admin: migrate to new update check, add option to disable update check

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

authentik/admin/tasks.py

@@ -12,6 +12,7 @@ from structlog.stdlib import get_logger
 from authentik import ENV_GIT_HASH_KEY, __version__
 from authentik.events.models import Event, EventAction
 from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
+from authentik.lib.config import CONFIG
 from authentik.root.celery import CELERY_APP
 
 LOGGER = get_logger()
@@ -36,12 +37,15 @@ def _set_prom_info():
 @CELERY_APP.task(bind=True, base=MonitoredTask)
 def update_latest_version(self: MonitoredTask):
     """Update latest version info"""
+    if CONFIG.y_bool("disable_update_check"):
+        cache.set(VERSION_CACHE_KEY, "0.0.0", VERSION_CACHE_TIMEOUT)
+        self.set_status(TaskResult(TaskResultStatus.WARNING, messages=["Version check disabled."]))
+        return
     try:
-        response = get("https://api.github.com/repos/goauthentik/authentik/releases/latest")
+        response = get("https://version.goauthentik.io/version.json")
         response.raise_for_status()
         data = response.json()
-        tag_name = data.get("tag_name")
+        upstream_version = data.get("stable", {}).get("version")
-        upstream_version = tag_name.split("/")[1]
         cache.set(VERSION_CACHE_KEY, upstream_version, VERSION_CACHE_TIMEOUT)
         self.set_status(
             TaskResult(TaskResultStatus.SUCCESSFUL, ["Successfully updated latest Version"])

authentik/admin/tests/test_tasks.py

@@ -32,8 +32,12 @@ REQUEST_MOCK_VALID = Mock(
     return_value=MockResponse(
         200,
         """{
-            "tag_name": "version/99999999.9999999",
+            "$schema": "https://version.goauthentik.io/schema.json",
-            "body": "https://goauthentik.io/test"
+            "stable": {
+                "version": "99999999.9999999",
+                "changelog": "See https://goauthentik.io/test",
+                "reason": "bugfix"
+            }
         }""",
     )
 )

authentik/lib/default.yml

@@ -56,6 +56,7 @@ outposts:
   # %(build_hash)s: Build hash if you're running a beta version
   docker_image_base: "ghcr.io/goauthentik/%(type)s:%(version)s"
 
+disable_update_check: false
 avatars: env://AUTHENTIK_AUTHENTIK__AVATARS?gravatar
 geoip: "./GeoLite2-City.mmdb"
 

website/docs/installation/configuration.md

@@ -62,6 +62,7 @@ Secret key used for cookie singing and unique user IDs, don't change this after
 Log level for the server and worker containers. Possible values: debug, info, warning, error
 Defaults to `info`.
 
+
 ### AUTHENTIK_ERROR_REPORTING
 
 - `AUTHENTIK_ERROR_REPORTING__ENABLED`
@@ -78,6 +79,10 @@ Defaults to `info`.
 
   Whether or not to send personal data, like usernames. Defaults to `false`.
 
+### AUTHENTIK_DISABLE_UPDATE_CHECK
+
+Optionally disable the update check. Defaults to `false`.
+
 ### AUTHENTIK_EMAIL
 
 - `AUTHENTIK_EMAIL__HOST`