diff --git a/api/http/handler/customtemplates/customtemplate_create.go b/api/http/handler/customtemplates/customtemplate_create.go index 9433affa2..e01ba01df 100644 --- a/api/http/handler/customtemplates/customtemplate_create.go +++ b/api/http/handler/customtemplates/customtemplate_create.go @@ -236,7 +236,14 @@ func (handler *Handler) createCustomTemplateFromGitRepository(r *http.Request) ( projectPath := handler.FileService.GetCustomTemplateProjectPath(strconv.Itoa(customTemplateID)) customTemplate.ProjectPath = projectPath - err = handler.GitService.CloneRepository(projectPath, payload.RepositoryURL, payload.RepositoryReferenceName, payload.RepositoryUsername, payload.RepositoryPassword) + repositoryUsername := payload.RepositoryUsername + repositoryPassword := payload.RepositoryPassword + if !payload.RepositoryAuthentication { + repositoryUsername = "" + repositoryPassword = "" + } + + err = handler.GitService.CloneRepository(projectPath, payload.RepositoryURL, payload.RepositoryReferenceName, repositoryUsername, repositoryPassword) if err != nil { return nil, err } diff --git a/api/http/handler/edgestacks/edgestack_create.go b/api/http/handler/edgestacks/edgestack_create.go index b0b904faa..06edc2278 100644 --- a/api/http/handler/edgestacks/edgestack_create.go +++ b/api/http/handler/edgestacks/edgestack_create.go @@ -212,7 +212,14 @@ func (handler *Handler) createSwarmStackFromGitRepository(r *http.Request) (*por projectPath := handler.FileService.GetEdgeStackProjectPath(strconv.Itoa(int(stack.ID))) stack.ProjectPath = projectPath - err = handler.GitService.CloneRepository(projectPath, payload.RepositoryURL, payload.RepositoryReferenceName, payload.RepositoryUsername, payload.RepositoryPassword) + repositoryUsername := payload.RepositoryUsername + repositoryPassword := payload.RepositoryPassword + if !payload.RepositoryAuthentication { + repositoryUsername = "" + repositoryPassword = "" + } + + err = handler.GitService.CloneRepository(projectPath, payload.RepositoryURL, payload.RepositoryReferenceName, repositoryUsername, repositoryPassword) if err != nil { return nil, err } diff --git a/api/http/handler/stacks/create_kubernetes_stack.go b/api/http/handler/stacks/create_kubernetes_stack.go index 27d0971f7..918d1047d 100644 --- a/api/http/handler/stacks/create_kubernetes_stack.go +++ b/api/http/handler/stacks/create_kubernetes_stack.go @@ -172,7 +172,14 @@ func (handler *Handler) deployKubernetesStack(endpoint *portainer.Endpoint, stac } func (handler *Handler) cloneManifestContentFromGitRepo(gitInfo *kubernetesGitDeploymentPayload, projectPath string) (string, error) { - err := handler.GitService.CloneRepository(projectPath, gitInfo.RepositoryURL, gitInfo.RepositoryReferenceName, gitInfo.RepositoryUsername, gitInfo.RepositoryPassword) + repositoryUsername := gitInfo.RepositoryUsername + repositoryPassword := gitInfo.RepositoryPassword + if !gitInfo.RepositoryAuthentication { + repositoryUsername = "" + repositoryPassword = "" + } + + err := handler.GitService.CloneRepository(projectPath, gitInfo.RepositoryURL, gitInfo.RepositoryReferenceName, repositoryUsername, repositoryPassword) if err != nil { return "", err } diff --git a/api/http/handler/stacks/stack_create.go b/api/http/handler/stacks/stack_create.go index 7693746ca..53533ca33 100644 --- a/api/http/handler/stacks/stack_create.go +++ b/api/http/handler/stacks/stack_create.go @@ -14,7 +14,6 @@ import ( portainer "github.com/portainer/portainer/api" bolterrors "github.com/portainer/portainer/api/bolt/errors" gittypes "github.com/portainer/portainer/api/git/types" - httperrors "github.com/portainer/portainer/api/http/errors" "github.com/portainer/portainer/api/http/security" "github.com/portainer/portainer/api/internal/authorization" "github.com/portainer/portainer/api/internal/endpointutils" @@ -113,10 +112,6 @@ func (handler *Handler) stackCreate(w http.ResponseWriter, r *http.Request) *htt case portainer.DockerComposeStack: return handler.createComposeStack(w, r, method, endpoint, tokenData.ID) case portainer.KubernetesStack: - if tokenData.Role != portainer.AdministratorRole { - return &httperror.HandlerError{StatusCode: http.StatusForbidden, Message: "Access denied", Err: httperrors.ErrUnauthorized} - } - return handler.createKubernetesStack(w, r, method, endpoint) } @@ -241,6 +236,10 @@ func (handler *Handler) decorateStackResponse(w http.ResponseWriter, stack *port } func (handler *Handler) cloneAndSaveConfig(stack *portainer.Stack, projectPath, repositoryURL, refName, configFilePath string, auth bool, username, password string) error { + if !auth { + username = "" + password = "" + } err := handler.GitService.CloneRepository(projectPath, repositoryURL, refName, username, password) if err != nil { diff --git a/api/http/handler/stacks/stack_update_git.go b/api/http/handler/stacks/stack_update_git.go index 1daefec19..9d266cd89 100644 --- a/api/http/handler/stacks/stack_update_git.go +++ b/api/http/handler/stacks/stack_update_git.go @@ -106,7 +106,14 @@ func (handler *Handler) stackUpdateGit(w http.ResponseWriter, r *http.Request) * return &httperror.HandlerError{http.StatusInternalServerError, "Unable to move git repository directory", err} } - err = handler.GitService.CloneRepository(stack.ProjectPath, stack.GitConfig.URL, payload.RepositoryReferenceName, payload.RepositoryUsername, payload.RepositoryPassword) + repositoryUsername := payload.RepositoryUsername + repositoryPassword := payload.RepositoryPassword + if !payload.RepositoryAuthentication { + repositoryUsername = "" + repositoryPassword = "" + } + + err = handler.GitService.CloneRepository(stack.ProjectPath, stack.GitConfig.URL, payload.RepositoryReferenceName, repositoryUsername, repositoryPassword) if err != nil { restoreError := filesystem.MoveDirectory(backupProjectPath, stack.ProjectPath) if restoreError != nil { @@ -116,6 +123,13 @@ func (handler *Handler) stackUpdateGit(w http.ResponseWriter, r *http.Request) * return &httperror.HandlerError{http.StatusInternalServerError, "Unable to clone git repository", err} } + defer func() { + err = handler.FileService.RemoveDirectory(backupProjectPath) + if err != nil { + log.Printf("[WARN] [http,stacks,git] [error: %s] [message: unable to remove git repository directory]", err) + } + }() + httpErr := handler.deployStack(r, stack, endpoint) if httpErr != nil { return httpErr @@ -126,11 +140,6 @@ func (handler *Handler) stackUpdateGit(w http.ResponseWriter, r *http.Request) * return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist the stack changes inside the database", err} } - err = handler.FileService.RemoveDirectory(backupProjectPath) - if err != nil { - return &httperror.HandlerError{http.StatusInternalServerError, "Unable to remove git repository directory", err} - } - return response.JSON(w, stack) } diff --git a/api/portainer.go b/api/portainer.go index 897fc6b99..ab61f37bf 100644 --- a/api/portainer.go +++ b/api/portainer.go @@ -1341,7 +1341,7 @@ type ( const ( // APIVersion is the version number of the Portainer API - APIVersion = "2.5.1" + APIVersion = "2.6.0" // DBVersion is the version number of the Portainer database DBVersion = 30 // ComposeSyntaxMaxVersion is a maximum supported version of the docker compose syntax diff --git a/app/azure/views/containerinstances/create/createContainerInstanceController.js b/app/azure/views/containerinstances/create/createContainerInstanceController.js index 7d73a4477..3ea1ef8ea 100644 --- a/app/azure/views/containerinstances/create/createContainerInstanceController.js +++ b/app/azure/views/containerinstances/create/createContainerInstanceController.js @@ -8,7 +8,8 @@ angular.module('portainer.azure').controller('AzureCreateContainerInstanceContro 'Notifications', 'Authentication', 'ResourceControlService', - function ($q, $scope, $state, AzureService, Notifications, Authentication, ResourceControlService) { + 'FormValidator', + function ($q, $scope, $state, AzureService, Notifications, Authentication, ResourceControlService, FormValidator) { var allResourceGroups = []; var allProviders = []; @@ -70,6 +71,11 @@ angular.module('portainer.azure').controller('AzureCreateContainerInstanceContro return 'At least one port binding is required'; } + const error = FormValidator.validateAccessControl(model.AccessControlData, Authentication.isAdmin()); + if (error !== '') { + return error; + } + return null; } diff --git a/package.json b/package.json index b39d7106b..03731fd25 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "author": "Portainer.io", "name": "portainer", "homepage": "http://portainer.io", - "version": "2.5.1", + "version": "2.6.0", "repository": { "type": "git", "url": "git@github.com:portainer/portainer.git"