outposts: make k8s object naming configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

authentik/outposts/controllers/k8s/base.py

@@ -42,7 +42,10 @@ class KubernetesObjectReconciler(Generic[T]):
     @property
     def name(self) -> str:
         """Get the name of the object this reconciler manages"""
-        raise NotImplementedError
+        return self.controller.outpost.config.object_naming_template % {
+            "name": self.controller.outpost.name,
+            "uuid": self.controller.outpost.uuid.hex,
+        }
 
     def up(self):
         """Create object if it doesn't exist, update if needed or recreate if needed."""

authentik/outposts/controllers/k8s/deployment.py

@@ -37,10 +37,6 @@ class DeploymentReconciler(KubernetesObjectReconciler[V1Deployment]):
         self.api = AppsV1Api(controller.client)
         self.outpost = self.controller.outpost
 
-    @property
-    def name(self) -> str:
-        return f"authentik-outpost-{self.controller.outpost.uuid.hex}"
-
     def reconcile(self, current: V1Deployment, reference: V1Deployment):
         super().reconcile(current, reference)
         if current.spec.replicas != reference.spec.replicas:

authentik/outposts/controllers/k8s/secret.py

@@ -26,10 +26,6 @@ class SecretReconciler(KubernetesObjectReconciler[V1Secret]):
         super().__init__(controller)
         self.api = CoreV1Api(controller.client)
 
-    @property
-    def name(self) -> str:
-        return f"authentik-outpost-{self.controller.outpost.uuid.hex}-api"
-
     def reconcile(self, current: V1Secret, reference: V1Secret):
         super().reconcile(current, reference)
         for key in reference.data.keys():

authentik/outposts/controllers/k8s/service.py

@@ -21,10 +21,6 @@ class ServiceReconciler(KubernetesObjectReconciler[V1Service]):
         super().__init__(controller)
         self.api = CoreV1Api(controller.client)
 
-    @property
-    def name(self) -> str:
-        return f"authentik-outpost-{self.controller.outpost.uuid.hex}"
-
     def reconcile(self, current: V1Service, reference: V1Service):
         super().reconcile(current, reference)
         if len(current.spec.ports) != len(reference.spec.ports):

authentik/outposts/models.py

@@ -56,6 +56,7 @@ class OutpostConfig:
         "error_reporting.environment", "customer"
     )
 
+    object_naming_template: str = field(default="ak-outpost-%(name)s")
     kubernetes_replicas: int = field(default=1)
     kubernetes_namespace: str = field(default="default")
     kubernetes_ingress_annotations: dict[str, str] = field(default_factory=dict)

authentik/providers/proxy/controllers/k8s/ingress.py

@@ -33,10 +33,6 @@ class IngressReconciler(KubernetesObjectReconciler[NetworkingV1beta1Ingress]):
         super().__init__(controller)
         self.api = NetworkingV1beta1Api(controller.client)
 
-    @property
-    def name(self) -> str:
-        return f"authentik-outpost-{self.controller.outpost.uuid.hex}"
-
     def _check_annotations(self, reference: NetworkingV1beta1Ingress):
         """Check that all annotations *we* set are correct"""
         for key, value in self.get_ingress_annotations().items():