Merge branch 'develop' into fix/secret-value-copy

.env.example

@@ -1,34 +1,75 @@
-# Docker settings
+## Docker settings
+
+# Traefik requires this file to be able to route the requests to the containers
 DOCKER_SOCKET=/var/run/docker.sock
 
-# Domain settings
+## General
+
+# Tag for images. It's stable by default
 DYO_VERSION=stable
+# Required for Traefik's certification resolution
+# It should be your domain where dyrector.io will be available
 DOMAIN=example.com
+# Your server's timezone
 TIMEZONE=UTC
+# Required for Traefik's certification resolution
+# If there's an issue with the certificate, or when it expires,
+# letsencrypt will send a notificatiom to this e-mail address
 ACME_EMAIL=[email protected]
+# NodeJS services can run in two modes: production and development
+# These are the two values this key can have
 NODE_ENV=production
 
-# crux service settings
+## Crux service settings
+
+# You can specify how thorough logging will be
+# Options: verbose, debug, info, warning, error
+# The settings come in a hierarchic order,
+# meaning that in the order above they contain each other
+# Example: 'warning' contains 'error'
 LOG_LEVEL=debug
 
-# Database passwords
+## Database passwords
+
+# This value is the password to crux's database
 CRUX_POSTGRES_PASSWORD=Random_Generated_String
+# This value is the password to Kratos' database
 KRATOS_POSTGRES_PASSWORD=Random_Generated_String
 
-# External URL of the site https://example.com(:port if not 443)
+## External URL of the site https://example.com(:port if not 443)
+
+# This setting is to define where your
+# self-managed dyrector.io will be available
 EXTERNAL_URL=https://example.com
 
-# Cookie/JWT secrets
+## Cookie/JWT secrets
+
+# Secret to sign JWTs.
 CRUX_SECRET=Random_Generated_String
+# Secret to sign Kratos cookies
+# More details in Ory/Kratos documentation:
+# https://www.ory.sh/docs/kratos/reference/configuration
 KRATOS_SECRET=Random_Generated_String
 
-# Mailserver settings
+## Mailserver settings
+
+# The connection string for the mail server
+# The protocol can be SMTP or SMTPS
+# Example: protocol://smtp_user:smtp_password@mailserver_ip_or_domain:port
 SMTP_URI=smtps://username:[email protected]:465
+# E-mail address for dyrector.io invitation links,
+# password resets and others
 FROM_EMAIL=[email protected]
+# E-mail sender name for dyrector.io invitation links,
+# password resets and others
 FROM_NAME=dyrector.io
 
-# Recaptcha secrets
+## ReCAPTCHA secrets
+
 # In case you don't want to use ReCAPTCHA set DISABLE_RECAPTCHA to true
+# Highly recommended to keep the default value, which is `false`
 DISABLE_RECAPTCHA=false
+# Create ReCAPTCHA V2 credentials in the ReCAPTCHA admin console
+# It is recommended to use the inivisble type
 RECAPTCHA_SECRET_KEY=Recaptcha_Secret_Key
 RECAPTCHA_SITE_KEY=Recaptcha_Site_Key

golang/Makefile

@@ -138,32 +138,32 @@ lint:
 .PHONY: build-cli
 build-cli:
 	cd build && \
-	docker buildx build  --build-arg REVISION=$$(git rev-parse --short HEAD) --platform=linux/amd64 --load -t ${ORG_REGISTRY}/cli/dyo:$(image_version) -t ${DOCKER_REGISTRY}/dyo:$(image_version) -f cli/Dockerfile .
+	docker buildx build  --build-arg REVISION=${ORG_GOLANG_HASH} --platform=linux/amd64 --load -t ${ORG_REGISTRY}/cli/dyo:$(image_version) -t ${DOCKER_REGISTRY}/dyo:$(image_version) -f cli/Dockerfile .
 
 .PHONY: build-cli-push
 build-cli-push:
 	cd build && \
-	docker buildx build  --build-arg REVISION=$$(git rev-parse --short HEAD) --platform=linux/amd64,linux/arm64 --push -t ${ORG_REGISTRY}/cli/dyo:$(image_version) -t ${DOCKER_REGISTRY}/dyo:$(image_version) -f cli/Dockerfile .
+	docker buildx build  --build-arg REVISION=${ORG_GOLANG_HASH} --platform=linux/amd64,linux/arm64 --push -t ${ORG_REGISTRY}/cli/dyo:$(image_version) -t ${DOCKER_REGISTRY}/dyo:$(image_version) -f cli/Dockerfile .
 
 .PHONY: build-dagent
 build-dagent: compile-dagent
 	cd build && \
-	docker buildx build --build-arg AGENT_BINARY=dagent --build-arg REVISION=$$(git rev-parse --short HEAD) --platform=linux/amd64 --load -t ${AGENT_REGISTRY_URL}/dagent:$(image_version) -t ${DOCKER_REGISTRY}/dagent:$(image_version) .
+	docker buildx build --build-arg AGENT_BINARY=dagent --build-arg REVISION=${ORG_GOLANG_HASH} --platform=linux/amd64 --load -t ${AGENT_REGISTRY_URL}/dagent:$(image_version) -t ${DOCKER_REGISTRY}/dagent:$(image_version) .
 
 .PHONY: build-crane
 build-crane: compile-crane
 	cd build && \
-	docker buildx build  --build-arg AGENT_BINARY=crane --build-arg REVISION=$$(git rev-parse --short HEAD) --platform=linux/amd64 --load -t ${AGENT_REGISTRY_URL}/crane:$(image_version) -t ${DOCKER_REGISTRY}/crane:$(image_version) .
+	docker buildx build  --build-arg AGENT_BINARY=crane --build-arg REVISION=${ORG_GOLANG_HASH} --platform=linux/amd64 --load -t ${AGENT_REGISTRY_URL}/crane:$(image_version) -t ${DOCKER_REGISTRY}/crane:$(image_version) .
 
 PHONY: build-dagent-multi-push
 build-dagent-multi-push: compile-dagent
 	cd build && \
-	docker buildx build --build-arg AGENT_BINARY=dagent --build-arg REVISION=$$(git rev-parse --short HEAD) --platform=linux/amd64,linux/arm64 --push -t ${AGENT_REGISTRY_URL}/dagent:$(image_version) -t ${DOCKER_REGISTRY}/dagent:$(image_version) .
+	docker buildx build --build-arg AGENT_BINARY=dagent --build-arg REVISION=${ORG_GOLANG_HASH} --platform=linux/amd64,linux/arm64 --push -t ${AGENT_REGISTRY_URL}/dagent:$(image_version) -t ${DOCKER_REGISTRY}/dagent:$(image_version) .
 
 .PHONY: build-crane-multi-push
 build-crane-multi-push: compile-crane
 	cd build && \
-	docker buildx build  --build-arg AGENT_BINARY=crane --build-arg REVISION=$$(git rev-parse --short HEAD) --platform=linux/amd64,linux/arm64 --push -t ${AGENT_REGISTRY_URL}/crane:$(image_version) -t ${DOCKER_REGISTRY}/crane:$(image_version) .
+	docker buildx build  --build-arg AGENT_BINARY=crane --build-arg REVISION=${ORG_GOLANG_HASH} --platform=linux/amd64,linux/arm64 --push -t ${AGENT_REGISTRY_URL}/crane:$(image_version) -t ${DOCKER_REGISTRY}/crane:$(image_version) .
 
 .PHONY: cli-compile-build-push
 cbpcli:	compile-cli build-cli push-cli

golang/cmd/crane/.env.example

@@ -14,15 +14,21 @@ DEBUG_UPDATE_ALWAYS=false
 DEBUG_UPDATE_USE_CONTAINERS=true
 DEFAULT_REGISTRY=index.docker.io
 
-# crane specific options
-CRANE_GEN_TCP_INGRESS_MAP=
-CRANE_IN_CLUSTER=true
+# Crane specific options
+# Put 'true' to use in-cluster auth
+CRANE_IN_CLUSTER=false
+# The duration amount that for a kubernetes API request to complete
 DEFAULT_KUBE_TIMEOUT=2m
+# Field manager name
 FIELD_MANAGER_NAME=crane-dyrector-io
+# Use 'Force: true' while deploying
 FORCE_ON_CONFLICTS=true
+# The key/label name for audit purposes
 KEY_ISSUER=co.dyrector.io/issuer
+# The "kubectl" configuration location
 KUBECONFIG=
+# Timeouts used in tests, no effect on deployment
 TEST_TIMEOUT=15s
+# For injecting SecretPrivateKey
 SECRET_NAME=dyrectorio-secret
 SECRET_NAMESPACE=dyrectorio
-CRANE_IN_CLUSTER=false

golang/cmd/dagent/.env.example

@@ -18,18 +18,30 @@ AGENT_CONTAINER_NAME=dagent
 DAGENT_IMAGE=ghcr.io/dyrector-io/dyrectorio/dagent
 DAGENT_NAME=dagent-go
 DAGENT_TAG=latest
+# This should match the mount path that is
+# the root of configurations and containers
 DATA_MOUNT_PATH=/srv/dagent
 DEFAULT_TAG=latest
 DEFAULT_TIMEOUT=5s
 GRPC_KEEPALIVE=60s
+# Path of 'docker.sock' or other local/remote
+# address where we can communicate with docker
 HOST_DOCKER_SOCK_PATH=/var/run/docker.sock
+# Containers mount path default
 INTERNAL_MOUNT_PATH=/srv/dagent
+# Loglines to skip if not defined on the request
 LOG_DEFAULT_SKIP=0
+# Loglines to take
 LOG_DEFAULT_TAKE=100
 MIN_DOCKER_VERSION=20.10
+# E-mail address to use for dynamic certificate requests
 TRAEFIK_ACME_MAIL=
 TRAEFIK_ENABLED=false
+# Loglevel for Traefik
+# Set to "DEBUG" to access Traefik dashboard
 TRAEFIK_LOG_LEVEL=
+# Whether to enable Traefik TLS or not
 TRAEFIK_TLS=false
 DEFAULT_REGISTRY=index.docker.io
+# Token used by the webhook to trigger the update
 WEBHOOK_TOKEN=

web/crux-ui/.env.example

@@ -3,20 +3,28 @@ CRUX_UI_URL=http://localhost:8000
 KRATOS_URL=http://localhost:8000/kratos
 KRATOS_ADMIN_URL=http://localhost:4434
 
+# Sets the severity level of logging
+# Possible values: trace, debug, info, warn, error, and fatal
+# The settings come in a hierarchic order
+# Example: error contains fatal
 LOG_LEVEL=trace
 
-# Google recaptcha config
+## Google ReCAPTCHA config
+
 DISABLE_RECAPTCHA=true
-# required only when rechaptcha is enabled
+# Required only when ReCAPTCHA is enabled
 RECAPTCHA_SITE_KEY=<public_recaptcha_site_key>
 RECAPTCHA_SECRET_KEY=<recaptcha_secret_key>
 
-# Playwright test config (for e2e tests)
+## Playwright test config (for e2e tests)
+
 E2E_BASE_URL=http://localhost:8000
 
 # Docker HUB Proxy (optional)
 # HUB_PROXY_URL=http://<proxy_url>
 # HUB_PROXY_TOKEN=<proxy_token>
 
-# overriding the node dns result order regardless of the NODE_ENV value
-#DNS_DEFAULT_RESULT_ORDER=ipv4first
+# For overriding the node dns result order regardless of the NODE_ENV value
+# It may be necessary for running the e2e tests,
+# because node resolves localhost to IPv6 by default
+# DNS_DEFAULT_RESULT_ORDER=ipv4first

web/crux-ui/i18n.json

@@ -22,7 +22,7 @@
     "/[teamSlug]/projects/[projectId]/versions/[versionId]": ["versions", "images", "deployments"],
     "/[teamSlug]/projects/[projectId]/versions/[versionId]/images/[imageId]": ["images", "container"],
     "/[teamSlug]/nodes": ["nodes", "tokens"],
-    "/[teamSlug]/nodes/[nodeId]": ["nodes", "images", "tokens"],
+    "/[teamSlug]/nodes/[nodeId]": ["nodes", "images", "tokens", "deployments"],
     "/[teamSlug]/nodes/[nodeId]/log": [],
     "/[teamSlug]/registries": ["registries"],
     "/[teamSlug]/registries/[registryId]": ["registries"],

web/crux-ui/locales/en/common.json

@@ -127,7 +127,8 @@
   "nodeStatuses": {
     "connected": "Connected",
     "unreachable": "Unreachable",
-    "outdated": "Outdated"
+    "outdated": "Outdated",
+    "updating": "Updating"
   },
 
   "deploymentStatuses": {

web/crux-ui/locales/en/nodes.json

@@ -44,14 +44,11 @@
     "shell": "Shell",
     "powershell": "PowerShell"
   },
-  "statusFilters": {
-    "connected": "Connected",
-    "unreachable": "Unreachable"
-  },
   "persistentDataPath": "Persistent data path",
   "persistentDataExplanation": "Stores basic operational data and serves as a base path for containers using relative volume names. Environment variables are resolved, but it is suggested to use absolute paths and avoid special characters.",
   "optionalLeaveEmptyForDefaults": "Optional, leave empty for default paths",
   "update": "Update",
+  "updateAvailable": "There is an update available for your node. You can update it with the update button below.",
   "updateRequired": "This agent is incompatible with the current version of dyrector.io. You can update it with the update button below.",
   "updateError": "Failed to update agent: {{error}}",
   "ports": "Ports (External -> Internal)",

web/crux-ui/src/components/nodes/edit-node-section.tsx

@@ -11,7 +11,6 @@ import {
   NodeDetails,
   NodeEventMessage,
   NodeInstall,
-  nodeIsUpdateable,
   NodeType,
   UpdateNodeAgentMessage,
   WS_TYPE_NODE_EVENT,
@@ -78,7 +77,6 @@ const EditNodeSection = (props: EditNodeSectionProps) => {
       address: message.address ?? node.address,
       status: message.status,
       hasToken: message.status === 'connected' || node.hasToken,
-      updating: message.updating ?? node.updating,
       install: message.status === 'connected' ? null : node.install,
     } as NodeDetails
 
@@ -140,7 +138,7 @@ const EditNodeSection = (props: EditNodeSectionProps) => {
 
     setNode({
       ...node,
-      updating: true,
+      status: 'updating',
     })
   }
 
@@ -160,7 +158,9 @@ const EditNodeSection = (props: EditNodeSectionProps) => {
                 {t('agentSettings')}
               </DyoHeading>
 
-              {node.status === 'outdated' && <span className="mt-4">{t('updateRequired')}</span>}
+              {node.updatable && (
+                <span className="mt-4">{t(node.status === 'outdated' ? 'updateRequired' : 'updateAvailable')}</span>
+              )}
 
               <div className="flex flex-row gap-4 mt-4">
                 {node.hasToken && (
@@ -174,11 +174,11 @@ const EditNodeSection = (props: EditNodeSectionProps) => {
                   secondary
                   danger={node.status === 'outdated'}
                   onClick={onUpdateNode}
-                  disabled={!nodeIsUpdateable(node)}
+                  disabled={!node.updatable}
                 >
                   <span className="flex">
                     {t('update')}
-                    {node.updating && <LoadingIndicator className="inline-block ml-2" />}
+                    {node.status === 'updating' && <LoadingIndicator className="inline-block ml-2" />}
                   </span>
                 </DyoButton>
               </div>

web/crux-ui/src/components/nodes/node-connection-card.tsx

@@ -58,7 +58,7 @@ const NodeConnectionCard = (props: NodeConnectionCardProps) => {
         <DyoLabel>{t('uptime')}</DyoLabel>
         {runningSince ? <TimeLabel textColor="text-dyo-turquoise" seconds={runningSince} /> : null}
 
-        {node.updating && (
+        {node.status === 'updating' && (
           <>
             <DyoLabel>{t('update')}</DyoLabel>
             <span className="text-light-eased">{t('in-progress')}</span>