outposts: fix docker controller not checking env correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-07-03 22:00:10 +02:00
parent 4917ab9985
commit becb9e34b5
4 changed files with 14 additions and 8 deletions

View File

@ -14,7 +14,9 @@ def is_dict(value: Any):
"""Ensure a value is a dictionary, useful for JSONFields""" """Ensure a value is a dictionary, useful for JSONFields"""
if isinstance(value, dict): if isinstance(value, dict):
return return
raise ValidationError("Value must be a dictionary, and not have any duplicate keys.") raise ValidationError(
"Value must be a dictionary, and not have any duplicate keys."
)
class PassiveSerializer(Serializer): class PassiveSerializer(Serializer):

View File

@ -51,7 +51,7 @@ class OutpostSerializer(ModelSerializer):
raise ValidationError( raise ValidationError(
( (
f"Outpost type {self.initial_data['type']} can't be used with " f"Outpost type {self.initial_data['type']} can't be used with "
f"{provider.__class__.__name} providers." f"{provider.__class__.__name__} providers."
) )
) )
return providers return providers

View File

@ -36,8 +36,10 @@ class DockerController(BaseController):
def _get_env(self) -> dict[str, str]: def _get_env(self) -> dict[str, str]:
return { return {
"AUTHENTIK_HOST": self.outpost.config.authentik_host, "AUTHENTIK_HOST": self.outpost.config.authentik_host.lower(),
"AUTHENTIK_INSECURE": str(self.outpost.config.authentik_host_insecure), "AUTHENTIK_INSECURE": str(
self.outpost.config.authentik_host_insecure
).lower(),
"AUTHENTIK_TOKEN": self.outpost.token.key, "AUTHENTIK_TOKEN": self.outpost.token.key,
} }
@ -45,11 +47,10 @@ class DockerController(BaseController):
"""Check if container's env is equal to what we would set. Return true if container needs """Check if container's env is equal to what we would set. Return true if container needs
to be rebuilt.""" to be rebuilt."""
should_be = self._get_env() should_be = self._get_env()
container_env = container.attrs.get("Config", {}).get("Env", {}) container_env = container.attrs.get("Config", {}).get("Env", [])
for key, expected_value in should_be.items(): for key, expected_value in should_be.items():
if key not in container_env: entry = f"{key.upper()}={expected_value}"
continue if entry not in container_env:
if container_env[key] != expected_value:
return True return True
return False return False

View File

@ -143,6 +143,9 @@ slug: "2021.6"
- crypto: show both sha1 and sha256 fingerprints - crypto: show both sha1 and sha256 fingerprints
- flows: handle old cached flow plans better - flows: handle old cached flow plans better
- g: fix static and media caching not working properly
- outposts: fix container not being started after creation
- outposts: fix docker controller not checking env correctly
- outposts/ldap: add support for boolean fields in ldap - outposts/ldap: add support for boolean fields in ldap
- outposts/proxy: always redirect to session-end interface on sign_out - outposts/proxy: always redirect to session-end interface on sign_out
- providers/oauth2: add revoked field, create suspicious event when previous token is used - providers/oauth2: add revoked field, create suspicious event when previous token is used