outposts: regularly ensure that all outposts have a valid service account and token

This commit is contained in:
Jens Langhammer 2020-12-13 17:10:56 +01:00
parent 76764c4374
commit 3e49acf7ae
2 changed files with 15 additions and 0 deletions

View file

@ -12,4 +12,9 @@ CELERY_BEAT_SCHEDULE = {
"schedule": crontab(minute=0, hour="*"), "schedule": crontab(minute=0, hour="*"),
"options": {"queue": "authentik_scheduled"}, "options": {"queue": "authentik_scheduled"},
}, },
"outpost_token_ensurer": {
"task": "authentik.outposts.tasks.outpost_token_ensurer",
"schedule": crontab(minute="*/5"),
"options": {"queue": "authentik_scheduled"},
},
} }

View file

@ -90,6 +90,16 @@ def outpost_pre_delete(outpost_pk: str):
ProxyKubernetesController(outpost, service_connection).down() ProxyKubernetesController(outpost, service_connection).down()
@CELERY_APP.task(bind=True, base=MonitoredTask)
def outpost_token_ensurer(self: MonitoredTask):
"""Periodically ensure that all Outposts have valid Service Accounts
and Tokens"""
all_outposts = Outpost.objects.all()
for outpost in all_outposts:
_ = outpost.token
self.set_status(TaskResult(TaskResultStatus.SUCCESSFUL, f"Successfully checked {len(all_outposts)} Outposts."))
@CELERY_APP.task() @CELERY_APP.task()
def outpost_post_save(model_class: str, model_pk: Any): def outpost_post_save(model_class: str, model_pk: Any):
"""If an Outpost is saved, Ensure that token is created/updated """If an Outpost is saved, Ensure that token is created/updated