habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wip: rename to authentik (#361)

Browse Source 
* root: initial rename

* web: rename custom element prefix

* root: rename external functions with pb_ prefix

* root: fix formatting

* root: replace domain with goauthentik.io

* proxy: update path

* root: rename remaining prefixes

* flows: rename file extension

* root: pbadmin -> akadmin

* docs: fix image filenames

* lifecycle: ignore migration files

* ci: copy default config from current source before loading last tagged

* *: new sentry dsn

* tests: fix missing python3.9-dev package

* root: add additional migrations for service accounts created by outposts

* core: mark system-created service accounts with attribute

* policies/expression: fix pb_ replacement not working

* web: fix last linting errors, add lit-analyse

* policies/expressions: fix lint errors

* web: fix sidebar display on screens where not all items fit

* proxy: attempt to fix proxy pipeline

* proxy: use go env GOPATH to get gopath

* lib: fix user_default naming inconsistency

* docs: add upgrade docs

* docs: update screenshots to use authentik

* admin: fix create button on empty-state of outpost

* web: fix modal submit not refreshing SiteShell and Table

* web: fix height of app-card and height of generic icon

* web: fix rendering of subtext

* admin: fix version check error not being caught

* web: fix worker count not being shown

* docs: update screenshots

* root: new icon

* web: fix lint error

* admin: fix linting error

* root: migrate coverage config to pyproject
This commit is contained in:
Jens L
2020-12-05 22:08:42 +01:00
committed by GitHub
parent 810a7ab50b
commit 1cfe1aff13
989 changed files with 6425 additions and 4412 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
helm/templates/NOTES.txt
View File

@ -1,5 +1,5 @@
1. Access passbook using the following URL:
1. Access authentik using the following URL:
{{- range .Values.ingress.hosts }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
{{- end }}
2. Login to passbook using the user "pbadmin" and the password "pbadmin".
2. Login to authentik using the user "akadmin" and the password "akadmin".

6
helm/templates/_helpers.tpl
View File

@ -2,7 +2,7 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "passbook.name" -}}
{{- define "authentik.name" -}}
{{- default .Chart.Name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
@ -11,7 +11,7 @@ Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "passbook.fullname" -}}
{{- define "authentik.fullname" -}}
{{- $name := default .Chart.Name -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
@ -23,6 +23,6 @@ If release name contains chart name it will be used as a full name.
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "passbook.chart" -}}
{{- define "authentik.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

2
helm/templates/configmap.yaml
View File

@ -1,7 +1,7 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "passbook.fullname" . }}-config
name: {{ include "authentik.fullname" . }}-config
data:
POSTGRESQL__HOST: "{{ .Release.Name }}-postgresql"
POSTGRESQL__NAME: "{{ .Values.postgresql.postgresqlDatabase }}"

6
helm/templates/ingress.yaml
View File

@ -1,11 +1,11 @@
{{- $fullName := include "passbook.fullname" . -}}
{{- $fullName := include "authentik.fullname" . -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
helm.sh/chart: {{ include "passbook.chart" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
helm.sh/chart: {{ include "authentik.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.ingress.annotations }}

6
helm/templates/pvc.yaml
View File

@ -1,10 +1,10 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "passbook.fullname" . }}-uploads
name: {{ include "authentik.fullname" . }}-uploads
labels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
helm.sh/chart: {{ include "passbook.chart" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
helm.sh/chart: {{ include "authentik.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:

2
helm/templates/secret.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: {{ include "passbook.fullname" . }}-secret-key
name: {{ include "authentik.fullname" . }}-secret-key
data:
monitoring_username: bW9uaXRvcg== # monitor in base64
{{- if .Values.config.secretKey }}

10
helm/templates/service-account.yaml
View File

@ -2,7 +2,7 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "passbook.fullname" . }}-sa-role
name: {{ include "authentik.fullname" . }}-sa-role
rules:
- apiGroups:
- ""
@ -47,18 +47,18 @@ rules:
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "passbook.fullname" . }}-sa
name: {{ include "authentik.fullname" . }}-sa
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "passbook.fullname" . }}-sa-role-binding
name: {{ include "authentik.fullname" . }}-sa-role-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "passbook.fullname" . }}-sa-role
name: {{ include "authentik.fullname" . }}-sa-role
subjects:
- kind: ServiceAccount
name: {{ include "passbook.fullname" . }}-sa
name: {{ include "authentik.fullname" . }}-sa
namespace: {{ .Release.Namespace }}
{{- end }}

22
helm/templates/static-deployment.yaml
View File

@ -1,25 +1,25 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "passbook.fullname" . }}-static
name: {{ include "authentik.fullname" . }}-static
labels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
helm.sh/chart: {{ include "passbook.chart" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
helm.sh/chart: {{ include "authentik.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
k8s.passbook.beryju.org/component: static
k8s.goauthentik.io/component: static
spec:
selector:
matchLabels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
k8s.passbook.beryju.org/component: static
k8s.goauthentik.io/component: static
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
k8s.passbook.beryju.org/component: static
k8s.goauthentik.io/component: static
spec:
containers:
- name: {{ .Chart.Name }}-static
@ -49,9 +49,9 @@ spec:
cpu: 20m
memory: 20M
volumeMounts:
- name: passbook-uploads
- name: authentik-uploads
mountPath: /usr/share/nginx/html/media
volumes:
- name: passbook-uploads
- name: authentik-uploads
persistentVolumeClaim:
claimName: {{ include "passbook.fullname" . }}-uploads
claimName: {{ include "authentik.fullname" . }}-uploads

12
helm/templates/static-service.yaml
View File

@ -1,13 +1,13 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "passbook.fullname" . }}-static
name: {{ include "authentik.fullname" . }}-static
labels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
helm.sh/chart: {{ include "passbook.chart" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
helm.sh/chart: {{ include "authentik.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
k8s.passbook.beryju.org/component: static
k8s.goauthentik.io/component: static
spec:
type: ClusterIP
ports:
@ -16,6 +16,6 @@ spec:
protocol: TCP
name: http
selector:
app.kubernetes.io/name: {{ include "passbook.name" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
k8s.passbook.beryju.org/component: static
k8s.goauthentik.io/component: static

56
helm/templates/web-deployment.yaml
View File

@ -1,26 +1,26 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "passbook.fullname" . }}-web
name: {{ include "authentik.fullname" . }}-web
labels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
helm.sh/chart: {{ include "passbook.chart" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
helm.sh/chart: {{ include "authentik.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
k8s.passbook.beryju.org/component: web
k8s.goauthentik.io/component: web
spec:
replicas: {{ .Values.serverReplicas }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
k8s.passbook.beryju.org/component: web
k8s.goauthentik.io/component: web
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
k8s.passbook.beryju.org/component: web
k8s.goauthentik.io/component: web
spec:
affinity:
podAntiAffinity:
@ -32,36 +32,36 @@ spec:
- key: app.kubernetes.io/name
operator: In
values:
- {{ include "passbook.name" . }}
- {{ include "authentik.name" . }}
- key: app.kubernetes.io/instance
operator: In
values:
- {{ .Release.Name }}
- key: k8s.passbook.beryju.org/component
- key: k8s.goauthentik.io/component
operator: In
values:
- web
topologyKey: "kubernetes.io/hostname"
initContainers:
- name: passbook-database-migrations
- name: authentik-database-migrations
image: "{{ .Values.image.name }}:{{ .Values.image.tag }}"
args: [migrate]
envFrom:
- configMapRef:
name: {{ include "passbook.fullname" . }}-config
prefix: PASSBOOK_
name: {{ include "authentik.fullname" . }}-config
prefix: AUTHENTIK_
env:
- name: PASSBOOK_SECRET_KEY
- name: AUTHENTIK_SECRET_KEY
valueFrom:
secretKeyRef:
name: {{ include "passbook.fullname" . }}-secret-key
name: {{ include "authentik.fullname" . }}-secret-key
key: secret_key
- name: PASSBOOK_REDIS__PASSWORD
- name: AUTHENTIK_REDIS__PASSWORD
valueFrom:
secretKeyRef:
name: "{{ .Release.Name }}-redis"
key: redis-password
- name: PASSBOOK_POSTGRESQL__PASSWORD
- name: AUTHENTIK_POSTGRESQL__PASSWORD
valueFrom:
secretKeyRef:
name: "{{ .Release.Name }}-postgresql"
@ -72,26 +72,26 @@ spec:
args: [server]
envFrom:
- configMapRef:
name: {{ include "passbook.fullname" . }}-config
prefix: PASSBOOK_
name: {{ include "authentik.fullname" . }}-config
prefix: AUTHENTIK_
env:
- name: PASSBOOK_SECRET_KEY
- name: AUTHENTIK_SECRET_KEY
valueFrom:
secretKeyRef:
name: "{{ include "passbook.fullname" . }}-secret-key"
name: "{{ include "authentik.fullname" . }}-secret-key"
key: "secret_key"
- name: PASSBOOK_REDIS__PASSWORD
- name: AUTHENTIK_REDIS__PASSWORD
valueFrom:
secretKeyRef:
name: "{{ .Release.Name }}-redis"
key: "redis-password"
- name: PASSBOOK_POSTGRESQL__PASSWORD
- name: AUTHENTIK_POSTGRESQL__PASSWORD
valueFrom:
secretKeyRef:
name: "{{ .Release.Name }}-postgresql"
key: "postgresql-password"
volumeMounts:
- name: passbook-uploads
- name: authentik-uploads
mountPath: /media
ports:
- name: http
@ -103,14 +103,14 @@ spec:
port: http
httpHeaders:
- name: Host
value: passbook-healthcheck-host
value: authentik-healthcheck-host
readinessProbe:
httpGet:
path: /
port: http
httpHeaders:
- name: Host
value: passbook-healthcheck-host
value: authentik-healthcheck-host
resources:
requests:
cpu: 100m
@ -119,6 +119,6 @@ spec:
cpu: 300m
memory: 500M
volumes:
- name: passbook-uploads
- name: authentik-uploads
persistentVolumeClaim:
claimName: {{ include "passbook.fullname" . }}-uploads
claimName: {{ include "authentik.fullname" . }}-uploads

12
helm/templates/web-service.yaml
View File

@ -1,13 +1,13 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "passbook.fullname" . }}-web
name: {{ include "authentik.fullname" . }}-web
labels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
helm.sh/chart: {{ include "passbook.chart" . }}
k8s.passbook.beryju.org/component: web
helm.sh/chart: {{ include "authentik.chart" . }}
k8s.goauthentik.io/component: web
spec:
type: ClusterIP
ports:
@ -16,6 +16,6 @@ spec:
protocol: TCP
name: http
selector:
app.kubernetes.io/name: {{ include "passbook.name" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
k8s.passbook.beryju.org/component: web
k8s.goauthentik.io/component: web

34
helm/templates/worker-deployment.yaml
View File

@ -1,29 +1,29 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "passbook.fullname" . }}-worker
name: {{ include "authentik.fullname" . }}-worker
labels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
helm.sh/chart: {{ include "passbook.chart" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
helm.sh/chart: {{ include "authentik.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
k8s.passbook.beryju.org/component: worker
k8s.goauthentik.io/component: worker
spec:
replicas: {{ .Values.workerReplicas }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
k8s.passbook.beryju.org/component: worker
k8s.goauthentik.io/component: worker
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "passbook.name" . }}
app.kubernetes.io/name: {{ include "authentik.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
k8s.passbook.beryju.org/component: worker
k8s.goauthentik.io/component: worker
spec:
{{- if .Values.kubernetesIntegration }}
serviceAccountName: {{ include "passbook.fullname" . }}-sa
serviceAccountName: {{ include "authentik.fullname" . }}-sa
{{- end }}
affinity:
podAntiAffinity:
@ -35,12 +35,12 @@ spec:
- key: app.kubernetes.io/name
operator: In
values:
- {{ include "passbook.name" . }}
- {{ include "authentik.name" . }}
- key: app.kubernetes.io/instance
operator: In
values:
- {{ .Release.Name }}
- key: k8s.passbook.beryju.org/component
- key: k8s.goauthentik.io/component
operator: In
values:
- worker
@ -52,20 +52,20 @@ spec:
args: [worker]
envFrom:
- configMapRef:
name: "{{ include "passbook.fullname" . }}-config"
prefix: "PASSBOOK_"
name: "{{ include "authentik.fullname" . }}-config"
prefix: "AUTHENTIK_"
env:
- name: PASSBOOK_SECRET_KEY
- name: AUTHENTIK_SECRET_KEY
valueFrom:
secretKeyRef:
name: "{{ include "passbook.fullname" . }}-secret-key"
name: "{{ include "authentik.fullname" . }}-secret-key"
key: secret_key
- name: PASSBOOK_REDIS__PASSWORD
- name: AUTHENTIK_REDIS__PASSWORD
valueFrom:
secretKeyRef:
name: "{{ .Release.Name }}-redis"
key: "redis-password"
- name: PASSBOOK_POSTGRESQL__PASSWORD
- name: AUTHENTIK_POSTGRESQL__PASSWORD
valueFrom:
secretKeyRef:
name: "{{ .Release.Name }}-postgresql"