https://pantsbuild.org/ logo
Join Slack
Powered by
Hello everyone, quick question. I need pants to pu...
# general
s
Hello everyone, quick question. I need pants to pull from a private pypi repo. I understand how to get the second repo initialized in the pants.toml file with
Copy code
indexes.add = [<index>]
The part that I do not understand is how to get pants to see the authentication token for this repo. I am using pants 1.30 (I cannot update this repo at this time to a later version) Any guidance is appreciated here
f
I am not sure this will work for your version since I am on 
2.x
, but please see https://github.com/pantsbuild/pants/issues/12178
s
Awesome! Thank you, I see how to do it “currently” which should hopefully support what I am doing with env vars.
Copy code
PANTS_PYTHON_REPOS_INDEXES="+['<https://username:password@my.hosted.server/api/pypi/my-pypi/simple>']"
f
if this approach is not suitable for you (I don’t like storing security information as environment variables), then I’d suggest another option.
Copy code
cat ~/.pants/your-company-pypi.toml 
[python-repos]
indexes = ["<https://username:password@mypypi.com/api/pypi/simple>", "<https://pypi.python.org/simple>"]
Then you do:
Copy code
export PANTS_CONFIG_FILES="$HOME/.pants/your-company-pypi.toml"
in 
.bashrc
or whatever shell it is
👀 1
Copy code
~/.pants/your-company-pypi.toml
the 
~/.pants
location is arbitrary! It could have been 
~/bla/your-company-pypi.toml
s
We have this stuff stored in AWS secrets manager so i can write a little helper script in the 
.bashrc
to grab and set the env vars. In our CI envs we have these saved as secrets. This will work 🙂
f
right, what I’ve described above is for end users to work on their personal computers 🙂 there is no need to store secrets as environment variables, an acceptable compromise. Hope this does work for you, please let us know otherwise 🙂
s
Thanks @fresh-cat-90827!
f
I’ve spent quite some time trying to make Pants work with the 
pip.conf
file (because currently if you do 
pip install package
that you’d like to grab from a private PyPI), you need to either provide 
--extra-index-url
with credentials, or store it in the 
pip.conf
file (https://pip.pypa.io/en/latest/topics/configuration/). So for Pants you end up storing credentials in one place (PEX doesn’t seem to be able to read the 
pip.conf
file or 
.netrc
file (https://stackoverflow.com/questions/50468951/credentials-in-pip-conf-for-private-pypi), and in another file for 
pip
🙂
but seems as Pants ignores the 
pip.conf
and 
netrc
files, so there is a duplication of information; nothing critical, but thought worth sharing with you — you may have a user who does some operation outside of Pants (maybe experimenting pulling in some package in a Python virtual environment) wondering why they can’t install packages from your private PyPI despite the PyPI credentials stored somewhere to be used by Pants
s
yeah this makes sense.
h
Thanks @fresh-cat-90827 for the great suggestions 🙌 to double check, @salmon-barista-63163 is this working for you?
s
Yes! I have this all setup and working @hundreds-father-404
🙌 1
Succesfully integrated our CodeArtifact “pypi” repo
🚀 2
2 Views
Open in Slack
PreviousNext
Powered by