Comments (4)
The method creds = keyring.get_credential(index_url, None)
seems to create a username/token combo that works on that feed, so if you are building on e.g. a windows laptop where you are using artifacts-keyring, then that can give you a token to pass into your docker build, but if you are e.g. building on a non-interactive machine (apart from azure devops pipeline build agents with the PipAuthenticateTask), I think you'll need to create a PAT in devops directly and use that as an environment variable into the build - see #8
from artifacts-keyring.
expanding on this, I have two use cases:
- docker containers are built on an ephemeral build server in a server pool.
- docker containers built by a script that runs a bunch of stuff including building the container on a dev's local box.
I used to just use a token which was injected into the extra-index-url. This was then introduced and it appears that likely whatever token I was using must have expired. I was hoping to figure out how to use this in those scenarios OR figure out how to use this to get a new token and prefferably how to generate a token with a headless build agent.
SOLVED:
make a new personal access token. In the top right of your Azure Dev Ops browser page.
This goes in your requirements.txt
--extra-index-url https://{{YOUR_FEED}}:{{YOUR_TOKEN}}@pkgs.dev.azure.com/{{YOUR_ORG}}/_packaging/{{YOUR_FEED}}/pypi/simple/
{{YOUR_PACKAGE_NAME}}=={{YOUR_VERSION}}
in your docker file:
Copy ./requirements.txt ./
RUN pip install -r requirements.txt
from artifacts-keyring.
Using secrets in Docker is ... tricky. You'll need to do something analogous to this: https://github.com/dotnet/dotnet-docker/blob/master/documentation/scenarios/nuget-credentials.md
from artifacts-keyring.
The above link is really the master cookbook. For some context, this tool is just a wrapper around https://github.com/microsoft/artifacts-credprovider so you can pass it the secret via VSS_NUGET_EXTERNAL_FEED_ENDPOINTS (yes it says NuGet, but don't worry about that 😊 ) see https://github.com/microsoft/artifacts-credprovider#environment-variables
You may also be interested in NUGET_CREDENTIALPROVIDER_SESSIONTOKENCACHE_ENABLED
Some more info on tokens:
https://docs.microsoft.com/en-us/azure/devops/pipelines/process/access-tokens?view=azure-devops&tabs=yaml
https://docs.microsoft.com/en-us/azure/devops/pipelines/build/variables?view=azure-devops&tabs=yaml#systemaccesstoken
from artifacts-keyring.
Related Issues (20)
- Test stale bot HOT 1
- WARNING: Keyring is skipped due to an exception: Failed to create get credentials HOT 1
- BUG: Artifacts keyring is not asking for my password on a browser HOT 1
- Support for Ubuntu 18.04 LTS? HOT 1
- pip install from azure dev asking for username & password for pkgs.dev.azure.com HOT 5
- artifacts-keyring requires dotnet SDK (not dotnet runtime as said on documentation) HOT 2
- WARNING: Keyring is skipped due to an exception: Requires Windows and pywin32 HOT 1
- Manjaro: Dotnet 6.0 incompatible with artifacts-keyring HOT 1
- On windows, we should fall back to netcore if netfx is not available HOT 2
- Breaking change in dotnet CLI? HOT 2
- Artifacts keyring ignores pip.ini proxyb setrings HOT 1
- Can we remove the dependency on dotnet SDK? HOT 4
- Have to input credentials twice for two feeds? HOT 5
- WARNING: Keyring is skipped due to an exception: Failed to get credentials: process with PID 395888 exited with code -11; additional error message: HOT 4
- Please Push the newest version 0.3.3 to the pypi repository HOT 2
- Intermittent failure to authenticate on WSL HOT 3
- Is it possible to use artifacts-keyring with a Service Principal? HOT 10
- This repo is missing important files
- artifacts-keyring succesfully installs with pip when dotnet dependency is missing. HOT 1
- [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1007)'
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from artifacts-keyring.