Nextcloud Appstore improvements

App store in action
New app store in action

The Appstore is an important part of the vision behind Nextcloud: building a healthy ecosystem around our project. The store makes it easy for users to discover and install new applications while it enables developers to reach a wider audience. In this blog we go over the main improvements as well as some plans for the future.

For developers

As we’d like to encourage developers to contribute to the Nextcloud ecosystem, making it easy to distribute applications was a major goal for the updated app store.

Parsing, validating and REST API

To avoid having to enter details twice, the info.xml is parsed after upload and validated. We catch mistakes in folder structure or naming and other issues. Then, from the xml we generate the details of the app store entry like app name, description and more. A special XML Schema will be provided so developers can validate their info.xml offline, which also enables IDEs such as PHPStorm to provide autocompletion and validation. And very cool: descriptions support Markdown so you can finally include proper looking links and markup!

Log in with Oauth
Log in with OAuth

Another really cool improvement is our REST API for publishing apps, enabling developers to automate everything even more. The new app store also makes it easy to offer ‘nightly’ versions and in the future we might also add alpha, beta or rc support in the store.

OAuth, multiple versions and security

Developers can now choose to log in with GitHub or BitBucket (no need for ANOTHER account) and multiple app developers can publish new versions. GUI support for co-maintainers isn’t finished yet, but coming soon!

Note that we do not host the archives on our server (for now), we only download and parse the archive’s info.xml. That allows us to easily host more than one release, especially as we recommend to ‘just’ link to a github-generated zip file of a release branch.

Since we also provide all dependencies in the API the built in app store (the one in the apps section) can actually let you install the latest working version instead of marking the app as incompatible because the newest version added dependencies which you can’t satisfy. We also might make it possible to explicitly install an older version of an app.

As for security: download URLs have to be HTTPS and we also create sha256 sums over the downloaded archive. Additionally you can sign your app using a certificate. We’re still very much looking for feedback on the security of the app store; while the new store is a big step forward there is much to do.

Easy to host and contribute to

A community isn’t really open if it doesn’t encourage people to fork, self-host and contribute! We want to make running and working on this app store easy and we’ve already made some big steps.

The API is designed in a way that we could also dump JSON files on a webserver and it would still work fine, so it should scale very well. This also means that people can just create two JSON files on their own server and deliver a fully fledged custom app store repo for their users. The store code is documented here.

We use Python and Django in the app store, giving access to quite a large number of libraries on a stable infrastructure. Contributions welcome!

For users

On the user side, changes are done in such a way that those using the built in app store in Nextcloud 11 should not notice a thing. Of course, if you visit apps.nextcloud.com you will see a nice, modern interface with many improvements!

This includes multi language support (not yet finished), a much more mobile-friendly web UI thanks to Twitter’s Bootstrap and a more visual experience with screenshots and such much more prominently visible. Thanks to recaptcha we make it harder to spam the app store or abuse the rating system.

The UI has gotten a overhaul with a cleanup of features and abilities. Commenting is integrated in our community forums’ app section, we direct people to the proper places for comments or bug reports and we have plenty of toughts on how to further improve the user experience.

The web store is Native ES6, meaning it supports the latest Edge, Safari (10, beta for upcoming OSX release), the latest Firefox and Chrome. However, older versions of these browsers or IE don’t work that well.

See the new store in action on apps.nextcloud.com!

Future

The new app store needs testing, feedback and several improvements are still planned. A neat example would be changelog support which enables Nextcloud to show the change log before the user approves updating to a new version. Another work-in-progress is rating; we’re thinking about a Steam like rating system so you can see both overall and recent ratings.

Get involved!

Credits:

This blog was written with a lot of help from BernhardPosselt, who’s also done much of the work on the app store, but a well deserved kudos goes to the other contributors, especially janibonnevier and adsworth who both made a big impact on the store. See who’s building and contributing here.

Notable Replies

  1. First and most important: Great work @BernhardPosselt and all the other contributors. That's really a huge step forward!

    I spotted one part in the announcement which raise a questions (sorry if I missed the correspondig pull request or discussion on GitHub).

    Markdown support for app descriptions is great. We discussed this already multiple times before. But what's the status of the internal Nextcloud apps page? Does it already support Markdown? Is something working on it? I think we all agree that app descriptions should not only look good in the app store but also in Nextcloud. :slight_smile:

  2. Rello says:

    Hello,
    Could anyone get the github-login working?
    It seems to work "a little" because i can se it as allowed in github - but i get an server error on the store

  3. Social logins have been changed recently (domain change), file an issue on github and cc @LukasReschke who has access to the logs :wink:

  4. Rello says:

    I would like to comment on the GITHUB integration.
    don´t know how deep it is connencted already - but here is my idea:

    • 99% of the apps will be hosted on GIT I assume
    • for every release version, the dev will create a GIT release
    • the latest git-release is always available at the same location (.../releases/latest)
    • this release page also includes the zip-archive (even so this includes the app-folder with "master" attached - but this could be handled during install)

    so wouldn´t this be a smart integration?

    • I publish an app in the appstore and provide the link to the GIT repository
    • when I want to push a new version, it is taken form the /latest or I enter the GIT-version number
    • appstore picks the release-notes/changelog of the release-info
    • appstore picks the info.xml from the corresponding archive
    • appstore uses the corresponding download from this release-version

    currently is a lot of double work.
    reading the info.xml saves one copy/past.
    the others would be a smart addition.

    what do you think?

  5. Unfortunately it's not as easy as it sounds :smiley:

    Most ownCloud org apps like contacts, mail and news need to be "compiled" first which means: fetch libs from composer, bower and npm, build and minimize javascript (or whatever js toolchain exists). We don't want to run these builds on our servers since we don't want to create a full blown CI service. If we go for a simple approach it will lack in both functionality and security.

    Apart from that if you download a source archive from github, the first level folder will be named like news-master or news-1.7.0 which is an invalid folder structure. So we would need to download and repackage the archive and host it on our servers (which we want to avoid).

    There may also be releases that you don't want to push to the app store, e.g. pre-releases or very old releases so an automated process would be problematic (sure we could add some conventions but well :smiley: ). Also error cases like invalid info.xmls for releases would add another layer of complexity I think :slight_smile:

    In my mind the basic workflow could work like this:

    • If a new git tag is pushed the release is built on Travis and deployed to your github releases page (there's a hook for that)
    • Travis then uses curl or ncdev to send the app store the link to the recently uploaded archive
    • AFAIK credentials can be encrypted with Travis' public key so you can add them into your travis.yml as plain text

    PS: Changelogs will be parsed directly from the release archive which contains a standardized CHANGELOG.md (we still need to figure out the best way to do this :D)

  6. Or you could also write your app in Haxe and transpile to PHP

  7. Any chance we can get the Calendar app's description changed from being about the "built in ownCloud calendar" to Nextcloud?

  8. bjoern says:

    For now I would suggest to create a pull request against the original repository to replace/remove ownCloud with something neutral, similar to what was done for the gallery app: https://github.com/owncloud/gallery/pull/696

Continue the discussion The Nextcloud forums

7 more replies

Participants