From 61d3df5f0260ae0b1e45ed78d33818799f410961 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Wed, 27 Oct 2021 15:04:59 +0200 Subject: [PATCH] outposts: fix docker controller not using object_naming_template closes #1682 Signed-off-by: Jens Langhammer --- authentik/outposts/controllers/docker.py | 28 +++++++++++++++++++++--- website/docs/outposts/outposts.md | 4 ++-- 2 files changed, 27 insertions(+), 5 deletions(-) diff --git a/authentik/outposts/controllers/docker.py b/authentik/outposts/controllers/docker.py index c7192c8d6..a816cf323 100644 --- a/authentik/outposts/controllers/docker.py +++ b/authentik/outposts/controllers/docker.py @@ -2,6 +2,7 @@ from time import sleep from django.conf import settings +from django.utils.text import slugify from docker import DockerClient from docker.errors import DockerException, NotFound from docker.models.containers import Container @@ -28,6 +29,17 @@ class DockerController(BaseController): except ServiceConnectionInvalid as exc: raise ControllerException from exc + @property + def name(self) -> str: + """Get the name of the object this reconciler manages""" + return ( + self.outpost.config.object_naming_template + % { + "name": slugify(self.outpost.name), + "uuid": self.outpost.uuid.hex, + } + ).lower() + def _get_labels(self) -> dict[str, str]: return { "io.goauthentik.outpost-uuid": self.outpost.pk.hex, @@ -102,15 +114,14 @@ class DockerController(BaseController): return image def _get_container(self) -> tuple[Container, bool]: - container_name = f"authentik-proxy-{self.outpost.uuid.hex}" try: - return self.client.containers.get(container_name), False + return self.client.containers.get(self.name), False except NotFound: self.logger.info("(Re-)creating container...") image_name = self.try_pull_image() container_args = { "image": image_name, - "name": container_name, + "name": self.name, "detach": True, "environment": self._get_env(), "labels": self._get_labels(), @@ -131,12 +142,23 @@ class DockerController(BaseController): True, ) + def _migrate_container_name(self): + """Migrate 2021.9 to 2021.10+""" + old_name = f"authentik-proxy-{self.outpost.uuid.hex}" + try: + old_container: Container = self.client.containers.get(old_name) + old_container.kill() + old_container.remove() + except NotFound: + return + # pylint: disable=too-many-return-statements def up(self, depth=1): if self.outpost.managed == MANAGED_OUTPOST: return None if depth >= 10: raise ControllerException("Giving up since we exceeded recursion limit.") + self._migrate_container_name() try: container, has_been_created = self._get_container() if has_been_created: diff --git a/website/docs/outposts/outposts.md b/website/docs/outposts/outposts.md index 5e3a7fadb..ebcc03bb4 100644 --- a/website/docs/outposts/outposts.md +++ b/website/docs/outposts/outposts.md @@ -39,11 +39,11 @@ authentik_host: https://authentik.tld/ authentik_host_insecure: false # Optionally specify a different URL used for user-facing interactions authentik_host_browser: -# Template used for objects created (deployments, services, secrets, etc) +# Template used for objects created (deployments/containers, services, secrets, etc) object_naming_template: ak-outpost-%(name)s # Use a specific docker image for this outpost rather than the default. This also applies to Kubernetes # outposts. -conatiner_image: +container_image: ######################################## # Docker outpost specific settings ########################################