Other: Bridge Millau 2.2.2

.gitlab-ci.yml

@@ -38,6 +38,7 @@ stages:
   - cache
   - test
   - build
+  - check
   - mirror
 
 # Stage: CACHE
@@ -138,9 +139,6 @@ build-qml:
   script:
     - make build
     - git diff && git diff-index --quiet HEAD
-    - curl -L https://services.nvd.nist.gov/rest/json/cves/1.0/
-    - gobinsec -verbose -wait -config utils/gobinsec_conf.yml
-      cmd/Desktop-Bridge/deploy/linux/proton-bridge
   artifacts:
     # Note: The latest artifacts for refs are locked against deletion, and kept
     # regardless of the expiry time. Introduced in GitLab 13.0 behind a
@@ -235,6 +233,26 @@ build-windows-qa:
   artifacts:
     name: "bridge-windows-qa-$CI_COMMIT_SHORT_SHA"
 
+# Stage: CHECK
+check-gobinsec:
+  stage: check
+  only:
+    - branches
+  cache:
+    key: gobinsec-cache
+    paths:
+      - gobinsec-cache.yml
+    policy: pull-push
+  before_script:
+    - mkdir build
+    - tar -xzf bridge_linux_*.tgz -C build
+  script:
+    - "[ ! -f ./gobinsec-cache.yml ] && wget bridgeteam.protontech.ch/bridgeteam/gobinsec-cache.yml"
+    - cat ./gobinsec-cache.yml
+    - gobinsec -cache -config utils/gobinsec_conf.yml build/proton-bridge
+
+
+
 # Stage: MIRROR
 
 mirror-repo:

Changelog.md

@@ -2,6 +2,16 @@
 
 Changelog [format](http://keepachangelog.com/en/1.0.0/)
 
+## [Bridge 2.2.2] Millau
+
+### Added
+* Introduced gobinsec cache.
+
+### Fixed
+* GODT-1743: Terminate running bridge if has old version.
+* GODT-1743: Quit bridge when opening manual install.
+
+
 ## [Bridge 2.2.1] Millau
 
 ### Added

Makefile

@@ -10,7 +10,7 @@ TARGET_OS?=${GOOS}
 .PHONY: build build-nogui build-launcher versioner hasher
 
 # Keep version hardcoded so app build works also without Git repository.
-BRIDGE_APP_VERSION?=2.2.1+git
+BRIDGE_APP_VERSION?=2.2.2+git
 APP_VERSION:=${BRIDGE_APP_VERSION}
 SRC_ICO:=bridge.ico
 SRC_ICNS:=Bridge.icns

internal/app/base/base.go

@@ -57,7 +57,6 @@ import (
 	"github.com/ProtonMail/proton-bridge/v2/pkg/keychain"
 	"github.com/ProtonMail/proton-bridge/v2/pkg/listener"
 	"github.com/ProtonMail/proton-bridge/v2/pkg/pmapi"
-	"github.com/allan-simon/go-singleinstance"
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli/v2"
 )
@@ -153,9 +152,9 @@ func New( //nolint:funlen
 	}
 	settingsObj := settings.New(settingsPath)
 
-	lock, err := singleinstance.CreateLockFile(locations.GetLockFile())
+	lock, err := checkSingleInstance(locations.GetLockFile(), settingsObj)
 	if err != nil {
-		logrus.Warnf("%v is already running", appName)
+		logrus.WithError(err).Warnf("%v is already running", appName)
 		return nil, api.CheckOtherInstanceAndFocus(settingsObj.GetInt(settings.APIPortKey))
 	}
 

internal/app/base/restart_test.go

@@ -21,7 +21,9 @@ import (
 	"strings"
 	"testing"
 
+	"github.com/Masterminds/semver/v3"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestIncrementRestartFlag(t *testing.T) {
@@ -47,3 +49,15 @@ func TestIncrementRestartFlag(t *testing.T) {
 		})
 	}
 }
+
+func TestVersionLessThan(t *testing.T) {
+	r := require.New(t)
+
+	old := semver.MustParse("1.1.0")
+	current := semver.MustParse("1.1.1")
+	newer := semver.MustParse("1.1.2")
+
+	r.True(old.LessThan(current))
+	r.False(current.LessThan(current))
+	r.False(newer.LessThan(current))
+}

internal/app/base/singleinstance_unix.go

@@ -0,0 +1,101 @@
+// Copyright (c) 2022 Proton AG
+//
+// This file is part of Proton Mail Bridge.
+//
+// Proton Mail Bridge is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Proton Mail Bridge is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Proton Mail Bridge. If not, see <https://www.gnu.org/licenses/>.
+
+//go:build !windows
+// +build !windows
+
+package base
+
+import (
+	"errors"
+	"os"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/Masterminds/semver/v3"
+	"github.com/ProtonMail/proton-bridge/v2/internal/config/settings"
+	"github.com/ProtonMail/proton-bridge/v2/internal/constants"
+	"github.com/allan-simon/go-singleinstance"
+	"golang.org/x/sys/unix"
+)
+
+// checkSingleInstance returns error if a bridge instance is already running
+// This instance should be stop and window of running window should be brought
+// to focus.
+//
+// For macOS and Linux when already running version is older than this instance
+// it will kill old and continue with this new bridge (i.e. no error returned).
+func checkSingleInstance(lockFilePath string, settingsObj *settings.Settings) (*os.File, error) {
+	if lock, err := singleinstance.CreateLockFile(lockFilePath); err == nil {
+		// Bridge is not runnig, continue normally
+		return lock, nil
+	}
+
+	if err := runningVersionIsOlder(settingsObj); err != nil {
+		return nil, err
+	}
+
+	pid, err := getPID(lockFilePath)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := unix.Kill(pid, unix.SIGTERM); err != nil {
+		return nil, err
+	}
+
+	// Need to wait some time to release file lock
+	time.Sleep(time.Second)
+
+	return singleinstance.CreateLockFile(lockFilePath)
+}
+
+func getPID(lockFilePath string) (int, error) {
+	file, err := os.Open(filepath.Clean(lockFilePath))
+	if err != nil {
+		return 0, err
+	}
+	defer func() { _ = file.Close() }()
+
+	rawPID := make([]byte, 10) // PID is probably up to 7 digits long, 10 should be enough
+	n, err := file.Read(rawPID)
+	if err != nil {
+		return 0, err
+	}
+
+	return strconv.Atoi(strings.TrimSpace(string(rawPID[:n])))
+}
+
+func runningVersionIsOlder(settingsObj *settings.Settings) error {
+	currentVer, err := semver.StrictNewVersion(constants.Version)
+	if err != nil {
+		return err
+	}
+
+	runningVer, err := semver.StrictNewVersion(settingsObj.Get(settings.LastVersionKey))
+	if err != nil {
+		return err
+	}
+
+	if !runningVer.LessThan(currentVer) {
+		return errors.New("running version is not older")
+	}
+
+	return nil
+}

internal/app/base/singleinstance_windows.go

@@ -0,0 +1,32 @@
+// Copyright (c) 2022 Proton AG
+//
+// This file is part of Proton Mail Bridge.
+//
+// Proton Mail Bridge is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Proton Mail Bridge is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Proton Mail Bridge. If not, see <https://www.gnu.org/licenses/>.
+
+//go:build windows
+// +build windows
+
+package base
+
+import (
+	"os"
+
+	"github.com/ProtonMail/proton-bridge/v2/internal/config/settings"
+	"github.com/allan-simon/go-singleinstance"
+)
+
+func checkSingleInstance(lockFilePath string, _ *settings.Settings) (*os.File, error) {
+	return singleinstance.CreateLockFile(lockFilePath)
+}

internal/frontend/qml/Notifications/Notifications.qml

@@ -193,6 +193,7 @@ QtObject {
                 onTriggered: {
                     Qt.openUrlExternally(root.backend.landingPageLink)
                     root.updateManualError.active = false
+                    root.backend.quit()
                 }
             },
             Action {

test/Makefile

@@ -1,7 +1,7 @@
 .PHONY: check-go check-godog install-godog test test-bridge test-live test-live-bridge test-stage test-debug test-live-debug bench
 
 export GO111MODULE=on
-export BRIDGE_VERSION:=2.2.1+integrationtests
+export BRIDGE_VERSION:=2.2.2+integrationtests
 export VERBOSITY?=fatal
 export TEST_DATA=testdata
 

utils/gobinsec_conf.yml

@@ -1,5 +1,9 @@
 ---
 
+file:
+  name: "./gobinsec-cache.yml"
+  expiration: 24h
+
 ignore:
   # golang.org/x/net wrong match, we are using 2871e0cb, fixed by 37e1c6af
   - "CVE-2021-33194"