outposts: use noop flag in each reconciler instead of raising Disabled and force use of get_referecen_object

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 00:27:29 +02:00
parent 9b60fcb08b
commit 788fd00390
4 changed files with 25 additions and 32 deletions
--- a/authentik/providers/proxy/controllers/k8s/ingress.py
+++ b/authentik/providers/proxy/controllers/k8s/ingress.py
@ -17,7 +17,6 @@ from kubernetes.client.models.networking_v1beta1_ingress_rule import (

 from authentik.outposts.controllers.base import FIELD_MANAGER
 from authentik.outposts.controllers.k8s.base import (
-    Disabled,
    KubernetesObjectReconciler,
    NeedsUpdate,
 )
@ -137,9 +136,6 @@ class IngressReconciler(KubernetesObjectReconciler[NetworkingV1beta1Ingress]):
                    ),
                )
            rules.append(rule)
-        if not rules:
-            self.logger.debug("No providers use proxying, no ingress needed")
-            raise Disabled()
        tls_config = None
        if tls_hosts:
            tls_config = NetworkingV1beta1IngressTLS(
--- a/authentik/providers/proxy/controllers/k8s/traefik.py
+++ b/authentik/providers/proxy/controllers/k8s/traefik.py
@ -7,7 +7,6 @@ from kubernetes.client import ApiextensionsV1Api, CustomObjectsApi

 from authentik.outposts.controllers.base import FIELD_MANAGER
 from authentik.outposts.controllers.k8s.base import (
-    Disabled,
    KubernetesObjectReconciler,
    NeedsUpdate,
 )
@ -70,6 +69,18 @@ class TraefikMiddlewareReconciler(KubernetesObjectReconciler[TraefikMiddleware])
        self.api_ex = ApiextensionsV1Api(controller.client)
        self.api = CustomObjectsApi(controller.client)

+    def noop(self) -> bool:
+        if not ProxyProvider.objects.filter(
+            outpost__in=[self.controller.outpost],
+            forward_auth_mode=True,
+        ).exists():
+            self.logger.debug("No providers with forward auth enabled.")
+            return True
+        if not self._crd_exists():
+            self.logger.debug("CRD doesn't exist")
+            return True
+        return False
+
    def _crd_exists(self) -> bool:
        """Check if the traefik middleware exists"""
        return bool(
@ -87,15 +98,6 @@ class TraefikMiddlewareReconciler(KubernetesObjectReconciler[TraefikMiddleware])

    def get_reference_object(self) -> TraefikMiddleware:
        """Get deployment object for outpost"""
-        if not ProxyProvider.objects.filter(
-            outpost__in=[self.controller.outpost],
-            forward_auth_mode=True,
-        ).exists():
-            self.logger.debug("No providers with forward auth enabled.")
-            raise Disabled()
-        if not self._crd_exists():
-            self.logger.debug("CRD doesn't exist")
-            raise Disabled()
        return TraefikMiddleware(
            apiVersion=f"{CRD_GROUP}/{CRD_VERSION}",
            kind="Middleware",