feat: Cache docker builds

docker-bake.hcl

@@ -6,9 +6,23 @@ group "default" {
 }
 
 target "docker-metadata-action" {}
+target "cache" {
+  cache-from = [
+    {
+      type = "gha",
+    }
+  ]
+
+  cache-to = [
+    {
+      type = "gha",
+      mode = "max"
+    }
+  ]
+}
 
 target "authelia-controller" {
-  inherits = ["docker-metadata-action"]
+  inherits = ["docker-metadata-action", "cache"]
   context = "./"
   dockerfile = "Dockerfile"
   tags = [for tag in target.docker-metadata-action.tags : "${TAG_BASE}:${tag}"]
@@ -16,6 +30,7 @@ target "authelia-controller" {
 }
 
 target "manifests" {
+  inherits = ["cache"]
   context = "./"
   dockerfile = "Dockerfile"
   target = "manifests"

manifests/cluster-role-binding.yaml

@@ -6,6 +6,7 @@ metadata:
 subjects:
   - kind: ServiceAccount
     name: authelia-controller
+    namespace: authelia
 roleRef:
   kind: ClusterRole
   name: authelia-controller

src/resources/access_control_rule.rs

@@ -45,6 +45,7 @@ pub struct AccessControlRuleSpec {
 #[derive(Serialize, Deserialize, Clone, Debug, Hash)]
 struct AccessControl {
     rules: Vec<AccessControlRuleSpec>,
+    default_policy: AccessPolicy,
 }
 
 #[derive(Serialize, Deserialize, Clone, Debug, Hash)]
@@ -60,14 +61,22 @@ impl AccessControlRule {
         debug!("Updating acl");
         rules.sort_by_cached_key(|rule| rule.name_any());
 
-        let rules = rules
+        let rules: Vec<_> = rules
             .iter()
             .inspect(|rule| trace!(name = rule.name_any(), "Rule found"))
             .map(|rule| rule.spec.clone())
             .collect();
 
         let top = TopLevel {
-            access_control: AccessControl { rules },
+            access_control: AccessControl {
+                // TODO: Make sure configurable?
+                default_policy: if rules.is_empty() {
+                    AccessPolicy::OneFactor
+                } else {
+                    AccessPolicy::Deny
+                },
+                rules,
+            },
         };
 
         let contents = BTreeMap::from([(