release: 2021.4.6

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

.bumpversion.cfg

@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 2021.4.5
+current_version = 2021.4.6
 tag = True
 commit = True
 parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-?(?P<release>.*)

.github/workflows/release.yml

@@ -18,11 +18,11 @@ jobs:
       - name: Building Docker Image
         run: docker build
           --no-cache
-          -t beryju/authentik:2021.4.5
+          -t beryju/authentik:2021.4.6
           -t beryju/authentik:latest
           -f Dockerfile .
       - name: Push Docker Container to Registry (versioned)
-        run: docker push beryju/authentik:2021.4.5
+        run: docker push beryju/authentik:2021.4.6
       - name: Push Docker Container to Registry (latest)
         run: docker push beryju/authentik:latest
   build-proxy:
@@ -48,11 +48,11 @@ jobs:
           cd outpost/
           docker build \
           --no-cache \
-          -t beryju/authentik-proxy:2021.4.5 \
+          -t beryju/authentik-proxy:2021.4.6 \
           -t beryju/authentik-proxy:latest \
           -f proxy.Dockerfile .
       - name: Push Docker Container to Registry (versioned)
-        run: docker push beryju/authentik-proxy:2021.4.5
+        run: docker push beryju/authentik-proxy:2021.4.6
       - name: Push Docker Container to Registry (latest)
         run: docker push beryju/authentik-proxy:latest
   build-static:
@@ -72,11 +72,11 @@ jobs:
           cd web/
           docker build \
           --no-cache \
-          -t beryju/authentik-static:2021.4.5 \
+          -t beryju/authentik-static:2021.4.6 \
           -t beryju/authentik-static:latest \
           -f Dockerfile .
       - name: Push Docker Container to Registry (versioned)
-        run: docker push beryju/authentik-static:2021.4.5
+        run: docker push beryju/authentik-static:2021.4.6
       - name: Push Docker Container to Registry (latest)
         run: docker push beryju/authentik-static:latest
   test-release:
@@ -110,5 +110,5 @@ jobs:
           SENTRY_PROJECT: authentik
           SENTRY_URL: https://sentry.beryju.org
         with:
-          tagName: 2021.4.5
+          tagName: 2021.4.6
           environment: beryjuorg-prod

authentik/__init__.py

@@ -1,3 +1,3 @@
 """authentik"""
-__version__ = "2021.4.5"
+__version__ = "2021.4.6"
 ENV_GIT_HASH_KEY = "GIT_BUILD_HASH"

authentik/stages/invitation/api.py

@@ -3,6 +3,7 @@ from rest_framework.fields import JSONField
 from rest_framework.serializers import ModelSerializer
 from rest_framework.viewsets import ModelViewSet
 
+from authentik.core.api.users import UserSerializer
 from authentik.core.api.utils import is_dict
 from authentik.flows.api.stages import StageSerializer
 from authentik.stages.invitation.models import Invitation, InvitationStage
@@ -29,6 +30,7 @@ class InvitationStageViewSet(ModelViewSet):
 class InvitationSerializer(ModelSerializer):
     """Invitation Serializer"""
 
+    created_by = UserSerializer(read_only=True)
     fixed_data = JSONField(validators=[is_dict], required=False)
 
     class Meta:
@@ -40,7 +42,6 @@ class InvitationSerializer(ModelSerializer):
             "fixed_data",
             "created_by",
         ]
-        depth = 2
 
 
 class InvitationViewSet(ModelViewSet):

azure-pipelines.yml

@@ -34,6 +34,7 @@ stages:
           - task: CmdLine@2
             inputs:
               script: |
+                sudo apt update
                 sudo apt install -y libxmlsec1-dev pkg-config
                 sudo pip install -U wheel pipenv
                 pipenv install --dev
@@ -50,6 +51,7 @@ stages:
           - task: CmdLine@2
             inputs:
               script: |
+                sudo apt update
                 sudo apt install -y libxmlsec1-dev pkg-config
                 sudo pip install -U wheel pipenv
                 pipenv install --dev
@@ -66,6 +68,7 @@ stages:
           - task: CmdLine@2
             inputs:
               script: |
+                sudo apt update
                 sudo apt install -y libxmlsec1-dev pkg-config
                 sudo pip install -U wheel pipenv
                 pipenv install --dev
@@ -82,6 +85,7 @@ stages:
           - task: CmdLine@2
             inputs:
               script: |
+                sudo apt update
                 sudo apt install -y libxmlsec1-dev pkg-config
                 sudo pip install -U wheel pipenv
                 pipenv install --dev
@@ -104,6 +108,7 @@ stages:
           - task: CmdLine@2
             inputs:
               script: |
+                sudo apt update
                 sudo apt install -y libxmlsec1-dev pkg-config
                 sudo pip install -U wheel pipenv
                 pipenv install --dev
@@ -128,6 +133,7 @@ stages:
           - task: CmdLine@2
             inputs:
               script: |
+                sudo apt update
                 sudo apt install -y libxmlsec1-dev pkg-config
                 sudo pip install -U wheel pipenv
                 pipenv install --dev
@@ -157,6 +163,7 @@ stages:
                 # Copy current, latest config to local
                 cp authentik/lib/default.yml local.env.yml
                 git checkout $(git describe --abbrev=0 --match 'version/*')
+                sudo apt update
                 sudo apt install -y libxmlsec1-dev pkg-config
                 sudo pip install -U wheel pipenv
                 pipenv install --dev
@@ -194,6 +201,7 @@ stages:
           - task: CmdLine@2
             inputs:
               script: |
+                sudo apt update
                 sudo apt install -y libxmlsec1-dev pkg-config
                 sudo pip install -U wheel pipenv
                 pipenv install --dev
@@ -229,6 +237,7 @@ stages:
           - task: CmdLine@2
             inputs:
               script: |
+                sudo apt update
                 sudo apt install -y libxmlsec1-dev pkg-config
                 sudo pip install -U wheel pipenv
                 pipenv install --dev
@@ -271,6 +280,7 @@ stages:
           - task: CmdLine@2
             inputs:
               script: |
+                sudo apt update
                 sudo apt install -y libxmlsec1-dev pkg-config
                 sudo pip install -U wheel pipenv
                 pipenv install --dev --python python3.9
@@ -348,6 +358,7 @@ stages:
           - task: CmdLine@2
             inputs:
               script: |
+                sudo apt update
                 sudo apt install -y libxmlsec1-dev pkg-config
                 sudo pip install -U wheel pipenv
                 pipenv install --dev

docker-compose.yml

@@ -20,7 +20,7 @@ services:
     networks:
       - internal
   server:
-    image: ${AUTHENTIK_IMAGE:-beryju/authentik}:${AUTHENTIK_TAG:-2021.4.5}
+    image: ${AUTHENTIK_IMAGE:-beryju/authentik}:${AUTHENTIK_TAG:-2021.4.6}
     restart: unless-stopped
     command: server
     environment:
@@ -48,7 +48,7 @@ services:
     env_file:
       - .env
   worker:
-    image: ${AUTHENTIK_IMAGE:-beryju/authentik}:${AUTHENTIK_TAG:-2021.4.5}
+    image: ${AUTHENTIK_IMAGE:-beryju/authentik}:${AUTHENTIK_TAG:-2021.4.6}
     restart: unless-stopped
     command: worker
     networks:
@@ -68,7 +68,7 @@ services:
     env_file:
       - .env
   static:
-    image: ${AUTHENTIK_IMAGE_STATIC:-beryju/authentik-static}:${AUTHENTIK_TAG:-2021.4.5}
+    image: ${AUTHENTIK_IMAGE_STATIC:-beryju/authentik-static}:${AUTHENTIK_TAG:-2021.4.6}
     restart: unless-stopped
     networks:
       - internal

helm/Chart.yaml

@@ -4,7 +4,7 @@ name: authentik
 home: https://goauthentik.io
 sources:
   - https://github.com/goauthentik/authentik
-version: "2021.4.5"
+version: "2021.4.6"
 icon: https://raw.githubusercontent.com/goauthentik/authentik/master/web/icons/icon.svg
 dependencies:
   - name: postgresql

helm/README.md

@@ -4,7 +4,7 @@
 |-----------------------------------|-------------------------|-------------|
 | image.name                        | beryju/authentik        | Image used to run the authentik server and worker |
 | image.name_static                 | beryju/authentik-static | Image used to run the authentik static server (CSS and JS Files) |
-| image.tag                         | 2021.4.5                | Image tag |
+| image.tag                         | 2021.4.6                | Image tag |
 | image.pullPolicy                  | IfNotPresent            | Image Pull Policy used for all deployments |
 | serverReplicas                    | 1                       | Replicas for the Server deployment |
 | workerReplicas                    | 1                       | Replicas for the Worker deployment |

helm/values.yaml

@@ -5,7 +5,7 @@ image:
   name: beryju/authentik
   name_static: beryju/authentik-static
   name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
-  tag: 2021.4.5
+  tag: 2021.4.6
   pullPolicy: IfNotPresent
 
 serverReplicas: 1

outpost/pkg/version.go

@@ -1,3 +1,3 @@
 package pkg
 
-const VERSION = "2021.4.5"
+const VERSION = "2021.4.6"

swagger.yaml

@@ -18017,226 +18017,7 @@ definitions:
         title: Fixed data
         type: object
       created_by:
-        required:
+        $ref: '#/definitions/User'
-          - password
-          - username
-          - name
-        type: object
-        properties:
-          id:
-            title: ID
-            type: integer
-            readOnly: true
-          password:
-            title: Password
-            type: string
-            maxLength: 128
-            minLength: 1
-          last_login:
-            title: Last login
-            type: string
-            format: date-time
-            x-nullable: true
-          username:
-            title: Username
-            description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
-              only.
-            type: string
-            pattern: ^[\w.@+-]+$
-            maxLength: 150
-            minLength: 1
-          first_name:
-            title: First name
-            type: string
-            maxLength: 150
-          last_name:
-            title: Last name
-            type: string
-            maxLength: 150
-          email:
-            title: Email address
-            type: string
-            format: email
-            maxLength: 254
-          is_active:
-            title: Active
-            description: Designates whether this user should be treated as active.
-              Unselect this instead of deleting accounts.
-            type: boolean
-          date_joined:
-            title: Date joined
-            type: string
-            format: date-time
-          uuid:
-            title: Uuid
-            type: string
-            format: uuid
-            readOnly: true
-          name:
-            title: Name
-            description: User's display name.
-            type: string
-            minLength: 1
-          password_change_date:
-            title: Password change date
-            type: string
-            format: date-time
-            readOnly: true
-          attributes:
-            title: Attributes
-            type: object
-          groups:
-            type: array
-            items:
-              required:
-                - name
-              type: object
-              properties:
-                id:
-                  title: ID
-                  type: integer
-                  readOnly: true
-                name:
-                  title: Name
-                  type: string
-                  maxLength: 150
-                  minLength: 1
-                permissions:
-                  type: array
-                  items:
-                    type: integer
-                  uniqueItems: true
-            readOnly: true
-          user_permissions:
-            type: array
-            items:
-              required:
-                - name
-                - codename
-                - content_type
-              type: object
-              properties:
-                id:
-                  title: ID
-                  type: integer
-                  readOnly: true
-                name:
-                  title: Name
-                  type: string
-                  maxLength: 255
-                  minLength: 1
-                codename:
-                  title: Codename
-                  type: string
-                  maxLength: 100
-                  minLength: 1
-                content_type:
-                  title: Content type
-                  type: integer
-            readOnly: true
-          sources:
-            type: array
-            items:
-              required:
-                - name
-                - slug
-              type: object
-              properties:
-                pbm_uuid:
-                  title: Pbm uuid
-                  type: string
-                  format: uuid
-                  readOnly: true
-                policy_engine_mode:
-                  title: Policy engine mode
-                  type: string
-                  enum:
-                    - all
-                    - any
-                managed:
-                  title: Managed by authentik
-                  description: Objects which are managed by authentik. These objects
-                    are created and updated automatically. This is flag only indicates
-                    that an object can be overwritten by migrations. You can still
-                    modify the objects via the API, but expect changes to be overwritten
-                    in a later update.
-                  type: string
-                  minLength: 1
-                  x-nullable: true
-                name:
-                  title: Name
-                  description: Source's display Name.
-                  type: string
-                  minLength: 1
-                slug:
-                  title: Slug
-                  description: Internal source name, used in URLs.
-                  type: string
-                  format: slug
-                  pattern: ^[-a-zA-Z0-9_]+$
-                  maxLength: 50
-                  minLength: 1
-                enabled:
-                  title: Enabled
-                  type: boolean
-                authentication_flow:
-                  title: Authentication flow
-                  description: Flow to use when authenticating existing users.
-                  type: string
-                  format: uuid
-                  x-nullable: true
-                enrollment_flow:
-                  title: Enrollment flow
-                  description: Flow to use when enrolling new users.
-                  type: string
-                  format: uuid
-                  x-nullable: true
-                policies:
-                  type: array
-                  items:
-                    type: string
-                    format: uuid
-                  readOnly: true
-                  uniqueItems: true
-                property_mappings:
-                  type: array
-                  items:
-                    type: string
-                    format: uuid
-                  uniqueItems: true
-            readOnly: true
-          ak_groups:
-            type: array
-            items:
-              required:
-                - name
-                - parent
-              type: object
-              properties:
-                group_uuid:
-                  title: Group uuid
-                  type: string
-                  format: uuid
-                  readOnly: true
-                name:
-                  title: Name
-                  type: string
-                  maxLength: 80
-                  minLength: 1
-                is_superuser:
-                  title: Is superuser
-                  description: Users added to this group will be superusers.
-                  type: boolean
-                attributes:
-                  title: Attributes
-                  type: object
-                parent:
-                  title: Parent
-                  type: string
-                  format: uuid
-                  x-nullable: true
-            readOnly: true
-        readOnly: true
   InvitationStage:
     required:
       - name

web/nginx.conf

@@ -81,7 +81,7 @@ http {
         location /static/ {
             expires 31d;
             add_header Cache-Control "public, no-transform";
-            add_header X-authentik-version "2021.4.5";
+            add_header X-authentik-version "2021.4.6";
             add_header Vary X-authentik-version;
         }
 

web/src/constants.ts

@@ -3,7 +3,7 @@ export const SUCCESS_CLASS = "pf-m-success";
 export const ERROR_CLASS = "pf-m-danger";
 export const PROGRESS_CLASS = "pf-m-in-progress";
 export const CURRENT_CLASS = "pf-m-current";
-export const VERSION = "2021.4.5";
+export const VERSION = "2021.4.6";
 export const PAGE_SIZE = 20;
 export const EVENT_REFRESH = "ak-refresh";
 export const EVENT_NOTIFICATION_TOGGLE = "ak-notification-toggle";

website/docs/installation/docker-compose.md

@@ -16,7 +16,7 @@ Download the latest `docker-compose.yml` from [here](https://raw.githubuserconte
 
 To optionally enable error-reporting, run `echo AUTHENTIK_ERROR_REPORTING__ENABLED=true >> .env`
 
-To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.4.5 >> .env`
+To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.4.6 >> .env`
 
 If this is a fresh authentik install run the following commands to generate a password:
 

website/docs/installation/kubernetes.md

@@ -38,7 +38,7 @@ image:
   name: beryju/authentik
   name_static: beryju/authentik-static
   name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
-  tag: 2021.4.5
+  tag: 2021.4.6
 
 serverReplicas: 1
 workerReplicas: 1

website/docs/outposts/manual-deploy-docker-compose.md

@@ -11,7 +11,7 @@ version: "3.5"
 
 services:
   authentik_proxy:
-    image: beryju/authentik-proxy:2021.4.5
+    image: beryju/authentik-proxy:2021.4.6
     ports:
       - 4180:4180
       - 4443:4443

website/docs/outposts/manual-deploy-kubernetes.md

@@ -14,7 +14,7 @@ metadata:
     app.kubernetes.io/instance: __OUTPOST_NAME__
     app.kubernetes.io/managed-by: goauthentik.io
     app.kubernetes.io/name: authentik-proxy
-    app.kubernetes.io/version: 2021.4.5
+    app.kubernetes.io/version: 2021.4.6
   name: authentik-outpost-api
 stringData:
   authentik_host: "__AUTHENTIK_URL__"
@@ -29,7 +29,7 @@ metadata:
     app.kubernetes.io/instance: __OUTPOST_NAME__
     app.kubernetes.io/managed-by: goauthentik.io
     app.kubernetes.io/name: authentik-proxy
-    app.kubernetes.io/version: 2021.4.5
+    app.kubernetes.io/version: 2021.4.6
   name: authentik-outpost
 spec:
   ports:
@@ -54,7 +54,7 @@ metadata:
     app.kubernetes.io/instance: __OUTPOST_NAME__
     app.kubernetes.io/managed-by: goauthentik.io
     app.kubernetes.io/name: authentik-proxy
-    app.kubernetes.io/version: 2021.4.5
+    app.kubernetes.io/version: 2021.4.6
   name: authentik-outpost
 spec:
   selector:
@@ -62,14 +62,14 @@ spec:
       app.kubernetes.io/instance: __OUTPOST_NAME__
       app.kubernetes.io/managed-by: goauthentik.io
       app.kubernetes.io/name: authentik-proxy
-      app.kubernetes.io/version: 2021.4.5
+      app.kubernetes.io/version: 2021.4.6
   template:
     metadata:
       labels:
         app.kubernetes.io/instance: __OUTPOST_NAME__
         app.kubernetes.io/managed-by: goauthentik.io
         app.kubernetes.io/name: authentik-proxy
-        app.kubernetes.io/version: 2021.4.5
+        app.kubernetes.io/version: 2021.4.6
     spec:
       containers:
         - env:
@@ -88,7 +88,7 @@ spec:
               secretKeyRef:
                 key: authentik_host_insecure
                 name: authentik-outpost-api
-        image: beryju/authentik-proxy:2021.4.5
+        image: beryju/authentik-proxy:2021.4.6
         name: proxy
         ports:
           - containerPort: 4180
@@ -110,7 +110,7 @@ metadata:
     app.kubernetes.io/instance: __OUTPOST_NAME__
     app.kubernetes.io/managed-by: goauthentik.io
     app.kubernetes.io/name: authentik-proxy
-    app.kubernetes.io/version: 2021.4.5
+    app.kubernetes.io/version: 2021.4.6
   name: authentik-outpost
 spec:
   rules: