outposts: move health to API
This commit is contained in:
parent
9fac51f8c7
commit
efc46f52e6
|
@ -29,11 +29,12 @@ from authentik.flows.api import (
|
||||||
FlowViewSet,
|
FlowViewSet,
|
||||||
StageViewSet,
|
StageViewSet,
|
||||||
)
|
)
|
||||||
from authentik.outposts.api import (
|
from authentik.outposts.api.outpost_service_connections import (
|
||||||
DockerServiceConnectionViewSet,
|
DockerServiceConnectionViewSet,
|
||||||
KubernetesServiceConnectionViewSet,
|
KubernetesServiceConnectionViewSet,
|
||||||
OutpostViewSet,
|
ServiceConnectionViewSet,
|
||||||
)
|
)
|
||||||
|
from authentik.outposts.api.outposts import OutpostViewSet
|
||||||
from authentik.policies.api import (
|
from authentik.policies.api import (
|
||||||
PolicyBindingViewSet,
|
PolicyBindingViewSet,
|
||||||
PolicyCacheViewSet,
|
PolicyCacheViewSet,
|
||||||
|
@ -88,6 +89,7 @@ router.register("core/users", UserViewSet)
|
||||||
router.register("core/tokens", TokenViewSet)
|
router.register("core/tokens", TokenViewSet)
|
||||||
|
|
||||||
router.register("outposts/outposts", OutpostViewSet)
|
router.register("outposts/outposts", OutpostViewSet)
|
||||||
|
router.register("outposts/service_connections/all", ServiceConnectionViewSet)
|
||||||
router.register("outposts/service_connections/docker", DockerServiceConnectionViewSet)
|
router.register("outposts/service_connections/docker", DockerServiceConnectionViewSet)
|
||||||
router.register(
|
router.register(
|
||||||
"outposts/service_connections/kubernetes", KubernetesServiceConnectionViewSet
|
"outposts/service_connections/kubernetes", KubernetesServiceConnectionViewSet
|
||||||
|
|
0
authentik/outposts/api/__init__.py
Normal file
0
authentik/outposts/api/__init__.py
Normal file
|
@ -1,30 +1,28 @@
|
||||||
"""Outpost API Views"""
|
"""Outpost API Views"""
|
||||||
from rest_framework.serializers import JSONField, ModelSerializer
|
from rest_framework.serializers import ModelSerializer
|
||||||
from rest_framework.viewsets import ModelViewSet
|
from rest_framework.viewsets import ModelViewSet
|
||||||
|
|
||||||
from authentik.outposts.models import (
|
from authentik.outposts.models import (
|
||||||
DockerServiceConnection,
|
DockerServiceConnection,
|
||||||
KubernetesServiceConnection,
|
KubernetesServiceConnection,
|
||||||
Outpost,
|
OutpostServiceConnection,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
class OutpostSerializer(ModelSerializer):
|
class ServiceConnectionSerializer(ModelSerializer):
|
||||||
"""Outpost Serializer"""
|
"""ServiceConnection Serializer"""
|
||||||
|
|
||||||
_config = JSONField()
|
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Outpost
|
model = OutpostServiceConnection
|
||||||
fields = ["pk", "name", "providers", "service_connection", "_config"]
|
fields = ["pk", "name"]
|
||||||
|
|
||||||
|
|
||||||
class OutpostViewSet(ModelViewSet):
|
class ServiceConnectionViewSet(ModelViewSet):
|
||||||
"""Outpost Viewset"""
|
"""ServiceConnection Viewset"""
|
||||||
|
|
||||||
queryset = Outpost.objects.all()
|
queryset = OutpostServiceConnection.objects.all()
|
||||||
serializer_class = OutpostSerializer
|
serializer_class = ServiceConnectionSerializer
|
||||||
|
|
||||||
|
|
||||||
class DockerServiceConnectionSerializer(ModelSerializer):
|
class DockerServiceConnectionSerializer(ModelSerializer):
|
71
authentik/outposts/api/outposts.py
Normal file
71
authentik/outposts/api/outposts.py
Normal file
|
@ -0,0 +1,71 @@
|
||||||
|
"""Outpost API Views"""
|
||||||
|
from django.db.models import Model
|
||||||
|
from drf_yasg2.utils import swagger_auto_schema
|
||||||
|
from rest_framework.decorators import action
|
||||||
|
from rest_framework.fields import BooleanField, CharField, DateTimeField
|
||||||
|
from rest_framework.request import Request
|
||||||
|
from rest_framework.response import Response
|
||||||
|
from rest_framework.serializers import JSONField, ModelSerializer, Serializer
|
||||||
|
from rest_framework.viewsets import ModelViewSet
|
||||||
|
|
||||||
|
from authentik.core.api.providers import ProviderSerializer
|
||||||
|
from authentik.outposts.models import Outpost
|
||||||
|
|
||||||
|
|
||||||
|
class OutpostSerializer(ModelSerializer):
|
||||||
|
"""Outpost Serializer"""
|
||||||
|
|
||||||
|
_config = JSONField()
|
||||||
|
providers = ProviderSerializer(many=True, read_only=True)
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
|
||||||
|
model = Outpost
|
||||||
|
fields = [
|
||||||
|
"pk",
|
||||||
|
"name",
|
||||||
|
"providers",
|
||||||
|
"service_connection",
|
||||||
|
"token_identifier",
|
||||||
|
"_config",
|
||||||
|
]
|
||||||
|
|
||||||
|
|
||||||
|
class OutpostHealthSerializer(Serializer):
|
||||||
|
"""Outpost health status"""
|
||||||
|
|
||||||
|
last_seen = DateTimeField(read_only=True)
|
||||||
|
version = CharField(read_only=True)
|
||||||
|
version_should = CharField(read_only=True)
|
||||||
|
version_outdated = BooleanField(read_only=True)
|
||||||
|
|
||||||
|
def create(self, validated_data: dict) -> Model:
|
||||||
|
raise NotImplementedError
|
||||||
|
|
||||||
|
def update(self, instance: Model, validated_data: dict) -> Model:
|
||||||
|
raise NotImplementedError
|
||||||
|
|
||||||
|
|
||||||
|
class OutpostViewSet(ModelViewSet):
|
||||||
|
"""Outpost Viewset"""
|
||||||
|
|
||||||
|
queryset = Outpost.objects.all()
|
||||||
|
serializer_class = OutpostSerializer
|
||||||
|
|
||||||
|
@swagger_auto_schema(responses={200: OutpostHealthSerializer(many=True)})
|
||||||
|
@action(methods=["GET"], detail=True)
|
||||||
|
# pylint: disable=invalid-name, unused-argument
|
||||||
|
def health(self, request: Request, pk: int) -> Response:
|
||||||
|
"""Get outposts current health"""
|
||||||
|
outpost: Outpost = self.get_object()
|
||||||
|
states = []
|
||||||
|
for state in outpost.state:
|
||||||
|
states.append(
|
||||||
|
{
|
||||||
|
"last_seen": state.last_seen,
|
||||||
|
"version": state.version,
|
||||||
|
"version_should": state.version_should,
|
||||||
|
"version_outdated": state.version_outdated,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
return Response(OutpostHealthSerializer(states, many=True).data)
|
|
@ -9,7 +9,6 @@ from django.core.cache import cache
|
||||||
from django.db import models, transaction
|
from django.db import models, transaction
|
||||||
from django.db.models.base import Model
|
from django.db.models.base import Model
|
||||||
from django.forms.models import ModelForm
|
from django.forms.models import ModelForm
|
||||||
from django.http import HttpRequest
|
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
from docker.client import DockerClient
|
from docker.client import DockerClient
|
||||||
from docker.errors import DockerException
|
from docker.errors import DockerException
|
||||||
|
@ -33,7 +32,6 @@ from authentik.crypto.models import CertificateKeyPair
|
||||||
from authentik.lib.config import CONFIG
|
from authentik.lib.config import CONFIG
|
||||||
from authentik.lib.models import InheritanceForeignKey
|
from authentik.lib.models import InheritanceForeignKey
|
||||||
from authentik.lib.sentry import SentryIgnoredException
|
from authentik.lib.sentry import SentryIgnoredException
|
||||||
from authentik.lib.utils.template import render_to_string
|
|
||||||
from authentik.outposts.docker_tls import DockerInlineTLS
|
from authentik.outposts.docker_tls import DockerInlineTLS
|
||||||
|
|
||||||
OUR_VERSION = parse(__version__)
|
OUR_VERSION = parse(__version__)
|
||||||
|
@ -378,13 +376,6 @@ class Outpost(models.Model):
|
||||||
objects.append(provider)
|
objects.append(provider)
|
||||||
return objects
|
return objects
|
||||||
|
|
||||||
def html_deployment_view(self, request: HttpRequest) -> Optional[str]:
|
|
||||||
"""return template and context modal to view token and other config info"""
|
|
||||||
return render_to_string(
|
|
||||||
"outposts/deployment_modal.html",
|
|
||||||
{"outpost": self, "full_url": request.build_absolute_uri("/")},
|
|
||||||
)
|
|
||||||
|
|
||||||
def __str__(self) -> str:
|
def __str__(self) -> str:
|
||||||
return f"Outpost {self.name}"
|
return f"Outpost {self.name}"
|
||||||
|
|
||||||
|
|
|
@ -1,43 +0,0 @@
|
||||||
{% load i18n %}
|
|
||||||
|
|
||||||
<ak-modal-button>
|
|
||||||
<button slot="trigger" class="pf-c-button pf-m-tertiary">
|
|
||||||
{% trans 'View Deployment Info' %}
|
|
||||||
</button>
|
|
||||||
<div slot="modal">
|
|
||||||
<div class="pf-c-modal-box__header">
|
|
||||||
<h1 class="pf-c-title pf-m-2xl" id="modal-title">{% trans 'Outpost Deployment Info' %}</h1>
|
|
||||||
</div>
|
|
||||||
<div class="pf-c-modal-box__body" id="modal-description">
|
|
||||||
<p><a href="https://goauthentik.io/docs/outposts/outposts/#deploy">{% trans 'View deployment documentation' %}</a></p>
|
|
||||||
<form class="pf-c-form">
|
|
||||||
<div class="pf-c-form__group">
|
|
||||||
<label class="pf-c-form__label" for="help-text-simple-form-name">
|
|
||||||
<span class="pf-c-form__label-text">AUTHENTIK_HOST</span>
|
|
||||||
</label>
|
|
||||||
<input class="pf-c-form-control" readonly type="text" value="{{ full_url }}" />
|
|
||||||
</div>
|
|
||||||
<div class="pf-c-form__group">
|
|
||||||
<label class="pf-c-form__label" for="help-text-simple-form-name">
|
|
||||||
<span class="pf-c-form__label-text">AUTHENTIK_TOKEN</span>
|
|
||||||
</label>
|
|
||||||
<div>
|
|
||||||
<ak-token-copy-button identifier="{{ outpost.token_identifier }}">
|
|
||||||
{% trans 'Click to copy token' %}
|
|
||||||
</ak-token-copy-button>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<h3>{% trans 'If your authentik Instance is using a self-signed certificate, set this value.' %}</h3>
|
|
||||||
<div class="pf-c-form__group">
|
|
||||||
<label class="pf-c-form__label" for="help-text-simple-form-name">
|
|
||||||
<span class="pf-c-form__label-text">AUTHENTIK_INSECURE</span>
|
|
||||||
</label>
|
|
||||||
<input class="pf-c-form-control" readonly type="text" value="true" />
|
|
||||||
</div>
|
|
||||||
</form>
|
|
||||||
</div>
|
|
||||||
<footer class="pf-c-modal-box__footer pf-m-align-left">
|
|
||||||
<a class="pf-c-button pf-m-primary">{% trans 'Close' %}</a>
|
|
||||||
</footer>
|
|
||||||
</div>
|
|
||||||
</ak-modal-button>
|
|
|
@ -59,11 +59,11 @@ class OAuth2ProviderViewSet(ModelViewSet):
|
||||||
queryset = OAuth2Provider.objects.all()
|
queryset = OAuth2Provider.objects.all()
|
||||||
serializer_class = OAuth2ProviderSerializer
|
serializer_class = OAuth2ProviderSerializer
|
||||||
|
|
||||||
@action(methods=["GET"], detail=True)
|
|
||||||
@swagger_auto_schema(responses={200: OAuth2ProviderSetupURLs(many=False)})
|
@swagger_auto_schema(responses={200: OAuth2ProviderSetupURLs(many=False)})
|
||||||
|
@action(methods=["GET"], detail=True)
|
||||||
# pylint: disable=invalid-name
|
# pylint: disable=invalid-name
|
||||||
def setup_urls(self, request: Request, pk: int) -> str:
|
def setup_urls(self, request: Request, pk: int) -> str:
|
||||||
"""Return metadata as XML string"""
|
"""Get Providers setup URLs"""
|
||||||
provider = get_object_or_404(OAuth2Provider, pk=pk)
|
provider = get_object_or_404(OAuth2Provider, pk=pk)
|
||||||
data = {
|
data = {
|
||||||
"issuer": provider.get_issuer(request),
|
"issuer": provider.get_issuer(request),
|
||||||
|
|
|
@ -54,10 +54,10 @@ class SAMLProviderViewSet(ModelViewSet):
|
||||||
queryset = SAMLProvider.objects.all()
|
queryset = SAMLProvider.objects.all()
|
||||||
serializer_class = SAMLProviderSerializer
|
serializer_class = SAMLProviderSerializer
|
||||||
|
|
||||||
@action(methods=["GET"], detail=True)
|
|
||||||
@swagger_auto_schema(responses={200: SAMLMetadataSerializer(many=False)})
|
@swagger_auto_schema(responses={200: SAMLMetadataSerializer(many=False)})
|
||||||
|
@action(methods=["GET"], detail=True)
|
||||||
# pylint: disable=invalid-name
|
# pylint: disable=invalid-name
|
||||||
def metadata(self, request: Request, pk: int) -> str:
|
def metadata(self, request: Request, pk: int) -> Response:
|
||||||
"""Return metadata as XML string"""
|
"""Return metadata as XML string"""
|
||||||
provider = get_object_or_404(SAMLProvider, pk=pk)
|
provider = get_object_or_404(SAMLProvider, pk=pk)
|
||||||
metadata = DescriptorDownloadView.get_metadata(request, provider)
|
metadata = DescriptorDownloadView.get_metadata(request, provider)
|
||||||
|
|
179
swagger.yaml
179
swagger.yaml
|
@ -1911,6 +1911,28 @@ paths:
|
||||||
required: true
|
required: true
|
||||||
type: string
|
type: string
|
||||||
format: uuid
|
format: uuid
|
||||||
|
/outposts/outposts/{uuid}/health/:
|
||||||
|
get:
|
||||||
|
operationId: outposts_outposts_health
|
||||||
|
description: Outpost Viewset
|
||||||
|
parameters: []
|
||||||
|
responses:
|
||||||
|
'200':
|
||||||
|
description: ''
|
||||||
|
schema:
|
||||||
|
description: ''
|
||||||
|
type: array
|
||||||
|
items:
|
||||||
|
$ref: '#/definitions/OutpostHealth'
|
||||||
|
tags:
|
||||||
|
- outposts
|
||||||
|
parameters:
|
||||||
|
- name: uuid
|
||||||
|
in: path
|
||||||
|
description: A UUID string identifying this outpost.
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
format: uuid
|
||||||
/outposts/proxy/:
|
/outposts/proxy/:
|
||||||
get:
|
get:
|
||||||
operationId: outposts_proxy_list
|
operationId: outposts_proxy_list
|
||||||
|
@ -2037,6 +2059,133 @@ paths:
|
||||||
description: A unique integer value identifying this Proxy Provider.
|
description: A unique integer value identifying this Proxy Provider.
|
||||||
required: true
|
required: true
|
||||||
type: integer
|
type: integer
|
||||||
|
/outposts/service_connections/all/:
|
||||||
|
get:
|
||||||
|
operationId: outposts_service_connections_all_list
|
||||||
|
description: ServiceConnection Viewset
|
||||||
|
parameters:
|
||||||
|
- name: ordering
|
||||||
|
in: query
|
||||||
|
description: Which field to use when ordering the results.
|
||||||
|
required: false
|
||||||
|
type: string
|
||||||
|
- name: search
|
||||||
|
in: query
|
||||||
|
description: A search term.
|
||||||
|
required: false
|
||||||
|
type: string
|
||||||
|
- name: page
|
||||||
|
in: query
|
||||||
|
description: A page number within the paginated result set.
|
||||||
|
required: false
|
||||||
|
type: integer
|
||||||
|
- name: page_size
|
||||||
|
in: query
|
||||||
|
description: Number of results to return per page.
|
||||||
|
required: false
|
||||||
|
type: integer
|
||||||
|
responses:
|
||||||
|
'200':
|
||||||
|
description: ''
|
||||||
|
schema:
|
||||||
|
required:
|
||||||
|
- count
|
||||||
|
- results
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
count:
|
||||||
|
type: integer
|
||||||
|
next:
|
||||||
|
type: string
|
||||||
|
format: uri
|
||||||
|
x-nullable: true
|
||||||
|
previous:
|
||||||
|
type: string
|
||||||
|
format: uri
|
||||||
|
x-nullable: true
|
||||||
|
results:
|
||||||
|
type: array
|
||||||
|
items:
|
||||||
|
$ref: '#/definitions/ServiceConnection'
|
||||||
|
tags:
|
||||||
|
- outposts
|
||||||
|
post:
|
||||||
|
operationId: outposts_service_connections_all_create
|
||||||
|
description: ServiceConnection Viewset
|
||||||
|
parameters:
|
||||||
|
- name: data
|
||||||
|
in: body
|
||||||
|
required: true
|
||||||
|
schema:
|
||||||
|
$ref: '#/definitions/ServiceConnection'
|
||||||
|
responses:
|
||||||
|
'201':
|
||||||
|
description: ''
|
||||||
|
schema:
|
||||||
|
$ref: '#/definitions/ServiceConnection'
|
||||||
|
tags:
|
||||||
|
- outposts
|
||||||
|
parameters: []
|
||||||
|
/outposts/service_connections/all/{uuid}/:
|
||||||
|
get:
|
||||||
|
operationId: outposts_service_connections_all_read
|
||||||
|
description: ServiceConnection Viewset
|
||||||
|
parameters: []
|
||||||
|
responses:
|
||||||
|
'200':
|
||||||
|
description: ''
|
||||||
|
schema:
|
||||||
|
$ref: '#/definitions/ServiceConnection'
|
||||||
|
tags:
|
||||||
|
- outposts
|
||||||
|
put:
|
||||||
|
operationId: outposts_service_connections_all_update
|
||||||
|
description: ServiceConnection Viewset
|
||||||
|
parameters:
|
||||||
|
- name: data
|
||||||
|
in: body
|
||||||
|
required: true
|
||||||
|
schema:
|
||||||
|
$ref: '#/definitions/ServiceConnection'
|
||||||
|
responses:
|
||||||
|
'200':
|
||||||
|
description: ''
|
||||||
|
schema:
|
||||||
|
$ref: '#/definitions/ServiceConnection'
|
||||||
|
tags:
|
||||||
|
- outposts
|
||||||
|
patch:
|
||||||
|
operationId: outposts_service_connections_all_partial_update
|
||||||
|
description: ServiceConnection Viewset
|
||||||
|
parameters:
|
||||||
|
- name: data
|
||||||
|
in: body
|
||||||
|
required: true
|
||||||
|
schema:
|
||||||
|
$ref: '#/definitions/ServiceConnection'
|
||||||
|
responses:
|
||||||
|
'200':
|
||||||
|
description: ''
|
||||||
|
schema:
|
||||||
|
$ref: '#/definitions/ServiceConnection'
|
||||||
|
tags:
|
||||||
|
- outposts
|
||||||
|
delete:
|
||||||
|
operationId: outposts_service_connections_all_delete
|
||||||
|
description: ServiceConnection Viewset
|
||||||
|
parameters: []
|
||||||
|
responses:
|
||||||
|
'204':
|
||||||
|
description: ''
|
||||||
|
tags:
|
||||||
|
- outposts
|
||||||
|
parameters:
|
||||||
|
- name: uuid
|
||||||
|
in: path
|
||||||
|
description: A UUID string identifying this Outpost Service-Connection.
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
format: uuid
|
||||||
/outposts/service_connections/docker/:
|
/outposts/service_connections/docker/:
|
||||||
get:
|
get:
|
||||||
operationId: outposts_service_connections_docker_list
|
operationId: outposts_service_connections_docker_list
|
||||||
|
@ -8005,7 +8154,6 @@ definitions:
|
||||||
description: Outpost Serializer
|
description: Outpost Serializer
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
- providers
|
|
||||||
- _config
|
- _config
|
||||||
type: object
|
type: object
|
||||||
properties:
|
properties:
|
||||||
|
@ -8019,10 +8167,11 @@ definitions:
|
||||||
type: string
|
type: string
|
||||||
minLength: 1
|
minLength: 1
|
||||||
providers:
|
providers:
|
||||||
|
description: ''
|
||||||
type: array
|
type: array
|
||||||
items:
|
items:
|
||||||
type: integer
|
$ref: '#/definitions/Provider'
|
||||||
uniqueItems: true
|
readOnly: true
|
||||||
service_connection:
|
service_connection:
|
||||||
title: Service connection
|
title: Service connection
|
||||||
description: Select Service-Connection authentik should use to manage this
|
description: Select Service-Connection authentik should use to manage this
|
||||||
|
@ -8033,6 +8182,15 @@ definitions:
|
||||||
_config:
|
_config:
|
||||||
title: config
|
title: config
|
||||||
type: object
|
type: object
|
||||||
|
OutpostHealth:
|
||||||
|
description: ''
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
last_seen:
|
||||||
|
title: Last seen
|
||||||
|
type: string
|
||||||
|
format: date-time
|
||||||
|
readOnly: true
|
||||||
OpenIDConnectConfiguration:
|
OpenIDConnectConfiguration:
|
||||||
title: Oidc configuration
|
title: Oidc configuration
|
||||||
description: rest_framework Serializer for OIDC Configuration
|
description: rest_framework Serializer for OIDC Configuration
|
||||||
|
@ -8170,6 +8328,21 @@ definitions:
|
||||||
description: User/Group Attribute used for the user part of the HTTP-Basic
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
||||||
Header. If not set, the user's Email address is used.
|
Header. If not set, the user's Email address is used.
|
||||||
type: string
|
type: string
|
||||||
|
ServiceConnection:
|
||||||
|
description: ServiceConnection Serializer
|
||||||
|
required:
|
||||||
|
- name
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
pk:
|
||||||
|
title: Uuid
|
||||||
|
type: string
|
||||||
|
format: uuid
|
||||||
|
readOnly: true
|
||||||
|
name:
|
||||||
|
title: Name
|
||||||
|
type: string
|
||||||
|
minLength: 1
|
||||||
DockerServiceConnection:
|
DockerServiceConnection:
|
||||||
description: DockerServiceConnection Serializer
|
description: DockerServiceConnection Serializer
|
||||||
required:
|
required:
|
||||||
|
|
Reference in a new issue