WIP Backport Europe Markets v30 to v31#276
Draft
bromiesTM wants to merge 56 commits into
Draft
Conversation
Signed-off-by: Franziska Bath <franziska.bath@strato.de>
Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
# menu is removed on ./occ config:system:set --value true --type boolean -- sharing.enable_share_accept # menu is shown on ./occ config:system:set --value false --type boolean -- sharing.enable_share_accept Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…lows (ionos-dev-v30|ionos-stable-v30) in order to be able to build v30 state Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
due to issues with self-hosted runner Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de> (cherry picked from commit cbca0ad)
Implements build number injection system for production traceability: - Modified version.php to read .buildnumber file and append build ID as $OC_Version[4] - Updated hidrive-next-build.yml workflow to create .buildnumber file with GitHub run_number - Added .buildnumber to .gitignore for CI/CD generated files This preserves the original semantic version while adding build metadata for tracking specific CI/CD runs in production environments. Ported from IONOS-Productivity/ncw-server commit 0f2d429 Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de> (cherry picked from commit add6637)
Validates that all required secrets and job outputs are present before attempting the trigger, providing clear error messages on misconfiguration. (cherry picked from commit e226cd1)
Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Adds a "Check prerequisites" step to the artifactory upload job in hidrive-next-build.yml that verifies JF_ARTIFACTORY_URL, JF_ARTIFACTORY_USER, and JF_ACCESS_TOKEN are set before any download or jfrog-cli setup runs. The step emits a GitHub Actions ::error:: annotation per missing secret and exits non-zero, so a missing secret surfaces at the top of the job log rather than as a confusing "jf rt ping" or upload error later.
Adds a local composite action at .github/actions/get-job-data that fetches the GitHub Actions job HTML URL via the REST API and exposes it as an output. Copied from sister ncw-server (.github/actions/get-job-data/action.yml). The action uses a temp netrc file to keep the GH token off the curl command line, and trap-cleans both the netrc and the curl-error temp file on exit. It returns an empty output (not a failure) when the API call or job lookup fails, so the caller can include it with continue-on-error: true. Wires it into the artifactory upload job: - Adds a checkout step so the local composite action is available. - Calls the action with continue-on-error: true. - Converts --target-props from a fixed string into a bash array so job.html_url can be appended only when present, then joined with ';'. - Renames hdnext.nc_version to build.nc_version while doing so. Every artifact in Artifactory now carries a job.html_url property linking back to the run/job that produced it, for traceability.
…ckoff Wraps the jf rt upload call in a retry loop (3 attempts, 10s then 20s delay) so transient Artifactory failures don't fail the whole build. Logs each attempt and exits non-zero only after all attempts are exhausted.
- actions/checkout -> v5.0.1 - actions/setup-node -> v6.4.0 - actions/download-artifact -> v5.0.0 - docker/login-action -> v3.7.0 - docker/metadata-action -> v5.10.0 Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Enables push-build for rc/** and */dev/* branches, triggers the remote GitLab workflow for both, and routes their artifacts to nested JFrog paths that include NC_VERSION and short SHA so every build is preserved. JFrog layout (consolidated): | Branch/Event | Path | |---------------|--------------------------------------------------------------------| | Pull Request | pr/hidrive-next-pr-<n>.zip | | ionos-dev-v30 | dev/hidrive-next-<ver>/<sha>/hidrive-next-<ver>.zip | | ionos-stable-v30 | stable/hidrive-next-<ver>/<sha>/hidrive-next-<ver>.zip | | rc/* | rc/<branch>/hidrive-next-<ver>/<sha>/hidrive-next-<ver>.zip | | */dev/* | devs/<prefix>/hidrive-next-<ver>/<sha>/hidrive-next-<ver>.zip | Changes vs. previous behavior: - PR uploads move from dev/pr/... to top-level pr/... - */dev/* uploads change from dev-<prefix>/... to devs/<prefix>/... (folder instead of dash-suffix) Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Extract the "v30" branch-name version suffix into a single NC_BRANCH_VERSION env var so it can be changed in one place. Kept as an in-file value (not a repo variable) so each branch can carry its own version. Used directly via env.NC_BRANCH_VERSION in the step run: scripts where expressions are allowed. GitHub Actions forbids env/vars inside on:, concurrency: and job-level if:, so those spots stay literal and are annotated with pointer comments back to the env block, plus a summary list of every literal location to bump together. Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
https://github.com/IONOS-Productivity/nc-config/releases/tag/v30-0433046 Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
…_layout IONOS(pipelines): update branch names to include version v30 in workflow
https://github.com/IONOS-Productivity/nc-config/releases/tag/v30-a952b04 Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
… and Nautilus URLs to configuration) https://github.com/IONOS-Productivity/nc-simplesettings/releases/tag/v30.0.7-dd8100f Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Tag: https://github.com/nextcloud/user_oidc/releases/tag/v8.10.1 SHA: 8f6196e4e3483d8ebf8368dffed87258212bc3b3
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Co-Authored-By: Thomas Lehmann <t.lehmann@strato.de> Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
- Pin docker/build-push-action to tagged release SHA v7.2.0 (was pinned to an untagged intermediate commit with no version label) - Fix shivammathur/setup-php version comment: the action uses no 'v' prefix in its tags, so '#v2.31.1' is wrong; correct to '# 2.31.1' Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…NEXT-1914) user_oidc 8.7.0 introduced setSessionUser() calls inside getCurrentUserId() (IApacheBackend callback). This prevents NC core's loginWithExternalBackend() from writing an oc_authtoken session row, so AppPasswordController returns 403 on every LFv2 getapppassword request. Regression present in 8.7.0–8.10.1. v8.6.1 is the last release before the regression. DB-safe: no migrations were added between v8.6.1 and v8.10.1 — all 14 migration files are identical.
…e and PDF preview providers" https://github.com/IONOS-Productivity/nc-config/releases/tag/v30-fd4ec1 Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…uration for richdocuments) https://github.com/IONOS-Productivity/nc-config/releases/tag/v30-4dfbfa9 Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Port from ionos-dev: construct a GitHub Actions run URL and forward it as SOURCE_BUILD_URL to the GitLab webhook, so each triggered pipeline carries a direct back-link to the originating build.
Remove the premature `set +x` that silenced the curl invocation. GitHub Actions masks secrets at the log-output layer, so the token appears as *** regardless; the xtrace guard was overly conservative and hid the command entirely, making the trigger step hard to debug.
Remove all four custom-npm submodules that existed solely to support the Font Awesome icon embedding pipeline: - nc-mdi-svg: FA-to-MDI SVG embedding (primary FA integration point) - nc-mdi-js: thin wrapper over @mdi/js, only customized to use nc-mdi-svg - nc-nextcloud-vue: thin fork of @nextcloud/vue, only wired custom icon packages - nc-vue-material-design-icons: FA mapping logic, now redundant without FA Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
hidrive-next-build.yml: remove custom-npms/** path trigger and FONTAWESOME_PACKAGE_TOKEN from the build step. sbom-matrix.yaml: remove FONTAWESOME_PACKAGE_TOKEN secret requirement and custom-npm pre-install steps from the npm install job. Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Revert d35db04 Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de> Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
https://github.com/IONOS-Productivity/nc-config/releases/tag/v30-b44953a https://github.com/IONOS-Productivity/nc-ionos-theme/releases/tag/30.0.7-1ffc0e5 Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
…ateData variables Extract the inline array literals passed to each createEMailTemplate() call into named $templateData variables. For sendNote(), which previously passed no data array, add a minimal array so all four send methods are consistent. Zero behaviour change — $templateData is passed straight through to createEMailTemplate() with identical contents.
…ach mail send
Dispatch a typed PSR-14 event immediately before every mailer->send() call
in ShareByMailProvider so that external listeners can intercept and replace
Nextcloud's native SMTP delivery.
Event hierarchy:
AbstractBeforeShareMailSentEvent (base: share, resolvedEmails, message,
markMailHandled / isMailHandled)
├── BeforeShareMailSentEvent – sendEmail()
├── BeforeSharePasswordMailSentEvent – sendPassword() + sendPasswordToOwner()
└── BeforeShareNoteMailSentEvent – sendNote()
Each concrete class holds its own typed $templateData (psalm array-shape)
and exposes named getters (getSenderUserId(), getFileName(), …) instead of
a generic getMailData(): array<string,mixed>. This avoids defensive
is_string() / null guards in listeners.
$templateData reuses the array already passed to createEMailTemplate(), with
one extra key added for sendEmail(): senderUserId (the raw user ID, distinct
from the display name stored under 'initiator').
The native mailer->send() is skipped when a listener calls markMailHandled().
If the listener's own send throws, the exception propagates and the native
send is also skipped — no silent SMTP fallback.
sendEmail() and sendPassword() are flattened from nested
if (!isMailHandled()) { ... } pyramids to early-return style.
Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
…ssmap autoload_real.php sets setClassMapAuthoritative(true), which disables PSR-4 fallback entirely. Any class not listed in $classMap is never found, regardless of whether PSR-4 would resolve it. Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…a and event refactors - Add senderUserId to the expected RecipientNotification templateData in 3 tests (added by the createEMailTemplate params refactor in 242b896) - Update dispatchTyped expectation from once(GenerateSecurePasswordEvent) to exactly(3) with withConsecutive for GenerateSecurePasswordEvent, BeforeShareMailSentEvent, and BeforeSharePasswordMailSentEvent (sendEmail() and sendPassword() now each dispatch a Before*Event) Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…t dispatch Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…s suppressed sendPassword() and sendPasswordToOwner() called createPasswordSendActivity() unconditionally outside the isMailHandled() guard. A listener intercepting the BeforeSharePasswordMailSentEvent would suppress the SMTP send but still cause a false activity-log entry for a mail that was never delivered. Apply the same early-return pattern used by sendEmail(): return immediately when isMailHandled() is true so no side effects run after the flag is set. Signed-off-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…r "file request") https://github.com/IONOS-Productivity/nc-ionos-processes/releases/tag/1.0.0-9501a5e Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de> Co-authored-by: Tatjana Kaschperko Lindt <kaschperko-lindt@strato.de>
…-oidc) Signed-off-by: Kai Henseler <kai.henseler@strato.de>
Signed-off-by: Kai Henseler <kai.henseler@strato.de>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.