From d99a41550271b3221789048e56611f3cc824fdff Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Wed, 24 Feb 2021 09:21:16 +0100 Subject: [PATCH 01/11] web: fix library not being full height, again --- web/src/pages/LibraryPage.ts | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/web/src/pages/LibraryPage.ts b/web/src/pages/LibraryPage.ts index 19e3f17d8f..7928272c91 100644 --- a/web/src/pages/LibraryPage.ts +++ b/web/src/pages/LibraryPage.ts @@ -55,7 +55,12 @@ export class LibraryPage extends LitElement { apps?: AKResponse; static get styles(): CSSResult[] { - return COMMON_STYLES; + return COMMON_STYLES.concat(css` + :host, + main { + height: 100%; + } + `); } firstUpdated(): void { From bba43c510912a00f2e79747d939aefd5a5bf58df Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Wed, 24 Feb 2021 09:23:19 +0100 Subject: [PATCH 02/11] sources/oauth: fix buttons not being ak-root-link --- authentik/sources/oauth/templates/oauth_client/user.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/authentik/sources/oauth/templates/oauth_client/user.html b/authentik/sources/oauth/templates/oauth_client/user.html index 0576f0971e..ff69eaa916 100644 --- a/authentik/sources/oauth/templates/oauth_client/user.html +++ b/authentik/sources/oauth/templates/oauth_client/user.html @@ -9,13 +9,13 @@
{% if connections.exists %}

{% trans 'Connected.' %}

- {% trans 'Disconnect' %} {% else %}

Not connected.

- {% trans 'Connect' %} From ce0140ef679f55aee357198050a4e6cc2bd20b16 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 11 Feb 2021 19:56:39 +0100 Subject: [PATCH 03/11] events: pass Event's user to Notification policy engine when present --- authentik/events/tasks.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/authentik/events/tasks.py b/authentik/events/tasks.py index 68b46f92b5..6027ecb974 100644 --- a/authentik/events/tasks.py +++ b/authentik/events/tasks.py @@ -2,6 +2,7 @@ from guardian.shortcuts import get_anonymous_user from structlog import get_logger +from authentik.core.models import User from authentik.events.models import ( Event, Notification, @@ -53,7 +54,8 @@ def event_trigger_handler(event_uuid: str, trigger_name: str): return LOGGER.debug("e(trigger): checking if trigger applies", trigger=trigger) - policy_engine = PolicyEngine(trigger, get_anonymous_user()) + user = User.objects.filter(pk=event.user.get("pk")) or get_anonymous_user() + policy_engine = PolicyEngine(trigger, user) policy_engine.mode = PolicyEngineMode.MODE_OR policy_engine.empty_result = False policy_engine.use_cache = False From 86c069fe64647fcce56f15fc1fd5910bd9e01879 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 11 Feb 2021 20:17:45 +0100 Subject: [PATCH 04/11] admin: fix policy list not having a refresh button --- authentik/admin/templates/administration/policy/list.html | 3 +++ 1 file changed, 3 insertions(+) diff --git a/authentik/admin/templates/administration/policy/list.html b/authentik/admin/templates/administration/policy/list.html index 5397403c02..3b4d35a9a7 100644 --- a/authentik/admin/templates/administration/policy/list.html +++ b/authentik/admin/templates/administration/policy/list.html @@ -41,6 +41,9 @@ {% endfor %} +
{% include 'partials/pagination.html' %} From c1caf84d926535d06283f86cf4990d78c99729e0 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 11 Feb 2021 23:36:22 +0100 Subject: [PATCH 05/11] events: fix user QuerySet being passed --- authentik/events/tasks.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/authentik/events/tasks.py b/authentik/events/tasks.py index 6027ecb974..8f6309da7f 100644 --- a/authentik/events/tasks.py +++ b/authentik/events/tasks.py @@ -54,7 +54,7 @@ def event_trigger_handler(event_uuid: str, trigger_name: str): return LOGGER.debug("e(trigger): checking if trigger applies", trigger=trigger) - user = User.objects.filter(pk=event.user.get("pk")) or get_anonymous_user() + user = User.objects.filter(pk=event.user.get("pk")).first() or get_anonymous_user() policy_engine = PolicyEngine(trigger, user) policy_engine.mode = PolicyEngineMode.MODE_OR policy_engine.empty_result = False From 1abcff39c7a6f837beb1a8ca00a16f8948d998f5 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 11 Feb 2021 23:48:54 +0100 Subject: [PATCH 06/11] outpost: improve logging output, ensure fields match api server --- outpost/pkg/ak/api.go | 6 ++++-- outpost/pkg/ak/api_ws.go | 4 ++-- outpost/pkg/ak/global.go | 7 ++++++- outpost/pkg/proxy/api.go | 2 +- outpost/pkg/proxy/api_bundle.go | 2 +- outpost/pkg/proxy/middleware.go | 26 ++++++++++++-------------- outpost/pkg/proxy/proxy.go | 6 ++++-- outpost/pkg/proxy/server.go | 14 +++++++++----- 8 files changed, 39 insertions(+), 28 deletions(-) diff --git a/outpost/pkg/ak/api.go b/outpost/pkg/ak/api.go index 22703c76e5..2cb94517a9 100644 --- a/outpost/pkg/ak/api.go +++ b/outpost/pkg/ak/api.go @@ -49,12 +49,14 @@ func NewAPIController(pbURL url.URL, token string) *APIController { // create the API client, with the transport apiClient := client.New(transport, strfmt.Default) + log := log.WithField("logger", "authentik.outpost.ak-api-controller") + // Because we don't know the outpost UUID, we simply do a list and pick the first // The service account this token belongs to should only have access to a single outpost outposts, err := apiClient.Outposts.OutpostsOutpostsList(outposts.NewOutpostsOutpostsListParams(), auth) if err != nil { - panic(err) + log.WithError(err).Panic("Failed to fetch configuration") } outpost := outposts.Payload.Results[0] doGlobalSetup(outpost.Config.(map[string]interface{})) @@ -64,7 +66,7 @@ func NewAPIController(pbURL url.URL, token string) *APIController { Auth: auth, token: token, - logger: log.WithField("component", "ak-api-controller"), + logger: log, reloadOffset: time.Duration(rand.Intn(10)) * time.Second, diff --git a/outpost/pkg/ak/api_ws.go b/outpost/pkg/ak/api_ws.go index 93eace7f37..c2fe4dc318 100644 --- a/outpost/pkg/ak/api_ws.go +++ b/outpost/pkg/ak/api_ws.go @@ -40,7 +40,7 @@ func (ac *APIController) initWS(pbURL url.URL, outpostUUID strfmt.UUID) { } ws.Dial(fmt.Sprintf(pathTemplate, scheme, pbURL.Host, outpostUUID.String()), header) - ac.logger.WithField("component", "ak-ws").WithField("outpost", outpostUUID.String()).Debug("connecting to authentik") + ac.logger.WithField("logger", "authentik.outpost.ak-ws").WithField("outpost", outpostUUID.String()).Debug("connecting to authentik") ac.wsConn = ws // Send hello message with our version @@ -52,7 +52,7 @@ func (ac *APIController) initWS(pbURL url.URL, outpostUUID strfmt.UUID) { } err := ws.WriteJSON(msg) if err != nil { - ac.logger.WithField("component", "ak-ws").WithError(err).Warning("Failed to hello to authentik") + ac.logger.WithField("logger", "authentik.outpost.ak-ws").WithError(err).Warning("Failed to hello to authentik") } } diff --git a/outpost/pkg/ak/global.go b/outpost/pkg/ak/global.go index d3d509cfd6..f6678f6b9c 100644 --- a/outpost/pkg/ak/global.go +++ b/outpost/pkg/ak/global.go @@ -13,7 +13,12 @@ import ( ) func doGlobalSetup(config map[string]interface{}) { - log.SetFormatter(&log.JSONFormatter{}) + log.SetFormatter(&log.JSONFormatter{ + FieldMap: log.FieldMap{ + log.FieldKeyMsg: "event", + log.FieldKeyTime: "timestamp", + }, + }) switch config[ConfigLogLevel].(string) { case "debug": log.SetLevel(log.DebugLevel) diff --git a/outpost/pkg/proxy/api.go b/outpost/pkg/proxy/api.go index ee44f4a73b..87d982a782 100644 --- a/outpost/pkg/proxy/api.go +++ b/outpost/pkg/proxy/api.go @@ -31,7 +31,7 @@ func (s *Server) bundleProviders(providers []*models.ProxyOutpostConfig) []*prov bundles[idx] = &providerBundle{ s: s, Host: externalHost.Host, - log: log.WithField("component", "proxy-bundle").WithField("provider", provider.Name), + log: log.WithField("logger", "authentik.outpost.proxy-bundle").WithField("provider", provider.Name), } bundles[idx].Build(provider) } diff --git a/outpost/pkg/proxy/api_bundle.go b/outpost/pkg/proxy/api_bundle.go index 10f61d9b16..55a94794e4 100644 --- a/outpost/pkg/proxy/api_bundle.go +++ b/outpost/pkg/proxy/api_bundle.go @@ -129,7 +129,7 @@ func (pb *providerBundle) Build(provider *models.ProxyOutpostConfig) { log.Printf("%s", err) os.Exit(1) } - oauthproxy, err := NewOAuthProxy(opts) + oauthproxy, err := NewOAuthProxy(opts, provider) if err != nil { log.Errorf("ERROR: Failed to initialise OAuth2 Proxy: %v", err) os.Exit(1) diff --git a/outpost/pkg/proxy/middleware.go b/outpost/pkg/proxy/middleware.go index ae95ed3460..3e9e924fce 100644 --- a/outpost/pkg/proxy/middleware.go +++ b/outpost/pkg/proxy/middleware.go @@ -95,7 +95,7 @@ type loggingHandler struct { func LoggingHandler(h http.Handler) http.Handler { return loggingHandler{ handler: h, - logger: log.WithField("component", "proxy-http-server"), + logger: log.WithField("logger", "authentik.outpost.proxy-http-server"), } } @@ -104,19 +104,17 @@ func (h loggingHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) { url := *req.URL responseLogger := &responseLogger{w: w} h.handler.ServeHTTP(responseLogger, req) - duration := float64(time.Since(t)) / float64(time.Second) + duration := float64(time.Since(t)) / float64(time.Millisecond) h.logger.WithFields(log.Fields{ - "Client": req.RemoteAddr, - "Host": req.Host, - "Protocol": req.Proto, - "RequestDuration": fmt.Sprintf("%0.3f", duration), - "RequestMethod": req.Method, - "ResponseSize": responseLogger.Size(), - "StatusCode": responseLogger.Status(), - "Timestamp": t, - "Upstream": responseLogger.upstream, - "UserAgent": req.UserAgent(), - "Username": responseLogger.authInfo, + "host": req.RemoteAddr, + "vhost": req.Host, + "request_protocol": req.Proto, + "runtime": fmt.Sprintf("%0.3f", duration), + "method": req.Method, + "size": responseLogger.Size(), + "status": responseLogger.Status(), + "upstream": responseLogger.upstream, + "request_useragent": req.UserAgent(), + "request_username": responseLogger.authInfo, }).Info(url.RequestURI()) - // logger.PrintReq(responseLogger.authInfo, responseLogger.upstream, req, url, t, , ) } diff --git a/outpost/pkg/proxy/proxy.go b/outpost/pkg/proxy/proxy.go index 366c0a75ec..44643c959a 100644 --- a/outpost/pkg/proxy/proxy.go +++ b/outpost/pkg/proxy/proxy.go @@ -21,6 +21,7 @@ import ( "github.com/oauth2-proxy/oauth2-proxy/pkg/sessions" "github.com/oauth2-proxy/oauth2-proxy/pkg/upstream" "github.com/oauth2-proxy/oauth2-proxy/providers" + "goauthentik.io/outpost/pkg/models" log "github.com/sirupsen/logrus" ) @@ -92,8 +93,8 @@ type OAuthProxy struct { } // NewOAuthProxy creates a new instance of OAuthProxy from the options provided -func NewOAuthProxy(opts *options.Options) (*OAuthProxy, error) { - logger := log.WithField("component", "proxy").WithField("client-id", opts.ClientID) +func NewOAuthProxy(opts *options.Options, provider *models.ProxyOutpostConfig) (*OAuthProxy, error) { + logger := log.WithField("logger", "authentik.outpost.proxy").WithField("provider", provider.Name) sessionStore, err := sessions.NewSessionStore(&opts.Session, &opts.Cookie) if err != nil { return nil, fmt.Errorf("error initialising session store: %v", err) @@ -434,6 +435,7 @@ func (p *OAuthProxy) addHeadersForProxying(rw http.ResponseWriter, req *http.Req authVal := b64.StdEncoding.EncodeToString([]byte(username + ":" + password)) req.Header["Authorization"] = []string{fmt.Sprintf("Basic %s", authVal)} } + rw.Header().Set("GAP-Auth", session.PreferredUsername) // Check if user has additional headers set that we should sent if additionalHeaders, ok := userAttributes["additionalHeaders"].(map[string]string); ok { if additionalHeaders == nil { diff --git a/outpost/pkg/proxy/server.go b/outpost/pkg/proxy/server.go index 23db5fc8e0..e01dbee959 100644 --- a/outpost/pkg/proxy/server.go +++ b/outpost/pkg/proxy/server.go @@ -6,6 +6,7 @@ import ( "errors" "net" "net/http" + "strings" "time" log "github.com/sirupsen/logrus" @@ -30,7 +31,7 @@ func NewServer(ac *ak.APIController) *Server { } return &Server{ Handlers: make(map[string]*providerBundle), - logger: log.WithField("component", "proxy-http-server"), + logger: log.WithField("logger", "authentik.outpost.proxy-http-server"), defaultCert: defaultCert, ak: ac, } @@ -50,12 +51,15 @@ func (s *Server) handler(w http.ResponseWriter, r *http.Request) { return } } - s.logger.WithField("host", r.Host).Debug("Host header does not match any we know of") - s.logger.Printf("%v+\n", s.Handlers) - w.WriteHeader(400) + // Get a list of all host keys we know + hostKeys := make([]string, 0, len(s.Handlers)) + for k := range s.Handlers { + hostKeys = append(hostKeys, k) + } + s.logger.WithField("host", r.Host).WithField("known-hosts", strings.Join(hostKeys, ", ")).Debug("Host header does not match any we know of") + w.WriteHeader(404) return } - s.logger.WithField("host", r.Host).Debug("passing request from host head") handler.ServeHTTP(w, r) } From f33369bf0caf589d2ccadc436efc708bb9bb2620 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Fri, 12 Feb 2021 11:53:49 +0100 Subject: [PATCH 07/11] helm: add initial wait for healthcheck --- helm/templates/web-deployment.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/helm/templates/web-deployment.yaml b/helm/templates/web-deployment.yaml index c305622877..2397a5b364 100644 --- a/helm/templates/web-deployment.yaml +++ b/helm/templates/web-deployment.yaml @@ -99,10 +99,12 @@ spec: httpGet: path: /-/health/live/ port: http + initialDelaySeconds: 15 readinessProbe: httpGet: path: /-/health/ready/ port: http + initialDelaySeconds: 15 resources: requests: cpu: 100m From a07d7456c8294b9d3690fad0e91d30fb5ede0318 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Fri, 12 Feb 2021 11:56:14 +0100 Subject: [PATCH 08/11] web: fix outpost edit/delete buttons --- web/src/pages/outposts/OutpostListPage.ts | 4 ++-- website/docs/releases/next.md | 14 ++++++++++++++ 2 files changed, 16 insertions(+), 2 deletions(-) create mode 100644 website/docs/releases/next.md diff --git a/web/src/pages/outposts/OutpostListPage.ts b/web/src/pages/outposts/OutpostListPage.ts index d155c65967..8246f88206 100644 --- a/web/src/pages/outposts/OutpostListPage.ts +++ b/web/src/pages/outposts/OutpostListPage.ts @@ -52,13 +52,13 @@ export class OutpostListPage extends TablePage { })}`, html``, html` - + ${gettext("Edit")}
  - + ${gettext("Delete")} diff --git a/website/docs/releases/next.md b/website/docs/releases/next.md new file mode 100644 index 0000000000..b9561d4c8e --- /dev/null +++ b/website/docs/releases/next.md @@ -0,0 +1,14 @@ +--- +title: Next release +--- + +## Headline Changes + +- Simplify role-based access + + Instead of having to create a Group Membership policy for every group you want to use, you can now select a Group and even a User directly in a binding. + + When a group is selected, the binding behaves the same as if a Group Membership policy exists. + + When a user is selected, the binding checks the user of the request, and denies the request when the user doesn't match. + From 7b60bca2979045358aa339692fa91799245da45e Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 13 Feb 2021 18:11:29 +0100 Subject: [PATCH 09/11] web: fix SiteShell breaking links when handlers are updated twice --- web/src/pages/generic/SiteShell.ts | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/web/src/pages/generic/SiteShell.ts b/web/src/pages/generic/SiteShell.ts index d5ca0100e0..687fc8d78d 100644 --- a/web/src/pages/generic/SiteShell.ts +++ b/web/src/pages/generic/SiteShell.ts @@ -89,10 +89,14 @@ export class SiteShell extends LitElement { if (a.href === "") { return; } + if (a.href.startsWith("#")) { + return; + } try { const url = new URL(a.href); const qs = url.search || ""; - a.href = `#${url.pathname}${qs}`; + const hash = (url.hash || "#").substring(2, Infinity); + a.href = `#${url.pathname}${qs}${hash}`; } catch (e) { console.debug(`authentik/site-shell: error ${e}`); a.href = `#${a.href}`; From 5aabaebd96bcc403ea4a01e05c0d19e55ddf6164 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Tue, 16 Feb 2021 19:14:08 +0100 Subject: [PATCH 10/11] root: fix request_id not being logged for actual asgi requests --- authentik/core/middleware.py | 3 ++- authentik/root/asgi.py | 18 ++++++++++++++---- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/authentik/core/middleware.py b/authentik/core/middleware.py index 9b43485e90..1f09555b78 100644 --- a/authentik/core/middleware.py +++ b/authentik/core/middleware.py @@ -9,6 +9,7 @@ from django.http import HttpRequest, HttpResponse SESSION_IMPERSONATE_USER = "authentik_impersonate_user" SESSION_IMPERSONATE_ORIGINAL_USER = "authentik_impersonate_original_user" LOCAL = local() +RESPONSE_HEADER_ID = "X-authentik-id" class ImpersonateMiddleware: @@ -43,7 +44,7 @@ class RequestIDMiddleware: setattr(request, "request_id", request_id) LOCAL.authentik = {"request_id": request_id} response = self.get_response(request) - response["X-authentik-id"] = request.request_id + response[RESPONSE_HEADER_ID] = request.request_id del LOCAL.authentik["request_id"] return response diff --git a/authentik/root/asgi.py b/authentik/root/asgi.py index a7aaa605b2..f8bd1fadf4 100644 --- a/authentik/root/asgi.py +++ b/authentik/root/asgi.py @@ -18,6 +18,8 @@ from django.core.asgi import get_asgi_application from sentry_sdk.integrations.asgi import SentryAsgiMiddleware from structlog.stdlib import get_logger +from authentik.core.middleware import RESPONSE_HEADER_ID + # DJANGO_SETTINGS_MODULE is set in gunicorn.conf.py defuse_stdlib() @@ -67,6 +69,7 @@ class ASGILogger: status_code: int start: float content_length: int + request_id: str def __init__(self, app: ASGIApp): self.app = app @@ -75,23 +78,29 @@ class ASGILogger: self.scope = scope self.content_length = 0 self.headers = dict(scope.get("headers", [])) + self.request_id = "" async def send_hooked(message: Message) -> None: """Hooked send method, which records status code and content-length, and for the final requests logs it""" headers = dict(message.get("headers", [])) - if "status" in message: self.status_code = message["status"] if b"Content-Length" in headers: self.content_length += int(headers.get(b"Content-Length", b"0")) + if message["type"] == "http.response.start": + response_headers = dict(message["headers"]) + self.request_id = response_headers.get( + RESPONSE_HEADER_ID.encode(), b"" + ).decode() + if message["type"] == "http.response.body" and not message.get( - "more_body", None + "more_body", True ): runtime = int((time() - self.start) * 1000) - self.log(runtime) + self.log(runtime, request_id=self.request_id) await send(message) self.start = time() @@ -111,7 +120,7 @@ class ASGILogger: # Check if header has multiple values, and use the first one return client_ip.split(", ")[0] - def log(self, runtime: float): + def log(self, runtime: float, **kwargs): """Outpot access logs in a structured format""" host = self._get_ip() query_string = "" @@ -125,6 +134,7 @@ class ASGILogger: status=self.status_code, size=self.content_length / 1000 if self.content_length > 0 else 0, runtime=runtime, + **kwargs, ) From e81d3dad3e3f3eb003d014103a16dc9114abab73 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Wed, 24 Feb 2021 09:54:06 +0100 Subject: [PATCH 11/11] release: 2021.2.5-stable --- .bumpversion.cfg | 2 +- .github/workflows/release.yml | 14 +++++++------- authentik/__init__.py | 2 +- docker-compose.yml | 6 +++--- helm/Chart.yaml | 2 +- helm/README.md | 2 +- helm/values.yaml | 2 +- outpost/pkg/version.go | 2 +- web/src/constants.ts | 2 +- website/docs/installation/docker-compose.md | 2 +- website/docs/installation/kubernetes.md | 2 +- 11 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.bumpversion.cfg b/.bumpversion.cfg index fbde65ca71..e7986c0b41 100644 --- a/.bumpversion.cfg +++ b/.bumpversion.cfg @@ -1,5 +1,5 @@ [bumpversion] -current_version = 2021.2.4-stable +current_version = 2021.2.5-stable tag = True commit = True parse = (?P\d+)\.(?P\d+)\.(?P\d+)\-(?P.*) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5cbcca3a45..1a6bda5f26 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,11 +18,11 @@ jobs: - name: Building Docker Image run: docker build --no-cache - -t beryju/authentik:2021.2.4-stable + -t beryju/authentik:2021.2.5-stable -t beryju/authentik:latest -f Dockerfile . - name: Push Docker Container to Registry (versioned) - run: docker push beryju/authentik:2021.2.4-stable + run: docker push beryju/authentik:2021.2.5-stable - name: Push Docker Container to Registry (latest) run: docker push beryju/authentik:latest build-proxy: @@ -48,11 +48,11 @@ jobs: cd outpost/ docker build \ --no-cache \ - -t beryju/authentik-proxy:2021.2.4-stable \ + -t beryju/authentik-proxy:2021.2.5-stable \ -t beryju/authentik-proxy:latest \ -f proxy.Dockerfile . - name: Push Docker Container to Registry (versioned) - run: docker push beryju/authentik-proxy:2021.2.4-stable + run: docker push beryju/authentik-proxy:2021.2.5-stable - name: Push Docker Container to Registry (latest) run: docker push beryju/authentik-proxy:latest build-static: @@ -69,11 +69,11 @@ jobs: cd web/ docker build \ --no-cache \ - -t beryju/authentik-static:2021.2.4-stable \ + -t beryju/authentik-static:2021.2.5-stable \ -t beryju/authentik-static:latest \ -f Dockerfile . - name: Push Docker Container to Registry (versioned) - run: docker push beryju/authentik-static:2021.2.4-stable + run: docker push beryju/authentik-static:2021.2.5-stable - name: Push Docker Container to Registry (latest) run: docker push beryju/authentik-static:latest test-release: @@ -107,5 +107,5 @@ jobs: SENTRY_PROJECT: authentik SENTRY_URL: https://sentry.beryju.org with: - tagName: 2021.2.4-stable + tagName: 2021.2.5-stable environment: beryjuorg-prod diff --git a/authentik/__init__.py b/authentik/__init__.py index f01befede8..404535b55d 100644 --- a/authentik/__init__.py +++ b/authentik/__init__.py @@ -1,2 +1,2 @@ """authentik""" -__version__ = "2021.2.4-stable" +__version__ = "2021.2.5-stable" diff --git a/docker-compose.yml b/docker-compose.yml index eaf5d808fb..d2cac481aa 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -19,7 +19,7 @@ services: networks: - internal server: - image: beryju/authentik:${AUTHENTIK_TAG:-2021.2.4-stable} + image: beryju/authentik:${AUTHENTIK_TAG:-2021.2.5-stable} command: server environment: AUTHENTIK_REDIS__HOST: redis @@ -45,7 +45,7 @@ services: env_file: - .env worker: - image: beryju/authentik:${AUTHENTIK_TAG:-2021.2.4-stable} + image: beryju/authentik:${AUTHENTIK_TAG:-2021.2.5-stable} command: worker networks: - internal @@ -62,7 +62,7 @@ services: env_file: - .env static: - image: beryju/authentik-static:${AUTHENTIK_TAG:-2021.2.4-stable} + image: beryju/authentik-static:${AUTHENTIK_TAG:-2021.2.5-stable} networks: - internal labels: diff --git a/helm/Chart.yaml b/helm/Chart.yaml index d1d5e44c1e..5ce17b47bb 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -4,7 +4,7 @@ name: authentik home: https://goauthentik.io sources: - https://github.com/BeryJu/authentik -version: "2021.2.4-stable" +version: "2021.2.5-stable" icon: https://raw.githubusercontent.com/BeryJu/authentik/master/web/icons/icon.svg dependencies: - name: postgresql diff --git a/helm/README.md b/helm/README.md index 91190b451c..a4e84634a5 100644 --- a/helm/README.md +++ b/helm/README.md @@ -4,7 +4,7 @@ |-----------------------------------|-------------------------|-------------| | image.name | beryju/authentik | Image used to run the authentik server and worker | | image.name_static | beryju/authentik-static | Image used to run the authentik static server (CSS and JS Files) | -| image.tag | 2021.2.4-stable | Image tag | +| image.tag | 2021.2.5-stable | Image tag | | image.pullPolicy | IfNotPresent | Image Pull Policy used for all deployments | | serverReplicas | 1 | Replicas for the Server deployment | | workerReplicas | 1 | Replicas for the Worker deployment | diff --git a/helm/values.yaml b/helm/values.yaml index fdec339281..6702fa10a9 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -5,7 +5,7 @@ image: name: beryju/authentik name_static: beryju/authentik-static name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended - tag: 2021.2.4-stable + tag: 2021.2.5-stable pullPolicy: IfNotPresent serverReplicas: 1 diff --git a/outpost/pkg/version.go b/outpost/pkg/version.go index d80ad67be7..965cd86466 100644 --- a/outpost/pkg/version.go +++ b/outpost/pkg/version.go @@ -1,3 +1,3 @@ package pkg -const VERSION = "2021.2.4-stable" +const VERSION = "2021.2.5-stable" diff --git a/web/src/constants.ts b/web/src/constants.ts index 4793524744..73871e963b 100644 --- a/web/src/constants.ts +++ b/web/src/constants.ts @@ -28,4 +28,4 @@ export const ColorStyles = css` background-color: var(--pf-global--danger-color--100); } `; -export const VERSION = "2021.2.4-stable"; +export const VERSION = "2021.2.5-stable"; diff --git a/website/docs/installation/docker-compose.md b/website/docs/installation/docker-compose.md index 09e833e2b6..639d592e06 100644 --- a/website/docs/installation/docker-compose.md +++ b/website/docs/installation/docker-compose.md @@ -15,7 +15,7 @@ Download the latest `docker-compose.yml` from [here](https://raw.githubuserconte To optionally enable error-reporting, run `echo AUTHENTIK_ERROR_REPORTING__ENABLED=true >> .env` -To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.2.4-stable >> .env` +To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.2.5-stable >> .env` If this is a fresh authentik install run the following commands to generate a password: diff --git a/website/docs/installation/kubernetes.md b/website/docs/installation/kubernetes.md index ba606711f4..ae3300f2b5 100644 --- a/website/docs/installation/kubernetes.md +++ b/website/docs/installation/kubernetes.md @@ -24,7 +24,7 @@ image: name: beryju/authentik name_static: beryju/authentik-static name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended - tag: 2021.2.4-stable + tag: 2021.2.5-stable serverReplicas: 1 workerReplicas: 1