Add support for defining credentials for uv in an environment variable #6389
Conversation
zanieb
force-pushed
the
zb/auth-urls
branch
2 times, most recently
from
9c5715f to
516620b
Compare
zanieb
force-pushed
the
zb/auth-urls
branch
7 times, most recently
from
2c94c2f to
25abe36
Compare
|
I want to write documentation for this and make sure it's actually solving people's problems, but the implementation is ready for review. |
zanieb
added
enhancement
While working on #6389 I discovered we never checked `cache.get_url` here, which is wrong — though I don't think it had much effect in practice since the realm would typically match first. The main problem is that when we call `get_url` later we hard-code the username to `None` because we assume we checked up here with the username if present.
|
Maybe |
|
I don't love my name, so maybe. Will consider... |
|
Since auto-merge was enabled, apart from test and |
|
I'm not getting a ton of signal about how useful it would be so it's relatively low priority. More relevant though, I was on vacation and am just now noticing auto-merge failed. |
|
@zanieb -- My gut is to punt on this until we see more demand, but ultimately defer to you. |
Definitely not high priority IMO. Personally I can leave without it, since we can pass the entire index including credentials with Do you think the feature would also fit what is planned in #171, or are we thinking about providing another mechanism to provide credentials for this other feature (e.g. what Poetry does, where the credentials are set for a source name by including the name in the header)? If we're not sure yet, maybe we can hold off on merging this PR until the other feature is implemented, to try to come up with something that would ideally fit both use cases? |
|
@charliermarsh is going to start working on #171 soon and I think that will probably supersede this and include a design for index credentials. |
Pull request was closed
Adds
UV_AUTH_URLSwhich defines credentials that should be used for URLs if we make a request there.This is helpful for cases where, e.g., you want to provide credentials for an index but you don't want to change the index URL semantics by setting
UV_INDEX_URL.Implemented by seeding the URL authentication cache with the value of the variable.
Supports things like:
UV_AUTH_URLS="username:password@hostname"UV_AUTH_URLS="username@hostname"UV_AUTH_URLS="username:password@hostname username:password@other-hostname"UV_AUTH_URLS="username:password@hostname/prefix"There's a small caveat here, that if you use an index URL like
foo@hostname/simpleand you provide a passwordbar:password@hostname— the password should not be used but requests to fetch wheels from a different, parent path e.g.hostname/filescan allow use ofbar:password. This requires #4583 to address. In the meantime, credentials should just be properly scoped.