Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

1.1.0rc1: POETRY_HTTP_BASIC_ environment variables are ignored for private repositories #2799

Closed
3 tasks done
dclayh opened this issue Aug 11, 2020 · 3 comments · Fixed by #2990
Closed
3 tasks done

1.1.0rc1: POETRY_HTTP_BASIC_ environment variables are ignored for private repositories #2799

dclayh opened this issue Aug 11, 2020 · 3 comments · Fixed by #2990
Labels
area/repo Meta-issues for the repository/forge itself kind/bug Something isn't working as expected
Milestone
1.1

Comments

@dclayh
Copy link

dclayh commented Aug 11, 2020

  • I am on the latest Poetry version.
  • I have searched the issues of this repo and believe that this is not a duplicate.
  • If an exception occurs when executing a command, I executed it again in debug mode (-vvv option).

Issue

Downloading wheels from an Azure Devops feed fails with a 401 Unathorized error using http-basic authorization. This is true whether creds are set with poetry config or env vars. Version collection still succeeds from the private repo. This is a bug (or undocumented interface change?) with the 1.1.0 prereleases, since everything works fine with 1.0.5.

Snippet of poetry update -vvv output:

Package operations: 0 installs, 1 update, 0 removals

  • Updating data-utils (0.7.0 -> 0.6.20): Pending...
  • Updating data-utils (0.7.0 -> 0.6.20): Failed

HTTPError

401 Client Error: Unauthorized for url: https://guycarp.pkgs.visualstudio.com/9fb36d55-4aac-44bd-9e13-0d2773f027b9/_packaging/c31f3100-0441-4ca7-8b74-4f948c9eb523/pypi/download/data-utils/0.6.20/data_utils-0.6.20-py3-none-any.whl#sha256=40ba0db196547929b735f3aee626be3ebdc990c929d1f5c0623ba6affd129588
@abn abn added the kind/bug Something isn't working as expected label Aug 11, 2020
@abn abn added this to the 1.1 milestone Aug 11, 2020
@bneijt
Copy link

bneijt commented Aug 11, 2020

I've been trying to debug this and the issue seems to be the following:

  • The install executor do_execute asks the chooser to pick a url for the package to download
  • The LegacyRepository returns a list of urls without basic auth credentials in the url from find_links_for_package
  • The install executor tries to download the link without any credentials or session information.

The LegacyRepository has a _get but this is not used and contains a reference to self._url instead of self.authenticated_url which might be a bug in and of itself?

@finswimmer finswimmer added the area/repo Meta-issues for the repository/forge itself label Aug 12, 2020
@fbergroth fbergroth mentioned this issue Sep 24, 2020
Closed
2 tasks
@fbergroth
Copy link
Contributor

I ran into the same issue. Do you also set credentials via environment variables? See if #2955 solves it for you as well.

@abn abn mentioned this issue Sep 28, 2020
Closed
3 tasks
@abn abn changed the title Private pypi (azure devops feed) fails with 1.1.0 prereleases 1.1.0rc1: POETRY_HTTP_BASIC_ environment variables are ignored for private repositories Sep 28, 2020
abn added a commit to abn/poetry that referenced this issue Sep 28, 2020
@abn @fbergroth
authenticator: use configured repositories
408b0fb 
This change ensures that we use configured repositories to detect
credentials instead of `http-basic.`

Resolves: python-poetry#2799

Co-authored-by: Fredrik Bergroth <fbergroth@gmail.com>
abn added a commit to abn/poetry that referenced this issue Sep 28, 2020
@abn
repositories: use authenticator for legacy repos
c8d6fbc 
This change unifies the use of authenticator for legacy repositories.
This ensures that we retrieve the correct credentials in all cases.

Relates-to: python-poetry#2799 python-poetry#2988
@abn abn mentioned this issue Sep 28, 2020
Merged
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 3, 2024

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 3, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
area/repo Meta-issues for the repository/forge itself kind/bug Something isn't working as expected
Projects
None yet
Milestone
1.1
5 participants
@bneijt @abn @fbergroth @finswimmer @dclayh