From 25c001f2cdfb634f790e71a2ab344ee1aa767258 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 29 Apr 2021 20:07:53 +0200 Subject: [PATCH] outposts: allow better configuration of outpost image name Signed-off-by: Jens Langhammer --- .gitignore | 2 ++ authentik/lib/default.yml | 5 ++++- authentik/outposts/controllers/base.py | 9 +++++++++ authentik/outposts/controllers/docker.py | 8 +++----- authentik/outposts/controllers/k8s/deployment.py | 6 ++---- helm/README.md | 1 + helm/values.yaml | 5 ++++- website/docs/installation/beta.mdx | 4 ++-- website/docs/installation/kubernetes.md | 5 ++++- 9 files changed, 31 insertions(+), 14 deletions(-) diff --git a/.gitignore b/.gitignore index 5dbd19ad2..04635c664 100644 --- a/.gitignore +++ b/.gitignore @@ -202,3 +202,5 @@ selenium_screenshots/ backups/ media/ *mmdb + +.idea/ diff --git a/authentik/lib/default.yml b/authentik/lib/default.yml index 27be37620..6785ad32c 100644 --- a/authentik/lib/default.yml +++ b/authentik/lib/default.yml @@ -34,7 +34,10 @@ email: from: authentik@localhost outposts: - docker_image_base: "beryju/authentik" # this is prepended to -proxy:version + # Placeholders: + # %(type)s: Outpost type; proxy, ldap, etc + # %(version)s: Current version; 2021.4.1 + docker_image_base: "beryju/authentik-%(type)s:%(version)s" authentik: avatars: gravatar # gravatar or none diff --git a/authentik/outposts/controllers/base.py b/authentik/outposts/controllers/base.py index 22d1a1177..92a3ef710 100644 --- a/authentik/outposts/controllers/base.py +++ b/authentik/outposts/controllers/base.py @@ -4,6 +4,8 @@ from dataclasses import dataclass from structlog.stdlib import get_logger from structlog.testing import capture_logs +from authentik import __version__ +from authentik.lib.config import CONFIG from authentik.lib.sentry import SentryIgnoredException from authentik.outposts.models import Outpost, OutpostServiceConnection @@ -55,3 +57,10 @@ class BaseController: def get_static_deployment(self) -> str: """Return a static deployment configuration""" raise NotImplementedError + + def get_container_image(self) -> str: + """Get container image to use for this outpost""" + image_name_template: str = CONFIG.y("outposts.docker_image_base") + return image_name_template.format( + {"type": self.outpost.type, "version": __version__} + ) diff --git a/authentik/outposts/controllers/docker.py b/authentik/outposts/controllers/docker.py index 0d7ea5630..74bc288b6 100644 --- a/authentik/outposts/controllers/docker.py +++ b/authentik/outposts/controllers/docker.py @@ -8,7 +8,6 @@ from docker.models.containers import Container from yaml import safe_dump from authentik import __version__ -from authentik.lib.config import CONFIG from authentik.outposts.controllers.base import BaseController, ControllerException from authentik.outposts.models import ( DockerServiceConnection, @@ -60,8 +59,7 @@ class DockerController(BaseController): return self.client.containers.get(container_name), False except NotFound: self.logger.info("Container does not exist, creating") - image_prefix = CONFIG.y("outposts.docker_image_base") - image_name = f"{image_prefix}-{self.outpost.type}:{__version__}" + image_name = self.get_container_image() self.client.images.pull(image_name) container_args = { "image": image_name, @@ -146,12 +144,12 @@ class DockerController(BaseController): f"{port.port}:{port.port}/{port.protocol.lower()}" for port in self.deployment_ports ] - image_prefix = CONFIG.y("outposts.docker_image_base") + image_name = self.get_container_image() compose = { "version": "3.5", "services": { f"authentik_{self.outpost.type}": { - "image": f"{image_prefix}-{self.outpost.type}:{__version__}", + "image": image_name, "ports": ports, "environment": { "AUTHENTIK_HOST": self.outpost.config.authentik_host, diff --git a/authentik/outposts/controllers/k8s/deployment.py b/authentik/outposts/controllers/k8s/deployment.py index c01a00881..d82d56026 100644 --- a/authentik/outposts/controllers/k8s/deployment.py +++ b/authentik/outposts/controllers/k8s/deployment.py @@ -16,8 +16,6 @@ from kubernetes.client import ( V1SecretKeySelector, ) -from authentik import __version__ -from authentik.lib.config import CONFIG from authentik.outposts.controllers.base import FIELD_MANAGER from authentik.outposts.controllers.k8s.base import ( KubernetesObjectReconciler, @@ -75,7 +73,7 @@ class DeploymentReconciler(KubernetesObjectReconciler[V1Deployment]): ) meta = self.get_object_meta(name=self.name) secret_name = f"authentik-outpost-{self.controller.outpost.uuid.hex}-api" - image_prefix = CONFIG.y("outposts.docker_image_base") + image_name = self.controller.get_container_image() return V1Deployment( metadata=meta, spec=V1DeploymentSpec( @@ -87,7 +85,7 @@ class DeploymentReconciler(KubernetesObjectReconciler[V1Deployment]): containers=[ V1Container( name=str(self.outpost.type), - image=f"{image_prefix}-{self.outpost.type}:{__version__}", + image=image_name, ports=container_ports, env=[ V1EnvVar( diff --git a/helm/README.md b/helm/README.md index fbb2aadb2..a9eab3781 100644 --- a/helm/README.md +++ b/helm/README.md @@ -4,6 +4,7 @@ |-----------------------------------|-------------------------|-------------| | image.name | beryju/authentik | Image used to run the authentik server and worker | | image.name_static | beryju/authentik-static | Image used to run the authentik static server (CSS and JS Files) | +| image.name_outposts | beryju/authentik-%(type)s:%(version)s | Image used for managed outposts. Placeholders: %(type)s: Outpost type; proxy, ldap, etc. %(version)s: Current version; 2021.4.1 | | image.tag | 2021.4.4 | Image tag | | image.pullPolicy | IfNotPresent | Image Pull Policy used for all deployments | | serverReplicas | 1 | Replicas for the Server deployment | diff --git a/helm/values.yaml b/helm/values.yaml index 640cd8d83..e4677d9cf 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -4,7 +4,10 @@ image: name: beryju/authentik name_static: beryju/authentik-static - name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended + # Image used for managed outposts. Placeholders: + # %(type)s: Outpost type; proxy, ldap, etc + # %(version)s: Current version; 2021.4.1 + name_outposts: "beryju/authentik-%(type)s:%(version)s" tag: 2021.4.4 pullPolicy: IfNotPresent diff --git a/website/docs/installation/beta.mdx b/website/docs/installation/beta.mdx index e820faf44..d93a62c30 100644 --- a/website/docs/installation/beta.mdx +++ b/website/docs/installation/beta.mdx @@ -20,7 +20,7 @@ Add the following block to your `.env` file: AUTHENTIK_IMAGE=docker.beryju.org/authentik/server AUTHENTIK_IMAGE_STATIC=docker.beryju.org/authentik/static AUTHENTIK_TAG=gh-next -AUTHENTIK_OUTPOSTS__DOCKER_IMAGE_BASE=docker.beryju.org/authentik/outpost +AUTHENTIK_OUTPOSTS__DOCKER_IMAGE_BASE=docker.beryju.org/authentik/outpost-%(type)s:gh-next ``` Afterwards, run the upgrade commands from the latest releasae notes. @@ -32,7 +32,7 @@ Add the following block to your `values.yml` file: image: name: docker.beryju.org/authentik/server name_static: docker.beryju.org/authentik/static - name_outposts: docker.beryju.org/authentik/outpost + name_outposts: docker.beryju.org/authentik/outpost-%(type)s:gh-next tag: gh-next # pullPolicy: Always to ensure you always get the latest version pullPolicy: Always diff --git a/website/docs/installation/kubernetes.md b/website/docs/installation/kubernetes.md index 90ff4978a..b93b3095e 100644 --- a/website/docs/installation/kubernetes.md +++ b/website/docs/installation/kubernetes.md @@ -37,7 +37,10 @@ It is also recommended to configure global email credentials. These are used by image: name: beryju/authentik name_static: beryju/authentik-static - name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended + # Image used for managed outposts. Placeholders: + # %(type)s: Outpost type; proxy, ldap, etc + # %(version)s: Current version; 2021.4.1 + name_outposts: "beryju/authentik-%(type)s:%(version)s" tag: 2021.4.4 serverReplicas: 1