poetry icon indicating copy to clipboard operation
poetry copied to clipboard

Published 20 hours ago verified publisher icon python-poetry

Migrating to the new installer may cause keyring failures for existing keyring items on MacOS

Open sndrtj opened this issue 2 years ago • 6 comments

  • [x] I have searched the issues of this repo and believe that this is not a duplicate.

Issue

Migrating to the new installer may cause keyring failures for existing keyring items on MacOS.

I recently migrated from 1.1.x to 1.3.1. Per the docs I migrated to the new installer. I had an existing keyring item for a private PyPI repo (poetry-repository-foo). Now, after the migration to the new installer, updating the token for that PyPI repo with poetry config http-basic.foo <username> <token> failed with following rather uninformative error:

Unable to store the password for poetry-repository-foo in the key ring: Can't store password on keychain: (-25244, 'Unknown Error')

It turns out error code -25244 means "Invalid attempt to change the owner of this item.". And this makes sense, the bundled python now is installed is in a different location, and MacOS' keychain only recognizes the old location. The solution is to grant the bundled python executable at /Users/<username>/Library/Application Support/pypoetry/venv/bin/python access to the keyring item.

I do not think there is much Poetry can actively do to fix this. After all, poetry can't grant itself access. But maybe this can be better documented in the migration guide?

My environment

Python: 3.9.7 Poetry version: 1.3.1 OS: MacOS Monterey

sndrtj avatar Dec 23 '22 11:12 sndrtj

Just faced this. Thanks @sndrtj for your suggestion.

jarandaf avatar Jan 16 '23 10:01 jarandaf

In case it is not clear how to do that (which was the case for me), here are the steps:

  1. Open the Keychain Access app.
  2. Search for the keyring item you need to grant access to. (search for poetry)
  3. Right-click the keyring item and select "Get Info."
  4. In the Access Control tab, click the "+" button to add a new entry.
  5. In the drop-down menu, select "Custom."
  6. Enter the path to the bundled python executable in the pypoetry virtual environment, which is /Users//Library/Application Support/pypoetry/venv/bin/python, in the "Enter a path" field.
  7. Click the "Save Changes" button to grant access.

rasulkireev avatar Feb 13 '23 18:02 rasulkireev

omg, you guys have saved my day 🙌✨

iprotsyuk avatar Apr 11 '23 18:04 iprotsyuk

In my case, the path needed for the Python executable was:

~/.pyenv/shims/python

muya avatar Sep 04 '23 08:09 muya

FYI if you have access to the secret you can also remove the item from the keyring (e.g., poetry-repository-foo) and then set the config in poetry again.

jnewman avatar Mar 14 '24 04:03 jnewman