A PyPI implementation for closed groups with authentication only
Project description
Warehouse14
While the PyPI (Warehouse) provides a global package index for all Python users, companies and closed groups do have the need for a non-global Python package index.
While existing projects provide different options for a private package index, Warehouse14 provides an implementation that requires authentication by default, but provides the option for a decentralized access management on individual project level.
Features
- Authentication via OIDC provider by default
- User manageable API keys for download/upload
- Project
- Project page
- Package metadata
- User access management
- Admin is able to modify package content and upload new versions. They also manage users.
- Member read access to private repositories.
- Project Types: Public (still require authentication) / Private (Access only for defined users)
Deployment
TODO 🙈
import boto3
from warehouse14 import OIDCAuthenticator, create_app
from warehouse14.repos_dynamo import DynamoDBBackend, create_table
from warehouse14.storage import S3Storage
# requires apig_wsgi
from apig_wsgi import make_lambda_handler
config = {}
config["SECRET_KEY"] = "{{ LONG_RANDOM_STRING }}"
config["OIDC_USER_ID_FIELD"] = "email"
config["OIDC_CLIENT_ID"] = "<your oidc client id>"
config["OIDC_CLIENT_SECRET"] = "<your oidc client secret>"
config["OIDC_SERVER_METADATA_URL"] = "https://<idp>/.well-known/openid-configuration"
auth = OIDCAuthenticator()
dynamodb = boto3.resource("dynamodb")
table = create_table(dynamodb, "table")
db = DynamoDBBackend(table)
bucket = boto3.resource("s3").Bucket("<bucket name>")
storage = S3Storage(bucket)
app = create_app(db, storage, auth, config=config)
lambda_handler = make_lambda_handler(app)
Glossary
To use common Python terms we take over the glossary of Warehouse
Term | Definition |
---|---|
Project | A collection of releases and files, and information about them. Projects on Warehouse are made and shared by members of the Python community so others can use them. |
Release | A specific version of a project. For example, the requests project has many releases, like requests 2.10 and requests 1.2.1. A release consists of one or more files. |
File | Something that you can download and install. Because of different hardware, operating systems, and file formats, a release may have several files, like an archive containing source code or a binary wheel. |
Package | A synonym for a file. |
User | A person who has registered an account on Warehouse. |
Account | An object representing a logged in user. |
Maintainer | An user who has permissions to manage a project on Warehouse. |
Owner | An user who has permissions to manage a project on Warehouse, and has additional permission to add and remove other maintainers and owners to a project. |
Author | A free-form piece of information associated with a project. This information could be a name of a person, an organization, or something else altogether. This information is not linked to a user on Warehouse. |
Related Projects
- warehouse
- pypiserver
- Backends:
- Filesystem
- upload supported
- different auth options
- Backends:
- pywharf
- Backends:
- Filesystem
- Github
- server or github pages
- NO UPLOAD
- Backends:
- PyPICloud
- Backends:
- Filesystem
- S3
- Cache via Redis, Dynamo, ...
- Upload supported
- Extendable
- Backends:
- lapypi
- almost fully PEP 503
- Backends:
- S3
- Uses Chalice
- plambdapi
- Uses Terraform
- Backends:
- S3
- Uses Chalice
- pypiprivate
- static generator
- Backends:
- S3
- elasticpypi
- Backends:
- S3/ Dynamodb
- serverless framework
- 10MB limit
- supports upload (strange /simple/post method)
- uses s3 trigger to update dynamodb entries
- Backends:
- devpypi
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
warehouse14-0.1.0.tar.gz
(185.8 kB
view hashes)
Built Distribution
warehouse14-0.1.0-py3-none-any.whl
(192.9 kB
view hashes)
Close
Hashes for warehouse14-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 701e7190db31e2e0ca5c25e9c0407c3f5805900dbbf8be1f35a70ba88ec2b718 |
|
MD5 | 776cbe61e81e6f1a0204e9baec1783ee |
|
BLAKE2b-256 | 2ef08b2d2a84bd866fbe852fd5eb22823d5202c248286a30aff35c90eca18d3b |