I am seeing an issue with the lockfiles generates by pex when we have an extra index url with credentials added. The lockfile that gets generates strips the credentials out. So when you try to run test cases, it tries to install the packages from the base url of the repo which causes a 401 unauthorized error. I think pants needs to store these credentials else where or make sure to use them from the index url when downloading them. Does anyone know if there is a workaround in the meantime?

I do have these setup. But the lockfiles that I generated using pants do not have these credentials added in

@full-ocean-15873 that seems like a Pex bug. Given that you are writing down your credentials in plain text as part of the URL in

[python-repos] indexes

you should expect it to be preserved in the lock file. I'm almost positive there is a Pex bug either way, but do you write the literal username and password in the URL or do you write environment variable placeholders (like

https://$USERNAME:$PASSWORD@...

)?

I wrote the exact values in the url

Ok. We can talk about doing that a bit more securely using env vars separately. I'll confirm the bug and file here shortly.

Thank you for your help and quick response 🙂

Get hacky. Since the data is missing in the lock file URLs and the lock file is a text file, run

sed

over the lock file and fix all the relevant URLs manually.

If you don't like or know sed, use your favorite tool.

(I love

sd

personally, a modern replacement with a nicer UX)

Thanks for advice. Will keep it in mind