search

conda / conda-lock

Lightweight lockfile for conda environments
https://conda.github.io/conda-lock/
Other
456 stars 101 forks source link

Add flags to disable pypi.org and add own private pip repository links #590

Open ianpye opened 5 months ago

ianpye commented 5 months ago

Currently, when creating a conda-lock file using environment.yml, poetry will attempt to make a request to pypi.org, with the user being unable to disable it, resulting in a conda-lock exception when used in an environment that does not allow access to pypi.org. It is only currently possible to make such configurations when creating lock files using pyproject.toml.

With these 2 CLI flags, we will be able to both separately disable requests to pypi.org and add our own private mirror links.

netlify[bot] commented 5 months ago

Deploy Preview for conda-lock ready!

Name Link
Latest commit 4ff30d159820090db95c2da6bd3285313513b37f
Latest deploy log https://app.netlify.com/sites/conda-lock/deploys/65b7628efaa50c00083b8c6c
Deploy Preview https://deploy-preview-590--conda-lock.netlify.app/cli/gen
Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

maresb commented 5 months ago

Adding a CLI flag to disable PyPI makes a lot of sense to me, and seems straightforward.

Are you able to add private repos from environment.yml like this example? I'm hesitant to add another a CLI method to specify private repos, in particular because the environment variable substitution for credentials would be messy. (It'll be difficult to know if the substitution is being done by Bash or conda-lock.)

ianpye commented 5 months ago

I do agree that the environment variable substitution for credentials would be very messy.

However, I believe that having an additional flag would still provide some value as it would be inconvenient from a user's experience perspective where they would have to carry out any additional actions and edit the environment.yml file before being able to create a lock file from it, especially if they would solely like to add a simple mirror to replace the https://pypi.org link.

How do you feel about this? Thank you for your time!

ianpye commented 3 months ago

Hi @maresb do you have any updates on this issue? Thanks!