A PyPI implementation for closed groups with authentication only
Project description
Warehouse14
While the PyPI (Warehouse) provides a global package index for all Python users, companies and closed groups do have the need for a non-global Python package index.
While existing projects provide different options for a private package index, Warehouse14 provides an implementation that requires authentication by default, but provides the option for a decentralized access management on individual project level.
Features
- Authentication via OIDC provider by default
- User manageable API keys for download/upload
- Project
- Project page
- Package metadata
- User access management
- Admin is able to modify package content and upload new versions. They also manage users.
- Member read access to private repositories.
- Project Types: Public (still require authentication) / Private (Access only for defined users)
Deployment
TODO 🙈
Deploy on AWS Lambda
# Requirements: warehouse[aws], apig_wsgi
import boto3
from warehouse14 import OIDCAuthenticator, create_app
from warehouse14.repos_dynamo import DynamoDBBackend, create_table
from warehouse14.storage import S3Storage
# requires apig_wsgi
from apig_wsgi import make_lambda_handler
auth = OIDCAuthenticator(
client_id="<your oidc client id>",
client_secret="<your oidc client secret>",
user_id_field="email",
server_metadata_url="https://<idp>/.well-known/openid-configuration",
)
dynamodb = boto3.resource("dynamodb")
table = create_table(dynamodb, "table")
db = DynamoDBBackend(table)
bucket = boto3.resource("s3").Bucket("<bucket name>")
storage = S3Storage(bucket)
app = create_app(db, storage, auth, session_secret="{{ LONG_RANDOM_STRING }}")
lambda_handler = make_lambda_handler(app, binary_support=True)
Glossary
To use common Python terms we take over the glossary of Warehouse
Term | Definition |
---|---|
Project | A collection of releases and files, and information about them. Projects on Warehouse are made and shared by members of the Python community so others can use them. |
Release | A specific version of a project. For example, the requests project has many releases, like requests 2.10 and requests 1.2.1. A release consists of one or more files. |
File | Something that you can download and install. Because of different hardware, operating systems, and file formats, a release may have several files, like an archive containing source code or a binary wheel. |
Package | A synonym for a file. |
User | A person who has registered an account on Warehouse. |
Account | An object representing a logged in user. |
Maintainer | An user who has permissions to manage a project on Warehouse. |
Owner | An user who has permissions to manage a project on Warehouse, and has additional permission to add and remove other maintainers and owners to a project. |
Author | A free-form piece of information associated with a project. This information could be a name of a person, an organization, or something else altogether. This information is not linked to a user on Warehouse. |
Related Projects
- warehouse
- pypiserver
- Backends:
- Filesystem
- upload supported
- different auth options
- Backends:
- pywharf
- Backends:
- Filesystem
- Github
- server or github pages
- NO UPLOAD
- Backends:
- PyPICloud
- Backends:
- Filesystem
- S3
- Cache via Redis, Dynamo, ...
- Upload supported
- Extendable
- Backends:
- lapypi
- almost fully PEP 503
- Backends:
- S3
- Uses Chalice
- plambdapi
- Uses Terraform
- Backends:
- S3
- Uses Chalice
- pypiprivate
- static generator
- Backends:
- S3
- elasticpypi
- Backends:
- S3/ Dynamodb
- serverless framework
- 10MB limit
- supports upload (strange /simple/post method)
- uses s3 trigger to update dynamodb entries
- Backends:
- devpypi
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
warehouse14-0.2.0.tar.gz
(187.1 kB
view hashes)
Built Distribution
warehouse14-0.2.0-py3-none-any.whl
(195.4 kB
view hashes)
Close
Hashes for warehouse14-0.2.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | cf7ab613e8b7923cf8e3af64a7205c917ebd736577566ee9430083dbdb7e6422 |
|
MD5 | e1abcb48dde1e6232c6e035988fdf96e |
|
BLAKE2b-256 | 652ea6d1242c12b57c68ba97a1bc1eb60e1a2d900e7c2969ab924505475e44a3 |