*: default to max 60 for fqdn_rand

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-20 20:07:25 +02:00 · 2022-04-20 20:07:25 +02:00 · 0b4ac54363
parent 1a1434bfda
commit 0b4ac54363
7 changed files with 10 additions and 11 deletions
--- a/authentik/admin/settings.py
+++ b/authentik/admin/settings.py
@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand
 CELERY_BEAT_SCHEDULE = {
    "admin_latest_version": {
        "task": "authentik.admin.tasks.update_latest_version",
-        "schedule": crontab(minute=fqdn_rand("admin_latest_version", 60), hour="*"),
+        "schedule": crontab(minute=fqdn_rand("admin_latest_version"), hour="*"),
        "options": {"queue": "authentik_scheduled"},
    }
 }
--- a/authentik/crypto/settings.py
+++ b/authentik/crypto/settings.py
@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand
 CELERY_BEAT_SCHEDULE = {
    "crypto_certificate_discovery": {
        "task": "authentik.crypto.tasks.certificate_discovery",
-        "schedule": crontab(minute=fqdn_rand("crypto_certificate_discovery", 60), hour="*"),
+        "schedule": crontab(minute=fqdn_rand("crypto_certificate_discovery"), hour="*"),
        "options": {"queue": "authentik_scheduled"},
    },
 }
--- a/authentik/lib/utils/time.py
+++ b/authentik/lib/utils/time.py
@ -4,7 +4,6 @@ from hashlib import sha256
 from random import randrange, seed
 from socket import getfqdn

-from celery.schedules import crontab
 from django.core.exceptions import ValidationError
 from django.utils.translation import gettext_lazy as _

@ -44,10 +43,10 @@ def timedelta_from_string(expr: str) -> datetime.timedelta:
    return datetime.timedelta(**kwargs)


-def fqdn_rand(task: str, max: int) -> int:
+def fqdn_rand(task: str, stop: int = 60) -> int:
    """Get a random number within max based on the FQDN and task name"""
    entropy = f"{getfqdn()}:{task}"
    hasher = sha256()
    hasher.update(entropy.encode("utf-8"))
    seed(hasher.hexdigest())
-    return randrange(0, max)  # nosec
+    return randrange(0, stop)  # nosec
--- a/authentik/managed/settings.py
+++ b/authentik/managed/settings.py
@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand
 CELERY_BEAT_SCHEDULE = {
    "managed_reconcile": {
        "task": "authentik.managed.tasks.managed_reconcile",
-        "schedule": crontab(minute=fqdn_rand("managed_reconcile", 60), hour="*/4"),
+        "schedule": crontab(minute=fqdn_rand("managed_reconcile"), hour="*/4"),
        "options": {"queue": "authentik_scheduled"},
    },
 }
--- a/authentik/outposts/settings.py
+++ b/authentik/outposts/settings.py
@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand
 CELERY_BEAT_SCHEDULE = {
    "outposts_controller": {
        "task": "authentik.outposts.tasks.outpost_controller_all",
-        "schedule": crontab(minute=fqdn_rand("outposts_controller", 60), hour="*/4"),
+        "schedule": crontab(minute=fqdn_rand("outposts_controller"), hour="*/4"),
        "options": {"queue": "authentik_scheduled"},
    },
    "outposts_service_connection_check": {
@ -16,12 +16,12 @@ CELERY_BEAT_SCHEDULE = {
    },
    "outpost_token_ensurer": {
        "task": "authentik.outposts.tasks.outpost_token_ensurer",
-        "schedule": crontab(minute=fqdn_rand("outpost_token_ensurer", 60), hour="*/8"),
+        "schedule": crontab(minute=fqdn_rand("outpost_token_ensurer"), hour="*/8"),
        "options": {"queue": "authentik_scheduled"},
    },
    "outpost_local_connection": {
        "task": "authentik.outposts.tasks.outpost_local_connection",
-        "schedule": crontab(minute=fqdn_rand("outpost_local_connection", 60), hour="*/8"),
+        "schedule": crontab(minute=fqdn_rand("outpost_local_connection"), hour="*/8"),
        "options": {"queue": "authentik_scheduled"},
    },
 }
--- a/authentik/sources/ldap/settings.py
+++ b/authentik/sources/ldap/settings.py
@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand
 CELERY_BEAT_SCHEDULE = {
    "sources_ldap_sync": {
        "task": "authentik.sources.ldap.tasks.ldap_sync_all",
-        "schedule": crontab(minute=fqdn_rand("sources_ldap_sync", 60), hour="*/2"),
+        "schedule": crontab(minute=fqdn_rand("sources_ldap_sync"), hour="*/2"),
        "options": {"queue": "authentik_scheduled"},
    }
 }
--- a/authentik/sources/plex/settings.py
+++ b/authentik/sources/plex/settings.py
@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand
 CELERY_BEAT_SCHEDULE = {
    "check_plex_token": {
        "task": "authentik.sources.plex.tasks.check_plex_token_all",
-        "schedule": crontab(minute=fqdn_rand("check_plex_token", 60), hour="*/3"),
+        "schedule": crontab(minute=fqdn_rand("check_plex_token"), hour="*/3"),
        "options": {"queue": "authentik_scheduled"},
    },
 }