Skip to content

Commit

Permalink
Merge release/v2.0.0 into hotfix/v2.0.1
Browse files Browse the repository at this point in the history
  • Loading branch information
@agolybev
agolybev authored Dec 6, 2023
2 parents 1934e0d + 2fc675b commit de419f4
Show file tree
Hide file tree
Showing 4 changed files with 105 additions and 3 deletions.
102 changes: 102 additions & 0 deletions .github/workflows/zap-scan.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,102 @@
---
name: Scanning DocSpace with ZAP

run-name: >
ZAP scanning DocSpace ver: ${{ github.event.inputs.version }} from branch: ${{ github.event.inputs.branch }}
on:
workflow_dispatch:
inputs:
branch:
description: 'Set branch for which OCI script will be used for deploy'
type: string
required: true
version:
description: 'Set DocSpace version that will be deployed'
type: string
required: true
jobs:
zap:
runs-on: ubuntu-latest
permissions:
issues: write
name: Scan DocSpace with zap
steps:
- name: Checkout
uses: actions/checkout@v3
with:
path: build-tools
repository: ONLYOFFICE/DocSpace-buildtools
ref: ${{ github.event.inputs.branch }}

- name: Run and prepare DocSpace
id: prepare
env:
DOCKER_TAG: ${{ github.event.inputs.version }}
STATUS: "4testing-"
PROTO: "https"
run: |
# Get gh-action runner local ip
LOCAL_IP=$(hostname -I | awk '{print $1}')
echo "local-ip=${LOCAL_IP}" >> "$GITHUB_OUTPUT"
# Create SSL certs
openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 \
-keyout ${{ github.workspace }}/onlyofficekey.pem \
-out ${{ github.workspace }}/onlyofficecert.pem \
-subj "/C=RU/ST=NizhObl/L=NizhNov/O=RK-Tech/OU=TestUnit/CN=TestName"
# Run 4testing DocSpace with tag from previous build
cd ./build-tools/install/OneClickInstall
sudo printf "Y" | sudo bash ./docspace-install.sh docker -skiphc true --makeswap false --localscripts true -dsv ${DOCKER_TAG} -s ${STATUS}
sleep 200
# Replace SSL certs
sudo cp ${{ github.workspace }}/onlyofficekey.pem ${{ github.workspace }}/onlyofficecert.pem /app/onlyoffice/
sudo bash /app/onlyoffice/config/docspace-ssl-setup -f /app/onlyoffice/onlyofficecert.pem /app/onlyoffice/onlyofficekey.pem
sleep 60
# Get Wizzard token and pwd hash for complete wizzard
WIZZARD_TOKEN=$(curl -k --request GET ${PROTO}://${LOCAL_IP}/api/2.0/settings | jq -r .response.wizardToken)
PWD_HASH=$(curl -k --request GET ${PROTO}://${LOCAL_IP}/api/2.0/settings | jq -r .response.passwordHash.salt)
EMAIL="[email protected]"
USER_PWD="test666pass"
## Complete wizard
curl -k -v -D output.txt --request PUT -H "confirm: ${WIZZARD_TOKEN}" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
--data '{"Email":"'"${EMAIL}"'","PasswordHash":"'"${PWD_HASH}"'"}' \
${PROTO}://${LOCAL_IP}/api/2.0/settings/wizard/complete
# Get cookie and user-id
COOKIE=$(cat ./output.txt | egrep -i asc_auth_key=* | cut -d '=' -f 2-) && COOKIE=${COOKIE%%;*}
USER_ID=$(curl -k --request GET -H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: ${COOKIE}" \
${PROTO}://${LOCAL_IP}/api/2.0/people/email?email=${EMAIL} | jq -r .response.id)
# Set new admin-user pwd
curl -k -v --request PUT -H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: ${COOKIE}" \
--data '{"Password":"'"${USER_PWD}"'"}' \
"${PROTO}://${LOCAL_IP}/api/2.0/people/${USER_ID}/password"
# Get new admin-user auth-token and authenticate the user
TOKEN=$(curl -k -v --request POST -H "Accept: application/json" \
-H "Content-Type: application/json" \
--data '{"userName":"'"${EMAIL}"'","password":"'"${USER_PWD}"'"}' \
"${PROTO}://${LOCAL_IP}/api/2.0/authentication" | jq -r .response.token)
# Set new auth-token for zap header
echo "ZAP_AUTH_HEADER_VALUE=${TOKEN}" >> "$GITHUB_ENV"
- name: ZAP Scan
uses: zaproxy/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
target: 'https://${{ steps.prepare.outputs.local-ip }}/'
allow_issue_writing: false
cmd_options: '-j'
2 changes: 1 addition & 1 deletion buildtools
Submodule buildtools updated 91 files
+0 −7 build.backend.docker.bat
+0 −112 build.backend.docker.ps1
+201 −0 build.backend.docker.py
+0 −136 build.backend.docker.sh
+0 −7 clear.backend.docker.bat
+0 −37 clear.backend.docker.ps1
+48 −0 clear.backend.docker.py
+0 −38 clear.backend.docker.sh
+248 −139 config/appsettings.json
+1 −3 config/backup.json
+6 −3 config/nginx/onlyoffice.conf
+2 −2 config/nlog.config
+2 −0 config/storage.json
+0 −6 config/telegram.json
+97 −0 debuginfo.py
+1 −1 install/OneClickInstall/docspace-install.sh
+1 −1 install/OneClickInstall/install-Debian.sh
+30 −32 install/OneClickInstall/install-Docker.sh
+1 −1 install/OneClickInstall/install-RedHat.sh
+4 −0 install/OneClickInstall/install-RedHat/install-preq.sh
+4 −3 install/common/build-backend.sh
+4 −2 install/common/build-frontend.sh
+0 −57 install/common/build-services.ps1
+87 −0 install/common/build-services.py
+1 −7 install/common/build-services.sh
+3 −2 install/common/product-configuration
+8 −5 install/common/product-ssl-setup
+0 −1 install/common/publish-backend.sh
+2 −1 install/common/systemd/build.sh
+1 −1 install/deb/debian/product-api-system.install
+1 −1 install/deb/debian/product-api.install
+1 −1 install/deb/debian/product-backup-background.install
+1 −1 install/deb/debian/product-backup.install
+1 −1 install/deb/debian/product-clear-events.install
+4 −4 install/deb/debian/product-common.install
+1 −1 install/deb/debian/product-doceditor.install
+1 −1 install/deb/debian/product-files-services.install
+2 −2 install/deb/debian/product-files.install
+1 −1 install/deb/debian/product-healthchecks.install
+1 −1 install/deb/debian/product-login.install
+1 −1 install/deb/debian/product-migration-runner.install
+1 −1 install/deb/debian/product-notify.install
+1 −1 install/deb/debian/product-people-server.install
+4 −4 install/deb/debian/product-proxy.install
+1 −1 install/deb/debian/product-socket.install
+1 −1 install/deb/debian/product-ssoauth.install
+1 −1 install/deb/debian/product-studio-notify.install
+1 −1 install/deb/debian/product-studio.install
+14 −13 install/deb/debian/rules
+1 −0 install/docker/.env
+10 −9 install/docker/Dockerfile.app
+2 −1 install/docker/Dockerfile.runtime
+33 −0 install/docker/config/docspace-logs
+6 −6 install/docker/config/docspace-ssl-setup
+1 −1 install/docker/dnsmasq.yml
+1 −2 install/docker/docker-entrypoint.py
+1 −0 install/docker/docker-healthchecks-entrypoint.sh
+1 −0 install/docker/docspace.profiles.yml
+1 −0 install/docker/docspace.yml
+3 −1 install/docker/prepare-nginx-router.sh
+26 −22 install/rpm/SPECS/build.spec
+62 −63 install/rpm/SPECS/install.spec
+16 −9 install/rpm/SPECS/product.spec
+1 −1 install/win/CustomActions/C#/Utils/Utils.csproj
+113 −157 install/win/DocSpace.aip
+76 −72 install/win/build-batch.bat
+1 −1 install/win/build-download-prereq.ps1
+4 −4 install/win/frontend-copy.bat
+2 −2 install/win/publish-script.bat
+1 −0 install/win/tools/DocEditor.xml
+1 −0 install/win/tools/Login.xml
+1 −0 install/win/tools/Socket.IO.xml
+1 −0 install/win/tools/SsoAuth.xml
+28 −1 install/win/utils.vbs
+3 −0 requirements.txt
+0 −17 run.translations.spellcheck.test.sh
+46 −0 run.translations.spellcheck.tests.py
+16 −0 run.translations.tests.py
+0 −8 run.translations.tests.sh
+0 −7 start/restart.backend.docker.bat
+0 −5 start/restart.backend.docker.ps1
+16 −0 start/restart.backend.docker.py
+0 −8 start/restart.backend.docker.sh
+0 −7 start/start.backend.docker.bat
+0 −32 start/start.backend.docker.ps1
+15 −0 start/start.backend.docker.py
+0 −41 start/start.backend.docker.sh
+0 −7 start/stop.backend.docker.bat
+0 −17 start/stop.backend.docker.ps1
+17 −0 start/stop.backend.docker.py
+0 −4 start/stop.backend.docker.sh
2 changes: 1 addition & 1 deletion client
Submodule client updated 1924 files
2 changes: 1 addition & 1 deletion server
Submodule server updated 1994 files

0 comments on commit de419f4

Please sign in to comment.