Feature/update manager

[Sebbeben]

Summary

This PR adds a comprehensive Update Manager similar to Mainsail's update system, allowing administrators to update Part-DB directly from the web interface.

Key Features

• Web UI at /admin/update-manager showing current and available versions
• Support for Git-based installations with automatic update execution
• Maintenance mode during updates to prevent user access
• Automatic database backup before updates with restore capability
• Git rollback points for recovery (tags created before each update)
• Progress tracking with real-time status updates
• Update history and log viewing
• Downgrade support with appropriate UI warnings
• CLI command php bin/console partdb:update for server-side updates
• Backup restore feature with confirmation dialogs

New Components

• UpdateManagerController: Handles all web UI routes
• UpdateCommand: CLI command for running updates
• UpdateExecutor: Core update execution logic with safety mechanisms
• UpdateChecker: GitHub API integration for version checking
• InstallationTypeDetector: Detects installation type (Git/Docker/ZIP)
• UpdateExtension: Twig functions for update notifications
• Stimulus controllers for CSP-compliant confirmation dialogs

UI Improvements

• Update notification in navbar for admins when update is available
• Confirmation dialogs for update/downgrade actions
• Downgrade-specific messaging when reverting to older versions
• Warning when downgrading to versions without Update Manager
• Progress page with auto-refresh during updates
• Backup management with restore functionality

Permissions

• New permission: @system.manage_updates (automatically granted to users with show_updates and server_infos)
• Permission schema bumped to version 4

Safety Features

• Exclusive lock prevents concurrent updates
• Maintenance mode prevents user access during updates
• Automatic backup before every update
• Git tags created as rollback points
• Comprehensive error handling and logging
• Update precondition validation

Installation Type Support

• Git installations: Full auto-update support ✅
• ZIP installations: Update detection only (manual update instructions provided)
• Docker installations: Detected but shows manual instructions

Test Plan

• Test update from older version to newer version
• Test downgrade from newer version to older version
• Test confirmation dialogs (update and downgrade)
• Test backup creation during updates
• Test backup restore functionality
• Verify maintenance mode blocks users during updates
• Verify permissions work correctly
• Test on Git-based installation

Screenshots

The interface shows available updates, current version, update history, and backup management with restore functionality.

[codecov]

Codecov Report

❌ Patch coverage is 2.55616% with 1258 lines in your changes missing coverage. Please review.
✅ Project coverage is 55.33%. Comparing base (ae4c078) to head (fa4ae63).
⚠️ Report is 17 commits behind head on master.

Files with missing lines	Patch %	Lines
src/Services/System/UpdateExecutor.php	0.51%	584 Missing ⚠️
src/Command/UpdateCommand.php	0.00%	248 Missing ⚠️
src/Services/System/UpdateChecker.php	0.00%	156 Missing ⚠️
src/Controller/UpdateManagerController.php	0.00%	146 Missing ⚠️
src/Services/System/InstallationTypeDetector.php	1.13%	87 Missing ⚠️
src/EventSubscriber/MaintenanceModeSubscriber.php	15.38%	33 Missing ⚠️
src/Twig/UpdateExtension.php	73.33%	4 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##             master    #1217      +/-   ##
============================================
- Coverage     58.23%   55.33%   -2.90%     
- Complexity     7435     7752     +317     
============================================
  Files           582      589       +7     
  Lines         23656    24947    +1291     
============================================
+ Hits          13775    13805      +30     
- Misses         9881    11142    +1261     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[jbtronics]

Hey, thanks for the PR, it looks very cool and amazing.
I took a rough look through the code, and added some comments in github.

Some general remarks:

• As far as I see the updater does not update the frontend dependencies and does not compile it. So there should be steps added to run yarn install and yarn build
• There should be an env var option to completley disable the update process from the web, no matter the user permissions. So that server admins can disable that for security reasons or if that interferes with some other deployment process.
• I think the whole logic to do the actual backup/restores should be moved to its own service (that can then maybe be utilized by the backup command). Also the backup management logic should maybe be extracted to its own BackupManager service, so that it could be utilized for other things later
• Maybe there should be some additional permission or at least some env var option to enable/disable backup restoring. That is quite an powerful and potentially destructive command, which could allow users to destroy months of work.
• That are quite complex (and critical) new logics, it would be good to have that at least somehow testable automatically. Even though i see that this maybe difficult to test with classical phpunit tests. I will think about it, maybe some github actions workflow that tries to run the update commands, would be be good to ensure at least a bit of reliability.

[Sebbeben]

Thanks, glad you like it! I've addressed all the points:

1. Yarn install/build steps

• Added yarn validation check in validateUpdatePreconditions()
• Added Step 8 (yarn install) and Step 9 (yarn build) to the update process
• Also added yarn reinstall/rebuild during rollback

2. Environment variable to disable web updates

• Added DISABLE_WEB_UPDATES env var (default: 0)
• When enabled, shows warning message and hides update buttons
• API endpoints return 403 Access Denied

3. Extracted BackupManager service

• Created src/Services/System/BackupManager.php with backup/restore logic
• UpdateExecutor now delegates to BackupManager (with deprecated wrapper methods for BC)
• This allows the backup functionality to be reused elsewhere (e.g., dedicated backup command)

4. Backup restore permission/control

• Added DISABLE_BACKUP_RESTORE env var (default: 0)
• Separate from web updates since restore is a destructive operation
• Shows warning and hides restore buttons when disabled

5. Automated tests

• Added BackupManagerTest.php (6 tests)
• Added UpdateExecutorTest.php (12 tests)
• All 18 tests passing

[jbtronics]

So i did some optimizations of the code during the more detailed review.
You should take a look again and test out if everything is working fine.
I removed quite some translation messages, which seemed unused.

If everythings works, i can merge the PR.

It would be good, if there is some documentation to the update features. For now i would keep it under an experimental status, I have disabled by default for now. If there was some experienced gathered how reliable everything works for the end user, we can make it enabled by default.

[Sebbeben]

Thanks for the review and optimizations! I've tested everything and all 17 tests pass.

I've also added documentation:

• New docs/usage/update_manager.md with comprehensive feature documentation
• Updated docs/usage/console_commands.md with the new commands

The documentation notes the experimental status and that web updates are disabled by default.

Also improved the .env comments for DISABLE_WEB_UPDATES and DISABLE_BACKUP_RESTORE to clarify that 0=enabled and 1=disabled, since the original wording wasn't clear about this.

[jbtronics]

I merged the PR.

Thanks again for your PR.

[Sebbeben]

I merged the PR.

Thanks again for your PR.

It is me that should thank you for making Part DB possible, thank you very much for that! You are making a fantastic job!