Support login tokens for multiple registries #4680
Conversation
Now `cargo login` stores a token per host. If the host parameter is omitted cargo stores a token as default, i.e. as a token for crates.io.
…gistry-login Conflicts: src/bin/login.rs src/cargo/ops/registry.rs tests/login.rs tests/publish.rs
|
r? @matklad (rust_highfive has picked a reviewer for you, use r? to override) |
| let config = src.config()?.unwrap(); | ||
| options.flag_host.clone().unwrap_or(config.api.unwrap()) | ||
| } | ||
| }; | ||
| println!("please visit {}me and paste the API Token below", host); |
There was a problem hiding this comment.
Hm I think this should only get printed for the crates.io registry, right? We may not want to assume the layout of another registry per se just yet, and instead we could probably just return an error if no token was passed and --registry was passed?
There was a problem hiding this comment.
I was wondering if the /me API should be required for publish, I am happy to switch to just return an error stating that the token should be provided.
There was a problem hiding this comment.
Yeah this is one where we haven't done much to sketch out the path towards "what does a custom registry need HTTP-wise", so I think it's ok to err on the side of caution for now and just return an error
src/cargo/ops/registry.rs
Outdated
| let (index, token) = match registry { | ||
| Some(registry) => { | ||
| let index = Some(config.get_registry_index(®istry)?); | ||
| let table = config.get_table(&format!("registry.{}", registry))?.map(|t| t.val); |
There was a problem hiding this comment.
Could this use get_string perhaps? That'll allow overrides via env var (table support isn't implemented there yet)
There was a problem hiding this comment.
I did originally try using get_string, but that caused problems if there was a '.' in the registry name (which I think is allowed). I will have a play and see if I can get something working.
There was a problem hiding this comment.
Turns out it does just work switching to get_string, so I have made the change.
src/cargo/util/config.rs
Outdated
| @@ -545,6 +545,14 @@ impl Config { | |||
| } | |||
| } | |||
|
|
|||
| /// Gets the index for a registry. | |||
| pub fn get_registry_index(&self, registry: &str) -> CargoResult<String> { | |||
There was a problem hiding this comment.
Perhaps this could bake in returning a Url instead of a String?
There was a problem hiding this comment.
Sounds reasonable, I will update.
|
Looking great! Could this also be sure to place the support behind a feature gate? To do something like rustc it means we'd add a |
|
@alexcrichton, I have now made all the changes that you requested as part of your review. |
tests/alt-registry.rs
Outdated
| // Now perform the actual publish | ||
| assert_that(p.cargo("publish").masquerade_as_nightly_cargo() | ||
| .arg("--registry").arg("alternative").arg("-Zunstable-options"), | ||
| execs().with_status(101)); |
There was a problem hiding this comment.
Could you add an assertion about stderr here to ensure it prints the right error message?
| // Now perform the actual publish | ||
| assert_that(p.cargo("publish").masquerade_as_nightly_cargo() | ||
| .arg("--registry").arg("alternative").arg("-Zunstable-options"), | ||
| execs().with_status(0)); |
There was a problem hiding this comment.
Hm could you describe the behavior of this test a bit? Presumably this is sending a POST which I guess is "uploading" a file to the local filesystem?
If that's the case, can this assert that the file was created? I think the binary format is pretty crazy so it's ok to not actually look inside the file, but asserting at least that it exists may be good?
There was a problem hiding this comment.
This is just performing an upload to the local registry in the same way that publish_clean currently works (with the only change that we are going to an alternate registry), I am not too keen on adding too much extra checking of the actual registry contents as that will likely be a remote server which we will be receiving the package normally. Are you happy for me to not make this change?
There was a problem hiding this comment.
Oh yeah I was just thinking we could assert that a file exists on the filesystem somewhere. Basically assert that the upload happened to the alternative registry here and not the "main registry"
| @@ -7,7 +7,7 @@ extern crate toml; | |||
| use std::io::prelude::*; | |||
There was a problem hiding this comment.
This (and I think at least one other file?) I think changed from 644 permissions to 755, mind reverting back?
There was a problem hiding this comment.
I will revert those.
tests/login.rs
Outdated
| [registries.test-reg] | ||
| index = "http://dummy_index/" | ||
|
|
||
| [registries.test.reg] |
There was a problem hiding this comment.
This actually reminds me, at some point we're going to want validation on the names of registries I think? Probably for now (to start conservative at least) we probably want to restrict registries to [a-zA-Z0-9_-] probably?
There was a problem hiding this comment.
Restrict the identifiers of the registry, that is
There was a problem hiding this comment.
In that case I will remove the test for test.reg and remove this entry. I will also add this to the issue list for stabilization.
| if let Some(registry) = registry { | ||
| let mut map = HashMap::new(); | ||
| map.insert(key, value); | ||
| (registry, CV::Table(map, file.path().to_path_buf())) |
There was a problem hiding this comment.
I think this is building up a TOML file like:
[my-registry-name]
token = "..."right?
That seems fine by me for now (although maybe registry.foo for consistency with specifying the index?), but one thing I'm a little worried about is that we're making a lot of decisions in a bit of an ad-hoc fashion. I think all the conclusions are fine so far, but it'd be good to have a list of "here's the design decisions that were made" when we go for stabilizing custom registries.
Mind opening a tracking issue for custom registries (or appending to one that already exists?). I'm thinking we could track things like the --registry flag, my concern below for the naming of the registry identifiers, the format of the credentials file, the configuration syntax in .cargo/config for custom registries, etc.
Basically I'm thinking we should just track somewhere "here's what we need to be sure about for stabilization" and we can throw concerns/thoughts/implementation details on that as they arise.
There was a problem hiding this comment.
I will raise an issue to cover this.
|
Ok looks great! r=me with an assertion that the publish happens to the right registry (asserting that a file exists) |
|
@alexcrichton, I have added the additional test that you asked for. |
|
@bors: r+ Looks great! |
|
📌 Commit 4ef8f55 has been approved by |
Support login tokens for multiple registries This pull request builds on #4206 to support login using the the registry from alternate registries (RFC 2141). This includes the following changes: - allow credentials to be stored based on the registry - allow passing the registry to run cargo commands against using --registry Note that this does not include a feature gate on the use of --registry as the publish code blocks publish if we use any features. @alexcrichton, are you happy with this approach, or is there a way that you would recommend this should be relaxed for testing purposes?
|
☀️ Test successful - status-appveyor, status-travis |
This pull request builds on #4206 to support login using the the registry from alternate registries (RFC 2141). This includes the following changes:
Note that this does not include a feature gate on the use of --registry as the publish code blocks publish if we use any features. @alexcrichton, are you happy with this approach, or is there a way that you would recommend this should be relaxed for testing purposes?