Commit Graph

522 Commits

Author SHA1 Message Date
Chaim Lev-Ari cec0ef17e0 feat(licenses): sync between portainer and license-server (#41)
* feat(license): add sync service

* feat(licenses): check license server

* chore(deps): update liblicense

* feat(license): revoke license if invalid

* feat(license): log revokation

* - removed retry logics
- removed license sync logging
* revert liblicense version

* - remove not used field

Co-authored-by: yi-portainer <yi.chen@portainer.io>
2020-11-04 14:07:45 +13:00
Yi Chen 2247d8c3a2 (feat)k8s/RBAC: Provide Portainer RBAC functionality for Kubernetes endpoints (#35)
* + endpoint and namespace level authorizations
+ user namespace authorization API
+ k8s client setup service account with k8s roles and policies by portainer role
* User authorization changes refresh token cache
* rbac authorizes k8s requests
* CE to EE migrator to include new authorizations

* code clean up
* comments

* * merge in the RestrictDefaultNamespace changes

* - remove unnecessary check for default namespace

* + updates namespace access policies when generating token

* * updates namespace access policies when querying the user namespace endpoint

* + k8s rule in rbac.go for endpoint access test
+ missing k8s cluster rules for different roles

* feat(rbac): update kube rbac

* feat(rbac): use the authorization directive

* feat(rbac): Update namespace access policies when user/team is deleted

* refactor(app): use new angular-multi-select capabilities

* feat(rbac): fix authorizations

* feat(rbac): fix userAccessPolicies update bug

* feat(rbac): add W applications authorizations

* feat(rbac): add application details W authorizations

* feat(rbac): add configurations W autohorizations

* feat(rbac): add configuration details W authorizations

* feat(rbac): add volumes W authorizations

* feat(rbac): add volume details W authorizations

* feat(rbac): add componentstatus to portainer-view role and add cluster/node authorizations

* fix(rbac): disable application note for non authorized user

* fix(rbac): add endpoints list and components status to portainer-basic

* fix(rbac): allow user to access default namespace when restrict default namespace isn't activated

* fix(rbac): remove default namespace from useraccesspolicies when restrict default namespace isn't activated

* fix(rbac): change some things

* fix(rbac): allow standard user to access container console

* - removed unused parameter

* fix(rbac): fix team authorizations

Co-authored-by: Maxime Bajeux <max.bajeux@gmail.com>
Co-authored-by: xAt0mZ <baron_l@epitech.eu>
2020-11-03 22:08:09 +13:00
Chaim Lev-Ari 0e7cb4cb42 feat(stacks): prevent name collision with external stacks (#16)
* feat(stacks): check for name collision within external stacks

* feat(stacks): check for name collisions

* feat(stacks): check for running stacks

* feat(stacks): change name collision message

* feat(stack): check for existing services only on swarm

* fix(http): supply docker factory to handler

* feat(stacks): look at all containers
2020-11-03 15:50:18 +13:00
Chaim Lev-Ari 812c0b34ea feat(ldap): simplify ldap configuration (#15)
* feat(ldap): simplify ldap configuration

refactor(auth): move ldap settings to a component

feat(ldap): add username style autofill

feat(ldap): customs for ad

feat(app): introduce box selector

refactor(auth-settings): use box selector

feat(ldap): style changes

refactor(ldap): move connectivity check button to a component

refactor(settings): move ldap security settings to a component

refactor(ldap): move user search to component

refactor(ldap): move group search to component

style(ldap): remove comment

refactor(auth-settings): move auto-user-toggle to component

feat(ldap): provide methods to search for users and groups

refactor(ldap): move group/user settings into component

refactor(ldap): provide labels for components

refactor(ldap): separate custom and ad settings

fix(ldap): search for users

feat(ldap): search users

feat(ldap): complete password if missing

feat(ldap): search for users

feat(ldap): show a list of users

feat(ldap): get user uid

feat(ldap): search groups without password

feat(groups): show group results

feat(ldap): add display types

feat(ldap): search for groups

refactor(ldap): clean code

fix(ldap): sort users table

fix(ldap): show settings by type

feat(ldap): parse values from basedn

feat(ldap): parse values

feat(app): emit on change event from box-selector

feat(ldap): user search filter

feat(ldap): search username attribute

feat(ldap): remove format around search filter

feat(ldap): ad group search

refactor(ldap): move dn builder to component

feat(ldap): use base dn builder for group search

feat(ldap): search for ad groups

refactor(ldap): replace domain root object

feat(ldap): openldap settings

refactor(ldap): delete empty controllers

feat(ldap): remove warning on wrong group filter

feat(ldap): clear username and pass if not AD

feat(ldap): clear basedn when switch from openldap to ad

feat(ldap): clear ldap settings when switich from ldap to ad

feat(ldap): set dn only if there are values

feat(ldap): support more cases of domains

feat(ldap): parse openldap domain correctly

refactor(ldap): move server type check

feat(ldap): move entries

feat(ldap): show username format

style(ldap): remove comments

feat(ldap): clear group filter when no groups

refactor(ldap): replace generic payload

feat(ldap): allow the user to test login

feat(ldap): add test login to custom and open ldap settings

feat(ldap): style fixes

fix(ldap): style fix

fix(ldap): style fixes

refactor(ldap): move components to module

feat(ldap): add group entries

feat(ldap): add borders around each group entry

feat(ldap): parse user filter

feat(ldap): add/remove group

feat(ldap): set ad anonymous mode to false

feat(ldap): add group name

feat(ldap): fix parentheses

feat(ldap): separate between each search config

fix(ldap): fix parsing of group dn

feat(ldap): style fixes

feat(ldap): remove of change of filter

refactor(ldap): remove user display style

feat(ldap): rename group entries field

refactor(auth): move auto user provision

refactor(ldap): refactor box selector

feat(ldap): move ad settings to be a global setting

style(ldap): remove comments

feat(ldap): add auto user toggle

refactor(auth/ad): rename ad component

fix(auth/ad): fix the use of a certificate

refactor(ldap): rename components

fix(ldap): show user and group search

fix(ldap): design group settings

feat(ldap): search users and groups

feat(ldap): add margins

refactor(ldap): separate ldap and ad settings

refactor(auth): use central check for auth method

feat(ldap): clear margins

feat(ldap): add port if missing

feat(ldap): fix ad name

fix(ldap): rename fields

feat(ldap): add domain root field

feat(auth/ad): remove domain root field

feat(ldap): rename base dn to root domain

feat(ldap/openldap): get suffix

feat(ldap/open): change base filter

fix(ldap): align

feat(db): introduce migration for ldap server type

refactor(ldap): move service to ldap module

refactor(ldap): sync between client and server constants

fix(ldap): use post for check

style(ldap): fix handler comments

fix(ldap): check for errors

style(ldap): fix tyop

fix(ldap): check equality

style(ldap): add comments

fix(ldap): allow anonymous mode

fix(ldap): show errors on search users

feat(lasp): use custom settings for each server

fix(ldap): supply default group filter

fix(ldap): show domain suffix in new settings

fix(ldap): replace icon with text

refactor(components): remove box-selector-wrapper

* fix(ldap): enable test when form is valid

* fix(ldap): add port if missing
2020-11-03 15:26:28 +13:00
Chaim Lev-Ari 3b670c1f54 feat(db): add flag to rollback to ce edition (#39)
* feat(db): add flag to rollback to ce edition

* refactor(db): make backup of db

* style(api): remove comments

* refactor(db): export backup function

Co-authored-by: yi-portainer <yi.chen@portainer.io>
2020-11-03 14:05:42 +13:00
Maxime Bajeux 82297ba990 feat(resource-pool): Provide a means for an admin to allow/disallow resource over-commit (#33)
* feat(resource-pool): change resource over commit implementation

* fix(resource-pool): hide resource reservation gauges when resources are set to unlimited both

* feat(resource-pool): renaming and hide switch when resource over commit is disabled

* feat(k8s/resource-pools): minor UI update

* fix(resource-pool): fix resource quota validation on resource pool details

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-11-03 10:52:44 +13:00
Chaim Lev-Ari 15ce12e7b7 feat(license): introduce license management (#31)
* feat(license): add liblicense dep

* feat(license): add bolt license service

* feat(license): introduce license service

* feat(license): validate license before adding

* feat(license): aggregate info after changing of licenses

* feat(http): implement http handlers

* feat(license-management): introduce license service

* feat(licenses): introduce empty view

* feat(license-management): add datatable

* feat(licenses): show license info

* fix(license): inject services

* feat(licenses): add buttons to buy/renew license

* feat(licenses): introduce add license route

* feat(licenses): add license form

* feat(license): datatable

* feat(license): show more details about license

* refactor(license): rename components name

* feat(licenses): show expiration date

* feat(license): introduce init license route

* feat(license): validate license

* feat(license): save licenses

* feat(bouncer): check if license is valid on restricted

* feat(bouncer): remove license check on api

* feat(home): add node warning

* feat(licenses): remove license

* feat(licenses): listen to info changes

* feat(license): show license expiration message

* feat(license): block regular users from licenses view

* feat(license): prevent removing of last license

* fix(license): show message when failed delete

* feat(license): remove trial license when applying oneoff

* feat(license): hide the number of nodes for trial

* feat(auth): disable login if license is invalid

* feat(licenses): add confirmation before removal of license

* feat(nodes): count nodes in env

* feat(license): show message if nodes exceed allowed

* feat(deps): update liblicense

* feat(licenses): show validation errors

* feat(license): use information panel for node info

* fix(license): reload license data on remove

* fix(license): always send list of failed keys

* fix(license): rename buttons

* feat(license): replace icon

* feat(license): add link to licenses page in add license

* fix(licenses): show green valid icon

* fix(licenses): rename expires at

* fix(licenses): rename Attach to add

* fix(licenses): show license type label

* feat(license): aggregate revoked info

* chore(deps): update liblicense

* fix(license): remove space

* fix(sidebar): align icon

* fix(license): change info layout

* feat(license): aggregate only valid licenses

* fix(licenses): move add license to a new line

* style(license): remove console

* refactor(license): move license line to component

* feat(license): check server validation

* fix(licenses): check form validation before submit

* feat(licenses): send only invalid licenses

* fix(license):  hide panels when not needed

* feat(licnese): receive a single license on init

* refactor(header): move header to module

* feat(license): move license panel to header

* fix(header): set min height

* fix(home): show node warning only if subscription

* feat(licenses): minor UI updates

* feat(licenses): minor UI update

* feat(licenses-datatable): add copy button

* fix(licenses-datatable): show date without hours

* feat(license): show expiration message

* fix(users): get user info only on restriced access

* fix(license): clear check for single license

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-11-02 19:10:57 +13:00
Chaim Lev-Ari 9591e1012c feat(auth): support a list of LDAP urls (#9)
* feat(ldap): move urls to url

* feat(ldap): test a few connections

* feat(ldap): update urls

* feat(settings-auth): support array of ldap urls

* feat(settings-auth): support list of urls

* feat(auth): add explanation about server urls

* feat(bolt): add url to urls only if needed

* fix(settings): add nil guards

* fix(settings): set inital value for ldap urls

* feat(settings): prevent the deletion of the first url

* feat(core/settings): minor UI update

* feat(authentication): check that ldap settings are valid

* feat(bolt): create migration for settings

* fix(settings): add wrapping

* feat(ldap): disable submit button only on ldap

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-11-02 11:39:25 +13:00
Chaim Lev-Ari b357cb54f0 fix(kuberentes): disable rbac check for kuberentes (#38) 2020-10-28 23:13:51 +13:00
Chaim Lev-Ari d645b4ce6d fix(rbac): add user portainer authorization from ce (#37)
* fix(rbac): add user portainer authorization from ce

* fix(bolt): remove unneeded property
2020-10-28 16:49:30 +13:00
Chaim Lev-Ari c23d2a33da feat(rbac): protect templates deployment (#34)
* feat(templates): show templates link

* feat(templates): protect deploying of templates

* feat(templates): allow fetching of templates to any user

* feat(rbac): allow template file fetching
2020-10-27 20:33:49 +13:00
Chaim Lev-Ari 41eb89cdb1 fix(docker): check for endpoint access auth (#32)
* fix(docker): check for endpoint access auth

* fix(rbac): load user authorizations

* fix(volumes): hide browse button when not agent
2020-10-22 16:07:43 +13:00
Maxime Bajeux 1f26bc6e8b feat(namespace): Hide Default Namespace for non-admins (#25)
* feat(namespace): Hide Default Namespace for non-admins

* feat(namespace): fix expected behavior when turning on the setting

* feat(resourcePool): Handle when user doesn't have access to any resource pool

* Update app/kubernetes/views/applications/create/createApplication.html

* Update app/kubernetes/views/configurations/create/createConfiguration.html

* Update app/kubernetes/views/applications/create/createApplication.html

* Update app/kubernetes/views/configurations/create/createConfiguration.html

Co-authored-by: Anthony Lapenna <anthony.lapenna@portainer.io>
2020-10-15 14:02:29 +13:00
Chaim Lev-Ari 336399d482 fix(db): set edition on first run (#30) 2020-10-09 09:29:48 +13:00
Chaim Lev-Ari 8dba19694a feat(roles-management): integrate rbac extension (#6)
* refactor(rbac): move client extension code

* feat(app): remove checks for extension

* feat(rbac): remove checks for extensions

* feat(extensions): remove reference to rbac extensions

* feat(roles): add changes from codebase before removal of rbac

* refactor(security): remove rbac service

* refactor(security): use AdminAccess as an alias

* fix(access): rename policies type

* style(security): add comment about Aliasing AdminAccess to RestrictedAccess

* feat(bolt): add auth migration from ce to ee

* feat(stacks): use authorized access to stop/start stacks

* fix(bolt): supply right params to migrator

* feat(rbac): get authorization on client side
2020-10-07 23:21:14 +13:00
Chaim Lev-Ari 66375454a7 feat(edition): change from BE to EE (#24) 2020-09-15 19:37:43 +12:00
Chaim Lev-Ari 92872435c4 feat(registry): integrate RM extension (#4)
* refactor(registries): move to portainer

* feat(registries): show browse link

* feat(registry): move registry extension code

* fix(registry): revert files

* refactor(registry): use component

* refactor(registry): replace $scope with this

* refactor(registry): use async await

* refactor(registry): rename and extract

* refactor(registry): rename progression-modal files

* refactor(registry): replace view with component

* refactor(registry): replace with component

* style(regirstries): sort handler keys

* feat(registry): force the recreation of a proxy client

* fix(registry): ignore 404 tags
2020-09-08 19:35:29 +12:00
Chaim Lev-Ari 5459c5cc5b feat(bolt): handle migrations from ce to ee (#22)
* feat(db): add edition value to db

* feat(bolt): handle migrations from ce to ee

* refactor(bolt): merge if branches

* refactor(bolt): rename migration function

* feat(bolt): change migration message

* feat(bolt): add edition to migration messages

* feat(bolt): add log tags

* feat(portainer): add edition

* feat(db): set initial db version

* feat(bolt): cache current version

* refactor(portainer): remove current edition const
2020-09-07 22:15:38 +12:00
Anthony Lapenna 81703dfd0b feat(resource-pools): Provide a means for an admin to allow/disallow resource over-commit 2020-09-01 10:18:15 +12:00
Anthony Lapenna 65bdc2ed6f feat(portainer-ee): Use a different source for MOTD 2020-09-01 08:42:58 +12:00
Maxime Bajeux 5437d9db7c feat(resource-pools): Provide a means for an admin to allow/disallow resource over-commit 2020-08-30 23:22:28 +02:00
Anthony Lapenna ce8e245759 chore(version): bump version number 2020-08-27 17:48:02 +12:00
Chaim Lev-Ari eb0278d230 feat(core/cli): change analytics flag message (#4273)
* feat(cli): remove no-analytics flag default value

* feat(cli): hide no-analytics deprecation message when it's false
2020-08-26 23:58:19 +12:00
Chaim Lev-Ari b4f97efb85 fix(rbac): clean leftovers (#4265) 2020-08-25 11:04:51 +12:00
Maxime Bajeux 18c1425b8e feat(portainer-ee): Use a different source for MOTD 2020-08-24 18:34:29 +02:00
Anthony Lapenna fc248c31c7 fix(api/stacks): add authorization checks for start/stop operations (#4248)
* fix(api/stacks): add authorization checks for start/stop operations

* feat(api/stacks): re-order validation checks

* fix(api/stacks): add missing endpoint validation check
2020-08-21 15:16:38 +12:00
Chaim Lev-Ari a3b54e1981 fix(api/custom-templates): prevent name collisions on update (#4250) 2020-08-21 10:17:30 +12:00
Chaim Lev-Ari 9fd38a0543 fix(volumes): enable volume browsing (#4233)
* fix(docker): browse an agent volume

* refactor(volumes): get resource id from endpoint
2020-08-21 00:29:46 +12:00
xAt0mZ d850e18ff0 feat(k8s/ingresses): add more granularity to ingress configuration (#4220)
* feat(k8s/configure): separate ingress class name and ingress class type

* feat(k8s/resource-pool): ability to add custom annotations to ingress classes on RP create/edit

* feat(k8s/ingresses): remove 'allow users to use ingress' switch

* feat(k8s/configure): minor UI update

* feat(k8s/resource-pool): minor UI update

* feat(k8s/application): update ingress route form validation

* refactor(k8s/resource-pool): remove console.log statement

* feat(k8s/resource-pool): update ingress annotation placeholders

* feat(k8s/configure): add pattern form validation on ingress class

* fix(k8s/resource-pool): automatically associate ingress class to ingress

* fix(k8s/resource-pool): fix invalid ingress when updating a resource pool

* fix(k8s/resource-pool): update ingress rewrite target annotation value

* feat(k8s/application): ingress form validation

* fix(k8s/application): squash ingress rules with empty host inside a single one

* feat(k8s/resource-pool): ingress host validation

* fix(k8s/resource-pool): rewrite rewrite option and only display it for ingress of type nginx

* feat(k8s/application): do not expose ingress applications over node port

* feat(k8s/application): add specific notice for ingress

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-08-20 12:51:14 +12:00
Chaim Lev-Ari 35fa9d6981 fix(oauth): if username is empty, fail to login (#4232)
* fix(oauth): if username is empty, fail to login

* fix(oauth): return err when failing to find username

* fix(oauth): disable autofill
2020-08-19 00:38:58 +12:00
Anthony Lapenna 1ef78c0fdf refactor(core/db): refactor instance ID init 2020-08-16 10:54:50 +12:00
Anthony Lapenna 9733d32551 feat(core/support): remove support related API route 2020-08-16 10:45:04 +12:00
Anthony Lapenna 449b7888d3 fix(k8s/backend): update stander user cluster roles permissions 2020-08-14 17:08:51 +12:00
Chaim Lev-Ari 32bac9ffcc fix(main): terminate server if err returned by instanceId check is not nil (#4209) 2020-08-14 11:41:39 +12:00
xAt0mZ f91d3f1ca3 feat(k8s/applications): expose applications via ingress (#4136)
* feat(k8s/endpoint): expose ingress controllers on endpoints

* feat(k8s/applications): add ability to expose applications over ingress - missing RP and app edits

* feat(k8s/application): add validation for ingress routes

* feat(k8s/resource-pools): edit available ingress classes

* fix(k8s/ingress): var name refactor was partially applied

* feat(kubernetes): double validation on RP edit

* feat(k8s/application): app edit ingress update + formvalidation + UI rework

* feat(k8s/ingress): dictionary for default annotations on ingress creation

* fix(k8s/application): temporary fix + TODO dev notice

* feat(k8s/application): select default ingress of selected resource pool

* feat(k8s/ingress): revert ingressClassName removal

* feat(k8s/ingress): admins can now add an host to ingress in a resource pool

* feat(k8s/resource-pool): list applications using RP ingresses

* feat(k8s/configure): minor UI update

* feat(k8s/configure): minor UI update

* feat(k8s/configure): minor UI update

* feat(k8s/configure): minor UI update

* feat(k8s/configure): minor UI update

* fix(k8s/ingresses): remove host if undefined

* feat(k8s/resource-pool): remove the activate ingresses switch

* fix(k8s/resource-pool): edditing an ingress host was deleting all the routes of the ingress

* feat(k8s/application): prevent app deploy if no ports to publish and publishing type not internal

* feat(k8s/ingress): minor UI update

* fix(k8s/ingress): allow routes without prepending /

* feat(k8s/application): add form validation on ingress route

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-08-13 11:30:23 +12:00
Anthony Lapenna 2c15dcd1f2 feat(k8s): use instance ID to create unique k8s resources (#4196) 2020-08-12 17:10:28 +12:00
Chaim Lev-Ari 9d18d47194 feat(extensions): remove rbac extension (#4157)
* feat(extensions): remove rbac extension client code

* feat(extensions): remove server rbac code

* remove extensions code

* fix(notifications): remove error

* feat(extensions): remove authorizations service

* feat(rbac): deprecate fields

* fix(portainer): revert change

* fix(bouncer): remove rbac authorization check

* feat(sidebar): remove roles link

* fix(portainer): remove portainer module
2020-08-11 17:41:37 +12:00
Maxime Bajeux 61f97469ab feat(application): Add the ability to use existing volumes when creating an application (#4044)
* feat(applications): update UI to use existing volumes

* feat(application): Add the ability to use existing volumes when creating an application

* feat(application): Existing persisted folders should default to associated volumes

* feat(application): add form validation to existing volume

* feat(application): remove the ability to use an existing volume with statefulset application

* feat(k8s/applications): minor UI update

* feat(k8s/application): minor UI update

* feat(volume): allow to increase volume size and few other things

* feat(volumes): add the ability to allow volume expansion

* fix(storage): fix the storage patch request

* fix(k8s/applications): remove conflict leftover

* feat(k8s/configure): minor UI update

* feat(k8s/volume): minor UI update

* fix(storage): change few things

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-08-07 16:40:24 +12:00
Anthony Lapenna 747fdae269 fix(agent/console): fix an issue with the agent console on Docker environments (#4169) 2020-08-07 14:08:57 +12:00
Chaim Lev-Ari 2158cc5157 feat(telemetry): replace GA with matomo (#4140)
* feat(core/telemetry): add posthog

* feat(core/telemetry): add posthog

* feat(core/telemetry): add matomo

* feat(core/telemetry): update matomo

* feat(core/telemetry): update matomo

* feat(core/telemetry): update matomo

* feat(telemetry): remove google analytics code

* refactor(telemetry): move matomo code to bundle

* refactor(telemetry): move matomo lib to assets

* refactor(telemetry): depreciate --no-analytics

* feat(settings): introduce a setting to enable telemetry

* fix(cli): fix typo

* feat(settings): allow toggle telemetry from settings

* fix(settings): handle case where AuthenticationMethod is missing

* feat(admin): set telemetry on admin init

* refactor(app); revert file

* refactor(state-manager): move optout to state manager

* feat(telemetry): set matomo url

* feat(core/settings): minor UI update

* feat(core/telemetry): update custom URL

* feat(core/telemetry): add placeholder for privacy policy

* feat(core/telemetry): add privacy policy link

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-08-07 10:46:25 +12:00
Chaim Lev-Ari 82064152ec feat(registries): remove registry extension (#4155)
* feat(registries): remove client extension code

* feat(registry): remove server registry code

* refactor(registry): remove extension related code

* feat(extensions): remove registry extension type
2020-08-05 22:23:19 +12:00
Chaim Lev-Ari ff250a202a feat(extensions): remove oauth extension (#4156)
* feat(oauth): remove oauth providers

* feat(extensions): remove references to oauth extension
2020-08-05 22:13:23 +12:00
Chaim Lev-Ari 00f4fe0039 feat(auth): integrate oauth extension (#4152)
* refactor(oauth): move oauth client code

* feat(oauth): move extension code into server code

* feat(oauth): enable oauth without extension

* refactor(oauth): make it easier to remove providers
2020-08-05 20:36:46 +12:00
Maxime Bajeux 6756b04b67 feat(k8s/application): add the ability to set the auto-scale policy of an application (#4118)
* feat(application): add horizontalpodautoscaler creation

* feat(application): Add the ability to set the auto-scale policy of an application

* feat(k8s/application): minor UI update

* fix(application): set api version and prevent to use hpa with global deployment type

* feat(settings): add a switch to enable features based on server metrics

* feat(k8s/applications): minor UI update

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-08-05 10:08:11 +12:00
Anthony Lapenna 909e1ef02c fix(k8s/user): remove username part from service account (#4147) 2020-08-04 16:01:15 +12:00
Chaim Lev-Ari bd7d7dcef5 feat(agent): add auto agent platform detection (#4132)
* feat(endpoint): check endpoint type on creation

* feat(edge): check edge endpoint type

* feat(endpoint): send endpoint creation type

* feat(endpoint): pass tls config

* feat(endpoint): show connect errors

* fix(endpoint): set correct endpoint type

* feat(endpoint): support endpoint creation

* style(endpoint): remove todo comment

* feat(endpoint): set protocol for endpoint url

* feat(endpoint): change scheme of url

* fix(endpoint): toggle code block

* feat(edge): report missing agent platform header

* fix(api/endpoints): fix an issue with agent on kubernetes endpoint

* feat(core/endpoints): minor UI update

Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
2020-08-04 12:44:17 +12:00
Chaim Lev-Ari 4d5836138b feat(stacks): add the ability to stop a stack (#4042)
* feat(stacks): add stack status

* feat(stacks): add empty start/stop handlers

* feat(stacks): show start/stop button

* feat(stacks): implement stack stop

* feat(stacks): implement start stack

* feat(stacks): filter by active/inactive stacks

* fix(stacks): update authorizations for stack start/stop

* feat(stacks): assign default status on create

* fix(bolt): fix import

* fix(stacks): show external stacks

* fix(stacks): reload on stop/start

* feat(stacks): confirm before stop
2020-08-04 10:18:53 +12:00
Chaim Lev-Ari 93d8c179f1 feat(containers): enforce disable bind mounts (#4110)
* feat(containers): enforce disable bind mounts

* refactor(docker): move check for endpoint admin to a function

* feat(docker): check if service has bind mounts

* feat(services): allow bind mounts for endpoint admin

* feat(container): enable bind mounts for endpoint admin

* fix(services): fix typo
2020-07-29 21:10:46 +12:00
Chaim Lev-Ari 1a3f77137a feat(settings): introduce setting to disable container caps for non-admins (#4109)
* feat(settings): introduce settings to allow/disable

* feat(settings): update the setting

* feat(docker): prevent user from using caps if disabled

* refactor(stacks): revert file

* style(api): remove portainer ns
2020-07-28 19:08:15 +12:00
Chaim Lev-Ari fec85c77d6 fix(extensions): load extensions file (#4115) 2020-07-28 09:54:12 +12:00