core: add user settable token durations (#7410) #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: authentik-api-py-publish | |
| on: | |
| push: | |
| branches: [main] | |
| paths: | |
| - "schema.yml" | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| steps: | |
| - id: generate_token | |
| uses: tibdex/github-app-token@v2 | |
| with: | |
| app_id: ${{ secrets.GH_APP_ID }} | |
| private_key: ${{ secrets.GH_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.generate_token.outputs.token }} | |
| - name: Install poetry & deps | |
| shell: bash | |
| run: | | |
| pipx install poetry || true | |
| sudo apt-get update | |
| sudo apt-get install --no-install-recommends -y libpq-dev openssl libxmlsec1-dev pkg-config gettext | |
| - name: Setup python and restore poetry | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version-file: "pyproject.toml" | |
| cache: "poetry" | |
| - name: Generate API Client | |
| run: make gen-client-py | |
| - name: Publish package | |
| working-directory: gen-py-api/ | |
| run: | | |
| poetry build | |
| - name: Publish package to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| packages-dir: gen-py-api/dist/ | |
| # We can't easily upgrade the API client being used due to poetry being poetry | |
| # so we'll have to rely on dependabot | |
| # - name: Upgrade / | |
| # run: | | |
| # export VERSION=$(cd gen-py-api && poetry version -s) | |
| # poetry add "authentik_client=$VERSION" --allow-prereleases --lock | |
| # - uses: peter-evans/create-pull-request@v6 | |
| # id: cpr | |
| # with: | |
| # token: ${{ steps.generate_token.outputs.token }} | |
| # branch: update-root-api-client | |
| # commit-message: "root: bump API Client version" | |
| # title: "root: bump API Client version" | |
| # body: "root: bump API Client version" | |
| # delete-branch: true | |
| # signoff: true | |
| # # ID from https://api.github.com/users/authentik-automation[bot] | |
| # author: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> | |
| # - uses: peter-evans/enable-pull-request-automerge@v3 | |
| # with: | |
| # token: ${{ steps.generate_token.outputs.token }} | |
| # pull-request-number: ${{ steps.cpr.outputs.pull-request-number }} | |
| # merge-method: squash |