Move the files that are copied into the Docker image, into an `fs`
folder, that reflects the folder structure of that in the image. This
means two things right away:
1. A single `COPY` instruction in `Dockerfile` is enough to copy all the
files to their places.
2. The structure of files in the repo reflects that in the Docker image.
This makes working with the files/folders and troubleshooting with them
much easier.
❗ Note: **There's actually only 3 files changed, rest are just moved.**
There's a few CVEs reported on the version of python-requests that's
being used in the image, which we don't need that badly anyway. This PR
removes `python-requests` altogather so we shouldn't see CVEs on it show
up on our image anymore.
Bumps [mongodb](https://github.com/mongodb/node-mongodb-native) from
5.7.0 to 5.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mongodb/node-mongodb-native/releases">mongodb's
releases</a>.</em></p>
<blockquote>
<h2>v5.8.0</h2>
<h2><a
href="https://github.com/mongodb/node-mongodb-native/compare/v5.7.0...v5.8.0">5.8.0</a>
(2023-08-21)</h2>
<p>The MongoDB Node.js team is pleased to announce version 5.8.0 of the
<code>mongodb</code> package!</p>
<h2>Release Notes</h2>
<h3>The <code>AutoEncrypter</code> interface has been deprecated</h3>
<p>The <code>AutoEncrypter</code> interface was used internally but
accidentally made public in the 4.x version of the driver. It is now
deprecated and will be made internal in the next major release.</p>
<h3>Kerberos support for 1.x and 2.x</h3>
<p>Moves the kerberos dependency back to <code>^1.0.0 || ^2.0.0</code>
to indicate support for both 1.x and 2.x. Support for 1.x is removed in
6.0.</p>
<h3>Fixed accidental deprecation warning</h3>
<p>Because of internal options handling, a deprecation was emitted for
<code>tlsCertificateFile</code> when using
<code>tlsCertificateKeyFile</code>. That has been corrected.</p>
<h3>Remove credential availability on
<code>ConnectionPoolCreatedEvent</code></h3>
<p>In order to avoid mistakenly printing credentials the
<code>ConnectionPoolCreatedEvent</code> will replace the credentials
option with an empty object. The credentials are still accessble via
MongoClient options: <code>client.options.credentials</code>.</p>
<h3>Features</h3>
<ul>
<li><strong>NODE-5399:</strong> use mongodb-js/saslprep instead of
saslprep (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3818">#3818</a>)
(<a
href="c0d3927379">c0d3927</a>)</li>
<li><strong>NODE-5429:</strong> deprecate the <code>AutoEncrypter</code>
interface (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3764">#3764</a>)
(<a
href="9bb0d955e7">9bb0d95</a>)</li>
<li><strong>NODE-5465,NODE-5538:</strong> lower
<code>@aws-sdk/credential-providers</code> version to 3.188.0 and
<code>zstd</code> to <code>^1.0.0</code> (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3821">#3821</a>)
(<a
href="39ff81d402">39ff81d</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>NODE-5489:</strong> set kerberos compatibility to ^1.0.0 ||
^2.0.0 (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3803">#3803</a>)
(<a
href="c3b35b321b">c3b35b3</a>)</li>
<li><strong>NODE-5495:</strong> do not emit deprecation warning when
tlsCertificateKeyFile is specified and tlsCertificateFile is not (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3810">#3810</a>)
(<a
href="e81d4a2fc0">e81d4a2</a>)</li>
<li><strong>NODE-5537:</strong> remove credentials from
ConnectionPoolCreatedEvent options (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3813">#3813</a>)
(<a
href="4cf1e96c68">4cf1e96</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li><a
href="https://docs.mongodb.com/drivers/node/current/">Reference</a></li>
<li><a
href="https://mongodb.github.io/node-mongodb-native/5.8/">API</a></li>
<li><a
href="https://github.com/mongodb/node-mongodb-native/blob/v5.8.0/HISTORY.md">Changelog</a></li>
</ul>
<p>We invite you to try the <code>mongodb</code> library immediately,
and report any issues to the <a
href="https://jira.mongodb.org/projects/NODE">NODE project</a>.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mongodb/node-mongodb-native/blob/v5.8.0/HISTORY.md">mongodb's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/mongodb/node-mongodb-native/compare/v5.7.0...v5.8.0">5.8.0</a>
(2023-08-21)</h2>
<h3>Features</h3>
<ul>
<li><strong>NODE-5399:</strong> use mongodb-js/saslprep instead of
saslprep (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3818">#3818</a>)
(<a
href="c0d3927379">c0d3927</a>)</li>
<li><strong>NODE-5429:</strong> deprecate the <code>AutoEncrypter</code>
interface (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3764">#3764</a>)
(<a
href="9bb0d955e7">9bb0d95</a>)</li>
<li><strong>NODE-5465,NODE-5538:</strong> lower
<code>@aws-sdk/credential-providers</code> version to 3.188.0 and
<code>zstd</code> to <code>^1.0.0</code> (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3821">#3821</a>)
(<a
href="39ff81d402">39ff81d</a>)</li>
<li><strong>NODE-5489:</strong> update kerberos dependency (<a
href="8c25d6d0a7">8c25d6d</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>NODE-5489:</strong> set kerberos compatibility to ^1.0.0 ||
^2.0.0 (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3803">#3803</a>)
(<a
href="c3b35b321b">c3b35b3</a>)</li>
<li><strong>NODE-5495:</strong> do not emit deprecation warning when
tlsCertificateKeyFile is specified and tlsCertificateFile is not (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3810">#3810</a>)
(<a
href="e81d4a2fc0">e81d4a2</a>)</li>
<li><strong>NODE-5537:</strong> remove credentials from
ConnectionPoolCreatedEvent options (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3813">#3813</a>)
(<a
href="4cf1e96c68">4cf1e96</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="43673fa189"><code>43673fa</code></a>
chore(5.x): release 5.8.0 [skip-ci] (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3825">#3825</a>)</li>
<li><a
href="4b2fc79525"><code>4b2fc79</code></a>
docs: fix cutoff sentence on CommandStartedEvent (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3828">#3828</a>)</li>
<li><a
href="39ff81d402"><code>39ff81d</code></a>
feat(NODE-5465,NODE-5538): lower
<code>@aws-sdk/credential-providers</code> version to 3...</li>
<li><a
href="e1af3437c3"><code>e1af343</code></a>
chore: update release automation scripts 5.x (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3823">#3823</a>)</li>
<li><a
href="c0d3927379"><code>c0d3927</code></a>
feat(NODE-5399): use mongodb-js/saslprep instead of saslprep (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3818">#3818</a>)</li>
<li><a
href="4cf1e96c68"><code>4cf1e96</code></a>
fix(NODE-5537): remove credentials from ConnectionPoolCreatedEvent
options (#...</li>
<li><a
href="e81d4a2fc0"><code>e81d4a2</code></a>
fix(NODE-5495): do not emit deprecation warning when
tlsCertificateKeyFile is...</li>
<li><a
href="c3b35b321b"><code>c3b35b3</code></a>
fix(NODE-5489): set kerberos compatibility to ^1.0.0 || ^2.0.0 (<a
href="https://redirect.github.com/mongodb/node-mongodb-native/issues/3803">#3803</a>)</li>
<li><a
href="cc3069d836"><code>cc3069d</code></a>
Revert "feat(NODE-5489): update kerberos dependency"</li>
<li><a
href="8c25d6d0a7"><code>8c25d6d</code></a>
feat(NODE-5489): update kerberos dependency</li>
<li>Additional commits viewable in <a
href="https://github.com/mongodb/node-mongodb-native/compare/v5.7.0...v5.8.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/appsmithorg/appsmith/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Removes this `Server` header in all responses from Appsmith.
```
curl -sSI http://localhost | grep 'server:'
```
It currently shows this:
```
server: nginx
```
Update:
- Mobed jest to` devDependenies` of package manifest.
- Updated Dockerfile to install utils with `--only=prod` arg for npm
install cmds.
Tested manually
Majority of the NGINX config is the same, for both HTTP and HTTPS.
Having two separate templates for them is making configuration changes
error-prone, where we often risk forgetting making the same change in
the other file.
This PR merges the two files into one, so the above risk isn't there. It
also makes it easier to experiment with the file while developing, since
we have to make every single change twice during development.
Note: This _will_ cause conflicts in sync, after being merged.
Why are we doing this? This will be a step towards simplifying our
`Dockerfile` with reduced layers and improved caching performance. The
image build time in CI should be faster once this is done.
So far, only calls that go to the Java backend, had the
`X-Content-Type-Options` header in the responses. This PR adds them to
all responses by
1. adding it to NGINX configuration.
2. removing it from Spring security's configuration, so we don't end up
with _two_ `X-Content-Type-Options` headers in the response.
---------
Co-authored-by: Nidhi <nidhi@appsmith.com>
When Appsmith is deployed with HTTPS, all HTTP requests are redirected
to HTTP. But this redirection response, is leaking the NGINX version in
the `Server` header. This PR fixes that.
The health endpoint in the Docker container's healthcheck command is
currently pointing to `/users/me`. But we have a designated endpoint for
this, at `/health`. This PR switches to using this endpoint instead.
This will allow us to
1. Bake different CS URLs for release and master builds.
2. Be resilient to the CS URL being set to empty string, as opposed to
not being set at all.
When `APPSMITH_CLOUD_SERVICES_BASE_URL` is an empty string, Spring's
interpolation in `application.properties` doesn't take the default
value. This PR sets up the `entrypoint.sh` script so that it'll `unset`
this env variable, when it's empty.
1. Changing the Maps API Key doesn't need restart anymore.
2. The `isRestartRequired` field in the response of updating env
settings, was being ignored. The client owns the decision of when to
restart (which is correct), so removed this from the server.
3. Write Maps API Key to the database, in the tenant configuration.
4. The Settings page for Maps Ke gets the current value from
`/tenant/current` response, and not `/admin/env`.
5. Removed `APPSMITH_GOOGLE_MAPS_API_KEY` from `/admin/env` response.
6. Tests.
DO NOT MERGE. Please only review/approve. This is expected to break EE
once it goes there, which I intend to solve alongside merging this.
Changing the Maps API Key will update it both in the tenant config in
the database, as well as in the `docker.env` file. This is predominantly
for backwards compatibility, and phased rollout. As part of a separate
PR, we'll have a migration that proactively copies the env variable
value to the database, and comment out the value in the `docker.env`
file. Then we can stop updating the `docker.env` file as well.
## New
## Old
---------
Co-authored-by: Ankita Kinger <ankita@appsmith.com>
We've stopped [building the slim
images](https://github.com/appsmithorg/appsmith/pull/25219) now and so
the instructions to run server locally, which rely on the slim server
image, need to be updated to use the newer `appsmith-ce` image.
This PR updates the instructions to use this.
## Description
- The default request timeout on nginx is set to 60s. This feat allows
users to configure custom nginx timeout value specified via the
Environment variable `APPSMITH_SERVER_TIMEOUT`
- Solves https://github.com/appsmithorg/appsmith/issues/14535
## Testing
#### How Has This Been Tested?
- [x] Manual
- [ ] Jest
- [ ] Cypress
---------
Co-authored-by: Shrikant Sharat Kandula <shrikant@appsmith.com>
This will complete:
[23522](https://github.com/appsmithorg/appsmith/issues/23522)
Currently, when we deploy appsmith on cloudrun we see this error. This
commit will fix this issue
```
2023-06-14 12:32:10.513 IST
Mounting File Sytem
2023-06-14 12:32:10.521 IST
mount.nfs: mount point /appsmith-stacks does not exist
2023-06-14 12:32:10.533 IST
Container called exit(32).
```
Fixes: [24013](https://github.com/appsmithorg/appsmith/issues/24013)
The issue started with the introduction of adding of startup-events.
Because of the ipv6 header
```
server {
listen 80 default_server;
listen [::]:80 default_server;
}
```
present in the
`/etc/nginx/sites-enabled/default` and calling nginx
[here](https://github.com/appsmithorg/appsmith/blob/release/deploy/docker/entrypoint.sh#L392).
With this change we are removing ```listen [::]:80 default_server;```
from the file before starting nginx.
---------
Co-authored-by: Shrikant Sharat Kandula <shrikant@appsmith.com>
- Removed event listener python script, removed supervisor conf for the
same.
- Added new python script to handle the starting page init.
- Python script will be called via a shell script with a failsafe
removal of the loading page.
- The above shell script will be run as a child of the run java script
Tests:
The child script exits after execution, and does not create zombie
process even when the run java script is called multiple times with
restarts.
Verified exceptions and failsafe manually by introducing syntax errors
and uninstalling requests module.
---------
Co-authored-by: Shrikant Sharat Kandula <shrikant@appsmith.com>
## Description
> Add a TL;DR when description is extra long (helps content team)
>
> Please include a summary of the changes and which issue has been
fixed. Please also include relevant motivation
> and context. List any dependencies that are required for this change
>
> Links to Notion, Figma or any other documents that might be relevant
to the PR
>
>
#### PR fixes following issue(s)
Fixes # (issue number)
> if no issue exists, please create an issue and ask the maintainers
about this first
>
>
#### Media
> A video or a GIF is preferred. when using Loom, don’t embed because it
looks like it’s a GIF. instead, just link to the video
>
>
#### Type of change
> Please delete options that are not relevant.
- Bug fix (non-breaking change which fixes an issue)
- New feature (non-breaking change which adds functionality)
- Breaking change (fix or feature that would cause existing
functionality to not work as expected)
- Chore (housekeeping or task changes that don't impact user perception)
- This change requires a documentation update
>
>
>
## Testing
>
#### How Has This Been Tested?
> Please describe the tests that you ran to verify your changes. Also
list any relevant details for your test configuration.
> Delete anything that is not relevant
- [ ] Manual
- [ ] Jest
- [ ] Cypress
>
>
#### Test Plan
> Add Testsmith test cases links that relate to this PR
>
>
#### Issues raised during DP testing
> Link issues raised during DP testing for better visiblity and tracking
(copy link from comments dropped on this PR)
>
>
>
## Checklist:
#### Dev activity
- [ ] My code follows the style guidelines of this project
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [ ] My changes generate no new warnings
- [ ] I have added tests that prove my fix is effective or that my
feature works
- [ ] New and existing unit tests pass locally with my changes
- [ ] PR is being merged under a feature flag
#### QA activity:
- [ ] [Speedbreak
features](https://github.com/appsmithorg/TestSmith/wiki/Test-plan-implementation#speedbreaker-features-to-consider-for-every-change)
have been covered
- [ ] Test plan covers all impacted features and [areas of
interest](https://github.com/appsmithorg/TestSmith/wiki/Guidelines-for-test-plans/_edit#areas-of-interest)
- [ ] Test plan has been peer reviewed by project stakeholders and other
QA members
- [ ] Manually tested functionality on DP
- [ ] We had an implementation alignment call with stakeholders post QA
Round 2
- [ ] Cypress test cases have been added and approved by SDET/manual QA
- [ ] Added `Test Plan Approved` label after Cypress tests were reviewed
- [ ] Added `Test Plan Approved` label after JUnit tests were reviewed
---------
Co-authored-by: Trisha Anand <trisha@appsmith.com>
Co-authored-by: Nidhi <nidhi@appsmith.com>
Co-authored-by: Arpit Mohan <mohanarpit@users.noreply.github.com>
Co-authored-by: Sumit Kumar <sumit@appsmith.com>
Co-authored-by: ChandanBalajiBP <104058110+ChandanBalajiBP@users.noreply.github.com>
Co-authored-by: Aishwarya-U-R <91450662+Aishwarya-U-R@users.noreply.github.com>
Co-authored-by: balajisoundar <balaji@appsmith.com>
Co-authored-by: Aishwarya UR <aishwarya@appsmith.com>
Co-authored-by: sidhantgoel <sidhant@hexcod.in>
Co-authored-by: Shrikant Sharat Kandula <shrikant@appsmith.com>
Co-authored-by: Satish Gandham <satish.iitg@gmail.com>
Co-authored-by: Nilesh Sarupriya <nilesh@appsmith.com>
Co-authored-by: Nilesh Sarupriya <20905988+nsarupr@users.noreply.github.com>
Co-authored-by: nilansh <nilansh@appsmith.com>
Co-authored-by: Ayangade Adeoluwa <37867493+Irongade@users.noreply.github.com>
Co-authored-by: akash-codemonk <67054171+akash-codemonk@users.noreply.github.com>
Co-authored-by: Vijetha-Kaja <119562824+Vijetha-Kaja@users.noreply.github.com>
Co-authored-by: Manish Kumar <107841575+sondermanish@users.noreply.github.com>
Co-authored-by: Sumesh Pradhan <sumesh@appsmith.com>
Co-authored-by: Rishabh Rathod <rishabh.rathod@appsmith.com>
Co-authored-by: Shrikant Sharat Kandula <shrikantsharat.k@gmail.com>
Co-authored-by: Tanvi Bhakta <tanvi@appsmith.com>
Co-authored-by: Somangshu Goswami <somangshu.goswami1508@gmail.com>
Co-authored-by: Tolulope Adetula <31691737+Tooluloope@users.noreply.github.com>
Co-authored-by: Anagh Hegde <anagh@appsmith.com>
Co-authored-by: Saroj <43822041+sarojsarab@users.noreply.github.com>
Co-authored-by: Nayan <nayan@appsmith.com>
Co-authored-by: Arsalan <arsalanyaldram0211@outlook.com>
Co-authored-by: ashit-rath <ashit@appsmith.com>
Co-authored-by: Rimil Dey <rimil@appsmith.com>
Co-authored-by: Druthi Polisetty <druthi@appsmith.com>
Co-authored-by: Sangeeth Sivan <74818788+berzerkeer@users.noreply.github.com>
Co-authored-by: subratadeypappu <subrata@appsmith.com>
Co-authored-by: Ayush Pahwa <ayush@appsmith.com>
Co-authored-by: Rajat Agrawal <rajat@appsmith.com>
Co-authored-by: Pawan Kumar <pawan.stardust@gmail.com>
Co-authored-by: Abhijeet <41686026+abhvsn@users.noreply.github.com>
Co-authored-by: Aman Agarwal <aman@appsmith.com>
Co-authored-by: Parthvi Goswami <parthvigoswami@Parthvis-MacBook-Pro.local>
Co-authored-by: Anand Srinivasan <66776129+eco-monk@users.noreply.github.com>
Co-authored-by: Anand Srinivasan <anand.a.srinivasan@outlook.com>
Co-authored-by: Satish Gandham <hello@satishgandham.com>
Co-authored-by: Goutham Pratapa <goutham@appsmith.com>
Co-authored-by: manish kumar <manish@appsmith.com>
Co-authored-by: Dipyaman Biswas <dipyaman@appsmith.com>
Co-authored-by: Ayush Pahwa <ayushpahwa96@gmail.com>
Co-authored-by: Rohit Agarwal <rohit_agarwal@live.in>
Co-authored-by: Tanvi Bhakta <tanvibhakta@gmail.com>
Co-authored-by: Ankit Srivastava <67647761+ankitsrivas14@users.noreply.github.com>
Co-authored-by: tkAppsmith <131347120+tkAppsmith@users.noreply.github.com>
We replace env variables in `index.html`, `view.html` and `edit.html`,
just before start NGINX. But the `.gz` versions of these files don't
have these changes applied to them. This PR gzips those HTML files
again, after the substitutions are applied.
From
https://github.com/appsmithorg/appsmith/pull/23539#issuecomment-1554509537.
- Added cron task to cleanup log files older than 7 days to run weekly.
- Updated supervisor log rotation config to store only 2 backups for all
processes.
## Description
We are solving 2 problems with this PR:
1. For `Installation Setup Complete` event email domain hash was
incorrect and earlier we were hashing the instanceId which means if user
with same email tries to run 2 different instances hash was different.
2. `IP` is a reserved keyword for tracking events in Mixpanel though
this is allowed in Segment. Instead of showing the ip as is, Mixpanel
provides derived property. As we want derived props alongwith the ip
address we are sharing the IP address in separate keys.
Ref:
https://help.mixpanel.com/hc/en-us/articles/360001355266-Event-Properties
#### PR fixes following issue(s)
Fixes https://github.com/appsmithorg/cloud-services/issues/675
#### Type of change
- Bug fix (non-breaking change which fixes an issue)
#### How Has This Been Tested?
- [x] Manual
## Checklist:
#### Dev activity
- [x] My code follows the style guidelines of this project
- [x] I have performed a self-review of my own code
- [x] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings
- [ ] I have added tests that prove my fix is effective or that my
feature works
- [ ] New and existing unit tests pass locally with my changes
- [ ] PR is being merged under a feature flag
#### QA activity:
- [ ] [Speedbreak
features](https://github.com/appsmithorg/TestSmith/wiki/Test-plan-implementation#speedbreaker-features-to-consider-for-every-change)
have been covered
- [ ] Test plan covers all impacted features and [areas of
interest](https://github.com/appsmithorg/TestSmith/wiki/Guidelines-for-test-plans/_edit#areas-of-interest)
- [ ] Test plan has been peer reviewed by project stakeholders and other
QA members
- [ ] Manually tested functionality on DP
- [ ] We had an implementation alignment call with stakeholders post QA
Round 2
- [ ] Cypress test cases have been added and approved by SDET/manual QA
- [ ] Added `Test Plan Approved` label after Cypress tests were reviewed
- [ ] Added `Test Plan Approved` label after JUnit tests were reviewed
Because tracing is turned on in the `entrypoint.sh`, everything we
source also log all names and values, including the `docker.env` file.
This means all env values are printed to the logs.
This PR disables the tracing to fix this. It was enabled originally for
improved logging information for some of the issues we were facing at
the time, but if we still need such logging information, we need to log
those explicitly with `echo`, instead of using `xtrace`.
Client will get supported OAuth list from the tenant API, instead of
from injected env variables like `APPSMITH_OAUTH2_GOOGLE_CLIENT_ID`.
This is a step towards moving OAuth configuration out of env variables
completely, and into the backend database, so their configuration can be
tenant-wide, instead of instance-wide.
Event Listener Python script fixes:
- Added exception handling in health check request
- Updated backend health check point to
`http://localhost:8080/api/vi/health`
**Fixes:**
- Overwriting MongoDB env data on appsmithctl restore.
- appsmithctl backup does not include the MongoDB env vars.
**Features:**
- appsmithctl backup now does not stop backend and rts service during
backup operation.
_Note:-
It will be the responsibility of the Admin to make sure that a manual
backup is really a desired snapshot when done via
the appsmithctl backup util command
To ensure this, Admins may require to stop the backend and rts processes
in the container before a manual backup( We will need to document this)
[ In future we can add an appsmithctl cmd to put appsmith to maintenance
mode with a maintenance page ]_
Fixes # [21603](https://github.com/appsmithorg/appsmith/issues/21603)
We're already checking for the AVX instruction, and producing a helpful
message about it. But, we're doing that check _after_ we invoke the
`mongod` process, which fails on such processes, and the error message
is never shown.
This PR changes this, by doing the check before that `mongod` command is
run.
If the replicaSet check fails, we see the following error:
```
readWrite command not found
```
This is because of using the command interpolation backticks in the
double-quoted string.
## Description
This PR includes changes for self-hosted instances to utilize an
embedded postgres database for the Template's mockdb.
After this change, by default Appsmith will always run the embedded
Postgres, and connect to it instead of the mockdb cloud instance.
**Solves:**
Issue[#20107](https://github.com/appsmithorg/appsmith/issues/20107)
**Changes:**
- [x] Install Postgresql in the Docker container using Dockerfile :-
_Updated Docker file to install PostgreSQL v13_
- [x] Add provision to stop/disable Postgresql from booting based on an
environment variable :- _To disable embedded postgres, set the **ENV**
var `APPSMITH_ENABLE_EMBEDDED_DB` to `0`; Configured supervisord to
control the lifecycle of the postgres server ( Supervisor uses user
postgres to start the server since root is not allowed)_
- [x] Seed data into the Postgresql DB during first container startup.
This ensures that we don't have to ship the Docker
container with data & bloat it unnecessarily. :- _Curretly, the SQL dump
is baked into the image._
- [x] Persist the Postgresql data in /appsmith-stacks. This ensures that
the data is persisted across version upgrades. :- _The postgres uses the
file system at` /stacks/data/postgres/main` ; note: The file system
owner is user/group postgres_
- [x] Update the mock db endpoint in the product to use the local DB by
default instead of the hosted DB for self-hosted instances. The cloud
instance should still use the hosted DB :- _The embedded postgres
authentication is set to the type `trust`, allowing the existing
template mockdb meta data to be used without any update to the existing
templates mockdb endpoint and credentials_
**Note: There is an additional table `mydb` added to the mockdb for
quickly verifying the db source is the embedded postgres, since the
cloud mockdb does not have that table.**
---------
Co-authored-by: Shrikant Sharat Kandula <shrikant@appsmith.com>
When services within the fat container try to communicate with each
other, like backend to RTS etc., if they use the loopback address of
IPv4, `127.0.0.1`, it works. But if they use the loopback address of
IPv6, `::1`, it fails because the NGINX inside the fat container isn't
set to bind to IPv6.
This PR fixes this.
In EE, we attempt to make connections to Keycloak without setting the
hostname on the `WebClient`. This picks up the hostname of `::1` on
systems with IPv6 as default, and so the communication between backend
and Keycloak fails.
This is affecting users on ECS Fargate, for example.
Appsmith supports running with a HTTP proxy, that can be configured with
`HTTP_PROXY` or `HTTPS_PROXY` env variables. Like this:
```sh
HTTP_PROXY=http://myproxy:8080
HTTPS_PROXY=http://myproxy:8443
```
However, this proxy support didn't support authentication. This PR
implements that. Now, proxy with authentication can be configured like
this:
```sh
HTTP_PROXY=http://user:password@myproxy:8080
HTTPS_PROXY=http://user:password@myproxy:8080
```
This is not syntax or standards invented by Appsmith. This is the
standard way proxy is usually configured.
Fixes#16330🍰
## Description
We're increasing the default limit of request payload on cloud so that
100 MB files that are base 64 encoded can also be uploaded via Appsmith.
Fixes#20424
## Type of change
- Bug fix (non-breaking change which fixes an issue)
## How Has This Been Tested?
- Manual
### Test Plan
> Add Testsmith test cases links that relate to this PR
### Issues raised during DP testing
> Link issues raised during DP testing for better visiblity and tracking
(copy link from comments dropped on this PR)
## Checklist:
### Dev activity
- [ ] My code follows the style guidelines of this project
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [ ] My changes generate no new warnings
- [ ] I have added tests that prove my fix is effective or that my
feature works
- [ ] New and existing unit tests pass locally with my changes
- [ ] PR is being merged under a feature flag
### QA activity:
- [ ] Test plan has been approved by relevant developers
- [ ] Test plan has been peer reviewed by QA
- [ ] Cypress test cases have been added and approved by either SDET or
manual QA
- [ ] Organized project review call with relevant stakeholders after
Round 1/2 of QA
- [ ] Added Test Plan Approved label after reveiwing all Cypress test
When running on CPUs without an AVX instruction, the embedded MongoDB
cannot run. It fails to run with a cryptic error message, and they are
forced to reach out to support for help.
This PR adds a check, and a warning message, if trying to use embedded
MongoDB on a CPU without the AVX instruction.
Issue: Nginx and RTS used the same env PORT for binding it's service,
while the backend server had the rts port hardcoded on its rts uri.
- Renamed env PORT to APPSMITH_RTS_PORT for starting the rts server.
- Updated nginx config templates to use env `APPSMITH_RTS_PORT`
- Added appsmith.rts.port property in server to use env
APPSMITH_RTS_PORT
- Updated CommonConfig.java rtsBaseDomain to use appsmith.rts.port
---------
Co-authored-by: Shrikant Sharat Kandula <shrikant@appsmith.com>
When we have `NO_PROXY=localhost,one.com,two.com,three.com`, then the
current implementation will pass the following to the backend server:
```
localhost|one.com,two.com,three.com
```
This will mean that only `localhost` will bypass the proxy, which is not
what's expected.
This PR fixes this problem, so that the following is sent to the backend
server:
```
localhost|one.com|two.com|three.com
```
This will mean that requests to all four of them, will bypass the proxy,
as expected.
Part of #11855.
Instead of getting the Google Maps API Key from runtime env variables,
we get it from the server, as part of the response of
`/api/v1/tenant/current`. This doesn't add a database call, just include
the env variable name in the response, so shouldn't have any performance
impact on the API.
On the client though, the Maps API key won't be available, until at
least the first call to `/tenant/current` is finished.
Also, first big PR in client code. 🙂
Edit: not `/me` anymore, but from `/tenant/current`.
---------
Co-authored-by: Pawan Kumar <pawan.stardust@gmail.com>
Co-authored-by: Aishwarya UR <aishwarya@appsmith.com>
In the `entrypoint.sh` script, we check if the MongoDB in use, has
replicaSet initiated or not. This is usually done with a `rs.initiate()`
on the cluster.
We need the replicaSet to be enabled on MongoDB, since the backend
server relies on MongoDB `changeStream`s, which is a feature, only
available if replicaSet is enabled.
However, to use the `changeStream` APIs, having the `read` or
`readWrite` role on MongoDB is enough. But the check we do in
`entrypoint.sh`, runs `rs.status()` to see if `replicaSet` is initiated.
This `rs.status()` call, unfortunately, requires the `ClusterMonitor`
role, unlike the `changeStream` API.
To tackle this, we created the `appsmithctl check_replica_set` command.
This command would attempt to use the `changeStream` API, and report
success or failure. But this failed on certain configurations, where
MongoDB was running as a single-node-cluster, on localhost, or a
local/internal network. This was an edge case.
That edge case is solved by this PR. With this, we can use `appsmithctl
check-replica-set` in the `entrypoint.sh` again.
We're `watchtower:latest-dev` image for the `--schedule` support. This
was only available in the `latest-dev` version of Watchtower.
Now, this feature is available in the `latest` version of Watchtower, so
we should be fine switching back to `latest`.
More importantly, the `latest-dev` version of Watchtower, doesn't have
ARM images built. It only has AMD images built today. So this watchtower
service fails to start on ARM architectures. This PR fixes that.
Fixes: [20000](https://github.com/appsmithorg/appsmith/issues/20000)
- [Bug]: Update appsmith version from 1.16.0 to the current 1.9.4
version
* Though we deploy the latest appsmith version. In the helm chart we
show that we are deploying appsmith version as 1.16.0 and its confusing
. We are now fixing it with this PR
- Correct helm chart versions for redis and mongo. This, helps in
deploying the desired versions of redis and mongo which appsmith
supports.
* Previously, When we deploy appsmith along with redis and mongo . It
used to deploy redis v7.0.4 and mongo v6.0.3.
with this changes we deploy the supported versions of redis and mongo
which is v6 and v5 respectively.
### Mongo
before:
```
I have no name!@tempappsmith-mongodb-0:/$ mongosh
Current Mongosh Log ID: 63d2128c2e4dabde5a68f8f8
Connecting to: mongodb://127.0.0.1:27017/?directConnection=true&serverSelectionTimeoutMS=2000&appName=mongosh+1.6.0
Using MongoDB: 6.0.3
Using Mongosh: 1.6.0
For mongosh info see: https://docs.mongodb.com/mongodb-shell/
rs0 [direct: primary] test>
rs0 [direct: primary] test> db.version()
6.0.3
```
After the proposed changes:
```
I have no name!@tempappsmith-mongodb-0:/$ mongo
MongoDB shell version v5.0.9
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("d75e90e4-cbff-4b52-a7ab-22755ab43ec1") }
MongoDB server version: 5.0.9
================
Warning: the "mongo" shell has been superseded by "mongosh",
which delivers improved usability and compatibility.The "mongo" shell has been deprecated and will be removed in
an upcoming release.
For installation instructions, see
https://docs.mongodb.com/mongodb-shell/install/
================
rs0:PRIMARY> db.version()
5.0.9
```
### Redis
Before
```
I have no name!@tempappsmith-redis-master-0:/$ redis-server
19:C 26 Jan 2023 05:40:42.232 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
19:C 26 Jan 2023 05:40:42.232 # Redis version=7.0.4, bits=64, commit=00000000, modified=0, pid=19, just started
19:C 26 Jan 2023 05:40:42.232 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
19:M 26 Jan 2023 05:40:42.233 * monotonic clock: POSIX clock_gettime
19:M 26 Jan 2023 05:40:42.233 # Warning: Could not create server TCP listening socket *:6379: bind: Address already in use
19:M 26 Jan 2023 05:40:42.233 # Failed listening on port 6379 (TCP), aborting.
```
After the proposed changes
```
I have no name!@tempappsmith-redis-master-0:/$ redis-server
4728:C 26 Jan 2023 05:35:07.745 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
4728:C 26 Jan 2023 05:35:07.745 # Redis version=6.2.7, bits=64, commit=00000000, modified=0, pid=4728, just started
4728:C 26 Jan 2023 05:35:07.745 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
4728:M 26 Jan 2023 05:35:07.746 * monotonic clock: POSIX clock_gettime
4728:M 26 Jan 2023 05:35:07.746 # Warning: Could not create server TCP listening socket *:6379: bind: Address already in use
4728:M 26 Jan 2023 05:35:07.746 # Failed listening on port 6379 (TCP), aborting.
```
Fixes#19969.
The previous PR that fixed this was failing with the way we were
creating the initial user on MongoDB. This PR addresses that.
Co-authored-by: Aishwarya UR <aishwarya@appsmith.com>
## Description
Refactored Ansible tasks for installing Appsmith.
Removed tasks used for Packer builds
Fixes # ([19581](https://github.com/appsmithorg/appsmith/issues/19581))
## Type of change
- Bug fix (non-breaking change which fixes an issue)
## How Has This Been Tested?
- Manual
## Description
The Appsmith Docker image was unable to run on CPUs without AVX
instructions because the entrypoint script was using the legacy `mongo`
client. This PR replaces the `mongo` client with the new `mongosh`
client in the entrypoint, which does not require these instructions. Wit
this fix, the Appsmith Docker image is able to run on CPUs without AVX
instructions.
Fixes#19969
## Type of change
- Bug fix (non-breaking change which fixes an issue)
## How Has This Been Tested?
- Manual
## Checklist:
### Dev activity
- [x] My code follows the style guidelines of this project
- [x] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings
- [ ] I have added tests that prove my fix is effective or that my
feature works
- [x] New and existing unit tests pass locally with my changes
- [ ] PR is being merged under a feature flag
### QA activity:
- [ ] Test plan has been approved by relevant developers
- [ ] Test plan has been peer reviewed by QA
- [ ] Cypress test cases have been added and approved by either SDET or
manual QA
- [ ] Organized project review call with relevant stakeholders after
Round 1/2 of QA
- [ ] Added Test Plan Approved label after reveiwing all Cypress test
## Description
- Updated redis.conf to set the Redis rdb directory to
`/appsmith-stacks/data/redis` bind-mount directory, so that the data is
persisted after the container restarts/updates. ( This was causing user
sessions on Appsmith installations using the embedded Redis to reset
after every container restart, since the redis data was not being
persisted)
- Updated redis.conf for the embedded Redis to increase the snapshot
frequency to dump after every 15 sec if at least 1 key changed
Fixes#19768
## Type of change
- Bug fix (non-breaking change which fixes an issue)
## How Has This Been Tested?
- Manual
## Description
- Updated ngnix as default ingress class in `values.yaml`
- Upgraded mongo's deployment image to `v5.0.12` as the previous 4.4.11
is deprecated
- Added `imagePullSecrets` to enable pulling images from private docker
registries
- Added conditional to check for k8s version >=1.1.8 to handle both old
and new k8s version scenarios for setting up the Ingress controller
class name.
Co-authored-by: Goutham Pratapa <goutham@appsmith.com>
Bumps [luxon](https://github.com/moment/luxon) from 3.0.1 to 3.2.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/moment/luxon/blob/master/CHANGELOG.md">luxon's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1>3.2.0 (2022-12-29)</h1>
<ul>
<li>Allow timeZone to be specified as an intl option</li>
<li>Fix for diff's handling of end-of-month when crossing leap years (<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1340">#1340</a>)</li>
<li>Add Interval.toLocaleString() (<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1320">#1320</a>)</li>
</ul>
<h1>3.1.1 (2022-11-28)</h1>
<ul>
<li>Add Settings.twoDigitCutoffYear</li>
</ul>
<h1>3.1.0 (2022-10-31)</h1>
<ul>
<li>Add Duration.rescale</li>
</ul>
<h1>3.0.4 (2022-09-24)</h1>
<ul>
<li>Fix quarters in diffs (<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1279">#1279</a>)</li>
<li>Export package.json in package (<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1239">#1239</a>)</li>
</ul>
<h1>3.0.2 (2022-08-28)</h1>
<ul>
<li>Lots of doc changes</li>
<li>Added DateTime.expandFormat</li>
<li>Added support for custom conversion matrices in Durations</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b1fee58b87"><code>b1fee58</code></a>
bump to 3.2.1</li>
<li><a
href="5ab3bf64a1"><code>5ab3bf6</code></a>
fix rfc2822 regex</li>
<li><a
href="806467adac"><code>806467a</code></a>
preserve language tags (<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1354">#1354</a>)</li>
<li><a
href="acc4952585"><code>acc4952</code></a>
bump dev dependencies</li>
<li><a
href="c8f7191574"><code>c8f7191</code></a>
bump to 3.2.0</li>
<li><a
href="f9917c4a65"><code>f9917c4</code></a>
clarify equality docstring</li>
<li><a
href="a6f27370ad"><code>a6f2737</code></a>
allow timeZone to be specified as an intl option</li>
<li><a
href="f8285c74f3"><code>f8285c7</code></a>
find diff by duration hash instead of using repeated addition to cursor
(<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1340">#1340</a>)</li>
<li><a
href="d607d8fbf2"><code>d607d8f</code></a>
remove extra param from tokenForPart</li>
<li><a
href="7e5d24dcab"><code>7e5d24d</code></a>
Add Interval.toLocaleString() (<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1320">#1320</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/moment/luxon/compare/3.0.1...3.2.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the
default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as
the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as
the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the
default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/appsmithorg/appsmith/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
`appsmithctl version` - Util to display current Appsmith version
`appsmithctl mongo-eval '<mongo query>' [--pretty]` - Util to run mongo
queries
Co-authored-by: Shrikant Sharat Kandula <shrikant@appsmith.com>
This upgrade takes care of our move to JDK 17, Spring Boot 3.0.1 and a
few other security upgrades along the way.
Fixes#18993
TODO:
- [x] Check CI changes for Java 17
- [x] Check vulnerability report
- [x] Mongock needs an upgrade
- [x] Add JVM args at all possible places for exposing java.time module
- [x] Add type adapters everywhere / use the same config for type
adapters everywhere
Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/json5/json5/releases">json5's releases</a>.</em></p>
<blockquote>
<h2>v2.2.3</h2>
<ul>
<li>Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/299">#299</a>)</li>
</ul>
<h2>v2.2.2</h2>
<ul>
<li>Fix: Properties with the name <code>__proto__</code> are added to objects and arrays.
(<a href="https://github-redirect.dependabot.com/json5/json5/issues/199">#199</a>) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (<a href="https://github-redirect.dependabot.com/json5/json5/issues/295">#295</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/json5/json5/blob/main/CHANGELOG.md">json5's changelog</a>.</em></p>
<blockquote>
<h3>v2.2.3 [<a href="https://github.com/json5/json5/tree/v2.2.3">code</a>, <a href="https://github.com/json5/json5/compare/v2.2.2...v2.2.3">diff</a>]</h3>
<ul>
<li>Fix: json5@2.2.3 is now the 'latest' release according to npm instead of
v1.0.2. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/299">#299</a>)</li>
</ul>
<h3>v2.2.2 [<a href="https://github.com/json5/json5/tree/v2.2.2">code</a>, <a href="https://github.com/json5/json5/compare/v2.2.1...v2.2.2">diff</a>]</h3>
<ul>
<li>Fix: Properties with the name <code>__proto__</code> are added to objects and arrays.
(<a href="https://github-redirect.dependabot.com/json5/json5/issues/199">#199</a>) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (<a href="https://github-redirect.dependabot.com/json5/json5/issues/295">#295</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c3a7524277"><code>c3a7524</code></a> 2.2.3</li>
<li><a href="94fd06d82e"><code>94fd06d</code></a> docs: update CHANGELOG for v2.2.3</li>
<li><a href="3b8cebf0c4"><code>3b8cebf</code></a> docs(security): use GitHub security advisories</li>
<li><a href="f0fd9e194d"><code>f0fd9e1</code></a> docs: publish a security policy</li>
<li><a href="6a91a05fff"><code>6a91a05</code></a> docs(template): bug -> bug report</li>
<li><a href="14f8cb186e"><code>14f8cb1</code></a> 2.2.2</li>
<li><a href="10cc7ca916"><code>10cc7ca</code></a> docs: update CHANGELOG for v2.2.2</li>
<li><a href="7774c10979"><code>7774c10</code></a> fix: add <strong>proto</strong> to objects and arrays</li>
<li><a href="edde30abd8"><code>edde30a</code></a> Readme: slight tweak to intro</li>
<li><a href="97286f8bd5"><code>97286f8</code></a> Improve example in readme</li>
<li>Additional commits viewable in <a href="https://github.com/json5/json5/compare/v2.2.1...v2.2.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/appsmithorg/appsmith/network/alerts).
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Fixes: [19207](https://github.com/appsmithorg/appsmith/issues/19207)
**By default on start-up**
```
root@ab348246fff8:/appsmith-stacks/logs# head backend/backend-ab348246fff8.log
Waiting for RTS to start ...
RTS started.
Starting Backend server...
Load environment configuration
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/opt/appsmith/backend/server.jar!/BOOT-INF/lib/logback-classic-1.2.11.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/opt/appsmith/backend/server.jar!/BOOT-INF/lib/slf4j-reload4j-1.7.36.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
SLF4J: Actual binding is of type [ch.qos.logback.classic.util.ContextSelectorStaticBinder]
[2022-12-26 11:39:34,962] - Starting ServerApplication vv1.8.14.1 using Java 11.0.17 on ab348246fff8 with PID 1543 (/opt/appsmith/backend/server.jar started by root in /opt/appsmith/backend)
```
**Upon stopping RTS manually**
```
root@ab348246fff8:/appsmith-stacks/logs# supervisorctl stop rts
rts: stopped
root@ab348246fff8:/appsmith-stacks/logs# supervisorctl status
backend RUNNING pid 1497, uptime 0:01:21
cron RUNNING pid 1505, uptime 0:01:21
editor RUNNING pid 1502, uptime 0:01:21
mongodb RUNNING pid 1491, uptime 0:01:21
redis RUNNING pid 1490, uptime 0:01:21
rts STOPPED Dec 26 11:40 AM
stdout RUNNING pid 1489, uptime 0:01:21
```
**Restart Backend service to check if backend service starts**
```
root@ab348246fff8:/appsmith-stacks/logs# supervisorctl restart backend
backend: stopped
backend: started
root@ab348246fff8:/appsmith-stacks/logs# supervisorctl status
backend RUNNING pid 1802, uptime 0:00:12
cron RUNNING pid 1505, uptime 0:01:43
editor RUNNING pid 1502, uptime 0:01:43
mongodb RUNNING pid 1491, uptime 0:01:43
redis RUNNING pid 1490, uptime 0:01:43
rts STOPPED Dec 26 11:40 AM
stdout RUNNING pid 1489, uptime 0:01:43
root@ab348246fff8:/appsmith-stacks/logs# supervisorctl ^C
root@ab348246fff8:/appsmith-stacks/logs# tail -f backend/backend-ab348246fff8.log
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
^C
```
**Upon starting RTS the behaviour of backend immediately**
```
root@ab348246fff8:/appsmith-stacks/logs# supervisorctl start rts
rts: started
root@ab348246fff8:/appsmith-stacks/logs# tail -f backend/backend-ab348246fff8.log
Starting Backend server...
Load environment configuration
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/opt/appsmith/backend/server.jar!/BOOT-INF/lib/logback-classic-1.2.11.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/opt/appsmith/backend/server.jar!/BOOT-INF/lib/slf4j-reload4j-1.7.36.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
SLF4J: Actual binding is of type [ch.qos.logback.classic.util.ContextSelectorStaticBinder]
[2022-12-26 11:41:33,796] - Starting ServerApplication vv1.8.14.1 using Java 11.0.17 on ab348246fff8 with PID 1968 (/opt/appsmith/backend/server.jar started by root in /opt/appsmith/backend)
[2022-12-26 11:41:33,799] - Running with Spring Boot v2.6.5, Spring v5.3.17
[2022-12-26 11:41:33,803] - No active profile set, falling back to 1 default profile: "default"
[2022-12-26 11:41:34,615] - Multiple Spring Data modules found, entering strict repository configuration mode!
[2022-12-26 11:41:34,616] - Bootstrapping Spring Data Reactive MongoDB repositories in DEFAULT mode.
[2022-12-26 11:41:34,859] - Finished Spring Data repository scanning in 239 ms. Found 55 Reactive MongoDB repository interfaces.
[2022-12-26 11:41:35,220] - Multiple Spring Data modules found, entering strict repository configuration mode!
[2022-12-26 11:41:35,221] - Bootstrapping Spring Data Redis repositories in DEFAULT mode.
```
The control to configure what domains are allowed to embed Appsmith apps is still available, but the default of not allowing anything except for 'self' is changed to allow everything.
While this is convenient, we encourage our users to configure their frame ancestors to limit what domains can embed their Appsmith apps.
Signed-off-by: Shrikant Sharat Kandula <shrikant@appsmith.com>
- Auto-cleanup of backup files using env variable APPSMITH_BACKUP_ARCHIVE_LIMIT (default value is 4) after every backup.
- Updated docker file to include watchtower hook scripts.
- Error mail interval to 6hrs.
This can happen during a migration from very old slim-container instance to a fat container setup. Besides, for whatever reason, if the key file is missing, then the instance fails to come up. This fix will ensure that we can recover from that state automatically.
* migration from organization to workspace on code level
* updated a few more files
* fixed runtime errors
* update org settings URL
* Renamed organizationId in domain objects
* changed field named from organization to workspace
* Reverted AppsmithRole changes
* fixed migrations
* recreating indexes
* migration update
* seed data runs before migration, undo changes
* mock commit
* seedmongo to populate upgraded data, datasource upgrade
* fixed two test cases
* updated migrations
* updated prop name
* Upgraded AclPermission
* comment
* migrated AppsmithRole
* more changes
* final set of changes
* variable name changes
* update cypress variable name
* Update app/server/appsmith-server/src/main/java/com/appsmith/server/controllers/ce/ApplicationControllerCE.java
* Update app/server/appsmith-interfaces/src/main/java/com/appsmith/external/models/Datasource.java
Co-authored-by: Trisha Anand <trisha@appsmith.com>
* reverting encryption handler change
* refactor code to migrate from org to workspace
* migrated a few missed out org to workspace
* updated a few more
* migrated a few missed out org to workspace
* migration changes
* Removed Permission import
* reverted code change
* few more changes
* fixed failing cypress test
* fixed failing cypress test
Co-authored-by: Sidhant Goel <sidhant@appsmith.com>
Co-authored-by: Trisha Anand <trisha@appsmith.com>
Co-authored-by: Sidhant Goel <sidhant@hexcod.in>
## Description
This PR adds to the `estimate_billing` option to the `appsmithctl` command. This will help existing users estimate their bill when they consider upgrading to the paid edition.
Usage:
```
appsmithctl estimate_billing
Options:
--sessionPrice The price per active session. Defaults to 0.3
--priceCap The price cap for a user in a given month. Defaults to 15
```
A user can also run the command for various scenarios to determine the optimum capacity tier.
## Type of change
- New feature (non-breaking change which adds functionality)
- This change requires a documentation update
## How Has This Been Tested?
Manually
## Checklist:
- [ ] My code follows the style guidelines of this project
- [x] I have performed a self-review of my own code
- [x] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings
- [ ] I have added tests that prove my fix is effective or that my feature works
- [ ] New and existing unit tests pass locally with my changes
* Remove optimizely, as it isn't being used anymore from the frontend codebase
* Remove optimizely references form netlify config, vercel config, index.html, docker script, nginx templates and example .env file
- Improve the ansible script to support Amazon Linux
- Remove the port validation on the preflight template
- Display message to show the host IP for user to access the app
Refactor flow to generate nginx configuration file corresponding Custom domain set up
Add 2 template for Nginx template for HTTP and HTTPS. HTTPS contains new block for auto-redirect for HTTPS
Add script to re-generate nginx config file & start nginx
Move function init_ssl_cert into separated file and reuse it in new script and entrypoint
Change command config & add new config to kill all sub-process of a supervisord child program in editor program configure file
- Add sub-directory for user to put custom certificate to use inside container
- Add flow to check existing custom certificate & process to use it
- Add section Custom Certificate in README.md
Added additional details about how to use the fat container, and how to manage / maintain it.
Also includes some refactorings that shouldn't affect the functionality significantly.
With latest update, the following fields are unavailable on the `appsmith.user` object:
- `accountNonExpired`
- `accountNonLocked`
- `credentialsNonExpired`
- `isAnonymous`
- `isEnabled`
These fields are necessary for building applications and many apps were relying on these, despite them not being listed in the documentation at <https://docs.appsmith.com/framework-reference/appsmith#user>.
* Adding `APPSMITH_PLUGIN_MAX_RESPONSE_SIZE` which can be configured as an environment variable to increase plugin response size (currently only supported for Postgres Plugin)
* Updated error message + added the environment variable to the template docker env files for new installations
Adds a Dockerfile along with accompanying scripts and definitions for building a fat Docker image. This image, when run as a container, will include the server, client, RTS, and necessary vendor services running all within.
* temp commit
* using onsubmit to continue using action on form
* added recaptcha site key to env example file
* moved the recaptcha lib loading logic to signup page
* removed unnecessary edit
* handle the case where the recaptcha token is not provided as env var
* added proper env var config for client
* recaptcha config for ansible
* recaptcha config for heroku
* recaptcha config for k8s
* updated app.json
* fixed the typos
* added more description for env vars
* removed api key
* minor typo fix
* Fix potential input error on password generation
This happens on macOS systems when a different locale is
explicitly set.
* Don't use a masked variable name
