habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add human friendly labels to tasks.

Browse Source
This commit is contained in:
Teffen Ellis
2025-04-16 19:24:51 +02:00
committed by Teffen Ellis
parent c6aa792076
commit 3d06924f42
26 changed files with 97 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/actions/docker-push-variables/action.yml vendored
View File

@ -1,6 +1,5 @@
---
name: "Prepare docker environment variables"
description: "Prepare docker environment variables"
inputs:
image-name:

2
.github/actions/setup/action.yml vendored
View File

@ -1,4 +1,4 @@
name: "Setup authentik testing environment"
name: Setup authentik testing environment
description: "Setup authentik testing environment"
inputs:

6
.github/workflows/_reusable-docker-build-single.yaml vendored
View File

@ -42,7 +42,7 @@ jobs:
- uses: actions/checkout@v4
- uses: docker/setup-qemu-action@v3.6.0
- uses: docker/setup-buildx-action@v3
- name: prepare variables
- name: Prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
env:
@ -64,12 +64,12 @@ jobs:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: make empty clients
- name: Make empty clients
if: ${{ inputs.release }}
run: |
mkdir -p ./gen-ts-api
mkdir -p ./gen-go-api
- name: generate ts client
- name: Generate TypeScript API Client
if: ${{ !inputs.release }}
run: make gen-client-ts
- name: Build Docker Image

4
.github/workflows/_reusable-docker-build.yaml vendored
View File

@ -49,7 +49,7 @@ jobs:
shouldPush: ${{ steps.ev.outputs.shouldPush }}
steps:
- uses: actions/checkout@v4
- name: prepare variables
- name: Prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
env:
@ -69,7 +69,7 @@ jobs:
tag: ${{ fromJson(needs.get-tags.outputs.tags) }}
steps:
- uses: actions/checkout@v4
- name: prepare variables
- name: Prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
env:

4
.github/workflows/api-py-publish.yml vendored
View File

@ -7,6 +7,7 @@ on:
workflow_dispatch:
jobs:
build:
name: Build and Publish
if: ${{ github.repository != 'goauthentik/authentik-internal' }}
runs-on: ubuntu-latest
permissions:
@ -14,6 +15,7 @@ jobs:
steps:
- id: generate_token
uses: tibdex/github-app-token@v2
name: Generate token
with:
app_id: ${{ secrets.GH_APP_ID }}
private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}
@ -30,7 +32,7 @@ jobs:
uses: actions/setup-python@v5
with:
python-version-file: "pyproject.toml"
- name: Generate API Client
- name: Generate Python API Client
run: make gen-client-py
- name: Publish package
working-directory: gen-py-api/

3
.github/workflows/api-ts-publish.yml vendored
View File

@ -7,6 +7,7 @@ on:
workflow_dispatch:
jobs:
build:
name: Build and Publish
if: ${{ github.repository != 'goauthentik/authentik-internal' }}
runs-on: ubuntu-latest
steps:
@ -22,7 +23,7 @@ jobs:
with:
node-version-file: web/package.json
registry-url: "https://registry.npmjs.org"
- name: Generate API Client
- name: Generate TypeScript API Client
run: make gen-client-ts
- name: Publish package
working-directory: gen-ts-api/

2
.github/workflows/ci-aws-cfn.yml vendored
View File

@ -18,6 +18,7 @@ env:
jobs:
check-changes-applied:
name: Check changes applied
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
@ -36,6 +37,7 @@ jobs:
uv run make aws-cfn
git diff --exit-code
ci-aws-cfn-mark:
name: CI AWS CloudFormation Mark
if: always()
needs:
- check-changes-applied

2
.github/workflows/ci-main-daily.yml vendored
View File

@ -9,6 +9,7 @@ on:
jobs:
test-container:
name: Test Container ${{ matrix.version }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
@ -19,6 +20,7 @@ jobs:
- version-2024-12
steps:
- uses: actions/checkout@v4
name: ${{ matrix.version }} Setup
- run: |
current="$(pwd)"
dir="/tmp/authentik/${{ matrix.version }}"

53
.github/workflows/ci-main.yml vendored
View File

@ -19,6 +19,7 @@ env:
jobs:
lint:
name: Lint
strategy:
fail-fast: false
matrix:
@ -33,9 +34,10 @@ jobs:
- uses: actions/checkout@v4
- name: Setup authentik env
uses: ./.github/actions/setup
- name: run job
- name: Run job ${{ matrix.job }}
run: uv run make ci-${{ matrix.job }}
test-migrations:
name: Test Migrations
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
@ -44,6 +46,7 @@ jobs:
- name: run migrations
run: uv run python -m lifecycle.migrate
test-make-seed:
name: Test Make Seed
runs-on: ubuntu-latest
steps:
- id: seed
@ -52,7 +55,7 @@ jobs:
outputs:
seed: ${{ steps.seed.outputs.seed }}
test-migrations-from-stable:
name: test-migrations-from-stable - PostgreSQL ${{ matrix.psql }} - Run ${{ matrix.run_id }}/5
name: Test Migrations From Stable - PostgreSQL ${{ matrix.psql }} - Run ${{ matrix.run_id }}/5
runs-on: ubuntu-latest
timeout-minutes: 20
needs: test-make-seed
@ -67,7 +70,7 @@ jobs:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: checkout stable
- name: Checkout Stable
run: |
# Copy current, latest config to local
# Temporarly comment the .github backup while migrating to uv
@ -84,9 +87,9 @@ jobs:
with:
postgresql_version: ${{ matrix.psql }}
continue-on-error: true
- name: run migrations to stable
- name: Run migrations to stable
run: poetry run python -m lifecycle.migrate
- name: checkout current code
- name: Checkout current code
run: |
set -x
git fetch
@ -97,10 +100,10 @@ jobs:
uses: ./.github/actions/setup
with:
postgresql_version: ${{ matrix.psql }}
- name: migrate to latest
- name: Migrate to latest
run: |
uv run python -m lifecycle.migrate
- name: run tests
- name: Run tests
env:
# Test in the main database that we just migrated from the previous stable version
AUTHENTIK_POSTGRESQL__TEST__NAME: authentik
@ -110,7 +113,7 @@ jobs:
run: |
uv run make ci-test
test-unittest:
name: test-unittest - PostgreSQL ${{ matrix.psql }} - Run ${{ matrix.run_id }}/5
name: Unit tests - PostgreSQL ${{ matrix.psql }} - Run ${{ matrix.run_id }}/5
runs-on: ubuntu-latest
timeout-minutes: 20
needs: test-make-seed
@ -123,7 +126,7 @@ jobs:
run_id: [1, 2, 3, 4, 5]
steps:
- uses: actions/checkout@v4
- name: Setup authentik env
- name: Setup authentik env (${{ matrix.psql }})
uses: ./.github/actions/setup
with:
postgresql_version: ${{ matrix.psql }}
@ -146,6 +149,7 @@ jobs:
file: unittest.xml
token: ${{ secrets.CODECOV_TOKEN }}
test-integration:
name: Integration tests
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
@ -154,7 +158,7 @@ jobs:
uses: ./.github/actions/setup
- name: Create k8s Kind Cluster
uses: helm/kind-action@v1.12.0
- name: run integration
- name: Run integration
run: |
uv run coverage run manage.py test tests/integration
uv run coverage xml
@ -170,34 +174,34 @@ jobs:
file: unittest.xml
token: ${{ secrets.CODECOV_TOKEN }}
test-e2e:
name: test-e2e (${{ matrix.job.name }})
name: Test E2E (${{ matrix.job.name }})
runs-on: ubuntu-latest
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
job:
- name: proxy
- name: Proxy Provider
glob: tests/e2e/test_provider_proxy*
- name: oauth
- name: OAuth2 Provider
glob: tests/e2e/test_provider_oauth2* tests/e2e/test_source_oauth*
- name: oauth-oidc
- name: OIDC Provider
glob: tests/e2e/test_provider_oidc*
- name: saml
- name: SAML Provider
glob: tests/e2e/test_provider_saml* tests/e2e/test_source_saml*
- name: ldap
- name: LDAP Provider
glob: tests/e2e/test_provider_ldap* tests/e2e/test_source_ldap*
- name: radius
- name: RADIUS Provider
glob: tests/e2e/test_provider_radius*
- name: scim
- name: SCIM Source
glob: tests/e2e/test_source_scim*
- name: flows
- name: Flows
glob: tests/e2e/test_flows*
steps:
- uses: actions/checkout@v4
- name: Setup authentik env
uses: ./.github/actions/setup
- name: Setup e2e env (chrome, etc)
- name: Setup E2E env (chrome, etc)
run: |
docker compose -f tests/e2e/docker-compose.yml up -d --quiet-pull
- id: cache-web
@ -205,14 +209,14 @@ jobs:
with:
path: web/dist
key: ${{ runner.os }}-web-${{ hashFiles('web/package-lock.json', 'web/src/**') }}
- name: prepare web ui
- name: Prepare Web UI
if: steps.cache-web.outputs.cache-hit != 'true'
working-directory: web
run: |
npm ci
make -C .. gen-client-ts
npm run build
- name: run e2e
- name: Run E2E tests
run: |
uv run coverage run manage.py test ${{ matrix.job.glob }}
uv run coverage xml
@ -228,6 +232,7 @@ jobs:
file: unittest.xml
token: ${{ secrets.CODECOV_TOKEN }}
ci-core-mark:
name: CI Core Mark
if: always()
needs:
- lint
@ -242,6 +247,7 @@ jobs:
with:
jobs: ${{ toJSON(needs) }}
build:
name: Build
permissions:
# Needed to upload container images to ghcr.io
packages: write
@ -255,6 +261,7 @@ jobs:
image_name: ghcr.io/goauthentik/dev-server
release: false
pr-comment:
name: PR Comment
needs:
- build
runs-on: ubuntu-latest
@ -267,7 +274,7 @@ jobs:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: prepare variables
- name: Prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
env:

16
.github/workflows/ci-outpost.yml vendored
View File

@ -14,6 +14,7 @@ on:
jobs:
lint-golint:
name: Lint Go
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
@ -26,7 +27,7 @@ jobs:
mkdir -p web/dist
mkdir -p website/help
touch web/dist/test website/help/test
- name: Generate API
- name: Generate Go API Client
run: make gen-client-go
- name: golangci-lint
uses: golangci/golangci-lint-action@v7
@ -35,6 +36,7 @@ jobs:
args: --timeout 5000s --verbose
skip-cache: true
test-unittest:
name: Unit Test Go
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
@ -43,12 +45,13 @@ jobs:
go-version-file: "go.mod"
- name: Setup authentik env
uses: ./.github/actions/setup
- name: Generate API
- name: Generate Go API Client
run: make gen-client-go
- name: Go unittests
run: |
go test -timeout 0 -v -race -coverprofile=coverage.out -covermode=atomic -cover ./...
ci-outpost-mark:
name: CI Outpost Mark
if: always()
needs:
- lint-golint
@ -59,6 +62,7 @@ jobs:
with:
jobs: ${{ toJSON(needs) }}
build-container:
name: Build Container
timeout-minutes: 120
needs:
- ci-outpost-mark
@ -85,7 +89,7 @@ jobs:
uses: docker/setup-qemu-action@v3.6.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: prepare variables
- name: Prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
env:
@ -99,7 +103,7 @@ jobs:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate API
- name: Generate Go API Client
run: make gen-client-go
- name: Build Docker Image
id: push
@ -122,6 +126,7 @@ jobs:
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
build-binary:
name: Build Binary
timeout-minutes: 120
needs:
- ci-outpost-mark
@ -140,7 +145,6 @@ jobs:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- uses: actions/setup-go@v5
with:
go-version-file: "go.mod"
- uses: actions/setup-node@v4
@ -148,7 +152,7 @@ jobs:
node-version-file: web/package.json
cache: "npm"
cache-dependency-path: web/package-lock.json
- name: Generate API
- name: Generate Go API Client
run: make gen-client-go
- name: Build web
working-directory: web/

5
.github/workflows/ci-web.yml vendored
View File

@ -13,6 +13,7 @@ on:
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
strategy:
fail-fast: false
@ -39,12 +40,13 @@ jobs:
- working-directory: ${{ matrix.project }}/
run: |
npm ci
- name: Generate API
- name: Generate TypeScript API
run: make gen-client-ts
- name: Lint
working-directory: ${{ matrix.project }}/
run: npm run ${{ matrix.command }}
build:
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
@ -61,6 +63,7 @@ jobs:
working-directory: web/
run: npm run build
ci-web-mark:
name: CI Web Mark
if: always()
needs:
- build

19
.github/workflows/ci-website.yml vendored
View File

@ -13,6 +13,7 @@ on:
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
strategy:
fail-fast: false
@ -24,10 +25,11 @@ jobs:
- uses: actions/checkout@v4
- working-directory: website/
run: npm ci
- name: Lint
- name: Lint ${{ matrix.command }}
working-directory: website/
run: npm run ${{ matrix.command }}
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
@ -37,18 +39,14 @@ jobs:
cache: "npm"
cache-dependency-path: website/package-lock.json
- working-directory: website/
name: Install dependencies
run: npm ci
- name: test
- name: Documentation test
working-directory: website/
run: npm test
build:
name: Build Docs
runs-on: ubuntu-latest
name: ${{ matrix.job }}
strategy:
fail-fast: false
matrix:
job:
- build
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
@ -58,10 +56,11 @@ jobs:
cache-dependency-path: website/package-lock.json
- working-directory: website/
run: npm ci
- name: build
- name: Build Docusaurus
working-directory: website/
run: npm run ${{ matrix.job }}
run: npm run build
ci-website-mark:
name: Mark CI Website
if: always()
needs:
- lint

2
.github/workflows/codeql-analysis.yml vendored
View File

@ -1,4 +1,4 @@
name: "CodeQL"
name: CodeQL
on:
push:

1
.github/workflows/gen-update-webauthn-mds.yml vendored
View File

@ -11,6 +11,7 @@ env:
jobs:
build:
name: Update WebAuthn MDS
if: ${{ github.repository != 'goauthentik/authentik-internal' }}
runs-on: ubuntu-latest
steps:

1
.github/workflows/gha-cache-cleanup.yml vendored
View File

@ -12,6 +12,7 @@ permissions:
jobs:
cleanup:
name: Cleanup Cache
runs-on: ubuntu-latest
steps:
- name: Check out code

2
.github/workflows/image-compress.yml vendored
View File

@ -20,7 +20,7 @@ on:
jobs:
compress:
name: compress
name: Compress Docker images
runs-on: ubuntu-latest
# Don't run on forks. Token will not be available. Will run on main and open a PR anyway
if: |

5
.github/workflows/packages-npm-publish.yml vendored
View File

@ -25,16 +25,17 @@ jobs:
with:
fetch-depth: 2
- uses: actions/setup-node@v4
name: Setup Node.js
with:
node-version-file: packages/${{ matrix.package }}/package.json
registry-url: "https://registry.npmjs.org"
- name: Get changed files
- name: Changed files (${{ matrix.package }})
id: changed-files
uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c
with:
files: |
packages/${{ matrix.package }}/package.json
- name: Publish package
- name: Publish package (${{ matrix.package }})
if: steps.changed-files.outputs.any_changed == 'true'
working-directory: packages/${{ matrix.package}}
run: |

5
.github/workflows/publish-source-docs.yml vendored
View File

@ -12,6 +12,7 @@ env:
jobs:
publish-source-docs:
name: Publish
if: ${{ github.repository != 'goauthentik/authentik-internal' }}
runs-on: ubuntu-latest
timeout-minutes: 120
@ -19,11 +20,11 @@ jobs:
- uses: actions/checkout@v4
- name: Setup authentik env
uses: ./.github/actions/setup
- name: generate docs
- name: Generate docs
run: |
uv run make migrate
uv run ak build_source_docs
- name: Publish
- name: Deploy to Netlify
uses: netlify/actions/cli@master
with:
args: deploy --dir=source_docs --prod

1
.github/workflows/release-next-branch.yml vendored
View File

@ -11,6 +11,7 @@ permissions:
jobs:
update-next:
name: Update Next Branch
if: ${{ github.repository != 'goauthentik/authentik-internal' }}
runs-on: ubuntu-latest
environment: internal-production

12
.github/workflows/release-publish.yml vendored
View File

@ -7,6 +7,7 @@ on:
jobs:
build-server:
name: Build server
uses: ./.github/workflows/_reusable-docker-build.yaml
secrets: inherit
permissions:
@ -21,6 +22,7 @@ jobs:
registry_dockerhub: true
registry_ghcr: true
build-outpost:
name: Build outpost
runs-on: ubuntu-latest
permissions:
# Needed to upload container images to ghcr.io
@ -45,14 +47,14 @@ jobs:
uses: docker/setup-qemu-action@v3.6.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: prepare variables
- name: Prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
with:
image-name: ghcr.io/goauthentik/${{ matrix.type }},beryju/authentik-${{ matrix.type }}
- name: make empty clients
- name: Make empty clients
run: |
mkdir -p ./gen-ts-api
mkdir -p ./gen-go-api
@ -85,6 +87,7 @@ jobs:
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
build-outpost-binary:
name: Build outpost binary
timeout-minutes: 120
runs-on: ubuntu-latest
permissions:
@ -129,6 +132,7 @@ jobs:
asset_name: authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}
tag: ${{ github.ref }}
upload-aws-cfn-template:
name: Upload AWS CloudFormation template
permissions:
# Needed for AWS login
id-token: write
@ -150,6 +154,7 @@ jobs:
aws s3 cp --acl=public-read lifecycle/aws/template.yaml s3://authentik-cloudformation-templates/authentik.ecs.${{ github.ref }}.yaml
aws s3 cp --acl=public-read lifecycle/aws/template.yaml s3://authentik-cloudformation-templates/authentik.ecs.latest.yaml
test-release:
name: Test release
needs:
- build-server
- build-outpost
@ -166,6 +171,7 @@ jobs:
docker compose start postgresql redis
docker compose run -u root server test-all
sentry-release:
name: Sentry release
needs:
- build-server
- build-outpost
@ -173,7 +179,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: prepare variables
- name: Prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
env:

2
.github/workflows/release-tag.yml vendored
View File

@ -20,7 +20,7 @@ jobs:
with:
app_id: ${{ secrets.GH_APP_ID }}
private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}
- name: prepare variables
- name: Prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
env:

1
.github/workflows/repo-mirror.yml vendored
View File

@ -4,6 +4,7 @@ on: [push, delete]
jobs:
to_internal:
name: Mirror to internal repository
if: ${{ github.repository != 'goauthentik/authentik-internal' }}
runs-on: ubuntu-latest
steps:

1
.github/workflows/repo-stale.yml vendored
View File

@ -11,6 +11,7 @@ permissions:
jobs:
stale:
name: Stale Issues
if: ${{ github.repository != 'goauthentik/authentik-internal' }}
runs-on: ubuntu-latest
steps:

1
.github/workflows/translation-advice.yml vendored
View File

@ -16,6 +16,7 @@ permissions:
jobs:
post-comment:
name: Post Comment
runs-on: ubuntu-latest
steps:
- name: Find Comment

7
.github/workflows/translation-extract-compile.yml vendored
View File

@ -16,6 +16,7 @@ env:
jobs:
compile:
name: Compile Translations
runs-on: ubuntu-latest
steps:
- id: generate_token
@ -32,12 +33,12 @@ jobs:
if: ${{ github.event_name == 'pull_request' }}
- name: Setup authentik env
uses: ./.github/actions/setup
- name: Generate API
- name: Generate TypeScript API
run: make gen-client-ts
- name: run extract
- name: Extract Translations
run: |
uv run make i18n-extract
- name: run compile
- name: Compile Messages
run: |
uv run ak compilemessages
make web-check-compile

1
.github/workflows/translation-rename.yml vendored
View File

@ -12,6 +12,7 @@ permissions:
jobs:
rename_pr:
name: Rename PR
runs-on: ubuntu-latest
if: ${{ github.event.pull_request.user.login == 'transifex-integration[bot]'}}
steps: