* fix(stacks): hide stacks in sidebar EE-3683
* fix(stacks): for unauth, take the user to the dashboard
* fix(stacks): block the user from stack details EE-3683
* fix(stacks): disable stack managment for non admins
* fix(edge): filtering of edge devices [EE-3210]
fixes [EE-3210]
changes:
- replaces `edgeDeviceFilter` with two filters:
- `edgeDevice`
- `edgeDeviceUntrusted`
these filters will only apply to the edge endpoints in the query (so it's possible to get both regular endpoints and edge devices).
if `edgeDevice` is true, will filter out edge agents which are not an edge device.
false, will filter out edge devices
`edgeDeviceUntrusted` applies only when `edgeDevice` is true. then false (default) will hide the untrusted edge devices, true will show only untrusted edge devices.
fix(edge/job-create): retrieve only trusted endpoints + fix endpoint selector pagination limits onChange
fix(endpoint-groups): remove listing of untrusted edge envs (aka in waiting room)
refactor(endpoints): move filter to another function
feat(endpoints): separate edge filters
refactor(environments): change getEnv api
refactor(endpoints): use single getEnv
feat(groups): show error when failed loading envs
style(endpoints): remove unused endpointsByGroup
* chore(deps): update go to 1.18
* fix(endpoint): filter out untrusted by default
* fix(edge): show correct endpoints
* style(endpoints): fix typo
* fix(endpoints): fix swagger
* fix(admin): use new getEnv function
Co-authored-by: LP B <xAt0mZ@users.noreply.github.com>
* feat(buildinfo): ability to see build info [EE-2252]
* handle dark theme
* feat: add build info to status version
* feat: include ldflags in azure pipeline
* echo shell commands in azure build
* clean up main log
* allow tests to pass
* use data from backend
* allow clicking off modal to dismiss
* add placeholder versions
* refactor
* update button class
* fix modal displaying behind elements
Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
* fix(migration): close the database before running backups
On certain filesystems, particuarly NTFS when a network mounted windows
file server is used to store portainer's database, you are unable to
copy the database while it is open. To fix this we simply close the
database and then re-open it after a backup.
* handle close and open errors
* dont return error on nil
* feat(internal-auth): ability to set minimum password length [EE-3175]
* pass props to react component
* fixes + WIP slider
* fix slider updating + add styles
* remove nested ternary
* fix slider updating + add remind me later button
* add length to settings + value & onchange method
* finish my account view
* fix slider updating
* slider styles
* update style
* move slider in
* update size of slider
* allow admin to browse to authentication view
* use feather icons instead of font awesome
* feat(settings): add colors to password rules
* clean up tooltip styles
* more style changes
* styles
* fixes + use requiredLength in password field for icon logic
* simplify logic
* simplify slider logic and remove debug code
* use required length for logic to display pwd length warning
* fix slider styles
* use requiredPasswordLength to determine if password is valid
* style tooltip based on theme
* reset skips when password is changed
* misc cleanup
* reset skips when required length is changed
* fix formatting
* fix issues
* implement some suggestions
* simplify logic
* update broken test
* pick min password length from DB
* fix suggestions
* set up min password length in the DB
* fix test after migration
* fix formatting issue
* fix bug with icon
* refactored migration
* fix typo
* fixes
* fix logic
* set skips per user
* reset skips for all users on length change
Co-authored-by: Chaim Lev-Ari <chiptus@gmail.com>
Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
* refactor(docker): strongly type snapshot [EE-3256]
fixes [EE-3256]
* fix(endpoints): return empty from association api
* refactor(docker): ignore raw snapshot for swagger
The default expiration time of 8 hours does not make sense in the
context of the docker desktop extension. This adds a new feature flag
which can be enabled with `export DOCKER_EXTENSION=1` and when
present will set the expiration time to 99 years.
I've set this flag in the docker-compose.yml we use when building our
docker extension.
* Initial extension build
* Add auto login
fix auto auth
add some message
Add extension version
Double attempt to login
Add auto login from jwt check
Add autologin on logout
revert sidebar
Catch error 401 to relogin
cleanup login
Add password generator
Hide User block and collapse sidebar by default
hide user box and toggle sidebar
remove defailt dd
Integrate extension to portainer
Move extension to build
remove files from ignore
Move extension folder
fix alpine
try to copy folder
try add
Change base image
move folder extension
ignore folder build
Fix
relative path
Move ext to root
fix image name
versioned index
Update extension on same image
Update mod
* fix kubeshell baseurl
* Fix kube shell
* move build and remove https
* Tidy mod
* Remove space
* Fix hash test
* Password manager
* change to building locally
* Restore version variable and add local install command
* fix local dev image + hide users & auth
* Password manageListen on locahost onlyr
* FIxes base path
* Hide only username
* Move default to constants
* Update app/portainer/components/PageHeader/HeaderContent.html
Co-authored-by: Chaim Lev-Ari <chiptus@users.noreply.github.com>
* fix 2 failing FE tests [EE-2938]
* remove password autogeneration from v1
* fix webhooks
* fix docker container console and attach
* fix default for portainer IP
* update meta, dockerfile and makefile for new ver
* fix basepath in kube and docker console
* revert makefile changes
* add icon back
* Add remote short cut command
* make local methods the default
* default to 0.0.0 for version for local development
* simplify make commands
* small build fixes
* resolve conflicts
* Update api/filesystem/write.go
Co-authored-by: Chaim Lev-Ari <chiptus@users.noreply.github.com>
* use a more secure default pass
Co-authored-by: itsconquest <william.conquest@portainer.io>
Co-authored-by: Chaim Lev-Ari <chiptus@users.noreply.github.com>
* fix(edge-jobs): HTTP 404 on file upload
* fix(edge-jobs): state 'edge job' in message on edge job removal instead of 'stack'
* fix(api/edge-jobs): save changes on edge-jobs update
* feat(password) EE-2690 enforce strong password policy
* feat(password) EE-2690 disable create user button if password is not valid
* feat(password) EE-2690 show force password change warning only when week password is detected
* feat(password) EE-2690 prevent users leave account page by clicking add access token button
Co-authored-by: Simon Meng <simon.meng@portainer.io>
* EE-2128 take agent_sceret into account
* EE-2128 align output code
* EE-2128 fix copy command error
* EE-2128 align code
* EE-2128 fix typo
* Update endpoint.html
remove glint auto changes
* EE-2128 Format html with Prettier
* EE-2128 Adjust UI for dark mode and adopt AGENT_SECRET on k8s automatically
* EE-2128 fix bug created by merge
* EE-2128 Move the initailization of AGENT_SECRET to main.go
* EE-2128 read AGENT_SECRET when settings is initializing
* feat(app/registries): add name uniqueness validation on registry creation
* feat(api/registry): enforce name uniqueness on registry creation
* feat(api/registry): enforce name uniqueness on registry update
* feat(app/registry): enforce name uniqueness on registry update
* feat(registries): allow non-admin users to see environment registries
* remove unused function
* fix error message
* fix test
* fix imports order
* feat(registry): check access first, add parameters name
* use registryID
* fix(sidebar): allow standard users to see endpoint registries view
Co-authored-by: LP B <xAt0mZ@users.noreply.github.com>
This PR solves the issue that the Portainer instance will be always accessible in certain cases, like `restart: always` setting with docker run, even if the administrator is not created in the first 5 minutes.
The solution is that the user will be redirected to a timeout page when any actions, such as refresh the page and click button, are made after administrator initialisation window(5 minutes) timeout.
* EE-2353 Check unique name when creating new deployment in kubernetes
* EE-2353 fix warning from gofmt
* EE-2353 add miss methon in kubernetes_mock.go
* EE-2353 add missing space
* EE-2353 Use kubernetes cli to instead exec.command
* EE-2353 remove useless parameter
* EE-2353 remove unnecessary log in handle
* EE-2353 fix gofmt warning
* EE-2353 use ListOptions to filter the list
* EE-2353 add function description
* EE-2353 fix error
* Update api/kubernetes/cli/deploment.go
Co-authored-by: Chaim Lev-Ari <chiptus@users.noreply.github.com>
* EE-2353 change function name to HasStackName
Co-authored-by: Chaim Lev-Ari <chiptus@users.noreply.github.com>
* refactor(http): parse axios errors (#6325)
* refactor(home): use endpoint-list as react component [EE-1814] (#6060)
* refactor(home): use endpoint-list as react component
fix(home): add missing features and refactors
- kubebutton
- group name
- poll when endpoint is off
- state management
refactor(endpoints): use stat component
fix(endpoints): add space between items
refactor(endpoints): move stats to components
refactor(endpoints): fetch time
refactor(home): move logic
refactor(home): move fe render logic
refactor(settings): use vanilla js for publicSettings
refactor(kube): remove angular from kube config service
feat(home): add kubeconfig button
feat(home): send analytics when opening kubeconfig modal
fix(home): memoize footer
refactor(home): use react-query for loading
fix(home): show correct control for kubeconfig modal
refactor(home): use debounce
refactor(home): use new components
refactor(home): replace endpoints with environments
refactor(home): move endpoint-list component to home
fix(home): show group name
refactor(home): use switch for environment icon
fix(kubeconfig): fix default case
refactor(axios): use parse axios error
refactor(home): use link components for navigate
fix(home): align azure icon
refactor(home): refactor stats
refactor(home): export envstatusbadge
refactor(home): remove unused bindings
* chore(home): write tests for edge indicator
* chore(home): basic stories for environment item
* style(settings): reformat
* fix(environments): add publicurl
* refactor(home): use table components
* refactor(datatables): merge useSearchBarState
* refactor(home): fetch group in env item
* chore(tests): basic tests
* chore(home): test when no envs
* refactor(tags): use axios for tagService
* refactor(env-groups): use axios for getGroups
* feat(app): ui-state context provider
* refactor(home): create MotdPanel
* refactor(app): create InformationPanel
* feat(endpoints): fetch number of total endpoints
* refactor(app): merge hooks
* refactor(home): migrate view to react [EE-1810]
fixes [EE-1810]
refactor(home): wip use react view
feat(home): show message if no endpoints
refactor(home): show endpoint list
refactor(home): don't use home to manage link
refactor(home): move state
refactor(home): check if edge using util
refactor(home): move inf panels
chore(home): tests
refactor(home): load groups and tags in env-item
refactor(settings): revert publicSettings change
refactor(home): move confirm snapshot method
* fix(home): show tags
* fix(environments): handle missing snapshots
* fix(kube/volumes): fetch pesistent volume claims
* refactor(kube): remove use of endpointProvider
* refactor(endpoints): set current endpoint
* chore(home): add data-cy for tests
* chore(tests): mock axios-progress-bar
* refactor(home): move use env list to env module
* feat(app): sync home view changes with ee
* fix(home): sort page header
* fix(app): fix tests
* chore(github): use yarn cache
* refactor(environments): load list of groups
* chore(babel): remove auto 18n keys extraction
* chore(environments): fix tests
* refactor(k8s/application): use current endpoint
* fix(app/header): add margin to header
* refactor(app): remove unused types
* refactor(app): use rq onError handler
* refactor(home): wrap element with button
* Implement setter/getter for the sequence
* import/export counts
* fix go tests. rename vars
* Improved and simplified the logic. Made it more generic
* Remove unused methods
* remove unused methods
* not part of branch fix
* fix(settings): clear helm url if requested [EE-2494]
fix [EE-2494]
before this PR, helm url would clear when updating settings, if the helm url key wasn't provided.
in this PR, it will be changed only if required
* fix(settings): allow empty helm repo
* chore(deps): run yarn
* fix(settings): set helm repo url
* refactor(storidge): remove Storidge support from backend
* refactor(storidge): remove Storidge support from backend
* refactor(storidge): remove Storidge support from frontend
* fix(db) NeedsEncryptionMigration EE-2414
* fix for case where we started encrypted and restore unencrypted. We don't want to have two databases
* fix(db): handle decryption error EE-2466
Co-authored-by: Matt Hook <hookenz@gmail.com>
Co-authored-by: andres-portainer <andres-portainer@users.noreply.github.com>
* feat(performance): add settings to tune the performance of the database EE-2363
* Change panics to log.Fatals.
Co-authored-by: andres-portainer <andres-portainer@users.noreply.github.com>
* bootstrap encryption key
* secret key message change in cli and secret key file content trimmed
* Migrate encryption code to latest version
* pull in newer code
* tidying up
* working data encryption layer
* fix tests
* remove stray comment
* fix a few minor issues and improve the comments
* split out databasefilename with param to two methods to be more obvious
* DB encryption integration (#6374)
* json methods moved under DBConnection
* store encryption fixed
* cleaned
* review comments addressed
* newstore value fixed
* backup test updated
* logrus format config updated
* Fix for newStore
Co-authored-by: Matt Hook <hookenz@gmail.com>
* Minor improvements
* Improve the export code. Add missing webhook for import
* rename HelmUserRepositorys to HelmUserRepositories
* fix logging messages
* when starting portainer with a key (first use) http is disabled by default. But when starting fresh without a key, http is enabled?
* Fix bug for default settings on new installs
Co-authored-by: Prabhat Khera <prabhat.khera@portainer.io>
Co-authored-by: Prabhat Khera <91852476+prabhat-org@users.noreply.github.com>
* special handling for non-json types
* added tests for json MarshalObject
* another attempt
* Fix marshal/unmarshal code for VERSION bucket
* use short form
* don't discard err
* fix the json_test.go
* remove duplicate string
* added uuid tests
* updated case for strings
Co-authored-by: zees-dev <dev.786zshan@gmail.com>
* use the Store interface IsErrObjectNotFound() to avoid revealing internal errors
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* what happens when you extract the datastore interfaces into their own package
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* Start renaming Storage methods
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* extract the boltdb specific code from the Portainer storage code (example, the others need the same)
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* more extract bolt.Tx from datastore code
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* minimise imports by putting moving the struct definition into the file that needs the Service imports
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* more extraction of boltdb.Tx
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* extract the use of bucket.SetSequence
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* almost done - just endpoint.Synchonise :/
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* so, endpoint.Synchonize looks hard, but i can't find where we use it, so 'delete first refactoring'
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* fix test compile errors
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* test compile fixes after rebase
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* fix a mis-remembering I had wrt deserialisation - last time i used AnyData - jsoniter's bindTo looks interesting for the same reason
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* set us up to make the connection an interface
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* make the db connection a datastore interface, and separate out our datastore services from the bolt ones
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* rename methods to something less oltdb internals specific
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* these errors are not boltdb secific
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* start using the db-backend factory method too
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* export boltdb raw in case we can't export from the service layer
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* add a raw export from boltdb to yaml for broken db's, and an export services to yaml in backup
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* add the version info by hand for now
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* actually, the export from services can be fully typed - its the import that needs to do more work
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* redo raw export, and make import capable of using it
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* add DockerHub
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* migration from anything older than v1.21.0 has been broken for quite a while, deleting the un-tested code
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* fix go test ./... again
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* my goland wasn't setup to gofmt
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* move the two extremely dubious migration tests down into store, so they can use the test store code
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* the migrator is now free of boltdb
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* reverse goland overzealous replcement of internal with boltdb
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* more undo over-zealous goland internal->boltdb
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* yay, now bolt is only mentioned inside the api/database/ dir
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* and this might be the last of the boltdb references?
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* add todo
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* extract the store code into a separate module too
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* don't need the fileService in boltdb anymore
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* use IsErrObjectNotFound()
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* use a string to select what database backend we use
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* make isNew store an ephemeral bool that doesn't stay true after we've initialised it
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* move the import.json wip to a separate file so its more obvious - we'll be using it for testing, emergency fixups, and in the next part of the store work, when we improve migrations and data model lifecycles
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* undo vscode formatting html
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* fix app templates symbol (#6221)
* feat(webhook) EE-2125 send registry auth haeder when update swarms service via webhook (#6220)
* feat(webhook) EE-2125 add some helpers to registry utils
* feat(webhook) EE-2125 persist registryID when creating a webhook
* feat(webhook) EE-2125 send registry auth header when executing a webhook
* feat(webhook) EE-2125 send registryID to backend when creating a service with webhook
* feat(webhook) EE-2125 use the initial registry ID to create webhook on editing service screen
* feat(webhook) EE-2125 update webhook when update registry
* feat(webhook) EE-2125 add endpoint of update webhook
* feat(webhook) EE-2125 code cleanup
* feat(webhook) EE-2125 fix a typo
* feat(webhook) EE-2125 fix circle import issue with unit test
Co-authored-by: Simon Meng <simon.meng@portainer.io>
* fix(kubeconfig): show kubeconfig download button for non admin users [EE-2123] (#6204)
Co-authored-by: Simon Meng <simon.meng@portainer.io>
* fix data-cy for k8s cluster menu (#6226)
LGTM
* feat(stack): make stack created from app template editable EE-1941 (#6104)
feat(stack): make stack from app template editable
* fix(container):disable Duplicate/Edit button when the container is portainer (#6223)
* fix/ee-1909/show-pull-image-error (#6195)
Co-authored-by: sunportainer <ericsun@SG1.local>
* feat(cy): add data-cy to helm install button (#6241)
* feat(cy): add data-cy to add registry button (#6242)
* refactor(app): convert root folder files to es6 (#4159)
* refactor(app): duplicate constants as es6 exports (#4158)
* fix(docker): provide workaround to save network name variable (#6080)
* fix/EE-1862/unable-to-stop-or-remove-stack workaround for var without default value in yaml file
* fix/EE-1862/unable-to-stop-or-remove-stack check yaml file
* fixed func and var names
* wrapper error and used bool for stringset
* UT case for createNetworkEnvFile
* UT case for %s=%s
* powerful StringSet
* wrapper error for extract network name
* wrapper all the return err
* store more env
* put to env file
* make default value None
* feat: gzip static resources (#6258)
* fix(ssl)//handle --sslcert and --sslkey ee-2106 (#6203)
* fix/ee-2106/handle-sslcert-sslkey
Co-authored-by: sunportainer <ericsun@SG1.local>
* fix(server):support disable https only ee-2068 (#6232)
* fix/ee-2068/disable-forcely-https
* feat(store): implement store tests EE-2112 (#6224)
* add store tests
* add some more tests
* Update missing helm user repo methods
* remove redundant comments
* add webhook export
* update webhooks
* use the Store interface IsErrObjectNotFound() to avoid revealing internal errors
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* what happens when you extract the datastore interfaces into their own package
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* Start renaming Storage methods
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* extract the boltdb specific code from the Portainer storage code (example, the others need the same)
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* more extract bolt.Tx from datastore code
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* minimise imports by putting moving the struct definition into the file that needs the Service imports
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* more extraction of boltdb.Tx
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* extract the use of bucket.SetSequence
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* almost done - just endpoint.Synchonise :/
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* so, endpoint.Synchonize looks hard, but i can't find where we use it, so 'delete first refactoring'
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* fix test compile errors
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* test compile fixes after rebase
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* fix a mis-remembering I had wrt deserialisation - last time i used AnyData - jsoniter's bindTo looks interesting for the same reason
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* set us up to make the connection an interface
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* make the db connection a datastore interface, and separate out our datastore services from the bolt ones
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* rename methods to something less oltdb internals specific
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* these errors are not boltdb secific
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* start using the db-backend factory method too
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* export boltdb raw in case we can't export from the service layer
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* add a raw export from boltdb to yaml for broken db's, and an export services to yaml in backup
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* add the version info by hand for now
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* actually, the export from services can be fully typed - its the import that needs to do more work
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* redo raw export, and make import capable of using it
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* add DockerHub
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* migration from anything older than v1.21.0 has been broken for quite a while, deleting the un-tested code
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* fix go test ./... again
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* my goland wasn't setup to gofmt
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* move the two extremely dubious migration tests down into store, so they can use the test store code
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* the migrator is now free of boltdb
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* reverse goland overzealous replcement of internal with boltdb
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* more undo over-zealous goland internal->boltdb
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* yay, now bolt is only mentioned inside the api/database/ dir
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* and this might be the last of the boltdb references?
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* add todo
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* extract the store code into a separate module too
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* don't need the fileService in boltdb anymore
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* use IsErrObjectNotFound()
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* use a string to select what database backend we use
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* make isNew store an ephemeral bool that doesn't stay true after we've initialised it
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* move the import.json wip to a separate file so its more obvious - we'll be using it for testing, emergency fixups, and in the next part of the store work, when we improve migrations and data model lifecycles
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* undo vscode formatting html
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* Update missing helm user repo methods
* feat(store): implement store tests EE-2112 (#6224)
* add store tests
* add some more tests
* remove redundant comments
* add webhook export
* update webhooks
* fix build issues after rebasing
* move migratorparams
* remove unneeded integer type conversions
* disable the db import/export for now
Co-authored-by: Richard Wei <54336863+WaysonWei@users.noreply.github.com>
Co-authored-by: cong meng <mcpacino@gmail.com>
Co-authored-by: Simon Meng <simon.meng@portainer.io>
Co-authored-by: Marcelo Rydel <marcelorydel26@gmail.com>
Co-authored-by: Hao Zhang <hao.zhang@portainer.io>
Co-authored-by: sunportainer <93502624+sunportainer@users.noreply.github.com>
Co-authored-by: sunportainer <ericsun@SG1.local>
Co-authored-by: wheresolivia <78844659+wheresolivia@users.noreply.github.com>
Co-authored-by: Chaim Lev-Ari <chiptus@users.noreply.github.com>
Co-authored-by: Chao Geng <93526589+chaogeng77977@users.noreply.github.com>
Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
Co-authored-by: Matt Hook <hookenz@gmail.com>
* fix/EE-1862/unable-to-stop-or-remove-stack workaround for var without default value in yaml file
* fix/EE-1862/unable-to-stop-or-remove-stack check yaml file
* fixed func and var names
* wrapper error and used bool for stringset
* UT case for createNetworkEnvFile
* UT case for %s=%s
* powerful StringSet
* wrapper error for extract network name
* wrapper all the return err
* store more env
* put to env file
* make default value None
* feat(webhook) EE-2125 add some helpers to registry utils
* feat(webhook) EE-2125 persist registryID when creating a webhook
* feat(webhook) EE-2125 send registry auth header when executing a webhook
* feat(webhook) EE-2125 send registryID to backend when creating a service with webhook
* feat(webhook) EE-2125 use the initial registry ID to create webhook on editing service screen
* feat(webhook) EE-2125 update webhook when update registry
* feat(webhook) EE-2125 add endpoint of update webhook
* feat(webhook) EE-2125 code cleanup
* feat(webhook) EE-2125 fix a typo
* feat(webhook) EE-2125 fix circle import issue with unit test
Co-authored-by: Simon Meng <simon.meng@portainer.io>
* feat(access-token): Multi-auth middleware support EE-1891 (#5936)
* AnyAuth middleware initial implementation with tests
* using mux.MiddlewareFunc instead of custom definition
* removed redundant comments
* - ExtractBearerToken bouncer func made private
- changed helm token handling functionality to use jwt service to convert token to jwt string
- updated tests
- fixed helm list broken test due to missing token in request context
* rename mwCheckAuthentication -> mwCheckJWTAuthentication
* - introduce initial api-key auth support using X-API-KEY header
- added tests to validate x-api-key request header presence
* updated core mwAuthenticatedUser middleware to support multiple auth paradigms
* - simplified anyAuth middleware
- enforcing authmiddleware to implement verificationFunc interface
- created tests for middleware
* simplify bouncer
Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
* feat(api-key): user-access-token generation endpoint EE-1889 EE-1888 EE-1895 (#6012)
* user-access-token generation endpoint
* fix comment
* - introduction of apikey service
- seperation of repository from service logic - called in handler
* fixed tests
* - fixed api key prefix
- added tests
* added another test for digest matching
* updated swagger spec for access token creation
* api key response returns raw key and struct - easing testability
* test for api key prefix length
* added another TODO to middleware
* - api-key prefix rune -> string (rune does not auto-encode when response sent back to client)
- digest -> pointer as we want to allow nil values and omit digest in responses (when nil)
* - updated apikey struct
- updated apikey service to support all common operations
- updated apikey repo
- integration of apikey service into bouncer
- added test for all apikey service functions
- boilerplate code for apikey service integration
* - user access token generation tests
- apiKeyLookup updated to support query params
- added api-key tests for query params
- added api-key tests for apiKeyLookup
* get and remove access token handlers
* get and remove access token handler tests
* - delete user deletes all associated api keys
- tests for this functionality
* removed redundant []byte cast
* automatic api-key eviction set within cache for 1 hour
* fixed bug with loop var using final value
* fixed service comment
* ignore bolt error responses
* case-insensitive query param check
* simplified query var assignment
* - added GetAPIKey func to get by unique id
- updated DeleteAPIKey func to not require user ID
- updated tests
* GenerateRandomKey helper func from github.com/gorilla/securecookie moved to codebase
* json response casing for api-keys fixed
* updating api-key will update the cache
* updated golang LRU cache
* using hashicorps golang-LRU cache for api keys
* simplified jwt check in create user access token
* fixed api-key update logic on cache miss
* Prefix generated api-keys with `ptr_` (#6067)
* prefix api-keys with 'ptr_'
* updated apikey description
* refactor
Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
* helm list test refactor
* fixed user delete test
* reduce test nil pointer errors
* using correct http 201 created status code for token creation; updated tests
* fixed swagger doc user id path param for user access token based endpoints
* added api-key security openapi spec to existing jwt secured endpoints (#6091)
* fixed flaky test
* apikey datecreated and lastused attrs converted to unix timestamp
* feat(user): added access token datatable. (#6124)
* feat(user): added access token datatable.
* feat(tokens): only display lastUsed time when it is not the default date
* Update app/portainer/views/account/accountController.js
Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com>
* Update app/portainer/views/account/accountController.js
Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com>
* Update app/portainer/views/account/accountController.js
Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com>
* Update app/portainer/components/datatables/access-tokens-datatable/accessTokensDatatableController.js
Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com>
* Update app/portainer/services/api/userService.js
Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com>
* feat(improvements): proposed datatable improvements to speed up dev time (#6138)
* modal code update
* updated datatable filenames, updated controller to be default class export
* fix(access-token): code improvement.
Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com>
* feat(apikeys): create access token view initial implementation EE-1886 (#6129)
* CopyButton implementation
* Code component implementation
* ToolTip component migration to another folder
* TextTip component implementation - continued
* form Heading component
* Button component updated to be more dynamic
* copybutton - small size
* form control pass tip error
* texttip small text
* CreateAccessToken react feature initial implementation
* create user access token angularjs view implementation
* registration of CreateAccessToken component in AngularJS
* user token generation API request moved to angular service, method passed down instead
* consistent naming of access token operations; clustered similar code together
* any user can add access token
* create access token page routing
* moved code component to the correct location
* removed isadmin check as all functionality applicable to all users
* create access token angular view moved up a level
* fixed PR issues, updated PR
* addressed PR issues/improvements
* explicit hr for horizontal line
* fixed merge conflict storybook build breaking
* - apikey test
- cache test
* addressed testing issues:
- description validations
- remove token description link on table
* fix(api-keys): user role change evicts user keys in cache EE-2113 (#6168)
* user role change evicts user api keys in cache
* EvictUserKeyCache -> InvalidateUserKeyCache
* godoc for InvalidateUserKeyCache func
* additional test line
* disable add access token button after adding token to prevent spam
Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
Co-authored-by: fhanportainer <79428273+fhanportainer@users.noreply.github.com>
This fixes a bug where image/registry names that contain a port number were inadvertently truncated (because port numbers are specified with a colon, just like the image tag).
For example, updating an image named `registry.example.com:5000/myimage:oldtag` with the new image tag `newtag` was incorrectly transformed into `registry.example.com:newtag`
* github workflow to generate and validate openapi spec
* updated github workflow name to remove spaces and be more explicit
* added swagger-cli globally to reduce dep installation times
* removed redundant webhook payload in GET request
* fixed edgeGroupList OAS3 response model
* updated CI pipeline to convert OAS2 to OAS3 and validate OAS3 instead
* updated pipeline name to be more explicit
* removed redundant swagger-cli dependency as we are using swagger2openapi only in github CI
* fixed bug with no validation - using swagger-cli to validate
* fix(migration) make dockerhub registry migration idempotent EE-2042
* add missing changes to make updateDockerhubToDB32 idempotent
* add tests for bad migrations
* - exporting BoolPairs CLI func
- added tests for enableFeaturesFromFlags function
* Add a test that uses a feature flag to add change the outcome of code - and test persistence, as that's the current implementation
Signed-off-by: Sven Dowideit <sven.dowideit@portainer.io>
* Minor comment updates
Co-authored-by: Sven Dowideit <sven.dowideit@portainer.io>
Co-authored-by: Stéphane Busso <stephane.busso@gmail.com>
* fix(helm): allow clearing global helm repo EE-1965
* fix(helm): show hint if global helm repo is blank EE-1965
* fix(helm): skip loading charts if repo is blank EE-1965
Co-authored-by: Simon Meng <simon.meng@portainer.io>
* skip validating default helm repo to allow offline saving of settings. Default repo is hardcoded and correct.
* dont validate the helm repo if the repo hasn't changed or is the default
* fix logic
* allow settings to be saved offline. Due to helm repo validation not working for bitnami when offline!
* @hookenz
dont validate the helm repo if the repo hasn't changed or is the default
* fix(namespaces): remove the stacks from the data store when deleting their corresponding Kubernetes namespace EE-1872
* add endpoint ID checking
Co-authored-by: andres-portainer <andres-portainer@users.noreply.github.com>
Co-authored-by: ArrisLee <arris_li@hotmail.com>
* fix(namespaces): remove the stacks from the data store when deleting their corresponding Kubernetes namespace EE-1872
* add endpoint ID checking
Co-authored-by: andres-portainer <andres-portainer@users.noreply.github.com>
Co-authored-by: ArrisLee <arris_li@hotmail.com>
* client-go library update + go mod tidy
* update all k8s methods to include context
* docker/cli updated to v20.10.9 (latest)
* - removed docker/docker to docker/engine replace directive
- go mod tidy
* docker/docker updated to v20.10.9 (latest)
* fix issue with broken store init
* minor logic improvement
* Remove fileexists logic as its redundant and handled implicitely by bolt.Open
* Added re-open test on IsNew flag. Essential for migrations to be able to run
* fix(stack) normalize stack name EE-1701
* fix(stack) normalize swarm stack name and fix rebase error EE-1701
* fix(stack) add front end stack name validation EE-1701
* fix(stack) make stack name regex as a const EE-1701
* fix(stack) reuse stack name regex for compose and swarm EE-1701
* fix(stack) add name validation for stack duplication form EE-1701
Co-authored-by: Simon Meng <simon.meng@portainer.io>
* feat(stack): backport changes to CE EE-1189
* feat(stack): front end backport changes to CE EE-1199 (#5455)
* feat(stack): front end backport changes to CE EE-1199
* fix k8s deploy logic
* fixed web editor confirmation message typo. EE-1501
* fix(stack): fixed issue auth detail not remembered EE-1502 (#5459)
* show status in buttons
* removed onChangeRef function.
* moved buttons in git form to its own component
* removed unused variable.
Co-authored-by: ArrisLee <arris_li@hotmail.com>
* moved formvalue to kube app component
* fix(stack): failed to pull and redeploy compose format k8s stack
* fixed form value
* fix(k8s): file content overridden when deployment failed with compose format EE-1548
* updated API response to get IsComposeFormat and show appropriate text.
* feat(k8s): front end backport to CE
* feat(kube): kube app auto update backend (#5547)
* error message updates for different file type
* not display creation source for external application
* added confirmation modal to advanced app created by web editor
* stop showing confirmation modal when updating application
* disable rollback button when application type is not applicatiom form
* only update file after deployment succeded
* Revert "only update file after deployment succeded"
This reverts commit b94bd2e96f.
* fix(k8s): file content overridden when deployment failed with compose format EE-1556
* added analytics-on directive to pull and redeploy button
* fix(kube): don't valide resource control access for kube (#5568)
* added missing question mark to k8s confirmation modal
* fixed webhook format issue
* added question marks to k8s app confirmation modal
* added space in additional file list.
* ignoring error on deletion
* fix(k8s): Git authentication info not persisted
* added RepositoryMechanismTypes constant
* updated analytics functions
* covert RepositoryMechanism to constant
* fixed typo
* removed unused function.
* post tech review updates
* fixed save settings n redeploy button
* refact kub deploy logic
* Revert "refact kub deploy logic"
This reverts commit cbfdd58ece.
* feat(k8s): utilize user token for k8s auto update EE-1594
* feat(k8s): persist kub stack name EE-1630
* feat(k8s): support delete kub stack
* fix(app): updated logic to delete stack for different kind apps. (#5648)
* fix(app): updated logic to delete stack for different kind apps.
* renamed variable
* fix import
* added StackName field.
* fixed stack id not found issue.
* fix(k8s): fixed qusetion mark alignment issue in PAT field. (#5611)
* fix(k8s): fixed qusetion mark alignment issue in PAT field.
* moved inline css to file.
* fix(git-form: made auth input text full width
* add ignore deleted arg
* tech review updates
* typo fix
* fix(k8s): added console error when deleting k8s service.
* fix(console): added no-console config
* fix(deploy): added missing service.
* fix: use stack editor as an owner when exists (#5678)
* fix: tempalte/content based stacks edit/delete
* fix(stack): remove stack when no app. (#5769)
* fix(stack): remove stack when no app.
* support compose format in delete
Co-authored-by: ArrisLee <arris_li@hotmail.com>
Co-authored-by: Hui <arris_li@hotmail.com>
Co-authored-by: fhanportainer <79428273+fhanportainer@users.noreply.github.com>
Co-authored-by: Felix Han <felix.han@portainer.io>
* helm lib update
* helm handler requires kubernetes deployer to modify helm deployed resources
* AddAppLabels updated to be more generic - support for adding multiple labels using map
* path installed helm release manifest with portainer labels using kubectl
* updated helm handler unit tests to use mock KubernetesDeployer
* adding labels to manifest retrieved from release
* optional namespace support for k8s raw manifest deployment
* - inline postprocessing support when extracting
- get namespace from yaml support
- added and updated tests
* lowercase error wrapping
* updated libhelm dep
* feat(kubeshell) allow overriding default kubeshell
* Add missing error check and struct tag
* Add migrator for kube shell image and add it as a default in the db
* Fix file name to match migrator pattern
* remove default as it's now coming from the db
* remove blank line
* - conflict resolution code update
- logging migration error on migration failures
* - migrateDBVersionTo34 -> migrateDBVersionToDB34 (naming consistency)
Co-authored-by: zees-dev <dev.786zshan@gmail.com>
* fix(k8s): EE-1585: the K8s API uses other mediatypes, so we can't rely on parsing JSON bodies for security.
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
* fix(k8s): EE-1511 add striped prefix back to location header if response status is 301 moved permanently
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
* feat(k8s): EE-1631:improve the secrets handling by removing un-necessary code
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
* backport migration EE code structure
* filesystem copy function
* set db status to updating before migration - reset on completion
* support for auto-backup on version upgrade
* - rollback cli flag support (with confirmation)
- rollback implementation backport from EE
* removed edition as it is not required in CE
* migrated test datastore from bolttest to bolt package to make it usable for testing
* backported failsafe migration
* - backported tests from EE
- refactored tests to use test datastore
* test store implementing datastore interface
* addressed PR issues/improvements
* refactor test
* added backup file removal error logging
* resolved conflicts, updated code
* fixed missing bolttest package - migrated to bolt
* feat(migration): wrap migration errors to provide context for failure EE-1742 (#5711)
* feat(migrator): wrap errors to provide more context to failures EE-1742
* add overall failure back in. diff log file
* updated helm tests pointing to correct teststore
Co-authored-by: Matt Hook <hookenz@gmail.com>
* fix(edge) EE-1733 cant edit edge groups
* fix(edge) EE-1733 correct json names of a few edge objects
Co-authored-by: Simon Meng <simon.meng@portainer.io>