Skip to content

WIP Backport Europe Markets v30 to v31#276

Draft
bromiesTM wants to merge 56 commits into
ionos-dev-v31from
rc/web-3.5
Draft

WIP Backport Europe Markets v30 to v31#276
bromiesTM wants to merge 56 commits into
ionos-dev-v31from
rc/web-3.5

Conversation

@bromiesTM

Copy link
Copy Markdown

No description provided.

fracado and others added 30 commits June 19, 2025 13:01
Signed-off-by: Franziska Bath <franziska.bath@strato.de>
Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
# menu is removed on
./occ config:system:set --value true --type boolean  -- sharing.enable_share_accept

# menu is shown on
./occ config:system:set --value false --type boolean  -- sharing.enable_share_accept

Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…lows (ionos-dev-v30|ionos-stable-v30)

in order to be able to build v30 state

Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
due to issues with self-hosted runner

Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
(cherry picked from commit cbca0ad)
Implements build number injection system for production traceability:
- Modified version.php to read .buildnumber file and append build ID as $OC_Version[4]
- Updated hidrive-next-build.yml workflow to create .buildnumber file with GitHub run_number
- Added .buildnumber to .gitignore for CI/CD generated files

This preserves the original semantic version while adding build metadata
for tracking specific CI/CD runs in production environments.

Ported from IONOS-Productivity/ncw-server commit 0f2d429

Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
(cherry picked from commit add6637)
Validates that all required secrets and job outputs are present before
attempting the trigger, providing clear error messages on misconfiguration.

(cherry picked from commit e226cd1)
Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Adds a "Check prerequisites" step to the artifactory upload job in
hidrive-next-build.yml that verifies JF_ARTIFACTORY_URL,
JF_ARTIFACTORY_USER, and JF_ACCESS_TOKEN are set before any download
or jfrog-cli setup runs. The step emits a GitHub Actions ::error::
annotation per missing secret and exits non-zero, so a missing secret
surfaces at the top of the job log rather than as a confusing
"jf rt ping" or upload error later.
Adds a local composite action at .github/actions/get-job-data that
fetches the GitHub Actions job HTML URL via the REST API and exposes
it as an output. Copied from sister ncw-server
(.github/actions/get-job-data/action.yml).

The action uses a temp netrc file to keep the GH token off the curl
command line, and trap-cleans both the netrc and the curl-error temp
file on exit. It returns an empty output (not a failure) when the API
call or job lookup fails, so the caller can include it with
continue-on-error: true.

Wires it into the artifactory upload job:
- Adds a checkout step so the local composite action is available.
- Calls the action with continue-on-error: true.
- Converts --target-props from a fixed string into a bash array so
  job.html_url can be appended only when present, then joined with ';'.
- Renames hdnext.nc_version to build.nc_version while doing so.

Every artifact in Artifactory now carries a job.html_url property
linking back to the run/job that produced it, for traceability.
…ckoff

Wraps the jf rt upload call in a retry loop (3 attempts, 10s then 20s
delay) so transient Artifactory failures don't fail the whole build.
Logs each attempt and exits non-zero only after all attempts are
exhausted.
- actions/checkout       -> v5.0.1
- actions/setup-node     -> v6.4.0
- actions/download-artifact -> v5.0.0
- docker/login-action    -> v3.7.0
- docker/metadata-action -> v5.10.0

Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Enables push-build for rc/** and */dev/* branches, triggers the remote
GitLab workflow for both, and routes their artifacts to nested JFrog
paths that include NC_VERSION and short SHA so every build is preserved.

JFrog layout (consolidated):

  | Branch/Event  | Path                                                               |
  |---------------|--------------------------------------------------------------------|
  | Pull Request  | pr/hidrive-next-pr-<n>.zip                                         |
  | ionos-dev-v30     | dev/hidrive-next-<ver>/<sha>/hidrive-next-<ver>.zip                |
  | ionos-stable-v30  | stable/hidrive-next-<ver>/<sha>/hidrive-next-<ver>.zip             |
  | rc/*          | rc/<branch>/hidrive-next-<ver>/<sha>/hidrive-next-<ver>.zip        |
  | */dev/*       | devs/<prefix>/hidrive-next-<ver>/<sha>/hidrive-next-<ver>.zip      |

Changes vs. previous behavior:
- PR uploads move from dev/pr/... to top-level pr/...
- */dev/* uploads change from dev-<prefix>/... to devs/<prefix>/...
  (folder instead of dash-suffix)

Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Extract the "v30" branch-name version suffix into a single
NC_BRANCH_VERSION env var so it can be changed in one place. Kept as
an in-file value (not a repo variable) so each branch can carry its
own version.

Used directly via env.NC_BRANCH_VERSION in the step run: scripts where
expressions are allowed. GitHub Actions forbids env/vars inside on:,
concurrency: and job-level if:, so those spots stay literal and are
annotated with pointer comments back to the env block, plus a summary
list of every literal location to bump together.

Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
…_layout

IONOS(pipelines): update branch names to include version v30 in workflow
… and Nautilus URLs to configuration)

https://github.com/IONOS-Productivity/nc-simplesettings/releases/tag/v30.0.7-dd8100f

Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Co-Authored-By: Thomas Lehmann <t.lehmann@strato.de>
Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
- Pin docker/build-push-action to tagged release SHA v7.2.0 (was
  pinned to an untagged intermediate commit with no version label)
- Fix shivammathur/setup-php version comment: the action uses no 'v'
  prefix in its tags, so '#v2.31.1' is wrong; correct to '# 2.31.1'

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
printminion-co and others added 26 commits June 9, 2026 16:15
…NEXT-1914)

user_oidc 8.7.0 introduced setSessionUser() calls inside getCurrentUserId()
(IApacheBackend callback). This prevents NC core's loginWithExternalBackend()
from writing an oc_authtoken session row, so AppPasswordController returns 403
on every LFv2 getapppassword request. Regression present in 8.7.0–8.10.1.

v8.6.1 is the last release before the regression. DB-safe: no migrations were
added between v8.6.1 and v8.10.1 — all 14 migration files are identical.
…e and PDF preview providers"

https://github.com/IONOS-Productivity/nc-config/releases/tag/v30-fd4ec1

Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…uration for richdocuments)

https://github.com/IONOS-Productivity/nc-config/releases/tag/v30-4dfbfa9

Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Port from ionos-dev: construct a GitHub Actions run URL and forward it
as SOURCE_BUILD_URL to the GitLab webhook, so each triggered pipeline
carries a direct back-link to the originating build.
Remove the premature `set +x` that silenced the curl invocation.
GitHub Actions masks secrets at the log-output layer, so the token
appears as *** regardless; the xtrace guard was overly conservative
and hid the command entirely, making the trigger step hard to debug.
Remove all four custom-npm submodules that existed solely to support
the Font Awesome icon embedding pipeline:
- nc-mdi-svg: FA-to-MDI SVG embedding (primary FA integration point)
- nc-mdi-js: thin wrapper over @mdi/js, only customized to use nc-mdi-svg
- nc-nextcloud-vue: thin fork of @nextcloud/vue, only wired custom icon packages
- nc-vue-material-design-icons: FA mapping logic, now redundant without FA

Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
hidrive-next-build.yml: remove custom-npms/** path trigger and
FONTAWESOME_PACKAGE_TOKEN from the build step.

sbom-matrix.yaml: remove FONTAWESOME_PACKAGE_TOKEN secret requirement
and custom-npm pre-install steps from the npm install job.

Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Revert
d35db04

Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
…ateData variables

Extract the inline array literals passed to each createEMailTemplate() call
into named $templateData variables. For sendNote(), which previously passed no
data array, add a minimal array so all four send methods are consistent.

Zero behaviour change — $templateData is passed straight through to
createEMailTemplate() with identical contents.
…ach mail send

Dispatch a typed PSR-14 event immediately before every mailer->send() call
in ShareByMailProvider so that external listeners can intercept and replace
Nextcloud's native SMTP delivery.

Event hierarchy:
  AbstractBeforeShareMailSentEvent (base: share, resolvedEmails, message,
    markMailHandled / isMailHandled)
  ├── BeforeShareMailSentEvent   – sendEmail()
  ├── BeforeSharePasswordMailSentEvent – sendPassword() + sendPasswordToOwner()
  └── BeforeShareNoteMailSentEvent – sendNote()

Each concrete class holds its own typed $templateData (psalm array-shape)
and exposes named getters (getSenderUserId(), getFileName(), …) instead of
a generic getMailData(): array<string,mixed>.  This avoids defensive
is_string() / null guards in listeners.

$templateData reuses the array already passed to createEMailTemplate(), with
one extra key added for sendEmail(): senderUserId (the raw user ID, distinct
from the display name stored under 'initiator').

The native mailer->send() is skipped when a listener calls markMailHandled().
If the listener's own send throws, the exception propagates and the native
send is also skipped — no silent SMTP fallback.

sendEmail() and sendPassword() are flattened from nested
if (!isMailHandled()) { ... } pyramids to early-return style.

Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
…ssmap

autoload_real.php sets setClassMapAuthoritative(true), which disables
PSR-4 fallback entirely. Any class not listed in $classMap is never
found, regardless of whether PSR-4 would resolve it.

Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…a and event refactors

- Add senderUserId to the expected RecipientNotification templateData in 3 tests
  (added by the createEMailTemplate params refactor in 242b896)
- Update dispatchTyped expectation from once(GenerateSecurePasswordEvent) to
  exactly(3) with withConsecutive for GenerateSecurePasswordEvent,
  BeforeShareMailSentEvent, and BeforeSharePasswordMailSentEvent
  (sendEmail() and sendPassword() now each dispatch a Before*Event)

Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…t dispatch

Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…s suppressed

sendPassword() and sendPasswordToOwner() called createPasswordSendActivity()
unconditionally outside the isMailHandled() guard. A listener intercepting the
BeforeSharePasswordMailSentEvent would suppress the SMTP send but still cause
a false activity-log entry for a mail that was never delivered.

Apply the same early-return pattern used by sendEmail(): return immediately
when isMailHandled() is true so no side effects run after the flag is set.

Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…r "file request")

https://github.com/IONOS-Productivity/nc-ionos-processes/releases/tag/1.0.0-9501a5e

Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Co-authored-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…-oidc)

Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
@bromiesTM bromiesTM changed the base branch from ionos-dev to ionos-dev-v31 July 9, 2026 12:19
@bromiesTM bromiesTM added this to the web-4 milestone Jul 9, 2026
@bromiesTM bromiesTM changed the base branch from ionos-dev-v31 to ionos-dev July 9, 2026 12:22
@bromiesTM bromiesTM changed the base branch from ionos-dev to ionos-dev-v31 July 9, 2026 12:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants