habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

root: replace poetry with uv (#13388)

Browse Source
This commit is contained in:
Marc 'risson' Schmitt
2025-03-19 17:29:18 +01:00
committed by GitHub
parent b6442c233d
commit 868261c883
18 changed files with 3856 additions and 6352 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
.github/actions/setup/action.yml vendored
View File

@ -9,17 +9,22 @@ inputs:
runs:
using: "composite"
steps:
- name: Install poetry & deps
- name: Install apt deps
shell: bash
run: |
pipx install poetry || true
sudo apt-get update
sudo apt-get install --no-install-recommends -y libpq-dev openssl libxmlsec1-dev pkg-config gettext libkrb5-dev krb5-kdc krb5-user krb5-admin-server
- name: Setup python and restore poetry
- name: Install uv
uses: astral-sh/setup-uv@v5
with:
enable-cache: true
- name: Setup python
uses: actions/setup-python@v5
with:
python-version-file: "pyproject.toml"
cache: "poetry"
- name: Install Python deps
shell: bash
run: uv sync --all-extras --dev --frozen
- name: Setup node
uses: actions/setup-node@v4
with:
@ -39,10 +44,9 @@ runs:
run: |
export PSQL_TAG=${{ inputs.postgresql_version }}
docker compose -f .github/actions/setup/docker-compose.yml up -d
poetry sync
cd web && npm ci
- name: Generate config
shell: poetry run python {0}
shell: uv run python {0}
run: |
from authentik.lib.generators import generate_id
from yaml import safe_dump

2
.github/dependabot.yml vendored
View File

@ -98,7 +98,7 @@ updates:
prefix: "lifecycle/aws:"
labels:
- dependencies
- package-ecosystem: pip
- package-ecosystem: uv
directory: "/"
schedule:
interval: daily

2
.github/workflows/ci-aws-cfn.yml vendored
View File

@ -33,7 +33,7 @@ jobs:
npm ci
- name: Check changes have been applied
run: |
poetry run make aws-cfn
uv run make aws-cfn
git diff --exit-code
ci-aws-cfn-mark:
if: always()

32
.github/workflows/ci-main.yml vendored
View File

@ -34,7 +34,7 @@ jobs:
- name: Setup authentik env
uses: ./.github/actions/setup
- name: run job
run: poetry run make ci-${{ matrix.job }}
run: uv run make ci-${{ matrix.job }}
test-migrations:
runs-on: ubuntu-latest
steps:
@ -42,7 +42,7 @@ jobs:
- name: Setup authentik env
uses: ./.github/actions/setup
- name: run migrations
run: poetry run python -m lifecycle.migrate
run: uv run python -m lifecycle.migrate
test-make-seed:
runs-on: ubuntu-latest
steps:
@ -69,19 +69,21 @@ jobs:
fetch-depth: 0
- name: checkout stable
run: |
# Delete all poetry envs
rm -rf /home/runner/.cache/pypoetry
# Copy current, latest config to local
# Temporarly comment the .github backup while migrating to uv
cp authentik/lib/default.yml local.env.yml
cp -R .github ..
# cp -R .github ..
cp -R scripts ..
git checkout $(git tag --sort=version:refname | grep '^version/' | grep -vE -- '-rc[0-9]+$' | tail -n1)
rm -rf .github/ scripts/
mv ../.github ../scripts .
# rm -rf .github/ scripts/
# mv ../.github ../scripts .
rm -rf scripts/
mv ../scripts .
- name: Setup authentik env (stable)
uses: ./.github/actions/setup
with:
postgresql_version: ${{ matrix.psql }}
continue-on-error: true
- name: run migrations to stable
run: poetry run python -m lifecycle.migrate
- name: checkout current code
@ -91,15 +93,13 @@ jobs:
git reset --hard HEAD
git clean -d -fx .
git checkout $GITHUB_SHA
# Delete previous poetry env
rm -rf /home/runner/.cache/pypoetry/virtualenvs/*
- name: Setup authentik env (ensure latest deps are installed)
uses: ./.github/actions/setup
with:
postgresql_version: ${{ matrix.psql }}
- name: migrate to latest
run: |
poetry run python -m lifecycle.migrate
uv run python -m lifecycle.migrate
- name: run tests
env:
# Test in the main database that we just migrated from the previous stable version
@ -108,7 +108,7 @@ jobs:
CI_RUN_ID: ${{ matrix.run_id }}
CI_TOTAL_RUNS: "5"
run: |
poetry run make ci-test
uv run make ci-test
test-unittest:
name: test-unittest - PostgreSQL ${{ matrix.psql }} - Run ${{ matrix.run_id }}/5
runs-on: ubuntu-latest
@ -133,7 +133,7 @@ jobs:
CI_RUN_ID: ${{ matrix.run_id }}
CI_TOTAL_RUNS: "5"
run: |
poetry run make ci-test
uv run make ci-test
- if: ${{ always() }}
uses: codecov/codecov-action@v5
with:
@ -156,8 +156,8 @@ jobs:
uses: helm/kind-action@v1.12.0
- name: run integration
run: |
poetry run coverage run manage.py test tests/integration
poetry run coverage xml
uv run coverage run manage.py test tests/integration
uv run coverage xml
- if: ${{ always() }}
uses: codecov/codecov-action@v5
with:
@ -214,8 +214,8 @@ jobs:
npm run build
- name: run e2e
run: |
poetry run coverage run manage.py test ${{ matrix.job.glob }}
poetry run coverage xml
uv run coverage run manage.py test ${{ matrix.job.glob }}
uv run coverage xml
- if: ${{ always() }}
uses: codecov/codecov-action@v5
with:

4
.github/workflows/gen-update-webauthn-mds.yml vendored
View File

@ -2,7 +2,7 @@ name: authentik-gen-update-webauthn-mds
on:
workflow_dispatch:
schedule:
- cron: '30 1 1,15 * *'
- cron: "30 1 1,15 * *"
env:
POSTGRES_DB: authentik
@ -24,7 +24,7 @@ jobs:
token: ${{ steps.generate_token.outputs.token }}
- name: Setup authentik env
uses: ./.github/actions/setup
- run: poetry run ak update_webauthn_mds
- run: uv run ak update_webauthn_mds
- uses: peter-evans/create-pull-request@v7
id: cpr
with:

4
.github/workflows/publish-source-docs.yml vendored
View File

@ -21,8 +21,8 @@ jobs:
uses: ./.github/actions/setup
- name: generate docs
run: |
poetry run make migrate
poetry run ak build_source_docs
uv run make migrate
uv run ak build_source_docs
- name: Publish
uses: netlify/actions/cli@master
with:

4
.github/workflows/translation-extract-compile.yml vendored
View File

@ -36,10 +36,10 @@ jobs:
run: make gen-client-ts
- name: run extract
run: |
poetry run make i18n-extract
uv run make i18n-extract
- name: run compile
run: |
poetry run ak compilemessages
uv run ak compilemessages
make web-check-compile
- name: Create Pull Request
if: ${{ github.event_name != 'pull_request' }}

46
.vscode/tasks.json vendored
View File

@ -3,8 +3,13 @@
"tasks": [
{
"label": "authentik/core: make",
"command": "poetry",
"args": ["run", "make", "lint-fix", "lint"],
"command": "uv",
"args": [
"run",
"make",
"lint-fix",
"lint"
],
"presentation": {
"panel": "new"
},
@ -12,8 +17,12 @@
},
{
"label": "authentik/core: run",
"command": "poetry",
"args": ["run", "ak", "server"],
"command": "uv",
"args": [
"run",
"ak",
"server"
],
"group": "build",
"presentation": {
"panel": "dedicated",
@ -23,13 +32,17 @@
{
"label": "authentik/web: make",
"command": "make",
"args": ["web"],
"args": [
"web"
],
"group": "build"
},
{
"label": "authentik/web: watch",
"command": "make",
"args": ["web-watch"],
"args": [
"web-watch"
],
"group": "build",
"presentation": {
"panel": "dedicated",
@ -39,19 +52,26 @@
{
"label": "authentik: install",
"command": "make",
"args": ["install", "-j4"],
"args": [
"install",
"-j4"
],
"group": "build"
},
{
"label": "authentik/website: make",
"command": "make",
"args": ["website"],
"args": [
"website"
],
"group": "build"
},
{
"label": "authentik/website: watch",
"command": "make",
"args": ["website-watch"],
"args": [
"website-watch"
],
"group": "build",
"presentation": {
"panel": "dedicated",
@ -60,8 +80,12 @@
},
{
"label": "authentik/api: generate",
"command": "poetry",
"args": ["run", "make", "gen"],
"command": "uv",
"args": [
"run",
"make",
"gen"
],
"group": "build"
}
]

2
CODEOWNERS
View File

@ -10,7 +10,7 @@ schemas/ @goauthentik/backend
scripts/ @goauthentik/backend
tests/ @goauthentik/backend
pyproject.toml @goauthentik/backend
poetry.lock @goauthentik/backend
uv.lock @goauthentik/backend
go.mod @goauthentik/backend
go.sum @goauthentik/backend
# Infrastructure

86
Dockerfile
View File

@ -3,8 +3,7 @@
# Stage 1: Build website
FROM --platform=${BUILDPLATFORM} docker.io/library/node:22 AS website-builder
ENV NODE_ENV=production \
GIT_UNAVAILABLE=true
ENV NODE_ENV=production
WORKDIR /work/website
@ -94,53 +93,59 @@ RUN --mount=type=secret,id=GEOIPUPDATE_ACCOUNT_ID \
mkdir -p /usr/share/GeoIP && \
/bin/sh -c "/usr/bin/entry.sh || echo 'Failed to get GeoIP database, disabling'; exit 0"
# Stage 5: Python dependencies
FROM ghcr.io/goauthentik/fips-python:3.12.8-slim-bookworm-fips AS python-deps
# Stage 5: Download uv
FROM ghcr.io/astral-sh/uv:0.6.6 AS uv
# Stage 6: Base python image
FROM ghcr.io/goauthentik/fips-python:3.12.8-slim-bookworm-fips AS python-base
ENV VENV_PATH="/ak-root/.venv" \
PATH="/lifecycle:/ak-root/.venv/bin:$PATH" \
UV_COMPILE_BYTECODE=1 \
UV_LINK_MODE=copy \
UV_NATIVE_TLS=1 \
UV_PYTHON_DOWNLOADS=0
WORKDIR /ak-root/
COPY --from=uv /uv /uvx /bin/
# Stage 7: Python dependencies
FROM python-base AS python-deps
ARG TARGETARCH
ARG TARGETVARIANT
WORKDIR /ak-root/poetry
ENV VENV_PATH="/ak-root/venv" \
POETRY_VIRTUALENVS_CREATE=false \
PATH="/ak-root/venv/bin:$PATH"
RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
ENV PATH="/root/.cargo/bin:$PATH"
RUN --mount=type=cache,id=apt-$TARGETARCH$TARGETVARIANT,sharing=locked,target=/var/cache/apt \
apt-get update && \
# Required for installing pip packages
apt-get install -y --no-install-recommends build-essential pkg-config libpq-dev libkrb5-dev
RUN --mount=type=bind,target=./pyproject.toml,src=./pyproject.toml \
--mount=type=bind,target=./poetry.lock,src=./poetry.lock \
--mount=type=cache,target=/root/.cache/pip \
--mount=type=cache,target=/root/.cache/pypoetry \
pip install --no-cache cffi && \
apt-get update && \
apt-get install -y --no-install-recommends \
build-essential libffi-dev \
# Required for cryptography
curl pkg-config \
# Required for lxml
# Build essentials
build-essential pkg-config libffi-dev git \
# cryptography
curl \
# libxml
libxslt-dev zlib1g-dev \
# Required for xmlsec
libltdl-dev \
# Required for kadmin
sccache clang && \
curl https://sh.rustup.rs -sSf | sh -s -- -y && \
. "$HOME/.cargo/env" && \
python -m venv /ak-root/venv/ && \
bash -c "source ${VENV_PATH}/bin/activate && \
pip3 install --upgrade pip poetry && \
poetry config --local installer.no-binary cryptography,xmlsec,lxml,python-kadmin-rs && \
poetry install --only=main --no-ansi --no-interaction --no-root && \
pip uninstall cryptography -y && \
poetry install --only=main --no-ansi --no-interaction --no-root"
# postgresql
libpq-dev \
# python-kadmin-rs
clang libkrb5-dev sccache \
# xmlsec
libltdl-dev && \
curl https://sh.rustup.rs -sSf | sh -s -- -y
# Stage 6: Run
FROM ghcr.io/goauthentik/fips-python:3.12.8-slim-bookworm-fips AS final-image
ENV UV_NO_BINARY_PACKAGE="cryptography lxml python-kadmin-rs xmlsec"
RUN --mount=type=bind,target=pyproject.toml,src=pyproject.toml \
--mount=type=bind,target=uv.lock,src=uv.lock \
--mount=type=cache,target=/root/.cache/uv \
uv sync --frozen --no-install-project --no-dev
# Stage 8: Run
FROM python-base AS final-image
ARG VERSION
ARG GIT_BUILD_HASH
@ -172,7 +177,7 @@ RUN apt-get update && \
COPY ./authentik/ /authentik
COPY ./pyproject.toml /
COPY ./poetry.lock /
COPY ./uv.lock /
COPY ./schemas /schemas
COPY ./locale /locale
COPY ./tests /tests
@ -181,7 +186,7 @@ COPY ./blueprints /blueprints
COPY ./lifecycle/ /lifecycle
COPY ./authentik/sources/kerberos/krb5.conf /etc/krb5.conf
COPY --from=go-builder /go/authentik /bin/authentik
COPY --from=python-deps /ak-root/venv /ak-root/venv
COPY --from=python-deps /ak-root/.venv /ak-root/.venv
COPY --from=web-builder /work/web/dist/ /web/dist/
COPY --from=web-builder /work/web/authentik/ /web/authentik/
COPY --from=website-builder /work/website/build/ /website/help/
@ -192,9 +197,6 @@ USER 1000
ENV TMPDIR=/dev/shm/ \
PYTHONDONTWRITEBYTECODE=1 \
PYTHONUNBUFFERED=1 \
PATH="/ak-root/venv/bin:/lifecycle:$PATH" \
VENV_PATH="/ak-root/venv" \
POETRY_VIRTUALENVS_CREATE=false \
GOFIPS=1
HEALTHCHECK --interval=30s --timeout=30s --start-period=60s --retries=3 CMD [ "ak", "healthcheck" ]

48
Makefile
View File

@ -12,9 +12,9 @@ GEN_API_TS = "gen-ts-api"
GEN_API_PY = "gen-py-api"
GEN_API_GO = "gen-go-api"
pg_user := $(shell poetry run python -m authentik.lib.config postgresql.user 2>/dev/null)
pg_host := $(shell poetry run python -m authentik.lib.config postgresql.host 2>/dev/null)
pg_name := $(shell poetry run python -m authentik.lib.config postgresql.name 2>/dev/null)
pg_user := $(shell uv run python -m authentik.lib.config postgresql.user 2>/dev/null)
pg_host := $(shell uv run python -m authentik.lib.config postgresql.host 2>/dev/null)
pg_name := $(shell uv run python -m authentik.lib.config postgresql.name 2>/dev/null)
all: lint-fix lint test gen web ## Lint, build, and test everything
@ -32,26 +32,26 @@ go-test:
go test -timeout 0 -v -race -cover ./...
test: ## Run the server tests and produce a coverage report (locally)
poetry run coverage run manage.py test --keepdb authentik
poetry run coverage html
poetry run coverage report
uv run coverage run manage.py test --keepdb authentik
uv run coverage html
uv run coverage report
lint-fix: lint-codespell ## Lint and automatically fix errors in the python source code. Reports spelling errors.
poetry run black $(PY_SOURCES)
poetry run ruff check --fix $(PY_SOURCES)
uv run black $(PY_SOURCES)
uv run ruff check --fix $(PY_SOURCES)
lint-codespell: ## Reports spelling errors.
poetry run codespell -w
uv run codespell -w
lint: ## Lint the python and golang sources
poetry run bandit -c pyproject.toml -r $(PY_SOURCES)
uv run bandit -c pyproject.toml -r $(PY_SOURCES)
golangci-lint run -v
core-install:
poetry install
uv sync --frozen
migrate: ## Run the Authentik Django server's migrations
poetry run python -m lifecycle.migrate
uv run python -m lifecycle.migrate
i18n-extract: core-i18n-extract web-i18n-extract ## Extract strings that require translation into files to send to a translation service
@ -59,7 +59,7 @@ aws-cfn:
cd lifecycle/aws && npm run aws-cfn
core-i18n-extract:
poetry run ak makemessages \
uv run ak makemessages \
--add-location file \
--no-obsolete \
--ignore web \
@ -90,11 +90,11 @@ gen-build: ## Extract the schema from the database
AUTHENTIK_DEBUG=true \
AUTHENTIK_TENANTS__ENABLED=true \
AUTHENTIK_OUTPOSTS__DISABLE_EMBEDDED_OUTPOST=true \
poetry run ak make_blueprint_schema > blueprints/schema.json
uv run ak make_blueprint_schema > blueprints/schema.json
AUTHENTIK_DEBUG=true \
AUTHENTIK_TENANTS__ENABLED=true \
AUTHENTIK_OUTPOSTS__DISABLE_EMBEDDED_OUTPOST=true \
poetry run ak spectacular --file schema.yml
uv run ak spectacular --file schema.yml
gen-changelog: ## (Release) generate the changelog based from the commits since the last tag
git log --pretty=format:" - %s" $(shell git describe --tags $(shell git rev-list --tags --max-count=1))...$(shell git branch --show-current) | sort > changelog.md
@ -173,7 +173,7 @@ gen-client-go: gen-clean-go ## Build and install the authentik API for Golang
rm -rf ./${GEN_API_GO}/config.yaml ./${GEN_API_GO}/templates/
gen-dev-config: ## Generate a local development config file
poetry run scripts/generate_config.py
uv run scripts/generate_config.py
gen: gen-build gen-client-ts
@ -254,21 +254,21 @@ ci--meta-debug:
node --version
ci-black: ci--meta-debug
poetry run black --check $(PY_SOURCES)
uv run black --check $(PY_SOURCES)
ci-ruff: ci--meta-debug
poetry run ruff check $(PY_SOURCES)
uv run ruff check $(PY_SOURCES)
ci-codespell: ci--meta-debug
poetry run codespell -s
uv run codespell -s
ci-bandit: ci--meta-debug
poetry run bandit -r $(PY_SOURCES)
uv run bandit -r $(PY_SOURCES)
ci-pending-migrations: ci--meta-debug
poetry run ak makemigrations --check
uv run ak makemigrations --check
ci-test: ci--meta-debug
poetry run coverage run manage.py test --keepdb --randomly-seed ${CI_TEST_SEED} authentik
poetry run coverage report
poetry run coverage xml
uv run coverage run manage.py test --keepdb --randomly-seed ${CI_TEST_SEED} authentik
uv run coverage report
uv run coverage xml

4
lifecycle/ak
View File

@ -62,12 +62,12 @@ function prepare_debug {
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y --no-install-recommends krb5-kdc krb5-user krb5-admin-server libkrb5-dev gcc
VIRTUAL_ENV=/ak-root/venv poetry install --no-ansi --no-interaction
VIRTUAL_ENV=/ak-root/.venv uv sync --frozen
touch /unittest.xml
chown authentik:authentik /unittest.xml
}
if [[ "$(python -m authentik.lib.config debugger 2> /dev/null)" == "True" ]]; then
if [[ "$(python -m authentik.lib.config debugger 2>/dev/null)" == "True" ]]; then
prepare_debug
fi

2
lifecycle/ak.py
View File

@ -1,4 +1,4 @@
"""Wrapper for lifecycle/ak, to be installed by poetry"""
"""Wrapper for lifecycle/ak, to be installed by uv"""
from os import system, waitstatus_to_exitcode
from pathlib import Path

6120
poetry.lock generated
View File

File diff suppressed because it is too large Load Diff

220
pyproject.toml
View File

@ -1,8 +1,116 @@
[tool.poetry]
[project]
name = "authentik"
version = "2025.2.2"
description = ""
authors = ["authentik Team <hello@goauthentik.io>"]
authors = [{ name = "authentik Team", email = "hello@goauthentik.io" }]
requires-python = "~=3.12"
dependencies = [
"argon2-cffi",
"celery",
"channels",
"channels-redis",
"cryptography",
"dacite",
"deepmerge",
"defusedxml",
"django",
"django-countries",
"django-cte",
"django-filter",
"django-guardian",
"django-model-utils",
"django-pglock",
"django-prometheus",
"django-redis",
"django-storages[s3]",
"django-tenants",
"djangorestframework ==3.14.0",
"djangorestframework-guardian",
"docker",
"drf-orjson-renderer",
"drf-spectacular",
"dumb-init",
"duo-client",
"fido2",
"flower",
"geoip2",
"geopy",
"google-api-python-client",
"gssapi",
"gunicorn",
"jsonpatch",
"jwcrypto",
"kubernetes",
"ldap3",
"lxml",
"msgraph-sdk",
"opencontainers[reggie]",
"packaging",
"paramiko",
"psycopg[c]",
"pydantic",
"pydantic-scim",
"pyjwt",
"pyrad",
"python-kadmin-rs ==0.5.3",
"pyyaml",
"requests-oauthlib",
"scim2-filter-parser",
"sentry-sdk",
"service_identity",
"setproctitle",
"structlog",
"swagger-spec-validator",
"tenant-schemas-celery",
"twilio",
"ua-parser",
"unidecode",
"urllib3 <3",
"uvicorn[standard]",
"watchdog",
"webauthn",
"wsproto",
"xmlsec",
"zxcvbn",
]
[dependency-groups]
dev = [
"aws-cdk-lib",
"bandit",
"black",
"bump2version",
"channels[daphne]",
"codespell",
"colorama",
"constructs",
"coverage[toml]",
"debugpy",
"drf-jsonschema-serializer",
"freezegun",
"importlib-metadata",
"k5test",
"pdoc",
"pytest",
"pytest-django",
"pytest-github-actions-annotate-failures",
"pytest-randomly",
"pytest-timeout",
"requests-mock",
"ruff",
"selenium",
]
[tool.uv.sources]
django-tenants = { git = "https://github.com/rissson/django-tenants.git", branch = "authentik-fixes" }
opencontainers = { git = "https://github.com/vsoch/oci-python", rev = "20d69d9cc50a0fef31605b46f06da0c94f1ec3cf" }
[project.scripts]
ak = "lifecycle.ak:main"
[build-system]
requires = ["hatchling"]
build-backend = "hatchling.build"
[tool.bandit]
exclude_dirs = ["**/node_modules/**"]
@ -30,6 +138,7 @@ skip = [
]
dictionary = ".github/codespell-dictionary.txt,-"
ignore-words = ".github/codespell-words.txt"
[tool.black]
line-length = 100
target-version = ['py312']
@ -60,6 +169,7 @@ select = [
ignore = [
"DJ001", # Avoid using `null=True` on string-based fields,
]
[tool.ruff.lint.pylint]
max-args = 7
max-branches = 18
@ -107,109 +217,3 @@ filterwarnings = [
"ignore:defusedxml.lxml is no longer supported and will be removed in a future release.:DeprecationWarning",
"ignore:SelectableGroups dict interface is deprecated. Use select.:DeprecationWarning",
]
[tool.poetry.dependencies]
argon2-cffi = "*"
celery = "*"
channels = "*"
channels-redis = "*"
cryptography = "*"
dacite = "*"
deepmerge = "*"
defusedxml = "*"
django = "*"
django-countries = "*"
django-cte = "*"
django-filter = "*"
django-guardian = "*"
django-model-utils = "*"
django-pglock = "*"
django-prometheus = "*"
django-redis = "*"
django-storages = { extras = ["s3"], version = "*" }
# See https://github.com/django-tenants/django-tenants/pull/997
django-tenants = { git = "https://github.com/rissson/django-tenants.git", branch = "authentik-fixes" }
djangorestframework = "3.14.0"
djangorestframework-guardian = "*"
docker = "*"
drf-orjson-renderer = "*"
drf-spectacular = "*"
dumb-init = "*"
duo-client = "*"
fido2 = "*"
flower = "*"
geoip2 = "*"
geopy = "*"
google-api-python-client = "*"
gunicorn = "*"
gssapi = "*"
jsonpatch = "*"
jwcrypto = "*"
kubernetes = "*"
ldap3 = "*"
lxml = "*"
msgraph-sdk = "*"
opencontainers = { git = "https://github.com/vsoch/oci-python", rev = "20d69d9cc50a0fef31605b46f06da0c94f1ec3cf", extras = [
"reggie",
] }
packaging = "*"
paramiko = "*"
psycopg = { extras = ["c"], version = "*" }
pydantic = "*"
pydantic-scim = "*"
pyjwt = "*"
pyrad = "*"
python = "~3.12"
python-kadmin-rs = "0.5.3"
pyyaml = "*"
requests-oauthlib = "*"
scim2-filter-parser = "*"
sentry-sdk = "*"
service_identity = "*"
setproctitle = "*"
structlog = "*"
swagger-spec-validator = "*"
tenant-schemas-celery = "*"
twilio = "*"
ua-parser = "*"
unidecode = "*"
# Pinned because of botocore https://github.com/orgs/python-poetry/discussions/7937
urllib3 = { extras = ["secure"], version = "<3" }
uvicorn = { extras = ["standard"], version = "*" }
watchdog = "*"
webauthn = "*"
wsproto = "*"
xmlsec = "*"
zxcvbn = "*"
[tool.poetry.group.dev.dependencies]
aws-cdk-lib = "*"
bandit = "*"
black = "*"
bump2version = "*"
channels = { version = "*", extras = ["daphne"] }
codespell = "*"
colorama = "*"
constructs = "*"
coverage = { extras = ["toml"], version = "*" }
debugpy = "*"
drf-jsonschema-serializer = "*"
freezegun = "*"
importlib-metadata = "*"
k5test = "*"
pdoc = "*"
pytest = "*"
pytest-django = "*"
pytest-github-actions-annotate-failures = "*"
pytest-randomly = "*"
pytest-timeout = "*"
requests-mock = "*"
ruff = "*"
selenium = "*"
[build-system]
requires = ["poetry-core>=1.0.0"]
build-backend = "poetry.core.masonry.api"
[tool.poetry.scripts]
ak = "lifecycle.ak:main"

3590
uv.lock generated Normal file
View File

File diff suppressed because it is too large Load Diff

16
website/docs/developer-docs/setup/full-dev-environment.mdx
View File

@ -9,7 +9,7 @@ import ExecutionEnvironment from "@docusaurus/ExecutionEnvironment";
## Requirements
- [Python](https://www.python.org/) 3.12
- [Poetry](https://python-poetry.org/), which is used to manage dependencies
- [uv](https://docs.astral.sh/uv/getting-started/installation/), which is used to manage dependencies
- [Go](https://go.dev/) 1.23 or newer
- [Node.js](https://nodejs.org/en) 22 or newer
- [PostgreSQL](https://www.postgresql.org/) 16 or newer
@ -46,18 +46,18 @@ values={[
To install the native dependencies on macOS, run:
```sh
$ pip install poetry poetry-plugin-shell
$ pip install uv
$ brew install libxmlsec1 libpq krb5 # Required development libraries,
$ brew install postgresql redis node@22 golangci-lint # Required CLI tools
```
</TabItem>
</TabItem>
<TabItem value="linux">
To install native dependencies on Debian or Ubuntu, run:
<TabItem value="linux">
To install native dependencies on Debian or Ubuntu, run:
```sh
$ pip install poetry poetry-plugin-shell
$ pip install uv
$ sudo apt-get install libgss-dev krb5-config libkrb5-dev postgresql-server-dev-all
$ sudo apt-get install postresql redis
```
@ -80,8 +80,8 @@ instructions](https://golangci-lint.run/welcome/install/#other-ci).
1. Create an isolated Python environment. To create the environment and install dependencies, run the following commands in the same directory as your local authentik git repository:
```shell
eval $(poetry env activate) # Creates a python virtualenv, and activates it in a new shell
make install # Installs all required dependencies for Python and Javascript, including development dependencies
source .venv/bin/activate # Active the Python virtual environment
```
2. Configure authentik to use the local databases using a local config file. To generate this file, run the following command in the same directory as your local authentik git repository:
@ -131,7 +131,7 @@ make web # Formats the frontend code
Now that the backend and frontend have been setup and built, you can start authentik by running the following command in the same directory as your local authentik git repository:
```shell
poetry run ak server # Starts authentik server
ak server # Starts authentik server
```
And now, authentik should now be accessible at `http://localhost:9000`.

2
website/docs/troubleshooting/login.md
View File

@ -23,7 +23,7 @@ kubectl exec -it deployment/authentik-worker -c worker -- ak create_recovery_key
or, for CLI, run
```shell
poetry run ak create_recovery_key 10 akadmin
uv run ak create_recovery_key 10 akadmin
```
This will output a link, that can be used to instantly gain access to authentik as the user specified above. The link is valid for amount of years specified above, in this case, 10 years.