Merge branch 'version-2021.6' into next
This commit is contained in:
commit
7492608ace
2
.github/workflows/release.yml
vendored
2
.github/workflows/release.yml
vendored
|
@ -122,7 +122,7 @@ jobs:
|
||||||
docker-compose pull -q
|
docker-compose pull -q
|
||||||
docker-compose up --no-start
|
docker-compose up --no-start
|
||||||
docker-compose start postgresql redis
|
docker-compose start postgresql redis
|
||||||
docker-compose run -u root --entrypoint /bin/bash server -c "apt-get update && apt-get install -y --no-install-recommends git && pip install --no-cache -r requirements-dev.txt && ./manage.py test authentik"
|
docker-compose run -u root server test
|
||||||
sentry-release:
|
sentry-release:
|
||||||
if: ${{ github.event_name == 'release' }}
|
if: ${{ github.event_name == 'release' }}
|
||||||
needs:
|
needs:
|
||||||
|
|
|
@ -8,7 +8,7 @@ WORKDIR /app/
|
||||||
|
|
||||||
RUN pip install pipenv && \
|
RUN pip install pipenv && \
|
||||||
pipenv lock -r > requirements.txt && \
|
pipenv lock -r > requirements.txt && \
|
||||||
pipenv lock -rd > requirements-dev.txt
|
pipenv lock -r --dev-only > requirements-dev.txt
|
||||||
|
|
||||||
# Stage 2: Build web API
|
# Stage 2: Build web API
|
||||||
FROM openapitools/openapi-generator-cli as api-builder
|
FROM openapitools/openapi-generator-cli as api-builder
|
||||||
|
@ -28,7 +28,7 @@ COPY ./web /static/
|
||||||
COPY --from=api-builder /local/web/api /static/api
|
COPY --from=api-builder /local/web/api /static/api
|
||||||
|
|
||||||
ENV NODE_ENV=production
|
ENV NODE_ENV=production
|
||||||
RUN cd /static && npm i --production=false && npm run build
|
RUN cd /static && npm i && npm run build
|
||||||
|
|
||||||
# Stage 4: Build go proxy
|
# Stage 4: Build go proxy
|
||||||
FROM golang:1.16.5 AS builder
|
FROM golang:1.16.5 AS builder
|
||||||
|
@ -76,6 +76,7 @@ RUN apt-get update && \
|
||||||
COPY ./authentik/ /authentik
|
COPY ./authentik/ /authentik
|
||||||
COPY ./pyproject.toml /
|
COPY ./pyproject.toml /
|
||||||
COPY ./xml /xml
|
COPY ./xml /xml
|
||||||
|
COPY ./tests /tests
|
||||||
COPY ./manage.py /
|
COPY ./manage.py /
|
||||||
COPY ./lifecycle/ /lifecycle
|
COPY ./lifecycle/ /lifecycle
|
||||||
COPY --from=builder /work/authentik /authentik-proxy
|
COPY --from=builder /work/authentik /authentik-proxy
|
||||||
|
|
|
@ -9,16 +9,18 @@ function check_if_root {
|
||||||
return
|
return
|
||||||
fi
|
fi
|
||||||
SOCKET="/var/run/docker.sock"
|
SOCKET="/var/run/docker.sock"
|
||||||
|
GROUP="authentik"
|
||||||
if [[ -e "$SOCKET" ]]; then
|
if [[ -e "$SOCKET" ]]; then
|
||||||
# Get group ID of the docker socket, so we can create a matching group and
|
# Get group ID of the docker socket, so we can create a matching group and
|
||||||
# add ourselves to it
|
# add ourselves to it
|
||||||
DOCKER_GID=$(stat -c '%g' $SOCKET)
|
DOCKER_GID=$(stat -c '%g' $SOCKET)
|
||||||
getent group $DOCKER_GID || groupadd -f -g $DOCKER_GID docker
|
getent group $DOCKER_GID || groupadd -f -g $DOCKER_GID docker
|
||||||
usermod -a -G $DOCKER_GID authentik
|
usermod -a -G $DOCKER_GID authentik
|
||||||
|
GROUP="authentik:docker"
|
||||||
fi
|
fi
|
||||||
# Fix permissions of backups and media
|
# Fix permissions of backups and media
|
||||||
chown -R authentik:authentik /media /backups
|
chown -R authentik:authentik /media /backups
|
||||||
chpst -u authentik:authentik:docker env HOME=/authentik $1
|
chpst -u authentik:$GROUP env HOME=/authentik $1
|
||||||
}
|
}
|
||||||
|
|
||||||
if [[ "$1" == "server" ]]; then
|
if [[ "$1" == "server" ]]; then
|
||||||
|
@ -32,6 +34,11 @@ elif [[ "$1" == "restore" ]]; then
|
||||||
python -m manage dbrestore ${@:2}
|
python -m manage dbrestore ${@:2}
|
||||||
elif [[ "$1" == "bash" ]]; then
|
elif [[ "$1" == "bash" ]]; then
|
||||||
/bin/bash
|
/bin/bash
|
||||||
|
elif [[ "$1" == "test" ]]; then
|
||||||
|
pip install --no-cache -r requirements-dev.txt
|
||||||
|
touch /unittest.xml
|
||||||
|
chown authentik:authentik /unittest.xml
|
||||||
|
check_if_root "python -m manage test authentik"
|
||||||
else
|
else
|
||||||
python -m manage "$@"
|
python -m manage "$@"
|
||||||
fi
|
fi
|
||||||
|
|
Reference in a new issue