Seems completely broken
oerpli opened this issue ยท 9 comments
I've tried to use artifacts-keyring according to the documentation provided on Azure DevOps + docs.microsoft.com and various other sources and haven't found a way to use Azure Artifacts reliably, either in our outside of the corporate environment.
Things that are broken:
- Breaks several python tools by interjecting user/password prompts (sometimes without a prompt - just waiting for input and crashing if the user doesn't correctly guess what he needs to enter in the empty prompt).
- It asks for
User for pkgs.dev.azure.comduring pip commands - it's not possible to enter anything useful there - Entering correct AAD login information doesn't seem to work
- When it works, it's completely opaque why it works
- Doesn't seem to react to
ARTIFACTS_KEYRING_NONINTERACTIVE_MODE
I think either the documentation needs a major improvement or the whole thing needs to be fixed.
As a first example:
ARTIFACTS_KEYRING_NONINTERACTIVE_MODE: Controls whether the underlying credential provider can issue interactive prompts.
How? What happens, if I set it to different values? What, if it is not set? Why haven't I read about this variable anywhere on docs.microsoft.com? Does Microsoft expect that paying users read the source code of various packages hosted somewhere on Github to figure out how to use a service they are paying for?
I have the same issue, 0.2.9 seems to be broken, the environment variable is ignored at all and I cannot connect to the feed into my Dockerfile.
Are you using the PAT as password? I am trying to get this to work in a docker container, but not sure how.
Just wanted to mention that it still doesn't work reliably. Other users seem to have the same issue (#25).
Does Azure DevOps still have any future or is it currently being phased out in favor of GitHub?
I've found a fix (read: "ugly hack") that kind of works (for me):
In current\lib\site-packages\artifacts_keyring\plugin.py (Link) replace the whole env-variable checking with True (or False - depending on what you need).
The way this environment variable is retrieved or converted to a boolean isn't optimal to say the least.
Hi @oerpil!
I want to make sure that you're also familiar with the repo that does the underlying auth calls: https://github.com/microsoft/artifacts-credprovider
I've added a PR to make that connection more clear: #26
I am trying to get this to work in a docker container, but not sure how.
@coding-totoro Please look at https://github.com/dotnet/dotnet-docker/blob/master/documentation/scenarios/nuget-credentials.md#using-the-azure-artifact-credential-provider. It says "NUGET" in the env var, but it is actually generic.
While I don't know what specifically fixed it (there were a few releases to related projects) things are working for me currently.
I stopped trying with Poetry for some time but it I will try the method mentioned here poetry/#2857 when I get to it.
The last couple of days I have been leaving a paper trail on issues I looked at while trying to make things work.
Besides installing artifacts-keyring you might want to install azure-devops-artifacts-helpers which provides a virtualenv seeder called azdo-pip that installs artifacts-keyring into new virtual environments. You can configure virtualenv to use that seeder via the config file or setting the VIRTUALENV_SEEDER environment value to azdo-pip.
Poetry does not currently use keyring the same way that pip and pipenv do: python-poetry/poetry#4086.
Alternatively to waiting for when and if that PR gets merged you could create an additional keyring implementation that starts a new keyring lookup based on the url and netloc when it detects a poetry lookup. But you would also need a new seeder.
Hopefully someone finds this helpfull.
In order to consolidate to fewer feedback channels, we've moved suggestions and issue reporting to Developer Community.
Could you link to the actual issue in the dev community, so other can follow the discussion