fix: merge conflict

2025-01-20 23:39:56 +01:00 · 2022-10-30 21:49:15 +05:00 · 2022-10-30 21:49:15 +05:00 · f4c9cbff1e
commit f4c9cbff1e
parent 4b097de954 f3f9c71358
120 changed files with 2018 additions and 2416 deletions
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -0,0 +1,13 @@
 # These are supported funding model platforms
 github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
 patreon: # Replace with a single Patreon username
 open_collective: semaphore
 ko_fi: fiftin
 tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
 community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
 liberapay: # Replace with a single Liberapay username
 issuehunt: # Replace with a single IssueHunt username
 otechie: # Replace with a single Otechie username
 lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
 custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
--- a/.github/workflows/dev.yml
+++ b/.github/workflows/dev.yml
@ -23,37 +23,40 @@ jobs:
      - run: task compile
      - name: Test that compile did not create/modify untracked files
-        run: git diff --exit-code --stat -- . ':(exclude)web2/package.json' ':(exclude)web2/package-lock.json' ':(exclude)go.mod' ':(exclude)go.sum'
+        run: git diff --exit-code --stat -- . ':(exclude)web/package.json' ':(exclude)web/package-lock.json' ':(exclude)go.mod' ':(exclude)go.sum'
-      - run: task build:local
+      - run: task build:local GOOS= GOARCH=
      - run: task test
      - uses: actions/upload-artifact@master
        with:
          name: semaphore
          path: bin/semaphore
          retention-days: 1
-  test-golang:
+#  test-golang:
-    runs-on: [ubuntu-latest]
+#    runs-on: [ubuntu-latest]
-    needs: build-local
+#    needs: build-local
-    steps:
+#    steps:
-      - uses: actions/setup-go@v3
+#      - uses: actions/setup-go@v3
-        with: { go-version: 1.18 }
+#        with: { go-version: 1.18 }
-
+#
-      - run: go install github.com/go-task/task/v3/cmd/task@latest
+#      - run: go install github.com/go-task/task/v3/cmd/task@latest
-
+#
-      - uses: actions/checkout@v3
+#      - uses: actions/checkout@v3
-
+#
-      - run: task deps:tools
+#      - run: task deps:tools
-      - run: task deps:be
+#      - run: task deps:be
-      - run: task compile:be
+#      - run: task compile:be
 #      - run: task lint:be
-      - run: task test
+#      - run: task test
  test-db-migration:
    runs-on: [ubuntu-latest]
-    needs: [build-local, test-golang]
+    needs: [build-local]
    steps:
      - uses: shogo82148/actions-setup-mysql@v1
        with:
@ -95,12 +98,26 @@ jobs:
      - uses: actions/checkout@v3
-      - run: context=prod task docker:test
+#      - run: context=prod task docker:test
-      - run: docker login -u ${{ secrets.DOCKER_USER }} -p ${{ secrets.DOCKER_PASS }}
+      - uses: docker/setup-qemu-action@v2
      - run: context=prod tag=develop task docker:build
      - run: tag=develop task docker:push
      - uses: docker/setup-buildx-action@v2
      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKER_USER }}
          password: ${{ secrets.DOCKER_PASS }}
      - name: Build and push
        uses: docker/build-push-action@v3
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          file: ./deployment/docker/prod/buildx.Dockerfile
          push: true
          tags: semaphoreui/semaphore:develop
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -42,10 +42,23 @@ jobs:
      - uses: actions/checkout@v3
-      - run: context=prod task docker:test
+#      - run: context=prod task docker:test
-      - run: docker login -u ${{ secrets.DOCKER_USER }} -p ${{ secrets.DOCKER_PASS }}
+      - uses: docker/setup-qemu-action@v2
-      - run: context=prod tag=latest task docker:build
+
-      - run: tag=latest task docker:push
+      - uses: docker/setup-buildx-action@v2
-      - run: docker tag semaphoreui/semaphore:latest semaphoreui/semaphore:${{ github.ref_name }}
+
-      - run: tag=${{ github.ref_name }} task docker:push
+      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKER_USER }}
          password: ${{ secrets.DOCKER_PASS }}
      - name: Build and push
        uses: docker/build-push-action@v3
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          file: ./deployment/docker/prod/buildx.Dockerfile
          push: true
          tags: semaphoreui/semaphore:latest,semaphoreui/semaphore:${{ github.ref_name }}
--- a/.gitignore
+++ b/.gitignore
@ -4,8 +4,8 @@ web/public/js/bundle.js
 web/public/css/*.*
 web/public/html/**/*.*
 web/public/fonts/*.*
-web2/.nyc_output
+web/.nyc_output
-web2/dist/**/*
+web/dist/**/*
 /config.json
 /.dredd/config.json
 /database.boltdb
--- a/README.md
+++ b/README.md
@ -1,8 +1,7 @@
 # Ansible Semaphore
 [![Circle CI](https://circleci.com/gh/ansible-semaphore/semaphore.svg?style=svg&circle-token=3702872acf2bec629017fa7dd99fdbea56aef7df)](https://circleci.com/gh/ansible-semaphore/semaphore)
 [![Twitter](https://img.shields.io/twitter/follow/AnsibleSem?style=social&logo=twitter)](https://twitter.com/AnsibleSem)
-[![Snap](https://img.shields.io/badge/snap-semaphore-005c63)](https://snapcraft.io/semaphore)
+[![semaphore](https://snapcraft.io/semaphore/badge.svg)](https://snapcraft.io/semaphore)
 [![StackShare](https://img.shields.io/badge/tech-stack-008ff9)](https://stackshare.io/ansible-semaphore)
 [![Join the chat at https://gitter.im/AnsibleSemaphore/semaphore](https://img.shields.io/gitter/room/AnsibleSemaphore/semaphore?logo=gitter)](https://gitter.im/AnsibleSemaphore/semaphore?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
@ -42,10 +41,41 @@ Follow Semaphore on Twitter ([AnsibleSem](https://twitter.com/AnsibleSem)) and S
 ## Installation
 ### Full documentation
 https://docs.ansible-semaphore.com/administration-guide/installation
 ### Snap
 ```bash
 sudo snap install semaphore
 sudo snap stop semaphore # BoltDB limitation, it allows only one connection
 sudo semaphore user add --admin --name "Your Name" --login your_login --email your-email@examaple.com --password your_password
 sudo snap start semaphore
 ```
 [![Get it from the Snap Store](https://snapcraft.io/static/images/badges/en/snap-store-black.svg)](https://snapcraft.io/semaphore)
 ### Docker 
 `docker-compose.yml` for minimal configuration:
 ```yaml
 services:
  semaphore:
    ports:
      - 3000:3000
    image: semaphoreui/semaphore:latest
    environment:
      SEMAPHORE_DB_DIALECT: bolt
      SEMAPHORE_ADMIN_PASSWORD: changeme
      SEMAPHORE_ADMIN_NAME: admin
      SEMAPHORE_ADMIN_EMAIL: admin@localhost
      SEMAPHORE_ADMIN: admin
    volumes:
      - /path/to/data/home:/etc/semaphore # config.json location
      - /path/to/data/lib:/var/lib/semaphore # database.boltdb location (Not required if using mysql or postgres)
 ```
 https://hub.docker.com/r/semaphoreui/semaphore
 ## Demo
 You can test latest version of Semaphore on https://demo.ansible-semaphore.com.
@ -54,7 +84,7 @@ You can test latest version of Semaphore on https://demo.ansible-semaphore.com.
 Admin and user docs: https://docs.ansible-semaphore.com
-API docs: https://ansible-semaphore.com/api/
+API description: https://ansible-semaphore.com/api/
 ## Contributing
--- a/Taskfile.yml
+++ b/Taskfile.yml
@ -19,13 +19,16 @@ tasks:
      - task: compile
      - task: test
      - task: build:local
        vars:
          GOOS: ''
          GOARCH: ''
  deps:
    desc: Install all dependencies (except dredd requirements)
    cmds:
-     - task: deps:tools
+      - task: deps:tools
-     - task: deps:be
+      - task: deps:be
-     - task: deps:fe2
+      - task: deps:fe2
  deps:be:
    desc: Vendor application dependencies
@ -34,29 +37,28 @@ tasks:
  deps:fe2:
    desc: Installs npm requirements for front end from package.json
-    dir: web2
+    dir: web
    cmds:
      - npm install
      # - npm audit fix
  deps:integration:
    desc: Installs requirements for integration testing with dredd
-    dir: web2
+    dir: web
    cmds:
      - npm install dredd@13.1.2
      # - npm audit fix
  deps:tools:
    desc: Installs tools needed
-    dir: web2
+    dir: web
    vars:
-      GORELEASER_VERSION: "0.159.0"
+      GORELEASER_VERSION: "0.183.0"
      GOLINTER_VERSION: "1.46.2"
    cmds:
      - go install github.com/gobuffalo/packr/...@v1.10.4
      - go install github.com/haya14busa/goverage@latest
      - go install github.com/snikch/goodman/cmd/goodman@latest
-      - go install github.com/go-swagger/go-swagger/cmd/swagger@latest
+      - go install github.com/go-swagger/go-swagger/cmd/swagger@v0.29.0
      - '{{ if ne OS "windows" }} sh -c "curl -L https://github.com/goreleaser/goreleaser/releases/download/v{{ .GORELEASER_VERSION }}/goreleaser_$(uname -s)_$(uname -m).tar.gz | tar -xz -C $(go env GOPATH)/bin goreleaser"{{ else }} {{ end }}'
      - '{{ if ne OS "windows" }} chmod +x $(go env GOPATH)/bin/goreleaser{{ else }} {{ end }}'
      - '{{ if eq OS "windows" }} echo "NOTICE: You must download goreleaser manually to build this application https://github.com/goreleaser/goreleaser/releases "{{ else }}:{{ end }}'
@ -71,7 +73,7 @@ tasks:
  compile:fe2:
    desc: Build vue.js project
-    dir: web2
+    dir: web
    sources:
      - src/*.*
      - src/**/*.*
@ -92,13 +94,13 @@ tasks:
  compile:be:
    desc: Runs Packr for static assets
    sources:
-      - web2/dist/*
+      - web/dist/*
      - db/migrations/*
    generates:
      - db/db-packr.go
      - api/api-packr.go
    cmds:
-      - mkdir -p web2/dist
+      - mkdir -p web/dist
      - go run util/version_gen/generator.go {{ if .TAG }}{{ .TAG }}{{ else }}{{ if .SEMAPHORE_VERSION }}{{ .SEMAPHORE_VERSION }}{{ else }}{{ .BRANCH }}-{{ .SHA }}-{{ .TIMESTAMP }}{{ if .DIRTY }}-dirty{{ end }}{{ end }}{{end}}
      - packr
    vars:
@ -108,7 +110,7 @@ tasks:
        sh: git rev-parse --abbrev-ref HEAD
      DIRTY:
        # We must exclude the package-lock file as npm install can change it!
-        sh: git diff --exit-code --stat -- . ':(exclude)web2/package-lock.json' ':(exclude)web2/package.json' || true
+        sh: git diff --exit-code --stat -- . ':(exclude)web/package-lock.json' ':(exclude)web/package.json' || true
      SHA:
        sh: git log --pretty=format:'%h' -n 1
      TIMESTAMP:
@ -128,7 +130,7 @@ tasks:
    desc: Build a binary for the current architecture
    dir: cli
    cmds:
-     - go build -o ../bin/semaphore{{ if eq OS "windows" }}.exe{{ end }}
+      - env GOOS={{ .GOOS }} GOARCH={{ .GOARCH }} go build -o ../bin/semaphore{{ if eq OS "windows" }}.exe{{ end }}
  release:
    desc: creates a release without performing validations or publishing artifacts
@ -157,14 +159,12 @@ tasks:
    cmds:
      - go vet ./...
      - swagger validate ./api-docs.yml
-      # 2> /dev/null makes goverage less noisy about pattern matching
+      - go test -v -coverprofile=coverage.out ./...
      # if no tests exist but will still print failing test results
      - goverage -v -coverprofile=coverage.out ./... 2> /dev/null
  test:api:
    desc: test the api with dredd
    cmds:
-      - ./web2/node_modules/.bin/dredd --config .dredd/dredd.yml
+      - ./web/node_modules/.bin/dredd --config .dredd/dredd.yml
  ci:artifacts:
    cmds:
@ -252,7 +252,6 @@ tasks:
          prefix: -dredd
          args: up
  docker:build:
    desc: Build an image for Semaphore, requires context
    vars:
@ -276,7 +275,7 @@ tasks:
      - sudo chmod +rx /usr/local/bin/goss
      - sudo curl -L https://raw.githubusercontent.com/aelsabbahy/goss/v0.3.5/extras/dgoss/dgoss -o /usr/local/bin/dgoss
      - sudo chmod +rx /usr/local/bin/dgoss
-      - sudo curl -L https://github.com/hadolint/hadolint/releases/download/v1.5.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint
+      - sudo curl -L https://github.com/hadolint/hadolint/releases/download/v2.10.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint
      - sudo chmod +rx /usr/local/bin/hadolint
  docker:test:
--- a/Taskfile_windows.yml
+++ b/Taskfile_windows.yml
@ -4,3 +4,7 @@ tasks:
    cmds:
      - packr
      - go run util/version_gen/generator.go 1
  build:local:
    dir: cli
    cmds:
    - go build -o ../bin/semaphore{{ if eq OS "windows" }}.exe{{ end }}
--- a/api-docs.yml
+++ b/api-docs.yml
@ -1448,6 +1448,8 @@ paths:
                type: boolean
              dry_run:
                type: boolean
              diff:
                type: boolean
              playbook:
                type: string
              environment:
--- a/api/login.go
+++ b/api/login.go
@ -7,14 +7,14 @@ import (
 	"strings"
 	"time"
 	"golang.org/x/crypto/bcrypt"
 	"github.com/ansible-semaphore/semaphore/api/helpers"
 	"github.com/ansible-semaphore/semaphore/db"
 	"github.com/go-ldap/ldap/v3"
 	log "github.com/Sirupsen/logrus"
 	"github.com/ansible-semaphore/semaphore/util"
 	"golang.org/x/crypto/bcrypt"
 )
 func tryFindLDAPUser(username, password string) (*db.User, error) {
@ -146,6 +146,43 @@ func createSession(w http.ResponseWriter, r *http.Request, user db.User) {
 	})
 }
 func loginByPassword(store db.Store, login string, password string) (user db.User, err error) {
 	user, err = store.GetUserByLoginOrEmail(login, login)
 	if err != nil {
 		return
 	}
 	if user.External {
 		err = db.ErrNotFound
 		return
 	}
 	err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password))
 	if err != nil {
 		err = db.ErrNotFound
 		return
 	}
 	return
 }
 func loginByLDAP(store db.Store, ldapUser db.User) (user db.User, err error) {
 	user, err = store.GetUserByLoginOrEmail(ldapUser.Username, ldapUser.Email)
 	if err == db.ErrNotFound {
 		user, err = store.CreateUserWithoutPassword(ldapUser)
 	}
 	if !user.External {
 		err = db.ErrNotFound
 		return
 	}
 	return
 }
 // nolint: gocyclo
 func login(w http.ResponseWriter, r *http.Request) {
 	var login struct {
@ -180,39 +217,22 @@ func login(w http.ResponseWriter, r *http.Request) {
 		}
 	}
-	user, err := helpers.Store(r).GetUserByLoginOrEmail(login.Auth, login.Auth)
+	var user db.User
-	if err == db.ErrNotFound {
+	if ldapUser == nil {
-		if ldapUser != nil {
+		user, err = loginByPassword(helpers.Store(r), login.Auth, login.Password)
-			// create new LDAP user
+	} else {
-			user, err = helpers.Store(r).CreateUserWithoutPassword(*ldapUser)
+		user, err = loginByLDAP(helpers.Store(r), *ldapUser)
-			if err != nil {
+	}
-				panic(err)
+
-			}
+	if err != nil {
-		} else {
+		if err == db.ErrNotFound {
 			w.WriteHeader(http.StatusUnauthorized)
 			return
 		}
 	} else if err != nil {
 		panic(err)
 	}
 	// check if ldap user & no ldap user found
 	if user.External && ldapUser == nil {
 		w.WriteHeader(http.StatusUnauthorized)
 		return
 	}
 	// non-ldap login
 	if !user.External {
 		if err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(login.Password)); err != nil {
 			w.WriteHeader(http.StatusUnauthorized)
 			return
 		}
 		// authenticated.
 	}
 	createSession(w, r, user)
 	w.WriteHeader(http.StatusNoContent)
--- a/api/router.go
+++ b/api/router.go
@ -14,7 +14,7 @@ import (
 	"github.com/gorilla/mux"
 )
-var publicAssets2 = packr.NewBox("../web2/dist")
+var publicAssets2 = packr.NewBox("../web/dist")
 //JSONMiddleware ensures that all the routes respond with Json, this is added by default to all routes
 func JSONMiddleware(next http.Handler) http.Handler {
--- a/cli/cmd/setup.go
+++ b/cli/cmd/setup.go
@ -27,17 +27,9 @@ var setupCmd = &cobra.Command{
 //nolint: gocyclo
 func doSetup() int {
 	var config *util.ConfigType
-	for {
+	config = &util.ConfigType{}
-		config = &util.ConfigType{}
+	config.GenerateSecrets()
-		config.GenerateSecrets()
+	setup.InteractiveSetup(config)
 		setup.InteractiveSetup(config)
 		if setup.AskConfigConfirmation(config) {
 			break
 		}
 		fmt.Println()
 	}
 	configPath := setup.SaveConfig(config)
 	util.Config = config
--- a/db/AccessKey.go
+++ b/db/AccessKey.go
@ -22,7 +22,6 @@ const (
 	AccessKeySSH           AccessKeyType = "ssh"
 	AccessKeyNone          AccessKeyType = "none"
 	AccessKeyLoginPassword AccessKeyType = "login_password"
 	AccessKeyPAT           AccessKeyType = "pat"
 )
 // AccessKey represents a key used to access a machine with ansible from semaphore
@ -40,7 +39,6 @@ type AccessKey struct {
 	LoginPassword  LoginPassword `db:"-" json:"login_password"`
 	SshKey         SshKey        `db:"-" json:"ssh"`
 	PAT            string        `db:"-" json:"pat"`
 	OverrideSecret bool          `db:"-" json:"override_secret"`
 	InstallationKey int64 `db:"-" json:"-"`
@ -193,8 +191,6 @@ func (key *AccessKey) SerializeSecret() error {
 		if err != nil {
 			return err
 		}
 	case AccessKeyPAT:
 		plaintext = []byte(key.PAT)
 	case AccessKeyNone:
 		key.Secret = nil
 		return nil
@ -251,8 +247,6 @@ func (key *AccessKey) unmarshalAppropriateField(secret []byte) (err error) {
 		if err == nil {
 			key.LoginPassword = loginPass
 		}
 	case AccessKeyPAT:
 		key.PAT = string(secret)
 	}
 	return
 }
--- a/db/Event.go
+++ b/db/Event.go
@ -85,7 +85,8 @@ func getEventObjectName(d Store, evt Event) (string, error) {
 	case EventTask:
 		task, err := d.GetTask(*evt.ProjectID, *evt.ObjectID)
 		if err != nil {
-			return "", err
+			// Task can be deleted, it is ok, just return empty string
 			return "", nil
 		}
 		return task.Playbook, nil
 	default:
--- a/db/Migration.go
+++ b/db/Migration.go
@ -58,6 +58,7 @@ func GetMigrations() []Migration {
 		{Version: "2.8.42"},
 		{Version: "2.8.51"},
 		{Version: "2.8.57"},
 		{Version: "2.8.58"},
 	}
 }
--- a/db/Repository.go
+++ b/db/Repository.go
@ -80,8 +80,6 @@ func (r Repository) GetGitURL() string {
 		switch r.SSHKey.Type {
 		case AccessKeyLoginPassword:
 			auth = r.SSHKey.LoginPassword.Login + ":" + r.SSHKey.LoginPassword.Password
 		case AccessKeyPAT:
 			auth = r.SSHKey.PAT
 		}
 		if auth != "" {
 			auth += "@"
--- a/db/Task.go
+++ b/db/Task.go
@ -25,6 +25,7 @@ type Task struct {
 	Debug  bool       `db:"debug" json:"debug"`
 	DryRun bool `db:"dry_run" json:"dry_run"`
 	Diff   bool `db:"diff" json:"diff"`
 	// override variables
 	Playbook    string `db:"playbook" json:"playbook"`
--- a/db/bolt/BoltDb.go
+++ b/db/bolt/BoltDb.go
@ -442,16 +442,16 @@ func (d *BoltDb) createObject(bucketID int, props db.ObjectProps, object interfa
 				reflect.Uint16,
 				reflect.Uint32,
 				reflect.Uint64:
-				//if idValue.Int() == 0 {
+				if idValue.Int() == 0 {
-				id, err3 := b.NextSequence()
+					id, err3 := b.NextSequence()
-				if err3 != nil {
+					if err3 != nil {
-					return err3
+						return err3
 					}
 					if props.SortInverted {
 						id = MaxID - id
 					}
 					idValue.SetInt(int64(id))
 				}
 				if props.SortInverted {
 					id = MaxID - id
 				}
 				idValue.SetInt(int64(id))
 				//}
 				objID = intObjectID(idValue.Int())
 			case reflect.String:
--- a/db/bolt/task.go
+++ b/db/bolt/task.go
@ -70,10 +70,9 @@ func (d *BoltDb) getTasks(projectID int, templateID *int, params db.RetrieveQuer
 		if task.UserID != nil {
 			usr, ok := users[*task.UserID]
 			if !ok {
-				usr, err = d.GetUser(*task.UserID)
+				// trying to get user , but ignore error, because
-				if err != nil {
+				// user can be deleted, and it is ok
-					return
+				usr, _ = d.GetUser(*task.UserID)
 				}
 				users[*task.UserID] = usr
 			}
 			tasksWithTpl[i].UserName = &usr.Name
--- a/db/sql/migrations/v2.8.58.sql
+++ b/db/sql/migrations/v2.8.58.sql
@ -0,0 +1 @@
 ALTER TABLE task ADD diff boolean NOT NULL DEFAULT false;
--- a/deployment/docker/ci/Dockerfile
+++ b/deployment/docker/ci/Dockerfile
@ -17,9 +17,11 @@ RUN adduser -D -u 1002 -g 0 semaphore && \
    mkdir -p /go/src/github.com/ansible-semaphore/semaphore && \
    mkdir -p /tmp/semaphore && \
    mkdir -p /etc/semaphore && \
    mkdir -p /var/lib/semaphore && \
    chown -R semaphore:0 /go && \
    chown -R semaphore:0 /tmp/semaphore && \
    chown -R semaphore:0 /etc/semaphore && \
    chown -R semaphore:0 /var/lib/semaphore && \
    ssh-keygen -t rsa -q -f "/root/.ssh/id_rsa" -N ""       && \
    ssh-keyscan -H github.com > /root/.ssh/known_hosts
--- a/deployment/docker/ci/Singularity
+++ b/deployment/docker/ci/Singularity
@ -1,54 +0,0 @@
 Bootstrap: docker
 From: golang:1.18.3-alpine3.16
 Stage: spython-base
 %setup
 mkdir $SINGULARITY_ROOTFS/bigdata
 %post
 SEMAPHORE_VERSION="development"
 SEMAPHORE_ARCH="linux_amd64"
 SEMAPHORE_CONFIG_PATH="${SEMAPHORE_CONFIG_PATH:-/etc/semaphore}"
 APP_ROOT="/mnt/"
 # hadolint ignore=DL3013
 apk add --no-cache sshpass git mysql-client python3 py3-pip py-openssl openssl ca-certificates curl curl-dev openssh-client-default tini nodejs npm bash rsync && \
 apk --update add --virtual build-dependencies python3-dev libffi-dev openssl-dev build-base &&\
 rm -rf /var/cache/apk/*
 pip3 install --upgrade pip cffi   && \
 pip3 install ansible &&\
 apk del build-dependencies
 adduser -D -u 1002 -g 0 semaphore && \
 mkdir -p $APP_ROOT && \
 mkdir -p /tmp/semaphore && \
 mkdir -p /etc/semaphore && \
 chown -R semaphore:0 /go && \
 chown -R semaphore:0 /tmp/semaphore && \
 chown -R semaphore:0 /etc/semaphore && \
 ssh-keygen -t rsa -q -f "/root/.ssh/id_rsa" -N ""       && \
 ssh-keyscan -H github.com > /root/.ssh/known_hosts
 cd $(go env GOPATH) && curl -sL https://taskfile.dev/install.sh | sh
 # Copy in app source
 cd ${APP_ROOT}
 ./deployment/docker/ci/bin/install
 su -  semaphore # USER semaphore
 # EXPOSE 3000
 %environment
 export SEMAPHORE_VERSION="development"
 export SEMAPHORE_ARCH="linux_amd64"
 export SEMAPHORE_CONFIG_PATH="${SEMAPHORE_CONFIG_PATH:-/etc/semaphore}"
 export APP_ROOT="/mnt/"
 %runscript
 cd ${APP_ROOT}
 exec /usr/local/bin/semaphore-wrapper ./bin/semaphore server --config /etc/semaphore/config.json "$@"
 %startscript
 cd ${APP_ROOT}
 exec /usr/local/bin/semaphore-wrapper ./bin/semaphore server --config /etc/semaphore/config.json "$@"
--- a/deployment/docker/ci/bin/build.sh
+++ b/deployment/docker/ci/bin/build.sh
@ -1,29 +0,0 @@
 #!/bin/bash -l
 # Set env
 SUSER=$USER
 SCRIPT_HOME=$(realpath $(dirname $0))
 SEMAPHORE_HOME=$(realpath $SCRIPT_HOME/../../../../)
 echo "Building in $SEMAPHORE_HOME"
 if [[ ! -f $SCRIPT_HOME/../semaphore.simg ]]; then
    # Build Image
    sudo bash -lc "
    # Set env
    module purge
    module load singularity || echo 'Not using modules'
    export SINGULARITY_BIND=${SEMAPHORE_HOME}:/mnt
    # Build image
    cd $SCRIPT_HOME/../ && singularity build semaphore.simg Singularity
    # Update perms
    chmod -R ${SUSER}: $SEMAPHORE_HOME"
 else
    # Build RPM
    module load singularity || echo 'Not using modules'
    cd ${SEMAPHORE_HOME} && singularity exec $SCRIPT_HOME/../semaphore.simg task release
    chmod a+rx ${SEMAPHORE_HOME}/bin
    chmod a+r ${SEMAPHORE_HOME}/bin/*
 fi
--- a/deployment/docker/ci/bin/install
+++ b/deployment/docker/ci/bin/install
@ -11,4 +11,4 @@ echo "--> Install Semaphore entrypoint wrapper script"
 cp ./deployment/docker/common/semaphore-wrapper /usr/local/bin/semaphore-wrapper
 task deps
 task compile
-task build:local
+task build:local GOOS= GOARCH=
--- a/deployment/docker/ci/docker-compose.yml
+++ b/deployment/docker/ci/docker-compose.yml
@ -26,7 +26,6 @@ services:
      SEMAPHORE_DB_HOST: mysql
      SEMAPHORE_DB_PORT: 3306
      SEMAPHORE_DB: semaphore
      SEMAPHORE_PLAYBOOK_PATH: /etc/semaphore
      SEMAPHORE_ADMIN_PASSWORD: password
      SEMAPHORE_ADMIN_NAME: "Developer"
      SEMAPHORE_ADMIN_EMAIL: admin@localhost
--- a/deployment/docker/common/README.md
+++ b/deployment/docker/common/README.md
@ -0,0 +1,8 @@
 # How to test semaphore-wrapper
 ```bash
 SEMAPHORE_DB_DIALECT=bolt \
 SEMAPHORE_CONFIG_PATH=/tmp/semaphore
 SEMAPHORE_DB_HOST=/tmp/semaphore \
 ./semaphore-wrapper ../../../bin/semaphore server --config /tmp/semaphore/config.json
 ```
--- a/deployment/docker/common/semaphore-wrapper
+++ b/deployment/docker/common/semaphore-wrapper
@ -4,31 +4,51 @@ set -e
 echoerr() { printf "%s\n" "$*" >&2; }
 file_env() {
        local var=""
        local fileVar=""
        eval var="\$${1}"
        eval fileVar="\$${1}_FILE"
        local def="${2:-}"
        if [ -n "${var:-}" ] && [ -n "${fileVar:-}" ]; then
                echo >&2 "error: both ${1} and ${1}_FILE are set (but are exclusive)"
                exit 1
        fi
        local val="$def"
        if [ -n "${var:-}" ]; then
                val="${var}"
        elif [ -n "${fileVar:-}" ]; then
                val="$(cat "${fileVar}")"
        fi
        export "${1}"="$val"
        unset "${1}_FILE"
 }
 SEMAPHORE_CONFIG_PATH="${SEMAPHORE_CONFIG_PATH:-/etc/semaphore}"
 SEMAPHORE_TMP_PATH="${SEMAPHORE_TMP_PATH:-/tmp/semaphore}"
 # Semaphore database env config
 SEMAPHORE_DB_DIALECT="${SEMAPHORE_DB_DIALECT:-mysql}"
 SEMAPHORE_DB_DIALECT_ID=1
 SEMAPHORE_DB_HOST="${SEMAPHORE_DB_HOST:-0.0.0.0}"
-SEMAPHORE_DB_PORT="${SEMAPHORE_DB_PORT:-3306}"
+SEMAPHORE_DB_PATH="${SEMAPHORE_DB_PATH:-/var/lib/semaphore}"
 SEMAPHORE_DB_PORT="${SEMAPHORE_DB_PORT:-}"
 SEMAPHORE_DB="${SEMAPHORE_DB:-semaphore}"
-SEMAPHORE_DB_USER="${SEMAPHORE_DB_USER:-semaphore}"
+file_env 'SEMAPHORE_DB_USER' 'semaphore'
-SEMAPHORE_DB_PASS="${SEMAPHORE_DB_PASS:-semaphore}"
+file_env 'SEMAPHORE_DB_PASS' 'semaphore'
 # Email alert env config
 SEMAPHORE_WEB_ROOT="${SEMAPHORE_WEB_ROOT:-}"
 # Semaphore Admin env config
-SEMAPHORE_ADMIN="${SEMAPHORE_ADMIN:-admin}"
+file_env 'SEMAPHORE_ADMIN' 'admin'
 SEMAPHORE_ADMIN_EMAIL="${SEMAPHORE_ADMIN_EMAIL:-admin@localhost}"
 SEMAPHORE_ADMIN_NAME="${SEMAPHORE_ADMIN_NAME:-Semaphore Admin}"
-SEMAPHORE_ADMIN_PASSWORD="${SEMAPHORE_ADMIN_PASSWORD:-semaphorepassword}"
+file_env 'SEMAPHORE_ADMIN_PASSWORD' 'semaphorepassword'
 #Semaphore LDAP env config
 SEMAPHORE_LDAP_ACTIVATED="${SEMAPHORE_LDAP_ACTIVATED:-no}"
 SEMAPHORE_LDAP_HOST="${SEMAPHORE_LDAP_HOST:-}"
 SEMAPHORE_LDAP_PORT="${SEMAPHORE_LDAP_PORT:-}"
 SEMAPHORE_LDAP_NEEDTLS="${SEMAPHORE_LDAP_NEEDTLS:-no}"
 SEMAPHORE_LDAP_DN_BIND="${SEMAPHORE_LDAP_DN_BIND:-}"
-SEMAPHORE_LDAP_PASSWORD="${SEMAPHORE_LDAP_PASSWORD:-}"
+file_env 'SEMAPHORE_LDAP_PASSWORD'
 SEMAPHORE_LDAP_DN_SEARCH="${SEMAPHORE_LDAP_DN_SEARCH:-}"
 SEMAPHORE_LDAP_SEARCH_FILTER="${SEMAPHORE_LDAP_SEARCH_FILTER:-(uid=%s)}"
 SEMAPHORE_LDAP_MAPPING_DN="${SEMAPHORE_LDAP_MAPPING_DN:-dn}"
@ -36,36 +56,51 @@ SEMAPHORE_LDAP_MAPPING_USERNAME="${SEMAPHORE_LDAP_MAPPING_USERNAME:-uid}"
 SEMAPHORE_LDAP_MAPPING_FULLNAME="${SEMAPHORE_LDAP_MAPPING_FULLNAME:-cn}"
 SEMAPHORE_LDAP_MAPPING_EMAIL="${SEMAPHORE_LDAP_MAPPING_EMAIL:-mail}"
-export SEMAPHORE_ACCESS_KEY_ENCRYPTION="${SEMAPHORE_ACCESS_KEY_ENCRYPTION:-cFcXI5qHzCDqtS4xCnblOACuNu5AmKHkvxK7abwR8Eg=}"
+file_env 'SEMAPHORE_ACCESS_KEY_ENCRYPTION' 'cFcXI5qHzCDqtS4xCnblOACuNu5AmKHkvxK7abwR8Eg='
 # create semaphore temporary directory if non existent
 [ -d "${SEMAPHORE_TMP_PATH}" ] || mkdir -p "${SEMAPHORE_TMP_PATH}" || {
    echo "Can't create Semaphore tmp path ${SEMAPHORE_TMP_PATH}."
    exit 1
 }
-# create semaphore config directory if non existent
+
 [ -d "${SEMAPHORE_CONFIG_PATH}" ] || mkdir -p "${SEMAPHORE_CONFIG_PATH}" || {
    echo "Can't create Semaphore Config path ${SEMAPHORE_CONFIG_PATH}."
    exit 1
 }
 [ -d "${SEMAPHORE_DB_PATH}" ] || mkdir -p "${SEMAPHORE_DB_PATH}" || {
    echo "Can't create data path ${SEMAPHORE_DB_PATH}."
    exit 1
 }
 if [ -n "${SEMAPHORE_DB_PORT}" ]; then
  SEMAPHORE_DB_HOST="${SEMAPHORE_DB_HOST}:${SEMAPHORE_DB_PORT}"
 fi
 # wait on db to be up
-echoerr "Attempting to connect to database ${SEMAPHORE_DB} on ${SEMAPHORE_DB_HOST}:${SEMAPHORE_DB_PORT} with user ${SEMAPHORE_DB_USER} ..."
+
-TIMEOUT=30
+if [ "${SEMAPHORE_DB_DIALECT}" != 'bolt' ]; then
-while ! $(nc -z "$SEMAPHORE_DB_HOST" "$SEMAPHORE_DB_PORT") >/dev/null 2>&1; do
+  echoerr "Attempting to connect to database ${SEMAPHORE_DB} on ${SEMAPHORE_DB_HOST}:${SEMAPHORE_DB_PORT} with user ${SEMAPHORE_DB_USER} ..."
-    TIMEOUT=$(expr $TIMEOUT - 1)
+  TIMEOUT=30
-    if [ $TIMEOUT -eq 0 ]; then
+  while ! $(nc -z "$SEMAPHORE_DB_HOST" "$SEMAPHORE_DB_PORT") >/dev/null 2>&1; do
-        echoerr "Could not connect to database server. Exiting."
+      TIMEOUT=$(expr $TIMEOUT - 1)
-        exit 1
+      if [ $TIMEOUT -eq 0 ]; then
-    fi
+          echoerr "Could not connect to database server. Exiting."
-    echo -n "."
+          exit 1
-    sleep 1
+      fi
-done
+      echo -n "."
      sleep 1
  done
 fi
 case ${SEMAPHORE_DB_DIALECT} in
-    "mysql") SEMAPHORE_DB_DIALECT_ID=1;;
+    mysql) SEMAPHORE_DB_DIALECT_ID=1;;
-    "bolt") SEMAPHORE_DB_DIALECT_ID=2;;
+    bolt) SEMAPHORE_DB_DIALECT_ID=2;;
-    "postgres") SEMAPHORE_DB_DIALECT_ID=3;;
+    postgres) SEMAPHORE_DB_DIALECT_ID=3;;
    *)
        echoerr "Unknown database dialect: ${SEMAPHORE_DB_DIALECT}"
        exit 1
        ;;
 esac
 # Create a config if it does not exist in the current config path
@ -73,10 +108,22 @@ if [ ! -f "${SEMAPHORE_CONFIG_PATH}/config.json" ]; then
    echoerr "Generating ${SEMAPHORE_TMP_PATH}/config.stdin ..."
    cat << EOF > "${SEMAPHORE_TMP_PATH}/config.stdin"
 ${SEMAPHORE_DB_DIALECT_ID}
-${SEMAPHORE_DB_HOST}:${SEMAPHORE_DB_PORT}
+EOF
    if [ "${SEMAPHORE_DB_DIALECT}" = "bolt" ]; then
      cat << EOF >> "${SEMAPHORE_TMP_PATH}/config.stdin"
 ${SEMAPHORE_DB_PATH}/database.boltdb
 EOF
    else
      cat << EOF >> "${SEMAPHORE_TMP_PATH}/config.stdin"
 ${SEMAPHORE_DB_HOST}
 ${SEMAPHORE_DB_USER}
 ${SEMAPHORE_DB_PASS}
 ${SEMAPHORE_DB}
 EOF
    fi
      cat << EOF >> "${SEMAPHORE_TMP_PATH}/config.stdin"
 ${SEMAPHORE_TMP_PATH}
 ${SEMAPHORE_WEB_ROOT}
 no
@ -101,7 +148,6 @@ EOF
    fi;
    cat << EOF >> "${SEMAPHORE_TMP_PATH}/config.stdin"
 yes
 ${SEMAPHORE_CONFIG_PATH}
 ${SEMAPHORE_ADMIN}
 ${SEMAPHORE_ADMIN_EMAIL}
--- a/deployment/docker/dev/Dockerfile
+++ b/deployment/docker/dev/Dockerfile
@ -17,9 +17,11 @@ RUN adduser -D -u 1002 -g 0 semaphore && \
    mkdir -p /go/src/github.com/ansible-semaphore/semaphore && \
    mkdir -p /tmp/semaphore && \
    mkdir -p /etc/semaphore && \
    mkdir -p /var/lib/semaphore && \
    chown -R semaphore:0 /go && \
    chown -R semaphore:0 /tmp/semaphore && \
    chown -R semaphore:0 /etc/semaphore && \
    chown -R semaphore:0 /var/lib/semaphore && \
    ssh-keygen -t rsa -q -f "/root/.ssh/id_rsa" -N ""       && \
    ssh-keyscan -H github.com > /root/.ssh/known_hosts
--- a/deployment/docker/dev/docker-compose.yml
+++ b/deployment/docker/dev/docker-compose.yml
@ -28,7 +28,6 @@ services:
      SEMAPHORE_DB_HOST: mysql
      SEMAPHORE_DB_PORT: 3306
      SEMAPHORE_DB: semaphore
      SEMAPHORE_PLAYBOOK_PATH: /etc/semaphore
      SEMAPHORE_ADMIN_PASSWORD: password
      SEMAPHORE_ADMIN_NAME: "Developer"
      SEMAPHORE_ADMIN_EMAIL: admin@localhost
--- a/deployment/docker/prod/Dockerfile
+++ b/deployment/docker/prod/Dockerfile
@ -1,24 +1,23 @@
 # ansible-semaphore production image
 FROM golang:1.18.3-alpine3.16 as builder
 COPY ./ /go/src/github.com/ansible-semaphore/semaphore
 WORKDIR /go/src/github.com/ansible-semaphore/semaphore
 RUN apk add --no-cache -U libc-dev curl nodejs npm git && \
  ./deployment/docker/prod/bin/install
-# Uses frolvlad alpine so we have access to glibc which is needed for golang
+FROM alpine:3.16 as runner
 # and when deploying in openshift
 FROM frolvlad/alpine-glibc:alpine-3.16 as runner
 LABEL maintainer="Tom Whiston <tom.whiston@gmail.com>"
 RUN apk add --no-cache sshpass git curl ansible mysql-client openssh-client-default tini py3-aiohttp && \
    adduser -D -u 1001 -G root semaphore && \
    mkdir -p /tmp/semaphore && \
    mkdir -p /etc/semaphore && \
    mkdir -p /var/lib/semaphore && \
    chown -R semaphore:0 /tmp/semaphore && \
-    chown -R semaphore:0 /etc/semaphore
+    chown -R semaphore:0 /etc/semaphore && \
    chown -R semaphore:0 /var/lib/semaphore
 COPY --from=builder /usr/local/bin/semaphore-wrapper /usr/local/bin/
 COPY --from=builder /usr/local/bin/semaphore /usr/local/bin/
--- a/deployment/docker/prod/bin/install
+++ b/deployment/docker/prod/bin/install
@ -10,7 +10,8 @@ task deps
 set +e
 task compile
 set -e
-task build:local
+
 task build:local GOOS=$1 GOARCH=$2
 mv ./bin/semaphore /usr/local/bin/
 chown 1001:0 /usr/local/bin/semaphore
--- a/deployment/docker/prod/buildx.Dockerfile
+++ b/deployment/docker/prod/buildx.Dockerfile
@ -0,0 +1,37 @@
 # ansible-semaphore production image
 FROM --platform=$BUILDPLATFORM golang:1.18.3-alpine3.16 as builder
 COPY ./ /go/src/github.com/ansible-semaphore/semaphore
 WORKDIR /go/src/github.com/ansible-semaphore/semaphore
 ARG TARGETOS
 ARG TARGETARCH
 RUN apk add --no-cache -U libc-dev curl nodejs npm git
 RUN ./deployment/docker/prod/bin/install ${TARGETOS} ${TARGETARCH}
 FROM alpine:3.16 as runner
 LABEL maintainer="Tom Whiston <tom.whiston@gmail.com>"
 RUN apk add --no-cache sshpass git curl ansible mysql-client openssh-client-default tini py3-aiohttp && \
    adduser -D -u 1001 -G root semaphore && \
    mkdir -p /tmp/semaphore && \
    mkdir -p /etc/semaphore && \
    mkdir -p /var/lib/semaphore && \
    chown -R semaphore:0 /tmp/semaphore && \
    chown -R semaphore:0 /etc/semaphore && \
    chown -R semaphore:0 /var/lib/semaphore
 COPY --from=builder /usr/local/bin/semaphore-wrapper /usr/local/bin/
 COPY --from=builder /usr/local/bin/semaphore /usr/local/bin/
 RUN chown -R semaphore:0 /usr/local/bin/semaphore-wrapper &&\
    chown -R semaphore:0 /usr/local/bin/semaphore &&\
    chmod +x /usr/local/bin/semaphore-wrapper &&\
    chmod +x /usr/local/bin/semaphore
 WORKDIR /home/semaphore
 USER 1001
 ENTRYPOINT ["/sbin/tini", "--"]
 CMD ["/usr/local/bin/semaphore-wrapper", "/usr/local/bin/semaphore", "server", "--config", "/etc/semaphore/config.json"]
--- a/deployment/docker/prod/docker-compose.yml
+++ b/deployment/docker/prod/docker-compose.yml
@ -24,7 +24,6 @@ services:
      SEMAPHORE_DB_HOST: mysql
      SEMAPHORE_DB_PORT: 3306
      SEMAPHORE_DB: semaphore
      SEMAPHORE_PLAYBOOK_PATH: /tmp/semaphore/
      SEMAPHORE_ADMIN_PASSWORD: cangetin
      SEMAPHORE_ADMIN_NAME: admin
      SEMAPHORE_ADMIN_EMAIL: admin@localhost
--- a/deployment/openshift/README.md
+++ b/deployment/openshift/README.md
@ -1,27 +0,0 @@
 # Deploying Semaphore on Openshift
 This is intended as a quick starter config to get semaphore up and running using only the docker hub image.The image is set to be periodically pulled from the repository source.
 ## Setup
 Your openshift cluster needs to have the mysql-persistent template installed, however it comes by default.
 ```
 # oc cluster up
 oc new-project semaphore
 oc create -fdeployment/openshift/template.yml
 oc new-app mysql-persistent -p MYSQL_DATABASE=semaphore
 oc new-app semaphore # -p SEMAPHORE_IMAGE_TAG=develop
 ```
 It will take some moments for the application to become available (mainly due to the mysql pod startup time), check the logs of the semaphore container to see when it is ready. After this the web ui will be available on http://semaphore-semaphore.127.0.0.1.nip.io/auth/login (if running your oc cluster locally and you did not override the url via parameters). You can log in with the default values.
 If you deploy the template to multiple namespaces you must set the SEMAPHORE_URL to a unique value or it will be rejected by the router.
 ## Parameters
 `oc process --parameters semaphore`
 |NAME| DESCRIPTION| VALUE|
 |SEMAPHORE_IMAGE_SOURCE| The id of the repository from which to pull the semaphore image| docker.io/semaphoreui/semaphore|
 |SEMAPHORE_IMAGE_TAG| The tag to use for the semaphore repository| latest|
 |SEMAPHORE_DATA_VOLUME_SIZE| The size, in Gi of the semaphore data volume, which is mounted at /etc/semaphore| 5|
 |SEMAPHORE_URL| Set this to the value which you wish to be passed to the route. Default value works for local development usage| semaphore-semaphore.127.0.0.1.nip.io|
--- a/deployment/openshift/template.yml
+++ b/deployment/openshift/template.yml
@ -1,166 +0,0 @@
 apiVersion: v1
 kind: Template
 metadata:
  name: semaphore
 objects:
 - apiVersion: v1
  kind: ImageStream
  metadata:
    name: semaphore
    labels:
      app: semaphore
  spec:
    tags:
    - name: latest
      from:
        kind: DockerImage
        name: "${SEMAPHORE_IMAGE_SOURCE}:${SEMAPHORE_IMAGE_TAG}"
      importPolicy:
        scheduled: true
 - apiVersion: v1
  kind: PersistentVolumeClaim
  metadata:
    name: semaphore-data
  spec:
    accessModes:
    - ReadWriteOnce
    resources:
      requests:
        storage: "${SEMAPHORE_DATA_VOLUME_SIZE}Gi"
  status: {}
 - apiVersion: v1
  kind: DeploymentConfig
  metadata:
    labels:
      app: semaphore
    name: semaphore
  spec:
    replicas: 1
    selector:
      app: semaphore
      deploymentconfig: semaphore
    strategy:
      activeDeadlineSeconds: 21600
      resources: {}
      rollingParams:
        intervalSeconds: 1
        maxSurge: 25%
        maxUnavailable: 25%
        timeoutSeconds: 600
        updatePeriodSeconds: 1
      type: Rolling
    template:
      metadata:
        labels:
          app: semaphore
          deploymentconfig: semaphore
      spec:
        containers:
        - env:
          - name: SEMAPHORE_DB_HOST
            value: mysql
          - name: SEMAPHORE_DB
            value: semaphore
          - name: SEMAPHORE_DB_PASS
            valueFrom:
              secretKeyRef:
                key: database-password
                name: mysql
          - name: SEMAPHORE_DB_USER
            valueFrom:
              secretKeyRef:
                key: database-user
                name: mysql
          - name: SEMAPHORE_PLAYBOOK_PATH
            value: /tmp/semaphore
          imagePullPolicy: Always
          name: semaphore
          ports:
          - containerPort: 3000
            protocol: TCP
          resources: {}
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          volumeMounts:
          - mountPath: /etc/semaphore
            name: semaphore-etc
            subPath: etc
          - mountPath: /tmp
            name: tmp
        dnsPolicy: ClusterFirst
        restartPolicy: Always
        schedulerName: default-scheduler
        securityContext: {}
        terminationGracePeriodSeconds: 30
        volumes:
        - name: semaphore-etc
          persistentVolumeClaim:
            claimName: semaphore-data
        - name: tmp
          emptyDir:
    test: false
    triggers:
    - type: ConfigChange
    - imageChangeParams:
        automatic: true
        containerNames:
        - semaphore
        from:
          kind: ImageStreamTag
          name: semaphore:latest
      type: ImageChange
 - apiVersion: v1
  kind: Route
  metadata:
    name: semaphore
  spec:
    host: "${SEMAPHORE_URL}"
    port:
      targetPort: 3000-tcp
    to:
      kind: Service
      name: semaphore
      weight: 100
    wildcardPolicy: None
 - apiVersion: v1
  kind: Service
  metadata:
    labels:
      app: semaphore
    name: semaphore
  spec:
    ports:
    - name: 3000-tcp
      port: 3000
      protocol: TCP
      targetPort: 3000
    selector:
      app: semaphore
      deploymentconfig: semaphore
    sessionAffinity: None
    type: ClusterIP
  status:
    loadBalancer: {}
 parameters:
  - name: SEMAPHORE_IMAGE_SOURCE
    displayName: Semaphore image
    description: The id of the repository from which to pull the semaphore image
    value: docker.io/semaphoreui/semaphore
    required: true
  - name: SEMAPHORE_IMAGE_TAG
    displayName: Semaphore image
    description: The tag to use for the semaphore repository
    value: latest
    required: true
  - name: SEMAPHORE_DATA_VOLUME_SIZE
    displayName: Semaphore data volume size
    description: The size, in Gi of the semaphore data volume, which is mounted at /etc/semaphore
    value: "5"
    required: true
  - name: SEMAPHORE_URL
    displayName: URL
    description: Set this to the value which you wish to be passed to the route. If blank will use generated url
    required: false
--- a/go.mod
+++ b/go.mod
@ -9,7 +9,7 @@ require (
 	github.com/go-sql-driver/mysql v1.4.1
 	github.com/gobuffalo/packr v1.10.4
 	github.com/google/go-github v17.0.0+incompatible
-	github.com/gorilla/context v0.0.0-20160226214623-1ea25387ff6f
+	github.com/gorilla/context v1.1.1
 	github.com/gorilla/handlers v1.4.2
 	github.com/gorilla/mux v1.7.3
 	github.com/gorilla/securecookie v1.1.1
--- a/go.sum
+++ b/go.sum
@ -157,6 +157,8 @@ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5m
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
 github.com/gorilla/context v0.0.0-20160226214623-1ea25387ff6f h1:9oNbS1z4rVpbnkHBdPZU4jo9bSmrLpII768arSyMFgk=
 github.com/gorilla/context v0.0.0-20160226214623-1ea25387ff6f/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
 github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8=
 github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
 github.com/gorilla/handlers v1.4.2 h1:0QniY0USkHQ1RGCLfKxeNHK9bkDHGRYGNDFBCS+YARg=
 github.com/gorilla/handlers v1.4.2/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ=
 github.com/gorilla/mux v1.7.3 h1:gnP5JzjVOuiZD07fKKToCAOjS0yOpj/qPETTXCCS6hw=
--- a/services/tasks/alert.go
+++ b/services/tasks/alert.go
@ -10,10 +10,11 @@ import (
 	"strings"
 )
-const emailTemplate = `Subject: Task '{{ .Name }}' failed
+const emailTemplate = "Subject: Task '{{ .Name }}' failed\r\n" +
-
+	"From: {{ .From }}\r\n" +
-Task {{ .TaskID }} with template '{{ .Name }}' has failed!
+	"\r\n" +
-Task log: <a href='{{ .TaskURL }}'>{{ .TaskURL }}</a>`
+	"Task {{ .TaskID }} with template '{{ .Name }}' has failed!`\n" +
 	"Task Log: {{ .TaskURL }}"
 const telegramTemplate = `{"chat_id": "{{ .ChatID }}","parse_mode":"HTML","text":"<code>{{ .Name }}</code>\n#{{ .TaskID }} <b>{{ .TaskResult }}</b> <code>{{ .TaskVersion }}</code> {{ .TaskDescription }}\nby {{ .Author }}\n{{ .TaskURL }}"}`
@ -30,6 +31,7 @@ type Alert struct {
 	TaskVersion     string
 	Author          string
 	Color           string
 	From            string
 }
 func (t *TaskRunner) sendMailAlert() {
@ -41,9 +43,12 @@ func (t *TaskRunner) sendMailAlert() {
 	var mailBuffer bytes.Buffer
 	alert := Alert{
-		TaskID:  strconv.Itoa(t.task.ID),
+		TaskID: strconv.Itoa(t.task.ID),
-		Name:    t.template.Name,
+		Name:   t.template.Name,
-		TaskURL: util.Config.WebHost + "/project/" + strconv.Itoa(t.template.ProjectID),
+		TaskURL: util.Config.WebHost + "/project/" + strconv.Itoa(t.template.ProjectID) +
 			"/templates/" + strconv.Itoa(t.template.ID) +
 			"?t=" + strconv.Itoa(t.task.ID),
 		From: util.Config.EmailSender,
 	}
 	tpl := template.New("mail body template")
 	tpl, err := tpl.Parse(emailTemplate)
@ -60,11 +65,15 @@ func (t *TaskRunner) sendMailAlert() {
 		t.panicOnError(err, "Can't find user Email!")
 		t.Log("Sending email to " + userObj.Email + " from " + util.Config.EmailSender)
 		if util.Config.EmailSecure {
-			err = util.SendSecureMail(util.Config.EmailHost, util.Config.EmailPort, util.Config.EmailSender, util.Config.EmailUsername, util.Config.EmailPassword, userObj.Email, mailBuffer)
+			err = util.SendSecureMail(util.Config.EmailHost, util.Config.EmailPort,
 				util.Config.EmailSender, util.Config.EmailUsername, util.Config.EmailPassword,
 				userObj.Email, mailBuffer)
 		} else {
 			err = util.SendMail(mailHost, util.Config.EmailSender, userObj.Email, mailBuffer)
 		}
 		t.panicOnError(err, "Can't send email!")
 	}
 }
@ -136,9 +145,9 @@ func (t *TaskRunner) sendTelegramAlert() {
 	resp, err := http.Post("https://api.telegram.org/bot"+util.Config.TelegramToken+"/sendMessage", "application/json", &telegramBuffer)
 	if err != nil {
-		t.Log("Can't send telegram alert! Response code not 200!")
+		t.Log("Can't send telegram alert! Error: " + err.Error())
 	} else if resp.StatusCode != 200 {
-		t.Log("Can't send telegram alert! Response code not 200!")
+		t.Log("Can't send telegram alert! Response code: " + strconv.Itoa(resp.StatusCode))
 	}
 }
@ -219,8 +228,8 @@ func (t *TaskRunner) sendSlackAlert() {
 	resp, err := http.Post(slackUrl, "application/json", &slackBuffer)
 	if err != nil {
-		t.Log("Can't send slack alert! Response code not 200!")
+		t.Log("Can't send slack alert! Error: " + err.Error())
 	} else if resp.StatusCode != 200 {
-		t.Log("Can't send slack alert! Response code not 200!")
+		t.Log("Can't send slack alert! Response code: " + strconv.Itoa(resp.StatusCode))
 	}
 }
--- a/services/tasks/runner.go
+++ b/services/tasks/runner.go
@ -4,14 +4,16 @@ import (
 	"crypto/md5"
 	"encoding/json"
 	"fmt"
 	"github.com/ansible-semaphore/semaphore/lib"
 	"io"
 	"io/ioutil"
 	"os"
 	"path"
 	"strconv"
 	"strings"
 	"time"
 	"github.com/ansible-semaphore/semaphore/lib"
 	log "github.com/Sirupsen/logrus"
 	"github.com/ansible-semaphore/semaphore/api/sockets"
 	"github.com/ansible-semaphore/semaphore/db"
@ -47,6 +49,12 @@ func getMD5Hash(filepath string) (string, error) {
 	return fmt.Sprintf("%x", hash.Sum(nil)), nil
 }
 func (t *TaskRunner) getPlaybookDir() string {
 	playbookPath := path.Join(t.getRepoPath(), t.template.Playbook)
 	return path.Dir(playbookPath)
 }
 func (t *TaskRunner) getRepoPath() string {
 	repo := lib.GitRepository{
 		Logger:     t,
@ -72,14 +80,13 @@ func (t *TaskRunner) setStatus(status db.TaskStatus) {
 	t.updateStatus()
 	t.sendSlackAlert()
 	if status == db.TaskFailStatus {
 		t.sendMailAlert()
 	}
 	if status == db.TaskSuccessStatus || status == db.TaskFailStatus {
 		t.sendTelegramAlert()
 		t.sendSlackAlert()
 	}
 }
@ -315,7 +322,7 @@ func (t *TaskRunner) prepareError(err error, errMsg string) error {
 	return nil
 }
-//nolint: gocyclo
+// nolint: gocyclo
 func (t *TaskRunner) populateDetails() error {
 	// get template
 	var err error
@ -480,7 +487,7 @@ func (t *TaskRunner) updateRepository() error {
 }
 func (t *TaskRunner) installCollectionsRequirements() error {
-	requirementsFilePath := fmt.Sprintf("%s/collections/requirements.yml", t.getRepoPath())
+	requirementsFilePath := path.Join(t.getPlaybookDir(), "collections", "requirements.yml")
 	requirementsHashFilePath := fmt.Sprintf("%s.md5", requirementsFilePath)
 	if _, err := os.Stat(requirementsFilePath); err != nil {
@ -639,7 +646,7 @@ func (t *TaskRunner) getEnvironmentExtraVars() (str string, err error) {
 	return
 }
-//nolint: gocyclo
+// nolint: gocyclo
 func (t *TaskRunner) getPlaybookArgs() (args []string, err error) {
 	playbookName := t.task.Playbook
 	if playbookName == "" {
@ -696,6 +703,10 @@ func (t *TaskRunner) getPlaybookArgs() (args []string, err error) {
 		args = append(args, "-vvvv")
 	}
 	if t.task.Diff {
 		args = append(args, "--diff")
 	}
 	if t.task.DryRun {
 		args = append(args, "--check")
 	}
--- a/services/tasks/runner_test.go
+++ b/services/tasks/runner_test.go
@ -1,9 +1,6 @@
 package tasks
 import (
 	"github.com/ansible-semaphore/semaphore/db"
 	"github.com/ansible-semaphore/semaphore/db/bolt"
 	"github.com/ansible-semaphore/semaphore/util"
 	"math/rand"
 	"os"
 	"path"
@ -11,8 +8,68 @@ import (
 	"strings"
 	"testing"
 	"time"
 	"github.com/ansible-semaphore/semaphore/db"
 	"github.com/ansible-semaphore/semaphore/db/bolt"
 	"github.com/ansible-semaphore/semaphore/util"
 )
 func TestGetRepoPath(t *testing.T) {
 	util.Config = &util.ConfigType{
 		TmpPath: "/tmp",
 	}
 	inventoryID := 1
 	tsk := TaskRunner{
 		task: db.Task{},
 		inventory: db.Inventory{
 			SSHKeyID: &inventoryID,
 			SSHKey: db.AccessKey{
 				ID:   12345,
 				Type: db.AccessKeySSH,
 			},
 			Type: db.InventoryStatic,
 		},
 		template: db.Template{
 			Playbook: "deploy/test.yml",
 		},
 	}
 	dir := tsk.getPlaybookDir()
 	if dir != "/tmp/repository_0_0/deploy" {
 		t.Fatal("Invalid playbook dir: " + dir)
 	}
 }
 func TestGetRepoPath_whenStartsWithSlash(t *testing.T) {
 	util.Config = &util.ConfigType{
 		TmpPath: "/tmp",
 	}
 	inventoryID := 1
 	tsk := TaskRunner{
 		task: db.Task{},
 		inventory: db.Inventory{
 			SSHKeyID: &inventoryID,
 			SSHKey: db.AccessKey{
 				ID:   12345,
 				Type: db.AccessKeySSH,
 			},
 			Type: db.InventoryStatic,
 		},
 		template: db.Template{
 			Playbook: "/deploy/test.yml",
 		},
 	}
 	dir := tsk.getPlaybookDir()
 	if dir != "/tmp/repository_0_0/deploy" {
 		t.Fatal("Invalid playbook dir: " + dir)
 	}
 }
 func TestPopulateDetails(t *testing.T) {
 	r := rand.New(rand.NewSource(time.Now().UTC().UnixNano()))
 	fn := "/tmp/test_semaphore_db_" + strconv.Itoa(r.Int())
--- a/web2/.browserslistrc
+++ b/web2/.browserslistrc
--- a/web2/.editorconfig
+++ b/web2/.editorconfig
--- a/web2/.eslintrc.js
+++ b/web2/.eslintrc.js
--- a/web2/README.md
+++ b/web2/README.md
@ -1,4 +1,4 @@
-# web2
+# web
 ## Project setup
 ```
--- a/web2/babel.config.js
+++ b/web2/babel.config.js
--- a/web2/package-lock.json
+++ b/web2/package-lock.json
--- a/web2/package.json
+++ b/web2/package.json
@ -1,5 +1,5 @@
 {
-  "name": "web2",
+  "name": "web",
  "version": "0.1.0",
  "private": true,
  "scripts": {
@ -13,7 +13,6 @@
    "ansi-to-html": "^0.7.2",
    "axios": "^0.21.4",
    "core-js": "^3.23.2",
    "eslint-plugin-vuejs-accessibility": "^1.2.0",
    "moment": "^2.29.3",
    "vue": "^2.6.14",
    "vue-codemirror": "^4.0.6",
@ -34,6 +33,7 @@
    "eslint": "^7.32.0",
    "eslint-plugin-import": "^2.26.0",
    "eslint-plugin-vue": "^9.1.1",
    "eslint-plugin-vuejs-accessibility": "^1.2.0",
    "glob-parent": ">=5.1.2",
    "nanoid": ">=3.1.31",
    "nyc": "^15.1.0",
--- a/web2/public/allow-override-cli-args-in-task.mp4
+++ b/web2/public/allow-override-cli-args-in-task.mp4
--- a/web2/public/favicon.png
+++ b/web2/public/favicon.png
--- a/web2/public/favicon.svg
+++ b/web2/public/favicon.svg
--- a/web2/public/index.html
+++ b/web2/public/index.html
--- a/web2/src/App.vue
+++ b/web2/src/App.vue
--- a/web2/src/assets/fonts/LICENSE.txt
+++ b/web2/src/assets/fonts/LICENSE.txt
@ -1,202 +1,202 @@
-
+
-                                 Apache License
+                                 Apache License
-                           Version 2.0, January 2004
+                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
+                        http://www.apache.org/licenses/
-
+
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
+
-   1. Definitions.
+   1. Definitions.
-
+
-      "License" shall mean the terms and conditions for use, reproduction,
+      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
+      and distribution as defined by Sections 1 through 9 of this document.
-
+
-      "Licensor" shall mean the copyright owner or entity authorized by
+      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
+      the copyright owner that is granting the License.
-
+
-      "Legal Entity" shall mean the union of the acting entity and all
+      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
+      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
+      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
+      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
+      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
+      outstanding shares, or (iii) beneficial ownership of such entity.
-
+
-      "You" (or "Your") shall mean an individual or Legal Entity
+      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
+      exercising permissions granted by this License.
-
+
-      "Source" form shall mean the preferred form for making modifications,
+      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
+      including but not limited to software source code, documentation
-      source, and configuration files.
+      source, and configuration files.
-
+
-      "Object" form shall mean any form resulting from mechanical
+      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
+      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
+      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
+      and conversions to other media types.
-
+
-      "Work" shall mean the work of authorship, whether in Source or
+      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
+      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
+      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
+      (an example is provided in the Appendix below).
-
+
-      "Derivative Works" shall mean any work, whether in Source or Object
+      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
+      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
+      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
+      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
+      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
+      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
+      the Work and Derivative Works thereof.
-
+
-      "Contribution" shall mean any work of authorship, including
+      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
+      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
+      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
+      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
+      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
+      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
+      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
+      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
+      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
+      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
+      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
+      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
+      designated in writing by the copyright owner as "Not a Contribution."
-
+
-      "Contributor" shall mean Licensor and any individual or Legal Entity
+      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
+      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
+      subsequently incorporated within the Work.
-
+
-   2. Grant of Copyright License. Subject to the terms and conditions of
+   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
+      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
+      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
+      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
+      Work and such Derivative Works in Source or Object form.
-
+
-   3. Grant of Patent License. Subject to the terms and conditions of
+   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
+      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
+      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
+      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
+      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
+      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
+      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
+      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
+      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
+      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
+      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
+      as of the date such litigation is filed.
-
+
-   4. Redistribution. You may reproduce and distribute copies of the
+   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
+      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
+      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
+      meet the following conditions:
-
+
-      (a) You must give any other recipients of the Work or
+      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
+          Derivative Works a copy of this License; and
-
+
-      (b) You must cause any modified files to carry prominent notices
+      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
+          stating that You changed the files; and
-
+
-      (c) You must retain, in the Source form of any Derivative Works
+      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
+          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
+          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
+          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
+          the Derivative Works; and
-
+
-      (d) If the Work includes a "NOTICE" text file as part of its
+      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
+          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
+          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
+          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
+          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
+          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
+          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
+          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
+          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
+          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
+          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
+          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
+          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
+          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
+          that such additional attribution notices cannot be construed
-          as modifying the License.
+          as modifying the License.
-
+
-      You may add Your own copyright statement to Your modifications and
+      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
+      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
+      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
+      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
+      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
+      the conditions stated in this License.
-
+
-   5. Submission of Contributions. Unless You explicitly state otherwise,
+   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
+      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
+      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
+      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
+      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
+      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
+      with Licensor regarding such Contributions.
-
+
-   6. Trademarks. This License does not grant permission to use the trade
+   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
+      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
+      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
+      origin of the Work and reproducing the content of the NOTICE file.
-
+
-   7. Disclaimer of Warranty. Unless required by applicable law or
+   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
+      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
+      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
+      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
+      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
+      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
+      risks associated with Your exercise of permissions under this License.
-
+
-   8. Limitation of Liability. In no event and under no legal theory,
+   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
+      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
+      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
+      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
+      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
+      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
+      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
+      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
+      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
+      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
+      has been advised of the possibility of such damages.
-
+
-   9. Accepting Warranty or Additional Liability. While redistributing
+   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
+      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
+      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
+      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
+      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
+      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
+      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
+      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
+      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
+      of your accepting any such warranty or additional liability.
-
+
-   END OF TERMS AND CONDITIONS
+   END OF TERMS AND CONDITIONS
-
+
-   APPENDIX: How to apply the Apache License to your work.
+   APPENDIX: How to apply the Apache License to your work.
-
+
-      To apply the Apache License to your work, attach the following
+      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
+      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
+      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
+      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
+      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
+      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
+      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
+      identification within third-party archives.
-
+
-   Copyright [yyyy] [name of copyright owner]
+   Copyright [yyyy] [name of copyright owner]
-
+
-   Licensed under the Apache License, Version 2.0 (the "License");
+   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
+   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
+   You may obtain a copy of the License at
-
+
-       http://www.apache.org/licenses/LICENSE-2.0
+       http://www.apache.org/licenses/LICENSE-2.0
-
+
-   Unless required by applicable law or agreed to in writing, software
+   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
+   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
+   See the License for the specific language governing permissions and
-   limitations under the License.
+   limitations under the License.
--- a/web2/src/assets/fonts/Roboto-Black.ttf
+++ b/web2/src/assets/fonts/Roboto-Black.ttf
--- a/web2/src/assets/fonts/Roboto-Bold.ttf
+++ b/web2/src/assets/fonts/Roboto-Bold.ttf
--- a/web2/src/assets/fonts/Roboto-Light.ttf
+++ b/web2/src/assets/fonts/Roboto-Light.ttf
--- a/web2/src/assets/fonts/Roboto-Medium.ttf
+++ b/web2/src/assets/fonts/Roboto-Medium.ttf
--- a/web2/src/assets/fonts/Roboto-Regular.ttf
+++ b/web2/src/assets/fonts/Roboto-Regular.ttf
--- a/web2/src/assets/fonts/Roboto-Thin.ttf
+++ b/web2/src/assets/fonts/Roboto-Thin.ttf
--- a/web2/src/assets/logo.png
+++ b/web2/src/assets/logo.png
--- a/web2/src/assets/logo.svg
+++ b/web2/src/assets/logo.svg
--- a/web2/src/assets/scss/main.scss
+++ b/web2/src/assets/scss/main.scss
--- a/web2/src/components/ChangePasswordForm.vue
+++ b/web2/src/components/ChangePasswordForm.vue
--- a/web2/src/components/CronInput.vue
+++ b/web2/src/components/CronInput.vue
--- a/web2/src/components/EditDialog.vue
+++ b/web2/src/components/EditDialog.vue
--- a/web2/src/components/EditViewsForm.vue
+++ b/web2/src/components/EditViewsForm.vue
--- a/web2/src/components/EnvironmentForm.vue
+++ b/web2/src/components/EnvironmentForm.vue
@ -52,7 +52,7 @@
      Example:
      <pre style="font-size: 14px;">{
  "var_available_in_playbook_1": 1245,
-  "var_available_in_playbook_2": "test",
+  "var_available_in_playbook_2": "test"
 }</pre>
    </v-alert>
  </v-form>
--- a/web2/src/components/IndeterminateProgressCircular.vue
+++ b/web2/src/components/IndeterminateProgressCircular.vue
--- a/web2/src/components/InventoryForm.vue
+++ b/web2/src/components/InventoryForm.vue
@ -100,7 +100,7 @@
 </template>
 <style>
 .CodeMirror {
-  height: 200px !important;
+  height: 160px !important;
 }
 </style>
 <script>
--- a/web2/src/components/ItemFormBase.js
+++ b/web2/src/components/ItemFormBase.js
--- a/web2/src/components/ItemListPageBase.js
+++ b/web2/src/components/ItemListPageBase.js
--- a/web2/src/components/KeyForm.vue
+++ b/web2/src/components/KeyForm.vue
@ -71,13 +71,6 @@
      v-if="item.type === 'ssh'"
    />
    <v-text-field
      v-model="item.pat"
      label="Personal access token"
      v-if="item.type === 'pat'"
      :disabled="formSaving || !canEditSecrets"
    />
    <v-checkbox
        v-model="item.override_secret"
        label="Override"
@ -108,9 +101,6 @@ export default {
      }, {
        id: 'login_password',
        name: 'Login with password',
      }, {
        id: 'pat',
        name: 'Personal access token',
      }, {
        id: 'none',
        name: 'None',
@ -129,7 +119,6 @@ export default {
      return {
        ssh: {},
        login_password: {},
        pat: '',
      };
    },
--- a/web/src/components/NewTaskDialog.vue
+++ b/web/src/components/NewTaskDialog.vue
@ -0,0 +1,78 @@
 <template>
  <EditDialog
    v-model="dialog"
    :save-button-text="TEMPLATE_TYPE_ACTION_TITLES[templateType]"
    title="New Task"
    @save="closeDialog"
    @close="closeDialog"
  >
    <template v-slot:title={}>
      <v-icon small class="mr-4">{{ TEMPLATE_TYPE_ICONS[templateType] }}</v-icon>
      <span class="breadcrumbs__item">{{ templateAlias }}</span>
      <v-icon>mdi-chevron-right</v-icon>
      <span class="breadcrumbs__item">New Task</span>
    </template>
    <template v-slot:form="{ onSave, onError, needSave, needReset }">
      <TaskForm
        :project-id="projectId"
        item-id="new"
        :template-id="templateId"
        @save="onSave"
        @error="onError"
        :need-save="needSave"
        :need-reset="needReset"
      />
    </template>
  </EditDialog>
 </template>
 <script>
 import TaskForm from './TaskForm.vue';
 import EditDialog from './EditDialog.vue';
 import { TEMPLATE_TYPE_ACTION_TITLES, TEMPLATE_TYPE_ICONS } from '../lib/constants';
 import EventBus from '../event-bus';
 export default {
  components: {
    TaskForm,
    EditDialog,
  },
  props: {
    value: Boolean,
    projectId: Number,
    templateId: Number,
    templateType: String,
    templateAlias: String,
  },
  data() {
    return {
      dialog: false,
      TEMPLATE_TYPE_ACTION_TITLES,
      TEMPLATE_TYPE_ICONS,
    };
  },
  watch: {
    async dialog(val) {
      this.$emit('input', val);
    },
    async value(val) {
      this.dialog = val;
    },
  },
  methods: {
    closeDialog(e) {
      this.dialog = false;
      if (e) {
        EventBus.$emit('i-show-task', {
          taskId: e.item.id,
        });
        this.$emit('save', e);
      }
      this.$emit('close');
    },
  },
 };
 </script>
--- a/web2/src/components/ObjectRefsDialog.vue
+++ b/web2/src/components/ObjectRefsDialog.vue
--- a/web2/src/components/ObjectRefsView.vue
+++ b/web2/src/components/ObjectRefsView.vue
--- a/web2/src/components/PageBottomSheet.vue
+++ b/web2/src/components/PageBottomSheet.vue
--- a/web2/src/components/ProjectForm.vue
+++ b/web2/src/components/ProjectForm.vue
--- a/web2/src/components/RepositoryForm.vue
+++ b/web2/src/components/RepositoryForm.vue
@ -35,32 +35,14 @@
    <div class="mt-1 mb-4">
      <span class="caption">git:</span>
      <v-chip
        v-for="x in ['ssh', 'https', 'file', 'git']"
        x-small
        class="ml-1"
-        :color="type ==='file' ? 'primary' : ''"
+        :color="type ===x ? 'primary' : ''"
-        @click="setType('file')"
+        @click="setType(x)"
        style="font-weight: bold;"
-      >
+        :key="x"
-        file
+      >{{ x }}</v-chip>
      </v-chip>
      <v-chip
        x-small
        class="ml-1"
        :color="type ==='git' ? 'primary' : ''"
        @click="setType('git')"
        style="font-weight: bold;"
      >
        git
      </v-chip>
      <v-chip
        x-small
        class="ml-1"
        :color="type ==='ssh' ? 'primary' : ''"
        @click="setType('ssh')"
        style="font-weight: bold;"
      >
        ssh
      </v-chip>
      <span class="caption ml-3">local:</span>
      <v-chip
        x-small
@ -166,7 +148,7 @@ export default {
        return 'ssh';
      }
-      if (!['git', 'file', 'ssh'].includes(m[1])) {
+      if (!['git', 'file', 'ssh', 'https'].includes(m[1])) {
        return null;
      }
--- a/web2/src/components/SurveyVars.vue
+++ b/web2/src/components/SurveyVars.vue
@ -8,25 +8,33 @@
      <v-card :color="$vuetify.theme.dark ? '#212121' : 'white'">
        <v-card-title></v-card-title>
        <v-card-text class="pb-0">
-          <v-form v-if="editedVar != null">
+          <v-form
            ref="form"
            lazy-validation
            v-if="editedVar != null"
          >
            <v-text-field
-              label="Name"
+              label="Name *"
-              v-model="editedVar.name"
+              v-model.trim="editedVar.name"
              :rules="[(v) => !!v || 'Name is required']"
              required
            />
            <v-text-field
-              label="Title"
+              label="Title *"
              v-model="editedVar.title"
              :rules="[(v) => !!v || 'Title is required']"
              required
            />
            <v-text-field
-              label="Description (Optional)"
+              label="Description"
              v-model="editedVar.description"
              required
            />
            <v-select
              v-model="editedVar.type"
-              label="Type (Optional)"
+              label="Type"
              :items="varTypes"
              item-value="id"
              item-text="name"
@ -56,7 +64,7 @@
        </v-card-actions>
      </v-card>
    </v-dialog>
-    <fieldset style="padding: 0 10px 5px 10px;
+    <fieldset style="padding: 0 10px 2px 10px;
                     border: 1px solid rgba(0, 0, 0, 0.38);
                     border-radius: 4px;
                     font-size: 12px;"
@ -66,7 +74,7 @@
                         'rgba(0, 0, 0, 0.38)'
                     }">
      <legend style="padding: 0 3px;">Survey Variables</legend>
-      <v-chip-group column>
+      <v-chip-group column style="margin-top: -4px;">
        <v-chip
          v-for="(v, i) in modifiedVars"
          close
@ -77,7 +85,9 @@
        >
          {{ v.title }}
        </v-chip>
-        <v-chip @click="editVar(null)">+</v-chip>
+        <v-chip @click="editVar(null)">
          + <span class="ml-1" v-if="modifiedVars.length === 0">Add variable</span>
        </v-chip>
      </v-chip-group>
    </fieldset>
  </div>
@ -95,9 +105,11 @@ export default {
      this.var = val || [];
    },
  },
  created() {
    this.modifiedVars = (this.vars || []).map((v) => ({ ...v }));
  },
  data() {
    return {
      editDialog: null,
@ -117,17 +129,23 @@ export default {
    editVar(index) {
      this.editedVar = index != null ? { ...this.modifiedVars[index] } : {};
      this.editedVarIndex = index;
      if (this.$refs.form) {
        this.$refs.form.resetValidation();
      }
      this.editDialog = true;
    },
    saveVar() {
      if (!this.$refs.form.validate()) {
        return;
      }
      if (this.editedVarIndex != null) {
        this.modifiedVars[this.editedVarIndex] = this.editedVar;
      } else {
        this.modifiedVars.push(this.editedVar);
      }
      this.editDialog = false;
      this.editVarIndex = null;
      this.editedVar = null;
      this.$emit('change', this.modifiedVars);
    },
--- a/web2/src/components/SystemInfoDialog.vue
+++ b/web2/src/components/SystemInfoDialog.vue
--- a/web2/src/components/SystemSettingsDialog.vue
+++ b/web2/src/components/SystemSettingsDialog.vue
--- a/web2/src/components/TableSettingsSheet.vue
+++ b/web2/src/components/TableSettingsSheet.vue
--- a/web2/src/components/TaskForm.vue
+++ b/web2/src/components/TaskForm.vue
@ -58,13 +58,44 @@
        ]"
    />
-    <div class="mt-4 mb-2" v-if="!advancedOptions">
+    <v-row no-gutters class="mt-6">
      <v-col cols="12" sm="6">
        <v-checkbox class="mt-0" v-model="item.debug">
          <template v-slot:label>
            <div class="text-no-wrap">Debug <code>--vvvv</code></div>
          </template>
        </v-checkbox>
      </v-col>
      <v-col cols="12" sm="6">
        <v-checkbox class="mt-0" v-model="item.dry_run">
          <template v-slot:label>
            <div class="text-no-wrap">Dry Run <code>--check</code></div>
          </template>
        </v-checkbox>
      </v-col>
      <v-col cols="12" sm="6">
        <v-checkbox class="mt-0" v-model="item.diff">
          <template v-slot:label>
            <div class="text-no-wrap">Diff <code>--diff</code></div>
          </template>
        </v-checkbox>
      </v-col>
    </v-row>
    <div class="mt-4" v-if="!advancedOptions">
      <a @click="advancedOptions = true">
        Advanced
        <v-icon style="transform: translateY(-1px)">mdi-chevron-right</v-icon>
      </a>
    </div>
    <div class="mt-4" v-else>
      <a @click="advancedOptions = false">
        Hide
        <v-icon style="transform: translateY(-1px)">mdi-chevron-up</v-icon>
      </a>
    </div>
    <v-alert
      v-if="advancedOptions && !template.allow_override_args_in_task"
      color="info"
@ -92,8 +123,7 @@
      :style="{ border: '1px solid lightgray' }"
      v-model="item.arguments"
      :options="cmOptions"
-      placeholder='Enter extra CLI Arguments...
+      placeholder='CLI Args (JSON array). Example:
 Example:
 [
  "-i",
  "@myinventory.sh",
@ -102,30 +132,6 @@ Example:
 ]'
    />
    <div
      v-if="advancedOptions"
    >
      <a @click="advancedOptions = false">
        Hide
        <v-icon style="transform: translateY(-1px)">mdi-chevron-up</v-icon>
      </a>
    </div>
    <v-row no-gutters>
      <v-col>
        <v-checkbox
          v-model="item.debug"
          label="Debug"
        ></v-checkbox>
      </v-col>
      <v-col>
        <v-checkbox
          v-model="item.dry_run"
          label="Dry Run"
        ></v-checkbox>
      </v-col>
    </v-row>
  </v-form>
 </template>
 <script>
--- a/web2/src/components/TaskLink.vue
+++ b/web2/src/components/TaskLink.vue
--- a/web2/src/components/TaskList.vue
+++ b/web2/src/components/TaskList.vue
--- a/web2/src/components/TaskLogView.vue
+++ b/web2/src/components/TaskLogView.vue
--- a/web2/src/components/TaskStatus.vue
+++ b/web2/src/components/TaskStatus.vue
--- a/web2/src/components/TeamMemberForm.vue
+++ b/web2/src/components/TeamMemberForm.vue
--- a/web2/src/components/TemplateForm.vue
+++ b/web2/src/components/TemplateForm.vue
@ -115,16 +115,30 @@
        <v-text-field
          v-model="item.name"
-          label="Playbook Name"
+          label="Name *"
-          :rules="[v => !!v || 'Playbook Name is required']"
+          :rules="[v => !!v || 'Name is required']"
          outlined
          dense
          required
          :disabled="formSaving"
        ></v-text-field>
        <v-textarea
          v-model="item.description"
          label="Description"
          :disabled="formSaving"
          rows="1"
          :auto-grow="true"
          outlined
          dense
        ></v-textarea>
        <v-text-field
          v-model="item.playbook"
-          label="Playbook Filename"
+          label="Playbook Filename *"
          :rules="[v => !!v || 'Playbook Filename is required']"
          outlined
          dense
          required
          :disabled="formSaving"
          placeholder="Example: site.yml"
@ -132,37 +146,45 @@
        <v-select
          v-model="item.inventory_id"
-          label="Inventory"
+          label="Inventory *"
          :items="inventory"
          item-value="id"
          item-text="name"
          :rules="[v => !!v || 'Inventory is required']"
          outlined
          dense
          required
          :disabled="formSaving"
        ></v-select>
        <v-select
          v-model="item.repository_id"
-          label="Repository"
+          label="Repository *"
          :items="repositories"
          item-value="id"
          item-text="name"
          :rules="[v => !!v || 'Repository is required']"
          outlined
          dense
          required
          :disabled="formSaving"
        ></v-select>
        <v-select
          v-model="item.environment_id"
-          label="Environment"
+          label="Environment *"
          :items="environment"
          item-value="id"
          item-text="name"
          :rules="[v => !!v || 'Environment is required']"
          outlined
          dense
          required
          :disabled="formSaving"
        ></v-select>
        <v-select
          v-if="itemTypeIndex === 0"
          v-model="item.vault_key_id"
          label="Vault Password"
          clearable
@ -170,71 +192,114 @@
          item-value="id"
          item-text="name"
          :disabled="formSaving"
          outlined
          dense
        ></v-select>
      </v-col>
      <v-col cols="12" md="6" class="pb-0">
        <v-textarea
          outlined
          v-model="item.description"
          label="Description (Optional)"
          :disabled="formSaving"
          rows="5"
        ></v-textarea>
-        <SurveyVars :vars="item.survey_vars" @change="setSurveyVars"/>
+        <v-select
          v-if="itemTypeIndex > 0"
          v-model="item.vault_key_id"
          label="Vault Password"
          clearable
          :items="loginPasswordKeys"
          item-value="id"
          item-text="name"
          :disabled="formSaving"
          outlined
          dense
        ></v-select>
        <SurveyVars style="margin-top: -10px;" :vars="item.survey_vars" @change="setSurveyVars"/>
        <v-select
          v-model="item.view_id"
-          label="View (Optional)"
+          label="View"
          clearable
          :items="views"
          item-value="id"
          item-text="title"
          :disabled="formSaving"
          outlined
          dense
        ></v-select>
-        <v-text-field
+        <v-row>
-          class="mt-6"
+          <v-col cols="5" class="pr-1">
-          v-model="cronFormat"
+            <v-text-field
-          label="Cron (Optional)"
+              style="font-size: 14px"
-          :disabled="formSaving"
+              v-model="cronFormat"
-          placeholder="Example: * 1 * * *"
+              label="Cron"
-          v-if="schedules == null || schedules.length <= 1"
+              :disabled="formSaving"
-          append-outer-icon="mdi-help-circle"
+              placeholder="* * * * *"
-          @click:append-outer="showHelpDialog('cron')"
+              v-if="schedules == null || schedules.length <= 1"
-        ></v-text-field>
+              outlined
              dense
              hide-details
            ></v-text-field>
          </v-col>
-        <v-select
+          <v-col cols="7">
-          v-model="cronRepositoryId"
+            <a
-          label="Cron Condition Repository (Optional)"
+              v-if="!cronRepositoryIdVisible && cronRepositoryId == null"
-          placeholder="Cron checks new commit before run"
+              @click="cronRepositoryIdVisible = true"
-          :items="repositories"
+              class="text-caption d-block"
-          item-value="id"
+              style="line-height: 1.1;"
-          item-text="name"
+            >
-          :disabled="formSaving"
+              I want to run a task by the cron only for for new commits of some repository
-        ></v-select>
+            </a>
-        <a @click="advancedOptions = true" v-if="!advancedOptions">
+            <v-select
-          Advanced
+              style="font-size: 14px"
-          <v-icon style="transform: translateY(-1px)">mdi-chevron-right</v-icon>
+              v-if="cronRepositoryIdVisible || cronRepositoryId != null"
-        </a>
+              v-model="cronRepositoryId"
              label="Repository"
              placeholder="Cron checks new commit before run"
              :items="repositories"
              item-value="id"
              item-text="name"
              clearable
              :disabled="formSaving"
              outlined
              dense
              hide-details
            ></v-select>
          </v-col>
        </v-row>
        <small class="mt-1 mb-4 d-block">
          Read the
          <a target="_blank" href="https://pkg.go.dev/github.com/robfig/cron#hdr-CRON_Expression_Format">docs</a>
          to learn more about Cron.
        </small>
        <v-checkbox
          v-if="advancedOptions"
          class="mt-0"
          label="Suppress success alerts"
          v-model="item.suppress_success_alerts"
        />
 <!--        <a @click="advancedOptions = true" v-if="!advancedOptions">-->
 <!--          Advanced-->
 <!--          <v-icon style="transform: translateY(-1px)">mdi-chevron-right</v-icon>-->
 <!--        </a>-->
 <!--        <div v-if="advancedOptions" class="mb-3">-->
 <!--          <a @click="advancedOptions = false">-->
 <!--            Hide-->
 <!--            <v-icon style="transform: translateY(-1px)">mdi-chevron-up</v-icon>-->
 <!--          </a>-->
 <!--        </div>-->
        <codemirror
          v-if="advancedOptions"
          :style="{ border: '1px solid lightgray' }"
          v-model="item.arguments"
          :options="cmOptions"
          :disabled="formSaving"
-          placeholder='Enter extra CLI Arguments...
+          placeholder='CLI Args (JSON array). Example:
 Example:
 [
  "-i",
  "@myinventory.sh",
@ -244,11 +309,10 @@ Example:
        />
        <v-checkbox
-          v-if="advancedOptions"
+          label="Allow CLI args in Task"
          class="mt-0"
          label="Allow override CLI args in task"
          v-model="item.allow_override_args_in_task"
        />
      </v-col>
    </v-row>
  </v-form>
@ -307,6 +371,7 @@ export default {
      buildTemplates: null,
      cronFormat: null,
      cronRepositoryId: null,
      cronRepositoryIdVisible: false,
      helpDialog: null,
      helpKey: null,
--- a/web2/src/components/UserForm.vue
+++ b/web2/src/components/UserForm.vue
--- a/web2/src/components/YesNoDialog.vue
+++ b/web2/src/components/YesNoDialog.vue
--- a/web2/src/event-bus.js
+++ b/web2/src/event-bus.js
--- a/web2/src/lib/Listenable.js
+++ b/web2/src/lib/Listenable.js
--- a/web2/src/lib/PubSub.js
+++ b/web2/src/lib/PubSub.js
--- a/web2/src/lib/Socket.js
+++ b/web2/src/lib/Socket.js
--- a/web2/src/lib/constants.js
+++ b/web2/src/lib/constants.js
@ -1,7 +1,7 @@
 export const TEMPLATE_TYPE_ICONS = {
  '': 'mdi-cog',
  build: 'mdi-wrench',
-  deploy: 'mdi-rocket-launch',
+  deploy: 'mdi-arrow-up-bold-box',
 };
 export const TEMPLATE_TYPE_TITLES = {
--- a/web2/src/lib/delay.js
+++ b/web2/src/lib/delay.js
--- a/web2/src/lib/error.js
+++ b/web2/src/lib/error.js
--- a/web2/src/main.js
+++ b/web2/src/main.js
--- a/web2/src/plugins/vuetify.js
+++ b/web2/src/plugins/vuetify.js
--- a/web2/src/router/index.js
+++ b/web2/src/router/index.js
--- a/Show More
+++ b/Show More
		`@ -0,0 +1 @@`
							`ALTER TABLE task ADD diff boolean NOT NULL DEFAULT false;`