rich-church-7769909/20/2021, 1:03 PM
mirror hosted on AWS CodeArtifact that requires a username and token to access. Is there any configuration in
that will allows us to inject the PyPi token for
to use, or make it use
which is setup with the username and token for the PyPi mirror.
enough-analyst-5443409/20/2021, 3:44 PM
. That's just leveraging generic support for setting Pants option via
env vars to configure the
- that doesn't really make things much better, it just means the user:pass could be exposed as env vars / interpolated as atoms instead of the whole URL as with the
approach. The other is to support flags specified in requirements files. That's also not much better, since it really amounts to the pants.toml interpolation since Pip requirements files also support env var interpolation. The option we haven't pursued or thought about is directly supporting pip.conf. Right now, our resolver - Pex - does use Pip under the hood, but it explicitly turns off ambient Pip env var and file base configuration with
. I'm not sure of the implications of turning off that flag, but even if they are undesirable, Pex or Pants could also gain support for parsing
for sensitive configuration values and then manually plumbing those through.
rich-church-7769909/21/2021, 1:52 PM
which I was using to generate a
which it was adding in
into the file pointing to our private PyPi. So have to remove that line, and with
it worked. Managing credentials has always been a little bit messy with Pip.
enough-analyst-5443409/21/2021, 2:11 PM