Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Undocumented change in handling of private repository credentials in 1.2.0 #6277

Closed
1 task done
jakob-keller opened this issue Aug 31, 2022 · 3 comments
Closed
1 task done

Undocumented change in handling of private repository credentials in 1.2.0 #6277

jakob-keller opened this issue Aug 31, 2022 · 3 comments
Labels
area/docs Documentation issues/improvements

Comments

@jakob-keller
Copy link
Contributor

jakob-keller commented Aug 31, 2022
edited
Loading

  • I have searched the issues of this repo and believe that this is not a duplicate.

Issue

The following issue might be too exotic to warrant an update of the documentation or release notes for 1.2.x. However, if the previous behaviour was intended, it could well represent a regression that might need fixing.

A private, password-protected repository may at the same time be configured both as a package source in pyproject.toml as well as a publishable repository in poetry.toml. Both configurations require a user-defined repository identifier that may differ, e.g. pypi-test-source and pypi-test-publishable respectively. Credentials may be provided as environment variables. So far, so good.

Prior to Poetry 1.2.0, it was sufficient to provide credentials for one of the repository configurations, e.g. the publishable repository. Poetry would implicitly use the provided credentials both for accessing sources as well as for publishing despite mismatched repository identifiers.

Since 1.2.0, the credentials are only used if their identifier matches the identifier used in the configuration. This could break existing setups, as it did with our CI pipeline.

As a work-around, one might either provide a second set of credentials to match the other repository identifier or use the same identifier in both configuration files. We did the later and or CI pipeline is back to normal.

Originally posted by @jakob-keller in #6262 (comment)
@jakob-keller jakob-keller added area/docs Documentation issues/improvements status/triage This issue needs to be triaged labels Aug 31, 2022
@sryabkov
Copy link

This might help: #2692 (comment)

In our Dockerfiles, we are doing

# https://github.com/python-poetry/poetry/issues/2692
ENV PYTHON_KEYRING_BACKEND="keyring.backends.null.Keyring"

@neersighted
Copy link
Member

Closing as not a bug -- this is pretty obscure for the docs, as you were relying on an unexpected edge case with credentials handling that was changed as part of an overall correctness refactor. We could migrate this to a discussion if you'd like, but I think that's about as much visibility as it needs.

@neersighted neersighted closed this as not planned Won't fix, can't repro, duplicate, stale Aug 31, 2022
@pronovic pronovic mentioned this issue Sep 2, 2022
Closed
@al-cheb al-cheb mentioned this issue Sep 6, 2022
Closed
10 tasks
@mkniewallner mkniewallner removed the status/triage This issue needs to be triaged label Sep 18, 2022
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 1, 2024

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 1, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
area/docs Documentation issues/improvements
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@sryabkov @neersighted @mkniewallner @jakob-keller