From 630e0e6bf2bca55c966d54d77e53f293aad9398e Mon Sep 17 00:00:00 2001
From: "Jens L." <jens@goauthentik.io>
Date: Mon, 25 Nov 2024 14:59:07 +0100
Subject: [PATCH] ci: only mirror if secret is available (#12181)

* ci: only mirror if secret is available

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix unrelated issues

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 .github/workflows/repo-mirror.yml     | 6 +++++-
 authentik/blueprints/v1/tasks.py      | 2 +-
 authentik/crypto/tasks.py             | 2 +-
 authentik/lib/sync/outgoing/tasks.py  | 4 ++--
 authentik/policies/expiry/models.py   | 5 +++--
 authentik/policies/password/models.py | 2 +-
 scripts/npm_version.py                | 2 +-
 7 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/repo-mirror.yml b/.github/workflows/repo-mirror.yml
index 7a89a88a63..f9e64b7546 100644
--- a/.github/workflows/repo-mirror.yml
+++ b/.github/workflows/repo-mirror.yml
@@ -4,14 +4,18 @@ on: [push, delete]
 
 jobs:
   to_internal:
+    if: ${{ github.repository != 'goauthentik/authentik-internal' }}
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      - uses: pixta-dev/repository-mirroring-action@v1
+      - if: ${{ env.MIRROR_KEY != '' }}
+        uses: pixta-dev/repository-mirroring-action@v1
         with:
           target_repo_url:
             git@github.com:goauthentik/authentik-internal.git
           ssh_private_key:
             ${{ secrets.GH_MIRROR_KEY }}
+        env:
+          MIRROR_KEY: ${{ secrets.GH_MIRROR_KEY }}
diff --git a/authentik/blueprints/v1/tasks.py b/authentik/blueprints/v1/tasks.py
index c8b72a5dc2..73e712b8f8 100644
--- a/authentik/blueprints/v1/tasks.py
+++ b/authentik/blueprints/v1/tasks.py
@@ -159,7 +159,7 @@ def blueprints_discovery(self: SystemTask, path: str | None = None):
         check_blueprint_v1_file(blueprint)
         count += 1
     self.set_status(
-        TaskStatus.SUCCESSFUL, _("Successfully imported %(count)d files." % {"count": count})
+        TaskStatus.SUCCESSFUL, _("Successfully imported {count} files.".format(count=count))
     )
 
 
diff --git a/authentik/crypto/tasks.py b/authentik/crypto/tasks.py
index 43704e7682..bce3f998c7 100644
--- a/authentik/crypto/tasks.py
+++ b/authentik/crypto/tasks.py
@@ -85,5 +85,5 @@ def certificate_discovery(self: SystemTask):
         if dirty:
             cert.save()
     self.set_status(
-        TaskStatus.SUCCESSFUL, _("Successfully imported %(count)d files." % {"count": discovered})
+        TaskStatus.SUCCESSFUL, _("Successfully imported {count} files.".format(count=discovered))
     )
diff --git a/authentik/lib/sync/outgoing/tasks.py b/authentik/lib/sync/outgoing/tasks.py
index 4ce74df1f9..c2bbce090e 100644
--- a/authentik/lib/sync/outgoing/tasks.py
+++ b/authentik/lib/sync/outgoing/tasks.py
@@ -82,7 +82,7 @@ class SyncTasks:
                 return
             try:
                 for page in users_paginator.page_range:
-                    messages.append(_("Syncing page %(page)d of users" % {"page": page}))
+                    messages.append(_("Syncing page {page} of users".format(page=page)))
                     for msg in sync_objects.apply_async(
                         args=(class_to_path(User), page, provider_pk),
                         time_limit=PAGE_TIMEOUT,
@@ -90,7 +90,7 @@ class SyncTasks:
                     ).get():
                         messages.append(LogEvent(**msg))
                 for page in groups_paginator.page_range:
-                    messages.append(_("Syncing page %(page)d of groups" % {"page": page}))
+                    messages.append(_("Syncing page {page} of groups".format(page=page)))
                     for msg in sync_objects.apply_async(
                         args=(class_to_path(Group), page, provider_pk),
                         time_limit=PAGE_TIMEOUT,
diff --git a/authentik/policies/expiry/models.py b/authentik/policies/expiry/models.py
index 6df91ef534..2c7884af43 100644
--- a/authentik/policies/expiry/models.py
+++ b/authentik/policies/expiry/models.py
@@ -43,8 +43,9 @@ class PasswordExpiryPolicy(Policy):
                 request.user.set_unusable_password()
                 request.user.save()
                 message = _(
-                    "Password expired %(days)d days ago. Please update your password."
-                    % {"days": days_since_expiry}
+                    "Password expired {days} days ago. Please update your password.".format(
+                        days=days_since_expiry
+                    )
                 )
                 return PolicyResult(False, message)
             return PolicyResult(False, _("Password has expired."))
diff --git a/authentik/policies/password/models.py b/authentik/policies/password/models.py
index ede76c9f3a..15df0502cf 100644
--- a/authentik/policies/password/models.py
+++ b/authentik/policies/password/models.py
@@ -135,7 +135,7 @@ class PasswordPolicy(Policy):
         LOGGER.debug("got hibp result", count=final_count, hash=pw_hash[:5])
         if final_count > self.hibp_allowed_count:
             LOGGER.debug("password failed", check="hibp", count=final_count)
-            message = _("Password exists on %(count)d online lists." % {"count": final_count})
+            message = _("Password exists on {count} online lists.".format(count=final_count))
             return PolicyResult(False, message)
         return PolicyResult(True)
 
diff --git a/scripts/npm_version.py b/scripts/npm_version.py
index 8ce53d8ace..5c7df4adcf 100644
--- a/scripts/npm_version.py
+++ b/scripts/npm_version.py
@@ -4,4 +4,4 @@ from time import time
 
 from authentik import __version__
 
-print("%s-%d" % (__version__, time()))
+print(f"{__version__}-{int(time())}")