3d5a189fa7
* don't push when on internal repo Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only run certain workflows on main repo Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mirror Signed-off-by: Jens Langhammer <jens@goauthentik.io> * how tf did a tab get in there Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ooops Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
67 lines
2.4 KiB
YAML
67 lines
2.4 KiB
YAML
name: authentik-api-py-publish
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
paths:
|
|
- "schema.yml"
|
|
workflow_dispatch:
|
|
jobs:
|
|
build:
|
|
if: ${{ github.repository != 'goauthentik/authentik-internal' }}
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
id-token: write
|
|
steps:
|
|
- id: generate_token
|
|
uses: tibdex/github-app-token@v2
|
|
with:
|
|
app_id: ${{ secrets.GH_APP_ID }}
|
|
private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
token: ${{ steps.generate_token.outputs.token }}
|
|
- name: Install poetry & deps
|
|
shell: bash
|
|
run: |
|
|
pipx install poetry || true
|
|
sudo apt-get update
|
|
sudo apt-get install --no-install-recommends -y libpq-dev openssl libxmlsec1-dev pkg-config gettext
|
|
- name: Setup python and restore poetry
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version-file: "pyproject.toml"
|
|
cache: "poetry"
|
|
- name: Generate API Client
|
|
run: make gen-client-py
|
|
- name: Publish package
|
|
working-directory: gen-py-api/
|
|
run: |
|
|
poetry build
|
|
- name: Publish package to PyPI
|
|
uses: pypa/gh-action-pypi-publish@release/v1
|
|
with:
|
|
packages-dir: gen-py-api/dist/
|
|
# We can't easily upgrade the API client being used due to poetry being poetry
|
|
# so we'll have to rely on dependabot
|
|
# - name: Upgrade /
|
|
# run: |
|
|
# export VERSION=$(cd gen-py-api && poetry version -s)
|
|
# poetry add "authentik_client=$VERSION" --allow-prereleases --lock
|
|
# - uses: peter-evans/create-pull-request@v6
|
|
# id: cpr
|
|
# with:
|
|
# token: ${{ steps.generate_token.outputs.token }}
|
|
# branch: update-root-api-client
|
|
# commit-message: "root: bump API Client version"
|
|
# title: "root: bump API Client version"
|
|
# body: "root: bump API Client version"
|
|
# delete-branch: true
|
|
# signoff: true
|
|
# # ID from https://api.github.com/users/authentik-automation[bot]
|
|
# author: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
|
|
# - uses: peter-evans/enable-pull-request-automerge@v3
|
|
# with:
|
|
# token: ${{ steps.generate_token.outputs.token }}
|
|
# pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
|
|
# merge-method: squash
|