minute for the runs to start
+        run: sleep 60
+
+      - name: Get run IDs
+        run: |
+          run_id=$(gh run list --repo FOGProject/fogproject-install-validation --workflow run_all_distros.yml --json databaseId --limit 1 | jq -r '.[0].databaseId')
+          echo "RUN_ID=$run_id" >> $GITHUB_ENV
+
+      - name: Check if distro workflow passed or failed
+        run: |
+          run_status=""
+          while [[ $run_status != "success" && $run_status != "failure" ]]; do
+            sleep 15
+            run_status=$(gh run view --repo FOGProject/fogproject-install-validation ${{ env.RUN_ID }} --exit-status --json conclusion | jq -r '.conclusion')
+          done
+
+          if [[ $run_status == "failure" ]]; then
+            exit 1
+          fi
+
+  merge-after-all-tests-passed:
+    needs: check-all-tests-completed-successfully
+
+    runs-on: ubuntu-22.04
     if: github.ref == 'refs/heads/stable'
+
     steps:
     - name: Check out code
       uses: actions/checkout@v4
+
     - name: Merge The PR
       run: |
-          echo 'Get the tag'
-          git fetch origin dev-branch
-          git checkout dev-branch
-          system_file="$(git rev-parse --show-toplevel)/packages/web/lib/fog/system.class.php"
-          tag=$(grep "define('FOG_VERSION'" $system_file | sed "s/.*FOG_VERSION', '\([^']*\)');/\1/")
-          git checkout stable
-          echo "merge the pull request bringing dev-branch into stable";
-          gh pr merge dev-branch --squash --subject "Stable Release - ${tag}";
+        echo 'Get the tag'
+        git fetch origin dev-branch
+        git checkout dev-branch
+        system_file="$(git rev-parse --show-toplevel)/packages/web/lib/fog/system.class.php"
+        tag=$(grep "define('FOG_VERSION'" $system_file | sed "s/.*FOG_VERSION', '\([^']*\)');/\1/")
+        git checkout stable
+        echo "merge the pull request bringing dev-branch into stable";
+        gh pr merge dev-branch --squash --subject "Stable Release - ${tag}";
       env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  close-pr-if-tests-fail:
+    needs: check-all-tests-completed-successfully
+
+    runs-on: ubuntu-22.04
+    if: failure()
+
+    env:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Get PR number
+        run: |
+          pr_number=$(gh pr list --repo ${{ github.repository }} --json title,number | jq -r '.[] | select(.title | test("Stable Release PR for*"; "i")) | .number')
+          echo "PR_NUMBER=$pr_number" >> $GITHUB_ENV
 
-# on a monthly pr created from other workflow
-# test validity of install
-# down the road-test various functions (deploy, capture, API)
-# Fix version if needed
-# merge pull request with generic commit
-# maybe update version if not handled in hook
+      - name: Close PR
+        run: |
+          closure_message="Closing PR due to failure in tests"
+          gh pr close --comment "$closure_message" ${{ env.PR_NUMBER }}
+
+      - name: Announce error on Discord
+        uses: sarisia/actions-status-discord@v1
+        with:
+          webhook: ${{ secrets.DISCORD_WEBHOOK }}
+          content: "Hey @everyone, validation tests failed. PR closed"
+          title: Validation tests
+          status: ${{ needs.check-all-tests-completed-successfully.result }}
+          color: 0xff0000
+
+  call-tag-and-release-workflow:
+    needs: merge-after-all-tests-passed
+    runs-on: ubuntu-22.04
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: stable
+
+      - name: Run tag and release workflow
+        run: gh workflow run stable-releases-3_tag-and-release.yml
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/stable-releases-3_tag-and-release.yml

@@ -2,17 +2,17 @@ name: Stable Release Step 3 - Tag and Release
 
 on:
     workflow_dispatch:
-    # pull_request:
-    #     types:
-    #       - closed
+    workflow_call:
 
 jobs:
-  Tag-and-release:
-    runs-on: ubuntu-latest
+  tag-and-release:
+    runs-on: ubuntu-22.04
     if: github.ref == 'refs/heads/stable' 
+
     steps:
     - name: Check-out code to release
       uses: actions/checkout@v4
+
     - name: Tag and release
       run: |
         echo 'Find the version to use for the tag, create the release, and sync the dev and stable branches'
@@ -26,12 +26,25 @@ jobs:
         gh pr create -B dev-branch -H stable --title "merge stable - ${tag} into dev" --body "Pull Request for syncing stable release commit back to dev after a release"
         gh pr merge stable --merge --subject "merge stable - ${tag} into dev";
       env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  discord-success:
+    needs: tag-and-release
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Get tag as env
+        run: |
+          tag=$(grep "define('FOG_VERSION'" $system_file | sed "s/.*FOG_VERSION', '\([^']*\)');/\1/")
+          echo "TAG=$tag" >> $GITHUB_ENV
 
-# on merge of monthly release pr
-# get/calculate current version
-# create tag of current version
-# create release of new tag
-# generate release notes
-# send announcements?
+      - name: Announce success on Discord
+        uses: sarisia/actions-status-discord@v1
+        with:
+          webhook: ${{ secrets.DISCORD_WEBHOOK }}
+          title: "New release"
+          description: Click [here](https://github.com/fogproject/fogproject/releases/latest) to check the newest release.
+          color: 0x00ff00

lib/common/functions.sh

@@ -1355,6 +1355,29 @@ configureFOGService() {
     startInitScript
 }
 configureNFS() {
+    dots "Setting up NFS configuration file"
+    if [[ -f "/etc/nfs.conf" ]]; then
+        # Fix all set port=20048 back to default values
+        sed -i '/^port=20048/ {s/^port=20048/# port=0/}' /etc/nfs.conf >>$error_log 2>&1
+    fi
+    # set port in nfs.conf.d directory
+    if [[ -f "/etc/nfs.conf" && ! -d "/etc/nfs.conf.d/" ]]; then
+        mkdir /etc/nfs.conf.d
+    elif [[ -f "/usr/etc/nfs.conf" && ! -d "/usr/etc/nfs.conf.d/" ]]; then
+        mkdir /usr/etc/nfs.conf.d
+    fi
+    if [[ -f "/etc/nfs.conf" && ! -f "/etc/nfs.conf.d/fog-nfs.conf" ]]; then
+        cat > /etc/nfs.conf.d/fog-nfs.conf <<EOF
+[mountd]
+port=20048
+EOF
+    elif [[ -f "/usr/etc/nfs.conf" && ! -f "/usr/etc/nfs.conf.d/fog-nfs.conf" ]]; then
+        cat > /usr/etc/nfs.conf.d/fog-nfs.conf <<EOF
+[mountd]
+port=20048
+EOF
+    fi
+    errorStat $?
     dots "Setting up exports file"
     if [[ $blexports != 1 ]]; then
         echo "Skipped"

packages/web/lib/fog/fogbase.class.php

@@ -969,9 +969,8 @@ protected static function arrayFind(
     protected function isLoaded($key)
     {
         $key = $this->key($key);
-        $result = isset($this->isLoaded[$key]) ? $this->isLoaded[$key] : 0;
+        $result = isset($this->isLoaded[$key]) ? true : false;
         $this->isLoaded[$key] = true;
-        ++$this->isLoaded[$key];
 
         return $result ? $result : false;
     }
@@ -2578,4 +2577,22 @@ public static function is_array_of_assoc_arrays($arr) {
         }
         return true;
     }
+    /**
+     * Is Authorized to perform action simplified
+     *
+     * @param $return_bool Defaults to false, but can return bool
+     *
+     * @return void|bool
+     */
+    public static function is_authorized($return_bool = false)
+    {   $authorized = self::$FOGUser->isValid() || 
+            strtolower(($_SERVER['HTTP_X_REQUESTED_WITH'] ?? '')) == 'xmlhttprequest';
+        if ($return_bool) {
+            return $authorized;
+        }
+        if (!$authorized) {
+            echo _('Unauthorized');
+            exit;
+        }
+    }
 }

packages/web/lib/fog/system.class.php

@@ -53,7 +53,7 @@ private static function _versionCompare()
     public function __construct()
     {
         self::_versionCompare();
-        define('FOG_VERSION', '1.5.10.1566');
+        define('FOG_VERSION', '1.5.10.1584');
         define('FOG_SCHEMA', 271);
         define('FOG_BCACHE_VER', 141);
         define('FOG_CLIENT_VERSION', '0.13.0');

packages/web/lib/pages/fogconfigurationpage.class.php

@@ -3061,16 +3061,10 @@ public function settingsPost()
                         'jpeg',
                         'png',
                     ];
-                    $extensionCheck = strtolower(pathinfo($src, PATHINFO_EXTENSION));
-                    if (!in_array($extensionCheck, $validExtensions)) {
-                        throw new Exception(
-                            _('Upload file extension must be, jpg, jpeg, or png')
-                        );
-                    }
                     $extensionCheck = strtolower(pathinfo($set, PATHINFO_EXTENSION));
                     if (!in_array($extensionCheck, $validExtensions)) {
                         throw new Exception(
-                            _('Created file extension must be, jpg, jpeg, or png')
+                            _('Upload file extension must be, jpg, jpeg, or png')
                         );
                     }
                     if ($width != 650) {

packages/web/management/export.php

@@ -20,13 +20,7 @@
  * @link     https://fogproject.org
  */
 require '../commons/base.inc.php';
-$unauthorized = !(isset($currentUser) && $currentUser->isValid()) || empty($_SERVER['HTTP_X_REQUESTED_WITH'])
-    || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest';
-
-if ($unauthorized) {
-    echo _('Unauthorized');
-    exit;
-}
+FOGCore::is_authorized();
 
 $report = unserialize($_SESSION['foglastreport']);
 if (!($report instanceof ReportMaker)) {

packages/web/service/getversion.php

@@ -44,13 +44,7 @@
 } elseif (isset($_REQUEST['url'])) {
 
     // Prevent an unauthenticated user from making arbitrary requests.
-    $unauthorized = !$currentUser->isValid() || empty($_SERVER['HTTP_X_REQUESTED_WITH'])
-        || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest';
-
-    if ($unauthorized) {
-        echo _('Unauthorized');
-        exit;
-    }
+    FOGCore::is_authorized();
 
     $url = $_REQUEST['url'];
     $res = $FOGURLRequests

packages/web/status/getfiles.php

@@ -24,13 +24,7 @@
 require '../commons/base.inc.php';
 
 // Prevent file enumeration by an unauthenticated user
-$unauthorized = !(isset($currentUser) && $currentUser->isValid()) || empty($_SERVER['HTTP_X_REQUESTED_WITH'])
-    || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest';
-
-if ($unauthorized) {
-    echo _('Unauthorized');
-    exit;
-}
+FOGCore::is_authorized();
 
 if (!is_string($_GET['path'])) {
     echo json_encode(

packages/web/status/kernelvers.php

@@ -28,13 +28,7 @@
 if (isset($_POST['url'])) {
 
     // Prevent an unauthenticated user from making arbitrary requests.
-    $unauthorized = !$currentUser->isValid() || empty($_SERVER['HTTP_X_REQUESTED_WITH'])
-        || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest';
-
-    if ($unauthorized) {
-        echo _('Unauthorized');
-        exit;
-    }
+    FOGCore::is_authorized();
 
     $res = $FOGURLRequests
         ->process(filter_input(INPUT_POST, 'url'));