d9774d2968
## Root Cause Between Nov 25-26, a CDN redirect was added without curl's `-L` flag, causing version cache corruption and automatic downgrades. ## Three Critical Bugs Fixed ### Bug #1: CheckForUpdatesJob could overwrite newer cached version - Problem: CDN serving older version would overwrite local cache - Solution: Smart version merge - keep max Coolify version, update other components - Location: app/Jobs/CheckForUpdatesJob.php:33-52 ### Bug #2: Manual updates bypassed downgrade protection - Problem: Downgrade guard only applied to auto-updates - Solution: Always block downgrades for both manual and auto-updates - Location: app/Actions/Server/UpdateCoolify.php:65-75 ### Bug #3: Updates used stale local cache - Problem: Never validated cache against CDN at update time - Solution: Fetch fresh CDN data before executing updates - Location: app/Actions/Server/UpdateCoolify.php:34-49 ## Additional Improvement: Centralized CDN Configuration Added three new config keys for easy CDN management: - `cdn_url` - Base CDN URL (default: https://cdn.coollabs.io) - `versions_url` - Full versions.json URL - `upgrade_script_url` - Full upgrade.sh URL All configurable via environment variables: ```bash CDN_URL=https://cdn.coolify.io VERSIONS_URL=https://custom-cdn.example.com/versions.json UPGRADE_SCRIPT_URL=https://custom-cdn.example.com/upgrade.sh ``` ## Files Modified - config/constants.php - CDN configuration - app/Jobs/CheckForUpdatesJob.php - Smart version merge + centralized URL - app/Actions/Server/UpdateCoolify.php - Downgrade protection + fresh fetch + centralized URLs - app/Jobs/CheckHelperImageJob.php - Centralized URL - bootstrap/helpers/shared.php - Centralized URL ## Testing - ✅ All modified files pass Pint formatting - ✅ 78 unit tests pass (2 pre-existing failures unrelated to changes) ## Impact - No breaking changes - defaults to current CDN - Easy CDN migration via environment variables - Prevents all downgrade scenarios - Maintains independent Sentinel/Helper/Traefik updates 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
99 lines
3.4 KiB
PHP
99 lines
3.4 KiB
PHP
<?php
|
|
|
|
namespace App\Actions\Server;
|
|
|
|
use App\Models\Server;
|
|
use Illuminate\Support\Facades\Http;
|
|
use Illuminate\Support\Facades\Log;
|
|
use Illuminate\Support\Sleep;
|
|
use Lorisleiva\Actions\Concerns\AsAction;
|
|
|
|
class UpdateCoolify
|
|
{
|
|
use AsAction;
|
|
|
|
public ?Server $server = null;
|
|
|
|
public ?string $latestVersion = null;
|
|
|
|
public ?string $currentVersion = null;
|
|
|
|
public function handle($manual_update = false)
|
|
{
|
|
if (isDev()) {
|
|
Sleep::for(10)->seconds();
|
|
|
|
return;
|
|
}
|
|
$settings = instanceSettings();
|
|
$this->server = Server::find(0);
|
|
if (! $this->server) {
|
|
return;
|
|
}
|
|
CleanupDocker::dispatch($this->server, false, false);
|
|
|
|
// Fetch fresh version from CDN instead of using cache
|
|
try {
|
|
$response = Http::retry(3, 1000)->timeout(10)
|
|
->get(config('constants.coolify.versions_url'));
|
|
|
|
if ($response->successful()) {
|
|
$versions = $response->json();
|
|
$this->latestVersion = data_get($versions, 'coolify.v4.version');
|
|
} else {
|
|
// Fallback to cache if CDN unavailable
|
|
Log::warning('Failed to fetch fresh version from CDN (unsuccessful response), using cache');
|
|
$this->latestVersion = get_latest_version_of_coolify();
|
|
}
|
|
} catch (\Throwable $e) {
|
|
Log::warning('Failed to fetch fresh version from CDN, using cache', ['error' => $e->getMessage()]);
|
|
$this->latestVersion = get_latest_version_of_coolify();
|
|
}
|
|
|
|
$this->currentVersion = config('constants.coolify.version');
|
|
if (! $manual_update) {
|
|
if (! $settings->is_auto_update_enabled) {
|
|
return;
|
|
}
|
|
if ($this->latestVersion === $this->currentVersion) {
|
|
return;
|
|
}
|
|
if (version_compare($this->latestVersion, $this->currentVersion, '<')) {
|
|
return;
|
|
}
|
|
}
|
|
|
|
// ALWAYS check for downgrades (even for manual updates)
|
|
if (version_compare($this->latestVersion, $this->currentVersion, '<')) {
|
|
Log::error('Downgrade prevented', [
|
|
'target_version' => $this->latestVersion,
|
|
'current_version' => $this->currentVersion,
|
|
'manual_update' => $manual_update,
|
|
]);
|
|
throw new \Exception(
|
|
"Cannot downgrade from {$this->currentVersion} to {$this->latestVersion}. ".
|
|
'If you need to downgrade, please do so manually via Docker commands.'
|
|
);
|
|
}
|
|
|
|
$this->update();
|
|
$settings->new_version_available = false;
|
|
$settings->save();
|
|
}
|
|
|
|
private function update()
|
|
{
|
|
$helperImage = config('constants.coolify.helper_image');
|
|
$latest_version = getHelperVersion();
|
|
instant_remote_process(["docker pull -q {$helperImage}:{$latest_version}"], $this->server, false);
|
|
|
|
$image = config('constants.coolify.registry_url').'/coollabsio/coolify:'.$this->latestVersion;
|
|
instant_remote_process(["docker pull -q $image"], $this->server, false);
|
|
|
|
$upgradeScriptUrl = config('constants.coolify.upgrade_script_url');
|
|
remote_process([
|
|
"curl -fsSL {$upgradeScriptUrl} -o /data/coolify/source/upgrade.sh",
|
|
"bash /data/coolify/source/upgrade.sh $this->latestVersion",
|
|
], $this->server);
|
|
}
|
|
}
|