Skip to content

Automated Release Builds#4114

Merged
CaMer0n merged 35 commits intomasterfrom
build-release
Mar 28, 2020
Merged

Automated Release Builds#4114
CaMer0n merged 35 commits intomasterfrom
build-release

Conversation

@Deltik
Copy link
Copy Markdown
Member

@Deltik Deltik commented Mar 28, 2020

Motivation and Context

e107 release builds are currently done manually in an unreproducible closed-source process.

To reduce the effort of building releases and to allow anyone to generate consistent builds, automated release builds are needed.

Description

Release Builds

This pull request configures this GitHub repository to run a release build on every push and pull request. Builds can be tagged or untagged.

Tagged releases are built from a specific Git tag, which is pushed to the GitHub repository at the same time as the revision. The Git tag is converted into a PHP version, which will be assigned to that e107 release. For example, the tag v2.3.0 will build e107 2.3.0. Tagged releases are expected to be published on the releases page.

Untagged releases are practically "nightly" builds. They are created on every commit as snapshots leading up to the next tagged release. The version number is the latest tag version or the version in ./e107_admin/ver.php, whichever is higher, plus dev to indicate a prerelease, plus a hyphen (-), plus the number of commits since the latest tag version, plus (-g), plus the first 9 characters of the Git commit hash. For example, e107 2.3.0dev-881-g5eb116142 is the v2.3.0 prerelease built from commit 5eb116142, which was probably 881 commits after the last tag, whatever that was.

All release builds remove certain files that are not used in production (such as the ./e107_tests/ folder) and generate a checksum map (./e107_admin/core_image.php) so that the e107 administrator can use File Inspector to check the integrity of their e107 installation.

Core Image

The core image format has been rewritten. Previously, $core_image and $deprecated_image were stored as PHP arrays and used by File Inspector to verify the e107 installation.

Now, a phar gzip-compressed JSON object is created containing the following information:

  • Default relative path – The path to each file of an uncustomized e107 installation
  • Version – The version corresponding to the checksum
  • Checksum – The checksum of the path and the version

All core e107 files in the release are checksummed and put into the JSON object using the release version in the version field.

The build script then looks back into all past stable e107 release tags to generate a list of core e107 files that have been removed or renamed by the current release. These old files are also checksummed and inserted into the JSON object. This information allows the e107 administrator to see what files they should delete after upgrading their e107 installation:

image

For the core image rewrite, this pull request also includes:

  • a base JSON implementation (e_file_inspector_json) that stores a pretty-printed JSON string in $core_image, but it is not used because the compressed child implementation (e_file_inspector_json_phar) has a space savings of over ⅔, and
  • an SQLite phar implementation (e_file_inspector_sqlphar) that stores the same data in SQLite format, but it is not used because the data retrieval performance was unacceptably poor.

e_file_inspector

A new abstract class e_file_inspector has been introduced to read integrity database files. The current API is read-only, but it can be expanded later to:

  • allow plugin authors to generate integrity images for their own plugins, and
  • heal damaged files by downloading them from a mirror.

In the future, a new implementation can be added with low effort to download a detailed integrity database from an official e107 mirror to do integrity checks from an authoritative online source.

File Inspector

File Inspector has also been rewritten to support the new e_file_inspector interface. The output behavior of File Inspector differs in some ways:

  • Files are now shown with folders instead of in an overlay view.
  • JavaScript-expanded help has been fixed.
  • In the tree view, the root directory is expanded by default, all sub-folders are contracted.
  • If a file checksum matches a previous version of e107, that version is shown.
  • Filters that were not clearly defined have been removed.
  • The option to perform a scan without an integrity check has been removed.

How Has This Been Tested?

Only e_file_inspector has a few basic unit tests.

The release builds have been verified manually by installing e107 from those builds and then running File Inspector to ensure the new installation is intact.

Types of Changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Performance enhancement (non-breaking change which improves efficiency)
  • Code cleanup (non-breaking change which makes code smaller or more readable)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation (a change to man pages or other documentation)

Checklist

Deltik added 30 commits March 27, 2020 17:06
@Deltik
.editorconfig for IntelliJ mostly fitting the existing code style
ab3444a
@Deltik
Imported e107_make.php and make.ini to begin release builds
554baf0 
(Code from @CaMer0n)
@Deltik
Updated make.ini for #4099
39c0979 
App root files introduced in #4099
@Deltik
Reformatted e107_make.php
a9d8344
@Deltik
Code warning cleanup of e107_make.php
537106c
@Deltik
Bare minimum to build releases in GitHub Actions
0d80b82
@Deltik
Defensive cleanup of e107_make.php
0cf9483
@Deltik
Reimplemented core_image.php deprecated checksums
e8a68f1 
Format is different and currently incompatible.  The checksum has been
replaced with an associated array where the keys are the e107 version
and the values are the checksum from that e107 version.
@Deltik
JSON reimplementation of CoreImage
6aeee58
@Deltik
Began work on the core_image.php reader
20dbdef
@Deltik
CoreImage: Replaced JSON with SQLite
caa0826 
Looks like SQLite scales better when there are more files to put in the
database.
@Deltik
CoreImage: Performance optimization for removed files
6a9bfee 
Much faster checksumming of deleted files by using git-checkout instead
of git-show
@Deltik
CoreImage: Table for versions, slight space savings
d3539cd
@Deltik
CoreImage: Pack SQLite into phar
84081c3 
This has two benefits:

1. Protects the SQLite database from being accessed on the Internet by
   having the e107_INIT constant check.
2. Compresses the SQLite database, saving over ⅔ of the space!
@Deltik
Rewrite e_file_inspector implementation: Use SQLite phar
0e7ad8a
@Deltik
Add bzip2 support to workflow test-unit.yml
e828d61
@Deltik
Add old e107 releases to workflow build-release.yml
6957745
@Deltik
Rewrote e_file_inspector validation constants
0494000 
Now uses bit flags, as the previous approach of "overriding" the
validation code may hide information.  Previously,
e_file_inspector::VALIDATION_FAIL could be overridden by
e_file_inspector::VALIDATION_OLD.  Now, e_file_inspector::VALIDATED_HASH
and e_file_inspector::VALIDATED_UPTODATE provides information about
both.
@Deltik
Add a version filter to e_file_inspector::getPathIterator()
bb1c324
@Deltik
Bugfixes and performance optimization for e_file_inspector
e10c323 
- MOD: e_file_inspector::validate() will no longer bother with
       checksumming a file if the database hash is not present for the
       requested version.
- MOD: Better check for e_file_inspector::VALIDATED_DETERMINABLE
- MOD: e_file_inspector::VALIDATED_UPTODATE will now pass if there is no
       checksum in the database and no calculable checksum in the real
       file.
- FIX: Better documentation for
       e_file_inspector_interface::VALIDATED_DETERMINABLE
- FIX: Use the same bit for e_file_inspector::VALIDATED for a full
       validation check in e_file_inspector::validate()
@Deltik
Performance of e_file_inspector_sqlphar::pathToDefaultPath()
90bdc88 
Optimized performance of e_file_inspector_sqlphar::pathToDefaultPath()
by eliminating expensive method calls
@Deltik
Restored JSON core image generator for performance
b8ed706 
PDO SQLite was performing unacceptably poorly.
Let's just load the entire integrity image into RAM…
@Deltik
Extra performance in e_file_inspector_json
76bb9f6 
Squeezed out more performance at the cost of memory usage
@Deltik
CoreImage: API rework
b425b4e
@Deltik
e_file_inspector_json_phar: Smaller core image
6f65561 
e_file_inspector_json_phar is an extended implementation of
e_file_inspector_json that encapsulates a JSON core image into a
gzip-compressed phar.

This results in space savings of over 60% compared to plain JSON.
@Deltik
Minimum viable rewrite of File Inspector frontend
6095c94
@Deltik
Validation bits improvement for e_file_inspector
00d1714 
Now File Inspector detects old files regardless of their hash value.
@Deltik
Reintroduced filters in File Inspector
e9e080a 
Now supports:

* "Show Core Files"
* "Show Missing Core Files"
* "Show Non Core Files"
* "Show Old Core Files"

Removed support for:

* "Exclude Language-Files"
@Deltik
Removed support for "Check Integrity Of Core Files"
f73d491 
Integrity is now always checked.
@Deltik
Reimplemented File Inspector "Display results as"
09d3d2b 
List mode is supported again

Also added file size support
Deltik added 4 commits March 27, 2020 17:06
@Deltik
File Inspector now shows the old e107 version of core files
b4f5504 
Bugfixes related to this change:

* e_file_inspector: During validation, the checksum is now calculated,
  even if the file is old.
* e_file_inspector_json: Strip the "v" from the beginning of version
  numbers in the database to make them proper PHP-standardized versions.
@Deltik
fileinspector.php: Corrected a typo: </dit> → </div>
aca78c0
@Deltik
Implemented insecure file check in File Inspector
03dfb5c 
Bugs fixed:

* Security failure status is now prioritized in
  file_inspector::getStatusForValidationCode()
* File Inspector list view now supports filters
@Deltik
File Inspector: Added missing glyph "folder_uncalc"
5eb1161
@Deltik Deltik requested a review from CaMer0n March 28, 2020 00:28
@Deltik Deltik added the type: enhancement An improvement or new feature request label Mar 28, 2020
@Deltik
Code cleanup for automated release builds
07f5beb 
Low-hanging resolutions for Code Climate
@qlty-cloud-legacy
Copy link
Copy Markdown

qlty-cloud-legacy bot commented Mar 28, 2020

Code Climate has analyzed commit 07f5beb and detected 28 issues on this pull request.

Here's the issue category breakdown:

Category Count
Complexity 26
Duplication 2

The test coverage on the diff in this pull request is 21.7% (80% is the threshold).

This pull request will bring the total coverage in the repository to 7.9% (0.3% change).

View more on Code Climate.

@CaMer0n CaMer0n added this to the e107 2.3.0 milestone Mar 28, 2020
@CaMer0n CaMer0n merged commit 4e78b5e into master Mar 28, 2020
@Deltik Deltik deleted the build-release branch March 29, 2020 00:46
@Moc
Copy link
Copy Markdown
Member

Moc commented Apr 29, 2020

@Deltik Can we add the instruction to upload in binary mode within the warning message? I forsee that more users will experience this issue, and having the direct instruction there on how to solve it might prevent (some) new issue reports.

Deltik added a commit that referenced this pull request Apr 29, 2020
@Deltik
Fixes #4114 - Better file inspector corruption warning message
7291ebc 
Now advises admins to reupload using binary mode if the admin uploads
files with FTP
@Deltik
Copy link
Copy Markdown
Member Author

Deltik commented Apr 29, 2020

@Moc: Done in 7291ebc

I'm not sure how to localize the message, though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@CaMer0n CaMer0n Awaiting requested review from CaMer0n

Assignees

No one assigned

Labels

type: enhancement An improvement or new feature request

Projects

None yet

Milestone

e107 2.3.0

Development

Successfully merging this pull request may close these issues.

4 participants

@Deltik @Moc @Kojack-59 @CaMer0n