## Description
- Updated ngnix as default ingress class in `values.yaml`
- Upgraded mongo's deployment image to `v5.0.12` as the previous 4.4.11
is deprecated
- Added `imagePullSecrets` to enable pulling images from private docker
registries
- Added conditional to check for k8s version >=1.1.8 to handle both old
and new k8s version scenarios for setting up the Ingress controller
class name.
Co-authored-by: Goutham Pratapa <goutham@appsmith.com>
Bumps [luxon](https://github.com/moment/luxon) from 3.0.1 to 3.2.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/moment/luxon/blob/master/CHANGELOG.md">luxon's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1>3.2.0 (2022-12-29)</h1>
<ul>
<li>Allow timeZone to be specified as an intl option</li>
<li>Fix for diff's handling of end-of-month when crossing leap years (<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1340">#1340</a>)</li>
<li>Add Interval.toLocaleString() (<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1320">#1320</a>)</li>
</ul>
<h1>3.1.1 (2022-11-28)</h1>
<ul>
<li>Add Settings.twoDigitCutoffYear</li>
</ul>
<h1>3.1.0 (2022-10-31)</h1>
<ul>
<li>Add Duration.rescale</li>
</ul>
<h1>3.0.4 (2022-09-24)</h1>
<ul>
<li>Fix quarters in diffs (<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1279">#1279</a>)</li>
<li>Export package.json in package (<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1239">#1239</a>)</li>
</ul>
<h1>3.0.2 (2022-08-28)</h1>
<ul>
<li>Lots of doc changes</li>
<li>Added DateTime.expandFormat</li>
<li>Added support for custom conversion matrices in Durations</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b1fee58b87"><code>b1fee58</code></a>
bump to 3.2.1</li>
<li><a
href="5ab3bf64a1"><code>5ab3bf6</code></a>
fix rfc2822 regex</li>
<li><a
href="806467adac"><code>806467a</code></a>
preserve language tags (<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1354">#1354</a>)</li>
<li><a
href="acc4952585"><code>acc4952</code></a>
bump dev dependencies</li>
<li><a
href="c8f7191574"><code>c8f7191</code></a>
bump to 3.2.0</li>
<li><a
href="f9917c4a65"><code>f9917c4</code></a>
clarify equality docstring</li>
<li><a
href="a6f27370ad"><code>a6f2737</code></a>
allow timeZone to be specified as an intl option</li>
<li><a
href="f8285c74f3"><code>f8285c7</code></a>
find diff by duration hash instead of using repeated addition to cursor
(<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1340">#1340</a>)</li>
<li><a
href="d607d8fbf2"><code>d607d8f</code></a>
remove extra param from tokenForPart</li>
<li><a
href="7e5d24dcab"><code>7e5d24d</code></a>
Add Interval.toLocaleString() (<a
href="https://github-redirect.dependabot.com/moment/luxon/issues/1320">#1320</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/moment/luxon/compare/3.0.1...3.2.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the
default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as
the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as
the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the
default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/appsmithorg/appsmith/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
`appsmithctl version` - Util to display current Appsmith version
`appsmithctl mongo-eval '<mongo query>' [--pretty]` - Util to run mongo
queries
Co-authored-by: Shrikant Sharat Kandula <shrikant@appsmith.com>
This upgrade takes care of our move to JDK 17, Spring Boot 3.0.1 and a
few other security upgrades along the way.
Fixes#18993
TODO:
- [x] Check CI changes for Java 17
- [x] Check vulnerability report
- [x] Mongock needs an upgrade
- [x] Add JVM args at all possible places for exposing java.time module
- [x] Add type adapters everywhere / use the same config for type
adapters everywhere
Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/json5/json5/releases">json5's releases</a>.</em></p>
<blockquote>
<h2>v2.2.3</h2>
<ul>
<li>Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/299">#299</a>)</li>
</ul>
<h2>v2.2.2</h2>
<ul>
<li>Fix: Properties with the name <code>__proto__</code> are added to objects and arrays.
(<a href="https://github-redirect.dependabot.com/json5/json5/issues/199">#199</a>) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (<a href="https://github-redirect.dependabot.com/json5/json5/issues/295">#295</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/json5/json5/blob/main/CHANGELOG.md">json5's changelog</a>.</em></p>
<blockquote>
<h3>v2.2.3 [<a href="https://github.com/json5/json5/tree/v2.2.3">code</a>, <a href="https://github.com/json5/json5/compare/v2.2.2...v2.2.3">diff</a>]</h3>
<ul>
<li>Fix: json5@2.2.3 is now the 'latest' release according to npm instead of
v1.0.2. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/299">#299</a>)</li>
</ul>
<h3>v2.2.2 [<a href="https://github.com/json5/json5/tree/v2.2.2">code</a>, <a href="https://github.com/json5/json5/compare/v2.2.1...v2.2.2">diff</a>]</h3>
<ul>
<li>Fix: Properties with the name <code>__proto__</code> are added to objects and arrays.
(<a href="https://github-redirect.dependabot.com/json5/json5/issues/199">#199</a>) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (<a href="https://github-redirect.dependabot.com/json5/json5/issues/295">#295</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c3a7524277"><code>c3a7524</code></a> 2.2.3</li>
<li><a href="94fd06d82e"><code>94fd06d</code></a> docs: update CHANGELOG for v2.2.3</li>
<li><a href="3b8cebf0c4"><code>3b8cebf</code></a> docs(security): use GitHub security advisories</li>
<li><a href="f0fd9e194d"><code>f0fd9e1</code></a> docs: publish a security policy</li>
<li><a href="6a91a05fff"><code>6a91a05</code></a> docs(template): bug -> bug report</li>
<li><a href="14f8cb186e"><code>14f8cb1</code></a> 2.2.2</li>
<li><a href="10cc7ca916"><code>10cc7ca</code></a> docs: update CHANGELOG for v2.2.2</li>
<li><a href="7774c10979"><code>7774c10</code></a> fix: add <strong>proto</strong> to objects and arrays</li>
<li><a href="edde30abd8"><code>edde30a</code></a> Readme: slight tweak to intro</li>
<li><a href="97286f8bd5"><code>97286f8</code></a> Improve example in readme</li>
<li>Additional commits viewable in <a href="https://github.com/json5/json5/compare/v2.2.1...v2.2.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/appsmithorg/appsmith/network/alerts).
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Fixes: [19207](https://github.com/appsmithorg/appsmith/issues/19207)
**By default on start-up**
```
root@ab348246fff8:/appsmith-stacks/logs# head backend/backend-ab348246fff8.log
Waiting for RTS to start ...
RTS started.
Starting Backend server...
Load environment configuration
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/opt/appsmith/backend/server.jar!/BOOT-INF/lib/logback-classic-1.2.11.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/opt/appsmith/backend/server.jar!/BOOT-INF/lib/slf4j-reload4j-1.7.36.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
SLF4J: Actual binding is of type [ch.qos.logback.classic.util.ContextSelectorStaticBinder]
[2022-12-26 11:39:34,962] - Starting ServerApplication vv1.8.14.1 using Java 11.0.17 on ab348246fff8 with PID 1543 (/opt/appsmith/backend/server.jar started by root in /opt/appsmith/backend)
```
**Upon stopping RTS manually**
```
root@ab348246fff8:/appsmith-stacks/logs# supervisorctl stop rts
rts: stopped
root@ab348246fff8:/appsmith-stacks/logs# supervisorctl status
backend RUNNING pid 1497, uptime 0:01:21
cron RUNNING pid 1505, uptime 0:01:21
editor RUNNING pid 1502, uptime 0:01:21
mongodb RUNNING pid 1491, uptime 0:01:21
redis RUNNING pid 1490, uptime 0:01:21
rts STOPPED Dec 26 11:40 AM
stdout RUNNING pid 1489, uptime 0:01:21
```
**Restart Backend service to check if backend service starts**
```
root@ab348246fff8:/appsmith-stacks/logs# supervisorctl restart backend
backend: stopped
backend: started
root@ab348246fff8:/appsmith-stacks/logs# supervisorctl status
backend RUNNING pid 1802, uptime 0:00:12
cron RUNNING pid 1505, uptime 0:01:43
editor RUNNING pid 1502, uptime 0:01:43
mongodb RUNNING pid 1491, uptime 0:01:43
redis RUNNING pid 1490, uptime 0:01:43
rts STOPPED Dec 26 11:40 AM
stdout RUNNING pid 1489, uptime 0:01:43
root@ab348246fff8:/appsmith-stacks/logs# supervisorctl ^C
root@ab348246fff8:/appsmith-stacks/logs# tail -f backend/backend-ab348246fff8.log
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
Waiting for RTS to start ...
^C
```
**Upon starting RTS the behaviour of backend immediately**
```
root@ab348246fff8:/appsmith-stacks/logs# supervisorctl start rts
rts: started
root@ab348246fff8:/appsmith-stacks/logs# tail -f backend/backend-ab348246fff8.log
Starting Backend server...
Load environment configuration
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/opt/appsmith/backend/server.jar!/BOOT-INF/lib/logback-classic-1.2.11.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/opt/appsmith/backend/server.jar!/BOOT-INF/lib/slf4j-reload4j-1.7.36.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
SLF4J: Actual binding is of type [ch.qos.logback.classic.util.ContextSelectorStaticBinder]
[2022-12-26 11:41:33,796] - Starting ServerApplication vv1.8.14.1 using Java 11.0.17 on ab348246fff8 with PID 1968 (/opt/appsmith/backend/server.jar started by root in /opt/appsmith/backend)
[2022-12-26 11:41:33,799] - Running with Spring Boot v2.6.5, Spring v5.3.17
[2022-12-26 11:41:33,803] - No active profile set, falling back to 1 default profile: "default"
[2022-12-26 11:41:34,615] - Multiple Spring Data modules found, entering strict repository configuration mode!
[2022-12-26 11:41:34,616] - Bootstrapping Spring Data Reactive MongoDB repositories in DEFAULT mode.
[2022-12-26 11:41:34,859] - Finished Spring Data repository scanning in 239 ms. Found 55 Reactive MongoDB repository interfaces.
[2022-12-26 11:41:35,220] - Multiple Spring Data modules found, entering strict repository configuration mode!
[2022-12-26 11:41:35,221] - Bootstrapping Spring Data Redis repositories in DEFAULT mode.
```
The control to configure what domains are allowed to embed Appsmith apps is still available, but the default of not allowing anything except for 'self' is changed to allow everything.
While this is convenient, we encourage our users to configure their frame ancestors to limit what domains can embed their Appsmith apps.
Signed-off-by: Shrikant Sharat Kandula <shrikant@appsmith.com>
- Auto-cleanup of backup files using env variable APPSMITH_BACKUP_ARCHIVE_LIMIT (default value is 4) after every backup.
- Updated docker file to include watchtower hook scripts.
- Error mail interval to 6hrs.
This can happen during a migration from very old slim-container instance to a fat container setup. Besides, for whatever reason, if the key file is missing, then the instance fails to come up. This fix will ensure that we can recover from that state automatically.
* migration from organization to workspace on code level
* updated a few more files
* fixed runtime errors
* update org settings URL
* Renamed organizationId in domain objects
* changed field named from organization to workspace
* Reverted AppsmithRole changes
* fixed migrations
* recreating indexes
* migration update
* seed data runs before migration, undo changes
* mock commit
* seedmongo to populate upgraded data, datasource upgrade
* fixed two test cases
* updated migrations
* updated prop name
* Upgraded AclPermission
* comment
* migrated AppsmithRole
* more changes
* final set of changes
* variable name changes
* update cypress variable name
* Update app/server/appsmith-server/src/main/java/com/appsmith/server/controllers/ce/ApplicationControllerCE.java
* Update app/server/appsmith-interfaces/src/main/java/com/appsmith/external/models/Datasource.java
Co-authored-by: Trisha Anand <trisha@appsmith.com>
* reverting encryption handler change
* refactor code to migrate from org to workspace
* migrated a few missed out org to workspace
* updated a few more
* migrated a few missed out org to workspace
* migration changes
* Removed Permission import
* reverted code change
* few more changes
* fixed failing cypress test
* fixed failing cypress test
Co-authored-by: Sidhant Goel <sidhant@appsmith.com>
Co-authored-by: Trisha Anand <trisha@appsmith.com>
Co-authored-by: Sidhant Goel <sidhant@hexcod.in>
## Description
This PR adds to the `estimate_billing` option to the `appsmithctl` command. This will help existing users estimate their bill when they consider upgrading to the paid edition.
Usage:
```
appsmithctl estimate_billing
Options:
--sessionPrice The price per active session. Defaults to 0.3
--priceCap The price cap for a user in a given month. Defaults to 15
```
A user can also run the command for various scenarios to determine the optimum capacity tier.
## Type of change
- New feature (non-breaking change which adds functionality)
- This change requires a documentation update
## How Has This Been Tested?
Manually
## Checklist:
- [ ] My code follows the style guidelines of this project
- [x] I have performed a self-review of my own code
- [x] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings
- [ ] I have added tests that prove my fix is effective or that my feature works
- [ ] New and existing unit tests pass locally with my changes
