Fix Oracle Instant Client installation

Fix multi-arch libaio symlink
Fix bug 73689 – Replace hardcoded PDB and add libaio symlink (#23 )
2026-04-07 14:01:38 +08:00 · 2025-05-19 09:52:22 +03:00 · 2025-05-15 18:43:59 +03:00 · 2025-05-15 09:23:04 +00:00 · 2025-05-13 16:23:12 +03:00 · 2025-04-24 14:17:08 +03:00
12 changed files with 117 additions and 181 deletions
--- a/.github/workflows/4testing-build.yml
+++ b/.github/workflows/4testing-build.yml
@ -47,25 +47,31 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - id: matrix
+        env:
+          BRANCH_NAME: ${{ github.ref_name }}
+          AMD64: ${{ github.event.inputs.amd64 }}
+          ARM64: ${{ github.event.inputs.arm64 }}
+          COMMUNITY: ${{ github.event.inputs.community }}
+          ENTERPRISE: ${{ github.event.inputs.enterprise }}
+          DEVELOPER: ${{ github.event.inputs.developer }}
        run: |
          set -ex

-          BRANCH_NAME=${GITHUB_REF#refs/heads/}
-          if ! [[ $BRANCH_NAME == develop || $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then
+          if ! [[ "$BRANCH_NAME" == develop || "$BRANCH_NAME" =~ hotfix || "$BRANCH_NAME" =~ release ]]; then
            echo "Wrong branch."
            exit 1
          fi

-          [ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64")
-          [ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64")
+          [ "${AMD64}" = true ] && PLATFORMS+=("amd64")
+          [ "${ARM64}" = true ] && PLATFORMS+=("arm64")
          if [ -z ${PLATFORMS} ]; then
            echo "None of the platforms are selected."
            exit 1
          fi

-          [ ${{ github.event.inputs.community }} = true ] && EDITIONS+=("community")
-          [ ${{ github.event.inputs.enterprise }} = true ] && EDITIONS+=("enterprise")
-          [ ${{ github.event.inputs.developer }} = true ] && EDITIONS+=("developer")
+          [ "${COMMUNITY}" = true ] && EDITIONS+=("community")
+          [ "${ENTERPRISE}" = true ] && EDITIONS+=("enterprise")
+          [ "${DEVELOPER}" = true ] && EDITIONS+=("developer")
          if [ -z ${EDITIONS} ]; then
            echo "None of the editions are selected."
            exit 1
@ -102,12 +108,20 @@ jobs:

      - name: Build 4testing
        id: build-ds
+        env:
+          BRANCH_NAME: ${{ github.ref_name }}
+          AMD64: ${{ github.event.inputs.amd64 }}
+          ARM64: ${{ github.event.inputs.arm64 }}
+          BUILD_NUMBER: ${{ github.event.inputs.build }}
+          EDITION: ${{ matrix.edition }}
+          IMAGE: ${{ matrix.image }}
+          PACKAGE_BASEURL: ${{ secrets.REPO_BASEURL }}
        run: |
          set -eux

          ### ==>> At this step build variable declaration ###

-          case ${{ matrix.edition }} in
+          case "${EDITION}" in
            community)
              PRODUCT_EDITION=""
              ;;
@ -119,23 +133,20 @@ jobs:
              ;;
          esac

-          [ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64")
-          [ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64")
+          [ "${AMD64}" = true ] && PLATFORMS+=("amd64")
+          [ "${ARM64}" = true ] && PLATFORMS+=("arm64")
          PLATFORM=$(echo ${PLATFORMS[*]/#/linux/} | tr ' ' ',')

-          BRANCH_NAME=${GITHUB_REF#refs/heads/}
-          if [ $BRANCH_NAME = develop ]; then
+          if [ "$BRANCH_NAME" = develop ]; then
            BUILD_CHANNEL=nightly
            PRODUCT_VERSION=99.99.99
-          elif [[ $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then
+          elif [[ "$BRANCH_NAME" =~ hotfix || "$BRANCH_NAME" =~ release ]]; then
            BUILD_CHANNEL=test
            PRODUCT_VERSION=${BRANCH_NAME#*/v}
          fi
-          BUILD_NUMBER=${{ github.event.inputs.build }}

          export PRODUCT_EDITION
          export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER}
-          export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}
          export BUILD_CHANNEL
          export PLATFORM
          export DOCKERFILE=Dockerfile
@ -144,7 +155,7 @@ jobs:

          ### ==>> Build and push images at this step ###

-          docker buildx bake -f docker-bake.hcl ${{ matrix.image }} --push
+          docker buildx bake -f docker-bake.hcl "${IMAGE}" --push
          echo "DONE: Build success"

          ### Set output for Zap scanner
@ -165,10 +176,11 @@ jobs:
          VERSION: ${{ steps.build-ds.outputs.version }}
          BRANCH: ${{ steps.build-ds.outputs.branch }}
          GITHUB_TOKEN: ${{ secrets.TOKEN }}
+          REPO: ${{ github.repository }}
        run: |
            gh workflow run zap-ds.yaml \
-                 --repo ${{ github.repository }} \
-                 -f branch=${BRANCH} \
-                 -f version=${VERSION}
+                 --repo "${REPO}" \
+                 -f branch="${BRANCH}" \
+                 -f version="${VERSION}"
        shell: bash

--- a/.github/workflows/stable-build.yml
+++ b/.github/workflows/stable-build.yml
@ -14,10 +14,18 @@ on:
        type: string
        required: true
        default: '1'
+      latest:
+        description: 'Push latest tag?'
+        type: boolean
+        required: true
+        default: true

 env:
  COMPANY_NAME: "onlyoffice"
-  PRODUCT_NAME: "documentserver" 
+  PRODUCT_NAME: "documentserver"
+  VERSION: ${{ github.event.inputs.tag }}
+  RELEASE_NUMBER: ${{ github.event.inputs.release_number }}
+  LATEST: ${{ github.event.inputs.latest }}

 jobs:
  build:
@ -45,18 +53,18 @@ jobs:
          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}

      - name: Build documentserver-release
+        env:
+          TARGET: ${{ matrix.images }}
+          PRODUCT_EDITION: ${{ matrix.edition }}
        run: |
          set -eux
-          VERSION=${{ github.event.inputs.tag }}
-          RELEASE_NUMBER=${{ github.event.inputs.release_number }}
-          PRODUCT_EDITION=${{ matrix.edition }}
          TESTING_IMAGE=${COMPANY_NAME}/4testing-${PRODUCT_NAME}${PRODUCT_EDITION}
            export PRODUCT_EDITION
            export PULL_TAG=${VERSION}
            export TAG=${VERSION%.*}.${RELEASE_NUMBER}
            export SHORTER_TAG=${VERSION%.*}
            export SHORTEST_TAG=${VERSION%.*.*}
-            docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
+            docker buildx bake -f docker-bake.hcl "${TARGET}" --push
            echo "DONE: Build success >> exit with 0"
            exit 0
        shell: bash
@ -88,14 +96,14 @@ jobs:
          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}

      - name: build image
+        env:
+          TARGET: ${{ matrix.images }}
+          PRODUCT_EDITION: ${{ matrix.edition }}
        run: |
          set -eux
-          VERSION=${{ github.event.inputs.tag }}
-          RELEASE_NUMBER=${{ github.event.inputs.release_number }}
          export PULL_TAG=${VERSION%.*}.${RELEASE_NUMBER}
-          export PRODUCT_EDITION=${{ matrix.edition }}
          export TAG=${VERSION%.*}.${RELEASE_NUMBER}
-          docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
+          docker buildx bake -f docker-bake.hcl "${TARGET}" --push
        shell: bash

  build-ucs-ubuntu20:
@ -122,15 +130,15 @@ jobs:
          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}

      - name: build UCS
+        env:
+          PACKAGE_BASEURL: ${{ secrets.REPO_BASEURL }}
+          PRODUCT_EDITION: ${{ matrix.edition }}
        run: |
           set -eux
-           VERSION=${{ github.event.inputs.tag }}
-           RELEASE_NUMBER=${{ github.event.inputs.release_number }}
-           export PRODUCT_EDITION=${{ matrix.edition }}
-           export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}
           export DOCKERFILE=Dockerfile
           export BASE_VERSION=20.04
           export PG_VERSION=12
+           export PACKAGE_SUFFIX=
           export TAG=${VERSION%.*}.${RELEASE_NUMBER}
           export PACKAGE_VERSION=$( echo ${VERSION} |  sed -E 's/(.*)\./\1-/')
           docker buildx bake -f docker-bake.hcl documentserver-ucs --push
--- a/.github/workflows/zap-ds.yaml
+++ b/.github/workflows/zap-ds.yaml
@ -61,7 +61,7 @@ jobs:
      # -j mean that scanning use AJAX Spider, with this spider the scan takes approximately an hour
      # Without any cmd options will be used default spider and the scan takes approximately ~10-15 minutes
      - name: ZAP Scan
-        uses: zaproxy/action-full-scan@v0.8.0
+        uses: zaproxy/action-full-scan@v0.12.0
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
--- a/49
+++ b/49
@ -1,20 +1,21 @@
-ARG BASE_VERSION=22.04
+ARG BASE_VERSION=24.04

 ARG BASE_IMAGE=ubuntu:$BASE_VERSION

-FROM ${BASE_IMAGE} as documentserver
+FROM ${BASE_IMAGE} AS documentserver
 LABEL maintainer Ascensio System SIA <support@onlyoffice.com>

 ARG BASE_VERSION
-ARG PG_VERSION=14
+ARG PG_VERSION=16
+ARG PACKAGE_SUFFIX=t64

-ENV OC_RELEASE_NUM=21
-ENV OC_RU_VER=12
+ENV OC_RELEASE_NUM=23
+ENV OC_RU_VER=7
 ENV OC_RU_REVISION_VER=0
-ENV OC_RESERVED_NUM=0
-ENV OC_RU_DATE=0
-ENV OC_PATH=${OC_RELEASE_NUM}${OC_RU_VER}000
-ENV OC_FILE_SUFFIX=${OC_RELEASE_NUM}.${OC_RU_VER}.${OC_RU_REVISION_VER}.${OC_RESERVED_NUM}.${OC_RU_DATE}${OC_FILE_SUFFIX}dbru
+ENV OC_RESERVED_NUM=25
+ENV OC_RU_DATE=01
+ENV OC_PATH=${OC_RELEASE_NUM}${OC_RU_VER}0000
+ENV OC_FILE_SUFFIX=${OC_RELEASE_NUM}.${OC_RU_VER}.${OC_RU_REVISION_VER}.${OC_RESERVED_NUM}.${OC_RU_DATE}
 ENV OC_VER_DIR=${OC_RELEASE_NUM}_${OC_RU_VER}
 ENV OC_DOWNLOAD_URL=https://download.oracle.com/otn_software/linux/instantclient/${OC_PATH}

@ -25,8 +26,10 @@ ARG ONLYOFFICE_VALUE=onlyoffice
 RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
    apt-get -y update && \
    apt-get -yq install wget apt-transport-https gnupg locales lsb-release && \
-    wget -q -O /etc/apt/sources.list.d/mssql-release.list https://packages.microsoft.com/config/ubuntu/$BASE_VERSION/prod.list && \
-    wget -q -O - https://packages.microsoft.com/keys/microsoft.asc | apt-key add - && \
+    wget -q -O /etc/apt/sources.list.d/mssql-release.list "https://packages.microsoft.com/config/ubuntu/$BASE_VERSION/prod.list" && \
+    wget -q -O /tmp/microsoft.asc https://packages.microsoft.com/keys/microsoft.asc && \
+    apt-key add /tmp/microsoft.asc && \
+    gpg --dearmor -o /usr/share/keyrings/microsoft-prod.gpg < /tmp/microsoft.asc && \
    apt-get -y update && \
    locale-gen en_US.UTF-8 && \
    echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \
@ -38,8 +41,8 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
        cron \
        curl \
        htop \
-        libaio1 \
-        libasound2 \
+        libaio1${PACKAGE_SUFFIX} \
+        libasound2${PACKAGE_SUFFIX} \
        libboost-regex-dev \
        libcairo2 \
        libcurl3-gnutls \
@ -69,7 +72,8 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
        unzip \
        xvfb \
        xxd \
-        zlib1g && \
+        zlib1g || dpkg --configure -a && \
+    # Added dpkg --configure -a to handle installation issues with rabbitmq-server on arm64 architecture
    if [  $(ls -l /usr/share/fonts/truetype/msttcorefonts | wc -l) -ne 61 ]; \
        then echo 'msttcorefonts failed to download'; exit 1; fi  && \
    echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf && \
@ -79,11 +83,12 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
    service postgresql restart && \
    sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \
    sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE OWNER $ONLYOFFICE_VALUE;" && \
-    wget -O basic.zip ${OC_DOWNLOAD_URL}/instantclient-basic-linux.x64-${OC_FILE_SUFFIX}.zip && \
-    wget -O sqlplus.zip ${OC_DOWNLOAD_URL}/instantclient-sqlplus-linux.x64-${OC_FILE_SUFFIX}.zip && \
-    unzip -d /usr/share basic.zip && \
-    unzip -d /usr/share sqlplus.zip && \
+    wget -O basic.zip ${OC_DOWNLOAD_URL}/instantclient-basic-linux.$(dpkg --print-architecture | sed 's/amd64/x64/')-${OC_FILE_SUFFIX}.zip && \
+    wget -O sqlplus.zip ${OC_DOWNLOAD_URL}/instantclient-sqlplus-linux.$(dpkg --print-architecture | sed 's/amd64/x64/')-${OC_FILE_SUFFIX}.zip && \
+    unzip -o basic.zip -d /usr/share && \
+    unzip -o sqlplus.zip -d /usr/share && \
    mv /usr/share/instantclient_${OC_VER_DIR} /usr/share/instantclient && \
+    find /usr/lib /lib -name "libaio.so.1$PACKAGE_SUFFIX" -exec bash -c 'ln -sf "$0" "$(dirname "$0")/libaio.so.1"' {} \; && \
    service postgresql stop && \
    service redis-server stop && \
    service rabbitmq-server stop && \
@ -121,10 +126,10 @@ RUN PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}${PACKAGE_VER
    sed "s/COMPANY_NAME/${COMPANY_NAME}/g" -i /etc/supervisor/conf.d/*.conf && \
    service supervisor stop && \
    chmod 755 /app/ds/*.sh && \
-    printf "\nGO" >> /var/www/$COMPANY_NAME/documentserver/server/schema/mssql/createdb.sql && \
-    printf "\nGO" >> /var/www/$COMPANY_NAME/documentserver/server/schema/mssql/removetbl.sql && \
-    printf "\nexit" >> /var/www/$COMPANY_NAME/documentserver/server/schema/oracle/createdb.sql && \
-    printf "\nexit" >> /var/www/$COMPANY_NAME/documentserver/server/schema/oracle/removetbl.sql && \
+    printf "\nGO" >> "/var/www/$COMPANY_NAME/documentserver/server/schema/mssql/createdb.sql" && \
+    printf "\nGO" >> "/var/www/$COMPANY_NAME/documentserver/server/schema/mssql/removetbl.sql" && \
+    printf "\nexit" >> "/var/www/$COMPANY_NAME/documentserver/server/schema/oracle/createdb.sql" && \
+    printf "\nexit" >> "/var/www/$COMPANY_NAME/documentserver/server/schema/oracle/removetbl.sql" && \
    rm -f /tmp/$PACKAGE_FILE && \
    rm -rf /var/log/$COMPANY_NAME && \
    rm -rf /var/lib/apt/lists/*
--- a/README.md
+++ b/README.md
@ -20,7 +20,7 @@

 ## Overview

-ONLYOFFICE Document Server is an online office suite comprising viewers and editors for texts, spreadsheets and presentations, fully compatible with Office Open XML formats: .docx, .xlsx, .pptx and enabling collaborative editing in real time.
+ONLYOFFICE Document Server is an open-source office suite that comprises all the tools you need to work with documents, spreadsheets, presentations, PDFs, and PDF forms. The suite supports office files of all popular formats (DOCX, ODT, XLSX, ODS, CSV, PPTX, ODP, etc.) and enables collaborative editing in real time.

 Starting from version 6.0, Document Server is distributed as ONLYOFFICE Docs. It has [three editions](https://github.com/ONLYOFFICE/DocumentServer#onlyoffice-document-server-editions). With this image, you will install the free Community version. 

@ -208,7 +208,7 @@ Below is the complete list of parameters that can be set using environment varia
 - **METRICS_PREFIX**: Defines StatsD metrics prefix for backend services. Defaults to `ds.`.
 - **LETS_ENCRYPT_DOMAIN**: Defines the domain for Let's Encrypt certificate.
 - **LETS_ENCRYPT_MAIL**: Defines the domain administator mail address for Let's Encrypt certificate.
- **PLUGINS_ENABLED**: Defines whether to enable default plugins. Defaults to `false`.
+- **PLUGINS_ENABLED**: Defines whether to enable default plugins. Defaults to `true`.

 ## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers

--- a/cluster.yml
+++ b/cluster.yml
@ -1,108 +0,0 @@
-version: '2.1'
-
-x-ds-image:
-  &ds-image
-  ${COMPANY_NAME:-onlyoffice}/${PRODUCT_NAME:-documentserver-de}:${PRODUCT_VERSION:-latest}
-
-services:
-  onlyoffice-documentserver-data:  
-    container_name: onlyoffice-documentserver-data
-    image: *ds-image
-    environment:
-      - ONLYOFFICE_DATA_CONTAINER=true
-      - DB_HOST=onlyoffice-postgresql
-      - DB_PORT=5432
-      - DB_NAME=onlyoffice
-      - DB_USER=onlyoffice
-      - AMQP_URI=amqp://guest:guest@onlyoffice-rabbitmq
-      - REDIS_SERVER_HOST=onlyoffice-redis
-      - REDIS_SERVER_PORT=6379
-      # Uncomment strings below to enable the JSON Web Token validation.
-      #- JWT_ENABLED=true
-      #- JWT_SECRET=secret
-      #- JWT_HEADER=Authorization
-      #- JWT_IN_BODY=true
-    stdin_open: true
-    restart: always
-    volumes:
-       - /etc/onlyoffice
-       - /var/www/onlyoffice/Data
-       - /var/log/onlyoffice
-       - /var/lib/onlyoffice/documentserver/App_Data/cache/files
-       - /var/www/onlyoffice/documentserver-example/public/files
-       - /usr/share/fonts
-       
-  onlyoffice-documentserver:
-    image: *ds-image
-    depends_on:
-      - onlyoffice-documentserver-data
-      - onlyoffice-postgresql
-      - onlyoffice-redis
-      - onlyoffice-rabbitmq
-    environment:
-      - ONLYOFFICE_DATA_CONTAINER_HOST=onlyoffice-documentserver-data
-      - BALANCE=uri depth 3
-      - EXCLUDE_PORTS=443
-      - HTTP_CHECK=GET /healthcheck
-      - EXTRA_SETTINGS=http-check expect string true
-      # Uncomment the string below to redirect HTTP request to HTTPS request.
-      #- FORCE_SSL=true
-    stdin_open: true
-    restart: always
-    expose:
-      - '80'
-    volumes_from:
-     - onlyoffice-documentserver-data
-
-  onlyoffice-haproxy:
-    container_name: onlyoffice-haproxy
-    image: dockercloud/haproxy:1.5.1
-    depends_on:
-      - onlyoffice-documentserver
-    environment:
-      - MODE=http
-      # Uncomment the string below to specify the path of ssl certificates
-      #- CERT_FOLDER=/certs/
-    stdin_open: true
-    links:
-     - onlyoffice-documentserver
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-      # Uncomment the string below to map a ssl certificate from host
-      # to the proxy container
-      #- /app/onlyoffice/DocumentServer/data/certs/onlyoffice.pem:/certs/cert1.pem
-    restart: always
-    ports:
-      - '80:80'
-      - '443:443'
-      - '1936:1936'
-       
-  onlyoffice-redis:
-    container_name: onlyoffice-redis
-    image: redis
-    restart: always
-    expose:
-      - '6379'
-
-  onlyoffice-rabbitmq:
-    container_name: onlyoffice-rabbitmq
-    image: rabbitmq
-    restart: always
-    expose:
-      - '5672'
-
-  onlyoffice-postgresql:
-    container_name: onlyoffice-postgresql
-    image: postgres:9.5
-    environment:
-      - POSTGRES_DB=onlyoffice
-      - POSTGRES_USER=onlyoffice
-      - POSTGRES_HOST_AUTH_METHOD=trust
-    restart: always
-    expose:
-      - '5432'
-    volumes:
-      - postgresql_data:/var/lib/postgresql
-
-volumes:
-  postgresql_data:
--- a/config/supervisor/ds/ds-converter.conf
+++ b/config/supervisor/ds/ds-converter.conf
@ -2,7 +2,7 @@
 command=/var/www/COMPANY_NAME/documentserver/server/FileConverter/converter
 directory=/var/www/COMPANY_NAME/documentserver/server/FileConverter
 user=ds
-environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver,NODE_DISABLE_COLORS=1,APPLICATION_NAME=COMPANY_NAME
+environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver,NODE_DISABLE_COLORS=1,APPLICATION_NAME=COMPANY_NAME,LD_LIBRARY_PATH=/var/www/COMPANY_NAME/documentserver/server/FileConverter/bin
 stdout_logfile=/var/log/COMPANY_NAME/documentserver/converter/out.log
 stdout_logfile_backups=0
 stdout_logfile_maxbytes=0
--- a/config/supervisor/ds/ds-docservice.conf
+++ b/config/supervisor/ds/ds-docservice.conf
@ -2,7 +2,7 @@
 command=/var/www/COMPANY_NAME/documentserver/server/DocService/docservice
 directory=/var/www/COMPANY_NAME/documentserver/server/DocService
 user=ds
-environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver,NODE_DISABLE_COLORS=1
+environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver,NODE_DISABLE_COLORS=1,APPLICATION_NAME=COMPANY_NAME
 stdout_logfile=/var/log/COMPANY_NAME/documentserver/docservice/out.log
 stdout_logfile_backups=0
 stdout_logfile_maxbytes=0
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@ -68,6 +68,10 @@ variable "BASE_VERSION" {
    default     = ""
 }

+variable "PACKAGE_SUFFIX" {
+    default     = ""
+}
+
 variable "PG_VERSION" {
    default     = ""
 }
@ -106,7 +110,7 @@ target "documentserver-stable" {
    tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
            "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}",
            "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}",
-            "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest",
+            equal("true",LATEST) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "",
            equal("-ee",PRODUCT_EDITION) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",]
    platforms = ["linux/amd64", "linux/arm64"]
    args = {
@ -130,6 +134,7 @@ target "documentserver-ucs" {
        "COMPANY_NAME": "${COMPANY_NAME}"
        "PACKAGE_VERSION": "${PACKAGE_VERSION}"
        "PACKAGE_BASEURL": "${PACKAGE_BASEURL}"
+        "PACKAGE_SUFFIX": "${PACKAGE_SUFFIX}"
        "BASE_VERSION": "${BASE_VERSION}"
        "PG_VERSION": "${PG_VERSION}"
    }
--- a/run-document-server.sh
+++ b/run-document-server.sh
@ -32,7 +32,7 @@ DS_LIB_DIR="${LIB_DIR}/documentserver"
 CONF_DIR="/etc/${COMPANY_NAME}/documentserver"
 SUPERVISOR_CONF_DIR="/etc/supervisor/conf.d"
 IS_UPGRADE="false"
-PLUGINS_ENABLED=${PLUGINS_ENABLED:-false}
+PLUGINS_ENABLED=${PLUGINS_ENABLED:-true}

 ONLYOFFICE_DATA_CONTAINER=${ONLYOFFICE_DATA_CONTAINER:-false}
 ONLYOFFICE_DATA_CONTAINER_HOST=${ONLYOFFICE_DATA_CONTAINER_HOST:-localhost}
@ -53,10 +53,10 @@ fi

 SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds"
 mkdir -p ${SSL_CERTIFICATES_DIR}
-if [[ -d ${DATA_DIR}/certs ]] && [ -e ${DATA_DIR}/certs/*.crt ]; then
+if find "${DATA_DIR}/certs" -type f \( -name "*.crt" -o -name "*.pem" \) -print -quit >/dev/null 2>&1; then
  cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR}
-  chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem
-  chmod 400 ${SSL_CERTIFICATES_DIR}/*.key
+  chmod 644 ${SSL_CERTIFICATES_DIR}/*.{crt,pem} 2>/dev/null
+  chmod 400 ${SSL_CERTIFICATES_DIR}/*.key 2>/dev/null
 fi

 if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then
@ -274,8 +274,7 @@ waiting_for_connection(){
 waiting_for_db_ready(){
  case $DB_TYPE in
    "oracle")
-      PDB="XEPDB1"
-      ORACLE_SQL="sqlplus $DB_USER/$DB_PWD@//$DB_HOST:$DB_PORT/$PDB"
+      ORACLE_SQL="sqlplus $DB_USER/$DB_PWD@//$DB_HOST:$DB_PORT/${DB_NAME}"
      DB_TEST="echo \"SELECT version FROM V\$INSTANCE;\" | $ORACLE_SQL 2>/dev/null | grep \"Connected\" | wc -l"
      ;;
    *)
@ -510,7 +509,7 @@ upgrade_mysql_tbl() {
 }

 upgrade_mssql_tbl() {
-  CONN_PARAMS="-U $DB_USER -P "$DB_PWD" -C"
+  CONN_PARAMS="-d $DB_NAME -U $DB_USER -P "$DB_PWD" -C"
  MSSQL="/opt/mssql-tools18/bin/sqlcmd -S $DB_HOST,$DB_PORT $CONN_PARAMS"

  $MSSQL < "$APP_DIR/server/schema/mssql/removetbl.sql" >/dev/null 2>&1
@ -518,8 +517,7 @@ upgrade_mssql_tbl() {
 }

 upgrade_oracle_tbl() {
-  PDB="XEPDB1"
-  ORACLE_SQL="sqlplus $DB_USER/$DB_PWD@//$DB_HOST:$DB_PORT/$PDB"
+  ORACLE_SQL="sqlplus $DB_USER/$DB_PWD@//$DB_HOST:$DB_PORT/${DB_NAME}"

  $ORACLE_SQL @$APP_DIR/server/schema/oracle/removetbl.sql >/dev/null 2>&1
  $ORACLE_SQL @$APP_DIR/server/schema/oracle/createdb.sql >/dev/null 2>&1
@ -547,15 +545,14 @@ create_mysql_tbl() {
 create_mssql_tbl() {  
  create_mssql_db

-  CONN_PARAMS="-U $DB_USER -P "$DB_PWD" -C"
+  CONN_PARAMS="-d $DB_NAME -U $DB_USER -P "$DB_PWD" -C"
  MSSQL="/opt/mssql-tools18/bin/sqlcmd -S $DB_HOST,$DB_PORT $CONN_PARAMS"

  $MSSQL < "$APP_DIR/server/schema/mssql/createdb.sql" >/dev/null 2>&1
 }

 create_oracle_tbl() {
-  PDB="XEPDB1"
-  ORACLE_SQL="sqlplus $DB_USER/$DB_PWD@//$DB_HOST:$DB_PORT/$PDB"
+  ORACLE_SQL="sqlplus $DB_USER/$DB_PWD@//$DB_HOST:$DB_PORT/${DB_NAME}"

  $ORACLE_SQL @$APP_DIR/server/schema/oracle/createdb.sql >/dev/null 2>&1
 }
@ -764,6 +761,9 @@ if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
  service cron start
 fi

+# Fix to resolve the `unknown "cache_tag" variable` error
+start_process documentserver-flush-cache.sh -r false
+
 # nginx used as a proxy, and as data container status service.
 # it run in all cases.
 service nginx start
@ -789,4 +789,4 @@ start_process documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}

 echo "${JWT_MESSAGE}" 

-start_process tail -f /var/log/${COMPANY_NAME}/**/*.log
+start_process find "$DS_LOG_DIR" "$DS_LOG_DIR-example" -type f -name "*.log" | xargs tail -f
--- a/tests/README.md
+++ b/tests/README.md
@ -0,0 +1,3 @@
+The files in this folder are intended for use in integration auto-tests.
+
+All credentials are strictly for testing purposes only.
--- a/tests/damengdb/damengdb.Dockerfile
+++ b/tests/damengdb/damengdb.Dockerfile
@ -32,6 +32,14 @@ wait_dm_ready

 EOF

+COPY <<"EOF" /permissions.sql
+
+CREATE SYNONYM onlyoffice.DOC_CHANGES FOR sysdba.DOC_CHANGES;
+CREATE SYNONYM onlyoffice.TASK_RESULT FOR sysdba.TASK_RESULT;
+GRANT ALL PRIVILEGES ON sysdba.DOC_CHANGES TO onlyoffice;
+GRANT ALL PRIVILEGES ON sysdba.TASK_RESULT TO onlyoffice;
+
+EOF

 RUN   bash /opt/startup.sh > /dev/null 2>&1 \
   &  mkdir -p /schema/damengdb \
@ -41,6 +49,9 @@ RUN   bash /opt/startup.sh > /dev/null 2>&1 \
   && cd ${DISQL_BIN} \
   && ./disql $DM8_USER/$DM8_PASS@$DB_HOST:$DB_PORT -e \
      "create user "onlyoffice" identified by "onlyoffice" password_policy 0;" \
+   && ./disql $DM8_USER/$DM8_PASS@$DB_HOST:$DB_PORT -e \
+      "GRANT SELECT ON DBA_TAB_COLUMNS TO onlyoffice;" \
   && echo "EXIT" | tee -a /schema/dameng/createdb.sql \
   && ./disql $DM8_USER/$DM8_PASS@$DB_HOST:$DB_PORT \`/schema/dameng/createdb.sql \
+   && ./disql $DM8_USER/$DM8_PASS@$DB_HOST:$DB_PORT \`/permissions.sql \
   && sleep 10
Author	SHA1	Message	Date
Vladimir Ischenko	a085cb962b	Fix Oracle Instant Client installation	2025-05-19 09:52:22 +03:00
Vladimir Ischenko	1bdda91da3	Fix multi-arch libaio symlink	2025-05-15 18:43:59 +03:00
Vladimir Ischenko	11f153dd60	Fix bug 73689 – Replace hardcoded PDB and add libaio symlink (#23 ) Co-authored-by: Vladimir Ischenko <vladimir.ischenko@onlyoffice.com> Co-committed-by: Vladimir Ischenko <vladimir.ischenko@onlyoffice.com>	2025-05-15 09:23:04 +00:00
Vladimir Ischenko	019d1b881f	Fix bug 73600 - Add DB name to MSSQL connection	2025-05-13 16:23:12 +03:00
danilapog	39b82a3c9a	build: add conditional tagging for latest in stable-build workflow - Introduced input in the GitHub Actions workflow with a default value of . - Passed the input as an environment variable () to the workflow. - Updated to conditionally add the Docker tag based on value.	2025-04-24 14:17:08 +03:00
papacarlo	d50eda45dd	Merge branch hotfix/v8.3.3 into release/v9.0.0	2025-04-21 09:10:33 +00:00
Evgeniy Antonyuk	ede8569ec2	Update README.md	2025-04-16 19:01:05 +03:00
papacarlo	ff98f18cb9	Merge branch hotfix/v8.3.2 into release/v9.0.0	2025-04-01 08:42:09 +00:00
danilapog	9c2012b534	Bump zap scanner action version Fix deprecated artifacts included action	2025-03-11 09:58:54 +00:00
papacarlo	22f8a1004f	Merge branch hotfix/v8.3.1 into master	2025-02-27 13:24:28 +00:00
papacarlo	2df1459d80	Merge branch release/v8.3.0 into develop	2025-02-24 09:14:43 +00:00
Evgeniy Antonyuk	f4ae743455	Restrict the directories for log collection (#10 ) Reviewed-on: https://git.onlyoffice.com/ONLYOFFICE/Docker-DocumentServer/pulls/10	2025-02-12 11:22:49 +00:00
Nasrullo Nurullaev	c867cf5eb7	Fix issue with building documentserver-ucs	2025-02-10 07:38:11 +00:00
papacarlo	0de571477f	Merge branch release/v8.3.0 into master	2025-02-05 17:25:46 +00:00
Nasrullo Nurullaev	a8b1256d87	fix Bug 72356 - Fix security issue with shell variables	2025-01-13 15:34:29 +05:00
Alexey Golubev	a349692e60	Add folder description (#16 )	2025-01-10 13:35:29 +00:00
danilapog	4ed8027cbe	Fix bug 72341 - Injections with operating system commands (#15 ) Co-authored-by: danilapog <danil.titarenko@onlyoffice.com> Co-committed-by: danilapog <danil.titarenko@onlyoffice.com>	2025-01-09 14:34:43 +00:00
Alexey Golubev	e9f55325d9	Fixbug #72289	2024-12-28 08:44:33 +00:00
Nasrullo Nurullaev	9b55149e51	Fix issue with building Dockerfile for arm64 arch	2024-12-20 09:47:22 +05:00
Nasrullo Nurullaev	2e4c0e7ebc	Update base image to 24.04 (#13 ) Reviewed-on: https://git.onlyoffice.com/ONLYOFFICE/Docker-DocumentServer/pulls/13 Reviewed-by: Alexey Golubev <Alexey.Golubev@onlyoffice.com> Co-authored-by: Nasrullo Nurullaev <nasrullo.nurullaev@onlyoffice.com> Co-committed-by: Nasrullo Nurullaev <nasrullo.nurullaev@onlyoffice.com>	2024-12-16 07:38:40 +00:00
papacarlo	19c2c0bf7d	Merge branch hotfix/v8.2.2 into release/v8.3.0	2024-12-09 12:10:33 +00:00
papacarlo	b1fda38596	Merge branch hotfix/v8.2.2 into develop	2024-12-09 12:10:32 +00:00
papacarlo	c53b6dc6be	Merge branch hotfix/v8.2.2 into master	2024-11-28 12:25:15 +00:00
Evgeniy Antonyuk	330f5a4969	fix Bug 71832 - Fix the handling for .pem certificates	2024-11-25 14:37:52 +03:00
papacarlo	3d89aae7ee	Merge branch hotfix/v8.2.1 into develop	2024-11-22 10:55:47 +00:00
papacarlo	0b670630f5	Merge branch release/v8.2.0 into develop	2024-10-21 11:56:45 +00:00
papacarlo	0052a31583	Merge branch release/v8.2.0 into master	2024-10-17 11:16:26 +00:00
Evgeniy Antonyuk	510128a3cc	Fix to resolve the `unknown "cache_tag" variable` error	2024-10-16 16:01:14 +07:00
Evgeniy Antonyuk	84443a0095	fix Bug 70772 - Add the APPLICATION_NAME variable to ds-docservice	2024-10-11 15:46:53 +07:00
Evgeniy Antonyuk	a1b238d180	Fix the option to enable plugins to true by default	2024-10-07 16:29:01 +07:00
RomanDemidov	85a678008a	Merge pull request 'Replace library symlinks with LD_LIBRARY_PATH env' (#7 ) from feature/library-path into release/v8.2.0 Reviewed-on: https://git.onlyoffice.com/ONLYOFFICE/Docker-DocumentServer/pulls/7	2024-09-23 14:42:52 +00:00
Evgeniy Antonyuk	e815a55687	Replace library symlinks with LD_LIBRARY_PATH env	2024-09-23 20:22:05 +07:00
Nasrullo Nurullaev	1581d5b3fb	fix Bug 69800 - Fix warning in casing mismatch	2024-09-18 07:34:43 +00:00
danilapog	cf34136b58	Fix bug 70234 - getTableColumnsError Error on damengdb connect	2024-09-16 22:39:48 +03:00
papacarlo	ed000589d4	Merge branch hotfix/v8.1.3 into develop	2024-09-13 11:41:33 +00:00
papacarlo	aeba194cf1	Merge branch hotfix/v8.1.3 into master	2024-09-13 11:41:32 +00:00
papacarlo	67578bb016	Merge branch hotfix/v8.1.1 into develop	2024-07-26 08:13:31 +00:00