rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app
History
Andras Bacsai d9774d2968 Fix: Prevent version downgrades and centralize CDN configuration (#7383) 
## Root Cause
Between Nov 25-26, a CDN redirect was added without curl's `-L` flag,
causing version cache corruption and automatic downgrades.

## Three Critical Bugs Fixed

### Bug #1: CheckForUpdatesJob could overwrite newer cached version
- Problem: CDN serving older version would overwrite local cache
- Solution: Smart version merge - keep max Coolify version, update other components
- Location: app/Jobs/CheckForUpdatesJob.php:33-52

### Bug #2: Manual updates bypassed downgrade protection
- Problem: Downgrade guard only applied to auto-updates
- Solution: Always block downgrades for both manual and auto-updates
- Location: app/Actions/Server/UpdateCoolify.php:65-75

### Bug #3: Updates used stale local cache
- Problem: Never validated cache against CDN at update time
- Solution: Fetch fresh CDN data before executing updates
- Location: app/Actions/Server/UpdateCoolify.php:34-49

## Additional Improvement: Centralized CDN Configuration

Added three new config keys for easy CDN management:
- `cdn_url` - Base CDN URL (default: https://cdn.coollabs.io)
- `versions_url` - Full versions.json URL
- `upgrade_script_url` - Full upgrade.sh URL

All configurable via environment variables:
```bash
CDN_URL=https://cdn.coolify.io
VERSIONS_URL=https://custom-cdn.example.com/versions.json
UPGRADE_SCRIPT_URL=https://custom-cdn.example.com/upgrade.sh
```

## Files Modified
- config/constants.php - CDN configuration
- app/Jobs/CheckForUpdatesJob.php - Smart version merge + centralized URL
- app/Actions/Server/UpdateCoolify.php - Downgrade protection + fresh fetch + centralized URLs
- app/Jobs/CheckHelperImageJob.php - Centralized URL
- bootstrap/helpers/shared.php - Centralized URL

## Testing
-  All modified files pass Pint formatting
-  78 unit tests pass (2 pre-existing failures unrelated to changes)

## Impact
- No breaking changes - defaults to current CDN
- Easy CDN migration via environment variables
- Prevents all downgrade scenarios
- Maintains independent Sentinel/Helper/Traefik updates

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-28 15:20:33 +01:00
..
Actions Fix: Prevent version downgrades and centralize CDN configuration (#7383) 2025-11-28 15:20:33 +01:00
Console fix: improve error handling and output capturing during Git operations in SyncBunny command 2025-11-27 10:51:25 +01:00
Contracts refactor: streamline job status retrieval and clean up repository interface 2025-01-10 19:53:13 +01:00
Data feat(proxy): add Traefik version tracking with notifications and dismissible UI warnings 2025-11-18 14:53:49 +01:00
Enums Add new role enum and apply authorization 2024-10-28 17:08:24 +01:00
Events feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection 2025-11-25 16:40:35 +01:00
Exceptions feat(DeploymentException): add custom exception for deployment errors and update handler to exclude from reporting 2025-11-11 15:08:26 +01:00
Helpers feat(ssh-multiplexing): add connection age metadata handling to improve multiplexed connection management 2025-09-10 08:38:36 +02:00
Http feat: add predefined network connection for pgAdmin and postgresus services 2025-11-28 10:29:13 +01:00
Jobs Fix: Prevent version downgrades and centralize CDN configuration (#7383) 2025-11-28 15:20:33 +01:00
Listeners refactor(proxy): streamline proxy status handling and improve dashboard availability checks 2025-06-11 12:02:39 +02:00
Livewire feat(ui): Logs color highlight based on log level (#7288) 2025-11-28 13:27:51 +01:00
Models fix: enhance security by validating and escaping database names, file paths, and proxy configuration filenames to prevent command injection 2025-11-27 14:36:31 +01:00
Notifications feat(proxy): enhance Traefik version notifications to show patch and minor upgrades 2025-11-18 14:53:49 +01:00
Policies feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection 2025-11-25 16:40:35 +01:00
Providers feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection 2025-11-25 16:40:35 +01:00
Repositories refactor: streamline job status retrieval and clean up repository interface 2025-01-10 19:53:13 +01:00
Rules feat: add YAML validation for cloud-init scripts 2025-10-11 13:56:55 +02:00
Services fix: don't show health status for exited containers 2025-11-24 09:09:37 +01:00
Support feat(validation): centralize validation patterns for names and descriptions 2025-08-19 12:14:48 +02:00
Traits fix: don't show health status for exited containers 2025-11-24 09:09:37 +01:00
View/Components feat: add availableSharedVariables method and enhance env-var-input component for better password handling 2025-11-27 10:23:46 +01:00