Commit Graph

91 Commits (f171258467ec46070fb9f7b36d5774ff53419976)

Author SHA1 Message Date
James Elliott 1684ffb989
[RELEASE] v4.22.0 (#1266) 2020-09-21 16:47:07 +10:00
Amir Zarrinkafsh 8dfe5c7d70
[CI] Fail linting step on errors (#1307) 2020-09-04 14:06:10 +10:00
Amir Zarrinkafsh 0df8f6bfe3
[CI] Collect and upload coverage on master branch (#1174) 2020-07-02 08:56:45 +02:00
Amir Zarrinkafsh cd2e7eb4bf
[RELEASE] v4.21.0 (#1172) 2020-07-01 17:39:42 +10:00
vdot0x23 6ccc92e47e
do not hardcode /bin/bash (#1122)
Co-authored-by: Victor Büttner <victor@0x23.dk>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-06-18 09:49:13 +02:00
Amir Zarrinkafsh 475a4e1a61
[RELEASE] v4.20.0 (#1120) 2020-06-17 18:00:10 +10:00
Amir Zarrinkafsh ff7f9a50ab
[FEATURE] Docker simplification and configuration generation (#1113)
* [FEATURE] Docker simplification and configuration generation
The Authelia binary now will attempt to generate configuration based on the latest template assuming that the config location specified on startup does not exist. If a file based backend is selected and the backend cannot be found similarly it will generate a `user_database.yml` based a template.

This will allow more seamless bootstrapping of an environment no matter the deployment method.

We have also squashed the Docker volume requirement down to just `/config` thus removing the requirement for `/var/lib/authelia` this is primarily in attempts to simplify the Docker deployment.

Users with the old volume mappings have two options:
1. Change their mappings to conform to `/config`
2. Change the container entrypoint from `authelia --config /config/configuration.yml` to their old mapping

* Adjust paths relative to `/etc/authelia` and simplify to single volume for compose
* Add generation for file backend based user database
* Refactor Docker volumes and paths to /config
* Refactor Docker WORKDIR to /app
* Fix integration tests
* Update BREAKING.md for v4.20.0
* Run go mod tidy
* Fix log_file_path in miscellaneous.md docs
* Generate config and userdb with 0600 permissions
* Fix log_file_path in config.template.yml
2020-06-17 16:25:35 +10:00
Clément Michaud d5b29bc503
[RELEASE] v4.19.2 (#1104) 2020-06-10 09:51:51 +10:00
Amir Zarrinkafsh 5cc6dfc463
[MISC] Update QEMU to v5.0.0-2 (#1090)
* [MISC] Update QEMU to v5.0.0-2

* [CI] Add retries and exit with non-zero status if codecov upload fails
2020-06-06 15:08:51 +02:00
Amir Zarrinkafsh d123fe4785
[CI] Add Codecov support (#1065)
* [CI] Add Codecov support

* [CI] Capture backend coverage from integration tests

* [CI] Remove unnecessary artifacts for coverage build

* [CI] Only run coverage elements where necessary

* [CI] Simplify post-command hook

* Fix yarn dependencies and collect coverage

* [CI] Include cmd/authelia/ path in coverage

* [CI] Exclude internal/suites/ in coverage

Closes #1061.
2020-06-05 10:43:19 +10:00
Amir Zarrinkafsh ca1f3c0c4a
[RELEASE] v4.19.1 (#1046) 2020-05-24 10:55:51 +10:00
Amir Zarrinkafsh 3249448d5c
[RELEASE] v4.19.0 (#1037) 2020-05-21 16:13:58 +10:00
James Elliott 675b1b8e26
[RELEASE] v4.18.1 (#1023) 2020-05-16 13:37:01 +10:00
Clément Michaud aa242142c0
[RELEASE] 4.18.0 (#990)
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-08 11:36:07 +10:00
Amir Zarrinkafsh c3fc560242
[CI] Fix race condition on Docker tag clean up (#984)
Prior to this change if there was a branch/PR build which had not yet published manifests and a master build running simultaneously, assuming the master build finished publishing manifests before former it would clean up the architecture tagged containers (-{amd64,arm32v7,arm64v8}) which would result in the manifest step failing for the branch or PR build.
These should not be considered in either of the clean up steps because they're removed as part of a successful manifest being published.
2020-05-06 13:28:44 +10:00
James Elliott 4db5807bac
[RELEASE] v4.17.0 (#976) 2020-05-05 07:52:15 +10:00
Amir Zarrinkafsh 9e2a9f5ee6
[DEPRECATE] Remove OSX (darwin) based binaries (#967) 2020-05-03 22:03:53 +10:00
Amir Zarrinkafsh d301ebe47c
[CI] Fix pipeline dependencies (#964)
* [CI] Fix pipeline dependencies
This change ensures that CI_BYPASS works as intended and ensures that the hardcoded pipeline does not conflict with the repo provided dynamic pipeline.
The hardcoded pipeline has been changed to reflect the following:
```yaml
steps:
  # Blocking pipeline for master branch deployments (concurrency_group).
  - label: ":pipeline: Setup Pipeline"
    command: ".buildkite/pipeline.sh | buildkite-agent pipeline upload"
    concurrency: 1
    concurrency_group: "deployments"
    if: build.branch == "master"

  # Non-blocking pipeline for all others (tagged commits/local branches/PRs).
  - label: ":pipeline: Setup Pipeline"
    command: ".buildkite/pipeline.sh | buildkite-agent pipeline upload"
    if: build.branch != "master"

  - wait:
    if: build.pull_request.repository.fork != true && build.branch !~ /^dependabot\/.*/

  # Manual intervention by team required to deploy for forked PRs (prevent secret leakage).
  - block: "Public fork needs approval"
    if: build.pull_request.repository.fork == true

  # Blocking deployment for master branch deployments (concurrency_group).
  - label: "🚀 Setup Deployment"
    command: ".buildkite/deployment.sh | buildkite-agent pipeline upload"
    concurrency: 1
    concurrency_group: "deployments"
    depends_on: ~
    if: build.branch == "master"

  # Non-blocking deployment for all others (tagged commits/local branches).
  - label: "🚀 Setup Deployment"
    command: ".buildkite/deployment.sh | buildkite-agent pipeline upload"
    depends_on: ~
    if: build.branch != "master" && build.branch !~ /^dependabot\/.*/ && build.pull_request.repository.fork != true

  # Removed dependency optimisation for forked PRs to enforce block step.
  - label: "🚀 Setup Deployment"
    command: ".buildkite/deployment.sh | buildkite-agent pipeline upload"
    if: build.pull_request.repository.fork == true
```

* [CI] Include upstream hardcoded pipeline in repo
2020-05-02 17:05:11 +02:00
Amir Zarrinkafsh ce5f5e9214
[CI] Optimise pipeline deployments with explicit dependencies (#955)
Pushes to master and tagged releases will have now have explicit dependencies for steps. This is specifically to prevent darwin based builds holding up execution of other steps which should not have a dependence.
2020-05-02 13:22:17 +10:00
Amir Zarrinkafsh 1ed1318870
[CI] Fix artifact download for publishing step (#954) 2020-05-02 12:12:18 +10:00
James Elliott 9947371ef8
[CI] Run unit tests on master and tagged commits (#953) 2020-05-02 11:41:53 +10:00
James Elliott c13525bf84
[RELEASE] v4.16.0 (#952) 2020-05-02 09:01:39 +10:00
Amir Zarrinkafsh 2b627c6c04
[CI] Set concurrency groups at a global level and simplify pipeline (#942) 2020-04-29 14:06:35 +10:00
Amir Zarrinkafsh f781d63b2c
[CI] Prevent race conditions with appropriate deployment steps (#941)
If we have multiple builds to master that intend to deploy AUR packages or documentation, we must ensure that the jobs are locked and executed sequentially, not simultaneously. If they were to run simultaneously this has the ability to cause a race condition when attempting to commit the respective steps.
2020-04-29 13:05:41 +10:00
Amir Zarrinkafsh 12100d21e2
[CI] Linting optimisations (#940)
* [CI] Lint all builds except tagged commits to satisfy branch protection

* [CI] Add automatic retries for linting failures
This is to treat any issues with the reviewdog API server and occasional failures we are seeing.
2020-04-29 12:30:46 +10:00
Amir Zarrinkafsh f8bd506326
[FEATURE] Embed static assets in Go binary (#916)
* [FEATURE] Embed static assets in Go binary

* Refactor/consolidate code and specify public_html via configuration

* Update docs and config template for assets

* Update AUR package pre-requisites and systemd unit

* Include static assets as Buildkite and GitHub artifacts

* Remove references to PUBLIC_DIR

* Only serve assets via embedded filesystem and remove configuration references

* Update authelia-scripts helper to build the embedded filesystem

* Mock the embedded filesystem for unit tests
Add to gitignore to ensure this isn't overwritten.

* Move go:generate to satisfy linter
2020-04-29 00:07:20 +10:00
Clément Michaud bfff9237fa
[RELEASE] v4.15.1 (#919) 2020-04-26 00:29:08 +02:00
James Elliott 8917c98d65
[RELEASE] v4.15.0 (#904)
* [RELEASE] v4.15.0

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-04-23 12:43:27 +10:00
Amir Zarrinkafsh 0ec3f18b44
[CI] Introduce GitHub checks based linting with reviewdog (#900)
* [CI] Introduce linting for branch commits with reviewdog
This utilises the GitHub checks API and could be a potential candidate instead of in-line PR reviews.

* [CI] Change reporter to `github-check`

* [CI] Adjust linting in-line PR commentary to execute with linting step
2020-04-22 23:10:22 +10:00
James Elliott d233057b31
[RELEASE] 4.14.2 (#882) 2020-04-19 22:06:59 +10:00
Amir Zarrinkafsh 4b664cf15f
[RELEASE] v4.14.1 (#880) 2020-04-19 04:33:18 +10:00
Amir Zarrinkafsh 02c55580bc
[RELEASE] v4.14.0 (#873) 2020-04-16 10:41:23 +10:00
James Elliott 04d875b101
[RELEASE] v4.13.1 (#856) 2020-04-11 15:29:03 +10:00
Amir Zarrinkafsh 3de1827b21
[Buildkite] Control clean builds with agent metadata (#840)
This is to optimise build times at the sacrifice of disk space/clean up tasks.
2020-04-09 14:46:04 +10:00
Amir Zarrinkafsh 49ac65eb41
[RELEASE] v4.13.0 (#839) 2020-04-09 11:50:34 +10:00
Amir Zarrinkafsh de2c5836fd
[Buildkite] Introduce CI linting with golangci-lint and reviewdog (#832)
* [Buildkite] Introduce CI linting with golangci-lint and reviewdog

* Initial pass of golangci-lint

* Add gosimple (megacheck) recommendations

* Add golint recommendations

* [BUGFIX] Migrate authentication traces from v3 mongodb

* Add deadcode recommendations

* [BUGFIX] Fix ShortTimeouts suite when run in dev workflow

* Add unused recommendations

* Add unparam recommendations

* Disable linting on unfixable errors instead of skipping files

* Adjust nolint notation for unparam

* Fix ineffectual assignment to err raised by linter.

* Export environment variable in agent hook

* Add ineffassign recommendations

* Add staticcheck recommendations

* Add gocyclo recommendations

* Adjust ineffassign recommendations

Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-04-09 11:05:17 +10:00
Amir Zarrinkafsh 13712d0f36
[Buildkite] Fine-grained control of build steps for agent allocation (#835) 2020-04-08 11:31:33 +10:00
James Elliott 670eeb2879
[RELEASE] v4.12.0 (#828) 2020-04-05 22:53:26 +10:00
Amir Zarrinkafsh 580152b40b
[FEATURE] Include darwin based binaries for OSX (#814)
Build and publish binary artifacts for Authelia which can be run directly from OSX.
2020-04-03 16:13:24 +11:00
Amir Zarrinkafsh a71ca1903d
[RELEASE] v4.11.0 (#810) 2020-04-01 10:53:48 +11:00
Amir Zarrinkafsh 6128081e1f
[Buildkite] Adjust CI bypasses (#804) 2020-04-01 09:44:57 +11:00
Amir Zarrinkafsh 95f6c1a893
[Buildkite] Add contents of BREAKING.md for tag to releases (#797)
This will ensure that notes pertaining to a version in the BREAKING.md will be published in each of the respective github releases.

All information from:
'## Breaking in $TAG' until the next '## Breaking in $TAG' is included.
2020-03-31 08:46:23 +11:00
Amir Zarrinkafsh 92023de85d
[Buildkite] Tweak pipeline to conditionally ignore a wait step (#781) 2020-03-25 14:09:35 +11:00
Amir Zarrinkafsh d95bda8cdc
[Buildkite] Fix pipeline regression for master deployments (#770)
Fixes the regression #766 introduced as when the `build.branch` is `master` `build.tag` is `""`.
2020-03-22 16:36:18 +11:00
Amir Zarrinkafsh 8b64c9aad5
[Buildkite] Optimise pipeline for tagged deployments (#766)
* [Buildkite] Optimise pipeline for tagged deployments
Ensure Unit and Integration testing is bypassed for tagged builds.

* Apply suggestions from code review

Co-Authored-By: Clément Michaud <clement.michaud34@gmail.com>
2020-03-22 11:03:36 +11:00
Amir Zarrinkafsh 93abf699b8
[Buildkite] Fix docs bypass for origin/master divergences (#764)
If origin/master diverges beyond the initial fork-point on branches or external forks, the `git merge-base` command exits unsuccessfully. This will cause commits to incorrectly be recognised as a docs bypass. This change will catch the unsuccessful exit and treat it as a normal CI/CD run.

Examples:
- https://buildkite.com/authelia/authelia/builds/932
- https://buildkite.com/authelia/authelia/builds/933
- https://buildkite.com/authelia/authelia/builds/941
2020-03-21 14:42:29 +01:00
Amir Zarrinkafsh daba4d789f
[Buildkite] Optimise pipeline for deployments to master (#756)
Prior to this change all PR's which are merged into master would result in another run of the Unit and Integration testing.
This is not necessary because all steps have to pass for a PR to be accepted in to master, this will save significant time for deployments to master and reduce overall load to the Buildkite workers.
2020-03-20 14:03:50 +11:00
Amir Zarrinkafsh 7eddf07155
[Buildkite] Clean Docker environment on exit (#734) 2020-03-19 16:15:54 +11:00
Amir Zarrinkafsh 06e36f89e3
[Buildkite] Fix unbound variable for docs bypass (#711) 2020-03-15 22:01:52 +11:00
Amir Zarrinkafsh a24ca937cd
[Buildkite] Fix docs bypass for tagged releases (#709) 2020-03-15 21:07:23 +11:00