Add a native, CE-only auto-heal daemon that restarts Docker containers whose
healthcheck reports "unhealthy", replacing the willfarrell/autoheal sidecar.
Backend:
- New package api/containerautomation (service lifecycle + scheduler job,
per-endpoint heal pass, label/scope parsing, in-memory cooldown/retry state).
- Settings.ContainerAutomation.AutoHeal {Enabled, CheckInterval, Scope} with
fresh-install defaults and a 2.43.0 migration backfilling existing installs.
- Settings update handler reloads/stops the job via a small Reloader interface
(no import cycle); service bootstrapped from main.go after stack schedules.
Frontend:
- Global AutoHealPanel in SettingsView (enable / interval / scope) via
useUpdateSettingsMutation, plus settings TS types.
- Read-only per-container Auto-heal row in the container details view (Docker
labels are immutable at runtime; opt-in is set via Create/Edit form labels).
Tests: Go unit tests for label/scope resolution and the cooldown/retry decision;
vitest for the panel and the per-container row.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
54 lines
1.7 KiB
Go
54 lines
1.7 KiB
Go
package settings
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
portainer "github.com/portainer/portainer/api"
|
|
"github.com/portainer/portainer/api/dataservices"
|
|
"github.com/portainer/portainer/api/http/security"
|
|
httperror "github.com/portainer/portainer/pkg/libhttp/error"
|
|
|
|
"github.com/gorilla/mux"
|
|
)
|
|
|
|
func hideFields(settings *portainer.Settings) {
|
|
settings.LDAPSettings.Password = ""
|
|
settings.OAuthSettings.ClientSecret = ""
|
|
settings.OAuthSettings.KubeSecretKey = nil
|
|
}
|
|
|
|
// ContainerAutomationReloader re-applies container automation settings (e.g. the
|
|
// auto-heal scheduler job) after a settings change. It is a minimal interface so
|
|
// the settings handler does not depend on the concrete service implementation.
|
|
type ContainerAutomationReloader interface {
|
|
Reload() error
|
|
}
|
|
|
|
// Handler is the HTTP handler used to handle settings operations.
|
|
type Handler struct {
|
|
*mux.Router
|
|
DataStore dataservices.DataStore
|
|
FileService portainer.FileService
|
|
JWTService portainer.JWTService
|
|
LDAPService portainer.LDAPService
|
|
SnapshotService portainer.SnapshotService
|
|
SetupTokenRequired bool
|
|
ContainerAutomationService ContainerAutomationReloader
|
|
}
|
|
|
|
// NewHandler creates a handler to manage settings operations.
|
|
func NewHandler(bouncer security.BouncerService) *Handler {
|
|
h := &Handler{
|
|
Router: mux.NewRouter(),
|
|
}
|
|
|
|
h.Handle("/settings",
|
|
bouncer.AdminAccess(httperror.LoggerHandler(h.settingsInspect))).Methods(http.MethodGet)
|
|
h.Handle("/settings",
|
|
bouncer.AdminAccess(httperror.LoggerHandler(h.settingsUpdate))).Methods(http.MethodPut)
|
|
h.Handle("/settings/public",
|
|
bouncer.PublicAccess(httperror.LoggerHandler(h.settingsPublic))).Methods(http.MethodGet)
|
|
|
|
return h
|
|
}
|