Rewrite in pure Python

.github/check_entitlements.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+
+# Derive additional environment variables
+TOKEN_URL="${OIDC_OP_TOKEN_ENDPOINT}"
+OTDF_HOST_AND_PORT="${OPENTDF_PLATFORM_HOST}"
+OTDF_CLIENT="${OPENTDF_CLIENT_ID}"
+OTDF_CLIENT_SECRET="${OPENTDF_CLIENT_SECRET}"
+
+# Enable debug mode
+DEBUG=1
+
+echo "🔧 Environment Configuration:"
+echo "   TOKEN_URL: ${TOKEN_URL}"
+echo "   OTDF_HOST_AND_PORT: ${OTDF_HOST_AND_PORT}"
+echo "   OTDF_CLIENT: ${OTDF_CLIENT}"
+echo "   OTDF_CLIENT_SECRET: ${OTDF_CLIENT_SECRET}"
+echo ""
+
+get_token() {
+    curl -k --location "$TOKEN_URL" \
+    --header "X-VirtruPubKey;" \
+    --header "Content-Type: application/x-www-form-urlencoded" \
+    --data-urlencode "grant_type=client_credentials" \
+    --data-urlencode "client_id=$OTDF_CLIENT" \
+    --data-urlencode "client_secret=$OTDF_CLIENT_SECRET"
+}
+
+echo "🔐 Getting access token..."
+BEARER=$( get_token | jq -r '.access_token' )
+[[ "${DEBUG:-}" == "1" ]] && echo "Got Access Token: ${BEARER}"
+echo ""
+
+# Array of usernames to check
+USERNAMES=("opentdf" "sample-user" "sample-user-1" "cli-client" "opentdf-sdk")
+
+for USERNAME in "${USERNAMES[@]}"; do
+    echo "👤 Fetching entitlements for username: ${USERNAME}"
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+
+    grpcurl -plaintext \
+      -H "authorization: Bearer $BEARER" \
+      -d "{
+      \"entities\": [
+        {
+          \"userName\": \"$USERNAME\"
+        }
+      ]
+    }" \
+      "$OTDF_HOST_AND_PORT" \
+      authorization.AuthorizationService/GetEntitlements
+
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo "✅ Entitlements retrieval complete for ${USERNAME}!"
+    echo ""
+done
+
+echo "🎉 All entitlement checks completed!"

.github/workflows/build-python.yaml

@@ -1,44 +1,53 @@
----
-name: Build Python package(s)
-
+# Build otdf-python wheel using uv and output the wheel path for downstream workflows
+name: "Build Python Wheel"
 on:
-    push:
-        branches:
-            - disabled
+  push:
+    branches:
+      - chore/rewrite
+  pull_request:
 
 jobs:
-    build:
+  build:
+    runs-on: ubuntu-22.04
+    outputs:
+      wheel: ${{ steps.find_wheel.outputs.wheel_path }}
+    steps:
+      - name: Checkout this repo
+        uses: actions/checkout@v4
 
-        runs-on: ubuntu-22.04
-        strategy:
-            matrix:
-                go-version: [1.24.x]
+      - name: Set up uv
+        uses: astral-sh/setup-uv@v6
+        with:
+          enable-cache: true
+          cache-dependency-glob: "uv.lock"
 
-        steps:
-            - uses: actions/checkout@v4
-      # - name: Setup Go
-      #   uses: actions/setup-go@v4
-      #   with:
-      #     go-version: ${{ matrix.go-version }}
-      #     cache-dependency-path: go.sum
-      # - name: Install dependencies
-      #   run: go get .
-      # - name: Test with Go
-      #   run: go test -timeout 40s -run ^TestHello$ gotdf_python -count=1 # go test
+      - name: Build otdf-python wheel using uv
+        run: |
+          uv sync --frozen
+          uv build
+        shell: bash
 
-            - name: Set up Python
-              uses: actions/setup-python@v4
-              with:
-                  python-version: '3.12'
-            - name: Install dependencies
-              run: |
-                  pip install poetry
-            - name: Invoke pylint with all dependencies
-              run: |
-                  # Since we don't have our wheel build / install configured yet we use '--no-root'
-                  poetry install --no-root
+      - name: Find built wheel
+        id: find_wheel
+        run: |
+          wheel_path=$(ls dist/*.whl | head -n1)
+          echo "wheel_path=$wheel_path" >> $GITHUB_OUTPUT
+        shell: bash
 
-                  # poetry install
+      - name: Upload wheel as artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: python-wheel
+          path: dist/*.whl
 
-                  # Bring this back later
-                  # poetry run pytest tests/
+  integration-test:
+    strategy:
+      fail-fast: true
+      matrix:
+        # python3_version: ["3.12", "3.13"]
+        python3_version: ["3.13"]
+    needs: build
+    uses: ./.github/workflows/platform-integration-test-new.yaml
+    with:
+      wheel: ${{ needs.build.outputs.wheel }}
+      python_version: ${{ matrix.python3_version }}