Bump docker compose to 1.28.2

fix(stack): use margin to add space between line instead of using br tag
fix(stack): get endpoint by EndpointProvider
2021-01-28 00:07:55 +13:00 · 2021-01-25 16:20:29 +13:00 · 2021-01-25 16:01:23 +13:00 · 2021-01-25 15:40:48 +13:00 · 2021-01-24 12:58:34 +13:00 · 2021-01-24 12:49:59 +13:00
142 changed files with 2334 additions and 615 deletions
--- a/.github/ISSUE_TEMPLATE/Bug_report.md
+++ b/.github/ISSUE_TEMPLATE/Bug_report.md
@@ -1,6 +1,10 @@
 ---
 name: Bug report
 about: Create a bug report
+title: ''
+labels: bug/need-confirmation, kind/bug
+assignees: ''
+
 ---

 <!--
@@ -9,7 +13,7 @@ Thanks for reporting a bug for Portainer !

 You can find more information about Portainer support framework policy here: https://www.portainer.io/2019/04/portainer-support-policy/

-Do you need help or have a question? Come chat with us on Slack http://portainer.io/slack/.
+Do you need help or have a question? Come chat with us on Slack http://portainer.slack.com/

 Before opening a new issue, make sure that we do not have any duplicates
 already open. You can ensure this by searching the issue list for this
@@ -40,6 +44,7 @@ You can see how [here](https://documentation.portainer.io/archive/1.23.2/faq/#ho

 - Portainer version:
 - Docker version (managed by Portainer):
+- Kubernetes version (managed by Portainer):
 - Platform (windows/linux):
 - Command used to start Portainer (`docker run -p 9000:9000 portainer/portainer`):
 - Browser:
--- a/.github/ISSUE_TEMPLATE/Custom.md
+++ b/.github/ISSUE_TEMPLATE/Custom.md
@@ -1,17 +1,20 @@
---
-name: Question
-about: Ask us a question about Portainer usage or deployment
-
---
-
-<!--
-
-You can find more information about Portainer support framework policy here: https://www.portainer.io/2019/04/portainer-support-policy/
-
-Do you need help or have a question? Come chat with us on Slack http://portainer.io/slack/
-
-Also, be sure to check our FAQ and documentation first: https://portainer.readthedocs.io
-->
-
-**Question**:
-How can I deploy Portainer on... ?
+---
+name: Question
+about: Ask us a question about Portainer usage or deployment
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+<!--
+
+You can find more information about Portainer support framework policy here: https://www.portainer.io/2019/04/portainer-support-policy/
+
+Do you need help or have a question? Come chat with us on Slack http://portainer.slack.com/
+
+Also, be sure to check our FAQ and documentation first: https://documentation.portainer.io/
+-->
+
+**Question**:
+How can I deploy Portainer on... ?
--- a/.github/ISSUE_TEMPLATE/Feature_request.md
+++ b/.github/ISSUE_TEMPLATE/Feature_request.md
@@ -1,31 +1,34 @@
---
-name: Feature request
-about: Suggest a feature/enhancement that should be added in Portainer
-
---
-
-<!--
-
-Thanks for opening a feature request for Portainer !
-
-Do you need help or have a question? Come chat with us on Slack http://portainer.io/slack/
-
-Before opening a new issue, make sure that we do not have any duplicates
-already open. You can ensure this by searching the issue list for this
-repository. If there is a duplicate, please close your issue and add a comment
-to the existing issue instead.
-
-Also, be sure to check our FAQ and documentation first: https://portainer.readthedocs.io
-->
-
-**Is your feature request related to a problem? Please describe.**
-A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
-
-**Describe the solution you'd like**
-A clear and concise description of what you want to happen.
-
-**Describe alternatives you've considered**
-A clear and concise description of any alternative solutions or features you've considered.
-
-**Additional context**
-Add any other context or screenshots about the feature request here.
+---
+name: Feature request
+about: Suggest a feature/enhancement that should be added in Portainer
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+<!--
+
+Thanks for opening a feature request for Portainer !
+
+Do you need help or have a question? Come chat with us on Slack http://portainer.slack.com/
+
+Before opening a new issue, make sure that we do not have any duplicates
+already open. You can ensure this by searching the issue list for this
+repository. If there is a duplicate, please close your issue and add a comment
+to the existing issue instead.
+
+Also, be sure to check our FAQ and documentation first: https://documentation.portainer.io/
+-->
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.
--- a/.github/stale.yml
+++ b/.github/stale.yml
@@ -15,6 +15,7 @@ issues:
    - kind/question
    - kind/style
    - kind/workaround
+    - kind/refactor
    - bug/need-confirmation
    - bug/confirmed
    - status/discuss
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -74,3 +74,23 @@ Our contribution process is described below. Some of the steps can be visualized
 The feature request process is similar to the bug report process but has an extra functional validation before the technical validation as well as a documentation validation before the testing phase.

 ![portainer_featurerequest_workflow](https://user-images.githubusercontent.com/5485061/45727229-5ad39f00-bbf5-11e8-9550-16ba66c50615.png)
+
+## Build Portainer locally
+
+Ensure you have Docker, Node.js, yarn, and Golang installed in the correct versions.
+
+Install dependencies with yarn:
+
+```sh
+$ yarn
+```
+
+Then build and run the project:
+
+```sh
+$ yarn start
+```
+
+Portainer can now be accessed at <http://localhost:9000>.
+
+Find more detailed steps at <https://documentation.portainer.io/contributing/instructions/>.
--- a/README.md
+++ b/README.md
@@ -30,12 +30,13 @@ Unlike the public demo, the playground sessions are deleted after 4 hours. Apart

 - [Deploy Portainer](https://www.portainer.io/installation/)
 - [Documentation](https://documentation.portainer.io)
+- [Building Portainer](https://documentation.portainer.io/contributing/instructions/)

 ## Getting help

-For FORMAL Support, please purchase a support subscription from here: https://www.portainer.io/products-services/portainer-business-support/
+For FORMAL Support, please purchase a support subscription from here: https://www.portainer.io/products/portainer-business

-For community support: You can find more information about Portainer's community support framework policy here: https://www.portainer.io/2019/04/portainer-support-policy/
+For community support: You can find more information about Portainer's community support framework policy here: https://www.portainer.io/products/community-edition/customer-success

 - Issues: https://github.com/portainer/portainer/issues
 - FAQ: https://documentation.portainer.io
@@ -44,7 +45,7 @@ For community support: You can find more information about Portainer's community
 ## Reporting bugs and contributing

 - Want to report a bug or request a feature? Please open [an issue](https://github.com/portainer/portainer/issues/new).
- Want to help us build **_portainer_**? Follow our [contribution guidelines](https://www.portainer.io/documentation/how-to-contribute/) to build it locally and make a pull request. We need all the help we can get!
+- Want to help us build **_portainer_**? Follow our [contribution guidelines](https://documentation.portainer.io/contributing/instructions/) to build it locally and make a pull request. We need all the help we can get!

 ## Security

--- a/api/cmd/portainer/main.go
+++ b/api/cmd/portainer/main.go
@@ -6,7 +6,7 @@ import (
 	"strings"
 	"time"

-	"github.com/portainer/portainer/api"
+	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/bolt"
 	"github.com/portainer/portainer/api/chisel"
 	"github.com/portainer/portainer/api/cli"
@@ -17,6 +17,8 @@ import (
 	"github.com/portainer/portainer/api/git"
 	"github.com/portainer/portainer/api/http"
 	"github.com/portainer/portainer/api/http/client"
+	"github.com/portainer/portainer/api/http/proxy"
+	kubeproxy "github.com/portainer/portainer/api/http/proxy/factory/kubernetes"
 	"github.com/portainer/portainer/api/internal/snapshot"
 	"github.com/portainer/portainer/api/jwt"
 	"github.com/portainer/portainer/api/kubernetes"
@@ -71,7 +73,12 @@ func initDataStore(dataStorePath string, fileService portainer.FileService) port
 	return store
 }

-func initComposeStackManager(dataStorePath string, reverseTunnelService portainer.ReverseTunnelService) portainer.ComposeStackManager {
+func initComposeStackManager(assetsPath string, dataStorePath string, reverseTunnelService portainer.ReverseTunnelService, proxyManager *proxy.Manager) portainer.ComposeStackManager {
+	composeWrapper := exec.NewComposeWrapper(assetsPath, proxyManager)
+	if composeWrapper != nil {
+		return composeWrapper
+	}
+
 	return libcompose.NewComposeStackManager(dataStorePath, reverseTunnelService)
 }

@@ -89,6 +96,10 @@ func initJWTService(dataStore portainer.DataStore) (portainer.JWTService, error)
 		return nil, err
 	}

+	if settings.UserSessionTimeout == "" {
+		settings.UserSessionTimeout = portainer.DefaultUserSessionTimeout
+		dataStore.Settings().UpdateSettings(settings)
+	}
 	jwtService, err := jwt.NewService(settings.UserSessionTimeout)
 	if err != nil {
 		return nil, err
@@ -380,8 +391,10 @@ func main() {
 	if err != nil {
 		log.Fatal(err)
 	}
+	kubernetesTokenCacheManager := kubeproxy.NewTokenCacheManager()
+	proxyManager := proxy.NewManager(dataStore, digitalSignatureService, reverseTunnelService, dockerClientFactory, kubernetesClientFactory, kubernetesTokenCacheManager)

-	composeStackManager := initComposeStackManager(*flags.Data, reverseTunnelService)
+	composeStackManager := initComposeStackManager(*flags.Assets, *flags.Data, reverseTunnelService, proxyManager)

 	kubernetesDeployer := initKubernetesDeployer(*flags.Assets)

@@ -448,27 +461,29 @@ func main() {
 	}

 	var server portainer.Server = &http.Server{
-		ReverseTunnelService:    reverseTunnelService,
-		Status:                  applicationStatus,
-		BindAddress:             *flags.Addr,
-		AssetsPath:              *flags.Assets,
-		DataStore:               dataStore,
-		SwarmStackManager:       swarmStackManager,
-		ComposeStackManager:     composeStackManager,
-		KubernetesDeployer:      kubernetesDeployer,
-		CryptoService:           cryptoService,
-		JWTService:              jwtService,
-		FileService:             fileService,
-		LDAPService:             ldapService,
-		OAuthService:            oauthService,
-		GitService:              gitService,
-		SignatureService:        digitalSignatureService,
-		SnapshotService:         snapshotService,
-		SSL:                     *flags.SSL,
-		SSLCert:                 *flags.SSLCert,
-		SSLKey:                  *flags.SSLKey,
-		DockerClientFactory:     dockerClientFactory,
-		KubernetesClientFactory: kubernetesClientFactory,
+		ReverseTunnelService:        reverseTunnelService,
+		Status:                      applicationStatus,
+		BindAddress:                 *flags.Addr,
+		AssetsPath:                  *flags.Assets,
+		DataStore:                   dataStore,
+		SwarmStackManager:           swarmStackManager,
+		ComposeStackManager:         composeStackManager,
+		KubernetesDeployer:          kubernetesDeployer,
+		CryptoService:               cryptoService,
+		JWTService:                  jwtService,
+		FileService:                 fileService,
+		LDAPService:                 ldapService,
+		OAuthService:                oauthService,
+		GitService:                  gitService,
+		ProxyManager:                proxyManager,
+		KubernetesTokenCacheManager: kubernetesTokenCacheManager,
+		SignatureService:            digitalSignatureService,
+		SnapshotService:             snapshotService,
+		SSL:                         *flags.SSL,
+		SSLCert:                     *flags.SSLCert,
+		SSLKey:                      *flags.SSLKey,
+		DockerClientFactory:         dockerClientFactory,
+		KubernetesClientFactory:     kubernetesClientFactory,
 	}

 	log.Printf("Starting Portainer %s on %s", portainer.APIVersion, *flags.Addr)
--- a/api/exec/compose_wrapper.go
+++ b/api/exec/compose_wrapper.go
@@ -0,0 +1,132 @@
+package exec
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"os"
+	"os/exec"
+	"path"
+	"strings"
+
+	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api/http/proxy"
+)
+
+// ComposeWrapper is a wrapper for docker-compose binary
+type ComposeWrapper struct {
+	binaryPath   string
+	proxyManager *proxy.Manager
+}
+
+// NewComposeWrapper returns a docker-compose wrapper if corresponding binary present, otherwise nil
+func NewComposeWrapper(binaryPath string, proxyManager *proxy.Manager) *ComposeWrapper {
+	if !IsBinaryPresent(programPath(binaryPath, "docker-compose")) {
+		return nil
+	}
+
+	return &ComposeWrapper{
+		binaryPath:   binaryPath,
+		proxyManager: proxyManager,
+	}
+}
+
+// ComposeSyntaxMaxVersion returns the maximum supported version of the docker compose syntax
+func (w *ComposeWrapper) ComposeSyntaxMaxVersion() string {
+	return portainer.ComposeSyntaxMaxVersion
+}
+
+// Up builds, (re)creates and starts containers in the background. Wraps `docker-compose up -d` command
+func (w *ComposeWrapper) Up(stack *portainer.Stack, endpoint *portainer.Endpoint) error {
+	_, err := w.command([]string{"up", "-d"}, stack, endpoint)
+	return err
+}
+
+// Down stops and removes containers, networks, images, and volumes. Wraps `docker-compose down --remove-orphans` command
+func (w *ComposeWrapper) Down(stack *portainer.Stack, endpoint *portainer.Endpoint) error {
+	_, err := w.command([]string{"down", "--remove-orphans"}, stack, endpoint)
+	return err
+}
+
+func (w *ComposeWrapper) command(command []string, stack *portainer.Stack, endpoint *portainer.Endpoint) ([]byte, error) {
+	if endpoint == nil {
+		return nil, errors.New("cannot call a compose command on an empty endpoint")
+	}
+
+	program := programPath(w.binaryPath, "docker-compose")
+
+	options := setComposeFile(stack)
+
+	options = addProjectNameOption(options, stack)
+	options, err := addEnvFileOption(options, stack)
+	if err != nil {
+		return nil, err
+	}
+
+	if !(endpoint.URL == "" || strings.HasPrefix(endpoint.URL, "unix://") || strings.HasPrefix(endpoint.URL, "npipe://")) {
+
+		proxy, err := w.proxyManager.CreateComposeProxyServer(endpoint)
+		if err != nil {
+			return nil, err
+		}
+
+		defer proxy.Close()
+
+		options = append(options, "-H", fmt.Sprintf("http://127.0.0.1:%d", proxy.Port))
+	}
+
+	args := append(options, command...)
+
+	var stderr bytes.Buffer
+	cmd := exec.Command(program, args...)
+	cmd.Stderr = &stderr
+
+	out, err := cmd.Output()
+	if err != nil {
+		return out, errors.New(stderr.String())
+	}
+
+	return out, nil
+}
+
+func setComposeFile(stack *portainer.Stack) []string {
+	options := make([]string, 0)
+
+	if stack == nil || stack.EntryPoint == "" {
+		return options
+	}
+
+	composeFilePath := path.Join(stack.ProjectPath, stack.EntryPoint)
+	options = append(options, "-f", composeFilePath)
+	return options
+}
+
+func addProjectNameOption(options []string, stack *portainer.Stack) []string {
+	if stack == nil || stack.Name == "" {
+		return options
+	}
+
+	options = append(options, "-p", stack.Name)
+	return options
+}
+
+func addEnvFileOption(options []string, stack *portainer.Stack) ([]string, error) {
+	if stack == nil || stack.Env == nil || len(stack.Env) == 0 {
+		return options, nil
+	}
+
+	envFilePath := path.Join(stack.ProjectPath, "stack.env")
+
+	envfile, err := os.OpenFile(envFilePath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	if err != nil {
+		return options, err
+	}
+
+	for _, v := range stack.Env {
+		envfile.WriteString(fmt.Sprintf("%s=%s\n", v.Name, v.Value))
+	}
+	envfile.Close()
+
+	options = append(options, "--env-file", envFilePath)
+	return options, nil
+}
--- a/api/exec/compose_wrapper_integration_test.go
+++ b/api/exec/compose_wrapper_integration_test.go
@@ -0,0 +1,75 @@
+// +build integration
+
+package exec
+
+import (
+	"fmt"
+	"log"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+	"testing"
+
+	portainer "github.com/portainer/portainer/api"
+)
+
+const composeFile = `version: "3.9"
+services:
+  busybox:
+    image: "alpine:latest"
+    container_name: "compose_wrapper_test"`
+const composedContainerName = "compose_wrapper_test"
+
+func setup(t *testing.T) (*portainer.Stack, *portainer.Endpoint) {
+	dir := t.TempDir()
+	composeFileName := "compose_wrapper_test.yml"
+	f, _ := os.Create(filepath.Join(dir, composeFileName))
+	f.WriteString(composeFile)
+
+	stack := &portainer.Stack{
+		ProjectPath: dir,
+		EntryPoint:  composeFileName,
+		Name:        "project-name",
+	}
+
+	endpoint := &portainer.Endpoint{}
+
+	return stack, endpoint
+}
+
+func Test_UpAndDown(t *testing.T) {
+
+	stack, endpoint := setup(t)
+
+	w := NewComposeWrapper("", nil)
+
+	err := w.Up(stack, endpoint)
+	if err != nil {
+		t.Fatalf("Error calling docker-compose up: %s", err)
+	}
+
+	if containerExists(composedContainerName) == false {
+		t.Fatal("container should exist")
+	}
+
+	err = w.Down(stack, endpoint)
+	if err != nil {
+		t.Fatalf("Error calling docker-compose down: %s", err)
+	}
+
+	if containerExists(composedContainerName) {
+		t.Fatal("container should be removed")
+	}
+}
+
+func containerExists(contaierName string) bool {
+	cmd := exec.Command(osProgram("docker"), "ps", "-a", "-f", fmt.Sprintf("name=%s", contaierName))
+
+	out, err := cmd.Output()
+	if err != nil {
+		log.Fatalf("failed to list containers: %s", err)
+	}
+
+	return strings.Contains(string(out), contaierName)
+}
--- a/api/exec/compose_wrapper_test.go
+++ b/api/exec/compose_wrapper_test.go
@@ -0,0 +1,143 @@
+package exec
+
+import (
+	"io/ioutil"
+	"os"
+	"path"
+	"testing"
+
+	portainer "github.com/portainer/portainer/api"
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_setComposeFile(t *testing.T) {
+	tests := []struct {
+		name     string
+		stack    *portainer.Stack
+		expected []string
+	}{
+		{
+			name:     "should return empty result if stack is missing",
+			stack:    nil,
+			expected: []string{},
+		},
+		{
+			name:     "should return empty result if stack don't have entrypoint",
+			stack:    &portainer.Stack{},
+			expected: []string{},
+		},
+		{
+			name: "should allow file name and dir",
+			stack: &portainer.Stack{
+				ProjectPath: "dir",
+				EntryPoint:  "file",
+			},
+			expected: []string{"-f", path.Join("dir", "file")},
+		},
+		{
+			name: "should allow file name only",
+			stack: &portainer.Stack{
+				EntryPoint: "file",
+			},
+			expected: []string{"-f", "file"},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := setComposeFile(tt.stack)
+			assert.ElementsMatch(t, tt.expected, result)
+		})
+	}
+}
+
+func Test_addProjectNameOption(t *testing.T) {
+	tests := []struct {
+		name     string
+		stack    *portainer.Stack
+		expected []string
+	}{
+		{
+			name:     "should not add project option if stack is missing",
+			stack:    nil,
+			expected: []string{},
+		},
+		{
+			name:     "should not add project option if stack doesn't have name",
+			stack:    &portainer.Stack{},
+			expected: []string{},
+		},
+		{
+			name: "should add project name option if stack has a name",
+			stack: &portainer.Stack{
+				Name: "project-name",
+			},
+			expected: []string{"-p", "project-name"},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			options := []string{"-a", "b"}
+			result := addProjectNameOption(options, tt.stack)
+			assert.ElementsMatch(t, append(options, tt.expected...), result)
+		})
+	}
+}
+
+func Test_addEnvFileOption(t *testing.T) {
+	dir := t.TempDir()
+
+	tests := []struct {
+		name            string
+		stack           *portainer.Stack
+		expected        []string
+		expectedContent string
+	}{
+		{
+			name:     "should not add env file option if stack is missing",
+			stack:    nil,
+			expected: []string{},
+		},
+		{
+			name:     "should not add env file option if stack doesn't have env variables",
+			stack:    &portainer.Stack{},
+			expected: []string{},
+		},
+		{
+			name: "should not add env file option if stack's env variables are empty",
+			stack: &portainer.Stack{
+				ProjectPath: dir,
+				Env:         []portainer.Pair{},
+			},
+			expected: []string{},
+		},
+		{
+			name: "should add env file option if stack has env variables",
+			stack: &portainer.Stack{
+				ProjectPath: dir,
+				Env: []portainer.Pair{
+					{Name: "var1", Value: "value1"},
+					{Name: "var2", Value: "value2"},
+				},
+			},
+			expected:        []string{"--env-file", path.Join(dir, "stack.env")},
+			expectedContent: "var1=value1\nvar2=value2\n",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			options := []string{"-a", "b"}
+			result, _ := addEnvFileOption(options, tt.stack)
+			assert.ElementsMatch(t, append(options, tt.expected...), result)
+
+			if tt.expectedContent != "" {
+				f, _ := os.Open(path.Join(dir, "stack.env"))
+				content, _ := ioutil.ReadAll(f)
+
+				assert.Equal(t, tt.expectedContent, string(content))
+			}
+		})
+	}
+}
--- a/api/exec/swarm_stack.go
+++ b/api/exec/swarm_stack.go
@@ -134,6 +134,8 @@ func (manager *SwarmStackManager) prepareDockerCommandAndArgs(binaryPath, dataPa

 		if !endpoint.TLSConfig.TLSSkipVerify {
 			args = append(args, "--tlsverify", "--tlscacert", endpoint.TLSConfig.TLSCACertPath)
+		} else {
+			args = append(args, "--tlscacert", "''")
 		}

 		if endpoint.TLSConfig.TLSCertPath != "" && endpoint.TLSConfig.TLSKeyPath != "" {
--- a/api/exec/utils.go
+++ b/api/exec/utils.go
@@ -0,0 +1,24 @@
+package exec
+
+import (
+	"os/exec"
+	"path/filepath"
+	"runtime"
+)
+
+func osProgram(program string) string {
+	if runtime.GOOS == "windows" {
+		program += ".exe"
+	}
+	return program
+}
+
+func programPath(rootPath, program string) string {
+	return filepath.Join(rootPath, osProgram(program))
+}
+
+// IsBinaryPresent returns true if corresponding program exists on PATH
+func IsBinaryPresent(program string) bool {
+	_, err := exec.LookPath(program)
+	return err == nil
+}
--- a/api/exec/utils_test.go
+++ b/api/exec/utils_test.go
@@ -0,0 +1,16 @@
+package exec
+
+import (
+	"testing"
+)
+
+func Test_isBinaryPresent(t *testing.T) {
+
+	if !IsBinaryPresent("docker") {
+		t.Error("expect docker binary to exist on the path")
+	}
+
+	if IsBinaryPresent("executable-with-this-name-should-not-exist") {
+		t.Error("expect binary with a random name to be missing on the path")
+	}
+}
--- a/api/go.mod
+++ b/api/go.mod
@@ -28,6 +28,7 @@ require (
 	github.com/portainer/libcompose v0.5.3
 	github.com/portainer/libcrypto v0.0.0-20190723020515-23ebe86ab2c2
 	github.com/portainer/libhttp v0.0.0-20190806161843-ba068f58be33
+	github.com/stretchr/testify v1.6.1 // indirect
 	golang.org/x/crypto v0.0.0-20191128160524-b544559bb6d1
 	golang.org/x/net v0.0.0-20191126235420-ef20fe5d7933 // indirect
 	golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45
--- a/api/go.sum
+++ b/api/go.sum
@@ -262,12 +262,15 @@ github.com/src-d/gcfg v1.4.0 h1:xXbNR5AlLSA315x2UO+fTSSAXCDf+Ar38/6oyGbDKQ4=
 github.com/src-d/gcfg v1.4.0/go.mod h1:p/UMsR43ujA89BJY9duynAwIpvqEujIH/jFlfL7jWoI=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48=
 github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
 github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
+github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce h1:fb190+cK2Xz/dvi9Hv8eCYJYvIGUTN2/KLq1pT6CjEc=
 github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce/go.mod h1:o8v6yHRoik09Xen7gje4m9ERNah1d1PPsVq1VEx9vE4=
 github.com/urfave/cli v1.21.0/go.mod h1:lxDj6qX9Q6lWQxIrbrT0nwecwUtRnhVZAJjJZrVUZZQ=
@@ -392,6 +395,8 @@ gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=
 gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
--- a/api/http/handler/endpoints/endpoint_inspect.go
+++ b/api/http/handler/endpoints/endpoint_inspect.go
@@ -6,7 +6,7 @@ import (
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
+	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/bolt/errors"
 )

@@ -30,6 +30,7 @@ func (handler *Handler) endpointInspect(w http.ResponseWriter, r *http.Request)
 	}

 	hideFields(endpoint)
+	endpoint.ComposeSyntaxMaxVersion = handler.ComposeStackManager.ComposeSyntaxMaxVersion()

 	return response.JSON(w, endpoint)
 }
--- a/api/http/handler/endpoints/endpoint_list.go
+++ b/api/http/handler/endpoints/endpoint_list.go
@@ -5,12 +5,11 @@ import (
 	"strconv"
 	"strings"

-	"github.com/portainer/portainer/api"
-
 	"github.com/portainer/libhttp/request"

 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/response"
+	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/http/security"
 )

@@ -89,6 +88,7 @@ func (handler *Handler) endpointList(w http.ResponseWriter, r *http.Request) *ht

 	for idx := range paginatedEndpoints {
 		hideFields(&paginatedEndpoints[idx])
+		paginatedEndpoints[idx].ComposeSyntaxMaxVersion = handler.ComposeStackManager.ComposeSyntaxMaxVersion()
 	}

 	w.Header().Set("X-Total-Count", strconv.Itoa(filteredEndpointCount))
--- a/api/http/handler/endpoints/handler.go
+++ b/api/http/handler/endpoints/handler.go
@@ -27,6 +27,7 @@ type Handler struct {
 	ProxyManager         *proxy.Manager
 	ReverseTunnelService portainer.ReverseTunnelService
 	SnapshotService      portainer.SnapshotService
+	ComposeStackManager  portainer.ComposeStackManager
 }

 // NewHandler creates a handler to manage endpoint operations.
--- a/api/http/handler/registries/registry_update.go
+++ b/api/http/handler/registries/registry_update.go
@@ -7,7 +7,7 @@ import (
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
+	portainer "github.com/portainer/portainer/api"
 	bolterrors "github.com/portainer/portainer/api/bolt/errors"
 )

@@ -71,7 +71,7 @@ func (handler *Handler) registryUpdate(w http.ResponseWriter, r *http.Request) *
 				registry.Username = *payload.Username
 			}

-			if payload.Password != nil {
+			if payload.Password != nil && *payload.Password != "" {
 				registry.Password = *payload.Password
 			}

--- a/api/http/handler/stacks/create_compose_stack.go
+++ b/api/http/handler/stacks/create_compose_stack.go
@@ -7,11 +7,12 @@ import (
 	"regexp"
 	"strconv"
 	"strings"
+	"time"

 	"github.com/asaskevich/govalidator"
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
-	"github.com/portainer/portainer/api"
+	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/filesystem"
 	"github.com/portainer/portainer/api/http/security"
 )
@@ -60,13 +61,14 @@ func (handler *Handler) createComposeStackFromFileContent(w http.ResponseWriter,

 	stackID := handler.DataStore.Stack().GetNextIdentifier()
 	stack := &portainer.Stack{
-		ID:         portainer.StackID(stackID),
-		Name:       payload.Name,
-		Type:       portainer.DockerComposeStack,
-		EndpointID: endpoint.ID,
-		EntryPoint: filesystem.ComposeFileDefaultName,
-		Env:        payload.Env,
-		Status:     portainer.StackStatusActive,
+		ID:           portainer.StackID(stackID),
+		Name:         payload.Name,
+		Type:         portainer.DockerComposeStack,
+		EndpointID:   endpoint.ID,
+		EntryPoint:   filesystem.ComposeFileDefaultName,
+		Env:          payload.Env,
+		Status:       portainer.StackStatusActive,
+		CreationDate: time.Now().Unix(),
 	}

 	stackFolder := strconv.Itoa(int(stack.ID))
@@ -89,6 +91,8 @@ func (handler *Handler) createComposeStackFromFileContent(w http.ResponseWriter,
 		return &httperror.HandlerError{http.StatusInternalServerError, err.Error(), err}
 	}

+	stack.CreatedBy = config.user.Username
+
 	err = handler.DataStore.Stack().CreateStack(stack)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist the stack inside the database", err}
@@ -146,13 +150,14 @@ func (handler *Handler) createComposeStackFromGitRepository(w http.ResponseWrite

 	stackID := handler.DataStore.Stack().GetNextIdentifier()
 	stack := &portainer.Stack{
-		ID:         portainer.StackID(stackID),
-		Name:       payload.Name,
-		Type:       portainer.DockerComposeStack,
-		EndpointID: endpoint.ID,
-		EntryPoint: payload.ComposeFilePathInRepository,
-		Env:        payload.Env,
-		Status:     portainer.StackStatusActive,
+		ID:           portainer.StackID(stackID),
+		Name:         payload.Name,
+		Type:         portainer.DockerComposeStack,
+		EndpointID:   endpoint.ID,
+		EntryPoint:   payload.ComposeFilePathInRepository,
+		Env:          payload.Env,
+		Status:       portainer.StackStatusActive,
+		CreationDate: time.Now().Unix(),
 	}

 	projectPath := handler.FileService.GetStackProjectPath(strconv.Itoa(int(stack.ID)))
@@ -185,6 +190,8 @@ func (handler *Handler) createComposeStackFromGitRepository(w http.ResponseWrite
 		return &httperror.HandlerError{http.StatusInternalServerError, err.Error(), err}
 	}

+	stack.CreatedBy = config.user.Username
+
 	err = handler.DataStore.Stack().CreateStack(stack)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist the stack inside the database", err}
@@ -242,13 +249,14 @@ func (handler *Handler) createComposeStackFromFileUpload(w http.ResponseWriter,

 	stackID := handler.DataStore.Stack().GetNextIdentifier()
 	stack := &portainer.Stack{
-		ID:         portainer.StackID(stackID),
-		Name:       payload.Name,
-		Type:       portainer.DockerComposeStack,
-		EndpointID: endpoint.ID,
-		EntryPoint: filesystem.ComposeFileDefaultName,
-		Env:        payload.Env,
-		Status:     portainer.StackStatusActive,
+		ID:           portainer.StackID(stackID),
+		Name:         payload.Name,
+		Type:         portainer.DockerComposeStack,
+		EndpointID:   endpoint.ID,
+		EntryPoint:   filesystem.ComposeFileDefaultName,
+		Env:          payload.Env,
+		Status:       portainer.StackStatusActive,
+		CreationDate: time.Now().Unix(),
 	}

 	stackFolder := strconv.Itoa(int(stack.ID))
@@ -271,6 +279,8 @@ func (handler *Handler) createComposeStackFromFileUpload(w http.ResponseWriter,
 		return &httperror.HandlerError{http.StatusInternalServerError, err.Error(), err}
 	}

+	stack.CreatedBy = config.user.Username
+
 	err = handler.DataStore.Stack().CreateStack(stack)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist the stack inside the database", err}
@@ -347,7 +357,6 @@ func (handler *Handler) deployComposeStack(config *composeStackDeploymentConfig)
 		!isAdminOrEndpointAdmin {

 		composeFilePath := path.Join(config.stack.ProjectPath, config.stack.EntryPoint)
-
 		stackContent, err := handler.FileService.GetFileContent(composeFilePath)
 		if err != nil {
 			return err
--- a/api/http/handler/stacks/create_swarm_stack.go
+++ b/api/http/handler/stacks/create_swarm_stack.go
@@ -6,11 +6,12 @@ import (
 	"path"
 	"strconv"
 	"strings"
+	"time"

 	"github.com/asaskevich/govalidator"
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
-	"github.com/portainer/portainer/api"
+	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/filesystem"
 	"github.com/portainer/portainer/api/http/security"
 )
@@ -55,14 +56,15 @@ func (handler *Handler) createSwarmStackFromFileContent(w http.ResponseWriter, r

 	stackID := handler.DataStore.Stack().GetNextIdentifier()
 	stack := &portainer.Stack{
-		ID:         portainer.StackID(stackID),
-		Name:       payload.Name,
-		Type:       portainer.DockerSwarmStack,
-		SwarmID:    payload.SwarmID,
-		EndpointID: endpoint.ID,
-		EntryPoint: filesystem.ComposeFileDefaultName,
-		Env:        payload.Env,
-		Status:     portainer.StackStatusActive,
+		ID:           portainer.StackID(stackID),
+		Name:         payload.Name,
+		Type:         portainer.DockerSwarmStack,
+		SwarmID:      payload.SwarmID,
+		EndpointID:   endpoint.ID,
+		EntryPoint:   filesystem.ComposeFileDefaultName,
+		Env:          payload.Env,
+		Status:       portainer.StackStatusActive,
+		CreationDate: time.Now().Unix(),
 	}

 	stackFolder := strconv.Itoa(int(stack.ID))
@@ -85,6 +87,8 @@ func (handler *Handler) createSwarmStackFromFileContent(w http.ResponseWriter, r
 		return &httperror.HandlerError{http.StatusInternalServerError, err.Error(), err}
 	}

+	stack.CreatedBy = config.user.Username
+
 	err = handler.DataStore.Stack().CreateStack(stack)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist the stack inside the database", err}
@@ -145,14 +149,15 @@ func (handler *Handler) createSwarmStackFromGitRepository(w http.ResponseWriter,

 	stackID := handler.DataStore.Stack().GetNextIdentifier()
 	stack := &portainer.Stack{
-		ID:         portainer.StackID(stackID),
-		Name:       payload.Name,
-		Type:       portainer.DockerSwarmStack,
-		SwarmID:    payload.SwarmID,
-		EndpointID: endpoint.ID,
-		EntryPoint: payload.ComposeFilePathInRepository,
-		Env:        payload.Env,
-		Status:     portainer.StackStatusActive,
+		ID:           portainer.StackID(stackID),
+		Name:         payload.Name,
+		Type:         portainer.DockerSwarmStack,
+		SwarmID:      payload.SwarmID,
+		EndpointID:   endpoint.ID,
+		EntryPoint:   payload.ComposeFilePathInRepository,
+		Env:          payload.Env,
+		Status:       portainer.StackStatusActive,
+		CreationDate: time.Now().Unix(),
 	}

 	projectPath := handler.FileService.GetStackProjectPath(strconv.Itoa(int(stack.ID)))
@@ -185,6 +190,8 @@ func (handler *Handler) createSwarmStackFromGitRepository(w http.ResponseWriter,
 		return &httperror.HandlerError{http.StatusInternalServerError, err.Error(), err}
 	}

+	stack.CreatedBy = config.user.Username
+
 	err = handler.DataStore.Stack().CreateStack(stack)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist the stack inside the database", err}
@@ -249,14 +256,15 @@ func (handler *Handler) createSwarmStackFromFileUpload(w http.ResponseWriter, r

 	stackID := handler.DataStore.Stack().GetNextIdentifier()
 	stack := &portainer.Stack{
-		ID:         portainer.StackID(stackID),
-		Name:       payload.Name,
-		Type:       portainer.DockerSwarmStack,
-		SwarmID:    payload.SwarmID,
-		EndpointID: endpoint.ID,
-		EntryPoint: filesystem.ComposeFileDefaultName,
-		Env:        payload.Env,
-		Status:     portainer.StackStatusActive,
+		ID:           portainer.StackID(stackID),
+		Name:         payload.Name,
+		Type:         portainer.DockerSwarmStack,
+		SwarmID:      payload.SwarmID,
+		EndpointID:   endpoint.ID,
+		EntryPoint:   filesystem.ComposeFileDefaultName,
+		Env:          payload.Env,
+		Status:       portainer.StackStatusActive,
+		CreationDate: time.Now().Unix(),
 	}

 	stackFolder := strconv.Itoa(int(stack.ID))
@@ -279,6 +287,8 @@ func (handler *Handler) createSwarmStackFromFileUpload(w http.ResponseWriter, r
 		return &httperror.HandlerError{http.StatusInternalServerError, err.Error(), err}
 	}

+	stack.CreatedBy = config.user.Username
+
 	err = handler.DataStore.Stack().CreateStack(stack)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist the stack inside the database", err}
--- a/api/http/handler/stacks/handler.go
+++ b/api/http/handler/stacks/handler.go
@@ -7,7 +7,7 @@ import (

 	"github.com/gorilla/mux"
 	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/portainer/api"
+	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/http/security"
 	"github.com/portainer/portainer/api/internal/authorization"
 )
@@ -78,6 +78,17 @@ func (handler *Handler) userCanAccessStack(securityContext *security.RestrictedR
 	return handler.userIsAdminOrEndpointAdmin(user, endpointID)
 }

+func (handler *Handler) userIsAdmin(userID portainer.UserID) (bool, error) {
+	user, err := handler.DataStore.User().User(userID)
+	if err != nil {
+		return false, err
+	}
+
+	isAdmin := user.Role == portainer.AdministratorRole
+
+	return isAdmin, nil
+}
+
 func (handler *Handler) userIsAdminOrEndpointAdmin(user *portainer.User, endpointID portainer.EndpointID) (bool, error) {
 	isAdmin := user.Role == portainer.AdministratorRole

--- a/api/http/handler/stacks/stack_create.go
+++ b/api/http/handler/stacks/stack_create.go
@@ -183,9 +183,20 @@ func (handler *Handler) isValidStackFile(stackFileContent []byte, settings *port
 }

 func (handler *Handler) decorateStackResponse(w http.ResponseWriter, stack *portainer.Stack, userID portainer.UserID) *httperror.HandlerError {
-	resourceControl := authorization.NewPrivateResourceControl(stack.Name, portainer.StackResourceControl, userID)
+	var resourceControl *portainer.ResourceControl

-	err := handler.DataStore.ResourceControl().CreateResourceControl(resourceControl)
+	isAdmin, err := handler.userIsAdmin(userID)
+	if err != nil {
+		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to load user information from the database", err}
+	}
+
+	if isAdmin {
+		resourceControl = authorization.NewAdministratorsOnlyResourceControl(stack.Name, portainer.StackResourceControl)
+	} else {
+		resourceControl = authorization.NewPrivateResourceControl(stack.Name, portainer.StackResourceControl, userID)
+	}
+
+	err = handler.DataStore.ResourceControl().CreateResourceControl(resourceControl)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist resource control inside the database", err}
 	}
--- a/api/http/handler/stacks/stack_delete.go
+++ b/api/http/handler/stacks/stack_delete.go
@@ -155,5 +155,6 @@ func (handler *Handler) deleteStack(stack *portainer.Stack, endpoint *portainer.
 	if stack.Type == portainer.DockerSwarmStack {
 		return handler.SwarmStackManager.Remove(stack, endpoint)
 	}
+
 	return handler.ComposeStackManager.Down(stack, endpoint)
 }
--- a/api/http/handler/stacks/stack_start.go
+++ b/api/http/handler/stacks/stack_start.go
@@ -4,13 +4,13 @@ import (
 	"errors"
 	"net/http"

+	portainer "github.com/portainer/portainer/api"
 	httperrors "github.com/portainer/portainer/api/http/errors"
 	"github.com/portainer/portainer/api/http/security"

 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
 	bolterrors "github.com/portainer/portainer/api/bolt/errors"
 )

--- a/api/http/handler/stacks/stack_stop.go
+++ b/api/http/handler/stacks/stack_stop.go
@@ -4,15 +4,14 @@ import (
 	"errors"
 	"net/http"

-	httperrors "github.com/portainer/portainer/api/http/errors"
-
-	"github.com/portainer/portainer/api/http/security"
-
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
+
+	portainer "github.com/portainer/portainer/api"
 	bolterrors "github.com/portainer/portainer/api/bolt/errors"
+	httperrors "github.com/portainer/portainer/api/http/errors"
+	"github.com/portainer/portainer/api/http/security"
 )

 // POST request on /api/stacks/:id/stop
--- a/api/http/handler/stacks/stack_update.go
+++ b/api/http/handler/stacks/stack_update.go
@@ -4,12 +4,13 @@ import (
 	"errors"
 	"net/http"
 	"strconv"
+	"time"

 	"github.com/asaskevich/govalidator"
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
+	portainer "github.com/portainer/portainer/api"
 	bolterrors "github.com/portainer/portainer/api/bolt/errors"
 	httperrors "github.com/portainer/portainer/api/http/errors"
 	"github.com/portainer/portainer/api/http/security"
@@ -135,6 +136,9 @@ func (handler *Handler) updateComposeStack(r *http.Request, stack *portainer.Sta
 		return configErr
 	}

+	stack.UpdateDate = time.Now().Unix()
+	stack.UpdatedBy = config.user.Username
+
 	err = handler.deployComposeStack(config)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, err.Error(), err}
@@ -163,6 +167,9 @@ func (handler *Handler) updateSwarmStack(r *http.Request, stack *portainer.Stack
 		return configErr
 	}

+	stack.UpdateDate = time.Now().Unix()
+	stack.UpdatedBy = config.user.Username
+
 	err = handler.deploySwarmStack(config)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, err.Error(), err}
--- a/api/http/proxy/factory/docker/transport.go
+++ b/api/http/proxy/factory/docker/transport.go
@@ -559,16 +559,18 @@ func (transport *Transport) executeGenericResourceDeletionOperation(request *htt
 		return response, err
 	}

-	resourceControl, err := transport.dataStore.ResourceControl().ResourceControlByResourceIDAndType(resourceIdentifierAttribute, resourceType)
-	if err != nil {
-		return response, err
-	}
-
-	if resourceControl != nil {
-		err = transport.dataStore.ResourceControl().DeleteResourceControl(resourceControl.ID)
+	if response.StatusCode == http.StatusNoContent || response.StatusCode == http.StatusOK {
+		resourceControl, err := transport.dataStore.ResourceControl().ResourceControlByResourceIDAndType(resourceIdentifierAttribute, resourceType)
 		if err != nil {
 			return response, err
 		}
+
+		if resourceControl != nil {
+			err = transport.dataStore.ResourceControl().DeleteResourceControl(resourceControl.ID)
+			if err != nil {
+				return response, err
+			}
+		}
 	}

 	return response, err
--- a/api/http/proxy/factory/docker_compose.go
+++ b/api/http/proxy/factory/docker_compose.go
@@ -0,0 +1,88 @@
+package factory
+
+import (
+	"fmt"
+	"log"
+	"net"
+	"net/http"
+	"net/url"
+
+	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api/crypto"
+	"github.com/portainer/portainer/api/http/proxy/factory/dockercompose"
+)
+
+// ProxyServer provide an extedned proxy with a local server to forward requests
+type ProxyServer struct {
+	server *http.Server
+	Port   int
+}
+
+func (factory *ProxyFactory) NewDockerComposeAgentProxy(endpoint *portainer.Endpoint) (*ProxyServer, error) {
+
+	if endpoint.Type == portainer.EdgeAgentOnDockerEnvironment {
+		return &ProxyServer{
+			Port: factory.reverseTunnelService.GetTunnelDetails(endpoint.ID).Port,
+		}, nil
+	}
+
+	endpointURL, err := url.Parse(endpoint.URL)
+	if err != nil {
+		return nil, err
+	}
+
+	endpointURL.Scheme = "http"
+	httpTransport := &http.Transport{}
+
+	if endpoint.TLSConfig.TLS || endpoint.TLSConfig.TLSSkipVerify {
+		config, err := crypto.CreateTLSConfigurationFromDisk(endpoint.TLSConfig.TLSCACertPath, endpoint.TLSConfig.TLSCertPath, endpoint.TLSConfig.TLSKeyPath, endpoint.TLSConfig.TLSSkipVerify)
+		if err != nil {
+			return nil, err
+		}
+
+		httpTransport.TLSClientConfig = config
+		endpointURL.Scheme = "https"
+	}
+
+	proxy := newSingleHostReverseProxyWithHostHeader(endpointURL)
+
+	proxy.Transport = dockercompose.NewAgentTransport(factory.signatureService, httpTransport)
+
+	proxyServer := &ProxyServer{
+		&http.Server{
+			Handler: proxy,
+		},
+		0,
+	}
+
+	return proxyServer, proxyServer.start()
+}
+
+func (proxy *ProxyServer) start() error {
+	listener, err := net.Listen("tcp", ":0")
+	if err != nil {
+		return err
+	}
+
+	proxy.Port = listener.Addr().(*net.TCPAddr).Port
+	go func() {
+		proxyHost := fmt.Sprintf("127.0.0.1:%d", proxy.Port)
+		log.Printf("Starting Proxy server on %s...\n", proxyHost)
+
+		err := proxy.server.Serve(listener)
+		log.Printf("Exiting Proxy server %s\n", proxyHost)
+
+		if err != http.ErrServerClosed {
+			log.Printf("Proxy server %s exited with an error: %s\n", proxyHost, err)
+		}
+	}()
+
+	return nil
+}
+
+// Close shuts down the server
+func (proxy *ProxyServer) Close() {
+	if proxy.server != nil {
+		proxy.server.Close()
+	}
+}
--- a/api/http/proxy/factory/dockercompose/transport.go
+++ b/api/http/proxy/factory/dockercompose/transport.go
@@ -0,0 +1,40 @@
+package dockercompose
+
+import (
+	"net/http"
+
+	portainer "github.com/portainer/portainer/api"
+)
+
+type (
+	// AgentTransport is an http.Transport wrapper that adds custom http headers to communicate to an Agent
+	AgentTransport struct {
+		httpTransport      *http.Transport
+		signatureService   portainer.DigitalSignatureService
+		endpointIdentifier portainer.EndpointID
+	}
+)
+
+// NewAgentTransport returns a new transport that can be used to send signed requests to a Portainer agent
+func NewAgentTransport(signatureService portainer.DigitalSignatureService, httpTransport *http.Transport) *AgentTransport {
+	transport := &AgentTransport{
+		httpTransport:    httpTransport,
+		signatureService: signatureService,
+	}
+
+	return transport
+}
+
+// RoundTrip is the implementation of the the http.RoundTripper interface
+func (transport *AgentTransport) RoundTrip(request *http.Request) (*http.Response, error) {
+
+	signature, err := transport.signatureService.CreateSignature(portainer.PortainerAgentSignatureMessage)
+	if err != nil {
+		return nil, err
+	}
+
+	request.Header.Set(portainer.PortainerAgentPublicKeyHeader, transport.signatureService.EncodedPublicKey())
+	request.Header.Set(portainer.PortainerAgentSignatureHeader, signature)
+
+	return transport.httpTransport.RoundTrip(request)
+}
--- a/api/http/proxy/factory/kubernetes/transport.go
+++ b/api/http/proxy/factory/kubernetes/transport.go
@@ -3,6 +3,7 @@ package kubernetes
 import (
 	"crypto/tls"
 	"fmt"
+	"log"
 	"net/http"

 	"github.com/portainer/portainer/api/http/security"
@@ -13,14 +14,16 @@ import (

 type (
 	localTransport struct {
-		httpTransport *http.Transport
-		tokenManager  *tokenManager
+		httpTransport      *http.Transport
+		tokenManager       *tokenManager
+		endpointIdentifier portainer.EndpointID
 	}

 	agentTransport struct {
-		httpTransport    *http.Transport
-		tokenManager     *tokenManager
-		signatureService portainer.DigitalSignatureService
+		httpTransport      *http.Transport
+		tokenManager       *tokenManager
+		signatureService   portainer.DigitalSignatureService
+		endpointIdentifier portainer.EndpointID
 	}

 	edgeTransport struct {
@@ -50,21 +53,11 @@ func NewLocalTransport(tokenManager *tokenManager) (*localTransport, error) {

 // RoundTrip is the implementation of the the http.RoundTripper interface
 func (transport *localTransport) RoundTrip(request *http.Request) (*http.Response, error) {
-	tokenData, err := security.RetrieveTokenData(request)
+	token, err := getRoundTripToken(request, transport.tokenManager, transport.endpointIdentifier)
 	if err != nil {
 		return nil, err
 	}

-	var token string
-	if tokenData.Role == portainer.AdministratorRole {
-		token = transport.tokenManager.getAdminServiceAccountToken()
-	} else {
-		token, err = transport.tokenManager.getUserServiceAccountToken(int(tokenData.ID))
-		if err != nil {
-			return nil, err
-		}
-	}
-
 	request.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token))

 	return transport.httpTransport.RoundTrip(request)
@@ -85,21 +78,11 @@ func NewAgentTransport(signatureService portainer.DigitalSignatureService, tlsCo

 // RoundTrip is the implementation of the the http.RoundTripper interface
 func (transport *agentTransport) RoundTrip(request *http.Request) (*http.Response, error) {
-	tokenData, err := security.RetrieveTokenData(request)
+	token, err := getRoundTripToken(request, transport.tokenManager, transport.endpointIdentifier)
 	if err != nil {
 		return nil, err
 	}

-	var token string
-	if tokenData.Role == portainer.AdministratorRole {
-		token = transport.tokenManager.getAdminServiceAccountToken()
-	} else {
-		token, err = transport.tokenManager.getUserServiceAccountToken(int(tokenData.ID))
-		if err != nil {
-			return nil, err
-		}
-	}
-
 	request.Header.Set(portainer.PortainerAgentKubernetesSATokenHeader, token)

 	signature, err := transport.signatureService.CreateSignature(portainer.PortainerAgentSignatureMessage)
@@ -127,21 +110,11 @@ func NewEdgeTransport(reverseTunnelService portainer.ReverseTunnelService, endpo

 // RoundTrip is the implementation of the the http.RoundTripper interface
 func (transport *edgeTransport) RoundTrip(request *http.Request) (*http.Response, error) {
-	tokenData, err := security.RetrieveTokenData(request)
+	token, err := getRoundTripToken(request, transport.tokenManager, transport.endpointIdentifier)
 	if err != nil {
 		return nil, err
 	}

-	var token string
-	if tokenData.Role == portainer.AdministratorRole {
-		token = transport.tokenManager.getAdminServiceAccountToken()
-	} else {
-		token, err = transport.tokenManager.getUserServiceAccountToken(int(tokenData.ID))
-		if err != nil {
-			return nil, err
-		}
-	}
-
 	request.Header.Set(portainer.PortainerAgentKubernetesSATokenHeader, token)

 	response, err := transport.httpTransport.RoundTrip(request)
@@ -154,3 +127,27 @@ func (transport *edgeTransport) RoundTrip(request *http.Request) (*http.Response

 	return response, err
 }
+
+func getRoundTripToken(
+	request *http.Request,
+	tokenManager *tokenManager,
+	endpointIdentifier portainer.EndpointID,
+) (string, error) {
+	tokenData, err := security.RetrieveTokenData(request)
+	if err != nil {
+		return "", err
+	}
+
+	var token string
+	if tokenData.Role == portainer.AdministratorRole {
+		token = tokenManager.getAdminServiceAccountToken()
+	} else {
+		token, err = tokenManager.getUserServiceAccountToken(int(tokenData.ID))
+		if err != nil {
+			log.Printf("Failed retrieving service account token: %v", err)
+			return "", err
+		}
+	}
+
+	return token, nil
+}
--- a/api/http/proxy/manager.go
+++ b/api/http/proxy/manager.go
@@ -1,6 +1,7 @@
 package proxy

 import (
+	"fmt"
 	"net/http"

 	"github.com/portainer/portainer/api/http/proxy/factory/kubernetes"
@@ -21,6 +22,7 @@ type (
 		proxyFactory           *factory.ProxyFactory
 		endpointProxies        cmap.ConcurrentMap
 		legacyExtensionProxies cmap.ConcurrentMap
+		k8sClientFactory       *cli.ClientFactory
 	}
 )

@@ -29,6 +31,7 @@ func NewManager(dataStore portainer.DataStore, signatureService portainer.Digita
 	return &Manager{
 		endpointProxies:        cmap.New(),
 		legacyExtensionProxies: cmap.New(),
+		k8sClientFactory:       kubernetesClientFactory,
 		proxyFactory:           factory.NewProxyFactory(dataStore, signatureService, tunnelService, clientFactory, kubernetesClientFactory, kubernetesTokenCacheManager),
 	}
 }
@@ -41,13 +44,19 @@ func (manager *Manager) CreateAndRegisterEndpointProxy(endpoint *portainer.Endpo
 		return nil, err
 	}

-	manager.endpointProxies.Set(string(endpoint.ID), proxy)
+	manager.endpointProxies.Set(fmt.Sprint(endpoint.ID), proxy)
 	return proxy, nil
 }

+// CreateComposeProxyServer creates a new HTTP reverse proxy based on endpoint properties and and adds it to the registered proxies.
+// It can also be used to create a new HTTP reverse proxy and replace an already registered proxy.
+func (manager *Manager) CreateComposeProxyServer(endpoint *portainer.Endpoint) (*factory.ProxyServer, error) {
+	return manager.proxyFactory.NewDockerComposeAgentProxy(endpoint)
+}
+
 // GetEndpointProxy returns the proxy associated to a key
 func (manager *Manager) GetEndpointProxy(endpoint *portainer.Endpoint) http.Handler {
-	proxy, ok := manager.endpointProxies.Get(string(endpoint.ID))
+	proxy, ok := manager.endpointProxies.Get(fmt.Sprint(endpoint.ID))
 	if !ok {
 		return nil
 	}
@@ -56,8 +65,11 @@ func (manager *Manager) GetEndpointProxy(endpoint *portainer.Endpoint) http.Hand
 }

 // DeleteEndpointProxy deletes the proxy associated to a key
+// and cleans the k8s endpoint client cache. DeleteEndpointProxy
+// is currently only called for edge connection clean up.
 func (manager *Manager) DeleteEndpointProxy(endpoint *portainer.Endpoint) {
-	manager.endpointProxies.Remove(string(endpoint.ID))
+	manager.endpointProxies.Remove(fmt.Sprint(endpoint.ID))
+	manager.k8sClientFactory.RemoveKubeClient(endpoint)
 }

 // CreateLegacyExtensionProxy creates a new HTTP reverse proxy for a legacy extension and adds it to the registered proxies
--- a/api/http/server.go
+++ b/api/http/server.go
@@ -39,39 +39,41 @@ import (
 	"github.com/portainer/portainer/api/http/proxy"
 	"github.com/portainer/portainer/api/http/proxy/factory/kubernetes"
 	"github.com/portainer/portainer/api/http/security"
+
 	"github.com/portainer/portainer/api/kubernetes/cli"
 )

 // Server implements the portainer.Server interface
 type Server struct {
-	BindAddress             string
-	AssetsPath              string
-	Status                  *portainer.Status
-	ReverseTunnelService    portainer.ReverseTunnelService
-	ComposeStackManager     portainer.ComposeStackManager
-	CryptoService           portainer.CryptoService
-	SignatureService        portainer.DigitalSignatureService
-	SnapshotService         portainer.SnapshotService
-	FileService             portainer.FileService
-	DataStore               portainer.DataStore
-	GitService              portainer.GitService
-	JWTService              portainer.JWTService
-	LDAPService             portainer.LDAPService
-	OAuthService            portainer.OAuthService
-	SwarmStackManager       portainer.SwarmStackManager
-	Handler                 *handler.Handler
-	SSL                     bool
-	SSLCert                 string
-	SSLKey                  string
-	DockerClientFactory     *docker.ClientFactory
-	KubernetesClientFactory *cli.ClientFactory
-	KubernetesDeployer      portainer.KubernetesDeployer
+	BindAddress                 string
+	AssetsPath                  string
+	Status                      *portainer.Status
+	ReverseTunnelService        portainer.ReverseTunnelService
+	ComposeStackManager         portainer.ComposeStackManager
+	CryptoService               portainer.CryptoService
+	SignatureService            portainer.DigitalSignatureService
+	SnapshotService             portainer.SnapshotService
+	FileService                 portainer.FileService
+	DataStore                   portainer.DataStore
+	GitService                  portainer.GitService
+	JWTService                  portainer.JWTService
+	LDAPService                 portainer.LDAPService
+	OAuthService                portainer.OAuthService
+	SwarmStackManager           portainer.SwarmStackManager
+	ProxyManager                *proxy.Manager
+	KubernetesTokenCacheManager *kubernetes.TokenCacheManager
+	Handler                     *handler.Handler
+	SSL                         bool
+	SSLCert                     string
+	SSLKey                      string
+	DockerClientFactory         *docker.ClientFactory
+	KubernetesClientFactory     *cli.ClientFactory
+	KubernetesDeployer          portainer.KubernetesDeployer
 }

 // Start starts the HTTP server
 func (server *Server) Start() error {
-	kubernetesTokenCacheManager := kubernetes.NewTokenCacheManager()
-	proxyManager := proxy.NewManager(server.DataStore, server.SignatureService, server.ReverseTunnelService, server.DockerClientFactory, server.KubernetesClientFactory, kubernetesTokenCacheManager)
+	kubernetesTokenCacheManager := server.KubernetesTokenCacheManager

 	requestBouncer := security.NewRequestBouncer(server.DataStore, server.JWTService)

@@ -82,7 +84,7 @@ func (server *Server) Start() error {
 	authHandler.CryptoService = server.CryptoService
 	authHandler.JWTService = server.JWTService
 	authHandler.LDAPService = server.LDAPService
-	authHandler.ProxyManager = proxyManager
+	authHandler.ProxyManager = server.ProxyManager
 	authHandler.KubernetesTokenCacheManager = kubernetesTokenCacheManager
 	authHandler.OAuthService = server.OAuthService

@@ -116,10 +118,10 @@ func (server *Server) Start() error {
 	var endpointHandler = endpoints.NewHandler(requestBouncer)
 	endpointHandler.DataStore = server.DataStore
 	endpointHandler.FileService = server.FileService
-	endpointHandler.ProxyManager = proxyManager
+	endpointHandler.ProxyManager = server.ProxyManager
 	endpointHandler.SnapshotService = server.SnapshotService
-	endpointHandler.ProxyManager = proxyManager
 	endpointHandler.ReverseTunnelService = server.ReverseTunnelService
+	endpointHandler.ComposeStackManager = server.ComposeStackManager

 	var endpointEdgeHandler = endpointedge.NewHandler(requestBouncer)
 	endpointEdgeHandler.DataStore = server.DataStore
@@ -131,7 +133,7 @@ func (server *Server) Start() error {

 	var endpointProxyHandler = endpointproxy.NewHandler(requestBouncer)
 	endpointProxyHandler.DataStore = server.DataStore
-	endpointProxyHandler.ProxyManager = proxyManager
+	endpointProxyHandler.ProxyManager = server.ProxyManager
 	endpointProxyHandler.ReverseTunnelService = server.ReverseTunnelService

 	var fileHandler = file.NewHandler(filepath.Join(server.AssetsPath, "public"))
@@ -141,7 +143,7 @@ func (server *Server) Start() error {
 	var registryHandler = registries.NewHandler(requestBouncer)
 	registryHandler.DataStore = server.DataStore
 	registryHandler.FileService = server.FileService
-	registryHandler.ProxyManager = proxyManager
+	registryHandler.ProxyManager = server.ProxyManager

 	var resourceControlHandler = resourcecontrols.NewHandler(requestBouncer)
 	resourceControlHandler.DataStore = server.DataStore
--- a/api/internal/authorization/access_control.go
+++ b/api/internal/authorization/access_control.go
@@ -6,6 +6,21 @@ import (
 	"github.com/portainer/portainer/api"
 )

+// NewAdministratorsOnlyResourceControl will create a new administrators only resource control associated to the resource specified by the
+// identifier and type parameters.
+func NewAdministratorsOnlyResourceControl(resourceIdentifier string, resourceType portainer.ResourceControlType) *portainer.ResourceControl {
+	return &portainer.ResourceControl{
+		Type:               resourceType,
+		ResourceID:         resourceIdentifier,
+		SubResourceIDs:     []string{},
+		UserAccesses:       []portainer.UserResourceAccess{},
+		TeamAccesses:       []portainer.TeamResourceAccess{},
+		AdministratorsOnly: true,
+		Public:             false,
+		System:             false,
+	}
+}
+
 // NewPrivateResourceControl will create a new private resource control associated to the resource specified by the
 // identifier and type parameters. It automatically assigns it to the user specified by the userID parameter.
 func NewPrivateResourceControl(resourceIdentifier string, resourceType portainer.ResourceControlType, userID portainer.UserID) *portainer.ResourceControl {
--- a/api/kubernetes/cli/client.go
+++ b/api/kubernetes/cli/client.go
@@ -40,6 +40,11 @@ func NewClientFactory(signatureService portainer.DigitalSignatureService, revers
 	}
 }

+// Remove the cached kube client so a new one can be created
+func (factory *ClientFactory) RemoveKubeClient(endpoint *portainer.Endpoint) {
+	factory.endpointClients.Remove(strconv.Itoa(int(endpoint.ID)))
+}
+
 // GetKubeClient checks if an existing client is already registered for the endpoint and returns it if one is found.
 // If no client is registered, it will create a new client, register it, and returns it.
 func (factory *ClientFactory) GetKubeClient(endpoint *portainer.Endpoint) (portainer.KubeClient, error) {
--- a/api/libcompose/compose_stack.go
+++ b/api/libcompose/compose_stack.go
@@ -13,11 +13,12 @@ import (
 	"github.com/portainer/libcompose/lookup"
 	"github.com/portainer/libcompose/project"
 	"github.com/portainer/libcompose/project/options"
-	"github.com/portainer/portainer/api"
+	portainer "github.com/portainer/portainer/api"
 )

 const (
-	dockerClientVersion = "1.24"
+	dockerClientVersion     = "1.24"
+	composeSyntaxMaxVersion = "2"
 )

 // ComposeStackManager represents a service for managing compose stacks.
@@ -58,6 +59,11 @@ func (manager *ComposeStackManager) createClient(endpoint *portainer.Endpoint) (
 	return client.NewDefaultFactory(clientOpts)
 }

+// ComposeSyntaxMaxVersion returns the maximum supported version of the docker compose syntax
+func (manager *ComposeStackManager) ComposeSyntaxMaxVersion() string {
+	return composeSyntaxMaxVersion
+}
+
 // Up will deploy a compose stack (equivalent of docker-compose up)
 func (manager *ComposeStackManager) Up(stack *portainer.Stack, endpoint *portainer.Endpoint) error {

--- a/api/portainer.go
+++ b/api/portainer.go
@@ -190,24 +190,25 @@ type (
 	// Endpoint represents a Docker endpoint with all the info required
 	// to connect to it
 	Endpoint struct {
-		ID                  EndpointID          `json:"Id"`
-		Name                string              `json:"Name"`
-		Type                EndpointType        `json:"Type"`
-		URL                 string              `json:"URL"`
-		GroupID             EndpointGroupID     `json:"GroupId"`
-		PublicURL           string              `json:"PublicURL"`
-		TLSConfig           TLSConfiguration    `json:"TLSConfig"`
-		Extensions          []EndpointExtension `json:"Extensions"`
-		AzureCredentials    AzureCredentials    `json:"AzureCredentials,omitempty"`
-		TagIDs              []TagID             `json:"TagIds"`
-		Status              EndpointStatus      `json:"Status"`
-		Snapshots           []DockerSnapshot    `json:"Snapshots"`
-		UserAccessPolicies  UserAccessPolicies  `json:"UserAccessPolicies"`
-		TeamAccessPolicies  TeamAccessPolicies  `json:"TeamAccessPolicies"`
-		EdgeID              string              `json:"EdgeID,omitempty"`
-		EdgeKey             string              `json:"EdgeKey"`
-		EdgeCheckinInterval int                 `json:"EdgeCheckinInterval"`
-		Kubernetes          KubernetesData      `json:"Kubernetes"`
+		ID                      EndpointID          `json:"Id"`
+		Name                    string              `json:"Name"`
+		Type                    EndpointType        `json:"Type"`
+		URL                     string              `json:"URL"`
+		GroupID                 EndpointGroupID     `json:"GroupId"`
+		PublicURL               string              `json:"PublicURL"`
+		TLSConfig               TLSConfiguration    `json:"TLSConfig"`
+		Extensions              []EndpointExtension `json:"Extensions"`
+		AzureCredentials        AzureCredentials    `json:"AzureCredentials,omitempty"`
+		TagIDs                  []TagID             `json:"TagIds"`
+		Status                  EndpointStatus      `json:"Status"`
+		Snapshots               []DockerSnapshot    `json:"Snapshots"`
+		UserAccessPolicies      UserAccessPolicies  `json:"UserAccessPolicies"`
+		TeamAccessPolicies      TeamAccessPolicies  `json:"TeamAccessPolicies"`
+		EdgeID                  string              `json:"EdgeID,omitempty"`
+		EdgeKey                 string              `json:"EdgeKey"`
+		EdgeCheckinInterval     int                 `json:"EdgeCheckinInterval"`
+		Kubernetes              KubernetesData      `json:"Kubernetes"`
+		ComposeSyntaxMaxVersion string              `json:"ComposeSyntaxMaxVersion"`

 		// Deprecated fields
 		// Deprecated in DBVersion == 4
@@ -554,6 +555,10 @@ type (
 		Env             []Pair           `json:"Env"`
 		ResourceControl *ResourceControl `json:"ResourceControl"`
 		Status          StackStatus      `json:"Status"`
+		CreationDate    int64
+		CreatedBy       string
+		UpdateDate      int64
+		UpdatedBy       string
 		ProjectPath     string
 	}

@@ -774,6 +779,7 @@ type (

 	// ComposeStackManager represents a service to manage Compose stacks
 	ComposeStackManager interface {
+		ComposeSyntaxMaxVersion() string
 		Up(stack *Stack, endpoint *Endpoint) error
 		Down(stack *Stack, endpoint *Endpoint) error
 	}
@@ -1119,9 +1125,11 @@ type (

 const (
 	// APIVersion is the version number of the Portainer API
-	APIVersion = "2.0.0"
+	APIVersion = "2.0.1"
 	// DBVersion is the version number of the Portainer database
 	DBVersion = 25
+	// ComposeSyntaxMaxVersion is a maximum supported version of the docker compose syntax
+	ComposeSyntaxMaxVersion = "3.9"
 	// AssetsServerURL represents the URL of the Portainer asset server
 	AssetsServerURL = "https://portainer-io-assets.sfo2.digitaloceanspaces.com"
 	// MessageOfTheDayURL represents the URL where Portainer MOTD message can be retrieved
--- a/app/assets/css/app.css
+++ b/app/assets/css/app.css
@@ -927,6 +927,27 @@ ul.sidebar .sidebar-list .sidebar-sublist a.active {
  z-index: 2;
 }

+.striketext:before,
+.striketext:after {
+  background-color: #777777;
+  content: '';
+  display: inline-block;
+  height: 1px;
+  position: relative;
+  vertical-align: middle;
+  width: 50%;
+}
+
+.striketext:before {
+  right: 0.5em;
+  margin-left: -50%;
+}
+
+.striketext:after {
+  left: 0.5em;
+  margin-right: -50%;
+}
+
 /*bootbox override*/
 .modal-open {
  padding-right: 0 !important;
@@ -1042,3 +1063,7 @@ json-tree .branch-preview {
  background-color: #337ab7;
 }
 /* !spinkit override */
+
+.w-full {
+  width: 100%;
+}
--- a/app/docker/components/datatables/containers-datatable/containersDatatable.html
+++ b/app/docker/components/datatables/containers-datatable/containersDatatable.html
@@ -4,100 +4,8 @@
      <div class="toolBar">
        <div class="toolBarTitle"> <i class="fa" ng-class="$ctrl.titleIcon" aria-hidden="true" style="margin-right: 2px;"></i> {{ $ctrl.titleText }} </div>
        <div class="settings">
-          <span
-            class="setting"
-            ng-class="{ 'setting-active': $ctrl.columnVisibility.state.open }"
-            uib-dropdown
-            dropdown-append-to-body
-            auto-close="disabled"
-            is-open="$ctrl.columnVisibility.state.open"
-          >
-            <span uib-dropdown-toggle><i class="fa fa-columns space-right" aria-hidden="true"></i>Columns</span>
-            <div class="dropdown-menu dropdown-menu-right" uib-dropdown-menu>
-              <div class="tableMenu">
-                <div class="menuHeader">
-                  Show / Hide Columns
-                </div>
-                <div class="menuContent">
-                  <div class="md-checkbox">
-                    <input
-                      id="col_vis_state"
-                      ng-change="$ctrl.onColumnVisibilityChange($ctrl.columnVisibility)"
-                      type="checkbox"
-                      ng-model="$ctrl.columnVisibility.columns.state.display"
-                    />
-                    <label for="col_vis_state" ng-bind="$ctrl.columnVisibility.columns.state.label"></label>
-                  </div>
-                  <div class="md-checkbox">
-                    <input
-                      id="col_vis_actions"
-                      ng-change="$ctrl.onColumnVisibilityChange($ctrl.columnVisibility)"
-                      type="checkbox"
-                      ng-model="$ctrl.columnVisibility.columns.actions.display"
-                    />
-                    <label for="col_vis_actions" ng-bind="$ctrl.columnVisibility.columns.actions.label"></label>
-                  </div>
-                  <div class="md-checkbox">
-                    <input
-                      id="col_vis_stack"
-                      ng-change="$ctrl.onColumnVisibilityChange($ctrl.columnVisibility)"
-                      type="checkbox"
-                      ng-model="$ctrl.columnVisibility.columns.stack.display"
-                    />
-                    <label for="col_vis_stack" ng-bind="$ctrl.columnVisibility.columns.stack.label"></label>
-                  </div>
-                  <div class="md-checkbox">
-                    <input
-                      id="col_vis_image"
-                      ng-change="$ctrl.onColumnVisibilityChange($ctrl.columnVisibility)"
-                      type="checkbox"
-                      ng-model="$ctrl.columnVisibility.columns.image.display"
-                    />
-                    <label for="col_vis_image" ng-bind="$ctrl.columnVisibility.columns.image.label"></label>
-                  </div>
-                  <div class="md-checkbox">
-                    <input
-                      id="col_vis_created"
-                      ng-change="$ctrl.onColumnVisibilityChange($ctrl.columnVisibility)"
-                      type="checkbox"
-                      ng-model="$ctrl.columnVisibility.columns.created.display"
-                    />
-                    <label for="col_vis_created" ng-bind="$ctrl.columnVisibility.columns.created.label"></label>
-                  </div>
-                  <div class="md-checkbox" ng-if="$ctrl.showHostColumn">
-                    <input
-                      id="col_vis_host"
-                      ng-change="$ctrl.onColumnVisibilityChange($ctrl.columnVisibility)"
-                      type="checkbox"
-                      ng-model="$ctrl.columnVisibility.columns.host.display"
-                    />
-                    <label for="col_vis_host" ng-bind="$ctrl.columnVisibility.columns.host.label"></label>
-                  </div>
-                  <div class="md-checkbox">
-                    <input
-                      id="col_vis_ports"
-                      ng-change="$ctrl.onColumnVisibilityChange($ctrl.columnVisibility)"
-                      type="checkbox"
-                      ng-model="$ctrl.columnVisibility.columns.ports.display"
-                    />
-                    <label for="col_vis_ports" ng-bind="$ctrl.columnVisibility.columns.ports.label"></label>
-                  </div>
-                  <div class="md-checkbox">
-                    <input
-                      id="col_vis_ownership"
-                      ng-change="$ctrl.onColumnVisibilityChange($ctrl.columnVisibility)"
-                      type="checkbox"
-                      ng-model="$ctrl.columnVisibility.columns.ownership.display"
-                    />
-                    <label for="col_vis_ownership" ng-bind="$ctrl.columnVisibility.columns.ownership.label"></label>
-                  </div>
-                </div>
-                <div>
-                  <a type="button" class="btn btn-default btn-sm" ng-click="$ctrl.columnVisibility.state.open = false;">Close</a>
-                </div>
-              </div>
-            </div>
-          </span>
+          <datatable-columns-visibility columns="$ctrl.columnVisibility.columns" on-change="($ctrl.onColumnVisibilityChange)"></datatable-columns-visibility>
+
          <span class="setting" ng-class="{ 'setting-active': $ctrl.settings.open }" uib-dropdown dropdown-append-to-body auto-close="disabled" is-open="$ctrl.settings.open">
            <span uib-dropdown-toggle><i class="fa fa-cog" aria-hidden="true"></i> Settings</span>
            <div class="dropdown-menu dropdown-menu-right" uib-dropdown-menu>
--- a/app/docker/components/datatables/containers-datatable/containersDatatableController.js
+++ b/app/docker/components/datatables/containers-datatable/containersDatatableController.js
@@ -36,9 +36,6 @@ angular.module('portainer.docker').controller('ContainersDatatableController', [
    };

    this.columnVisibility = {
-      state: {
-        open: false,
-      },
      columns: {
        state: {
          label: 'State',
@@ -75,9 +72,11 @@ angular.module('portainer.docker').controller('ContainersDatatableController', [
      },
    };

-    this.onColumnVisibilityChange = function (columnVisibility) {
-      DatatableService.setColumnVisibilitySettings(this.tableKey, columnVisibility);
-    };
+    this.onColumnVisibilityChange = onColumnVisibilityChange.bind(this);
+    function onColumnVisibilityChange(columns) {
+      this.columnVisibility.columns = columns;
+      DatatableService.setColumnVisibilitySettings(this.tableKey, this.columnVisibility);
+    }

    this.onSelectionChanged = function () {
      this.updateSelectionState();
@@ -199,7 +198,6 @@ angular.module('portainer.docker').controller('ContainersDatatableController', [
      var storedColumnVisibility = DatatableService.getColumnVisibilitySettings(this.tableKey);
      if (storedColumnVisibility !== null) {
        this.columnVisibility = storedColumnVisibility;
-        this.columnVisibility.state.open = false;
      }
    };
  },
--- a/app/docker/components/imageRegistry/porImageRegistry.html
+++ b/app/docker/components/imageRegistry/porImageRegistry.html
@@ -36,10 +36,13 @@
 <!-- don't use registry -->
 <div ng-if="!$ctrl.model.UseRegistry">
  <div class="form-group">
-    <label for="image_name" ng-class="$ctrl.labelClass" class="control-label text-left"
-      >Image
-      <portainer-tooltip position="bottom" message="Image and repository should be publicly available."></portainer-tooltip>
-    </label>
+    <span class="small">
+      <p class="text-muted" style="margin-left: 15px;">
+        <i class="fa fa-exclamation-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+        When using advanced mode, image and repository <b>must be</b> publicly available.
+      </p>
+    </span>
+    <label for="image_name" ng-class="$ctrl.labelClass" class="control-label text-left">Image </label>
    <div ng-class="$ctrl.inputClass">
      <input type="text" class="form-control" ng-model="$ctrl.model.Image" name="image_name" placeholder="e.g. registry:port/myImage:myTag" required />
    </div>
--- a/app/docker/components/log-viewer/log-viewer.js
+++ b/app/docker/components/log-viewer/log-viewer.js
@@ -7,5 +7,6 @@ angular.module('portainer.docker').component('logViewer', {
    logCollectionChange: '<',
    sinceTimestamp: '=',
    lineCount: '=',
+    resourceName: '<',
  },
 });
--- a/app/docker/components/log-viewer/logViewer.html
+++ b/app/docker/components/log-viewer/logViewer.html
@@ -67,6 +67,7 @@
              Actions
            </label>
            <div class="col-sm-11">
+              <button class="btn btn-primary btn-sm" type="button" ng-click="$ctrl.downloadLogs()" style="margin-left: 0;"><i class="fa fa-download"></i> Download logs</button>
              <button
                class="btn btn-primary btn-sm"
                ng-click="$ctrl.copy()"
--- a/app/docker/components/log-viewer/logViewerController.js
+++ b/app/docker/components/log-viewer/logViewerController.js
@@ -1,8 +1,11 @@
 import moment from 'moment';
+import _ from 'lodash-es';

 angular.module('portainer.docker').controller('LogViewerController', [
  'clipboard',
-  function (clipboard) {
+  'Blob',
+  'FileSaver',
+  function (clipboard, Blob, FileSaver) {
    this.state = {
      availableSinceDatetime: [
        { desc: 'Last day', value: moment().subtract(1, 'days').format() },
@@ -43,5 +46,10 @@ angular.module('portainer.docker').controller('LogViewerController', [
        this.state.selectedLines.splice(idx, 1);
      }
    };
+
+    this.downloadLogs = function () {
+      const data = new Blob([_.reduce(this.state.filteredLogs, (acc, log) => acc + '\n' + log, '')]);
+      FileSaver.saveAs(data, this.resourceName + '_logs.txt');
+    };
  },
 ]);
--- a/app/docker/models/config.js
+++ b/app/docker/models/config.js
@@ -1,14 +1,18 @@
 import { ResourceControlViewModel } from 'Portainer/models/resourceControl/resourceControl';

 function b64DecodeUnicode(str) {
-  return decodeURIComponent(
-    atob(str)
-      .split('')
-      .map(function (c) {
-        return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2);
-      })
-      .join('')
-  );
+  try {
+    return decodeURIComponent(
+      atob(str)
+        .split('')
+        .map(function (c) {
+          return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2);
+        })
+        .join('')
+    );
+  } catch (err) {
+    return atob(str);
+  }
 }

 export function ConfigViewModel(data) {
--- a/app/docker/models/image.js
+++ b/app/docker/models/image.js
@@ -4,7 +4,6 @@ export function ImageViewModel(data) {
  this.Repository = data.Repository;
  this.Created = data.Created;
  this.Checked = false;
-
  this.RepoTags = data.RepoTags;
  if (!this.RepoTags && data.RepoDigests) {
    this.RepoTags = [];
@@ -21,6 +20,7 @@ export function ImageViewModel(data) {
  if (data.Portainer && data.Portainer.Agent && data.Portainer.Agent.NodeName) {
    this.NodeName = data.Portainer.Agent.NodeName;
  }
+  this.Labels = data.Labels;
 }

 export function ImageBuildModel(data) {
--- a/app/docker/models/imageDetails.js
+++ b/app/docker/models/imageDetails.js
@@ -16,4 +16,5 @@ export function ImageDetailsViewModel(data) {
  this.ExposedPorts = data.ContainerConfig.ExposedPorts ? Object.keys(data.ContainerConfig.ExposedPorts) : [];
  this.Volumes = data.ContainerConfig.Volumes ? Object.keys(data.ContainerConfig.Volumes) : [];
  this.Env = data.ContainerConfig.Env ? data.ContainerConfig.Env : [];
+  this.Labels = data.ContainerConfig.Labels;
 }
--- a/app/docker/views/containers/logs/containerlogs.html
+++ b/app/docker/views/containers/logs/containerlogs.html
@@ -12,4 +12,5 @@
  display-timestamps="state.displayTimestamps"
  line-count="state.lineCount"
  since-timestamp="state.sinceTimestamp"
+  resource-name="container.Name"
 ></log-viewer>
--- a/app/docker/views/images/edit/image.html
+++ b/app/docker/views/images/edit/image.html
@@ -128,6 +128,17 @@
              <td>Build</td>
              <td>Docker {{ image.DockerVersion }} on {{ image.Os }}, {{ image.Architecture }}</td>
            </tr>
+            <tr ng-if="!(image.Labels | emptyobject)">
+              <td>Labels</td>
+              <td>
+                <table class="table table-bordered table-condensed">
+                  <tr ng-repeat="(k, v) in image.Labels">
+                    <td>{{ k }}</td>
+                    <td>{{ v }}</td>
+                  </tr>
+                </table>
+              </td>
+            </tr>
            <tr ng-if="image.Author">
              <td>Author</td>
              <td>{{ image.Author }}</td>
--- a/app/docker/views/networks/create/createnetwork.html
+++ b/app/docker/views/networks/create/createnetwork.html
@@ -196,7 +196,8 @@
          <div class="form-group" ng-hide="config.Driver === 'macvlan' && formValues.Macvlan.Scope === 'local'">
            <div class="col-sm-12">
              <label for="ownership" class="control-label text-left">
-                Restrict external access to the network
+                Isolated network
+                <portainer-tooltip position="bottom" message="An isolated network has no inbound or outbound communications."></portainer-tooltip>
              </label>
              <label name="ownership" class="switch" style="margin-left: 20px;">
                <input type="checkbox" ng-model="config.Internal" />
--- a/app/docker/views/services/create/createServiceController.js
+++ b/app/docker/views/services/create/createServiceController.js
@@ -520,6 +520,12 @@ angular.module('portainer.docker').controller('CreateServiceController', [
      return true;
    }

+    $scope.volumesAreValid = volumesAreValid;
+    function volumesAreValid() {
+      const volumes = $scope.formValues.Volumes;
+      return volumes.every((volume) => volume.Target && volume.Source);
+    }
+
    $scope.create = function createService() {
      var accessControlData = $scope.formValues.AccessControlData;

--- a/app/docker/views/services/create/createservice.html
+++ b/app/docker/views/services/create/createservice.html
@@ -123,7 +123,7 @@
              <button
                type="button"
                class="btn btn-primary btn-sm"
-                ng-disabled="state.actionInProgress || !formValues.RegistryModel.Image"
+                ng-disabled="state.actionInProgress || !formValues.RegistryModel.Image || !volumesAreValid()"
                ng-click="create()"
                button-spinner="state.actionInProgress"
              >
@@ -298,13 +298,16 @@
                      <!-- volume-line1 -->
                      <div class="col-sm-12 form-inline">
                        <!-- container-path -->
-                        <div class="input-group input-group-sm col-sm-6">
-                          <span class="input-group-addon">container</span>
-                          <input type="text" class="form-control" ng-model="volume.Target" placeholder="e.g. /path/in/container" />
+                        <div class="input-group col-sm-6">
+                          <div class="input-group input-group-sm w-full">
+                            <span class="input-group-addon">container</span>
+                            <input type="text" class="form-control" ng-model="volume.Target" placeholder="e.g. /path/in/container" />
+                          </div>
+                          <div class="small text-warning" ng-show="!volume.Target"> <i class="fa fa-exclamation-triangle" aria-hidden="true"></i> Target is required. </div>
                        </div>
                        <!-- !container-path -->
                        <!-- volume-type -->
-                        <div class="input-group col-sm-5" style="margin-left: 5px;">
+                        <div class="input-group col-sm-5" style="margin-left: 5px; vertical-align: top;">
                          <div class="btn-group btn-group-sm" ng-if="allowBindMounts">
                            <label class="btn btn-primary" ng-model="volume.Type" uib-btn-radio="'volume'" ng-click="volume.name = ''">Volume</label>
                            <label class="btn btn-primary" ng-model="volume.Type" uib-btn-radio="'bind'" ng-click="volume.Id = ''">Bind</label>
@@ -318,27 +321,35 @@
                      <!-- !volume-line1 -->
                      <!-- volume-line2 -->
                      <div class="col-sm-12 form-inline" style="margin-top: 5px;">
-                        <i class="fa fa-long-arrow-alt-right" aria-hidden="true"></i>
+                        <div style="height: 30px; display: inline-block; vertical-align: top; display: inline-flex; align-items: center;">
+                          <i class="fa fa-long-arrow-alt-right" aria-hidden="true"></i>
+                        </div>
                        <!-- volume -->
-                        <div class="input-group input-group-sm col-sm-6" ng-if="volume.Type === 'volume'">
-                          <span class="input-group-addon">volume</span>
-                          <select
-                            class="form-control"
-                            ng-model="volume.Source"
-                            ng-options="vol as ((vol.Id|truncate:30) + ' - ' + (vol.Driver|truncate:30)) for vol in availableVolumes"
-                          >
-                            <option selected disabled hidden value="">Select a volume</option>
-                          </select>
+                        <div class="col-sm-6 input-group" ng-if="volume.Type === 'volume'" style="float: none; padding: 0;">
+                          <div class="input-group input-group-sm w-full">
+                            <span class="input-group-addon">volume</span>
+                            <select
+                              class="form-control"
+                              ng-model="volume.Source"
+                              ng-options="vol as ((vol.Id|truncate:30) + ' - ' + (vol.Driver|truncate:30)) for vol in availableVolumes"
+                            >
+                              <option selected disabled hidden value="">Select a volume</option>
+                            </select>
+                          </div>
+                          <div class="small text-warning" ng-show="!volume.Source"> <i class="fa fa-exclamation-triangle" aria-hidden="true"></i> Source is required. </div>
                        </div>
                        <!-- !volume -->
                        <!-- bind -->
                        <div class="input-group input-group-sm col-sm-6" ng-if="volume.Type === 'bind'">
-                          <span class="input-group-addon">host</span>
-                          <input type="text" class="form-control" ng-model="volume.Source" placeholder="e.g. /path/on/host" />
+                          <div class="input-group input-group-sm w-full">
+                            <span class="input-group-addon">host</span>
+                            <input type="text" class="form-control" ng-model="volume.Source" placeholder="e.g. /path/on/host" />
+                          </div>
+                          <div class="small text-warning" ng-show="!volume.Source"> <i class="fa fa-exclamation-triangle" aria-hidden="true"></i> Source is required. </div>
                        </div>
                        <!-- !bind -->
                        <!-- read-only -->
-                        <div class="input-group input-group-sm col-sm-5" style="margin-left: 5px;">
+                        <div class="input-group input-group-sm col-sm-5" style="margin-left: 5px; vertical-align: top;">
                          <div class="btn-group btn-group-sm">
                            <label class="btn btn-primary" ng-model="volume.ReadOnly" uib-btn-radio="false">Writable</label>
                            <label class="btn btn-primary" ng-model="volume.ReadOnly" uib-btn-radio="true">Read-only</label>
--- a/app/docker/views/services/edit/includes/mounts.html
+++ b/app/docker/views/services/edit/includes/mounts.html
@@ -42,12 +42,14 @@
              <input
                type="text"
                class="form-control"
+                name=""
                ng-model="mount.Source"
                placeholder="e.g. /tmp/portainer/data"
                ng-change="updateMount(service, mount)"
                ng-disabled="isUpdating || (!isAdmin && !allowBindMounts && mount.Type === 'bind')"
                ng-if="mount.Type === 'bind'"
              />
+              <div class="col-sm-12 small text-warning" ng-show="!mount.Source"> <i class="fa fa-exclamation-triangle" aria-hidden="true"></i> Source is required. </div>
            </td>
            <td>
              <input
@@ -59,6 +61,7 @@
                ng-disabled="isUpdating"
                disable-authorization="DockerServiceUpdate"
              />
+              <div class="col-sm-12 small text-warning" ng-show="!mount.Target"> <i class="fa fa-exclamation-triangle" aria-hidden="true"></i> Target is required. </div>
            </td>
            <td authorization="DockerServiceUpdate">
              <input type="checkbox" class="form-control" ng-model="mount.ReadOnly" ng-change="updateMount(service, mount)" ng-disabled="isUpdating" />
@@ -77,7 +80,9 @@
    <rd-widget-footer authorization="DockerServiceUpdate">
      <div class="btn-toolbar" role="toolbar">
        <div class="btn-group" role="group">
-          <button type="button" class="btn btn-primary btn-sm" ng-disabled="!hasChanges(service, ['ServiceMounts'])" ng-click="updateService(service)">Apply changes</button>
+          <button type="button" class="btn btn-primary btn-sm" ng-disabled="!mountsAreValid() || !hasChanges(service, ['ServiceMounts'])" ng-click="updateService(service)">
+            Apply changes
+          </button>
          <button type="button" class="btn btn-default btn-sm dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
            <span class="caret"></span>
          </button>
--- a/app/docker/views/services/edit/serviceController.js
+++ b/app/docker/views/services/edit/serviceController.js
@@ -378,6 +378,12 @@ angular.module('portainer.docker').controller('ServiceController', [
      return hasChanges;
    };

+    $scope.mountsAreValid = mountsAreValid;
+    function mountsAreValid() {
+      const mounts = $scope.service.ServiceMounts;
+      return mounts.every((mount) => mount.Source && mount.Target);
+    }
+
    function buildChanges(service) {
      var config = ServiceHelper.serviceToConfig(service.Model);
      config.Name = service.Name;
--- a/app/docker/views/services/logs/servicelogs.html
+++ b/app/docker/views/services/logs/servicelogs.html
@@ -12,4 +12,5 @@
  display-timestamps="state.displayTimestamps"
  line-count="state.lineCount"
  since-timestamp="state.sinceTimestamp"
+  resource-name="service.Name"
 ></log-viewer>
--- a/app/docker/views/tasks/logs/tasklogs.html
+++ b/app/docker/views/tasks/logs/tasklogs.html
@@ -13,4 +13,5 @@
  display-timestamps="state.displayTimestamps"
  line-count="state.lineCount"
  since-timestamp="state.sinceTimestamp"
+  resource-name="task.Id"
 ></log-viewer>
--- a/app/docker/views/volumes/edit/volumeController.js
+++ b/app/docker/views/volumes/edit/volumeController.js
@@ -51,14 +51,18 @@ angular.module('portainer.docker').controller('VolumeController', [
    };

    $scope.removeVolume = function removeVolume() {
-      VolumeService.remove($scope.volume)
-        .then(function success() {
-          Notifications.success('Volume successfully removed', $transition$.params().id);
-          $state.go('docker.volumes', {});
-        })
-        .catch(function error(err) {
-          Notifications.error('Failure', err, 'Unable to remove volume');
-        });
+      ModalService.confirmDeletion('Do you want to remove this volume?', (confirmed) => {
+        if (confirmed) {
+          VolumeService.remove($scope.volume)
+            .then(function success() {
+              Notifications.success('Volume successfully removed', $transition$.params().id);
+              $state.go('docker.volumes', {});
+            })
+            .catch(function error(err) {
+              Notifications.error('Failure', err, 'Unable to remove volume');
+            });
+        }
+      });
    };

    function getVolumeDataFromContainer(container, volumeId) {
--- a/app/docker/views/volumes/volumesController.js
+++ b/app/docker/views/volumes/volumesController.js
@@ -9,26 +9,31 @@ angular.module('portainer.docker').controller('VolumesController', [
  'HttpRequestHelper',
  'EndpointProvider',
  'Authentication',
-  function ($q, $scope, $state, VolumeService, ServiceService, VolumeHelper, Notifications, HttpRequestHelper, EndpointProvider, Authentication) {
+  'ModalService',
+  function ($q, $scope, $state, VolumeService, ServiceService, VolumeHelper, Notifications, HttpRequestHelper, EndpointProvider, Authentication, ModalService) {
    $scope.removeAction = function (selectedItems) {
-      var actionCount = selectedItems.length;
-      angular.forEach(selectedItems, function (volume) {
-        HttpRequestHelper.setPortainerAgentTargetHeader(volume.NodeName);
-        VolumeService.remove(volume)
-          .then(function success() {
-            Notifications.success('Volume successfully removed', volume.Id);
-            var index = $scope.volumes.indexOf(volume);
-            $scope.volumes.splice(index, 1);
-          })
-          .catch(function error(err) {
-            Notifications.error('Failure', err, 'Unable to remove volume');
-          })
-          .finally(function final() {
-            --actionCount;
-            if (actionCount === 0) {
-              $state.reload();
-            }
+      ModalService.confirmDeletion('Do you want to remove the selected volume(s)?', (confirmed) => {
+        if (confirmed) {
+          var actionCount = selectedItems.length;
+          angular.forEach(selectedItems, function (volume) {
+            HttpRequestHelper.setPortainerAgentTargetHeader(volume.NodeName);
+            VolumeService.remove(volume)
+              .then(function success() {
+                Notifications.success('Volume successfully removed', volume.Id);
+                var index = $scope.volumes.indexOf(volume);
+                $scope.volumes.splice(index, 1);
+              })
+              .catch(function error(err) {
+                Notifications.error('Failure', err, 'Unable to remove volume');
+              })
+              .finally(function final() {
+                --actionCount;
+                if (actionCount === 0) {
+                  $state.reload();
+                }
+              });
          });
+        }
      });
    };

--- a/app/index.html
+++ b/app/index.html
@@ -1,5 +1,5 @@
 <!DOCTYPE html
-><html lang="en" ng-app="<%= name %>">
+><html lang="en" ng-app="<%= name %>" ng-strict-di>
  <head>
    <meta charset="utf-8" />
    <title>Portainer</title>
--- a/app/kubernetes/components/datatables/applications-stacks-datatable/applicationsStacksDatatable.html
+++ b/app/kubernetes/components/datatables/applications-stacks-datatable/applicationsStacksDatatable.html
@@ -71,7 +71,7 @@
        <table class="table table-hover nowrap-cells">
          <thead>
            <tr>
-              <th>
+              <th style="width: 55px;">
                <span class="md-checkbox">
                  <input id="select_all" type="checkbox" ng-model="$ctrl.state.selectAll" ng-change="$ctrl.selectAll()" />
                  <label for="select_all"></label>
@@ -142,8 +142,9 @@
              </td>
            </tr>
            <tr dir-paginate-end ng-show="item.Expanded" ng-repeat="app in item.Applications" ng-style="{ background: item.Highlighted ? '#d5e8f3' : '#f5f5f5' }">
-              <td colspan="5">
-                <a ui-sref="kubernetes.applications.application({ name: app.Name, namespace: app.ResourcePool })" style="margin-left: 25px;">{{ app.Name }}</a>
+              <td></td>
+              <td colspan="4">
+                <a ui-sref="kubernetes.applications.application({ name: app.Name, namespace: app.ResourcePool })">{{ app.Name }}</a>
                <span style="margin-left: 5px;" class="label label-primary image-tag" ng-if="!$ctrl.isSystemNamespace(app.ResourcePool) && $ctrl.isExternalApplication(app)"
                  >external</span
                >
--- a/app/kubernetes/components/datatables/resource-pools-datatable/resourcePoolsDatatable.html
+++ b/app/kubernetes/components/datatables/resource-pools-datatable/resourcePoolsDatatable.html
@@ -118,7 +118,7 @@
                <span style="margin-left: 5px;" class="label label-info image-tag" ng-if="$ctrl.isSystemNamespace(item)">system</span>
              </td>
              <td> <i class="fa {{ item.Quota ? 'fa-toggle-on' : 'fa-toggle-off' }}" aria-hidden="true" style="margin-right: 2px;"></i> {{ item.Quota ? 'Yes' : 'No' }} </td>
-              <td>{{ item.CreationDate | getisodate }} {{ item.Namespace.ResourcePoolOwner ? 'by ' + item.Namespace.ResourcePoolOwner : '' }}</td>
+              <td>{{ item.Namespace.CreationDate | getisodate }} {{ item.Namespace.ResourcePoolOwner ? 'by ' + item.Namespace.ResourcePoolOwner : '' }}</td>
              <td ng-if="$ctrl.isAdmin">
                <a ng-if="$ctrl.canManageAccess(item)" ui-sref="kubernetes.resourcePools.resourcePool.access({id: item.Namespace.Name})">
                  <i class="fa fa-users" aria-hidden="true"></i> Manage access
--- a/app/kubernetes/components/kubernetes-configuration-data/kubernetesConfigurationData.html
+++ b/app/kubernetes/components/kubernetes-configuration-data/kubernetesConfigurationData.html
@@ -30,7 +30,7 @@
        <i class="fa fa-plus-circle" aria-hidden="true"></i> Create entry
      </button>
      <button type="button" class="btn btn-sm btn-default" ngf-select="$ctrl.addEntryFromFile($file)" style="margin-left: 0;">
-        <i class="fa fa-file-upload" aria-hidden="true"></i> Create entry from file
+        <i class="fa fa-file-upload" aria-hidden="true"></i> Create key/value from file
      </button>
    </div>
  </div>
--- a/app/kubernetes/components/kubernetes-sidebar-content/kubernetesSidebarContent.html
+++ b/app/kubernetes/components/kubernetes-sidebar-content/kubernetesSidebarContent.html
@@ -16,6 +16,6 @@
 <li class="sidebar-list">
  <a ui-sref="kubernetes.cluster({endpointId: $ctrl.endpointId})" ui-sref-active="active">Cluster <span class="menu-icon fa fa-server fa-fw"></span></a>
  <div class="sidebar-sublist" ng-if="$ctrl.adminAccess && ($ctrl.currentState === 'kubernetes.cluster' || $ctrl.currentState === 'portainer.endpoints.endpoint.kubernetesConfig')">
-    <a ui-sref="portainer.endpoints.endpoint.kubernetesConfig({id: $ctrl.endpointId})">Setup</a>
+    <a ui-sref="portainer.endpoints.endpoint.kubernetesConfig({id: $ctrl.endpointId})" ui-sref-active="active">Setup</a>
  </div>
 </li>
--- a/app/kubernetes/converters/application.js
+++ b/app/kubernetes/converters/application.js
@@ -27,6 +27,7 @@ import KubernetesServiceConverter from 'Kubernetes/converters/service';
 import KubernetesPersistentVolumeClaimConverter from 'Kubernetes/converters/persistentVolumeClaim';
 import PortainerError from 'Portainer/error';
 import { KubernetesIngressHelper } from 'Kubernetes/ingress/helper';
+import KubernetesCommonHelper from 'Kubernetes/helpers/commonHelper';

 function _apiPortsToPublishedPorts(pList, pRefs) {
  const ports = _.map(pList, (item) => {
@@ -118,7 +119,7 @@ class KubernetesApplicationConverter {
      res.PublishedPorts = ports;
    }

-    if (data.spec.templates) {
+    if (data.spec.template) {
      res.Volumes = data.spec.template.spec.volumes ? data.spec.template.spec.volumes : [];
    } else {
      res.Volumes = data.spec.volumes;
@@ -294,6 +295,8 @@ class KubernetesApplicationConverter {
  }

  static applicationFormValuesToApplication(formValues) {
+    formValues.ApplicationOwner = KubernetesCommonHelper.ownerToLabel(formValues.ApplicationOwner);
+
    const claims = KubernetesPersistentVolumeClaimConverter.applicationFormValuesToVolumeClaims(formValues);
    const rwx = _.find(claims, (item) => _.includes(item.StorageClass.AccessModes, 'RWX')) !== undefined;

--- a/app/kubernetes/converters/configMap.js
+++ b/app/kubernetes/converters/configMap.js
@@ -39,7 +39,8 @@ class KubernetesConfigMapConverter {
    const res = new KubernetesConfigMapCreatePayload();
    res.metadata.name = data.Name;
    res.metadata.namespace = data.Namespace;
-    res.metadata.labels[KubernetesPortainerConfigurationOwnerLabel] = data.ConfigurationOwner;
+    const configurationOwner = _.truncate(data.ConfigurationOwner, { length: 63, omission: '' });
+    res.metadata.labels[KubernetesPortainerConfigurationOwnerLabel] = configurationOwner;
    res.data = data.Data;
    return res;
  }
--- a/app/kubernetes/converters/daemonSet.js
+++ b/app/kubernetes/converters/daemonSet.js
@@ -1,5 +1,4 @@
 import * as JsonPatch from 'fast-json-patch';
-
 import { KubernetesDaemonSet } from 'Kubernetes/models/daemon-set/models';
 import { KubernetesDaemonSetCreatePayload } from 'Kubernetes/models/daemon-set/payloads';
 import {
--- a/app/kubernetes/converters/namespace.js
+++ b/app/kubernetes/converters/namespace.js
@@ -1,3 +1,4 @@
+import _ from 'lodash-es';
 import { KubernetesNamespace } from 'Kubernetes/models/namespace/models';
 import { KubernetesNamespaceCreatePayload } from 'Kubernetes/models/namespace/payloads';
 import { KubernetesPortainerResourcePoolNameLabel, KubernetesPortainerResourcePoolOwnerLabel } from 'Kubernetes/models/resource-pool/models';
@@ -20,7 +21,8 @@ class KubernetesNamespaceConverter {
    res.metadata.name = namespace.Name;
    res.metadata.labels[KubernetesPortainerResourcePoolNameLabel] = namespace.ResourcePoolName;
    if (namespace.ResourcePoolOwner) {
-      res.metadata.labels[KubernetesPortainerResourcePoolOwnerLabel] = namespace.ResourcePoolOwner;
+      const resourcePoolOwner = _.truncate(namespace.ResourcePoolOwner, { length: 63, omission: '' });
+      res.metadata.labels[KubernetesPortainerResourcePoolOwnerLabel] = resourcePoolOwner;
    }
    return res;
  }
--- a/app/kubernetes/converters/secret.js
+++ b/app/kubernetes/converters/secret.js
@@ -9,7 +9,8 @@ class KubernetesSecretConverter {
    const res = new KubernetesSecretCreatePayload();
    res.metadata.name = secret.Name;
    res.metadata.namespace = secret.Namespace;
-    res.metadata.labels[KubernetesPortainerConfigurationOwnerLabel] = secret.ConfigurationOwner;
+    const configurationOwner = _.truncate(secret.configurationOwner, { length: 63, omission: '' });
+    res.metadata.labels[KubernetesPortainerConfigurationOwnerLabel] = configurationOwner;
    res.stringData = secret.Data;
    return res;
  }
@@ -18,6 +19,7 @@ class KubernetesSecretConverter {
    const res = new KubernetesSecretUpdatePayload();
    res.metadata.name = secret.Name;
    res.metadata.namespace = secret.Namespace;
+    res.metadata.labels[KubernetesPortainerConfigurationOwnerLabel] = secret.ConfigurationOwner;
    res.stringData = secret.Data;
    return res;
  }
--- a/app/kubernetes/converters/service.js
+++ b/app/kubernetes/converters/service.js
@@ -69,7 +69,7 @@ class KubernetesServiceConverter {
    payload.metadata.namespace = service.Namespace;
    payload.metadata.labels[KubernetesPortainerApplicationStackNameLabel] = service.StackName;
    payload.metadata.labels[KubernetesPortainerApplicationNameLabel] = service.ApplicationName;
-    payload.metadata.labels[KubernetesPortainerApplicationOwnerLabel] = service.ApplicationOwner;
+    payload.metadata.labels[KubernetesPortainerApplicationOwnerLabel] = service.Application;
    payload.spec.ports = service.Ports;
    payload.spec.selector.app = service.ApplicationName;
    if (service.Headless) {
--- a/app/kubernetes/helpers/application/index.js
+++ b/app/kubernetes/helpers/application/index.js
@@ -175,7 +175,10 @@ class KubernetesApplicationHelper {
          item.OverridenKeys = _.map(keys, (k) => {
            const fvKey = new KubernetesApplicationConfigurationFormValueOverridenKey();
            fvKey.Key = k.Key;
-            if (index < k.EnvCount) {
+            if (!k.Count) {
+              // !k.Count indicates k.Key is new added to the configuration and has not been loaded to the application yet
+              fvKey.Type = KubernetesApplicationConfigurationFormValueOverridenKeyTypes.NONE;
+            } else if (index < k.EnvCount) {
              fvKey.Type = KubernetesApplicationConfigurationFormValueOverridenKeyTypes.ENVIRONMENT;
            } else {
              fvKey.Type = KubernetesApplicationConfigurationFormValueOverridenKeyTypes.FILESYSTEM;
--- a/app/kubernetes/helpers/commonHelper.js
+++ b/app/kubernetes/helpers/commonHelper.js
@@ -8,5 +8,13 @@ class KubernetesCommonHelper {
      _.set(obj, path, value);
    }
  }
+
+  static ownerToLabel(owner) {
+    let label = _.replace(owner, /[^-A-Za-z0-9_.]/g, '.');
+    label = _.truncate(label, { length: 63, omission: '' });
+    label = _.replace(label, /^[-_.]*/g, '');
+    label = _.replace(label, /[-_.]*$/g, '');
+    return label;
+  }
 }
 export default KubernetesCommonHelper;
--- a/app/kubernetes/models/application/formValues.js
+++ b/app/kubernetes/models/application/formValues.js
@@ -35,6 +35,7 @@ export class KubernetesApplicationFormValues {
 }

 export const KubernetesApplicationConfigurationFormValueOverridenKeyTypes = Object.freeze({
+  NONE: 0,
  ENVIRONMENT: 1,
  FILESYSTEM: 2,
 });
--- a/app/kubernetes/services/applicationService.js
+++ b/app/kubernetes/services/applicationService.js
@@ -71,6 +71,8 @@ class KubernetesApplicationService {
      apiService = this.KubernetesDaemonSetService;
    } else if (app instanceof KubernetesStatefulSet || (app instanceof KubernetesApplication && app.ApplicationType === KubernetesApplicationTypes.STATEFULSET)) {
      apiService = this.KubernetesStatefulSetService;
+    } else if (app instanceof KubernetesApplication && app.ApplicationType === KubernetesApplicationTypes.POD) {
+      apiService = this.KubernetesPodService;
    } else {
      throw new PortainerError('Unable to determine which association to use to retrieve API Service');
    }
--- a/app/kubernetes/services/configMapService.js
+++ b/app/kubernetes/services/configMapService.js
@@ -24,9 +24,23 @@ class KubernetesConfigMapService {
    try {
      const params = new KubernetesCommonParams();
      params.id = name;
-      const [raw, yaml] = await Promise.all([this.KubernetesConfigMaps(namespace).get(params).$promise, this.KubernetesConfigMaps(namespace).getYaml(params).$promise]);
-      const configMap = KubernetesConfigMapConverter.apiToConfigMap(raw, yaml);
-      return configMap;
+      const [rawPromise, yamlPromise] = await Promise.allSettled([
+        this.KubernetesConfigMaps(namespace).get(params).$promise,
+        this.KubernetesConfigMaps(namespace).getYaml(params).$promise,
+      ]);
+
+      if (_.get(rawPromise, 'reason.status') == 404 && _.get(yamlPromise, 'reason.status') == 404) {
+        return KubernetesConfigMapConverter.defaultConfigMap(namespace, name);
+      }
+
+      // Saving binary data to 'data' field in configMap Object is not allowed by kubernetes and getYaml() may get 
+      // an error. We should keep binary data to 'binaryData' field instead of 'data'. Before that, we 
+      // use response from get() and ignore 500 error as a workaround.
+      if (rawPromise.value) {
+        return KubernetesConfigMapConverter.apiToConfigMap(rawPromise.value, yamlPromise.value);
+      }
+
+      throw new PortainerError('Unable to retrieve config map ', name);
    } catch (err) {
      if (err.status === 404) {
        return KubernetesConfigMapConverter.defaultConfigMap(namespace, name);
--- a/app/kubernetes/services/configurationService.js
+++ b/app/kubernetes/services/configurationService.js
@@ -4,6 +4,7 @@ import KubernetesConfigurationConverter from 'Kubernetes/converters/configuratio
 import KubernetesConfigMapConverter from 'Kubernetes/converters/configMap';
 import KubernetesSecretConverter from 'Kubernetes/converters/secret';
 import { KubernetesConfigurationTypes } from 'Kubernetes/models/configuration/models';
+import KubernetesCommonHelper from 'Kubernetes/helpers/commonHelper';

 class KubernetesConfigurationService {
  /* @ngInject */
@@ -67,6 +68,8 @@ class KubernetesConfigurationService {
   * CREATE
   */
  async createAsync(formValues) {
+    formValues.ConfigurationOwner = KubernetesCommonHelper.ownerToLabel(formValues.ConfigurationOwner);
+
    try {
      if (formValues.Type === KubernetesConfigurationTypes.CONFIGMAP) {
        const configMap = KubernetesConfigMapConverter.configurationFormValuesToConfigMap(formValues);
--- a/app/kubernetes/services/resourcePoolService.js
+++ b/app/kubernetes/services/resourcePoolService.js
@@ -7,6 +7,7 @@ import KubernetesResourceQuotaHelper from 'Kubernetes/helpers/resourceQuotaHelpe
 import { KubernetesNamespace } from 'Kubernetes/models/namespace/models';
 import KubernetesResourceReservationHelper from 'Kubernetes/helpers/resourceReservationHelper';
 import { KubernetesIngressConverter } from 'Kubernetes/ingress/converter';
+import KubernetesCommonHelper from 'Kubernetes/helpers/commonHelper';

 class KubernetesResourcePoolService {
  /* @ngInject */
@@ -73,6 +74,8 @@ class KubernetesResourcePoolService {
   * @param {KubernetesResourcePoolFormValues} formValues
   */
  async createAsync(formValues) {
+    formValues.Owner = KubernetesCommonHelper.ownerToLabel(formValues.Owner);
+
    try {
      const namespace = new KubernetesNamespace();
      namespace.Name = formValues.Name;
--- a/app/kubernetes/templates/advancedDeploymentPanel.html
+++ b/app/kubernetes/templates/advancedDeploymentPanel.html
@@ -0,0 +1,11 @@
+<information-panel title-text="Advanced deployment">
+  <span class="small">
+    <p class="text-muted">
+      <i class="fa fa-info-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+      As an administrator user, you have access to the advanced deployment feature allowing you to deploy any Kubernetes manifest inside your cluster.
+    </p>
+    <p>
+      <button type="button" class="btn btn-sm btn-primary" ui-sref="kubernetes.deploy"> <i class="fa fa-file-code space-right" aria-hidden="true"></i>Advanced deployment </button>
+    </p>
+  </span>
+</information-panel>
--- a/app/kubernetes/views/applications/applications.html
+++ b/app/kubernetes/views/applications/applications.html
@@ -5,19 +5,7 @@
 <kubernetes-view-loading view-ready="ctrl.state.viewReady"></kubernetes-view-loading>

 <div ng-if="ctrl.state.viewReady">
-  <information-panel title-text="Advanced deployment" ng-if="ctrl.state.isAdmin">
-    <span class="small">
-      <p class="text-muted">
-        <i class="fa fa-info-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
-        As an administrator user, you have access to the advanced deployment feature allowing you to deploy any Kubernetes manifest inside your cluster.
-      </p>
-      <p>
-        <button type="button" class="btn btn-sm btn-primary" ui-sref="kubernetes.deploy">
-          <i class="fa fa-file-code space-right" aria-hidden="true"></i>Advanced deployment
-        </button>
-      </p>
-    </span>
-  </information-panel>
+  <div ng-if="ctrl.state.isAdmin" ng-include="'app/kubernetes/templates/advancedDeploymentPanel.html'"></div>

  <div class="row">
    <div class="col-sm-12">
--- a/app/kubernetes/views/applications/applicationsController.js
+++ b/app/kubernetes/views/applications/applicationsController.js
@@ -1,3 +1,5 @@
+require('../../templates/advancedDeploymentPanel.html');
+
 import angular from 'angular';
 import * as _ from 'lodash-es';
 import KubernetesStackHelper from 'Kubernetes/helpers/stackHelper';
@@ -79,7 +81,11 @@ class KubernetesApplicationsController {
  }

  removeAction(selectedItems) {
-    return this.$async(this.removeActionAsync, selectedItems);
+    this.ModalService.confirmDeletion('Do you want to remove the selected application(s)?', (confirmed) => {
+      if (confirmed) {
+        return this.$async(this.removeActionAsync, selectedItems);
+      }
+    });
  }

  onPublishingModeClick(application) {
@@ -87,7 +93,7 @@ class KubernetesApplicationsController {
    _.forEach(this.ports, (item) => {
      item.Expanded = false;
      item.Highlighted = false;
-      if (item.Name === application.Name) {
+      if (item.Name === application.Name && item.Ports.length > 1) {
        item.Expanded = true;
        item.Highlighted = true;
      }
--- a/app/kubernetes/views/applications/create/createApplication.html
+++ b/app/kubernetes/views/applications/create/createApplication.html
@@ -92,8 +92,8 @@
              </div>
            </div>
            <div class="form-group" ng-if="ctrl.state.resourcePoolHasQuota && ctrl.resourceQuotaCapacityExceeded()">
-              <div class="col-sm-12 small text-warning">
-                <i class="fa fa-exclamation-triangle orange-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+              <div class="col-sm-12 small text-danger">
+                <i class="fa fa-exclamation-circle red-icon" aria-hidden="true" style="margin-right: 2px;"></i>
                This resource pool has exhausted its resource capacity and you will not be able to deploy the application. Contact your administrator to expand the capacity of the
                resource pool.
              </div>
@@ -634,8 +634,8 @@
            </div>

            <div class="form-group" ng-if="ctrl.state.resourcePoolHasQuota && ctrl.resourceQuotaCapacityExceeded()">
-              <div class="col-sm-12 small text-muted">
-                <i class="fa fa-exclamation-circle orange-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+              <div class="col-sm-12 small text-danger">
+                <i class="fa fa-exclamation-circle red-icon" aria-hidden="true" style="margin-right: 2px;"></i>
                This resource pool has exhausted its resource capacity and you will not be able to deploy the application. Contact your administrator to expand the capacity of the
                resource pool.
              </div>
@@ -778,6 +778,7 @@
                </label>
                <input
                  type="number"
+                  name="replica_count"
                  class="form-control"
                  min="1"
                  max="9999"
@@ -785,10 +786,19 @@
                  style="margin-left: 20px;"
                  ng-model="ctrl.formValues.ReplicaCount"
                  ng-disabled="!ctrl.supportScalableReplicaDeployment()"
-                  ng-change="ctrl.enforceReplicaCountMinimum()"
+                  ng-change="ctrl.onChangeVolumeRequestedSize()"
+                  required
                />
              </div>
            </div>
+            <div class="form-group" ng-if="kubernetesApplicationCreationForm['replica_count'].$invalid">
+              <div class="col-sm-12 small text-warning">
+                <ng-messages for="kubernetesApplicationCreationForm['replica_count'].$error">
+                  <p ng-message="required"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> Instance count is required.</p>
+                  <p ng-message="min"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> Instance count must be greater than 0.</p>
+                </ng-messages>
+              </div>
+            </div>
            <!-- !replica count -->

            <div
@@ -803,8 +813,8 @@
            </div>

            <div class="form-group" ng-if="ctrl.resourceReservationsOverflow()">
-              <div class="col-sm-12 small text-muted">
-                <i class="fa fa-exclamation-circle orange-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+              <div class="col-sm-12 small text-danger">
+                <i class="fa fa-exclamation-circle red-icon" aria-hidden="true" style="margin-right: 2px;"></i>
                This application would exceed available resources. Please review resource reservations or the instance count.
              </div>
            </div>
@@ -920,8 +930,8 @@
              </table>

              <div class="form-group" ng-if="ctrl.autoScalerOverflow()" style="margin-bottom: 10px;">
-                <div class="col-sm-12 small text-muted">
-                  <i class="fa fa-exclamation-circle orange-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+                <div class="col-sm-12 small text-danger">
+                  <i class="fa fa-exclamation-circle red-icon" aria-hidden="true" style="margin-right: 2px;"></i>
                  This application would exceed available resources. Please review resource reservations or the maximum instance count of the auto-scaling policy.
                </div>
              </div>
@@ -1343,7 +1353,7 @@
                        class="btn btn-primary"
                        ng-model="publishedPort.Protocol"
                        uib-btn-radio="'TCP'"
-                        ng-change="ctrl.onChangePortMappingContainerPort()"
+                        ng-change="ctrl.onChangePortProtocol($index)"
                        ng-disabled="ctrl.isProtocolOptionDisabled($index, 'TCP')"
                        >TCP</label
                      >
@@ -1351,7 +1361,7 @@
                        class="btn btn-primary"
                        ng-model="publishedPort.Protocol"
                        uib-btn-radio="'UDP'"
-                        ng-change="ctrl.onChangePortMappingContainerPort()"
+                        ng-change="ctrl.onChangePortProtocol($index)"
                        ng-disabled="ctrl.isProtocolOptionDisabled($index, 'UDP')"
                        >UDP</label
                      >
--- a/app/kubernetes/views/applications/create/createApplicationController.js
+++ b/app/kubernetes/views/applications/create/createApplicationController.js
@@ -303,6 +303,9 @@ class KubernetesCreateApplicationController {
    const ingresses = this.filteredIngresses;
    p.IngressName = ingresses && ingresses.length ? ingresses[0].Name : undefined;
    p.IngressHost = ingresses && ingresses.length ? ingresses[0].Host : undefined;
+    if (this.formValues.PublishedPorts.length) {
+      p.Protocol = this.formValues.PublishedPorts[0].Protocol;
+    }
    this.formValues.PublishedPorts.push(p);
  }

@@ -335,6 +338,7 @@ class KubernetesCreateApplicationController {
    this.onChangePortMappingNodePort();
    this.onChangePortMappingIngressRoute();
    this.onChangePortMappingLoadBalancer();
+    this.onChangePortProtocol();
  }

  onChangePortMappingContainerPort() {
@@ -403,6 +407,16 @@ class KubernetesCreateApplicationController {
      state.hasDuplicates = false;
    }
  }
+
+  onChangePortProtocol(index) {
+    this.onChangePortMappingContainerPort();
+    if (this.formValues.PublishingType === KubernetesApplicationPublishingTypes.LOAD_BALANCER) {
+      const newPorts = _.filter(this.formValues.PublishedPorts, { IsNew: true });
+      _.forEach(newPorts, (port) => {
+        port.Protocol = index ? this.formValues.PublishedPorts[index].Protocol : newPorts[0].Protocol;
+      });
+    }
+  }
  /* #endregion */

  /* #region  STATE VALIDATION FUNCTIONS */
@@ -488,12 +502,6 @@ class KubernetesCreateApplicationController {
    return _.uniq(storageOptions).join(', ');
  }

-  enforceReplicaCountMinimum() {
-    if (this.formValues.ReplicaCount === null) {
-      this.formValues.ReplicaCount = 1;
-    }
-  }
-
  resourceQuotaCapacityExceeded() {
    return !this.state.sliders.memory.max || !this.state.sliders.cpu.max;
  }
@@ -567,6 +575,10 @@ class KubernetesCreateApplicationController {
    return this.state.isEdit && !this.formValues.Placements[index].IsNew;
  }

+  isNewAndNotFirst(index) {
+    return !this.state.isEdit && index !== 0;
+  }
+
  showPlacementPolicySection() {
    const placements = _.filter(this.formValues.Placements, { NeedsDeletion: false });
    return placements.length !== 0;
@@ -606,8 +618,17 @@ class KubernetesCreateApplicationController {
    return this.state.isEdit && this.formValues.PublishedPorts.length > 0 && ports.length > 0;
  }

+  isEditLBWithPorts() {
+    return this.formValues.PublishingType === KubernetesApplicationPublishingTypes.LOAD_BALANCER && _.filter(this.formValues.PublishedPorts, { IsNew: false }).length;
+  }
+
  isProtocolOptionDisabled(index, protocol) {
-    return this.disableLoadBalancerEdit() || (this.isEditAndNotNewPublishedPort(index) && this.formValues.PublishedPorts[index].Protocol !== protocol);
+    return (
+      this.disableLoadBalancerEdit() ||
+      (this.isEditAndNotNewPublishedPort(index) && this.formValues.PublishedPorts[index].Protocol !== protocol) ||
+      (this.isEditLBWithPorts() && this.formValues.PublishedPorts[index].Protocol !== protocol) ||
+      (this.isNewAndNotFirst(index) && this.formValues.PublishedPorts[index].Protocol !== protocol)
+    );
  }

  /* #endregion */
--- a/app/kubernetes/views/applications/edit/application.html
+++ b/app/kubernetes/views/applications/edit/application.html
@@ -7,6 +7,8 @@
 <kubernetes-view-loading view-ready="ctrl.state.viewReady"></kubernetes-view-loading>

 <div ng-if="ctrl.state.viewReady">
+  <div ng-if="ctrl.state.isAdmin" ng-include="'app/kubernetes/templates/advancedDeploymentPanel.html'"></div>
+
  <div class="row">
    <div class="col-sm-12">
      <rd-widget>
@@ -133,7 +135,13 @@
            </uib-tab>

            <uib-tab index="1" classes="btn-sm" select="ctrl.selectTab(1)">
-              <uib-tab-heading> <i class="fas fa-compress-arrows-alt space-right" aria-hidden="true"></i> Placement </uib-tab-heading>
+              <uib-tab-heading>
+                <i class="fas fa-compress-arrows-alt space-right" aria-hidden="true"></i> Placement
+                <div ng-if="ctrl.state.placementWarning">
+                  <i class="fa fa-exclamation-circle orange-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+                  warning
+                </div>
+              </uib-tab-heading>
              <div class="small text-muted" style="padding: 20px;">
                <i class="fa fa-info-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
                The placement component helps you understand whether or not this application can be deployed on a specific node.
--- a/app/kubernetes/views/applications/edit/applicationController.js
+++ b/app/kubernetes/views/applications/edit/applicationController.js
@@ -1,3 +1,5 @@
+require('../../../templates/advancedDeploymentPanel.html');
+
 import angular from 'angular';
 import * as _ from 'lodash-es';
 import * as JsonPatch from 'fast-json-patch';
@@ -101,6 +103,7 @@ class KubernetesApplicationController {
    Notifications,
    LocalStorage,
    ModalService,
+    Authentication,
    KubernetesApplicationService,
    KubernetesEventService,
    KubernetesStackService,
@@ -114,6 +117,7 @@ class KubernetesApplicationController {
    this.Notifications = Notifications;
    this.LocalStorage = LocalStorage;
    this.ModalService = ModalService;
+    this.Authentication = Authentication;

    this.KubernetesApplicationService = KubernetesApplicationService;
    this.KubernetesEventService = KubernetesEventService;
@@ -146,7 +150,7 @@ class KubernetesApplicationController {

  showEditor() {
    this.state.showEditorTab = true;
-    this.selectTab(2);
+    this.selectTab(3);
  }

  isSystemNamespace() {
@@ -306,6 +310,7 @@ class KubernetesApplicationController {
      });

      this.placements = computePlacements(nodes, this.application);
+      this.state.placementWarning = _.find(this.placements, { AcceptsApplication: true }) ? false : true;
    } catch (err) {
      this.Notifications.error('Failure', err, 'Unable to retrieve application details');
    } finally {
@@ -331,8 +336,10 @@ class KubernetesApplicationController {
        name: this.$transition$.params().name,
      },
      eventWarningCount: 0,
+      placementWarning: false,
      expandedNote: false,
      useIngress: false,
+      isAdmin: this.Authentication.isAdmin(),
    };

    this.state.activeTab = this.LocalStorage.getActiveTab('application');
--- a/app/kubernetes/views/cluster/node/nodeController.js
+++ b/app/kubernetes/views/cluster/node/nodeController.js
@@ -339,8 +339,8 @@ class KubernetesNodeController {

    this.availableEffects = _.values(KubernetesNodeTaintEffects);
    this.formValues = KubernetesNodeConverter.nodeToFormValues(this.node);
-    this.formValues.Labels = KubernetesNodeHelper.reorderLabels(this.formValues.Labels);
    this.formValues.Labels = KubernetesNodeHelper.computeUsedLabels(this.applications, this.formValues.Labels);
+    this.formValues.Labels = KubernetesNodeHelper.reorderLabels(this.formValues.Labels);

    this.state.viewReady = true;
  }
--- a/app/kubernetes/views/configurations/configurations.html
+++ b/app/kubernetes/views/configurations/configurations.html
@@ -5,6 +5,8 @@
 <kubernetes-view-loading view-ready="ctrl.state.viewReady"></kubernetes-view-loading>

 <div ng-if="ctrl.state.viewReady">
+  <div ng-if="ctrl.state.isAdmin" ng-include="'app/kubernetes/templates/advancedDeploymentPanel.html'"></div>
+
  <div class="row">
    <div class="col-sm-12">
      <kubernetes-configurations-datatable
--- a/app/kubernetes/views/configurations/configurationsController.js
+++ b/app/kubernetes/views/configurations/configurationsController.js
@@ -1,14 +1,18 @@
+require('../../templates/advancedDeploymentPanel.html');
+
 import angular from 'angular';
 import KubernetesConfigurationHelper from 'Kubernetes/helpers/configurationHelper';

 class KubernetesConfigurationsController {
  /* @ngInject */
-  constructor($async, $state, Notifications, KubernetesConfigurationService, KubernetesApplicationService) {
+  constructor($async, $state, Notifications, Authentication, KubernetesConfigurationService, KubernetesApplicationService, ModalService) {
    this.$async = $async;
    this.$state = $state;
    this.Notifications = Notifications;
+    this.Authentication = Authentication;
    this.KubernetesConfigurationService = KubernetesConfigurationService;
    this.KubernetesApplicationService = KubernetesApplicationService;
+    this.ModalService = ModalService;

    this.onInit = this.onInit.bind(this);
    this.getConfigurations = this.getConfigurations.bind(this);
@@ -56,7 +60,11 @@ class KubernetesConfigurationsController {
  }

  removeAction(selectedItems) {
-    return this.$async(this.removeActionAsync, selectedItems);
+    this.ModalService.confirmDeletion('Do you want to remove the selected configuration(s)?', (confirmed) => {
+      if (confirmed) {
+        return this.$async(this.removeActionAsync, selectedItems);
+      }
+    });
  }

  async getApplicationsAsync() {
@@ -88,6 +96,7 @@ class KubernetesConfigurationsController {
      configurationsLoading: true,
      applicationsLoading: true,
      viewReady: false,
+      isAdmin: this.Authentication.isAdmin(),
    };

    await this.getApplications();
--- a/app/kubernetes/views/configurations/create/createConfiguration.html
+++ b/app/kubernetes/views/configurations/create/createConfiguration.html
@@ -106,6 +106,16 @@
            </div>
            <!-- !type options -->

+            <div class="col-sm-12 form-section-title" ng-if="ctrl.formValues.Type == ctrl.KubernetesConfigurationTypes.SECRET">
+              Information
+            </div>
+            <div class="form-group" ng-if="ctrl.formValues.Type == ctrl.KubernetesConfigurationTypes.SECRET">
+              <div class="col-sm-12 small text-muted">
+                Creating a sensitive configuration will create a Kubernetes Secret of type <code>Opaque</code>. You can find more information about this in the
+                <a href="https://kubernetes.io/docs/concepts/configuration/secret/#secret-types" target="_blank">official documentation</a>.
+              </div>
+            </div>
+
            <kubernetes-configuration-data ng-if="ctrl.formValues" form-values="ctrl.formValues" is-valid="ctrl.state.isDataValid"></kubernetes-configuration-data>

            <!-- actions -->
--- a/app/kubernetes/views/configure/configure.html
+++ b/app/kubernetes/views/configure/configure.html
@@ -33,7 +33,7 @@

            <div class="form-group">
              <span class="col-sm-12 text-muted small">
-                Adding ingress controllers will allow users to expose application they deploy over a HTTP route.<br />
+                Configuring ingress controllers will allow users to expose application they deploy over a HTTP route.<br />
                <p style="margin-top: 2px;">
                  <i class="fa fa-exclamation-circle orange-icon" aria-hidden="true" style="margin-right: 2px;"></i>
                  Ingress classes must be manually specified for each controller you want to use in the cluster. Make sure that each controller is running inside your cluster.
@@ -44,7 +44,7 @@
              <div class="col-sm-12">
                <label class="control-label text-left">Ingress controller</label>
                <span class="label label-default interactive" style="margin-left: 10px;" ng-click="ctrl.addIngressClass()">
-                  <i class="fa fa-plus-circle" aria-hidden="true"></i> add ingress controller
+                  <i class="fa fa-plus-circle" aria-hidden="true"></i> configure ingress controller
                </span>
              </div>

@@ -132,7 +132,53 @@
            </div>

            <div class="col-sm-12 form-section-title">
-              Metrics
+              Security
+            </div>
+
+            <div class="form-group">
+              <span class="col-sm-12 text-muted small">
+                By default, all the users have access to the default namespace. Enable this option to set accesses on the default namespace.
+              </span>
+            </div>
+            <div class="form-group">
+              <div class="col-sm-12">
+                <label class="control-label text-left">
+                  Restrict access to the default namespace
+                </label>
+                <label class="switch" style="margin-left: 20px;"> <input type="checkbox" disabled /><i></i> </label>
+                <span class="text-muted small" style="margin-left: 15px;">
+                  <i class="fa fa-user" aria-hidden="true"></i>
+                  This feature is available in <a href="https://www.portainer.io/business-upsell?from=k8s-setup-default" target="_blank"> Portainer Business Edition</a>.
+                </span>
+              </div>
+            </div>
+
+            <div class="col-sm-12 form-section-title">
+              Resources and Metrics
+            </div>
+
+            <div class="form-group">
+              <span class="col-sm-12 text-muted small">
+                By ENABLING resource over-commit, you are able to assign more resources to namespaces than is physically available in the cluster. This may lead to unexpected
+                deployment failures if there is insufficient resource to service demand.
+                <p style="margin-top: 2px;">
+                  <i class="fa fa-exclamation-circle orange-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+                  By DISABLING resource over-commit (highly recommended), you are only able to assign resources to namespaces that are less (in aggregate) than the cluster total
+                  minus any system resource reservation.
+                </p>
+              </span>
+            </div>
+            <div class="form-group">
+              <div class="col-sm-12">
+                <label class="control-label text-left">
+                  Allow resource over-commit
+                </label>
+                <label class="switch" style="margin-left: 20px;"> <input type="checkbox" checked disabled /><i></i> </label>
+                <span class="text-muted small" style="margin-left: 15px;">
+                  <i class="fa fa-user" aria-hidden="true"></i>
+                  This feature is available in <a href="https://www.portainer.io/business-upsell?from=k8s-setup-overcommit" target="_blank"> Portainer Business Edition</a>.
+                </span>
+              </div>
            </div>

            <div class="form-group">
--- a/app/kubernetes/views/deploy/deploy.html
+++ b/app/kubernetes/views/deploy/deploy.html
@@ -69,8 +69,14 @@
                    </p>
                  </span>
                  <span class="col-sm-12 text-muted small" ng-show="ctrl.state.DeployType === ctrl.ManifestDeployTypes.KUBERNETES">
-                    You can get more information about Kubernetes file format in the
-                    <a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/" target="_blank">official documentation</a>.
+                    <p>
+                      <i class="fa fa-info-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+                      This feature allows you to deploy any kind of Kubernetes resource in this environment (Deployment, Secret, ConfigMap...).
+                    </p>
+                    <p>
+                      You can get more information about Kubernetes file format in the
+                      <a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/" target="_blank">official documentation</a>.
+                    </p>
                  </span>
                </div>
                <div class="form-group">
--- a/app/kubernetes/views/resource-pools/create/createResourcePool.html
+++ b/app/kubernetes/views/resource-pools/create/createResourcePool.html
@@ -129,6 +129,63 @@
            </div>
            <!-- #endregion -->

+            <!-- #region LOAD-BALANCERS -->
+            <div class="col-sm-12 form-section-title">
+              Load balancers
+            </div>
+
+            <div class="form-group">
+              <span class="col-sm-12 text-muted small">
+                <i class="fa fa-info-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+                You can set a quota on the amount of external load balancers that can be created inside this resource pool. Set this quota to 0 to effectively disable the use of
+                load balancers in this resource pool.
+              </span>
+            </div>
+            <div class="form-group">
+              <div class="col-sm-12">
+                <label class="control-label text-left">
+                  Load Balancer quota
+                </label>
+                <label class="switch" style="margin-left: 20px;"> <input type="checkbox" disabled /><i></i> </label>
+                <span class="text-muted small" style="margin-left: 15px;">
+                  <i class="fa fa-user" aria-hidden="true"></i>
+                  This feature is available in <a href="https://www.portainer.io/business-upsell?from=k8s-resourcepool-lbquota" target="_blank"> Portainer Business Edition</a>.
+                </span>
+              </div>
+            </div>
+            <!-- #endregion -->
+
+            <!-- #region STORAGES -->
+            <div class="col-sm-12 form-section-title">
+              Storages
+            </div>
+
+            <div class="form-group">
+              <span class="col-sm-12 text-muted small">
+                <i class="fa fa-info-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+                Quotas can be set on each storage option to prevent users from exceeding a specific threshold when deploying applications. You can set a quota to 0 to effectively
+                prevent the usage of a specific storage option inside this resource pool.
+              </span>
+            </div>
+            <div class="col-sm-12 form-section-title">
+              <i class="fa fa-route" aria-hidden="true" style="margin-right: 2px;"></i>
+              standard
+            </div>
+            <div class="form-group">
+              <div class="col-sm-12">
+                <label class="control-label text-left">
+                  Enable quota
+                </label>
+                <label class="switch" style="margin-left: 20px;"> <input type="checkbox" disabled /><i></i> </label>
+                <span class="text-muted small" style="margin-left: 15px;">
+                  <i class="fa fa-user" aria-hidden="true"></i>
+                  This feature is available in
+                  <a href="https://www.portainer.io/business-upsell?from=k8s-resourcepool-storagequota" target="_blank"> Portainer Business Edition</a>.
+                </span>
+              </div>
+            </div>
+            <!-- #endregion -->
+
            <div ng-if="ctrl.state.canUseIngress">
              <div class="col-sm-12 form-section-title">
                Ingresses
--- a/app/kubernetes/views/resource-pools/edit/resourcePool.html
+++ b/app/kubernetes/views/resource-pools/edit/resourcePool.html
@@ -250,6 +250,63 @@
                  </div>
                  <!-- #endregion -->
                </div>
+                <!-- #region LOAD-BALANCERS -->
+                <div class="col-sm-12 form-section-title">
+                  Load balancers
+                </div>
+
+                <div class="form-group">
+                  <span class="col-sm-12 text-muted small">
+                    <i class="fa fa-info-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+                    You can set a quota on the amount of external load balancers that can be created inside this resource pool. Set this quota to 0 to effectively disable the use
+                    of load balancers in this resource pool.
+                  </span>
+                </div>
+                <div class="form-group">
+                  <div class="col-sm-12">
+                    <label class="control-label text-left">
+                      Load Balancer quota
+                    </label>
+                    <label class="switch" style="margin-left: 20px;"> <input type="checkbox" disabled /><i></i> </label>
+                    <span class="text-muted small" style="margin-left: 15px;">
+                      <i class="fa fa-user" aria-hidden="true"></i>
+                      This feature is available in <a href="https://www.portainer.io/business-upsell?from=k8s-resourcepool-lbquota" target="_blank"> Portainer Business Edition</a>.
+                    </span>
+                  </div>
+                </div>
+                <!-- #endregion -->
+
+                <!-- #region LOAD-BALANCERS -->
+                <div class="col-sm-12 form-section-title">
+                  Storages
+                </div>
+
+                <div class="form-group">
+                  <span class="col-sm-12 text-muted small">
+                    <i class="fa fa-info-circle blue-icon" aria-hidden="true" style="margin-right: 2px;"></i>
+                    Quotas can be set on each storage option to prevent users from exceeding a specific threshold when deploying applications. You can set a quota to 0 to
+                    effectively prevent the usage of a specific storage option inside this resource pool.
+                  </span>
+                </div>
+                <div class="col-sm-12 form-section-title">
+                  <i class="fa fa-route" aria-hidden="true" style="margin-right: 2px;"></i>
+                  standard
+                </div>
+                <div class="form-group">
+                  <div class="col-sm-12">
+                    <label class="control-label text-left">
+                      Enable quota
+                    </label>
+                    <label class="switch" style="margin-left: 20px;"> <input type="checkbox" disabled /><i></i> </label>
+                    <span class="text-muted small" style="margin-left: 15px;">
+                      <i class="fa fa-user" aria-hidden="true"></i>
+                      This feature is available in
+                      <a href="https://www.portainer.io/business-upsell?from=k8s-resourcepool-storagequota" target="_blank"> Portainer Business Edition</a>.
+                    </span>
+                  </div>
+                </div>
+                <!-- #endregion -->
+
                <!-- actions -->
                <div ng-if="ctrl.isAdmin && ctrl.isEditable" class="col-sm-12 form-section-title">
                  Actions
--- a/app/kubernetes/views/volumes/components/volumes-storages-datatable/template.html
+++ b/app/kubernetes/views/volumes/components/volumes-storages-datatable/template.html
@@ -58,19 +58,19 @@
        <table class="table table-hover nowrap-cells">
          <thead>
            <tr>
-              <th style="width: 10%;">
+              <th style="width: 20px;">
                <a ng-click="$ctrl.expandAll()" ng-if="$ctrl.hasExpandableItems()">
                  <i ng-class="{ 'fas fa-angle-down': $ctrl.state.expandAll, 'fas fa-angle-right': !$ctrl.state.expandAll }" aria-hidden="true"></i>
                </a>
              </th>
-              <th style="width: 55%;">
+              <th style="width: 60%;">
                <a ng-click="$ctrl.changeOrderBy('Name')">
                  Storage
                  <i class="fa fa-sort-alpha-down" aria-hidden="true" ng-if="$ctrl.state.orderBy === 'Name' && !$ctrl.state.reverseOrder"></i>
                  <i class="fa fa-sort-alpha-up" aria-hidden="true" ng-if="$ctrl.state.orderBy === 'Name' && $ctrl.state.reverseOrder"></i>
                </a>
              </th>
-              <th style="width: 35%;">
+              <th style="width: 38%;">
                <a ng-click="$ctrl.changeOrderBy('Size')">
                  Usage
                  <i class="fa fa-sort-numeric-down" aria-hidden="true" ng-if="$ctrl.state.orderBy === 'Size' && !$ctrl.state.reverseOrder"></i>
@@ -96,8 +96,9 @@
              <td>{{ item.Size }}</td>
            </tr>
            <tr dir-paginate-end ng-show="item.Expanded" ng-repeat="vol in item.Volumes" ng-style="{ background: item.Highlighted ? '#d5e8f3' : '#f5f5f5' }">
-              <td colspan="2">
-                <a ui-sref="kubernetes.volumes.volume({ name: vol.PersistentVolumeClaim.Name, namespace: vol.PersistentVolumeClaim.Namespace })" style="margin-left: 25px;">
+              <td></td>
+              <td>
+                <a ui-sref="kubernetes.volumes.volume({ name: vol.PersistentVolumeClaim.Name, namespace: vol.PersistentVolumeClaim.Namespace })">
                  {{ vol.PersistentVolumeClaim.Name }}
                </a>
              </td>
--- a/app/kubernetes/views/volumes/edit/volume.html
+++ b/app/kubernetes/views/volumes/edit/volume.html
@@ -37,6 +37,17 @@
                      <td>Storage</td>
                      <td>{{ ctrl.volume.PersistentVolumeClaim.StorageClass.Name }}</td>
                    </tr>
+                    <tr>
+                      <td>Shared Access Policy</td>
+                      <td
+                        >{{ ctrl.state.volumeSharedAccessPolicy }}
+                        <portainer-tooltip
+                          position="bottom"
+                          ng-if="ctrl.state.volumeSharedAccessPolicyTooltip"
+                          message="{{ ctrl.state.volumeSharedAccessPolicyTooltip }}"
+                        ></portainer-tooltip
+                      ></td>
+                    </tr>
                    <tr>
                      <td>Provisioner</td>
                      <td>{{ ctrl.volume.PersistentVolumeClaim.StorageClass.Provisioner ? ctrl.volume.PersistentVolumeClaim.StorageClass.Provisioner : '-' }}</td>
--- a/app/kubernetes/views/volumes/edit/volumeController.js
+++ b/app/kubernetes/views/volumes/edit/volumeController.js
@@ -2,6 +2,7 @@ import angular from 'angular';
 import _ from 'lodash-es';
 import KubernetesVolumeHelper from 'Kubernetes/helpers/volumeHelper';
 import KubernetesEventHelper from 'Kubernetes/helpers/eventHelper';
+import { KubernetesStorageClassAccessPolicies } from 'Kubernetes/models/storage-class/models';
 import filesizeParser from 'filesize-parser';

 class KubernetesVolumeController {
@@ -179,6 +180,8 @@ class KubernetesVolumeController {
      volumeSize: 0,
      volumeSizeUnit: 'GB',
      volumeSizeError: false,
+      volumeSharedAccessPolicy: '',
+      volumeSharedAccessPolicyTooltip: '',
    };

    this.state.activeTab = this.LocalStorage.getActiveTab('volume');
@@ -186,6 +189,16 @@ class KubernetesVolumeController {
    try {
      await this.getVolume();
      await this.getEvents();
+      if (this.volume.PersistentVolumeClaim.StorageClass !== undefined) {
+        this.state.volumeSharedAccessPolicy = this.volume.PersistentVolumeClaim.StorageClass.AccessModes[this.volume.PersistentVolumeClaim.StorageClass.AccessModes.length - 1];
+        let policies = KubernetesStorageClassAccessPolicies();
+
+        policies.forEach((policy) => {
+          if (policy.Name == this.state.volumeSharedAccessPolicy) {
+            this.state.volumeSharedAccessPolicyTooltip = policy.Description;
+          }
+        });
+      }
    } catch (err) {
      this.Notifications.error('Failure', err, 'Unable to load view data');
    } finally {
--- a/app/kubernetes/views/volumes/volumes.html
+++ b/app/kubernetes/views/volumes/volumes.html
@@ -5,6 +5,8 @@
 <kubernetes-view-loading view-ready="ctrl.state.viewReady"></kubernetes-view-loading>

 <div ng-if="ctrl.state.viewReady">
+  <div ng-if="ctrl.state.isAdmin" ng-include="'app/kubernetes/templates/advancedDeploymentPanel.html'"></div>
+
  <div class="row">
    <div class="col-sm-12">
      <rd-widget>
--- a/app/kubernetes/views/volumes/volumesController.js
+++ b/app/kubernetes/views/volumes/volumesController.js
@@ -1,3 +1,5 @@
+require('../../templates/advancedDeploymentPanel.html');
+
 import * as _ from 'lodash-es';
 import filesizeParser from 'filesize-parser';
 import angular from 'angular';
@@ -39,10 +41,22 @@ function computeSize(volumes) {

 class KubernetesVolumesController {
  /* @ngInject */
-  constructor($async, $state, Notifications, ModalService, LocalStorage, EndpointProvider, KubernetesStorageService, KubernetesVolumeService, KubernetesApplicationService) {
+  constructor(
+    $async,
+    $state,
+    Notifications,
+    Authentication,
+    ModalService,
+    LocalStorage,
+    EndpointProvider,
+    KubernetesStorageService,
+    KubernetesVolumeService,
+    KubernetesApplicationService
+  ) {
    this.$async = $async;
    this.$state = $state;
    this.Notifications = Notifications;
+    this.Authentication = Authentication;
    this.ModalService = ModalService;
    this.LocalStorage = LocalStorage;
    this.EndpointProvider = EndpointProvider;
@@ -117,6 +131,7 @@ class KubernetesVolumesController {
      currentName: this.$state.$current.name,
      endpointId: this.EndpointProvider.endpointID(),
      activeTab: this.LocalStorage.getActiveTab('volumes'),
+      isAdmin: this.Authentication.isAdmin(),
    };

    await this.getVolumes();
--- a/app/portainer/__module.js
+++ b/app/portainer/__module.js
@@ -392,6 +392,16 @@ angular.module('portainer.app', ['portainer.oauth']).config([
      },
    };

+    var roles = {
+      name: 'portainer.roles',
+      url: '/roles',
+      views: {
+        'content@': {
+          templateUrl: './views/roles/roles.html',
+        },
+      },
+    };
+
    $stateRegistryProvider.register(root);
    $stateRegistryProvider.register(endpointRoot);
    $stateRegistryProvider.register(portainer);
@@ -422,6 +432,7 @@ angular.module('portainer.app', ['portainer.oauth']).config([
    $stateRegistryProvider.register(user);
    $stateRegistryProvider.register(teams);
    $stateRegistryProvider.register(team);
+    $stateRegistryProvider.register(roles);
  },
 ]);

--- a/app/portainer/components/accessManagement/porAccessManagement.html
+++ b/app/portainer/components/accessManagement/porAccessManagement.html
@@ -28,6 +28,18 @@
            </div>
          </div>

+          <div class="form-group">
+            <label class="col-sm-3 col-lg-2 control-label text-left">
+              Role
+            </label>
+            <div class="col-sm-9 col-lg-4">
+              <span class="text-muted small">
+                <i class="fa fa-user" aria-hidden="true"></i>
+                This feature is available in <a href="https://www.portainer.io/business-upsell?from=k8s-rbac-access" target="_blank"> Portainer Business Edition</a>.
+              </span>
+            </div>
+          </div>
+
          <!-- actions -->
          <div class="form-group">
            <div class="col-sm-12">
--- a/app/portainer/components/datatables/access-viewer-datatable/accessViewerDatatable.html
+++ b/app/portainer/components/datatables/access-viewer-datatable/accessViewerDatatable.html
@@ -0,0 +1,26 @@
+<div class="datatable">
+  <div class="searchBar">
+    <i class="fa fa-search searchIcon" aria-hidden="true"></i>
+    <input type="text" class="searchInput" placeholder="Search..." ng-model-options="{ debounce: 300 }" />
+  </div>
+  <div class="table-responsive">
+    <table class="table table-hover nowrap-cells">
+      <thead>
+        <tr>
+          <th>
+            Endpoint
+          </th>
+          <th>
+            Role
+          </th>
+          <th>Access origin</th>
+        </tr>
+      </thead>
+      <tbody>
+        <tr ng-if="!$ctrl.dataset">
+          <td colspan="3" class="text-center text-muted">Select a user to show associated access and role</td>
+        </tr>
+      </tbody>
+    </table>
+  </div>
+</div>
--- a/app/portainer/components/datatables/access-viewer-datatable/accessViewerDatatable.js
+++ b/app/portainer/components/datatables/access-viewer-datatable/accessViewerDatatable.js
@@ -0,0 +1,11 @@
+angular.module('portainer.app').component('accessViewerDatatable', {
+  templateUrl: './accessViewerDatatable.html',
+  controller: 'GenericDatatableController',
+  bindings: {
+    titleText: '@',
+    titleIcon: '@',
+    tableKey: '@',
+    orderBy: '@',
+    dataset: '<',
+  },
+});
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Stéphane Busso	e387b51c00	Bump docker compose to 1.28.2	2021-01-28 00:07:55 +13:00
Simon Meng	dab597d1c1	fix(stack): use margin to add space between line instead of using br tag	2021-01-25 16:20:29 +13:00
Simon Meng	a6af1b067f	fix(stack): get endpoint by EndpointProvider	2021-01-25 16:01:23 +13:00
Dmitry Salakhov	fe10e6583a	refactor: renames	2021-01-25 15:40:48 +13:00
ssbkang	9f8420897a	feat(build/windows): add git for Docker Compose - fixed verbose output	2021-01-24 12:58:34 +13:00
ssbkang	ad95f31e95	feat(build/windows): add git for Docker Compose	2021-01-24 12:49:59 +13:00
Steven Kang	3d9f33bb7f	feat(build/windows): add git for Docker Compose	2021-01-23 22:31:22 +13:00
Steven Kang	876de871ff	feat(build/windows): add git for Docker Compose	2021-01-23 22:01:31 +13:00
Steven Kang	33e833a86b	feat(build/windows): add git for Docker Compose	2021-01-23 21:01:19 +13:00
Steven Kang	11a730c75c	feat(build/windows): add git for Docker Compose	2021-01-23 18:26:17 +13:00
Stéphane Busso	38d3a4fded	Remove builder stage	2021-01-22 13:46:44 +13:00
Stéphane Busso	a61785f402	Remove tmp folder	2021-01-22 13:45:55 +13:00
Dmitry Salakhov	5b28399aec	fix: try to fix windows build by removing indirect deps from go.mod	2021-01-22 09:51:05 +13:00
yi-portainer	d6baf553e0	* use console log in grunt file	2021-01-22 09:06:16 +13:00
yi-portainer	6956366129	* attempt to debug grunt issue	2021-01-22 08:45:11 +13:00
yi-portainer	961a95f19f	* attempt to fix the windows build issue	2021-01-21 22:19:51 +13:00
Stéphane Busso	f540f76f27	Rollback docker compose to 1.27.4	2021-01-21 15:25:18 +13:00
Dmitry Salakhov	60b8b55d8e	fix: markup typo	2021-01-21 15:19:00 +13:00
Stéphane Busso	9dc04d220a	remove message for docker compose limitation	2021-01-21 15:07:34 +13:00
Stéphane Busso	36f8e42dfe	Bump docker-compose to 1.28.0	2021-01-21 14:44:33 +13:00
Stéphane Busso	408cbbb6f1	Fix used tmp	2021-01-21 13:05:46 +13:00
Dmitry Salakhov	bb94bf0a91	refactor: proxy server	2021-01-20 17:22:29 +13:00
Simon Meng	bca8d48799	Get and show composeSyntaxMaxVersion at stack editor screen	2021-01-20 17:22:29 +13:00
Simon Meng	47a5d205a1	Get and show composeSyntaxMaxVersion at stack creation screen	2021-01-20 17:22:29 +13:00
Dmitry Salakhov	5f244e6cf3	fix: store wrapper version in portainer	2021-01-20 17:22:29 +13:00
Dmitry Salakhov	a549a14340	fix: pick compose syntax version	2021-01-20 17:22:29 +13:00
Dmitry Salakhov	450ca77644	feat: pass max supported compose syntax version with each endpoint	2021-01-20 17:22:29 +13:00
Stéphane Busso	72c29ff97e	Cleanup wrapper and manager	2021-01-20 17:22:29 +13:00
Stéphane Busso	c44e53a55d	Move server to proxy implementation	2021-01-20 17:22:29 +13:00
Dmitry Salakhov	2c7ba3d79b	refactor: remove unused code	2021-01-20 17:22:29 +13:00
Stéphane Busso	db6d8a0830	Fix merge issue	2021-01-20 17:22:29 +13:00
Stéphane Busso	6b1435c881	Add edge	2021-01-20 17:22:29 +13:00
Dmitry Salakhov	f26c2fc6e0	fix: tests	2021-01-20 17:22:29 +13:00
Dmitry Salakhov	1fc064ca38	refactor: compose wrapper remove unused code	2021-01-20 17:22:28 +13:00
Dmitry Salakhov	9081595bd9	fix: string conversion	2021-01-20 17:22:28 +13:00
Dmitry Salakhov	78fa3be9a0	refactor: pass proxyManager by ref	2021-01-20 17:22:28 +13:00
Stéphane Busso	30b010def5	Fix local deployment	2021-01-20 17:22:28 +13:00
Stéphane Busso	6ba92edff6	Add lite transport for compose	2021-01-20 17:22:28 +13:00
Stéphane Busso	bb21116ca1	Proxy	2021-01-20 17:22:28 +13:00
Stéphane Busso	347d6f06a2	logs	2021-01-20 17:22:28 +13:00
Stéphane Busso	e03d7f79b8	add proxy server	2021-01-20 17:22:28 +13:00
Dmitry Salakhov	454dd7c748	fix: line endings	2021-01-20 17:22:28 +13:00
Stéphane Busso	e32b4fe219	Add tmp folder for docker-compose	2021-01-20 17:22:28 +13:00
Stéphane Busso	21cd8921cf	Keep amd64 architecture as download parameter	2021-01-20 17:21:11 +13:00
Stéphane Busso	4687fad960	Fix platofrm specific docker-compose download	2021-01-20 17:18:59 +13:00
Stéphane Busso	6ce5615d85	Fix wget	2021-01-20 17:11:50 +13:00
Stéphane Busso	f4c21a8a6e	Add static compose build for linux	2021-01-20 17:10:47 +13:00
Dmitry Salakhov	aba0f5084c	fix(compose): pick compose implementation upon startup	2021-01-20 17:10:47 +13:00
Dmitry Salakhov	9aec769554	feat(compose): add docker-compose wrapper ce-187	2021-01-20 17:10:46 +13:00
cong meng	da41dbb79a	fix(stack): stacks created via API are incorrectly marked as private with no owner (#3721 ) (#4725 ) Co-authored-by: Simon Meng <simon.meng@portainer.io>	2021-01-20 15:19:35 +13:00
Maxime Bajeux	68d42617f2	feat(placement): Add a warning notification under the placement tab when an application cannot be scheduled on any node in the cluster (#4525 ) * feat(placement): Add a warning notification under the placement tab when an application cannot be scheduled on any node in the cluster * fix(applications): if there is at least one node the application can schedule on, then do not show the warning	2021-01-20 13:02:18 +13:00
Anthony McMahon	8323e22309	Update issue templates Adding auto labelling to Bug Report (kind/bug, bug/unconfirmed) and Question (kind/question)	2021-01-20 12:06:25 +13:00
Chaim Lev-Ari	20d4341170	fix(state): check validity of state (#4609 )	2021-01-19 11:10:08 +13:00
Chaim Lev-Ari	832cafc933	fix(registries): update password only when not empty (#4669 )	2021-01-18 13:59:57 +13:00
cong meng	f3c537ac2c	chore(build): bump Kompose version (#4473 ) (#4724 ) Co-authored-by: Simon Meng <simon.meng@portainer.io>	2021-01-18 13:02:16 +13:00
Anthony McMahon	958baf6283	Update README.md	2021-01-18 09:30:17 +13:00
Chaim Lev-Ari	08e392378e	chore(app): fail on angular components missing nginject (#4224 )	2021-01-17 20:28:09 +13:00
Alice Groux	a2d9734b8b	fix(k8s/datatables): reduce size of collapse/expand column for stacks datatable and storage datatable (#4511 ) * fix(k8s/datatables): reduce size of collapse/expand column for stacks datatable and storage datatable * fix(k8s/datatables): reduce size of expand/collapse column	2021-01-17 16:50:22 +13:00
DarkAEther	15aed9fc6f	feat(area/kubernetes): show shared access policy in volume details (#4707 )	2021-01-17 13:53:32 +13:00
Alice Groux	121d33538d	fix(k8s/application): validate load balancer ports inputs (#4426 ) * fix(k8s/application): validate load balancer ports inputs * fix(k8s/application): allow user to only change the protocol on the first port mapping	2021-01-15 14:51:36 +13:00
Olli Janatuinen	7a03351df8	dep(api): Support Docker Stack 3.8 (#4333 ) - Linux: Update Docker binary to version 19.03.13 - Windows: Update Docker binary to version 19.03.12	2021-01-15 10:05:33 +13:00
Alice Groux	0c2987893d	feat(app/images): in advanced mode, remove tooltip and add an information message (#4528 )	2021-01-14 15:04:44 +13:00
Alice Groux	d1eddaa188	feat(app/network): rename restrict external acces to the network label and add a tooltip (#4514 )	2021-01-14 12:24:56 +13:00
Anthony Lapenna	d336ada3c2	feat(k8s/application): review application creation warning style (#4613 )	2021-01-13 16:13:27 +13:00
Avadhut Tanugade	839198fbff	#4424 style(stack-details): shift button position in stack details (#4439 )	2021-01-13 12:19:18 +13:00
Chaim Lev-Ari	486ffa5bbd	chore(webpack): add source maps (#4471 ) * chore(webpack): add source maps * feat(build): fetch source maps for 3rd party libs	2021-01-13 10:40:09 +13:00
Maxime Bajeux	4cd468ce21	Can't create kubernetes resources with a username longer than 63 characters (#4672 ) * fix(kubernetes): truncate username when we create resource * fix(k8s): remove forbidden characters in owner label	2021-01-12 14:35:59 +13:00
Chaim Lev-Ari	cbd7fdc62e	feat(docker/stacks): introduce date info for stacks (#4660 ) * feat(docker/stacks): add creation and update dates * feat(docker/stacks): put ownership column as the last column * feat(docker/stacks): fix the no stacks message * refactor(docker/stacks): make external stacks helpers more readable * feat(docker/stacks): add updated and created by * feat(docker/stacks): toggle updated column * refactor(datatable): create column visibility component Co-authored-by: alice groux <alice.grx@gmail.com>	2021-01-12 12:38:49 +13:00
DarkAEther	b9fe8009dd	feat(image-details): Show labels in images datatable (#4287 ) * feat(images): show labels in images datatable * move labels to image details view	2021-01-11 15:35:19 +13:00
Stéphane Busso	6a504e7134	fix(settings): Use default setting if UserSessionTimeout not set (#4521 ) * fix(settings): Use default settings if UserSessionTimeout not set * Update UserSessionTimeout settings in database if set to empty string	2021-01-11 14:44:15 +13:00
Alice Groux	51ba0876a5	feat(k8s/configuration): rename add ingress controller button and changed information text (#4540 )	2021-01-11 12:51:46 +13:00
Alice Groux	769e6a4c6c	feat(k8s/configuration): add extra information panel when creating a sensitive configuration (#4541 )	2021-01-11 11:30:31 +13:00
cong meng	105d1ae519	feat(frontend): de-emphasize internal login when OAuth is enabled (#3065 ) (#4565 ) * feat(frontend): de-emphasize internal login when OAuth is enabled (#3065) * feat(frontend): change the "Use internal authentication" style to be primary (#3065) * feat(frontend): resize the login with "provider" button to use a 120% font size (#3065) * feat(frontend): remove unused css for h1 tag (#3065) Co-authored-by: Simon Meng <simon.meng@portainer.io>	2021-01-08 15:30:43 +13:00
cong meng	cf508065ec	fix(frontend): application edit page initializes the overridenKeyType of new added configuration key to NONE so that the user can select how to load it (#4548 ) (#4593 ) Co-authored-by: Simon Meng <simon.meng@portainer.io>	2021-01-08 12:51:27 +13:00
itsconquest	eab828279e	chore(project): exclude refactors (#4689 )	2021-01-08 12:46:57 +13:00
cong meng	d5763a970b	fix(frontend): Resource pool 'created' attribute is showing the time you view it at & not actual creation time (#4568 ) (#4599 ) Co-authored-by: Simon Meng <simon.meng@portainer.io>	2021-01-08 12:45:06 +13:00
cong meng	c9f68a4d8f	fix(kubernetes): removes kube client cache when edge proxy is removed (#4487 ) (#4574 ) Co-authored-by: Simon Meng <simon.meng@portainer.io>	2021-01-08 11:55:42 +13:00
Alice Groux	7848bcf2f4	feat(k8s/resources-list-view): add advanced deployment panel to resources list view (#4516 ) * feat(k8s/resources-list-view): add advanced deployment panel to applications view, configurations view and volumes view * feat(k8s/resources-list-view): move advanced deployment into a template and use it everywhere	2021-01-08 10:29:17 +13:00
Stéphane Busso	b924347c5b	Bump portainer version	2021-01-07 14:03:46 +13:00
Yi Chen	9fbda9fb99	Merge in release fixes to develop (#4687 ) * fix(frontend) unable to retrieve config map error when trying to manage newly created resource pool (ce#180) (#4618) * fix(frontend) unable to retrieve config map error when trying to manage newly created resource pool (ce#180) * fix(frontend) rephrase comments (#4629) Co-authored-by: Stéphane Busso <sbusso@users.noreply.github.com> Co-authored-by: Simon Meng <simon.meng@portainer.io> Co-authored-by: Stéphane Busso <sbusso@users.noreply.github.com> * + silently continue when downloading artifacts in windows (#4637) * fix(docker/stack-details): do not display editor tab for external stack (#4650) * Revert "chore(build): bump Kompose version (#4475)" (#4676) This reverts commit `380f106571`. Co-authored-by: Stéphane Busso <sbusso@users.noreply.github.com> Co-authored-by: cong meng <mcpacino@gmail.com> Co-authored-by: Simon Meng <simon.meng@portainer.io> Co-authored-by: Stéphane Busso <sbusso@users.noreply.github.com> Co-authored-by: Anthony Lapenna <anthony.lapenna@portainer.io>	2021-01-07 13:38:01 +13:00
Anthony Lapenna	82f8062784	chore(github): update issue template	2021-01-06 11:31:05 +13:00
knittl	49982eb98a	#4411 docs: make build steps for local development more easily discoverable (#4412 )	2021-01-06 08:49:50 +13:00
Stéphane Busso	4be3ac470f	Merge pull request #4658 from portainer/revert-4475-chore-ce-86-bump-kompose-version Revert "chore(build): bump Kompose version"	2020-12-24 23:45:53 +13:00
Stéphane Busso	a50ab51bef	Revert "chore(build): bump Kompose version (#4475 )" This reverts commit `380f106571`.	2020-12-24 12:12:28 +13:00
Yi Chen	7975ef796d	Revert "feat(docker/stacks): add creation and update dates (#4418 )" (#4606 ) This reverts commit `bd98b8956a`.	2020-12-17 13:33:45 +13:00
xAt0mZ	f8b226a1ef	fix(k8s/application): ability to remove naked pods (#4598 )	2020-12-17 13:05:31 +13:00
cong meng	342a0d6d22	fix(k8s/application): transform username to be dns compliant (#4595 ) (#4601 ) * fix(k8s/application): transform username to be dns compliant (#4595) * fix(k8s/application): transform username to be dns compliant for configurations and resource pools(#4595) * fix(k8s/application): update regex to replace all special characters (#4595) Co-authored-by: Simon Meng <simon.meng@portainer.io>	2020-12-17 12:20:18 +13:00
Alice Groux	58bf76a58f	feat(app/volumes): add confirmation modal before deleting volumes in volumes view and volume view (#4597 )	2020-12-16 19:57:31 +13:00
Alice Groux	bd98b8956a	feat(docker/stacks): add creation and update dates (#4418 ) * feat(docker/stacks): add creation and update dates * feat(docker/stacks): put ownership column as the last column * feat(docker/stacks): fix the no stacks message	2020-12-16 16:11:59 +13:00
Alice Groux	4bc958f865	feat(app/logs): add download button on container logs and service logs views (#4529 )	2020-12-16 12:30:16 +13:00
aravind-korada	b67c0e870c	#4470 fix(stack): fix a display issue with the stack editor tab. (#4543 )	2020-12-15 11:42:54 +13:00
Chaim Lev-Ari	067257df2b	fix(services): prevent adding volume without source and target (#4538 ) * feat(services): check that target mounts are non empty * feat(services): prevent creating service when no source * refactor(services): remove ng-form * fix(services): check that every volume is valid	2020-12-14 16:27:05 +13:00
Alice Groux	5f2f7a87ab	feat(app): add a preview for business edition features (#4578 ) * feat(app): add a preview for business edition features * feat(app): open links in new tab + show storage quota section + grey out unavailable providers	2020-12-14 14:31:59 +13:00
cong meng	f656ad7124	fix(frontend): fix incorrect datatable selection count on text filter change (#4474 ) Co-authored-by: Simon Meng <simon@mcpacino.tk>	2020-12-14 12:25:00 +13:00
Alice Groux	f681e2d532	feat(endpoint): start Portainer without endpoint (#4460 ) * feat(endpoint): start Portainer without endpoint * feat(endpoint): minor UI update Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>	2020-12-14 10:20:35 +13:00
Anthony Lapenna	fdb9bf09de	docs(README): update README contribution link (#4587 )	2020-12-14 09:18:41 +13:00
Alice Groux	92ad3e788d	feat(k8s/configuration): rename create entry file button (#4515 )	2020-12-13 21:42:54 +13:00
Alice Groux	bc2f5a3260	feat(k8s/advanced-deployment): update extra information message when kubernetes type is selected (#4542 )	2020-12-13 17:54:38 +13:00
Alice Groux	487123491e	fix(k8s/application): improve ux for instance count input in creation/edition application (#4498 )	2020-12-13 17:22:46 +13:00
cong meng	380f106571	chore(build): bump Kompose version (#4475 ) Co-authored-by: Simon Meng <simon@mcpacino.tk>	2020-12-13 16:22:18 +13:00
Alice Groux	341378e783	feat(app/endpoint): add deployment instructions for windows (#4442 ) * feat(app/endpoint): add deployment instructions for windows * feat(app/endpoint): hide instructions for kubernetes via load balancer and kubernetes via node port when windows is selected * feat(endpoint): minor UI update Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>	2020-12-13 15:50:42 +13:00
Alice Groux	b360936454	feat(app/endpoint): edge deployment for windows (#4443 ) * feat(app/endpoint): edge deployment for windows * feat(app/endpoint): hide instructions for kubernetes when windows is selected * feat(app/endpoint): fix typo * feat(endpoint): minor UI update Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>	2020-12-11 17:40:56 +13:00
Mathieu Cantin	8204d32538	fix(configs): fix error with binary file (#3937 )	2020-12-11 09:57:28 +13:00
Maxime Bajeux	60c5ab3eec	feat(kube): Add a confirmation modal before deleting one or more application or configuration (#4522 )	2020-12-10 20:46:58 +13:00
Anthony Lapenna	20cf948e53	fix(docker/resourcecontrol): fix an issue with resource deletion (#4524 )	2020-12-10 20:31:31 +13:00
Alice Groux	45fcb1ad26	fix(k8s/configuration): save the owner when updating the configuration (#4517 )	2020-12-10 19:49:25 +13:00
Alice Groux	7398d54ed0	fix(k8s/application): refreshing yaml panel doesn't change the selected panel (#4500 )	2020-12-10 19:44:24 +13:00
Alice Groux	faded67deb	fix(k8s/node): sort labels (#4417 )	2020-12-10 15:57:35 +13:00
Alice Groux	eadd8b36d6	fix(applications/ports-mapping): load balancer link expand only if the item length > 1 (#4495 )	2020-12-10 15:27:18 +13:00
cong meng	1ad4623b08	fix(frontend): override configuration keys disappear (#4547 ) (#4560 ) Co-authored-by: Simon Meng <simon.meng@portainer.io>	2020-12-10 15:13:02 +13:00
Alice Groux	890bbf4058	fix(k8s/sidebar): accessing cluster setup not expand endpoint sidebar (#4496 )	2020-12-10 15:11:45 +13:00
cong meng	865c8d899b	fix(frontend): revalidate configuration name when change resource pool (#4553 ) (#4562 ) Co-authored-by: Simon Meng <simon.meng@portainer.io>	2020-12-10 14:21:43 +13:00
cong meng	aa5277de2e	fix(frontend): cannnot access configuration details view containing binary data (#4503 ) (#4561 ) Co-authored-by: Simon Meng <simon.meng@portainer.io>	2020-12-10 13:58:10 +13:00