Compare commits
32 Commits
version/20
...
version/20
| Author | SHA1 | Date | |
|---|---|---|---|
| 6f1fb9ca43 | |||
| 09f56f1f01 | |||
| 3d3a0cd9e3 | |||
| 32667f37d1 | |||
| 9532c4df9d | |||
| fd90979832 | |||
| 2e20d5dfbf | |||
| 33f06f0799 | |||
| 920736fc77 | |||
| ee8e42728e | |||
| 204792b750 | |||
| 8ffa3e5885 | |||
| 175d3b3377 | |||
| d5f35798dc | |||
| 1a0aa7e944 | |||
| 677a181b9c | |||
| 4b551add1a | |||
| 90220e911f | |||
| 217cca822d | |||
| e6f897c7e6 | |||
| 65c9d4bf4c | |||
| 6e88e52d78 | |||
| 4e884e80ab | |||
| d19bfebce3 | |||
| b86d4a455d | |||
| 222cece3e1 | |||
| 6e69edf1af | |||
| 55aab5660b | |||
| 08e7ef3c1e | |||
| d728163eea | |||
| cbf246694c | |||
| 9d0a01012d |
@ -1,5 +1,5 @@
|
||||
[bumpversion]
|
||||
current_version = 2021.1.1-rc2
|
||||
current_version = 2021.1.2-stable
|
||||
tag = True
|
||||
commit = True
|
||||
parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-(?P<release>.*)
|
||||
|
||||
14
.github/workflows/release.yml
vendored
14
.github/workflows/release.yml
vendored
@ -18,11 +18,11 @@ jobs:
|
||||
- name: Building Docker Image
|
||||
run: docker build
|
||||
--no-cache
|
||||
-t beryju/authentik:2021.1.1-rc2
|
||||
-t beryju/authentik:2021.1.2-stable
|
||||
-t beryju/authentik:latest
|
||||
-f Dockerfile .
|
||||
- name: Push Docker Container to Registry (versioned)
|
||||
run: docker push beryju/authentik:2021.1.1-rc2
|
||||
run: docker push beryju/authentik:2021.1.2-stable
|
||||
- name: Push Docker Container to Registry (latest)
|
||||
run: docker push beryju/authentik:latest
|
||||
build-proxy:
|
||||
@ -48,11 +48,11 @@ jobs:
|
||||
cd outpost/
|
||||
docker build \
|
||||
--no-cache \
|
||||
-t beryju/authentik-proxy:2021.1.1-rc2 \
|
||||
-t beryju/authentik-proxy:2021.1.2-stable \
|
||||
-t beryju/authentik-proxy:latest \
|
||||
-f proxy.Dockerfile .
|
||||
- name: Push Docker Container to Registry (versioned)
|
||||
run: docker push beryju/authentik-proxy:2021.1.1-rc2
|
||||
run: docker push beryju/authentik-proxy:2021.1.2-stable
|
||||
- name: Push Docker Container to Registry (latest)
|
||||
run: docker push beryju/authentik-proxy:latest
|
||||
build-static:
|
||||
@ -69,11 +69,11 @@ jobs:
|
||||
cd web/
|
||||
docker build \
|
||||
--no-cache \
|
||||
-t beryju/authentik-static:2021.1.1-rc2 \
|
||||
-t beryju/authentik-static:2021.1.2-stable \
|
||||
-t beryju/authentik-static:latest \
|
||||
-f Dockerfile .
|
||||
- name: Push Docker Container to Registry (versioned)
|
||||
run: docker push beryju/authentik-static:2021.1.1-rc2
|
||||
run: docker push beryju/authentik-static:2021.1.2-stable
|
||||
- name: Push Docker Container to Registry (latest)
|
||||
run: docker push beryju/authentik-static:latest
|
||||
test-release:
|
||||
@ -107,5 +107,5 @@ jobs:
|
||||
SENTRY_PROJECT: authentik
|
||||
SENTRY_URL: https://sentry.beryju.org
|
||||
with:
|
||||
tagName: 2021.1.1-rc2
|
||||
tagName: 2021.1.2-stable
|
||||
environment: beryjuorg-prod
|
||||
|
||||
12
Pipfile.lock
generated
12
Pipfile.lock
generated
@ -74,18 +74,18 @@
|
||||
},
|
||||
"boto3": {
|
||||
"hashes": [
|
||||
"sha256:b5052144034e490358c659d0e480c17a4e604fd3aee9a97ddfe6e361a245a4a5",
|
||||
"sha256:efd6c96c98900e9fbf217f13cb58f59b793e51f69a1ce61817eefd31f17c6ef5"
|
||||
"sha256:3f26aad4c6b238055d17fd662620284ffb4ced542ed9a2f7f9df65d97a3f1190",
|
||||
"sha256:47151ed571c316458f4931cd2422995ba0c9f6818c5df7d75f49fc845208e42e"
|
||||
],
|
||||
"index": "pypi",
|
||||
"version": "==1.16.55"
|
||||
"version": "==1.16.56"
|
||||
},
|
||||
"botocore": {
|
||||
"hashes": [
|
||||
"sha256:760d0c16c1474c2a46e3fa45e33ae7457b5cab7410737ab1692340ade764cc73",
|
||||
"sha256:b34327d84b3bb5620fb54603677a9a973b167290c2c1e7ab69c4a46b201c6d46"
|
||||
"sha256:01496e4c2c06aab79689f2c345a0e2cceb5fe1da7858a7e7df189bcf97703223",
|
||||
"sha256:a37d073c2f166753cc3799e77d87d4096e24433fcca5e7c8cc8e77e5dbfe60e9"
|
||||
],
|
||||
"version": "==1.19.55"
|
||||
"version": "==1.19.56"
|
||||
},
|
||||
"cachetools": {
|
||||
"hashes": [
|
||||
|
||||
@ -1,2 +1,2 @@
|
||||
"""authentik"""
|
||||
__version__ = "2021.1.1-rc2"
|
||||
__version__ = "2021.1.2-stable"
|
||||
|
||||
@ -14,7 +14,7 @@ from rest_framework.response import Response
|
||||
from rest_framework.serializers import Serializer
|
||||
from rest_framework.viewsets import ViewSet
|
||||
|
||||
from authentik.lib.tasks import TaskInfo
|
||||
from authentik.events.monitored_tasks import TaskInfo
|
||||
|
||||
|
||||
class TaskSerializer(Serializer):
|
||||
|
||||
@ -6,7 +6,7 @@ from structlog.stdlib import get_logger
|
||||
|
||||
from authentik import __version__
|
||||
from authentik.events.models import Event, EventAction
|
||||
from authentik.lib.tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.root.celery import CELERY_APP
|
||||
|
||||
LOGGER = get_logger()
|
||||
|
||||
@ -4,7 +4,7 @@ from typing import Any, Dict
|
||||
from django.views.generic.base import TemplateView
|
||||
|
||||
from authentik.admin.mixins import AdminRequiredMixin
|
||||
from authentik.lib.tasks import TaskInfo, TaskResultStatus
|
||||
from authentik.events.monitored_tasks import TaskInfo, TaskResultStatus
|
||||
|
||||
|
||||
class TaskListView(AdminRequiredMixin, TemplateView):
|
||||
|
||||
@ -86,7 +86,11 @@ class ApplicationViewSet(ModelViewSet):
|
||||
engine.build()
|
||||
if engine.passing:
|
||||
allowed_applications.append(application)
|
||||
cache.set(user_app_cache_key(self.request.user.pk), allowed_applications)
|
||||
cache.set(
|
||||
user_app_cache_key(self.request.user.pk),
|
||||
allowed_applications,
|
||||
timeout=86400,
|
||||
)
|
||||
serializer = self.get_serializer(allowed_applications, many=True)
|
||||
return self.get_paginated_response(serializer.data)
|
||||
|
||||
|
||||
@ -11,7 +11,7 @@ from django.utils.timezone import now
|
||||
from structlog.stdlib import get_logger
|
||||
|
||||
from authentik.core.models import ExpiringModel
|
||||
from authentik.lib.tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.root.celery import CELERY_APP
|
||||
|
||||
LOGGER = get_logger()
|
||||
|
||||
@ -22,7 +22,6 @@ from authentik.events.utils import cleanse_dict, get_user, sanitize_dict
|
||||
from authentik.lib.sentry import SentryIgnoredException
|
||||
from authentik.lib.utils.http import get_client_ip
|
||||
from authentik.policies.models import PolicyBindingModel
|
||||
from authentik.stages.email.tasks import send_mail
|
||||
from authentik.stages.email.utils import TemplateEmailMessage
|
||||
|
||||
LOGGER = get_logger("authentik.events")
|
||||
@ -57,6 +56,9 @@ class EventAction(models.TextChoices):
|
||||
POLICY_EXCEPTION = "policy_exception"
|
||||
PROPERTY_MAPPING_EXCEPTION = "property_mapping_exception"
|
||||
|
||||
SYSTEM_TASK_EXECUTION = "system_task_execution"
|
||||
SYSTEM_TASK_EXCEPTION = "system_task_exception"
|
||||
|
||||
CONFIGURATION_ERROR = "configuration_error"
|
||||
|
||||
MODEL_CREATED = "model_created"
|
||||
@ -280,9 +282,11 @@ class NotificationTransport(models.Model):
|
||||
)
|
||||
# Email is sent directly here, as the call to send() should have been from a task.
|
||||
try:
|
||||
from authentik.stages.email.tasks import send_mail
|
||||
|
||||
# pyright: reportGeneralTypeIssues=false
|
||||
return send_mail(mail.__dict__) # pylint: disable=no-value-for-parameter
|
||||
except (SMTPException, ConnectionError) as exc:
|
||||
except (SMTPException, ConnectionError, OSError) as exc:
|
||||
raise NotificationTransportError from exc
|
||||
|
||||
def __str__(self) -> str:
|
||||
|
||||
@ -8,6 +8,8 @@ from typing import Any, Dict, List, Optional
|
||||
from celery import Task
|
||||
from django.core.cache import cache
|
||||
|
||||
from authentik.events.models import Event, EventAction
|
||||
|
||||
|
||||
class TaskResultStatus(Enum):
|
||||
"""Possible states of tasks"""
|
||||
@ -122,6 +124,13 @@ class MonitoredTask(Task):
|
||||
task_call_args=args,
|
||||
task_call_kwargs=kwargs,
|
||||
).save(self.result_timeout_hours)
|
||||
Event.new(
|
||||
EventAction.SYSTEM_TASK_EXECUTION,
|
||||
message=(
|
||||
f"Task {self.__name__} finished successfully: "
|
||||
"\n".join(self._result.messages)
|
||||
),
|
||||
).save()
|
||||
return super().after_return(status, retval, task_id, args, kwargs, einfo=einfo)
|
||||
|
||||
# pylint: disable=too-many-arguments
|
||||
@ -138,6 +147,13 @@ class MonitoredTask(Task):
|
||||
task_call_args=args,
|
||||
task_call_kwargs=kwargs,
|
||||
).save(self.result_timeout_hours)
|
||||
Event.new(
|
||||
EventAction.SYSTEM_TASK_EXCEPTION,
|
||||
message=(
|
||||
f"Task {self.__name__} encountered an error: "
|
||||
"\n".join(self._result.messages)
|
||||
),
|
||||
).save()
|
||||
return super().on_failure(exc, task_id, args, kwargs, einfo=einfo)
|
||||
|
||||
def run(self, *args, **kwargs):
|
||||
@ -9,7 +9,7 @@ from authentik.events.models import (
|
||||
NotificationTransport,
|
||||
NotificationTransportError,
|
||||
)
|
||||
from authentik.lib.tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.policies.engine import PolicyEngine, PolicyEngineMode
|
||||
from authentik.policies.models import PolicyBinding
|
||||
from authentik.root.celery import CELERY_APP
|
||||
|
||||
@ -87,4 +87,4 @@ class TestEventsNotifications(TestCase):
|
||||
"authentik.events.models.NotificationTransport.send", execute_mock
|
||||
):
|
||||
Event.new(EventAction.CUSTOM_PREFIX).save()
|
||||
self.assertEqual(passes.call_count, 0)
|
||||
self.assertEqual(passes.call_count, 1)
|
||||
|
||||
@ -8,7 +8,7 @@ from django.db.models.base import Model
|
||||
from django.utils.text import slugify
|
||||
from structlog.stdlib import get_logger
|
||||
|
||||
from authentik.lib.tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.lib.utils.reflection import path_to_class
|
||||
from authentik.outposts.controllers.base import ControllerException
|
||||
from authentik.outposts.models import (
|
||||
@ -49,9 +49,15 @@ def outpost_service_connection_state(connection_pk: Any):
|
||||
@CELERY_APP.task(bind=True, base=MonitoredTask)
|
||||
def outpost_service_connection_monitor(self: MonitoredTask):
|
||||
"""Regularly check the state of Outpost Service Connections"""
|
||||
for connection in OutpostServiceConnection.objects.all():
|
||||
connections = OutpostServiceConnection.objects.all()
|
||||
for connection in connections.iterator():
|
||||
outpost_service_connection_state.delay(connection.pk)
|
||||
self.set_status(TaskResult(TaskResultStatus.SUCCESSFUL))
|
||||
self.set_status(
|
||||
TaskResult(
|
||||
TaskResultStatus.SUCCESSFUL,
|
||||
[f"Successfully updated {len(connections)} connections."],
|
||||
)
|
||||
)
|
||||
|
||||
|
||||
@CELERY_APP.task(bind=True, base=MonitoredTask)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
"""authentik policy engine"""
|
||||
from enum import Enum
|
||||
from multiprocessing import Pipe, set_start_method
|
||||
from multiprocessing import Pipe, current_process
|
||||
from multiprocessing.connection import Connection
|
||||
from typing import Iterator, List, Optional
|
||||
|
||||
@ -16,9 +16,7 @@ from authentik.policies.process import PolicyProcess, cache_key
|
||||
from authentik.policies.types import PolicyRequest, PolicyResult
|
||||
|
||||
LOGGER = get_logger()
|
||||
# This is only really needed for macOS, because Python 3.8 changed the default to spawn
|
||||
# spawn causes issues with objects that aren't picklable, and also the django setup
|
||||
set_start_method("fork")
|
||||
CURRENT_PROCESS = current_process()
|
||||
|
||||
|
||||
class PolicyProcessInfo:
|
||||
@ -117,14 +115,19 @@ class PolicyEngine:
|
||||
LOGGER.debug("P_ENG: Evaluating policy", policy=binding.policy)
|
||||
our_end, task_end = Pipe(False)
|
||||
task = PolicyProcess(binding, self.request, task_end)
|
||||
task.daemon = False
|
||||
LOGGER.debug("P_ENG: Starting Process", policy=binding.policy)
|
||||
task.start()
|
||||
if not CURRENT_PROCESS._config.get("daemon"):
|
||||
task.run()
|
||||
else:
|
||||
task.start()
|
||||
self.__processes.append(
|
||||
PolicyProcessInfo(process=task, connection=our_end, binding=binding)
|
||||
)
|
||||
# If all policies are cached, we have an empty list here.
|
||||
for proc_info in self.__processes:
|
||||
proc_info.process.join(proc_info.binding.timeout)
|
||||
if proc_info.process.is_alive():
|
||||
proc_info.process.join(proc_info.binding.timeout)
|
||||
# Only call .recv() if no result is saved, otherwise we just deadlock here
|
||||
if not proc_info.result:
|
||||
proc_info.result = proc_info.connection.recv()
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
"""authentik policy task"""
|
||||
from multiprocessing import Process
|
||||
from multiprocessing import get_context
|
||||
from multiprocessing.connection import Connection
|
||||
from traceback import format_tb
|
||||
from typing import Optional
|
||||
@ -28,7 +28,11 @@ def cache_key(binding: PolicyBinding, request: PolicyRequest) -> str:
|
||||
return prefix
|
||||
|
||||
|
||||
class PolicyProcess(Process):
|
||||
FORK_CTX = get_context("fork")
|
||||
PROCESS_CLASS = FORK_CTX.Process
|
||||
|
||||
|
||||
class PolicyProcess(PROCESS_CLASS):
|
||||
"""Evaluate a single policy within a seprate process"""
|
||||
|
||||
connection: Connection
|
||||
|
||||
@ -3,7 +3,7 @@ from django.core.cache import cache
|
||||
from structlog.stdlib import get_logger
|
||||
|
||||
from authentik.core.models import User
|
||||
from authentik.lib.tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.policies.reputation.models import IPReputation, UserReputation
|
||||
from authentik.policies.reputation.signals import (
|
||||
CACHE_KEY_IP_PREFIX,
|
||||
|
||||
@ -5,7 +5,7 @@ from django.core.cache import cache
|
||||
from django.utils.text import slugify
|
||||
from ldap3.core.exceptions import LDAPException
|
||||
|
||||
from authentik.lib.tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.root.celery import CELERY_APP
|
||||
from authentik.sources.ldap.models import LDAPSource
|
||||
from authentik.sources.ldap.sync import LDAPSynchronizer
|
||||
|
||||
@ -3,7 +3,7 @@ from django.utils.timezone import now
|
||||
from structlog.stdlib import get_logger
|
||||
|
||||
from authentik.core.models import User
|
||||
from authentik.lib.tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.lib.utils.time import timedelta_from_string
|
||||
from authentik.root.celery import CELERY_APP
|
||||
from authentik.sources.saml.models import SAMLSource
|
||||
|
||||
@ -9,7 +9,7 @@ from django.core.mail.utils import DNS_NAME
|
||||
from django.utils.text import slugify
|
||||
from structlog.stdlib import get_logger
|
||||
|
||||
from authentik.lib.tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
|
||||
from authentik.root.celery import CELERY_APP
|
||||
from authentik.stages.email.models import EmailStage
|
||||
|
||||
@ -31,6 +31,7 @@ def send_mails(stage: EmailStage, *messages: list[EmailMultiAlternatives]):
|
||||
autoretry_for=(
|
||||
SMTPException,
|
||||
ConnectionError,
|
||||
OSError,
|
||||
),
|
||||
retry_backoff=True,
|
||||
base=MonitoredTask,
|
||||
@ -44,7 +45,7 @@ def send_mail(
|
||||
self.set_uid(slugify(message_id.replace(".", "_").replace("@", "_")))
|
||||
try:
|
||||
if not email_stage_pk:
|
||||
stage: EmailStage = EmailStage()
|
||||
stage: EmailStage = EmailStage(use_global_settings=True)
|
||||
else:
|
||||
stage: EmailStage = EmailStage.objects.get(pk=email_stage_pk)
|
||||
backend = stage.backend
|
||||
|
||||
@ -31,7 +31,11 @@ def authenticate(
|
||||
|
||||
Customized version of django's authenticate, which accepts a list of backends"""
|
||||
for backend_path in backends:
|
||||
backend: BaseBackend = path_to_class(backend_path)()
|
||||
try:
|
||||
backend: BaseBackend = path_to_class(backend_path)()
|
||||
except ImportError:
|
||||
LOGGER.warning("Failed to import backend", path=backend_path)
|
||||
continue
|
||||
LOGGER.debug("Attempting authentication...", backend=backend)
|
||||
user = backend.authenticate(request, **credentials)
|
||||
if user is None:
|
||||
|
||||
@ -19,7 +19,7 @@ services:
|
||||
networks:
|
||||
- internal
|
||||
server:
|
||||
image: beryju/authentik:${AUTHENTIK_TAG:-2021.1.1-rc2}
|
||||
image: beryju/authentik:${AUTHENTIK_TAG:-2021.1.2-stable}
|
||||
command: server
|
||||
environment:
|
||||
AUTHENTIK_REDIS__HOST: redis
|
||||
@ -45,7 +45,7 @@ services:
|
||||
env_file:
|
||||
- .env
|
||||
worker:
|
||||
image: beryju/authentik:${AUTHENTIK_TAG:-2021.1.1-rc2}
|
||||
image: beryju/authentik:${AUTHENTIK_TAG:-2021.1.2-stable}
|
||||
command: worker
|
||||
networks:
|
||||
- internal
|
||||
@ -62,7 +62,7 @@ services:
|
||||
env_file:
|
||||
- .env
|
||||
static:
|
||||
image: beryju/authentik-static:${AUTHENTIK_TAG:-2021.1.1-rc2}
|
||||
image: beryju/authentik-static:${AUTHENTIK_TAG:-2021.1.2-stable}
|
||||
networks:
|
||||
- internal
|
||||
labels:
|
||||
|
||||
@ -4,7 +4,7 @@ name: authentik
|
||||
home: https://goauthentik.io
|
||||
sources:
|
||||
- https://github.com/BeryJu/authentik
|
||||
version: "2021.1.1-rc2"
|
||||
version: "2021.1.2-stable"
|
||||
icon: https://raw.githubusercontent.com/BeryJu/authentik/master/web/icons/icon.svg
|
||||
dependencies:
|
||||
- name: postgresql
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
|-----------------------------------|-------------------------|-------------|
|
||||
| image.name | beryju/authentik | Image used to run the authentik server and worker |
|
||||
| image.name_static | beryju/authentik-static | Image used to run the authentik static server (CSS and JS Files) |
|
||||
| image.tag | 2021.1.1-rc2 | Image tag |
|
||||
| image.tag | 2021.1.2-stable | Image tag |
|
||||
| image.pullPolicy | IfNotPresent | Image Pull Policy used for all deployments |
|
||||
| serverReplicas | 1 | Replicas for the Server deployment |
|
||||
| workerReplicas | 1 | Replicas for the Worker deployment |
|
||||
|
||||
@ -20,7 +20,7 @@ data:
|
||||
OUTPOSTS__DOCKER_IMAGE_BASE: "{{ .Values.image.name_outposts }}"
|
||||
EMAIL__HOST: "{{ .Values.config.email.host }}"
|
||||
EMAIL__PORT: "{{ .Values.config.email.port }}"
|
||||
EMAIL__USERNAM: "{{ .Values.config.email.username }}"
|
||||
EMAIL__USERNAME: "{{ .Values.config.email.username }}"
|
||||
EMAIL__USE_TLS: "{{ .Values.config.email.use_tls }}"
|
||||
EMAIL__USE_SSL: "{{ .Values.config.email.use_ssl }}"
|
||||
EMAIL__TIMEOUT: "{{ .Values.config.email.timeout }}"
|
||||
|
||||
@ -11,6 +11,6 @@ data:
|
||||
SECRET_KEY: {{ randAlphaNum 50 | b64enc | quote}}
|
||||
{{- end }}
|
||||
{{- if .Values.backup }}
|
||||
POSTGRESQL__S3_BACKUP__SECRET_KEY: "{{ .Values.backup.secretKey }}"
|
||||
POSTGRESQL__S3_BACKUP__SECRET_KEY: "{{ .Values.backup.secretKey | b64enc }}"
|
||||
{{- end}}
|
||||
EMAIL__PASSWOR: "{{ .Values.config.email.password }}"
|
||||
EMAIL__PASSWORD: "{{ .Values.config.email.password | b64enc }}"
|
||||
|
||||
@ -74,12 +74,10 @@ spec:
|
||||
- configMapRef:
|
||||
name: {{ include "authentik.fullname" . }}-config
|
||||
prefix: AUTHENTIK_
|
||||
- secretRef:
|
||||
name: {{ include "authentik.fullname" . }}-secret-key
|
||||
prefix: AUTHENTIK_
|
||||
env:
|
||||
- name: AUTHENTIK_SECRET_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ include "authentik.fullname" . }}-secret-key"
|
||||
key: "secret_key"
|
||||
- name: AUTHENTIK_REDIS__PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
@ -117,7 +115,7 @@ spec:
|
||||
memory: 300M
|
||||
limits:
|
||||
cpu: 300m
|
||||
memory: 600MiB
|
||||
memory: 600M
|
||||
volumes:
|
||||
- name: authentik-uploads
|
||||
persistentVolumeClaim:
|
||||
|
||||
@ -5,7 +5,7 @@ image:
|
||||
name: beryju/authentik
|
||||
name_static: beryju/authentik-static
|
||||
name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
|
||||
tag: 2021.1.1-rc2
|
||||
tag: 2021.1.2-stable
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
serverReplicas: 1
|
||||
|
||||
@ -1,3 +1,3 @@
|
||||
package pkg
|
||||
|
||||
const VERSION = "2021.1.1-rc2"
|
||||
const VERSION = "2021.1.2-stable"
|
||||
|
||||
@ -7584,6 +7584,8 @@ definitions:
|
||||
- policy_execution
|
||||
- policy_exception
|
||||
- property_mapping_exception
|
||||
- system_task_execution
|
||||
- system_task_exception
|
||||
- configuration_error
|
||||
- model_created
|
||||
- model_updated
|
||||
@ -8300,6 +8302,8 @@ definitions:
|
||||
- policy_execution
|
||||
- policy_exception
|
||||
- property_mapping_exception
|
||||
- system_task_execution
|
||||
- system_task_exception
|
||||
- configuration_error
|
||||
- model_created
|
||||
- model_updated
|
||||
|
||||
36
web/package-lock.json
generated
36
web/package-lock.json
generated
@ -38,9 +38,9 @@
|
||||
}
|
||||
},
|
||||
"@eslint/eslintrc": {
|
||||
"version": "0.2.2",
|
||||
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.2.2.tgz",
|
||||
"integrity": "sha512-EfB5OHNYp1F4px/LI/FEnGylop7nOqkQ1LRzCM0KccA2U8tvV8w01KBv37LbO7nW4H+YhKyo2LcJhRwjjV17QQ==",
|
||||
"version": "0.3.0",
|
||||
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.3.0.tgz",
|
||||
"integrity": "sha512-1JTKgrOKAHVivSvOYw+sJOunkBjUOvjqWk1DPja7ZFhIS2mX/4EgTT8M7eTK9jrKhL/FvXXEbQwIs3pg1xp3dg==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"ajv": "^6.12.4",
|
||||
@ -50,7 +50,7 @@
|
||||
"ignore": "^4.0.6",
|
||||
"import-fresh": "^3.2.1",
|
||||
"js-yaml": "^3.13.1",
|
||||
"lodash": "^4.17.19",
|
||||
"lodash": "^4.17.20",
|
||||
"minimatch": "^3.0.4",
|
||||
"strip-json-comments": "^3.1.1"
|
||||
},
|
||||
@ -1074,13 +1074,13 @@
|
||||
"dev": true
|
||||
},
|
||||
"eslint": {
|
||||
"version": "7.17.0",
|
||||
"resolved": "https://registry.npmjs.org/eslint/-/eslint-7.17.0.tgz",
|
||||
"integrity": "sha512-zJk08MiBgwuGoxes5sSQhOtibZ75pz0J35XTRlZOk9xMffhpA9BTbQZxoXZzOl5zMbleShbGwtw+1kGferfFwQ==",
|
||||
"version": "7.18.0",
|
||||
"resolved": "https://registry.npmjs.org/eslint/-/eslint-7.18.0.tgz",
|
||||
"integrity": "sha512-fbgTiE8BfUJZuBeq2Yi7J3RB3WGUQ9PNuNbmgi6jt9Iv8qrkxfy19Ds3OpL1Pm7zg3BtTVhvcUZbIRQ0wmSjAQ==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"@babel/code-frame": "^7.0.0",
|
||||
"@eslint/eslintrc": "^0.2.2",
|
||||
"@eslint/eslintrc": "^0.3.0",
|
||||
"ajv": "^6.10.0",
|
||||
"chalk": "^4.0.0",
|
||||
"cross-spawn": "^7.0.2",
|
||||
@ -1104,7 +1104,7 @@
|
||||
"js-yaml": "^3.13.1",
|
||||
"json-stable-stringify-without-jsonify": "^1.0.1",
|
||||
"levn": "^0.4.1",
|
||||
"lodash": "^4.17.19",
|
||||
"lodash": "^4.17.20",
|
||||
"minimatch": "^3.0.4",
|
||||
"natural-compare": "^1.4.0",
|
||||
"optionator": "^0.9.1",
|
||||
@ -2674,9 +2674,9 @@
|
||||
}
|
||||
},
|
||||
"rollup": {
|
||||
"version": "2.36.1",
|
||||
"resolved": "https://registry.npmjs.org/rollup/-/rollup-2.36.1.tgz",
|
||||
"integrity": "sha512-eAfqho8dyzuVvrGqpR0ITgEdq0zG2QJeWYh+HeuTbpcaXk8vNFc48B7bJa1xYosTCKx0CuW+447oQOW8HgBIZQ==",
|
||||
"version": "2.36.2",
|
||||
"resolved": "https://registry.npmjs.org/rollup/-/rollup-2.36.2.tgz",
|
||||
"integrity": "sha512-qjjiuJKb+/8n0EZyQYVW+gFU4bNRBcZaXVzUgSVrGw0HlQBlK2aWyaOMMs1Ufic1jV69b9kW3u3i9B+hISDm3A==",
|
||||
"requires": {
|
||||
"fsevents": "~2.1.2"
|
||||
}
|
||||
@ -3191,9 +3191,9 @@
|
||||
}
|
||||
},
|
||||
"table": {
|
||||
"version": "6.0.6",
|
||||
"resolved": "https://registry.npmjs.org/table/-/table-6.0.6.tgz",
|
||||
"integrity": "sha512-OInCtPmDNieVBkVFi6C8RwU2S2H0h8mF3e3TQK4nreaUNCpooQUkI+A/KuEkm5FawfhWIfNqG+qfelVVR+V00g==",
|
||||
"version": "6.0.7",
|
||||
"resolved": "https://registry.npmjs.org/table/-/table-6.0.7.tgz",
|
||||
"integrity": "sha512-rxZevLGTUzWna/qBLObOe16kB2RTnnbhciwgPbMMlazz1yZGVEgnZK762xyVdVznhqxrfCeBMmMkgOOaPwjH7g==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"ajv": "^7.0.2",
|
||||
@ -3415,9 +3415,9 @@
|
||||
"dev": true
|
||||
},
|
||||
"uri-js": {
|
||||
"version": "4.4.0",
|
||||
"resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.0.tgz",
|
||||
"integrity": "sha512-B0yRTzYdUCCn9n+F4+Gh4yIDtMQcaJsmYBDsTSG8g/OejKBodLQ2IHfN3bM7jUsRXndopT7OIXWdYqc1fjmV6g==",
|
||||
"version": "4.4.1",
|
||||
"resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz",
|
||||
"integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"punycode": "^2.1.0"
|
||||
|
||||
@ -19,7 +19,7 @@
|
||||
"flowchart.js": "^1.15.0",
|
||||
"lit-element": "^2.4.0",
|
||||
"lit-html": "^1.3.0",
|
||||
"rollup": "^2.36.1",
|
||||
"rollup": "^2.36.2",
|
||||
"rollup-plugin-copy": "^3.3.0",
|
||||
"rollup-plugin-cssimport": "^1.0.2",
|
||||
"rollup-plugin-external-globals": "^0.6.1",
|
||||
@ -29,7 +29,7 @@
|
||||
"@rollup/plugin-typescript": "^8.1.0",
|
||||
"@typescript-eslint/eslint-plugin": "^4.13.0",
|
||||
"@typescript-eslint/parser": "^4.13.0",
|
||||
"eslint": "^7.17.0",
|
||||
"eslint": "^7.18.0",
|
||||
"eslint-config-google": "^0.14.0",
|
||||
"eslint-plugin-lit": "^1.3.0",
|
||||
"rollup-plugin-commonjs": "^10.1.0",
|
||||
|
||||
@ -81,7 +81,7 @@ select[multiple] {
|
||||
font-size: var(--pf-global--FontSize--sm);
|
||||
}
|
||||
|
||||
.pf-c-page__main {
|
||||
.pf-c-page__main, .pf-c-drawer__content, .pf-c-page__drawer {
|
||||
z-index: auto !important;
|
||||
}
|
||||
|
||||
|
||||
@ -28,4 +28,4 @@ export const ColorStyles = css`
|
||||
background-color: var(--pf-global--danger-color--100);
|
||||
}
|
||||
`;
|
||||
export const VERSION = "2021.1.1-rc2";
|
||||
export const VERSION = "2021.1.2-stable";
|
||||
|
||||
@ -15,7 +15,7 @@ Download the latest `docker-compose.yml` from [here](https://raw.githubuserconte
|
||||
|
||||
To optionally enable error-reporting, run `echo AUTHENTIK_ERROR_REPORTING__ENABLED=true >> .env`
|
||||
|
||||
To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.1.1-rc2 >> .env`
|
||||
To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.1.2-stable >> .env`
|
||||
|
||||
If this is a fresh authentik install run the following commands to generate a password:
|
||||
|
||||
|
||||
@ -24,7 +24,7 @@ image:
|
||||
name: beryju/authentik
|
||||
name_static: beryju/authentik-static
|
||||
name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
|
||||
tag: 2021.1.1-rc2
|
||||
tag: 2021.1.2-stable
|
||||
|
||||
serverReplicas: 1
|
||||
workerReplicas: 1
|
||||
|
||||
@ -33,7 +33,7 @@ This release does not introduce any new requirements.
|
||||
|
||||
### docker-compose
|
||||
|
||||
Download the latest docker-compose file from [here](https://raw.githubusercontent.com/BeryJu/authentik/version-2021.1.1/docker-compose.yml). Afterwards, simply run `docker-compose up -d` and then the standard upgrade command of `docker-compose run --rm server migrate`.
|
||||
Download the latest docker-compose file from [here](https://raw.githubusercontent.com/BeryJu/authentik/version-2021.1/docker-compose.yml). Afterwards, simply run `docker-compose up -d` and then the standard upgrade command of `docker-compose run --rm server migrate`.
|
||||
|
||||
### Kubernetes
|
||||
|
||||
|
||||
Reference in New Issue
Block a user