240cf6dd94
* add basic guacamole Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make everything mostly work Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add rac build to CI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix resize, fix web lint, sendSize correctly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * pre-send connection from client, format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve throughput Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework TokenOutpostConsumer into middleware Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix some layout issues Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add outpost controllers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start testing audio things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix a bunch of things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add deps Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix to work with outpost group Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add simple loadbalancing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add simple reconnect Signed-off-by: Jens Langhammer <jens@goauthentik.io> * show reconnecting text Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix error when checking ports Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move to providers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add flow check to interface Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix go lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix rac app label Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix audio Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add logging Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow overriding all settings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate keyboard, debug high DPI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-add deps Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing __init__.py breaking model loading I love python Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * bump successful ws connection to info Signed-off-by: Jens Langhammer <jens@goauthentik.io> * hide cursor since guac draws that Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add clipboard support (bidirectional) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make codespell not want to break the code Signed-off-by: Jens Langhammer <jens@goauthentik.io> * run pr comment in separate task Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start endpoint and property mapping stuff Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more endpoint things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: fix event model_pk filtering with ints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: improve event display for changelog Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rebuild endpoint stuff again Signed-off-by: Jens Langhammer <jens@goauthentik.io> * idk special url Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more stuff, connect token with session Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add disconnect Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework disconnect cleanly disconnect from guacd instead of just letting the connection timeout Signed-off-by: Jens Langhammer <jens@goauthentik.io> * clear cache when creating outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * support host:port and fix protocol Signed-off-by: Jens Langhammer <jens@goauthentik.io> * center smaller viewport Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework connection to wait more and stop after some time Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add policy control to endpoints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove provider protocol Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't switch to different outpost connection when already chosen Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start using property mappings, add static settings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add some RAC mapping settings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests for event changes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests and fix issues found by said tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add preview banner, move endpoints to main page Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> * auto-select endpoint if only one is available Signed-off-by: Jens Langhammer <jens@goauthentik.io> * backport https://github.com/goauthentik/authentik/pull/7831 to rac Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dont select property mappings on endpoints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make table modal only load when opened Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only auto-redirect when open Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web deps Signed-off-by: Jens Langhammer <jens@goauthentik.io> * check for token expiry and terminate session Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-add endpoint name to title Signed-off-by: Jens Langhammer <jens@goauthentik.io> * disconnect connection when token is manually deleted Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add initial RAC docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add connection expiry setting to provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix flaky tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
201 lines
6.8 KiB
YAML
201 lines
6.8 KiB
YAML
name: authentik-on-release
|
|
|
|
on:
|
|
release:
|
|
types: [published, created]
|
|
|
|
jobs:
|
|
build-server:
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
# Needed to upload contianer images to ghcr.io
|
|
packages: write
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3.0.0
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
- name: prepare variables
|
|
uses: ./.github/actions/docker-push-variables
|
|
id: ev
|
|
- name: Docker Login Registry
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
- name: Login to GitHub Container Registry
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: make empty clients
|
|
run: |
|
|
mkdir -p ./gen-ts-api
|
|
mkdir -p ./gen-go-api
|
|
- name: Build Docker Image
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
context: .
|
|
push: ${{ github.event_name == 'release' }}
|
|
secrets: |
|
|
GEOIPUPDATE_ACCOUNT_ID=${{ secrets.GEOIPUPDATE_ACCOUNT_ID }}
|
|
GEOIPUPDATE_LICENSE_KEY=${{ secrets.GEOIPUPDATE_LICENSE_KEY }}
|
|
tags: |
|
|
beryju/authentik:${{ steps.ev.outputs.version }},
|
|
beryju/authentik:${{ steps.ev.outputs.versionFamily }},
|
|
beryju/authentik:latest,
|
|
ghcr.io/goauthentik/server:${{ steps.ev.outputs.version }},
|
|
ghcr.io/goauthentik/server:${{ steps.ev.outputs.versionFamily }},
|
|
ghcr.io/goauthentik/server:latest
|
|
platforms: linux/amd64,linux/arm64
|
|
build-args: |
|
|
VERSION=${{ steps.ev.outputs.version }}
|
|
VERSION_FAMILY=${{ steps.ev.outputs.versionFamily }}
|
|
build-outpost:
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
# Needed to upload contianer images to ghcr.io
|
|
packages: write
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
type:
|
|
- proxy
|
|
- ldap
|
|
- radius
|
|
- rac
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: actions/setup-go@v5
|
|
with:
|
|
go-version-file: "go.mod"
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3.0.0
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
- name: prepare variables
|
|
uses: ./.github/actions/docker-push-variables
|
|
id: ev
|
|
- name: make empty clients
|
|
run: |
|
|
mkdir -p ./gen-ts-api
|
|
mkdir -p ./gen-go-api
|
|
- name: Docker Login Registry
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
- name: Login to GitHub Container Registry
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Build Docker Image
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
push: ${{ github.event_name == 'release' }}
|
|
tags: |
|
|
beryju/authentik-${{ matrix.type }}:${{ steps.ev.outputs.version }},
|
|
beryju/authentik-${{ matrix.type }}:${{ steps.ev.outputs.versionFamily }},
|
|
beryju/authentik-${{ matrix.type }}:latest,
|
|
ghcr.io/goauthentik/${{ matrix.type }}:${{ steps.ev.outputs.version }},
|
|
ghcr.io/goauthentik/${{ matrix.type }}:${{ steps.ev.outputs.versionFamily }},
|
|
ghcr.io/goauthentik/${{ matrix.type }}:latest
|
|
file: ${{ matrix.type }}.Dockerfile
|
|
platforms: linux/amd64,linux/arm64
|
|
context: .
|
|
build-args: |
|
|
VERSION=${{ steps.ev.outputs.version }}
|
|
VERSION_FAMILY=${{ steps.ev.outputs.versionFamily }}
|
|
build-outpost-binary:
|
|
timeout-minutes: 120
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
# Needed to upload binaries to the release
|
|
contents: write
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
type:
|
|
- proxy
|
|
- ldap
|
|
- radius
|
|
goos: [linux, darwin]
|
|
goarch: [amd64, arm64]
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: actions/setup-go@v5
|
|
with:
|
|
go-version-file: "go.mod"
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version-file: web/package.json
|
|
cache: "npm"
|
|
cache-dependency-path: web/package-lock.json
|
|
- name: Build web
|
|
working-directory: web/
|
|
run: |
|
|
npm ci
|
|
npm run build-proxy
|
|
- name: Build outpost
|
|
run: |
|
|
set -x
|
|
export GOOS=${{ matrix.goos }}
|
|
export GOARCH=${{ matrix.goarch }}
|
|
export CGO_ENABLED=0
|
|
go build -tags=outpost_static_embed -v -o ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }} ./cmd/${{ matrix.type }}
|
|
- name: Upload binaries to release
|
|
uses: svenstaro/upload-release-action@v2
|
|
with:
|
|
repo_token: ${{ secrets.GITHUB_TOKEN }}
|
|
file: ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}
|
|
asset_name: authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}
|
|
tag: ${{ github.ref }}
|
|
test-release:
|
|
needs:
|
|
- build-server
|
|
- build-outpost
|
|
- build-outpost-binary
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Run test suite in final docker images
|
|
run: |
|
|
echo "PG_PASS=$(openssl rand -base64 32)" >> .env
|
|
echo "AUTHENTIK_SECRET_KEY=$(openssl rand -base64 32)" >> .env
|
|
docker-compose pull -q
|
|
docker-compose up --no-start
|
|
docker-compose start postgresql redis
|
|
docker-compose run -u root server test-all
|
|
sentry-release:
|
|
needs:
|
|
- build-server
|
|
- build-outpost
|
|
- build-outpost-binary
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: prepare variables
|
|
uses: ./.github/actions/docker-push-variables
|
|
id: ev
|
|
- name: Get static files from docker image
|
|
run: |
|
|
docker pull ghcr.io/goauthentik/server:latest
|
|
container=$(docker container create ghcr.io/goauthentik/server:latest)
|
|
docker cp ${container}:web/ .
|
|
- name: Create a Sentry.io release
|
|
uses: getsentry/action-release@v1
|
|
continue-on-error: true
|
|
if: ${{ github.event_name == 'release' }}
|
|
env:
|
|
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
|
|
SENTRY_ORG: authentik-security-inc
|
|
SENTRY_PROJECT: authentik
|
|
with:
|
|
version: authentik@${{ steps.ev.outputs.version }}
|
|
sourcemaps: "./web/dist"
|
|
url_prefix: "~/static/dist"
|