poetry icon indicating copy to clipboard operation
poetry copied to clipboard

Published 20 hours ago verified publisher icon python-poetry

Poetry 1.3.2 cannot obtain credentials via keyrings

Open dubravaj opened this issue 2 years ago • 7 comments

Hi,

Currently, I tried to publish my private package to Artifact Registry in GCP via poetry publish using keyrings. I always get an error HTTP Error 401: Unauthorized | b'The request does not have valid authentication credentials. \n'. I tried this a long time ago and it worked. So I checked the version of poetry and I found out that my current setup is poetry version 1.3.2 and the last time I tried this I had 1.2.2. So I downgraded the poetry version and tried the same process and this time it worked.

dubravaj avatar Feb 23 '23 07:02 dubravaj

Of course getting credentials from keyring works just fine.

You've misconfigured something, but there's no way of telling from what you've written what that might be.

dimbleby avatar Feb 26 '23 14:02 dimbleby

I'm getting the same error with poetry v1.4.0 in a conda environment (py 3.8.16) when trying to publish my package in a private pip repo at a GCP project. Potentially, the same underlying issue results in an error Could not find a matching version of package xxx when I run poetry add xxx==1.0.0 to install a dependency published at the same private pip repo. Surprisingly, I can install it with pip install xxx==1.0.0, so the repo authentication works in principle, but I'm missing something with my poetry setup🤔

Here's my keyring backends:

$ keyring --list-backends
keyring.backends.macOS.Keyring (priority: 5)
keyring.backends.fail.Keyring (priority: 0)
keyring.backends.chainer.ChainerBackend (priority: 10)
keyrings.gauth.GooglePythonAuth (priority: 9)

Setting a security token for poetry doesn't return any errors:

$ poetry config repositories.<private-repo> https://europe-python.pkg.dev/<gcp-project>/<private-repo>
$ poetry config http-basic.<private-repo> oauth2accesstoken $(gcloud auth print-identity-token)

But then

$ poetry add xxx==1.0.0
Source (<private-repo>): Authorization error accessing https://europe-python.pkg.dev/<gcp-project>/<private-repo>/simple/xxx/

Could not find a matching version of package xxx

I can work around it by installing the package with pip and adding it to pyproject.toml, but then when I try to upload the built package to the private repo, I get a blocking error:

$ poetry publish --build -r <private-repo>
There are 2 files ready for publishing. Build anyway? (yes/no) [no] yes
Building xxx (0.1.0)
  - Building sdist
  - Built xxx-0.1.0.tar.gz
  - Building wheel
  - Built xxx-0.1.0-py3-none-any.whl

Publishing xxx (0.1.0) to <private-repo>
 - Uploading xxx-0.1.0-py3-none-any.whl FAILED

HTTP Error 401: Unauthorized | b'The request does not have valid authentication credentials.\n'

Would appreciate any ideas here🙏

iprotsyuk avatar Mar 03 '23 17:03 iprotsyuk

Eventually, I've figured this out: I was inadvertently using $(gcloud auth print-identity-token) instead of $(gcloud auth print-access-token)😭

iprotsyuk avatar Mar 06 '23 15:03 iprotsyuk

@iprotsyuk tried the exactly steps as you with $(gcloud auth print-access-token) but I can't make it work. Locally I use gcloud application login e.t.c but I need to authenticate with the access token for CIs docker builds e.t.c. Did you do anything else additional to:

$ poetry config repositories. https://europe-python.pkg.dev// $ poetry config http-basic. oauth2accesstoken $(gcloud auth print-identity-token)

cpapad avatar Feb 02 '24 13:02 cpapad

i got the same error, my account has admin permission to the GCP artifactory, but still got auth error:

HTTP Error 401: Unauthorized | b'The request does not have valid authentication credentials.\n'

anyone has a proper solution for this?

zambadruzaman avatar Apr 25 '24 07:04 zambadruzaman