Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

merge stable - 1.5.10.1584 into dev #624

Merged
merged 3 commits into from
Aug 16, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 29 additions & 12 deletions .github/workflows/stable-releases-1_pull-request.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,20 +3,37 @@ name: Stable Release Step 1 - Create PR
on:
workflow_dispatch:
schedule:
- cron: "0 10 15 * *"
- cron: "0 15 16 * *"

jobs:
create-release-pull-request:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/stable'
runs-on: ubuntu-22.04

steps:
- uses: actions/checkout@v4
with:
ref: dev-branch
- name: create pull request
run: |
echo 'Get version to be released and create PR with that in the name'
system_file="$(git rev-parse --show-toplevel)/packages/web/lib/fog/system.class.php"
tag=$(grep "define('FOG_VERSION'" $system_file | sed "s/.*FOG_VERSION', '\([^']*\)');/\1/")
gh pr create -B stable -H dev-branch --title "Stable Release PR For ${tag} - $(date '+%Y-%m-%d')" --body "Pull Request for creating the latest stable release from staged security fixes, bug fixes, and minor enhancements in dev-branch. Created as needed or monthly on 15th of every month, released once tests are passing"
env:
- uses: actions/checkout@v4
with:
ref: dev-branch

- name: Create pull request
run: |
echo 'Get version to be released and create PR with that in the name'
system_file="$(git rev-parse --show-toplevel)/packages/web/lib/fog/system.class.php"
tag=$(grep "define('FOG_VERSION'" $system_file | sed "s/.*FOG_VERSION', '\([^']*\)');/\1/")
gh pr create -B stable -H dev-branch --title "Stable Release PR For ${tag} - $(date '+%Y-%m-%d')" --body "Pull Request for creating the latest stable release from staged security fixes, bug fixes, and minor enhancements in dev-branch. Created as needed or monthly on 15th of every month, released once tests are passing"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

call-test-validation-workflow:
needs: create-release-pull-request
runs-on: ubuntu-22.04

steps:
- uses: actions/checkout@v4
with:
ref: dev-branch

- name: Call test validity workflow
run: gh workflow run stable-releases-2_test-validity.yml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
121 changes: 98 additions & 23 deletions .github/workflows/stable-releases-2_test-validity.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,36 +2,111 @@ name: Stable Release Step 2 - Validate PR

on:
workflow_dispatch:
# pull_request:
# types:
# - open
# branches:
# - dev-branch
# - stable
workflow_call:

jobs:
Merge-After-All-Tests-Passed:
runs-on: ubuntu-latest
run-install-tests:
runs-on: ubuntu-22.04

steps:
- name: Call main workflow that calls all the distros
run: gh workflow run --repo FOGProject/fogproject-install-validation run_all_distros.yml
env:
GITHUB_TOKEN: ${{ secrets.INSTALL_VALIDATION_REPO_TOKEN }}

check-all-tests-completed-successfully:
needs: run-install-tests
runs-on: ubuntu-22.04

env:
GITHUB_TOKEN: ${{ secrets.INSTALL_VALIDATION_REPO_TOKEN }}

steps:
- name: Wait a minute for the runs to start
run: sleep 60

- name: Get run IDs
run: |
run_id=$(gh run list --repo FOGProject/fogproject-install-validation --workflow run_all_distros.yml --json databaseId --limit 1 | jq -r '.[0].databaseId')
echo "RUN_ID=$run_id" >> $GITHUB_ENV

- name: Check if distro workflow passed or failed
run: |
run_status=""
while [[ $run_status != "success" && $run_status != "failure" ]]; do
sleep 15
run_status=$(gh run view --repo FOGProject/fogproject-install-validation ${{ env.RUN_ID }} --exit-status --json conclusion | jq -r '.conclusion')
done

if [[ $run_status == "failure" ]]; then
exit 1
fi

merge-after-all-tests-passed:
needs: check-all-tests-completed-successfully

runs-on: ubuntu-22.04
if: github.ref == 'refs/heads/stable'

steps:
- name: Check out code
uses: actions/checkout@v4

- name: Merge The PR
run: |
echo 'Get the tag'
git fetch origin dev-branch
git checkout dev-branch
system_file="$(git rev-parse --show-toplevel)/packages/web/lib/fog/system.class.php"
tag=$(grep "define('FOG_VERSION'" $system_file | sed "s/.*FOG_VERSION', '\([^']*\)');/\1/")
git checkout stable
echo "merge the pull request bringing dev-branch into stable";
gh pr merge dev-branch --squash --subject "Stable Release - ${tag}";
echo 'Get the tag'
git fetch origin dev-branch
git checkout dev-branch
system_file="$(git rev-parse --show-toplevel)/packages/web/lib/fog/system.class.php"
tag=$(grep "define('FOG_VERSION'" $system_file | sed "s/.*FOG_VERSION', '\([^']*\)');/\1/")
git checkout stable
echo "merge the pull request bringing dev-branch into stable";
gh pr merge dev-branch --squash --subject "Stable Release - ${tag}";
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

close-pr-if-tests-fail:
needs: check-all-tests-completed-successfully

runs-on: ubuntu-22.04
if: failure()

env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Get PR number
run: |
pr_number=$(gh pr list --repo ${{ github.repository }} --json title,number | jq -r '.[] | select(.title | test("Stable Release PR for*"; "i")) | .number')
echo "PR_NUMBER=$pr_number" >> $GITHUB_ENV

# on a monthly pr created from other workflow
# test validity of install
# down the road-test various functions (deploy, capture, API)
# Fix version if needed
# merge pull request with generic commit
# maybe update version if not handled in hook
- name: Close PR
run: |
closure_message="Closing PR due to failure in tests"
gh pr close --comment "$closure_message" ${{ env.PR_NUMBER }}

- name: Announce error on Discord
uses: sarisia/actions-status-discord@v1
with:
webhook: ${{ secrets.DISCORD_WEBHOOK }}
content: "Hey @everyone, validation tests failed. PR closed"
title: Validation tests
status: ${{ needs.check-all-tests-completed-successfully.result }}
color: 0xff0000

call-tag-and-release-workflow:
needs: merge-after-all-tests-passed
runs-on: ubuntu-22.04

steps:
- uses: actions/checkout@v4
with:
ref: stable

- name: Run tag and release workflow
run: gh workflow run stable-releases-3_tag-and-release.yml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
39 changes: 26 additions & 13 deletions .github/workflows/stable-releases-3_tag-and-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,17 @@ name: Stable Release Step 3 - Tag and Release

on:
workflow_dispatch:
# pull_request:
# types:
# - closed
workflow_call:

jobs:
Tag-and-release:
runs-on: ubuntu-latest
tag-and-release:
runs-on: ubuntu-22.04
if: github.ref == 'refs/heads/stable'

steps:
- name: Check-out code to release
uses: actions/checkout@v4

- name: Tag and release
run: |
echo 'Find the version to use for the tag, create the release, and sync the dev and stable branches'
Expand All @@ -26,12 +26,25 @@ jobs:
gh pr create -B dev-branch -H stable --title "merge stable - ${tag} into dev" --body "Pull Request for syncing stable release commit back to dev after a release"
gh pr merge stable --merge --subject "merge stable - ${tag} into dev";
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

discord-success:
needs: tag-and-release
runs-on: ubuntu-22.04

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Get tag as env
run: |
tag=$(grep "define('FOG_VERSION'" $system_file | sed "s/.*FOG_VERSION', '\([^']*\)');/\1/")
echo "TAG=$tag" >> $GITHUB_ENV

# on merge of monthly release pr
# get/calculate current version
# create tag of current version
# create release of new tag
# generate release notes
# send announcements?
- name: Announce success on Discord
uses: sarisia/actions-status-discord@v1
with:
webhook: ${{ secrets.DISCORD_WEBHOOK }}
title: "New release"
description: Click [here](https://github.com/fogproject/fogproject/releases/latest) to check the newest release.
color: 0x00ff00
23 changes: 23 additions & 0 deletions lib/common/functions.sh
Original file line number Diff line number Diff line change
Expand Up @@ -1355,6 +1355,29 @@ configureFOGService() {
startInitScript
}
configureNFS() {
dots "Setting up NFS configuration file"
if [[ -f "/etc/nfs.conf" ]]; then
# Fix all set port=20048 back to default values
sed -i '/^port=20048/ {s/^port=20048/# port=0/}' /etc/nfs.conf >>$error_log 2>&1
fi
# set port in nfs.conf.d directory
if [[ -f "/etc/nfs.conf" && ! -d "/etc/nfs.conf.d/" ]]; then
mkdir /etc/nfs.conf.d
elif [[ -f "/usr/etc/nfs.conf" && ! -d "/usr/etc/nfs.conf.d/" ]]; then
mkdir /usr/etc/nfs.conf.d
fi
if [[ -f "/etc/nfs.conf" && ! -f "/etc/nfs.conf.d/fog-nfs.conf" ]]; then
cat > /etc/nfs.conf.d/fog-nfs.conf <<EOF
[mountd]
port=20048
EOF
elif [[ -f "/usr/etc/nfs.conf" && ! -f "/usr/etc/nfs.conf.d/fog-nfs.conf" ]]; then
cat > /usr/etc/nfs.conf.d/fog-nfs.conf <<EOF
[mountd]
port=20048
EOF
fi
errorStat $?
dots "Setting up exports file"
if [[ $blexports != 1 ]]; then
echo "Skipped"
Expand Down
21 changes: 19 additions & 2 deletions packages/web/lib/fog/fogbase.class.php
Original file line number Diff line number Diff line change
Expand Up @@ -969,9 +969,8 @@ protected static function arrayFind(
protected function isLoaded($key)
{
$key = $this->key($key);
$result = isset($this->isLoaded[$key]) ? $this->isLoaded[$key] : 0;
$result = isset($this->isLoaded[$key]) ? true : false;
$this->isLoaded[$key] = true;
++$this->isLoaded[$key];

return $result ? $result : false;
}
Expand Down Expand Up @@ -2578,4 +2577,22 @@ public static function is_array_of_assoc_arrays($arr) {
}
return true;
}
/**
* Is Authorized to perform action simplified
*
* @param $return_bool Defaults to false, but can return bool
*
* @return void|bool
*/
public static function is_authorized($return_bool = false)
{ $authorized = self::$FOGUser->isValid() ||
strtolower(($_SERVER['HTTP_X_REQUESTED_WITH'] ?? '')) == 'xmlhttprequest';
if ($return_bool) {
return $authorized;
}
if (!$authorized) {
echo _('Unauthorized');
exit;
}
}
}
2 changes: 1 addition & 1 deletion packages/web/lib/fog/system.class.php
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ private static function _versionCompare()
public function __construct()
{
self::_versionCompare();
define('FOG_VERSION', '1.5.10.1566');
define('FOG_VERSION', '1.5.10.1584');
define('FOG_SCHEMA', 271);
define('FOG_BCACHE_VER', 141);
define('FOG_CLIENT_VERSION', '0.13.0');
Expand Down
8 changes: 1 addition & 7 deletions packages/web/lib/pages/fogconfigurationpage.class.php
Original file line number Diff line number Diff line change
Expand Up @@ -3061,16 +3061,10 @@ public function settingsPost()
'jpeg',
'png',
];
$extensionCheck = strtolower(pathinfo($src, PATHINFO_EXTENSION));
if (!in_array($extensionCheck, $validExtensions)) {
throw new Exception(
_('Upload file extension must be, jpg, jpeg, or png')
);
}
$extensionCheck = strtolower(pathinfo($set, PATHINFO_EXTENSION));
if (!in_array($extensionCheck, $validExtensions)) {
throw new Exception(
_('Created file extension must be, jpg, jpeg, or png')
_('Upload file extension must be, jpg, jpeg, or png')
);
}
if ($width != 650) {
Expand Down
8 changes: 1 addition & 7 deletions packages/web/management/export.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,13 +20,7 @@
* @link https://fogproject.org
*/
require '../commons/base.inc.php';
$unauthorized = !(isset($currentUser) && $currentUser->isValid()) || empty($_SERVER['HTTP_X_REQUESTED_WITH'])
|| strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest';

if ($unauthorized) {
echo _('Unauthorized');
exit;
}
FOGCore::is_authorized();

$report = unserialize($_SESSION['foglastreport']);
if (!($report instanceof ReportMaker)) {
Expand Down
8 changes: 1 addition & 7 deletions packages/web/service/getversion.php
Original file line number Diff line number Diff line change
Expand Up @@ -44,13 +44,7 @@
} elseif (isset($_REQUEST['url'])) {

// Prevent an unauthenticated user from making arbitrary requests.
$unauthorized = !$currentUser->isValid() || empty($_SERVER['HTTP_X_REQUESTED_WITH'])
|| strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest';

if ($unauthorized) {
echo _('Unauthorized');
exit;
}
FOGCore::is_authorized();

$url = $_REQUEST['url'];
$res = $FOGURLRequests
Expand Down
8 changes: 1 addition & 7 deletions packages/web/status/getfiles.php
Original file line number Diff line number Diff line change
Expand Up @@ -24,13 +24,7 @@
require '../commons/base.inc.php';

// Prevent file enumeration by an unauthenticated user
$unauthorized = !(isset($currentUser) && $currentUser->isValid()) || empty($_SERVER['HTTP_X_REQUESTED_WITH'])
|| strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest';

if ($unauthorized) {
echo _('Unauthorized');
exit;
}
FOGCore::is_authorized();

if (!is_string($_GET['path'])) {
echo json_encode(
Expand Down
8 changes: 1 addition & 7 deletions packages/web/status/kernelvers.php
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,7 @@
if (isset($_POST['url'])) {

// Prevent an unauthenticated user from making arbitrary requests.
$unauthorized = !$currentUser->isValid() || empty($_SERVER['HTTP_X_REQUESTED_WITH'])
|| strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest';

if ($unauthorized) {
echo _('Unauthorized');
exit;
}
FOGCore::is_authorized();

$res = $FOGURLRequests
->process(filter_input(INPUT_POST, 'url'));
Expand Down