Python CLI tool for Apple service automation - fastlane-compatible authentication and App Store Connect/Developer Portal operations
Project description
Slowlane
Production-grade Python CLI tool for Apple service automation. A fastlane-compatible solution for authentication and App Store Connect/Developer Portal operations.
Features
- 🔐 Multiple auth modes: JWT API keys, session cookies, interactive login
- 📱 App Store Connect: Apps, builds, TestFlight management
- 🔏 Developer Portal: Certificates and provisioning profiles
- 📦 Upload: IPA upload via iTunes Transporter
- 🔄 CI-friendly: Works on macOS, Linux, Windows with structured output
Installation
pip install slowlane
Or with Poetry:
poetry add slowlane
Quick Start
Using API Key (Recommended for CI)
# Set environment variables
export ASC_KEY_ID="XXXXXXXXXX"
export ASC_ISSUER_ID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
export ASC_PRIVATE_KEY="$(cat AuthKey_XXXXXXXXXX.p8)"
# List your apps
slowlane asc apps list
# Upload an IPA
slowlane upload ipa ./MyApp.ipa
Using Session Auth
# Interactive login (opens browser)
slowlane spaceauth login
# Export session for CI
slowlane spaceauth export
# Use session in CI
export FASTLANE_SESSION="..."
slowlane asc apps list
Commands
| Command | Description |
|---|---|
spaceauth login |
Interactive browser login |
spaceauth export |
Export session as env var |
spaceauth verify |
Test session validity |
spaceauth revoke |
Clear stored session |
spaceauth doctor |
Diagnose auth issues |
asc apps list|get |
Manage apps |
asc builds list|latest |
Manage builds |
asc testflight testers|groups|invite |
TestFlight |
signing certs list|create|revoke |
Certificates |
signing profiles list|create|delete |
Profiles |
upload ipa <path> |
Upload IPA |
env print |
Print CI exports |
Configuration
Config file: ~/.config/slowlane/config.toml
[auth]
default_mode = "jwt" # or "session"
[http]
timeout = 30
max_retries = 3
[output]
format = "text" # or "json"
CI Examples
GitHub Actions
- name: Upload to App Store
env:
ASC_KEY_ID: ${{ secrets.ASC_KEY_ID }}
ASC_ISSUER_ID: ${{ secrets.ASC_ISSUER_ID }}
ASC_PRIVATE_KEY: ${{ secrets.ASC_PRIVATE_KEY }}
run: |
pip install slowlane
slowlane upload ipa ./app.ipa
Security
- Secrets stored in OS keychain (via
keyring) with encrypted fallback - Sessions include metadata only (email hashed, never stored plaintext)
- Passwords never stored - only used to mint sessions interactively
- All secrets redacted from logs by default
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file slowlane-0.2.5.tar.gz.
File metadata
- Download URL: slowlane-0.2.5.tar.gz
- Upload date:
- Size: 30.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dd9c967deb1527d5ae80e4f0ef2ec708ef7445fe9140bc2701694b00a637a51b
|
|
| MD5 |
2c08fe00ab1ce953707051097bab1e02
|
|
| BLAKE2b-256 |
ab63cfcd79758844f15166a546a37a0637069c559b70bad99ec73eb0cd84ca25
|
Provenance
The following attestation bundles were made for slowlane-0.2.5.tar.gz:
Publisher:
publish.yml on Demoen/slowlane
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
slowlane-0.2.5.tar.gz -
Subject digest:
dd9c967deb1527d5ae80e4f0ef2ec708ef7445fe9140bc2701694b00a637a51b - Sigstore transparency entry: 1280224863
- Sigstore integration time:
-
Permalink:
Demoen/slowlane@77bbcc661d0c12bebc8678e45226b58f2600127b -
Branch / Tag:
refs/tags/v0.2.5 - Owner: https://github.com/Demoen
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@77bbcc661d0c12bebc8678e45226b58f2600127b -
Trigger Event:
push
-
Statement type:
File details
Details for the file slowlane-0.2.5-py3-none-any.whl.
File metadata
- Download URL: slowlane-0.2.5-py3-none-any.whl
- Upload date:
- Size: 38.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
12940f95fcccdbfd8a5339b8865c76a793b1a58e856eec647e883b8c082f0395
|
|
| MD5 |
7d761adc61c1012a81ed76e27a884d0d
|
|
| BLAKE2b-256 |
dc1b195d93a071920a86269ad8211c58920c55e53308583f4551325e7f2067a9
|
Provenance
The following attestation bundles were made for slowlane-0.2.5-py3-none-any.whl:
Publisher:
publish.yml on Demoen/slowlane
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
slowlane-0.2.5-py3-none-any.whl -
Subject digest:
12940f95fcccdbfd8a5339b8865c76a793b1a58e856eec647e883b8c082f0395 - Sigstore transparency entry: 1280224868
- Sigstore integration time:
-
Permalink:
Demoen/slowlane@77bbcc661d0c12bebc8678e45226b58f2600127b -
Branch / Tag:
refs/tags/v0.2.5 - Owner: https://github.com/Demoen
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@77bbcc661d0c12bebc8678e45226b58f2600127b -
Trigger Event:
push
-
Statement type: