b73de96aa6
lifecycle: fix permissions for unittest xml
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-06-09 16:03:51 +02:00
4ee2f951da
lifecycle: fix check_if_root not working without docker
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-06-09 15:56:12 +02:00
01c5235e82
ci: use bootstrap for testing
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-06-09 15:54:47 +02:00
20493252e2
lifecycle: fix custom port not being set for postgres healthcheck
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-06-09 10:59:48 +02:00
c1c55a6005
lifecycle: fix permission error with local docker
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-05-22 20:47:05 +02:00
634ea61b50
lifecycle: check if group of docker socket exists
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-05-14 00:50:20 +02:00
934e62d5be
lifecycle: fix error when worker is not running as root
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-05-13 22:55:35 +02:00
72e41c03f5
lifecycle: run worker as root and drop perms later to fix docker permission issues
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-05-13 20:11:49 +02:00
f072c600cc
lifecycle: use URl for redis on startup to prevent errors with no paswords
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-05-09 20:13:58 +02:00
ca5761652c
lifecycle: show errors when initial db check fails
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-05-05 20:15:01 +02:00
8a666535a8
website/docs: update container explanation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-05-04 17:49:21 +02:00
988cf15b71
root: initial go proxy, update compose and helm
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-05-03 09:39:09 +02:00
7b8e5c4272
root: auto-migrate on startup, lock database using pg_advisory_lock
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-04-18 14:47:50 +02:00
5627848fad
lifecycle: allow adjustment of worker cores
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-04-11 13:20:27 +02:00
4054e6da8c
helm: don't automount Service token when integration is not enabled, improve k8s detection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-04-07 16:16:17 +02:00
8708e487ae
stages: add WebAuthn stage ( #550 )
...
* core: add User.uid for globally unique user ID
* admin: fix ?next for Flow list
* stages: add initial webauthn implementation
* web: add ak-flow-submit event to submit flow stage
* web: show error message for webauthn registration
* admin: fix next param not redirecting correctly
* stages/webauthn: remove form
* stages/webauthn: add API
* web: update flow diagram on ak-refresh
* stages/webauthn: add initial authentication
* stages/webauthn: initial authentication implementation
* web: cleanup webauthn utils
* stages: rename otp_* to authenticator and move webauthn to authenticator
* docs: fix broken links
* stages/authenticator_*: fix template paths
* stages/authenticator_validate: add device classes
* stages/authenticator_webauthn: implement django_otp.devices
* stages/authenticator_*: update default stage names
* web: add button to create stage on flow page
* web: don't minify HTML, remove nbsp
* admin: fix typo in stage list
* stages/*: use common base class for stage serializer
* stages/authenticator_*: create default objects after rename
* tests/e2e: adjust stage order
2021-02-17 20:49:58 +01:00
bfe8bb5e61
lifecycle: fix typo causing single process in docker-compose
2021-01-27 10:13:23 +01:00
1ccf6dcf6f
events: Notifications ( #418 )
...
* events: initial alerting implementation
* policies: move error handling to process, ensure policy UUID is saved
* policies: add tests for error handling in PolicyProcess
* events: improve loop detection
* events: add API for action and trigger
* policies: ensure http_request is not used in context
* events: adjust unittests for user handling
* policies/event_matcher: add policy type
* events: add API tests
* events: add middleware tests
* core: make application's provider not required
* outposts: allow blank kubeconfig
* outposts: validate kubeconfig before saving
* api: fix formatting
* stages/invitation: remove invitation_created signal as model_created functions the same
* stages/invitation: ensure created_by is set when creating from API
* events: rebase migrations on master
* events: fix missing Alerts from API
* policies: fix unittests
* events: add tests for alerts
* events: rename from alerting to notifications
* events: add ability to specify severity of notification created
* policies/event_matcher: Add app field to match on event app
* policies/event_matcher: fix EventMatcher not being included in API
* core: use objects.none() when get_queryset is used
* events: use m2m for multiple transports, create notification object in task
* events: add default triggers
* events: fix migrations return value
* events: fix notification_transport not being in the correct queue
* stages/email: allow sending of email without backend
* events: implement sending via webhook + slack/discord + email
2021-01-11 18:43:59 +01:00
bc9e7e8b93
build(deps): bump structlog from 20.1.0 to 20.2.0 ( #445 )
...
* build(deps): bump structlog from 20.1.0 to 20.2.0
Bumps [structlog](https://github.com/hynek/structlog ) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/hynek/structlog/releases )
- [Changelog](https://github.com/hynek/structlog/blob/master/CHANGELOG.rst )
- [Commits](https://github.com/hynek/structlog/compare/20.1.0...20.2.0 )
Signed-off-by: dependabot[bot] <support@github.com >
* *: use structlog.stdlib instead of structlog for type-hints
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-01-01 15:39:43 +01:00
dc16a8a4c9
providers/proxy: set proxy-size for nginx for larger response
2020-12-28 00:45:58 +01:00
a4dc6d13b5
events: rename audit to events and use for more metrics ( #397 )
...
* events: rename audit to events
* policies/expression: log expression exceptions as event
* policies/expression: add ExpressionPolicy Model to event when possible
* lib/expressions: ensure syntax errors are logged too
* lib: fix lint error
* policies: add execution_logging field
* core: add property mapping tests
* policies/expression: add full test
* policies/expression: fix attribute name
* policies: add execution_logging
* web: fix imports
* root: update swagger
* policies: use dataclass instead of dict for types
* events: add support for dataclass as event param
* events: add special keys which are never cleaned
* policies: add tests for process, don't clean full cache
* admin: create event when new version is seen
* events: move utils to separate file
* admin: add tests for admin tasks
* events: add .set_user method to ensure users have correct attributes set
* core: add test for property_mapping errors with user and request
2020-12-20 22:04:29 +01:00
d2862ddc93
lifecycle: clean full redis as part of system migration
2020-12-12 23:30:49 +01:00
2caa1e7650
build(deps-dev): bump bandit from 1.6.2 to 1.6.3 ( #371 )
...
* build(deps-dev): bump bandit from 1.6.2 to 1.6.3
Bumps [bandit](https://github.com/PyCQA/bandit ) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/PyCQA/bandit/releases )
- [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3 )
Signed-off-by: dependabot[bot] <support@github.com >
* root: update for new bandit version
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org >
2020-12-07 11:21:07 +01:00
e0bc4f1da5
lifecycle: fix outpost service connections not being migrated
2020-12-06 12:22:51 +01:00
1cfe1aff13
wip: rename to authentik ( #361 )
...
* root: initial rename
* web: rename custom element prefix
* root: rename external functions with pb_ prefix
* root: fix formatting
* root: replace domain with goauthentik.io
* proxy: update path
* root: rename remaining prefixes
* flows: rename file extension
* root: pbadmin -> akadmin
* docs: fix image filenames
* lifecycle: ignore migration files
* ci: copy default config from current source before loading last tagged
* *: new sentry dsn
* tests: fix missing python3.9-dev package
* root: add additional migrations for service accounts created by outposts
* core: mark system-created service accounts with attribute
* policies/expression: fix pb_ replacement not working
* web: fix last linting errors, add lit-analyse
* policies/expressions: fix lint errors
* web: fix sidebar display on screens where not all items fit
* proxy: attempt to fix proxy pipeline
* proxy: use go env GOPATH to get gopath
* lib: fix user_default naming inconsistency
* docs: add upgrade docs
* docs: update screenshots to use authentik
* admin: fix create button on empty-state of outpost
* web: fix modal submit not refreshing SiteShell and Table
* web: fix height of app-card and height of generic icon
* web: fix rendering of subtext
* admin: fix version check error not being caught
* web: fix worker count not being shown
* docs: update screenshots
* root: new icon
* web: fix lint error
* admin: fix linting error
* root: migrate coverage config to pyproject
2020-12-05 22:08:42 +01:00
5faafbbca6
root: ensure manual loggers also have timestamp
2020-11-16 01:41:33 +01:00
287cb72d6f
root: fix websockets not working correctly
2020-11-11 14:51:26 +01:00
b775f2788c
build(deps): bump channels from 2.4.0 to 3.0.0 ( #309 )
...
* build(deps): bump channels from 2.4.0 to 3.0.0
Bumps [channels](https://github.com/django/channels ) from 2.4.0 to 3.0.0.
- [Release notes](https://github.com/django/channels/releases )
- [Changelog](https://github.com/django/channels/blob/master/CHANGELOG.txt )
- [Commits](https://github.com/django/channels/compare/2.4.0...3.0.0 )
Signed-off-by: dependabot[bot] <support@github.com >
* root: update for channels 3
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org >
2020-11-02 10:26:26 +01:00
c3917ebc2e
lifecycle: fix formatting
2020-10-19 16:13:45 +02:00
7203bd37a3
outposts: replace migration with string backup handler
2020-10-19 16:04:38 +02:00
597188c7ee
lifecycle: fix migration trying to load all classes
2020-10-19 15:55:16 +02:00
c6661ef4d2
lifecycle: add migration to 0.12 which removes old outpost state from cache
2020-10-19 14:35:38 +02:00
91ce7f7363
root: implement monitored tasks
2020-10-16 11:28:54 +02:00
9fb1ac98ec
Backup/Restore ( #256 )
...
* lifecycle: move s3 backup settings to s3 name
* providers/oauth2: fix for alerting for missing certificatekeypair
* lifecycle: add backup commands
see #252
* lifecycle: install postgres-client for 11 and 12
* root: migrate to DBBACKUP_STORAGE_OPTIONS, add region setting
* lifecycle: auto-clean last backups
* helm: add s3 region parameter, add cronjob for backups
* docs: add backup docs
* root: remove backup scheduled task for now
2020-10-03 20:36:36 +02:00
502e43085f
lifecycle: update celery command for 5.0
2020-09-26 02:17:39 +02:00
50c75087b8
lifecycle: fix startup logs not being full json
2020-09-21 11:04:31 +02:00
97ce143efe
lifecycle: adjust worker count
2020-09-17 09:35:08 +02:00
e401575894
lifecycle: fix worker not running scheduled tasks
2020-09-15 11:20:28 +02:00
23cccebb96
pytest ( #209 )
2020-09-11 23:21:11 +02:00
430905295d
root: automate system migrations, move docker to lifecycle folder
2020-09-10 00:18:39 +02:00
