quiet-dog-11469
02/28/2023, 8:45 AMquiet-dog-11469
02/28/2023, 8:45 AMpants
and giving it a test to see if it’ll work for our organisation.
When generating the lockfiles or installing I get the standard pip 128 error that it can’t git clone
and there’s no prompt to enter github username and password. I’ve tried the following:
1. git credential store
to store the token
2. Changing the url in the git config to use the token directly: git config --global url."https://${GITHUB_TOKEN}@github.com/".insteadOf "<https://github.com/>"
Both of these methods work fine for git clone …
or pip install …
but not with pants
😕
How does pants
interact with pip
and git
? Is there a setting I can change to allow it to use either of these, some thing else entirely or supply a token?
For note the lines in the requirements.txt
look like
PACKAGE_NAME@ git+<https://github.com/ORG/REPO.git@TAG>
refined-addition-53644
02/28/2023, 9:49 AMquiet-dog-11469
02/28/2023, 9:51 AMpants
does something to git
or the git config
for the git clone
command so the users git
config isn’t used. I just have no idea what 🤷♂️refined-addition-53644
02/28/2023, 9:55 AMCopy codePACKAGE_NAME@ git+https://${GITHUB_TOKEN}@github.com/ORG/REPO.git@TAG
refined-addition-53644
02/28/2023, 9:57 AMrefined-addition-53644
02/28/2023, 9:58 AMquiet-dog-11469
02/28/2023, 10:15 AMforce everyone to use SSHSadly that would be harder as it would require changes to our remote dev environments 🙃 This does work
but does store theCopy codePACKAGE_NAME@ git+https://${GITHUB_TOKEN}@github.com/ORG/REPO.git@TAG
GITHUB_TOKEN
in the lockfile
😢quiet-dog-11469
02/28/2023, 10:15 AMpants
interacts with pip
/ git
. Does it sandbox them from the user’s configs?refined-addition-53644
02/28/2023, 10:16 AMrefined-addition-53644
02/28/2023, 10:20 AMquiet-dog-11469
02/28/2023, 11:02 AMpex -r requirements.txt
works with my global git config (with no GITHUB_TOKEN
in my requirements.txt
)
I’m assuming it all comes down to how tight is the sandbox and what should or shouldn’t be included in the sandbox from global or system configuration. I’m assuming as the global configuration is stored in the home directory (~/.gitconfig
) then this is sealed from the sandbox. Also the git
credential store is stored there too (~/.git-credentials
)refined-addition-53644
02/28/2023, 11:04 AMpex --lock
If that works without injecting any credentials, then I suppose pants is the one blocking it.refined-addition-53644
02/28/2023, 11:11 AMquiet-dog-11469
02/28/2023, 11:23 AMpex3 lock create
works so it is the pants sandboxing blocking itcurved-television-6568
02/28/2023, 1:15 PMHOME
first.. https://www.pantsbuild.org/docs/reference-subprocess-environmentenough-analyst-54434
02/28/2023, 3:20 PMHOME
. Both ~/.gitconfig
and `~/.netrc`can only be found if you know the home dir.quiet-dog-11469
02/28/2023, 3:39 PMenough-analyst-54434
02/28/2023, 3:49 PMenough-analyst-54434
02/28/2023, 3:50 PMenough-analyst-54434
02/28/2023, 3:53 PMquiet-dog-11469
02/28/2023, 4:04 PMenough-analyst-54434
02/28/2023, 4:06 PMcurved-television-6568
02/28/2023, 4:15 PMquiet-dog-11469
02/28/2023, 4:52 PM