Poetry plugin to login to AWS CodeArtifact
Project description
poetry-codeartifact-login-plugin
This is a plugin for Poetry that allows poetry to obtain and use login credentials for an AWS CodeArtifact repository.
Background
CodeArtifact is AWS's solution for hosting Python packages (and other languages). Users must authenticate with CodeArtifact using http-basic authentication (anonymous access is not supported). Users can obtain the necessary credentials by using the AWS CLI. A user who is properly authenticated with AWS can obtain a login token for CodeArtifact that will expire after a certain amount of time (by default, 12 hours). This plugin allows Poetry to automatically obtain and use these credentials.
Dependencies
This plugin depends on the AWS CLI being installed on the search $PATH. The AWS CLI must be properly configured with the necessary credentials and region.
Setup
Update your project's pyproject.toml file to include your CodeArtifact repository as a source for packages.
For example,
[[tool.poetry.source]]
name = "MyRepository"
url = "https://mydomain-1234567890123.d.codeartifact.us-west-2.amazonaws.com/pypi/my-repository/simple/"
default = true
Next, add a [tool.poetry_codeartifact_login] section to your pyproject.toml file. For each CodeArtifact
repository in your list of sources, add a corresponding [[tool.poetry_codeartifact_login.source]] section.
For example,
[tool.poetry_codeartifact_login]
[[tool.poetry_codeartifact_login.source]]
name = "MyRepository"
domain = "mydomain"
domain_owner = "1234567890123"
aws_profile = "developer-profile"
Configuration
Each [[tool.poetry_codeartifact_login.source]] section has the following fields:
name: This must match the name of the source as defined in the corresponding[[tool.poetry.source]]section.domain: The name of the domain of the CodeArtifact repository.domain_owner: The AWS account number that owns the domain.aws_profile: (OPTIONAL) The name of the AWS profile to use when obtaining credentials. If not provided, the default profile will be used.
Usage
Once the plugin is installed, and a project configured with the necessary pyproject.toml settings, poetry will
automatically attempt to refresh the CodeArtifact login token before each operation that requires it. If
all works as expected, you should not need to do anything else.
Architecture
The plugin registers a hook that runs prior to each operation that requires a login token. The hook checks if the
is valid, unexpired token is already available. If not, the plugin runs the aws codeartifact get-authorization-token
command to obtain a new token, and stores it in the poetry configuration for the corresponding repository.
The plugin uses the standard poetry functionality for storage and management of credentials. Poetry will attempt to use a platform-specific keyring to store the credentials, if available. Otherwise, the credentials will be stored in a poetry configuration flatfile on disk. Refer to the poetry documentation for more information.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for poetry_codeartifact_login_plugin-1.0.0.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | eea2ef93efb1623ec5ca2fe278ff2376057e40fd952a8e7f2353fdf4814ab1fa |
|
| MD5 | 99370cd02d708641a5a2b336fd980941 |
|
| BLAKE2b-256 | baf210273998541d6298d18fbc5bb7752bfcfe6f8d485f05756c20d911138b9d |
Hashes for poetry_codeartifact_login_plugin-1.0.0-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 600b47fab7650053025db0833decde7d5e85dee60b6f7a0471dea20e7566ba68 |
|
| MD5 | df7c5953ea31956ce7c611a5ebbe30fb |
|
| BLAKE2b-256 | 8002031b5de472b66c4f3115d2d2b1660fbc31dfe5cbf4b5a26499af68669ea4 |
