Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Cannot Authenticate with Multiple Private Repositories on the same Domain (GitLab)
See original GitHub issueSo I traced through the source code to figure out what was going on. It looks like this is only relevant in the 1.1 branch and the logic I am referencing with this seems to be updated on master - so I am not sure how much of a new “bug” this is. Still wanted to create the issue because I would like to get a fix for this in the near future if possible.
Scenario:
I work on code in multiple GitLab groups, and we are using GitLab private package registries. GitLab serves the PyPi server over "https://gitlab.com/api/v4/groups/<GROUP_ID>/-/packages/pypi/simple" - so if I want to have a package from each of those groups, I may do something in my pyproject.toml file like this:
[[tool.poetry.source]]
name = "gitlab-group-1"
url = "https://gitlab.com/api/v4/groups/1111111111/-/packages/pypi/simple"
[[tool.poetry.source]]
name = "gitlab-group-2"
url = "https://gitlab.com/api/v4/groups/222222222/-/packages/pypi/simple"
Then run the poetry config http-basic.gitlab-group-1, etc., for each of these repositories.
The problem is that nothing can be located from the second repository (the gitlab-group-2 one).
The problem, from what I could trace/debug, appears to be that the authenticator makes the assumption that you will only ever have one set of credentials for a given domain. The get_credentials_for_url function just tries to load credentials for gitlab.com, which is the netloc for both group-1 and group-2, but I have separate deploy tokens (user/passwords) for each of those, and it just loads the first one.
I think the get_credentials_for_url should instead get credentials based on entire URLs, not just the domain (which looks like it might behave more that way on master but I am not sure).
I’d much prefer to work with the deploy-tokens over personal access tokens (which would be valid for me across the entire gitlab.com domain) since I can control exactly what access the deploy-tokens have. I.e., in a CI context I don’t want the CI to have my personal access token.
Thanks - hopefully this description helps!
Issue Analytics
- State:
- Created a year ago
- Comments:9 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@tkutcher you have the power to press the close button and I don’t
Agree. Sorry for causing confusion regarding this. I missed the semantic change in 1.2 (and master). Also validated the correct behavior via debugger. Thanks for a quick and correct assessment.