Login CLI for the cadmould Python SDK — authenticates with your Simcon account and configures pip to install cadmould from the licensed private package index.
Project description
cadmould-sdk-auth
Login CLI for the cadmould Python SDK. It signs you in with your Simcon account
and configures pip so you can install cadmould from Simcon's licensed private
package index — no AWS account or AWS CLI required.
Who can sign in
Sign-in is currently limited to Simcon staff — a Simcon Auth0 account on the
simcon.com domain. External-customer access (role/entitlement-based) is not enabled
yet; it's a later phase. If your sign-in succeeds in the browser but the tool then
reports access denied, your account isn't authorized for the cadmould package index —
contact Simcon support.
Install
pipx install cadmould-sdk-auth # recommended (isolated)
# or: pip install cadmould-sdk-auth
Use
# activate the virtualenv you want cadmould installed into, then:
cadmould-sdk-auth
pip install cadmould
cadmould-sdk-auth opens your browser to sign in. On success it writes an
authenticated index URL into the active virtualenv's pip config
($VIRTUAL_ENV/pip.conf, or %VIRTUAL_ENV%\pip.ini on Windows), so the next
pip install cadmould pulls from the private index.
No virtualenv active? Use --print-index-url to get the URL and configure pip
yourself, or --scope user to write pip's per-user config instead.
Sign out / manage:
cadmould-sdk-auth --logout— removes the cadmould index-url entry again (no network call), restoring a previous index-url if this tool had replaced one. Exits3if the current index-url wasn't set by this tool (it's left untouched). It removes the cadmould index-url regardless of which--channelconfigured it (pip keeps only one index-url per scope), so--channelhas no effect on--logout.--scope user— applies to the per-user pip config instead of the active venv (works with both the default action and--logout).--channel customer|staging— which distribution channel to authenticate for. Defaults tocustomer(the public index).stagingis an internal pre-release channel for Simcon staff (gated by Simcon SSO via Entra) and isn't available to external customers. To switch channels, just re-run with the one you want — it overwrites the active venv's single index-url (pip keeps one per scope). For example, switch to staging withcadmould-sdk-auth --channel stagingthenpip install cadmould, and switch back withcadmould-sdk-auth(the defaultcustomerchannel).
Note: writing pip config rewrites the file via
RawConfigParser, which drops any comments the file previously contained (settings are preserved). The written file is restricted to your user (0600; on Windows file modes don't apply — the file gets your profile's default ACLs) since it embeds a short-lived token. If you already have a customindex-url, the tool replaces it and warns you, and--logoutonly removes an entry it set (a foreign one is left untouched). Headless / remote machines: sign-in uses a browser redirect to a loopback address on the machine running the CLI, so it won't complete over plain SSH (no local browser) or in CI. Run it on a workstation with a browser, or forward the loopback port. (A device-code flow is a possible future addition if this is a common need.)
How it works
- PKCE login to Simcon's identity provider (loopback redirect; opens your browser).
- The resulting token is exchanged via AWS STS for short-lived, read-only credentials to the private package repository.
- Those mint a CodeArtifact authorization token, embedded in the pip index URL.
The token is short-lived; re-run cadmould-sdk-auth when it expires. The tool only
ever obtains read access to the cadmould package index.
If a long install fails with 401 Unauthorized: pip does not re-authenticate
mid-install, so if the token expires while a large download is in progress, the
install fails. Re-run cadmould-sdk-auth to get a fresh token, then restart the
pip install (already-downloaded wheels are cached, so the retry is fast).
License
Apache License 2.0. (The cadmould SDK itself is proprietary, licensed software — this tool only handles sign-in and pip configuration.)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cadmould_sdk_auth-0.1.0.tar.gz.
File metadata
- Download URL: cadmould_sdk_auth-0.1.0.tar.gz
- Upload date:
- Size: 48.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cb8a567c4a4ac03c9589368c2104abbe3299e2f4a4acf718616bc50f383b08e4
|
|
| MD5 |
46a05d69ad276d8a6a4b8c051d51067c
|
|
| BLAKE2b-256 |
af1f98d062eb1e93a779a74ff27b02248dc45e9fc434aa3f8aa8452aa3a467e7
|
Provenance
The following attestation bundles were made for cadmould_sdk_auth-0.1.0.tar.gz:
Publisher:
publish.yml on Simcon-Software/cadmould-sdk-auth
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
cadmould_sdk_auth-0.1.0.tar.gz -
Subject digest:
cb8a567c4a4ac03c9589368c2104abbe3299e2f4a4acf718616bc50f383b08e4 - Sigstore transparency entry: 1925639764
- Sigstore integration time:
-
Permalink:
Simcon-Software/cadmould-sdk-auth@ba18159047922c70d7046f20bb6b61a2cf05485b -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/Simcon-Software
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@ba18159047922c70d7046f20bb6b61a2cf05485b -
Trigger Event:
push
-
Statement type:
File details
Details for the file cadmould_sdk_auth-0.1.0-py3-none-any.whl.
File metadata
- Download URL: cadmould_sdk_auth-0.1.0-py3-none-any.whl
- Upload date:
- Size: 22.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
96e13fc02a16b12c86eacfbfe05d850a77d53e5d665f681480a4d0af2018035a
|
|
| MD5 |
e8eb4a132cf6bd23ebbcb741d08661f4
|
|
| BLAKE2b-256 |
1f704930cf854af5ed7673eb99a05779105616784c5f393939b84b50e5c56458
|
Provenance
The following attestation bundles were made for cadmould_sdk_auth-0.1.0-py3-none-any.whl:
Publisher:
publish.yml on Simcon-Software/cadmould-sdk-auth
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
cadmould_sdk_auth-0.1.0-py3-none-any.whl -
Subject digest:
96e13fc02a16b12c86eacfbfe05d850a77d53e5d665f681480a4d0af2018035a - Sigstore transparency entry: 1925639868
- Sigstore integration time:
-
Permalink:
Simcon-Software/cadmould-sdk-auth@ba18159047922c70d7046f20bb6b61a2cf05485b -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/Simcon-Software
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@ba18159047922c70d7046f20bb6b61a2cf05485b -
Trigger Event:
push
-
Statement type: