d3d1f1e7b2
Merge branch 'dev' into code-maintenance/angular-22
2026-06-08 10:05:24 +01:00
d5aabfc971
Bump docker/setup-buildx-action from 4.0.0 to 4.1.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd...d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-version: 4.1.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-06-08 05:33:25 +00:00
ead911e214
Bump Node to 22.22.3, npm to ^10.9.8
...
Bumps supported Node engines to `^22.22.3 || ^24.15.0`.
Updates to Node 22.22.3 for development, production, GitHub workflows
and in documentation.
2026-06-07 21:01:52 +01:00
a15d5b10eb
Merge pull request #23420 from opf/dependabot/github_actions/dev/runs-on/cache-5.0.7
...
Bump runs-on/cache from 5.0.5 to 5.0.7
2026-06-01 11:12:00 +02:00
5de5f3fb77
Bump ruby/setup-ruby from 1.306.0 to 1.310.0 ( #23418 )
...
Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby ) from 1.306.0 to 1.310.0.
- [Release notes](https://github.com/ruby/setup-ruby/releases )
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb )
- [Commits](https://github.com/ruby/setup-ruby/compare/c4e5b1316158f92e3d49443a9d58b31d25ac0f8f...afeafc3d1ab54a631816aba4c914a0081c12ff2f )
---
updated-dependencies:
- dependency-name: ruby/setup-ruby
dependency-version: 1.310.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-28 20:26:36 +02:00
918a0ebfe1
Bump runs-on/cache from 5.0.5 to 5.0.7
...
Bumps [runs-on/cache](https://github.com/runs-on/cache ) from 5.0.5 to 5.0.7.
- [Release notes](https://github.com/runs-on/cache/releases )
- [Changelog](https://github.com/runs-on/cache/blob/v5/RELEASES.md )
- [Commits](https://github.com/runs-on/cache/compare/bd330c5a5f6cbb837823ee25864f3c71a211c2e3...88d90644011a3a9957fd141a106f5a94f9794203 )
---
updated-dependencies:
- dependency-name: runs-on/cache
dependency-version: 5.0.7
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-05-28 10:00:13 +00:00
23dc28bde6
Fix image output after zizmor changes
2026-05-19 12:21:08 +02:00
30954cf766
Merge branch 'dev' into fix/github-actions-zizmor
2026-05-13 11:52:07 +02:00
109db3f53c
Merge remote-tracking branch 'opf/dev' into HEAD
...
# Conflicts:
# lib/open_project/version.rb
# modules/backlogs/config/locales/crowdin/de.yml
# modules/wikis/config/locales/crowdin/de.yml
2026-05-13 11:04:03 +02:00
d98bc94617
Force higher volume for builds
2026-05-13 07:34:55 +02:00
fa9d54a3d3
Address remaining findings
2026-05-06 11:04:47 +02:00
febd9d0fe6
Explicity selt package-manager-cache: false
2026-05-06 10:37:54 +02:00
63426f037e
Run zizmor on github actions, pinning all actions
2026-05-06 10:26:43 +02:00
96fcf2abd9
Consistently use secrets definition instead of inherit and fix templates
...
Replaced secrets: inherit with explicit secret mapping in docker related workflow and seed-all-locales.yml.
Avoid github template expansions for inputs
2026-05-05 13:15:14 +02:00
14fa8c7dcf
Bump runs-on/cache from 4 to 5
...
Bumps [runs-on/cache](https://github.com/runs-on/cache ) from 4 to 5.
- [Release notes](https://github.com/runs-on/cache/releases )
- [Changelog](https://github.com/runs-on/cache/blob/v4/RELEASES.md )
- [Commits](https://github.com/runs-on/cache/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: runs-on/cache
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-05-04 06:01:46 +00:00
7824d1d304
Set volume to 100g
2026-04-29 07:40:34 +02:00
c8db8cc5f4
Merge branch 'dev' into merge-release/17.2-20260316141915
2026-03-16 15:20:14 +01:00
a7497c8c44
Remove other remnant of the debian base arg
2026-03-16 12:01:54 +01:00
15baa3520d
Merge branch 'dev' into merge-release/17.2-20260316105331
2026-03-16 11:54:11 +01:00
23db1ba2f5
we no longer require an older .NET version for the BIM pipeline, always use latest base (trixie) as defined in Dockerfile
2026-03-12 15:30:46 +00:00
93c030a60d
Bump docker/login-action from 3 to 4 ( #22255 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3 to 4.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-11 10:33:32 -03:00
addb6bc5f6
Bump docker/setup-buildx-action from 3 to 4 ( #22258 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3 to 4.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-10 15:29:55 -03:00
7d29c7c43d
Bump docker/metadata-action from 5 to 6 ( #22260 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 5 to 6.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](https://github.com/docker/metadata-action/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-10 15:00:54 -03:00
7752a22521
Bump docker/build-push-action from 6 to 7 ( #22259 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6 to 7.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-10 15:00:42 -03:00
eb6bb22dc7
Bump docker/setup-qemu-action from 3 to 4 ( #22256 )
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 3 to 4.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](https://github.com/docker/setup-qemu-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-10 15:00:26 -03:00
447cfb0f6a
Merge pull request #22137 from opf/dependabot/github_actions/dev/actions/upload-artifact-7
...
Bump actions/upload-artifact from 6 to 7
2026-03-04 09:20:56 +01:00
ce64f51660
Bump actions/upload-artifact from 6 to 7
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 6 to 7.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-03 21:18:52 +00:00
d4e84c63fe
Bump actions/download-artifact from 7 to 8
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 7 to 8.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v7...v8 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-version: '8'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-03 21:18:04 +00:00
5a55138f6d
Add use_test_registry for workflow call
2026-02-23 06:58:50 +01:00
a0770e7b21
Merge remote-tracking branch 'origin/release/17.1' into dev
2026-02-20 11:16:57 +01:00
3cc1c5beb1
Allow running docker from fork
2026-02-20 11:16:19 +01:00
0789817fe3
Merge remote-tracking branch 'origin/dev' into code-maintenance/71761-include-op-blocknote-hocuspocus-in-openproject-core-repository
2026-02-18 22:47:29 +00:00
31e85f8f2d
trigger hocuspocus deployments on push
2026-02-18 21:23:54 +00:00
00132c0da7
Use better job names
...
[skip ci]
2026-02-13 15:20:22 +01:00
9de3f5336f
cannot call workflow from step, only job
2026-02-13 13:44:59 +00:00
9a286f076e
debug
2026-02-13 13:36:25 +00:00
a9a4417be3
checkout code to use workflow
2026-02-13 13:28:59 +00:00
1517544157
build hocuspocus as precondition for openproject docker build
2026-02-13 13:26:56 +00:00
d482f1f708
Fix docker bloat ( #21948 )
...
* Refactor Docker build/runtime stages for slimmer images
Split runtime and build dependencies into separate stages and build the app in a dedicated stage before runtime copy.
Add a slim prune stage that removes non-runtime source trees, source maps, duplicate enterprise source videos, module test/doc folders, and extra vendored gem artifacts.
This ensures bytes are removed before the final slim copy, so layer size actually decreases while keeping runtime behavior intact.
* Add target-specific Docker image validation in CI
Introduce script/ci/docker_validate_image.sh with validations for slim, slim-bim, and all-in-one images.
Checks include runtime binary presence/absence, plugin asset/module integrity, slim pruning expectations, BIM tooling, and all-in-one API startup/embedded services.
Update docker workflow to run the validator for every matrix target before push.
* fix
* Generate YAML-safe auto Hocuspocus secret
All-in-one startup auto-generates OPENPROJECT_COLLABORATIVE__EDITING__HOCUSPOCUS__SECRET in the entrypoint.
Environment overrides are parsed through YAML, so leading punctuation in the previous charset (e.g. %) could trigger Psych parsing errors and abort boot.
Restrict generated secret characters to alphanumeric to keep parsing stable while preserving high entropy.
* Fix all-in-one hocuspocus runtime and validation
* Fix all-in-one memcached startup handover
2026-02-11 10:40:54 +01:00
0028bb701f
Increase log output size to 300 lines in docker workflow
...
There was a stacktrace in a run, and we could not read the start of the
stacktrace indicating which env var produced it.
2026-02-06 09:11:29 +01:00
af772efcdf
fix accidental inclusion of slim-bim digest in slim tag due to amiguous merge pattern
2026-01-23 15:25:04 +00:00
c4918a8472
update docker workflow dependencies
2026-01-23 13:35:15 +00:00
0728ed5739
Merge remote-tracking branch 'origin/release/16.6' into release/17.0
2026-01-16 10:34:35 +01:00
fe0a77cbee
Restore some of the workflows to just run in the core
...
These do not make sense to be run in forks
2026-01-16 10:31:05 +01:00
4946b38f7d
Merge branch 'release/16.6' into release/17.0
2026-01-09 11:58:06 +01:00
41129443f8
Change github workflow checks to owner, not repository
2026-01-08 13:45:25 +01:00
26dda8b6d1
Bump actions/checkout from 5 to 6 ( #21137 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 06:20:14 -03:00
ac577dcbd7
Allow manually triggering docker.yml workflow with the test registry
2025-10-28 20:47:51 +01:00
177348d56e
Bump actions/download-artifact from 5 to 6 ( #20787 )
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 5 to 6.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-27 10:37:57 +00:00
8c56f14b9f
Bump actions/upload-artifact from 4 to 5 ( #20786 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4 to 5.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-27 10:37:47 +00:00
Alexander Brandon Coles