Commit Graph

2104 Commits (7539f09f980c454ca491c3cca33d74493d7123c8)

Author SHA1 Message Date
Chaim Lev-Ari 7539f09f98
feat(containers): disable edit container on security setting restricting regular users (#4111)
* feat(settings): add info about container edit disable

* feat(settings): set security settings

* feat(containers): hide recreate button when setting is enabled

* feat(settings): rephrase security notice

* fix(settings): save allowHostNamespaceForRegularUsers to state
2020-07-29 14:52:23 +12:00
Chaim Lev-Ari 1a3f77137a
feat(settings): introduce setting to disable container caps for non-admins (#4109)
* feat(settings): introduce settings to allow/disable

* feat(settings): update the setting

* feat(docker): prevent user from using caps if disabled

* refactor(stacks): revert file

* style(api): remove portainer ns
2020-07-28 19:08:15 +12:00
Chaim Lev-Ari fec85c77d6
fix(extensions): load extensions file (#4115) 2020-07-28 09:54:12 +12:00
Chaim Lev-Ari 1ff5708183
fix(datatables): select table items (#4116) 2020-07-28 09:53:21 +12:00
Chaim Lev-Ari 1edf981330
fix(container-creation): preselect network (#4117) 2020-07-28 09:52:54 +12:00
Chaim Lev-Ari fa9eeaf3b1
feat(settings): introduce disable stack management setting (#4100)
* feat(stacks): add a setting to disable the creation of stacks for non-admin users

* feat(settings): introduce a setting to prevent non-admin from stack creation

* feat(settings): update stack creation setting

* feat(settings): fail stack creation if user is non admin

* fix(settings): save preventStackCreation setting to state

* feat(stacks): disable add button when settings is enabled

* format(stacks): remove line

* feat(stacks): setting to hide stacks from users

* feat(settings): rename disable stacks setting

* refactor(settings): rename setting to disableStackManagementForRegularUsers

* feat(settings): hide stacks for non admin when settings is set

* refactor(settings): replace disableDeviceMapping with allow

* feat(dashboard): hide stacks if settings disabled and non admin

* refactor(sidebar): check if user is endpoint admin

* feat(settings): set the default value for stack management

* feat(settings): rename field label

* fix(sidebar): refresh show stacks state

* fix(docker): hide stacks when not admin
2020-07-27 19:11:32 +12:00
Chaim Lev-Ari 07efd4bdda
feat(settings): add setting to disable device mapping for regular users (#4099)
* feat(settings): add setting to disable device mapping for regular users

* feat(settings): introduce device mapping service

* feat(containers): hide devices field when setting is on

* feat(containers): prevent passing of devices when not allowed

* feat(stacks): prevent non admin from device mapping

* feat(stacks): disallow swarm stack creation for user

* refactor(settings): replace disableDeviceMapping with allow

* fix(stacks): remove check for disable device mappings from swarm

* feat(settings): rename field to disable

* feat(settings): supply default value for disableDeviceMapping

* feat(container): check for endpoint admin

* style(server): sort imports
2020-07-27 09:31:14 +12:00
DarkAEther 2bc6b2dff7
feat(docker/container-creation): sort volumes in container creation view (#4078)
* #3635 fix(containers) sort volumes in container creation view

* fix(3635) sort volumes in container creation view
2020-07-27 09:28:33 +12:00
Anthony Lapenna 0cebe6588a chore(github/stalebot): update stalebot config 2020-07-27 09:24:41 +12:00
Anthony Lapenna 990f3cad88 chore(github/stalebot): update stalebot config 2020-07-27 09:19:33 +12:00
Anthony Lapenna 7e7a8e521b feat(app/package): remove angular-cookies dependency 2020-07-25 11:32:31 +12:00
Chaim Lev-Ari 43bbc14c58
feat(app/package): upgrade angularjs to 1.8 (#4073)
* chore(yarn): upgrade angularjs

* refactor(app): use $onInit instead of initComponent

* feat(app/package): remove angular-cookies dependency

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-07-25 11:23:44 +12:00
Chaim Lev-Ari adf33385ce
feat(containers): Prevent non-admin users from running containers using the host namespace pid (#4098)
* feat(containers): prevent non-admin users from running containers using the host namespace pid (#3970)

* feat(containers): Prevent non-admin users from running containers using the host namespace pid

* feat(containers): add rbac check for swarm stack too

* feat(containers): remove forgotten conflict

* feat(containers): init EnableHostNamespaceUse to true and return 403 on forbidden action

* feat(containers): change enableHostNamespaceUse to restrictHostNamespaceUse in html

* feat(settings): rename EnableHostNamespaceUse to AllowHostNamespaceForRegularUsers

* feat(database): trigger migration for AllowHostNamespace

* feat(containers): check container creation authorization

Co-authored-by: Maxime Bajeux <max.bajeux@gmail.com>
2020-07-25 11:14:46 +12:00
Anthony Lapenna e78aaec558 feat(api/bolt): update DBVersion to 25 2020-07-25 11:10:46 +12:00
xAt0mZ 3953acf110
feat(k8s/volumes): introduce storage rollup panel (#4055)
* feat(k8s/applications): storages rollup panel

* feat(k8s/volumes): move storages table to volumes view

* feat(k8s/volumes): minor UI update

* feat(k8s/volumes): remember the selected tab

* feat(api/k8s): update user default policies

* feat(k8s/ui): minor UI update

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-07-24 14:45:02 +12:00
Chaim Lev-Ari 99db41f96e
feat(agent): refactor volumeBrowserService to es6 (#4094) 2020-07-23 19:46:29 +12:00
Chaim Lev-Ari 822c4e117c
refactor(agent): refactor hostBrowserService to es6 (#4092)
related to #4071
2020-07-23 19:46:02 +12:00
Chaim Lev-Ari f761e65167
refactor(agent): refactor agentService to es6 (#4091) 2020-07-23 19:45:47 +12:00
Chaim Lev-Ari 1ef7347f19
refactor(agent): refactor host-broswer to es6 (#4088)
* refactor(host): replace host-browser with es6 class

* refactor(host): replace promises with async

* refactor(hosts): replace delete promise with async

* refactor(host): replace upload file with async

* refactor(host): replace template strings

* fix(host): replace host root

* feat(agent): rename main file
2020-07-23 19:45:23 +12:00
Chaim Lev-Ari a473d738be
refactor(agent): refactor volume browser to es6 (#4086)
* refactor(agent): replace root with index

* refactor(agent): use simple export

* refactor(agent): replace function with class

* refactor(agent): replace promise with async
2020-07-23 19:45:12 +12:00
Chaim Lev-Ari 7eb8d5449a
refactor(agent): refactor rest factories to es6 (#4090)
* refactor(agent): replace v1 browse with es6 module

* refactor(agent): refactor agentv1 to es6

* refactor(agent): replace agent factory with es6

* refactor(agent): refactor browse response to es6

* refactor(agent): refactor browse to es6

* refactor(agent): import angular

* refactor(agent): refactor host to es6

* refactor(agent): refactor ping to es6
2020-07-23 19:45:01 +12:00
Chaim Lev-Ari 435f15ec6a
refactor(agent): refactor file-uploader to es6 (#4087)
* refactor(host): convert fileUploader to es6

* refactor(agent): rename main file
2020-07-23 19:44:32 +12:00
Chaim Lev-Ari 5abd35d4c1
refactor(agent): refactor pingService to es6 (#4093)
related to #4071
2020-07-23 19:43:37 +12:00
Chaim Lev-Ari b50497301d
refactor(agent): refactor files-datatable to es6 (#4085)
* refactor(host): rename files datatable

* feat(agent): rename main file
2020-07-23 19:43:12 +12:00
Chaim Lev-Ari 4534ccb499
fix(templates): replace templates links (#4083) 2020-07-23 06:41:07 +12:00
Chaim Lev-Ari 6f6bc24efd
feat(containers): Ensure users cannot create privileged containers via the API (#3969) (#4077)
* feat(containers): Ensure users cannot create privileged containers via the API

* feat(containers): add rbac check in stack creation

Co-authored-by: Maxime Bajeux <max.bajeux@gmail.com>
2020-07-23 06:38:45 +12:00
Chaim Lev-Ari 4346bf95a7
feat(settings): replace cookies with local storage (#4075)
* fix(datatables): persist state changes

* fix(datatables): persist order

* feat(sidebar): use local storage to store toggle toolbar

* feat(config): use local storage instead of cookies
2020-07-23 06:36:22 +12:00
Chaim Lev-Ari c9dd6e3851
refactor(agent): replace model with class (#4089) 2020-07-23 06:35:15 +12:00
Chaim Lev-Ari 3a33365133
refactor(agent): node selector (#4084)
* refactor(agent): rename files

* refactor(agent): replace controller with regular export

* refactor(agent): replace function with class

* refactor(agent): replace promise with async

* refactor(agent): rename main file
2020-07-23 06:30:42 +12:00
Chaim Lev-Ari 67069547b8
refactor(agent): replace root file with index (#4096) 2020-07-23 06:29:27 +12:00
Chaim Lev-Ari 6fc923b05b
refactor(app): move @babel/polyfill to entry (#4031) 2020-07-22 20:02:39 +12:00
Chaim Lev-Ari 8e7aaa23d5
feat(server): support minimum tls v1.2 (#4076) 2020-07-22 12:16:00 +12:00
Anthony Lapenna 227fbeb1b7
feat(build/windows): update windows dockerfile (#4060)
* feat(build/windows): update windows dockerfile

* feat(build/windows): update windows dockerfile

* feat(build/windows): update windows dockerfile

* feat(build/windows): update windows dockerfile

* feat(build/windows): update windows dockerfile

* feat(build/windows): update Dockerfile
2020-07-21 18:04:55 +12:00
Chaim Lev-Ari 53cddeb283
feat(aci): provide container details page (#4037)
* feat(aci): show basic details

* feat(aci): style container details page

* fix(aci): fix container ip

* feat(aci): provide functions to get single aci resource

* feat(aci): show readable data

* feat(aci): style container instance
2020-07-21 09:08:20 +12:00
Chaim Lev-Ari 4b97cf738e
fix(app): use deps injection in router correctly (#4049)
* fix(app): use deps injection in router correctly

* feat(app): guard against using wrong endpoint type

* feat(sidebar): supply endpoint id

* feat(templates): move custom templates to docker
2020-07-21 09:06:37 +12:00
Anthony Lapenna 66a3104805 chore(ci/pull-dog): update pulldog configuration 2020-07-21 08:27:53 +12:00
Chaim Lev-Ari 5a4a10859d
feat(aci): remove private network deployment (#4056)
* fix(aci): show error failing container creation

* feat(aci): load network profile list

* feat(aci): allow selection of network profile

* feat(aci): remove public ip toggle

* feat(aci): auto deploy container with public ip

* fix(aci): revert changes
2020-07-20 12:42:30 +12:00
Maxime Bajeux 94676df329
feat(k8s/cluster): Show the cluster leader (#4027)
* feat(cluster): Show the cluster leader

* feat(cluster): Restrict leader label only to admin users

* feat(kubernetes): minor UI update

* feat(endpoint):  move all KubernetesEndpoint related code to a single endpoint sub-folder and change few things

* fix(k8s/cluster): fix conflict leftover

* feat(k8s/cluster): review component leader UX

* refactor(k8s/node): remove useless call to endpoints

* refactor(k8s/endpoint): relocate variable declaration

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-07-20 10:49:49 +12:00
Maxime Bajeux f765c63c74
feat(cluster): Show the cluster health by showing the status of the underlying cluster components (#4022)
* feat(cluster): add tabs

* feat(cluster): add cluster status informations to cluster detail view

* feat(cluster): change data display

* feat(cluster): prevent regular users to see cluster health

* feat(kubernetes): reviewed ComponentStatus handling

* refactor(kubernetes): review apiToModel for KubernetesComponentStatus

* refactor(kubernetes): remove unused variable

* refactor(kubernetes): clean hasUnhealthyComponentStatus code

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-07-17 11:39:16 +12:00
Maxime Bajeux 833abb24cb
feat(k8s/applications): Expose application workload type (#4029)
* feat(applications): Expose application workload type

* feat(application): support daemonSet workload type and add default value
2020-07-17 10:00:15 +12:00
Maxime Bajeux c9e8021fe8
feat(k8s/logs): Add the ability to download application/stack logs (#4046)
* feat(logs): Add the ability to download application/stack logs

* feat(kubernetes): minor UI update

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-07-17 09:59:27 +12:00
Anthony Lapenna a452599829 Merge branch 'develop' of github.com:portainer/portainer into develop 2020-07-15 14:08:15 +12:00
Anthony Lapenna b7e1abf89f feat(kubernetes): rename node value Manager to Master 2020-07-15 13:48:16 +12:00
Maxime Bajeux f71abb5669
feat(volumes): Expose the provisioner associated to a volume (#4030)
* feat(volumes): Expose the provisioner associated to a volume

* feat(volumes): fix import and add default value to provisioner
2020-07-15 10:55:29 +12:00
Chaim Lev-Ari 3c34fbd8f2
refactor(router): show endpoint id in url (#3966)
* refactor(module): provide basic endpoint id url

* fix(stacks): fix route to include endpointId

* fix(stacks): fix stacks urls

* fix(sidebar): fix urls to docker routes

* refactor(app): set endpoint id on change view

* refactor(dashboard): revert to old version

* refactor(sidebar): revert file

* feat(app): wip load endpoint on route change

* feat(home): show error

* feat(app): load endpoint route

* feat(sidebar): show endpoint per provider

* refactor(app): revert

* refactor(app): clean endpoint startup

* feat(edge): check for edge k8s

* refactor(endpoints): move all modules under endpoint route

* refactor(stacks): move stacks route to docker

* refactor(templates): move templates route to docker

* refactor(app): check endpoint when entering docker module

* fix(app): load endpoint when entering endpoints modules

* feat(azure): check endpoint

* feat(kubernetes): check endpoint

* feat(home): show loading state when loading edge

* style(app): revert small changes

* refactor(sidebar): remove refernce to endpointId

* fix(stacks): fix stacks route

* style(docker): sort routes

* feat(app): change route to home if endpoint failed

* fix(services): guard against empty snapshots

* feat(app): show error when failed to load endpoint

* feat(app): reload home route when failing

* refactor(router): replace resolvers with onEnter
2020-07-15 08:46:38 +12:00
xAt0mZ 1b3e2c8f69
feat(kubernetes): add ingress details (#4013)
* feat(kubernetes): add ingress details

* fix(kubernetes): fix broken ingress generated links + ignore IP retrieval/display info on missing LB ingress ip

* refactor(kubernetes): each ingress rule in apps port mappings has now its own row

* feat(kubernetes): remove protocol column and concat it to container port

* feat(kubernetes): edit display of ingress rules in application details

* feat(kubernetes): minor UI update

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-07-15 08:45:19 +12:00
Chaim Lev-Ari b09b1b1691
feat(aci): show container ip (#4034) 2020-07-14 21:24:29 +12:00
Maxime Bajeux 8b79f2524d
feat(kubernetes): Prevent deployment/edition of resources inside a system namespace (#4039)
* feat(kubernetes): Prevent deployment/edition of resources inside a system namespace

* feat(kubernetes): minor UI update

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-07-14 17:39:13 +12:00
itsconquest 181a6f4553
fix(container-creation): always rebuild exposed ports (#4024) 2020-07-09 17:08:52 +12:00
Anthony Lapenna cd475a5338
feat(docker): expose port 8000 in Dockerfile (#4016) 2020-07-08 14:13:35 +12:00