https://pantsbuild.org/ logo
#general
Title
# general
f

full-ocean-15873

05/11/2022, 5:32 PM
I am seeing an issue with the lockfiles generates by pex when we have an extra index url with credentials added. The lockfile that gets generates strips the credentials out. So when you try to run test cases, it tries to install the packages from the base url of the repo which causes a 401 unauthorized error. I think pants needs to store these credentials else where or make sure to use them from the index url when downloading them. Does anyone know if there is a workaround in the meantime?
1
f

full-ocean-15873

05/11/2022, 5:38 PM
I do have these setup. But the lockfiles that I generated using pants do not have these credentials added in
p

polite-garden-50641

05/11/2022, 5:38 PM
@hundreds-father-404
e

enough-analyst-54434

05/11/2022, 5:44 PM
@full-ocean-15873 that seems like a Pex bug. Given that you are writing down your credentials in plain text as part of the URL in
[python-repos] indexes
you should expect it to be preserved in the lock file. I'm almost positive there is a Pex bug either way, but do you write the literal username and password in the URL or do you write environment variable placeholders (like
https://$USERNAME:$PASSWORD@...
)?
f

full-ocean-15873

05/11/2022, 5:45 PM
I wrote the exact values in the url
e

enough-analyst-54434

05/11/2022, 5:46 PM
Ok. We can talk about doing that a bit more securely using env vars separately. I'll confirm the bug and file here shortly.
🙏 2
f

full-ocean-15873

05/11/2022, 6:03 PM
Thank you for your help and quick response 🙂
What do you recommend in the mean time?
e

enough-analyst-54434

05/11/2022, 6:06 PM
Get hacky. Since the data is missing in the lock file URLs and the lock file is a text file, run
sed
over the lock file and fix all the relevant URLs manually.
If that works, write a little script that does this and use that script instead of Pants directly whenever generating lock files. When the Pex fix comes out and Pants is upgraded, throw away the script.
If you don't like or know sed, use your favorite tool.
h

hundreds-father-404

05/11/2022, 6:11 PM
If you don't like or know sed, use your favorite tool.
(I love
sd
personally, a modern replacement with a nicer UX)
f

full-ocean-15873

05/11/2022, 6:26 PM
Thanks for advice. Will keep it in mind
2 Views