How to configure PDM repositories in CI/CD when no password is required? #1790

baggiponte · 2023-03-28T15:25:18Z

baggiponte
Mar 28, 2023

Some private repository services like GemFury only provide username upload tokens no password, like this: https://<TOKEN>:@service.pypi.com/simple.

Working with such services is hard, because you cannot/are not supposed to set an empty value with pdm config repository.private.password.

The hack I found is to manually configure pdm settings for the repo like this:

[pypi.private]
url = "<SERVICE_URL>"
username = "<SERVICE_TOKEN>"
password = ""

However this does not work in CI/CD, e.g. with GitHub Actions you cannot set an empty secret. I tried setting password = "__token__" but of course that does not work.

Is there a temporary workaround for this? Thanks!

Answered by baggiponte

Mar 29, 2023

The GemFury team answered you can set as username the token owner and use the token as password:

token-as-username is only supported for backward compatibility. We now recommend using the following Repo-URL format: "https://OWNER:[email protected]/USERNAME/" where OWNER is the username of the token owner.

So for pdm:

pdm config repository.private.url pypi.fury.io/USERNAME
pdm config repository.private.username TOKEN_OWNER
pdm config repository.private.password TOKEN

View full answer

frostming · 2023-03-29T03:25:50Z

frostming
Mar 29, 2023
Maintainer

Encode it in the URL:

pdm config pypi.private.url https://<TOKEN>:@service.pypi.com/simple

2 replies

baggiponte Mar 29, 2023
Author

I tried that but pdm still prompts me for a username and password.

(In the meantime, found one workaround, which is to set both username and password to the token. Not liking it because if I pdm config the token is still exposed. Of course this does not fall on PDM.)

I realise that __token__ is a special keyword reserved for pypi? Do you think PDM might want to "incorporate" a feature like this - e.g. when password is set to a special phrase it does not prompt it, like __nopass__?

baggiponte Mar 29, 2023
Author

The GemFury team answered you can set as username the token owner and use the token as password:

token-as-username is only supported for backward compatibility. We now recommend using the following Repo-URL format: "https://OWNER:[email protected]/USERNAME/" where OWNER is the username of the token owner.

baggiponte · 2023-03-29T11:02:28Z

baggiponte
Mar 29, 2023
Author

The GemFury team answered you can set as username the token owner and use the token as password:

token-as-username is only supported for backward compatibility. We now recommend using the following Repo-URL format: "https://OWNER:[email protected]/USERNAME/" where OWNER is the username of the token owner.

So for pdm:

pdm config repository.private.url pypi.fury.io/USERNAME
pdm config repository.private.username TOKEN_OWNER
pdm config repository.private.password TOKEN

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

How to configure PDM repositories in CI/CD when no password is required? #1790

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 2 comments 2 replies

{{title}}

{{title}}

{{title}}

{{title}}

Select a reply

How to configure PDM repositories in CI/CD when no password is required? #1790

baggiponte Mar 28, 2023

Replies: 2 comments · 2 replies

frostming Mar 29, 2023 Maintainer

baggiponte Mar 29, 2023 Author

baggiponte Mar 29, 2023 Author

baggiponte Mar 29, 2023 Author

baggiponte
Mar 28, 2023

Replies: 2 comments 2 replies

frostming
Mar 29, 2023
Maintainer

baggiponte Mar 29, 2023
Author

baggiponte Mar 29, 2023
Author

baggiponte
Mar 29, 2023
Author