Release 2.5.0 #1318
Open
Release 2.5.0 #1318
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: awsbuild <awsbuild@oasislmf.org>
* Update testing for analyses_settings computation_settings * trim down PR template * pep * Set version 2.4.11 * retest --------- Co-authored-by: awsbuild <awsbuild@oasislmf.org>
* saving work * saving work * fix authentik chart bugs * adds worker deployment for authentik * adds blueprint template code with example blueprint * adds custom blueprints for oasis/swagger providers/apps and custom users from values.yaml * saving work, adds authentik code to python/django, adds custom flow for oasis-server and swagger providers * saving work: simplifying authentik blueprint * saving work: changes flow type to accessCode, this allows partial functionality with authentik, ui login still broken * fixing accessCode for authentik, was getting cors error for some reason all of a sudden * adds new endpoint for service authorization via client_credentials. refactor all service authorization requests to use client_credentials endpoint instead of password grants. Creates new client specifically for service authorization with custom JWT claim. Adds same service client_credentials auth as keycloak but with authentik. * adds servicetokenserializer for simplejwt, works for service authentication, but some reason ui login with simple is broken * fix default django admin user env setting * modify auth templates so pods only start if correct authType selected in values.yaml * fix cicd workflow file * saving work: combines keycloak/authentik oidc backend classes into 1 generic class. Adds endpoints for oidc authorization and callback. Adds new vars to send to the UI for auth type and external hostname. Refactor settings/base.py * adds tokens to url in callback to be read by R UI * merges service/access_token/ with access_token/ endpoint, so this endpoint hadnles simpleJWT user/service authentication, and OIDC service authentication only. * minikube-cicd * minikube-cicd * minikube-cicd * stupid error * more stupid errors * test cicd with keycloak * test cicd with authentik + added delay for server to start * update django 5.2.7 CVE-2025-59681 * adds logout endpoint for oidc, constructs external url from server env vars * updates callback view to send a coded session token, which will expire after 1 minute. This session token can be used to call the new oidc/session_token/ endpoint to get access/refresh/id tokens * adds group named admin to authentik so GenericOIDCBackendAuthentication class can check for it correctly. Consolidates user and provider blueprints for authentik into one blueprint. Cleans up blueprints. * updates condition checks/errors for TokenObtainPairView * updates minikube cicd workflow file to install branch of OasisLMF * mistake * fix cicd workflow env vars * tries to change oasislmf branch in test-images.yml workflow * tries no-cache setting for docker build * adds oasislmf_branch to all tests in test-images * adds option to change piwind branch, makes it easier to change oasislmf branch * updates auth tests * sets up env vars in seperate job * just hardcodes branch references * push for workflow trigger/adds comment * push for workflow * test workflows with keycloak * test with simple jwt auth * fix bug with simple jwt auth not working * updates README and comment documentation everywhere to generic OIDC information and new login flows * adds oasisplatform_branch arg * update comment * test push * test push * test push * test push * test push * test push * test server images without correct platform branch set * try setting worker img and tag to build for some image version tests, removes oasisplatform_branch arg * revert previous workflow changes * Cant be package pin?? worth testing * f * role back docker builds in each img test * docker builds not needed in piwnd * tweaks for CI * f * fix * pep * adds access_token parameters for swagger ui * fix * pep * f * revert branches for image tests * adds comment to amend workflow file after merge, renames service user env vars for docker-compose files * adds TODO to remove temporary build line after UI release * pep8 * changes to generic_oidc before release (#1299) * removes piwind-path-cfg file, pushed by accident * revert changes to build scripts to use latest versions of other oasis packages * ci-retest * Update Kube CI test (#1304) * test using main branches * test with keycloak * revert back to authentik --------- Co-authored-by: SkylordA <anish.kothikar@oasislmf.org> * Fix OIDC minikube test (#1305) * test * f * show mem usage * f * forgot the always * mem metrics not that useful * minor things I noticed were different, probably inconsequential * unique default service account names --------- Co-authored-by: Sam Gamble <hexadessa@gmail.com> Co-authored-by: sambles <sambles@users.noreply.github.com>
* recompile .txts * pinning version without bug * another instance * path in test * fix versions * correct one for work cont * 40373 * eof
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Release 2.5.0
Releases
PRs