* feat(k8s/resource-pool): set ingress hostname as mandatory and remove default backend
* refactor(k8s/resource-pool): use constants
* feat(k8s/configure): add experimental note about traefik
* fix(container): select runtime by default
* fix(network): set default network config
* fix(container): set default network container placeholder
* fix(services): default service mount
* feat(k8s/configure): separate ingress class name and ingress class type
* feat(k8s/resource-pool): ability to add custom annotations to ingress classes on RP create/edit
* feat(k8s/ingresses): remove 'allow users to use ingress' switch
* feat(k8s/configure): minor UI update
* feat(k8s/resource-pool): minor UI update
* feat(k8s/application): update ingress route form validation
* refactor(k8s/resource-pool): remove console.log statement
* feat(k8s/resource-pool): update ingress annotation placeholders
* feat(k8s/configure): add pattern form validation on ingress class
* fix(k8s/resource-pool): automatically associate ingress class to ingress
* fix(k8s/resource-pool): fix invalid ingress when updating a resource pool
* fix(k8s/resource-pool): update ingress rewrite target annotation value
* feat(k8s/application): ingress form validation
* fix(k8s/application): squash ingress rules with empty host inside a single one
* feat(k8s/resource-pool): ingress host validation
* fix(k8s/resource-pool): rewrite rewrite option and only display it for ingress of type nginx
* feat(k8s/application): do not expose ingress applications over node port
* feat(k8s/application): add specific notice for ingress
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(application): Support multi-container pods applications
* feat(application): Support multi-container pods applications
* fix(application): use only one pod in app details and fix logs and console links
* fix(application): show all containers in containers datatable
* fix(application): fix order by pod name
* feat(k8s/application): minor UI update
* feat(k8s/application): minor UI update
* feat(k8s/application): minor UI update
* feat(k8s/application): minor UI update
* feat(k8s/application): minor UI update
* fix(application): fix persisted folders in application details
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(k8s/endpoint): expose ingress controllers on endpoints
* feat(k8s/applications): add ability to expose applications over ingress - missing RP and app edits
* feat(k8s/application): add validation for ingress routes
* feat(k8s/resource-pools): edit available ingress classes
* fix(k8s/ingress): var name refactor was partially applied
* feat(kubernetes): double validation on RP edit
* feat(k8s/application): app edit ingress update + formvalidation + UI rework
* feat(k8s/ingress): dictionary for default annotations on ingress creation
* fix(k8s/application): temporary fix + TODO dev notice
* feat(k8s/application): select default ingress of selected resource pool
* feat(k8s/ingress): revert ingressClassName removal
* feat(k8s/ingress): admins can now add an host to ingress in a resource pool
* feat(k8s/resource-pool): list applications using RP ingresses
* feat(k8s/configure): minor UI update
* feat(k8s/configure): minor UI update
* feat(k8s/configure): minor UI update
* feat(k8s/configure): minor UI update
* feat(k8s/configure): minor UI update
* fix(k8s/ingresses): remove host if undefined
* feat(k8s/resource-pool): remove the activate ingresses switch
* fix(k8s/resource-pool): edditing an ingress host was deleting all the routes of the ingress
* feat(k8s/application): prevent app deploy if no ports to publish and publishing type not internal
* feat(k8s/ingress): minor UI update
* fix(k8s/ingress): allow routes without prepending /
* feat(k8s/application): add form validation on ingress route
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(node): Add the ability to apply taints and labels to nodes
* feat(k8s/node): minor UI update
* feat(k8s/node): UI update and disable system labels
* feat(k8s/node): minor UI update
* fix(node): fix add first taint
* refacto(node): add KubernetesNodeHelper
* feat(node): add used label to labels
* feat(node): add node update modals
* fix(node): modal when used label changes
* feat(k8s/node): minor UI update
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(volumes): Enhance the used by column for volumes
* feat(k8s/volumes): minor UI update
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(resourcepool): Reducing the Quota assigned to a RP
* fix(k8s/resource-pool): fix an issue with hasResourceQuotaBeenReduce condition
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(applications): update UI to use existing volumes
* feat(application): Add the ability to use existing volumes when creating an application
* feat(application): Existing persisted folders should default to associated volumes
* feat(application): add form validation to existing volume
* feat(application): remove the ability to use an existing volume with statefulset application
* feat(k8s/applications): minor UI update
* feat(k8s/application): minor UI update
* feat(volume): allow to increase volume size and few other things
* feat(volumes): add the ability to allow volume expansion
* fix(storage): fix the storage patch request
* fix(k8s/applications): remove conflict leftover
* feat(k8s/configure): minor UI update
* feat(k8s/volume): minor UI update
* fix(storage): change few things
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(services): update services details view
* feat(services): Add the ability to edit a service networks
* feat(services): show ingress network
* refactor(services): use lodash
* feat(networks): disable sending when updating
* feat(networks): limit size of select
* feat(services): update networks only when network is new
* feat(services): prevent submitting of empty networks
* feat(services): show unique networks
* fix(service): use empty array default for networks
* feat(service): show only swarm networks
* feat(services): show placeholder for network
* feat(services): show spaced select box
* feat(services): show macvlan ip
* feat(service): fetch the network subnet
* feat(services): show empty ip when network is not connected
Co-authored-by: Chaim Lev-Ari <chiptus@gmail.com>
* refactor(oauth): move oauth client code
* feat(oauth): move extension code into server code
* feat(oauth): enable oauth without extension
* refactor(oauth): make it easier to remove providers
* feat(cluster): add kubernetes endpoint resource
* feat(cluster): add kubernetes endpoint service
* feat(node): Show which IP address / port the cluster API is listening on
* fix(cluster): support multi-master clusters
* fix(cluster): support multi-master clusters
* feat(k8s/cluster): minor UI update
* refactor(k8s/cluster): rename variable
* refactor(k8s/endpoints): refactor KubernetesEndpointsFactory
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(application): add horizontalpodautoscaler creation
* feat(application): Add the ability to set the auto-scale policy of an application
* feat(k8s/application): minor UI update
* fix(application): set api version and prevent to use hpa with global deployment type
* feat(settings): add a switch to enable features based on server metrics
* feat(k8s/applications): minor UI update
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(k8s/application): expose placement conditions
* feat(k8s/applications): minor UI update
* feat(k8s/application): update message for admin and non admin users
* feat(kubernetes/applications): minor UI update
Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
* feat(containers): enforce disable bind mounts
* refactor(docker): move check for endpoint admin to a function
* feat(docker): check if service has bind mounts
* feat(services): allow bind mounts for endpoint admin
* feat(container): enable bind mounts for endpoint admin
* fix(services): fix typo
* feat(settings): add info about container edit disable
* feat(settings): set security settings
* feat(containers): hide recreate button when setting is enabled
* feat(settings): rephrase security notice
* fix(settings): save allowHostNamespaceForRegularUsers to state
* feat(settings): introduce settings to allow/disable
* feat(settings): update the setting
* feat(docker): prevent user from using caps if disabled
* refactor(stacks): revert file
* style(api): remove portainer ns
* feat(stacks): add a setting to disable the creation of stacks for non-admin users
* feat(settings): introduce a setting to prevent non-admin from stack creation
* feat(settings): update stack creation setting
* feat(settings): fail stack creation if user is non admin
* fix(settings): save preventStackCreation setting to state
* feat(stacks): disable add button when settings is enabled
* format(stacks): remove line
* feat(stacks): setting to hide stacks from users
* feat(settings): rename disable stacks setting
* refactor(settings): rename setting to disableStackManagementForRegularUsers
* feat(settings): hide stacks for non admin when settings is set
* refactor(settings): replace disableDeviceMapping with allow
* feat(dashboard): hide stacks if settings disabled and non admin
* refactor(sidebar): check if user is endpoint admin
* feat(settings): set the default value for stack management
* feat(settings): rename field label
* fix(sidebar): refresh show stacks state
* fix(docker): hide stacks when not admin
* feat(settings): add setting to disable device mapping for regular users
* feat(settings): introduce device mapping service
* feat(containers): hide devices field when setting is on
* feat(containers): prevent passing of devices when not allowed
* feat(stacks): prevent non admin from device mapping
* feat(stacks): disallow swarm stack creation for user
* refactor(settings): replace disableDeviceMapping with allow
* fix(stacks): remove check for disable device mappings from swarm
* feat(settings): rename field to disable
* feat(settings): supply default value for disableDeviceMapping
* feat(container): check for endpoint admin
* style(server): sort imports
* feat(containers): prevent non-admin users from running containers using the host namespace pid (#3970)
* feat(containers): Prevent non-admin users from running containers using the host namespace pid
* feat(containers): add rbac check for swarm stack too
* feat(containers): remove forgotten conflict
* feat(containers): init EnableHostNamespaceUse to true and return 403 on forbidden action
* feat(containers): change enableHostNamespaceUse to restrictHostNamespaceUse in html
* feat(settings): rename EnableHostNamespaceUse to AllowHostNamespaceForRegularUsers
* feat(database): trigger migration for AllowHostNamespace
* feat(containers): check container creation authorization
Co-authored-by: Maxime Bajeux <max.bajeux@gmail.com>
* refactor(agent): replace root with index
* refactor(agent): use simple export
* refactor(agent): replace function with class
* refactor(agent): replace promise with async
* fix(datatables): persist state changes
* fix(datatables): persist order
* feat(sidebar): use local storage to store toggle toolbar
* feat(config): use local storage instead of cookies
* refactor(agent): rename files
* refactor(agent): replace controller with regular export
* refactor(agent): replace function with class
* refactor(agent): replace promise with async
* refactor(agent): rename main file
* feat(aci): show basic details
* feat(aci): style container details page
* fix(aci): fix container ip
* feat(aci): provide functions to get single aci resource
* feat(aci): show readable data
* feat(aci): style container instance