[PR #555] [MERGED] 1.18.0 #748

New Issue

GiteaMirror · 2025-10-31T15:20:44-05:00

GiteaMirror commented

2025-10-31 15:20:44 -05:00

📋 Pull Request Information

Original PR: https://github.com/moghtech/komodo/pull/555
Author: @mbecker20
Created: 5/28/2025
Status: ✅ Merged
Merged: 5/30/2025
Merged by: @mbecker20

Base: main ← Head: 1.18.0

📝 Commits (10+)

766b559 ferretdb v2 now that they support arm64
270804e remove ignored for sqlite
35aa8fd tweak
791138e mongo copier
a29b355 1.17.6
de23d76 primary name is ferretdb option
379d24e give doc counts
09905d0 fmt
0530a47 print document count
789c611 komodo util versioned seperately

📊 Changes

190 files changed (+5962 additions, -3423 deletions)

View changed files

📝 Cargo.lock (+77 -64)
📝 Cargo.toml (+13 -13)
📝 bin/binaries.Dockerfile (+6 -3)
📝 bin/core/Cargo.toml (+1 -1)
📝 bin/core/aio.Dockerfile (+1 -1)
📝 bin/core/src/alert/mod.rs (+9 -7)
📝 bin/core/src/alert/ntfy.rs (+12 -6)
📝 bin/core/src/api/execute/action.rs (+4 -3)
📝 bin/core/src/api/execute/alerter.rs (+2 -2)
📝 bin/core/src/api/execute/build.rs (+5 -4)
📝 bin/core/src/api/execute/deployment.rs (+3 -2)
📝 bin/core/src/api/execute/mod.rs (+14 -12)
📝 bin/core/src/api/execute/procedure.rs (+4 -3)
📝 bin/core/src/api/execute/repo.rs (+9 -8)
📝 bin/core/src/api/execute/server.rs (+43 -43)
📝 bin/core/src/api/execute/stack.rs (+7 -9)
📝 bin/core/src/api/execute/sync.rs (+6 -4)
📝 bin/core/src/api/read/action.rs (+17 -7)
📝 bin/core/src/api/read/alert.rs (+1 -1)
📝 bin/core/src/api/read/alerter.rs (+15 -6)

...and 80 more files

📄 Description

Changelog

🚨 This release moves official support to FerretDB v2. Users who deployed v1.17.5 or before using Postgres / Sqlite option are using FerretDB v1 and should eventually migrate using the FerretDB v2 Update Guide. Note that this is not a change to Komodo itself, only to the list of supported Mongo stand-ins. Users can update to 1.17.6 and continue to use FerretDB v1 if they wish.

🚨 Admins managing user permissions may need to modify the user access rules. In particular, container logs, docker inspect on containers, and terminal access are now gated behind additional permissions (for non admin users).

Specific Permissions

The main purpose of this release is to refine the access control / permissions system in Komodo. In 1.17.5 and before, access to resources was controlled only via access level (Read, Execute, Write). These levels provide access to the associated /read, /execute, and /write methods on resources, and it worked pretty well to provide RBAC.

Now with more potentially sensitive features, this is not quite enough to provide granular access control. To address this, specific permissions have been introduced in addition to Read, Execute, and Write levels.

Terminal: User can access the associated resource's terminal.
- If given on a Server, this allows server level terminal access.
- If given on a Stack or Deployment, this allows container exec terminal (even without Terminal on Server)
Attach: User can "attach" other resources to the resource.
- If given on a Server, allows users to attach Stacks and Deployments
- If given on a Builder, allows users to attach Builds
DockerInspect: User can "inspect" docker resources (like containers) on the Server
- Access to this api will expose all container environments on the given server, and can easily lead to secrets being leaked to unintended users if not protected.
DockerLogs: User can retrieve docker / docker compose logs on the associated resource.
- Valid on Server, Stack, Deployment
- For admins wanting this permission by default for all users with read permissions, see below on default user groups.
ProcessList: User can retrieve the full running process list on the Server

The above specific permissions are defined in a list alongside their level. This list is open for future expansion / and the associated implementations may be refined in future releases as well.

Default User Groups

Sometimes you will want to set a "baseline" set of permissions that all users will have on the Komodo instance. Previously this could only be done in very barebones way, by setting KOMODO_TRANSPARENT_MODE=true on the Komodo Core container. This would give all users a base level of "Read" on all resources.

In addition to the above permissions features, this release also adds an everyone mode to User Groups. If you enable this mode on a User Group, then all users will inherit those permissions as a base.

TOML Examples

As before, you are able to manage User Groups in Resource Syncs.

# Can define default rules in the Everyone group
[[user_group]]
name = "Everyone"
everyone = true
 # Can see servers, but no Logs / Inspect / Terminal permission
all.Server = "Read"
# This doesn't elevate specific stacks from None permissions,
# but if the user gets greater than Read from another permission,
# they will inherit the specific permissions
all.Stack = { level = "None", specific = ["Inspect", "Logs", "Terminal"] }
all.Deployment = { level = "None", specific = ["Inspect", "Logs", "Terminal"] }
# Allow users to see all Builders, and attach builds to them.
all.Builder = { level = "Read", specific = ["Attach"] }

[[user_group]]
name = "Stack Read"
users = ["user1", "user2"]
# Because of the "Everyone" group, don't need to redefine
# the specific permissions. User will have "Inspect", "Logs", etc.
all.Stack = "Read"

[[user_group]]
name = "Immich Manager"
users = ["user1", "user2"]
# Give per-service management to select users
permissions = [
  { target.type = "Server", target.id = "immich-server", level = "Write", specific = ["Logs", "Inspect", "Terminal"] },
  { target.type = "Stack", target.id = "immich", level = "Write"  }
]

[[user_group]]
name = "Dev Manager"
users = ["user1", "user2"]
# Manage wildcard access to specific resources, in this case with the `dev-` name prefix.
# Note. Doesn't work with Sync "Commit". Only "Execute" direction.
permissions = [
  { target.type = "Server", target.id = "dev-*", level = "Read" },
  { target.type = "Deployment", target.id = "dev-*", level = "Write"  },
  { target.type = "Build", target.id = "dev-*", level = "Write"  },
]

Misc.

Server: Remove limitations on name. Names can now include Capital letters and spaces. They still have to be unique.
- Also can use any name for Procedures, Actions, Resource Syncs, Builders and Alerters.
- Stacks / Deployments / Builds / Repos still have the same naming restrictions (no capitals / spaces)
Alerter: Ntfy endpoints now support configuring email. Note that you must also make sure SMTP is configured on the Ntfy server. By @FelixBreitweiser in #493
Resource Sync: Fix issue with User Groups showing "Pending" repeatedly / eroneously.
UI: Fix the inline rename behavior when renaming multiple resources in a row.
Startup log: Specify pretty_startup_config = true to get more human readable initial config log.
- Core Env: KOMODO_PRETTY_STARTUP_CONFIG=true
- Periphery Env: PERIPHERY_PRETTY_STARTUP_CONFIG=true

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/moghtech/komodo/pull/555 **Author:** [@mbecker20](https://github.com/mbecker20) **Created:** 5/28/2025 **Status:** ✅ Merged **Merged:** 5/30/2025 **Merged by:** [@mbecker20](https://github.com/mbecker20) **Base:** `main` ← **Head:** `1.18.0` --- ### 📝 Commits (10+) - [`766b559`](https://github.com/moghtech/komodo/commit/766b55911b0374db61a5bcbf4ef8998e35340657) ferretdb v2 now that they support arm64 - [`270804e`](https://github.com/moghtech/komodo/commit/270804eed4ec99fd31cc8a2821dd53b45d3ead53) remove ignored for sqlite - [`35aa8fd`](https://github.com/moghtech/komodo/commit/35aa8fd17ace80c2eba74433fd0abbc56c98ffe7) tweak - [`791138e`](https://github.com/moghtech/komodo/commit/791138e60257d8855886be49b1e0c04d12bc6e40) mongo copier - [`a29b355`](https://github.com/moghtech/komodo/commit/a29b3557dc0ef749d945dca2fc975b0737a736b3) 1.17.6 - [`de23d76`](https://github.com/moghtech/komodo/commit/de23d76407e4b8b588aed949b5cc3297094188cc) primary name is ferretdb option - [`379d24e`](https://github.com/moghtech/komodo/commit/379d24e5f3b8509e34d4388f5968899f43e345fb) give doc counts - [`09905d0`](https://github.com/moghtech/komodo/commit/09905d04fc4315ec1ac848a050b3de63fa166261) fmt - [`0530a47`](https://github.com/moghtech/komodo/commit/0530a47e7485ed9f67478056c099bcf5b9fa9883) print document count - [`789c611`](https://github.com/moghtech/komodo/commit/789c611657423d8739f394efe89b6fd32487fa4a) komodo util versioned seperately ### 📊 Changes **190 files changed** (+5962 additions, -3423 deletions) <details> <summary>View changed files</summary> 📝 `Cargo.lock` (+77 -64) 📝 `Cargo.toml` (+13 -13) 📝 `bin/binaries.Dockerfile` (+6 -3) 📝 `bin/core/Cargo.toml` (+1 -1) 📝 `bin/core/aio.Dockerfile` (+1 -1) 📝 `bin/core/src/alert/mod.rs` (+9 -7) 📝 `bin/core/src/alert/ntfy.rs` (+12 -6) 📝 `bin/core/src/api/execute/action.rs` (+4 -3) 📝 `bin/core/src/api/execute/alerter.rs` (+2 -2) 📝 `bin/core/src/api/execute/build.rs` (+5 -4) 📝 `bin/core/src/api/execute/deployment.rs` (+3 -2) 📝 `bin/core/src/api/execute/mod.rs` (+14 -12) 📝 `bin/core/src/api/execute/procedure.rs` (+4 -3) 📝 `bin/core/src/api/execute/repo.rs` (+9 -8) 📝 `bin/core/src/api/execute/server.rs` (+43 -43) 📝 `bin/core/src/api/execute/stack.rs` (+7 -9) 📝 `bin/core/src/api/execute/sync.rs` (+6 -4) 📝 `bin/core/src/api/read/action.rs` (+17 -7) 📝 `bin/core/src/api/read/alert.rs` (+1 -1) 📝 `bin/core/src/api/read/alerter.rs` (+15 -6) _...and 80 more files_ </details> ### 📄 Description # Changelog 🚨 This release moves **official support to FerretDB v2**. Users who deployed v1.17.5 or before using Postgres / Sqlite option are using FerretDB v1 and should **eventually** migrate using the [FerretDB v2 Update Guide](https://github.com/moghtech/komodo/blob/main/bin/util/docs/copy-database.md#ferretdb-v2-update-guide). Note that this is **not a change to Komodo itself**, only to the list of supported Mongo stand-ins. Users can update to 1.17.6 and continue to use FerretDB v1 if they wish. 🚨 Admins managing user permissions may need to modify the user access rules. In particular, **container logs**, **`docker inspect`** on containers, and **terminal access** are now gated behind additional permissions (for non admin users). ### **Specific Permissions** The main purpose of this release is to refine the access control / permissions system in Komodo. In 1.17.5 and before, access to resources was controlled only via access level (`Read`, `Execute`, `Write`). These levels provide access to the associated `/read`, `/execute`, and `/write` methods on resources, and it worked pretty well to provide RBAC. Now with more potentially sensitive features, this is not quite enough to provide granular access control. To address this, `specific` permissions have been introduced *in addition* to `Read`, `Execute`, and `Write` levels. - `Terminal`: User can access the associated resource's terminal. - If given on a `Server`, this allows server level terminal access. - If given on a `Stack` or `Deployment`, this allows container exec terminal (even without `Terminal` on `Server`) - `Attach`: User can "attach" *other resources* to the resource. - If given on a `Server`, allows users to attach `Stacks` and `Deployments` - If given on a `Builder`, allows users to attach `Builds` - `DockerInspect`: User can "inspect" docker resources (like containers) on the `Server` - Access to this api will expose all container environments on the given server, and can easily lead to secrets being leaked to unintended users if not protected. - `DockerLogs`: User can retrieve docker / docker compose logs on the associated resource. - Valid on `Server`, `Stack`, `Deployment` - For admins wanting this permission by default for all users with read permissions, see below on default user groups. - `ProcessList`: User can retrieve the full running process list on the `Server` The above `specific` permissions are defined in a list alongside their `level`. This list is open for future expansion / and the associated implementations may be refined in future releases as well. ### **Default User Groups** Sometimes you will want to set a "baseline" set of permissions that all users will have on the Komodo instance. Previously this could only be done in very barebones way, by setting `KOMODO_TRANSPARENT_MODE=true` on the Komodo Core container. This would give all users a base level of "Read" on all resources. In addition to the above permissions features, this release also adds an `everyone` mode to User Groups. If you enable this mode on a User Group, then all users will inherit those permissions as a base. ### TOML Examples As before, you are able to manage User Groups in Resource Syncs. ```toml # Can define default rules in the Everyone group [[user_group]] name = "Everyone" everyone = true # Can see servers, but no Logs / Inspect / Terminal permission all.Server = "Read" # This doesn't elevate specific stacks from None permissions, # but if the user gets greater than Read from another permission, # they will inherit the specific permissions all.Stack = { level = "None", specific = ["Inspect", "Logs", "Terminal"] } all.Deployment = { level = "None", specific = ["Inspect", "Logs", "Terminal"] } # Allow users to see all Builders, and attach builds to them. all.Builder = { level = "Read", specific = ["Attach"] } [[user_group]] name = "Stack Read" users = ["user1", "user2"] # Because of the "Everyone" group, don't need to redefine # the specific permissions. User will have "Inspect", "Logs", etc. all.Stack = "Read" [[user_group]] name = "Immich Manager" users = ["user1", "user2"] # Give per-service management to select users permissions = [ { target.type = "Server", target.id = "immich-server", level = "Write", specific = ["Logs", "Inspect", "Terminal"] }, { target.type = "Stack", target.id = "immich", level = "Write" } ] [[user_group]] name = "Dev Manager" users = ["user1", "user2"] # Manage wildcard access to specific resources, in this case with the `dev-` name prefix. # Note. Doesn't work with Sync "Commit". Only "Execute" direction. permissions = [ { target.type = "Server", target.id = "dev-*", level = "Read" }, { target.type = "Deployment", target.id = "dev-*", level = "Write" }, { target.type = "Build", target.id = "dev-*", level = "Write" }, ] ``` ### Misc. - **Server**: Remove limitations on **name**. Names can now include Capital letters and spaces. They still have to be unique. - Also can use any name for **Procedures**, **Actions**, **Resource Syncs**, **Builders** and **Alerters**. - Stacks / Deployments / Builds / Repos **still have the same naming restrictions** (no capitals / spaces) - **Alerter**: Ntfy endpoints now support configuring email. Note that you must also make sure SMTP is configured on the Ntfy server. By @FelixBreitweiser in #493 - **Resource Sync**: Fix issue with User Groups showing "Pending" repeatedly / eroneously. - **UI**: Fix the inline rename behavior when renaming multiple resources in a row. - **Startup log**: Specify `pretty_startup_config = true` to get more human readable initial config log. - Core Env: `KOMODO_PRETTY_STARTUP_CONFIG=true` - Periphery Env: `PERIPHERY_PRETTY_STARTUP_CONFIG=true` ![Screenshot 2025-05-30 at 12 25 55 PM](https://github.com/user-attachments/assets/c05dbb81-3db6-4a90-bb4b-f86bf8fcadb8) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

GiteaMirror added the

pull-request

label 2025-10-31 15:20:44 -05:00

GiteaMirror closed this issue

2025-10-31 15:20:44 -05:00

GiteaMirror referenced this issue

2025-10-31 15:21:21 -05:00

[PR #740] [MERGED] 1.19.1 #770

GiteaMirror referenced this issue

2025-10-31 15:21:30 -05:00

[PR #748] [MERGED] Add: Server Version Mismatch Warnings & Alert System #775

Sign in to join this conversation.