-
-
Notifications
You must be signed in to change notification settings - Fork 909
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into web/sidebar-with-live-content-3
* main: (1301 commits) website/developer-docs: add a baby Style Guide (#9900) website/integrations: gitlab: update certificate key pair location and specify sha (#9925) root: handle asgi exception (#10085) website: bump prettier from 3.3.1 to 3.3.2 in /website (#10082) web: bump prettier from 3.3.1 to 3.3.2 in /web (#10081) core: bump google-api-python-client from 2.132.0 to 2.133.0 (#10083) web: bump prettier from 3.3.1 to 3.3.2 in /tests/wdio (#10079) web: bump chromedriver from 125.0.3 to 126.0.0 in /tests/wdio (#10078) web: bump @sentry/browser from 8.8.0 to 8.9.1 in /web in the sentry group (#10080) web: bump braces from 3.0.2 to 3.0.3 in /web (#10077) website: bump braces from 3.0.2 to 3.0.3 in /website (#10076) web: bump braces from 3.0.2 to 3.0.3 in /tests/wdio (#10075) core: bump azure-identity from 1.16.0 to 1.16.1 (#10071) rbac: filters: fix missing attribute for unauthenticated requests (#10061) tests/e2e: docker-compose.yml: remove version element forgotten last time (#10067) providers/microsoft_entra: fix error when updating connection attributes (#10039) website/integrations: aws: fix about service link (#10062) translate: Updates for file locale/en/LC_MESSAGES/django.po in it (#10060) core: bump github.com/redis/go-redis/v9 from 9.5.2 to 9.5.3 (#10046) core: bump github.com/gorilla/websocket from 1.5.1 to 1.5.2 (#10047) ...
- Loading branch information
Showing
1,755 changed files
with
124,138 additions
and
51,675 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1 @@ | ||
| github: [BeryJu] | ||
| custom: https://goauthentik.io/pricing/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,64 +1,47 @@ | ||
| --- | ||
| name: "Prepare docker environment variables" | ||
| description: "Prepare docker environment variables" | ||
|
|
||
| inputs: | ||
| image-name: | ||
| required: true | ||
| description: "Docker image prefix" | ||
| image-arch: | ||
| required: false | ||
| description: "Docker image arch" | ||
|
|
||
| outputs: | ||
| shouldBuild: | ||
| description: "Whether to build image or not" | ||
| value: ${{ steps.ev.outputs.shouldBuild }} | ||
| branchName: | ||
| description: "Branch name" | ||
| value: ${{ steps.ev.outputs.branchName }} | ||
| branchNameContainer: | ||
| description: "Branch name (for containers)" | ||
| value: ${{ steps.ev.outputs.branchNameContainer }} | ||
| timestamp: | ||
| description: "Timestamp" | ||
| value: ${{ steps.ev.outputs.timestamp }} | ||
|
|
||
| sha: | ||
| description: "sha" | ||
| value: ${{ steps.ev.outputs.sha }} | ||
| shortHash: | ||
| description: "shortHash" | ||
| value: ${{ steps.ev.outputs.shortHash }} | ||
|
|
||
| version: | ||
| description: "version" | ||
| description: "Version" | ||
| value: ${{ steps.ev.outputs.version }} | ||
| versionFamily: | ||
| description: "versionFamily" | ||
| value: ${{ steps.ev.outputs.versionFamily }} | ||
| prerelease: | ||
| description: "Prerelease" | ||
| value: ${{ steps.ev.outputs.prerelease }} | ||
|
|
||
| imageTags: | ||
| description: "Docker image tags" | ||
| value: ${{ steps.ev.outputs.imageTags }} | ||
| imageMainTag: | ||
| description: "Docker image main tag" | ||
| value: ${{ steps.ev.outputs.imageMainTag }} | ||
|
|
||
| runs: | ||
| using: "composite" | ||
| steps: | ||
| - name: Generate config | ||
| id: ev | ||
| shell: python | ||
| shell: bash | ||
| env: | ||
| IMAGE_NAME: ${{ inputs.image-name }} | ||
| IMAGE_ARCH: ${{ inputs.image-arch }} | ||
| PR_HEAD_SHA: ${{ github.event.pull_request.head.sha }} | ||
| run: | | ||
| """Helper script to get the actual branch name, docker safe""" | ||
| import configparser | ||
| import os | ||
| from time import time | ||
| parser = configparser.ConfigParser() | ||
| parser.read(".bumpversion.cfg") | ||
| branch_name = os.environ["GITHUB_REF"] | ||
| if os.environ.get("GITHUB_HEAD_REF", "") != "": | ||
| branch_name = os.environ["GITHUB_HEAD_REF"] | ||
| should_build = str(os.environ.get("DOCKER_USERNAME", "") != "").lower() | ||
| version = parser.get("bumpversion", "current_version") | ||
| version_family = ".".join(version.split(".")[:-1]) | ||
| safe_branch_name = branch_name.replace("refs/heads/", "").replace("/", "-") | ||
| sha = os.environ["GITHUB_SHA"] if not "${{ github.event.pull_request.head.sha }}" else "${{ github.event.pull_request.head.sha }}" | ||
| with open(os.environ["GITHUB_OUTPUT"], "a+", encoding="utf-8") as _output: | ||
| print("branchName=%s" % branch_name, file=_output) | ||
| print("branchNameContainer=%s" % safe_branch_name, file=_output) | ||
| print("timestamp=%s" % int(time()), file=_output) | ||
| print("sha=%s" % sha, file=_output) | ||
| print("shortHash=%s" % sha[:7], file=_output) | ||
| print("shouldBuild=%s" % should_build, file=_output) | ||
| print("version=%s" % version, file=_output) | ||
| print("versionFamily=%s" % version_family, file=_output) | ||
| python3 ${{ github.action_path }}/push_vars.py |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,62 @@ | ||
| """Helper script to get the actual branch name, docker safe""" | ||
|
|
||
| import configparser | ||
| import os | ||
| from time import time | ||
|
|
||
| parser = configparser.ConfigParser() | ||
| parser.read(".bumpversion.cfg") | ||
|
|
||
| should_build = str(os.environ.get("DOCKER_USERNAME", None) is not None).lower() | ||
|
|
||
| branch_name = os.environ["GITHUB_REF"] | ||
| if os.environ.get("GITHUB_HEAD_REF", "") != "": | ||
| branch_name = os.environ["GITHUB_HEAD_REF"] | ||
| safe_branch_name = branch_name.replace("refs/heads/", "").replace("/", "-").replace("'", "-") | ||
|
|
||
| image_names = os.getenv("IMAGE_NAME").split(",") | ||
| image_arch = os.getenv("IMAGE_ARCH") or None | ||
|
|
||
| is_pull_request = bool(os.getenv("PR_HEAD_SHA")) | ||
| is_release = "dev" not in image_names[0] | ||
|
|
||
| sha = os.environ["GITHUB_SHA"] if not is_pull_request else os.getenv("PR_HEAD_SHA") | ||
|
|
||
| # 2042.1.0 or 2042.1.0-rc1 | ||
| version = parser.get("bumpversion", "current_version") | ||
| # 2042.1 | ||
| version_family = ".".join(version.split("-", 1)[0].split(".")[:-1]) | ||
| prerelease = "-" in version | ||
|
|
||
| image_tags = [] | ||
| if is_release: | ||
| for name in image_names: | ||
| image_tags += [ | ||
| f"{name}:{version}", | ||
| ] | ||
| if not prerelease: | ||
| image_tags += [ | ||
| f"{name}:latest", | ||
| f"{name}:{version_family}", | ||
| ] | ||
| else: | ||
| suffix = "" | ||
| if image_arch and image_arch != "amd64": | ||
| suffix = f"-{image_arch}" | ||
| for name in image_names: | ||
| image_tags += [ | ||
| f"{name}:gh-{sha}{suffix}", # Used for ArgoCD and PR comments | ||
| f"{name}:gh-{safe_branch_name}{suffix}", # For convenience | ||
| f"{name}:gh-{safe_branch_name}-{int(time())}-{sha[:7]}{suffix}", # Use by FluxCD | ||
| ] | ||
|
|
||
| image_main_tag = image_tags[0] | ||
| image_tags_rendered = ",".join(image_tags) | ||
|
|
||
| with open(os.environ["GITHUB_OUTPUT"], "a+", encoding="utf-8") as _output: | ||
| print(f"shouldBuild={should_build}", file=_output) | ||
| print(f"sha={sha}", file=_output) | ||
| print(f"version={version}", file=_output) | ||
| print(f"prerelease={prerelease}", file=_output) | ||
| print(f"imageTags={image_tags_rendered}", file=_output) | ||
| print(f"imageMainTag={image_main_tag}", file=_output) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| #!/bin/bash -x | ||
| SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) | ||
| GITHUB_OUTPUT=/dev/stdout \ | ||
| GITHUB_REF=ref \ | ||
| GITHUB_SHA=sha \ | ||
| IMAGE_NAME=ghcr.io/goauthentik/server,beryju/authentik \ | ||
| python $SCRIPT_DIR/push_vars.py |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -3,3 +3,5 @@ keypairs | |
| hass | ||
| warmup | ||
| ontext | ||
| singed | ||
| assertIn | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,65 @@ | ||
| name: authentik-api-py-publish | ||
| on: | ||
| push: | ||
| branches: [main] | ||
| paths: | ||
| - "schema.yml" | ||
| workflow_dispatch: | ||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| id-token: write | ||
| steps: | ||
| - id: generate_token | ||
| uses: tibdex/github-app-token@v2 | ||
| with: | ||
| app_id: ${{ secrets.GH_APP_ID }} | ||
| private_key: ${{ secrets.GH_APP_PRIVATE_KEY }} | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| token: ${{ steps.generate_token.outputs.token }} | ||
| - name: Install poetry & deps | ||
| shell: bash | ||
| run: | | ||
| pipx install poetry || true | ||
| sudo apt-get update | ||
| sudo apt-get install --no-install-recommends -y libpq-dev openssl libxmlsec1-dev pkg-config gettext | ||
| - name: Setup python and restore poetry | ||
| uses: actions/setup-python@v5 | ||
| with: | ||
| python-version-file: "pyproject.toml" | ||
| cache: "poetry" | ||
| - name: Generate API Client | ||
| run: make gen-client-py | ||
| - name: Publish package | ||
| working-directory: gen-py-api/ | ||
| run: | | ||
| poetry build | ||
| - name: Publish package to PyPI | ||
| uses: pypa/gh-action-pypi-publish@release/v1 | ||
| with: | ||
| packages-dir: gen-py-api/dist/ | ||
| # We can't easily upgrade the API client being used due to poetry being poetry | ||
| # so we'll have to rely on dependabot | ||
| # - name: Upgrade / | ||
| # run: | | ||
| # export VERSION=$(cd gen-py-api && poetry version -s) | ||
| # poetry add "authentik_client=$VERSION" --allow-prereleases --lock | ||
| # - uses: peter-evans/create-pull-request@v6 | ||
| # id: cpr | ||
| # with: | ||
| # token: ${{ steps.generate_token.outputs.token }} | ||
| # branch: update-root-api-client | ||
| # commit-message: "root: bump API Client version" | ||
| # title: "root: bump API Client version" | ||
| # body: "root: bump API Client version" | ||
| # delete-branch: true | ||
| # signoff: true | ||
| # # ID from https://api.github.com/users/authentik-automation[bot] | ||
| # author: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> | ||
| # - uses: peter-evans/enable-pull-request-automerge@v3 | ||
| # with: | ||
| # token: ${{ steps.generate_token.outputs.token }} | ||
| # pull-request-number: ${{ steps.cpr.outputs.pull-request-number }} | ||
| # merge-method: squash |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.