WIP: settings models

* fix(notifications): cleanup notifications code [EE-4274]

* break long words

.gitignore

@@ -7,6 +7,7 @@ storybook-static
 .tmp
 **/.vscode/settings.json
 **/.vscode/tasks.json
+.vscode
 *.DS_Store
 
 .eslintcache

README.md

@@ -12,21 +12,15 @@ Portainer consists of a single container that can run on any cluster. It can be
 - [Take5 – get 5 free nodes of Portainer Business for as long as you want them](https://portainer.io/pricing/take5)
 - [Portainer BE install guide](https://install.portainer.io)
 
-## Demo
-
-You can try out the public demo instance: http://demo.portainer.io/ (login with the username **admin** and the password **tryportainer**).
-
-Please note that the public demo cluster is **reset every 15min**.
-
 ## Latest Version
 
 Portainer CE is updated regularly. We aim to do an update release every couple of months.
 
-**The latest version of Portainer is 2.13.x**.
+[![latest version](https://img.shields.io/github/v/release/portainer/portainer?color=%2344cc11&label=Latest%20release&style=for-the-badge)](https://github.com/portainer/portainer/releases/latest)
 
 ## Getting started
 
-- [Deploy Portainer](https://docs.portainer.io/v/ce-2.9/start/install)
+- [Deploy Portainer](https://docs.portainer.io/start/install)
 - [Documentation](https://documentation.portainer.io)
 - [Contribute to the project](https://documentation.portainer.io/contributing/instructions/)
 

api/adminmonitor/admin_monitor.go

@@ -2,7 +2,6 @@ package adminmonitor
 
 import (
 	"context"
-	"log"
 	"net/http"
 	"strings"
 	"sync"
@@ -11,9 +10,9 @@ import (
 	httperror "github.com/portainer/libhttp/error"
 	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/dataservices"
-)
 
-var logFatalf = log.Fatalf
+	"github.com/rs/zerolog/log"
+)
 
 const RedirectReasonAdminInitTimeout string = "AdminInitTimeout"
 
@@ -26,7 +25,7 @@ type Monitor struct {
 	adminInitDisabled bool
 }
 
-// New creates a monitor that when started will wait for the timeout duration and then sends the timeout signal to disable the application
+// New creates a monitor that when started will wait for the timeout duration and then shutdown the application unless it has been initialized.
 func New(timeout time.Duration, datastore dataservices.DataStore, shutdownCtx context.Context) *Monitor {
 	return &Monitor{
 		timeout:           timeout,
@@ -49,24 +48,28 @@ func (m *Monitor) Start() {
 	m.cancellationFunc = cancellationFunc
 
 	go func() {
-		log.Println("[DEBUG] [internal,init] [message: start initialization monitor ]")
+		log.Debug().Msg("start initialization monitor")
+
 		select {
 		case <-time.After(m.timeout):
 			initialized, err := m.WasInitialized()
 			if err != nil {
-				logFatalf("%s", err)
+				log.Fatal().Err(err).Msg("")
 			}
+
 			if !initialized {
-				log.Println("[INFO] [internal,init] The Portainer instance timed out for security purposes. To re-enable your Portainer instance, you will need to restart Portainer")
+				log.Info().Msg("the Portainer instance timed out for security purposes, to re-enable your Portainer instance, you will need to restart Portainer")
+
 				m.mu.Lock()
 				defer m.mu.Unlock()
+
 				m.adminInitDisabled = true
 				return
 			}
 		case <-cancellationCtx.Done():
-			log.Println("[DEBUG] [internal,init] [message: canceling initialization monitor]")
+			log.Debug().Msg("canceling initialization monitor")
 		case <-m.shutdownCtx.Done():
-			log.Println("[DEBUG] [internal,init] [message: shutting down initialization monitor]")
+			log.Debug().Msg("shutting down initialization monitor")
 		}
 	}()
 }
@@ -102,12 +105,10 @@ func (m *Monitor) WasInstanceDisabled() bool {
 // Otherwise, it will pass through the request to next
 func (m *Monitor) WithRedirect(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if m.WasInstanceDisabled() {
-			if strings.HasPrefix(r.RequestURI, "/api") && r.RequestURI != "/api/status" && r.RequestURI != "/api/settings/public" {
-				w.Header().Set("redirect-reason", RedirectReasonAdminInitTimeout)
-				httperror.WriteError(w, http.StatusSeeOther, "Administrator initialization timeout", nil)
-				return
-			}
+		if m.WasInstanceDisabled() && strings.HasPrefix(r.RequestURI, "/api") && r.RequestURI != "/api/status" && r.RequestURI != "/api/settings/public" {
+			w.Header().Set("redirect-reason", RedirectReasonAdminInitTimeout)
+			httperror.WriteError(w, http.StatusSeeOther, "Administrator initialization timeout", nil)
+			return
 		}
 
 		next.ServeHTTP(w, r)

api/agent/version.go

@@ -0,0 +1,71 @@
+package agent
+
+import (
+	"crypto/tls"
+	"errors"
+	"fmt"
+	"net/http"
+	"strconv"
+	"time"
+
+	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api/internal/url"
+)
+
+// GetAgentVersionAndPlatform returns the agent version and platform
+//
+// it sends a ping to the agent and parses the version and platform from the headers
+func GetAgentVersionAndPlatform(endpointUrl string, tlsConfig *tls.Config) (portainer.AgentPlatform, string, error) {
+	httpCli := &http.Client{
+		Timeout: 3 * time.Second,
+	}
+
+	if tlsConfig != nil {
+		httpCli.Transport = &http.Transport{
+			TLSClientConfig: tlsConfig,
+		}
+	}
+
+	parsedURL, err := url.ParseURL(endpointUrl + "/ping")
+	if err != nil {
+		return 0, "", err
+	}
+
+	parsedURL.Scheme = "https"
+
+	req, err := http.NewRequest(http.MethodGet, parsedURL.String(), nil)
+	if err != nil {
+		return 0, "", err
+	}
+
+	resp, err := httpCli.Do(req)
+	if err != nil {
+		return 0, "", err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusNoContent {
+		return 0, "", fmt.Errorf("Failed request with status %d", resp.StatusCode)
+	}
+
+	version := resp.Header.Get(portainer.PortainerAgentHeader)
+	if version == "" {
+		return 0, "", errors.New("Version Header is missing")
+	}
+
+	agentPlatformHeader := resp.Header.Get(portainer.HTTPResponseAgentPlatform)
+	if agentPlatformHeader == "" {
+		return 0, "", errors.New("Agent Platform Header is missing")
+	}
+
+	agentPlatformNumber, err := strconv.Atoi(agentPlatformHeader)
+	if err != nil {
+		return 0, "", err
+	}
+
+	if agentPlatformNumber == 0 {
+		return 0, "", errors.New("Agent platform is invalid")
+	}
+
+	return portainer.AgentPlatform(agentPlatformNumber), version, nil
+}

api/apikey/service.go

@@ -6,10 +6,10 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/pkg/errors"
-
 	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/dataservices"
+
+	"github.com/pkg/errors"
 )
 
 const portainerAPIKeyPrefix = "ptr_"

api/apikey/service_test.go

@@ -2,7 +2,7 @@ package apikey
 
 import (
 	"crypto/sha256"
-	"log"
+	"fmt"
 	"strings"
 	"testing"
 	"time"
@@ -10,6 +10,8 @@ import (
 	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/datastore"
 	"github.com/stretchr/testify/assert"
+
+	"github.com/rs/zerolog/log"
 )
 
 func Test_SatisfiesAPIKeyServiceInterface(t *testing.T) {
@@ -20,7 +22,7 @@ func Test_SatisfiesAPIKeyServiceInterface(t *testing.T) {
 func Test_GenerateApiKey(t *testing.T) {
 	is := assert.New(t)
 
-	_, store, teardown := datastore.MustNewTestStore(true, true)
+	_, store, teardown := datastore.MustNewTestStore(t, true, true)
 	defer teardown()
 
 	service := NewAPIKeyService(store.APIKeyRepository(), store.User())
@@ -74,7 +76,7 @@ func Test_GenerateApiKey(t *testing.T) {
 func Test_GetAPIKey(t *testing.T) {
 	is := assert.New(t)
 
-	_, store, teardown := datastore.MustNewTestStore(true, true)
+	_, store, teardown := datastore.MustNewTestStore(t, true, true)
 	defer teardown()
 
 	service := NewAPIKeyService(store.APIKeyRepository(), store.User())
@@ -94,7 +96,7 @@ func Test_GetAPIKey(t *testing.T) {
 func Test_GetAPIKeys(t *testing.T) {
 	is := assert.New(t)
 
-	_, store, teardown := datastore.MustNewTestStore(true, true)
+	_, store, teardown := datastore.MustNewTestStore(t, true, true)
 	defer teardown()
 
 	service := NewAPIKeyService(store.APIKeyRepository(), store.User())
@@ -115,7 +117,7 @@ func Test_GetAPIKeys(t *testing.T) {
 func Test_GetDigestUserAndKey(t *testing.T) {
 	is := assert.New(t)
 
-	_, store, teardown := datastore.MustNewTestStore(true, true)
+	_, store, teardown := datastore.MustNewTestStore(t, true, true)
 	defer teardown()
 
 	service := NewAPIKeyService(store.APIKeyRepository(), store.User())
@@ -151,7 +153,7 @@ func Test_GetDigestUserAndKey(t *testing.T) {
 func Test_UpdateAPIKey(t *testing.T) {
 	is := assert.New(t)
 
-	_, store, teardown := datastore.MustNewTestStore(true, true)
+	_, store, teardown := datastore.MustNewTestStore(t, true, true)
 	defer teardown()
 
 	service := NewAPIKeyService(store.APIKeyRepository(), store.User())
@@ -169,11 +171,9 @@ func Test_UpdateAPIKey(t *testing.T) {
 		_, apiKeyGot, err := service.GetDigestUserAndKey(apiKey.Digest)
 		is.NoError(err)
 
-		log.Println(apiKey)
-		log.Println(apiKeyGot)
+		log.Debug().Str("wanted", fmt.Sprintf("%+v", apiKey)).Str("got", fmt.Sprintf("%+v", apiKeyGot)).Msg("")
 
 		is.Equal(apiKey.LastUsed, apiKeyGot.LastUsed)
-
 	})
 
 	t.Run("Successfully updates api-key in cache upon api-key update", func(t *testing.T) {
@@ -199,7 +199,7 @@ func Test_UpdateAPIKey(t *testing.T) {
 func Test_DeleteAPIKey(t *testing.T) {
 	is := assert.New(t)
 
-	_, store, teardown := datastore.MustNewTestStore(true, true)
+	_, store, teardown := datastore.MustNewTestStore(t, true, true)
 	defer teardown()
 
 	service := NewAPIKeyService(store.APIKeyRepository(), store.User())
@@ -240,7 +240,7 @@ func Test_DeleteAPIKey(t *testing.T) {
 func Test_InvalidateUserKeyCache(t *testing.T) {
 	is := assert.New(t)
 
-	_, store, teardown := datastore.MustNewTestStore(true, true)
+	_, store, teardown := datastore.MustNewTestStore(t, true, true)
 	defer teardown()
 
 	service := NewAPIKeyService(store.APIKeyRepository(), store.User())

api/archive/tar.go

@@ -34,3 +34,45 @@ func TarFileInBuffer(fileContent []byte, fileName string, mode int64) ([]byte, e
 
 	return buffer.Bytes(), nil
 }
+
+// tarFileInBuffer represents a tar archive buffer.
+type tarFileInBuffer struct {
+	b *bytes.Buffer
+	w *tar.Writer
+}
+
+func NewTarFileInBuffer() *tarFileInBuffer {
+	var b bytes.Buffer
+	return &tarFileInBuffer{
+		b: &b,
+		w: tar.NewWriter(&b),
+	}
+}
+
+// Put puts a single file to tar archive buffer.
+func (t *tarFileInBuffer) Put(fileContent []byte, fileName string, mode int64) error {
+	hdr := &tar.Header{
+		Name: fileName,
+		Mode: mode,
+		Size: int64(len(fileContent)),
+	}
+
+	if err := t.w.WriteHeader(hdr); err != nil {
+		return err
+	}
+
+	if _, err := t.w.Write(fileContent); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// Bytes returns the archive as a byte array.
+func (t *tarFileInBuffer) Bytes() []byte {
+	return t.b.Bytes()
+}
+
+func (t *tarFileInBuffer) Close() error {
+	return t.w.Close()
+}

api/archive/targz_test.go

@@ -9,7 +9,6 @@ import (
 	"path/filepath"
 	"testing"
 
-	"github.com/docker/docker/pkg/ioutils"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -27,9 +26,7 @@ func listFiles(dir string) []string {
 }
 
 func Test_shouldCreateArhive(t *testing.T) {
-	tmpdir, _ := ioutils.TempDir("", "backup")
-	defer os.RemoveAll(tmpdir)
-
+	tmpdir := t.TempDir()
 	content := []byte("content")
 	ioutil.WriteFile(path.Join(tmpdir, "outer"), content, 0600)
 	os.MkdirAll(path.Join(tmpdir, "dir"), 0700)
@@ -40,9 +37,7 @@ func Test_shouldCreateArhive(t *testing.T) {
 	assert.Nil(t, err)
 	assert.Equal(t, filepath.Join(tmpdir, fmt.Sprintf("%s.tar.gz", filepath.Base(tmpdir))), gzPath)
 
-	extractionDir, _ := ioutils.TempDir("", "extract")
-	defer os.RemoveAll(extractionDir)
-
+	extractionDir := t.TempDir()
 	cmd := exec.Command("tar", "-xzf", gzPath, "-C", extractionDir)
 	err = cmd.Run()
 	if err != nil {
@@ -63,9 +58,7 @@ func Test_shouldCreateArhive(t *testing.T) {
 }
 
 func Test_shouldCreateArhiveXXXXX(t *testing.T) {
-	tmpdir, _ := ioutils.TempDir("", "backup")
-	defer os.RemoveAll(tmpdir)
-
+	tmpdir := t.TempDir()
 	content := []byte("content")
 	ioutil.WriteFile(path.Join(tmpdir, "outer"), content, 0600)
 	os.MkdirAll(path.Join(tmpdir, "dir"), 0700)
@@ -76,9 +69,7 @@ func Test_shouldCreateArhiveXXXXX(t *testing.T) {
 	assert.Nil(t, err)
 	assert.Equal(t, filepath.Join(tmpdir, fmt.Sprintf("%s.tar.gz", filepath.Base(tmpdir))), gzPath)
 
-	extractionDir, _ := ioutils.TempDir("", "extract")
-	defer os.RemoveAll(extractionDir)
-
+	extractionDir := t.TempDir()
 	r, _ := os.Open(gzPath)
 	ExtractTarGz(r, extractionDir)
 	if err != nil {

api/archive/zip_test.go

@@ -2,16 +2,12 @@ package archive
 
 import (
 	"github.com/stretchr/testify/assert"
-	"io/ioutil"
-	"os"
 	"path/filepath"
 	"testing"
 )
 
 func TestUnzipFile(t *testing.T) {
-	dir, err := ioutil.TempDir("", "unzip-test-")
-	assert.NoError(t, err)
-	defer os.RemoveAll(dir)
+	dir := t.TempDir()
 	/*
 		Archive structure.
 		├── 0
@@ -21,7 +17,7 @@ func TestUnzipFile(t *testing.T) {
 		└── 0.txt
 	*/
 
-	err = UnzipFile("./testdata/sample_archive.zip", dir)
+	err := UnzipFile("./testdata/sample_archive.zip", dir)
 
 	assert.NoError(t, err)
 	archiveDir := dir + "/sample_archive"

api/backup/backup.go

@@ -1,109 +1,110 @@
 package backup
 
-import (
-	"fmt"
-	"os"
-	"path"
-	"path/filepath"
-	"time"
+// import (
+// 	"fmt"
+// 	"os"
+// 	"path"
+// 	"path/filepath"
+// 	"time"
 
-	"github.com/pkg/errors"
-	"github.com/portainer/portainer/api/archive"
-	"github.com/portainer/portainer/api/crypto"
-	"github.com/portainer/portainer/api/dataservices"
-	"github.com/portainer/portainer/api/filesystem"
-	"github.com/portainer/portainer/api/http/offlinegate"
-	"github.com/sirupsen/logrus"
-)
+// 	"github.com/portainer/portainer/api/archive"
+// 	"github.com/portainer/portainer/api/crypto"
+// 	"github.com/portainer/portainer/api/dataservices"
+// 	"github.com/portainer/portainer/api/filesystem"
+// 	"github.com/portainer/portainer/api/http/offlinegate"
 
-const rwxr__r__ os.FileMode = 0744
+// 	"github.com/pkg/errors"
+// 	"github.com/rs/zerolog/log"
+// )
 
-var filesToBackup = []string{
-	"certs",
-	"compose",
-	"config.json",
-	"custom_templates",
-	"edge_jobs",
-	"edge_stacks",
-	"extensions",
-	"portainer.key",
-	"portainer.pub",
-	"tls",
-}
+// const rwxr__r__ os.FileMode = 0744
 
-// Creates a tar.gz system archive and encrypts it if password is not empty. Returns a path to the archive file.
-func CreateBackupArchive(password string, gate *offlinegate.OfflineGate, datastore dataservices.DataStore, filestorePath string) (string, error) {
-	unlock := gate.Lock()
-	defer unlock()
+// var filesToBackup = []string{
+// 	"certs",
+// 	"compose",
+// 	"config.json",
+// 	"custom_templates",
+// 	"edge_jobs",
+// 	"edge_stacks",
+// 	"extensions",
+// 	"portainer.key",
+// 	"portainer.pub",
+// 	"tls",
+// }
 
-	backupDirPath := filepath.Join(filestorePath, "backup", time.Now().Format("2006-01-02_15-04-05"))
-	if err := os.MkdirAll(backupDirPath, rwxr__r__); err != nil {
-		return "", errors.Wrap(err, "Failed to create backup dir")
-	}
+// // Creates a tar.gz system archive and encrypts it if password is not empty. Returns a path to the archive file.
+// func CreateBackupArchive(password string, gate *offlinegate.OfflineGate, datastore dataservices.DataStore, filestorePath string) (string, error) {
+// 	unlock := gate.Lock()
+// 	defer unlock()
 
-	{
-		// new export
-		exportFilename := path.Join(backupDirPath, fmt.Sprintf("export-%d.json", time.Now().Unix()))
+// 	backupDirPath := filepath.Join(filestorePath, "backup", time.Now().Format("2006-01-02_15-04-05"))
+// 	if err := os.MkdirAll(backupDirPath, rwxr__r__); err != nil {
+// 		return "", errors.Wrap(err, "Failed to create backup dir")
+// 	}
 
-		err := datastore.Export(exportFilename)
-		if err != nil {
-			logrus.WithError(err).Debugf("failed to export to %s", exportFilename)
-		} else {
-			logrus.Debugf("exported to %s", exportFilename)
-		}
-	}
+// 	{
+// 		// new export
+// 		exportFilename := path.Join(backupDirPath, fmt.Sprintf("export-%d.json", time.Now().Unix()))
 
-	if err := backupDb(backupDirPath, datastore); err != nil {
-		return "", errors.Wrap(err, "Failed to backup database")
-	}
+// 		err := datastore.Export(exportFilename)
+// 		if err != nil {
+// 			log.Error().Err(err).Str("filename", exportFilename).Msg("failed to export")
+// 		} else {
+// 			log.Debug().Str("filename", exportFilename).Msg("file exported")
+// 		}
+// 	}
 
-	for _, filename := range filesToBackup {
-		err := filesystem.CopyPath(filepath.Join(filestorePath, filename), backupDirPath)
-		if err != nil {
-			return "", errors.Wrap(err, "Failed to create backup file")
-		}
-	}
+// 	if err := backupDb(backupDirPath, datastore); err != nil {
+// 		return "", errors.Wrap(err, "Failed to backup database")
+// 	}
 
-	archivePath, err := archive.TarGzDir(backupDirPath)
-	if err != nil {
-		return "", errors.Wrap(err, "Failed to make an archive")
-	}
+// 	for _, filename := range filesToBackup {
+// 		err := filesystem.CopyPath(filepath.Join(filestorePath, filename), backupDirPath)
+// 		if err != nil {
+// 			return "", errors.Wrap(err, "Failed to create backup file")
+// 		}
+// 	}
 
-	if password != "" {
-		archivePath, err = encrypt(archivePath, password)
-		if err != nil {
-			return "", errors.Wrap(err, "Failed to encrypt backup with the password")
-		}
-	}
+// 	archivePath, err := archive.TarGzDir(backupDirPath)
+// 	if err != nil {
+// 		return "", errors.Wrap(err, "Failed to make an archive")
+// 	}
 
-	return archivePath, nil
-}
+// 	if password != "" {
+// 		archivePath, err = encrypt(archivePath, password)
+// 		if err != nil {
+// 			return "", errors.Wrap(err, "Failed to encrypt backup with the password")
+// 		}
+// 	}
 
-func backupDb(backupDirPath string, datastore dataservices.DataStore) error {
-	backupWriter, err := os.Create(filepath.Join(backupDirPath, "portainer.db"))
-	if err != nil {
-		return err
-	}
-	if err = datastore.BackupTo(backupWriter); err != nil {
-		return err
-	}
-	return backupWriter.Close()
-}
+// 	return archivePath, nil
+// }
 
-func encrypt(path string, passphrase string) (string, error) {
-	in, err := os.Open(path)
-	if err != nil {
-		return "", err
-	}
-	defer in.Close()
+// func backupDb(backupDirPath string, datastore dataservices.DataStore) error {
+// 	backupWriter, err := os.Create(filepath.Join(backupDirPath, "portainer.db"))
+// 	if err != nil {
+// 		return err
+// 	}
+// 	if err = datastore.BackupTo(backupWriter); err != nil {
+// 		return err
+// 	}
+// 	return backupWriter.Close()
+// }
 
-	outFileName := fmt.Sprintf("%s.encrypted", path)
-	out, err := os.Create(outFileName)
-	if err != nil {
-		return "", err
-	}
+// func encrypt(path string, passphrase string) (string, error) {
+// 	in, err := os.Open(path)
+// 	if err != nil {
+// 		return "", err
+// 	}
+// 	defer in.Close()
 
-	err = crypto.AesEncrypt(in, out, []byte(passphrase))
+// 	outFileName := fmt.Sprintf("%s.encrypted", path)
+// 	out, err := os.Create(outFileName)
+// 	if err != nil {
+// 		return "", err
+// 	}
 
-	return outFileName, err
-}
+// 	err = crypto.AesEncrypt(in, out, []byte(passphrase))
+
+// 	return outFileName, err
+// }

api/backup/restore.go

@@ -1,85 +1,85 @@
 package backup
 
-import (
-	"context"
-	"io"
-	"os"
-	"path/filepath"
-	"time"
+// import (
+// 	"context"
+// 	"io"
+// 	"os"
+// 	"path/filepath"
+// 	"time"
 
-	"github.com/pkg/errors"
-	"github.com/portainer/portainer/api/archive"
-	"github.com/portainer/portainer/api/crypto"
-	"github.com/portainer/portainer/api/database/boltdb"
-	"github.com/portainer/portainer/api/dataservices"
-	"github.com/portainer/portainer/api/filesystem"
-	"github.com/portainer/portainer/api/http/offlinegate"
-)
+// 	"github.com/pkg/errors"
+// 	"github.com/portainer/portainer/api/archive"
+// 	"github.com/portainer/portainer/api/crypto"
+// 	"github.com/portainer/portainer/api/dataservices"
+// 	"github.com/portainer/portainer/api/filesystem"
+// 	"github.com/portainer/portainer/api/http/offlinegate"
+// )
 
-var filesToRestore = append(filesToBackup, "portainer.db")
+// var filesToRestore = append(filesToBackup, "portainer.db")
 
-// Restores system state from backup archive, will trigger system shutdown, when finished.
-func RestoreArchive(archive io.Reader, password string, filestorePath string, gate *offlinegate.OfflineGate, datastore dataservices.DataStore, shutdownTrigger context.CancelFunc) error {
-	var err error
-	if password != "" {
-		archive, err = decrypt(archive, password)
-		if err != nil {
-			return errors.Wrap(err, "failed to decrypt the archive")
-		}
-	}
+// // Restores system state from backup archive, will trigger system shutdown, when finished.
+// func RestoreArchive(archive io.Reader, password string, filestorePath string, gate *offlinegate.OfflineGate, datastore dataservices.DataStore, shutdownTrigger context.CancelFunc) error {
+// 	var err error
+// 	if password != "" {
+// 		archive, err = decrypt(archive, password)
+// 		if err != nil {
+// 			return errors.Wrap(err, "failed to decrypt the archive")
+// 		}
+// 	}
 
-	restorePath := filepath.Join(filestorePath, "restore", time.Now().Format("20060102150405"))
-	defer os.RemoveAll(filepath.Dir(restorePath))
+// 	restorePath := filepath.Join(filestorePath, "restore", time.Now().Format("20060102150405"))
+// 	defer os.RemoveAll(filepath.Dir(restorePath))
 
-	err = extractArchive(archive, restorePath)
-	if err != nil {
-		return errors.Wrap(err, "cannot extract files from the archive. Please ensure the password is correct and try again")
-	}
+// 	err = extractArchive(archive, restorePath)
+// 	if err != nil {
+// 		return errors.Wrap(err, "cannot extract files from the archive. Please ensure the password is correct and try again")
+// 	}
 
-	unlock := gate.Lock()
-	defer unlock()
+// 	unlock := gate.Lock()
+// 	defer unlock()
 
-	if err = datastore.Close(); err != nil {
-		return errors.Wrap(err, "Failed to stop db")
-	}
+// 	if err = datastore.Close(); err != nil {
+// 		return errors.Wrap(err, "Failed to stop db")
+// 	}
 
-	if err = restoreFiles(restorePath, filestorePath); err != nil {
-		return errors.Wrap(err, "failed to restore the system state")
-	}
+// 	if err = restoreFiles(restorePath, filestorePath); err != nil {
+// 		return errors.Wrap(err, "failed to restore the system state")
+// 	}
 
-	shutdownTrigger()
-	return nil
-}
+// 	shutdownTrigger()
+// 	return nil
+// }
 
-func decrypt(r io.Reader, password string) (io.Reader, error) {
-	return crypto.AesDecrypt(r, []byte(password))
-}
+// func decrypt(r io.Reader, password string) (io.Reader, error) {
+// 	return crypto.AesDecrypt(r, []byte(password))
+// }
 
-func extractArchive(r io.Reader, destinationDirPath string) error {
-	return archive.ExtractTarGz(r, destinationDirPath)
-}
+// func extractArchive(r io.Reader, destinationDirPath string) error {
+// 	return archive.ExtractTarGz(r, destinationDirPath)
+// }
 
-func restoreFiles(srcDir string, destinationDir string) error {
-	for _, filename := range filesToRestore {
-		err := filesystem.CopyPath(filepath.Join(srcDir, filename), destinationDir)
-		if err != nil {
-			return err
-		}
-	}
+// func restoreFiles(srcDir string, destinationDir string) error {
+// 	for _, filename := range filesToRestore {
+// 		err := filesystem.CopyPath(filepath.Join(srcDir, filename), destinationDir)
+// 		if err != nil {
+// 			return err
+// 		}
+// 	}
 
-	// TODO:  This is very boltdb module specific once again due to the filename.  Move to bolt module? Refactor for another day
+// 	// TODO:  This is very boltdb module specific once again due to the filename.  Move to bolt module? Refactor for another day
 
-	// Prevent the possibility of having both databases.  Remove any default new instance
-	os.Remove(filepath.Join(destinationDir, boltdb.DatabaseFileName))
-	os.Remove(filepath.Join(destinationDir, boltdb.EncryptedDatabaseFileName))
+// 	// Prevent the possibility of having both databases.  Remove any default new instance
+// 	os.Remove(filepath.Join(destinationDir, boltdb.DatabaseFileName))
+// 	os.Remove(filepath.Join(destinationDir, boltdb.EncryptedDatabaseFileName))
 
-	// Now copy the database.  It'll be either portainer.db or portainer.edb
+// 	// Now copy the database.  It'll be either portainer.db or portainer.edb
 
-	// Note: CopyPath does not return an error if the source file doesn't exist
-	err := filesystem.CopyPath(filepath.Join(srcDir, boltdb.EncryptedDatabaseFileName), destinationDir)
-	if err != nil {
-		return err
-	}
+// 	// Note: CopyPath does not return an error if the source file doesn't exist
+// 	err := filesystem.CopyPath(filepath.Join(srcDir, boltdb.EncryptedDatabaseFileName), destinationDir)
+// 	if err != nil {
+// 		return err
+// 	}
 
-	return filesystem.CopyPath(filepath.Join(srcDir, boltdb.DatabaseFileName), destinationDir)
-}
+// 	// return filesystem.CopyPath(filepath.Join(srcDir, boltdb.DatabaseFileName), destinationDir)
+// 	return nil
+// }

api/chisel/service.go

@@ -3,16 +3,17 @@ package chisel
 import (
 	"context"
 	"fmt"
-	"log"
 	"net/http"
 	"sync"
 	"time"
 
-	"github.com/dchest/uniuri"
-	chserver "github.com/jpillora/chisel/server"
 	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/dataservices"
 	"github.com/portainer/portainer/api/http/proxy"
+
+	"github.com/dchest/uniuri"
+	chserver "github.com/jpillora/chisel/server"
+	"github.com/rs/zerolog/log"
 )
 
 const (
@@ -64,7 +65,11 @@ func (service *Service) pingAgent(endpointID portainer.EndpointID) error {
 // KeepTunnelAlive keeps the tunnel of the given environment for maxAlive duration, or until ctx is done
 func (service *Service) KeepTunnelAlive(endpointID portainer.EndpointID, ctx context.Context, maxAlive time.Duration) {
 	go func() {
-		log.Printf("[DEBUG] [chisel,KeepTunnelAlive] [endpoint_id: %d] [message: start for %.0f minutes]\n", endpointID, maxAlive.Minutes())
+		log.Debug().
+			Int("endpoint_id", int(endpointID)).
+			Float64("max_alive_minutes", maxAlive.Minutes()).
+			Msg("start")
+
 		maxAliveTicker := time.NewTicker(maxAlive)
 		defer maxAliveTicker.Stop()
 		pingTicker := time.NewTicker(tunnelCleanupInterval)
@@ -76,14 +81,25 @@ func (service *Service) KeepTunnelAlive(endpointID portainer.EndpointID, ctx con
 				service.SetTunnelStatusToActive(endpointID)
 				err := service.pingAgent(endpointID)
 				if err != nil {
-					log.Printf("[DEBUG] [chisel,KeepTunnelAlive] [endpoint_id: %d] [warning: ping agent err=%s]\n", endpointID, err)
+					log.Debug().
+						Int("endpoint_id", int(endpointID)).
+						Err(err).
+						Msg("ping agent")
 				}
 			case <-maxAliveTicker.C:
-				log.Printf("[DEBUG] [chisel,KeepTunnelAlive] [endpoint_id: %d] [message: stop as %.0f minutes timeout]\n", endpointID, maxAlive.Minutes())
+				log.Debug().
+					Int("endpoint_id", int(endpointID)).
+					Float64("timeout_minutes", maxAlive.Minutes()).
+					Msg("tunnel keep alive timeout")
+
 				return
 			case <-ctx.Done():
 				err := ctx.Err()
-				log.Printf("[DEBUG] [chisel,KeepTunnelAlive] [endpoint_id: %d] [message: stop as err=%s]\n", endpointID, err)
+				log.Debug().
+					Int("endpoint_id", int(endpointID)).
+					Err(err).
+					Msg("tunnel stop")
+
 				return
 			}
 		}
@@ -162,7 +178,10 @@ func (service *Service) retrievePrivateKeySeed() (string, error) {
 }
 
 func (service *Service) startTunnelVerificationLoop() {
-	log.Printf("[DEBUG] [chisel, monitoring] [check_interval_seconds: %f] [message: starting tunnel management process]", tunnelCleanupInterval.Seconds())
+	log.Debug().
+		Float64("check_interval_seconds", tunnelCleanupInterval.Seconds()).
+		Msg("starting tunnel management process")
+
 	ticker := time.NewTicker(tunnelCleanupInterval)
 
 	for {
@@ -170,10 +189,12 @@ func (service *Service) startTunnelVerificationLoop() {
 		case <-ticker.C:
 			service.checkTunnels()
 		case <-service.shutdownCtx.Done():
-			log.Println("[DEBUG] Shutting down tunnel service")
+			log.Debug().Msg("shutting down tunnel service")
+
 			if err := service.StopTunnelServer(); err != nil {
-				log.Printf("Stopped tunnel service: %s", err)
+				log.Debug().Err(err).Msg("stopped tunnel service")
 			}
+
 			ticker.Stop()
 			return
 		}
@@ -195,22 +216,39 @@ func (service *Service) checkTunnels() {
 		}
 
 		elapsed := time.Since(tunnel.LastActivity)
-		log.Printf("[DEBUG] [chisel,monitoring] [endpoint_id: %d] [status: %s] [status_time_seconds: %f] [message: environment tunnel monitoring]", endpointID, tunnel.Status, elapsed.Seconds())
+		log.Debug().
+			Int("endpoint_id", int(endpointID)).
+			Str("status", tunnel.Status).
+			Float64("status_time_seconds", elapsed.Seconds()).
+			Msg("environment tunnel monitoring")
 
 		if tunnel.Status == portainer.EdgeAgentManagementRequired && elapsed.Seconds() < requiredTimeout.Seconds() {
 			continue
 		} else if tunnel.Status == portainer.EdgeAgentManagementRequired && elapsed.Seconds() > requiredTimeout.Seconds() {
-			log.Printf("[DEBUG] [chisel,monitoring] [endpoint_id: %d] [status: %s] [status_time_seconds: %f] [timeout_seconds: %f] [message: REQUIRED state timeout exceeded]", endpointID, tunnel.Status, elapsed.Seconds(), requiredTimeout.Seconds())
+			log.Debug().
+				Int("endpoint_id", int(endpointID)).
+				Str("status", tunnel.Status).
+				Float64("status_time_seconds", elapsed.Seconds()).
+				Float64("timeout_seconds", requiredTimeout.Seconds()).
+				Msg("REQUIRED state timeout exceeded")
 		}
 
 		if tunnel.Status == portainer.EdgeAgentActive && elapsed.Seconds() < activeTimeout.Seconds() {
 			continue
 		} else if tunnel.Status == portainer.EdgeAgentActive && elapsed.Seconds() > activeTimeout.Seconds() {
-			log.Printf("[DEBUG] [chisel,monitoring] [endpoint_id: %d] [status: %s] [status_time_seconds: %f] [timeout_seconds: %f] [message: ACTIVE state timeout exceeded]", endpointID, tunnel.Status, elapsed.Seconds(), activeTimeout.Seconds())
+			log.Debug().
+				Int("endpoint_id", int(endpointID)).
+				Str("status", tunnel.Status).
+				Float64("status_time_seconds", elapsed.Seconds()).
+				Float64("timeout_seconds", activeTimeout.Seconds()).
+				Msg("ACTIVE state timeout exceeded")
 
 			err := service.snapshotEnvironment(endpointID, tunnel.Port)
 			if err != nil {
-				log.Printf("[ERROR] [snapshot] Unable to snapshot Edge environment (id: %d): %s", endpointID, err)
+				log.Error().
+					Int("endpoint_id", int(endpointID)).
+					Err(err).
+					Msg("unable to snapshot Edge environment")
 			}
 		}
 

api/cli/cli.go

@@ -2,15 +2,14 @@ package cli
 
 import (
 	"errors"
-	"log"
+	"os"
+	"path/filepath"
+	"strings"
 	"time"
 
 	portainer "github.com/portainer/portainer/api"
 
-	"os"
-	"path/filepath"
-	"strings"
-
+	"github.com/rs/zerolog/log"
 	"gopkg.in/alecthomas/kingpin.v2"
 )
 
@@ -62,6 +61,7 @@ func (*Service) ParseFlags(version string) (*portainer.CLIFlags, error) {
 		MaxBatchSize:              kingpin.Flag("max-batch-size", "Maximum size of a batch").Int(),
 		MaxBatchDelay:             kingpin.Flag("max-batch-delay", "Maximum delay before a batch starts").Duration(),
 		SecretKeyName:             kingpin.Flag("secret-key-name", "Secret key name for encryption and will be used as /run/secrets/<secret-key-name>.").Default(defaultSecretKeyName).String(),
+		LogLevel:                  kingpin.Flag("log-level", "Set the minimum logging level to show").Default("INFO").Enum("DEBUG", "INFO", "WARN", "ERROR"),
 	}
 
 	kingpin.Parse()
@@ -101,11 +101,11 @@ func (*Service) ValidateFlags(flags *portainer.CLIFlags) error {
 
 func displayDeprecationWarnings(flags *portainer.CLIFlags) {
 	if *flags.NoAnalytics {
-		log.Println("Warning: The --no-analytics flag has been kept to allow migration of instances running a previous version of Portainer with this flag enabled, to version 2.0 where enabling this flag will have no effect.")
+		log.Warn().Msg("the --no-analytics flag has been kept to allow migration of instances running a previous version of Portainer with this flag enabled, to version 2.0 where enabling this flag will have no effect")
 	}
 
 	if *flags.SSL {
-		log.Println("Warning: SSL is enabled by default and there is no need for the --ssl flag. It has been kept to allow migration of instances running a previous version of Portainer with this flag enabled")
+		log.Warn().Msg("SSL is enabled by default and there is no need for the --ssl flag, it has been kept to allow migration of instances running a previous version of Portainer with this flag enabled")
 	}
 }
 

api/cli/pairlistbool.go

@@ -1,10 +1,10 @@
 package cli
 
 import (
-	portainer "github.com/portainer/portainer/api"
-
 	"strings"
 
+	portainer "github.com/portainer/portainer/api"
+
 	"gopkg.in/alecthomas/kingpin.v2"
 )
 

api/cmd/portainer/import.go

@@ -1,29 +0,0 @@
-package main
-
-import (
-	"log"
-
-	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/datastore"
-	"github.com/sirupsen/logrus"
-)
-
-func importFromJson(fileService portainer.FileService, store *datastore.Store) {
-	// EXPERIMENTAL - if used with an incomplete json file, it will fail, as we don't have a way to default the model values
-	importFile := "/data/import.json"
-	if exists, _ := fileService.FileExists(importFile); exists {
-		if err := store.Import(importFile); err != nil {
-			logrus.WithError(err).Debugf("Import %s failed", importFile)
-
-			// TODO: should really rollback on failure, but then we have nothing.
-		} else {
-			logrus.Printf("Successfully imported %s to new portainer database", importFile)
-		}
-		// TODO: this is bad - its to ensure that any defaults that were broken in import, or migrations get set back to what we want
-		// I also suspect that everything from "Init to Init" is potentially a migration
-		err := store.Init()
-		if err != nil {
-			log.Fatalf("Failed initializing data store: %v", err)
-		}
-	}
-}

api/cmd/portainer/log.go

@@ -1,20 +1,33 @@
 package main
 
 import (
-	"log"
+	stdlog "log"
 
-	"github.com/sirupsen/logrus"
+	"github.com/rs/zerolog"
+	"github.com/rs/zerolog/log"
+	"github.com/rs/zerolog/pkgerrors"
 )
 
 func configureLogger() {
-	logger := logrus.New() // logger is to implicitly substitute stdlib's log
-	log.SetOutput(logger.Writer())
+	zerolog.ErrorStackFieldName = "stack_trace"
+	zerolog.ErrorStackMarshaler = pkgerrors.MarshalStack
+	zerolog.TimeFieldFormat = zerolog.TimeFormatUnix
 
-	formatter := &logrus.TextFormatter{DisableTimestamp: false, DisableLevelTruncation: true}
+	stdlog.SetFlags(0)
+	stdlog.SetOutput(log.Logger)
 
-	logger.SetFormatter(formatter)
-	logrus.SetFormatter(formatter)
-
-	logger.SetLevel(logrus.DebugLevel)
-	logrus.SetLevel(logrus.DebugLevel)
+	log.Logger = log.Logger.With().Caller().Stack().Logger()
+}
+
+func setLoggingLevel(level string) {
+	switch level {
+	case "ERROR":
+		zerolog.SetGlobalLevel(zerolog.ErrorLevel)
+	case "WARN":
+		zerolog.SetGlobalLevel(zerolog.WarnLevel)
+	case "INFO":
+		zerolog.SetGlobalLevel(zerolog.InfoLevel)
+	case "DEBUG":
+		zerolog.SetGlobalLevel(zerolog.DebugLevel)
+	}
 }

api/cmd/portainer/main.go

@@ -4,14 +4,10 @@ import (
 	"context"
 	"crypto/sha256"
 	"fmt"
-	"log"
 	"os"
 	"path"
 	"strconv"
 	"strings"
-	"time"
-
-	"github.com/sirupsen/logrus"
 
 	"github.com/portainer/libhelm"
 	portainer "github.com/portainer/portainer/api"
@@ -21,7 +17,6 @@ import (
 	"github.com/portainer/portainer/api/cli"
 	"github.com/portainer/portainer/api/crypto"
 	"github.com/portainer/portainer/api/database"
-	"github.com/portainer/portainer/api/database/boltdb"
 	"github.com/portainer/portainer/api/dataservices"
 	"github.com/portainer/portainer/api/datastore"
 	"github.com/portainer/portainer/api/demo"
@@ -44,66 +39,63 @@ import (
 	"github.com/portainer/portainer/api/ldap"
 	"github.com/portainer/portainer/api/oauth"
 	"github.com/portainer/portainer/api/scheduler"
-	"github.com/portainer/portainer/api/stacks"
+	"github.com/portainer/portainer/api/stacks/deployments"
+
+	"github.com/rs/zerolog/log"
 )
 
 func initCLI() *portainer.CLIFlags {
 	var cliService portainer.CLIService = &cli.Service{}
 	flags, err := cliService.ParseFlags(portainer.APIVersion)
 	if err != nil {
-		logrus.Fatalf("Failed parsing flags: %v", err)
+		log.Fatal().Err(err).Msg("failed parsing flags")
 	}
 
 	err = cliService.ValidateFlags(flags)
 	if err != nil {
-		logrus.Fatalf("Failed validating flags:%v", err)
+		log.Fatal().Err(err).Msg("failed validating flags")
 	}
+
 	return flags
 }
 
 func initFileService(dataStorePath string) portainer.FileService {
 	fileService, err := filesystem.NewService(dataStorePath, "")
 	if err != nil {
-		logrus.Fatalf("Failed creating file service: %v", err)
+		log.Fatal().Err(err).Msg("failed creating file service")
 	}
+
 	return fileService
 }
 
 func initDataStore(flags *portainer.CLIFlags, secretKey []byte, fileService portainer.FileService, shutdownCtx context.Context) dataservices.DataStore {
-	connection, err := database.NewDatabase("boltdb", *flags.Data, secretKey)
+	connection, err := database.NewDatabase("sqlite", *flags.Data, secretKey)
 	if err != nil {
-		logrus.Fatalf("failed creating database connection: %s", err)
-	}
-
-	if bconn, ok := connection.(*boltdb.DbConnection); ok {
-		bconn.MaxBatchSize = *flags.MaxBatchSize
-		bconn.MaxBatchDelay = *flags.MaxBatchDelay
-		bconn.InitialMmapSize = *flags.InitialMmapSize
-	} else {
-		logrus.Fatalf("failed creating database connection: expecting a boltdb database type but a different one was received")
+		log.Fatal().Err(err).Msg("failed creating database connection")
 	}
 
 	store := datastore.NewStore(*flags.Data, fileService, connection)
 	isNew, err := store.Open()
 	if err != nil {
-		logrus.Fatalf("Failed opening store: %v", err)
+		log.Fatal().Err(err).Msg("failed opening store")
 	}
 
-	if *flags.Rollback {
-		err := store.Rollback(false)
-		if err != nil {
-			logrus.Fatalf("Failed rolling back: %v", err)
-		}
+	// if *flags.Rollback {
+	// 	err := store.Rollback(false)
+	// 	if err != nil {
+	// 		log.Fatal().Err(err).Msg("failed rolling back")
+	// 	}
 
-		logrus.Println("Exiting rollback")
-		os.Exit(0)
-		return nil
-	}
+	// 	log.Info().Msg("exiting rollback")
+	// 	os.Exit(0)
+
+	// 	return nil
+	// }
 
 	// Init sets some defaults - it's basically a migration
 	err = store.Init()
 	if err != nil {
-		logrus.Fatalf("Failed initializing data store: %v", err)
+		log.Fatal().Err(err).Msg("failed initializing data store")
 	}
 
 	if isNew {
@@ -112,24 +104,25 @@ func initDataStore(flags *portainer.CLIFlags, secretKey []byte, fileService port
 
 		err := updateSettingsFromFlags(store, flags)
 		if err != nil {
-			logrus.Fatalf("Failed updating settings from flags: %v", err)
+			log.Fatal().Err(err).Msg("failed updating settings from flags")
 		}
 	} else {
-		storedVersion, err := store.VersionService.DBVersion()
-		if err != nil {
-			logrus.Fatalf("Something Failed during creation of new database: %v", err)
-		}
-		if storedVersion != portainer.DBVersion {
-			err = store.MigrateData()
-			if err != nil {
-				logrus.Fatalf("Failed migration: %v", err)
-			}
-		}
+		// storedVersion, err := store.VersionService.DBVersion()
+		// if err != nil {
+		// 	log.Fatal().Err(err).Msg("failure during creation of new database")
+		// }
+
+		// if storedVersion != portainer.DBVersion {
+		// 	err = store.MigrateData()
+		// 	if err != nil {
+		// 		log.Fatal().Err(err).Msg("failed migration")
+		// 	}
+		// }
 	}
 
 	err = updateSettingsFromFlags(store, flags)
 	if err != nil {
-		log.Fatalf("Failed updating settings from flags: %v", err)
+		log.Fatal().Err(err).Msg("failed updating settings from flags")
 	}
 
 	// this is for the db restore functionality - needs more tests.
@@ -137,23 +130,23 @@ func initDataStore(flags *portainer.CLIFlags, secretKey []byte, fileService port
 		<-shutdownCtx.Done()
 		defer connection.Close()
 
-		exportFilename := path.Join(*flags.Data, fmt.Sprintf("export-%d.json", time.Now().Unix()))
+		// exportFilename := path.Join(*flags.Data, fmt.Sprintf("export-%d.json", time.Now().Unix()))
 
-		err := store.Export(exportFilename)
-		if err != nil {
-			logrus.WithError(err).Debugf("Failed to export to %s", exportFilename)
-		} else {
-			logrus.Debugf("exported to %s", exportFilename)
-		}
-		connection.Close()
+		// err := store.Export(exportFilename)
+		// if err != nil {
+		// 	log.Error().Str("filename", exportFilename).Err(err).Msg("failed to export")
+		// } else {
+		// 	log.Debug().Str("filename", exportFilename).Msg("exported")
+		// }
 	}()
+
 	return store
 }
 
 func initComposeStackManager(assetsPath string, configPath string, reverseTunnelService portainer.ReverseTunnelService, proxyManager *proxy.Manager) portainer.ComposeStackManager {
 	composeWrapper, err := exec.NewComposeStackManager(assetsPath, configPath, proxyManager)
 	if err != nil {
-		logrus.Fatalf("Failed creating compose manager: %v", err)
+		log.Fatal().Err(err).Msg("failed creating compose manager")
 	}
 
 	return composeWrapper
@@ -183,10 +176,15 @@ func initAPIKeyService(datastore dataservices.DataStore) apikey.APIKeyService {
 }
 
 func initJWTService(userSessionTimeout string, dataStore dataservices.DataStore) (dataservices.JWTService, error) {
+	if userSessionTimeout == "" {
+		userSessionTimeout = portainer.DefaultUserSessionTimeout
+	}
+
 	jwtService, err := jwt.NewService(userSessionTimeout, dataStore)
 	if err != nil {
 		return nil, err
 	}
+
 	return jwtService, nil
 }
 
@@ -206,8 +204,8 @@ func initOAuthService() portainer.OAuthService {
 	return oauth.NewService()
 }
 
-func initGitService() portainer.GitService {
-	return git.NewService()
+func initGitService(ctx context.Context) portainer.GitService {
+	return git.NewService(ctx)
 }
 
 func initSSLService(addr, certPath, keyPath string, fileService portainer.FileService, dataStore dataservices.DataStore, shutdownTrigger context.CancelFunc) (*ssl.Service, error) {
@@ -235,7 +233,13 @@ func initKubernetesClientFactory(signatureService portainer.DigitalSignatureServ
 	return kubecli.NewClientFactory(signatureService, reverseTunnelService, instanceID, dataStore)
 }
 
-func initSnapshotService(snapshotIntervalFromFlag string, dataStore dataservices.DataStore, dockerClientFactory *docker.ClientFactory, kubernetesClientFactory *kubecli.ClientFactory, shutdownCtx context.Context) (portainer.SnapshotService, error) {
+func initSnapshotService(
+	snapshotIntervalFromFlag string,
+	dataStore dataservices.DataStore,
+	dockerClientFactory *docker.ClientFactory,
+	kubernetesClientFactory *kubecli.ClientFactory,
+	shutdownCtx context.Context,
+) (portainer.SnapshotService, error) {
 	dockerSnapshotter := docker.NewSnapshotter(dockerClientFactory)
 	kubernetesSnapshotter := kubernetes.NewSnapshotter(kubernetesClientFactory)
 
@@ -341,11 +345,7 @@ func enableFeaturesFromFlags(dataStore dataservices.DataStore, flags *portainer.
 			return fmt.Errorf("feature flag's '%s' value should be true or false", feat.Name)
 		}
 
-		if featureState {
-			logrus.Printf("Feature %v : on", *correspondingFeature)
-		} else {
-			logrus.Printf("Feature %v : off", *correspondingFeature)
-		}
+		log.Info().Str("feature", string(*correspondingFeature)).Bool("state", featureState).Msg("")
 
 		settings.FeatureFlagSettings[*correspondingFeature] = featureState
 	}
@@ -373,7 +373,7 @@ func generateAndStoreKeyPair(fileService portainer.FileService, signatureService
 func initKeyPair(fileService portainer.FileService, signatureService portainer.DigitalSignatureService) error {
 	existingKeyPair, err := fileService.KeyPairFilesExist()
 	if err != nil {
-		logrus.Fatalf("Failed checking for existing key pair: %v", err)
+		log.Fatal().Err(err).Msg("failed checking for existing key pair")
 	}
 
 	if existingKeyPair {
@@ -443,7 +443,11 @@ func createTLSSecuredEndpoint(flags *portainer.CLIFlags, dataStore dataservices.
 
 	err := snapshotService.SnapshotEndpoint(endpoint)
 	if err != nil {
-		logrus.Printf("http error: environment snapshot error (environment=%s, URL=%s) (err=%s)\n", endpoint.Name, endpoint.URL, err)
+		log.Error().
+			Str("endpoint", endpoint.Name).
+			Str("URL", endpoint.URL).
+			Err(err).
+			Msg("environment snapshot error")
 	}
 
 	return dataStore.Endpoint().Create(endpoint)
@@ -488,7 +492,10 @@ func createUnsecuredEndpoint(endpointURL string, dataStore dataservices.DataStor
 
 	err := snapshotService.SnapshotEndpoint(endpoint)
 	if err != nil {
-		logrus.Printf("http error: environment snapshot error (environment=%s, URL=%s) (err=%s)\n", endpoint.Name, endpoint.URL, err)
+		log.Error().
+			Str("endpoint", endpoint.Name).
+			Str("URL", endpoint.URL).Err(err).
+			Msg("environment snapshot error")
 	}
 
 	return dataStore.Endpoint().Create(endpoint)
@@ -505,7 +512,8 @@ func initEndpoint(flags *portainer.CLIFlags, dataStore dataservices.DataStore, s
 	}
 
 	if len(endpoints) > 0 {
-		logrus.Println("Instance already has defined environments. Skipping the environment defined via CLI.")
+		log.Info().Msg("instance already has defined environments, skipping the environment defined via CLI")
+
 		return nil
 	}
 
@@ -519,9 +527,9 @@ func loadEncryptionSecretKey(keyfilename string) []byte {
 	content, err := os.ReadFile(path.Join("/run/secrets", keyfilename))
 	if err != nil {
 		if os.IsNotExist(err) {
-			logrus.Printf("Encryption key file `%s` not present", keyfilename)
+			log.Info().Str("filename", keyfilename).Msg("encryption key file not present")
 		} else {
-			logrus.Printf("Error reading encryption key file: %v", err)
+			log.Info().Err(err).Msg("error reading encryption key file")
 		}
 
 		return nil
@@ -538,38 +546,42 @@ func buildServer(flags *portainer.CLIFlags) portainer.Server {
 	fileService := initFileService(*flags.Data)
 	encryptionKey := loadEncryptionSecretKey(*flags.SecretKeyName)
 	if encryptionKey == nil {
-		logrus.Println("Proceeding without encryption key")
+		log.Info().Msg("proceeding without encryption key")
 	}
 
 	dataStore := initDataStore(flags, encryptionKey, fileService, shutdownCtx)
 
 	if err := dataStore.CheckCurrentEdition(); err != nil {
-		logrus.Fatal(err)
+		log.Fatal().Err(err).Msg("")
 	}
+
 	instanceID, err := dataStore.Version().InstanceID()
 	if err != nil {
-		logrus.Fatalf("Failed getting instance id: %v", err)
+		log.Fatal().Err(err).Msg("failed getting instance id")
 	}
 
 	apiKeyService := initAPIKeyService(dataStore)
 
 	settings, err := dataStore.Settings().Settings()
 	if err != nil {
-		logrus.Fatal(err)
+		log.Fatal().Err(err).Msg("")
 	}
+
 	jwtService, err := initJWTService(settings.UserSessionTimeout, dataStore)
 	if err != nil {
-		logrus.Fatalf("Failed initializing JWT service: %v", err)
+		log.Fatal().Err(err).Msg("failed initializing JWT service")
 	}
 
 	err = enableFeaturesFromFlags(dataStore, flags)
 	if err != nil {
-		logrus.Fatalf("Failed enabling feature flag: %v", err)
+		log.Fatal().Err(err).Msg("failed enabling feature flag")
 	}
 
 	ldapService := initLDAPService()
+
 	oauthService := initOAuthService()
-	gitService := initGitService()
+
+	gitService := initGitService(shutdownCtx)
 
 	openAMTService := openamt.NewService()
 
@@ -579,17 +591,17 @@ func buildServer(flags *portainer.CLIFlags) portainer.Server {
 
 	sslService, err := initSSLService(*flags.AddrHTTPS, *flags.SSLCert, *flags.SSLKey, fileService, dataStore, shutdownTrigger)
 	if err != nil {
-		logrus.Fatal(err)
+		log.Fatal().Err(err).Msg("")
 	}
 
 	sslSettings, err := sslService.GetSSLSettings()
 	if err != nil {
-		logrus.Fatalf("Failed to get ssl settings: %s", err)
+		log.Fatal().Err(err).Msg("failed to get SSL settings")
 	}
 
 	err = initKeyPair(fileService, digitalSignatureService)
 	if err != nil {
-		logrus.Fatalf("Failed initializing key pair: %v", err)
+		log.Fatal().Err(err).Msg("failed initializing key pair")
 	}
 
 	reverseTunnelService := chisel.NewService(dataStore, shutdownCtx)
@@ -599,7 +611,7 @@ func buildServer(flags *portainer.CLIFlags) portainer.Server {
 
 	snapshotService, err := initSnapshotService(*flags.SnapshotInterval, dataStore, dockerClientFactory, kubernetesClientFactory, shutdownCtx)
 	if err != nil {
-		logrus.Fatalf("Failed initializing snapshot service: %v", err)
+		log.Fatal().Err(err).Msg("failed initializing snapshot service")
 	}
 	snapshotService.Start()
 
@@ -620,19 +632,19 @@ func buildServer(flags *portainer.CLIFlags) portainer.Server {
 
 	swarmStackManager, err := initSwarmStackManager(*flags.Assets, dockerConfigPath, digitalSignatureService, fileService, reverseTunnelService, dataStore)
 	if err != nil {
-		logrus.Fatalf("Failed initializing swarm stack manager: %v", err)
+		log.Fatal().Err(err).Msg("failed initializing swarm stack manager")
 	}
 
 	kubernetesDeployer := initKubernetesDeployer(kubernetesTokenCacheManager, kubernetesClientFactory, dataStore, reverseTunnelService, digitalSignatureService, proxyManager, *flags.Assets)
 
 	helmPackageManager, err := initHelmPackageManager(*flags.Assets)
 	if err != nil {
-		logrus.Fatalf("Failed initializing helm package manager: %v", err)
+		log.Fatal().Err(err).Msg("failed initializing helm package manager")
 	}
 
 	err = edge.LoadEdgeJobs(dataStore, reverseTunnelService)
 	if err != nil {
-		logrus.Fatalf("Failed loading edge jobs from database: %v", err)
+		log.Fatal().Err(err).Msg("failed loading edge jobs from database")
 	}
 
 	applicationStatus := initStatus(instanceID)
@@ -641,24 +653,25 @@ func buildServer(flags *portainer.CLIFlags) portainer.Server {
 	if *flags.DemoEnvironment {
 		err := demoService.Init(dataStore, cryptoService)
 		if err != nil {
-			log.Fatalf("failed initializing demo environment: %v", err)
+			log.Fatal().Err(err).Msg("failed initializing demo environment")
 		}
 	}
 
 	err = initEndpoint(flags, dataStore, snapshotService)
 	if err != nil {
-		logrus.Fatalf("Failed initializing environment: %v", err)
+		log.Fatal().Err(err).Msg("failed initializing environment")
 	}
 
 	adminPasswordHash := ""
 	if *flags.AdminPasswordFile != "" {
 		content, err := fileService.GetFileContent(*flags.AdminPasswordFile, "")
 		if err != nil {
-			logrus.Fatalf("Failed getting admin password file: %v", err)
+			log.Fatal().Err(err).Msg("failed getting admin password file")
 		}
+
 		adminPasswordHash, err = cryptoService.Hash(strings.TrimSuffix(string(content), "\n"))
 		if err != nil {
-			logrus.Fatalf("Failed hashing admin password: %v", err)
+			log.Fatal().Err(err).Msg("failed hashing admin password")
 		}
 	} else if *flags.AdminPassword != "" {
 		adminPasswordHash = *flags.AdminPassword
@@ -667,38 +680,39 @@ func buildServer(flags *portainer.CLIFlags) portainer.Server {
 	if adminPasswordHash != "" {
 		users, err := dataStore.User().UsersByRole(portainer.AdministratorRole)
 		if err != nil {
-			logrus.Fatalf("Failed getting admin user: %v", err)
+			log.Fatal().Err(err).Msg("failed getting admin user")
 		}
 
 		if len(users) == 0 {
-			logrus.Println("Created admin user with the given password.")
+			log.Info().Msg("created admin user with the given password.")
 			user := &portainer.User{
 				Username: "admin",
 				Role:     portainer.AdministratorRole,
 				Password: adminPasswordHash,
 			}
+
 			err := dataStore.User().Create(user)
 			if err != nil {
-				logrus.Fatalf("Failed creating admin user: %v", err)
+				log.Fatal().Err(err).Msg("failed creating admin user")
 			}
 		} else {
-			logrus.Println("Instance already has an administrator user defined. Skipping admin password related flags.")
+			log.Info().Msg("instance already has an administrator user defined, skipping admin password related flags.")
 		}
 	}
 
 	err = reverseTunnelService.StartTunnelServer(*flags.TunnelAddr, *flags.TunnelPort, snapshotService)
 	if err != nil {
-		logrus.Fatalf("Failed starting tunnel server: %v", err)
-	}
-
-	sslDBSettings, err := dataStore.SSLSettings().Settings()
-	if err != nil {
-		logrus.Fatalf("Failed to fetch ssl settings from DB")
+		log.Fatal().Err(err).Msg("failed starting tunnel server")
 	}
 
 	scheduler := scheduler.NewScheduler(shutdownCtx)
-	stackDeployer := stacks.NewStackDeployer(swarmStackManager, composeStackManager, kubernetesDeployer)
-	stacks.StartStackSchedules(scheduler, stackDeployer, dataStore, gitService)
+	stackDeployer := deployments.NewStackDeployer(swarmStackManager, composeStackManager, kubernetesDeployer)
+	deployments.StartStackSchedules(scheduler, stackDeployer, dataStore, gitService)
+
+	sslDBSettings, err := dataStore.SSLSettings().Settings()
+	if err != nil {
+		log.Fatal().Msg("failed to fetch SSL settings from DB")
+	}
 
 	return &http.Server{
 		AuthorizationService:        authorizationService,
@@ -713,8 +727,8 @@ func buildServer(flags *portainer.CLIFlags) portainer.Server {
 		ComposeStackManager:         composeStackManager,
 		KubernetesDeployer:          kubernetesDeployer,
 		HelmPackageManager:          helmPackageManager,
-		CryptoService:               cryptoService,
 		APIKeyService:               apiKeyService,
+		CryptoService:               cryptoService,
 		JWTService:                  jwtService,
 		FileService:                 fileService,
 		LDAPService:                 ldapService,
@@ -738,22 +752,25 @@ func buildServer(flags *portainer.CLIFlags) portainer.Server {
 }
 
 func main() {
+	configureLogger()
+
 	flags := initCLI()
 
-	configureLogger()
+	setLoggingLevel(*flags.LogLevel)
 
 	for {
 		server := buildServer(flags)
-		logrus.WithFields(logrus.Fields{
-			"Version":        portainer.APIVersion,
-			"BuildNumber":    build.BuildNumber,
-			"ImageTag":       build.ImageTag,
-			"NodejsVersion":  build.NodejsVersion,
-			"YarnVersion":    build.YarnVersion,
-			"WebpackVersion": build.WebpackVersion,
-			"GoVersion":      build.GoVersion},
-		).Print("[INFO] [cmd,main] Starting Portainer")
+		log.Info().
+			Str("version", portainer.APIVersion).
+			Str("build_number", build.BuildNumber).
+			Str("image_tag", build.ImageTag).
+			Str("nodejs_version", build.NodejsVersion).
+			Str("yarn_version", build.YarnVersion).
+			Str("webpack_version", build.WebpackVersion).
+			Str("go_version", build.GoVersion).
+			Msg("starting Portainer")
+
 		err := server.Start()
-		logrus.Printf("[INFO] [cmd,main] Http server exited: %v\n", err)
+		log.Info().Err(err).Msg("HTTP server exited")
 	}
 }

api/cmd/portainer/main_test.go

@@ -1,110 +1,111 @@
 package main
 
-import (
-	"fmt"
-	"testing"
+// import (
+// 	"fmt"
+// 	"testing"
 
-	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/cli"
-	"github.com/portainer/portainer/api/dataservices"
-	"github.com/portainer/portainer/api/datastore"
-	"github.com/stretchr/testify/assert"
-	"gopkg.in/alecthomas/kingpin.v2"
-)
+// 	portainer "github.com/portainer/portainer/api"
+// 	"github.com/portainer/portainer/api/cli"
+// 	"github.com/portainer/portainer/api/dataservices"
+// 	"github.com/portainer/portainer/api/datastore"
 
-type mockKingpinSetting string
+// 	"github.com/stretchr/testify/assert"
+// 	"gopkg.in/alecthomas/kingpin.v2"
+// )
 
-func (m mockKingpinSetting) SetValue(value kingpin.Value) {
-	value.Set(string(m))
-}
+// type mockKingpinSetting string
 
-func Test_enableFeaturesFromFlags(t *testing.T) {
-	is := assert.New(t)
+// func (m mockKingpinSetting) SetValue(value kingpin.Value) {
+// 	value.Set(string(m))
+// }
 
-	_, store, teardown := datastore.MustNewTestStore(true, true)
-	defer teardown()
+// func Test_enableFeaturesFromFlags(t *testing.T) {
+// 	is := assert.New(t)
 
-	tests := []struct {
-		featureFlag string
-		isSupported bool
-	}{
-		{"test", false},
-	}
-	for _, test := range tests {
-		t.Run(fmt.Sprintf("%s succeeds:%v", test.featureFlag, test.isSupported), func(t *testing.T) {
-			mockKingpinSetting := mockKingpinSetting(test.featureFlag)
-			flags := &portainer.CLIFlags{FeatureFlags: cli.BoolPairs(mockKingpinSetting)}
-			err := enableFeaturesFromFlags(store, flags)
-			if test.isSupported {
-				is.NoError(err)
-			} else {
-				is.Error(err)
-			}
-		})
-	}
+// 	_, store, teardown := datastore.MustNewTestStore(t, true, true)
+// 	defer teardown()
 
-	t.Run("passes for all supported feature flags", func(t *testing.T) {
-		for _, flag := range portainer.SupportedFeatureFlags {
-			mockKingpinSetting := mockKingpinSetting(flag)
-			flags := &portainer.CLIFlags{FeatureFlags: cli.BoolPairs(mockKingpinSetting)}
-			err := enableFeaturesFromFlags(store, flags)
-			is.NoError(err)
-		}
-	})
-}
+// 	tests := []struct {
+// 		featureFlag string
+// 		isSupported bool
+// 	}{
+// 		{"test", false},
+// 	}
+// 	for _, test := range tests {
+// 		t.Run(fmt.Sprintf("%s succeeds:%v", test.featureFlag, test.isSupported), func(t *testing.T) {
+// 			mockKingpinSetting := mockKingpinSetting(test.featureFlag)
+// 			flags := &portainer.CLIFlags{FeatureFlags: cli.BoolPairs(mockKingpinSetting)}
+// 			err := enableFeaturesFromFlags(store, flags)
+// 			if test.isSupported {
+// 				is.NoError(err)
+// 			} else {
+// 				is.Error(err)
+// 			}
+// 		})
+// 	}
 
-const FeatTest portainer.Feature = "optional-test"
+// 	t.Run("passes for all supported feature flags", func(t *testing.T) {
+// 		for _, flag := range portainer.SupportedFeatureFlags {
+// 			mockKingpinSetting := mockKingpinSetting(flag)
+// 			flags := &portainer.CLIFlags{FeatureFlags: cli.BoolPairs(mockKingpinSetting)}
+// 			err := enableFeaturesFromFlags(store, flags)
+// 			is.NoError(err)
+// 		}
+// 	})
+// }
 
-func optionalFunc(dataStore dataservices.DataStore) string {
+// const FeatTest portainer.Feature = "optional-test"
 
-	// TODO: this is a code smell - finding out if a feature flag is enabled should not require having access to the store, and asking for a settings obj.
-	//       ideally, the `if` should look more like:
-	//       if featureflags.FlagEnabled(FeatTest) {}
-	settings, err := dataStore.Settings().Settings()
-	if err != nil {
-		return err.Error()
-	}
+// func optionalFunc(dataStore dataservices.DataStore) string {
 
-	if settings.FeatureFlagSettings[FeatTest] {
-		return "enabled"
-	}
-	return "disabled"
-}
+// 	// TODO: this is a code smell - finding out if a feature flag is enabled should not require having access to the store, and asking for a settings obj.
+// 	//       ideally, the `if` should look more like:
+// 	//       if featureflags.FlagEnabled(FeatTest) {}
+// 	settings, err := dataStore.Settings().Settings()
+// 	if err != nil {
+// 		return err.Error()
+// 	}
 
-func Test_optionalFeature(t *testing.T) {
-	portainer.SupportedFeatureFlags = append(portainer.SupportedFeatureFlags, FeatTest)
+// 	if settings.FeatureFlagSettings[FeatTest] {
+// 		return "enabled"
+// 	}
+// 	return "disabled"
+// }
 
-	is := assert.New(t)
+// func Test_optionalFeature(t *testing.T) {
+// 	portainer.SupportedFeatureFlags = append(portainer.SupportedFeatureFlags, FeatTest)
 
-	_, store, teardown := datastore.MustNewTestStore(true, true)
-	defer teardown()
+// 	is := assert.New(t)
 
-	// Enable the test feature
-	t.Run(fmt.Sprintf("%s succeeds:%v", FeatTest, true), func(t *testing.T) {
-		mockKingpinSetting := mockKingpinSetting(FeatTest)
-		flags := &portainer.CLIFlags{FeatureFlags: cli.BoolPairs(mockKingpinSetting)}
-		err := enableFeaturesFromFlags(store, flags)
-		is.NoError(err)
-		is.Equal("enabled", optionalFunc(store))
-	})
+// 	_, store, teardown := datastore.MustNewTestStore(t, true, true)
+// 	defer teardown()
 
-	// Same store, so the feature flag should still be enabled
-	t.Run(fmt.Sprintf("%s succeeds:%v", FeatTest, true), func(t *testing.T) {
-		is.Equal("enabled", optionalFunc(store))
-	})
+// 	// Enable the test feature
+// 	t.Run(fmt.Sprintf("%s succeeds:%v", FeatTest, true), func(t *testing.T) {
+// 		mockKingpinSetting := mockKingpinSetting(FeatTest)
+// 		flags := &portainer.CLIFlags{FeatureFlags: cli.BoolPairs(mockKingpinSetting)}
+// 		err := enableFeaturesFromFlags(store, flags)
+// 		is.NoError(err)
+// 		is.Equal("enabled", optionalFunc(store))
+// 	})
 
-	// disable the test feature
-	t.Run(fmt.Sprintf("%s succeeds:%v", FeatTest, true), func(t *testing.T) {
-		mockKingpinSetting := mockKingpinSetting(FeatTest + "=false")
-		flags := &portainer.CLIFlags{FeatureFlags: cli.BoolPairs(mockKingpinSetting)}
-		err := enableFeaturesFromFlags(store, flags)
-		is.NoError(err)
-		is.Equal("disabled", optionalFunc(store))
-	})
+// 	// Same store, so the feature flag should still be enabled
+// 	t.Run(fmt.Sprintf("%s succeeds:%v", FeatTest, true), func(t *testing.T) {
+// 		is.Equal("enabled", optionalFunc(store))
+// 	})
 
-	// Same store, so feature flag should still be disabled
-	t.Run(fmt.Sprintf("%s succeeds:%v", FeatTest, true), func(t *testing.T) {
-		is.Equal("disabled", optionalFunc(store))
-	})
+// 	// disable the test feature
+// 	t.Run(fmt.Sprintf("%s succeeds:%v", FeatTest, true), func(t *testing.T) {
+// 		mockKingpinSetting := mockKingpinSetting(FeatTest + "=false")
+// 		flags := &portainer.CLIFlags{FeatureFlags: cli.BoolPairs(mockKingpinSetting)}
+// 		err := enableFeaturesFromFlags(store, flags)
+// 		is.NoError(err)
+// 		is.Equal("disabled", optionalFunc(store))
+// 	})
 
-}
+// 	// Same store, so feature flag should still be disabled
+// 	t.Run(fmt.Sprintf("%s succeeds:%v", FeatTest, true), func(t *testing.T) {
+// 		is.Equal("disabled", optionalFunc(store))
+// 	})
+
+// }

api/connection.go

@@ -1,40 +1,20 @@
 package portainer
 
-import (
-	"io"
-)
+import "gorm.io/gorm"
 
 type Connection interface {
 	Open() error
 	Close() error
 
-	// write the db contents to filename as json (the schema needs defining)
-	ExportRaw(filename string) error
+	Init() error
+
+	GetDB() *gorm.DB
 
-	// TODO: this one is very database specific atm
-	BackupTo(w io.Writer) error
 	GetDatabaseFileName() string
 	GetDatabaseFilePath() string
 	GetStorePath() string
 
+	SetEncrypted(encrypted bool)
 	IsEncryptedStore() bool
 	NeedsEncryptionMigration() (bool, error)
-	SetEncrypted(encrypted bool)
-
-	SetServiceName(bucketName string) error
-	GetObject(bucketName string, key []byte, object interface{}) error
-	UpdateObject(bucketName string, key []byte, object interface{}) error
-	DeleteObject(bucketName string, key []byte) error
-	DeleteAllObjects(bucketName string, matching func(o interface{}) (id int, ok bool)) error
-	GetNextIdentifier(bucketName string) int
-	CreateObject(bucketName string, fn func(uint64) (int, interface{})) error
-	CreateObjectWithId(bucketName string, id int, obj interface{}) error
-	CreateObjectWithStringId(bucketName string, id []byte, obj interface{}) error
-	CreateObjectWithSetSequence(bucketName string, id int, obj interface{}) error
-	GetAll(bucketName string, obj interface{}, append func(o interface{}) (interface{}, error)) error
-	GetAllWithJsoniter(bucketName string, obj interface{}, append func(o interface{}) (interface{}, error)) error
-	ConvertToKey(v int) []byte
-
-	BackupMetadata() (map[string]interface{}, error)
-	RestoreMetadata(s map[string]interface{}) error
 }

api/crypto/aes_test.go

@@ -7,13 +7,11 @@ import (
 	"path/filepath"
 	"testing"
 
-	"github.com/docker/docker/pkg/ioutils"
 	"github.com/stretchr/testify/assert"
 )
 
 func Test_encryptAndDecrypt_withTheSamePassword(t *testing.T) {
-	tmpdir, _ := ioutils.TempDir("", "encrypt")
-	defer os.RemoveAll(tmpdir)
+	tmpdir := t.TempDir()
 
 	var (
 		originFilePath    = filepath.Join(tmpdir, "origin")
@@ -52,8 +50,7 @@ func Test_encryptAndDecrypt_withTheSamePassword(t *testing.T) {
 }
 
 func Test_encryptAndDecrypt_withEmptyPassword(t *testing.T) {
-	tmpdir, _ := ioutils.TempDir("", "encrypt")
-	defer os.RemoveAll(tmpdir)
+	tmpdir := t.TempDir()
 
 	var (
 		originFilePath    = filepath.Join(tmpdir, "origin")
@@ -92,8 +89,7 @@ func Test_encryptAndDecrypt_withEmptyPassword(t *testing.T) {
 }
 
 func Test_decryptWithDifferentPassphrase_shouldProduceWrongResult(t *testing.T) {
-	tmpdir, _ := ioutils.TempDir("", "encrypt")
-	defer os.RemoveAll(tmpdir)
+	tmpdir := t.TempDir()
 
 	var (
 		originFilePath    = filepath.Join(tmpdir, "origin")

api/database/boltdb/db.go

@@ -1,428 +0,0 @@
-package boltdb
-
-import (
-	"encoding/binary"
-	"errors"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"os"
-	"path"
-	"time"
-
-	dserrors "github.com/portainer/portainer/api/dataservices/errors"
-	"github.com/sirupsen/logrus"
-	bolt "go.etcd.io/bbolt"
-)
-
-const (
-	DatabaseFileName          = "portainer.db"
-	EncryptedDatabaseFileName = "portainer.edb"
-)
-
-var (
-	ErrHaveEncryptedAndUnencrypted = errors.New("Portainer has detected both an encrypted and un-encrypted database and cannot start.  Only one database should exist")
-	ErrHaveEncryptedWithNoKey      = errors.New("The portainer database is encrypted, but no secret was loaded")
-)
-
-type DbConnection struct {
-	Path            string
-	MaxBatchSize    int
-	MaxBatchDelay   time.Duration
-	InitialMmapSize int
-	EncryptionKey   []byte
-	isEncrypted     bool
-
-	*bolt.DB
-}
-
-// GetDatabaseFileName get the database filename
-func (connection *DbConnection) GetDatabaseFileName() string {
-	if connection.IsEncryptedStore() {
-		return EncryptedDatabaseFileName
-	}
-
-	return DatabaseFileName
-}
-
-// GetDataseFilePath get the path + filename for the database file
-func (connection *DbConnection) GetDatabaseFilePath() string {
-	if connection.IsEncryptedStore() {
-		return path.Join(connection.Path, EncryptedDatabaseFileName)
-	}
-
-	return path.Join(connection.Path, DatabaseFileName)
-}
-
-// GetStorePath get the filename and path for the database file
-func (connection *DbConnection) GetStorePath() string {
-	return connection.Path
-}
-
-func (connection *DbConnection) SetEncrypted(flag bool) {
-	connection.isEncrypted = flag
-}
-
-// Return true if the database is encrypted
-func (connection *DbConnection) IsEncryptedStore() bool {
-	return connection.getEncryptionKey() != nil
-}
-
-// NeedsEncryptionMigration returns true if database encryption is enabled and
-// we have an un-encrypted DB that requires migration to an encrypted DB
-func (connection *DbConnection) NeedsEncryptionMigration() (bool, error) {
-
-	// Cases:  Note, we need to check both portainer.db and portainer.edb
-	// to determine if it's a new store.   We only need to differentiate between cases 2,3 and 5
-
-	// 1) portainer.edb + key     => False
-	// 2) portainer.edb + no key  => ERROR Fatal!
-	// 3) portainer.db  + key     => True  (needs migration)
-	// 4) portainer.db  + no key  => False
-	// 5) NoDB (new)    + key     => False
-	// 6) NoDB (new)    + no key  => False
-	// 7) portainer.db & portainer.edb => ERROR Fatal!
-
-	// If we have a loaded encryption key, always set encrypted
-	if connection.EncryptionKey != nil {
-		connection.SetEncrypted(true)
-	}
-
-	// Check for portainer.db
-	dbFile := path.Join(connection.Path, DatabaseFileName)
-	_, err := os.Stat(dbFile)
-	haveDbFile := err == nil
-
-	// Check for portainer.edb
-	edbFile := path.Join(connection.Path, EncryptedDatabaseFileName)
-	_, err = os.Stat(edbFile)
-	haveEdbFile := err == nil
-
-	if haveDbFile && haveEdbFile {
-		// 7 - encrypted and unencrypted db?
-		return false, ErrHaveEncryptedAndUnencrypted
-	}
-
-	if haveDbFile && connection.EncryptionKey != nil {
-		// 3 - needs migration
-		return true, nil
-	}
-
-	if haveEdbFile && connection.EncryptionKey == nil {
-		// 2 - encrypted db, but no key?
-		return false, ErrHaveEncryptedWithNoKey
-	}
-
-	// 1, 4, 5, 6
-	return false, nil
-}
-
-// Open opens and initializes the BoltDB database.
-func (connection *DbConnection) Open() error {
-
-	logrus.Infof("Loading PortainerDB: %s", connection.GetDatabaseFileName())
-
-	// Now we open the db
-	databasePath := connection.GetDatabaseFilePath()
-	db, err := bolt.Open(databasePath, 0600, &bolt.Options{
-		Timeout:         1 * time.Second,
-		InitialMmapSize: connection.InitialMmapSize,
-	})
-	if err != nil {
-		return err
-	}
-	db.MaxBatchSize = connection.MaxBatchSize
-	db.MaxBatchDelay = connection.MaxBatchDelay
-	connection.DB = db
-	return nil
-}
-
-// Close closes the BoltDB database.
-// Safe to being called multiple times.
-func (connection *DbConnection) Close() error {
-	if connection.DB != nil {
-		return connection.DB.Close()
-	}
-	return nil
-}
-
-// BackupTo backs up db to a provided writer.
-// It does hot backup and doesn't block other database reads and writes
-func (connection *DbConnection) BackupTo(w io.Writer) error {
-	return connection.View(func(tx *bolt.Tx) error {
-		_, err := tx.WriteTo(w)
-		return err
-	})
-}
-
-func (connection *DbConnection) ExportRaw(filename string) error {
-	databasePath := connection.GetDatabaseFilePath()
-	if _, err := os.Stat(databasePath); err != nil {
-		return fmt.Errorf("stat on %s failed: %s", databasePath, err)
-	}
-
-	b, err := connection.ExportJson(databasePath, true)
-	if err != nil {
-		return err
-	}
-	return ioutil.WriteFile(filename, b, 0600)
-}
-
-// ConvertToKey returns an 8-byte big endian representation of v.
-// This function is typically used for encoding integer IDs to byte slices
-// so that they can be used as BoltDB keys.
-func (connection *DbConnection) ConvertToKey(v int) []byte {
-	b := make([]byte, 8)
-	binary.BigEndian.PutUint64(b, uint64(v))
-	return b
-}
-
-// CreateBucket is a generic function used to create a bucket inside a database database.
-func (connection *DbConnection) SetServiceName(bucketName string) error {
-	return connection.Batch(func(tx *bolt.Tx) error {
-		_, err := tx.CreateBucketIfNotExists([]byte(bucketName))
-		return err
-	})
-}
-
-// GetObject is a generic function used to retrieve an unmarshalled object from a database database.
-func (connection *DbConnection) GetObject(bucketName string, key []byte, object interface{}) error {
-	var data []byte
-
-	err := connection.View(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(bucketName))
-
-		value := bucket.Get(key)
-		if value == nil {
-			return dserrors.ErrObjectNotFound
-		}
-
-		data = make([]byte, len(value))
-		copy(data, value)
-
-		return nil
-	})
-	if err != nil {
-		return err
-	}
-
-	return connection.UnmarshalObjectWithJsoniter(data, object)
-}
-
-func (connection *DbConnection) getEncryptionKey() []byte {
-	if !connection.isEncrypted {
-		return nil
-	}
-
-	return connection.EncryptionKey
-}
-
-// UpdateObject is a generic function used to update an object inside a database database.
-func (connection *DbConnection) UpdateObject(bucketName string, key []byte, object interface{}) error {
-	data, err := connection.MarshalObject(object)
-	if err != nil {
-		return err
-	}
-
-	return connection.Batch(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(bucketName))
-		return bucket.Put(key, data)
-	})
-}
-
-// DeleteObject is a generic function used to delete an object inside a database database.
-func (connection *DbConnection) DeleteObject(bucketName string, key []byte) error {
-	return connection.Batch(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(bucketName))
-		return bucket.Delete(key)
-	})
-}
-
-// DeleteAllObjects delete all objects where matching() returns (id, ok).
-// TODO: think about how to return the error inside (maybe change ok to type err, and use "notfound"?
-func (connection *DbConnection) DeleteAllObjects(bucketName string, matching func(o interface{}) (id int, ok bool)) error {
-	return connection.Batch(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(bucketName))
-
-		cursor := bucket.Cursor()
-		for k, v := cursor.First(); k != nil; k, v = cursor.Next() {
-			var obj interface{}
-			err := connection.UnmarshalObject(v, &obj)
-			if err != nil {
-				return err
-			}
-
-			if id, ok := matching(obj); ok {
-				err := bucket.Delete(connection.ConvertToKey(id))
-				if err != nil {
-					return err
-				}
-			}
-		}
-
-		return nil
-	})
-}
-
-// GetNextIdentifier is a generic function that returns the specified bucket identifier incremented by 1.
-func (connection *DbConnection) GetNextIdentifier(bucketName string) int {
-	var identifier int
-
-	connection.Batch(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(bucketName))
-		id, err := bucket.NextSequence()
-		if err != nil {
-			return err
-		}
-		identifier = int(id)
-		return nil
-	})
-
-	return identifier
-}
-
-// CreateObject creates a new object in the bucket, using the next bucket sequence id
-func (connection *DbConnection) CreateObject(bucketName string, fn func(uint64) (int, interface{})) error {
-	return connection.Batch(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(bucketName))
-
-		seqId, _ := bucket.NextSequence()
-		id, obj := fn(seqId)
-
-		data, err := connection.MarshalObject(obj)
-		if err != nil {
-			return err
-		}
-
-		return bucket.Put(connection.ConvertToKey(int(id)), data)
-	})
-}
-
-// CreateObjectWithId creates a new object in the bucket, using the specified id
-func (connection *DbConnection) CreateObjectWithId(bucketName string, id int, obj interface{}) error {
-	return connection.Batch(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(bucketName))
-		data, err := connection.MarshalObject(obj)
-		if err != nil {
-			return err
-		}
-
-		return bucket.Put(connection.ConvertToKey(id), data)
-	})
-}
-
-// CreateObjectWithStringId creates a new object in the bucket, using the specified id
-func (connection *DbConnection) CreateObjectWithStringId(bucketName string, id []byte, obj interface{}) error {
-	return connection.Batch(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(bucketName))
-		data, err := connection.MarshalObject(obj)
-		if err != nil {
-			return err
-		}
-
-		return bucket.Put(id, data)
-	})
-}
-
-// CreateObjectWithSetSequence creates a new object in the bucket, using the specified id, and sets the bucket sequence
-// avoid this :)
-func (connection *DbConnection) CreateObjectWithSetSequence(bucketName string, id int, obj interface{}) error {
-	return connection.Batch(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(bucketName))
-
-		// We manually manage sequences for schedules
-		err := bucket.SetSequence(uint64(id))
-		if err != nil {
-			return err
-		}
-
-		data, err := connection.MarshalObject(obj)
-		if err != nil {
-			return err
-		}
-
-		return bucket.Put(connection.ConvertToKey(id), data)
-	})
-}
-
-func (connection *DbConnection) GetAll(bucketName string, obj interface{}, append func(o interface{}) (interface{}, error)) error {
-	err := connection.View(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(bucketName))
-		cursor := bucket.Cursor()
-		for k, v := cursor.First(); k != nil; k, v = cursor.Next() {
-			err := connection.UnmarshalObject(v, obj)
-			if err != nil {
-				return err
-			}
-			obj, err = append(obj)
-			if err != nil {
-				return err
-			}
-		}
-
-		return nil
-	})
-	return err
-}
-
-// TODO: decide which Unmarshal to use, and use one...
-func (connection *DbConnection) GetAllWithJsoniter(bucketName string, obj interface{}, append func(o interface{}) (interface{}, error)) error {
-	err := connection.View(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(bucketName))
-
-		cursor := bucket.Cursor()
-		for k, v := cursor.First(); k != nil; k, v = cursor.Next() {
-			err := connection.UnmarshalObjectWithJsoniter(v, obj)
-			if err != nil {
-				return err
-			}
-			obj, err = append(obj)
-			if err != nil {
-				return err
-			}
-		}
-
-		return nil
-	})
-	return err
-}
-
-func (connection *DbConnection) BackupMetadata() (map[string]interface{}, error) {
-	buckets := map[string]interface{}{}
-
-	err := connection.View(func(tx *bolt.Tx) error {
-		err := tx.ForEach(func(name []byte, bucket *bolt.Bucket) error {
-			bucketName := string(name)
-			bucket = tx.Bucket([]byte(bucketName))
-			seqId := bucket.Sequence()
-			buckets[bucketName] = int(seqId)
-			return nil
-		})
-
-		return err
-	})
-
-	return buckets, err
-}
-
-func (connection *DbConnection) RestoreMetadata(s map[string]interface{}) error {
-	var err error
-
-	for bucketName, v := range s {
-		id, ok := v.(float64) // JSON ints are unmarshalled to interface as float64. See: https://pkg.go.dev/encoding/json#Decoder.Decode
-		if !ok {
-			logrus.Errorf("Failed to restore metadata to bucket %s, skipped", bucketName)
-			continue
-		}
-
-		err = connection.Batch(func(tx *bolt.Tx) error {
-			bucket, err := tx.CreateBucketIfNotExists([]byte(bucketName))
-			if err != nil {
-				return err
-			}
-			return bucket.SetSequence(uint64(id))
-		})
-	}
-
-	return err
-}

api/database/boltdb/db_test.go

@@ -1,124 +0,0 @@
-package boltdb
-
-import (
-	"os"
-	"path"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func Test_NeedsEncryptionMigration(t *testing.T) {
-	// Test the specific scenarios mentioned in NeedsEncryptionMigration
-
-	// i.e.
-	// Cases:  Note, we need to check both portainer.db and portainer.edb
-	// to determine if it's a new store.   We only need to differentiate between cases 2,3 and 5
-
-	// 1) portainer.edb + key     => False
-	// 2) portainer.edb + no key  => ERROR Fatal!
-	// 3) portainer.db  + key     => True  (needs migration)
-	// 4) portainer.db  + no key  => False
-	// 5) NoDB (new)    + key     => False
-	// 6) NoDB (new)    + no key  => False
-	// 7) portainer.db & portainer.edb (key not important) => ERROR Fatal!
-
-	is := assert.New(t)
-	dir := t.TempDir()
-
-	cases := []struct {
-		name         string
-		dbname       string
-		key          bool
-		expectError  error
-		expectResult bool
-	}{
-		{
-			name:         "portainer.edb + key",
-			dbname:       EncryptedDatabaseFileName,
-			key:          true,
-			expectError:  nil,
-			expectResult: false,
-		},
-		{
-			name:         "portainer.db + key (migration needed)",
-			dbname:       DatabaseFileName,
-			key:          true,
-			expectError:  nil,
-			expectResult: true,
-		},
-		{
-			name:         "portainer.db + no key",
-			dbname:       DatabaseFileName,
-			key:          false,
-			expectError:  nil,
-			expectResult: false,
-		},
-		{
-			name:         "NoDB (new) + key",
-			dbname:       "",
-			key:          false,
-			expectError:  nil,
-			expectResult: false,
-		},
-		{
-			name:         "NoDB (new) + no key",
-			dbname:       "",
-			key:          false,
-			expectError:  nil,
-			expectResult: false,
-		},
-
-		// error tests
-		{
-			name:         "portainer.edb + no key",
-			dbname:       EncryptedDatabaseFileName,
-			key:          false,
-			expectError:  ErrHaveEncryptedWithNoKey,
-			expectResult: false,
-		},
-		{
-			name:         "portainer.db & portainer.edb",
-			dbname:       "both",
-			key:          true,
-			expectError:  ErrHaveEncryptedAndUnencrypted,
-			expectResult: false,
-		},
-	}
-
-	for _, tc := range cases {
-		tc := tc
-
-		t.Run(tc.name, func(t *testing.T) {
-
-			connection := DbConnection{Path: dir}
-
-			if tc.dbname == "both" {
-				// Special case.  If portainer.db and portainer.edb exist.
-				dbFile1 := path.Join(connection.Path, DatabaseFileName)
-				f, _ := os.Create(dbFile1)
-				f.Close()
-				defer os.Remove(dbFile1)
-
-				dbFile2 := path.Join(connection.Path, EncryptedDatabaseFileName)
-				f, _ = os.Create(dbFile2)
-				f.Close()
-				defer os.Remove(dbFile2)
-			} else if tc.dbname != "" {
-				dbFile := path.Join(connection.Path, tc.dbname)
-				f, _ := os.Create(dbFile)
-				f.Close()
-				defer os.Remove(dbFile)
-			}
-
-			if tc.key {
-				connection.EncryptionKey = []byte("secret")
-			}
-
-			result, err := connection.NeedsEncryptionMigration()
-
-			is.Equal(tc.expectError, err, "Fatal Error failure. Test: %s", tc.name)
-			is.Equal(result, tc.expectResult, "Failed test: %s", tc.name)
-		})
-	}
-}

api/database/boltdb/export.go

@@ -1,101 +0,0 @@
-package boltdb
-
-import (
-	"encoding/json"
-	"time"
-
-	"github.com/sirupsen/logrus"
-	bolt "go.etcd.io/bbolt"
-)
-
-func backupMetadata(connection *bolt.DB) (map[string]interface{}, error) {
-	buckets := map[string]interface{}{}
-
-	err := connection.View(func(tx *bolt.Tx) error {
-		err := tx.ForEach(func(name []byte, bucket *bolt.Bucket) error {
-			bucketName := string(name)
-			bucket = tx.Bucket([]byte(bucketName))
-			seqId := bucket.Sequence()
-			buckets[bucketName] = int(seqId)
-			return nil
-		})
-
-		return err
-	})
-
-	return buckets, err
-}
-
-// ExportJSON creates a JSON representation from a DbConnection. You can include
-// the database's metadata or ignore it. Ensure the database is closed before
-// using this function
-// inspired by github.com/konoui/boltdb-exporter (which has no license)
-// but very much simplified, based on how we use boltdb
-func (c *DbConnection) ExportJson(databasePath string, metadata bool) ([]byte, error) {
-	logrus.WithField("databasePath", databasePath).Infof("exportJson")
-
-	connection, err := bolt.Open(databasePath, 0600, &bolt.Options{Timeout: 1 * time.Second, ReadOnly: true})
-	if err != nil {
-		return []byte("{}"), err
-	}
-	defer connection.Close()
-
-	backup := make(map[string]interface{})
-	if metadata {
-		meta, err := backupMetadata(connection)
-		if err != nil {
-			logrus.WithError(err).Errorf("Failed exporting metadata: %v", err)
-		}
-		backup["__metadata"] = meta
-	}
-
-	err = connection.View(func(tx *bolt.Tx) error {
-		err = tx.ForEach(func(name []byte, bucket *bolt.Bucket) error {
-			bucketName := string(name)
-			var list []interface{}
-			version := make(map[string]string)
-			cursor := bucket.Cursor()
-			for k, v := cursor.First(); k != nil; k, v = cursor.Next() {
-				if v == nil {
-					continue
-				}
-				var obj interface{}
-				err := c.UnmarshalObject(v, &obj)
-				if err != nil {
-					logrus.WithError(err).Errorf("Failed to unmarshal (bucket %s): %v", bucketName, string(v))
-					obj = v
-				}
-				if bucketName == "version" {
-					version[string(k)] = string(v)
-				} else {
-					list = append(list, obj)
-				}
-			}
-			if bucketName == "version" {
-				backup[bucketName] = version
-				return nil
-			}
-			if len(list) > 0 {
-				if bucketName == "ssl" ||
-					bucketName == "settings" ||
-					bucketName == "tunnel_server" {
-					backup[bucketName] = nil
-					if len(list) > 0 {
-						backup[bucketName] = list[0]
-					}
-					return nil
-				}
-				backup[bucketName] = list
-				return nil
-			}
-
-			return nil
-		})
-		return err
-	})
-	if err != nil {
-		return []byte("{}"), err
-	}
-
-	return json.MarshalIndent(backup, "", "  ")
-}

api/database/boltdb/json.go

@@ -1,133 +0,0 @@
-package boltdb
-
-import (
-	"crypto/aes"
-	"crypto/cipher"
-	"crypto/rand"
-	"encoding/json"
-	"fmt"
-	"io"
-
-	jsoniter "github.com/json-iterator/go"
-	"github.com/pkg/errors"
-)
-
-var errEncryptedStringTooShort = fmt.Errorf("encrypted string too short")
-
-// MarshalObject encodes an object to binary format
-func (connection *DbConnection) MarshalObject(object interface{}) (data []byte, err error) {
-	// Special case for the VERSION bucket. Here we're not using json
-	if v, ok := object.(string); ok {
-		data = []byte(v)
-	} else {
-		data, err = json.Marshal(object)
-		if err != nil {
-			return data, err
-		}
-	}
-	if connection.getEncryptionKey() == nil {
-		return data, nil
-	}
-	return encrypt(data, connection.getEncryptionKey())
-}
-
-// UnmarshalObject decodes an object from binary data
-func (connection *DbConnection) UnmarshalObject(data []byte, object interface{}) error {
-	var err error
-	if connection.getEncryptionKey() != nil {
-		data, err = decrypt(data, connection.getEncryptionKey())
-		if err != nil {
-			return errors.Wrap(err, "Failed decrypting object")
-		}
-	}
-	e := json.Unmarshal(data, object)
-	if e != nil {
-		// Special case for the VERSION bucket. Here we're not using json
-		// So we need to return it as a string
-		s, ok := object.(*string)
-		if !ok {
-			return errors.Wrap(err, e.Error())
-		}
-
-		*s = string(data)
-	}
-	return err
-}
-
-// UnmarshalObjectWithJsoniter decodes an object from binary data
-// using the jsoniter library. It is mainly used to accelerate environment(endpoint)
-// decoding at the moment.
-func (connection *DbConnection) UnmarshalObjectWithJsoniter(data []byte, object interface{}) error {
-	if connection.getEncryptionKey() != nil {
-		var err error
-		data, err = decrypt(data, connection.getEncryptionKey())
-		if err != nil {
-			return err
-		}
-	}
-	var jsoni = jsoniter.ConfigCompatibleWithStandardLibrary
-	err := jsoni.Unmarshal(data, &object)
-	if err != nil {
-		if s, ok := object.(*string); ok {
-			*s = string(data)
-			return nil
-		}
-
-		return err
-	}
-
-	return nil
-}
-
-// mmm, don't have a KMS .... aes GCM seems the most likely from
-// https://gist.github.com/atoponce/07d8d4c833873be2f68c34f9afc5a78a#symmetric-encryption
-
-func encrypt(plaintext []byte, passphrase []byte) (encrypted []byte, err error) {
-	block, _ := aes.NewCipher(passphrase)
-	gcm, err := cipher.NewGCM(block)
-	if err != nil {
-		return encrypted, err
-	}
-	nonce := make([]byte, gcm.NonceSize())
-	if _, err = io.ReadFull(rand.Reader, nonce); err != nil {
-		return encrypted, err
-	}
-	ciphertextByte := gcm.Seal(
-		nonce,
-		nonce,
-		plaintext,
-		nil)
-	return ciphertextByte, nil
-}
-
-func decrypt(encrypted []byte, passphrase []byte) (plaintextByte []byte, err error) {
-	if string(encrypted) == "false" {
-		return []byte("false"), nil
-	}
-	block, err := aes.NewCipher(passphrase)
-	if err != nil {
-		return encrypted, errors.Wrap(err, "Error creating cypher block")
-	}
-
-	gcm, err := cipher.NewGCM(block)
-	if err != nil {
-		return encrypted, errors.Wrap(err, "Error creating GCM")
-	}
-
-	nonceSize := gcm.NonceSize()
-	if len(encrypted) < nonceSize {
-		return encrypted, errEncryptedStringTooShort
-	}
-
-	nonce, ciphertextByteClean := encrypted[:nonceSize], encrypted[nonceSize:]
-	plaintextByte, err = gcm.Open(
-		nil,
-		nonce,
-		ciphertextByteClean,
-		nil)
-	if err != nil {
-		return encrypted, errors.Wrap(err, "Error decrypting text")
-	}
-
-	return plaintextByte, err
-}

api/database/boltdb/json_test.go

@@ -1,177 +0,0 @@
-package boltdb
-
-import (
-	"crypto/sha256"
-	"fmt"
-	"testing"
-
-	"github.com/gofrs/uuid"
-	"github.com/stretchr/testify/assert"
-)
-
-const (
-	jsonobject = `{"LogoURL":"","BlackListedLabels":[],"AuthenticationMethod":1,"InternalAuthSettings": {"RequiredPasswordLength": 12}"LDAPSettings":{"AnonymousMode":true,"ReaderDN":"","URL":"","TLSConfig":{"TLS":false,"TLSSkipVerify":false},"StartTLS":false,"SearchSettings":[{"BaseDN":"","Filter":"","UserNameAttribute":""}],"GroupSearchSettings":[{"GroupBaseDN":"","GroupFilter":"","GroupAttribute":""}],"AutoCreateUsers":true},"OAuthSettings":{"ClientID":"","AccessTokenURI":"","AuthorizationURI":"","ResourceURI":"","RedirectURI":"","UserIdentifier":"","Scopes":"","OAuthAutoCreateUsers":false,"DefaultTeamID":0,"SSO":true,"LogoutURI":"","KubeSecretKey":"j0zLVtY/lAWBk62ByyF0uP80SOXaitsABP0TTJX8MhI="},"OpenAMTConfiguration":{"Enabled":false,"MPSServer":"","MPSUser":"","MPSPassword":"","MPSToken":"","CertFileContent":"","CertFileName":"","CertFilePassword":"","DomainName":""},"FeatureFlagSettings":{},"SnapshotInterval":"5m","TemplatesURL":"https://raw.githubusercontent.com/portainer/templates/master/templates-2.0.json","EdgeAgentCheckinInterval":5,"EnableEdgeComputeFeatures":false,"UserSessionTimeout":"8h","KubeconfigExpiry":"0","EnableTelemetry":true,"HelmRepositoryURL":"https://charts.bitnami.com/bitnami","KubectlShellImage":"portainer/kubectl-shell","DisplayDonationHeader":false,"DisplayExternalContributors":false,"EnableHostManagementFeatures":false,"AllowVolumeBrowserForRegularUsers":false,"AllowBindMountsForRegularUsers":false,"AllowPrivilegedModeForRegularUsers":false,"AllowHostNamespaceForRegularUsers":false,"AllowStackManagementForRegularUsers":false,"AllowDeviceMappingForRegularUsers":false,"AllowContainerCapabilitiesForRegularUsers":false}`
-	passphrase = "my secret key"
-)
-
-func secretToEncryptionKey(passphrase string) []byte {
-	hash := sha256.Sum256([]byte(passphrase))
-	return hash[:]
-}
-
-func Test_MarshalObjectUnencrypted(t *testing.T) {
-	is := assert.New(t)
-
-	uuid := uuid.Must(uuid.NewV4())
-
-	tests := []struct {
-		object   interface{}
-		expected string
-	}{
-		{
-			object:   nil,
-			expected: `null`,
-		},
-		{
-			object:   true,
-			expected: `true`,
-		},
-		{
-			object:   false,
-			expected: `false`,
-		},
-		{
-			object:   123,
-			expected: `123`,
-		},
-		{
-			object:   "456",
-			expected: "456",
-		},
-		{
-			object:   uuid,
-			expected: "\"" + uuid.String() + "\"",
-		},
-		{
-			object:   uuid.String(),
-			expected: uuid.String(),
-		},
-		{
-			object:   map[string]interface{}{"key": "value"},
-			expected: `{"key":"value"}`,
-		},
-		{
-			object:   []bool{true, false},
-			expected: `[true,false]`,
-		},
-		{
-			object:   []int{1, 2, 3},
-			expected: `[1,2,3]`,
-		},
-		{
-			object:   []string{"1", "2", "3"},
-			expected: `["1","2","3"]`,
-		},
-		{
-			object:   []map[string]interface{}{{"key1": "value1"}, {"key2": "value2"}},
-			expected: `[{"key1":"value1"},{"key2":"value2"}]`,
-		},
-		{
-			object:   []interface{}{1, "2", false, map[string]interface{}{"key1": "value1"}},
-			expected: `[1,"2",false,{"key1":"value1"}]`,
-		},
-	}
-
-	conn := DbConnection{}
-
-	for _, test := range tests {
-		t.Run(fmt.Sprintf("%s -> %s", test.object, test.expected), func(t *testing.T) {
-			data, err := conn.MarshalObject(test.object)
-			is.NoError(err)
-			is.Equal(test.expected, string(data))
-		})
-	}
-}
-
-func Test_UnMarshalObjectUnencrypted(t *testing.T) {
-	is := assert.New(t)
-
-	// Based on actual data entering and what we expect out of the function
-
-	tests := []struct {
-		object   []byte
-		expected string
-	}{
-		{
-			object:   []byte(""),
-			expected: "",
-		},
-		{
-			object:   []byte("35"),
-			expected: "35",
-		},
-		{
-			// An unmarshalled byte string should return the same without error
-			object:   []byte("9ca4a1dd-a439-4593-b386-a7dfdc2e9fc6"),
-			expected: "9ca4a1dd-a439-4593-b386-a7dfdc2e9fc6",
-		},
-		{
-			// An un-marshalled json object string should return the same as a string without error also
-			object:   []byte(jsonobject),
-			expected: jsonobject,
-		},
-	}
-
-	conn := DbConnection{}
-
-	for _, test := range tests {
-		t.Run(fmt.Sprintf("%s -> %s", test.object, test.expected), func(t *testing.T) {
-			var object string
-			err := conn.UnmarshalObject(test.object, &object)
-			is.NoError(err)
-			is.Equal(test.expected, string(object))
-		})
-	}
-}
-
-func Test_ObjectMarshallingEncrypted(t *testing.T) {
-	is := assert.New(t)
-
-	// Based on actual data entering and what we expect out of the function
-
-	tests := []struct {
-		object   []byte
-		expected string
-	}{
-		{
-			object: []byte(""),
-		},
-		{
-			object: []byte("35"),
-		},
-		{
-			// An unmarshalled byte string should return the same without error
-			object: []byte("9ca4a1dd-a439-4593-b386-a7dfdc2e9fc6"),
-		},
-		{
-			// An un-marshalled json object string should return the same as a string without error also
-			object: []byte(jsonobject),
-		},
-	}
-
-	key := secretToEncryptionKey(passphrase)
-	conn := DbConnection{EncryptionKey: key}
-	for _, test := range tests {
-		t.Run(fmt.Sprintf("%s -> %s", test.object, test.expected), func(t *testing.T) {
-
-			data, err := conn.MarshalObject(test.object)
-			is.NoError(err)
-
-			var object []byte
-			err = conn.UnmarshalObject(data, &object)
-
-			is.NoError(err)
-			is.Equal(test.object, object)
-		})
-	}
-}

api/database/database.go

@@ -4,17 +4,18 @@ import (
 	"fmt"
 
 	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/database/boltdb"
+	"github.com/portainer/portainer/api/database/sqlite"
 )
 
 // NewDatabase should use config options to return a connection to the requested database
 func NewDatabase(storeType, storePath string, encryptionKey []byte) (connection portainer.Connection, err error) {
 	switch storeType {
-	case "boltdb":
-		return &boltdb.DbConnection{
+	case "sqlite":
+		return &sqlite.DbConnection{
 			Path:          storePath,
 			EncryptionKey: encryptionKey,
 		}, nil
 	}
-	return nil, fmt.Errorf("unknown storage database: %s", storeType)
+
+	return nil, fmt.Errorf("Unknown storage database: %s", storeType)
 }

api/database/models/accessPolicy.go

@@ -0,0 +1,9 @@
+package models
+
+type (
+	// AccessPolicy represent a policy that can be associated to a user or team
+	AccessPolicy struct {
+		// Role identifier. Reference the role that will be associated to this access policy
+		RoleID RoleID `json:"RoleId" example:"1"`
+	}
+)

api/database/models/authorizations.go

@@ -0,0 +1,9 @@
+package models
+
+type (
+	// Authorization represents an authorization associated to an operation
+	Authorization string
+
+	// Authorizations represents a set of authorizations associated to a role
+	Authorizations map[Authorization]bool
+)

api/database/models/configmaps_and_secrets.go

@@ -0,0 +1,17 @@
+package models
+
+type (
+	K8sConfigMapOrSecret struct {
+		UID          string            `json:"UID"`
+		Name         string            `json:"Name"`
+		Namespace    string            `json:"Namespace"`
+		CreationDate string            `json:"CreationDate"`
+		Annotations  map[string]string `json:"Annotations"`
+		Data         map[string]string `json:"Data"`
+		Applications []string          `json:"Applications"`
+		IsSecret     bool              `json:"IsSecret"`
+
+		// SecretType will be an empty string for config maps.
+		SecretType string `json:"SecretType"`
+	}
+)

api/database/models/fdo.go

@@ -0,0 +1,21 @@
+package models
+
+type (
+	FDOConfiguration struct {
+		Enabled       bool   `json:"enabled"`
+		OwnerURL      string `json:"ownerURL"`
+		OwnerUsername string `json:"ownerUsername"`
+		OwnerPassword string `json:"ownerPassword"`
+	}
+
+	// FDOProfileID represents a fdo profile id
+	FDOProfileID int
+
+	FDOProfile struct {
+		ID            FDOProfileID `json:"id"`
+		Name          string       `json:"name"`
+		FilePath      string       `json:"filePath"`
+		NumberDevices int          `json:"numberDevices"`
+		DateCreated   int64        `json:"dateCreated"`
+	}
+)

api/database/models/ingress.go

@@ -0,0 +1,78 @@
+package models
+
+import (
+	"errors"
+	"net/http"
+)
+
+type (
+	K8sIngressController struct {
+		Name         string `json:"Name"`
+		ClassName    string `json:"ClassName"`
+		Type         string `json:"Type"`
+		Availability bool   `json:"Availability"`
+		New          bool   `json:"New"`
+		Used         bool   `json:"Used"`
+	}
+
+	K8sIngressControllers []K8sIngressController
+
+	K8sIngressInfo struct {
+		Name        string            `json:"Name"`
+		UID         string            `json:"UID"`
+		Type        string            `json:"Type"`
+		Namespace   string            `json:"Namespace"`
+		ClassName   string            `json:"ClassName"`
+		Annotations map[string]string `json:"Annotations"`
+		Hosts       []string          `json:"Hosts"`
+		Paths       []K8sIngressPath  `json:"Paths"`
+		TLS         []K8sIngressTLS   `json:"TLS"`
+	}
+
+	K8sIngressTLS struct {
+		Hosts      []string `json:"Hosts"`
+		SecretName string   `json:"SecretName"`
+	}
+
+	K8sIngressPath struct {
+		IngressName string `json:"IngressName"`
+		Host        string `json:"Host"`
+		ServiceName string `json:"ServiceName"`
+		Port        int    `json:"Port"`
+		Path        string `json:"Path"`
+		PathType    string `json:"PathType"`
+	}
+
+	// K8sIngressDeleteRequests is a mapping of namespace names to a slice of
+	// ingress names.
+	K8sIngressDeleteRequests map[string][]string
+)
+
+func (r K8sIngressControllers) Validate(request *http.Request) error {
+	return nil
+}
+
+func (r K8sIngressInfo) Validate(request *http.Request) error {
+	if r.Name == "" {
+		return errors.New("missing ingress name from the request payload")
+	}
+	if r.Namespace == "" {
+		return errors.New("missing ingress Namespace from the request payload")
+	}
+	if r.ClassName == "" {
+		return errors.New("missing ingress ClassName from the request payload")
+	}
+	return nil
+}
+
+func (r K8sIngressDeleteRequests) Validate(request *http.Request) error {
+	if len(r) == 0 {
+		return errors.New("missing deletion request list in payload")
+	}
+	for ns := range r {
+		if len(ns) == 0 {
+			return errors.New("deletion given with empty namespace")
+		}
+	}
+	return nil
+}

api/database/models/ldap.go

@@ -0,0 +1,48 @@
+package models
+
+type (
+	// LDAPSettings represents the settings used to connect to a LDAP server
+	LDAPSettings struct {
+		// Enable this option if the server is configured for Anonymous access. When enabled, ReaderDN and Password will not be used
+		AnonymousMode bool `json:"AnonymousMode" example:"true" validate:"validate_bool"`
+		// Account that will be used to search for users
+		ReaderDN string `json:"ReaderDN" example:"cn=readonly-account,dc=ldap,dc=domain,dc=tld" validate:"required_if=AnonymousMode false"`
+		// Password of the account that will be used to search users
+		Password string `json:"Password,omitempty" example:"readonly-password" validate:"required_if=AnonymousMode false"`
+		// URL or IP address of the LDAP server
+		URL       string           `json:"URL" example:"myldap.domain.tld:389" validate:"hostname_port"`
+		TLSConfig TLSConfiguration `json:"TLSConfig"`
+		// Whether LDAP connection should use StartTLS
+		StartTLS            bool                      `json:"StartTLS" example:"true"`
+		SearchSettings      []LDAPSearchSettings      `json:"SearchSettings"`
+		GroupSearchSettings []LDAPGroupSearchSettings `json:"GroupSearchSettings"`
+		// Automatically provision users and assign them to matching LDAP group names
+		AutoCreateUsers bool `json:"AutoCreateUsers" example:"true"`
+	}
+
+	// LDAPUser represents a LDAP user
+	LDAPUser struct {
+		Name   string
+		Groups []string
+	}
+
+	// LDAPGroupSearchSettings represents settings used to search for groups in a LDAP server
+	LDAPGroupSearchSettings struct {
+		// The distinguished name of the element from which the LDAP server will search for groups
+		GroupBaseDN string `json:"GroupBaseDN" example:"dc=ldap,dc=domain,dc=tld"`
+		// The LDAP search filter used to select group elements, optional
+		GroupFilter string `json:"GroupFilter" example:"(objectClass=account"`
+		// LDAP attribute which denotes the group membership
+		GroupAttribute string `json:"GroupAttribute" example:"member"`
+	}
+
+	// LDAPSearchSettings represents settings used to search for users in a LDAP server
+	LDAPSearchSettings struct {
+		// The distinguished name of the element from which the LDAP server will search for users
+		BaseDN string `json:"BaseDN" example:"dc=ldap,dc=domain,dc=tld"`
+		// Optional LDAP search filter used to select user elements
+		Filter string `json:"Filter" example:"(objectClass=account)"`
+		// LDAP attribute which denotes the username
+		UserNameAttribute string `json:"UserNameAttribute" example:"uid"`
+	}
+)

api/database/models/membership.go

@@ -0,0 +1,6 @@
+package models
+
+type (
+	// MembershipRole represents the role of a user within a team
+	MembershipRole int
+)

api/database/models/namespaces.go

@@ -0,0 +1,12 @@
+package models
+
+import "net/http"
+
+type K8sNamespaceDetails struct {
+	Name        string            `json:"Name"`
+	Annotations map[string]string `json:"Annotations"`
+}
+
+func (r *K8sNamespaceDetails) Validate(request *http.Request) error {
+	return nil
+}

api/database/models/openamt.go

@@ -0,0 +1,37 @@
+package models
+
+type (
+	// PowerState represents an AMT managed device power state
+	PowerState int
+
+	// OpenAMTConfiguration represents the credentials and configurations used to connect to an OpenAMT MPS server
+	OpenAMTConfiguration struct {
+		Enabled          bool   `json:"enabled"`
+		MPSServer        string `json:"mpsServer"`
+		MPSUser          string `json:"mpsUser"`
+		MPSPassword      string `json:"mpsPassword"`
+		MPSToken         string `json:"mpsToken"` // retrieved from API
+		CertFileName     string `json:"certFileName"`
+		CertFileContent  string `json:"certFileContent"`
+		CertFilePassword string `json:"certFilePassword"`
+		DomainName       string `json:"domainName"`
+	}
+
+	// OpenAMTDeviceInformation represents an AMT managed device information
+	OpenAMTDeviceInformation struct {
+		GUID             string                        `json:"guid"`
+		HostName         string                        `json:"hostname"`
+		ConnectionStatus bool                          `json:"connectionStatus"`
+		PowerState       PowerState                    `json:"powerState"`
+		EnabledFeatures  *OpenAMTDeviceEnabledFeatures `json:"features"`
+	}
+
+	// OpenAMTDeviceEnabledFeatures represents an AMT managed device features information
+	OpenAMTDeviceEnabledFeatures struct {
+		Redirection bool   `json:"redirection"`
+		KVM         bool   `json:"KVM"`
+		SOL         bool   `json:"SOL"`
+		IDER        bool   `json:"IDER"`
+		UserConsent string `json:"userConsent"`
+	}
+)

api/database/models/resourceAccess.go

@@ -0,0 +1,6 @@
+package models
+
+type (
+	// ResourceAccessLevel represents the level of control associated to a resource
+	ResourceAccessLevel int
+)

api/database/models/role.go

@@ -0,0 +1,20 @@
+package models
+
+type (
+	// Role represents a set of authorizations that can be associated to a user or
+	// to a team.
+	Role struct {
+		// Role Identifier
+		ID RoleID `json:"Id" example:"1"`
+		// Role name
+		Name string `json:"Name" example:"HelpDesk"`
+		// Role description
+		Description string `json:"Description" example:"Read-only access of all resources in an environment(endpoint)"`
+		// Authorizations associated to a role
+		Authorizations Authorizations `json:"Authorizations"`
+		Priority       int            `json:"Priority"`
+	}
+
+	// RoleID represents a role identifier
+	RoleID int
+)

api/database/models/services.go

@@ -0,0 +1,64 @@
+package models
+
+import (
+	"errors"
+	"net/http"
+)
+
+type (
+	K8sServiceInfo struct {
+		Name                          string              `json:"Name"`
+		UID                           string              `json:"UID"`
+		Type                          string              `json:"Type"`
+		Namespace                     string              `json:"Namespace"`
+		Annotations                   map[string]string   `json:"Annotations"`
+		CreationTimestamp             string              `json:"CreationTimestamp"`
+		Labels                        map[string]string   `json:"Labels"`
+		AllocateLoadBalancerNodePorts *bool               `json:"AllocateLoadBalancerNodePorts,omitempty"`
+		Ports                         []K8sServicePort    `json:"Ports"`
+		Selector                      map[string]string   `json:"Selector"`
+		IngressStatus                 []K8sServiceIngress `json:"IngressStatus"`
+	}
+
+	K8sServicePort struct {
+		Name       string `json:"Name"`
+		NodePort   int    `json:"NodePort"`
+		Port       int    `json:"Port"`
+		Protocol   string `json:"Protocol"`
+		TargetPort int    `json:"TargetPort"`
+	}
+
+	K8sServiceIngress struct {
+		IP   string `json:"IP"`
+		Host string `json:"Host"`
+	}
+
+	// K8sServiceDeleteRequests is a mapping of namespace names to a slice of
+	// service names.
+	K8sServiceDeleteRequests map[string][]string
+)
+
+func (s *K8sServiceInfo) Validate(request *http.Request) error {
+	if s.Name == "" {
+		return errors.New("missing service name from the request payload")
+	}
+	if s.Namespace == "" {
+		return errors.New("missing service namespace from the request payload")
+	}
+	if s.Ports == nil {
+		return errors.New("missing service ports from the request payload")
+	}
+	return nil
+}
+
+func (r K8sServiceDeleteRequests) Validate(request *http.Request) error {
+	if len(r) == 0 {
+		return errors.New("missing deletion request list in payload")
+	}
+	for ns := range r {
+		if len(ns) == 0 {
+			return errors.New("deletion given with empty namespace")
+		}
+	}
+	return nil
+}

api/database/models/settings.go

@@ -0,0 +1,118 @@
+package models
+
+const (
+	_ AuthenticationMethod = iota
+	// AuthenticationInternal represents the internal authentication method (authentication against Portainer API)
+	AuthenticationInternal
+	// AuthenticationLDAP represents the LDAP authentication method (authentication against a LDAP server)
+	AuthenticationLDAP
+	//AuthenticationOAuth represents the OAuth authentication method (authentication against a authorization server)
+	AuthenticationOAuth
+)
+
+type (
+
+	// AuthenticationMethod represents the authentication method used to authenticate a user
+	AuthenticationMethod int
+
+	// InternalAuthSettings represents settings used for the default 'internal' authentication
+	InternalAuthSettings struct {
+		RequiredPasswordLength int
+	}
+
+	// OAuthSettings represents the settings used to authorize with an authorization server
+	OAuthSettings struct {
+		ClientID             string `json:"ClientID"`
+		ClientSecret         string `json:"ClientSecret,omitempty"`
+		AccessTokenURI       string `json:"AccessTokenURI"`
+		AuthorizationURI     string `json:"AuthorizationURI"`
+		ResourceURI          string `json:"ResourceURI"`
+		RedirectURI          string `json:"RedirectURI"`
+		UserIdentifier       string `json:"UserIdentifier"`
+		Scopes               string `json:"Scopes"`
+		OAuthAutoCreateUsers bool   `json:"OAuthAutoCreateUsers"`
+		DefaultTeamID        TeamID `json:"DefaultTeamID"`
+		SSO                  bool   `json:"SSO"`
+		LogoutURI            string `json:"LogoutURI"`
+		KubeSecretKey        []byte `json:"KubeSecretKey"`
+	}
+
+	// Settings represents the application settings
+	Settings struct {
+		// URL to a logo that will be displayed on the login page as well as on top of the sidebar. Will use default Portainer logo when value is empty string
+		LogoURL string `json:"LogoURL" example:"https://mycompany.mydomain.tld/logo.png"`
+		// A list of label name & value that will be used to hide containers when querying containers
+		BlackListedLabels []Pair `json:"BlackListedLabels"`
+		// Active authentication method for the Portainer instance. Valid values are: 1 for internal, 2 for LDAP, or 3 for oauth
+		AuthenticationMethod AuthenticationMethod `json:"AuthenticationMethod" example:"1"`
+		InternalAuthSettings InternalAuthSettings `json:"InternalAuthSettings" example:""`
+		LDAPSettings         LDAPSettings         `json:"LDAPSettings" example:""`
+		OAuthSettings        OAuthSettings        `json:"OAuthSettings" example:""`
+		OpenAMTConfiguration OpenAMTConfiguration `json:"openAMTConfiguration" example:""`
+		FDOConfiguration     FDOConfiguration     `json:"fdoConfiguration" example:""`
+		FeatureFlagSettings  map[Feature]bool     `json:"FeatureFlagSettings" example:""`
+		// The interval in which environment(endpoint) snapshots are created
+		SnapshotInterval string `json:"SnapshotInterval" example:"5m"`
+		// URL to the templates that will be displayed in the UI when navigating to App Templates
+		TemplatesURL string `json:"TemplatesURL" example:"https://raw.githubusercontent.com/portainer/templates/master/templates.json"`
+		// The default check in interval for edge agent (in seconds)
+		EdgeAgentCheckinInterval int `json:"EdgeAgentCheckinInterval" example:"5"`
+		// Whether edge compute features are enabled
+		EnableEdgeComputeFeatures bool `json:"EnableEdgeComputeFeatures" example:""`
+		// The duration of a user session
+		UserSessionTimeout string `json:"UserSessionTimeout" example:"5m"`
+		// The expiry of a Kubeconfig
+		KubeconfigExpiry string `json:"KubeconfigExpiry" example:"24h"`
+		// Whether telemetry is enabled
+		EnableTelemetry bool `json:"EnableTelemetry" example:"false"`
+		// Helm repository URL, defaults to "https://charts.bitnami.com/bitnami"
+		HelmRepositoryURL string `json:"HelmRepositoryURL" example:"https://charts.bitnami.com/bitnami"`
+		// KubectlImage, defaults to portainer/kubectl-shell
+		KubectlShellImage string `json:"KubectlShellImage" example:"portainer/kubectl-shell"`
+		// TrustOnFirstConnect makes Portainer accepting edge agent connection by default
+		TrustOnFirstConnect bool `json:"TrustOnFirstConnect" example:"false"`
+		// EnforceEdgeID makes Portainer store the Edge ID instead of accepting anyone
+		EnforceEdgeID bool `json:"EnforceEdgeID" example:"false"`
+		// Container environment parameter AGENT_SECRET
+		AgentSecret string `json:"AgentSecret"`
+		// EdgePortainerURL is the URL that is exposed to edge agents
+		EdgePortainerURL string `json:"EdgePortainerUrl"`
+
+		Edge struct {
+			// The command list interval for edge agent - used in edge async mode (in seconds)
+			CommandInterval int `json:"CommandInterval" example:"5"`
+			// The ping interval for edge agent - used in edge async mode (in seconds)
+			PingInterval int `json:"PingInterval" example:"5"`
+			// The snapshot interval for edge agent - used in edge async mode (in seconds)
+			SnapshotInterval int `json:"SnapshotInterval" example:"5"`
+			// EdgeAsyncMode enables edge async mode by default
+			AsyncMode bool
+		}
+
+		// Deprecated fields
+		DisplayDonationHeader       bool
+		DisplayExternalContributors bool
+
+		// Deprecated fields v26
+		EnableHostManagementFeatures              bool `json:"EnableHostManagementFeatures"`
+		AllowVolumeBrowserForRegularUsers         bool `json:"AllowVolumeBrowserForRegularUsers"`
+		AllowBindMountsForRegularUsers            bool `json:"AllowBindMountsForRegularUsers"`
+		AllowPrivilegedModeForRegularUsers        bool `json:"AllowPrivilegedModeForRegularUsers"`
+		AllowHostNamespaceForRegularUsers         bool `json:"AllowHostNamespaceForRegularUsers"`
+		AllowStackManagementForRegularUsers       bool `json:"AllowStackManagementForRegularUsers"`
+		AllowDeviceMappingForRegularUsers         bool `json:"AllowDeviceMappingForRegularUsers"`
+		AllowContainerCapabilitiesForRegularUsers bool `json:"AllowContainerCapabilitiesForRegularUsers"`
+	}
+
+	/**
+	extras
+	*/
+	// Pair defines a key/value string pair
+	Pair struct {
+		Name  string `json:"name" example:"name"`
+		Value string `json:"value" example:"value"`
+	}
+
+	// Feature represents a feature that can be enabled or disabled via feature flags
+	Feature string
+)

api/database/models/team.go

@@ -0,0 +1,38 @@
+package models
+
+type (
+	// Team represents a list of user accounts
+	Team struct {
+		// Team Identifier
+		ID TeamID `json:"Id" example:"1"`
+		// Team name
+		Name string `json:"Name" example:"developers"`
+	}
+
+	// TeamAccessPolicies represent the association of an access policy and a team
+	TeamAccessPolicies map[TeamID]AccessPolicy
+
+	// TeamID represents a team identifier
+	TeamID int
+
+	// TeamMembership represents a membership association between a user and a team
+	TeamMembership struct {
+		// Membership Identifier
+		ID TeamMembershipID `json:"Id" example:"1"`
+		// User identifier
+		UserID UserID `json:"UserID" example:"1"`
+		// Team identifier
+		TeamID TeamID `json:"TeamID" example:"1"`
+		// Team role (1 for team leader and 2 for team member)
+		Role MembershipRole `json:"Role" example:"1"`
+	}
+
+	// TeamMembershipID represents a team membership identifier
+	TeamMembershipID int
+
+	// TeamResourceAccess represents the level of control on a resource for a specific team
+	TeamResourceAccess struct {
+		TeamID      TeamID              `json:"TeamId"`
+		AccessLevel ResourceAccessLevel `json:"AccessLevel"`
+	}
+)

api/database/models/tls.go

@@ -0,0 +1,17 @@
+package models
+
+type (
+	// TLSConfiguration represents a TLS configuration
+	TLSConfiguration struct {
+		// Use TLS
+		TLS bool `json:"TLS" example:"true"`
+		// Skip the verification of the server TLS certificate
+		TLSSkipVerify bool `json:"TLSSkipVerify" example:"false"`
+		// Path to the TLS CA certificate file
+		TLSCACertPath string `json:"TLSCACert,omitempty" example:"/data/tls/ca.pem"`
+		// Path to the TLS client certificate file
+		TLSCertPath string `json:"TLSCert,omitempty" example:"/data/tls/cert.pem"`
+		// Path to the TLS client key file
+		TLSKeyPath string `json:"TLSKey,omitempty" example:"/data/tls/key.pem"`
+	}
+)

api/database/models/user.go

@@ -0,0 +1,6 @@
+package models
+
+type (
+	// UserID represents a user identifier
+	UserID int
+)

api/database/models/version.go

@@ -0,0 +1,19 @@
+package models
+
+import "net/http"
+
+const (
+	VersionKey  string = "DB_VERSION"
+	InstanceKey string = "INSTANCE_ID"
+	EditionKey  string = "EDITION"
+	UpdatingKey string = "DB_UPDATING"
+)
+
+type Version struct {
+	Key   string `json:"Key"`
+	Value string `json:"Value"`
+}
+
+func (r *Version) Validate(request *http.Request) error {
+	return nil
+}

api/database/sqlite/db.go

@@ -0,0 +1,167 @@
+package sqlite
+
+import (
+	"errors"
+	"os"
+	"path"
+
+	"gorm.io/driver/sqlite"
+	"gorm.io/gorm"
+
+	"github.com/portainer/portainer/api/database/models"
+	"github.com/rs/zerolog/log"
+)
+
+const (
+	DatabaseFileName          = "portainer.db"
+	EncryptedDatabaseFileName = "portainer.edb"
+)
+
+var (
+	ErrHaveEncryptedAndUnencrypted = errors.New("Portainer has detected both an encrypted and un-encrypted database and cannot start.  Only one database should exist")
+	ErrHaveEncryptedWithNoKey      = errors.New("The portainer database is encrypted, but no secret was loaded")
+)
+
+type DbConnection struct {
+	Path          string
+	EncryptionKey []byte
+	isEncrypted   bool
+
+	*gorm.DB
+}
+
+func (connection *DbConnection) GetDB() *gorm.DB {
+	if connection.DB == nil {
+		err := connection.Open()
+		if err != nil {
+			panic(err)
+		}
+	}
+	return connection.DB
+}
+
+// GetDatabaseFileName get the database filename
+func (connection *DbConnection) GetDatabaseFileName() string {
+	if connection.IsEncryptedStore() {
+		return EncryptedDatabaseFileName
+	}
+
+	return DatabaseFileName
+}
+
+// GetDataseFilePath get the path + filename for the database file
+func (connection *DbConnection) GetDatabaseFilePath() string {
+	if connection.IsEncryptedStore() {
+		return path.Join(connection.Path, EncryptedDatabaseFileName)
+	}
+
+	return path.Join(connection.Path, DatabaseFileName)
+}
+
+// GetStorePath get the filename and path for the database file
+func (connection *DbConnection) GetStorePath() string {
+	return connection.Path
+}
+
+func (connection *DbConnection) SetEncrypted(flag bool) {
+	connection.isEncrypted = flag
+}
+
+// Return true if the database is encrypted
+func (connection *DbConnection) IsEncryptedStore() bool {
+	return connection.getEncryptionKey() != nil
+}
+
+// NeedsEncryptionMigration returns true if database encryption is enabled and
+// we have an un-encrypted DB that requires migration to an encrypted DB
+func (connection *DbConnection) NeedsEncryptionMigration() (bool, error) {
+
+	// Cases:  Note, we need to check both portainer.db and portainer.edb
+	// to determine if it's a new store.   We only need to differentiate between cases 2,3 and 5
+
+	// 1) portainer.edb + key     => False
+	// 2) portainer.edb + no key  => ERROR Fatal!
+	// 3) portainer.db  + key     => True  (needs migration)
+	// 4) portainer.db  + no key  => False
+	// 5) NoDB (new)    + key     => False
+	// 6) NoDB (new)    + no key  => False
+	// 7) portainer.db & portainer.edb => ERROR Fatal!
+
+	// If we have a loaded encryption key, always set encrypted
+	if connection.EncryptionKey != nil {
+		connection.SetEncrypted(true)
+	}
+
+	// Check for portainer.db
+	dbFile := path.Join(connection.Path, DatabaseFileName)
+	_, err := os.Stat(dbFile)
+	haveDbFile := err == nil
+
+	// Check for portainer.edb
+	edbFile := path.Join(connection.Path, EncryptedDatabaseFileName)
+	_, err = os.Stat(edbFile)
+	haveEdbFile := err == nil
+
+	if haveDbFile && haveEdbFile {
+		// 7 - encrypted and unencrypted db?
+		return false, ErrHaveEncryptedAndUnencrypted
+	}
+
+	if haveDbFile && connection.EncryptionKey != nil {
+		// 3 - needs migration
+		return true, nil
+	}
+
+	if haveEdbFile && connection.EncryptionKey == nil {
+		// 2 - encrypted db, but no key?
+		return false, ErrHaveEncryptedWithNoKey
+	}
+
+	// 1, 4, 5, 6
+	return false, nil
+}
+
+// Open opens and initializes the BoltDB database.
+func (connection *DbConnection) Open() error {
+
+	log.Info().Str("filename", connection.GetDatabaseFileName()).Msg("loading PortainerDB")
+
+	// Now we open the db
+	databasePath := connection.GetDatabaseFilePath()
+
+	db, err := gorm.Open(sqlite.Open(databasePath), &gorm.Config{})
+	if err != nil {
+		return err
+	}
+	sqlDB, err := db.DB()
+	if err != nil {
+		return err
+	}
+	sqlDB.SetMaxOpenConns(5)
+	sqlDB.SetMaxOpenConns(10)
+	connection.DB = db
+
+	return nil
+}
+
+func (connection *DbConnection) Close() error {
+	sqlDB, err := connection.DB.DB()
+	if err != nil {
+		return err
+	}
+	connection.DB = nil
+	return sqlDB.Close()
+}
+
+func (connection *DbConnection) getEncryptionKey() []byte {
+	if !connection.isEncrypted {
+		return nil
+	}
+
+	return connection.EncryptionKey
+}
+
+func (connection *DbConnection) Init() error {
+	connection.DB.AutoMigrate(&models.Version{})
+	return nil
+}

api/dataservices/apikeyrepository/apikeyrepository.go

@@ -1,12 +1,7 @@
 package apikeyrepository
 
 import (
-	"bytes"
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/dataservices/errors"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -21,10 +16,10 @@ type Service struct {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -35,85 +30,93 @@ func NewService(connection portainer.Connection) (*Service, error) {
 func (service *Service) GetAPIKeysByUserID(userID portainer.UserID) ([]portainer.APIKey, error) {
 	var result = make([]portainer.APIKey, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.APIKey{},
-		func(obj interface{}) (interface{}, error) {
-			record, ok := obj.(*portainer.APIKey)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to APIKey object")
-				return nil, fmt.Errorf("Failed to convert to APIKey object: %s", obj)
-			}
-			if record.UserID == userID {
-				result = append(result, *record)
-			}
-			return &portainer.APIKey{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.APIKey{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		record, ok := obj.(*portainer.APIKey)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to APIKey object")
+	// 			return nil, fmt.Errorf("Failed to convert to APIKey object: %s", obj)
+	// 		}
 
-	return result, err
+	// 		if record.UserID == userID {
+	// 			result = append(result, *record)
+	// 		}
+
+	// 		return &portainer.APIKey{}, nil
+	// })
+
+	return result, nil
 }
 
 // GetAPIKeyByDigest returns the API key for the associated digest.
 // Note: there is a 1-to-1 mapping of api-key and digest
 func (service *Service) GetAPIKeyByDigest(digest []byte) (*portainer.APIKey, error) {
-	var k *portainer.APIKey
-	stop := fmt.Errorf("ok")
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.APIKey{},
-		func(obj interface{}) (interface{}, error) {
-			key, ok := obj.(*portainer.APIKey)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to APIKey object")
-				return nil, fmt.Errorf("Failed to convert to APIKey object: %s", obj)
-			}
-			if bytes.Equal(key.Digest, digest) {
-				k = key
-				return nil, stop
-			}
-			return &portainer.APIKey{}, nil
-		})
-	if err == stop {
-		return k, nil
-	}
-	if err == nil {
-		return nil, errors.ErrObjectNotFound
-	}
+	// var k *portainer.APIKey
+	// stop := fmt.Errorf("ok")
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.APIKey{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		key, ok := obj.(*portainer.APIKey)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to APIKey object")
+	// 			return nil, fmt.Errorf("Failed to convert to APIKey object: %s", obj)
+	// 		}
+	// 		if bytes.Equal(key.Digest, digest) {
+	// 			k = key
+	// 			return nil, stop
+	// 		}
 
-	return nil, err
+	// 		return &portainer.APIKey{}, nil
+	// 	})
+
+	// if err == stop {
+	// 	return k, nil
+	// }
+
+	// if err == nil {
+	// 	return nil, errors.ErrObjectNotFound
+	// }
+
+	return nil, nil
 }
 
 // CreateAPIKey creates a new APIKey object.
 func (service *Service) CreateAPIKey(record *portainer.APIKey) error {
-	return service.connection.CreateObject(
-		BucketName,
-		func(id uint64) (int, interface{}) {
-			record.ID = portainer.APIKeyID(id)
+	// return service.connection.CreateObject(
+	// 	BucketName,
+	// 	func(id uint64) (int, interface{}) {
+	// 		record.ID = portainer.APIKeyID(id)
 
-			return int(record.ID), record
-		},
-	)
+	// 		return int(record.ID), record
+	// 	},
+	// )
+	return nil
 }
 
 // GetAPIKey retrieves an existing APIKey object by api key ID.
 func (service *Service) GetAPIKey(keyID portainer.APIKeyID) (*portainer.APIKey, error) {
 	var key portainer.APIKey
-	identifier := service.connection.ConvertToKey(int(keyID))
+	// identifier := service.connection.ConvertToKey(int(keyID))
 
-	err := service.connection.GetObject(BucketName, identifier, &key)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &key)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &key, nil
 }
 
 func (service *Service) UpdateAPIKey(key *portainer.APIKey) error {
-	identifier := service.connection.ConvertToKey(int(key.ID))
-	return service.connection.UpdateObject(BucketName, identifier, key)
+	// identifier := service.connection.ConvertToKey(int(key.ID))
+	// return service.connection.UpdateObject(BucketName, identifier, key)
+	return nil
 }
 
 func (service *Service) DeleteAPIKey(ID portainer.APIKeyID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }

api/dataservices/customtemplate/customtemplate.go

@@ -1,10 +1,7 @@
 package customtemplate
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,10 +20,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -37,55 +34,60 @@ func NewService(connection portainer.Connection) (*Service, error) {
 func (service *Service) CustomTemplates() ([]portainer.CustomTemplate, error) {
 	var customTemplates = make([]portainer.CustomTemplate, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.CustomTemplate{},
-		func(obj interface{}) (interface{}, error) {
-			//var tag portainer.Tag
-			customTemplate, ok := obj.(*portainer.CustomTemplate)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to CustomTemplate object")
-				return nil, fmt.Errorf("Failed to convert to CustomTemplate object: %s", obj)
-			}
-			customTemplates = append(customTemplates, *customTemplate)
-			return &portainer.CustomTemplate{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.CustomTemplate{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		//var tag portainer.Tag
+	// 		customTemplate, ok := obj.(*portainer.CustomTemplate)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to CustomTemplate object")
+	// 			return nil, fmt.Errorf("Failed to convert to CustomTemplate object: %s", obj)
+	// 		}
+	// 		customTemplates = append(customTemplates, *customTemplate)
 
-	return customTemplates, err
+	// 		return &portainer.CustomTemplate{}, nil
+	// 	})
+
+	return customTemplates, nil
 }
 
 // CustomTemplate returns an custom template by ID.
 func (service *Service) CustomTemplate(ID portainer.CustomTemplateID) (*portainer.CustomTemplate, error) {
 	var customTemplate portainer.CustomTemplate
-	identifier := service.connection.ConvertToKey(int(ID))
+	// identifier := service.connection.ConvertToKey(int(ID))
 
-	err := service.connection.GetObject(BucketName, identifier, &customTemplate)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &customTemplate)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &customTemplate, nil
 }
 
 // UpdateCustomTemplate updates an custom template.
 func (service *Service) UpdateCustomTemplate(ID portainer.CustomTemplateID, customTemplate *portainer.CustomTemplate) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, customTemplate)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.UpdateObject(BucketName, identifier, customTemplate)
+	return nil
 }
 
 // DeleteCustomTemplate deletes an custom template.
 func (service *Service) DeleteCustomTemplate(ID portainer.CustomTemplateID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }
 
 // CreateCustomTemplate uses the existing id and saves it.
 // TODO: where does the ID come from, and is it safe?
 func (service *Service) Create(customTemplate *portainer.CustomTemplate) error {
-	return service.connection.CreateObjectWithId(BucketName, int(customTemplate.ID), customTemplate)
+	// return service.connection.CreateObjectWithId(BucketName, int(customTemplate.ID), customTemplate)
+	return nil
 }
 
 // GetNextIdentifier returns the next identifier for a custom template.
 func (service *Service) GetNextIdentifier() int {
-	return service.connection.GetNextIdentifier(BucketName)
+	// return service.connection.GetNextIdentifier(BucketName)
+	return 0
 }

api/dataservices/dockerhub/dockerhub.go

@@ -21,10 +21,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -35,15 +35,16 @@ func NewService(connection portainer.Connection) (*Service, error) {
 func (service *Service) DockerHub() (*portainer.DockerHub, error) {
 	var dockerhub portainer.DockerHub
 
-	err := service.connection.GetObject(BucketName, []byte(dockerHubKey), &dockerhub)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, []byte(dockerHubKey), &dockerhub)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &dockerhub, nil
 }
 
 // UpdateDockerHub updates a DockerHub object.
 func (service *Service) UpdateDockerHub(dockerhub *portainer.DockerHub) error {
-	return service.connection.UpdateObject(BucketName, []byte(dockerHubKey), dockerhub)
+	// return service.connection.UpdateObject(BucketName, []byte(dockerHubKey), dockerhub)
+	return nil
 }

api/dataservices/edgegroup/edgegroup.go

@@ -1,10 +1,7 @@
 package edgegroup
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,10 +20,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -37,54 +34,58 @@ func NewService(connection portainer.Connection) (*Service, error) {
 func (service *Service) EdgeGroups() ([]portainer.EdgeGroup, error) {
 	var groups = make([]portainer.EdgeGroup, 0)
 
-	err := service.connection.GetAllWithJsoniter(
-		BucketName,
-		&portainer.EdgeGroup{},
-		func(obj interface{}) (interface{}, error) {
-			group, ok := obj.(*portainer.EdgeGroup)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to EdgeGroup object")
-				return nil, fmt.Errorf("Failed to convert to EdgeGroup object: %s", obj)
-			}
-			groups = append(groups, *group)
-			return &portainer.EdgeGroup{}, nil
-		})
+	// err := service.connection.GetAllWithJsoniter(
+	// 	BucketName,
+	// 	&portainer.EdgeGroup{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		group, ok := obj.(*portainer.EdgeGroup)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to EdgeGroup object")
+	// 			return nil, fmt.Errorf("Failed to convert to EdgeGroup object: %s", obj)
+	// 		}
+	// 		groups = append(groups, *group)
 
-	return groups, err
+	// 		return &portainer.EdgeGroup{}, nil
+	// 	})
+
+	return groups, nil
 }
 
 // EdgeGroup returns an Edge group by ID.
 func (service *Service) EdgeGroup(ID portainer.EdgeGroupID) (*portainer.EdgeGroup, error) {
 	var group portainer.EdgeGroup
-	identifier := service.connection.ConvertToKey(int(ID))
+	// identifier := service.connection.ConvertToKey(int(ID))
 
-	err := service.connection.GetObject(BucketName, identifier, &group)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &group)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &group, nil
 }
 
 // UpdateEdgeGroup updates an Edge group.
 func (service *Service) UpdateEdgeGroup(ID portainer.EdgeGroupID, group *portainer.EdgeGroup) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, group)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.UpdateObject(BucketName, identifier, group)
+	return nil
 }
 
 // DeleteEdgeGroup deletes an Edge group.
 func (service *Service) DeleteEdgeGroup(ID portainer.EdgeGroupID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }
 
 // CreateEdgeGroup assign an ID to a new Edge group and saves it.
 func (service *Service) Create(group *portainer.EdgeGroup) error {
-	return service.connection.CreateObject(
-		BucketName,
-		func(id uint64) (int, interface{}) {
-			group.ID = portainer.EdgeGroupID(id)
-			return int(group.ID), group
-		},
-	)
+	// return service.connection.CreateObject(
+	// 	BucketName,
+	// 	func(id uint64) (int, interface{}) {
+	// 		group.ID = portainer.EdgeGroupID(id)
+	// 		return int(group.ID), group
+	// 	},
+	// )
+	return nil
 }

api/dataservices/edgejob/edgejob.go

@@ -1,10 +1,7 @@
 package edgejob
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,10 +20,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -37,60 +34,65 @@ func NewService(connection portainer.Connection) (*Service, error) {
 func (service *Service) EdgeJobs() ([]portainer.EdgeJob, error) {
 	var edgeJobs = make([]portainer.EdgeJob, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.EdgeJob{},
-		func(obj interface{}) (interface{}, error) {
-			//var tag portainer.Tag
-			job, ok := obj.(*portainer.EdgeJob)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to EdgeJob object")
-				return nil, fmt.Errorf("Failed to convert to EdgeJob object: %s", obj)
-			}
-			edgeJobs = append(edgeJobs, *job)
-			return &portainer.EdgeJob{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.EdgeJob{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		job, ok := obj.(*portainer.EdgeJob)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to EdgeJob object")
+	// 			return nil, fmt.Errorf("Failed to convert to EdgeJob object: %s", obj)
+	// 		}
 
-	return edgeJobs, err
+	// 		edgeJobs = append(edgeJobs, *job)
+
+	// 		return &portainer.EdgeJob{}, nil
+	// 	})
+
+	return edgeJobs, nil
 }
 
 // EdgeJob returns an Edge job by ID
 func (service *Service) EdgeJob(ID portainer.EdgeJobID) (*portainer.EdgeJob, error) {
 	var edgeJob portainer.EdgeJob
-	identifier := service.connection.ConvertToKey(int(ID))
+	// identifier := service.connection.ConvertToKey(int(ID))
 
-	err := service.connection.GetObject(BucketName, identifier, &edgeJob)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &edgeJob)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &edgeJob, nil
 }
 
 // Create creates a new EdgeJob
 func (service *Service) Create(ID portainer.EdgeJobID, edgeJob *portainer.EdgeJob) error {
-	edgeJob.ID = ID
+	// edgeJob.ID = ID
 
-	return service.connection.CreateObjectWithId(
-		BucketName,
-		int(edgeJob.ID),
-		edgeJob,
-	)
+	// return service.connection.CreateObjectWithId(
+	// 	BucketName,
+	// 	int(edgeJob.ID),
+	// 	edgeJob,
+	// )
+	return nil
 }
 
 // UpdateEdgeJob updates an Edge job by ID
 func (service *Service) UpdateEdgeJob(ID portainer.EdgeJobID, edgeJob *portainer.EdgeJob) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, edgeJob)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.UpdateObject(BucketName, identifier, edgeJob)
+	return nil
 }
 
 // DeleteEdgeJob deletes an Edge job
 func (service *Service) DeleteEdgeJob(ID portainer.EdgeJobID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }
 
 // GetNextIdentifier returns the next identifier for an environment(endpoint).
 func (service *Service) GetNextIdentifier() int {
-	return service.connection.GetNextIdentifier(BucketName)
+	// return service.connection.GetNextIdentifier(BucketName)
+	return 0
 }

api/dataservices/edgestack/edgestack.go

@@ -1,10 +1,7 @@
 package edgestack
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,10 +20,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -37,32 +34,34 @@ func NewService(connection portainer.Connection) (*Service, error) {
 func (service *Service) EdgeStacks() ([]portainer.EdgeStack, error) {
 	var stacks = make([]portainer.EdgeStack, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.EdgeStack{},
-		func(obj interface{}) (interface{}, error) {
-			//var tag portainer.Tag
-			stack, ok := obj.(*portainer.EdgeStack)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to EdgeStack object")
-				return nil, fmt.Errorf("Failed to convert to EdgeStack object: %s", obj)
-			}
-			stacks = append(stacks, *stack)
-			return &portainer.EdgeStack{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.EdgeStack{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		//var tag portainer.Tag
+	// 		stack, ok := obj.(*portainer.EdgeStack)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to EdgeStack object")
+	// 			return nil, fmt.Errorf("Failed to convert to EdgeStack object: %s", obj)
+	// 		}
 
-	return stacks, err
+	// 		stacks = append(stacks, *stack)
+
+	// 		return &portainer.EdgeStack{}, nil
+	// 	})
+
+	return stacks, nil
 }
 
 // EdgeStack returns an Edge stack by ID.
 func (service *Service) EdgeStack(ID portainer.EdgeStackID) (*portainer.EdgeStack, error) {
 	var stack portainer.EdgeStack
-	identifier := service.connection.ConvertToKey(int(ID))
+	// identifier := service.connection.ConvertToKey(int(ID))
 
-	err := service.connection.GetObject(BucketName, identifier, &stack)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &stack)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &stack, nil
 }
@@ -70,28 +69,32 @@ func (service *Service) EdgeStack(ID portainer.EdgeStackID) (*portainer.EdgeStac
 // CreateEdgeStack saves an Edge stack object to db.
 func (service *Service) Create(id portainer.EdgeStackID, edgeStack *portainer.EdgeStack) error {
 
-	edgeStack.ID = id
+	// edgeStack.ID = id
 
-	return service.connection.CreateObjectWithId(
-		BucketName,
-		int(edgeStack.ID),
-		edgeStack,
-	)
+	// return service.connection.CreateObjectWithId(
+	// 	BucketName,
+	// 	int(edgeStack.ID),
+	// 	edgeStack,
+	// )
+	return nil
 }
 
 // UpdateEdgeStack updates an Edge stack.
 func (service *Service) UpdateEdgeStack(ID portainer.EdgeStackID, edgeStack *portainer.EdgeStack) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, edgeStack)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.UpdateObject(BucketName, identifier, edgeStack)
+	return nil
 }
 
 // DeleteEdgeStack deletes an Edge stack.
 func (service *Service) DeleteEdgeStack(ID portainer.EdgeStackID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }
 
 // GetNextIdentifier returns the next identifier for an environment(endpoint).
 func (service *Service) GetNextIdentifier() int {
-	return service.connection.GetNextIdentifier(BucketName)
+	// return service.connection.GetNextIdentifier(BucketName)
+	return 0
 }

api/dataservices/edgeupdateschedule/edgeupdateschedule.go

@@ -0,0 +1,185 @@
+package edgeupdateschedule
+
+import (
+	"sync"
+
+	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api/edgetypes"
+
+	"github.com/pkg/errors"
+)
+
+const (
+	// BucketName represents the name of the bucket where this service stores data.
+	BucketName = "edge_update_schedule"
+)
+
+// Service represents a service for managing Edge Update Schedule data.
+type Service struct {
+	connection portainer.Connection
+
+	mu                 sync.Mutex
+	idxActiveSchedules map[portainer.EndpointID]*edgetypes.EndpointUpdateScheduleRelation
+}
+
+func (service *Service) BucketName() string {
+	return BucketName
+}
+
+// NewService creates a new instance of a service.
+func NewService(connection portainer.Connection) (*Service, error) {
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
+
+	service := &Service{
+		connection: connection,
+	}
+
+	service.idxActiveSchedules = map[portainer.EndpointID]*edgetypes.EndpointUpdateScheduleRelation{}
+
+	schedules, err := service.List()
+	if err != nil {
+		return nil, errors.WithMessage(err, "Unable to list schedules")
+	}
+
+	for _, schedule := range schedules {
+		service.setRelation(&schedule)
+	}
+
+	return service, nil
+}
+
+func (service *Service) ActiveSchedule(environmentID portainer.EndpointID) *edgetypes.EndpointUpdateScheduleRelation {
+	service.mu.Lock()
+	defer service.mu.Unlock()
+
+	return service.idxActiveSchedules[environmentID]
+}
+
+func (service *Service) ActiveSchedules(environmentsIDs []portainer.EndpointID) []edgetypes.EndpointUpdateScheduleRelation {
+	service.mu.Lock()
+	defer service.mu.Unlock()
+
+	schedules := []edgetypes.EndpointUpdateScheduleRelation{}
+
+	for _, environmentID := range environmentsIDs {
+		if s, ok := service.idxActiveSchedules[environmentID]; ok {
+			schedules = append(schedules, *s)
+		}
+	}
+
+	return schedules
+}
+
+// List return an array containing all the items in the bucket.
+func (service *Service) List() ([]edgetypes.UpdateSchedule, error) {
+	var list = make([]edgetypes.UpdateSchedule, 0)
+
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&edgetypes.UpdateSchedule{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		item, ok := obj.(*edgetypes.UpdateSchedule)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to EdgeUpdateSchedule object")
+	// 			return nil, fmt.Errorf("Failed to convert to EdgeUpdateSchedule object: %s", obj)
+	// 		}
+	// 		list = append(list, *item)
+	// 		return &edgetypes.UpdateSchedule{}, nil
+	// 	})
+
+	return list, nil
+}
+
+// Item returns a item by ID.
+func (service *Service) Item(ID edgetypes.UpdateScheduleID) (*edgetypes.UpdateSchedule, error) {
+	var item edgetypes.UpdateSchedule
+	// identifier := service.connection.ConvertToKey(int(ID))
+
+	// err := service.connection.GetObject(BucketName, identifier, &item)
+	// if err != nil {
+	// 	return nil, err
+	// }
+
+	return &item, nil
+}
+
+// Create assign an ID to a new object and saves it.
+func (service *Service) Create(item *edgetypes.UpdateSchedule) error {
+	// err := service.connection.CreateObject(
+	// 	BucketName,
+	// 	func(id uint64) (int, interface{}) {
+	// 		item.ID = edgetypes.UpdateScheduleID(id)
+	// 		return int(item.ID), item
+	// 	},
+	// )
+
+	// if err != nil {
+	// 	return err
+	// }
+
+	return service.setRelation(item)
+}
+
+// Update updates an item.
+func (service *Service) Update(id edgetypes.UpdateScheduleID, item *edgetypes.UpdateSchedule) error {
+	// identifier := service.connection.ConvertToKey(int(id))
+	// err := service.connection.UpdateObject(BucketName, identifier, item)
+	// if err != nil {
+	// 	return err
+	// }
+
+	service.cleanRelation(id)
+
+	return service.setRelation(item)
+}
+
+// Delete deletes an item.
+func (service *Service) Delete(id edgetypes.UpdateScheduleID) error {
+
+	service.cleanRelation(id)
+
+	// identifier := service.connection.ConvertToKey(int(id))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
+}
+
+func (service *Service) cleanRelation(id edgetypes.UpdateScheduleID) {
+	service.mu.Lock()
+	defer service.mu.Unlock()
+
+	for _, schedule := range service.idxActiveSchedules {
+		if schedule != nil && schedule.ScheduleID == id {
+			delete(service.idxActiveSchedules, schedule.EnvironmentID)
+		}
+	}
+}
+
+func (service *Service) setRelation(schedule *edgetypes.UpdateSchedule) error {
+	service.mu.Lock()
+	defer service.mu.Unlock()
+
+	for environmentID, environmentStatus := range schedule.Status {
+		if environmentStatus.Status != edgetypes.UpdateScheduleStatusPending {
+			continue
+		}
+
+		// this should never happen
+		if service.idxActiveSchedules[environmentID] != nil && service.idxActiveSchedules[environmentID].ScheduleID != schedule.ID {
+			return errors.New("Multiple schedules are pending for the same environment")
+		}
+
+		service.idxActiveSchedules[environmentID] = &edgetypes.EndpointUpdateScheduleRelation{
+			EnvironmentID: environmentID,
+			ScheduleID:    schedule.ID,
+			TargetVersion: environmentStatus.TargetVersion,
+			Status:        environmentStatus.Status,
+			Error:         environmentStatus.Error,
+			Type:          schedule.Type,
+		}
+	}
+
+	return nil
+}

api/dataservices/endpoint/endpoint.go

@@ -1,10 +1,7 @@
 package endpoint
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,10 +20,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -36,54 +33,60 @@ func NewService(connection portainer.Connection) (*Service, error) {
 // Endpoint returns an environment(endpoint) by ID.
 func (service *Service) Endpoint(ID portainer.EndpointID) (*portainer.Endpoint, error) {
 	var endpoint portainer.Endpoint
-	identifier := service.connection.ConvertToKey(int(ID))
+	// identifier := service.connection.ConvertToKey(int(ID))
 
-	err := service.connection.GetObject(BucketName, identifier, &endpoint)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &endpoint)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &endpoint, nil
 }
 
 // UpdateEndpoint updates an environment(endpoint).
 func (service *Service) UpdateEndpoint(ID portainer.EndpointID, endpoint *portainer.Endpoint) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, endpoint)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.UpdateObject(BucketName, identifier, endpoint)
+	return nil
 }
 
 // DeleteEndpoint deletes an environment(endpoint).
 func (service *Service) DeleteEndpoint(ID portainer.EndpointID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }
 
 // Endpoints return an array containing all the environments(endpoints).
 func (service *Service) Endpoints() ([]portainer.Endpoint, error) {
 	var endpoints = make([]portainer.Endpoint, 0)
 
-	err := service.connection.GetAllWithJsoniter(
-		BucketName,
-		&portainer.Endpoint{},
-		func(obj interface{}) (interface{}, error) {
-			endpoint, ok := obj.(*portainer.Endpoint)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Endpoint object")
-				return nil, fmt.Errorf("failed to convert to Endpoint object: %s", obj)
-			}
-			endpoints = append(endpoints, *endpoint)
-			return &portainer.Endpoint{}, nil
-		})
+	// err := service.connection.GetAllWithJsoniter(
+	// 	BucketName,
+	// 	&portainer.Endpoint{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		endpoint, ok := obj.(*portainer.Endpoint)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to Endpoint object")
+	// 			return nil, fmt.Errorf("failed to convert to Endpoint object: %s", obj)
+	// 		}
 
-	return endpoints, err
+	// 		endpoints = append(endpoints, *endpoint)
+
+	// 		return &portainer.Endpoint{}, nil
+	// 	})
+
+	return endpoints, nil
 }
 
 // CreateEndpoint assign an ID to a new environment(endpoint) and saves it.
 func (service *Service) Create(endpoint *portainer.Endpoint) error {
-	return service.connection.CreateObjectWithSetSequence(BucketName, int(endpoint.ID), endpoint)
+	// return service.connection.CreateObjectWithId(BucketName, int(endpoint.ID), endpoint)
+	return nil
 }
 
 // GetNextIdentifier returns the next identifier for an environment(endpoint).
 func (service *Service) GetNextIdentifier() int {
-	return service.connection.GetNextIdentifier(BucketName)
+	// return service.connection.GetNextIdentifier(BucketName)
+	return 0
 }

api/dataservices/endpointgroup/endpointgroup.go

@@ -1,10 +1,7 @@
 package endpointgroup
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,10 +20,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -36,56 +33,60 @@ func NewService(connection portainer.Connection) (*Service, error) {
 // EndpointGroup returns an environment(endpoint) group by ID.
 func (service *Service) EndpointGroup(ID portainer.EndpointGroupID) (*portainer.EndpointGroup, error) {
 	var endpointGroup portainer.EndpointGroup
-	identifier := service.connection.ConvertToKey(int(ID))
+	// identifier := service.connection.ConvertToKey(int(ID))
 
-	err := service.connection.GetObject(BucketName, identifier, &endpointGroup)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &endpointGroup)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &endpointGroup, nil
 }
 
 // UpdateEndpointGroup updates an environment(endpoint) group.
 func (service *Service) UpdateEndpointGroup(ID portainer.EndpointGroupID, endpointGroup *portainer.EndpointGroup) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, endpointGroup)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.UpdateObject(BucketName, identifier, endpointGroup)
+	return nil
 }
 
 // DeleteEndpointGroup deletes an environment(endpoint) group.
 func (service *Service) DeleteEndpointGroup(ID portainer.EndpointGroupID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }
 
 // EndpointGroups return an array containing all the environment(endpoint) groups.
 func (service *Service) EndpointGroups() ([]portainer.EndpointGroup, error) {
 	var endpointGroups = make([]portainer.EndpointGroup, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.EndpointGroup{},
-		func(obj interface{}) (interface{}, error) {
-			//var tag portainer.Tag
-			endpointGroup, ok := obj.(*portainer.EndpointGroup)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to EndpointGroup object")
-				return nil, fmt.Errorf("Failed to convert to EndpointGroup object: %s", obj)
-			}
-			endpointGroups = append(endpointGroups, *endpointGroup)
-			return &portainer.EndpointGroup{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.EndpointGroup{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		endpointGroup, ok := obj.(*portainer.EndpointGroup)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to EndpointGroup object")
+	// 			return nil, fmt.Errorf("Failed to convert to EndpointGroup object: %s", obj)
+	// 		}
 
-	return endpointGroups, err
+	// 		endpointGroups = append(endpointGroups, *endpointGroup)
+
+	// 		return &portainer.EndpointGroup{}, nil
+	// 	})
+
+	return endpointGroups, nil
 }
 
 // CreateEndpointGroup assign an ID to a new environment(endpoint) group and saves it.
 func (service *Service) Create(endpointGroup *portainer.EndpointGroup) error {
-	return service.connection.CreateObject(
-		BucketName,
-		func(id uint64) (int, interface{}) {
-			endpointGroup.ID = portainer.EndpointGroupID(id)
-			return int(endpointGroup.ID), endpointGroup
-		},
-	)
+	// return service.connection.CreateObject(
+	// 	BucketName,
+	// 	func(id uint64) (int, interface{}) {
+	// 		endpointGroup.ID = portainer.EndpointGroupID(id)
+	// 		return int(endpointGroup.ID), endpointGroup
+	// 	},
+	// )
+	return nil
 }

api/dataservices/endpointrelation/endpointrelation.go

@@ -1,10 +1,7 @@
 package endpointrelation
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,62 +20,67 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
 	}, nil
 }
 
-//EndpointRelations returns an array of all EndpointRelations
+// EndpointRelations returns an array of all EndpointRelations
 func (service *Service) EndpointRelations() ([]portainer.EndpointRelation, error) {
 	var all = make([]portainer.EndpointRelation, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.EndpointRelation{},
-		func(obj interface{}) (interface{}, error) {
-			r, ok := obj.(*portainer.EndpointRelation)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to EndpointRelation object")
-				return nil, fmt.Errorf("Failed to convert to EndpointRelation object: %s", obj)
-			}
-			all = append(all, *r)
-			return &portainer.EndpointRelation{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.EndpointRelation{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		r, ok := obj.(*portainer.EndpointRelation)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to EndpointRelation object")
+	// 			return nil, fmt.Errorf("Failed to convert to EndpointRelation object: %s", obj)
+	// 		}
 
-	return all, err
+	// 		all = append(all, *r)
+
+	// 		return &portainer.EndpointRelation{}, nil
+	// 	})
+
+	return all, nil
 }
 
 // EndpointRelation returns a Environment(Endpoint) relation object by EndpointID
 func (service *Service) EndpointRelation(endpointID portainer.EndpointID) (*portainer.EndpointRelation, error) {
 	var endpointRelation portainer.EndpointRelation
-	identifier := service.connection.ConvertToKey(int(endpointID))
+	// identifier := service.connection.ConvertToKey(int(endpointID))
 
-	err := service.connection.GetObject(BucketName, identifier, &endpointRelation)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &endpointRelation)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &endpointRelation, nil
 }
 
 // CreateEndpointRelation saves endpointRelation
 func (service *Service) Create(endpointRelation *portainer.EndpointRelation) error {
-	return service.connection.CreateObjectWithId(BucketName, int(endpointRelation.EndpointID), endpointRelation)
+	// return service.connection.CreateObjectWithId(BucketName, int(endpointRelation.EndpointID), endpointRelation)
+	return nil
 }
 
 // UpdateEndpointRelation updates an Environment(Endpoint) relation object
 func (service *Service) UpdateEndpointRelation(EndpointID portainer.EndpointID, endpointRelation *portainer.EndpointRelation) error {
-	identifier := service.connection.ConvertToKey(int(EndpointID))
-	return service.connection.UpdateObject(BucketName, identifier, endpointRelation)
+	// identifier := service.connection.ConvertToKey(int(EndpointID))
+	// return service.connection.UpdateObject(BucketName, identifier, endpointRelation)
+	return nil
 }
 
 // DeleteEndpointRelation deletes an Environment(Endpoint) relation object
 func (service *Service) DeleteEndpointRelation(EndpointID portainer.EndpointID) error {
-	identifier := service.connection.ConvertToKey(int(EndpointID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(EndpointID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }

api/dataservices/extension/extension.go

@@ -1,10 +1,7 @@
 package extension
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,10 +20,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -36,12 +33,12 @@ func NewService(connection portainer.Connection) (*Service, error) {
 // Extension returns a extension by ID
 func (service *Service) Extension(ID portainer.ExtensionID) (*portainer.Extension, error) {
 	var extension portainer.Extension
-	identifier := service.connection.ConvertToKey(int(ID))
+	// identifier := service.connection.ConvertToKey(int(ID))
 
-	err := service.connection.GetObject(BucketName, identifier, &extension)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &extension)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &extension, nil
 }
@@ -50,29 +47,33 @@ func (service *Service) Extension(ID portainer.ExtensionID) (*portainer.Extensio
 func (service *Service) Extensions() ([]portainer.Extension, error) {
 	var extensions = make([]portainer.Extension, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Extension{},
-		func(obj interface{}) (interface{}, error) {
-			extension, ok := obj.(*portainer.Extension)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Extension object")
-				return nil, fmt.Errorf("Failed to convert to Extension object: %s", obj)
-			}
-			extensions = append(extensions, *extension)
-			return &portainer.Extension{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.Extension{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		extension, ok := obj.(*portainer.Extension)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to Extension object")
+	// 			return nil, fmt.Errorf("Failed to convert to Extension object: %s", obj)
+	// 		}
 
-	return extensions, err
+	// 		extensions = append(extensions, *extension)
+
+	// 		return &portainer.Extension{}, nil
+	// 	})
+
+	return extensions, nil
 }
 
 // Persist persists a extension inside the database.
 func (service *Service) Persist(extension *portainer.Extension) error {
-	return service.connection.CreateObjectWithId(BucketName, int(extension.ID), extension)
+	// return service.connection.CreateObjectWithId(BucketName, int(extension.ID), extension)
+	return nil
 }
 
 // DeleteExtension deletes a Extension.
 func (service *Service) DeleteExtension(ID portainer.ExtensionID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }

api/dataservices/fdoprofile/fdoprofile.go

@@ -1,10 +1,7 @@
 package fdoprofile
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,10 +20,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -37,57 +34,62 @@ func NewService(connection portainer.Connection) (*Service, error) {
 func (service *Service) FDOProfiles() ([]portainer.FDOProfile, error) {
 	var fdoProfiles = make([]portainer.FDOProfile, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.FDOProfile{},
-		func(obj interface{}) (interface{}, error) {
-			fdoProfile, ok := obj.(*portainer.FDOProfile)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to FDOProfile object")
-				return nil, fmt.Errorf("failed to convert to FDOProfile object: %s", obj)
-			}
-			fdoProfiles = append(fdoProfiles, *fdoProfile)
-			return &portainer.FDOProfile{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.FDOProfile{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		fdoProfile, ok := obj.(*portainer.FDOProfile)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to FDOProfile object")
 
-	return fdoProfiles, err
+	// 			return nil, fmt.Errorf("Failed to convert to FDOProfile object: %s", obj)
+	// 		}
+	// 		fdoProfiles = append(fdoProfiles, *fdoProfile)
+	// 		return &portainer.FDOProfile{}, nil
+	// 	})
+
+	return fdoProfiles, nil
 }
 
 // FDOProfile returns an FDO Profile by ID.
 func (service *Service) FDOProfile(ID portainer.FDOProfileID) (*portainer.FDOProfile, error) {
 	var FDOProfile portainer.FDOProfile
-	identifier := service.connection.ConvertToKey(int(ID))
+	// identifier := service.connection.ConvertToKey(int(ID))
 
-	err := service.connection.GetObject(BucketName, identifier, &FDOProfile)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &FDOProfile)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &FDOProfile, nil
 }
 
 // Create assign an ID to a new FDO Profile and saves it.
 func (service *Service) Create(FDOProfile *portainer.FDOProfile) error {
-	return service.connection.CreateObjectWithId(
-		BucketName,
-		int(FDOProfile.ID),
-		FDOProfile,
-	)
+	// return service.connection.CreateObjectWithId(
+	// 	BucketName,
+	// 	int(FDOProfile.ID),
+	// 	FDOProfile,
+	// )
+	return nil
 }
 
 // Update updates an FDO Profile.
 func (service *Service) Update(ID portainer.FDOProfileID, FDOProfile *portainer.FDOProfile) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, FDOProfile)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.UpdateObject(BucketName, identifier, FDOProfile)
+	return nil
 }
 
 // Delete deletes an FDO Profile.
 func (service *Service) Delete(ID portainer.FDOProfileID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }
 
 // GetNextIdentifier returns the next identifier for a FDO Profile.
 func (service *Service) GetNextIdentifier() int {
-	return service.connection.GetNextIdentifier(BucketName)
+	// return service.connection.GetNextIdentifier(BucketName)
+	return 0
 }

api/dataservices/helmuserrepository/helmuserrepository.go

@@ -1,10 +1,7 @@
 package helmuserrepository
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,77 +20,84 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
 	}, nil
 }
 
-//HelmUserRepository returns an array of all HelmUserRepository
+// HelmUserRepository returns an array of all HelmUserRepository
 func (service *Service) HelmUserRepositories() ([]portainer.HelmUserRepository, error) {
 	var repos = make([]portainer.HelmUserRepository, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.HelmUserRepository{},
-		func(obj interface{}) (interface{}, error) {
-			r, ok := obj.(*portainer.HelmUserRepository)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to HelmUserRepository object")
-				return nil, fmt.Errorf("Failed to convert to HelmUserRepository object: %s", obj)
-			}
-			repos = append(repos, *r)
-			return &portainer.HelmUserRepository{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.HelmUserRepository{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		r, ok := obj.(*portainer.HelmUserRepository)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to HelmUserRepository object")
+	// 			return nil, fmt.Errorf("Failed to convert to HelmUserRepository object: %s", obj)
+	// 		}
 
-	return repos, err
+	// 		repos = append(repos, *r)
+
+	// 		return &portainer.HelmUserRepository{}, nil
+	// 	})
+
+	return repos, nil
 }
 
 // HelmUserRepositoryByUserID return an array containing all the HelmUserRepository objects where the specified userID is present.
 func (service *Service) HelmUserRepositoryByUserID(userID portainer.UserID) ([]portainer.HelmUserRepository, error) {
 	var result = make([]portainer.HelmUserRepository, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.HelmUserRepository{},
-		func(obj interface{}) (interface{}, error) {
-			record, ok := obj.(*portainer.HelmUserRepository)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to HelmUserRepository object")
-				return nil, fmt.Errorf("Failed to convert to HelmUserRepository object: %s", obj)
-			}
-			if record.UserID == userID {
-				result = append(result, *record)
-			}
-			return &portainer.HelmUserRepository{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.HelmUserRepository{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		record, ok := obj.(*portainer.HelmUserRepository)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to HelmUserRepository object")
+	// 			return nil, fmt.Errorf("Failed to convert to HelmUserRepository object: %s", obj)
+	// 		}
 
-	return result, err
+	// 		if record.UserID == userID {
+	// 			result = append(result, *record)
+	// 		}
+
+	// 		return &portainer.HelmUserRepository{}, nil
+	// 	})
+
+	return result, nil
 }
 
 // CreateHelmUserRepository creates a new HelmUserRepository object.
 func (service *Service) Create(record *portainer.HelmUserRepository) error {
-	return service.connection.CreateObject(
-		BucketName,
-		func(id uint64) (int, interface{}) {
-			record.ID = portainer.HelmUserRepositoryID(id)
-			return int(record.ID), record
-		},
-	)
+	// return service.connection.CreateObject(
+	// 	BucketName,
+	// 	func(id uint64) (int, interface{}) {
+	// 		record.ID = portainer.HelmUserRepositoryID(id)
+	// 		return int(record.ID), record
+	// 	},
+	// )
+	return nil
 }
 
 // UpdateHelmUserRepostory updates an registry.
 func (service *Service) UpdateHelmUserRepository(ID portainer.HelmUserRepositoryID, registry *portainer.HelmUserRepository) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, registry)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.UpdateObject(BucketName, identifier, registry)
+	return nil
 }
 
 // DeleteHelmUserRepository deletes an registry.
 func (service *Service) DeleteHelmUserRepository(ID portainer.HelmUserRepositoryID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }

api/dataservices/interface.go

@@ -3,10 +3,10 @@ package dataservices
 // 	"github.com/portainer/portainer/api/dataservices"
 
 import (
-	"io"
 	"time"
 
 	"github.com/portainer/portainer/api/dataservices/errors"
+	"github.com/portainer/portainer/api/edgetypes"
 
 	portainer "github.com/portainer/portainer/api"
 )
@@ -17,17 +17,14 @@ type (
 		Open() (newStore bool, err error)
 		Init() error
 		Close() error
-		MigrateData() error
-		Rollback(force bool) error
-		CheckCurrentEdition() error
-		BackupTo(w io.Writer) error
-		Export(filename string) (err error)
-		IsErrObjectNotFound(err error) bool
 
+		CheckCurrentEdition() error
+		IsErrObjectNotFound(err error) bool
 		CustomTemplate() CustomTemplateService
 		EdgeGroup() EdgeGroupService
 		EdgeJob() EdgeJobService
 		EdgeStack() EdgeStackService
+		EdgeUpdateSchedule() EdgeUpdateScheduleService
 		Endpoint() EndpointService
 		EndpointGroup() EndpointGroupService
 		EndpointRelation() EndpointRelationService
@@ -38,6 +35,7 @@ type (
 		Role() RoleService
 		APIKeyRepository() APIKeyRepository
 		Settings() SettingsService
+		Snapshot() SnapshotService
 		SSLSettings() SSLSettingsService
 		Stack() StackService
 		Tag() TagService
@@ -57,7 +55,6 @@ type (
 		Create(customTemplate *portainer.CustomTemplate) error
 		UpdateCustomTemplate(ID portainer.CustomTemplateID, customTemplate *portainer.CustomTemplate) error
 		DeleteCustomTemplate(ID portainer.CustomTemplateID) error
-		BucketName() string
 	}
 
 	// EdgeGroupService represents a service to manage Edge groups
@@ -67,7 +64,6 @@ type (
 		Create(group *portainer.EdgeGroup) error
 		UpdateEdgeGroup(ID portainer.EdgeGroupID, group *portainer.EdgeGroup) error
 		DeleteEdgeGroup(ID portainer.EdgeGroupID) error
-		BucketName() string
 	}
 
 	// EdgeJobService represents a service to manage Edge jobs
@@ -78,7 +74,16 @@ type (
 		UpdateEdgeJob(ID portainer.EdgeJobID, edgeJob *portainer.EdgeJob) error
 		DeleteEdgeJob(ID portainer.EdgeJobID) error
 		GetNextIdentifier() int
-		BucketName() string
+	}
+
+	EdgeUpdateScheduleService interface {
+		ActiveSchedule(environmentID portainer.EndpointID) *edgetypes.EndpointUpdateScheduleRelation
+		ActiveSchedules(environmentIDs []portainer.EndpointID) []edgetypes.EndpointUpdateScheduleRelation
+		List() ([]edgetypes.UpdateSchedule, error)
+		Item(ID edgetypes.UpdateScheduleID) (*edgetypes.UpdateSchedule, error)
+		Create(edgeUpdateSchedule *edgetypes.UpdateSchedule) error
+		Update(ID edgetypes.UpdateScheduleID, edgeUpdateSchedule *edgetypes.UpdateSchedule) error
+		Delete(ID edgetypes.UpdateScheduleID) error
 	}
 
 	// EdgeStackService represents a service to manage Edge stacks
@@ -89,7 +94,6 @@ type (
 		UpdateEdgeStack(ID portainer.EdgeStackID, edgeStack *portainer.EdgeStack) error
 		DeleteEdgeStack(ID portainer.EdgeStackID) error
 		GetNextIdentifier() int
-		BucketName() string
 	}
 
 	// EndpointService represents a service for managing environment(endpoint) data
@@ -100,7 +104,6 @@ type (
 		UpdateEndpoint(ID portainer.EndpointID, endpoint *portainer.Endpoint) error
 		DeleteEndpoint(ID portainer.EndpointID) error
 		GetNextIdentifier() int
-		BucketName() string
 	}
 
 	// EndpointGroupService represents a service for managing environment(endpoint) group data
@@ -110,7 +113,6 @@ type (
 		Create(group *portainer.EndpointGroup) error
 		UpdateEndpointGroup(ID portainer.EndpointGroupID, group *portainer.EndpointGroup) error
 		DeleteEndpointGroup(ID portainer.EndpointGroupID) error
-		BucketName() string
 	}
 
 	// EndpointRelationService represents a service for managing environment(endpoint) relations data
@@ -120,7 +122,6 @@ type (
 		Create(endpointRelation *portainer.EndpointRelation) error
 		UpdateEndpointRelation(EndpointID portainer.EndpointID, endpointRelation *portainer.EndpointRelation) error
 		DeleteEndpointRelation(EndpointID portainer.EndpointID) error
-		BucketName() string
 	}
 
 	// FDOProfileService represents a service to manage FDO Profiles
@@ -131,7 +132,6 @@ type (
 		Update(ID portainer.FDOProfileID, FDOProfile *portainer.FDOProfile) error
 		Delete(ID portainer.FDOProfileID) error
 		GetNextIdentifier() int
-		BucketName() string
 	}
 
 	// HelmUserRepositoryService represents a service to manage HelmUserRepositories
@@ -141,7 +141,6 @@ type (
 		Create(record *portainer.HelmUserRepository) error
 		UpdateHelmUserRepository(ID portainer.HelmUserRepositoryID, repository *portainer.HelmUserRepository) error
 		DeleteHelmUserRepository(ID portainer.HelmUserRepositoryID) error
-		BucketName() string
 	}
 
 	// JWTService represents a service for managing JWT tokens
@@ -160,7 +159,6 @@ type (
 		Create(registry *portainer.Registry) error
 		UpdateRegistry(ID portainer.RegistryID, registry *portainer.Registry) error
 		DeleteRegistry(ID portainer.RegistryID) error
-		BucketName() string
 	}
 
 	// ResourceControlService represents a service for managing resource control data
@@ -171,7 +169,6 @@ type (
 		Create(rc *portainer.ResourceControl) error
 		UpdateResourceControl(ID portainer.ResourceControlID, resourceControl *portainer.ResourceControl) error
 		DeleteResourceControl(ID portainer.ResourceControlID) error
-		BucketName() string
 	}
 
 	// RoleService represents a service for managing user roles
@@ -180,7 +177,6 @@ type (
 		Roles() ([]portainer.Role, error)
 		Create(role *portainer.Role) error
 		UpdateRole(ID portainer.RoleID, role *portainer.Role) error
-		BucketName() string
 	}
 
 	// APIKeyRepositoryService
@@ -198,14 +194,20 @@ type (
 		Settings() (*portainer.Settings, error)
 		UpdateSettings(settings *portainer.Settings) error
 		IsFeatureFlagEnabled(feature portainer.Feature) bool
-		BucketName() string
+	}
+
+	SnapshotService interface {
+		Snapshot(endpointID portainer.EndpointID) (*portainer.Snapshot, error)
+		Snapshots() ([]portainer.Snapshot, error)
+		UpdateSnapshot(snapshot *portainer.Snapshot) error
+		DeleteSnapshot(endpointID portainer.EndpointID) error
+		Create(snapshot *portainer.Snapshot) error
 	}
 
 	// SSLSettingsService represents a service for managing application settings
 	SSLSettingsService interface {
 		Settings() (*portainer.SSLSettings, error)
 		UpdateSettings(settings *portainer.SSLSettings) error
-		BucketName() string
 	}
 
 	// StackService represents a service for managing stack data
@@ -220,7 +222,6 @@ type (
 		GetNextIdentifier() int
 		StackByWebhookID(ID string) (*portainer.Stack, error)
 		RefreshableStacks() ([]portainer.Stack, error)
-		BucketName() string
 	}
 
 	// TagService represents a service for managing tag data
@@ -230,7 +231,6 @@ type (
 		Create(tag *portainer.Tag) error
 		UpdateTag(ID portainer.TagID, tag *portainer.Tag) error
 		DeleteTag(ID portainer.TagID) error
-		BucketName() string
 	}
 
 	// TeamService represents a service for managing user data
@@ -241,7 +241,6 @@ type (
 		Create(team *portainer.Team) error
 		UpdateTeam(ID portainer.TeamID, team *portainer.Team) error
 		DeleteTeam(ID portainer.TeamID) error
-		BucketName() string
 	}
 
 	// TeamMembershipService represents a service for managing team membership data
@@ -255,14 +254,12 @@ type (
 		DeleteTeamMembership(ID portainer.TeamMembershipID) error
 		DeleteTeamMembershipByUserID(userID portainer.UserID) error
 		DeleteTeamMembershipByTeamID(teamID portainer.TeamID) error
-		BucketName() string
 	}
 
 	// TunnelServerService represents a service for managing data associated to the tunnel server
 	TunnelServerService interface {
 		Info() (*portainer.TunnelServerInfo, error)
 		UpdateInfo(info *portainer.TunnelServerInfo) error
-		BucketName() string
 	}
 
 	// UserService represents a service for managing user data
@@ -274,7 +271,6 @@ type (
 		Create(user *portainer.User) error
 		UpdateUser(ID portainer.UserID, user *portainer.User) error
 		DeleteUser(ID portainer.UserID) error
-		BucketName() string
 	}
 
 	// VersionService represents a service for managing version data
@@ -284,7 +280,6 @@ type (
 		InstanceID() (string, error)
 		StoreDBVersion(version int) error
 		StoreInstanceID(ID string) error
-		BucketName() string
 	}
 
 	// WebhookService represents a service for managing webhook data.
@@ -296,7 +291,6 @@ type (
 		WebhookByResourceID(resourceID string) (*portainer.Webhook, error)
 		WebhookByToken(token string) (*portainer.Webhook, error)
 		DeleteWebhook(ID portainer.WebhookID) error
-		BucketName() string
 	}
 )
 

api/dataservices/registry/registry.go

@@ -1,10 +1,7 @@
 package registry
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,10 +20,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -36,12 +33,12 @@ func NewService(connection portainer.Connection) (*Service, error) {
 // Registry returns an registry by ID.
 func (service *Service) Registry(ID portainer.RegistryID) (*portainer.Registry, error) {
 	var registry portainer.Registry
-	identifier := service.connection.ConvertToKey(int(ID))
+	// identifier := service.connection.ConvertToKey(int(ID))
 
-	err := service.connection.GetObject(BucketName, identifier, &registry)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &registry)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &registry, nil
 }
@@ -50,41 +47,46 @@ func (service *Service) Registry(ID portainer.RegistryID) (*portainer.Registry,
 func (service *Service) Registries() ([]portainer.Registry, error) {
 	var registries = make([]portainer.Registry, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Registry{},
-		func(obj interface{}) (interface{}, error) {
-			registry, ok := obj.(*portainer.Registry)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Registry object")
-				return nil, fmt.Errorf("Failed to convert to Registry object: %s", obj)
-			}
-			registries = append(registries, *registry)
-			return &portainer.Registry{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.Registry{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		registry, ok := obj.(*portainer.Registry)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to Registry object")
+	// 			return nil, fmt.Errorf("Failed to convert to Registry object: %s", obj)
+	// 		}
 
-	return registries, err
+	// 		registries = append(registries, *registry)
+
+	// 		return &portainer.Registry{}, nil
+	// 	})
+
+	return registries, nil
 }
 
 // CreateRegistry creates a new registry.
 func (service *Service) Create(registry *portainer.Registry) error {
-	return service.connection.CreateObject(
-		BucketName,
-		func(id uint64) (int, interface{}) {
-			registry.ID = portainer.RegistryID(id)
-			return int(registry.ID), registry
-		},
-	)
+	// return service.connection.CreateObject(
+	// 	BucketName,
+	// 	func(id uint64) (int, interface{}) {
+	// 		registry.ID = portainer.RegistryID(id)
+	// 		return int(registry.ID), registry
+	// 	},
+	// )
+	return nil
 }
 
 // UpdateRegistry updates an registry.
 func (service *Service) UpdateRegistry(ID portainer.RegistryID, registry *portainer.Registry) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, registry)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.UpdateObject(BucketName, identifier, registry)
+	return nil
 }
 
 // DeleteRegistry deletes an registry.
 func (service *Service) DeleteRegistry(ID portainer.RegistryID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }

api/dataservices/resourcecontrol/resourcecontrol.go

@@ -1,10 +1,7 @@
 package resourcecontrol
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,10 +20,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -36,12 +33,12 @@ func NewService(connection portainer.Connection) (*Service, error) {
 // ResourceControl returns a ResourceControl object by ID
 func (service *Service) ResourceControl(ID portainer.ResourceControlID) (*portainer.ResourceControl, error) {
 	var resourceControl portainer.ResourceControl
-	identifier := service.connection.ConvertToKey(int(ID))
+	// identifier := service.connection.ConvertToKey(int(ID))
 
-	err := service.connection.GetObject(BucketName, identifier, &resourceControl)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &resourceControl)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &resourceControl, nil
 }
@@ -50,77 +47,83 @@ func (service *Service) ResourceControl(ID portainer.ResourceControlID) (*portai
 // to the main ResourceID or in SubResourceIDs. It also performs a check on the resource type. Return nil
 // if no ResourceControl was found.
 func (service *Service) ResourceControlByResourceIDAndType(resourceID string, resourceType portainer.ResourceControlType) (*portainer.ResourceControl, error) {
-	var resourceControl *portainer.ResourceControl
-	stop := fmt.Errorf("ok")
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.ResourceControl{},
-		func(obj interface{}) (interface{}, error) {
-			rc, ok := obj.(*portainer.ResourceControl)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to ResourceControl object")
-				return nil, fmt.Errorf("Failed to convert to ResourceControl object: %s", obj)
-			}
+	// var resourceControl *portainer.ResourceControl
+	// stop := fmt.Errorf("ok")
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.ResourceControl{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		rc, ok := obj.(*portainer.ResourceControl)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to ResourceControl object")
+	// 			return nil, fmt.Errorf("Failed to convert to ResourceControl object: %s", obj)
+	// 		}
 
-			if rc.ResourceID == resourceID && rc.Type == resourceType {
-				resourceControl = rc
-				return nil, stop
-			}
+	// 		if rc.ResourceID == resourceID && rc.Type == resourceType {
+	// 			resourceControl = rc
+	// 			return nil, stop
+	// 		}
 
-			for _, subResourceID := range rc.SubResourceIDs {
-				if subResourceID == resourceID {
-					resourceControl = rc
-					return nil, stop
-				}
-			}
-			return &portainer.ResourceControl{}, nil
-		})
-	if err == stop {
-		return resourceControl, nil
-	}
+	// 		for _, subResourceID := range rc.SubResourceIDs {
+	// 			if subResourceID == resourceID {
+	// 				resourceControl = rc
+	// 				return nil, stop
+	// 			}
+	// 		}
 
-	return nil, err
+	// 		return &portainer.ResourceControl{}, nil
+	// 	})
+	// if err == stop {
+	// 	return resourceControl, nil
+	// }
+
+	return nil, nil
 }
 
 // ResourceControls returns all the ResourceControl objects
 func (service *Service) ResourceControls() ([]portainer.ResourceControl, error) {
 	var rcs = make([]portainer.ResourceControl, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.ResourceControl{},
-		func(obj interface{}) (interface{}, error) {
-			rc, ok := obj.(*portainer.ResourceControl)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to ResourceControl object")
-				return nil, fmt.Errorf("Failed to convert to ResourceControl object: %s", obj)
-			}
-			rcs = append(rcs, *rc)
-			return &portainer.ResourceControl{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.ResourceControl{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		rc, ok := obj.(*portainer.ResourceControl)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to ResourceControl object")
+	// 			return nil, fmt.Errorf("Failed to convert to ResourceControl object: %s", obj)
+	// 		}
 
-	return rcs, err
+	// 		rcs = append(rcs, *rc)
+
+	// 		return &portainer.ResourceControl{}, nil
+	// 	})
+
+	return rcs, nil
 }
 
 // CreateResourceControl creates a new ResourceControl object
 func (service *Service) Create(resourceControl *portainer.ResourceControl) error {
-	return service.connection.CreateObject(
-		BucketName,
-		func(id uint64) (int, interface{}) {
-			resourceControl.ID = portainer.ResourceControlID(id)
-			return int(resourceControl.ID), resourceControl
-		},
-	)
+	// return service.connection.CreateObject(
+	// 	BucketName,
+	// 	func(id uint64) (int, interface{}) {
+	// 		resourceControl.ID = portainer.ResourceControlID(id)
+	// 		return int(resourceControl.ID), resourceControl
+	// 	},
+	// )
+	return nil
 }
 
 // UpdateResourceControl saves a ResourceControl object.
 func (service *Service) UpdateResourceControl(ID portainer.ResourceControlID, resourceControl *portainer.ResourceControl) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, resourceControl)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.UpdateObject(BucketName, identifier, resourceControl)
+	return nil
 }
 
 // DeleteResourceControl deletes a ResourceControl object by ID
 func (service *Service) DeleteResourceControl(ID portainer.ResourceControlID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }

api/dataservices/role/role.go

@@ -1,10 +1,7 @@
 package role
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,10 +20,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -36,12 +33,12 @@ func NewService(connection portainer.Connection) (*Service, error) {
 // Role returns a Role by ID
 func (service *Service) Role(ID portainer.RoleID) (*portainer.Role, error) {
 	var set portainer.Role
-	identifier := service.connection.ConvertToKey(int(ID))
+	// identifier := service.connection.ConvertToKey(int(ID))
 
-	err := service.connection.GetObject(BucketName, identifier, &set)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &set)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &set, nil
 }
@@ -50,35 +47,39 @@ func (service *Service) Role(ID portainer.RoleID) (*portainer.Role, error) {
 func (service *Service) Roles() ([]portainer.Role, error) {
 	var sets = make([]portainer.Role, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Role{},
-		func(obj interface{}) (interface{}, error) {
-			set, ok := obj.(*portainer.Role)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Role object")
-				return nil, fmt.Errorf("Failed to convert to Role object: %s", obj)
-			}
-			sets = append(sets, *set)
-			return &portainer.Role{}, nil
-		})
+	// err := service.connection.GetAll(
+	// 	BucketName,
+	// 	&portainer.Role{},
+	// 	func(obj interface{}) (interface{}, error) {
+	// 		set, ok := obj.(*portainer.Role)
+	// 		if !ok {
+	// 			log.Debug().Str("obj", fmt.Sprintf("%#v", obj)).Msg("failed to convert to Role object")
+	// 			return nil, fmt.Errorf("Failed to convert to Role object: %s", obj)
+	// 		}
 
-	return sets, err
+	// 		sets = append(sets, *set)
+
+	// 		return &portainer.Role{}, nil
+	// 	})
+
+	return sets, nil
 }
 
 // CreateRole creates a new Role.
 func (service *Service) Create(role *portainer.Role) error {
-	return service.connection.CreateObject(
-		BucketName,
-		func(id uint64) (int, interface{}) {
-			role.ID = portainer.RoleID(id)
-			return int(role.ID), role
-		},
-	)
+	// return service.connection.CreateObject(
+	// 	BucketName,
+	// 	func(id uint64) (int, interface{}) {
+	// 		role.ID = portainer.RoleID(id)
+	// 		return int(role.ID), role
+	// 	},
+	// )
+	return nil
 }
 
 // UpdateRole updates a role.
 func (service *Service) UpdateRole(ID portainer.RoleID, role *portainer.Role) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, role)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.UpdateObject(BucketName, identifier, role)
+	return nil
 }

api/dataservices/schedule/schedule.go

@@ -1,10 +1,7 @@
 package schedule
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,10 +20,10 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
+	// err := connection.SetServiceName(BucketName)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &Service{
 		connection: connection,
@@ -36,46 +33,33 @@ func NewService(connection portainer.Connection) (*Service, error) {
 // Schedule returns a schedule by ID.
 func (service *Service) Schedule(ID portainer.ScheduleID) (*portainer.Schedule, error) {
 	var schedule portainer.Schedule
-	identifier := service.connection.ConvertToKey(int(ID))
+	// identifier := service.connection.ConvertToKey(int(ID))
 
-	err := service.connection.GetObject(BucketName, identifier, &schedule)
-	if err != nil {
-		return nil, err
-	}
+	// err := service.connection.GetObject(BucketName, identifier, &schedule)
+	// if err != nil {
+	// 	return nil, err
+	// }
 
 	return &schedule, nil
 }
 
 // UpdateSchedule updates a schedule.
 func (service *Service) UpdateSchedule(ID portainer.ScheduleID, schedule *portainer.Schedule) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, schedule)
+	// identifier := service.connection.ConvertToKey(int(ID))
+	// return service.connection.UpdateObject(BucketName, identifier, schedule)
+	return nil
 }
 
 // DeleteSchedule deletes a schedule.
 func (service *Service) DeleteSchedule(ID portainer.ScheduleID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }
 
 // Schedules return a array containing all the schedules.
 func (service *Service) Schedules() ([]portainer.Schedule, error) {
 	var schedules = make([]portainer.Schedule, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Schedule{},
-		func(obj interface{}) (interface{}, error) {
-			schedule, ok := obj.(*portainer.Schedule)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Schedule object")
-				return nil, fmt.Errorf("Failed to convert to Schedule object: %s", obj)
-			}
-			schedules = append(schedules, *schedule)
-			return &portainer.Schedule{}, nil
-		})
-
-	return schedules, err
+	return schedules, nil
 }
 
 // SchedulesByJobType return a array containing all the schedules
@@ -83,30 +67,15 @@ func (service *Service) Schedules() ([]portainer.Schedule, error) {
 func (service *Service) SchedulesByJobType(jobType portainer.JobType) ([]portainer.Schedule, error) {
 	var schedules = make([]portainer.Schedule, 0)
 
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Schedule{},
-		func(obj interface{}) (interface{}, error) {
-			schedule, ok := obj.(*portainer.Schedule)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Schedule object")
-				return nil, fmt.Errorf("Failed to convert to Schedule object: %s", obj)
-			}
-			if schedule.JobType == jobType {
-				schedules = append(schedules, *schedule)
-			}
-			return &portainer.Schedule{}, nil
-		})
-
-	return schedules, err
+	return schedules, nil
 }
 
 // Create assign an ID to a new schedule and saves it.
 func (service *Service) CreateSchedule(schedule *portainer.Schedule) error {
-	return service.connection.CreateObjectWithSetSequence(BucketName, int(schedule.ID), schedule)
+	return nil
 }
 
 // GetNextIdentifier returns the next identifier for a schedule.
 func (service *Service) GetNextIdentifier() int {
-	return service.connection.GetNextIdentifier(BucketName)
+	return 0
 }

api/dataservices/settings/settings.go

@@ -21,11 +21,6 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
-
 	return &Service{
 		connection: connection,
 	}, nil
@@ -35,29 +30,14 @@ func NewService(connection portainer.Connection) (*Service, error) {
 func (service *Service) Settings() (*portainer.Settings, error) {
 	var settings portainer.Settings
 
-	err := service.connection.GetObject(BucketName, []byte(settingsKey), &settings)
-	if err != nil {
-		return nil, err
-	}
-
 	return &settings, nil
 }
 
 // UpdateSettings persists a Settings object.
 func (service *Service) UpdateSettings(settings *portainer.Settings) error {
-	return service.connection.UpdateObject(BucketName, []byte(settingsKey), settings)
+	return nil
 }
 
 func (service *Service) IsFeatureFlagEnabled(feature portainer.Feature) bool {
-	settings, err := service.Settings()
-	if err != nil {
-		return false
-	}
-
-	featureFlagSetting, ok := settings.FeatureFlagSettings[feature]
-	if ok {
-		return featureFlagSetting
-	}
-
 	return false
 }

api/dataservices/snapshot/snapshot.go

@@ -0,0 +1,48 @@
+package snapshot
+
+import (
+	portainer "github.com/portainer/portainer/api"
+)
+
+const (
+	BucketName = "snapshots"
+)
+
+type Service struct {
+	connection portainer.Connection
+}
+
+func (service *Service) BucketName() string {
+	return BucketName
+}
+
+func NewService(connection portainer.Connection) (*Service, error) {
+
+	return &Service{
+		connection: connection,
+	}, nil
+}
+
+func (service *Service) Snapshot(endpointID portainer.EndpointID) (*portainer.Snapshot, error) {
+	var snapshot portainer.Snapshot
+
+	return &snapshot, nil
+}
+
+func (service *Service) Snapshots() ([]portainer.Snapshot, error) {
+	var snapshots = make([]portainer.Snapshot, 0)
+
+	return snapshots, nil
+}
+
+func (service *Service) UpdateSnapshot(snapshot *portainer.Snapshot) error {
+	return nil
+}
+
+func (service *Service) DeleteSnapshot(endpointID portainer.EndpointID) error {
+	return nil
+}
+
+func (service *Service) Create(snapshot *portainer.Snapshot) error {
+	return nil
+}

api/dataservices/ssl/ssl.go

@@ -21,11 +21,6 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
-
 	return &Service{
 		connection: connection,
 	}, nil
@@ -35,15 +30,10 @@ func NewService(connection portainer.Connection) (*Service, error) {
 func (service *Service) Settings() (*portainer.SSLSettings, error) {
 	var settings portainer.SSLSettings
 
-	err := service.connection.GetObject(BucketName, []byte(key), &settings)
-	if err != nil {
-		return nil, err
-	}
-
 	return &settings, nil
 }
 
 // UpdateSettings persists a SSLSettings object.
 func (service *Service) UpdateSettings(settings *portainer.SSLSettings) error {
-	return service.connection.UpdateObject(BucketName, []byte(key), settings)
+	return nil
 }

api/dataservices/stack/stack.go

@@ -1,13 +1,7 @@
 package stack
 
 import (
-	"fmt"
-	"strings"
-
-	"github.com/sirupsen/logrus"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/dataservices/errors"
 )
 
 const (
@@ -26,10 +20,6 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
 
 	return &Service{
 		connection: connection,
@@ -39,161 +29,56 @@ func NewService(connection portainer.Connection) (*Service, error) {
 // Stack returns a stack object by ID.
 func (service *Service) Stack(ID portainer.StackID) (*portainer.Stack, error) {
 	var stack portainer.Stack
-	identifier := service.connection.ConvertToKey(int(ID))
-
-	err := service.connection.GetObject(BucketName, identifier, &stack)
-	if err != nil {
-		return nil, err
-	}
-
 	return &stack, nil
 }
 
 // StackByName returns a stack object by name.
 func (service *Service) StackByName(name string) (*portainer.Stack, error) {
-	var s *portainer.Stack
-
-	stop := fmt.Errorf("ok")
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Stack{},
-		func(obj interface{}) (interface{}, error) {
-			stack, ok := obj.(*portainer.Stack)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Stack object")
-				return nil, fmt.Errorf("Failed to convert to Stack object: %s", obj)
-			}
-			if stack.Name == name {
-				s = stack
-				return nil, stop
-			}
-			return &portainer.Stack{}, nil
-		})
-	if err == stop {
-		return s, nil
-	}
-	if err == nil {
-		return nil, errors.ErrObjectNotFound
-	}
-
-	return nil, err
+	return nil, nil
 }
 
 // Stacks returns an array containing all the stacks with same name
 func (service *Service) StacksByName(name string) ([]portainer.Stack, error) {
 	var stacks = make([]portainer.Stack, 0)
-
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Stack{},
-		func(obj interface{}) (interface{}, error) {
-			stack, ok := obj.(portainer.Stack)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Stack object")
-				return nil, fmt.Errorf("Failed to convert to Stack object: %s", obj)
-			}
-			if stack.Name == name {
-				stacks = append(stacks, stack)
-			}
-			return &portainer.Stack{}, nil
-		})
-
-	return stacks, err
+	return stacks, nil
 }
 
 // Stacks returns an array containing all the stacks.
 func (service *Service) Stacks() ([]portainer.Stack, error) {
 	var stacks = make([]portainer.Stack, 0)
-
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Stack{},
-		func(obj interface{}) (interface{}, error) {
-			stack, ok := obj.(*portainer.Stack)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Stack object")
-				return nil, fmt.Errorf("Failed to convert to Stack object: %s", obj)
-			}
-			stacks = append(stacks, *stack)
-			return &portainer.Stack{}, nil
-		})
-
-	return stacks, err
+	return stacks, nil
 }
 
 // GetNextIdentifier returns the next identifier for a stack.
 func (service *Service) GetNextIdentifier() int {
-	return service.connection.GetNextIdentifier(BucketName)
+	return 0
 }
 
 // CreateStack creates a new stack.
 func (service *Service) Create(stack *portainer.Stack) error {
-	return service.connection.CreateObjectWithSetSequence(BucketName, int(stack.ID), stack)
+	return nil
 }
 
 // UpdateStack updates a stack.
 func (service *Service) UpdateStack(ID portainer.StackID, stack *portainer.Stack) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, stack)
+	return nil
 }
 
 // DeleteStack deletes a stack.
 func (service *Service) DeleteStack(ID portainer.StackID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }
 
 // StackByWebhookID returns a pointer to a stack object by webhook ID.
 // It returns nil, errors.ErrObjectNotFound if there's no stack associated with the webhook ID.
 func (service *Service) StackByWebhookID(id string) (*portainer.Stack, error) {
-	var s *portainer.Stack
-	stop := fmt.Errorf("ok")
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Stack{},
-		func(obj interface{}) (interface{}, error) {
-			var ok bool
-			s, ok = obj.(*portainer.Stack)
 
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Stack object")
-				return &portainer.Stack{}, nil
-			}
-
-			if s.AutoUpdate != nil && strings.EqualFold(s.AutoUpdate.Webhook, id) {
-				return nil, stop
-			}
-			return &portainer.Stack{}, nil
-		})
-	if err == stop {
-		return s, nil
-	}
-	if err == nil {
-		return nil, errors.ErrObjectNotFound
-	}
-
-	return nil, err
+	return nil, nil
 
 }
 
 // RefreshableStacks returns stacks that are configured for a periodic update
 func (service *Service) RefreshableStacks() ([]portainer.Stack, error) {
 	stacks := make([]portainer.Stack, 0)
-
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Stack{},
-		func(obj interface{}) (interface{}, error) {
-			stack, ok := obj.(*portainer.Stack)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Stack object")
-				return nil, fmt.Errorf("Failed to convert to Stack object: %s", obj)
-			}
-			if stack.AutoUpdate != nil && stack.AutoUpdate.Interval != "" {
-				stacks = append(stacks, *stack)
-			}
-			return &portainer.Stack{}, nil
-		})
-
-	return stacks, err
+	return stacks, nil
 }

api/dataservices/stack/tests/stack_test.go

@@ -29,7 +29,7 @@ func TestService_StackByWebhookID(t *testing.T) {
 	if testing.Short() {
 		t.Skip("skipping test in short mode. Normally takes ~1s to run.")
 	}
-	_, store, teardown := datastore.MustNewTestStore(true, true)
+	_, store, teardown := datastore.MustNewTestStore(t, true, true)
 	defer teardown()
 
 	b := stackBuilder{t: t, store: store}
@@ -87,7 +87,7 @@ func Test_RefreshableStacks(t *testing.T) {
 	if testing.Short() {
 		t.Skip("skipping test in short mode. Normally takes ~1s to run.")
 	}
-	_, store, teardown := datastore.MustNewTestStore(true, true)
+	_, store, teardown := datastore.MustNewTestStore(t, true, true)
 	defer teardown()
 
 	staticStack := portainer.Stack{ID: 1}

api/dataservices/tag/tag.go

@@ -1,10 +1,7 @@
 package tag
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,11 +20,6 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
-
 	return &Service{
 		connection: connection,
 	}, nil
@@ -36,55 +28,26 @@ func NewService(connection portainer.Connection) (*Service, error) {
 // Tags return an array containing all the tags.
 func (service *Service) Tags() ([]portainer.Tag, error) {
 	var tags = make([]portainer.Tag, 0)
-
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Tag{},
-		func(obj interface{}) (interface{}, error) {
-			tag, ok := obj.(*portainer.Tag)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Tag object")
-				return nil, fmt.Errorf("Failed to convert to Tag object: %s", obj)
-			}
-			tags = append(tags, *tag)
-			return &portainer.Tag{}, nil
-		})
-
-	return tags, err
+	return tags, nil
 }
 
 // Tag returns a tag by ID.
 func (service *Service) Tag(ID portainer.TagID) (*portainer.Tag, error) {
 	var tag portainer.Tag
-	identifier := service.connection.ConvertToKey(int(ID))
-
-	err := service.connection.GetObject(BucketName, identifier, &tag)
-	if err != nil {
-		return nil, err
-	}
-
 	return &tag, nil
 }
 
 // CreateTag creates a new tag.
 func (service *Service) Create(tag *portainer.Tag) error {
-	return service.connection.CreateObject(
-		BucketName,
-		func(id uint64) (int, interface{}) {
-			tag.ID = portainer.TagID(id)
-			return int(tag.ID), tag
-		},
-	)
+	return nil
 }
 
 // UpdateTag updates a tag.
 func (service *Service) UpdateTag(ID portainer.TagID, tag *portainer.Tag) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, tag)
+	return nil
 }
 
 // DeleteTag deletes a tag.
 func (service *Service) DeleteTag(ID portainer.TagID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }

api/dataservices/team/team.go

@@ -1,12 +1,6 @@
 package team
 
 import (
-	"fmt"
-	"strings"
-
-	"github.com/portainer/portainer/api/dataservices/errors"
-	"github.com/sirupsen/logrus"
-
 	portainer "github.com/portainer/portainer/api"
 )
 
@@ -26,11 +20,6 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
-
 	return &Service{
 		connection: connection,
 	}, nil
@@ -39,85 +28,31 @@ func NewService(connection portainer.Connection) (*Service, error) {
 // Team returns a Team by ID
 func (service *Service) Team(ID portainer.TeamID) (*portainer.Team, error) {
 	var team portainer.Team
-	identifier := service.connection.ConvertToKey(int(ID))
-
-	err := service.connection.GetObject(BucketName, identifier, &team)
-	if err != nil {
-		return nil, err
-	}
-
 	return &team, nil
 }
 
 // TeamByName returns a team by name.
 func (service *Service) TeamByName(name string) (*portainer.Team, error) {
-	var t *portainer.Team
-
-	stop := fmt.Errorf("ok")
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Team{},
-		func(obj interface{}) (interface{}, error) {
-			team, ok := obj.(*portainer.Team)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Team object")
-				return nil, fmt.Errorf("Failed to convert to Team object: %s", obj)
-			}
-			if strings.EqualFold(team.Name, name) {
-				t = team
-				return nil, stop
-			}
-			return &portainer.Team{}, nil
-		})
-	if err == stop {
-		return t, nil
-	}
-	if err == nil {
-		return nil, errors.ErrObjectNotFound
-	}
-
-	return nil, err
+	return nil, nil
 }
 
 // Teams return an array containing all the teams.
 func (service *Service) Teams() ([]portainer.Team, error) {
 	var teams = make([]portainer.Team, 0)
-
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Team{},
-		func(obj interface{}) (interface{}, error) {
-			team, ok := obj.(*portainer.Team)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Team object")
-				return nil, fmt.Errorf("Failed to convert to Team object: %s", obj)
-			}
-			teams = append(teams, *team)
-			return &portainer.Team{}, nil
-		})
-
-	return teams, err
+	return teams, nil
 }
 
 // UpdateTeam saves a Team.
 func (service *Service) UpdateTeam(ID portainer.TeamID, team *portainer.Team) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, team)
+	return nil
 }
 
 // CreateTeam creates a new Team.
 func (service *Service) Create(team *portainer.Team) error {
-	return service.connection.CreateObject(
-		BucketName,
-		func(id uint64) (int, interface{}) {
-			team.ID = portainer.TeamID(id)
-			return int(team.ID), team
-		},
-	)
+	return nil
 }
 
 // DeleteTeam deletes a Team.
 func (service *Service) DeleteTeam(ID portainer.TeamID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }

api/dataservices/team/tests/team_test.go

@@ -10,7 +10,7 @@ import (
 
 func Test_teamByName(t *testing.T) {
 	t.Run("When store is empty should return ErrObjectNotFound", func(t *testing.T) {
-		_, store, teardown := datastore.MustNewTestStore(true, true)
+		_, store, teardown := datastore.MustNewTestStore(t, true, true)
 		defer teardown()
 
 		_, err := store.Team().TeamByName("name")
@@ -19,7 +19,7 @@ func Test_teamByName(t *testing.T) {
 	})
 
 	t.Run("When there is no object with the same name should return ErrObjectNotFound", func(t *testing.T) {
-		_, store, teardown := datastore.MustNewTestStore(true, true)
+		_, store, teardown := datastore.MustNewTestStore(t, true, true)
 		defer teardown()
 
 		teamBuilder := teamBuilder{
@@ -35,7 +35,7 @@ func Test_teamByName(t *testing.T) {
 	})
 
 	t.Run("When there is an object with the same name should return the object", func(t *testing.T) {
-		_, store, teardown := datastore.MustNewTestStore(true, true)
+		_, store, teardown := datastore.MustNewTestStore(t, true, true)
 		defer teardown()
 
 		teamBuilder := teamBuilder{

api/dataservices/teammembership/teammembership.go

@@ -1,10 +1,7 @@
 package teammembership
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -23,11 +20,6 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
-
 	return &Service{
 		connection: connection,
 	}, nil
@@ -36,135 +28,48 @@ func NewService(connection portainer.Connection) (*Service, error) {
 // TeamMembership returns a TeamMembership object by ID
 func (service *Service) TeamMembership(ID portainer.TeamMembershipID) (*portainer.TeamMembership, error) {
 	var membership portainer.TeamMembership
-	identifier := service.connection.ConvertToKey(int(ID))
-
-	err := service.connection.GetObject(BucketName, identifier, &membership)
-	if err != nil {
-		return nil, err
-	}
-
 	return &membership, nil
 }
 
 // TeamMemberships return an array containing all the TeamMembership objects.
 func (service *Service) TeamMemberships() ([]portainer.TeamMembership, error) {
 	var memberships = make([]portainer.TeamMembership, 0)
-
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.TeamMembership{},
-		func(obj interface{}) (interface{}, error) {
-			membership, ok := obj.(*portainer.TeamMembership)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to TeamMembership object")
-				return nil, fmt.Errorf("Failed to convert to TeamMembership object: %s", obj)
-			}
-			memberships = append(memberships, *membership)
-			return &portainer.TeamMembership{}, nil
-		})
-
-	return memberships, err
+	return memberships, nil
 }
 
 // TeamMembershipsByUserID return an array containing all the TeamMembership objects where the specified userID is present.
 func (service *Service) TeamMembershipsByUserID(userID portainer.UserID) ([]portainer.TeamMembership, error) {
 	var memberships = make([]portainer.TeamMembership, 0)
-
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.TeamMembership{},
-		func(obj interface{}) (interface{}, error) {
-			membership, ok := obj.(*portainer.TeamMembership)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to TeamMembership object")
-				return nil, fmt.Errorf("Failed to convert to TeamMembership object: %s", obj)
-			}
-			if membership.UserID == userID {
-				memberships = append(memberships, *membership)
-			}
-			return &portainer.TeamMembership{}, nil
-		})
-
-	return memberships, err
+	return memberships, nil
 }
 
 // TeamMembershipsByTeamID return an array containing all the TeamMembership objects where the specified teamID is present.
 func (service *Service) TeamMembershipsByTeamID(teamID portainer.TeamID) ([]portainer.TeamMembership, error) {
 	var memberships = make([]portainer.TeamMembership, 0)
-
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.TeamMembership{},
-		func(obj interface{}) (interface{}, error) {
-			membership, ok := obj.(*portainer.TeamMembership)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to TeamMembership object")
-				return nil, fmt.Errorf("Failed to convert to TeamMembership object: %s", obj)
-			}
-			if membership.TeamID == teamID {
-				memberships = append(memberships, *membership)
-			}
-			return &portainer.TeamMembership{}, nil
-		})
-
-	return memberships, err
+	return memberships, nil
 }
 
 // UpdateTeamMembership saves a TeamMembership object.
 func (service *Service) UpdateTeamMembership(ID portainer.TeamMembershipID, membership *portainer.TeamMembership) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, membership)
+	return nil
 }
 
 // CreateTeamMembership creates a new TeamMembership object.
 func (service *Service) Create(membership *portainer.TeamMembership) error {
-	return service.connection.CreateObject(
-		BucketName,
-		func(id uint64) (int, interface{}) {
-			membership.ID = portainer.TeamMembershipID(id)
-			return int(membership.ID), membership
-		},
-	)
+	return nil
 }
 
 // DeleteTeamMembership deletes a TeamMembership object.
 func (service *Service) DeleteTeamMembership(ID portainer.TeamMembershipID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }
 
 // DeleteTeamMembershipByUserID deletes all the TeamMembership object associated to a UserID.
 func (service *Service) DeleteTeamMembershipByUserID(userID portainer.UserID) error {
-	return service.connection.DeleteAllObjects(
-		BucketName,
-		func(obj interface{}) (id int, ok bool) {
-			membership, ok := obj.(portainer.TeamMembership)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to TeamMembership object")
-				//return fmt.Errorf("Failed to convert to TeamMembership object: %s", obj)
-				return -1, false
-			}
-			if membership.UserID == userID {
-				return int(membership.ID), true
-			}
-			return -1, false
-		})
+	return nil
 }
 
 // DeleteTeamMembershipByTeamID deletes all the TeamMembership object associated to a TeamID.
 func (service *Service) DeleteTeamMembershipByTeamID(teamID portainer.TeamID) error {
-	return service.connection.DeleteAllObjects(
-		BucketName,
-		func(obj interface{}) (id int, ok bool) {
-			membership, ok := obj.(portainer.TeamMembership)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to TeamMembership object")
-				//return fmt.Errorf("Failed to convert to TeamMembership object: %s", obj)
-				return -1, false
-			}
-			if membership.TeamID == teamID {
-				return int(membership.ID), true
-			}
-			return -1, false
-		})
+	return nil
 }

api/dataservices/tunnelserver/tunnelserver.go

@@ -21,11 +21,6 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
-
 	return &Service{
 		connection: connection,
 	}, nil
@@ -35,15 +30,10 @@ func NewService(connection portainer.Connection) (*Service, error) {
 func (service *Service) Info() (*portainer.TunnelServerInfo, error) {
 	var info portainer.TunnelServerInfo
 
-	err := service.connection.GetObject(BucketName, []byte(infoKey), &info)
-	if err != nil {
-		return nil, err
-	}
-
 	return &info, nil
 }
 
 // UpdateInfo persists a TunnelServerInfo object.
 func (service *Service) UpdateInfo(settings *portainer.TunnelServerInfo) error {
-	return service.connection.UpdateObject(BucketName, []byte(infoKey), settings)
+	return nil
 }

api/dataservices/user/user.go

@@ -1,12 +1,6 @@
 package user
 
 import (
-	"fmt"
-	"strings"
-
-	"github.com/portainer/portainer/api/dataservices/errors"
-	"github.com/sirupsen/logrus"
-
 	portainer "github.com/portainer/portainer/api"
 )
 
@@ -26,11 +20,6 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
-
 	return &Service{
 		connection: connection,
 	}, nil
@@ -39,109 +28,38 @@ func NewService(connection portainer.Connection) (*Service, error) {
 // User returns a user by ID
 func (service *Service) User(ID portainer.UserID) (*portainer.User, error) {
 	var user portainer.User
-	identifier := service.connection.ConvertToKey(int(ID))
-
-	err := service.connection.GetObject(BucketName, identifier, &user)
-	if err != nil {
-		return nil, err
-	}
 
 	return &user, nil
 }
 
 // UserByUsername returns a user by username.
 func (service *Service) UserByUsername(username string) (*portainer.User, error) {
-	var u *portainer.User
-	stop := fmt.Errorf("ok")
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.User{},
-		func(obj interface{}) (interface{}, error) {
-			user, ok := obj.(*portainer.User)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to User object")
-				return nil, fmt.Errorf("Failed to convert to User object: %s", obj)
-			}
-			if strings.EqualFold(user.Username, username) {
-				u = user
-				return nil, stop
-			}
-			return &portainer.User{}, nil
-		})
-	if err == stop {
-		return u, nil
-	}
-	if err == nil {
-		return nil, errors.ErrObjectNotFound
-	}
-
-	return nil, err
+	return nil, nil
 }
 
 // Users return an array containing all the users.
 func (service *Service) Users() ([]portainer.User, error) {
 	var users = make([]portainer.User, 0)
-
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.User{},
-		func(obj interface{}) (interface{}, error) {
-			user, ok := obj.(*portainer.User)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to User object")
-				return nil, fmt.Errorf("Failed to convert to User object: %s", obj)
-			}
-			users = append(users, *user)
-			return &portainer.User{}, nil
-		})
-
-	return users, err
+	return users, nil
 }
 
 // UsersByRole return an array containing all the users with the specified role.
 func (service *Service) UsersByRole(role portainer.UserRole) ([]portainer.User, error) {
 	var users = make([]portainer.User, 0)
-
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.User{},
-		func(obj interface{}) (interface{}, error) {
-			user, ok := obj.(*portainer.User)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to User object")
-				return nil, fmt.Errorf("Failed to convert to User object: %s", obj)
-			}
-			if user.Role == role {
-				users = append(users, *user)
-			}
-			return &portainer.User{}, nil
-		})
-
-	return users, err
+	return users, nil
 }
 
 // UpdateUser saves a user.
 func (service *Service) UpdateUser(ID portainer.UserID, user *portainer.User) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	user.Username = strings.ToLower(user.Username)
-	return service.connection.UpdateObject(BucketName, identifier, user)
+	return nil
 }
 
 // CreateUser creates a new user.
 func (service *Service) Create(user *portainer.User) error {
-	return service.connection.CreateObject(
-		BucketName,
-		func(id uint64) (int, interface{}) {
-			user.ID = portainer.UserID(id)
-			user.Username = strings.ToLower(user.Username)
-
-			return int(user.ID), user
-		},
-	)
+	return nil
 }
 
 // DeleteUser deletes a user.
 func (service *Service) DeleteUser(ID portainer.UserID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }

api/dataservices/version/version.go

@@ -1,18 +1,11 @@
 package version
 
 import (
+	"fmt"
 	"strconv"
 
 	portainer "github.com/portainer/portainer/api"
-)
-
-const (
-	// BucketName represents the name of the bucket where this service stores data.
-	BucketName  = "version"
-	versionKey  = "DB_VERSION"
-	instanceKey = "INSTANCE_ID"
-	editionKey  = "EDITION"
-	updatingKey = "DB_UPDATING"
+	"github.com/portainer/portainer/api/database/models"
 )
 
 // Service represents a service to manage stored versions.
@@ -20,17 +13,8 @@ type Service struct {
 	connection portainer.Connection
 }
 
-func (service *Service) BucketName() string {
-	return BucketName
-}
-
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
-
 	return &Service{
 		connection: connection,
 	}, nil
@@ -38,22 +22,24 @@ func NewService(connection portainer.Connection) (*Service, error) {
 
 // DBVersion retrieves the stored database version.
 func (service *Service) DBVersion() (int, error) {
-	var version string
-	err := service.connection.GetObject(BucketName, []byte(versionKey), &version)
-	if err != nil {
-		return 0, err
+	db := service.connection.GetDB()
+	var version models.Version
+	tx := db.First(&version, `key = ?`, models.VersionKey)
+	if tx.Error != nil {
+		return 0, tx.Error
 	}
-	return strconv.Atoi(version)
+	return strconv.Atoi(version.Value)
 }
 
 // Edition retrieves the stored portainer edition.
 func (service *Service) Edition() (portainer.SoftwareEdition, error) {
-	var edition string
-	err := service.connection.GetObject(BucketName, []byte(editionKey), &edition)
-	if err != nil {
-		return 0, err
+	db := service.connection.GetDB()
+	var version models.Version
+	tx := db.First(&version, `key = ?`, models.EditionKey)
+	if tx.Error != nil {
+		return 0, tx.Error
 	}
-	e, err := strconv.Atoi(edition)
+	e, err := strconv.Atoi(version.Value)
 	if err != nil {
 		return 0, err
 	}
@@ -61,31 +47,56 @@ func (service *Service) Edition() (portainer.SoftwareEdition, error) {
 }
 
 // StoreDBVersion store the database version.
-func (service *Service) StoreDBVersion(version int) error {
-	return service.connection.UpdateObject(BucketName, []byte(versionKey), strconv.Itoa(version))
+func (service *Service) StoreDBVersion(v int) error {
+	db := service.connection.GetDB()
+	version := &models.Version{Key: models.VersionKey}
+	fmt.Printf("## version %s", version)
+	tx := db.Model(version).Update("value", strconv.FormatInt(int64(v), 10))
+	if tx.Error != nil {
+		return tx.Error
+	}
+	return nil
 }
 
 // IsUpdating retrieves the database updating status.
 func (service *Service) IsUpdating() (bool, error) {
-	var isUpdating bool
-	err := service.connection.GetObject(BucketName, []byte(updatingKey), &isUpdating)
-	return isUpdating, err
+	db := service.connection.GetDB()
+	var version models.Version
+	tx := db.First(&version, `key = ?`, models.UpdatingKey)
+	if tx.Error != nil {
+		return false, tx.Error
+	}
+	return version.Value == "true", nil
 }
 
 // StoreIsUpdating store the database updating status.
 func (service *Service) StoreIsUpdating(isUpdating bool) error {
-	return service.connection.UpdateObject(BucketName, []byte(updatingKey), isUpdating)
+	db := service.connection.GetDB()
+	tx := db.Model(&models.Version{Key: models.UpdatingKey}).Update("value", strconv.FormatBool(isUpdating))
+	if tx.Error != nil {
+		return tx.Error
+	}
+	return nil
 }
 
 // InstanceID retrieves the stored instance ID.
 func (service *Service) InstanceID() (string, error) {
-	var id string
-	err := service.connection.GetObject(BucketName, []byte(instanceKey), &id)
-	return id, err
+	db := service.connection.GetDB()
+	var version models.Version
+	tx := db.First(&version, `key = ?`, models.InstanceKey)
+	if tx.Error != nil {
+		return "", tx.Error
+	}
+	return version.Value, nil
 }
 
 // StoreInstanceID store the instance ID.
 func (service *Service) StoreInstanceID(ID string) error {
-	return service.connection.UpdateObject(BucketName, []byte(instanceKey), ID)
+	db := service.connection.GetDB()
+	tx := db.FirstOrCreate(&models.Version{Key: models.InstanceKey, Value: ID})
+	if tx.Error != nil {
+		return tx.Error
+	}
 
+	return nil
 }

api/dataservices/webhook/webhook.go

@@ -1,11 +1,7 @@
 package webhook
 
 import (
-	"fmt"
-
 	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/dataservices/errors"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -24,126 +20,44 @@ func (service *Service) BucketName() string {
 
 // NewService creates a new instance of a service.
 func NewService(connection portainer.Connection) (*Service, error) {
-	err := connection.SetServiceName(BucketName)
-	if err != nil {
-		return nil, err
-	}
-
 	return &Service{
 		connection: connection,
 	}, nil
 }
 
-//Webhooks returns an array of all webhooks
+// Webhooks returns an array of all webhooks
 func (service *Service) Webhooks() ([]portainer.Webhook, error) {
 	var webhooks = make([]portainer.Webhook, 0)
-
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Webhook{},
-		func(obj interface{}) (interface{}, error) {
-			webhook, ok := obj.(*portainer.Webhook)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Webhook object")
-				return nil, fmt.Errorf("Failed to convert to Webhook object: %s", obj)
-			}
-			webhooks = append(webhooks, *webhook)
-			return &portainer.Webhook{}, nil
-		})
-
-	return webhooks, err
+	return webhooks, nil
 }
 
 // Webhook returns a webhook by ID.
 func (service *Service) Webhook(ID portainer.WebhookID) (*portainer.Webhook, error) {
 	var webhook portainer.Webhook
-	identifier := service.connection.ConvertToKey(int(ID))
-
-	err := service.connection.GetObject(BucketName, identifier, &webhook)
-	if err != nil {
-		return nil, err
-	}
-
 	return &webhook, nil
 }
 
 // WebhookByResourceID returns a webhook by the ResourceID it is associated with.
 func (service *Service) WebhookByResourceID(ID string) (*portainer.Webhook, error) {
-	var w *portainer.Webhook
-	stop := fmt.Errorf("ok")
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Webhook{},
-		func(obj interface{}) (interface{}, error) {
-			webhook, ok := obj.(*portainer.Webhook)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Webhook object")
-				return nil, fmt.Errorf("Failed to convert to Webhook object: %s", obj)
-			}
-			if webhook.ResourceID == ID {
-				w = webhook
-				return nil, stop
-			}
-			return &portainer.Webhook{}, nil
-		})
-	if err == stop {
-		return w, nil
-	}
-	if err == nil {
-		return nil, errors.ErrObjectNotFound
-	}
-
-	return nil, err
+	return nil, nil
 }
 
 // WebhookByToken returns a webhook by the random token it is associated with.
 func (service *Service) WebhookByToken(token string) (*portainer.Webhook, error) {
-	var w *portainer.Webhook
-	stop := fmt.Errorf("ok")
-	err := service.connection.GetAll(
-		BucketName,
-		&portainer.Webhook{},
-		func(obj interface{}) (interface{}, error) {
-			webhook, ok := obj.(*portainer.Webhook)
-			if !ok {
-				logrus.WithField("obj", obj).Errorf("Failed to convert to Webhook object")
-				return nil, fmt.Errorf("Failed to convert to Webhook object: %s", obj)
-			}
-			if webhook.Token == token {
-				w = webhook
-				return nil, stop
-			}
-			return &portainer.Webhook{}, nil
-		})
-	if err == stop {
-		return w, nil
-	}
-	if err == nil {
-		return nil, errors.ErrObjectNotFound
-	}
-
-	return nil, err
+	return nil, nil
 }
 
 // DeleteWebhook deletes a webhook.
 func (service *Service) DeleteWebhook(ID portainer.WebhookID) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.DeleteObject(BucketName, identifier)
+	return nil
 }
 
 // CreateWebhook assign an ID to a new webhook and saves it.
 func (service *Service) Create(webhook *portainer.Webhook) error {
-	return service.connection.CreateObject(
-		BucketName,
-		func(id uint64) (int, interface{}) {
-			webhook.ID = portainer.WebhookID(id)
-			return int(webhook.ID), webhook
-		},
-	)
+	return nil
 }
 
 // UpdateWebhook update a webhook.
 func (service *Service) UpdateWebhook(ID portainer.WebhookID, webhook *portainer.Webhook) error {
-	identifier := service.connection.ConvertToKey(int(ID))
-	return service.connection.UpdateObject(BucketName, identifier, webhook)
+	return nil
 }

api/datastore/backup.go

@@ -1,178 +0,0 @@
-package datastore
-
-import (
-	"fmt"
-	"os"
-	"path"
-	"time"
-
-	plog "github.com/portainer/portainer/api/datastore/log"
-)
-
-var backupDefaults = struct {
-	backupDir string
-	commonDir string
-}{
-	"backups",
-	"common",
-}
-
-var backupLog = plog.NewScopedLog("database, backup")
-
-//
-// Backup Helpers
-//
-
-// createBackupFolders create initial folders for backups
-func (store *Store) createBackupFolders() {
-	// create common dir
-	commonDir := store.commonBackupDir()
-	if exists, _ := store.fileService.FileExists(commonDir); !exists {
-		if err := os.MkdirAll(commonDir, 0700); err != nil {
-			backupLog.Error("Error while creating common backup folder", err)
-		}
-	}
-}
-
-func (store *Store) databasePath() string {
-	return store.connection.GetDatabaseFilePath()
-}
-
-func (store *Store) commonBackupDir() string {
-	return path.Join(store.connection.GetStorePath(), backupDefaults.backupDir, backupDefaults.commonDir)
-}
-
-func (store *Store) copyDBFile(from string, to string) error {
-	backupLog.Info(fmt.Sprintf("Copying db file from %s to %s", from, to))
-	err := store.fileService.Copy(from, to, true)
-	if err != nil {
-		backupLog.Error("Failed", err)
-	}
-	return err
-}
-
-// BackupOptions provide a helper to inject backup options
-type BackupOptions struct {
-	Version        int // I can't find this used for anything other than a filename
-	BackupDir      string
-	BackupFileName string
-	BackupPath     string
-}
-
-// getBackupRestoreOptions returns options to store db at common backup dir location; used by:
-// - db backup prior to version upgrade
-// - db rollback
-func getBackupRestoreOptions(backupDir string) *BackupOptions {
-	return &BackupOptions{
-		BackupDir:      backupDir, //connection.commonBackupDir(),
-		BackupFileName: beforePortainerVersionUpgradeBackup,
-	}
-}
-
-// Backup current database with default options
-func (store *Store) Backup() (string, error) {
-	return store.backupWithOptions(nil)
-}
-
-func (store *Store) setupOptions(options *BackupOptions) *BackupOptions {
-	if options == nil {
-		options = &BackupOptions{}
-	}
-	if options.Version == 0 {
-		version, err := store.version()
-		if err != nil {
-			version = 0
-		}
-		options.Version = version
-	}
-	if options.BackupDir == "" {
-		options.BackupDir = store.commonBackupDir()
-	}
-	if options.BackupFileName == "" {
-		options.BackupFileName = fmt.Sprintf("%s.%s.%s", store.connection.GetDatabaseFileName(), fmt.Sprintf("%03d", options.Version), time.Now().Format("20060102150405"))
-	}
-	if options.BackupPath == "" {
-		options.BackupPath = path.Join(options.BackupDir, options.BackupFileName)
-	}
-	return options
-}
-
-// BackupWithOptions backup current database with options
-func (store *Store) backupWithOptions(options *BackupOptions) (string, error) {
-	backupLog.Info("creating db backup")
-	store.createBackupFolders()
-
-	options = store.setupOptions(options)
-	dbPath := store.databasePath()
-
-	if err := store.Close(); err != nil {
-		return options.BackupPath, fmt.Errorf(
-			"error closing datastore before creating backup: %v",
-			err,
-		)
-	}
-
-	if err := store.copyDBFile(dbPath, options.BackupPath); err != nil {
-		return options.BackupPath, err
-	}
-
-	if _, err := store.Open(); err != nil {
-		return options.BackupPath, fmt.Errorf(
-			"error opening datastore after creating backup: %v",
-			err,
-		)
-	}
-	return options.BackupPath, nil
-}
-
-// RestoreWithOptions previously saved backup for the current Edition  with options
-// Restore strategies:
-// - default: restore latest from current edition
-// - restore a specific
-func (store *Store) restoreWithOptions(options *BackupOptions) error {
-	options = store.setupOptions(options)
-
-	// Check if backup file exist before restoring
-	_, err := os.Stat(options.BackupPath)
-	if os.IsNotExist(err) {
-		backupLog.Error(fmt.Sprintf("Backup file to restore does not exist %s", options.BackupPath), err)
-		return err
-	}
-
-	err = store.Close()
-	if err != nil {
-		backupLog.Error("Error while closing store before restore", err)
-		return err
-	}
-
-	backupLog.Info("Restoring db backup")
-	err = store.copyDBFile(options.BackupPath, store.databasePath())
-	if err != nil {
-		return err
-	}
-
-	_, err = store.Open()
-	return err
-}
-
-// RemoveWithOptions removes backup database based on supplied options
-func (store *Store) removeWithOptions(options *BackupOptions) error {
-	backupLog.Info("Removing db backup")
-
-	options = store.setupOptions(options)
-	_, err := os.Stat(options.BackupPath)
-
-	if os.IsNotExist(err) {
-		backupLog.Error(fmt.Sprintf("Backup file to remove does not exist %s", options.BackupPath), err)
-		return err
-	}
-
-	backupLog.Info(fmt.Sprintf("Removing db file at %s", options.BackupPath))
-	err = os.Remove(options.BackupPath)
-	if err != nil {
-		backupLog.Error("Failed", err)
-		return err
-	}
-
-	return nil
-}

api/datastore/backup_test.go

@@ -1,108 +0,0 @@
-package datastore
-
-import (
-	"fmt"
-	"os"
-	"path"
-	"testing"
-
-	portainer "github.com/portainer/portainer/api"
-)
-
-func TestCreateBackupFolders(t *testing.T) {
-	_, store, teardown := MustNewTestStore(false, true)
-	defer teardown()
-
-	connection := store.GetConnection()
-	backupPath := path.Join(connection.GetStorePath(), backupDefaults.backupDir)
-
-	if isFileExist(backupPath) {
-		t.Error("Expect backups folder to not exist")
-	}
-
-	store.createBackupFolders()
-	if !isFileExist(backupPath) {
-		t.Error("Expect backups folder to exist")
-	}
-}
-
-func TestStoreCreation(t *testing.T) {
-	_, store, teardown := MustNewTestStore(true, true)
-	defer teardown()
-
-	if store == nil {
-		t.Error("Expect to create a store")
-	}
-
-	if store.CheckCurrentEdition() != nil {
-		t.Error("Expect to get CE Edition")
-	}
-}
-
-func TestBackup(t *testing.T) {
-	_, store, teardown := MustNewTestStore(true, true)
-	connection := store.GetConnection()
-	defer teardown()
-
-	t.Run("Backup should create default db backup", func(t *testing.T) {
-		store.VersionService.StoreDBVersion(portainer.DBVersion)
-		store.backupWithOptions(nil)
-
-		backupFileName := path.Join(connection.GetStorePath(), "backups", "common", fmt.Sprintf("portainer.edb.%03d.*", portainer.DBVersion))
-		if !isFileExist(backupFileName) {
-			t.Errorf("Expect backup file to be created %s", backupFileName)
-		}
-	})
-
-	t.Run("BackupWithOption should create a name specific backup at common path", func(t *testing.T) {
-		store.backupWithOptions(&BackupOptions{
-			BackupFileName: beforePortainerVersionUpgradeBackup,
-			BackupDir:      store.commonBackupDir(),
-		})
-		backupFileName := path.Join(connection.GetStorePath(), "backups", "common", beforePortainerVersionUpgradeBackup)
-		if !isFileExist(backupFileName) {
-			t.Errorf("Expect backup file to be created %s", backupFileName)
-		}
-	})
-}
-
-func TestRemoveWithOptions(t *testing.T) {
-	_, store, teardown := MustNewTestStore(true, true)
-	defer teardown()
-
-	t.Run("successfully removes file if existent", func(t *testing.T) {
-		store.createBackupFolders()
-		options := &BackupOptions{
-			BackupDir:      store.commonBackupDir(),
-			BackupFileName: "test.txt",
-		}
-
-		filePath := path.Join(options.BackupDir, options.BackupFileName)
-		f, err := os.Create(filePath)
-		if err != nil {
-			t.Fatalf("file should be created; err=%s", err)
-		}
-		f.Close()
-
-		err = store.removeWithOptions(options)
-		if err != nil {
-			t.Errorf("RemoveWithOptions should successfully remove file; err=%v", err)
-		}
-
-		if isFileExist(f.Name()) {
-			t.Errorf("RemoveWithOptions should successfully remove file; file=%s", f.Name())
-		}
-	})
-
-	t.Run("fails to removes file if non-existent", func(t *testing.T) {
-		options := &BackupOptions{
-			BackupDir:      store.commonBackupDir(),
-			BackupFileName: "test.txt",
-		}
-
-		err := store.removeWithOptions(options)
-		if err == nil {
-			t.Error("RemoveWithOptions should fail for non-existent file")
-		}
-	})
-}

api/datastore/datastore.go

@@ -1,15 +1,9 @@
 package datastore
 
 import (
-	"fmt"
-	"io"
-	"os"
-	"path"
-	"time"
-
 	portainer "github.com/portainer/portainer/api"
 	portainerErrors "github.com/portainer/portainer/api/dataservices/errors"
-	"github.com/sirupsen/logrus"
+	"gorm.io/gorm"
 )
 
 func (store *Store) version() (int, error) {
@@ -40,18 +34,6 @@ func NewStore(storePath string, fileService portainer.FileService, connection po
 func (store *Store) Open() (newStore bool, err error) {
 	newStore = true
 
-	encryptionReq, err := store.connection.NeedsEncryptionMigration()
-	if err != nil {
-		return false, err
-	}
-
-	if encryptionReq {
-		err = store.encryptDB()
-		if err != nil {
-			return false, err
-		}
-	}
-
 	err = store.connection.Open()
 	if err != nil {
 		return newStore, err
@@ -63,19 +45,20 @@ func (store *Store) Open() (newStore bool, err error) {
 	}
 
 	// if we have DBVersion in the database then ensure we flag this as NOT a new store
-	version, err := store.VersionService.DBVersion()
-	if err != nil {
-		if store.IsErrObjectNotFound(err) {
-			return newStore, nil
-		}
+	// version, err := store.VersionService.DBVersion()
+	// if err != nil {
+	// 	if store.IsErrObjectNotFound(err) {
+	// 		return newStore, nil
+	// 	}
 
-		return newStore, err
-	}
+	// 	return newStore, err
+	// }
 
-	if version > 0 {
-		logrus.WithField("version", version).Infof("Opened existing store")
-		return false, nil
-	}
+	// if version > 0 {
+	// 	log.Debug().Int("version", version).Msg("opened existing store")
+
+	// 	return false, nil
+	// }
 
 	return newStore, nil
 }
@@ -84,12 +67,6 @@ func (store *Store) Close() error {
 	return store.connection.Close()
 }
 
-// BackupTo backs up db to a provided writer.
-// It does hot backup and doesn't block other database reads and writes
-func (store *Store) BackupTo(w io.Writer) error {
-	return store.connection.BackupTo(w)
-}
-
 // CheckCurrentEdition checks if current edition is community edition
 func (store *Store) CheckCurrentEdition() error {
 	if store.edition() != portainer.PortainerCE {
@@ -100,74 +77,5 @@ func (store *Store) CheckCurrentEdition() error {
 
 // TODO: move the use of this to dataservices.IsErrObjectNotFound()?
 func (store *Store) IsErrObjectNotFound(e error) bool {
-	return e == portainerErrors.ErrObjectNotFound
-}
-
-func (store *Store) Rollback(force bool) error {
-	return store.connectionRollback(force)
-}
-
-func (store *Store) encryptDB() error {
-	store.connection.SetEncrypted(false)
-	err := store.connection.Open()
-	if err != nil {
-		return err
-	}
-
-	err = store.initServices()
-	if err != nil {
-		return err
-	}
-
-	// The DB is not currently encrypted.  First save the encrypted db filename
-	oldFilename := store.connection.GetDatabaseFilePath()
-	logrus.Infof("Encrypting database")
-
-	// export file path for backup
-	exportFilename := path.Join(store.databasePath() + "." + fmt.Sprintf("backup-%d.json", time.Now().Unix()))
-
-	logrus.Infof("Exporting database backup to %s", exportFilename)
-	err = store.Export(exportFilename)
-	if err != nil {
-		logrus.WithError(err).Debugf("Failed to export to %s", exportFilename)
-		return err
-	}
-
-	logrus.Infof("Database backup exported")
-
-	// Close existing un-encrypted db so that we can delete the file later
-	store.connection.Close()
-
-	// Tell the db layer to create an encrypted db when opened
-	store.connection.SetEncrypted(true)
-	store.connection.Open()
-
-	// We have to init services before import
-	err = store.initServices()
-	if err != nil {
-		return err
-	}
-
-	err = store.Import(exportFilename)
-	if err != nil {
-		// Remove the new encrypted file that we failed to import
-		os.Remove(store.connection.GetDatabaseFilePath())
-		logrus.Fatal(portainerErrors.ErrDBImportFailed.Error())
-	}
-
-	err = os.Remove(oldFilename)
-	if err != nil {
-		logrus.Errorf("Failed to remove the un-encrypted db file")
-	}
-
-	err = os.Remove(exportFilename)
-	if err != nil {
-		logrus.Errorf("Failed to remove the json backup file")
-	}
-
-	// Close db connection
-	store.connection.Close()
-
-	logrus.Info("Database successfully encrypted")
-	return nil
+	return e == gorm.ErrRecordNotFound
 }

api/datastore/datastore_test.go

@@ -1,417 +0,0 @@
-package datastore
-
-import (
-	"fmt"
-	"runtime"
-	"strings"
-	"testing"
-
-	"github.com/dchest/uniuri"
-	"github.com/pkg/errors"
-	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/chisel"
-	"github.com/portainer/portainer/api/crypto"
-	"github.com/stretchr/testify/assert"
-)
-
-const (
-	adminUsername                       = "admin"
-	adminPassword                       = "password"
-	standardUsername                    = "standard"
-	standardPassword                    = "password"
-	agentOnDockerEnvironmentUrl         = "tcp://192.168.167.207:30775"
-	edgeAgentOnKubernetesEnvironmentUrl = "tcp://192.168.167.207"
-	kubernetesLocalEnvironmentUrl       = "https://kubernetes.default.svc"
-)
-
-// TestStoreFull an eventually comprehensive set of tests for the Store.
-// The idea is what we write to the store, we should read back.
-func TestStoreFull(t *testing.T) {
-	_, store, teardown := MustNewTestStore(true, true)
-	defer teardown()
-
-	testCases := map[string]func(t *testing.T){
-		"User Accounts": func(t *testing.T) {
-			store.testUserAccounts(t)
-		},
-		"Environments": func(t *testing.T) {
-			store.testEnvironments(t)
-		},
-		"Settings": func(t *testing.T) {
-			store.testSettings(t)
-		},
-		"SSL Settings": func(t *testing.T) {
-			store.testSSLSettings(t)
-		},
-		"Tunnel Server": func(t *testing.T) {
-			store.testTunnelServer(t)
-		},
-		"Custom Templates": func(t *testing.T) {
-			store.testCustomTemplates(t)
-		},
-		"Registries": func(t *testing.T) {
-			store.testRegistries(t)
-		},
-		"Resource Control": func(t *testing.T) {
-			store.testResourceControl(t)
-		},
-		"Schedules": func(t *testing.T) {
-			store.testSchedules(t)
-		},
-		"Tags": func(t *testing.T) {
-			store.testTags(t)
-		},
-
-		// "Test Title": func(t *testing.T) {
-		// },
-	}
-
-	for name, test := range testCases {
-		t.Run(name, test)
-	}
-
-}
-
-func (store *Store) testEnvironments(t *testing.T) {
-	id := store.CreateEndpoint(t, "local", portainer.KubernetesLocalEnvironment, "", true)
-	store.CreateEndpointRelation(id)
-
-	id = store.CreateEndpoint(t, "agent", portainer.AgentOnDockerEnvironment, agentOnDockerEnvironmentUrl, true)
-	store.CreateEndpointRelation(id)
-
-	id = store.CreateEndpoint(t, "edge", portainer.EdgeAgentOnKubernetesEnvironment, edgeAgentOnKubernetesEnvironmentUrl, true)
-	store.CreateEndpointRelation(id)
-}
-
-func newEndpoint(endpointType portainer.EndpointType, id portainer.EndpointID, name, URL string, TLS bool) *portainer.Endpoint {
-	endpoint := &portainer.Endpoint{
-		ID:        id,
-		Name:      name,
-		URL:       URL,
-		Type:      endpointType,
-		GroupID:   portainer.EndpointGroupID(1),
-		PublicURL: "",
-		TLSConfig: portainer.TLSConfiguration{
-			TLS: false,
-		},
-		UserAccessPolicies: portainer.UserAccessPolicies{},
-		TeamAccessPolicies: portainer.TeamAccessPolicies{},
-		TagIDs:             []portainer.TagID{},
-		Status:             portainer.EndpointStatusUp,
-		Snapshots:          []portainer.DockerSnapshot{},
-		Kubernetes:         portainer.KubernetesDefault(),
-	}
-
-	if TLS {
-		endpoint.TLSConfig = portainer.TLSConfiguration{
-			TLS:           true,
-			TLSSkipVerify: true,
-		}
-	}
-
-	return endpoint
-}
-
-func setEndpointAuthorizations(endpoint *portainer.Endpoint) {
-	endpoint.SecuritySettings = portainer.EndpointSecuritySettings{
-		AllowVolumeBrowserForRegularUsers: false,
-		EnableHostManagementFeatures:      false,
-
-		AllowSysctlSettingForRegularUsers:         true,
-		AllowBindMountsForRegularUsers:            true,
-		AllowPrivilegedModeForRegularUsers:        true,
-		AllowHostNamespaceForRegularUsers:         true,
-		AllowContainerCapabilitiesForRegularUsers: true,
-		AllowDeviceMappingForRegularUsers:         true,
-		AllowStackManagementForRegularUsers:       true,
-	}
-}
-
-func (store *Store) CreateEndpoint(t *testing.T, name string, endpointType portainer.EndpointType, URL string, tls bool) portainer.EndpointID {
-	is := assert.New(t)
-
-	var expectedEndpoint *portainer.Endpoint
-	id := portainer.EndpointID(store.Endpoint().GetNextIdentifier())
-
-	switch endpointType {
-	case portainer.DockerEnvironment:
-		if URL == "" {
-			URL = "unix:///var/run/docker.sock"
-			if runtime.GOOS == "windows" {
-				URL = "npipe:////./pipe/docker_engine"
-			}
-		}
-		expectedEndpoint = newEndpoint(endpointType, id, name, URL, tls)
-
-	case portainer.AgentOnDockerEnvironment:
-		expectedEndpoint = newEndpoint(endpointType, id, name, URL, tls)
-
-	case portainer.AgentOnKubernetesEnvironment:
-		URL = strings.TrimPrefix(URL, "tcp://")
-		expectedEndpoint = newEndpoint(endpointType, id, name, URL, tls)
-
-	case portainer.EdgeAgentOnKubernetesEnvironment:
-		cs := chisel.NewService(store, nil)
-		expectedEndpoint = newEndpoint(endpointType, id, name, URL, tls)
-		edgeKey := cs.GenerateEdgeKey(URL, "", int(id))
-		expectedEndpoint.EdgeKey = edgeKey
-		store.testTunnelServer(t)
-
-	case portainer.KubernetesLocalEnvironment:
-		if URL == "" {
-			URL = kubernetesLocalEnvironmentUrl
-		}
-		expectedEndpoint = newEndpoint(endpointType, id, name, URL, tls)
-	}
-
-	setEndpointAuthorizations(expectedEndpoint)
-	store.Endpoint().Create(expectedEndpoint)
-
-	endpoint, err := store.Endpoint().Endpoint(id)
-	is.NoError(err, "Endpoint() should not return an error")
-	is.Equal(expectedEndpoint, endpoint, "endpoint should be the same")
-
-	return endpoint.ID
-}
-
-func (store *Store) CreateEndpointRelation(id portainer.EndpointID) {
-	relation := &portainer.EndpointRelation{
-		EndpointID: id,
-		EdgeStacks: map[portainer.EdgeStackID]bool{},
-	}
-
-	store.EndpointRelation().Create(relation)
-}
-
-func (store *Store) testSSLSettings(t *testing.T) {
-	is := assert.New(t)
-	ssl := &portainer.SSLSettings{
-		CertPath:    "/data/certs/cert.pem",
-		HTTPEnabled: true,
-		KeyPath:     "/data/certs/key.pem",
-		SelfSigned:  true,
-	}
-
-	store.SSLSettings().UpdateSettings(ssl)
-
-	settings, err := store.SSLSettings().Settings()
-	is.NoError(err, "Get sslsettings should succeed")
-	is.Equal(ssl, settings, "Stored SSLSettings should be the same as what is read out")
-}
-
-func (store *Store) testTunnelServer(t *testing.T) {
-	is := assert.New(t)
-	expectPrivateKeySeed := uniuri.NewLen(16)
-
-	err := store.TunnelServer().UpdateInfo(&portainer.TunnelServerInfo{PrivateKeySeed: expectPrivateKeySeed})
-	is.NoError(err, "UpdateInfo should have succeeded")
-
-	serverInfo, err := store.TunnelServer().Info()
-	is.NoError(err, "Info should have succeeded")
-
-	is.Equal(expectPrivateKeySeed, serverInfo.PrivateKeySeed, "hashed passwords should not differ")
-}
-
-// add users, read them back and check the details are unchanged
-func (store *Store) testUserAccounts(t *testing.T) {
-	is := assert.New(t)
-
-	err := store.createAccount(adminUsername, adminPassword, portainer.AdministratorRole)
-	is.NoError(err, "CreateAccount should succeed")
-	store.checkAccount(adminUsername, adminPassword, portainer.AdministratorRole)
-	is.NoError(err, "Account failure")
-
-	err = store.createAccount(standardUsername, standardPassword, portainer.StandardUserRole)
-	is.NoError(err, "CreateAccount should succeed")
-	store.checkAccount(standardUsername, standardPassword, portainer.StandardUserRole)
-	is.NoError(err, "Account failure")
-}
-
-// create an account with the provided details
-func (store *Store) createAccount(username, password string, role portainer.UserRole) error {
-	var err error
-	user := &portainer.User{Username: username, Role: role}
-
-	// encrypt the password
-	cs := &crypto.Service{}
-	user.Password, err = cs.Hash(password)
-	if err != nil {
-		return err
-	}
-
-	err = store.User().Create(user)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (store *Store) checkAccount(username, expectPassword string, expectRole portainer.UserRole) error {
-	// Read the account for username.  Check password and role is what we expect
-
-	user, err := store.User().UserByUsername(username)
-	if err != nil {
-		return errors.Wrap(err, "failed to find user")
-	}
-
-	if user.Username != username || user.Role != expectRole {
-		return fmt.Errorf("%s user details do not match", user.Username)
-	}
-
-	// Check the password
-	cs := &crypto.Service{}
-	expectPasswordHash, err := cs.Hash(expectPassword)
-	if err != nil {
-		return errors.Wrap(err, "hash failed")
-	}
-
-	if user.Password != expectPasswordHash {
-		return fmt.Errorf("%s user password hash failure", user.Username)
-	}
-
-	return nil
-}
-
-func (store *Store) testSettings(t *testing.T) {
-	is := assert.New(t)
-
-	// since many settings are default and basically nil, I'm going to update some and read them back
-	expectedSettings, err := store.Settings().Settings()
-	is.NoError(err, "Settings() should not return an error")
-	expectedSettings.TemplatesURL = "http://portainer.io/application-templates"
-	expectedSettings.HelmRepositoryURL = "http://portainer.io/helm-repository"
-	expectedSettings.EdgeAgentCheckinInterval = 60
-	expectedSettings.AuthenticationMethod = portainer.AuthenticationLDAP
-	expectedSettings.LDAPSettings = portainer.LDAPSettings{
-		AnonymousMode:   true,
-		StartTLS:        true,
-		AutoCreateUsers: true,
-		Password:        "random",
-	}
-	expectedSettings.SnapshotInterval = "10m"
-
-	err = store.Settings().UpdateSettings(expectedSettings)
-	is.NoError(err, "UpdateSettings() should succeed")
-
-	settings, err := store.Settings().Settings()
-	is.NoError(err, "Settings() should not return an error")
-	is.Equal(expectedSettings, settings, "stored settings should match")
-}
-
-func (store *Store) testCustomTemplates(t *testing.T) {
-	is := assert.New(t)
-
-	customTemplate := store.CustomTemplate()
-	is.NotNil(customTemplate, "customTemplate Service shouldn't be nil")
-
-	expectedTemplate := &portainer.CustomTemplate{
-		ID:              portainer.CustomTemplateID(customTemplate.GetNextIdentifier()),
-		Title:           "Custom Title",
-		Description:     "Custom Template Description",
-		ProjectPath:     "/data/custom_template/1",
-		Note:            "A note about this custom template",
-		EntryPoint:      "docker-compose.yaml",
-		CreatedByUserID: 10,
-	}
-
-	customTemplate.Create(expectedTemplate)
-
-	actualTemplate, err := customTemplate.CustomTemplate(expectedTemplate.ID)
-	is.NoError(err, "CustomTemplate should not return an error")
-	is.Equal(expectedTemplate, actualTemplate, "expected and actual template do not match")
-}
-
-func (store *Store) testRegistries(t *testing.T) {
-	is := assert.New(t)
-
-	regService := store.RegistryService
-	is.NotNil(regService, "RegistryService shouldn't be nil")
-
-	reg1 := &portainer.Registry{
-		ID:   1,
-		Type: portainer.DockerHubRegistry,
-		Name: "Dockerhub Registry Test",
-	}
-
-	reg2 := &portainer.Registry{
-		ID:   2,
-		Type: portainer.GitlabRegistry,
-		Name: "Gitlab Registry Test",
-		Gitlab: portainer.GitlabRegistryData{
-			ProjectID:   12345,
-			InstanceURL: "http://gitlab.com/12345",
-			ProjectPath: "mytestproject",
-		},
-	}
-
-	err := regService.Create(reg1)
-	is.NoError(err)
-
-	err = regService.Create(reg2)
-	is.NoError(err)
-
-	actualReg1, err := regService.Registry(reg1.ID)
-	is.NoError(err)
-	is.Equal(reg1, actualReg1, "registries differ")
-
-	actualReg2, err := regService.Registry(reg2.ID)
-	is.NoError(err)
-	is.Equal(reg2, actualReg2, "registries differ")
-}
-
-func (store *Store) testResourceControl(t *testing.T) {
-	// is := assert.New(t)
-	// resControl := store.ResourceControl()
-	// ctrl := &portainer.ResourceControl{
-	// }
-	// resControl().Create()
-}
-
-func (store *Store) testSchedules(t *testing.T) {
-	is := assert.New(t)
-
-	schedule := store.ScheduleService
-	s := &portainer.Schedule{
-		ID:             portainer.ScheduleID(schedule.GetNextIdentifier()),
-		Name:           "My Custom Schedule 1",
-		CronExpression: "*/5 * * * * portainer /bin/sh -c echo 'hello world'",
-	}
-
-	err := schedule.CreateSchedule(s)
-	is.NoError(err, "CreateSchedule should succeed")
-
-	actual, err := schedule.Schedule(s.ID)
-	is.NoError(err, "schedule should be found")
-	is.Equal(s, actual, "schedules differ")
-}
-
-func (store *Store) testTags(t *testing.T) {
-	is := assert.New(t)
-
-	tags := store.TagService
-
-	tag1 := &portainer.Tag{
-		ID:   1,
-		Name: "Tag 1",
-	}
-
-	tag2 := &portainer.Tag{
-		ID:   2,
-		Name: "Tag 1",
-	}
-
-	err := tags.Create(tag1)
-	is.NoError(err, "Tags.Create should succeed")
-
-	err = tags.Create(tag2)
-	is.NoError(err, "Tags.Create should succeed")
-
-	actual, err := tags.Tag(tag1.ID)
-	is.NoError(err, "tag1 should be found")
-	is.Equal(tag1, actual, "tags differ")
-
-	actual, err = tags.Tag(tag2.ID)
-	is.NoError(err, "tag2 should be found")
-	is.Equal(tag2, actual, "tags differ")
-}

api/datastore/init.go

@@ -1,31 +1,41 @@
 package datastore
 
 import (
+	"fmt"
+
 	"github.com/gofrs/uuid"
 	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api/database/models"
 )
 
 // Init creates the default data set.
 func (store *Store) Init() error {
-	err := store.checkOrCreateInstanceID()
+	conn := store.GetConnection()
+	err := conn.Init()
 	if err != nil {
 		return err
 	}
 
-	err = store.checkOrCreateDefaultSettings()
+	err = store.initVersions()
 	if err != nil {
 		return err
 	}
 
-	err = store.checkOrCreateDefaultSSLSettings()
-	if err != nil {
-		return err
-	}
+	// err = store.checkOrCreateDefaultSettings()
+	// if err != nil {
+	// 	return err
+	// }
 
-	return store.checkOrCreateDefaultData()
+	// err = store.checkOrCreateDefaultSSLSettings()
+	// if err != nil {
+	// 	return err
+	// }
+
+	// return store.checkOrCreateDefaultData()
+	return nil
 }
 
-func (store *Store) checkOrCreateInstanceID() error {
+func (store *Store) initVersions() error {
 	_, err := store.VersionService.InstanceID()
 	if store.IsErrObjectNotFound(err) {
 		uid, err := uuid.NewV4()
@@ -34,9 +44,37 @@ func (store *Store) checkOrCreateInstanceID() error {
 		}
 
 		instanceID := uid.String()
-		return store.VersionService.StoreInstanceID(instanceID)
+
+		db := store.connection.GetDB()
+
+		fmt.Println("updating instance id")
+		tx := db.Create(&models.Version{Key: models.InstanceKey, Value: instanceID})
+		if tx.Error != nil {
+			return tx.Error
+		}
+
+		fmt.Printf("updating version id %s\n", models.VersionKey)
+		tx = db.Create(&models.Version{Key: models.VersionKey, Value: fmt.Sprint(portainer.DBVersion)})
+		if tx.Error != nil {
+			return tx.Error
+		}
+
+		fmt.Println("updating updating id")
+		tx = db.Create(&models.Version{Key: models.UpdatingKey, Value: "false"})
+		if tx.Error != nil {
+			return tx.Error
+		}
+
+		fmt.Println("updating edition id")
+		tx = db.Create(&models.Version{Key: models.EditionKey, Value: fmt.Sprint(portainer.PortainerCE)})
+		if tx.Error != nil {
+			return tx.Error
+		}
+	} else {
+		return err
 	}
-	return err
+
+	return nil
 }
 
 func (store *Store) checkOrCreateDefaultSettings() error {
@@ -44,7 +82,7 @@ func (store *Store) checkOrCreateDefaultSettings() error {
 	settings, err := store.SettingsService.Settings()
 	if store.IsErrObjectNotFound(err) {
 		defaultSettings := &portainer.Settings{
-			EnableTelemetry:      true,
+			EnableTelemetry:      false,
 			AuthenticationMethod: portainer.AuthenticationInternal,
 			BlackListedLabels:    make([]portainer.Pair, 0),
 			InternalAuthSettings: portainer.InternalAuthSettings{
@@ -88,7 +126,6 @@ func (store *Store) checkOrCreateDefaultSettings() error {
 
 func (store *Store) checkOrCreateDefaultSSLSettings() error {
 	_, err := store.SSLSettings().Settings()
-
 	if store.IsErrObjectNotFound(err) {
 		defaultSSLSettings := &portainer.SSLSettings{
 			HTTPEnabled: true,
@@ -96,6 +133,7 @@ func (store *Store) checkOrCreateDefaultSSLSettings() error {
 
 		return store.SSLSettings().UpdateSettings(defaultSSLSettings)
 	}
+
 	return err
 }
 

api/datastore/log/log.go

@@ -1,51 +0,0 @@
-package log
-
-import (
-	"fmt"
-	"log"
-)
-
-const (
-	INFO  = "INFO"
-	ERROR = "ERROR"
-	DEBUG = "DEBUG"
-	FATAL = "FATAL"
-)
-
-type ScopedLog struct {
-	scope string
-}
-
-func NewScopedLog(scope string) *ScopedLog {
-	return &ScopedLog{scope: scope}
-}
-
-func (slog *ScopedLog) print(kind string, message string) {
-	log.Printf("[%s] [%s] %s", kind, slog.scope, message)
-}
-
-func (slog *ScopedLog) Debug(message string) {
-	slog.print(DEBUG, fmt.Sprintf("[message: %s]", message))
-}
-
-func (slog *ScopedLog) Debugf(message string, vars ...interface{}) {
-	message = fmt.Sprintf(message, vars...)
-	slog.print(DEBUG, fmt.Sprintf("[message: %s]", message))
-}
-
-func (slog *ScopedLog) Info(message string) {
-	slog.print(INFO, fmt.Sprintf("[message: %s]", message))
-}
-
-func (slog *ScopedLog) Infof(message string, vars ...interface{}) {
-	message = fmt.Sprintf(message, vars...)
-	slog.print(INFO, fmt.Sprintf("[message: %s]", message))
-}
-
-func (slog *ScopedLog) Error(message string, err error) {
-	slog.print(ERROR, fmt.Sprintf("[message: %s] [error: %s]", message, err))
-}
-
-func (slog *ScopedLog) NotImplemented(method string) {
-	log.Fatalf("[%s] [%s] [%s]", FATAL, slog.scope, fmt.Sprintf("%s is not yet implemented", method))
-}

api/datastore/migrate_data.go

@@ -1,162 +0,0 @@
-package datastore
-
-import (
-	"fmt"
-	"runtime/debug"
-
-	"github.com/portainer/portainer/api/cli"
-	"github.com/portainer/portainer/api/dataservices/errors"
-	plog "github.com/portainer/portainer/api/datastore/log"
-	"github.com/portainer/portainer/api/datastore/migrator"
-	"github.com/portainer/portainer/api/internal/authorization"
-	"github.com/sirupsen/logrus"
-
-	werrors "github.com/pkg/errors"
-	portainer "github.com/portainer/portainer/api"
-)
-
-const beforePortainerVersionUpgradeBackup = "portainer.db.bak"
-
-var migrateLog = plog.NewScopedLog("database, migrate")
-
-func (store *Store) MigrateData() error {
-	version, err := store.version()
-	if err != nil {
-		return err
-	}
-
-	// Backup Database
-	backupPath, err := store.Backup()
-	if err != nil {
-		return werrors.Wrap(err, "while backing up db before migration")
-	}
-
-	migratorParams := &migrator.MigratorParameters{
-		DatabaseVersion:         version,
-		EndpointGroupService:    store.EndpointGroupService,
-		EndpointService:         store.EndpointService,
-		EndpointRelationService: store.EndpointRelationService,
-		ExtensionService:        store.ExtensionService,
-		FDOProfilesService:      store.FDOProfilesService,
-		RegistryService:         store.RegistryService,
-		ResourceControlService:  store.ResourceControlService,
-		RoleService:             store.RoleService,
-		ScheduleService:         store.ScheduleService,
-		SettingsService:         store.SettingsService,
-		StackService:            store.StackService,
-		TagService:              store.TagService,
-		TeamMembershipService:   store.TeamMembershipService,
-		UserService:             store.UserService,
-		VersionService:          store.VersionService,
-		FileService:             store.fileService,
-		DockerhubService:        store.DockerHubService,
-		AuthorizationService:    authorization.NewService(store),
-	}
-
-	// restore on error
-	err = store.connectionMigrateData(migratorParams)
-	if err != nil {
-		logrus.Errorf("While DB migration %v. Restoring DB", err)
-		// Restore options
-		options := BackupOptions{
-			BackupPath: backupPath,
-		}
-		err := store.restoreWithOptions(&options)
-		if err != nil {
-			logrus.Fatalf(
-				"Failed restoring the backup. portainer database file needs to restored manually by "+
-					"replacing %s database file with recent backup %s. Error %v",
-				store.databasePath(),
-				options.BackupPath,
-				err,
-			)
-		}
-	}
-
-	return err
-}
-
-// FailSafeMigrate backup and restore DB if migration fail
-func (store *Store) FailSafeMigrate(migrator *migrator.Migrator) (err error) {
-	defer func() {
-		if e := recover(); e != nil {
-			store.Rollback(true)
-			// return error with cause and stacktrace (recover() doesn't include a stacktrace)
-			err = fmt.Errorf("%v %s", e, string(debug.Stack()))
-		}
-	}()
-
-	// !Important: we must use a named return value in the function definition and not a local
-	// !variable referenced from the closure or else the return value will be incorrectly set
-	return migrator.Migrate()
-}
-
-// MigrateData automatically migrate the data based on the DBVersion.
-// This process is only triggered on an existing database, not if the database was just created.
-// if force is true, then migrate regardless.
-func (store *Store) connectionMigrateData(migratorParams *migrator.MigratorParameters) error {
-	migrator := migrator.NewMigrator(migratorParams)
-
-	// backup db file before upgrading DB to support rollback
-	isUpdating, err := migratorParams.VersionService.IsUpdating()
-	if err != nil && err != errors.ErrObjectNotFound {
-		return err
-	}
-
-	if !isUpdating && migrator.Version() != portainer.DBVersion {
-		err = store.backupVersion(migrator)
-		if err != nil {
-			return werrors.Wrapf(err, "failed to backup database")
-		}
-	}
-
-	if migrator.Version() < portainer.DBVersion {
-		migrateLog.Info(fmt.Sprintf("Migrating database from version %v to %v.\n", migrator.Version(), portainer.DBVersion))
-		err = store.FailSafeMigrate(migrator)
-		if err != nil {
-			migrateLog.Error("An error occurred during database migration", err)
-			return err
-		}
-	}
-
-	return nil
-}
-
-// backupVersion will backup the database or panic if any errors occur
-func (store *Store) backupVersion(migrator *migrator.Migrator) error {
-	migrateLog.Info("Backing up database prior to version upgrade...")
-
-	options := getBackupRestoreOptions(store.commonBackupDir())
-
-	_, err := store.backupWithOptions(options)
-	if err != nil {
-		migrateLog.Error("An error occurred during database backup", err)
-		removalErr := store.removeWithOptions(options)
-		if removalErr != nil {
-			migrateLog.Error("An error occurred during store removal prior to backup", err)
-		}
-		return err
-	}
-
-	return nil
-}
-
-// Rollback to a pre-upgrade backup copy/snapshot of portainer.db
-func (store *Store) connectionRollback(force bool) error {
-
-	if !force {
-		confirmed, err := cli.Confirm("Are you sure you want to rollback your database to the previous backup?")
-		if err != nil || !confirmed {
-			return err
-		}
-	}
-
-	options := getBackupRestoreOptions(store.commonBackupDir())
-
-	err := store.restoreWithOptions(options)
-	if err != nil {
-		return err
-	}
-
-	return store.connection.Close()
-}

api/datastore/migrate_data_test.go

@@ -1,464 +0,0 @@
-package datastore
-
-import (
-	"bytes"
-	"encoding/json"
-	"fmt"
-	"io"
-	"log"
-	"os"
-	"path/filepath"
-	"strings"
-	"testing"
-
-	"github.com/google/go-cmp/cmp"
-	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/database/boltdb"
-)
-
-// testVersion is a helper which tests current store version against wanted version
-func testVersion(store *Store, versionWant int, t *testing.T) {
-	v, err := store.VersionService.DBVersion()
-	if err != nil {
-		t.Errorf("Expect store version to be %d but was %d with error: %s", versionWant, v, err)
-	}
-	if v != versionWant {
-		t.Errorf("Expect store version to be %d but was %d", versionWant, v)
-	}
-}
-
-func TestMigrateData(t *testing.T) {
-	snapshotTests := []struct {
-		testName string
-		srcPath  string
-		wantPath string
-	}{
-		{
-			testName: "migrate version 24 to latest",
-			srcPath:  "test_data/input_24.json",
-			wantPath: "test_data/output_24_to_latest.json",
-		},
-	}
-	for _, test := range snapshotTests {
-		t.Run(test.testName, func(t *testing.T) {
-			err := migrateDBTestHelper(t, test.srcPath, test.wantPath)
-			if err != nil {
-				t.Errorf(
-					"Failed migrating mock database %v: %v",
-					test.srcPath,
-					err,
-				)
-			}
-		})
-	}
-
-	t.Run("MigrateData for New Store & Re-Open Check", func(t *testing.T) {
-		newStore, store, teardown := MustNewTestStore(false, true)
-		defer teardown()
-
-		if !newStore {
-			t.Error("Expect a new DB")
-		}
-
-		// not called for new stores
-		//store.MigrateData()
-
-		testVersion(store, portainer.DBVersion, t)
-		store.Close()
-
-		newStore, _ = store.Open()
-		if newStore {
-			t.Error("Expect store to NOT be new DB")
-		}
-	})
-
-	tests := []struct {
-		version         int
-		expectedVersion int
-	}{
-		{version: 17, expectedVersion: portainer.DBVersion},
-		{version: 21, expectedVersion: portainer.DBVersion},
-	}
-	for _, tc := range tests {
-		_, store, teardown := MustNewTestStore(true, true)
-		defer teardown()
-
-		// Setup data
-		store.VersionService.StoreDBVersion(tc.version)
-
-		// Required roles by migrations 22.2
-		store.RoleService.Create(&portainer.Role{ID: 1})
-		store.RoleService.Create(&portainer.Role{ID: 2})
-		store.RoleService.Create(&portainer.Role{ID: 3})
-		store.RoleService.Create(&portainer.Role{ID: 4})
-
-		t.Run(fmt.Sprintf("MigrateData for version %d", tc.version), func(t *testing.T) {
-			store.MigrateData()
-			testVersion(store, tc.expectedVersion, t)
-		})
-
-		t.Run(fmt.Sprintf("Restoring DB after migrateData for version %d", tc.version), func(t *testing.T) {
-			store.Rollback(true)
-			store.Open()
-			testVersion(store, tc.version, t)
-		})
-	}
-
-	t.Run("Error in MigrateData should restore backup before MigrateData", func(t *testing.T) {
-		_, store, teardown := MustNewTestStore(false, true)
-		defer teardown()
-
-		version := 17
-		store.VersionService.StoreDBVersion(version)
-
-		store.MigrateData()
-
-		testVersion(store, version, t)
-	})
-
-	t.Run("MigrateData should create backup file upon update", func(t *testing.T) {
-		_, store, teardown := MustNewTestStore(false, true)
-		defer teardown()
-		store.VersionService.StoreDBVersion(0)
-
-		store.MigrateData()
-
-		options := store.setupOptions(getBackupRestoreOptions(store.commonBackupDir()))
-
-		if !isFileExist(options.BackupPath) {
-			t.Errorf("Backup file should exist; file=%s", options.BackupPath)
-		}
-	})
-
-	t.Run("MigrateData should fail to create backup if database file is set to updating", func(t *testing.T) {
-		_, store, teardown := MustNewTestStore(false, true)
-		defer teardown()
-
-		store.VersionService.StoreIsUpdating(true)
-
-		store.MigrateData()
-
-		options := store.setupOptions(getBackupRestoreOptions(store.commonBackupDir()))
-
-		if isFileExist(options.BackupPath) {
-			t.Errorf("Backup file should not exist for dirty database; file=%s", options.BackupPath)
-		}
-	})
-
-	t.Run("MigrateData should not create backup on startup if portainer version matches db", func(t *testing.T) {
-		_, store, teardown := MustNewTestStore(false, true)
-		defer teardown()
-
-		store.MigrateData()
-
-		options := store.setupOptions(getBackupRestoreOptions(store.commonBackupDir()))
-
-		if isFileExist(options.BackupPath) {
-			t.Errorf("Backup file should not exist for dirty database; file=%s", options.BackupPath)
-		}
-	})
-
-}
-
-func Test_getBackupRestoreOptions(t *testing.T) {
-	_, store, teardown := MustNewTestStore(false, true)
-	defer teardown()
-
-	options := getBackupRestoreOptions(store.commonBackupDir())
-
-	wantDir := store.commonBackupDir()
-	if !strings.HasSuffix(options.BackupDir, wantDir) {
-		log.Fatalf("incorrect backup dir; got=%s, want=%s", options.BackupDir, wantDir)
-	}
-
-	wantFilename := "portainer.db.bak"
-	if options.BackupFileName != wantFilename {
-		log.Fatalf("incorrect backup file; got=%s, want=%s", options.BackupFileName, wantFilename)
-	}
-}
-
-func TestRollback(t *testing.T) {
-	t.Run("Rollback should restore upgrade after backup", func(t *testing.T) {
-		version := 21
-		_, store, teardown := MustNewTestStore(false, true)
-		defer teardown()
-		store.VersionService.StoreDBVersion(version)
-
-		_, err := store.backupWithOptions(getBackupRestoreOptions(store.commonBackupDir()))
-		if err != nil {
-			log.Fatal(err)
-		}
-
-		// Change the current edition
-		err = store.VersionService.StoreDBVersion(version + 10)
-		if err != nil {
-			log.Fatal(err)
-		}
-
-		err = store.Rollback(true)
-		if err != nil {
-			t.Logf("Rollback failed: %s", err)
-			t.Fail()
-			return
-		}
-
-		store.Open()
-		testVersion(store, version, t)
-	})
-}
-
-// isFileExist is helper function to check for file existence
-func isFileExist(path string) bool {
-	matches, err := filepath.Glob(path)
-	if err != nil {
-		return false
-	}
-	return len(matches) > 0
-}
-
-// migrateDBTestHelper loads a json representation of a bolt database from srcPath,
-// parses it into a database, runs a migration on that database, and then
-// compares it with an expected output database.
-func migrateDBTestHelper(t *testing.T, srcPath, wantPath string) error {
-	srcJSON, err := os.ReadFile(srcPath)
-	if err != nil {
-		t.Fatalf("failed loading source JSON file %v: %v", srcPath, err)
-	}
-
-	// Parse source json to db.
-	_, store, teardown := MustNewTestStore(true, false)
-	defer teardown()
-	err = importJSON(t, bytes.NewReader(srcJSON), store)
-	if err != nil {
-		return err
-	}
-
-	// Run the actual migrations on our input database.
-	err = store.MigrateData()
-	if err != nil {
-		return err
-	}
-
-	// Assert that our database connection is using bolt so we can call
-	// exportJson rather than ExportRaw. The exportJson function allows us to
-	// strip out the metadata which we don't want for our tests.
-	// TODO: update connection interface in CE to allow us to use ExportRaw and pass meta false
-	err = store.connection.Close()
-	if err != nil {
-		t.Fatalf("err closing bolt connection: %v", err)
-	}
-	con, ok := store.connection.(*boltdb.DbConnection)
-	if !ok {
-		t.Fatalf("backing database is not using boltdb, but the migrations test requires it")
-	}
-
-	// Convert database back to json.
-	databasePath := con.GetDatabaseFilePath()
-	if _, err := os.Stat(databasePath); err != nil {
-		return fmt.Errorf("stat on %s failed: %s", databasePath, err)
-	}
-
-	gotJSON, err := con.ExportJson(databasePath, false)
-	if err != nil {
-		t.Logf(
-			"failed re-exporting database %s to JSON: %v",
-			databasePath,
-			err,
-		)
-	}
-
-	wantJSON, err := os.ReadFile(wantPath)
-	if err != nil {
-		t.Fatalf("failed loading want JSON file %v: %v", wantPath, err)
-	}
-
-	// Compare the result we got with the one we wanted.
-	if diff := cmp.Diff(wantJSON, gotJSON); diff != "" {
-		gotPath := filepath.Join(os.TempDir(), "portainer-migrator-test-fail.json")
-		os.WriteFile(
-			gotPath,
-			gotJSON,
-			0600,
-		)
-		t.Errorf(
-			"migrate data from %s to %s failed\nwrote migrated input to %s\nmismatch (-want +got):\n%s",
-			srcPath,
-			wantPath,
-			gotPath,
-			diff,
-		)
-	}
-	return nil
-}
-
-// importJSON reads input JSON and commits it to a portainer datastore.Store.
-// Errors are logged with the testing package.
-func importJSON(t *testing.T, r io.Reader, store *Store) error {
-	objects := make(map[string]interface{})
-
-	// Parse json into map of objects.
-	d := json.NewDecoder(r)
-	d.UseNumber()
-	err := d.Decode(&objects)
-	if err != nil {
-		return err
-	}
-
-	// Get database connection from store.
-	con := store.connection
-
-	for k, v := range objects {
-		switch k {
-		case "version":
-			versions, ok := v.(map[string]interface{})
-			if !ok {
-				t.Logf("failed casting %s to map[string]interface{}", k)
-			}
-
-			dbVersion, ok := versions["DB_VERSION"]
-			if !ok {
-				t.Logf("failed getting DB_VERSION from %s", k)
-			}
-
-			numDBVersion, ok := dbVersion.(json.Number)
-			if !ok {
-				t.Logf("failed parsing DB_VERSION as json number from %s", k)
-			}
-
-			intDBVersion, err := numDBVersion.Int64()
-			if err != nil {
-				t.Logf("failed casting %v to int: %v", numDBVersion, intDBVersion)
-			}
-
-			err = con.CreateObjectWithStringId(
-				k,
-				[]byte("DB_VERSION"),
-				int(intDBVersion),
-			)
-			if err != nil {
-				t.Logf("failed writing DB_VERSION in %s: %v", k, err)
-			}
-
-			instanceID, ok := versions["INSTANCE_ID"]
-			if !ok {
-				t.Logf("failed getting INSTANCE_ID from %s", k)
-			}
-
-			err = con.CreateObjectWithStringId(
-				k,
-				[]byte("INSTANCE_ID"),
-				instanceID,
-			)
-			if err != nil {
-				t.Logf("failed writing INSTANCE_ID in %s: %v", k, err)
-			}
-
-		case "dockerhub":
-			obj, ok := v.([]interface{})
-			if !ok {
-				t.Logf("failed to cast %s to []interface{}", k)
-			}
-			err := con.CreateObjectWithStringId(
-				k,
-				[]byte("DOCKERHUB"),
-				obj[0],
-			)
-			if err != nil {
-				t.Logf("failed writing DOCKERHUB in %s: %v", k, err)
-			}
-
-		case "ssl":
-			obj, ok := v.(map[string]interface{})
-			if !ok {
-				t.Logf("failed to case %s to map[string]interface{}", k)
-			}
-			err := con.CreateObjectWithStringId(
-				k,
-				[]byte("SSL"),
-				obj,
-			)
-			if err != nil {
-				t.Logf("failed writing SSL in %s: %v", k, err)
-			}
-
-		case "settings":
-			obj, ok := v.(map[string]interface{})
-			if !ok {
-				t.Logf("failed to case %s to map[string]interface{}", k)
-			}
-			err := con.CreateObjectWithStringId(
-				k,
-				[]byte("SETTINGS"),
-				obj,
-			)
-			if err != nil {
-				t.Logf("failed writing SETTINGS in %s: %v", k, err)
-			}
-
-		case "tunnel_server":
-			obj, ok := v.(map[string]interface{})
-			if !ok {
-				t.Logf("failed to case %s to map[string]interface{}", k)
-			}
-			err := con.CreateObjectWithStringId(
-				k,
-				[]byte("INFO"),
-				obj,
-			)
-			if err != nil {
-				t.Logf("failed writing INFO in %s: %v", k, err)
-			}
-		case "templates":
-			continue
-
-		default:
-			objlist, ok := v.([]interface{})
-			if !ok {
-				t.Logf("failed to cast %s to []interface{}", k)
-			}
-
-			for _, obj := range objlist {
-				value, ok := obj.(map[string]interface{})
-				if !ok {
-					t.Logf("failed to cast %v to map[string]interface{}", obj)
-				} else {
-					var ok bool
-					var id interface{}
-					switch k {
-					case "endpoint_relations":
-						// TODO: need to make into an int, then do that weird
-						// stringification
-						id, ok = value["EndpointID"]
-					default:
-						id, ok = value["Id"]
-					}
-					if !ok {
-						// endpoint_relations: EndpointID
-						t.Logf("missing Id field: %s", k)
-						id = "error"
-					}
-					n, ok := id.(json.Number)
-					if !ok {
-						t.Logf("failed to cast %v to json.Number in %s", id, k)
-					} else {
-						key, err := n.Int64()
-						if err != nil {
-							t.Logf("failed to cast %v to int in %s", n, k)
-						} else {
-							err := con.CreateObjectWithId(
-								k,
-								int(key),
-								value,
-							)
-							if err != nil {
-								t.Logf("failed writing %v in %s: %v", key, k, err)
-							}
-						}
-					}
-				}
-			}
-		}
-	}
-
-	return nil
-}

api/datastore/migrate_dbversion29_test.go

@@ -1,91 +0,0 @@
-package datastore
-
-import (
-	"testing"
-
-	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/datastore/migrator"
-	"github.com/portainer/portainer/api/internal/authorization"
-)
-
-const dummyLogoURL = "example.com"
-
-// initTestingDBConn creates a settings service with raw database DB connection
-// for unit testing usage only since using NewStore will cause cycle import inside migrator pkg
-func initTestingSettingsService(dbConn portainer.Connection, preSetObj map[string]interface{}) error {
-	//insert a obj
-	if err := dbConn.UpdateObject("settings", []byte("SETTINGS"), preSetObj); err != nil {
-		return err
-	}
-	return nil
-}
-
-func setup(store *Store) error {
-	var err error
-	dummySettingsObj := map[string]interface{}{
-		"LogoURL": dummyLogoURL,
-	}
-	err = initTestingSettingsService(store.connection, dummySettingsObj)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-func TestMigrateSettings(t *testing.T) {
-	_, store, teardown := MustNewTestStore(false, true)
-	defer teardown()
-
-	err := setup(store)
-	if err != nil {
-		t.Errorf("failed to complete testing setups, err: %v", err)
-	}
-
-	updatedSettings, err := store.SettingsService.Settings()
-	// SO -basically, this test _isn't_ testing migration, its testing golang type defaults.
-	if updatedSettings.LogoURL != dummyLogoURL { // ensure a pre-migrate setting isn't unset
-		t.Errorf("unexpected value changes in the updated settings, want LogoURL value: %s, got LogoURL value: %s", dummyLogoURL, updatedSettings.LogoURL)
-	}
-	if updatedSettings.OAuthSettings.SSO != false { // I recon golang defaulting will make this false
-		t.Errorf("unexpected default OAuth SSO setting, want: false, got: %t", updatedSettings.OAuthSettings.SSO)
-	}
-	if updatedSettings.OAuthSettings.LogoutURI != "" {
-		t.Errorf("unexpected default OAuth HideInternalAuth setting, want:, got: %s", updatedSettings.OAuthSettings.LogoutURI)
-	}
-
-	m := migrator.NewMigrator(&migrator.MigratorParameters{
-		DatabaseVersion:         29,
-		EndpointGroupService:    store.EndpointGroupService,
-		EndpointService:         store.EndpointService,
-		EndpointRelationService: store.EndpointRelationService,
-		ExtensionService:        store.ExtensionService,
-		RegistryService:         store.RegistryService,
-		ResourceControlService:  store.ResourceControlService,
-		RoleService:             store.RoleService,
-		ScheduleService:         store.ScheduleService,
-		SettingsService:         store.SettingsService,
-		StackService:            store.StackService,
-		TagService:              store.TagService,
-		TeamMembershipService:   store.TeamMembershipService,
-		UserService:             store.UserService,
-		VersionService:          store.VersionService,
-		FileService:             store.fileService,
-		DockerhubService:        store.DockerHubService,
-		AuthorizationService:    authorization.NewService(store),
-	})
-	if err := m.MigrateSettingsToDB30(); err != nil {
-		t.Errorf("failed to update settings: %v", err)
-	}
-	if err != nil {
-		t.Errorf("failed to retrieve the updated settings: %v", err)
-	}
-	if updatedSettings.LogoURL != dummyLogoURL {
-		t.Errorf("unexpected value changes in the updated settings, want LogoURL value: %s, got LogoURL value: %s", dummyLogoURL, updatedSettings.LogoURL)
-	}
-	if updatedSettings.OAuthSettings.SSO != false {
-		t.Errorf("unexpected default OAuth SSO setting, want: false, got: %t", updatedSettings.OAuthSettings.SSO)
-	}
-	if updatedSettings.OAuthSettings.LogoutURI != "" {
-		t.Errorf("unexpected default OAuth HideInternalAuth setting, want:, got: %s", updatedSettings.OAuthSettings.LogoutURI)
-	}
-}

api/datastore/migrate_dbversion33_test.go

@@ -1,53 +0,0 @@
-package datastore
-
-import (
-	"testing"
-
-	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/datastore/migrator"
-	gittypes "github.com/portainer/portainer/api/git/types"
-	"github.com/stretchr/testify/assert"
-)
-
-func TestMigrateStackEntryPoint(t *testing.T) {
-	_, store, teardown := MustNewTestStore(false, true)
-	defer teardown()
-
-	stackService := store.Stack()
-
-	stacks := []*portainer.Stack{
-		{
-			ID:         1,
-			EntryPoint: "dir/sub/compose.yml",
-		},
-		{
-			ID:         2,
-			EntryPoint: "dir/sub/compose.yml",
-			GitConfig:  &gittypes.RepoConfig{},
-		},
-	}
-
-	for _, s := range stacks {
-		err := stackService.Create(s)
-		assert.NoError(t, err, "failed to create stack")
-	}
-
-	s, err := stackService.Stack(1)
-	assert.NoError(t, err)
-	assert.Nil(t, s.GitConfig, "first stack should not have git config")
-
-	s, err = stackService.Stack(2)
-	assert.NoError(t, err)
-	assert.Equal(t, "", s.GitConfig.ConfigFilePath, "not migrated yet migrated")
-
-	err = migrator.MigrateStackEntryPoint(stackService)
-	assert.NoError(t, err, "failed to migrate entry point to Git ConfigFilePath")
-
-	s, err = stackService.Stack(1)
-	assert.NoError(t, err)
-	assert.Nil(t, s.GitConfig, "first stack should not have git config")
-
-	s, err = stackService.Stack(2)
-	assert.NoError(t, err)
-	assert.Equal(t, "dir/sub/compose.yml", s.GitConfig.ConfigFilePath, "second stack should have config file path migrated")
-}

api/datastore/migrator/migrate_ce.go

@@ -1,137 +0,0 @@
-package migrator
-
-import (
-	"errors"
-	"reflect"
-	"runtime"
-
-	werrors "github.com/pkg/errors"
-	portainer "github.com/portainer/portainer/api"
-)
-
-type migration struct {
-	dbversion int
-	migrate   func() error
-}
-
-func migrationError(err error, context string) error {
-	return werrors.Wrap(err, "failed in "+context)
-}
-
-func newMigration(dbversion int, migrate func() error) migration {
-	return migration{
-		dbversion: dbversion,
-		migrate:   migrate,
-	}
-}
-
-func dbTooOldError() error {
-	return errors.New("migrating from less than Portainer 1.21.0 is not supported, please contact Portainer support.")
-}
-
-func GetFunctionName(i interface{}) string {
-	return runtime.FuncForPC(reflect.ValueOf(i).Pointer()).Name()
-}
-
-// Migrate checks the database version and migrate the existing data to the most recent data model.
-func (m *Migrator) Migrate() error {
-	// set DB to updating status
-	err := m.versionService.StoreIsUpdating(true)
-	if err != nil {
-		return migrationError(err, "StoreIsUpdating")
-	}
-
-	migrations := []migration{
-		// Portainer < 1.21.0
-		newMigration(17, dbTooOldError),
-
-		// Portainer 1.21.0
-		newMigration(18, m.updateUsersToDBVersion18),
-		newMigration(18, m.updateEndpointsToDBVersion18),
-		newMigration(18, m.updateEndpointGroupsToDBVersion18),
-		newMigration(18, m.updateRegistriesToDBVersion18),
-
-		// 1.22.0
-		newMigration(19, m.updateSettingsToDBVersion19),
-
-		// 1.22.1
-		newMigration(20, m.updateUsersToDBVersion20),
-		newMigration(20, m.updateSettingsToDBVersion20),
-		newMigration(20, m.updateSchedulesToDBVersion20),
-
-		// Portainer 1.23.0
-		// DBVersion 21 is missing as it was shipped as via hotfix 1.22.2
-		newMigration(22, m.updateResourceControlsToDBVersion22),
-		newMigration(22, m.updateUsersAndRolesToDBVersion22),
-
-		// Portainer 1.24.0
-		newMigration(23, m.updateTagsToDBVersion23),
-		newMigration(23, m.updateEndpointsAndEndpointGroupsToDBVersion23),
-
-		// Portainer 1.24.1
-		newMigration(24, m.updateSettingsToDB24),
-
-		// Portainer 2.0.0
-		newMigration(25, m.updateSettingsToDB25),
-		newMigration(25, m.updateStacksToDB24), // yes this looks odd. Don't be tempted to move it
-
-		// Portainer 2.1.0
-		newMigration(26, m.updateEndpointSettingsToDB25),
-
-		// Portainer 2.2.0
-		newMigration(27, m.updateStackResourceControlToDB27),
-
-		// Portainer 2.6.0
-		newMigration(30, m.migrateDBVersionToDB30),
-
-		// Portainer 2.9.0
-		newMigration(32, m.migrateDBVersionToDB32),
-
-		// Portainer 2.9.1, 2.9.2
-		newMigration(33, m.migrateDBVersionToDB33),
-
-		// Portainer 2.10
-		newMigration(34, m.migrateDBVersionToDB34),
-
-		// Portainer 2.9.3 (yep out of order, but 2.10 is EE only)
-		newMigration(35, m.migrateDBVersionToDB35),
-
-		newMigration(36, m.migrateDBVersionToDB36),
-
-		// Portainer 2.13
-		newMigration(40, m.migrateDBVersionToDB40),
-
-		// Portainer 2.14
-		newMigration(50, m.migrateDBVersionToDB50),
-
-		// Portainer 2.15
-		newMigration(60, m.migrateDBVersionToDB60),
-	}
-
-	var lastDbVersion int
-	for _, migration := range migrations {
-		if m.currentDBVersion < migration.dbversion {
-
-			// Print the next line only when the version changes
-			if migration.dbversion > lastDbVersion {
-				migrateLog.Infof("Migrating DB to version %d", migration.dbversion)
-			}
-
-			err := migration.migrate()
-			if err != nil {
-				return migrationError(err, GetFunctionName(migration.migrate))
-			}
-		}
-		lastDbVersion = migration.dbversion
-	}
-
-	migrateLog.Infof("Setting DB version to %d", portainer.DBVersion)
-	err = m.versionService.StoreDBVersion(portainer.DBVersion)
-	if err != nil {
-		return migrationError(err, "StoreDBVersion")
-	}
-	migrateLog.Infof("Updated DB version to %d", portainer.DBVersion)
-
-	// reset DB updating status
-	return m.versionService.StoreIsUpdating(false)
-}

api/datastore/migrator/migrate_dbversion17.go

@@ -1,129 +0,0 @@
-package migrator
-
-import (
-	portainer "github.com/portainer/portainer/api"
-)
-
-func (m *Migrator) updateUsersToDBVersion18() error {
-	migrateLog.Info("- updating users")
-	legacyUsers, err := m.userService.Users()
-	if err != nil {
-		return err
-	}
-
-	for _, user := range legacyUsers {
-		user.PortainerAuthorizations = map[portainer.Authorization]bool{
-			portainer.OperationPortainerDockerHubInspect:        true,
-			portainer.OperationPortainerEndpointGroupList:       true,
-			portainer.OperationPortainerEndpointList:            true,
-			portainer.OperationPortainerEndpointInspect:         true,
-			portainer.OperationPortainerEndpointExtensionAdd:    true,
-			portainer.OperationPortainerEndpointExtensionRemove: true,
-			portainer.OperationPortainerExtensionList:           true,
-			portainer.OperationPortainerMOTD:                    true,
-			portainer.OperationPortainerRegistryList:            true,
-			portainer.OperationPortainerRegistryInspect:         true,
-			portainer.OperationPortainerTeamList:                true,
-			portainer.OperationPortainerTemplateList:            true,
-			portainer.OperationPortainerTemplateInspect:         true,
-			portainer.OperationPortainerUserList:                true,
-			portainer.OperationPortainerUserMemberships:         true,
-		}
-
-		err = m.userService.UpdateUser(user.ID, &user)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (m *Migrator) updateEndpointsToDBVersion18() error {
-	migrateLog.Info("- updating endpoints")
-	legacyEndpoints, err := m.endpointService.Endpoints()
-	if err != nil {
-		return err
-	}
-
-	for _, endpoint := range legacyEndpoints {
-		endpoint.UserAccessPolicies = make(portainer.UserAccessPolicies)
-		for _, userID := range endpoint.AuthorizedUsers {
-			endpoint.UserAccessPolicies[userID] = portainer.AccessPolicy{
-				RoleID: 4,
-			}
-		}
-
-		endpoint.TeamAccessPolicies = make(portainer.TeamAccessPolicies)
-		for _, teamID := range endpoint.AuthorizedTeams {
-			endpoint.TeamAccessPolicies[teamID] = portainer.AccessPolicy{
-				RoleID: 4,
-			}
-		}
-
-		err = m.endpointService.UpdateEndpoint(endpoint.ID, &endpoint)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (m *Migrator) updateEndpointGroupsToDBVersion18() error {
-	migrateLog.Info("- updating endpoint groups")
-	legacyEndpointGroups, err := m.endpointGroupService.EndpointGroups()
-	if err != nil {
-		return err
-	}
-
-	for _, endpointGroup := range legacyEndpointGroups {
-		endpointGroup.UserAccessPolicies = make(portainer.UserAccessPolicies)
-		for _, userID := range endpointGroup.AuthorizedUsers {
-			endpointGroup.UserAccessPolicies[userID] = portainer.AccessPolicy{
-				RoleID: 4,
-			}
-		}
-
-		endpointGroup.TeamAccessPolicies = make(portainer.TeamAccessPolicies)
-		for _, teamID := range endpointGroup.AuthorizedTeams {
-			endpointGroup.TeamAccessPolicies[teamID] = portainer.AccessPolicy{
-				RoleID: 4,
-			}
-		}
-
-		err = m.endpointGroupService.UpdateEndpointGroup(endpointGroup.ID, &endpointGroup)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (m *Migrator) updateRegistriesToDBVersion18() error {
-	migrateLog.Info("- updating registries")
-	legacyRegistries, err := m.registryService.Registries()
-	if err != nil {
-		return err
-	}
-
-	for _, registry := range legacyRegistries {
-		registry.UserAccessPolicies = make(portainer.UserAccessPolicies)
-		for _, userID := range registry.AuthorizedUsers {
-			registry.UserAccessPolicies[userID] = portainer.AccessPolicy{}
-		}
-
-		registry.TeamAccessPolicies = make(portainer.TeamAccessPolicies)
-		for _, teamID := range registry.AuthorizedTeams {
-			registry.TeamAccessPolicies[teamID] = portainer.AccessPolicy{}
-		}
-
-		err = m.registryService.UpdateRegistry(registry.ID, &registry)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}

api/datastore/migrator/migrate_dbversion18.go

@@ -1,17 +0,0 @@
-package migrator
-
-import portainer "github.com/portainer/portainer/api"
-
-func (m *Migrator) updateSettingsToDBVersion19() error {
-	migrateLog.Info("- updating settings")
-	legacySettings, err := m.settingsService.Settings()
-	if err != nil {
-		return err
-	}
-
-	if legacySettings.EdgeAgentCheckinInterval == 0 {
-		legacySettings.EdgeAgentCheckinInterval = portainer.DefaultEdgeAgentCheckinIntervalInSeconds
-	}
-
-	return m.settingsService.UpdateSettings(legacySettings)
-}

api/datastore/migrator/migrate_dbversion19.go

@@ -1,59 +0,0 @@
-package migrator
-
-import (
-	"strings"
-)
-
-const scheduleScriptExecutionJobType = 1
-
-func (m *Migrator) updateUsersToDBVersion20() error {
-	migrateLog.Info("- updating user authentication")
-	return m.authorizationService.UpdateUsersAuthorizations()
-}
-
-func (m *Migrator) updateSettingsToDBVersion20() error {
-	legacySettings, err := m.settingsService.Settings()
-	if err != nil {
-		return err
-	}
-
-	legacySettings.AllowVolumeBrowserForRegularUsers = false
-
-	return m.settingsService.UpdateSettings(legacySettings)
-}
-
-func (m *Migrator) updateSchedulesToDBVersion20() error {
-	migrateLog.Info("- updating schedules")
-	legacySchedules, err := m.scheduleService.Schedules()
-	if err != nil {
-		return err
-	}
-
-	for _, schedule := range legacySchedules {
-		if schedule.JobType == scheduleScriptExecutionJobType {
-			if schedule.CronExpression == "0 0 * * *" {
-				schedule.CronExpression = "0 * * * *"
-			} else if schedule.CronExpression == "0 0 0/2 * *" {
-				schedule.CronExpression = "0 */2 * * *"
-			} else if schedule.CronExpression == "0 0 0 * *" {
-				schedule.CronExpression = "0 0 * * *"
-			} else {
-				revisedCronExpression := strings.Split(schedule.CronExpression, " ")
-				if len(revisedCronExpression) == 5 {
-					continue
-				}
-
-				revisedCronExpression = revisedCronExpression[1:]
-				schedule.CronExpression = strings.Join(revisedCronExpression, " ")
-			}
-
-			err := m.scheduleService.UpdateSchedule(schedule.ID, &schedule)
-			if err != nil {
-				return err
-			}
-		}
-
-	}
-
-	return nil
-}

api/datastore/migrator/migrate_dbversion20.go

@@ -1,87 +0,0 @@
-package migrator
-
-import (
-	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/internal/authorization"
-)
-
-func (m *Migrator) updateResourceControlsToDBVersion22() error {
-	migrateLog.Info("- updating resource controls")
-	legacyResourceControls, err := m.resourceControlService.ResourceControls()
-	if err != nil {
-		return err
-	}
-
-	for _, resourceControl := range legacyResourceControls {
-		resourceControl.AdministratorsOnly = false
-
-		err := m.resourceControlService.UpdateResourceControl(resourceControl.ID, &resourceControl)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (m *Migrator) updateUsersAndRolesToDBVersion22() error {
-	migrateLog.Info("- updating users and roles")
-	legacyUsers, err := m.userService.Users()
-	if err != nil {
-		return err
-	}
-
-	settings, err := m.settingsService.Settings()
-	if err != nil {
-		return err
-	}
-
-	for _, user := range legacyUsers {
-		user.PortainerAuthorizations = authorization.DefaultPortainerAuthorizations()
-		err = m.userService.UpdateUser(user.ID, &user)
-		if err != nil {
-			return err
-		}
-	}
-
-	endpointAdministratorRole, err := m.roleService.Role(portainer.RoleID(1))
-	if err != nil {
-		return err
-	}
-	endpointAdministratorRole.Priority = 1
-	endpointAdministratorRole.Authorizations = authorization.DefaultEndpointAuthorizationsForEndpointAdministratorRole()
-
-	err = m.roleService.UpdateRole(endpointAdministratorRole.ID, endpointAdministratorRole)
-
-	helpDeskRole, err := m.roleService.Role(portainer.RoleID(2))
-	if err != nil {
-		return err
-	}
-	helpDeskRole.Priority = 2
-	helpDeskRole.Authorizations = authorization.DefaultEndpointAuthorizationsForHelpDeskRole(settings.AllowVolumeBrowserForRegularUsers)
-
-	err = m.roleService.UpdateRole(helpDeskRole.ID, helpDeskRole)
-
-	standardUserRole, err := m.roleService.Role(portainer.RoleID(3))
-	if err != nil {
-		return err
-	}
-	standardUserRole.Priority = 3
-	standardUserRole.Authorizations = authorization.DefaultEndpointAuthorizationsForStandardUserRole(settings.AllowVolumeBrowserForRegularUsers)
-
-	err = m.roleService.UpdateRole(standardUserRole.ID, standardUserRole)
-
-	readOnlyUserRole, err := m.roleService.Role(portainer.RoleID(4))
-	if err != nil {
-		return err
-	}
-	readOnlyUserRole.Priority = 4
-	readOnlyUserRole.Authorizations = authorization.DefaultEndpointAuthorizationsForReadOnlyUserRole(settings.AllowVolumeBrowserForRegularUsers)
-
-	err = m.roleService.UpdateRole(readOnlyUserRole.ID, readOnlyUserRole)
-	if err != nil {
-		return err
-	}
-
-	return m.authorizationService.UpdateUsersAuthorizations()
-}

api/datastore/migrator/migrate_dbversion22.go

@@ -1,94 +0,0 @@
-package migrator
-
-import portainer "github.com/portainer/portainer/api"
-
-func (m *Migrator) updateTagsToDBVersion23() error {
-	migrateLog.Info("- Updating tags")
-	tags, err := m.tagService.Tags()
-	if err != nil {
-		return err
-	}
-
-	for _, tag := range tags {
-		tag.EndpointGroups = make(map[portainer.EndpointGroupID]bool)
-		tag.Endpoints = make(map[portainer.EndpointID]bool)
-		err = m.tagService.UpdateTag(tag.ID, &tag)
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func (m *Migrator) updateEndpointsAndEndpointGroupsToDBVersion23() error {
-	migrateLog.Info("- updating endpoints and endpoint groups")
-	tags, err := m.tagService.Tags()
-	if err != nil {
-		return err
-	}
-
-	tagsNameMap := make(map[string]portainer.Tag)
-	for _, tag := range tags {
-		tagsNameMap[tag.Name] = tag
-	}
-
-	endpoints, err := m.endpointService.Endpoints()
-	if err != nil {
-		return err
-	}
-
-	for _, endpoint := range endpoints {
-		endpointTags := make([]portainer.TagID, 0)
-		for _, tagName := range endpoint.Tags {
-			tag, ok := tagsNameMap[tagName]
-			if ok {
-				endpointTags = append(endpointTags, tag.ID)
-				tag.Endpoints[endpoint.ID] = true
-			}
-		}
-		endpoint.TagIDs = endpointTags
-		err = m.endpointService.UpdateEndpoint(endpoint.ID, &endpoint)
-		if err != nil {
-			return err
-		}
-
-		relation := &portainer.EndpointRelation{
-			EndpointID: endpoint.ID,
-			EdgeStacks: map[portainer.EdgeStackID]bool{},
-		}
-
-		err = m.endpointRelationService.Create(relation)
-		if err != nil {
-			return err
-		}
-	}
-
-	endpointGroups, err := m.endpointGroupService.EndpointGroups()
-	if err != nil {
-		return err
-	}
-
-	for _, endpointGroup := range endpointGroups {
-		endpointGroupTags := make([]portainer.TagID, 0)
-		for _, tagName := range endpointGroup.Tags {
-			tag, ok := tagsNameMap[tagName]
-			if ok {
-				endpointGroupTags = append(endpointGroupTags, tag.ID)
-				tag.EndpointGroups[endpointGroup.ID] = true
-			}
-		}
-		endpointGroup.TagIDs = endpointGroupTags
-		err = m.endpointGroupService.UpdateEndpointGroup(endpointGroup.ID, &endpointGroup)
-		if err != nil {
-			return err
-		}
-	}
-
-	for _, tag := range tagsNameMap {
-		err = m.tagService.UpdateTag(tag.ID, &tag)
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}

api/datastore/migrator/migrate_dbversion23.go

@@ -1,37 +0,0 @@
-package migrator
-
-import portainer "github.com/portainer/portainer/api"
-
-func (m *Migrator) updateSettingsToDB24() error {
-	migrateLog.Info("- updating Settings")
-
-	legacySettings, err := m.settingsService.Settings()
-	if err != nil {
-		return err
-	}
-
-	legacySettings.AllowHostNamespaceForRegularUsers = true
-	legacySettings.AllowDeviceMappingForRegularUsers = true
-	legacySettings.AllowStackManagementForRegularUsers = true
-
-	return m.settingsService.UpdateSettings(legacySettings)
-}
-
-func (m *Migrator) updateStacksToDB24() error {
-	migrateLog.Info("- updating stacks")
-	stacks, err := m.stackService.Stacks()
-	if err != nil {
-		return err
-	}
-
-	for idx := range stacks {
-		stack := &stacks[idx]
-		stack.Status = portainer.StackStatusActive
-		err := m.stackService.UpdateStack(stack.ID, stack)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}

api/datastore/migrator/migrate_dbversion24.go

@@ -1,25 +0,0 @@
-package migrator
-
-import (
-	portainer "github.com/portainer/portainer/api"
-)
-
-func (m *Migrator) updateSettingsToDB25() error {
-	migrateLog.Info("- updating settings")
-
-	legacySettings, err := m.settingsService.Settings()
-	if err != nil {
-		return err
-	}
-
-	if legacySettings.TemplatesURL == "" {
-		legacySettings.TemplatesURL = portainer.DefaultTemplatesURL
-	}
-
-	legacySettings.UserSessionTimeout = portainer.DefaultUserSessionTimeout
-	legacySettings.EnableTelemetry = true
-
-	legacySettings.AllowContainerCapabilitiesForRegularUsers = true
-
-	return m.settingsService.UpdateSettings(legacySettings)
-}

api/datastore/migrator/migrate_dbversion25.go

@@ -1,52 +0,0 @@
-package migrator
-
-import (
-	portainer "github.com/portainer/portainer/api"
-)
-
-func (m *Migrator) updateEndpointSettingsToDB25() error {
-	migrateLog.Info("- updating endpoint settings")
-	settings, err := m.settingsService.Settings()
-	if err != nil {
-		return err
-	}
-
-	endpoints, err := m.endpointService.Endpoints()
-	if err != nil {
-		return err
-	}
-
-	for i := range endpoints {
-		endpoint := endpoints[i]
-
-		securitySettings := portainer.EndpointSecuritySettings{}
-
-		if endpoint.Type == portainer.EdgeAgentOnDockerEnvironment ||
-			endpoint.Type == portainer.AgentOnDockerEnvironment ||
-			endpoint.Type == portainer.DockerEnvironment {
-
-			securitySettings = portainer.EndpointSecuritySettings{
-				AllowBindMountsForRegularUsers:            settings.AllowBindMountsForRegularUsers,
-				AllowContainerCapabilitiesForRegularUsers: settings.AllowContainerCapabilitiesForRegularUsers,
-				AllowDeviceMappingForRegularUsers:         settings.AllowDeviceMappingForRegularUsers,
-				AllowHostNamespaceForRegularUsers:         settings.AllowHostNamespaceForRegularUsers,
-				AllowPrivilegedModeForRegularUsers:        settings.AllowPrivilegedModeForRegularUsers,
-				AllowStackManagementForRegularUsers:       settings.AllowStackManagementForRegularUsers,
-			}
-
-			if endpoint.Type == portainer.AgentOnDockerEnvironment || endpoint.Type == portainer.EdgeAgentOnDockerEnvironment {
-				securitySettings.AllowVolumeBrowserForRegularUsers = settings.AllowVolumeBrowserForRegularUsers
-				securitySettings.EnableHostManagementFeatures = settings.EnableHostManagementFeatures
-			}
-		}
-
-		endpoint.SecuritySettings = securitySettings
-
-		err = m.endpointService.UpdateEndpoint(endpoint.ID, &endpoint)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}

api/datastore/migrator/migrate_dbversion26.go

@@ -1,41 +0,0 @@
-package migrator
-
-import (
-	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/dataservices/errors"
-	"github.com/portainer/portainer/api/internal/stackutils"
-)
-
-func (m *Migrator) updateStackResourceControlToDB27() error {
-	migrateLog.Info("- updating stack resource controls")
-	resourceControls, err := m.resourceControlService.ResourceControls()
-	if err != nil {
-		return err
-	}
-
-	for _, resource := range resourceControls {
-		if resource.Type != portainer.StackResourceControl {
-			continue
-		}
-
-		stackName := resource.ResourceID
-
-		stack, err := m.stackService.StackByName(stackName)
-		if err != nil {
-			if err == errors.ErrObjectNotFound {
-				continue
-			}
-
-			return err
-		}
-
-		resource.ResourceID = stackutils.ResourceControlID(stack.EndpointID, stack.Name)
-
-		err = m.resourceControlService.UpdateResourceControl(resource.ID, &resource)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}

api/datastore/migrator/migrate_dbversion29.go

@@ -1,24 +0,0 @@
-package migrator
-
-func (m *Migrator) migrateDBVersionToDB30() error {
-	migrateLog.Info("- updating legacy settings")
-	if err := m.MigrateSettingsToDB30(); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// so setting to false and "", is what would happen without this code
-// I'm going to bet there's zero point to changing the value inthe DB
-// Public for testing
-func (m *Migrator) MigrateSettingsToDB30() error {
-	legacySettings, err := m.settingsService.Settings()
-	if err != nil {
-		return err
-	}
-
-	legacySettings.OAuthSettings.SSO = false
-	legacySettings.OAuthSettings.LogoutURI = ""
-	return m.settingsService.UpdateSettings(legacySettings)
-}

api/datastore/migrator/migrate_dbversion31.go

@@ -1,277 +0,0 @@
-package migrator
-
-import (
-	"fmt"
-	"log"
-
-	"github.com/docker/docker/api/types/volume"
-	"github.com/portainer/portainer/api/dataservices/errors"
-
-	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/internal/endpointutils"
-	snapshotutils "github.com/portainer/portainer/api/internal/snapshot"
-)
-
-func (m *Migrator) migrateDBVersionToDB32() error {
-	err := m.updateRegistriesToDB32()
-	if err != nil {
-		return err
-	}
-
-	err = m.updateDockerhubToDB32()
-	if err != nil {
-		return err
-	}
-
-	if err := m.updateVolumeResourceControlToDB32(); err != nil {
-		return err
-	}
-
-	if err := m.kubeconfigExpiryToDB32(); err != nil {
-		return err
-	}
-
-	if err := m.helmRepositoryURLToDB32(); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (m *Migrator) updateRegistriesToDB32() error {
-	migrateLog.Info("- updating registries")
-	registries, err := m.registryService.Registries()
-	if err != nil {
-		return err
-	}
-
-	endpoints, err := m.endpointService.Endpoints()
-	if err != nil {
-		return err
-	}
-
-	for _, registry := range registries {
-
-		registry.RegistryAccesses = portainer.RegistryAccesses{}
-
-		for _, endpoint := range endpoints {
-
-			filteredUserAccessPolicies := portainer.UserAccessPolicies{}
-			for userId, registryPolicy := range registry.UserAccessPolicies {
-				if _, found := endpoint.UserAccessPolicies[userId]; found {
-					filteredUserAccessPolicies[userId] = registryPolicy
-				}
-			}
-
-			filteredTeamAccessPolicies := portainer.TeamAccessPolicies{}
-			for teamId, registryPolicy := range registry.TeamAccessPolicies {
-				if _, found := endpoint.TeamAccessPolicies[teamId]; found {
-					filteredTeamAccessPolicies[teamId] = registryPolicy
-				}
-			}
-
-			registry.RegistryAccesses[endpoint.ID] = portainer.RegistryAccessPolicies{
-				UserAccessPolicies: filteredUserAccessPolicies,
-				TeamAccessPolicies: filteredTeamAccessPolicies,
-				Namespaces:         []string{},
-			}
-		}
-		m.registryService.UpdateRegistry(registry.ID, &registry)
-	}
-	return nil
-}
-
-func (m *Migrator) updateDockerhubToDB32() error {
-	migrateLog.Info("- updating dockerhub")
-	dockerhub, err := m.dockerhubService.DockerHub()
-	if err == errors.ErrObjectNotFound {
-		return nil
-	} else if err != nil {
-		return err
-	}
-
-	if !dockerhub.Authentication {
-		return nil
-	}
-
-	registry := &portainer.Registry{
-		Type:             portainer.DockerHubRegistry,
-		Name:             "Dockerhub (authenticated - migrated)",
-		URL:              "docker.io",
-		Authentication:   true,
-		Username:         dockerhub.Username,
-		Password:         dockerhub.Password,
-		RegistryAccesses: portainer.RegistryAccesses{},
-	}
-
-	// The following code will make this function idempotent.
-	// i.e. if run again, it will not change the data.  It will ensure that
-	// we only have one migrated registry entry. Duplicates will be removed
-	// if they exist and which has been happening due to earlier migration bugs
-	migrated := false
-	registries, _ := m.registryService.Registries()
-	for _, r := range registries {
-		if r.Type == registry.Type &&
-			r.Name == registry.Name &&
-			r.URL == registry.URL &&
-			r.Authentication == registry.Authentication {
-
-			if !migrated {
-				// keep this one entry
-				migrated = true
-			} else {
-				// delete subsequent duplicates
-				m.registryService.DeleteRegistry(portainer.RegistryID(r.ID))
-			}
-		}
-	}
-
-	if migrated {
-		return nil
-	}
-
-	endpoints, err := m.endpointService.Endpoints()
-	if err != nil {
-		return err
-	}
-
-	for _, endpoint := range endpoints {
-
-		if endpoint.Type != portainer.KubernetesLocalEnvironment &&
-			endpoint.Type != portainer.AgentOnKubernetesEnvironment &&
-			endpoint.Type != portainer.EdgeAgentOnKubernetesEnvironment {
-
-			userAccessPolicies := portainer.UserAccessPolicies{}
-			for userId := range endpoint.UserAccessPolicies {
-				if _, found := endpoint.UserAccessPolicies[userId]; found {
-					userAccessPolicies[userId] = portainer.AccessPolicy{
-						RoleID: 0,
-					}
-				}
-			}
-
-			teamAccessPolicies := portainer.TeamAccessPolicies{}
-			for teamId := range endpoint.TeamAccessPolicies {
-				if _, found := endpoint.TeamAccessPolicies[teamId]; found {
-					teamAccessPolicies[teamId] = portainer.AccessPolicy{
-						RoleID: 0,
-					}
-				}
-			}
-
-			registry.RegistryAccesses[endpoint.ID] = portainer.RegistryAccessPolicies{
-				UserAccessPolicies: userAccessPolicies,
-				TeamAccessPolicies: teamAccessPolicies,
-				Namespaces:         []string{},
-			}
-		}
-	}
-
-	return m.registryService.Create(registry)
-}
-
-func (m *Migrator) updateVolumeResourceControlToDB32() error {
-	migrateLog.Info("- updating resource controls")
-	endpoints, err := m.endpointService.Endpoints()
-	if err != nil {
-		return fmt.Errorf("failed fetching environments: %w", err)
-	}
-
-	resourceControls, err := m.resourceControlService.ResourceControls()
-	if err != nil {
-		return fmt.Errorf("failed fetching resource controls: %w", err)
-	}
-
-	toUpdate := map[portainer.ResourceControlID]string{}
-	volumeResourceControls := map[string]*portainer.ResourceControl{}
-
-	for i := range resourceControls {
-		resourceControl := resourceControls[i]
-		if resourceControl.Type == portainer.VolumeResourceControl {
-			volumeResourceControls[resourceControl.ResourceID] = &resourceControl
-		}
-	}
-
-	for _, endpoint := range endpoints {
-		if !endpointutils.IsDockerEndpoint(&endpoint) {
-			continue
-		}
-
-		totalSnapshots := len(endpoint.Snapshots)
-		if totalSnapshots == 0 {
-			log.Println("[DEBUG] [volume migration] [message: no snapshot found]")
-			continue
-		}
-
-		snapshot := endpoint.Snapshots[totalSnapshots-1]
-
-		endpointDockerID, err := snapshotutils.FetchDockerID(snapshot)
-		if err != nil {
-			log.Printf("[WARN] [database,migrator,v31] [message: failed fetching environment docker id] [err: %s]", err)
-			continue
-		}
-
-		volumesData := snapshot.SnapshotRaw.Volumes
-		if volumesData.Volumes == nil {
-			log.Println("[DEBUG] [volume migration] [message: no volume data found]")
-			continue
-		}
-
-		findResourcesToUpdateForDB32(endpointDockerID, volumesData, toUpdate, volumeResourceControls)
-
-	}
-
-	for _, resourceControl := range volumeResourceControls {
-		if newResourceID, ok := toUpdate[resourceControl.ID]; ok {
-			resourceControl.ResourceID = newResourceID
-			err := m.resourceControlService.UpdateResourceControl(resourceControl.ID, resourceControl)
-			if err != nil {
-				return fmt.Errorf("failed updating resource control %d: %w", resourceControl.ID, err)
-			}
-
-		} else {
-			err := m.resourceControlService.DeleteResourceControl(resourceControl.ID)
-			if err != nil {
-				return fmt.Errorf("failed deleting resource control %d: %w", resourceControl.ID, err)
-			}
-			log.Printf("[DEBUG] [volume migration] [message: legacy resource control(%s) has been deleted]", resourceControl.ResourceID)
-		}
-	}
-
-	return nil
-}
-
-func findResourcesToUpdateForDB32(dockerID string, volumesData volume.VolumeListOKBody, toUpdate map[portainer.ResourceControlID]string, volumeResourceControls map[string]*portainer.ResourceControl) {
-	volumes := volumesData.Volumes
-	for _, volume := range volumes {
-		volumeName := volume.Name
-		createTime := volume.CreatedAt
-
-		oldResourceID := fmt.Sprintf("%s%s", volumeName, createTime)
-		resourceControl, ok := volumeResourceControls[oldResourceID]
-
-		if ok {
-			toUpdate[resourceControl.ID] = fmt.Sprintf("%s_%s", volumeName, dockerID)
-		}
-	}
-}
-
-func (m *Migrator) kubeconfigExpiryToDB32() error {
-	migrateLog.Info("- updating kubeconfig expiry")
-	settings, err := m.settingsService.Settings()
-	if err != nil {
-		return err
-	}
-	settings.KubeconfigExpiry = portainer.DefaultKubeconfigExpiry
-	return m.settingsService.UpdateSettings(settings)
-}
-
-func (m *Migrator) helmRepositoryURLToDB32() error {
-	migrateLog.Info("- setting default helm repository URL")
-	settings, err := m.settingsService.Settings()
-	if err != nil {
-		return err
-	}
-	settings.HelmRepositoryURL = portainer.DefaultHelmRepositoryURL
-	return m.settingsService.UpdateSettings(settings)
-}

api/datastore/migrator/migrate_dbversion32.go

@@ -1,25 +0,0 @@
-package migrator
-
-import (
-	portainer "github.com/portainer/portainer/api"
-)
-
-func (m *Migrator) migrateDBVersionToDB33() error {
-	migrateLog.Info("- updating settings")
-	if err := m.migrateSettingsToDB33(); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (m *Migrator) migrateSettingsToDB33() error {
-	settings, err := m.settingsService.Settings()
-	if err != nil {
-		return err
-	}
-
-	migrateLog.Info("- setting default kubectl shell image")
-	settings.KubectlShellImage = portainer.DefaultKubectlShellImage
-	return m.settingsService.UpdateSettings(settings)
-}

api/datastore/migrator/migrate_dbversion33.go

@@ -1,34 +0,0 @@
-package migrator
-
-import (
-	"github.com/portainer/portainer/api/dataservices"
-)
-
-func (m *Migrator) migrateDBVersionToDB34() error {
-	migrateLog.Info("- updating stacks")
-	err := MigrateStackEntryPoint(m.stackService)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// MigrateStackEntryPoint exported for testing (blah.)
-func MigrateStackEntryPoint(stackService dataservices.StackService) error {
-	stacks, err := stackService.Stacks()
-	if err != nil {
-		return err
-	}
-	for i := range stacks {
-		stack := &stacks[i]
-		if stack.GitConfig == nil {
-			continue
-		}
-		stack.GitConfig.ConfigFilePath = stack.EntryPoint
-		if err := stackService.UpdateStack(stack.ID, stack); err != nil {
-			return err
-		}
-	}
-	return nil
-}

api/datastore/migrator/migrate_dbversion34.go

@@ -1,12 +0,0 @@
-package migrator
-
-func (m *Migrator) migrateDBVersionToDB35() error {
-	// These should have been migrated already, but due to an earlier bug and a bunch of duplicates,
-	// calling it again will now fix the issue as the function has been repaired.
-	migrateLog.Info("- updating dockerhub registries")
-	err := m.updateDockerhubToDB32()
-	if err != nil {
-		return err
-	}
-	return nil
-}