feat(ci): use git tea action instead of Jenkins

.gitea/workflows/ci.yml

@@ -0,0 +1,17 @@
+name: Autotools pipeline
+run-name: Building multi-platform autotools project
+on: [push]
+
+jobs:
+  build-amd64:
+    uses: dany/actions/.gitea/workflows/autotools-cross.yml@master
+    with:
+      platform: amd64
+  build-arm64:
+    uses: dany/actions/.gitea/workflows/autotools-cross.yml@master
+    with:
+      platform: arm64
+  build-arm:
+    uses: dany/actions/.gitea/workflows/autotools-cross.yml@master
+    with:
+      platform: arm

Jenkinsfile

@@ -1,106 +0,0 @@
-def build_plugin()
-{
-  sh '''
-  set -e
-  cd $WORKSPACE
-  mkdir -p build/$arch/opt/www
-  [ -f Makefile ] && make clean
-  libtoolize
-  aclocal
-  autoconf
-  automake --add-missing
-  ./configure  --prefix=/opt/www
-  make
-  DESTDIR=$WORKSPACE/build/$arch make install
-  '''
-}
-
-pipeline{
-  agent { node{ label'master' }}
-  options {
-    // Limit build history with buildDiscarder option:
-    // daysToKeepStr: history is only kept up to this many days.
-    // numToKeepStr: only this many build logs are kept.
-    // artifactDaysToKeepStr: artifacts are only kept up to this many days.
-    // artifactNumToKeepStr: only this many builds have their artifacts kept.
-    buildDiscarder(logRotator(numToKeepStr: "1"))
-    // Enable timestamps in build log console
-    timestamps()
-    // Maximum time to run the whole pipeline before canceling it
-    timeout(time: 3, unit: 'HOURS')
-    // Use Jenkins ANSI Color Plugin for log console
-    ansiColor('xterm')
-    // Limit build concurrency to 1 per branch
-    disableConcurrentBuilds()
-  }
-  stages
-  {
-    stage('Prepare dependencies')
-    {
-      steps {
-         copyArtifacts(projectName: 'gitea-sync/ant-http/master', target: 'antd');
-      }
-    }
-    stage('Build AMD64') {
-      agent {
-          docker {
-              image 'xsangle/ci-tools:bionic-amd64'
-              // Run the container on the node specified at the
-              // top-level of the Pipeline, in the same workspace,
-              // rather than on a new node entirely:
-              reuseNode true
-              registryUrl 'http://workstation:5000/'
-          }
-      }
-      steps {
-        script{
-          env.arch = "amd64"
-        }
-        build_plugin()
-      }
-    }
-    stage('Build ARM64') {
-      agent {
-          docker {
-              image 'xsangle/ci-tools:bionic-arm64'
-              // Run the container on the node specified at the
-              // top-level of the Pipeline, in the same workspace,
-              // rather than on a new node entirely:
-              reuseNode true
-              registryUrl 'http://workstation:5000/'
-          }
-      }
-      steps {
-        script{
-          env.arch = "arm64"
-        }
-        build_plugin()
-      }
-    }
-    stage('Build ARM') {
-      agent {
-          docker {
-              image 'xsangle/ci-tools:bionic-arm'
-              // Run the container on the node specified at the
-              // top-level of the Pipeline, in the same workspace,
-              // rather than on a new node entirely:
-              reuseNode true
-              registryUrl 'http://workstation:5000/'
-          }
-      }
-      steps {
-        script{
-          env.arch = "arm"
-        }
-        build_plugin()
-      }
-    }
-    stage('Archive') {
-      steps {
-        script {
-            archiveArtifacts artifacts: 'build/', fingerprint: true
-        }
-      }
-    }
-  }
-}

configure.ac

@@ -1,5 +1,5 @@
 # initialise autoconf and set up some basic information about the program we’re packaging
-AC_INIT([silk], [0.1.0], [xsang.le@gmail.com])
+AC_INIT([silk], [1.0.0], [xsang.le@gmail.com])
 
 # We’re going to use automake for this project
 # [subdir-objects] if needed

silkmvc/BaseController.lua

@@ -93,8 +93,19 @@ function AssetController:index(...)
 end
 
 function AssetController:get(...)
-    local path = WWW_ROOT..DIR_SEP..implode({...}, DIR_SEP)
+    -- check for access in all parent DIR
-
+    local DENIEDF = ".DENIED"
+    local curr_dir = WWW_ROOT
+    local args = {...}
+    for i, v in ipairs(explode(args[1], "/")) do
+        LOG_DEBUG("Checking acess for %s", curr_dir)
+        if ulib.exists(curr_dir..DIR_SEP..DENIEDF) then
+            self:error("Access forbidden: "..curr_dir)
+            return false
+        end
+        curr_dir = curr_dir..DIR_SEP..v
+    end
+    local path = WWW_ROOT..DIR_SEP..implode(args, DIR_SEP)
     if self.registry.fileaccess and ulib.exists(path) then
         local mime = std.mimeOf(path)
         if POLICY.mimes[mime] then

silkmvc/core/hook.lua

@@ -4,7 +4,7 @@ math.randomseed(os.time())
 __api__ = {
     apiroot = string.format("%s/lua", _SERVER["LIB_DIR"]),
     tmpdir = _SERVER["TMP_DIR"],
-    dbpath = _SERVER["DB_DIR"]
+    dbpath = "/var/silk"
 }
 -- root dir
 __ROOT__ = _SERVER["DOCUMENT_ROOT"]

silkmvc/core/mimes.lua

@@ -37,10 +37,13 @@ setmetatable(default_mimes, {
 	end
 })
 function std.mime(ext)
-	return default_mimes[ext]
+	return default_mimes[ext:lower()]
 end
 function std.extra_mime(name)
     local ext = utils.ext(name)
+    if ext then
+        ext = ext:lower()
+    end
     local mpath = __ROOT__ .. "/" .. "mimes.json"
     if WWW_ROOT and not ulib.exists(mpath) then
         LOG_DEBUG("No extra mimes found in %s", mpath)
@@ -79,7 +82,11 @@ function std.mimeOf(name)
     if ulib.is_dir(name) then
         return "dir"
     end
-    local mime = std.mime(utils.ext(name))
+    local ext = utils.ext(name)
+    if not ext then
+        return "application/octet-stream", true
+    end
+    local mime = std.mime(ext)
     if mime ~= "application/octet-stream" then
         return mime
     else

silkmvc/core/sqlite.lua

@@ -1,5 +1,5 @@
 sqlite = require("sqlitedb")
-
+ulib = require("ulib")
 if sqlite == nil then
     return 0
 end
@@ -8,12 +8,34 @@ require("silk.core.OOP")
 
 sqlite.getdb = function(name)
     if name:find("%.db$") then
-        return sqlite.db(name)
+        local db = sqlite.db(name)
+        if db then
+            ret,err = ulib.chmod(name,"0600")
+            if not ret then
+                LOG_WARN("Unable to change mode of database file %s: %s", name, err)
+            end
+        end
+        return db
     elseif name:find("/") then
         LOG_ERROR("Invalid database name %s", name)
         return nil
     else
-        return sqlite.db(__api__.dbpath .. "/" .. name .. ".db")
+        -- default db path is /var/silk/
+        if not ulib.exists(__api__.dbpath) then
+            if not ulib.mkdir(__api__.dbpath) then
+                LOG_ERROR("Unable to create DB path: %s", __api__.dbpath)
+                return nil
+            end
+        end
+        local path = __api__.dbpath .. "/" .. name .. ".db"
+        local db = sqlite.db(path)
+        if db then
+            local ret,err = ulib.chmod(path,"0600")
+            if not ret then
+                LOG_WARN("Unable to change mode of database file %s: %s", path)
+            end
+        end
+        return db
     end
 end