220d739fef
lifecycle: rework otp_merge migration ( #7359 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-28 17:56:04 +02:00
940492a5e1
lifecycle: fix otp merge migration ( #7315 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-26 20:05:33 +02:00
87f2b37348
core: bump pylint from 2.17.7 to 3.0.2 ( #7270 )
...
* core: bump pylint from 2.17.7 to 3.0.2
Bumps [pylint](https://github.com/pylint-dev/pylint ) from 2.17.7 to 3.0.2.
- [Release notes](https://github.com/pylint-dev/pylint/releases )
- [Commits](https://github.com/pylint-dev/pylint/compare/v2.17.7...v3.0.2 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* fix pylint warning
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-10-24 12:37:37 +02:00
6fb7586b00
lifecycle: fix otp_merge migration again ( #7244 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-20 14:27:57 +02:00
0697e3d5a4
rbac: revisions ( #7188 )
...
* improve system migration logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix filter for internal service accounts
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* merge migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* bump go api
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* sources/ldap: check if we need to connect to ldap before connecting
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-16 19:42:19 +02:00
dce913496e
lifecycle: re-fix system migrations ( #7185 )
...
fix system migrations?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-16 17:28:53 +02:00
a22bc5a261
lifecycle: fix install_id migration not running ( #7116 )
...
* lifecycle: fix install_id migration not running
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix ldap test?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* idk if this works
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-09 19:52:06 +02:00
b90ed6bab3
lifecycle: improve reliability of system migrations ( #7089 )
...
* lifecycle: improve reliability of system migrations
better transaction handling which allows for re-trying migrations without needing manual intervention
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove explicit commit
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-06 18:56:10 +02:00
090d2d8362
Revert "lifecycle: improve reliability of system migrations"
...
This reverts commit 3b8b307c4d
2023-10-06 15:46:45 +02:00
3b8b307c4d
lifecycle: improve reliability of system migrations
...
better transaction handling which allows for re-trying migrations without needing manual intervention
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-06 13:51:23 +02:00
a0f607b5ac
web/flows: bottom-align about text on flows page ( #7051 )
...
* web/flows: bottom-align about text on flows page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a bunch of typos
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-03 14:10:10 +02:00
a7a4b18082
fix ak test-all dependencies
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2023-09-11 15:44:26 +02:00
6612f729ec
stages/authenticator: vendor otp ( #6741 )
...
* initial import
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update imports
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove email and hotp for now
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove things we don't need and clean up
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial merge static
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial merge totp
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update webui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add system migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more cleanup, add doctests to test_runner
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fixup more lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup last tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docstrings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* implement SerializerModel
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-09-04 11:45:14 +02:00
fd561ac802
root: connect to backend via socket ( #6720 )
...
* root: connect to gunicorn via socket
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* put socket in temp folder
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use non-socket connection for debug
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't hardcode local url
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix dev_server missing websocket
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dedupe logging config between gunicorn and main app
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* slight refactor for proxy errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-09-02 17:58:37 +02:00
cc6824fd7c
core: bump django from 4.1.7 to 4.2 ( #5238 )
...
* core: bump django from 4.1.7 to 4.2 (#5151 )
* core: bump django from 4.1.7 to 4.2
Bumps [django](https://github.com/django/django ) from 4.1.7 to 4.2.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/4.1.7...4.2 )
---
updated-dependencies:
- dependency-name: django
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* upgrade to psycopg3, use custom engine for prometheus metrics
See https://github.com/korfuri/django-prometheus/issues/350
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make scripts use pscopg3
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial postgres upgrade guide
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update header
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2023-08-01 19:30:28 +02:00
561e6956fe
root: add get_int to config loader instead of casting to int everywhere ( #6436 )
...
* root: add get_int to config loader instead of casting to int everywhere
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve error handling, add test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-07-31 19:34:59 +02:00
2f469d2709
root: partial Live-updating config ( #5959 )
...
* stages/email: directly use email credentials from config
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use custom database backend that supports dynamic credentials
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add crude config reloader
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make method names for CONFIG clearer
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* replace config.set with environ
Not sure if this is the cleanest way, but it persists through a config reload
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add set for @patch
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* even more crudeness
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* clean up some old stuff?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* somewhat rewrite config loader to keep track of a source of an attribute so we can refresh it
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup old things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix flow e2e
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-07-19 23:13:22 +02:00
a987846c76
root: celery refactor ( #6095 )
...
* root: celery refactor
cleanup deprecation messages by configuring celery with a single object
run celery as django management command
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve debug experience
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add debugpy to dev dependencies
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix task_always_eager
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-06-28 16:44:50 +02:00
5b0cc3672b
root: add method to get install_id without django being loaded ( #5755 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-05-25 18:52:21 +02:00
0d0bb1a559
root: add install ID ( #5717 )
...
* root: add install ID
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add fallback when no migrations table exists
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-05-22 17:24:12 +02:00
54d508ae8c
ci: fix pyright errors ( #5392 )
...
* ci: fix pyright errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix error in oauth 1 source
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove redundant blueprint fixtures
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-27 17:33:47 +03:00
94ae490284
lifecycle: migrate internal healthcheck to use go ( #5322 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-20 19:46:49 +03:00
dfa80543b5
root: add ruff linter ( #5240 )
...
* root: add ruff linter
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* actually add ruff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-18 13:28:19 +02:00
1a4c640835
lifecycle: fix worker healthcheck ( #5259 )
...
closes #5258
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-14 14:39:31 +02:00
38bf0ee740
lifecycle: re-add exec to ak wrapper ( #5253 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-14 13:52:11 +02:00
f84a10b59b
core: revert django update ( #5236 )
...
* Revert "core: bump django from 4.1.7 to 4.2 (#5151 )"
This reverts commit 18a4eac527jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-13 14:10:12 +02:00
18a4eac527
core: bump django from 4.1.7 to 4.2 ( #5151 )
...
* core: bump django from 4.1.7 to 4.2
Bumps [django](https://github.com/django/django ) from 4.1.7 to 4.2.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/4.1.7...4.2 )
---
updated-dependencies:
- dependency-name: django
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* upgrade to psycopg3, use custom engine for prometheus metrics
See https://github.com/korfuri/django-prometheus/issues/350
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make scripts use pscopg3
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-04-11 15:00:27 +02:00
02f75a92ce
lifecycle: don't use celery ping for worker healthcheck ( #5153 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-03 18:15:31 +02:00
adcd11b1f8
core: extend postgres configuration ( #5138 )
...
Add postgres configuration options to control
TLS verification and client certificates.
2023-04-02 17:39:36 +02:00
9666d407b4
lifecycle: also migrate before starting worker, trap exit to cleanup mode ( #5123 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-03-30 14:04:38 +02:00
18cfe67719
core: bump black from 22.12.0 to 23.1.0 ( #4584 )
...
* core: bump black from 22.12.0 to 23.1.0
Bumps [black](https://github.com/psf/black ) from 22.12.0 to 23.1.0.
- [Release notes](https://github.com/psf/black/releases )
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md )
- [Commits](https://github.com/psf/black/compare/22.12.0...23.1.0 )
---
updated-dependencies:
- dependency-name: black
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* re-format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-02-01 11:31:32 +01:00
9568f4dbd6
root: improve code style ( #4436 )
...
* cleanup pylint comments
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix url name
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* *: use ExtractHour instead of ExtractDay
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-01-15 17:02:31 +01:00
e6b5810e03
polices/hibp: remove deprecated ( #4363 )
...
* remove hibp
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* don't save event matcher apps in migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* cleanup migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* update docs, update some phrasing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2023-01-05 13:19:26 +01:00
6ca1654129
lifecycle: don't set user/group in gunicorn
...
closes #4098 closes #3236
the user and group are inherited from the parent process so this isnt required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-12-02 12:42:55 +02:00
55aa1897af
root: use single redis db ( #4009 )
...
* use single redis db
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* cleanup prefixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* ensure __str__ always returns string
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix remaining old prefixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-11-15 14:31:29 +01:00
ee6dc45a30
lifecycle: fix incorrect messages looped
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-11-12 16:50:03 +01:00
6882445937
*: handle PermissionError when saving files, ensure permission bits are set correctly
...
closes #3817
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-10-19 20:24:28 +02:00
b16a3d5697
internal: use config system for workers/threads, document the settings ( #3626 )
...
use config system for workers/threads, document the settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-09-21 09:59:03 +02:00
28835fbca7
root: re-use custom log helper from config and cleanup duplicate functions
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-09-10 13:24:31 +02:00
62f93c83d4
ci: update pyright ( #3546 )
2022-09-07 00:23:25 +02:00
d8a68407f9
lifecycle: add worker-status command to debug worker cpu usage issues
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
#3125
2022-08-18 20:13:30 +02:00
ec42d378ab
blueprints/cleanup ( #3369 )
2022-08-05 08:39:00 +02:00
db1dd196e0
lifecycle: optimise container lifecycle and process signals ( #3332 )
...
* add dumb-init, use exec in wrapper
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix exec?
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-07-30 22:41:29 +02:00
658dc63c4c
lifecycle: revert waiting for lock, launch managed reconcile on app import
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-07-19 12:06:57 +02:00
4edec5f666
lifecycle: connect to database first
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-07-19 10:54:56 +02:00
e9d9d658c4
lifecycle: make worker wait for migrations to be done ( #3254 )
...
* lifecycle: make worker wait for migrations to be done
* retry managed reconcile task
2022-07-15 19:44:45 +02:00
d56ddb16b1
lifecycle: fix confusing success messages in startup healthiness check
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-06-20 21:26:21 +02:00
7beebe030d
lifecycle: run bootstrap tasks inline when using automated install
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-06-09 20:09:55 +02:00
6739ded5a9
root: remove flower dependency
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-06-04 14:22:25 +02:00
3eb466ff4b
lifecycle: cleanup prometheus ( #2972 )
...
* remove high cardinality labels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* retry worker number for prometheus multiprocess id
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* revert to pid, use subdirectories
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* cleanup more
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* use worker id based off of https://github.com/benoitc/gunicorn/issues/1352
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix missing app label
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* tests/e2e: remove static names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-05-29 21:45:25 +02:00
