feat: Default access policy one factor if no rules

2025-12-23 03:23:43 +01:00
2 changed files with 8 additions and 25 deletions
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -6,23 +6,9 @@ group "default" {
 }

 target "docker-metadata-action" {}
-target "cache" {
-  cache-from = [
-    {
-      type = "gha",
-    }
-  ]
-
-  cache-to = [
-    {
-      type = "gha",
-      mode = "max"
-    }
-  ]
-}

 target "authelia-controller" {
-  inherits = ["docker-metadata-action", "cache"]
+  inherits = ["docker-metadata-action"]
  context = "./"
  dockerfile = "Dockerfile"
  tags = [for tag in target.docker-metadata-action.tags : "${TAG_BASE}:${tag}"]
@@ -30,7 +16,6 @@ target "authelia-controller" {
 }

 target "manifests" {
-  inherits = ["cache"]
  context = "./"
  dockerfile = "Dockerfile"
  target = "manifests"
--- a/src/resources/access_control_rule.rs
+++ b/src/resources/access_control_rule.rs
@@ -45,11 +45,11 @@ pub struct AccessControlRuleSpec {
 #[derive(Serialize, Deserialize, Clone, Debug, Hash)]
 struct AccessControl {
    rules: Vec<AccessControlRuleSpec>,
-    default_policy: AccessPolicy,
 }

 #[derive(Serialize, Deserialize, Clone, Debug, Hash)]
 struct TopLevel {
+    default_policy: AccessPolicy,
    access_control: AccessControl,
 }

@@ -68,15 +68,13 @@ impl AccessControlRule {
            .collect();

        let top = TopLevel {
-            access_control: AccessControl {
            // TODO: Make sure configurable?
            default_policy: if rules.is_empty() {
                AccessPolicy::OneFactor
            } else {
                AccessPolicy::Deny
            },
-                rules,
-            },
+            access_control: AccessControl { rules },
        };

        let contents = BTreeMap::from([(