From 06d1062423020a4775e8bbb301ad42215f7674e3 Mon Sep 17 00:00:00 2001 From: Jens L Date: Mon, 6 May 2024 03:16:30 +0200 Subject: [PATCH] tenants: fix scheduled tasks not running on default tenant (#9583) * tenants: fix scheduled tasks not running on default tenant Signed-off-by: Jens Langhammer * add some extra time to keep system task around Signed-off-by: Jens Langhammer * make sure we actually send it to all tenants Signed-off-by: Jens Langhammer --------- Signed-off-by: Jens Langhammer --- authentik/events/system_tasks.py | 2 +- authentik/lib/default.yml | 1 + authentik/root/settings.py | 8 +++++++- authentik/tenants/scheduler.py | 9 +++++++++ 4 files changed, 18 insertions(+), 2 deletions(-) diff --git a/authentik/events/system_tasks.py b/authentik/events/system_tasks.py index fe1696c2d7..e6aecb5c4c 100644 --- a/authentik/events/system_tasks.py +++ b/authentik/events/system_tasks.py @@ -119,7 +119,7 @@ class SystemTask(TenantTask): "task_call_kwargs": sanitize_item(kwargs), "status": self._status, "messages": sanitize_item(self._messages), - "expires": now() + timedelta(hours=self.result_timeout_hours), + "expires": now() + timedelta(hours=self.result_timeout_hours + 3), "expiring": True, }, ) diff --git a/authentik/lib/default.yml b/authentik/lib/default.yml index 61f74e78c3..c2b2a72163 100644 --- a/authentik/lib/default.yml +++ b/authentik/lib/default.yml @@ -53,6 +53,7 @@ cache: # result_backend: # url: "" +# transport_options: "" debug: false remote_debug: false diff --git a/authentik/root/settings.py b/authentik/root/settings.py index 00f959a766..b165961dee 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -376,7 +376,13 @@ CELERY = { "task_default_queue": "authentik", "broker_url": CONFIG.get("broker.url") or redis_url(CONFIG.get("redis.db")), "result_backend": CONFIG.get("result_backend.url") or redis_url(CONFIG.get("redis.db")), - "broker_transport_options": CONFIG.get_dict_from_b64_json("broker.transport_options"), + "broker_transport_options": CONFIG.get_dict_from_b64_json( + "broker.transport_options", {"retry_policy": {"timeout": 5.0}} + ), + "result_backend_transport_options": CONFIG.get_dict_from_b64_json( + "result_backend.transport_options", {"retry_policy": {"timeout": 5.0}} + ), + "redis_retry_on_timeout": True, } # Sentry integration diff --git a/authentik/tenants/scheduler.py b/authentik/tenants/scheduler.py index 56fb1d80ab..753831ae0b 100644 --- a/authentik/tenants/scheduler.py +++ b/authentik/tenants/scheduler.py @@ -3,6 +3,7 @@ from tenant_schemas_celery.scheduler import ( TenantAwarePersistentScheduler as BaseTenantAwarePersistentScheduler, ) +from tenant_schemas_celery.scheduler import TenantAwareScheduleEntry class TenantAwarePersistentScheduler(BaseTenantAwarePersistentScheduler): @@ -11,3 +12,11 @@ class TenantAwarePersistentScheduler(BaseTenantAwarePersistentScheduler): @classmethod def get_queryset(cls): return super().get_queryset().filter(ready=True) + + def apply_entry(self, entry: TenantAwareScheduleEntry, producer=None): + # https://github.com/maciej-gol/tenant-schemas-celery/blob/master/tenant_schemas_celery/scheduler.py#L85 + # When (as by default) no tenant schemas are set, the public schema is excluded + # so we need to explicitly include it here, otherwise the task is not executed + if entry.tenant_schemas is None: + entry.tenant_schemas = self.get_queryset().values_list("schema_name", flat=True) + return super().apply_entry(entry, producer)