habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

outposts: release binary outposts (#1954)

Browse Source 
* outposts/proxy: always embed static assets, still check local

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: add initial ci to build outpost as binary

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: fix typo, build web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: upload to release on publish, only run linux on ci

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: ensure latest go is used

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: split e2e tests into two halves

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens L
2021-12-17 20:49:32 +01:00
committed by GitHub
parent 71a22c2a34
commit 95bce9c9e7
7 changed files with 171 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
.github/workflows/ci-main.yml vendored
View File

@ -176,7 +176,7 @@ jobs:
testspace [integration]unittest.xml --link=codecov testspace [integration]unittest.xml --link=codecov
- if: ${{ always() }} - if: ${{ always() }}
uses: codecov/codecov-action@v2 uses: codecov/codecov-action@v2
test-e2e: test-e2e-provider:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v2
@ -215,12 +215,59 @@ jobs:
npm run build npm run build
- name: run e2e - name: run e2e
run: | run: |
pipenv run make test-e2e pipenv run make test-e2e-provider
pipenv run coverage xml pipenv run coverage xml
- name: run testspace - name: run testspace
if: ${{ always() }} if: ${{ always() }}
run: | run: |
testspace [e2e]unittest.xml --link=codecov testspace [e2e-provider]unittest.xml --link=codecov
- if: ${{ always() }}
uses: codecov/codecov-action@v2
test-e2e-rest:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
with:
python-version: '3.9'
- uses: actions/setup-node@v2
with:
node-version: '16'
cache: 'npm'
cache-dependency-path: web/package-lock.json
- uses: testspace-com/setup-testspace@v1
with:
domain: ${{github.repository_owner}}
- id: cache-pipenv
uses: actions/cache@v2.1.7
with:
path: ~/.local/share/virtualenvs
key: ${{ runner.os }}-pipenv-v2-${{ hashFiles('**/Pipfile.lock') }}
- name: prepare
env:
INSTALL: ${{ steps.cache-pipenv.outputs.cache-hit }}
run: |
scripts/ci_prepare.sh
docker-compose -f tests/e2e/docker-compose.yml up -d
- id: cache-web
uses: actions/cache@v2.1.7
with:
path: web/dist
key: ${{ runner.os }}-web-${{ hashFiles('web/package-lock.json', 'web/**') }}
- name: prepare web ui
if: steps.cache-web.outputs.cache-hit != 'true'
run: |
cd web
npm i
npm run build
- name: run e2e
run: |
pipenv run make test-e2e-rest
pipenv run coverage xml
- name: run testspace
if: ${{ always() }}
run: |
testspace [e2e-rest]unittest.xml --link=codecov
- if: ${{ always() }} - if: ${{ always() }}
uses: codecov/codecov-action@v2 uses: codecov/codecov-action@v2
ci-core-mark: ci-core-mark:
@ -230,7 +277,8 @@ jobs:
- test-migrations-from-stable - test-migrations-from-stable
- test-unittest - test-unittest
- test-integration - test-integration
- test-e2e - test-e2e-rest
- test-e2e-provider
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- run: echo mark - run: echo mark

40
.github/workflows/ci-outpost.yml vendored
View File

@ -17,7 +17,7 @@ jobs:
- uses: actions/checkout@v2 - uses: actions/checkout@v2
- uses: actions/setup-go@v2 - uses: actions/setup-go@v2
with: with:
go-version: '^1.16.3' go-version: "^1.17"
- name: Run linter - name: Run linter
run: | run: |
# Create folder structure for go embeds # Create folder structure for go embeds
@ -80,3 +80,41 @@ jobs:
build-args: | build-args: |
GIT_BUILD_HASH=${{ steps.ev.outputs.sha }} GIT_BUILD_HASH=${{ steps.ev.outputs.sha }}
platforms: ${{ matrix.arch }} platforms: ${{ matrix.arch }}
build-outpost-binary:
timeout-minutes: 120
needs:
- ci-outpost-mark
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
type:
- proxy
- ldap
goos: [linux]
goarch: [amd64, arm64]
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: "^1.17"
- uses: actions/setup-node@v2
with:
node-version: '16'
cache: 'npm'
cache-dependency-path: web/package-lock.json
- name: Build web
run: |
cd web
npm install
npm run build-proxy
- name: Build outpost
run: |
set -x
export GOOS=${{ matrix.goos }}
export GOARCH=${{ matrix.goarch }}
go build -tags=outpost_static_embed -v -o ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }} ./cmd/${{ matrix.type }}
- uses: actions/upload-artifact@v2
with:
name: authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}
path: ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}

49
.github/workflows/release-publish.yml vendored
View File

@ -57,7 +57,7 @@ jobs:
- uses: actions/checkout@v2 - uses: actions/checkout@v2
- uses: actions/setup-go@v2 - uses: actions/setup-go@v2
with: with:
go-version: "^1.15" go-version: "^1.17"
- name: Set up QEMU - name: Set up QEMU
uses: docker/setup-qemu-action@v1.2.0 uses: docker/setup-qemu-action@v1.2.0
- name: Set up Docker Buildx - name: Set up Docker Buildx
@ -93,10 +93,57 @@ jobs:
docker pull ghcr.io/goauthentik/${{ matrix.type }}:latest docker pull ghcr.io/goauthentik/${{ matrix.type }}:latest
docker tag ghcr.io/goauthentik/${{ matrix.type }}:latest ghcr.io/goauthentik/${{ matrix.type }}:stable docker tag ghcr.io/goauthentik/${{ matrix.type }}:latest ghcr.io/goauthentik/${{ matrix.type }}:stable
docker push ghcr.io/goauthentik/${{ matrix.type }}:stable docker push ghcr.io/goauthentik/${{ matrix.type }}:stable
build-outpost-binary:
timeout-minutes: 120
needs:
- ci-outpost-mark
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
type:
- proxy
- ldap
goos: [linux, windows, darwin]
goarch: ["386", amd64, arm64]
exclude:
- goarch: "386"
goos: darwin
- goarch: arm64
goos: windows
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: "^1.17"
- uses: actions/setup-node@v2
with:
node-version: '16'
cache: 'npm'
cache-dependency-path: web/package-lock.json
- name: Build web
run: |
cd web
npm install
npm run build-proxy
- name: Build outpost
run: |
set -x
export GOOS=${{ matrix.goos }}
export GOARCH=${{ matrix.goarch }}
go build -tags=outpost_static_embed -v -o ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }} ./cmd/${{ matrix.type }}
- name: Upload binaries to release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}
asset_name: hentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}
tag: ${{ github.ref }}
test-release: test-release:
needs: needs:
- build-server - build-server
- build-outpost - build-outpost
- build-outpost-binary
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v2

7
Makefile
View File

@ -9,8 +9,11 @@ all: lint-fix lint test gen web
test-integration: test-integration:
coverage run manage.py test tests/integration coverage run manage.py test tests/integration
test-e2e: test-e2e-provider:
coverage run manage.py test tests/e2e coverage run manage.py test tests/e2e/test_provider*
test-e2e-rest:
coverage run manage.py test tests/e2e/test_flows* tests/e2e/test_source*
test: test:
coverage run manage.py test authentik coverage run manage.py test authentik

4
internal/outpost/proxyv2/handlers.go
View File

@ -10,6 +10,7 @@ import (
"github.com/prometheus/client_golang/prometheus" "github.com/prometheus/client_golang/prometheus"
"goauthentik.io/internal/outpost/proxyv2/metrics" "goauthentik.io/internal/outpost/proxyv2/metrics"
"goauthentik.io/internal/utils/web" "goauthentik.io/internal/utils/web"
staticWeb "goauthentik.io/web"
) )
func (ps *ProxyServer) HandlePing(rw http.ResponseWriter, r *http.Request) { func (ps *ProxyServer) HandlePing(rw http.ResponseWriter, r *http.Request) {
@ -28,9 +29,8 @@ func (ps *ProxyServer) HandlePing(rw http.ResponseWriter, r *http.Request) {
} }
func (ps *ProxyServer) HandleStatic(rw http.ResponseWriter, r *http.Request) { func (ps *ProxyServer) HandleStatic(rw http.ResponseWriter, r *http.Request) {
staticFs := http.FileServer(http.Dir("./web/dist/"))
before := time.Now() before := time.Now()
web.DisableIndex(http.StripPrefix("/akprox/static/dist", staticFs)).ServeHTTP(rw, r) web.DisableIndex(http.StripPrefix("/akprox/static/dist", staticWeb.StaticHandler)).ServeHTTP(rw, r)
after := time.Since(before) after := time.Since(before)
metrics.Requests.With(prometheus.Labels{ metrics.Requests.With(prometheus.Labels{
"outpost_name": ps.akAPI.Outpost.Name, "outpost_name": ps.akAPI.Outpost.Name,

7
web/static.go
View File

@ -1,9 +1,14 @@
package web package web
import _ "embed" import (
_ "embed"
"net/http"
)
//go:embed robots.txt //go:embed robots.txt
var RobotsTxt []byte var RobotsTxt []byte
//go:embed security.txt //go:embed security.txt
var SecurityTxt []byte var SecurityTxt []byte
var StaticHandler = http.FileServer(http.Dir("./web/dist/"))

19
web/static_outpost.go Normal file
View File

@ -0,0 +1,19 @@
//go:build outpost_static_embed
// +build outpost_static_embed
package web
import (
"embed"
"net/http"
)
//go:embed dist/*
var StaticDist embed.FS
//go:embed authentik
var StaticAuthentik embed.FS
func init() {
StaticHandler = http.FileServer(http.FS(StaticDist))
}