mirror of
https://github.com/portainer/portainer.git
synced 2025-07-23 15:29:42 +02:00
179df06267
* feat(app): rework private registries and support private registries in kubernetes [EE-30] feat(api): backport private registries backend changes (#5072) * feat(api/bolt): backport bolt changes * feat(api/exec): backport exec changes * feat(api/http): backport http/handler/dockerhub changes * feat(api/http): backport http/handler/endpoints changes * feat(api/http): backport http/handler/registries changes * feat(api/http): backport http/handler/stacks changes * feat(api/http): backport http/handler changes * feat(api/http): backport http/proxy/factory/azure changes * feat(api/http): backport http/proxy/factory/docker changes * feat(api/http): backport http/proxy/factory/utils changes * feat(api/http): backport http/proxy/factory/kubernetes changes * feat(api/http): backport http/proxy/factory changes * feat(api/http): backport http/security changes * feat(api/http): backport http changes * feat(api/internal): backport internal changes * feat(api): backport api changes * feat(api/kubernetes): backport kubernetes changes * fix(api/http): changes on backend following backport feat(app): backport private registries frontend changes (#5056) * feat(app/docker): backport docker/components changes * feat(app/docker): backport docker/helpers changes * feat(app/docker): backport docker/views/container changes * feat(app/docker): backport docker/views/images changes * feat(app/docker): backport docker/views/registries changes * feat(app/docker): backport docker/views/services changes * feat(app/docker): backport docker changes * feat(app/kubernetes): backport kubernetes/components changes * feat(app/kubernetes): backport kubernetes/converters changes * feat(app/kubernetes): backport kubernetes/models changes * feat(app/kubernetes): backport kubernetes/registries changes * feat(app/kubernetes): backport kubernetes/services changes * feat(app/kubernetes): backport kubernetes/views/applications changes * feat(app/kubernetes): backport kubernetes/views/configurations changes * feat(app/kubernetes): backport kubernetes/views/configure changes * feat(app/kubernetes): backport kubernetes/views/resource-pools changes * feat(app/kubernetes): backport kubernetes/views changes * feat(app/portainer): backport portainer/components/accessManagement changes * feat(app/portainer): backport portainer/components/datatables changes * feat(app/portainer): backport portainer/components/forms changes * feat(app/portainer): backport portainer/components/registry-details changes * feat(app/portainer): backport portainer/models changes * feat(app/portainer): backport portainer/rest changes * feat(app/portainer): backport portainer/services changes * feat(app/portainer): backport portainer/views changes * feat(app/portainer): backport portainer changes * feat(app): backport app changes * config(project): gitignore + jsconfig changes gitignore all files under api/cmd/portainer but main.go and enable Code Editor autocomplete on import ... from '@/...' fix(app): fix pull rate limit checker fix(app/registries): sidebar menus and registry accesses users filtering fix(api): add missing kube client factory fix(kube): fetch dockerhub pull limits (#5133) fix(app): pre review fixes (#5142) * fix(app/registries): remove checkbox for endpointRegistries view * fix(endpoints): allow access to default namespace * fix(docker): fetch pull limits * fix(kube/ns): show selected registries for non admin Co-authored-by: Chaim Lev-Ari <chiptus@gmail.com> chore(webpack): ignore missing sourcemaps fix(registries): fetch registry config from url feat(kube/registries): ignore not found when deleting secret feat(db): move migration to db 31 fix(registries): fix bugs in PR EE-869 (#5169) * fix(registries): hide role * fix(endpoints): set empty access policy to edge endpoint * fix(registry): remove double arguments * fix(admin): ignore warning * feat(kube/configurations): tag registry secrets (#5157) * feat(kube/configurations): tag registry secrets * feat(kube/secrets): show registry secrets for admins * fix(registries): move dockerhub to beginning * refactor(registries): use endpoint scoped registries feat(registries): filter by namespace if supplied feat(access-managment): filter users for registry (#5191) * refactor(access-manage): move users selector to component * feat(access-managment): filter users for registry refactor(registries): sync code with CE (#5200) * refactor(registry): add inspect handler under endpoints * refactor(endpoint): sync endpoint_registries_list * refactor(endpoints): sync registry_access * fix(db): rename migration functions * fix(registries): show accesses for admin * fix(kube): set token on transport * refactor(kube): move secret help to bottom * fix(kuberentes): remove shouldLog parameter * style(auth): add description of security.IsAdmin * feat(security): allow admin access to registry * feat(edge): connect to edge endpoint when creating client * style(portainer): change deprecation version * refactor(sidebar): hide manage * refactor(containers): revert changes * style(container): remove whitespace * fix(endpoint): add handler to registy on endpointService * refactor(image): use endpointService.registries * fix(kueb/namespaces): rename resource pool to namespace * fix(kube/namespace): move selected registries * fix(api/registries): hide accesses on registry creation Co-authored-by: LP B <xAt0mZ@users.noreply.github.com> refactor(api): remove code duplication after rebase fix(app/registries): replace last registry api usage by endpoint registry api fix(api/endpoints): update registry access policies on endpoint deletion (#5226) [EE-1027] fix(db): update db version * fix(dockerhub): fetch rate limits * fix(registry/tests): supply restricred context * fix(registries): show proget registry only when selected * fix(registry): create dockerhub registry * feat(db): move migrations to db 32 Co-authored-by: Chaim Lev-Ari <chiptus@gmail.com>
402 lines
14 KiB
JavaScript
402 lines
14 KiB
JavaScript
import moment from 'moment';
|
|
import _ from 'lodash-es';
|
|
import { PorImageRegistryModel } from 'Docker/models/porImageRegistry';
|
|
|
|
angular.module('portainer.docker').controller('ContainerController', [
|
|
'$q',
|
|
'$scope',
|
|
'$state',
|
|
'$transition$',
|
|
'$filter',
|
|
'$async',
|
|
'Commit',
|
|
'ContainerHelper',
|
|
'ContainerService',
|
|
'ImageHelper',
|
|
'NetworkService',
|
|
'Notifications',
|
|
'ModalService',
|
|
'ResourceControlService',
|
|
'RegistryService',
|
|
'ImageService',
|
|
'HttpRequestHelper',
|
|
'Authentication',
|
|
'endpoint',
|
|
function (
|
|
$q,
|
|
$scope,
|
|
$state,
|
|
$transition$,
|
|
$filter,
|
|
$async,
|
|
Commit,
|
|
ContainerHelper,
|
|
ContainerService,
|
|
ImageHelper,
|
|
NetworkService,
|
|
Notifications,
|
|
ModalService,
|
|
ResourceControlService,
|
|
RegistryService,
|
|
ImageService,
|
|
HttpRequestHelper,
|
|
Authentication,
|
|
endpoint
|
|
) {
|
|
$scope.endpoint = endpoint;
|
|
$scope.activityTime = 0;
|
|
$scope.portBindings = [];
|
|
$scope.displayRecreateButton = false;
|
|
|
|
$scope.config = {
|
|
RegistryModel: new PorImageRegistryModel(),
|
|
commitInProgress: false,
|
|
};
|
|
|
|
$scope.state = {
|
|
recreateContainerInProgress: false,
|
|
joinNetworkInProgress: false,
|
|
leaveNetworkInProgress: false,
|
|
};
|
|
|
|
$scope.updateRestartPolicy = updateRestartPolicy;
|
|
|
|
var update = function () {
|
|
var nodeName = $transition$.params().nodeName;
|
|
HttpRequestHelper.setPortainerAgentTargetHeader(nodeName);
|
|
$scope.nodeName = nodeName;
|
|
|
|
ContainerService.container($transition$.params().id)
|
|
.then(function success(data) {
|
|
var container = data;
|
|
$scope.container = container;
|
|
$scope.container.edit = false;
|
|
$scope.container.newContainerName = $filter('trimcontainername')(container.Name);
|
|
|
|
if (container.State.Running) {
|
|
$scope.activityTime = moment.duration(moment(container.State.StartedAt).utc().diff(moment().utc())).humanize();
|
|
} else if (container.State.Status === 'created') {
|
|
$scope.activityTime = moment.duration(moment(container.Created).utc().diff(moment().utc())).humanize();
|
|
} else {
|
|
$scope.activityTime = moment.duration(moment().utc().diff(moment(container.State.FinishedAt).utc())).humanize();
|
|
}
|
|
|
|
$scope.portBindings = [];
|
|
if (container.NetworkSettings.Ports) {
|
|
_.forEach(Object.keys(container.NetworkSettings.Ports), function (key) {
|
|
if (container.NetworkSettings.Ports[key]) {
|
|
_.forEach(container.NetworkSettings.Ports[key], (portMapping) => {
|
|
const mapping = {};
|
|
mapping.container = key;
|
|
mapping.host = `${portMapping.HostIp}:${portMapping.HostPort}`;
|
|
$scope.portBindings.push(mapping);
|
|
});
|
|
}
|
|
});
|
|
}
|
|
|
|
$scope.container.Config.Env = _.sortBy($scope.container.Config.Env, _.toLower);
|
|
const inSwarm = $scope.container.Config.Labels['com.docker.swarm.service.id'];
|
|
const autoRemove = $scope.container.HostConfig.AutoRemove;
|
|
const admin = Authentication.isAdmin();
|
|
const {
|
|
allowContainerCapabilitiesForRegularUsers,
|
|
allowHostNamespaceForRegularUsers,
|
|
allowDeviceMappingForRegularUsers,
|
|
allowSysctlSettingForRegularUsers,
|
|
allowBindMountsForRegularUsers,
|
|
allowPrivilegedModeForRegularUsers,
|
|
} = endpoint.SecuritySettings;
|
|
|
|
const settingRestrictsRegularUsers =
|
|
!allowContainerCapabilitiesForRegularUsers ||
|
|
!allowBindMountsForRegularUsers ||
|
|
!allowDeviceMappingForRegularUsers ||
|
|
!allowSysctlSettingForRegularUsers ||
|
|
!allowHostNamespaceForRegularUsers ||
|
|
!allowPrivilegedModeForRegularUsers;
|
|
|
|
$scope.displayRecreateButton = !inSwarm && !autoRemove && (admin || !settingRestrictsRegularUsers);
|
|
})
|
|
.catch(function error(err) {
|
|
Notifications.error('Failure', err, 'Unable to retrieve container info');
|
|
});
|
|
};
|
|
|
|
function executeContainerAction(id, action, successMessage, errorMessage) {
|
|
action(id)
|
|
.then(function success() {
|
|
Notifications.success(successMessage, id);
|
|
update();
|
|
})
|
|
.catch(function error(err) {
|
|
Notifications.error('Failure', err, errorMessage);
|
|
});
|
|
}
|
|
|
|
$scope.start = function () {
|
|
var successMessage = 'Container successfully started';
|
|
var errorMessage = 'Unable to start container';
|
|
executeContainerAction($transition$.params().id, ContainerService.startContainer, successMessage, errorMessage);
|
|
};
|
|
|
|
$scope.stop = function () {
|
|
var successMessage = 'Container successfully stopped';
|
|
var errorMessage = 'Unable to stop container';
|
|
executeContainerAction($transition$.params().id, ContainerService.stopContainer, successMessage, errorMessage);
|
|
};
|
|
|
|
$scope.kill = function () {
|
|
var successMessage = 'Container successfully killed';
|
|
var errorMessage = 'Unable to kill container';
|
|
executeContainerAction($transition$.params().id, ContainerService.killContainer, successMessage, errorMessage);
|
|
};
|
|
|
|
$scope.pause = function () {
|
|
var successMessage = 'Container successfully paused';
|
|
var errorMessage = 'Unable to pause container';
|
|
executeContainerAction($transition$.params().id, ContainerService.pauseContainer, successMessage, errorMessage);
|
|
};
|
|
|
|
$scope.unpause = function () {
|
|
var successMessage = 'Container successfully resumed';
|
|
var errorMessage = 'Unable to resume container';
|
|
executeContainerAction($transition$.params().id, ContainerService.resumeContainer, successMessage, errorMessage);
|
|
};
|
|
|
|
$scope.restart = function () {
|
|
var successMessage = 'Container successfully restarted';
|
|
var errorMessage = 'Unable to restart container';
|
|
executeContainerAction($transition$.params().id, ContainerService.restartContainer, successMessage, errorMessage);
|
|
};
|
|
|
|
$scope.renameContainer = function () {
|
|
var container = $scope.container;
|
|
ContainerService.renameContainer($transition$.params().id, container.newContainerName)
|
|
.then(function success() {
|
|
container.Name = container.newContainerName;
|
|
Notifications.success('Container successfully renamed', container.Name);
|
|
})
|
|
.catch(function error(err) {
|
|
container.newContainerName = container.Name;
|
|
Notifications.error('Failure', err, 'Unable to rename container');
|
|
})
|
|
.finally(function final() {
|
|
$scope.container.edit = false;
|
|
});
|
|
};
|
|
|
|
$scope.containerLeaveNetwork = function containerLeaveNetwork(container, networkId) {
|
|
$scope.state.leaveNetworkInProgress = true;
|
|
NetworkService.disconnectContainer(networkId, container.Id, false)
|
|
.then(function success() {
|
|
Notifications.success('Container left network', container.Id);
|
|
$state.reload();
|
|
})
|
|
.catch(function error(err) {
|
|
Notifications.error('Failure', err, 'Unable to disconnect container from network');
|
|
})
|
|
.finally(function final() {
|
|
$scope.state.leaveNetworkInProgress = false;
|
|
});
|
|
};
|
|
|
|
$scope.containerJoinNetwork = function containerJoinNetwork(container, networkId) {
|
|
$scope.state.joinNetworkInProgress = true;
|
|
NetworkService.connectContainer(networkId, container.Id)
|
|
.then(function success() {
|
|
Notifications.success('Container joined network', container.Id);
|
|
$state.reload();
|
|
})
|
|
.catch(function error(err) {
|
|
Notifications.error('Failure', err, 'Unable to connect container to network');
|
|
})
|
|
.finally(function final() {
|
|
$scope.state.joinNetworkInProgress = false;
|
|
});
|
|
};
|
|
|
|
async function commitContainerAsync() {
|
|
$scope.config.commitInProgress = true;
|
|
const registryModel = $scope.config.RegistryModel;
|
|
const imageConfig = ImageHelper.createImageConfigForContainer(registryModel);
|
|
try {
|
|
await Commit.commitContainer({ id: $transition$.params().id, repo: imageConfig.fromImage }).$promise;
|
|
Notifications.success('Image created', $transition$.params().id);
|
|
$state.reload();
|
|
} catch (err) {
|
|
Notifications.error('Failure', err, 'Unable to create image');
|
|
$scope.config.commitInProgress = false;
|
|
}
|
|
}
|
|
|
|
$scope.commit = function () {
|
|
return $async(commitContainerAsync);
|
|
};
|
|
|
|
$scope.confirmRemove = function () {
|
|
var title = 'You are about to remove a container.';
|
|
if ($scope.container.State.Running) {
|
|
title = 'You are about to remove a running container.';
|
|
}
|
|
ModalService.confirmContainerDeletion(title, function (result) {
|
|
if (!result) {
|
|
return;
|
|
}
|
|
var cleanAssociatedVolumes = false;
|
|
if (result[0]) {
|
|
cleanAssociatedVolumes = true;
|
|
}
|
|
removeContainer(cleanAssociatedVolumes);
|
|
});
|
|
};
|
|
|
|
function removeContainer(cleanAssociatedVolumes) {
|
|
ContainerService.remove($scope.container, cleanAssociatedVolumes)
|
|
.then(function success() {
|
|
Notifications.success('Container successfully removed');
|
|
$state.go('docker.containers', {}, { reload: true });
|
|
})
|
|
.catch(function error(err) {
|
|
Notifications.error('Failure', err, 'Unable to remove container');
|
|
});
|
|
}
|
|
|
|
function recreateContainer(pullImage) {
|
|
var container = $scope.container;
|
|
var config = ContainerHelper.configFromContainer(container.Model);
|
|
$scope.state.recreateContainerInProgress = true;
|
|
var isRunning = container.State.Running;
|
|
|
|
return pullImageIfNeeded()
|
|
.then(stopContainerIfNeeded)
|
|
.then(renameContainer)
|
|
.then(setMainNetworkAndCreateContainer)
|
|
.then(connectContainerToOtherNetworks)
|
|
.then(startContainerIfNeeded)
|
|
.then(createResourceControl)
|
|
.then(deleteOldContainer)
|
|
.then(notifyAndChangeView)
|
|
.catch(notifyOnError);
|
|
|
|
function stopContainerIfNeeded() {
|
|
if (!isRunning) {
|
|
return $q.when();
|
|
}
|
|
return ContainerService.stopContainer(container.Id);
|
|
}
|
|
|
|
function renameContainer() {
|
|
return ContainerService.renameContainer(container.Id, container.Name + '-old');
|
|
}
|
|
|
|
function pullImageIfNeeded() {
|
|
if (!pullImage) {
|
|
return $q.when();
|
|
}
|
|
return RegistryService.retrievePorRegistryModelFromRepository(container.Config.Image, endpoint.Id).then((registryModel) => {
|
|
return ImageService.pullImage(registryModel, true);
|
|
});
|
|
}
|
|
|
|
function setMainNetworkAndCreateContainer() {
|
|
var networks = config.NetworkingConfig.EndpointsConfig;
|
|
var networksNames = Object.keys(networks);
|
|
if (networksNames.length > 1) {
|
|
config.NetworkingConfig.EndpointsConfig = {};
|
|
config.NetworkingConfig.EndpointsConfig[networksNames[0]] = networks[0];
|
|
}
|
|
return $q.all([ContainerService.createContainer(config), networks]);
|
|
}
|
|
|
|
function connectContainerToOtherNetworks(createContainerData) {
|
|
var newContainer = createContainerData[0];
|
|
var networks = createContainerData[1];
|
|
var networksNames = Object.keys(networks);
|
|
var connectionPromises = networksNames.map(function connectToNetwork(name) {
|
|
NetworkService.connectContainer(name, newContainer.Id);
|
|
});
|
|
return $q.all(connectionPromises).then(function onConnectToNetworkSuccess() {
|
|
return newContainer;
|
|
});
|
|
}
|
|
|
|
function deleteOldContainer(newContainer) {
|
|
return ContainerService.remove(container, true).then(function onRemoveSuccess() {
|
|
return newContainer;
|
|
});
|
|
}
|
|
|
|
function startContainerIfNeeded(newContainer) {
|
|
if (!isRunning) {
|
|
return $q.when(newContainer);
|
|
}
|
|
return ContainerService.startContainer(newContainer.Id).then(function onStartSuccess() {
|
|
return newContainer;
|
|
});
|
|
}
|
|
|
|
function createResourceControl(newContainer) {
|
|
const userId = Authentication.getUserDetails().ID;
|
|
const oldResourceControl = container.ResourceControl;
|
|
const newResourceControl = newContainer.Portainer.ResourceControl;
|
|
return ResourceControlService.duplicateResourceControl(userId, oldResourceControl, newResourceControl);
|
|
}
|
|
|
|
function notifyAndChangeView() {
|
|
Notifications.success('Container successfully re-created');
|
|
$state.go('docker.containers', {}, { reload: true });
|
|
}
|
|
|
|
function notifyOnError(err) {
|
|
Notifications.error('Failure', err, 'Unable to re-create container');
|
|
$scope.state.recreateContainerInProgress = false;
|
|
}
|
|
}
|
|
|
|
$scope.recreate = function () {
|
|
ModalService.confirmContainerRecreation(function (result) {
|
|
if (!result) {
|
|
return;
|
|
}
|
|
var pullImage = false;
|
|
if (result[0]) {
|
|
pullImage = true;
|
|
}
|
|
recreateContainer(pullImage);
|
|
});
|
|
};
|
|
|
|
function updateRestartPolicy(restartPolicy, maximumRetryCount) {
|
|
maximumRetryCount = restartPolicy === 'on-failure' ? maximumRetryCount : undefined;
|
|
|
|
return ContainerService.updateRestartPolicy($scope.container.Id, restartPolicy, maximumRetryCount).then(onUpdateSuccess).catch(notifyOnError);
|
|
|
|
function onUpdateSuccess() {
|
|
$scope.container.HostConfig.RestartPolicy = {
|
|
Name: restartPolicy,
|
|
MaximumRetryCount: maximumRetryCount,
|
|
};
|
|
Notifications.success('Restart policy updated');
|
|
}
|
|
|
|
function notifyOnError(err) {
|
|
Notifications.error('Failure', err, 'Unable to update restart policy');
|
|
return $q.reject(err);
|
|
}
|
|
}
|
|
|
|
var provider = $scope.applicationState.endpoint.mode.provider;
|
|
var apiVersion = $scope.applicationState.endpoint.apiVersion;
|
|
NetworkService.networks(provider === 'DOCKER_STANDALONE' || provider === 'DOCKER_SWARM_MODE', false, provider === 'DOCKER_SWARM_MODE' && apiVersion >= 1.25)
|
|
.then(function success(data) {
|
|
var networks = data;
|
|
$scope.availableNetworks = networks;
|
|
})
|
|
.catch(function error(err) {
|
|
Notifications.error('Failure', err, 'Unable to retrieve networks');
|
|
});
|
|
|
|
update();
|
|
},
|
|
]);
|