Hello we are using our own `PyPi` mirror hosted on...
# general
Hello we are using our own
mirror hosted on AWS CodeArtifact that requires a username and token to access. Is there any configuration in
that will allows us to inject the PyPi token for
to use, or make it use
which is setup with the username and token for the PyPi mirror.
The only way to do this safely currently is by exporting an environment variable.
. That's just leveraging generic support for setting Pants option via
env vars to configure the
subsystem: https://www.pantsbuild.org/docs/reference-python-repos
🙌 1
Does this approach work for you @rich-church-77699? We have 2 other avenues that have associated issues but still need prioritization. One involves interpolating env vars into
- that doesn't really make things much better, it just means the user:pass could be exposed as env vars / interpolated as atoms instead of the whole URL as with the
approach. The other is to support flags specified in requirements files. That's also not much better, since it really amounts to the pants.toml interpolation since Pip requirements files also support env var interpolation. The option we haven't pursued or thought about is directly supporting pip.conf. Right now, our resolver - Pex - does use Pip under the hood, but it explicitly turns off ambient Pip env var and file base configuration with
. I'm not sure of the implications of turning off that flag, but even if they are undesirable, Pex or Pants could also gain support for parsing
for sensitive configuration values and then manually plumbing those through.
🙌 1
@enough-analyst-54434 That worked, the issue for me was that I am using
which I was using to generate a
which it was adding in
into the file pointing to our private PyPi. So have to remove that line, and with
it worked. Managing credentials has always been a little bit messy with Pip.
If you had your druthers, how would Pip do it? If you've got a good idea we could make Pants or Pex that way.