outposts: fix docker controller not using object_naming_template

closes #1682 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-27 15:04:59 +02:00 · 2021-10-27 15:04:59 +02:00 · 61d3df5f02
parent 971de4fcb9
commit 61d3df5f02
2 changed files with 27 additions and 5 deletions
--- a/authentik/outposts/controllers/docker.py
+++ b/authentik/outposts/controllers/docker.py
@ -2,6 +2,7 @@
 from time import sleep
 from django.conf import settings
 from django.utils.text import slugify
 from docker import DockerClient
 from docker.errors import DockerException, NotFound
 from docker.models.containers import Container
@ -28,6 +29,17 @@ class DockerController(BaseController):
        except ServiceConnectionInvalid as exc:
            raise ControllerException from exc
    @property
    def name(self) -> str:
        """Get the name of the object this reconciler manages"""
        return (
            self.outpost.config.object_naming_template
            % {
                "name": slugify(self.outpost.name),
                "uuid": self.outpost.uuid.hex,
            }
        ).lower()
    def _get_labels(self) -> dict[str, str]:
        return {
            "io.goauthentik.outpost-uuid": self.outpost.pk.hex,
@ -102,15 +114,14 @@ class DockerController(BaseController):
        return image
    def _get_container(self) -> tuple[Container, bool]:
        container_name = f"authentik-proxy-{self.outpost.uuid.hex}"
        try:
-            return self.client.containers.get(container_name), False
+            return self.client.containers.get(self.name), False
        except NotFound:
            self.logger.info("(Re-)creating container...")
            image_name = self.try_pull_image()
            container_args = {
                "image": image_name,
-                "name": container_name,
+                "name": self.name,
                "detach": True,
                "environment": self._get_env(),
                "labels": self._get_labels(),
@ -131,12 +142,23 @@ class DockerController(BaseController):
                True,
            )
    def _migrate_container_name(self):
        """Migrate 2021.9 to 2021.10+"""
        old_name = f"authentik-proxy-{self.outpost.uuid.hex}"
        try:
            old_container: Container = self.client.containers.get(old_name)
            old_container.kill()
            old_container.remove()
        except NotFound:
            return
    # pylint: disable=too-many-return-statements
    def up(self, depth=1):
        if self.outpost.managed == MANAGED_OUTPOST:
            return None
        if depth >= 10:
            raise ControllerException("Giving up since we exceeded recursion limit.")
        self._migrate_container_name()
        try:
            container, has_been_created = self._get_container()
            if has_been_created:
--- a/website/docs/outposts/outposts.md
+++ b/website/docs/outposts/outposts.md
@ -39,11 +39,11 @@ authentik_host: https://authentik.tld/
 authentik_host_insecure: false
 # Optionally specify a different URL used for user-facing interactions
 authentik_host_browser:
-# Template used for objects created (deployments, services, secrets, etc)
+# Template used for objects created (deployments/containers, services, secrets, etc)
 object_naming_template: ak-outpost-%(name)s
 # Use a specific docker image for this outpost rather than the default. This also applies to Kubernetes
 # outposts.
-conatiner_image:
+container_image:
 ########################################
 # Docker outpost specific settings
 ########################################