Hey Team, curious how we can pass along the creden...
# generalr
rapid-bird-79300
02/18/2022, 8:04 PMHey Team, curious how we can pass along the credentials with a custom wheel repo: https://www.pantsbuild.org/v2.7/docs/python-third-party-dependencies#custom-repositories
We use aws code artifact and provide the credentials in our poetry configuration.
e
enough-analyst-54434
02/18/2022, 8:10 PMThe only way currently to securely pass credentials is to use the env var form of options; so
PANTS_PYTHON_REPOS_INDEXES=...enough-analyst-54434
02/18/2022, 8:10 PMLet me know if that makes vague sense. I can sharpen it if you need more pointers there.
enough-analyst-54434
02/18/2022, 8:13 PMFWIW, the security considerations there are standard ones surrounding env vars, and then after that we mix that env var along with all other inputs into a sha256 hash that gets saved to disk as a fingerprint for the associated Pex subprocess action. The actual contents of the env var aren't persisted anywhere.
r
rapid-bird-79300
02/18/2022, 10:13 PMthank you @enough-analyst-54434 that did the trick!
rapid-bird-79300
02/18/2022, 10:15 PMthere are some
pep-440pylinte
enough-analyst-54434
02/18/2022, 10:17 PMExcellent. It's a little unwieldy and maybe we'll come up with more direct, specialized means per backend / system, but this style has the advantage that it generalizes and will never go away. I can't imagine Pants ever dropping env var options support.
✅ 1
enough-analyst-54434
02/20/2022, 1:38 AMI missed the PEP-440 thing. If the broken packages are broken for all versions, no. There are no excludes ala Maven / JVM. If you want to exclude specific versions, yes. You'd want to add constraints use to the resolve with entries like:
Copy code
package1!=1.*,!=2.3.4
package2!=1.2.*✅ 1
4 Views