f0e24677a8
lifecycle: only create tenant media root if needed ( #10616 )
2024-07-24 20:39:19 +02:00
ae86184511
root: add configuration option to enable fips ( #10088 )
2024-06-14 10:04:00 +00:00
a841743c74
lifecycle/migrate: only acquire lock once ( #9856 )
2024-05-24 11:36:00 +00:00
c3445374c2
core: FIPS ( #9683 )
...
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-05-23 17:34:52 +00:00
fbab822db1
core: bump ruff from 0.4.4 to 0.4.5 ( #9819 )
...
* core: bump ruff from 0.4.4 to 0.4.5
Bumps [ruff](https://github.com/astral-sh/ruff ) from 0.4.4 to 0.4.5.
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/v0.4.4...v0.4.5 )
---
updated-dependencies:
- dependency-name: ruff
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-05-23 13:12:52 +02:00
039570a140
lifecycle: close database connection after migrating ( #9516 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-04-30 21:04:30 +02:00
b324dc0ce2
lifecycle: always try custom redis URL ( #9441 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-04-26 13:24:36 +02:00
fc43e841c9
lifecycle: fix ak test-all command
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-04-24 19:11:53 +02:00
a742331484
root: make redis settings more consistent ( #9335 )
...
* make redis settings more consistent
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add support to go
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rewrite url
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix redis connect in wait_for_db
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* censor password when logging error
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* reword docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add redis url generation helper
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-04-18 16:49:41 +02:00
33fa159dad
lifecycle: gunicorn: fix app preload ( #9274 )
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-04-15 21:28:25 +02:00
54b951d3cc
root: fix redis username in lifecycle ( #9158 )
...
Signed-off-by: Yeechan Lu <git@orzfly.com >
2024-04-07 20:05:46 +02:00
7ea721c487
root: move database calls from ready() to dedicated startup signal ( #9081 )
...
* root: move database calls from ready() to dedicated startup signal
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* optimise gunicorn startup to only do DB code in one worker
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* always use 2 workers in compose
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* send startup signals for test runner
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove k8s import that isn't really needed
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ci: bump nested actions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix @reconcile_app not triggering reconcile due to changed functions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* connect startup with uid
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* adjust some log levels
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove internal healthcheck
we didn't really use it to do anything, and we shouldn't have to since the live/ready probes are handled by django anyways and so the container runtime will restart the server if needed
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add setproctitle for gunicorn and celery process titles
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* configure structlog early to use it
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Revert "configure structlog early to use it"
This reverts commit 16778fdbbca0f5c474d376c2f85c6f8032c06044.
* Revert "adjust some log levels"
This reverts commit a129f7ab6aecf27f1206aea1ad8384ce897b74ad.
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
# Conflicts:
# authentik/root/settings.py
* optimize startup to not spawn a bunch of one-off processes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* idk why this shows up
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-04-02 14:19:32 +02:00
15c7be1979
lifecycle: migrate: ensure template schema exists before migrating ( #8952 )
2024-03-25 13:11:02 +01:00
104e70c383
root: support redis username ( #8935 )
2024-03-18 12:44:38 +01:00
b225b0200e
root: early spring clean for linting ( #8498 )
...
* remove pyright
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove pylint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* replace pylint with ruff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ruff fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix UP038
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix DJ012
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix default arg
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix UP031
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rename stage type to view
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix DJ008
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix remaining upgrade
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix PLR2004
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix B904
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix PLW2901
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix remaining issues
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* prevent ruff from breaking the code
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* stages/prompt: refactor field building
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fully remove isort
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-02-24 18:13:35 +01:00
8ab84c8d91
ci: fix release pipeline ( #8530 )
2024-02-15 16:53:23 +00:00
8949464294
root: reformat with latest black version and fix tests ( #8376 )
...
* format files
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix pyright
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* revert #8367
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* sigh
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-31 15:24:45 +01:00
9ed2b74661
root: fix system check warnings ( #8277 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-24 12:10:55 +01:00
abc0c2d2a2
root: Multi-tenancy ( #7590 )
...
* tenants -> brands, init new tenant model, migrate some config to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* setup logging for tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* configure celery and cache
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* small fixes, runs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* task fixes, creation of tenant now works by cloning a template schema, some other small stuff
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix-tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* upstream fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix-pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix avatar tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* migrate config reputation_expiry as well
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web rebase
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema 3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* revert reputation expiry migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix type
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix some more tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* website: tenants -> brands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* start frontend :help:
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add ability to disable tenants api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* delete embedded outpost if it is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure embedded outpost is disabled when tenants are enabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* management commands: add --schema option where relevant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* store files per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix embedded outpost deletion
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tenant api tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add domain tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add settings tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make --schema-name default to public in mgmt commands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* sources/ldap: make sure lock is per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix stuff I broke
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix remaining failing tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* much better frontend, but save does not refresh form properly
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update django-tenants with latest fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* i18n-extract
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* review comments
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* move event_retention from brands to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* root: add support for storing media files in S3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* use permissions for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* blueprints: disable tenants management
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix embedded outpost create/delete logic
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make gen
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure prometheus metrics are correctly served
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* makefile: don't delete the go api client when not regenerating it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* tenants api: add recovery group and token creation endpoints
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix startup
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix prometheus metrics
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migrations from stable
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix oauth source type import
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Revert "fix oauth source type import"
This reverts commit d015fd0244marc.schmitt@risson.space >
* try with connection_created signal
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix scim tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix enterprise settings
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "try with connection_created signal"
This reverts commit 764a999db832b40a3bbbmarc.schmitt@risson.space >
* fix django version
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* relock poetry
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix reconcile
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try running tenant save in a transaction
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* black
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* test: export postgres logs for debugging and use failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test: fix container name for logs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* do not copy tenant data
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "try running tenant save in a transaction"
This reverts commit da6dec5a614bffb19704marc.schmitt@risson.space >
* why not
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove postgres query logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update reconcile logic to clearly differentiate between tenant and global
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix reconcile app decorator
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* enable django checks
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually nodata was unnecessary as we're cloning from template and not from public
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update django-tenants with sequence fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually update
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tests for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tests for recovery api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* recovery tests: do them on a new tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* web: fix system status being degraded when embedded outpost is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix recovery tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add management command to create a tenant
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* release notes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* more docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* checklist
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* self review
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* spelling
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make web after upgrading
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove extra xlif file
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* prettier
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "add management command to create a tenant"
This reverts commit 39d13c0447jens@goauthentik.io >
* rewite some things on the release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* root: make sure install_id comes from public schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* require a license to use tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* release notes: add warning about user sessions being invalidated
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove api disabled test, we can't test for it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-01-23 14:28:06 +01:00
1fccbaa693
scripts: postgres, redis: only listen on localhost ( #7849 )
...
Co-authored-by: Jens L <jens@goauthentik.io >
2023-12-11 11:08:48 +00:00
220d739fef
lifecycle: rework otp_merge migration ( #7359 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-28 17:56:04 +02:00
940492a5e1
lifecycle: fix otp merge migration ( #7315 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-26 20:05:33 +02:00
87f2b37348
core: bump pylint from 2.17.7 to 3.0.2 ( #7270 )
...
* core: bump pylint from 2.17.7 to 3.0.2
Bumps [pylint](https://github.com/pylint-dev/pylint ) from 2.17.7 to 3.0.2.
- [Release notes](https://github.com/pylint-dev/pylint/releases )
- [Commits](https://github.com/pylint-dev/pylint/compare/v2.17.7...v3.0.2 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* fix pylint warning
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-10-24 12:37:37 +02:00
6fb7586b00
lifecycle: fix otp_merge migration again ( #7244 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-20 14:27:57 +02:00
0697e3d5a4
rbac: revisions ( #7188 )
...
* improve system migration logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix filter for internal service accounts
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* merge migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* bump go api
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* sources/ldap: check if we need to connect to ldap before connecting
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-16 19:42:19 +02:00
dce913496e
lifecycle: re-fix system migrations ( #7185 )
...
fix system migrations?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-16 17:28:53 +02:00
a22bc5a261
lifecycle: fix install_id migration not running ( #7116 )
...
* lifecycle: fix install_id migration not running
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix ldap test?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* idk if this works
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-09 19:52:06 +02:00
b90ed6bab3
lifecycle: improve reliability of system migrations ( #7089 )
...
* lifecycle: improve reliability of system migrations
better transaction handling which allows for re-trying migrations without needing manual intervention
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove explicit commit
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-06 18:56:10 +02:00
090d2d8362
Revert "lifecycle: improve reliability of system migrations"
...
This reverts commit 3b8b307c4d
2023-10-06 15:46:45 +02:00
3b8b307c4d
lifecycle: improve reliability of system migrations
...
better transaction handling which allows for re-trying migrations without needing manual intervention
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-06 13:51:23 +02:00
a0f607b5ac
web/flows: bottom-align about text on flows page ( #7051 )
...
* web/flows: bottom-align about text on flows page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a bunch of typos
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-03 14:10:10 +02:00
a7a4b18082
fix ak test-all dependencies
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2023-09-11 15:44:26 +02:00
6612f729ec
stages/authenticator: vendor otp ( #6741 )
...
* initial import
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update imports
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove email and hotp for now
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove things we don't need and clean up
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial merge static
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial merge totp
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update webui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add system migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more cleanup, add doctests to test_runner
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fixup more lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup last tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docstrings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* implement SerializerModel
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-09-04 11:45:14 +02:00
fd561ac802
root: connect to backend via socket ( #6720 )
...
* root: connect to gunicorn via socket
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* put socket in temp folder
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use non-socket connection for debug
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't hardcode local url
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix dev_server missing websocket
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dedupe logging config between gunicorn and main app
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* slight refactor for proxy errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-09-02 17:58:37 +02:00
cc6824fd7c
core: bump django from 4.1.7 to 4.2 ( #5238 )
...
* core: bump django from 4.1.7 to 4.2 (#5151 )
* core: bump django from 4.1.7 to 4.2
Bumps [django](https://github.com/django/django ) from 4.1.7 to 4.2.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/4.1.7...4.2 )
---
updated-dependencies:
- dependency-name: django
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* upgrade to psycopg3, use custom engine for prometheus metrics
See https://github.com/korfuri/django-prometheus/issues/350
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make scripts use pscopg3
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial postgres upgrade guide
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update header
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2023-08-01 19:30:28 +02:00
561e6956fe
root: add get_int to config loader instead of casting to int everywhere ( #6436 )
...
* root: add get_int to config loader instead of casting to int everywhere
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve error handling, add test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-07-31 19:34:59 +02:00
2f469d2709
root: partial Live-updating config ( #5959 )
...
* stages/email: directly use email credentials from config
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use custom database backend that supports dynamic credentials
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add crude config reloader
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make method names for CONFIG clearer
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* replace config.set with environ
Not sure if this is the cleanest way, but it persists through a config reload
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add set for @patch
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* even more crudeness
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* clean up some old stuff?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* somewhat rewrite config loader to keep track of a source of an attribute so we can refresh it
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup old things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix flow e2e
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-07-19 23:13:22 +02:00
a987846c76
root: celery refactor ( #6095 )
...
* root: celery refactor
cleanup deprecation messages by configuring celery with a single object
run celery as django management command
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve debug experience
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add debugpy to dev dependencies
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix task_always_eager
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-06-28 16:44:50 +02:00
5b0cc3672b
root: add method to get install_id without django being loaded ( #5755 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-05-25 18:52:21 +02:00
0d0bb1a559
root: add install ID ( #5717 )
...
* root: add install ID
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add fallback when no migrations table exists
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-05-22 17:24:12 +02:00
54d508ae8c
ci: fix pyright errors ( #5392 )
...
* ci: fix pyright errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix error in oauth 1 source
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove redundant blueprint fixtures
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-27 17:33:47 +03:00
94ae490284
lifecycle: migrate internal healthcheck to use go ( #5322 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-20 19:46:49 +03:00
dfa80543b5
root: add ruff linter ( #5240 )
...
* root: add ruff linter
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* actually add ruff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-18 13:28:19 +02:00
1a4c640835
lifecycle: fix worker healthcheck ( #5259 )
...
closes #5258
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-14 14:39:31 +02:00
38bf0ee740
lifecycle: re-add exec to ak wrapper ( #5253 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-14 13:52:11 +02:00
f84a10b59b
core: revert django update ( #5236 )
...
* Revert "core: bump django from 4.1.7 to 4.2 (#5151 )"
This reverts commit 18a4eac527jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-13 14:10:12 +02:00
18a4eac527
core: bump django from 4.1.7 to 4.2 ( #5151 )
...
* core: bump django from 4.1.7 to 4.2
Bumps [django](https://github.com/django/django ) from 4.1.7 to 4.2.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/4.1.7...4.2 )
---
updated-dependencies:
- dependency-name: django
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* upgrade to psycopg3, use custom engine for prometheus metrics
See https://github.com/korfuri/django-prometheus/issues/350
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make scripts use pscopg3
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-04-11 15:00:27 +02:00
02f75a92ce
lifecycle: don't use celery ping for worker healthcheck ( #5153 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-03 18:15:31 +02:00
adcd11b1f8
core: extend postgres configuration ( #5138 )
...
Add postgres configuration options to control
TLS verification and client certificates.
2023-04-02 17:39:36 +02:00
9666d407b4
lifecycle: also migrate before starting worker, trap exit to cleanup mode ( #5123 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-03-30 14:04:38 +02:00
