Merge branch 'main' into multi-tenant-django-tenants

This commit is contained in:
Marc 'risson' Schmitt 2024-01-11 14:38:50 +01:00
commit 6a11b24896
No known key found for this signature in database
GPG Key ID: 9C3FA22FABF1AA8D
17 changed files with 141 additions and 160 deletions

View File

@ -35,6 +35,7 @@ updates:
sentry: sentry:
patterns: patterns:
- "@sentry/*" - "@sentry/*"
- "@spotlightjs/*"
babel: babel:
patterns: patterns:
- "@babel/*" - "@babel/*"
@ -66,6 +67,7 @@ updates:
sentry: sentry:
patterns: patterns:
- "@sentry/*" - "@sentry/*"
- "@spotlightjs/*"
babel: babel:
patterns: patterns:
- "@babel/*" - "@babel/*"

View File

@ -61,9 +61,6 @@ IGNORED_MODELS = (
def should_log_model(model: Model) -> bool: def should_log_model(model: Model) -> bool:
"""Return true if operation on `model` should be logged""" """Return true if operation on `model` should be logged"""
# Check for silk by string so this comparison doesn't fail when silk isn't installed
if model.__module__.startswith("silk"):
return False
return model.__class__ not in IGNORED_MODELS return model.__class__ not in IGNORED_MODELS

View File

@ -96,7 +96,6 @@ def get_logger_config():
"kubernetes": "INFO", "kubernetes": "INFO",
"asyncio": "WARNING", "asyncio": "WARNING",
"redis": "WARNING", "redis": "WARNING",
"silk": "INFO",
"fsevents": "WARNING", "fsevents": "WARNING",
"uvicorn": "WARNING", "uvicorn": "WARNING",
"gunicorn": "INFO", "gunicorn": "INFO",

View File

@ -60,6 +60,8 @@ def sentry_init(**sentry_init_kwargs):
}, },
} }
kwargs.update(**sentry_init_kwargs) kwargs.update(**sentry_init_kwargs)
if settings.DEBUG:
kwargs["spotlight"] = True
# pylint: disable=abstract-class-instantiated # pylint: disable=abstract-class-instantiated
sentry_sdk_init( sentry_sdk_init(
dsn=CONFIG.get("error_reporting.sentry_dsn"), dsn=CONFIG.get("error_reporting.sentry_dsn"),

View File

@ -480,8 +480,6 @@ _update_settings("data.user_settings")
if DEBUG: if DEBUG:
CELERY["task_always_eager"] = True CELERY["task_always_eager"] = True
os.environ[ENV_GIT_HASH_KEY] = "dev" os.environ[ENV_GIT_HASH_KEY] = "dev"
SHARED_APPS.append("silk")
MIDDLEWARE = ["silk.middleware.SilkyMiddleware"] + MIDDLEWARE
REST_FRAMEWORK["DEFAULT_RENDERER_CLASSES"].append( REST_FRAMEWORK["DEFAULT_RENDERER_CLASSES"].append(
"rest_framework.renderers.BrowsableAPIRenderer" "rest_framework.renderers.BrowsableAPIRenderer"
) )

View File

@ -1,5 +1,4 @@
"""authentik URL Configuration""" """authentik URL Configuration"""
from django.conf import settings
from django.urls import include, path from django.urls import include, path
from structlog.stdlib import get_logger from structlog.stdlib import get_logger
@ -48,8 +47,3 @@ urlpatterns += [
path("-/health/live/", LiveView.as_view(), name="health-live"), path("-/health/live/", LiveView.as_view(), name="health-live"),
path("-/health/ready/", ReadyView.as_view(), name="health-ready"), path("-/health/ready/", ReadyView.as_view(), name="health-ready"),
] ]
if settings.DEBUG:
urlpatterns += [
path("debug/silk/", include("silk.urls", namespace="silk")),
]

4
go.mod
View File

@ -4,9 +4,8 @@ go 1.21
require ( require (
beryju.io/ldap v0.1.0 beryju.io/ldap v0.1.0
github.com/Netflix/go-env v0.0.0-20210215222557-e437a7e7f9fb
github.com/coreos/go-oidc v2.2.1+incompatible github.com/coreos/go-oidc v2.2.1+incompatible
github.com/getsentry/sentry-go v0.25.0 github.com/getsentry/sentry-go v0.26.0
github.com/go-http-utils/etag v0.0.0-20161124023236-513ea8f21eb1 github.com/go-http-utils/etag v0.0.0-20161124023236-513ea8f21eb1
github.com/go-ldap/ldap/v3 v3.4.6 github.com/go-ldap/ldap/v3 v3.4.6
github.com/go-openapi/runtime v0.26.2 github.com/go-openapi/runtime v0.26.2
@ -24,6 +23,7 @@ require (
github.com/pires/go-proxyproto v0.7.0 github.com/pires/go-proxyproto v0.7.0
github.com/prometheus/client_golang v1.18.0 github.com/prometheus/client_golang v1.18.0
github.com/redis/go-redis/v9 v9.4.0 github.com/redis/go-redis/v9 v9.4.0
github.com/sethvargo/go-envconfig v1.0.0
github.com/sirupsen/logrus v1.9.3 github.com/sirupsen/logrus v1.9.3
github.com/spf13/cobra v1.8.0 github.com/spf13/cobra v1.8.0
github.com/stretchr/testify v1.8.4 github.com/stretchr/testify v1.8.4

12
go.sum
View File

@ -37,8 +37,6 @@ github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
github.com/Netflix/go-env v0.0.0-20210215222557-e437a7e7f9fb h1:w9IDEB7P1VzNcBpOG7kMpFkZp2DkyJIUt0gDx5MBhRU=
github.com/Netflix/go-env v0.0.0-20210215222557-e437a7e7f9fb/go.mod h1:9XMFaCeRyW7fC9XJOWQ+NdAv8VLG7ys7l3x4ozEGLUQ=
github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74 h1:Kk6a4nehpJ3UuJRqlA3JxYxBZEqCeOmATOvrbT4p9RA= github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74 h1:Kk6a4nehpJ3UuJRqlA3JxYxBZEqCeOmATOvrbT4p9RA=
github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4= github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4=
github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
@ -73,8 +71,8 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk=
github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/getsentry/sentry-go v0.25.0 h1:q6Eo+hS+yoJlTO3uu/azhQadsD8V+jQn2D8VvX1eOyI= github.com/getsentry/sentry-go v0.26.0 h1:IX3++sF6/4B5JcevhdZfdKIHfyvMmAq/UnqcyT2H6mA=
github.com/getsentry/sentry-go v0.25.0/go.mod h1:lc76E2QywIyW8WuBnwl8Lc4bkmQH4+w1gwTf25trprY= github.com/getsentry/sentry-go v0.26.0/go.mod h1:lc76E2QywIyW8WuBnwl8Lc4bkmQH4+w1gwTf25trprY=
github.com/go-asn1-ber/asn1-ber v1.5.5 h1:MNHlNMBDgEKD4TcKr36vQN68BA00aDfjIt3/bD50WnA= github.com/go-asn1-ber/asn1-ber v1.5.5 h1:MNHlNMBDgEKD4TcKr36vQN68BA00aDfjIt3/bD50WnA=
github.com/go-asn1-ber/asn1-ber v1.5.5/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= github.com/go-asn1-ber/asn1-ber v1.5.5/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA=
@ -167,8 +165,8 @@ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
@ -264,6 +262,8 @@ github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFR
github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/sethvargo/go-envconfig v1.0.0 h1:1C66wzy4QrROf5ew4KdVw942CQDa55qmlYmw9FZxZdU=
github.com/sethvargo/go-envconfig v1.0.0/go.mod h1:Lzc75ghUn5ucmcRGIdGQ33DKJrcjk4kihFYgSTBmjIc=
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=

View File

@ -1,6 +1,7 @@
package config package config
import ( import (
"context"
_ "embed" _ "embed"
"errors" "errors"
"fmt" "fmt"
@ -10,10 +11,11 @@ import (
"reflect" "reflect"
"strings" "strings"
env "github.com/Netflix/go-env" env "github.com/sethvargo/go-envconfig"
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
"goauthentik.io/authentik/lib"
"gopkg.in/yaml.v2" "gopkg.in/yaml.v2"
"goauthentik.io/authentik/lib"
) )
var cfg *Config var cfg *Config
@ -113,7 +115,8 @@ func (c *Config) LoadConfigFromFile(path string) error {
} }
func (c *Config) fromEnv() error { func (c *Config) fromEnv() error {
_, err := env.UnmarshalFromEnviron(c) ctx := context.Background()
err := env.Process(ctx, c)
if err != nil { if err != nil {
return fmt.Errorf("failed to load environment variables: %w", err) return fmt.Errorf("failed to load environment variables: %w", err)
} }

View File

@ -3,17 +3,17 @@ package config
type Config struct { type Config struct {
// Core specific config // Core specific config
Storage StorageConfig `yaml:"storage"` Storage StorageConfig `yaml:"storage"`
LogLevel string `yaml:"log_level" env:"AUTHENTIK_LOG_LEVEL"` LogLevel string `yaml:"log_level" env:"AUTHENTIK_LOG_LEVEL, overwrite"`
ErrorReporting ErrorReportingConfig `yaml:"error_reporting"` ErrorReporting ErrorReportingConfig `yaml:"error_reporting" env:", prefix=AUTHENTIK_ERROR_REPORTING__"`
Redis RedisConfig `yaml:"redis"` Redis RedisConfig `yaml:"redis" env:", prefix=AUTHENTIK_REDIS__"`
Outposts OutpostConfig `yaml:"outposts"` Outposts OutpostConfig `yaml:"outposts" env:", prefix=AUTHENTIK_OUTPOSTS__"`
// Config for core and embedded outpost // Config for core and embedded outpost
SecretKey string `yaml:"secret_key" env:"AUTHENTIK_SECRET_KEY"` SecretKey string `yaml:"secret_key" env:"AUTHENTIK_SECRET_KEY, overwrite"`
// Config for both core and outposts // Config for both core and outposts
Debug bool `yaml:"debug" env:"AUTHENTIK_DEBUG"` Debug bool `yaml:"debug" env:"AUTHENTIK_DEBUG, overwrite"`
Listen ListenConfig `yaml:"listen"` Listen ListenConfig `yaml:"listen" env:", prefix=AUTHENTIK_LISTEN__"`
// Outpost specific config // Outpost specific config
// These are only relevant for proxy/ldap outposts, and cannot be set via YAML // These are only relevant for proxy/ldap outposts, and cannot be set via YAML
@ -25,24 +25,24 @@ type Config struct {
} }
type RedisConfig struct { type RedisConfig struct {
Host string `yaml:"host" env:"AUTHENTIK_REDIS__HOST"` Host string `yaml:"host" env:"HOST, overwrite"`
Port int `yaml:"port" env:"AUTHENTIK_REDIS__PORT"` Port int `yaml:"port" env:"PORT, overwrite"`
DB int `yaml:"db" env:"AUTHENTIK_REDIS__DB"` DB int `yaml:"db" env:"DB, overwrite"`
Username string `yaml:"username" env:"AUTHENTIK_REDIS__USERNAME"` Username string `yaml:"username" env:"USERNAME, overwrite"`
Password string `yaml:"password" env:"AUTHENTIK_REDIS__PASSWORD"` Password string `yaml:"password" env:"PASSWORD, overwrite"`
TLS bool `yaml:"tls" env:"AUTHENTIK_REDIS__TLS"` TLS bool `yaml:"tls" env:"TLS, overwrite"`
TLSReqs string `yaml:"tls_reqs" env:"AUTHENTIK_REDIS__TLS_REQS"` TLSReqs string `yaml:"tls_reqs" env:"TLS_REQS, overwrite"`
} }
type ListenConfig struct { type ListenConfig struct {
HTTP string `yaml:"listen_http" env:"AUTHENTIK_LISTEN__HTTP"` HTTP string `yaml:"listen_http" env:"HTTP, overwrite"`
HTTPS string `yaml:"listen_https" env:"AUTHENTIK_LISTEN__HTTPS"` HTTPS string `yaml:"listen_https" env:"HTTPS, overwrite"`
LDAP string `yaml:"listen_ldap" env:"AUTHENTIK_LISTEN__LDAP"` LDAP string `yaml:"listen_ldap" env:"LDAP, overwrite"`
LDAPS string `yaml:"listen_ldaps" env:"AUTHENTIK_LISTEN__LDAPS"` LDAPS string `yaml:"listen_ldaps" env:"LDAPS, overwrite"`
Radius string `yaml:"listen_radius" env:"AUTHENTIK_LISTEN__RADIUS"` Radius string `yaml:"listen_radius" env:"RADIUS, overwrite"`
Metrics string `yaml:"listen_metrics" env:"AUTHENTIK_LISTEN__METRICS"` Metrics string `yaml:"listen_metrics" env:"METRICS, overwrite"`
Debug string `yaml:"listen_debug" env:"AUTHENTIK_LISTEN__DEBUG"` Debug string `yaml:"listen_debug" env:"DEBUG, overwrite"`
TrustedProxyCIDRs []string `yaml:"trusted_proxy_cidrs" env:"AUTHENTIK_LISTEN__TRUSTED_PROXY_CIDRS"` TrustedProxyCIDRs []string `yaml:"trusted_proxy_cidrs" env:"TRUSTED_PROXY_CIDRS, overwrite"`
} }
type StorageConfig struct { type StorageConfig struct {
@ -59,15 +59,15 @@ type StorageFileConfig struct {
} }
type ErrorReportingConfig struct { type ErrorReportingConfig struct {
Enabled bool `yaml:"enabled" env:"AUTHENTIK_ERROR_REPORTING__ENABLED"` Enabled bool `yaml:"enabled" env:"ENABLED, overwrite"`
SentryDSN string `yaml:"sentry_dsn" env:"AUTHENTIK_ERROR_REPORTING__SENTRY_DSN"` SentryDSN string `yaml:"sentry_dsn" env:"SENTRY_DSN, overwrite"`
Environment string `yaml:"environment" env:"AUTHENTIK_ERROR_REPORTING__ENVIRONMENT"` Environment string `yaml:"environment" env:"ENVIRONMENT, overwrite"`
SendPII bool `yaml:"send_pii" env:"AUTHENTIK_ERROR_REPORTING__SEND_PII"` SendPII bool `yaml:"send_pii" env:"SEND_PII, overwrite"`
SampleRate float64 `yaml:"sample_rate" env:"AUTHENTIK_ERROR_REPORTING__SAMPLE_RATE"` SampleRate float64 `yaml:"sample_rate" env:"SAMPLE_RATE, overwrite"`
} }
type OutpostConfig struct { type OutpostConfig struct {
ContainerImageBase string `yaml:"container_image_base" env:"AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE"` ContainerImageBase string `yaml:"container_image_base" env:"CONTAINER_IMAGE_BASE, overwrite"`
Discover bool `yaml:"discover" env:"AUTHENTIK_OUTPOSTS__DISCOVER"` Discover bool `yaml:"discover" env:"DISCOVER, overwrite"`
DisableEmbeddedOutpost bool `yaml:"disable_embedded_outpost" env:"AUTHENTIK_OUTPOSTS__DISABLE_EMBEDDED_OUTPOST"` DisableEmbeddedOutpost bool `yaml:"disable_embedded_outpost" env:"DISABLE_EMBEDDED_OUTPOST, overwrite"`
} }

55
poetry.lock generated
View File

@ -326,20 +326,6 @@ six = "*"
[package.extras] [package.extras]
visualize = ["Twisted (>=16.1.1)", "graphviz (>0.5.1)"] visualize = ["Twisted (>=16.1.1)", "graphviz (>0.5.1)"]
[[package]]
name = "autopep8"
version = "2.0.4"
description = "A tool that automatically formats Python code to conform to the PEP 8 style guide"
optional = false
python-versions = ">=3.6"
files = [
{file = "autopep8-2.0.4-py2.py3-none-any.whl", hash = "sha256:067959ca4a07b24dbd5345efa8325f5f58da4298dab0dde0443d5ed765de80cb"},
{file = "autopep8-2.0.4.tar.gz", hash = "sha256:2913064abd97b3419d1cc83ea71f042cb821f87e45b9c88cad5ad3c4ea87fe0c"},
]
[package.dependencies]
pycodestyle = ">=2.10.0"
[[package]] [[package]]
name = "bandit" name = "bandit"
version = "1.7.6" version = "1.7.6"
@ -1239,23 +1225,6 @@ redis = ">=3,<4.0.0 || >4.0.0,<4.0.1 || >4.0.1"
[package.extras] [package.extras]
hiredis = ["redis[hiredis] (>=3,!=4.0.0,!=4.0.1)"] hiredis = ["redis[hiredis] (>=3,!=4.0.0,!=4.0.1)"]
[[package]]
name = "django-silk"
version = "5.0.4"
description = "Silky smooth profiling for the Django Framework"
optional = false
python-versions = ">=3.8"
files = [
{file = "django-silk-5.0.4.tar.gz", hash = "sha256:8cbfbc647d182527726d8d52d3fcfa193f4d250f21406c3fb1062efa6fb95c63"},
{file = "django_silk-5.0.4-py3-none-any.whl", hash = "sha256:b345d3973d1d382e09735eb525eaf3eebd3edee9a69d1003eb9b01badb2438db"},
]
[package.dependencies]
autopep8 = "*"
Django = ">=3.2"
gprof2dot = ">=2017.09.19"
sqlparse = "*"
[[package]] [[package]]
name = "django-storages" name = "django-storages"
version = "1.14.2" version = "1.14.2"
@ -1665,17 +1634,6 @@ pyopenssl = ["cryptography (>=38.0.3)", "pyopenssl (>=20.0.0)"]
reauth = ["pyu2f (>=0.1.5)"] reauth = ["pyu2f (>=0.1.5)"]
requests = ["requests (>=2.20.0,<3.0.0.dev0)"] requests = ["requests (>=2.20.0,<3.0.0.dev0)"]
[[package]]
name = "gprof2dot"
version = "2022.7.29"
description = "Generate a dot graph from the output of several profilers."
optional = false
python-versions = ">=2.7"
files = [
{file = "gprof2dot-2022.7.29-py2.py3-none-any.whl", hash = "sha256:f165b3851d3c52ee4915eb1bd6cca571e5759823c2cd0f71a79bda93c2dc85d6"},
{file = "gprof2dot-2022.7.29.tar.gz", hash = "sha256:45b4d298bd36608fccf9511c3fd88a773f7a1abc04d6cd39445b11ba43133ec5"},
]
[[package]] [[package]]
name = "gunicorn" name = "gunicorn"
version = "21.2.0" version = "21.2.0"
@ -2903,17 +2861,6 @@ files = [
[package.dependencies] [package.dependencies]
pyasn1 = ">=0.4.6,<0.6.0" pyasn1 = ">=0.4.6,<0.6.0"
[[package]]
name = "pycodestyle"
version = "2.11.1"
description = "Python style guide checker"
optional = false
python-versions = ">=3.8"
files = [
{file = "pycodestyle-2.11.1-py2.py3-none-any.whl", hash = "sha256:44fe31000b2d866f2e41841b18528a505fbd7fef9017b04eff4e2648a0fadc67"},
{file = "pycodestyle-2.11.1.tar.gz", hash = "sha256:41ba0e7afc9752dfb53ced5489e89f8186be00e599e712660695b7a75ff2663f"},
]
[[package]] [[package]]
name = "pycparser" name = "pycparser"
version = "2.21" version = "2.21"
@ -4772,4 +4719,4 @@ files = [
[metadata] [metadata]
lock-version = "2.0" lock-version = "2.0"
python-versions = "~3.12" python-versions = "~3.12"
content-hash = "35d3da5f6f7d4e7bc12fc0eca5de73a722cd409fcbec5332b4a96e3f2e0e4e9b" content-hash = "872b759c19aa026742ef493c1b13a5f01dc5baab84efe7385163c4bf428b8f8f"

View File

@ -190,7 +190,6 @@ bump2version = "*"
colorama = "*" colorama = "*"
coverage = { extras = ["toml"], version = "*" } coverage = { extras = ["toml"], version = "*" }
debugpy = "*" debugpy = "*"
django-silk = "*"
drf-jsonschema-serializer = "*" drf-jsonschema-serializer = "*"
freezegun = "*" freezegun = "*"
importlib-metadata = "*" importlib-metadata = "*"

View File

@ -31,6 +31,11 @@ services:
- s3-data:/usr/src/app/localData - s3-data:/usr/src/app/localData
- s3-metadata:/usr/scr/app/localMetadata - s3-metadata:/usr/scr/app/localMetadata
restart: always restart: always
spotlight:
image: ghcr.io/getsentry/spotlight
ports:
- 127.0.0.1:8969:8969
restart: always
volumes: volumes:
db-data: db-data:

121
web/package-lock.json generated
View File

@ -24,8 +24,8 @@
"@open-wc/lit-helpers": "^0.6.0", "@open-wc/lit-helpers": "^0.6.0",
"@patternfly/elements": "^2.4.0", "@patternfly/elements": "^2.4.0",
"@patternfly/patternfly": "^4.224.2", "@patternfly/patternfly": "^4.224.2",
"@sentry/browser": "^7.92.0", "@sentry/browser": "^7.93.0",
"@sentry/tracing": "^7.92.0", "@sentry/tracing": "^7.93.0",
"@webcomponents/webcomponentsjs": "^2.8.0", "@webcomponents/webcomponentsjs": "^2.8.0",
"base64-js": "^1.5.1", "base64-js": "^1.5.1",
"chart.js": "^4.4.1", "chart.js": "^4.4.1",
@ -62,6 +62,7 @@
"@rollup/plugin-replace": "^5.0.5", "@rollup/plugin-replace": "^5.0.5",
"@rollup/plugin-terser": "^0.4.4", "@rollup/plugin-terser": "^0.4.4",
"@rollup/plugin-typescript": "^11.1.6", "@rollup/plugin-typescript": "^11.1.6",
"@spotlightjs/spotlight": "^1.2.6",
"@storybook/addon-essentials": "^7.6.7", "@storybook/addon-essentials": "^7.6.7",
"@storybook/addon-links": "^7.6.7", "@storybook/addon-links": "^7.6.7",
"@storybook/api": "^7.6.7", "@storybook/api": "^7.6.7",
@ -4750,98 +4751,98 @@
] ]
}, },
"node_modules/@sentry-internal/feedback": { "node_modules/@sentry-internal/feedback": {
"version": "7.92.0", "version": "7.93.0",
"resolved": "https://registry.npmjs.org/@sentry-internal/feedback/-/feedback-7.92.0.tgz", "resolved": "https://registry.npmjs.org/@sentry-internal/feedback/-/feedback-7.93.0.tgz",
"integrity": "sha512-/jEALRtVqboxB9kcK2tag8QCO6XANTlGBb9RV3oeGXJe0DDNJXRq6wVZbfgztXJRrfgx4XVDcNt1pRVoGGG++g==", "integrity": "sha512-4G7rMeQbYGfCHxEoFroABX+UREYc2BSbFqjLmLbIcWowSpgzcwweLLphWHKOciqK6f7DnNDK0jZzx3u7NrkWHw==",
"dependencies": { "dependencies": {
"@sentry/core": "7.92.0", "@sentry/core": "7.93.0",
"@sentry/types": "7.92.0", "@sentry/types": "7.93.0",
"@sentry/utils": "7.92.0" "@sentry/utils": "7.93.0"
}, },
"engines": { "engines": {
"node": ">=12" "node": ">=12"
} }
}, },
"node_modules/@sentry-internal/tracing": { "node_modules/@sentry-internal/tracing": {
"version": "7.92.0", "version": "7.93.0",
"resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.92.0.tgz", "resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.93.0.tgz",
"integrity": "sha512-ur55vPcUUUWFUX4eVLNP71ohswK7ZZpleNZw9Y1GfLqyI+0ILQUwjtzqItJrdClvVsdRZJMRmDV40Hp9Lbb9mA==", "integrity": "sha512-DjuhmQNywPp+8fxC9dvhGrqgsUb6wI/HQp25lS2Re7VxL1swCasvpkg8EOYP4iBniVQ86QK0uITkOIRc5tdY1w==",
"dependencies": { "dependencies": {
"@sentry/core": "7.92.0", "@sentry/core": "7.93.0",
"@sentry/types": "7.92.0", "@sentry/types": "7.93.0",
"@sentry/utils": "7.92.0" "@sentry/utils": "7.93.0"
}, },
"engines": { "engines": {
"node": ">=8" "node": ">=8"
} }
}, },
"node_modules/@sentry/browser": { "node_modules/@sentry/browser": {
"version": "7.92.0", "version": "7.93.0",
"resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.92.0.tgz", "resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.93.0.tgz",
"integrity": "sha512-loMr02/zQ38u8aQhYLtIBg0i5n3ps2e3GUXrt3CdsJQdkRYfa62gcrE7SzvoEpMVHTk7VOI4fWGht8cWw/1k3A==", "integrity": "sha512-MtLTcQ7y3rfk+aIvnnwCfSJvYhTJnIJi+Mf6y/ap6SKObdlsKMbQoJLlRViglGLq+nKxHLAvU0fONiCEmKfV6A==",
"dependencies": { "dependencies": {
"@sentry-internal/feedback": "7.92.0", "@sentry-internal/feedback": "7.93.0",
"@sentry-internal/tracing": "7.92.0", "@sentry-internal/tracing": "7.93.0",
"@sentry/core": "7.92.0", "@sentry/core": "7.93.0",
"@sentry/replay": "7.92.0", "@sentry/replay": "7.93.0",
"@sentry/types": "7.92.0", "@sentry/types": "7.93.0",
"@sentry/utils": "7.92.0" "@sentry/utils": "7.93.0"
}, },
"engines": { "engines": {
"node": ">=8" "node": ">=8"
} }
}, },
"node_modules/@sentry/core": { "node_modules/@sentry/core": {
"version": "7.92.0", "version": "7.93.0",
"resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.92.0.tgz", "resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.93.0.tgz",
"integrity": "sha512-1Tly7YB2I1byI5xb0Cwrxs56Rhww+6mQ7m9P7rTmdC3/ijOzbEoohtYIUPwcooCEarpbEJe/tAayRx6BrH2UbQ==", "integrity": "sha512-vZQSUiDn73n+yu2fEcH+Wpm4GbRmtxmnXnYCPgM6IjnXqkVm3awWAkzrheADblx3kmxrRiOlTXYHw9NTWs56fg==",
"dependencies": { "dependencies": {
"@sentry/types": "7.92.0", "@sentry/types": "7.93.0",
"@sentry/utils": "7.92.0" "@sentry/utils": "7.93.0"
}, },
"engines": { "engines": {
"node": ">=8" "node": ">=8"
} }
}, },
"node_modules/@sentry/replay": { "node_modules/@sentry/replay": {
"version": "7.92.0", "version": "7.93.0",
"resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.92.0.tgz", "resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.93.0.tgz",
"integrity": "sha512-G1t9Uvc9cR8VpNkElwvHIMGzykjIKikb10n0tfVd3e+rBPMCCjCPWOduwG6jZYxcvCjTpqmJh6NSLXxL/Mt4JA==", "integrity": "sha512-dMlLU8v+OkUeGCrPvTu5NriH7BGj3el4rGHWWAYicfJ2QXqTTq50vfasQBP1JeVNcFqnf1y653TdEIvo4RH4tw==",
"dependencies": { "dependencies": {
"@sentry-internal/tracing": "7.92.0", "@sentry-internal/tracing": "7.93.0",
"@sentry/core": "7.92.0", "@sentry/core": "7.93.0",
"@sentry/types": "7.92.0", "@sentry/types": "7.93.0",
"@sentry/utils": "7.92.0" "@sentry/utils": "7.93.0"
}, },
"engines": { "engines": {
"node": ">=12" "node": ">=12"
} }
}, },
"node_modules/@sentry/tracing": { "node_modules/@sentry/tracing": {
"version": "7.92.0", "version": "7.93.0",
"resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-7.92.0.tgz", "resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-7.93.0.tgz",
"integrity": "sha512-1+TFFPVEdax4dNi68gin6MENiyGe9mOuNXfjulrP5eCzUEByus5HAxeDI/LLQ1hArfn048AzwSwKUsS2fO5sbg==", "integrity": "sha512-n4XbAQ7e098Jzv4ZvpXAsFgM+XFfjhKci18r7s3UfDMnrB4FTCwhHZoeiygO8PZhB944mEFbNXNFhHkb8nTDbA==",
"dependencies": { "dependencies": {
"@sentry-internal/tracing": "7.92.0" "@sentry-internal/tracing": "7.93.0"
}, },
"engines": { "engines": {
"node": ">=8" "node": ">=8"
} }
}, },
"node_modules/@sentry/types": { "node_modules/@sentry/types": {
"version": "7.92.0", "version": "7.93.0",
"resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.92.0.tgz", "resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.93.0.tgz",
"integrity": "sha512-APmSOuZuoRGpbPpPeYIbMSplPjiWNLZRQa73QiXuTflW4Tu/ItDlU8hOa2+A6JKVkJCuD2EN6yUrxDGSMyNXeg==", "integrity": "sha512-UnzUccNakhFRA/esWBWP+0v7cjNg+RilFBQC03Mv9OEMaZaS29zSbcOGtRzuFOXXLBdbr44BWADqpz3VW0XaNw==",
"engines": { "engines": {
"node": ">=8" "node": ">=8"
} }
}, },
"node_modules/@sentry/utils": { "node_modules/@sentry/utils": {
"version": "7.92.0", "version": "7.93.0",
"resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.92.0.tgz", "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.93.0.tgz",
"integrity": "sha512-3nEfrQ1z28b/2zgFGANPh5yMVtgwXmrasZxTvKbrAj+KWJpjrJHrIR84r9W277J44NMeZ5RhRW2uoDmuBslPnA==", "integrity": "sha512-Iovj7tUnbgSkh/WrAaMrd5UuYjW7AzyzZlFDIUrwidsyIdUficjCG2OIxYzh76H6nYIx9SxewW0R54Q6XoB4uA==",
"dependencies": { "dependencies": {
"@sentry/types": "7.92.0" "@sentry/types": "7.93.0"
}, },
"engines": { "engines": {
"node": ">=8" "node": ">=8"
@ -4853,6 +4854,34 @@
"integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==", "integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==",
"dev": true "dev": true
}, },
"node_modules/@spotlightjs/overlay": {
"version": "1.2.3",
"resolved": "https://registry.npmjs.org/@spotlightjs/overlay/-/overlay-1.2.3.tgz",
"integrity": "sha512-JypKrZCXGYp7PbLRTi6phBeMXvHP3ulaZVC829rpg+69tcaUXoGmgkjXDNxgrCfFE+xvi73fZk+bbus45b3C/w==",
"dev": true
},
"node_modules/@spotlightjs/sidecar": {
"version": "1.3.3",
"resolved": "https://registry.npmjs.org/@spotlightjs/sidecar/-/sidecar-1.3.3.tgz",
"integrity": "sha512-bRxizHcAUQS8H2f2jD/qbCTZA9ftjkCC9mMRwG6YRIkAi/3VRxB6hnhYkP1LnkZK8BQC0YtHmnlr8N2GJfwLhA==",
"dev": true,
"bin": {
"spotlight-sidecar": "server.js"
}
},
"node_modules/@spotlightjs/spotlight": {
"version": "1.2.6",
"resolved": "https://registry.npmjs.org/@spotlightjs/spotlight/-/spotlight-1.2.6.tgz",
"integrity": "sha512-MjRnzRFk5IZOAUDlkR/ENiB9uAbDlLAgLt4lIrCX0/v8WHwuS1zHMf65G3PjSYWYgjJ14cT98gMJErFVpCWx4g==",
"dev": true,
"dependencies": {
"@spotlightjs/overlay": "1.2.3",
"@spotlightjs/sidecar": "1.3.3"
},
"bin": {
"spotlight-sidecar": "bin/run.js"
}
},
"node_modules/@storybook/addon-actions": { "node_modules/@storybook/addon-actions": {
"version": "7.6.7", "version": "7.6.7",
"resolved": "https://registry.npmjs.org/@storybook/addon-actions/-/addon-actions-7.6.7.tgz", "resolved": "https://registry.npmjs.org/@storybook/addon-actions/-/addon-actions-7.6.7.tgz",

View File

@ -49,8 +49,8 @@
"@open-wc/lit-helpers": "^0.6.0", "@open-wc/lit-helpers": "^0.6.0",
"@patternfly/elements": "^2.4.0", "@patternfly/elements": "^2.4.0",
"@patternfly/patternfly": "^4.224.2", "@patternfly/patternfly": "^4.224.2",
"@sentry/browser": "^7.92.0", "@sentry/browser": "^7.93.0",
"@sentry/tracing": "^7.92.0", "@sentry/tracing": "^7.93.0",
"@webcomponents/webcomponentsjs": "^2.8.0", "@webcomponents/webcomponentsjs": "^2.8.0",
"base64-js": "^1.5.1", "base64-js": "^1.5.1",
"chart.js": "^4.4.1", "chart.js": "^4.4.1",
@ -87,13 +87,14 @@
"@rollup/plugin-replace": "^5.0.5", "@rollup/plugin-replace": "^5.0.5",
"@rollup/plugin-terser": "^0.4.4", "@rollup/plugin-terser": "^0.4.4",
"@rollup/plugin-typescript": "^11.1.6", "@rollup/plugin-typescript": "^11.1.6",
"@spotlightjs/spotlight": "^1.2.6",
"@storybook/addon-essentials": "^7.6.7", "@storybook/addon-essentials": "^7.6.7",
"@storybook/addon-links": "^7.6.7", "@storybook/addon-links": "^7.6.7",
"@storybook/api": "^7.6.7", "@storybook/api": "^7.6.7",
"@storybook/blocks": "^7.6.4", "@storybook/blocks": "^7.6.4",
"@storybook/manager-api": "^7.6.7", "@storybook/manager-api": "^7.6.7",
"@storybook/web-components": "^7.6.7",
"@storybook/web-components-vite": "^7.6.7", "@storybook/web-components-vite": "^7.6.7",
"@storybook/web-components": "^7.6.7",
"@trivago/prettier-plugin-sort-imports": "^4.3.0", "@trivago/prettier-plugin-sort-imports": "^4.3.0",
"@types/chart.js": "^2.9.41", "@types/chart.js": "^2.9.41",
"@types/codemirror": "5.60.15", "@types/codemirror": "5.60.15",
@ -104,12 +105,12 @@
"babel-plugin-macros": "^3.1.0", "babel-plugin-macros": "^3.1.0",
"babel-plugin-tsconfig-paths": "^1.0.3", "babel-plugin-tsconfig-paths": "^1.0.3",
"cross-env": "^7.0.3", "cross-env": "^7.0.3",
"eslint": "^8.56.0",
"eslint-config-google": "^0.14.0", "eslint-config-google": "^0.14.0",
"eslint-plugin-custom-elements": "0.0.8", "eslint-plugin-custom-elements": "0.0.8",
"eslint-plugin-lit": "^1.11.0", "eslint-plugin-lit": "^1.11.0",
"eslint-plugin-sonarjs": "^0.23.0", "eslint-plugin-sonarjs": "^0.23.0",
"eslint-plugin-storybook": "^0.6.15", "eslint-plugin-storybook": "^0.6.15",
"eslint": "^8.56.0",
"lit-analyzer": "^2.0.3", "lit-analyzer": "^2.0.3",
"npm-run-all": "^4.1.5", "npm-run-all": "^4.1.5",
"prettier": "^3.1.1", "prettier": "^3.1.1",

View File

@ -5,7 +5,7 @@ import { me } from "@goauthentik/common/users";
import * as Sentry from "@sentry/browser"; import * as Sentry from "@sentry/browser";
import { Integrations } from "@sentry/tracing"; import { Integrations } from "@sentry/tracing";
import { Config, ResponseError } from "@goauthentik/api"; import { CapabilitiesEnum, Config, ResponseError } from "@goauthentik/api";
export const TAG_SENTRY_COMPONENT = "authentik.component"; export const TAG_SENTRY_COMPONENT = "authentik.component";
export const TAG_SENTRY_CAPABILITIES = "authentik.capabilities"; export const TAG_SENTRY_CAPABILITIES = "authentik.capabilities";
@ -60,6 +60,11 @@ export async function configureSentry(canDoPpi = false): Promise<Config> {
scope.setTransactionName(`authentik.web.if.${currentInterface()}`), scope.setTransactionName(`authentik.web.if.${currentInterface()}`),
); );
} }
if (cfg.capabilities.includes(CapabilitiesEnum.CanDebug)) {
const Spotlight = await import("@spotlightjs/spotlight");
Spotlight.init({ injectImmediately: true });
}
if (cfg.errorReporting.sendPii && canDoPpi) { if (cfg.errorReporting.sendPii && canDoPpi) {
me().then((user) => { me().then((user) => {
Sentry.setUser({ email: user.user.email }); Sentry.setUser({ email: user.user.email });

View File

@ -124,7 +124,7 @@ To check if your config has been applied correctly, you can run the following co
- `AUTHENTIK_LISTEN__LDAPS`: Listening address:port (e.g. `0.0.0.0:6636`) for LDAPS (Applies to LDAP outpost) - `AUTHENTIK_LISTEN__LDAPS`: Listening address:port (e.g. `0.0.0.0:6636`) for LDAPS (Applies to LDAP outpost)
- `AUTHENTIK_LISTEN__METRICS`: Listening address:port (e.g. `0.0.0.0:9300`) for Prometheus metrics (Applies to All) - `AUTHENTIK_LISTEN__METRICS`: Listening address:port (e.g. `0.0.0.0:9300`) for Prometheus metrics (Applies to All)
- `AUTHENTIK_LISTEN__DEBUG`: Listening address:port (e.g. `0.0.0.0:9900`) for Go Debugging metrics (Applies to All) - `AUTHENTIK_LISTEN__DEBUG`: Listening address:port (e.g. `0.0.0.0:9900`) for Go Debugging metrics (Applies to All)
- `AUTHENTIK_LISTEN__TRUSTED_PROXY_CIDRS`: List of CIDRs that proxy headers should be accepted from (Applies to Server) - `AUTHENTIK_LISTEN__TRUSTED_PROXY_CIDRS`: List of comma-separated CIDRs that proxy headers should be accepted from (Applies to Server)
Defaults to `127.0.0.0/8`, `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`, `fe80::/10`, `::1/128`. Defaults to `127.0.0.0/8`, `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`, `fe80::/10`, `::1/128`.