sources/ldap: add forward deletion option

[gergosimonyi]

Closes #1644

---

Checklist

• Local tests pass (ak test authentik/)
• The code has been formatted (make lint-fix)

If an API change has been made

• The API schema has been updated (make gen-build)

If changes to the frontend have been made

• The code has been formatted (make web)

If applicable

• The documentation has been updated
• The documentation has been formatted (make website)

[netlify]

✅ Deploy Preview for authentik-docs canceled.

Name	Link
🔨 Latest commit	825da1b
🔍 Latest deploy log	https://app.netlify.com/projects/authentik-docs/deploys/6836dff94e783000080e4d8c

[netlify]

✅ Deploy Preview for authentik-storybook canceled.

Name	Link
🔨 Latest commit	825da1b
🔍 Latest deploy log	https://app.netlify.com/projects/authentik-storybook/deploys/6836dff9a869fa00089a9e87

[codecov]

Codecov Report

Attention: Patch coverage is 96.74419% with 7 lines in your changes missing coverage. Please review.

Project coverage is 92.79%. Comparing base (61fc1dc) to head (825da1b).
Report is 7 commits behind head on main.

✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
...thentik/sources/ldap/sync/forward_delete_groups.py	91.17%	3 Missing ⚠️
...uthentik/sources/ldap/sync/forward_delete_users.py	91.42%	3 Missing ⚠️
authentik/sources/ldap/sync/base.py	88.88%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #14718      +/-   ##
==========================================
+ Coverage   92.75%   92.79%   +0.04%     
==========================================
  Files         814      816       +2     
  Lines       41905    42107     +202     
==========================================
+ Hits        38869    39074     +205     
+ Misses       3036     3033       -3     

Flag	Coverage Δ
e2e	47.62% <21.86%> (-0.15%)	⬇️
integration	24.39% <17.20%> (-0.04%)	⬇️
unit	90.63% <96.74%> (+0.05%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[rissson]

This should also be used in other places, like authentik.sources.ldap.sync.users.UserLDAPSynchronizer.sync

[gergosimonyi]

Yeah, maybe? I did my best, see if you like it.

I'm not sure what that additional in check is for (untested code introduced in deb91bd -- should it be something like an isinstance(object, dict) check instead?), but I'm not about to find out, so I did my best to keep the exact same logic for already existing code.

[BeryJu]

Small nits otherwise lgtm

[github-actions]

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-825da1b5abac38e937cc577654d847f5a18b72f4
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-825da1b5abac38e937cc577654d847f5a18b72f4

Afterwards, run the upgrade commands from the latest release notes.