outposts: add service connection to outpost API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

authentik/api/v2/urls.py

@@ -28,12 +28,12 @@ from authentik.flows.api.bindings import FlowStageBindingViewSet
 from authentik.flows.api.flows import FlowViewSet
 from authentik.flows.api.stages import StageViewSet
 from authentik.flows.views import FlowExecutorView
-from authentik.outposts.api.outpost_service_connections import (
+from authentik.outposts.api.outposts import OutpostViewSet
+from authentik.outposts.api.service_connections import (
     DockerServiceConnectionViewSet,
     KubernetesServiceConnectionViewSet,
     ServiceConnectionViewSet,
 )
-from authentik.outposts.api.outposts import OutpostViewSet
 from authentik.policies.api.bindings import PolicyBindingViewSet
 from authentik.policies.api.policies import PolicyViewSet
 from authentik.policies.dummy.api import DummyPolicyViewSet

authentik/outposts/api/outposts.py

@@ -13,6 +13,7 @@ from rest_framework.viewsets import ModelViewSet
 from authentik.core.api.providers import ProviderSerializer
 from authentik.core.api.utils import PassiveSerializer, is_dict
 from authentik.core.models import Provider
+from authentik.outposts.api.service_connections import ServiceConnectionSerializer
 from authentik.outposts.models import (
     Outpost,
     OutpostConfig,
@@ -33,6 +34,9 @@ class OutpostSerializer(ModelSerializer):
         queryset=Provider.objects.select_subclasses().all(),
     )
     providers_obj = ProviderSerializer(source="providers", many=True, read_only=True)
+    service_connection_obj = ServiceConnectionSerializer(
+        source="service_connection", read_only=True
+    )
 
     def validate_providers(self, providers: list[Provider]) -> list[Provider]:
         """Check that all providers match the type of the outpost"""
@@ -69,6 +73,7 @@ class OutpostSerializer(ModelSerializer):
             "providers",
             "providers_obj",
             "service_connection",
+            "service_connection_obj",
             "token_identifier",
             "config",
         ]
@@ -102,7 +107,7 @@ class OutpostViewSet(ModelViewSet):
         "name",
         "providers__name",
     ]
-    ordering = ["name"]
+    ordering = ["name", "service_connection__name"]
 
     @extend_schema(responses={200: OutpostHealthSerializer(many=True)})
     @action(methods=["GET"], detail=True, pagination_class=None)

schema.yml

@@ -18976,6 +18976,10 @@ components:
           nullable: true
           description: Select Service-Connection authentik should use to manage this
             outpost. Leave empty if authentik should not handle the deployment.
+        service_connection_obj:
+          allOf:
+          - $ref: '#/components/schemas/ServiceConnection'
+          readOnly: true
         token_identifier:
           type: string
           readOnly: true
@@ -18988,6 +18992,7 @@ components:
       - pk
       - providers
       - providers_obj
+      - service_connection_obj
       - token_identifier
       - type
     OutpostDefaultConfig:
@@ -24865,6 +24870,18 @@ components:
       - pk
       - verbose_name
       - verbose_name_plural
+    ServiceConnectionRequest:
+      type: object
+      description: ServiceConnection Serializer
+      properties:
+        name:
+          type: string
+        local:
+          type: boolean
+          description: If enabled, use the local connection. Required Docker socket/Kubernetes
+            Integration
+      required:
+      - name
     ServiceConnectionState:
       type: object
       description: Serializer for Service connection state

web/src/locales/en.po

@@ -209,8 +209,8 @@ msgid "Application Icon"
 msgstr "Application Icon"
 
 #: src/flows/stages/consent/ConsentStage.ts
-msgid "Application requires following permissions"
+msgid "Application requires following permissions:"
-msgstr "Application requires following permissions"
+msgstr "Application requires following permissions:"
 
 #: src/pages/applications/ApplicationForm.ts
 msgid "Application's display Name."
@@ -3167,6 +3167,7 @@ msgid "Service Provider Binding"
 msgstr "Service Provider Binding"
 
 #: src/pages/outposts/OutpostForm.ts
+#: src/pages/outposts/OutpostListPage.ts
 msgid "Service connection"
 msgstr "Service connection"
 
@@ -3997,6 +3998,10 @@ msgstr "Unhealthy outposts"
 msgid "Unknown"
 msgstr "Unknown"
 
+#: src/pages/outposts/OutpostListPage.ts
+msgid "Unmanaged"
+msgstr "Unmanaged"
+
 #: src/pages/admin-overview/charts/LDAPSyncStatusChart.ts
 msgid "Unsynced sources"
 msgstr "Unsynced sources"

web/src/locales/pseudo-LOCALE.po

@@ -209,7 +209,7 @@ msgid "Application Icon"
 msgstr ""
 
 #: 
-msgid "Application requires following permissions"
+msgid "Application requires following permissions:"
 msgstr ""
 
 #: 
@@ -3158,6 +3158,7 @@ msgstr ""
 msgid "Service Provider Binding"
 msgstr ""
 
+#: 
 #: 
 msgid "Service connection"
 msgstr ""
@@ -3985,6 +3986,10 @@ msgstr ""
 msgid "Unknown"
 msgstr ""
 
+#: 
+msgid "Unmanaged"
+msgstr ""
+
 #: 
 msgid "Unsynced sources"
 msgstr ""

web/src/pages/outposts/OutpostListPage.ts

@@ -43,6 +43,7 @@ export class OutpostListPage extends TablePage<Outpost> {
         return [
             new TableColumn(t`Name`, "name"),
             new TableColumn(t`Providers`),
+            new TableColumn(t`Service connection`, "service_connection__name"),
             new TableColumn(t`Health and Version`),
             new TableColumn(""),
         ];
@@ -57,6 +58,7 @@ export class OutpostListPage extends TablePage<Outpost> {
             html`<ul>${item.providersObj?.map((p) => {
                 return html`<li><a href="#/core/providers/${p.pk}">${p.name}</a></li>`;
             })}</ul>`,
+            html`${item.serviceConnectionObj?.name || t`Unmanaged`}`,
             html`<ak-outpost-health outpostId=${ifDefined(item.pk)}></ak-outpost-health>`,
             html`
             <ak-forms-modal>