fix: correct worker volume mount and add always allow policy to blueprint
Some checks failed
CI/CD Pipeline / Code Quality & Linting (push) Has been cancelled
CI/CD Pipeline / Policy Validation (push) Has been cancelled
CI/CD Pipeline / Test Suite (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-coverage) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-extract) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-firm-connectors) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-forms) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-hmrc) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-ingestion) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-kg) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-normalize-map) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-ocr) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-rag-indexer) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-rag-retriever) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-reason) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-rpa) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (ui-review) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (svc-coverage) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (svc-extract) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (svc-kg) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (svc-rag-retriever) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (ui-review) (push) Has been cancelled
CI/CD Pipeline / Generate SBOM (push) Has been cancelled
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
CI/CD Pipeline / Notifications (push) Has been cancelled
Some checks failed
CI/CD Pipeline / Code Quality & Linting (push) Has been cancelled
CI/CD Pipeline / Policy Validation (push) Has been cancelled
CI/CD Pipeline / Test Suite (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-coverage) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-extract) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-firm-connectors) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-forms) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-hmrc) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-ingestion) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-kg) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-normalize-map) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-ocr) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-rag-indexer) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-rag-retriever) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-reason) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-rpa) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (ui-review) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (svc-coverage) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (svc-extract) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (svc-kg) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (svc-rag-retriever) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (ui-review) (push) Has been cancelled
CI/CD Pipeline / Generate SBOM (push) Has been cancelled
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
CI/CD Pipeline / Notifications (push) Has been cancelled
This commit is contained in:
harkon
@@ -248,3 +248,60 @@ entries:
|
|||||||
meta_description: "Grafana monitoring (Production)"
|
meta_description: "Grafana monitoring (Production)"
|
||||||
meta_publisher: "Grafana Labs"
|
meta_publisher: "Grafana Labs"
|
||||||
policy_engine_mode: "any"
|
policy_engine_mode: "any"
|
||||||
|
|
||||||
|
# --- Policies --------------------------------------------------------------
|
||||||
|
- model: authentik_policies_expression.expressionpolicy
|
||||||
|
state: present
|
||||||
|
identifiers:
|
||||||
|
name: "Always Allow"
|
||||||
|
attrs:
|
||||||
|
expression: "return True"
|
||||||
|
|
||||||
|
- model: authentik_policies.policybinding
|
||||||
|
state: present
|
||||||
|
identifiers:
|
||||||
|
policy:
|
||||||
|
!Find [
|
||||||
|
authentik_policies_expression.expressionpolicy,
|
||||||
|
[name, "Always Allow"],
|
||||||
|
]
|
||||||
|
target:
|
||||||
|
!Find [authentik_core.application, [slug, "ai-tax-agent-api-prod"]]
|
||||||
|
attrs:
|
||||||
|
order: 0
|
||||||
|
|
||||||
|
- model: authentik_policies.policybinding
|
||||||
|
state: present
|
||||||
|
identifiers:
|
||||||
|
policy:
|
||||||
|
!Find [
|
||||||
|
authentik_policies_expression.expressionpolicy,
|
||||||
|
[name, "Always Allow"],
|
||||||
|
]
|
||||||
|
target: !Find [authentik_core.application, [slug, "minio-prod"]]
|
||||||
|
attrs:
|
||||||
|
order: 0
|
||||||
|
|
||||||
|
- model: authentik_policies.policybinding
|
||||||
|
state: present
|
||||||
|
identifiers:
|
||||||
|
policy:
|
||||||
|
!Find [
|
||||||
|
authentik_policies_expression.expressionpolicy,
|
||||||
|
[name, "Always Allow"],
|
||||||
|
]
|
||||||
|
target: !Find [authentik_core.application, [slug, "vault-prod"]]
|
||||||
|
attrs:
|
||||||
|
order: 0
|
||||||
|
|
||||||
|
- model: authentik_policies.policybinding
|
||||||
|
state: present
|
||||||
|
identifiers:
|
||||||
|
policy:
|
||||||
|
!Find [
|
||||||
|
authentik_policies_expression.expressionpolicy,
|
||||||
|
[name, "Always Allow"],
|
||||||
|
]
|
||||||
|
target: !Find [authentik_core.application, [slug, "grafana-prod"]]
|
||||||
|
attrs:
|
||||||
|
order: 0
|
||||||
|
|||||||
@@ -135,7 +135,7 @@ services:
|
|||||||
- apa-authentik-db
|
- apa-authentik-db
|
||||||
- apa-authentik-redis
|
- apa-authentik-redis
|
||||||
volumes:
|
volumes:
|
||||||
- ./authentik:/blueprints/custom
|
- ./authentik:/blueprints/ai-tax-agent
|
||||||
|
|
||||||
apa-authentik-outpost:
|
apa-authentik-outpost:
|
||||||
image: ghcr.io/goauthentik/proxy:2025.8.3
|
image: ghcr.io/goauthentik/proxy:2025.8.3
|
||||||
|
|||||||
Reference in New Issue
Block a user