Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

outposts: fix docker ssh integration #5362

Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

outposts: fix docker ssh integration #5362

wants to merge 10 commits into from

Conversation

BeryJu
Copy link
Member

@BeryJu BeryJu commented Apr 24, 2023
edited
Loading

fix SSH integration being very finicky currently
currently the SSH Config is done by creating ~/.ssh/config which is then read by paramiko, but interpreted by docker-py and only certain params are actually parsed. Also there's only one config file that needs to be updated with multiple hosts

this switches the SSH Connection to use a shell process, hence gets rid of paramiko, uses openssh-client, and as such we can use /etc/ssh/ssh_config.d and just create a file per service-connection in there

closes #4314
closes #3679

@codecov
Copy link

codecov bot commented Apr 24, 2023
edited
Loading

Codecov Report

Patch coverage: 26.67% and project coverage change: -66.36 ⚠️

Comparison is base (13591fc) 92.69% compared to head (4e9a466) 26.33%.

Additional details and impacted files 
@@             Coverage Diff             @@
##             main    #5362       +/-   ##
===========================================
- Coverage   92.69%   26.33%   -66.36%     
===========================================
  Files         506      506               
  Lines       25908    25893       -15     
===========================================
- Hits        24013     6816    -17197     
- Misses       1895    19077    +17182
Flag Coverage Δ
e2e ?
integration 26.33% <26.67%> (+0.01%) ⬆️
unit ?

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
authentik/outposts/docker_ssh.py 41.87% <23.08%> (+7.38%) ⬆️
authentik/outposts/controllers/docker.py 69.11% <50.00%> (-11.51%) ⬇️

... and 451 files with indirect coverage changes

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@github-actions
Copy link
Contributor

github-actions bot commented Apr 24, 2023
edited
Loading

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-outposts-fix-docker-ssh-integration-1682351885-4e9a466
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

For arm64, use these values:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-outposts-fix-docker-ssh-integration-1682351885-4e9a466-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
    repository: ghcr.io/goauthentik/dev-server
    tag: gh-outposts-fix-docker-ssh-integration-1682351885-4e9a466

For arm64, use these values:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
    repository: ghcr.io/goauthentik/dev-server
    tag: gh-outposts-fix-docker-ssh-integration-1682351885-4e9a466-arm64

Afterwards, run the upgrade commands from the latest release notes.

BeryJu added 10 commits April 24, 2023 18:10
@BeryJu
outposts: use native ssh client
1cda015 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
simplify config, adjust perms in dockerfile
cf9d8f6 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
cleanup
71ac128 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
fix error handling
d5708d2 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
what a pointless warning
609e9a0 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
use open
bc6d66c 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
fix build
205f115 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
fix web issue
e18c2fe 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
fix folder perms
9bd8cfb 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu
re-add paramiko
4e9a466 
This reverts commit eb6f515.

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu force-pushed the outposts/fix-docker-ssh-integration branch from fbf75be to 4e9a466 Compare April 24, 2023 15:10
@BeryJu
Copy link
Member Author

BeryJu commented Apr 24, 2023

using the plain SSH connection works but is quite slow due to docker/docker-py#2966

@rissson rissson added deploy_me Deploy the PR changes on a test environment and removed deploy_me Deploy the PR changes on a test environment labels Apr 25, 2023
@mrbreil
Copy link

mrbreil commented May 30, 2023

any news on this

@BeryJu BeryJu requested review from a team as code owners November 18, 2023 22:42
@BeryJu BeryJu mentioned this pull request Apr 11, 2024
Open
@DunklerPhoenix
Copy link
Contributor

Heho
Is this still on the list to be merged?
Because I'm running into the same issues :D

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

SSH Outpost integrations not working Docker Outpost integration via SSH not working
4 participants
@BeryJu @mrbreil @DunklerPhoenix @rissson