From 3c5f2f40a6bd78c6a4443478d940f9789b1e7423 Mon Sep 17 00:00:00 2001 From: Nasrullo Nurullaev Date: Thu, 10 Jul 2025 15:51:32 +0500 Subject: [PATCH 1/4] Add workflow to enforce Docker Hub README size limit --- .../workflows/dockerhub-description-size.yml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/dockerhub-description-size.yml diff --git a/.github/workflows/dockerhub-description-size.yml b/.github/workflows/dockerhub-description-size.yml new file mode 100644 index 0000000..03ce2ba --- /dev/null +++ b/.github/workflows/dockerhub-description-size.yml @@ -0,0 +1,30 @@ +name: Check DockerHub README limit + +on: + push: + paths: + - README.md + +env: + MAX_BYTES: "25000" + +jobs: + check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Measure size + id: measure + run: | + BYTES=$(wc -c < README.md | tr -d '[:space:]') + echo "BYTES=$BYTES" >> "$GITHUB_OUTPUT" + + - name: Fail if oversize + run: | + BYTES='${{ steps.measure.outputs.BYTES }}' + echo "README.md size: $BYTES bytes (limit $MAX_BYTES)" + if [ "$BYTES" -gt "$MAX_BYTES" ]; then + echo "::error::README.md exceeds Docker Hub 25 KB limit" + exit 1 + fi \ No newline at end of file From 2273e0498002d7139309213fd26e8776556d6590 Mon Sep 17 00:00:00 2001 From: Nasrullo Nurullaev Date: Thu, 10 Jul 2025 16:13:41 +0500 Subject: [PATCH 2/4] Update README file --- README.md | 61 ++++++------------------------------------------------- 1 file changed, 6 insertions(+), 55 deletions(-) diff --git a/README.md b/README.md index ee6c4f7..ee9d1d2 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ ONLYOFFICE Docs (Document Server) is an open-source office suite that comprises Starting from version 6.0, Document Server is distributed as ONLYOFFICE Docs. It has [three editions](https://github.com/ONLYOFFICE/DocumentServer#onlyoffice-docs-editions). With this image, you will install the free Community version. -ONLYOFFICE Docs can be used as a part of [ONLYOFFICE DocSpace](https://www.onlyoffice.com/docspace.aspx) and ONLYOFFICE Workspace, or with [third-party sync&share solutions](https://www.onlyoffice.com/all-connectors.aspx) (e.g. Odoo, Moodle, Nextcloud, ownCloud, Seafile, etc.) to enable collaborative editing within their interface. +ONLYOFFICE Docs can be used as a part of [ONLYOFFICE DocSpace](https://www.onlyoffice.com/docspace.aspx) and ONLYOFFICE Workspace, or with [third-party sync&share solutions](https://www.onlyoffice.com/all-connectors.aspx) (e.g. Odoo, Moodle, Nextcloud, ownCloud, Seafile, etc.) to enable collaborative editing within their interface. ***Important*** Please update `docker-engine` to latest version (`20.10.21` as of writing this doc) before using it. We use `ubuntu:22.04` as base image and it older versions of docker have compatibility problems with it @@ -39,16 +39,15 @@ Take advantage of the powerful editors included in ONLYOFFICE Docs: * [ONLYOFFICE PDF Editor](https://www.onlyoffice.com/pdf-editor.aspx) * [ONLYOFFICE Diagram Viewer](https://www.onlyoffice.com/diagram-viewer.aspx) -The editors empower you to create, edit, save, and export text documents, spreadsheets, presentations, PDFs, create and fill out PDF forms, open diagrams, all while offering additional advanced features such as: +The editors empower you to create, edit, save, and export text docs, sheets, presentations, PDFs, create and fill out PDF forms, open diagrams, all while offering additional advanced features such as: * Collaborative editing (review & track changes, comments, chat) * [AI-powered assistants](https://www.onlyoffice.com/ai-assistants.aspx) * Spell-checking -* Accessibility * Scalable UI options (including dark mode) -* [Security tools and services](https://www.onlyoffice.com/security.aspx) +* [Security tools & services](https://www.onlyoffice.com/security.aspx) -ONLYOFFICE Docs offer support for plugins allowing developers to add specific features to the editors that are not directly related to the OOXML format. For more information, see [our API](https://api.onlyoffice.com/docs/plugin-and-macros/get-started/overview/) or visit the [GitHub plugins repo](https://github.com/ONLYOFFICE/onlyoffice.github.io). Would like to explore the existing plugins in details? You are welcome to visit the [Marketplace](https://www.onlyoffice.com/app-directory). +ONLYOFFICE Docs offer support for plugins allowing you to add specific features to the editors that are not directly related to the OOXML format. For more details, see [our API](https://api.onlyoffice.com/docs/plugin-and-macros/get-started/overview/) or visit the [plugins repo](https://github.com/ONLYOFFICE/onlyoffice.github.io). Would like to explore the existing plugins? Open the [Marketplace](https://www.onlyoffice.com/app-directory). ## Recommended System Requirements @@ -297,32 +296,14 @@ The additional parameters for mail server are available [here](https://github.co To learn more, refer to the [ONLYOFFICE Mail Server documentation](https://github.com/ONLYOFFICE/Docker-MailServer "ONLYOFFICE Mail Server documentation"). -<<<<<<< HEAD **STEP 6**: Install ONLYOFFICE Community Server ```bash sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 --cgroupns=host \ -======= -**STEP 5**: Install ONLYOFFICE Control Panel - -```bash -docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-control-panel \ --v /var/run/docker.sock:/var/run/docker.sock \ --v /app/onlyoffice/CommunityServer/data:/app/onlyoffice/CommunityServer/data \ --v /app/onlyoffice/ControlPanel/data:/var/www/onlyoffice/Data \ --v /app/onlyoffice/ControlPanel/logs:/var/log/onlyoffice onlyoffice/controlpanel -``` - -**STEP 6**: Install ONLYOFFICE Community Server - -```bash -sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 \ ->>>>>>> 1b10049c5ad75bb749ae2db968eabb4422a73a34 -e MYSQL_SERVER_ROOT_PASSWORD=my-secret-pw \ -e MYSQL_SERVER_DB_NAME=onlyoffice \ -e MYSQL_SERVER_HOST=onlyoffice-mysql-server \ -e MYSQL_SERVER_USER=onlyoffice_user \ -<<<<<<< HEAD -e MYSQL_SERVER_PASS=onlyoffice_pass \ -e DOCUMENT_SERVER_PORT_80_TCP_ADDR=onlyoffice-document-server \ @@ -330,10 +311,6 @@ sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name o -e DOCUMENT_SERVER_JWT_SECRET=${JWT_SECRET} \ -e DOCUMENT_SERVER_JWT_HEADER=AuthorizationJwt \ -======= - -e MYSQL_SERVER_PASS=onlyoffice_pass \ - -e DOCUMENT_SERVER_PORT_80_TCP_ADDR=onlyoffice-document-server \ ->>>>>>> 1b10049c5ad75bb749ae2db968eabb4422a73a34 -e MAIL_SERVER_API_HOST=${MAIL_SERVER_IP} \ -e MAIL_SERVER_DB_HOST=onlyoffice-mysql-server \ -e MAIL_SERVER_DB_NAME=onlyoffice_mailserver \ @@ -345,11 +322,7 @@ sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name o -v /app/onlyoffice/CommunityServer/data:/var/www/onlyoffice/Data \ -v /app/onlyoffice/CommunityServer/logs:/var/log/onlyoffice \ -v /app/onlyoffice/CommunityServer/letsencrypt:/etc/letsencrypt \ -<<<<<<< HEAD -v /sys/fs/cgroup:/sys/fs/cgroup:rw \ -======= - -v /sys/fs/cgroup:/sys/fs/cgroup:ro \ ->>>>>>> 1b10049c5ad75bb749ae2db968eabb4422a73a34 onlyoffice/communityserver ``` @@ -375,29 +348,7 @@ workspace-install.sh -md yourdomain.com Or, use [docker-compose](https://docs.docker.com/compose/install "docker-compose"). First you need to clone this [GitHub repository](https://github.com/ONLYOFFICE/Docker-CommunityServer/): ```bash -<<<<<<< HEAD wget https://raw.githubusercontent.com/ONLYOFFICE/Docker-CommunityServer/master/docker-compose.groups.yml -======= -git clone https://github.com/ONLYOFFICE/Docker-CommunityServer -``` - -After that switch to the repository folder: - -```bash -cd Docker-CommunityServer -``` - -For the mail server correct work, open one of the files depending on the product you use: - -* [docker-compose.yml](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.groups.yml) for Community Server (distributed as ONLYOFFICE Groups) -* [docker-compose.yml](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.workspace.yml) for ONLYOFFICE Workspace Community Edition -* [docker-compose.yml](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.workspace_enterprise.yml) for ONLYOFFICE Workspace Enterprise Edition - -Then replace the `${MAIL_SERVER_HOSTNAME}` variable with your own hostname for the **Mail Server**. After that, assuming you have docker-compose installed, execute the following command: - -```bash -cd link-to-your-modified-docker-compose ->>>>>>> 1b10049c5ad75bb749ae2db968eabb4422a73a34 docker-compose up -d ``` @@ -457,9 +408,9 @@ Free version vs commercial builds comparison: https://github.com/ONLYOFFICE/Docu ## User Feedback and Support -If you face any issues or have questions about this image, please visit our official forum: [forum.onlyoffice.com][1]. +If you face any issues or have questions about this image, visit our official forum: [forum.onlyoffice.com][1]. -You are also welcome to ask and answer ONLYOFFICE development questions on [Stack Overflow][2], as well as share your thoughts and suggestions on [feedback.onlyoffice.com](https://feedback.onlyoffice.com/forums/966080-your-voice-matters). +You are also welcome to ask and answer ONLYOFFICE development questions on [Stack Overflow][2], as well as share your suggestions on [feedback.onlyoffice.com](https://feedback.onlyoffice.com/forums/966080-your-voice-matters). Join [our Discord community](https://discord.gg/Hcgtf5n4uF) for connecting with fellow developers. From 0671c294433a4379a4745bf6de5058d97cc428b4 Mon Sep 17 00:00:00 2001 From: danilapog Date: Fri, 1 Aug 2025 17:29:07 +0300 Subject: [PATCH 3/4] Add SBOM generation to Docker buildx bake steps --- .github/workflows/4testing-build.yml | 2 +- .github/workflows/stable-build.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 5b6deb1..7869e83 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -155,7 +155,7 @@ jobs: ### ==>> Build and push images at this step ### - docker buildx bake -f docker-bake.hcl "${IMAGE}" --push + docker buildx bake --sbom=true -f docker-bake.hcl "${IMAGE}" --push echo "DONE: Build success" ### Set output for Zap scanner diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index dae253c..8f3abbf 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -64,7 +64,7 @@ jobs: export TAG=${VERSION%.*}.${RELEASE_NUMBER} export SHORTER_TAG=${VERSION%.*} export SHORTEST_TAG=${VERSION%.*.*} - docker buildx bake -f docker-bake.hcl "${TARGET}" --push + docker buildx bake --sbom=true -f docker-bake.hcl "${TARGET}" --push echo "DONE: Build success >> exit with 0" exit 0 shell: bash @@ -110,7 +110,7 @@ jobs: set -eux export PULL_TAG=${VERSION%.*}.${RELEASE_NUMBER} export TAG=${VERSION%.*}.${RELEASE_NUMBER} - docker buildx bake -f docker-bake.hcl "${TARGET}" --push + docker buildx bake --sbom=true -f docker-bake.hcl "${TARGET}" --push shell: bash build-ucs-ubuntu20: @@ -148,5 +148,5 @@ jobs: export PACKAGE_SUFFIX= export TAG=${VERSION%.*}.${RELEASE_NUMBER} export PACKAGE_VERSION=$( echo ${VERSION} | sed -E 's/(.*)\./\1-/') - docker buildx bake -f docker-bake.hcl documentserver-ucs --push + docker buildx bake --sbom=true -f docker-bake.hcl documentserver-ucs --push shell: bash From 38946cb641cf2f9e16201f2c81df0a29df47ad04 Mon Sep 17 00:00:00 2001 From: danilapog Date: Mon, 4 Aug 2025 13:47:08 +0300 Subject: [PATCH 4/4] Add provenance information to bake build steps --- .github/workflows/4testing-build.yml | 2 +- .github/workflows/stable-build.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 7869e83..b38a5d8 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -155,7 +155,7 @@ jobs: ### ==>> Build and push images at this step ### - docker buildx bake --sbom=true -f docker-bake.hcl "${IMAGE}" --push + docker buildx bake --sbom=true --provenance=mode=max -f docker-bake.hcl "${IMAGE}" --push echo "DONE: Build success" ### Set output for Zap scanner diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index 8f3abbf..e3995f1 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -64,7 +64,7 @@ jobs: export TAG=${VERSION%.*}.${RELEASE_NUMBER} export SHORTER_TAG=${VERSION%.*} export SHORTEST_TAG=${VERSION%.*.*} - docker buildx bake --sbom=true -f docker-bake.hcl "${TARGET}" --push + docker buildx bake --sbom=true --provenance=mode=max -f docker-bake.hcl "${TARGET}" --push echo "DONE: Build success >> exit with 0" exit 0 shell: bash @@ -110,7 +110,7 @@ jobs: set -eux export PULL_TAG=${VERSION%.*}.${RELEASE_NUMBER} export TAG=${VERSION%.*}.${RELEASE_NUMBER} - docker buildx bake --sbom=true -f docker-bake.hcl "${TARGET}" --push + docker buildx bake --sbom=true --provenance=mode=max -f docker-bake.hcl "${TARGET}" --push shell: bash build-ucs-ubuntu20: @@ -148,5 +148,5 @@ jobs: export PACKAGE_SUFFIX= export TAG=${VERSION%.*}.${RELEASE_NUMBER} export PACKAGE_VERSION=$( echo ${VERSION} | sed -E 's/(.*)\./\1-/') - docker buildx bake --sbom=true -f docker-bake.hcl documentserver-ucs --push + docker buildx bake --sbom=true --provenance=mode=max -f docker-bake.hcl documentserver-ucs --push shell: bash