You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi,
thanks for the great additions with keyrings in pip 23.1 :) I discovered that the docs here https://pip.pypa.io/en/stable/topics/authentication/ on auth is missing some vital info for auth with Google Artifact Registry.
Trying to use the new keyring delegation calling with
Does not work pip install --no-input --keyring-provider=subprocess --index-url=https://us-east4-python.pkg.dev/<project>/<repo>/simple <package_name>
Does work pip install --no-input --keyring-provider=subprocess --index-url=https://oauth2accesstoken@us-east4-python.pkg.dev/<project>/<repo>/simple <package_name>
It seems the username needs to be oauth2accesstoken. It was only obvious after digging deep into the code for
keyrings.google-artifactregistry-auth that this is a hard coded username, and any username provided to the CLI is ignored.
The CLI interface in keyrings could be more obvious and also return the overridden username, but that's not for pip to solve i guess.
Expected behavior
Update docs to state that this username needs to be used for any usage with Google Artifact Registry
pip version
23.1
Python version
3.11
OS
Mac
How to Reproduce
You need a working Google Artifact Registry setup. See description
This looks like something that should be covered by keyrings.google-artifactregistry-auth? pip only provides an iterface to inject credentials; how the injection is actually performed in up to each keyring integration.
Yes agree. I still think it could be very useful for getting developers all the way through using the docs, since it is already giving some hints on how to integrate with both Google and Azure.
I have a feeling that more people will get this error over time, so wanted to leave some internet trail of a possible solution.
If the suggestion is to add references to direct people to the relevant documentation, I’m for it. I do not think pip should involve in documenting how to set up individual keyring integrations though, since that changes with those projects and pip maintainers are not in the position to document things for them.
#11827 seems maybe relevant here? Having a way to specify the username to use (so it doesn't need to be repeated in every --extra-index-url) would solve other things -- notably GitHub Dependabot's private pypi config doesn't like urls which already have a username in them.
I realise that's not a pip thing specifically as it's kinda keyring which isn't returning the username, however it is something pip could ease and which might be useful in general.
Description
Hi,
thanks for the great additions with keyrings in pip 23.1 :) I discovered that the docs here https://pip.pypa.io/en/stable/topics/authentication/ on auth is missing some vital info for auth with Google Artifact Registry.
Trying to use the new keyring delegation calling with
Does not work
pip install --no-input --keyring-provider=subprocess --index-url=https://us-east4-python.pkg.dev/<project>/<repo>/simple <package_name>
Does work
pip install --no-input --keyring-provider=subprocess --index-url=https://oauth2accesstoken@us-east4-python.pkg.dev/<project>/<repo>/simple <package_name>
It seems the username needs to be
oauth2accesstoken
. It was only obvious after digging deep into the code forkeyrings.google-artifactregistry-auth that this is a hard coded username, and any username provided to the CLI is ignored.
The CLI interface in keyrings could be more obvious and also return the overridden username, but that's not for pip to solve i guess.
Expected behavior
Update docs to state that this username needs to be used for any usage with Google Artifact Registry
pip version
23.1
Python version
3.11
OS
Mac
How to Reproduce
You need a working Google Artifact Registry setup. See description
Output
No response
Code of Conduct
The text was updated successfully, but these errors were encountered: