Merge branch 'TriliumNext:develop' into sql

Author: JYC333

.github/workflows/main-docker.yml

@@ -0,0 +1,152 @@
+on:
+  push:
+    branches:
+      - "develop"
+      - "feature/update**"
+      - "feature/server_esm**"
+    paths-ignore:
+      - "docs/**"
+      - "bin/**"
+    tags:
+      - "v*"
+  workflow_dispatch:  
+
+env:
+  GHCR_REGISTRY: ghcr.io
+  DOCKERHUB_REGISTRY: docker.io
+  IMAGE_NAME: ${{ github.repository }}
+  TEST_TAG: triliumnext/notes:test
+  PLATFORMS: linux/amd64,linux/arm64,linux/arm/v7
+
+jobs:
+  test_docker:
+    name: Check Docker build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout the repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Set up node & dependencies
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: "npm"
+      
+      - run: npm ci
+      
+      - name: Run the TypeScript build
+        run: npx tsc
+      
+      - name: Create server-package.json
+        run: cat package.json | grep -v electron > server-package.json
+
+      - name: Build and export to Docker
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          load: true
+          tags: ${{ env.TEST_TAG }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Run the container in the background
+        run: docker run -d --rm --name trilium_local ${{ env.TEST_TAG }}
+
+      - name: Wait for the healthchecks to pass
+        uses: stringbean/docker-healthcheck-action@v1
+        with:
+          container: trilium_local
+          wait-time: 50
+          require-status: running
+          require-healthy: true
+
+  build_docker:
+    name: Build Docker images
+    runs-on: ubuntu-latest
+    needs:
+      - test_docker
+    permissions:
+      contents: read
+      packages: write
+      attestations: write
+      id-token: write
+    steps:                        
+      - uses: actions/checkout@v4
+      - name: Extract metadata (tags, labels) for GHCR image
+        id: ghcr-meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=tag
+            type=sha
+      - name: Extract metadata (tags, labels) for DockerHub image
+        id: dh-meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=tag
+            type=sha
+      - name: Set up node & dependencies
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: "npm"
+      - run: npm ci
+      - name: Run the TypeScript build
+        run: npx tsc
+      - name: Create server-package.json
+        run: cat package.json | grep -v electron > server-package.json
+      - name: Log in to the GHCR container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.GHCR_REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - uses: docker/setup-buildx-action@v3
+      - name: Build and push container image to GHCR
+        uses: docker/build-push-action@v6
+        id: ghcr-push
+        with:
+          context: .
+          platforms: ${{ env.PLATFORMS }}
+          push: true              
+          tags: ${{ steps.ghcr-meta.outputs.tags }}
+          labels: ${{ steps.ghcr-meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+      - name: Generate and push artifact attestation to GHCR
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-name: ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME}}
+          subject-digest: ${{ steps.ghcr-push.outputs.digest }}
+          push-to-registry: true
+      - name: Log in to the DockerHub container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.DOCKERHUB_REGISTRY }}
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Build and push image to DockerHub
+        uses: docker/build-push-action@v6
+        id: dh-push
+        with:
+          context: .
+          platforms: ${{ env.PLATFORMS }}
+          push: true
+          tags: ${{ steps.dh-meta.outputs.tags }}
+          labels: ${{ steps.dh-meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+      - name: Generate and push artifact attestation to DockerHub
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-name: ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME}}
+          subject-digest: ${{ steps.dh-push.outputs.digest }}
+          push-to-registry: true

.github/workflows/main.yml

@@ -8,17 +8,15 @@ on:
     paths-ignore:
       - "docs/**"
       - "bin/**"
+      - ".github/workflows/main-docker.yml"
+    tags:
+      - "v*"
   workflow_dispatch:    
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
-env:
-  GHCR_REGISTRY: ghcr.io
-  DOCKERHUB_REGISTRY: docker.io
-  IMAGE_NAME: ${{ github.repository }}
-
 jobs:
   build_darwin:
     name: Build macOS (x86_64, arm64)
@@ -141,79 +139,4 @@ jobs:
         uses: actions/upload-artifact@v4
         with:
           name: TriliumNext Notes for Windows (Setup)
-          path: out/make/squirrel.windows/x64/*.exe
-  build_docker:
-    name: Build Docker images
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
-      attestations: write
-      id-token: write
-    steps:
-      - uses: actions/checkout@v4
-      - name: Extract metadata (tags, labels) for GHCR image
-        id: ghcr-meta
-        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
-        with:
-          images: ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}
-      - name: Extract metadata (tags, labels) for DockerHub image
-        id: dh-meta
-        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
-        with:
-          images: ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}
-      - name: Set up node & dependencies
-        uses: actions/setup-node@v4
-        with:
-          node-version: 20
-          cache: "npm"
-      - run: npm ci
-      - name: Run the TypeScript build
-        run: npx tsc
-      - name: Create server-package.json
-        run: cat package.json | grep -v electron > server-package.json
-      - name: Log in to the GHCR container registry
-        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
-        with:
-          registry: ${{ env.GHCR_REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - uses: docker/setup-buildx-action@v3
-      - name: Build and push container image to GHCR
-        uses: docker/build-push-action@v6
-        id: ghcr-push
-        with:
-          context: .
-          push: true
-          tags: ${{ steps.ghcr-meta.outputs.tags }}
-          labels: ${{ steps.ghcr-meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-      - name: Generate and push artifact attestation to GHCR
-        uses: actions/attest-build-provenance@v1
-        with:
-          subject-name: ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME}}
-          subject-digest: ${{ steps.ghcr-push.outputs.digest }}
-          push-to-registry: true
-      - name: Log in to the DockerHub container registry
-        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
-        with:
-          registry: ${{ env.DOCKERHUB_REGISTRY }}
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Build and push image to DockerHub
-        uses: docker/build-push-action@v6
-        id: dh-push
-        with:
-          context: .
-          push: true
-          tags: ${{ steps.dh-meta.outputs.tags }}
-          labels: ${{ steps.dh-meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-      - name: Generate and push artifact attestation to DockerHub
-        uses: actions/attest-build-provenance@v1
-        with:
-          subject-name: ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME}}
-          subject-digest: ${{ steps.dh-push.outputs.digest }}
-          push-to-registry: true
+          path: out/make/squirrel.windows/x64/*.exe

.github/workflows/playwright.yml

@@ -0,0 +1,27 @@
+name: Playwright Tests
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+jobs:
+  test:
+    timeout-minutes: 60
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - uses: actions/setup-node@v4
+      with:
+        node-version: lts/*
+    - name: Install dependencies
+      run: npm ci
+    - name: Install Playwright Browsers
+      run: npx playwright install --with-deps
+    - name: Run Playwright tests
+      run: npx playwright test
+    - uses: actions/upload-artifact@v4
+      if: always()
+      with:
+        name: playwright-report
+        path: playwright-report/
+        retention-days: 30

.gitignore

@@ -5,7 +5,14 @@ build/
 src/public/app-dist/
 npm-debug.log
 yarn-error.log
+
 *.db
+!integration-tests/db/document.db
+integration-tests/db/log
+integration-tests/db/sessions
+integration-tests/db/backup
+integration-tests/db/session_secret.txt
+
 config.ini
 cert.key
 cert.crt
@@ -18,8 +25,11 @@ tmp/
 
 out/
 
-images/app-icons/png/16x16.png
-images/app-icons/png/32x32.png
 images/app-icons/png/512x512.png
 images/app-icons/png/1024x1024.png
-images/app-icons/mac/*.png
+images/app-icons/mac/*.png
+/test-results/
+/playwright-report/
+/blob-report/
+/playwright/.cache/
+/playwright/.auth/

Dockerfile

@@ -1,8 +1,8 @@
 # !!! Don't try to build this Dockerfile directly, run it through bin/build-docker.sh script !!!
-FROM node:20.15.1-alpine
+FROM node:20.15.1-bullseye-slim
 
 # Configure system dependencies
-RUN apk add --no-cache --virtual .build-dependencies \
+RUN apt-get update && apt-get install -y --no-install-recommends \
     autoconf \
     automake \
     g++ \
@@ -11,7 +11,9 @@ RUN apk add --no-cache --virtual .build-dependencies \
     make \
     nasm \
     libpng-dev \
-    python3 
+    python3 \
+    gosu \
+    && rm -rf /var/lib/apt/lists/*
 
 # Create app directory
 WORKDIR /usr/src/app
@@ -24,27 +26,41 @@ COPY server-package.json package.json
 # Copy TypeScript build artifacts into the original directory structure.
 RUN ls
 RUN cp -R build/src/* src/.
+
+# Copy the healthcheck
+RUN cp build/docker_healthcheck.js .
+RUN rm docker_healthcheck.ts
+
 RUN rm -r build
 
 # Install app dependencies
-RUN set -x \
-    && npm install \
-    && apk del .build-dependencies \
-    && npm run webpack \
-    && npm prune --omit=dev \
-    && cp src/public/app/share.js src/public/app-dist/. \
-    && cp -r src/public/app/doc_notes src/public/app-dist/. \
-    && rm -rf src/public/app \
-    && rm src/services/asset_path.ts
+RUN set -x
+RUN npm install
+RUN apt-get purge -y --auto-remove \
+    autoconf \
+    automake \
+    g++ \
+    gcc \
+    libtool \
+    make \
+    nasm \
+    libpng-dev \
+    python3 \
+    && rm -rf /var/lib/apt/lists/*
+RUN npm run webpack
+RUN npm prune --omit=dev
+RUN cp src/public/app/share.js src/public/app-dist/.
+RUN cp -r src/public/app/doc_notes src/public/app-dist/.
+RUN rm -rf src/public/app
+RUN rm src/services/asset_path.ts
 
 # Some setup tools need to be kept
-RUN apk add --no-cache su-exec shadow
-
-# Add application user and setup proper volume permissions
-RUN adduser -s /bin/false node; exit 0
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    gosu \
+    && rm -rf /var/lib/apt/lists/*
 
 # Start the application
 EXPOSE 8080
 CMD [ "./start-docker.sh" ]
 
-HEALTHCHECK --start-period=10s CMD exec su-exec node node docker_healthcheck.js
+HEALTHCHECK --start-period=10s CMD exec gosu node node docker_healthcheck.js