goauthentik
Bootstrapping Authentik e.g. for GitOps
Is your feature request related to a problem? Please describe. I‘d like to be able to deploy a fully configured cluster with multiple services and a pre-determined user base. Manually configuring a new authentik installation with users, applications and providers is inconvenient.
Describe the solution you'd like Being able to provide a seeding/bootstrapping configuration to authentik to pre-fill the installation in a GitOps way would be great.
Describe alternatives you've considered
- Writing a shell script which calls the API to pre-populate the environment after it becomes available for the first time
- Seeding the information in the same JSON format via env variables which are imported as if they arrive via API calls. Read on first start as e.g. AUTHENTIK_BOOTSTRAP_PASSWORD
- Implementing a crossplane-provider to dynamically keep authentik up to date. That‘s probably what I‘ll try, as I wanted to try out crossplane either way.
@BeryJu I have a first working draft of the crossplane provider based on the terraform provider: https://github.com/simonkaiser9/provider-jet-authentik
Is this something you are interested in having? I'll work on it some more, currently it only manages users, for my use case groups, applications and providers are a minimum requirement, but I'd be willing to make it more or less complete, if anybody else likes the idea.
Looks like a promising feature. I'd love to have my auth configuration in version control. +1 for GitOps.
This can be done natively now with https://docs.goauthentik.io/developer-docs/blueprints/
Additionally this will be made easier by #5675 in the future
