* feat(k8s/application): expose placement conditions
* feat(k8s/applications): minor UI update
* feat(k8s/application): update message for admin and non admin users
* feat(kubernetes/applications): minor UI update
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(containers): enforce disable bind mounts
* refactor(docker): move check for endpoint admin to a function
* feat(docker): check if service has bind mounts
* feat(services): allow bind mounts for endpoint admin
* feat(container): enable bind mounts for endpoint admin
* fix(services): fix typo
* feat(settings): add info about container edit disable
* feat(settings): set security settings
* feat(containers): hide recreate button when setting is enabled
* feat(settings): rephrase security notice
* fix(settings): save allowHostNamespaceForRegularUsers to state
* feat(settings): introduce settings to allow/disable
* feat(settings): update the setting
* feat(docker): prevent user from using caps if disabled
* refactor(stacks): revert file
* style(api): remove portainer ns
* feat(stacks): add a setting to disable the creation of stacks for non-admin users
* feat(settings): introduce a setting to prevent non-admin from stack creation
* feat(settings): update stack creation setting
* feat(settings): fail stack creation if user is non admin
* fix(settings): save preventStackCreation setting to state
* feat(stacks): disable add button when settings is enabled
* format(stacks): remove line
* feat(stacks): setting to hide stacks from users
* feat(settings): rename disable stacks setting
* refactor(settings): rename setting to disableStackManagementForRegularUsers
* feat(settings): hide stacks for non admin when settings is set
* refactor(settings): replace disableDeviceMapping with allow
* feat(dashboard): hide stacks if settings disabled and non admin
* refactor(sidebar): check if user is endpoint admin
* feat(settings): set the default value for stack management
* feat(settings): rename field label
* fix(sidebar): refresh show stacks state
* fix(docker): hide stacks when not admin
* feat(settings): add setting to disable device mapping for regular users
* feat(settings): introduce device mapping service
* feat(containers): hide devices field when setting is on
* feat(containers): prevent passing of devices when not allowed
* feat(stacks): prevent non admin from device mapping
* feat(stacks): disallow swarm stack creation for user
* refactor(settings): replace disableDeviceMapping with allow
* fix(stacks): remove check for disable device mappings from swarm
* feat(settings): rename field to disable
* feat(settings): supply default value for disableDeviceMapping
* feat(container): check for endpoint admin
* style(server): sort imports
* feat(containers): prevent non-admin users from running containers using the host namespace pid (#3970)
* feat(containers): Prevent non-admin users from running containers using the host namespace pid
* feat(containers): add rbac check for swarm stack too
* feat(containers): remove forgotten conflict
* feat(containers): init EnableHostNamespaceUse to true and return 403 on forbidden action
* feat(containers): change enableHostNamespaceUse to restrictHostNamespaceUse in html
* feat(settings): rename EnableHostNamespaceUse to AllowHostNamespaceForRegularUsers
* feat(database): trigger migration for AllowHostNamespace
* feat(containers): check container creation authorization
Co-authored-by: Maxime Bajeux <max.bajeux@gmail.com>
* refactor(agent): replace root with index
* refactor(agent): use simple export
* refactor(agent): replace function with class
* refactor(agent): replace promise with async
* fix(datatables): persist state changes
* fix(datatables): persist order
* feat(sidebar): use local storage to store toggle toolbar
* feat(config): use local storage instead of cookies
* refactor(agent): rename files
* refactor(agent): replace controller with regular export
* refactor(agent): replace function with class
* refactor(agent): replace promise with async
* refactor(agent): rename main file
* feat(aci): show basic details
* feat(aci): style container details page
* fix(aci): fix container ip
* feat(aci): provide functions to get single aci resource
* feat(aci): show readable data
* feat(aci): style container instance
* fix(app): use deps injection in router correctly
* feat(app): guard against using wrong endpoint type
* feat(sidebar): supply endpoint id
* feat(templates): move custom templates to docker
* fix(aci): show error failing container creation
* feat(aci): load network profile list
* feat(aci): allow selection of network profile
* feat(aci): remove public ip toggle
* feat(aci): auto deploy container with public ip
* fix(aci): revert changes
* feat(cluster): Show the cluster leader
* feat(cluster): Restrict leader label only to admin users
* feat(kubernetes): minor UI update
* feat(endpoint): move all KubernetesEndpoint related code to a single endpoint sub-folder and change few things
* fix(k8s/cluster): fix conflict leftover
* feat(k8s/cluster): review component leader UX
* refactor(k8s/node): remove useless call to endpoints
* refactor(k8s/endpoint): relocate variable declaration
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(logs): Add the ability to download application/stack logs
* feat(kubernetes): minor UI update
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(kubernetes): add ingress details
* fix(kubernetes): fix broken ingress generated links + ignore IP retrieval/display info on missing LB ingress ip
* refactor(kubernetes): each ingress rule in apps port mappings has now its own row
* feat(kubernetes): remove protocol column and concat it to container port
* feat(kubernetes): edit display of ingress rules in application details
* feat(kubernetes): minor UI update
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(kubernetes): Prevent deployment/edition of resources inside a system namespace
* feat(kubernetes): minor UI update
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(networks): Support multiple excluded IPs for MACVLAN networks
* feat(networks): add a generated name
* feat(networks): prevent create macvlan network where exclude ip is the same as gateway
* feat(networks): remove auxaddresses validation on submit
* feat(networks): check exclude ip validation on change
* feat(networks): check form validation on change
* feat(networks): clean checkAuxiliaryAddress function
* feat(custom-templates): introduce types
* feat(custom-templates): introduce data layer service
* feat(custom-templates): introduce http handler
* feat(custom-templates): create routes and view stubs
* feat(custom-templates): add create custom template ui
* feat(custom-templates): add json keys
* feat(custom-templates): introduce custom templates list page
* feat(custom-templates): introduce update page
* feat(stack): create template from stack
* feat(stacks): create stack from custom template
* feat(custom-templates): disable edit/delete of templates
* fix(custom-templates): fail update on non admin/owner
* fix(custom-templates): add ng-inject decorator
* chore(plop): revert template
* feat(stacks): remove actions column
* feat(stack): add button to create template from stack
* feat(stacks): add empty state for templates
* feat(custom-templates): show templates in a list
* feat(custom-template): replace table with list
* feat(custom-templates): move create template button
* refactor(custom-templates): introduce more fields
* feat(custom-templates): use stack type when creating template
* feat(custom-templates): use same type as stack
* feat(custom-templates): add edit and delete buttons to template item
* feat(custom-templates): customize stack before deploy
* feat(stack): show template details
* feat(custom-templates): move customize
* feat(custom-templates): create description required
* fix(template): show platform icon
* fix(custom-templates): show spinner when creating stack
* feat(custom-templates): prevent user from edit templates
* feat(custom-templates): use resource control for custom templates
* feat(custom-templates): show created templates
* feat(custom-templates): filter templates by stack type
* fix(custom-templates): create swarm or standalone stack
* feat(stacks): filter templates by type
* feat(resource-control): disable resource control on public
* feat(custom-template): apply access control on edit
* feat(custom-template): add form validation
* feat(stack): disable create custom template from external task
* refactor(custom-templates): create template from file and type
* feat(templates): introduce a file handler that returns template docker file
* feat(template): introduce template duplication
* feat(custom-template): enforce unique template name
* fix(template): rename copy button
* fix(custom-template): clear access control selection between templates
* fix(custom-templates): show required fields
* refactor(filesystem): use a constant for temp path
itsconquest