Skip to content

crypto: separate permissions for certificate and private keydownload#18588

Merged
BeryJu merged 1 commit intomainfrom
crypto/separate-certs
Dec 4, 2025
Merged

crypto: separate permissions for certificate and private keydownload#18588
BeryJu merged 1 commit intomainfrom
crypto/separate-certs

Conversation

@BeryJu
Copy link
Member

@BeryJu BeryJu commented Dec 4, 2025
edited
Loading

@BeryJu
crypto: separate permissions for certificate and private keydownload
11d266d 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu requested a review from a team as a code owner December 4, 2025 00:49
@netlify
Copy link

netlify bot commented Dec 4, 2025
edited
Loading

Deploy Preview for authentik-docs ready!

Name Link
🔨 Latest commit 11d266d
🔍 Latest deploy log https://app.netlify.com/projects/authentik-docs/deploys/6930da9b3e4b2400087736b6
😎 Deploy Preview https://deploy-preview-18588--authentik-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@netlify
Copy link

netlify bot commented Dec 4, 2025
edited
Loading

Deploy Preview for authentik-storybook canceled.

Name Link
🔨 Latest commit 11d266d
🔍 Latest deploy log https://app.netlify.com/projects/authentik-storybook/deploys/6930da9bb8f26100086e7b17

@netlify
Copy link

netlify bot commented Dec 4, 2025
edited
Loading

Deploy Preview for authentik-integrations canceled.

Name Link
🔨 Latest commit 11d266d
🔍 Latest deploy log https://app.netlify.com/projects/authentik-integrations/deploys/6930da9b0f07c600085b1ada

@BeryJu
Copy link
Member Author

BeryJu commented Dec 4, 2025

@goauthentik/docs Not sure if we need to document this/how we want to handle migrations

@codecov
Copy link

codecov bot commented Dec 4, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.19%. Comparing base (29a9e31) to head (11d266d).
⚠️ Report is 20 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #18588   +/-   ##
=======================================
  Coverage   93.18%   93.19%           
=======================================
  Files         932      932           
  Lines       51095    51106   +11     
=======================================
+ Hits        47614    47628   +14     
+ Misses       3481     3478    -3
Flag Coverage Δ
e2e 44.77% <25.92%> (+0.33%) ⬆️
integration 22.74% <3.70%> (-0.06%) ⬇️
unit 91.46% <100.00%> (+<0.01%) ⬆️
unit-migrate 91.50% <100.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@github-actions
Copy link
Contributor

github-actions bot commented Dec 4, 2025

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-11d266d288d042fd5fe07b787022b100b50738b8
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-11d266d288d042fd5fe07b787022b100b50738b8

Afterwards, run the upgrade commands from the latest release notes.

@dewi-tik dewi-tik mentioned this pull request Dec 4, 2025
Closed
rissson
rissson approved these changes Dec 4, 2025
View reviewed changes
Copy link
Member

@rissson rissson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This might need a release notes entry for users that have automation setup for certificates via the API

@BeryJu BeryJu merged commit 334c017 into main Dec 4, 2025
137 of 139 checks passed
@BeryJu BeryJu deleted the crypto/separate-certs branch December 4, 2025 15:31
@BeryJu BeryJu added this to the Release 2025.12 milestone Dec 4, 2025
kensternberg-authentik added a commit that referenced this pull request Dec 11, 2025
@kensternberg-authentik
Merge branch 'main' into dev
2cd358d 
* main: (40 commits)
  enterprise/stages/mtls: fix traefik certificate parsing (#18607)
  wed/admin: change s to S in "Stage" (#18632)
  flows: refresh unauthenticated tabs (#18621)
  flows: keep ?next url when using cancel (#18619)
  core, web: update translations (#18620)
  ci: bump actions/setup-node from 6.0.0 to 6.1.0 (#18552)
  core: bump goauthentik/fips-debian from `cf233be` to `a80dbbd` (#18594)
  web: bump @sentry/browser from 10.28.0 to 10.29.0 in /web in the sentry group across 1 directory (#18623)
  website/docs: adds note about ak_create_jwt function (#18614)
  api: fix IPC auth (#18612)
  web: bump mermaid from 11.12.1 to 11.12.2 in /web (#18602)
  web: Codemirror fixes (#18610)
  web: bump packages in /web (#18604)
  website/docs: expressions: fix markdown (#18613)
  website/docs: add missing API sidebar entry (#18586)
  web: bump yaml from 2.8.1 to 2.8.2 in /web (#18605)
  web/elements: update AppIcon story with files change (#18608)
  api: test action decorator (#18583)
  crypto: separate permissions for certificate and private keydownload (#18588)
  core: bump github.com/spf13/cobra from 1.10.1 to 1.10.2 (#18592)
  ...
@BeryJu BeryJu mentioned this pull request Dec 16, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rissson rissson rissson approved these changes

Assignees

No one assigned

Labels

area:backend

Projects

None yet

Milestone

Release 2025.12

Development

Successfully merging this pull request may close these issues.

2 participants

@BeryJu @rissson