trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'version-2021.6' into next

This commit is contained in:
Jens Langhammer 2021-06-09 16:06:06 +02:00
parent 2a881d241d 7eef501446
commit 7492608ace
3 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/release.yml vendored
View File

@ -122,7 +122,7 @@ jobs:
docker-compose pull -q docker-compose pull -q
docker-compose up --no-start docker-compose up --no-start
docker-compose start postgresql redis docker-compose start postgresql redis
docker-compose run -u root --entrypoint /bin/bash server -c "apt-get update && apt-get install -y --no-install-recommends git && pip install --no-cache -r requirements-dev.txt && ./manage.py test authentik" docker-compose run -u root server test
sentry-release: sentry-release:
if: ${{ github.event_name == 'release' }} if: ${{ github.event_name == 'release' }}
needs: needs:

5
Dockerfile
View File

@ -8,7 +8,7 @@ WORKDIR /app/
RUN pip install pipenv && \ RUN pip install pipenv && \
pipenv lock -r > requirements.txt && \ pipenv lock -r > requirements.txt && \
pipenv lock -rd > requirements-dev.txt pipenv lock -r --dev-only > requirements-dev.txt
# Stage 2: Build web API # Stage 2: Build web API
FROM openapitools/openapi-generator-cli as api-builder FROM openapitools/openapi-generator-cli as api-builder
@ -28,7 +28,7 @@ COPY ./web /static/
COPY --from=api-builder /local/web/api /static/api COPY --from=api-builder /local/web/api /static/api
ENV NODE_ENV=production ENV NODE_ENV=production
RUN cd /static && npm i --production=false && npm run build RUN cd /static && npm i && npm run build
# Stage 4: Build go proxy # Stage 4: Build go proxy
FROM golang:1.16.5 AS builder FROM golang:1.16.5 AS builder
@ -76,6 +76,7 @@ RUN apt-get update && \
COPY ./authentik/ /authentik COPY ./authentik/ /authentik
COPY ./pyproject.toml / COPY ./pyproject.toml /
COPY ./xml /xml COPY ./xml /xml
COPY ./tests /tests
COPY ./manage.py / COPY ./manage.py /
COPY ./lifecycle/ /lifecycle COPY ./lifecycle/ /lifecycle
COPY --from=builder /work/authentik /authentik-proxy COPY --from=builder /work/authentik /authentik-proxy

9
lifecycle/bootstrap.sh
View File

@ -9,16 +9,18 @@ function check_if_root {
return return
fi fi
SOCKET="/var/run/docker.sock" SOCKET="/var/run/docker.sock"
GROUP="authentik"
if [[ -e "$SOCKET" ]]; then if [[ -e "$SOCKET" ]]; then
# Get group ID of the docker socket, so we can create a matching group and # Get group ID of the docker socket, so we can create a matching group and
# add ourselves to it # add ourselves to it
DOCKER_GID=$(stat -c '%g' $SOCKET) DOCKER_GID=$(stat -c '%g' $SOCKET)
getent group $DOCKER_GID || groupadd -f -g $DOCKER_GID docker getent group $DOCKER_GID || groupadd -f -g $DOCKER_GID docker
usermod -a -G $DOCKER_GID authentik usermod -a -G $DOCKER_GID authentik
GROUP="authentik:docker"
fi fi
# Fix permissions of backups and media # Fix permissions of backups and media
chown -R authentik:authentik /media /backups chown -R authentik:authentik /media /backups
chpst -u authentik:authentik:docker env HOME=/authentik $1 chpst -u authentik:$GROUP env HOME=/authentik $1
} }
if [[ "$1" == "server" ]]; then if [[ "$1" == "server" ]]; then
@ -32,6 +34,11 @@ elif [[ "$1" == "restore" ]]; then
python -m manage dbrestore ${@:2} python -m manage dbrestore ${@:2}
elif [[ "$1" == "bash" ]]; then elif [[ "$1" == "bash" ]]; then
/bin/bash /bin/bash
elif [[ "$1" == "test" ]]; then
pip install --no-cache -r requirements-dev.txt
touch /unittest.xml
chown authentik:authentik /unittest.xml
check_if_root "python -m manage test authentik"
else else
python -m manage "$@" python -m manage "$@"
fi fi