Enable user-level management of index credentials via uv (& keyring) #9920
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Currently reading credentials from
keyring
is only supported when a username is provided in the URL of the index. This prohibits to define indexes - in pyproject.toml - that are shared within a team. See these two issues for further details:In general this PR provides two things:
Setting credentials for an index via CLI
With this MR you can run
uv index credentials add --name <name-of-the-index> [--username <username>]
This will ask for the password of the user. A keyring entry will be made with the url of the index, the username and the password. The username and the index will be appended to "<uv_cache_dir>/auth.toml". "auth.toml" has the following structure
Using credentials
When reading the credentials in
uv_distribution_types::index::Index.credentials
it's now additionally checked if credentials have been configured via "<uv_cache_dir>/auth.toml" andkeyring
. The current implementation of reading the credentials from the environment variablesUV_INDEX_XXX
has priority overkeyring
authentication.Test Plan
I have added unit tests to the newly defined
uv_auth::keyring_config
which takes care of loading, storing and modifying the auth configuration.I also want to add a test for
uv_auth::credentials::Credentials.from_keyring
. But am currently struggling with mocking keyring and config file.I manually tested the new command
uv index credentials add --name <name-of-the-index>
as I could not find examples for testing commands.Further remarks
I am a noobie in this context
=> I am curious about your opinion and suggestions for improvements
Not completely ready
The current version of the PR is a draft. Especially in regards of error handling and logging. Also testing can be improved.
I open this PR to discuss the direction in which the implementation is heading. As I am new to rust & uv I would also like to receive your guideance upfront 🙂