Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

root: support running authentik in subpath #8675

Merged
merged 25 commits into from
Nov 26, 2024
Merged

root: support running authentik in subpath #8675

merged 25 commits into from
Nov 26, 2024

Conversation

BeryJu
Copy link
Member

@BeryJu BeryJu commented Feb 24, 2024
edited
Loading

Details

closes #4509

Checklist

  • Local tests pass (ak test authentik/)
  • The code has been formatted (make lint-fix)

If an API change has been made

  • The API schema has been updated (make gen-build)

If changes to the frontend have been made

  • The code has been formatted (make web)

If applicable

  • The documentation has been updated
  • The documentation has been formatted (make website)

@BeryJu
initial subpath support
7d3c9e8 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
make outpost compatible
1e8faf8 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
fix static files somewhat
7bcdff3 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
fix web interface
c784c99 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
fix most static stuff
b0caa7b 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
fix most web links
69e9676 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
fix websocket
7018592 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
fix URL for static files
98db4c0 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu BeryJu requested review from a team as code owners February 24, 2024 19:22
@netlify Netlify
Copy link

netlify bot commented Feb 24, 2024
edited
Loading

Deploy Preview for authentik-storybook ready!

Name Link
🔨 Latest commit ebcf4b6
🔍 Latest deploy log https://app.netlify.com/sites/authentik-storybook/deploys/6745c489a24e4e0009062802
😎 Deploy Preview https://deploy-preview-8675--authentik-storybook.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@netlify Netlify
Copy link

netlify bot commented Feb 24, 2024
edited
Loading

Deploy Preview for authentik-docs canceled.

Name Link
🔨 Latest commit ebcf4b6
🔍 Latest deploy log https://app.netlify.com/sites/authentik-docs/deploys/6745c4896e43e00008c2e0be

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Feb 24, 2024
edited
Loading

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-975c93c35de136603739aef386afeca8323dda04
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

For arm64, use these values:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-975c93c35de136603739aef386afeca8323dda04-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-975c93c35de136603739aef386afeca8323dda04

For arm64, use these values:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-975c93c35de136603739aef386afeca8323dda04-arm64

Afterwards, run the upgrade commands from the latest release notes.

@BeryJu
format web
c2f9a0b 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
add root redirect for subpath
70d39a2 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
update docs
df82238 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu BeryJu requested a review from a team as a code owner February 24, 2024 21:46
@rissson
Copy link
Member

rissson commented Feb 26, 2024

There probably are security implications with this, like other apps being able to access authentik's cookies. We should probably mention them in the documentation.

@BeryJu
set cookie path
06723cb 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
Copy link
Member Author

BeryJu commented Feb 26, 2024

There probably are security implications with this, like other apps being able to access authentik's cookies. We should probably mention them in the documentation.

Oh yeah, I had this set when initially testing but it must've gotten removed at some point: 06723cb

@notion-workspace Notion Workspace
Copy link

Subpath support

@rissson rissson self-requested a review February 28, 2024 17:43
rissson
rissson requested changes Feb 28, 2024
View reviewed changes
@BeryJu @rissson
Update internal/config/struct.go
3a176a0 
Co-authored-by: Marc 'risson' Schmitt <[email protected]>
Signed-off-by: Jens L. <[email protected]>
rissson
rissson approved these changes Feb 29, 2024
View reviewed changes
Copy link
Member

@rissson rissson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Haven't tested it myself, but looks ok. I do wonder what would happen with media files when stored as files though.

@MaximeWewer MaximeWewer mentioned this pull request Apr 25, 2024
Closed
@cfradewavecom
Copy link

I would like to test this but got image NotFound when using ghcr.io/goauthentik/dev-server:gh-3a176a0024e688cd6b126923b221b3e207314def

Can someone retry pipeline or event better rebase this PR with latest release? Thanks

kensternberg-authentik
kensternberg-authentik approved these changes Jul 5, 2024
View reviewed changes
Copy link
Contributor

@kensternberg-authentik kensternberg-authentik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Typescript looks fine. A couple of points come to mind: we have three different URLs: internal, another interface, and external. Supporting this feature makes using a browser-based router that much harder, which in turn will make the command palette a... challenge. :-)

web/src/user/LibraryPage/ApplicationEmptyState.ts Outdated
@@ -50,7 +50,7 @@ export class LibraryPageApplicationEmptyList extends AKElement {
<a
aria-disabled="false"
class="cta pf-c-button pf-m-secondary"
href="/if/admin/${href}"
href="${globalAK().api.base}if/admin/${href}"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This repetition starts to feel like it needs to be, oh, I dunno, a function somewhere. :-)

BeryJu added 2 commits July 8, 2024 18:42
@BeryJu
Merge branch 'main' into root/subpath
6c1c472 
Signed-off-by: Jens Langhammer <[email protected]>

# Conflicts:
#	authentik/core/views/interface.py
#	internal/web/proxy.go
#	internal/web/static.go
#	web/src/elements/notifications/NotificationDrawer.ts
#	web/src/user/LibraryApplication/index.ts
#	web/src/user/LibraryPage/ak-library-application-empty-list.ts
#	web/src/user/UserInterface.ts
#	web/src/user/user-settings/details/UserSettingsFlowExecutor.ts
@BeryJu
fix sfe
7ad8ffc 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
bump required version
a78dca5 
Signed-off-by: Jens Langhammer <[email protected]>
@codecov Codecov
Copy link

codecov bot commented Jul 8, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 84.84848% with 5 lines in your changes missing coverage. Please review.

Project coverage is 92.61%. Comparing base (6c1ad98) to head (ebcf4b6).
Report is 5 commits behind head on main.

✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
authentik/flows/models.py 40.00% 3 Missing ⚠️
authentik/brands/models.py 77.77% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #8675      +/-   ##
==========================================
- Coverage   92.62%   92.61%   -0.02%     
==========================================
  Files         761      761              
  Lines       38025    38047      +22     
==========================================
+ Hits        35220    35236      +16     
- Misses       2805     2811       +6
Flag Coverage Δ
e2e 49.12% <66.66%> (+<0.01%) ⬆️
integration 24.83% <24.24%> (+<0.01%) ⬆️
unit 90.20% <84.84%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

BeryJu added 3 commits July 15, 2024 14:45
@BeryJu
Merge branch 'main' into root/subpath
a003f8c 
Signed-off-by: Jens L. <[email protected]>
@BeryJu
fix flow background
00dcc34 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
fix lint and some more links
65fae59 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu BeryJu mentioned this pull request Jul 20, 2024
Merged
@xhb
Copy link

xhb commented Sep 6, 2024

Do you have any updates on this PR? I'm really looking forward to this feature, please merge it as soon as possible.

@BeryJu
Merge branch 'main' into root/subpath
3a9d819 
Signed-off-by: Jens Langhammer <[email protected]>

# Conflicts:
#	authentik/core/views/interface.py
#	web/src/elements/enterprise/EnterpriseStatusBanner.ts
#	website/docs/install-config/configuration/configuration.mdx
@BeryJu
format
11faad6 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
Merge branch 'main' into root/subpath
9c93b7d
@BeryJu
fix impersonate
975c93c 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu
Merge branch 'main' into root/subpath
755f99a 
Signed-off-by: Jens Langhammer <[email protected]>

# Conflicts:
#	internal/web/static.go
@BeryJu
fix
ebcf4b6 
Signed-off-by: Jens Langhammer <[email protected]>
@BeryJu BeryJu merged commit 5e72ec9 into main Nov 26, 2024
65 of 66 checks passed
@BeryJu BeryJu deleted the root/subpath branch November 26, 2024 14:38
kensternberg-authentik added a commit that referenced this pull request Nov 26, 2024
@kensternberg-authentik
Merge branch 'main' into dev
20b66f8 
* main:
  website/docs: Add note about single group per role (#12169)
  website/docs: Fix documentation about attribute merging for indirect membership (#12168)
  root: support running authentik in subpath (#8675)
  docs: fix contribution link (#12189)
  core, web: update translations (#12190)
  core: Bump msgraph-sdk from 1.12.0 to 1.13.0 (#12191)
  core: Bump selenium from 4.26.1 to 4.27.0 (#12192)
@rissson rissson mentioned this pull request Dec 3, 2024
Merged
6 tasks
@BeryJu BeryJu restored the root/subpath branch December 6, 2024 15:17
@BeryJu BeryJu deleted the root/subpath branch December 6, 2024 15:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rissson rissson rissson approved these changes

@kensternberg-authentik kensternberg-authentik kensternberg-authentik approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Run Authentik in subfolder behind Traefik Proxy
5 participants
@BeryJu @rissson @cfradewavecom @xhb @kensternberg-authentik