add newline at end of file

* added data-cy attributes for robust ui test automation

.github/ISSUE_TEMPLATE.md

@@ -28,17 +28,15 @@ Briefly describe the problem you are having in a few paragraphs.
 
 **Steps to reproduce the issue:**
 
-1.
-2.
-3.
+1. 2. 3.
 
 Any other info e.g. Why do you consider this to be a bug? What did you expect to happen instead?
 
 **Technical details:**
 
-* Portainer version:
-* Target Docker version (the host/cluster you manage):
-* Platform (windows/linux):
-* Command used to start Portainer (`docker run -p 9000:9000 portainer/portainer`):
-* Target Swarm version (if applicable):
-* Browser:
+- Portainer version:
+- Target Docker version (the host/cluster you manage):
+- Platform (windows/linux):
+- Command used to start Portainer (`docker run -p 9443:9443 portainer/portainer`):
+- Target Swarm version (if applicable):
+- Browser:

.github/ISSUE_TEMPLATE/Bug_report.md

@@ -4,7 +4,6 @@ about: Create a bug report
 title: ''
 labels: bug/need-confirmation, kind/bug
 assignees: ''
-
 ---
 
 <!--
@@ -46,7 +45,7 @@ You can see how [here](https://documentation.portainer.io/archive/1.23.2/faq/#ho
 - Docker version (managed by Portainer):
 - Kubernetes version (managed by Portainer):
 - Platform (windows/linux):
-- Command used to start Portainer (`docker run -p 9000:9000 portainer/portainer`):
+- Command used to start Portainer (`docker run -p 9443:9443 portainer/portainer`):
 - Browser:
 - Use Case (delete as appropriate): Using Portainer at Home, Using Portainer in a Commerical setup.
 - Have you reviewed our technical documentation and knowledge base? Yes/No

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Portainer Business
+    url: https://www.portainer.io/portainerbusiness 
+    about: Would you and your co-workers benefit from our enterprise edition which provides functionality to deploy Portainer at scale? 

CONTRIBUTING.md

@@ -91,7 +91,7 @@ Then build and run the project:
 $ yarn start
 ```
 
-Portainer can now be accessed at <http://localhost:9000>.
+Portainer can now be accessed at <https://localhost:9443>.
 
 Find more detailed steps at <https://documentation.portainer.io/contributing/instructions/>.
 

README.md

@@ -44,7 +44,7 @@ Portainer CE is an open source project and is supported by the community. You ca
 Learn more about Portainers community support channels [here.](https://www.portainer.io/help_about)
 
 - Issues: https://github.com/portainer/portainer/issues
-- Slack (chat): https://portainer.io/slack/
+- Slack (chat): [https://portainer.slack.com/](https://join.slack.com/t/portainer/shared_invite/zt-txh3ljab-52QHTyjCqbe5RibC2lcjKA)
 
 You can join the Portainer Community by visiting community.portainer.io. This will give you advance notice of events, content and other related Portainer content.
 
@@ -59,7 +59,7 @@ You can join the Portainer Community by visiting community.portainer.io. This wi
 
 ## WORK FOR US
 
-If you are a developer, and our code in this repo makes sense to you, we would love to hear from you. We are always on the hunt for awesome devs, either freelance or employed. Drop us a line to info@portainer.io with your details and we will be in touch. 
+If you are a developer, and our code in this repo makes sense to you, we would love to hear from you. We are always on the hunt for awesome devs, either freelance or employed. Drop us a line to info@portainer.io with your details and we will be in touch.
 
 ## Privacy
 

api/api-description.md

@@ -4,7 +4,7 @@ You can find out more about Portainer at [http://portainer.io](http://portainer.
 
 # Authentication
 
-Most of the API endpoints require to be authenticated as well as some level of authorization to be used.
+Most of the API environments(endpoints) require to be authenticated as well as some level of authorization to be used.
 Portainer API uses JSON Web Token to manage authentication and thus requires you to provide a token in the **Authorization** header of each request
 with the **Bearer** authentication mechanism.
 
@@ -16,7 +16,7 @@ Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIs
 
 # Security
 
-Each API endpoint has an associated access policy, it is documented in the description of each endpoint.
+Each API environment(endpoint) has an associated access policy, it is documented in the description of each environment(endpoint).
 
 Different access policies are available:
 
@@ -27,27 +27,27 @@ Different access policies are available:
 
 ### Public access
 
-No authentication is required to access the endpoints with this access policy.
+No authentication is required to access the environments(endpoints) with this access policy.
 
 ### Authenticated access
 
-Authentication is required to access the endpoints with this access policy.
+Authentication is required to access the environments(endpoints) with this access policy.
 
 ### Restricted access
 
-Authentication is required to access the endpoints with this access policy.
+Authentication is required to access the environments(endpoints) with this access policy.
 Extra-checks might be added to ensure access to the resource is granted. Returned data might also be filtered.
 
 ### Administrator access
 
-Authentication as well as an administrator role are required to access the endpoints with this access policy.
+Authentication as well as an administrator role are required to access the environments(endpoints) with this access policy.
 
 # Execute Docker requests
 
-Portainer **DO NOT** expose specific endpoints to manage your Docker resources (create a container, remove a volume, etc...).
+Portainer **DO NOT** expose specific environments(endpoints) to manage your Docker resources (create a container, remove a volume, etc...).
 
 Instead, it acts as a reverse-proxy to the Docker HTTP API. This means that you can execute Docker requests **via** the Portainer HTTP API.
 
-To do so, you can use the `/endpoints/{id}/docker` Portainer API endpoint (which is not documented below due to Swagger limitations). This endpoint has a restricted access policy so you still need to be authenticated to be able to query this endpoint. Any query on this endpoint will be proxied to the Docker API of the associated endpoint (requests and responses objects are the same as documented in the Docker API).
+To do so, you can use the `/endpoints/{id}/docker` Portainer API environment(endpoint) (which is not documented below due to Swagger limitations). This environment(endpoint) has a restricted access policy so you still need to be authenticated to be able to query this environment(endpoint). Any query on this environment(endpoint) will be proxied to the Docker API of the associated environment(endpoint) (requests and responses objects are the same as documented in the Docker API).
 
 **NOTE**: You can find more information on how to query the Docker API in the [Docker official documentation](https://docs.docker.com/engine/api/v1.30/) as well as in [this Portainer example](https://documentation.portainer.io/api/api-examples/).

api/bolt/edgejob/edgejob.go

@@ -95,7 +95,7 @@ func (service *Service) DeleteEdgeJob(ID portainer.EdgeJobID) error {
 	return internal.DeleteObject(service.connection, BucketName, identifier)
 }
 
-// GetNextIdentifier returns the next identifier for an endpoint.
+// GetNextIdentifier returns the next identifier for an environment(endpoint).
 func (service *Service) GetNextIdentifier() int {
 	return internal.GetNextIdentifier(service.connection, BucketName)
 }

api/bolt/edgestack/edgestack.go

@@ -95,7 +95,7 @@ func (service *Service) DeleteEdgeStack(ID portainer.EdgeStackID) error {
 	return internal.DeleteObject(service.connection, BucketName, identifier)
 }
 
-// GetNextIdentifier returns the next identifier for an endpoint.
+// GetNextIdentifier returns the next identifier for an environment(endpoint).
 func (service *Service) GetNextIdentifier() int {
 	return internal.GetNextIdentifier(service.connection, BucketName)
 }

api/bolt/endpoint/endpoint.go

@@ -11,7 +11,7 @@ const (
 	BucketName = "endpoints"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }
@@ -28,7 +28,7 @@ func NewService(connection *internal.DbConnection) (*Service, error) {
 	}, nil
 }
 
-// Endpoint returns an endpoint by ID.
+// Endpoint returns an environment(endpoint) by ID.
 func (service *Service) Endpoint(ID portainer.EndpointID) (*portainer.Endpoint, error) {
 	var endpoint portainer.Endpoint
 	identifier := internal.Itob(int(ID))
@@ -41,19 +41,19 @@ func (service *Service) Endpoint(ID portainer.EndpointID) (*portainer.Endpoint,
 	return &endpoint, nil
 }
 
-// UpdateEndpoint updates an endpoint.
+// UpdateEndpoint updates an environment(endpoint).
 func (service *Service) UpdateEndpoint(ID portainer.EndpointID, endpoint *portainer.Endpoint) error {
 	identifier := internal.Itob(int(ID))
 	return internal.UpdateObject(service.connection, BucketName, identifier, endpoint)
 }
 
-// DeleteEndpoint deletes an endpoint.
+// DeleteEndpoint deletes an environment(endpoint).
 func (service *Service) DeleteEndpoint(ID portainer.EndpointID) error {
 	identifier := internal.Itob(int(ID))
 	return internal.DeleteObject(service.connection, BucketName, identifier)
 }
 
-// Endpoints return an array containing all the endpoints.
+// Endpoints return an array containing all the environments(endpoints).
 func (service *Service) Endpoints() ([]portainer.Endpoint, error) {
 	var endpoints = make([]portainer.Endpoint, 0)
 
@@ -76,12 +76,12 @@ func (service *Service) Endpoints() ([]portainer.Endpoint, error) {
 	return endpoints, err
 }
 
-// CreateEndpoint assign an ID to a new endpoint and saves it.
+// CreateEndpoint assign an ID to a new environment(endpoint) and saves it.
 func (service *Service) CreateEndpoint(endpoint *portainer.Endpoint) error {
 	return service.connection.Update(func(tx *bolt.Tx) error {
 		bucket := tx.Bucket([]byte(BucketName))
 
-		// We manually manage sequences for endpoints
+		// We manually manage sequences for environments(endpoints)
 		err := bucket.SetSequence(uint64(endpoint.ID))
 		if err != nil {
 			return err
@@ -96,12 +96,12 @@ func (service *Service) CreateEndpoint(endpoint *portainer.Endpoint) error {
 	})
 }
 
-// GetNextIdentifier returns the next identifier for an endpoint.
+// GetNextIdentifier returns the next identifier for an environment(endpoint).
 func (service *Service) GetNextIdentifier() int {
 	return internal.GetNextIdentifier(service.connection, BucketName)
 }
 
-// Synchronize creates, updates and deletes endpoints inside a single transaction.
+// Synchronize creates, updates and deletes environments(endpoints) inside a single transaction.
 func (service *Service) Synchronize(toCreate, toUpdate, toDelete []*portainer.Endpoint) error {
 	return service.connection.Update(func(tx *bolt.Tx) error {
 		bucket := tx.Bucket([]byte(BucketName))

api/bolt/endpointgroup/endpointgroup.go

@@ -12,7 +12,7 @@ const (
 	BucketName = "endpoint_groups"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }
@@ -29,7 +29,7 @@ func NewService(connection *internal.DbConnection) (*Service, error) {
 	}, nil
 }
 
-// EndpointGroup returns an endpoint group by ID.
+// EndpointGroup returns an environment(endpoint) group by ID.
 func (service *Service) EndpointGroup(ID portainer.EndpointGroupID) (*portainer.EndpointGroup, error) {
 	var endpointGroup portainer.EndpointGroup
 	identifier := internal.Itob(int(ID))
@@ -42,19 +42,19 @@ func (service *Service) EndpointGroup(ID portainer.EndpointGroupID) (*portainer.
 	return &endpointGroup, nil
 }
 
-// UpdateEndpointGroup updates an endpoint group.
+// UpdateEndpointGroup updates an environment(endpoint) group.
 func (service *Service) UpdateEndpointGroup(ID portainer.EndpointGroupID, endpointGroup *portainer.EndpointGroup) error {
 	identifier := internal.Itob(int(ID))
 	return internal.UpdateObject(service.connection, BucketName, identifier, endpointGroup)
 }
 
-// DeleteEndpointGroup deletes an endpoint group.
+// DeleteEndpointGroup deletes an environment(endpoint) group.
 func (service *Service) DeleteEndpointGroup(ID portainer.EndpointGroupID) error {
 	identifier := internal.Itob(int(ID))
 	return internal.DeleteObject(service.connection, BucketName, identifier)
 }
 
-// EndpointGroups return an array containing all the endpoint groups.
+// EndpointGroups return an array containing all the environment(endpoint) groups.
 func (service *Service) EndpointGroups() ([]portainer.EndpointGroup, error) {
 	var endpointGroups = make([]portainer.EndpointGroup, 0)
 
@@ -77,7 +77,7 @@ func (service *Service) EndpointGroups() ([]portainer.EndpointGroup, error) {
 	return endpointGroups, err
 }
 
-// CreateEndpointGroup assign an ID to a new endpoint group and saves it.
+// CreateEndpointGroup assign an ID to a new environment(endpoint) group and saves it.
 func (service *Service) CreateEndpointGroup(endpointGroup *portainer.EndpointGroup) error {
 	return service.connection.Update(func(tx *bolt.Tx) error {
 		bucket := tx.Bucket([]byte(BucketName))

api/bolt/endpointrelation/endpointrelation.go

@@ -11,7 +11,7 @@ const (
 	BucketName = "endpoint_relations"
 )
 
-// Service represents a service for managing endpoint relation data.
+// Service represents a service for managing environment(endpoint) relation data.
 type Service struct {
 	connection *internal.DbConnection
 }
@@ -28,7 +28,7 @@ func NewService(connection *internal.DbConnection) (*Service, error) {
 	}, nil
 }
 
-// EndpointRelation returns a Endpoint relation object by EndpointID
+// EndpointRelation returns a Environment(Endpoint) relation object by EndpointID
 func (service *Service) EndpointRelation(endpointID portainer.EndpointID) (*portainer.EndpointRelation, error) {
 	var endpointRelation portainer.EndpointRelation
 	identifier := internal.Itob(int(endpointID))
@@ -55,13 +55,13 @@ func (service *Service) CreateEndpointRelation(endpointRelation *portainer.Endpo
 	})
 }
 
-// UpdateEndpointRelation updates an Endpoint relation object
+// UpdateEndpointRelation updates an Environment(Endpoint) relation object
 func (service *Service) UpdateEndpointRelation(EndpointID portainer.EndpointID, endpointRelation *portainer.EndpointRelation) error {
 	identifier := internal.Itob(int(EndpointID))
 	return internal.UpdateObject(service.connection, BucketName, identifier, endpointRelation)
 }
 
-// DeleteEndpointRelation deletes an Endpoint relation object
+// DeleteEndpointRelation deletes an Environment(Endpoint) relation object
 func (service *Service) DeleteEndpointRelation(EndpointID portainer.EndpointID) error {
 	identifier := internal.Itob(int(EndpointID))
 	return internal.DeleteObject(service.connection, BucketName, identifier)

api/bolt/extension/extension.go

@@ -12,7 +12,7 @@ const (
 	BucketName = "extension"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }

api/bolt/helmuserrepository/helmuserrepository.go

@@ -12,7 +12,7 @@ const (
 	BucketName = "helm_user_repository"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }

api/bolt/internal/json.go

@@ -17,7 +17,7 @@ func UnmarshalObject(data []byte, object interface{}) error {
 }
 
 // UnmarshalObjectWithJsoniter decodes an object from binary data
-// using the jsoniter library. It is mainly used to accelerate endpoint
+// using the jsoniter library. It is mainly used to accelerate environment(endpoint)
 // decoding at the moment.
 func UnmarshalObjectWithJsoniter(data []byte, object interface{}) error {
 	var jsoni = jsoniter.ConfigCompatibleWithStandardLibrary

api/bolt/migrator/migrate_dbversion31.go

@@ -2,6 +2,7 @@ package migrator
 
 import (
 	"fmt"
+	"log"
 
 	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/bolt/errors"
@@ -167,6 +168,7 @@ func (m *Migrator) updateVolumeResourceControlToDB32() error {
 
 		totalSnapshots := len(endpoint.Snapshots)
 		if totalSnapshots == 0 {
+			log.Println("[DEBUG] [volume migration] [message: no snapshot found]")
 			continue
 		}
 
@@ -179,6 +181,7 @@ func (m *Migrator) updateVolumeResourceControlToDB32() error {
 
 		if volumesData, done := snapshot.SnapshotRaw.Volumes.(map[string]interface{}); done {
 			if volumesData["Volumes"] == nil {
+				log.Println("[DEBUG] [volume migration] [message: no volume data found]")
 				continue
 			}
 
@@ -199,7 +202,7 @@ func (m *Migrator) updateVolumeResourceControlToDB32() error {
 			if err != nil {
 				return fmt.Errorf("failed deleting resource control %d: %w", resourceControl.ID, err)
 			}
-
+			log.Printf("[DEBUG] [volume migration] [message: legacy resource control(%s) has been deleted]", resourceControl.ResourceID)
 		}
 	}
 

api/bolt/registry/registry.go

@@ -12,7 +12,7 @@ const (
 	BucketName = "registries"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }

api/bolt/resourcecontrol/resourcecontrol.go

@@ -12,7 +12,7 @@ const (
 	BucketName = "resource_control"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }

api/bolt/role/role.go

@@ -12,7 +12,7 @@ const (
 	BucketName = "roles"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }

api/bolt/services.go

@@ -196,7 +196,7 @@ func (store *Store) EdgeStack() portainer.EdgeStackService {
 	return store.EdgeStackService
 }
 
-// Endpoint gives access to the Endpoint data management layer
+// Environment(Endpoint) gives access to the Environment(Endpoint) data management layer
 func (store *Store) Endpoint() portainer.EndpointService {
 	return store.EndpointService
 }

api/bolt/settings/settings.go

@@ -11,7 +11,7 @@ const (
 	settingsKey = "SETTINGS"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }

api/bolt/stack/stack.go

@@ -16,7 +16,7 @@ const (
 	BucketName = "stacks"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }

api/bolt/tag/tag.go

@@ -12,7 +12,7 @@ const (
 	BucketName = "tags"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }

api/bolt/team/team.go

@@ -15,7 +15,7 @@ const (
 	BucketName = "teams"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }

api/bolt/teammembership/teammembership.go

@@ -12,7 +12,7 @@ const (
 	BucketName = "team_membership"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }

api/bolt/tunnelserver/tunnelserver.go

@@ -11,7 +11,7 @@ const (
 	infoKey    = "INFO"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }

api/bolt/user/user.go

@@ -15,7 +15,7 @@ const (
 	BucketName = "users"
 )
 
-// Service represents a service for managing endpoint data.
+// Service represents a service for managing environment(endpoint) data.
 type Service struct {
 	connection *internal.DbConnection
 }

api/chisel/schedules.go

@@ -6,7 +6,7 @@ import (
 	portainer "github.com/portainer/portainer/api"
 )
 
-// AddEdgeJob register an EdgeJob inside the tunnel details associated to an endpoint.
+// AddEdgeJob register an EdgeJob inside the tunnel details associated to an environment(endpoint).
 func (service *Service) AddEdgeJob(endpointID portainer.EndpointID, edgeJob *portainer.EdgeJob) {
 	tunnel := service.GetTunnelDetails(endpointID)
 

api/chisel/service.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 	"log"
+	"net/http"
 	"strconv"
 	"time"
 
@@ -42,6 +43,55 @@ func NewService(dataStore portainer.DataStore, shutdownCtx context.Context) *Ser
 	}
 }
 
+// pingAgent ping the given agent so that the agent can keep the tunnel alive
+func (service *Service) pingAgent(endpointID portainer.EndpointID) error{
+	tunnel := service.GetTunnelDetails(endpointID)
+	requestURL := fmt.Sprintf("http://127.0.0.1:%d/ping", tunnel.Port)
+	req, err := http.NewRequest(http.MethodHead, requestURL, nil)
+	if err != nil {
+		return err
+	}
+
+	httpClient := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+	_, err = httpClient.Do(req)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// KeepTunnelAlive keeps the tunnel of the given environment for maxAlive duration, or until ctx is done
+func (service *Service) KeepTunnelAlive(endpointID portainer.EndpointID, ctx context.Context, maxAlive time.Duration) {
+	go func() {
+		log.Printf("[DEBUG] [chisel,KeepTunnelAlive] [endpoint_id: %d] [message: start for %.0f minutes]\n", endpointID, maxAlive.Minutes())
+		maxAliveTicker := time.NewTicker(maxAlive)
+		defer maxAliveTicker.Stop()
+		pingTicker := time.NewTicker(tunnelCleanupInterval)
+		defer pingTicker.Stop()
+
+		for {
+			select {
+			case <-pingTicker.C:
+				service.SetTunnelStatusToActive(endpointID)
+				err := service.pingAgent(endpointID)
+				if err != nil {
+					log.Printf("[DEBUG] [chisel,KeepTunnelAlive] [endpoint_id: %d] [warning: ping agent err=%s]\n", endpointID, err)
+				}
+			case <-maxAliveTicker.C:
+				log.Printf("[DEBUG] [chisel,KeepTunnelAlive] [endpoint_id: %d] [message: stop as %.0f minutes timeout]\n", endpointID, maxAlive.Minutes())
+				return
+			case <-ctx.Done():
+				err := ctx.Err()
+				log.Printf("[DEBUG] [chisel,KeepTunnelAlive] [endpoint_id: %d] [message: stop as err=%s]\n", endpointID, err)
+				return
+			}
+		}
+	}()
+}
+
 // StartTunnelServer starts a tunnel server on the specified addr and port.
 // It uses a seed to generate a new private/public key pair. If the seed cannot
 // be found inside the database, it will generate a new one randomly and persist it.

api/chisel/tunnel.go

@@ -38,7 +38,7 @@ func randomInt(min, max int) int {
 	return min + rand.Intn(max-min)
 }
 
-// GetTunnelDetails returns information about the tunnel associated to an endpoint.
+// GetTunnelDetails returns information about the tunnel associated to an environment(endpoint).
 func (service *Service) GetTunnelDetails(endpointID portainer.EndpointID) *portainer.TunnelDetails {
 	key := strconv.Itoa(int(endpointID))
 
@@ -56,7 +56,7 @@ func (service *Service) GetTunnelDetails(endpointID portainer.EndpointID) *porta
 	}
 }
 
-// SetTunnelStatusToActive update the status of the tunnel associated to the specified endpoint.
+// SetTunnelStatusToActive update the status of the tunnel associated to the specified environment(endpoint).
 // It sets the status to ACTIVE.
 func (service *Service) SetTunnelStatusToActive(endpointID portainer.EndpointID) {
 	tunnel := service.GetTunnelDetails(endpointID)
@@ -68,7 +68,7 @@ func (service *Service) SetTunnelStatusToActive(endpointID portainer.EndpointID)
 	service.tunnelDetailsMap.Set(key, tunnel)
 }
 
-// SetTunnelStatusToIdle update the status of the tunnel associated to the specified endpoint.
+// SetTunnelStatusToIdle update the status of the tunnel associated to the specified environment(endpoint).
 // It sets the status to IDLE.
 // It removes any existing credentials associated to the tunnel.
 func (service *Service) SetTunnelStatusToIdle(endpointID portainer.EndpointID) {
@@ -88,11 +88,11 @@ func (service *Service) SetTunnelStatusToIdle(endpointID portainer.EndpointID) {
 	service.tunnelDetailsMap.Set(key, tunnel)
 }
 
-// SetTunnelStatusToRequired update the status of the tunnel associated to the specified endpoint.
+// SetTunnelStatusToRequired update the status of the tunnel associated to the specified environment(endpoint).
 // It sets the status to REQUIRED.
 // If no port is currently associated to the tunnel, it will associate a random unused port to the tunnel
 // and generate temporary credentials that can be used to establish a reverse tunnel on that port.
-// Credentials are encrypted using the Edge ID associated to the endpoint.
+// Credentials are encrypted using the Edge ID associated to the environment(endpoint).
 func (service *Service) SetTunnelStatusToRequired(endpointID portainer.EndpointID) error {
 	tunnel := service.GetTunnelDetails(endpointID)
 

api/crypto/ecdsa.go

@@ -22,7 +22,7 @@ const (
 )
 
 // ECDSAService is a service used to create digital signatures when communicating with
-// an agent based environment. It will automatically generates a key pair using ECDSA or
+// an agent based environment(endpoint). It will automatically generates a key pair using ECDSA or
 // can also reuse an existing ECDSA key pair.
 type ECDSAService struct {
 	privateKey    *ecdsa.PrivateKey

api/docker/client.go

@@ -34,8 +34,8 @@ func NewClientFactory(signatureService portainer.DigitalSignatureService, revers
 }
 
 // createClient is a generic function to create a Docker client based on
-// a specific endpoint configuration. The nodeName parameter can be used
-// with an agent enabled endpoint to target a specific node in an agent cluster.
+// a specific environment(endpoint) configuration. The nodeName parameter can be used
+// with an agent enabled environment(endpoint) to target a specific node in an agent cluster.
 func (factory *ClientFactory) CreateClient(endpoint *portainer.Endpoint, nodeName string) (*client.Client, error) {
 	if endpoint.Type == portainer.AzureEnvironment {
 		return nil, errUnsupportedEnvironmentType

api/docker/snapshot.go

@@ -12,7 +12,7 @@ import (
 	"github.com/portainer/portainer/api"
 )
 
-// Snapshotter represents a service used to create endpoint snapshots
+// Snapshotter represents a service used to create environment(endpoint) snapshots
 type Snapshotter struct {
 	clientFactory *ClientFactory
 }
@@ -24,7 +24,7 @@ func NewSnapshotter(clientFactory *ClientFactory) *Snapshotter {
 	}
 }
 
-// CreateSnapshot creates a snapshot of a specific Docker endpoint
+// CreateSnapshot creates a snapshot of a specific Docker environment(endpoint)
 func (snapshotter *Snapshotter) CreateSnapshot(endpoint *portainer.Endpoint) (*portainer.DockerSnapshot, error) {
 	cli, err := snapshotter.clientFactory.CreateClient(endpoint, "")
 	if err != nil {

api/exec/compose_stack.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"os"
 	"path"
+	"path/filepath"
 	"regexp"
 	"strings"
 
@@ -58,8 +59,8 @@ func (manager *ComposeStackManager) Up(ctx context.Context, stack *portainer.Sta
 		return errors.Wrap(err, "failed to create env file")
 	}
 
-	filePaths := append([]string{stack.EntryPoint}, stack.AdditionalFiles...)
-	return manager.deployer.Deploy(ctx, stack.ProjectPath, url, stack.Name, filePaths, envFilePath)
+	filePaths := getStackFiles(stack)
+	err = manager.deployer.Deploy(ctx, stack.ProjectPath, url, stack.Name, filePaths, envFilePath)
 	return errors.Wrap(err, "failed to deploy a stack")
 }
 
@@ -73,9 +74,9 @@ func (manager *ComposeStackManager) Down(ctx context.Context, stack *portainer.S
 		defer proxy.Close()
 	}
 
-	filePaths := append([]string{stack.EntryPoint}, stack.AdditionalFiles...)
-
-	return manager.deployer.Remove(ctx, stack.ProjectPath, url, stack.Name, filePaths)
+	filePaths := getStackFiles(stack)
+	err = manager.deployer.Remove(ctx, stack.ProjectPath, url, stack.Name, filePaths)
+	return errors.Wrap(err, "failed to remove a stack")
 }
 
 // NormalizeStackName returns a new stack name with unsupported characters replaced
@@ -116,3 +117,27 @@ func createEnvFile(stack *portainer.Stack) (string, error) {
 
 	return "stack.env", nil
 }
+
+// getStackFiles returns list of stack's confile file paths.
+// items in the list would be sanitized according to following criterias:
+// 1. no empty paths
+// 2. no "../xxx" paths that are trying to escape stack folder
+// 3. no dir paths
+// 4. root paths would be made relative
+func getStackFiles(stack *portainer.Stack) []string {
+	paths := make([]string, 0, len(stack.AdditionalFiles)+1)
+
+	for _, p := range append([]string{stack.EntryPoint}, stack.AdditionalFiles...) {
+		if strings.HasPrefix(p, "/") {
+			p = `.` + p
+		}
+
+		if p == `` || p == `.` || strings.HasPrefix(p, `..`) || strings.HasSuffix(p, string(filepath.Separator)) {
+			continue
+		}
+
+		paths = append(paths, p)
+	}
+
+	return paths
+}

api/exec/compose_stack_test.go

@@ -64,3 +64,21 @@ func Test_createEnvFile(t *testing.T) {
 		})
 	}
 }
+
+func Test_getStackFiles(t *testing.T) {
+	stack := &portainer.Stack{
+		EntryPoint: "./file", // picks entry point
+		AdditionalFiles: []string{
+			``,                  // ignores empty string
+			`.`,                 // ignores .
+			`..`,                // ignores ..
+			`./dir/`,            // ignrores paths that end with trailing /
+			`/with-root-prefix`, // replaces "root" based paths with relative
+			`./relative`,        // keeps relative paths
+			`../escape`,         // prevents dir escape
+		},
+	}
+
+	filePaths := getStackFiles(stack)
+	assert.ElementsMatch(t, filePaths, []string{`./file`, `./with-root-prefix`, `./relative`})
+}

api/exec/kubernetes_deploy.go

@@ -22,7 +22,7 @@ import (
 	"github.com/portainer/portainer/api/crypto"
 )
 
-// KubernetesDeployer represents a service to deploy resources inside a Kubernetes environment.
+// KubernetesDeployer represents a service to deploy resources inside a Kubernetes environment(endpoint).
 type KubernetesDeployer struct {
 	binaryPath                  string
 	dataStore                   portainer.DataStore
@@ -77,7 +77,7 @@ func (deployer *KubernetesDeployer) getToken(request *http.Request, endpoint *po
 	return token, nil
 }
 
-// Deploy will deploy a Kubernetes manifest inside a specific namespace in a Kubernetes endpoint.
+// Deploy will deploy a Kubernetes manifest inside a specific namespace in a Kubernetes environment(endpoint).
 // Otherwise it will use kubectl to deploy the manifest.
 func (deployer *KubernetesDeployer) Deploy(request *http.Request, endpoint *portainer.Endpoint, stackConfig string, namespace string) (string, error) {
 	if endpoint.Type == portainer.KubernetesLocalEnvironment {

api/filesystem/filesystem.go

@@ -288,7 +288,7 @@ func (service *Service) StoreTLSFileFromBytes(folder string, fileType portainer.
 	return path.Join(service.fileStorePath, tlsFilePath), nil
 }
 
-// GetPathForTLSFile returns the absolute path to a specific TLS file for an endpoint.
+// GetPathForTLSFile returns the absolute path to a specific TLS file for an environment(endpoint).
 func (service *Service) GetPathForTLSFile(folder string, fileType portainer.TLSFileType) (string, error) {
 	var fileName string
 	switch fileType {

api/go.mod

@@ -38,7 +38,7 @@ require (
 	github.com/pkg/errors v0.9.1
 	github.com/portainer/docker-compose-wrapper v0.0.0-20210909083948-8be0d98451a1
 	github.com/portainer/libcrypto v0.0.0-20210422035235-c652195c5c3a
-	github.com/portainer/libhelm v0.0.0-20210906035629-b5635edd5d97
+	github.com/portainer/libhelm v0.0.0-20210913052337-365741c1c320
 	github.com/portainer/libhttp v0.0.0-20190806161843-ba068f58be33
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/sirupsen/logrus v1.8.1

api/go.sum

@@ -206,14 +206,12 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE
 github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/portainer/docker-compose-wrapper v0.0.0-20210909011155-9ff375eac059 h1:98v0k3x3ZXa09NaHP/HmSA83rcN8cuE/zTKo6xvNmoM=
-github.com/portainer/docker-compose-wrapper v0.0.0-20210909011155-9ff375eac059/go.mod h1:WxDlJWZxCnicdLCPnLNEv7/gRhjeIVuCGmsv+iOPH3c=
 github.com/portainer/docker-compose-wrapper v0.0.0-20210909083948-8be0d98451a1 h1:0ZGSu3Atz7RHMDsoITHV676igRfsb51mlgELGo37ELU=
 github.com/portainer/docker-compose-wrapper v0.0.0-20210909083948-8be0d98451a1/go.mod h1:WxDlJWZxCnicdLCPnLNEv7/gRhjeIVuCGmsv+iOPH3c=
 github.com/portainer/libcrypto v0.0.0-20210422035235-c652195c5c3a h1:qY8TbocN75n5PDl16o0uVr5MevtM5IhdwSelXEd4nFM=
 github.com/portainer/libcrypto v0.0.0-20210422035235-c652195c5c3a/go.mod h1:n54EEIq+MM0NNtqLeCby8ljL+l275VpolXO0ibHegLE=
-github.com/portainer/libhelm v0.0.0-20210906035629-b5635edd5d97 h1:ZcRVgWHTac8V7WU9TUBr73H3e5ajVFYTPjPl9TWULDA=
-github.com/portainer/libhelm v0.0.0-20210906035629-b5635edd5d97/go.mod h1:YvYAk7krKTzB+rFwDr0jQ3sQu2BtiXK1AR0sZH7nhJA=
+github.com/portainer/libhelm v0.0.0-20210913052337-365741c1c320 h1:wkmxoHYjWc7OB6JfSlt83mAVpnAo4/6TdL60PO4DlXk=
+github.com/portainer/libhelm v0.0.0-20210913052337-365741c1c320/go.mod h1:YvYAk7krKTzB+rFwDr0jQ3sQu2BtiXK1AR0sZH7nhJA=
 github.com/portainer/libhttp v0.0.0-20190806161843-ba068f58be33 h1:H8HR2dHdBf8HANSkUyVw4o8+4tegGcd+zyKZ3e599II=
 github.com/portainer/libhttp v0.0.0-20190806161843-ba068f58be33/go.mod h1:Y2TfgviWI4rT2qaOTHr+hq6MdKIE5YjgQAu7qwptTV0=
 github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=

api/http/client/client.go

@@ -102,7 +102,7 @@ func Get(url string, timeout int) ([]byte, error) {
 	return body, nil
 }
 
-// ExecutePingOperation will send a SystemPing operation HTTP request to a Docker environment
+// ExecutePingOperation will send a SystemPing operation HTTP request to a Docker environment(endpoint)
 // using the specified host and optional TLS configuration.
 // It uses a new Http.Client for each operation.
 func ExecutePingOperation(host string, tlsConfig *tls.Config) (bool, error) {

api/http/errors/errors.go

@@ -3,7 +3,7 @@ package errors
 import "errors"
 
 var (
-	// ErrEndpointAccessDenied Access denied to endpoint error
+	// ErrEndpointAccessDenied Access denied to environment(endpoint) error
 	ErrEndpointAccessDenied = errors.New("Access denied to environment")
 	// ErrUnauthorized Unauthorized error
 	ErrUnauthorized = errors.New("Unauthorized")

api/http/handler/auth/authenticate.go

@@ -39,7 +39,7 @@ func (payload *authenticatePayload) Validate(r *http.Request) error {
 
 // @id AuthenticateUser
 // @summary Authenticate
-// @description Use this endpoint to authenticate against Portainer using a username and password.
+// @description Use this environment(endpoint) to authenticate against Portainer using a username and password.
 // @tags auth
 // @accept json
 // @produce json

api/http/handler/customtemplates/customtemplate_create.go

@@ -21,7 +21,7 @@ import (
 // @description **Access policy**: authenticated
 // @tags custom_templates
 // @security jwt
-// @accept json, multipart/form-data
+// @accept json,multipart/form-data
 // @produce json
 // @param method query string true "method for creating template" Enums(string, file, repository)
 // @param body_string body customTemplateFromFileContentPayload false "Required when using method=string"
@@ -279,9 +279,11 @@ func (payload *customTemplateFromFileUploadPayload) Validate(r *http.Request) er
 	if err != nil {
 		return errors.New("Invalid custom template description")
 	}
-
 	payload.Description = description
 
+	logo, _ := request.RetrieveMultiPartFormValue(r, "Logo", true)
+	payload.Logo = logo
+
 	note, _ := request.RetrieveMultiPartFormValue(r, "Note", true)
 	payload.Note = note
 

api/http/handler/customtemplates/handler.go

@@ -10,7 +10,7 @@ import (
 	"github.com/portainer/portainer/api/internal/authorization"
 )
 
-// Handler is the HTTP handler used to handle endpoint group operations.
+// Handler is the HTTP handler used to handle environment(endpoint) group operations.
 type Handler struct {
 	*mux.Router
 	DataStore   portainer.DataStore
@@ -18,7 +18,7 @@ type Handler struct {
 	GitService  portainer.GitService
 }
 
-// NewHandler creates a handler to manage endpoint group operations.
+// NewHandler creates a handler to manage environment(endpoint) group operations.
 func NewHandler(bouncer *security.RequestBouncer) *Handler {
 	h := &Handler{
 		Router: mux.NewRouter(),

api/http/handler/edgegroups/edgegroup_create.go

@@ -41,7 +41,7 @@ func (payload *edgeGroupCreatePayload) Validate(r *http.Request) error {
 // @produce json
 // @param body body edgeGroupCreatePayload true "EdgeGroup data"
 // @success 200 {object} portainer.EdgeGroup
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @failure 500
 // @router /edge_groups [post]
 func (handler *Handler) edgeGroupCreate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {

api/http/handler/edgegroups/edgegroup_delete.go

@@ -20,7 +20,7 @@ import (
 // @produce json
 // @param id path int true "EdgeGroup Id"
 // @success 204
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @failure 500
 // @router /edge_groups/{id} [delete]
 func (handler *Handler) edgeGroupDelete(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {

api/http/handler/edgegroups/edgegroup_inspect.go

@@ -19,7 +19,7 @@ import (
 // @produce json
 // @param id path int true "EdgeGroup Id"
 // @success 200 {object} portainer.EdgeGroup
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @failure 500
 // @router /edge_groups/{id} [get]
 func (handler *Handler) edgeGroupInspect(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {

api/http/handler/edgegroups/edgegroup_list.go

@@ -24,7 +24,7 @@ type decoratedEdgeGroup struct {
 // @produce json
 // @success 200 {array} portainer.EdgeGroup{HasEdgeStack=bool} "EdgeGroups"
 // @failure 500
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_groups [get]
 func (handler *Handler) edgeGroupList(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	edgeGroups, err := handler.DataStore.EdgeGroup().EdgeGroups()

api/http/handler/edgegroups/edgegroup_update.go

@@ -44,7 +44,7 @@ func (payload *edgeGroupUpdatePayload) Validate(r *http.Request) error {
 // @param id path int true "EdgeGroup Id"
 // @param body body edgeGroupUpdatePayload true "EdgeGroup data"
 // @success 200 {object} portainer.EdgeGroup
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @failure 500
 // @router /edge_groups/{id} [put]
 func (handler *Handler) edgeGroupUpdate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {

api/http/handler/edgegroups/handler.go

@@ -9,13 +9,13 @@ import (
 	"github.com/portainer/portainer/api/http/security"
 )
 
-// Handler is the HTTP handler used to handle endpoint group operations.
+// Handler is the HTTP handler used to handle environment(endpoint) group operations.
 type Handler struct {
 	*mux.Router
 	DataStore portainer.DataStore
 }
 
-// NewHandler creates a handler to manage endpoint group operations.
+// NewHandler creates a handler to manage environment(endpoint) group operations.
 func NewHandler(bouncer *security.RequestBouncer) *Handler {
 	h := &Handler{
 		Router: mux.NewRouter(),

api/http/handler/edgejobs/edgejob_create.go

@@ -22,10 +22,10 @@ import (
 // @accept json
 // @produce json
 // @param method query string true "Creation Method" Enums(file, string)
-// @param body body edgeJobCreateFromFileContentPayload true "EdgeGroup data when method is string"
-// @param body body edgeJobCreateFromFilePayload true "EdgeGroup data when method is file"
+// @param body_string body edgeJobCreateFromFileContentPayload true "EdgeGroup data when method is string"
+// @param body_file body edgeJobCreateFromFilePayload true "EdgeGroup data when method is file"
 // @success 200 {object} portainer.EdgeGroup
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @failure 500
 // @router /edge_jobs [post]
 func (handler *Handler) edgeJobCreate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {

api/http/handler/edgejobs/edgejob_delete.go

@@ -22,7 +22,7 @@ import (
 // @success 204
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_jobs/{id} [delete]
 func (handler *Handler) edgeJobDelete(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	edgeJobID, err := request.RetrieveNumericRouteVariableValue(r, "id")

api/http/handler/edgejobs/edgejob_file.go

@@ -25,7 +25,7 @@ type edgeJobFileResponse struct {
 // @success 200 {object} edgeJobFileResponse
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_jobs/{id}/file [get]
 func (handler *Handler) edgeJobFile(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	edgeJobID, err := request.RetrieveNumericRouteVariableValue(r, "id")

api/http/handler/edgejobs/edgejob_inspect.go

@@ -26,7 +26,7 @@ type edgeJobInspectResponse struct {
 // @success 200 {object} portainer.EdgeJob
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_jobs/{id} [get]
 func (handler *Handler) edgeJobInspect(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	edgeJobID, err := request.RetrieveNumericRouteVariableValue(r, "id")

api/http/handler/edgejobs/edgejob_list.go

@@ -17,7 +17,7 @@ import (
 // @success 200 {array} portainer.EdgeJob
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_jobs [get]
 // GET request on /api/edge_jobs
 func (handler *Handler) edgeJobList(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {

api/http/handler/edgejobs/edgejob_tasklogs_clear.go

@@ -23,7 +23,7 @@ import (
 // @success 204
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_jobs/{id}/tasks/{taskID}/logs [delete]
 func (handler *Handler) edgeJobTasksClear(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	edgeJobID, err := request.RetrieveNumericRouteVariableValue(r, "id")

api/http/handler/edgejobs/edgejob_tasklogs_collect.go

@@ -22,7 +22,7 @@ import (
 // @success 204
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_jobs/{id}/tasks/{taskID}/logs [post]
 func (handler *Handler) edgeJobTasksCollect(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	edgeJobID, err := request.RetrieveNumericRouteVariableValue(r, "id")

api/http/handler/edgejobs/edgejob_tasklogs_inspect.go

@@ -25,7 +25,7 @@ type fileResponse struct {
 // @success 200 {object} fileResponse
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_jobs/{id}/tasks/{taskID}/logs [get]
 func (handler *Handler) edgeJobTaskLogsInspect(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	edgeJobID, err := request.RetrieveNumericRouteVariableValue(r, "id")

api/http/handler/edgejobs/edgejob_tasks_list.go

@@ -28,7 +28,7 @@ type taskContainer struct {
 // @success 200 {array} taskContainer
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_jobs/{id}/tasks [get]
 func (handler *Handler) edgeJobTasksList(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	edgeJobID, err := request.RetrieveNumericRouteVariableValue(r, "id")

api/http/handler/edgejobs/edgejob_update.go

@@ -40,7 +40,7 @@ func (payload *edgeJobUpdatePayload) Validate(r *http.Request) error {
 // @success 200 {object} portainer.EdgeJob
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_jobs/{id} [post]
 func (handler *Handler) edgeJobUpdate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	edgeJobID, err := request.RetrieveNumericRouteVariableValue(r, "id")

api/http/handler/edgestacks/edgestack_create.go

@@ -30,7 +30,7 @@ import (
 // @param body_repository body swarmStackFromGitRepositoryPayload true "Required when using method=repository"
 // @success 200 {object} portainer.EdgeStack
 // @failure 500
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_stacks [post]
 func (handler *Handler) edgeStackCreate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	method, err := request.RetrieveQueryParameter(r, "method", false)
@@ -67,8 +67,8 @@ type swarmStackFromFileContentPayload struct {
 	EdgeGroups []portainer.EdgeGroupID `example:"1"`
 	// Deployment type to deploy this stack
 	// Valid values are: 0 - 'compose', 1 - 'kubernetes'
-	// for compose stacks will use kompose to convert to kubernetes manifest for kubernetes endpoints
-	// kubernetes deploytype is enabled only for kubernetes endpoints
+	// for compose stacks will use kompose to convert to kubernetes manifest for kubernetes environments(endpoints)
+	// kubernetes deploytype is enabled only for kubernetes environments(endpoints)
 	DeploymentType portainer.EdgeStackDeploymentType `example:"0" enums:"0,1"`
 }
 
@@ -185,8 +185,8 @@ type swarmStackFromGitRepositoryPayload struct {
 	EdgeGroups []portainer.EdgeGroupID `example:"1"`
 	// Deployment type to deploy this stack
 	// Valid values are: 0 - 'compose', 1 - 'kubernetes'
-	// for compose stacks will use kompose to convert to kubernetes manifest for kubernetes endpoints
-	// kubernetes deploytype is enabled only for kubernetes endpoints
+	// for compose stacks will use kompose to convert to kubernetes manifest for kubernetes environments(endpoints)
+	// kubernetes deploytype is enabled only for kubernetes environments(endpoints)
 	DeploymentType portainer.EdgeStackDeploymentType `example:"0" enums:"0,1"`
 }
 
@@ -402,7 +402,7 @@ func (handler *Handler) validateUniqueName(name string) error {
 	return nil
 }
 
-// updateEndpointRelations adds a relation between the Edge Stack to the related endpoints
+// updateEndpointRelations adds a relation between the Edge Stack to the related environments(endpoints)
 func updateEndpointRelations(endpointRelationService portainer.EndpointRelationService, edgeStackID portainer.EdgeStackID, relatedEndpointIds []portainer.EndpointID) error {
 	for _, endpointID := range relatedEndpointIds {
 		relation, err := endpointRelationService.EndpointRelation(endpointID)

api/http/handler/edgestacks/edgestack_delete.go

@@ -22,7 +22,7 @@ import (
 // @success 204
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_stacks/{id} [delete]
 func (handler *Handler) edgeStackDelete(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	edgeStackID, err := request.RetrieveNumericRouteVariableValue(r, "id")

api/http/handler/edgestacks/edgestack_file.go

@@ -26,7 +26,7 @@ type stackFileResponse struct {
 // @success 200 {object} stackFileResponse
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_stacks/{id}/file [get]
 func (handler *Handler) edgeStackFile(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	stackID, err := request.RetrieveNumericRouteVariableValue(r, "id")

api/http/handler/edgestacks/edgestack_inspect.go

@@ -21,7 +21,7 @@ import (
 // @success 200 {object} portainer.EdgeStack
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_stacks/{id} [get]
 func (handler *Handler) edgeStackInspect(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	edgeStackID, err := request.RetrieveNumericRouteVariableValue(r, "id")

api/http/handler/edgestacks/edgestack_list.go

@@ -17,7 +17,7 @@ import (
 // @success 200 {array} portainer.EdgeStack
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_stacks [get]
 func (handler *Handler) edgeStackList(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	edgeStacks, err := handler.DataStore.EdgeStack().EdgeStacks()

api/http/handler/edgestacks/edgestack_status_update.go

@@ -33,7 +33,7 @@ func (payload *updateStatusPayload) Validate(r *http.Request) error {
 
 // @id EdgeStackStatusUpdate
 // @summary Update an EdgeStack status
-// @description Authorized only if the request is done by an Edge Endpoint
+// @description Authorized only if the request is done by an Edge Environment(Endpoint)
 // @tags edge_stacks
 // @accept json
 // @produce json

api/http/handler/edgestacks/edgestack_update.go

@@ -43,7 +43,7 @@ func (payload *updateEdgeStackPayload) Validate(r *http.Request) error {
 // @success 200 {object} portainer.EdgeStack
 // @failure 500
 // @failure 400
-// @failure 503 Edge compute features are disabled
+// @failure 503 "Edge compute features are disabled"
 // @router /edge_stacks/{id} [put]
 func (handler *Handler) edgeStackUpdate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	stackID, err := request.RetrieveNumericRouteVariableValue(r, "id")
@@ -164,11 +164,11 @@ func (handler *Handler) edgeStackUpdate(w http.ResponseWriter, r *http.Request)
 
 		hasDockerEndpoint, err := hasDockerEndpoint(handler.DataStore.Endpoint(), relatedEndpointIds)
 		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to check for existence of docker endpoint", err}
+			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to check for existence of docker environment", err}
 		}
 
 		if hasDockerEndpoint {
-			return &httperror.HandlerError{http.StatusBadRequest, "Edge stack with docker endpoint cannot be deployed with kubernetes config", err}
+			return &httperror.HandlerError{http.StatusBadRequest, "Edge stack with docker environment cannot be deployed with kubernetes config", err}
 		}
 
 		_, err = handler.FileService.StoreEdgeStackFileFromBytes(stackFolder, stack.ManifestPath, []byte(payload.StackFileContent))

api/http/handler/edgestacks/endpoints.go

@@ -19,7 +19,7 @@ func hasEndpointPredicate(endpointService portainer.EndpointService, endpointIDs
 	for _, endpointID := range endpointIDs {
 		endpoint, err := endpointService.Endpoint(endpointID)
 		if err != nil {
-			return false, fmt.Errorf("failed to retrieve endpoint from database: %w", err)
+			return false, fmt.Errorf("failed to retrieve environment from database: %w", err)
 		}
 
 		if predicate(endpoint) {

api/http/handler/edgestacks/handler.go

@@ -13,7 +13,7 @@ import (
 	"github.com/portainer/portainer/api/http/security"
 )
 
-// Handler is the HTTP handler used to handle endpoint group operations.
+// Handler is the HTTP handler used to handle environment(endpoint) group operations.
 type Handler struct {
 	*mux.Router
 	requestBouncer     *security.RequestBouncer
@@ -23,7 +23,7 @@ type Handler struct {
 	KubernetesDeployer portainer.KubernetesDeployer
 }
 
-// NewHandler creates a handler to manage endpoint group operations.
+// NewHandler creates a handler to manage environment(endpoint) group operations.
 func NewHandler(bouncer *security.RequestBouncer) *Handler {
 	h := &Handler{
 		Router:         mux.NewRouter(),
@@ -49,7 +49,7 @@ func NewHandler(bouncer *security.RequestBouncer) *Handler {
 func (handler *Handler) convertAndStoreKubeManifestIfNeeded(edgeStack *portainer.EdgeStack, relatedEndpointIds []portainer.EndpointID) error {
 	hasKubeEndpoint, err := hasKubeEndpoint(handler.DataStore.Endpoint(), relatedEndpointIds)
 	if err != nil {
-		return fmt.Errorf("unable to check if edge stack has kube endpoints: %w", err)
+		return fmt.Errorf("unable to check if edge stack has kube environments: %w", err)
 	}
 
 	if !hasKubeEndpoint {

api/http/handler/edgetemplates/handler.go

@@ -10,14 +10,14 @@ import (
 	"github.com/portainer/portainer/api/http/security"
 )
 
-// Handler is the HTTP handler used to handle edge endpoint operations.
+// Handler is the HTTP handler used to handle edge environment(endpoint) operations.
 type Handler struct {
 	*mux.Router
 	requestBouncer *security.RequestBouncer
 	DataStore      portainer.DataStore
 }
 
-// NewHandler creates a handler to manage endpoint operations.
+// NewHandler creates a handler to manage environment(endpoint) operations.
 func NewHandler(bouncer *security.RequestBouncer) *Handler {
 	h := &Handler{
 		Router:         mux.NewRouter(),

api/http/handler/endpointedge/endpoint_edgejob_logs.go

@@ -25,7 +25,7 @@ func (payload *logsPayload) Validate(r *http.Request) error {
 // @tags edge, endpoints
 // @accept json
 // @produce json
-// @param id path string true "Endpoint Id"
+// @param id path string true "environment(endpoint) Id"
 // @param jobID path string true "Job Id"
 // @success 200
 // @failure 500

api/http/handler/endpointedge/endpoint_edgestack_inspect.go

@@ -18,13 +18,13 @@ type configResponse struct {
 	Name             string
 }
 
-// @summary Inspect an Edge Stack for an Endpoint
+// @summary Inspect an Edge Stack for an Environment(Endpoint)
 // @description
 // @tags edge, endpoints, edge_stacks
 // @accept json
 // @produce json
-// @param id path string true "Endpoint Id"
-// @param stackID path string true "EdgeStack Id"
+// @param id path string true "environment(endpoint) Id"
+// @param stackId path string true "EdgeStack Id"
 // @success 200 {object} configResponse
 // @failure 500
 // @failure 400

api/http/handler/endpointedge/handler.go

@@ -10,7 +10,7 @@ import (
 	"github.com/portainer/portainer/api/http/security"
 )
 
-// Handler is the HTTP handler used to handle edge endpoint operations.
+// Handler is the HTTP handler used to handle edge environment(endpoint) operations.
 type Handler struct {
 	*mux.Router
 	requestBouncer       *security.RequestBouncer
@@ -19,7 +19,7 @@ type Handler struct {
 	ReverseTunnelService portainer.ReverseTunnelService
 }
 
-// NewHandler creates a handler to manage endpoint operations.
+// NewHandler creates a handler to manage environment(endpoint) operations.
 func NewHandler(bouncer *security.RequestBouncer) *Handler {
 	h := &Handler{
 		Router:         mux.NewRouter(),

api/http/handler/endpointgroups/endpointgroup_create.go

@@ -12,13 +12,13 @@ import (
 )
 
 type endpointGroupCreatePayload struct {
-	// Endpoint group name
-	Name string `validate:"required" example:"my-endpoint-group"`
-	// Endpoint group description
+	// Environment(Endpoint) group name
+	Name string `validate:"required" example:"my-environment-group"`
+	// Environment(Endpoint) group description
 	Description string `example:"description"`
-	// List of endpoint identifiers that will be part of this group
+	// List of environment(endpoint) identifiers that will be part of this group
 	AssociatedEndpoints []portainer.EndpointID `example:"1,3"`
-	// List of tag identifiers to which this endpoint group is associated
+	// List of tag identifiers to which this environment(endpoint) group is associated
 	TagIDs []portainer.TagID `example:"1,2"`
 }
 
@@ -32,14 +32,14 @@ func (payload *endpointGroupCreatePayload) Validate(r *http.Request) error {
 	return nil
 }
 
-// @summary Create an Endpoint Group
-// @description Create a new endpoint group.
+// @summary Create an Environment(Endpoint) Group
+// @description Create a new environment(endpoint) group.
 // @description **Access policy**: administrator
 // @tags endpoint_groups
 // @security jwt
 // @accept json
 // @produce json
-// @param body body endpointGroupCreatePayload true "Endpoint Group details"
+// @param body body endpointGroupCreatePayload true "Environment(Endpoint) Group details"
 // @success 200 {object} portainer.EndpointGroup "Success"
 // @failure 400 "Invalid request"
 // @failure 500 "Server error"

api/http/handler/endpointgroups/endpointgroup_delete.go

@@ -12,8 +12,8 @@ import (
 )
 
 // @id EndpointGroupDelete
-// @summary Remove an endpoint group
-// @description Remove an endpoint group.
+// @summary Remove an environment(endpoint) group
+// @description Remove an environment(endpoint) group.
 // @description **Access policy**: administrator
 // @tags endpoint_groups
 // @security jwt

api/http/handler/endpointgroups/endpointgroup_endpoint_add.go

@@ -11,13 +11,13 @@ import (
 )
 
 // @id EndpointGroupAddEndpoint
-// @summary Add an endpoint to an endpoint group
-// @description Add an endpoint to an endpoint group
+// @summary Add an environment(endpoint) to an environment(endpoint) group
+// @description Add an environment(endpoint) to an environment(endpoint) group
 // @description **Access policy**: administrator
 // @tags endpoint_groups
 // @security jwt
 // @param id path int true "EndpointGroup identifier"
-// @param endpointId path int true "Endpoint identifier"
+// @param endpointId path int true "Environment(Endpoint) identifier"
 // @success 204 "Success"
 // @failure 400 "Invalid request"
 // @failure 404 "EndpointGroup not found"

api/http/handler/endpointgroups/endpointgroup_endpoint_delete.go

@@ -11,12 +11,12 @@ import (
 )
 
 // @id EndpointGroupDeleteEndpoint
-// @summary Removes endpoint from an endpoint group
+// @summary Removes environment(endpoint) from an environment(endpoint) group
 // @description **Access policy**: administrator
 // @tags endpoint_groups
 // @security jwt
 // @param id path int true "EndpointGroup identifier"
-// @param endpointId path int true "Endpoint identifier"
+// @param endpointId path int true "Environment(Endpoint) identifier"
 // @success 204 "Success"
 // @failure 400 "Invalid request"
 // @failure 404 "EndpointGroup not found"

api/http/handler/endpointgroups/endpointgroup_inspect.go

@@ -10,19 +10,19 @@ import (
 	"github.com/portainer/portainer/api/bolt/errors"
 )
 
-// @summary Inspect an Endpoint group
-// @description Retrieve details abont an endpoint group.
+// @summary Inspect an Environment(Endpoint) group
+// @description Retrieve details abont an environment(endpoint) group.
 // @description **Access policy**: administrator
 // @tags endpoint_groups
 // @security jwt
 // @accept json
 // @produce json
-// @param id path int true "Endpoint group identifier"
+// @param id path int true "Environment(Endpoint) group identifier"
 // @success 200 {object} portainer.EndpointGroup "Success"
 // @failure 400 "Invalid request"
 // @failure 404 "EndpointGroup not found"
 // @failure 500 "Server error"
-// @router /endpoint_groups/:id [get]
+// @router /endpoint_groups/{id} [get]
 func (handler *Handler) endpointGroupInspect(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	endpointGroupID, err := request.RetrieveNumericRouteVariableValue(r, "id")
 	if err != nil {

api/http/handler/endpointgroups/endpointgroup_list.go

@@ -9,15 +9,15 @@ import (
 )
 
 // @id EndpointGroupList
-// @summary List Endpoint groups
-// @description List all endpoint groups based on the current user authorizations. Will
-// @description return all endpoint groups if using an administrator account otherwise it will
-// @description only return authorized endpoint groups.
+// @summary List Environment(Endpoint) groups
+// @description List all environment(endpoint) groups based on the current user authorizations. Will
+// @description return all environment(endpoint) groups if using an administrator account otherwise it will
+// @description only return authorized environment(endpoint) groups.
 // @description **Access policy**: restricted
 // @tags endpoint_groups
 // @security jwt
 // @produce json
-// @success 200 {array} portainer.EndpointGroup "Endpoint group"
+// @success 200 {array} portainer.EndpointGroup "Environment(Endpoint) group"
 // @failure 500 "Server error"
 // @router /endpoint_groups [get]
 func (handler *Handler) endpointGroupList(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {

api/http/handler/endpointgroups/endpointgroup_update.go

@@ -13,11 +13,11 @@ import (
 )
 
 type endpointGroupUpdatePayload struct {
-	// Endpoint group name
-	Name string `example:"my-endpoint-group"`
-	// Endpoint group description
+	// Environment(Endpoint) group name
+	Name string `example:"my-environment-group"`
+	// Environment(Endpoint) group description
 	Description string `example:"description"`
-	// List of tag identifiers associated to the endpoint group
+	// List of tag identifiers associated to the environment(endpoint) group
 	TagIDs             []portainer.TagID `example:"3,4"`
 	UserAccessPolicies portainer.UserAccessPolicies
 	TeamAccessPolicies portainer.TeamAccessPolicies
@@ -28,8 +28,8 @@ func (payload *endpointGroupUpdatePayload) Validate(r *http.Request) error {
 }
 
 // @id EndpointGroupUpdate
-// @summary Update an endpoint group
-// @description Update an endpoint group.
+// @summary Update an environment(endpoint) group
+// @description Update an environment(endpoint) group.
 // @description **Access policy**: administrator
 // @tags endpoint_groups
 // @security jwt
@@ -41,7 +41,7 @@ func (payload *endpointGroupUpdatePayload) Validate(r *http.Request) error {
 // @failure 400 "Invalid request"
 // @failure 404 "EndpointGroup not found"
 // @failure 500 "Server error"
-// @router /endpoint_groups/:id [put]
+// @router /endpoint_groups/{id} [put]
 func (handler *Handler) endpointGroupUpdate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	endpointGroupID, err := request.RetrieveNumericRouteVariableValue(r, "id")
 	if err != nil {

api/http/handler/endpointgroups/handler.go

@@ -10,14 +10,14 @@ import (
 	"github.com/portainer/portainer/api/http/security"
 )
 
-// Handler is the HTTP handler used to handle endpoint group operations.
+// Handler is the HTTP handler used to handle environment(endpoint) group operations.
 type Handler struct {
 	*mux.Router
 	AuthorizationService *authorization.Service
 	DataStore portainer.DataStore
 }
 
-// NewHandler creates a handler to manage endpoint group operations.
+// NewHandler creates a handler to manage environment(endpoint) group operations.
 func NewHandler(bouncer *security.RequestBouncer) *Handler {
 	h := &Handler{
 		Router: mux.NewRouter(),

api/http/handler/endpoints/endpoint_association_delete.go

@@ -4,29 +4,30 @@ import (
 	"encoding/base64"
 	"errors"
 	"fmt"
+	"net/http"
+	"regexp"
+	"strings"
+
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
 	portainer "github.com/portainer/portainer/api"
 	bolterrors "github.com/portainer/portainer/api/bolt/errors"
-	"net/http"
-	"regexp"
-	"strings"
 )
 
 // @id EndpointAssociationDelete
-// @summary De-association an edge endpoint
-// @description De-association an edge endpoint.
+// @summary De-association an edge environment(endpoint)
+// @description De-association an edge environment(endpoint).
 // @description **Access policy**: administrator
 // @security jwt
 // @tags endpoints
 // @produce json
-// @param id path int true "Endpoint identifier"
+// @param id path int true "Environment(Endpoint) identifier"
 // @success 200 {object} portainer.Endpoint "Success"
 // @failure 400 "Invalid request"
-// @failure 404 "Endpoint not found"
+// @failure 404 "Environment(Endpoint) not found"
 // @failure 500 "Server error"
-// @router /api/endpoints/:id/association [put]
+// @router /api/endpoints/{id}/association [put]
 func (handler *Handler) endpointAssociationDelete(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	endpointID, err := request.RetrieveNumericRouteVariableValue(r, "id")
 	if err != nil {
@@ -84,5 +85,5 @@ func (handler *Handler) updateEdgeKey(edgeKey string) (string, error) {
 
 func getPort(url string) string {
 	items := strings.Split(url, ":")
-	return items[len(items) - 1]
+	return items[len(items)-1]
 }

api/http/handler/endpoints/endpoint_create.go

@@ -148,28 +148,28 @@ func (payload *endpointCreatePayload) Validate(r *http.Request) error {
 }
 
 // @id EndpointCreate
-// @summary Create a new endpoint
-// @description  Create a new endpoint that will be used to manage an environment.
+// @summary Create a new environment(endpoint)
+// @description  Create a new environment(endpoint) that will be used to manage an environment(endpoint).
 // @description **Access policy**: administrator
 // @tags endpoints
 // @security jwt
 // @accept multipart/form-data
 // @produce json
-// @param Name formData string true "Name that will be used to identify this endpoint (example: my-endpoint)"
-// @param EndpointCreationType formData integer true "Environment type. Value must be one of: 1 (Local Docker environment), 2 (Agent environment), 3 (Azure environment), 4 (Edge agent environment) or 5 (Local Kubernetes Environment" Enum(1,2,3,4,5)
+// @param Name formData string true "Name that will be used to identify this environment(endpoint) (example: my-environment)"
+// @param EndpointCreationType formData integer true "Environment(Endpoint) type. Value must be one of: 1 (Local Docker environment), 2 (Agent environment), 3 (Azure environment), 4 (Edge agent environment) or 5 (Local Kubernetes Environment" Enum(1,2,3,4,5)
 // @param URL formData string false "URL or IP address of a Docker host (example: docker.mydomain.tld:2375). Defaults to local if not specified (Linux: /var/run/docker.sock, Windows: //./pipe/docker_engine)"
 // @param PublicURL formData string false "URL or IP address where exposed containers will be reachable. Defaults to URL if not specified (example: docker.mydomain.tld:2375)"
-// @param GroupID formData int false "Endpoint group identifier. If not specified will default to 1 (unassigned)."
-// @param TLS formData bool false "Require TLS to connect against this endpoint"
+// @param GroupID formData int false "Environment(Endpoint) group identifier. If not specified will default to 1 (unassigned)."
+// @param TLS formData bool false "Require TLS to connect against this environment(endpoint)"
 // @param TLSSkipVerify formData bool false "Skip server verification when using TLS"
 // @param TLSSkipClientVerify formData bool false "Skip client verification when using TLS"
 // @param TLSCACertFile formData file false "TLS CA certificate file"
 // @param TLSCertFile formData file false "TLS client certificate file"
 // @param TLSKeyFile formData file false "TLS client key file"
-// @param AzureApplicationID formData string false "Azure application ID. Required if endpoint type is set to 3"
-// @param AzureTenantID formData string false "Azure tenant ID. Required if endpoint type is set to 3"
-// @param AzureAuthenticationKey formData string false "Azure authentication key. Required if endpoint type is set to 3"
-// @param TagIDs formData []int false "List of tag identifiers to which this endpoint is associated"
+// @param AzureApplicationID formData string false "Azure application ID. Required if environment(endpoint) type is set to 3"
+// @param AzureTenantID formData string false "Azure tenant ID. Required if environment(endpoint) type is set to 3"
+// @param AzureAuthenticationKey formData string false "Azure authentication key. Required if environment(endpoint) type is set to 3"
+// @param TagIDs formData []int false "List of tag identifiers to which this environment(endpoint) is associated"
 // @param EdgeCheckinInterval formData int false "The check in interval for edge agent (in seconds)"
 // @success 200 {object} portainer.Endpoint "Success"
 // @failure 400 "Invalid request"

api/http/handler/endpoints/endpoint_delete.go

@@ -12,15 +12,15 @@ import (
 )
 
 // @id EndpointDelete
-// @summary Remove an endpoint
-// @description Remove an endpoint.
+// @summary Remove an environment(endpoint)
+// @description Remove an environment(endpoint).
 // @description **Access policy**: administrator
 // @tags endpoints
 // @security jwt
-// @param id path int true "Endpoint identifier"
+// @param id path int true "Environment(Endpoint) identifier"
 // @success 204 "Success"
 // @failure 400 "Invalid request"
-// @failure 404 "Endpoint not found"
+// @failure 404 "Environment(Endpoint) not found"
 // @failure 500 "Server error"
 // @router /endpoints/{id} [delete]
 func (handler *Handler) endpointDelete(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {

api/http/handler/endpoints/endpoint_inspect.go

@@ -11,16 +11,16 @@ import (
 )
 
 // @id EndpointInspect
-// @summary Inspect an endpoint
-// @description Retrieve details about an endpoint.
+// @summary Inspect an environment(endpoint)
+// @description Retrieve details about an environment(endpoint).
 // @description **Access policy**: restricted
 // @tags endpoints
 // @security jwt
 // @produce json
-// @param id path int true "Endpoint identifier"
+// @param id path int true "Environment(Endpoint) identifier"
 // @success 200 {object} portainer.Endpoint "Success"
 // @failure 400 "Invalid request"
-// @failure 404 "Endpoint not found"
+// @failure 404 "Environment(Endpoint) not found"
 // @failure 500 "Server error"
 // @router /endpoints/{id} [get]
 func (handler *Handler) endpointInspect(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {

api/http/handler/endpoints/endpoint_list.go

@@ -14,24 +14,24 @@ import (
 )
 
 // @id EndpointList
-// @summary List endpoints
-// @description List all endpoints based on the current user authorizations. Will
-// @description return all endpoints if using an administrator account otherwise it will
-// @description only return authorized endpoints.
+// @summary List environments(endpoints)
+// @description List all environments(endpoints) based on the current user authorizations. Will
+// @description return all environments(endpoints) if using an administrator account otherwise it will
+// @description only return authorized environments(endpoints).
 // @description **Access policy**: restricted
 // @tags endpoints
 // @security jwt
 // @produce json
 // @param start query int false "Start searching from"
 // @param search query string false "Search query"
-// @param groupId query int false "List endpoints of this group"
+// @param groupId query int false "List environments(endpoints) of this group"
 // @param limit query int false "Limit results to this value"
-// @param types query []int false "List endpoints of this type"
-// @param tagIds query []int false "search endpoints with these tags (depends on tagsPartialMatch)"
-// @param tagsPartialMatch query bool false "If true, will return endpoint which has one of tagIds, if false (or missing) will return only endpoints that has all the tags"
-// @param endpointIds query []int false "will return only these endpoints"
+// @param types query []int false "List environments(endpoints) of this type"
+// @param tagIds query []int false "search environments(endpoints) with these tags (depends on tagsPartialMatch)"
+// @param tagsPartialMatch query bool false "If true, will return environment(endpoint) which has one of tagIds, if false (or missing) will return only environments(endpoints) that has all the tags"
+// @param endpointIds query []int false "will return only these environments(endpoints)"
 // @success 200 {array} portainer.Endpoint "Endpoints"
-// @failure 500 Server error
+// @failure 500 "Server error"
 // @router /endpoints [get]
 func (handler *Handler) endpointList(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	start, _ := request.RetrieveNumericQueryParameter(r, "start", true)

api/http/handler/endpoints/endpoint_settings_update.go

@@ -36,20 +36,20 @@ func (payload *endpointSettingsUpdatePayload) Validate(r *http.Request) error {
 }
 
 // @id EndpointSettingsUpdate
-// @summary Update settings for an endpoint
-// @description Update settings for an endpoint.
+// @summary Update settings for an environments(endpoints)
+// @description Update settings for an environments(endpoints).
 // @description **Access policy**: administrator
 // @security jwt
 // @tags endpoints
 // @accept json
 // @produce json
-// @param id path int true "Endpoint identifier"
-// @param body body endpointSettingsUpdatePayload true "Endpoint details"
+// @param id path int true "Environment(Endpoint) identifier"
+// @param body body endpointSettingsUpdatePayload true "Environment(Endpoint) details"
 // @success 200 {object} portainer.Endpoint "Success"
 // @failure 400 "Invalid request"
-// @failure 404 "Endpoint not found"
+// @failure 404 "Environment(Endpoint) not found"
 // @failure 500 "Server error"
-// @router /api/endpoints/:id/settings [put]
+// @router /api/endpoints/{id}/settings [put]
 func (handler *Handler) endpointSettingsUpdate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	endpointID, err := request.RetrieveNumericRouteVariableValue(r, "id")
 	if err != nil {

api/http/handler/endpoints/endpoint_snapshot.go

@@ -12,15 +12,15 @@ import (
 )
 
 // @id EndpointSnapshot
-// @summary Snapshots an endpoint
-// @description Snapshots an endpoint
+// @summary Snapshots an environments(endpoints)
+// @description Snapshots an environments(endpoints)
 // @description **Access policy**: restricted
 // @tags endpoints
 // @security jwt
-// @param id path int true "Endpoint identifier"
+// @param id path int true "Environment(Endpoint) identifier"
 // @success 204 "Success"
 // @failure 400 "Invalid request"
-// @failure 404 "Endpoint not found"
+// @failure 404 "Environment(Endpoint) not found"
 // @failure 500 "Server error"
 // @router /endpoints/{id}/snapshot [post]
 func (handler *Handler) endpointSnapshot(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {

api/http/handler/endpoints/endpoint_snapshots.go

@@ -11,8 +11,8 @@ import (
 )
 
 // @id EndpointSnapshots
-// @summary Snapshot all endpoints
-// @description Snapshot all endpoints
+// @summary Snapshot all environments(endpoints)
+// @description Snapshot all environments(endpoints)
 // @description **Access policy**: administrator
 // @tags endpoints
 // @security jwt

api/http/handler/endpoints/endpoint_status_inspect.go

@@ -35,31 +35,31 @@ type edgeJobResponse struct {
 }
 
 type endpointStatusInspectResponse struct {
-	// Status represents the endpoint status
+	// Status represents the environment(endpoint) status
 	Status string `json:"status" example:"REQUIRED"`
 	// The tunnel port
 	Port int `json:"port" example:"8732"`
-	// List of requests for jobs to run on the endpoint
+	// List of requests for jobs to run on the environment(endpoint)
 	Schedules []edgeJobResponse `json:"schedules"`
 	// The current value of CheckinInterval
 	CheckinInterval int `json:"checkin" example:"5"`
 	//
 	Credentials string `json:"credentials" example:""`
-	// List of stacks to be deployed on the endpoints
+	// List of stacks to be deployed on the environments(endpoints)
 	Stacks []stackStatusResponse `json:"stacks"`
 }
 
 // @id EndpointStatusInspect
-// @summary Get endpoint status
-// @description Endpoint for edge agent to check status of environment
-// @description **Access policy**: restricted only to Edge endpoints
+// @summary Get environment(endpoint) status
+// @description Environment(Endpoint) for edge agent to check status of environment(endpoint)
+// @description **Access policy**: restricted only to Edge environments(endpoints)
 // @tags endpoints
 // @security jwt
-// @param id path int true "Endpoint identifier"
+// @param id path int true "Environment(Endpoint) identifier"
 // @success 200 {object} endpointStatusInspectResponse "Success"
 // @failure 400 "Invalid request"
-// @failure 403 "Permission denied to access endpoint"
-// @failure 404 "Endpoint not found"
+// @failure 403 "Permission denied to access environment(endpoint)"
+// @failure 404 "Environment(Endpoint) not found"
 // @failure 500 "Server error"
 // @router /endpoints/{id}/status [get]
 func (handler *Handler) endpointStatusInspect(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {

api/http/handler/endpoints/endpoint_update.go

@@ -16,8 +16,8 @@ import (
 )
 
 type endpointUpdatePayload struct {
-	// Name that will be used to identify this endpoint
-	Name *string `example:"my-endpoint"`
+	// Name that will be used to identify this environment(endpoint)
+	Name *string `example:"my-environment"`
 	// URL or IP address of a Docker host
 	URL *string `example:"docker.mydomain.tld:2375"`
 	// URL or IP address where exposed containers will be reachable.\
@@ -25,13 +25,13 @@ type endpointUpdatePayload struct {
 	PublicURL *string `example:"docker.mydomain.tld:2375"`
 	// Group identifier
 	GroupID *int `example:"1"`
-	// Require TLS to connect against this endpoint
+	// Require TLS to connect against this environment(endpoint)
 	TLS *bool `example:"true"`
 	// Skip server verification when using TLS
 	TLSSkipVerify *bool `example:"false"`
 	// Skip client verification when using TLS
 	TLSSkipClientVerify *bool `example:"false"`
-	// The status of the endpoint (1 - up, 2 - down)
+	// The status of the environment(endpoint) (1 - up, 2 - down)
 	Status *int `example:"1"`
 	// Azure application ID
 	AzureApplicationID *string `example:"eag7cdo9-o09l-9i83-9dO9-f0b23oe78db4"`
@@ -39,7 +39,7 @@ type endpointUpdatePayload struct {
 	AzureTenantID *string `example:"34ddc78d-4fel-2358-8cc1-df84c8o839f5"`
 	// Azure authentication key
 	AzureAuthenticationKey *string `example:"cOrXoK/1D35w8YQ8nH1/8ZGwzz45JIYD5jxHKXEQknk="`
-	// List of tag identifiers to which this endpoint is associated
+	// List of tag identifiers to which this environment(endpoint) is associated
 	TagIDs             []portainer.TagID `example:"1,2"`
 	UserAccessPolicies portainer.UserAccessPolicies
 	TeamAccessPolicies portainer.TeamAccessPolicies
@@ -54,18 +54,18 @@ func (payload *endpointUpdatePayload) Validate(r *http.Request) error {
 }
 
 // @id EndpointUpdate
-// @summary Update an endpoint
-// @description Update an endpoint.
+// @summary Update an environment(endpoint)
+// @description Update an environment(endpoint).
 // @description **Access policy**: administrator
 // @security jwt
 // @tags endpoints
 // @accept json
 // @produce json
-// @param id path int true "Endpoint identifier"
-// @param body body endpointUpdatePayload true "Endpoint details"
+// @param id path int true "Environment(Endpoint) identifier"
+// @param body body endpointUpdatePayload true "Environment(Endpoint) details"
 // @success 200 {object} portainer.Endpoint "Success"
 // @failure 400 "Invalid request"
-// @failure 404 "Endpoint not found"
+// @failure 404 "Environment(Endpoint) not found"
 // @failure 500 "Server error"
 // @router /endpoints/{id} [put]
 func (handler *Handler) endpointUpdate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {

api/http/handler/endpoints/handler.go

@@ -20,7 +20,7 @@ func hideFields(endpoint *portainer.Endpoint) {
 	}
 }
 
-// Handler is the HTTP handler used to handle endpoint operations.
+// Handler is the HTTP handler used to handle environment(endpoint) operations.
 type Handler struct {
 	*mux.Router
 	requestBouncer       *security.RequestBouncer
@@ -36,7 +36,7 @@ type Handler struct {
 	BindAddressHTTPS     string
 }
 
-// NewHandler creates a handler to manage endpoint operations.
+// NewHandler creates a handler to manage environment(endpoint) operations.
 func NewHandler(bouncer *security.RequestBouncer) *Handler {
 	h := &Handler{
 		Router:         mux.NewRouter(),

api/http/handler/handler.go

@@ -72,14 +72,14 @@ type Handler struct {
 }
 
 // @title PortainerCE API
-// @version 2.6.3
+// @version 2.9.0
 // @description.markdown api-description.md
 // @termsOfService
 
 // @contact.email info@portainer.io
 
-// @license.name
-// @license.url
+// @license.name zlib
+// @license.url https://github.com/portainer/portainer/blob/develop/LICENSE
 
 // @host
 // @BasePath /api
@@ -102,11 +102,11 @@ type Handler struct {
 // @tag.name edge_templates
 // @tag.description Manage Edge Templates
 // @tag.name edge
-// @tag.description Manage Edge related endpoint settings
+// @tag.description Manage Edge related environment(endpoint) settings
 // @tag.name endpoints
-// @tag.description Manage Docker environments
+// @tag.description Manage Docker environments(endpoints)
 // @tag.name endpoint_groups
-// @tag.description Manage endpoint groups
+// @tag.description Manage environment(endpoint) groups
 // @tag.name kubernetes
 // @tag.description Manage Kubernetes cluster
 // @tag.name motd
@@ -121,8 +121,6 @@ type Handler struct {
 // @tag.description Manage Portainer settings
 // @tag.name status
 // @tag.description Information about the Portainer instance
-// @tag.name stacks
-// @tag.description Manage Docker stacks
 // @tag.name users
 // @tag.description Manage users
 // @tag.name tags

api/http/handler/helm/handler.go

@@ -21,7 +21,7 @@ type requestBouncer interface {
 	AuthenticatedAccess(h http.Handler) http.Handler
 }
 
-// Handler is the HTTP handler used to handle endpoint group operations.
+// Handler is the HTTP handler used to handle environment(endpoint) group operations.
 type Handler struct {
 	*mux.Router
 	requestBouncer     requestBouncer
@@ -30,7 +30,7 @@ type Handler struct {
 	helmPackageManager libhelm.HelmPackageManager
 }
 
-// NewHandler creates a handler to manage endpoint group operations.
+// NewHandler creates a handler to manage environment(endpoint) group operations.
 func NewHandler(bouncer requestBouncer, dataStore portainer.DataStore, helmPackageManager libhelm.HelmPackageManager, kubeConfigService kubernetes.KubeConfigService) *Handler {
 	h := &Handler{
 		Router:             mux.NewRouter(),
@@ -62,7 +62,7 @@ func NewHandler(bouncer requestBouncer, dataStore portainer.DataStore, helmPacka
 	return h
 }
 
-// NewTemplateHandler creates a template handler to manage endpoint group operations.
+// NewTemplateHandler creates a template handler to manage environment(endpoint) group operations.
 func NewTemplateHandler(bouncer requestBouncer, helmPackageManager libhelm.HelmPackageManager) *Handler {
 	h := &Handler{
 		Router:             mux.NewRouter(),
@@ -86,7 +86,7 @@ func NewTemplateHandler(bouncer requestBouncer, helmPackageManager libhelm.HelmP
 func (handler *Handler) getHelmClusterAccess(r *http.Request) (*options.KubernetesClusterAccess, *httperror.HandlerError) {
 	endpoint, err := middlewares.FetchEndpoint(r)
 	if err != nil {
-		return nil, &httperror.HandlerError{http.StatusNotFound, "Unable to find an endpoint on request context", err}
+		return nil, &httperror.HandlerError{http.StatusNotFound, "Unable to find an environment on request context", err}
 	}
 
 	bearerToken, err := security.ExtractBearerToken(r)

api/http/handler/helm/helm_delete.go

@@ -17,14 +17,15 @@ import (
 // @security jwt
 // @accept json
 // @produce json
-// @param release query string true "The name of the release/application to uninstall"
+// @param id path int true "Environment(Endpoint) identifier"
+// @param release path string true "The name of the release/application to uninstall"
 // @param namespace query string true "An optional namespace"
 // @success 204 "Success"
-// @failure 400 "Invalid endpoint id or bad request"
+// @failure 400 "Invalid environment(endpoint) id or bad request"
 // @failure 401 "Unauthorized"
-// @failure 404 "Endpoint or ServiceAccount not found"
+// @failure 404 "Environment(Endpoint) or ServiceAccount not found"
 // @failure 500 "Server error or helm error"
-// @router /endpoints/:id/kubernetes/helm/{release} [delete]
+// @router /endpoints/{id}/kubernetes/helm/{release} [delete]
 func (handler *Handler) helmDelete(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	release, err := request.RetrieveRouteVariableValue(r, "release")
 	if err != nil {

api/http/handler/helm/helm_delete_test.go

@@ -24,7 +24,7 @@ func Test_helmDelete(t *testing.T) {
 	defer teardown()
 
 	err := store.Endpoint().CreateEndpoint(&portainer.Endpoint{ID: 1})
-	is.NoError(err, "Error creating endpoint")
+	is.NoError(err, "Error creating environment")
 
 	err = store.User().CreateUser(&portainer.User{Username: "admin", Role: portainer.AdministratorRole})
 	is.NoError(err, "Error creating a user")

api/http/handler/helm/helm_install.go

@@ -36,12 +36,13 @@ var errChartNameInvalid = errors.New("invalid chart name. " +
 // @security jwt
 // @accept json
 // @produce json
+// @param id path int true "Environment(Endpoint) identifier"
 // @param payload body installChartPayload true "Chart details"
 // @success 201 {object} release.Release "Created"
 // @failure 401 "Unauthorized"
-// @failure 404 "Endpoint or ServiceAccount not found"
+// @failure 404 "Environment(Endpoint) or ServiceAccount not found"
 // @failure 500 "Server error"
-// @router /endpoints/:id/kubernetes/helm [post]
+// @router /endpoints/{id}/kubernetes/helm [post]
 func (handler *Handler) helmInstall(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	var payload installChartPayload
 	err := request.DecodeAndValidateJSONPayload(r, &payload)

api/http/handler/helm/helm_install_test.go

@@ -26,7 +26,7 @@ func Test_helmInstall(t *testing.T) {
 	defer teardown()
 
 	err := store.Endpoint().CreateEndpoint(&portainer.Endpoint{ID: 1})
-	is.NoError(err, "error creating endpoint")
+	is.NoError(err, "error creating environment")
 
 	err = store.User().CreateUser(&portainer.User{Username: "admin", Role: portainer.AdministratorRole})
 	is.NoError(err, "error creating a user")

api/http/handler/helm/helm_list.go

@@ -17,15 +17,16 @@ import (
 // @security jwt
 // @accept json
 // @produce json
+// @param id path int true "Environment(Endpoint) identifier"
 // @param namespace query string true "specify an optional namespace"
 // @param filter query string true "specify an optional filter"
 // @param selector query string true "specify an optional selector"
 // @success 200 {array} release.ReleaseElement "Success"
-// @failure 400 "Invalid endpoint identifier"
+// @failure 400 "Invalid environment(endpoint) identifier"
 // @failure 401 "Unauthorized"
-// @failure 404 "Endpoint or ServiceAccount not found"
+// @failure 404 "Environment(Endpoint) or ServiceAccount not found"
 // @failure 500 "Server error"
-// @router /endpoints/:id/kubernetes/helm [get]
+// @router /endpoints/{id}/kubernetes/helm [get]
 func (handler *Handler) helmList(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	clusterAccess, httperr := handler.getHelmClusterAccess(r)
 	if httperr != nil {

api/http/handler/helm/helm_list_test.go

@@ -23,7 +23,7 @@ func Test_helmList(t *testing.T) {
 	defer teardown()
 
 	err := store.Endpoint().CreateEndpoint(&portainer.Endpoint{ID: 1})
-	assert.NoError(t, err, "error creating endpoint")
+	assert.NoError(t, err, "error creating environment")
 
 	err = store.User().CreateUser(&portainer.User{Username: "admin", Role: portainer.AdministratorRole})
 	assert.NoError(t, err, "error creating a user")

api/http/handler/helm/helm_repo_search.go

@@ -6,7 +6,6 @@ import (
 	"net/url"
 
 	"github.com/pkg/errors"
-	"github.com/portainer/libhelm"
 	"github.com/portainer/libhelm/options"
 	httperror "github.com/portainer/libhttp/error"
 )
@@ -40,7 +39,7 @@ func (handler *Handler) helmRepoSearch(w http.ResponseWriter, r *http.Request) *
 		Repo: repo,
 	}
 
-	result, err := libhelm.SearchRepo(searchOpts)
+	result, err := handler.helmPackageManager.SearchRepo(searchOpts)
 	if err != nil {
 		return &httperror.HandlerError{
 			StatusCode: http.StatusInternalServerError,