Squashed commit of the following:

commit 1fbfdee Author: Stephen Garrett <[email protected]> Date: Tue Apr 2 10:28:24 2024 +0200 Allow multiple headers in certs (#162) * Refactor valid_cert() to allow multiple header addition. Change-Id: I13030e24ac1d4077b223b31535bab60f83ee94a7 * Refactor headers & footers. Add PRIVATE_KEY cert_type. Change-Id: I41f1145f46363bdeef96ed7a571c0f8fdbff5c3d * Allow multiple cert_types for uploaded TLS certificates. Change-Id: Ic4da466b3aa5d323b275d23a1ab61ccc86546df1 commit 6996714 Author: Madelen Andersson <[email protected]> Date: Mon Mar 25 16:13:04 2024 +0100 bump Docker Engine to 26.0.0 (#148) * bump Docker Engine to 26.0.0 --------- Co-authored-by: madelen-at-work <[email protected]> commit 48e3971 Author: Madelen Andersson <[email protected]> Date: Fri Mar 22 12:49:34 2024 +0100 TLS cert upload for rootless (#124) * First draft of tls upload * Preliminary functional version including documentation. * Resolve aarch64 compilation errors. Change-Id: I647ef17eeafff9269187051fd3baa8609cc70e6f * Corrections to logging and documentation following review. Change-Id: I694f419ec1e3d8670293b631fb465f0abf639c11 * Functional cert upload to /tmp, copy to ../localdata & cleanup. Change-Id: Ib0bd184a4a38d1f93b750ee932c902080d5aa0e7 * Intial restart on certificate functionality change to allow testing. Change-Id: I71f3d10918ee72c79e7b36948b1bfce5191dc301 * Refactor stop & start to load daemon. Enable pending cgi requests. Change-Id: I96869dd4eb1ed9c796e5a6fe4f813e88383f1cb5 * clang-formatted & logging reduced. Change-Id: Ica457ba1e2cd9cc473ab3bdb7c0cf3b5343a485e * Remove commented out lines from Dockerfile. Change-Id: I0d69febc0691e31d2ff4e5e959e3fa1a6f0dff26 --------- Co-authored-by: madelen-axis <[email protected]> Co-authored-by: Stephen Garrett <[email protected]> commit 6b39d9e Author: Madelen Andersson <[email protected]> Date: Thu Mar 21 09:06:10 2024 +0100 set path for internal storage (#138) Co-authored-by: madelen-at-work <[email protected]> commit ff8055d Author: Madelen Andersson <[email protected]> Date: Thu Mar 7 13:41:29 2024 +0100 don't exclude .vscode commit 74ac468 Merge: 1d829f9 5f7d2af Author: Madelen Andersson <[email protected]> Date: Thu Mar 7 13:37:04 2024 +0100 Merge branch 'main' into rootless_shadow commit 5f7d2af Author: Madelen Andersson <[email protected]> Date: Thu Mar 7 13:31:46 2024 +0100 Add CONTRIBUTING and .vscode (#132) commit 1f42b29 Author: Madelen Andersson <[email protected]> Date: Thu Mar 7 12:07:04 2024 +0100 combined update of depenadbot recomendations (#131) * combined changes for depenadbot and other action updates commit 1d829f9 Author: Madelen Andersson <[email protected]> Date: Thu Mar 7 09:51:55 2024 +0100 fix for SDK change commit 5a076e8 Author: Madelen Andersson <[email protected]> Date: Thu Mar 7 09:28:03 2024 +0100 tweaks after merge to main commit 96a83f7 Merge: 9642900 4781797 Author: Madelen Andersson <[email protected]> Date: Thu Mar 7 09:25:33 2024 +0100 Merge branch 'main' into rootless_shadow commit 4781797 Author: Madelen Andersson <[email protected]> Date: Thu Mar 7 09:19:38 2024 +0100 remove experimental codeql setup commit 9642900 Author: Madelen Andersson <[email protected]> Date: Wed Mar 6 10:34:19 2024 +0100 Remove last root requirements (#130) * remove last root requirements NB! signing will not pass untill manifest schema is updated and available in SDK --------- Co-authored-by: madelen-axis <[email protected]> commit 53082fa Author: Deepika Shanmugam <[email protected]> Date: Mon Mar 4 13:33:51 2024 +0100 Remove the script of handling directories owned by root (#129) commit e7401a7 Author: madelen-axis <[email protected]> Date: Tue Feb 27 11:23:59 2024 +0100 fix to preuninstall script and remove unused binary commit 1d8fcbc Author: Deepika Shanmugam <[email protected]> Date: Mon Feb 12 15:05:48 2024 +0100 Set required environment variables for rootless docker ACAP (#127) commit 1c92226 Author: Madelen Andersson <[email protected]> Date: Thu Feb 8 11:47:55 2024 +0100 backdown SDK version to be LTS 10.12 compliant (#123) Co-authored-by: madelen-axis <[email protected]> commit 0b18ef1 Author: Angelo Delli Santi <[email protected]> Date: Fri Jan 19 17:45:25 2024 +0100 Add note about root requirement (#125) * Add note about root requirement commit 3f6b629 Author: madelen-axis <[email protected]> Date: Fri Jan 5 09:08:15 2024 +0100 remove new[u/g]idmap and user-services commit 6ed70c8 Author: Madelen Andersson <[email protected]> Date: Thu Nov 30 15:54:50 2023 +0100 Added sub-groups for the ACAP user (#118) * Added sub-groups for the ACAP user --------- Co-authored-by: madelen-axis <[email protected]> commit 44ead62 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Nov 20 07:23:52 2023 +0000 Bump actions/github-script from 6 to 7 Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@v6...v7) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> commit c2bbc1b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Nov 13 07:35:23 2023 +0000 Bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> commit 537f11e Author: Madelen Andersson <[email protected]> Date: Fri Nov 24 10:13:23 2023 +0100 Use super-linter/super-linter and activate clang validation (#110) * switched to super-linter/super-linter * Update lint.yml --------- Co-authored-by: madelen-axis <[email protected]> commit 05c8c25 Author: Madelen Andersson <[email protected]> Date: Fri Nov 10 09:54:59 2023 +0100 Documentation for rootless preview (#109) * Added documentation for rootless Docker ACAP Co-authored-by: madelen-axis <[email protected]> commit 313a74d Author: Madelen Andersson <[email protected]> Date: Fri Nov 10 08:46:56 2023 +0100 rootless Docker ACAP requiring AllowRoot to install (#107) rootless implementation --------- Co-authored-by: madelen-axis <[email protected]> Co-authored-by: Mattias Axelsson <[email protected]> commit 1a53e5c Author: Patrik Åkesson <[email protected]> Date: Wed Nov 8 13:30:35 2023 +0100 Correct codeql.yml GitHub action format commit c4b2ab9 Author: Patrik Åkesson <[email protected]> Date: Wed Nov 8 13:23:47 2023 +0100 Correct codeql.yml wrong yaml syntax commit 218e50d Author: Patrik Åkesson <[email protected]> Date: Wed Nov 8 09:54:49 2023 +0100 Update codeql.yml with custom build script commit 8f033ea Author: Patrik Åkesson <[email protected]> Date: Wed Nov 8 09:31:16 2023 +0100 Create codeql.yml with manual trigger
AxisCommunications · Apr 2, 2024 · dea5561 · dea5561
1 parent 4140822
commit dea5561
Show file tree

Hide file tree

Showing 17 changed files with 2,062 additions and 273 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -1,2 +1,3 @@
 build-*
 tmp
+.vscode
diff --git a/.github/actions/docker-build-action/action.yml b/.github/actions/docker-build-action/action.yml
@@ -53,12 +53,12 @@ runs:
   using: composite
   steps:
     - name: Set up Docker buildx
-      uses: docker/setup-buildx-action@v2
+      uses: docker/setup-buildx-action@v3
     - name: Set up QEMU
       if: ${{ inputs.use_qemu == 'true'}}
-      uses: docker/setup-qemu-action@v2
+      uses: docker/setup-qemu-action@v3
     - name: Build image
-      uses: docker/build-push-action@v4
+      uses: docker/build-push-action@v5
       with:
         context: .
         push: false

diff --git a/.github/actions/metadata-action/action.yml b/.github/actions/metadata-action/action.yml
@@ -44,7 +44,7 @@ runs:
   steps:
     - name: Create metadata for docker image
       id: meta
-      uses: docker/metadata-action@v4
+      uses: docker/metadata-action@v5
       with:
         images: ${{ inputs.repository }}
         # adds the suffix for all tags, even latest.

diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
@@ -8,6 +8,7 @@ on:
   push:
     branches:
       - 'main'
+      - 'rootless_shadow'
     tags:
       # semver, e.g. 1.2.0 (does not match 0.1.2)
       - '[1-9]+.[0-9]+.[0-9]+'
@@ -22,6 +23,7 @@ on:
   pull_request:
     branches:
       - 'main'
+      - 'rootless_shadow'
 
 jobs:
   # Builds docker ACAP using the build.sh script, then signs the eap-file in
@@ -91,7 +93,7 @@ jobs:
             echo "HTTP_RESPONSE is empty or not a valid integer: $HTTP_RESPONSE"
           fi
       - name: Upload artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: ${{ env.SIGNED_EAP_FILE }}
           path: build/${{ env.SIGNED_EAP_FILE }}
@@ -123,7 +125,7 @@ jobs:
         id: vars
         run: echo "TAG=${GITHUB_REF#refs/*/}" >> ${GITHUB_ENV}
       - name: Create prerelease
-        uses: actions/github-script@v6
+        uses: actions/github-script@v7
         id: prerelease
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -173,7 +175,7 @@ jobs:
             echo "::error::Non valid architecture '${{ matrix.arch }}' encountered"
           fi
       - name: Download artifacts
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: ${{ env.EAP_FILE }}
           path: ./

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -16,14 +16,15 @@ jobs:
           fetch-depth: 0
 
       - name: Lint codebase
-        uses: github/super-linter/slim@v5
+        uses: super-linter/super-linter/slim@v6
         env:
           VALIDATE_ALL_CODEBASE: true
           DEFAULT_BRANCH: main
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           LINTER_RULES_PATH: /
           IGNORE_GITIGNORED_FILES: true
           VALIDATE_BASH: true
+          VALIDATE_CLANG_FORMAT: true
           VALIDATE_DOCKERFILE_HADOLINT: true
           VALIDATE_MARKDOWN: true
           VALIDATE_SHELL_SHFMT: true

diff --git a/.vscode/extensions.json b/.vscode/extensions.json
@@ -0,0 +1,7 @@
+{
+    "recommendations": [
+        "DavidAnson.vscode-markdownlint",
+        "editorconfig.editorconfig",
+        "streetsidesoftware.code-spell-checker"
+    ]
+}
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -0,0 +1,17 @@
+{
+    "C_Cpp.clang_format_style": "file",
+    "[markdown]": {
+        "editor.defaultFormatter": "DavidAnson.vscode-markdownlint",
+        "editor.formatOnSave": true,
+        "editor.formatOnPaste": true
+      },
+      "markdown.extension.list.indentationSize": "inherit",
+    "markdown.extension.toc.levels": "1..3",
+    "cSpell.words": [
+        "anyauth",
+        "Buildx",
+        "containerd",
+        "rootpasswd",
+        "VAPIX"
+    ]
+}
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -0,0 +1,225 @@
+<!-- omit in toc -->
+# Regarding contributions
+
+All types of contributions are encouraged and valued. See the [Table of contents](#table-of-contents)
+for different ways to help and details about how this project handles them. Please make sure to read
+the relevant section before making your contribution. It will make it a lot easier for us maintainers
+and smooth out the experience for all involved. We look forward to your contributions.
+
+> And if you like the project, but just don't have time to contribute, that's fine. There are other
+> easy ways to support the project and show your appreciation, which we would also be very happy about:
+>
+> - Star the project
+> - Tweet about it
+> - Refer this project in your project's readme
+> - Mention the project at local meetups and tell your friends/colleagues
+
+<!-- omit in toc -->
+## Table of contents
+
+- [I have a question](#i-have-a-question)
+- [I want to contribute](#i-want-to-contribute)
+  - [Reporting bugs](#reporting-bugs)
+  - [Suggesting enhancements](#suggesting-enhancements)
+  - [Your first code contribution](#your-first-code-contribution)
+  - [Lint of codebase](#lint-of-codebase)
+
+## I have a question
+
+Before you ask a question, it is best to search for existing [issues][issues] that might help you.
+In case you have found a suitable issue and still need clarification, you can write your question in
+this issue. It is also advisable to search the internet for answers first.
+
+If you then still feel the need to ask a question and need clarification, please
+follow the steps in [Reporting bugs](#reporting-bugs).
+
+## I want to contribute
+
+### Reporting bugs
+
+#### Before submitting a bug report
+
+A good bug report shouldn't leave others needing to chase you up for more information. Therefore, we
+ask you to investigate carefully, collect information and describe the issue in detail in your report.
+Please complete the following steps in advance to help us fix any potential bug as fast as possible:
+
+- Make sure that you are using the latest version.
+- Determine if your bug is really a bug and not an error on your side e.g. using incompatible environment
+  components/versions.
+- To see if other users have experienced (and potentially already solved) the same issue you are having,
+  check if there is not already a bug report existing for your bug or error in the [bug tracker][issues_bugs].
+- Also make sure to search the internet to see if users outside of the GitHub community have discussed
+  the issue.
+- Collect information about the bug:
+  - Axis device model
+  - Axis device firmware version
+  - Stack trace
+  - OS and version (Windows, Linux, macOS, x86, ARM)
+  - Version of the interpreter, compiler, SDK, runtime environment, package manager, depending on what
+    seems relevant
+  - Possibly your input and the output
+  - Can you reliably reproduce the issue? And can you also reproduce it with older versions?
+
+#### How do I submit a good bug report?
+
+We use GitHub issues to track bugs and errors. If you run into an issue with the project:
+
+- Open an [issue][issues_new].
+- Explain the behavior you would expect and the actual behavior.
+- Please provide as much context as possible and describe the *reproduction steps* that someone else
+  can follow to recreate the issue on their own.
+- Provide the information you collected in the previous section.
+
+Once it's filed:
+
+- The project team will label the issue accordingly.
+- A team member will try to reproduce the issue with your provided steps. If there are no reproduction
+  steps or no obvious way to reproduce the issue, the team will ask you for those steps. Bugs without
+  steps will not be addressed until they can be reproduced.
+- If the team is able to reproduce the issue, it will be prioritized according to severity.
+
+### Suggesting enhancements
+
+This section guides you through submitting an enhancement suggestion,
+**including completely new features and minor improvements to existing functionality**.
+Following these guidelines will help maintainers and the community to understand your suggestion and
+find related suggestions.
+
+#### Before Submitting an Enhancement
+
+- Make sure that you are using the latest version.
+- Read the documentation carefully and find out if the functionality is already covered, maybe by an
+  individual configuration.
+- Perform a [search][issues] to see if the enhancement has already been suggested. If it has, add a
+  comment to the existing issue instead of opening a new one.
+- Find out whether your idea fits with the scope and aims of the project. Keep in mind that we want
+  features that will be useful to the majority of our users and not just a small subset.
+
+#### How do I submit a good enhancement suggestion?
+
+Enhancement suggestions are tracked as [GitHub issues][issues].
+
+- Use a **clear and descriptive title** for the issue to identify the suggestion.
+- Provide a **step-by-step description of the suggested enhancement** in as many details as possible.
+- **Describe the current behavior** and **explain which behavior you expected to see instead** and why.
+  At this point you can also tell which alternatives do not work for you.
+- You may want to **include screenshots and animated GIFs** which help you demonstrate the steps or
+  point out the part which the suggestion is related to.
+- **Explain why this enhancement would be useful** to most users. You may also want to point out the
+  other projects that solved it better and which could serve as inspiration.
+
+### Your first code contribution
+
+Start by [forking the repository](https://docs.github.com/en/github/getting-started-with-github/fork-a-repo),
+i.e. copying the repository to your account to grant you write access. Continue with cloning the
+forked repository to your local machine.
+
+```sh
+git clone https://github.com/<your username>/AxisCommunications/docker-acap.git
+```
+
+Navigate into the cloned directory and create a new branch:
+
+```sh
+cd docker-acap
+git switch -c <branch name>
+```
+
+Update the code according to your requirements, and commit the changes using the
+[conventional commits](https://www.conventionalcommits.org) message style:
+
+```sh
+git commit -a -m 'Follow the conventional commit messages style to write this message'
+```
+
+Continue with pushing the local commits to GitHub:
+
+```sh
+git push origin <branch name>
+```
+
+Before opening a Pull Request (PR), please consider the following guidelines:
+
+- Please make sure that the code builds perfectly fine on your local system.
+- Make sure that all linters pass, see [Lint of codebase](#lint-of-codebase)
+- The PR will have to meet the code standard already available in the repository.
+- Explanatory comments related to code functions are required. Please write code comments for a better
+  understanding of the code for other developers.
+- Note that code changes or additions to the `.github` folder (or sub-folders) will not be accepted.
+
+And finally when you are satisfied with your changes, open a new PR.
+
+### Lint of codebase
+
+A set of different linters test the codebase and these must pass in order to get a pull request approved.
+
+#### Linters in GitHub Action
+
+When you create a pull request, a set of linters will run syntax and format checks on different file
+types in GitHub actions by making use of a tool called [super-linter][super-linter]. If any of the
+linters gives an error, this will be shown in the action connected to the pull request.
+
+In order to speed up development, it's possible to run linters as part of your local development environment.
+
+#### Run super-linter locally
+
+Since super-linter is using a Docker image in GitHub Actions, users of other editors may run it locally
+to lint the codebase. For complete instructions and guidance, see super-linter page for [running locally][super-linter-local].
+
+To run a number of linters on the codebase from command line:
+
+```sh
+docker run --rm \
+  -v $PWD:/tmp/lint \
+  -e RUN_LOCAL=true \
+  -e LINTER_RULES_PATH=/ \
+  -e VALIDATE_BASH=true \
+  -e VALIDATE_DOCKERFILE_HADOLINT=true \
+  -e VALIDATE_MARKDOWN=true \
+  -e VALIDATE_SHELL_SHFMT=true \
+  -e VALIDATE_YAML=true \
+  ghcr.io/super-linter/super-linter:slim-v6
+```
+
+See [`.github/workflows/lint.yml`](.github/workflows/lint.yml) for the exact setup used by this project.
+
+#### Run super-linter interactively
+
+It might be more convenient to run super-linter interactively. Run container and enter command line:
+
+```sh
+docker run --rm \
+  -v $PWD:/tmp/lint \
+  -w /tmp/lint \
+  --entrypoint /bin/bash \
+  -it ghcr.io/super-linter/super-linter:slim-v6
+```
+
+Then from the container terminal, the following commands can lint the the code base for different
+file types:
+
+```sh
+# Lint Dockerfile files
+hadolint $(find -type f -name "Dockerfile*")
+
+# Lint Markdown files
+markdownlint .
+
+# Lint YAML files
+yamllint .
+
+# Lint shell script files
+shellcheck $(shfmt -f .)
+shfmt -d .
+```
+
+To lint only a specific file, replace `.` or `$(COMMAND)` with the file path.
+
+<!-- markdownlint-disable MD034 -->
+[issues]: https://github.com/AxisCommunications/docker-acap/issues
+[issues_new]: https://github.com/AxisCommunications/docker-acap/issues/new
+[issues_bugs]: https://github.com/AxisCommunications/docker-acap/issues?q=label%3Abug
+[super-linter]: https://github.com/super-linter/super-linter
+[super-linter-local]: https://github.com/super-linter/super-linter/blob/main/docs/run-linter-locally.md
+
+<!-- markdownlint-enable MD034 -->
-Original file line number
+Diff line change
@@ -1,2 +1,3 @@
     build-*
     tmp
+    .vscode