fix: [OCISDEV-865] CI, release pipeline steps ordering#12310
Merged
Conversation
|
Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes. |
Member
Author
|
Pipeline example where trivy scan blocked image building steps: https://github.com/owncloud/ocis/actions/runs/25825847119 |
a21be4a to
711d52b
Compare
449cb54 to
b9e5373
Compare
b9e5373 to
43bb2e7
Compare
mzner
approved these changes
May 18, 2026
9 tasks
mklos-kw
added a commit
that referenced
this pull request
May 18, 2026
* fix: ci, release pipeline steps ordering * chore: security bump * fix: ignore for trivy scan, steps order # Conflicts: # services/idp/package.json # services/idp/pnpm-lock.yaml
mklos-kw
added a commit
that referenced
this pull request
May 18, 2026
mzner
pushed a commit
that referenced
this pull request
May 20, 2026
* fix: ci, release pipeline steps ordering * chore: security bump * fix: ignore for trivy scan, steps order
DeepDiver1975
added a commit
that referenced
this pull request
May 22, 2026
* chore: release 8.0.0-rc.1 Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * [docs-only] Fix of storage-publiclink readme * fix: some notifications were translated wrong due to an empty l10n key The expected translatable message was empty, which caused the translation system to use the empty key, which contains "weird" unrelated data. With the fix, if there is no translatable message, the related output will remain empty. * [docs-only][stable-8.0] Update web-extensions image versions in ocis_full * feat: bump go to 1.25 feat: bump mockery to v2.53.5 feat: bump govulncheck feat: bump bingo to v0.10.0 force go-1.25.7 update thumbnail images for test * chore: bump web to v12.3.1 * fix: ocis-multi deployment example groups Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * chore: release 8.0.0 Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * fix: add v8 to production versions Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * chore: write to docs-stable branch Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * test: fix public link related test for k8s deployment * chore(idp): use kpop without dependency Instead of trying to download kpop every time, bring in the specific code that we are using. There is very little code that we are actually using from kpop so pulling it as a dependency is not really necessary and it should fix the current CI issues. * fix: codacy deprecated reporter * fix: post rebase cleanup * chore(web): bump ownCloud Web to v12.3.2 * fix(graph): Don't use hardcoded groupOfNames in group creation * fix(graph): (ai) fix other groupOfNames and comment Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * test: let (ai) add a test for it Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * fix: adjust ocis-multi example Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * docs: update changelog item Co-authored-by: Martin <github@diemattels.at> * fix:[OCISDEV-617] Expose the signature-auth attribute * ci: use plugins/s3:1.4.0 * fix: dont write externalID when empty Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * feat: add globalID for EK users * fix: bump reva version Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * chore: release 8.0.1 Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * [backport] feat: [OCISDEV-732] acceptance test (#12143) to stable-8.0.0 (#12236) * feat: [OCISDEV-732] acceptance test (#12143) * feat: acceptance test - graph * feat: acceptance test - graph * feat: acceptance test - graph * fix: remove drone * feat: run each behat suite as a separate worker * feat: rename feat: [OCISDEV-740] acceptance test, coverage P0 feat: [OCISDEV-743] build and unit test ci: [ocisdev-730] code quality feat: [OCISDEV-741] local-api-test part 2 feat: [OCISDEV-741] local-api-test, apiSpaces feat: [OCISDEV-744] cli-test feat: [OCISDEV-741] local-api-test, apiCollaboration # Conflicts: # .github/workflows/acceptance-tests.yml # tests/acceptance/run-github.py feat: [OCISDEV-741] integration feat: [OCISDEV-744] build-and-test, lint feat: [OCISDEV-744] e2e-test # Conflicts: # .github/workflows/acceptance-tests.yml feat: [OCISDEV-744] fix apiSearch2 test suite * test [OCISDEV-744]: Run apiSearch2 test suite * Added php8.4-gd to all 4 PHP install lines * test [OCISDEV-744]: Enable all commented tests * test [OCISDEV-744]: Fixed failings * test [OCISDEV-744]: Fixed failings feat: [OCISDEV-744] fix apiOcm test suite * test [OCISDEV-744]: fix apiOcm tests * test [OCISDEV-744]: remove redundant .sh files * test [OCISDEV-744]: remove run-e2e.sh. Fix DRY vialation in run-github.py * test [OCISDEV-744]: documentation fixes --------- Co-authored-by: Deyan Zhekov <deyan.zhekov@kiteworks.com> fix: [OCISDEV-730] actions compliance (#12187) feat: [OCISDEV-786] Split coreApiSharees and coreApiSharePublicLink2 (#12196) feat: [OCISDEV-779] reduce ci duration, libcurl (#12193) * feat: [OCISDEV-779] reduce ci duration, libcurl * feat: [OCISDEV-779] reduce ci duration, libcurl * feat: [OCISDEV-779] reduce ci duration, libcurl * feat: [OCISDEV-779] reduce ci duration, libcurl feat: [OCISDEV-792] reduce ci duration, build-and-run (#12204) * feat: [OCISDEV-792] reduce ci duration, build-and-run * feat: [OCISDEV-792] reduce ci duration, build-and-run * feat: [OCISDEV-792] reduce ci duration, pre-check * feat: [OCISDEV-792] reduce ci duration, pre-check * feat: [OCISDEV-792] reduce ci duration, pre-check * feat: [OCISDEV-792] reduce ci duration, pre-check * feat: [OCISDEV-792] reduce ci duration, pre-check fix: ci, govulncheck stderr (#12219) * fix: ci, govulncheck stderr * fix: ci, litmus flakines feat: [OCISDEV-779] reduce CI duration, PHP-version (#12217) * feat: [OCISDEV-779] reduce CI duration, php-version * feat: [OCISDEV-779] fix flaky test in apiSharingNgShares * feat: [OCISDEV-779] fix flaky preview comparison * feat: [OCISDEV-779] fix flaky preview comparison * feat: [OCISDEV-779] replace manual PHP installation with shivammathur/setup-php action * feat: [OCISDEV-779] fix Pre-checks and generate step * feat: [OCISDEV-779] fix flaky preview comparison * feat: [OCISDEV-779] fix failing test --------- Co-authored-by: Michal Klos <michal.klos@kiteworks.com> * feat: post rebase fix * feat: post rebase fix * feat: post rebase fix * feat: [OCISDEV-783] release pipeline (#12194) (#12235) * feat: Add basic GH Actions file * feat: [OCISDEV-783] release pipeline * feat: [OCISDEV-783] release pipeline * feat: [OCISDEV-783] release pipeline, DeepDiver's review comments * feat: [OCISDEV-783] release pipeline, DeepDiver's review comments * feat: [OCISDEV-783] release pipeline, assert release * feat: [OCISDEV-783] release pipeline, audit release * feat: [OCISDEV-783] release pipeline, bianaries * feat: [OCISDEV-783] release pipeline, bianaries * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, dev.1 * feat: [OCISDEV-783] release pipeline, trivy scan * feat: [OCISDEV-783] release pipeline, gh actions * trigger CI * feat: [OCISDEV-783] release pipeline, align versions * feat: [OCISDEV-783] release pipeline, scan message * feat: [OCISDEV-783] release pipeline, ack alpine scan * feat: [OCISDEV-783] release pipeline, align versions * feat: [OCISDEV-783] release pipeline, review * feat: [OCISDEV-783] release pipeline, review * feat: [OCISDEV-783] release pipeline, trivy scan --------- Co-authored-by: Lukas Schwarz <lukas.schwarz@kiteworks.com> * feat(graph): [OCISDEV-794] allow multiple objectClasses on group creation Add GroupAdditionalObjectClasses config field (env vars OCIS_LDAP_GROUP_ADDITIONAL_OBJECTCLASSES / GRAPH_LDAP_GROUP_ADDITIONAL_OBJECTCLASSES) that appends extra objectClasses when creating groups in LDAP, alongside the existing primary GroupObjectClass. Applied to both groupToLDAPAttrValues and CreateLDAPGroupByDN. Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * feat(webdav): [OCISDEV-602] add spaceid to report Added the `spaceid` to the REPORT responses. This is aligning the `REPORT` method with the `PROPFIND` method. * build(deps): stable-8.0 * feat(graph): [OCISDEV-807] add SpaceEditorWithoutVersionsWithoutTrashbin role Adds a new space membership role "Can edit" that allows creating, uploading, downloading, editing, moving and deleting on a space without access to file versions or the trashbin. Also bumps reva to include the corresponding role constructor. Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * fix(collaboration): [OCISDEV-781] return 200 OK for WOPI Lock in read-only modes OnlyOffice sends a WOPI Lock request on document open regardless of whether the user has write access. The Lock handler was calling SetLock with a read-only CS3 token, which returned a permission error propagated as HTTP 500 to OnlyOffice, causing an error dialog on load. Return 200 OK immediately for READ_ONLY and VIEW_ONLY view modes without acquiring a CS3 lock. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * fix: fixed the internal links access control * use the web stable-12.3 latest * fix the OCM share permission change notification handling * [OCISDEV-830] Add GitHub Actions workflow for k6 load tests with flag [k6-test] * [OCISDEV-827] Add workflow file to run k6-tests in GitHub Actions * [OCISDEV-827] Fix broken pipeline job * [OCISDEV-827] Fix broken pipeline job - switched to double quotes. * [OCISDEV-827] Trying to fix a broken pipeline job * [OCISDEV-827] Fix secrets and variables used to run k6-test * [OCISDEV-827] Add health check and SSH keepalive in run_k6_tests.sh * [OCISDEV-827] Rename variable DRONE_COMMIT to OCIS_COMMIT_SHA * chore: bump web version to 12.3.3 * [OCISDEV-833] Added rm -rf k6-ocis via SSH before ocis.sh start (#12280) * fix(proxy): [OCISDEV-845] skip space reconciliation on signed URL requests The space management middleware removed users from all project spaces when processing signed URL requests because no OIDC claims are present in that auth context. Return early when claims are nil to prevent the oscillating add/remove cycle. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * chore(proxy): [OCISDEV-845] add changelog for space manager fix Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * chore: release 8.0.2 Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * chore: bump libvips (#12304) * chore: bump go version (#12306) * fix: [OCISDEV-864] CI, fix passing version string value to image (#12309) (#12319) * fix: release fix passing version string value to image * fix: bump release tag * chore: bump go-git * fix: missing fcntl64 int the build image due to GHA image update * fix: [OCISDEV-865] CI, release pipeline steps ordering (#12310) (#12320) * fix: ci, release pipeline steps ordering * chore: security bump * fix: ignore for trivy scan, steps order # Conflicts: # services/idp/package.json # services/idp/pnpm-lock.yaml * fix: [backport][OCISDEV-873] *WithoutTrashbin space editor roles render files read-only in Web frontend (#12351) fix: [OCISDEV-873] *WithoutTrashbin space editor roles render files read-only in Web frontend (#12346) * fix: [OCISDEV-873] *WithoutTrashbin space editor roles render files as read-only in Web frontend * fix: ci after godata bump ocis CI bumped github.com/CiscoM31/godata from v1.0.10 → v1.0.11 as a transitive dependency of the reva bump. The new godata version parses "mail add 10 (invalid operator) as a parse error → 400 instead of unsupported operation → 501. * fix ci: more precise role * fix: bump reva to pull fix merged into reva * Release 8.0.4 (#12352) chore: Release 8.0.4 Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> * fix: dont write externalID when empty Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> --------- Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com> Co-authored-by: Martin Mattel <github@diemattels.at> Co-authored-by: Juan Pablo Villafáñez <jvillafanez@solidgeargroup.com> Co-authored-by: Roman Perekhod <2403905@gmail.com> Co-authored-by: Roman Perekhod <rperekhod@owncloud.com> Co-authored-by: Matteo <matteo.sonnenholzner@kiteworks.com> Co-authored-by: Niraj Acharya <niraj@jankaritech.com> Co-authored-by: Lukas Hirt <info@hirt.cz> Co-authored-by: Michal Klos <michal.klos@kiteworks.com> Co-authored-by: Gwilherm Folliot <gwilherm55fo@gmail.com> Co-authored-by: Thomas Müller <1005065+DeepDiver1975@users.noreply.github.com> Co-authored-by: Lukas Schwarz <lukas.schwarz@kiteworks.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Deyan Zhekov <deyan.zhekov@kiteworks.com> Co-authored-by: Matteo <193476828+mzner@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Related Issue
Motivation and Context
How Has This Been Tested?
Screenshots (if appropriate):
Types of changes
Checklist: