outposts: fix docker controller not using object_naming_template

closes #1682 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-27 15:04:59 +02:00 · 2021-10-27 15:04:59 +02:00 · 61d3df5f02
parent 971de4fcb9
commit 61d3df5f02
2 changed files with 27 additions and 5 deletions
--- a/authentik/outposts/controllers/docker.py
+++ b/authentik/outposts/controllers/docker.py
@ -2,6 +2,7 @@
 from time import sleep

 from django.conf import settings
+from django.utils.text import slugify
 from docker import DockerClient
 from docker.errors import DockerException, NotFound
 from docker.models.containers import Container
@ -28,6 +29,17 @@ class DockerController(BaseController):
        except ServiceConnectionInvalid as exc:
            raise ControllerException from exc

+    @property
+    def name(self) -> str:
+        """Get the name of the object this reconciler manages"""
+        return (
+            self.outpost.config.object_naming_template
+            % {
+                "name": slugify(self.outpost.name),
+                "uuid": self.outpost.uuid.hex,
+            }
+        ).lower()
+
    def _get_labels(self) -> dict[str, str]:
        return {
            "io.goauthentik.outpost-uuid": self.outpost.pk.hex,
@ -102,15 +114,14 @@ class DockerController(BaseController):
        return image

    def _get_container(self) -> tuple[Container, bool]:
-        container_name = f"authentik-proxy-{self.outpost.uuid.hex}"
        try:
-            return self.client.containers.get(container_name), False
+            return self.client.containers.get(self.name), False
        except NotFound:
            self.logger.info("(Re-)creating container...")
            image_name = self.try_pull_image()
            container_args = {
                "image": image_name,
-                "name": container_name,
+                "name": self.name,
                "detach": True,
                "environment": self._get_env(),
                "labels": self._get_labels(),
@ -131,12 +142,23 @@ class DockerController(BaseController):
                True,
            )

+    def _migrate_container_name(self):
+        """Migrate 2021.9 to 2021.10+"""
+        old_name = f"authentik-proxy-{self.outpost.uuid.hex}"
+        try:
+            old_container: Container = self.client.containers.get(old_name)
+            old_container.kill()
+            old_container.remove()
+        except NotFound:
+            return
+
    # pylint: disable=too-many-return-statements
    def up(self, depth=1):
        if self.outpost.managed == MANAGED_OUTPOST:
            return None
        if depth >= 10:
            raise ControllerException("Giving up since we exceeded recursion limit.")
+        self._migrate_container_name()
        try:
            container, has_been_created = self._get_container()
            if has_been_created:
--- a/website/docs/outposts/outposts.md
+++ b/website/docs/outposts/outposts.md
@ -39,11 +39,11 @@ authentik_host: https://authentik.tld/
 authentik_host_insecure: false
 # Optionally specify a different URL used for user-facing interactions
 authentik_host_browser:
-# Template used for objects created (deployments, services, secrets, etc)
+# Template used for objects created (deployments/containers, services, secrets, etc)
 object_naming_template: ak-outpost-%(name)s
 # Use a specific docker image for this outpost rather than the default. This also applies to Kubernetes
 # outposts.
-conatiner_image:
+container_image:
 ########################################
 # Docker outpost specific settings
 ########################################