404 errors for flows on full development environment

konradmoesch commented 1 month ago

Describe the bug I have set up a development environment of authentik as described in the docs (https://docs.goauthentik.io/developer-docs/setup/full-dev-environment). After pulling the main branch and following the instructions, I get various 404 errors:

http://localhost:9000/if/flow/initial-setup/ shows: Page not found (404) No Flow matches the given query.
http://localhost:9000/ redirects to http://localhost:9000/flows/-/default/authentication/?next=/ and also shows a 404 error:
```
Page not found (404)
```

Request Method: GET Request URL: http://localhost:9000/flows/-/default/authentication/?next=/ raised by: authentik.flows.views.executor.ToDefaultFlow



**To Reproduce**
Steps to reproduce the behavior:

1. Follow instructions on docs (https://docs.goauthentik.io/developer-docs/setup/full-dev-environment)

**Expected behavior**
The web interface should be shown correctly

**Logs**
[ak_server_output.txt](https://github.com/user-attachments/files/16202831/ak_server_output.txt)
[docker_compose_output.txt](https://github.com/user-attachments/files/16202877/docker_compose_output.txt)

**Version and Deployment:**

-   authentik version: full dev environment based on main branch (commit 8f7fe8e)
-   Deployment: none; local dev env

**Additional context**
I was able to run the set up the dev environment some time ago (version 2024.4). I have deleted and cloned the repository, deleted and rerun `docker compose` and have tried `make dev-reset`

verkaufer commented 1 month ago

I ran into this yesterday as well. I discussed with @BeryJu in Discord and we think there's a bug with how Authentik bootstraps the system & default Blueprints

The local database records all issues with system tasks in the authentik_events_systemtask table, and I was able to pull out a few notable errors (attached below).

The most common error is [ErrorDetail(string='Invalid pk \"1476efb9-e3a0-4116-a0d6-f89167ab54a6\" - object does not exist.', code='does_not_exist') which points me to an issue during Importer.apply() 🤔

Unable to create `akadmin`

Toggle to view error

```json "event": "Entry invalid: Serializer errors {'groups': [ErrorDetail(string='Invalid pk \"79c2bb83-6b76-41a9-859d-51cd3012a24b\" - object does not exist.', code='does_not_exist')]}", "logger": "authentik.blueprints.v1.importer", "log_level": "warning", "timestamp": "2024-07-13T19:11:22.726612", "attributes": { "entry": { "id": "admin-user", "attrs": { "name": "authentik Default Admin", "email": "", "groups": [ "" ], "password": "" }, "model": "authentik_core.user", "state": "created", "_state": { "instance": null }, "conditions": [], "identifiers": { "username": "" } }, "error": "Serializer errors {'groups': [ErrorDetail(string='Invalid pk \"79c2bb83-6b76-41a9-859d-51cd3012a24b\" - object does not exist.', code='does_not_exist')]}", ```

Unable to create system flows

This is one of the many blueprints that failed to import. Error below is for the default-out-of-box-experience flow

Toggle to view event log

```json [ { "event": "Initialised new serializer instance", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.099393", "attributes": { "slug": "initial-setup", "model": { "type": "Flow", "module": "authentik.flows.models" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Invalidating Flow cache", "logger": "authentik.flows.signals", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.107934", "attributes": { "len": 0, "flow": { "pk": "1a1a98cd8a314e25b59fac6a3c7e177b", "app": "authentik_flows", "name": "default-oobe-setup", "model_name": "flow" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Updated model", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.108001", "attributes": { "model": { "pk": "1a1a98cd8a314e25b59fac6a3c7e177b", "app": "authentik_flows", "name": "default-oobe-setup", "model_name": "flow" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Initialised new serializer instance", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.110336", "attributes": { "name": "initial-setup-field-header", "model": { "type": "Prompt", "module": "authentik.stages.prompt.models" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Updated model", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.115493", "attributes": { "model": { "pk": "1476efb9e3a04116a0d6f89167ab54a6", "app": "authentik_stages_prompt", "name": "initial-setup-field-header", "model_name": "prompt" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Initialised new serializer instance", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.117908", "attributes": { "name": "initial-setup-field-email", "model": { "type": "Prompt", "module": "authentik.stages.prompt.models" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Updated model", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.123029", "attributes": { "model": { "pk": "8d9cd0ecc72649b9a1019b9b1e8da82e", "app": "authentik_stages_prompt", "name": "initial-setup-field-email", "model_name": "prompt" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Initialised new serializer instance", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.125445", "attributes": { "name": "initial-setup-field-password", "model": { "type": "Prompt", "module": "authentik.stages.prompt.models" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Updated model", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.130967", "attributes": { "model": { "pk": "492d862b8abd4b3180e221eb4cf457e8", "app": "authentik_stages_prompt", "name": "initial-setup-field-password", "model_name": "prompt" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Initialised new serializer instance", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.133451", "attributes": { "name": "initial-setup-field-password-repeat", "model": { "type": "Prompt", "module": "authentik.stages.prompt.models" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Updated model", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.138689", "attributes": { "model": { "pk": "2c5adf3c689b485ab3628168856cc566", "app": "authentik_stages_prompt", "name": "initial-setup-field-password-repeat", "model_name": "prompt" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Initialised new serializer instance", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.141379", "attributes": { "name": "default-oobe-prefill-user", "model": { "type": "ExpressionPolicy", "module": "authentik.policies.expression.models" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Updated model", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.148309", "attributes": { "model": { "pk": "672422946ded484581f599d7d328f3d4", "app": "authentik_policies_expression", "name": "default-oobe-prefill-user", "model_name": "expressionpolicy" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Initialised new serializer instance", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.151157", "attributes": { "name": "default-oobe-password-usable", "model": { "type": "ExpressionPolicy", "module": "authentik.policies.expression.models" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Updated model", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.158208", "attributes": { "model": { "pk": "00719c772aff4d4194fb6fda5896abae", "app": "authentik_policies_expression", "name": "default-oobe-password-usable", "model_name": "expressionpolicy" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Initialised new serializer instance", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.161074", "attributes": { "name": "default-oobe-flow-set-authentication", "model": { "type": "ExpressionPolicy", "module": "authentik.policies.expression.models" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Updated model", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.168294", "attributes": { "model": { "pk": "67b821b139f74eb9a68b3d13e612daa0", "app": "authentik_policies_expression", "name": "default-oobe-flow-set-authentication", "model_name": "expressionpolicy" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Initialised new serializer instance", "logger": "authentik.blueprints.v1.importer", "log_level": "debug", "timestamp": "2024-07-13T20:58:55.170853", "attributes": { "name": "stage-default-oobe-password", "model": { "type": "PromptStage", "module": "authentik.stages.prompt.models" }, "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Entry invalid: Serializer errors {'fields': [ErrorDetail(string='Invalid pk \"1476efb9-e3a0-4116-a0d6-f89167ab54a6\" - object does not exist.', code='does_not_exist')]}", "logger": "authentik.blueprints.v1.importer", "log_level": "warning", "timestamp": "2024-07-13T20:58:55.176598", "attributes": { "entry": { "id": "stage-default-oobe-password", "attrs": { "fields": [ "", "", "", "" ], "validation_policies": [] }, "model": "authentik_stages_prompt.promptstage", "state": "present", "_state": { "instance": null }, "conditions": [], "identifiers": { "name": "stage-default-oobe-password" } }, "error": "Serializer errors {'fields': [ErrorDetail(string='Invalid pk \"1476efb9-e3a0-4116-a0d6-f89167ab54a6\" - object does not exist.', code='does_not_exist')]}", "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } }, { "event": "Blueprint validation failed", "logger": "authentik.blueprints.v1.importer", "log_level": "warning", "timestamp": "2024-07-13T20:58:55.176658", "attributes": { "task_id": "task-718938560d444a82beedb66a3f9f5cb7", "domain_url": null, "schema_name": "public" } } ] ```

kensternberg-authentik commented 4 weeks ago

I have this problem as well, and have tracked down the commit that introduced it using git bisect and a test case: https://github.com/goauthentik/authentik/commit/a5467c6e1997e3d6bd4ee81748411cd4b870ce0e

We still haven't figured out why this particular commit caused it.

goauthentik / authentik