mirror of
https://github.com/portainer/portainer.git
synced 2025-08-10 08:15:25 +02:00
fix(stacks): normalize stack name before performing actions EE-4839
This commit is contained in:
matias.spinarolli
parent
7f5b1bdb45
commit
654dff4c78
5 changed files with 25 additions and 4 deletions
|
|
@ -135,7 +135,7 @@ func (handler *Handler) userCanManageStacks(securityContext *security.Restricted
|
|||
canCreate, err := handler.userCanCreateStack(securityContext, portainer.EndpointID(endpoint.ID))
|
||||
|
||||
if err != nil {
|
||||
return false, fmt.Errorf("Failed to get user from the database: %w", err)
|
||||
return false, fmt.Errorf("failed to get user from the database: %w", err)
|
||||
}
|
||||
|
||||
return canCreate, nil
|
||||
|
|
|
|||
|
|
@ -108,7 +108,7 @@ func (handler *Handler) stackDelete(w http.ResponseWriter, r *http.Request) *htt
|
|||
return httperror.InternalServerError("Unable to verify user authorizations to validate stack deletion", err)
|
||||
}
|
||||
if !canManage {
|
||||
errMsg := "Stack deletion is disabled for non-admin users"
|
||||
errMsg := "stack deletion is disabled for non-admin users"
|
||||
return httperror.Forbidden(errMsg, fmt.Errorf(errMsg))
|
||||
}
|
||||
|
||||
|
|
@ -187,9 +187,13 @@ func (handler *Handler) deleteExternalStack(r *http.Request, w http.ResponseWrit
|
|||
|
||||
func (handler *Handler) deleteStack(userID portainer.UserID, stack *portainer.Stack, endpoint *portainer.Endpoint) error {
|
||||
if stack.Type == portainer.DockerSwarmStack {
|
||||
stack.Name = handler.ComposeStackManager.NormalizeStackName(stack.Name)
|
||||
|
||||
return handler.SwarmStackManager.Remove(stack, endpoint)
|
||||
}
|
||||
if stack.Type == portainer.DockerComposeStack {
|
||||
stack.Name = handler.SwarmStackManager.NormalizeStackName(stack.Name)
|
||||
|
||||
return handler.ComposeStackManager.Down(context.TODO(), stack, endpoint)
|
||||
}
|
||||
if stack.Type == portainer.KubernetesStack {
|
||||
|
|
@ -203,6 +207,7 @@ func (handler *Handler) deleteStack(userID portainer.UserID, stack *portainer.St
|
|||
if err != nil {
|
||||
return errors.Wrap(err, "failed to create temp directory for deleting kub stack")
|
||||
}
|
||||
|
||||
defer os.RemoveAll(tmpDir)
|
||||
|
||||
for _, fileName := range fileNames {
|
||||
|
|
@ -226,8 +231,11 @@ func (handler *Handler) deleteStack(userID portainer.UserID, stack *portainer.St
|
|||
} else {
|
||||
manifestFiles = stackutils.GetStackFilePaths(stack, true)
|
||||
}
|
||||
|
||||
out, err := handler.KubernetesDeployer.Remove(userID, endpoint, manifestFiles, stack.Namespace)
|
||||
|
||||
return errors.WithMessagef(err, "failed to remove kubernetes resources: %q", out)
|
||||
}
|
||||
|
||||
return fmt.Errorf("unsupported stack type: %v", stack.Type)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -70,7 +70,7 @@ func (handler *Handler) stackStart(w http.ResponseWriter, r *http.Request) *http
|
|||
return httperror.InternalServerError("Unable to verify user authorizations to validate stack deletion", err)
|
||||
}
|
||||
if !canManage {
|
||||
errMsg := "Stack management is disabled for non-admin users"
|
||||
errMsg := "stack management is disabled for non-admin users"
|
||||
return httperror.Forbidden(errMsg, errors.New(errMsg))
|
||||
}
|
||||
|
||||
|
|
@ -133,8 +133,12 @@ func (handler *Handler) stackStart(w http.ResponseWriter, r *http.Request) *http
|
|||
func (handler *Handler) startStack(stack *portainer.Stack, endpoint *portainer.Endpoint) error {
|
||||
switch stack.Type {
|
||||
case portainer.DockerComposeStack:
|
||||
stack.Name = handler.ComposeStackManager.NormalizeStackName(stack.Name)
|
||||
|
||||
return handler.ComposeStackManager.Up(context.TODO(), stack, endpoint, false)
|
||||
case portainer.DockerSwarmStack:
|
||||
stack.Name = handler.SwarmStackManager.NormalizeStackName(stack.Name)
|
||||
|
||||
return handler.SwarmStackManager.Deploy(stack, true, true, endpoint)
|
||||
}
|
||||
return nil
|
||||
|
|
|
|||
|
|
@ -81,7 +81,7 @@ func (handler *Handler) stackStop(w http.ResponseWriter, r *http.Request) *httpe
|
|||
return httperror.InternalServerError("Unable to verify user authorizations to validate stack deletion", err)
|
||||
}
|
||||
if !canManage {
|
||||
errMsg := "Stack management is disabled for non-admin users"
|
||||
errMsg := "stack management is disabled for non-admin users"
|
||||
return httperror.Forbidden(errMsg, errors.New(errMsg))
|
||||
}
|
||||
|
||||
|
|
@ -117,9 +117,14 @@ func (handler *Handler) stackStop(w http.ResponseWriter, r *http.Request) *httpe
|
|||
func (handler *Handler) stopStack(stack *portainer.Stack, endpoint *portainer.Endpoint) error {
|
||||
switch stack.Type {
|
||||
case portainer.DockerComposeStack:
|
||||
stack.Name = handler.ComposeStackManager.NormalizeStackName(stack.Name)
|
||||
|
||||
return handler.ComposeStackManager.Down(context.TODO(), stack, endpoint)
|
||||
case portainer.DockerSwarmStack:
|
||||
stack.Name = handler.SwarmStackManager.NormalizeStackName(stack.Name)
|
||||
|
||||
return handler.SwarmStackManager.Remove(stack, endpoint)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -166,8 +166,12 @@ func (handler *Handler) stackUpdate(w http.ResponseWriter, r *http.Request) *htt
|
|||
|
||||
func (handler *Handler) updateAndDeployStack(r *http.Request, stack *portainer.Stack, endpoint *portainer.Endpoint) *httperror.HandlerError {
|
||||
if stack.Type == portainer.DockerSwarmStack {
|
||||
stack.Name = handler.SwarmStackManager.NormalizeStackName(stack.Name)
|
||||
|
||||
return handler.updateSwarmStack(r, stack, endpoint)
|
||||
} else if stack.Type == portainer.DockerComposeStack {
|
||||
stack.Name = handler.ComposeStackManager.NormalizeStackName(stack.Name)
|
||||
|
||||
return handler.updateComposeStack(r, stack, endpoint)
|
||||
} else if stack.Type == portainer.KubernetesStack {
|
||||
return handler.updateKubernetesStack(r, stack, endpoint)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue