Fix command to get container id (#483)

* Enable JWT by default and add a JWT status message

* Correct JWT message

* Add a condition for displaying a JWT message

* Minor correction

* Minor correction

.github/workflows/4testing-build.yml

@@ -29,6 +29,7 @@ jobs:
         uses: docker/setup-qemu-action@v2
 
       - name: Set up Docker Buildx
+        id: buildx
         uses: docker/setup-buildx-action@v2
      
       - name: Login to Docker Hub
@@ -38,38 +39,55 @@ jobs:
           password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
 
       - name: Get Tag Name
-        id: tag_name
         run: |
-          echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/}
+          echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
 
       - name: Build 4testing
         run: |
-          DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' )
-          PACKAGE_VERSION=$(echo $DOCKER_TAG | sed  's/\./-/3')
-          PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_amd64.deb
-          STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL")
-          if [[ "$STATUS" = "200" ]]; then
-             echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access"
-          else 
-             echo "FAILED: Have no access to documentserver${{ matrix.edition }} amd64 arch"
-             exit 1
-          fi
-          PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb
-          STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") 
-          if [[ "$STATUS" = "200" ]]; then
-             echo "Have access to documentserver${{ matrix.edition }} arm64 arch"
-             echo "All architecture are available >> build is starting."
-             sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile
-             PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \
-                PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \
-                PREFIX_NAME=4testing- TAG=$DOCKER_TAG \
-                docker buildx bake \
-                -f docker-bake.hcl ${{ matrix.images }} \
-                --push
-             echo "DONE: Build success >> exit with 0"
-             exit 0  
-          else
-             echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Exit with 0."
-             exit 1
+          ### ==>> At this step build variable declaration ###
+          DOCKER_TAG=$( echo ${{ env.RELEASE_VERSION }} | sed 's/^.//' )
+          PACKAGE_VERSION=$( echo $DOCKER_TAG | sed -E 's/(.*)\./\1-/' )
+          NODE_PLATFORMS=$( echo ${{ steps.buildx.outputs.platforms }} | sed 's/linux\///g' | sed 's/,/ /g' )
+          echo "Start check avalivable build platforms >>"
+
+          ### ==>> In this loop we will check all avalivable documentserver architectures. After that all accessed arch will be added to build-platforms list. ###
+          for ARCH in ${NODE_PLATFORMS}; do
+            REPO_URL=${{ secrets.REPO_URL }} 
+            if [[ ${{ env.RELEASE_VERSION }} == v99.* ]]; then
+              REPO_URL=${{ secrets.UNSTABLE_REPO_URL }}
+            fi
+            PACKAGE_URL_CHECK=${REPO_URL}${{ matrix.edition }}_"$PACKAGE_VERSION"_${ARCH}.deb
+            STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "${PACKAGE_URL_CHECK}")
+            if [[ "$STATUS" = "200" ]]; then
+              echo "✔  ${ARCH} is avalivable >> set like one of build platforms"
+              PLATFORMS+=(linux/${ARCH},)
+              BUILD_PLATFORMS=$( echo ${PLATFORMS[@]} | sed 's/ //g' | sed 's/\(.*\),/\1/' )
+            else
+              echo "${ARCH} in not avalivable"
+            fi
+          done
+          PACKAGE_URL_BUILD=$( echo ${PACKAGE_URL_CHECK} | sed -e "s/${PACKAGE_VERSION}_.*.deb/${PACKAGE_VERSION}_TARGETARCH.deb/g" )
+
+          ### ==>> At this step if there is no access to any platform and platform list is empty, build will exit with 1. ###  
+          if [[ -z ${BUILD_PLATFORMS} ]]; then
+            echo "Have no access to any platform >> exit with 1"
+            exit 1
           fi
+          echo "DONE: Check passed >> Build for platforms: ${BUILD_PLATFORMS}"
+          echo "Build is starting ... >>"
+
+          ### ==>> Build and push images at this step ### 
+          PRODUCT_EDITION=${{ matrix.edition }} \
+          PACKAGE_URL=$PACKAGE_URL_BUILD \
+          PRODUCT_NAME=${{ env.PRODUCT_NAME }} \
+          DOCKERFILE=Dockerfile \
+          PREFIX_NAME=4testing- \
+          TAG=$DOCKER_TAG \
+          PLATFORM=$BUILD_PLATFORMS \
+          COMPANY_NAME=${{ env.COMPANY_NAME }} \
+            docker buildx bake \
+            -f docker-bake.hcl ${{ matrix.images }} \
+            --push
+          echo "DONE: Build success >> exit with 0"
+          exit 0
         shell: bash

Dockerfile

@@ -81,7 +81,8 @@ ENV COMPANY_NAME=$COMPANY_NAME \
     PRODUCT_NAME=$PRODUCT_NAME \
     PRODUCT_EDITION=$PRODUCT_EDITION
 
-RUN wget -q -P /tmp "$PACKAGE_URL" && \
+RUN PACKAGE_URL=$( echo ${PACKAGE_URL} | sed "s/TARGETARCH/"${TARGETARCH}"/g") && \
+    wget -q -P /tmp "$PACKAGE_URL" && \
     apt-get -y update && \
     service postgresql start && \
     apt-get -yq install /tmp/$(basename "$PACKAGE_URL") && \

docker-bake.hcl

@@ -30,15 +30,25 @@ variable "DOCKERFILE" {
     default = ""
 }
 
+variable "PLATFORM" {
+    default = ""
+}
+
+variable "PACKAGE_URL" {
+    default = ""
+}
+
 target "documentserver" {
     target = "documentserver"
     dockerfile= "${DOCKERFILE}"
     tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"]
-    platforms = ["linux/amd64", "linux/arm64"]
+    platforms = ["${PLATFORM}"]
     args = {
         "PRODUCT_EDITION": "${PRODUCT_EDITION}"
         "PRODUCT_NAME": "${PRODUCT_NAME}"
         "COMPANY_NAME": "${COMPANY_NAME}"
+        "PACKAGE_URL": "${PACKAGE_URL}"
+        "PLATFORM": "${PLATFORM}"
     }
 }
 

run-document-server.sh

@@ -39,9 +39,11 @@ fi
 
 SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds"
 mkdir -p ${SSL_CERTIFICATES_DIR}
-cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR}
-chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem
-chmod 400 ${SSL_CERTIFICATES_DIR}/*.key
+if [[ -d ${DATA_DIR}/certs ]] && [ -e ${DATA_DIR}/certs/*.crt ]; then
+  cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR}
+  chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem
+  chmod 400 ${SSL_CERTIFICATES_DIR}/*.key
+fi
 
 if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then
   SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt
@@ -71,7 +73,7 @@ NGINX_CONFIG_PATH="/etc/nginx/nginx.conf"
 NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1}
 NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)}
 
-JWT_ENABLED=${JWT_ENABLED:-false}
+JWT_ENABLED=${JWT_ENABLED:-true}
 
 # validate user's vars before usinig in json
 if [ "${JWT_ENABLED}" == "true" ]; then
@@ -80,7 +82,9 @@ else
   JWT_ENABLED="false"
 fi
 
-JWT_SECRET=${JWT_SECRET:-secret}
+[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(cut -c9-20 < /proc/1/cpuset) sudo documentserver-jwt-status.sh' to get information about JWT."
+
+JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)}
 JWT_HEADER=${JWT_HEADER:-Authorization}
 JWT_IN_BODY=${JWT_IN_BODY:-false}
 
@@ -637,5 +641,7 @@ if [ "${GENERATE_FONTS}" == "true" ]; then
 fi
 documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
 
+echo "${JWT_MESSAGE}" 
+
 tail -f /var/log/${COMPANY_NAME}/**/*.log &
 wait $!