dandri/matrix-authentication-service
1
0
Fork 0
mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-06-06 15:32:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,103 Commits 96 Branches 90 Tags
186b54f241d891bbdfd6c1e1c8a15a8071c2fca9
Commit Graph

7103 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eric Eastwood 186b54f241 Schedule SyncDevicesJob after dangerous_hard_limit_eviction so the homeserver stays up to date (#5679) 
Follow-up to https://github.com/element-hq/matrix-authentication-service/pull/5607#discussion_r3189451555
 2026-05-20 12:26:07 -05:00
Eric Eastwood b73e06aded Update comment langauge and add it to other login spots 2026-05-20 11:58:36 -05:00
Eric Eastwood 7764e9e296 Formatting 2026-05-20 11:48:37 -05:00
Eric Eastwood 2aba54c4ba Update reason for why synchronous device creation 
See https://github.com/element-hq/matrix-authentication-service/pull/5679#discussion_r3237767718
 2026-05-20 11:47:18 -05:00
Eric Eastwood 502cf66024 Merge branch 'main' into madlittlemods/sync-devices-after-hard-limit-eviction 2026-05-20 11:45:02 -05:00
Quentin Gliech 89080983c4 Split multi-arch Docker build into parallel jobs (#5474) 2026-05-20 15:47:00 +02:00
Quentin Gliech eeea952b55 Add a comment about the artefact collection 2026-05-20 15:24:19 +02:00
Quentin Gliech 7834229784 Re-add DOCKER_METADATA_ANNOTATIONS_LEVELS to narrow annotations to the index 
`docker buildx imagetools create --annotation manifest:KEY=VALUE` errors
out with "manifest annotations are not supported yet". metadata-action
defaults to emitting `manifest:` prefixed entries, so without an explicit
`DOCKER_METADATA_ANNOTATIONS_LEVELS: index` the finalize step blows up
the first time it sees a non-empty annotations list.
 2026-05-20 15:22:56 +02:00
Quentin Gliech 63deb0b1fd Don't specify DOCKER_METADATA_ANNOTATIONS_LEVELS 
We're injecting annotations manually anyway
 2026-05-20 14:42:17 +02:00
Quentin Gliech d88db7deff Simplify the injection of annotations in the final manifest 2026-05-20 14:41:53 +02:00
Quentin Gliech c2dc7c11a9 Split multi-arch Docker build into parallel jobs 
- Modify Dockerfile to build single architecture based on TARGETARCH instead of cross-compiling both targets in one run
- Replace single build-image job with matrix job (amd64, arm64)
- Add finalize-image job that creates multi-arch manifests using `docker buildx imagetools create` and signs the final images
- Each architecture gets its own build cache

This enables parallel builds of each architecture, reducing total build time by running both simultaneously rather than sequentially.
 2026-05-20 12:57:22 +02:00
Quentin Gliech 750de33486 Push MAS docker images to Element OCI Registry (#5459) 2026-05-20 11:58:11 +02:00
Quentin Gliech 6946e57ffd Fix the release notes reference to the image 2026-05-20 10:58:01 +02:00
Quentin Gliech b9cddc84b6 Remove unused apalis dependabot config (#5685) 2026-05-20 10:57:12 +02:00
Quentin Gliech 2d6176308d Merge branch 'main' into hughns/apalis-dependabot 2026-05-20 10:45:24 +02:00
Quentin Gliech efb878e0a3 Increase dependabot interval from daily to monthly (#5686) 2026-05-20 10:44:51 +02:00
Quentin Gliech e833483070 Bump OCI login action to v4.1.0 to match the GHCR login 2026-05-20 10:44:20 +02:00
Quentin Gliech c52161d420 Merge remote-tracking branch 'origin/main' into devon/element-docker 2026-05-20 10:14:18 +02:00
Quentin Gliech bb6efd95b8 Fix the transformation of the Docker build metadata in CI (#5683) 2026-05-20 10:12:00 +02:00
Quentin Gliech 815e9ef19a Skip oci.element.io push on PR-labelled builds 
Tailscale + Vault JWT auth needs a `push`-event OIDC token, so gate the
oci-push registry image and its login steps on `github.event_name == 'push'`.
PR-labelled builds (`Z-Build-Workflow`) push only to ghcr.io.
 2026-05-20 09:50:18 +02:00
Quentin Gliech f0100c4fa8 Disable provenance in the metadata output 2026-05-20 09:34:26 +02:00
matrixbot 4e99e36f87 Automatic merge back to main (#5690) 2026-05-19 16:30:37 +02:00
github-actions[bot] 3ab421191e 1.17.0 v1.17.0 2026-05-19 14:19:56 +00:00
Olivier 'reivilibre de3de3b169 Translations updates for v1.17 (#5689) 2026-05-19 15:17:15 +01:00
Olivier 'reivilibre 53557cb6cd Merge branch 'release/v1.17' into actions/localazy-download/v1.17 2026-05-19 15:08:03 +01:00
Quentin Gliech e2771abd55 Bump lettre to mitigate RUSTSEC-2026-0141 
This also bumps rustls-platform-verifier to avoid duplicated dependencies in the tree
 2026-05-19 14:57:56 +01:00
github-actions[bot] eb58397b05 Translations updates 2026-05-19 13:46:32 +00:00
Hugh Nimmo-Smith 676e2fc75f Increase dependabot interval from daily to monthly 2026-05-15 14:04:43 +01:00
Hugh Nimmo-Smith 5976430070 Remove unused apalis dependabot config 2026-05-15 14:00:53 +01:00
Quentin Gliech f6195402b1 Merge branch 'main' into quenting/fix-ci-bake-metadata 2026-05-15 13:51:35 +02:00
Quentin Gliech 0b52a8573a Bump lettre to appease cargo-deny on RUSTSEC-2026-0141 (#5684) 2026-05-15 13:51:16 +02:00
Quentin Gliech be444b5f1a Bump lettre to mitigate RUSTSEC-2026-0141 
This also bumps rustls-platform-verifier to avoid duplicated dependencies in the tree
 2026-05-15 13:36:08 +02:00
Quentin Gliech f99f4f5fba Fix the transformation of the Docker build metadata in CI 
This broke in #5664 due to STEPS_BAKE_OUTPUTS_METADATA being too large
to be passed as an argument to a shell script.

This replaces the `jq` call with a javascript action which transforms
the output.
 2026-05-15 13:29:55 +02:00
Eric Eastwood 1cf0243d07 Fix TestState.reset() to retain mock homeserver in-memory state (#5678) 
Spawning from https://github.com/element-hq/matrix-authentication-service/pull/5670#discussion_r3222243619

---------

Co-authored-by: Quentin Gliech <quenting@element.io>
 2026-05-14 12:25:58 -05:00
Eric Eastwood f21e59b50d Explain as opposed to 2026-05-13 17:27:07 -05:00
Eric Eastwood 5eadefa729 Fix lints 2026-05-13 17:15:38 -05:00
Eric Eastwood 09139721c0 Add logout reasoning 2026-05-13 17:10:02 -05:00
Eric Eastwood 25f6b21990 Schedule SyncDevicesJob after dangerous_hard_limit_eviction 2026-05-13 16:54:44 -05:00
Eric Eastwood 9290c46ea8 Add reasoning for why upsert device immediately when logging in 
From https://github.com/element-hq/matrix-authentication-service/pull/5607#discussion_r3232971115
 2026-05-13 16:39:33 -05:00
Eric Eastwood 1e84c6962a Merge branch 'main' into madlittlemods/fix-test-state-reset 2026-05-13 15:56:14 -05:00
Eric Eastwood 2fea1fee7c Fix TestState.reset() to retain mock homeserver im-memory state 2026-05-13 15:43:27 -05:00
Quentin Gliech aecb172209 Add oauth.device_code_grant_enabled configuration option (#5612) 2026-05-13 21:40:02 +02:00
Quentin Gliech 890042e6a9 Drop the device code grant type if it's disabled instead of rejecting the registration 2026-05-13 21:29:04 +02:00
Andrew Morgan 566d67b76f Harden the security of our GitHub Actions (#5664) 2026-05-13 15:08:17 +01:00
Andrew Morgan 451761c39c Note that clippy is synced to the Dockerfile Rust version 2026-05-13 12:50:21 +02:00
Andrew Morgan c69b4e0cc2 Correct STEPS_BAKE_OUTPUTS_METADATA line 
Looks like this is an edge case in zizmor.
 2026-05-13 12:49:06 +02:00
Andrew Morgan ea9f324e75 Use --override to set default toolchain 
And remove now unnecessary rustup default calls.
 2026-05-13 12:45:49 +02:00
Andrew Morgan 49ad5c79e1 Use Rust 1.93.0 for clippy CI job 
Revert from stable (1.95.0), which introduced new lints. We'll tackle those in a separate PR.
 2026-05-13 10:58:26 +02:00
Andrew Morgan 9841b24a0c Revert 1.95.0 clippy lints 
Let's do these in a separate PR.
 2026-05-13 10:58:26 +02:00
Eric Eastwood 9db7cf0aac Document how to manually test login flows (#5642) 2026-05-12 15:52:53 -05:00