Commit Graph

617 Commits

Author SHA1 Message Date
yi-portainer c42756ae23 Merge branch 'release/2.4' into develop 2021-06-04 12:09:25 +12:00
dbuduev dbcbef0953 feat(bolt): Add test scaffolding EE-872 (#407) 2021-06-04 11:45:01 +12:00
Hui 1d7ed11462 docs(api): document apis with swagger EE-155 (#326)
* document apis with swagger

* feat(api): introduce swagger

* feat(api): anottate api

* chore(api): tag endpoints

* chore(api): remove tags

* chore(api): add docs for oauth auth

* chore(api): document create endpoint api

* chore(api): document endpoint inspect and list

* chore(api): document endpoint update and snapshots

* docs(endpointgroups): document groups api

* docs(auth): document auth api

* chore(build): introduce a yarn script to build api docs

* docs(api): document auth

* docs(customtemplates): document customtemplates api

* docs(tags): document api

* docs(api): document the use of token

* docs(dockerhub): document dockerhub api

* docs(edgegroups): document edgegroups api

* docs(edgejobs): document api

* docs(edgestacks): doc api

* docs(http/upload): add security

* docs(api): document edge templates

* docs(edge): document edge jobs

* docs(endpointgroups): change description

* docs(endpoints): document missing apis

* docs(motd): doc api

* docs(registries): doc api

* docs(resourcecontrol): api doc

* docs(role): add swagger docs

* docs(settings): add swagger docs

* docs(api/status): add swagger docs

* docs(api/teammembership): add swagger docs

* docs(api/teams): add swagger docs

* docs(api/templates): add swagger docs

* docs(api/users): add swagger docs

* docs(api/webhooks): add swagger docs

* docs(api/webscokets): add swagger docs

* docs(api/stacks): swagger

* docs(api): fix missing apis

* docs(swagger): regen

* chore(build): remove docs from build

* docs(api): update tags

* docs(api): document tags

* docs(api): add description

* docs(api): rename jwt token

* docs(api): add info about types

* docs(api): document types

* docs(api): update request types annotation

* docs(api): doc registry and resource control

* chore(docs): add snippet

* docs(api): add description to role

* docs(api): add types for settings

* docs(status): add types

* style(swagger): remove documented code

* docs(http/upload): update docs with types

* docs(http/tags): add types

* docs(api/custom_templates): add types

* docs(api/teammembership): add types

* docs(http/teams): add types

* docs(http/stacks): add types

* docs(edge): add types to edgestack

* docs(http/teammembership): remove double returns

* docs(api/user): add types

* docs(http): fixes to make file built

* chore(snippets): add scope to swagger snippet

* chore(deps): install swag

* chore(swagger): remove handler

* docs(api): add description

* docs(api): ignore docs folder

* docs(api): add contributing guidelines

* docs(api): cleanup handler

* chore(deps): require swaggo

* fix(auth): fix typo

* fix(docs): make http ids pascal case

* feat(edge): add ids to http handlers

* fix(docs): add ids

* fix(docs): show correct api version

* chore(deps): remove swaggo dependency

* chore(docs): add install script for swag

* merge examples

* go.mod update

* merge validate rules

* remove empty example tag

* swagger anotation format

* swagger annotation update

* clean up go.mod

* update docs prebuild script

* Update porImageRegistry.html

* Update yamlInspector.html

* Update porImageRegistry.html

* Update package.json

* wording change

Co-authored-by: Chaim Lev-Ari <chiptus@users.noreply.github.com>
2021-06-04 09:37:23 +12:00
Chaim Lev-Ari 8e0f681dd3 fix(docker/settings): fetch correct value for allow sysctl (#343)
* fix(docker/settings): fetch correct value for allow sysctl

* fix(endpoints): set sysctl setting for new endpoints
2021-06-03 11:36:50 +02:00
Dmitry Salakhov 3634b5a10f feat: update docker version to 19.03 (#285)
tested with both linux and windows agents and edge agents
2021-06-02 10:38:53 +12:00
Dmitry Salakhov d52e38a323 feat: update docker version to 19.03 (#286) 2021-06-02 09:25:06 +12:00
dbuduev 4aa004e4e7 feat(git): Git clone improvements [EE-451] (#371) 2021-05-24 17:27:20 +12:00
cong meng a6cab5f439 fix(rbac): clean namespace access policies EE-744 (#377)
* fix(rbac) override AccessPolicies by endpint group ID correctly instead by array index  EE-744

* fix(rbac) Iterate users and teams who are existing in NAP EE-744

* fix(rbac) Rename long func name to CleanNAPWithOverridePolicies EE-744

* fix(rbac) cleanup code EE-744

Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-05-20 15:06:02 +12:00
cong meng 54ddb902e4 fix(rbac) Unable to remove an endpoint role from the user when the k8s endpoint is offline EE-736 (#375)
Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-05-17 11:15:05 +12:00
Chaim Lev-Ari d64cc63a96 feat(k8s): UI: replace resourcepool with namespace EE-445 (#333) 2021-05-14 16:03:07 +12:00
yi-portainer 6aefdadc36 * update portainer version
(cherry picked from commit 93f763db1c)
2021-05-13 18:34:48 +12:00
yi-portainer 93f763db1c * update portainer version 2021-05-13 14:59:42 +12:00
cong meng 4837ab6a60 fix(rbac) User previously given access to namespace, can see it when they shouldn't EE-717 (#363)
Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-05-13 04:39:24 +02:00
dbuduev 81ea206f48 Revert "feat(git): Git clone improvements [EE-451] (#360)" (#366)
This reverts commit 08e3f6ac1a.
2021-05-12 10:44:09 +12:00
Dmitry Salakhov be4454edc2 fix(namespace): update portainer-config when delete a namespace [EE-681] (#362) 2021-05-11 20:51:07 +12:00
dbuduev 08e3f6ac1a feat(git): Git clone improvements [EE-451] (#360)
* feat(git): update git checkout [EE-630] (#348)

* feat(git): Add Azure DevOps exception [EE-631] (#356)

* feat(git): refactoring git package (#631)

* feat(git): azure parse https url (#631)

* feat(git): unit-test refactoring (#631)

* feat(git): azure parse urls (#631)

* feat(git): extract azure module (#631)

* feat(git): azure service functions (#631)

* feat(git): azure, git refactoring and tests (#631)

* feat(archive): add unzip file tests (#631)

* feat(git): PR review changes (#631)

* feat(git): error handling updates (#631)

* feat(git): error handling updates (#631)

* feat(archive): test refactoring (#631)

Co-authored-by: Dennis Buduev <dennis.b@clubware.co.nz>

* feat(git) remove .git directory (#451)

* feat(git): return git clone error (#630)

Co-authored-by: Dennis Buduev <dennis.b@clubware.co.nz>
2021-05-11 14:57:22 +12:00
Dmitry Salakhov a748857999 Fix(k8s): user cannot access k8s namespace [EE-629] (#353)
* fix: drop token cache when user updates config map

* tmp

* tmp

* fix: use same instance of token cache aross the app
2021-05-07 14:44:11 +12:00
cong meng f98ca82bee fix(ACI): ACI UAC breaks when redeploying container with same name asone already existing EE-645 (#346)
* add container existence check

* modify response status code and err message

* return json instead of plain text for err msg

* Update api/http/proxy/factory/azure/containergroup.go

* Update api/http/proxy/factory/azure/containergroup.go

Co-authored-by: ArrisLee <arris_li@hotmail.com>
Co-authored-by: Stéphane Busso <sbusso@users.noreply.github.com>
2021-05-05 20:11:43 +12:00
cong meng 86a7a7820f fix(log): ACI container create and delete is not logged in user activity UI EE-621 (#345)
Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-05-05 12:51:57 +12:00
zees-dev 432c2e7751 fix(access): homepage accessible by non-admin users (#344) 2021-05-05 11:53:14 +12:00
cong meng c7bac163c5 fix(uac): EE-173 Access control management via labels not fault tolerant (#314) 2021-05-04 12:40:44 +12:00
Hui dc86024078 fix(stack): normalize stack name only for libcompose (#301)
* normalize stack name only for libcompose

* reformat and cleanup

Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
2021-05-03 18:11:34 +02:00
cong meng 5520585ac9 fix(k8s): Standard user & read-only user can see namespaces without access permissions EE-619 (#341)
Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-05-02 18:23:37 +12:00
zees-dev 27ad7d077f fix(customtemplate): Cannot create custom template from uploaded compose file EE-163 (#283) 2021-04-29 11:08:47 +12:00
Hui 5596a3bc99 feat(container): add sysctls setting in the container view EE-43 (#280) 2021-04-29 11:07:48 +12:00
fhanportainer 933177948d fix(snapshot): update snapshot interval (#309) 2021-04-29 09:54:50 +12:00
Dmitry Salakhov ac4820da9f feat(logs): improved fatal log messages (#281) 2021-04-29 09:23:22 +12:00
cong meng 36d6df7885 fix(rbac): user in 2 teams with mix of endpoint admin and operator has perms of endpoint admin EE-587 (#335)
* fix(rbac) user in 2 teams with mix of endpoint admin and operator has perms of endpoint admin EE-587

* fix(rbac) add unit test for getKeyRole function EE-587

Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-04-28 20:11:51 +12:00
cong meng cbc34bdd6d feat(edge): Show the status of the edge agent check-in on the home page dashboard EE-178 (#325) 2021-04-28 16:46:19 +12:00
Stéphane Busso db15482adc fix(logging): Content is not set to [REDACTED] when creating or editing sensitive kube configs EE-580 (#330)
* fix stringData from secrets

* feat(useractivity): log secrets

Co-authored-by: Chaim Lev-Ari <chiptus@gmail.com>
2021-04-28 10:05:41 +12:00
fhanportainer cb6fb3e47b fix(k8s/endpoint): update endpoint URL (#324) 2021-04-27 15:29:38 +12:00
Hui 0295552a7a fix(stack): show correct error message 2021-04-21 14:47:45 +12:00
yi-portainer c5488a8fc0 * update portainer version
(cherry picked from commit ef94b69718)
2021-04-16 14:03:12 +12:00
yi-portainer ef94b69718 * update portainer version 2021-04-16 14:01:18 +12:00
Chaim Lev-Ari 8d53b5c60e fix(stacks): enable compose access to private registries (#264)
* fix(stacks): enable compose access to private registries

* chore(deps): update docker-wrapper lib

* update mod

* Update wrapper lib to rebased PR

* Update wrapper

Co-authored-by: Stéphane Busso <stephane.busso@gmail.com>
2021-04-16 13:14:20 +12:00
Chaim Lev-Ari 3d3bc9b692 fix(api): use docker-compose on windows (#273)
* feat(api): log compose initializtion

* feat(stacks): update docker-compose version

* feat(api): remove logs

* Update library

Co-authored-by: Stéphane Busso <stephane.busso@gmail.com>
2021-04-16 00:30:50 +02:00
cong meng e6e5885fa2 Feat(rbac): Change migration for rbac operator role EE-226 (#266)
* feat(rbac): EE-226 set db version to 29 other than 30

* feat(rbac): EE-226  avoid a js warning

Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-04-15 20:58:03 +12:00
Chaim Lev-Ari 99a372fb88 feat(useractivity): log user activity for write actions (#229)
* feat(useractivity): introduce backend for useractivity logging (#213)

* refactor(useractivity): move query and logs to base type

* feat(useractivity): cleanup user activity logs

* feat(useractivity): log an activity

* refactor(useractivity): create generic get logs function

* fix(api): hide unused function

* refactor(useractivity): create generic get logs function

* feat(useractivity): get user activity logs

* feat(http/ua): add http get logs handler

* refactor(http/ua): rename logs_list file

* feat(useractivity): fetch logs as csv

* feat(useractivity): save payload as bytes

* style(useractivity): doc the count parameter

* feat(useractivity): introduce UI for user activity logs (#220)

* feat(useractivity): add useractivity page

* feat(useractivity): get logs from server

* feat(useractivity): show logs in datatable

* fix(useractivity): save logs as csv

* feat(useractivity): show logs payload

* feat(useractivity): sort desc by default

* feat(useractivity): parse object

* fix(useractivity): expect base64 payload

* feat(useractivity): show message when missing logs

* feat(useractivity): log api (#215)

* feat(templates): log write methods

* refactor(useractivity): move middleware

* feat(dockerhub): log update docker settings

* feat(edgegroup): log write

* feat(edgejobs): log write request

* feat(useractivity): return bytes to user

* fix(customtemplates): set activity context

* feat(edgestacks): log activities

* feat(endpointgroup): log activities

* feat(endpoint): log write activities

* feat(licenses): log write activities

* feat(registries): log activitites

* feat(resource_control): log user activity

* feat(settings): log update

* feat(stacks): log activity

* feat(tags): log user activitiy

* feat(teammembership): log user activity

* feat(teams): log write activities

* feat(useractivity): get default context

* feat(http/upload): log upload tls

* feat(users): log user activities

* fix(settings): clean payload

* feat(webhook): log user activities

* feat(websocket): log activities

* feat(docker): log write activities

* refactor(useractivity): move log proxy

* feat(azure): log write activity

* refactor(kube): use basic transport for all transports

* feat(kube): log kube activity

* fix(useractivity): parse body

* refactor(kuberenetes): log requests only if success

* refactor(docker): log requests only if success

* refactor(azure): log requests only if success

* feat(gitlab): log activity

* feat(registries): log proxy request

Co-authored-by: Chaim Lev-Ari <chiptus@gmail.com>

* feat(activity-logs): save pagination limit

* feat(useractivity): remove config payload

* fix(docker): log request after success

* refactor(http): move copy body to utils

* feat(kuberentes): remove config values

* feat(useractivity): copy body before request

* fix(useractivity): fix column size

* feat(useractivity): filter json payloads

* refactor(useractivity): log with same logic

* fix(useractivity/csv): export same columns as datatable

* fix(useractivity): replace context with endpoint

* fix(user-activity): rename tables

* feat(endpoint): clear azure key

* feat(stacks): omit empty migrate values

* fix(stacks): add back import

* feat(endpoints): log update settings

* fix(registry): clear password value

* feat(registry): omit update empty value

* fix(registries): don't return from unauthorized azure request

* fix(useractivity): log any payload similar to json

* feat(useractivity): ignoer binary upload

* fix(useractivity): refresh user activity logs

* feat(useractivity): use [REDACTED] for cleared credential (#265)

* feat(docker/services): log force update service

* feat(useractivity): log username when available

* feat(webhooks): remove logging of execute

* refactor(http): replace redacted values

* style(kube): remove commented code

* feat(http/kube): proxy local requests

* feat(useractivity): log patch method

* fix(datatables): use unique filter id

* fix kube settings update

* fix: EE-527 set payload to [REDACTED] when update kube config

* refactor(http/k8s): rename proxy function

* EE-530: a dummy fix of exec activity log for a local kube setup

Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
Co-authored-by: Hui <arris_li@hotmail.com>
Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-04-15 20:37:29 +12:00
Dmitry Salakhov 37baabe134 EE-292: backup to and restore from s3 (#240)
* EE-384: add endpoint to set auto backup (#224)

* EE-383: add endpoint to fetch backup settings (#231)

* add get backup settings handler
* add api docs desc

* EE-382: restore from s3 (#233)

* EE-381: add GET backup status handler (#234)

* EE-385: Add S3 backup execute handler (#237)

* add s3 backup execute handler

* refactories inside `./api/backup/backup_scheduler.go` and `./api/backup/backup_scheduler.go`

* fix tests

* EE-375: added backup to S3 form

* EE-376: added restore from S3 form

* EE-377: Update Home screen to display last backup run status

* update backup service with back end endpoints.

* restart admin monitor during s3 restores

* use go 1.13

* go 1.13 compatibility

* EE-375: added cron-validator lib

* EE-375: using enum to compare form types

* EE-375: validate cron rule field

* try fix windows build

* EE-375 EE-376 backup and restore forms validation changes

* fix(autobackup): update autobackup settings validation rules (#260)

* fix(autobackup): automate backup to s3 fe update (#261)

* EE-292: fixed typo in property.

* EE-292: updated auto backup front end validation.

* EE-292: updated lib to validate cron rule in front end

* fix dependencies

* bumped libcompose version

Co-authored-by: Hui <arris_li@hotmail.com>
Co-authored-by: Felix Han <felix.han@portainer.io>
Co-authored-by: fhanportainer <79428273+fhanportainer@users.noreply.github.com>
2021-04-15 12:12:53 +12:00
cong meng 1b9a7d2f52 fix(registry): EE-387 can not browse proget registry (#236)
Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-04-13 15:34:59 +02:00
Hui 7666d32e97 EE-367: update liblicense version number (#248)
* update liblicense version number and minor test file fix

* revert test file fix
2021-04-13 16:12:33 +12:00
Maxime Bajeux 7d3790fc18 feat(custom-templates): switching a template to standalone makes it disappear in swarm mode (#219) 2021-04-13 13:14:50 +12:00
cong meng aeadb5c375 fix(k8s): EE-354 Unable to use advanced deployment feature on agent and Edge agent endpoints (#194)
* fix(k8s): EE-354 Unable to use advanced deployment feature on agent and Edge agent endpoints

* fix(k8s): EE-354 enable advance deploy UI

* fix(k8s): EE-354 use the v2 version of agent api instead of v3

Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-04-12 15:34:33 +02:00
Hui e48b6940e7 fix(test): Use connection.DB (#253) 2021-04-12 12:49:46 +12:00
cong meng 6eb3dfd3c2 feat(ACI): EE-261 Add RBAC to ACI (#226)
Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-04-09 02:20:33 +02:00
Chaim Lev-Ari 2fb60a29de style(proxy): fix function name (#243) 2021-04-09 09:02:32 +12:00
cong meng edb05e6e00 feat(ACI): EE-273 add UAC to ACI (#222)
Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-04-08 10:46:04 +12:00
Chaim Lev-Ari b8ecadb314 feat(useractivity): introduce auth logs (#203) 2021-04-07 16:54:07 +12:00
Dmitry Salakhov e15b908983 Feat(backup): add the ability to backup and restore portainer from file [EE-279] (#204)
* EE-319: backup endpoint (#193)

* feat(backup):
* add an orbiter to block writes while backup
* add backup handler
* add an ability to tar.gz a dir
* add aes encryption support

* EE-320: restore endpoint (#196)

* feat(backup):
* add restore handler
* re-init system state after restore

* feat(backup): Update server to respect readonly lock (#199)

* feat(backup): EE-322 Add backup and restore screen (#198)

Co-authored-by: Simon Meng <simon.meng@portainer.io>

* name archive as portainer-backup_yyyy-mm-dd_hh-mm-ss

* backup custom templates and edge jobs

* restart http and proxy servers after restore to re-init internal state

* feat(backup): EE-322 hide password field if password protect toggle is off

* feat(backup): EE-322 add tooltip for password field of restore backup

* feat(backup): EE-322 wait for backend restart after restoring

* Shutdown background go-routines

* changed restore err message when cannot extract

* fix: symlinks are ignored from backups

* replace single admin check with a restartable monitor (#238)

* clean log

Co-authored-by: Maxime Bajeux <max.bajeux@gmail.com>
Co-authored-by: cong meng <mcpacino@gmail.com>
Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-04-06 15:41:41 +12:00
cong meng f9cf76234f feat(rbac): EE-226 Add a new RBAC "Operator" Role (#191)
* feat(rbac): EE-226 Add a new RBAC "Operator" Role

* feat(rbac): EE-226 prioritize Operator after EndpointAdmin and before Helpdesk

* feat(rbac): EE-226 access viewer shows incorrect effective role after introduce of Operator

* feat(rbac): EE-226 show roles order by priority other than name

* feat(rbac): EE-226 remove OperationK8sVolumeDetailsW authorization from operator role

* feat(rbac): EE-226 always increase bucket next sequence when create a role

Co-authored-by: Simon Meng <simon.meng@portainer.io>
2021-04-06 11:34:54 +12:00