search

mamba-org / mamba

The Fast Cross-Platform Package Manager
https://mamba.readthedocs.io
BSD 3-Clause "New" or "Revised" License
6.97k stars 359 forks source link

HTTP 403 Errors When Behind Private Artifactory Proxy #1185

Open tpanza opened 3 years ago

tpanza commented 3 years ago

To reach any conda channels, I must go through a private, corporate on-prem Artifactory proxy to reach them. This Artifactory server requires a username and API token login. conda works fine in this setup, using this ~/.condarc file:

channel_alias: https://MY_ARTIFACTORY_USERNAME:MY_ARTIFACTORY_API_TOKEN@artifactory.web.mycompany.com/artifactory/api/conda/
channels:
  - Conda-Forge
  - Conda-Pytorch
default_channels:
  - Conda-Forge
  - Conda-Pytorch
custom_channels:
  conda-forge: https://MY_ARTIFACTORY_USERNAME:MY_ARTIFACTORY_API_TOKEN@artifactory.web.mycompany.com/artifactory/api/conda/
ssl_verify: C:\Users\mywindowsusername\.ssl\certs\mycompany-ca-bundle.pem
use_only_tar_bz2: true
pip_interop_enabled: false
channel_priority: strict

However, when I try to do any install-related commands with mamba 0.15.3, I get HTTP 403 errors. Below is a verbose trace output:

>mamba install build -vvv

DEBUG conda.gateways.logging:set_verbosity(231): verbosity set to 3
DEBUG conda.core.prefix_data:_load_single_record(172): loading prefix record C:\Users\mywindowsusername\work\mambaforge\envs\py37\conda-meta\ca-certificates-2021.5.30-h5b45459_0.json
DEBUG conda.core.prefix_data:_load_single_record(172): loading prefix record C:\Users\mywindowsusername\work\mambaforge\envs\py37\conda-meta\openssl-1.1.1l-h8ffe710_0.json
DEBUG conda.core.prefix_data:_load_single_record(172): loading prefix record C:\Users\mywindowsusername\work\mambaforge\envs\py37\conda-meta\pip-21.2.4-pyhd8ed1ab_0.json
DEBUG conda.core.prefix_data:_load_single_record(172): loading prefix record C:\Users\mywindowsusername\work\mambaforge\envs\py37\conda-meta\python-3.7.10-h7840368_101_cpython.json
DEBUG conda.core.prefix_data:_load_single_record(172): loading prefix record C:\Users\mywindowsusername\work\mambaforge\envs\py37\conda-meta\python_abi-3.7-2_cp37m.json
DEBUG conda.core.prefix_data:_load_single_record(172): loading prefix record C:\Users\mywindowsusername\work\mambaforge\envs\py37\conda-meta\setuptools-58.0.4-py37h03978a9_2.json
DEBUG conda.core.prefix_data:_load_single_record(172): loading prefix record C:\Users\mywindowsusername\work\mambaforge\envs\py37\conda-meta\sqlite-3.36.0-h8ffe710_2.json
DEBUG conda.core.prefix_data:_load_single_record(172): loading prefix record C:\Users\mywindowsusername\work\mambaforge\envs\py37\conda-meta\ucrt-10.0.20348.0-h57928b3_0.json
DEBUG conda.core.prefix_data:_load_single_record(172): loading prefix record C:\Users\mywindowsusername\work\mambaforge\envs\py37\conda-meta\vc-14.2-hb210afc_5.json
DEBUG conda.core.prefix_data:_load_single_record(172): loading prefix record C:\Users\mywindowsusername\work\mambaforge\envs\py37\conda-meta\vs2015_runtime-14.29.30037-h902a5da_5.json
DEBUG conda.core.prefix_data:_load_single_record(172): loading prefix record C:\Users\mywindowsusername\work\mambaforge\envs\py37\conda-meta\wheel-0.37.0-pyhd8ed1ab_1.json

Looking for: ['build']

INFO    Loading single package record: "C:\\Users\\mywindowsusername\\work\\mambaforge\\envs\\py37\\conda-meta\\ca-certificates-2021.5.30-h5b45459_0.json"
INFO    Loading single package record: "C:\\Users\\mywindowsusername\\work\\mambaforge\\envs\\py37\\conda-meta\\openssl-1.1.1l-h8ffe710_0.json"
INFO    Loading single package record: "C:\\Users\\mywindowsusername\\work\\mambaforge\\envs\\py37\\conda-meta\\pip-21.2.4-pyhd8ed1ab_0.json"
INFO    Loading single package record: "C:\\Users\\mywindowsusername\\work\\mambaforge\\envs\\py37\\conda-meta\\python-3.7.10-h7840368_101_cpython.json"
INFO    Loading single package record: "C:\\Users\\mywindowsusername\\work\\mambaforge\\envs\\py37\\conda-meta\\python_abi-3.7-2_cp37m.json"
INFO    Loading single package record: "C:\\Users\\mywindowsusername\\work\\mambaforge\\envs\\py37\\conda-meta\\setuptools-58.0.4-py37h03978a9_2.json"
INFO    Loading single package record: "C:\\Users\\mywindowsusername\\work\\mambaforge\\envs\\py37\\conda-meta\\sqlite-3.36.0-h8ffe710_2.json"
INFO    Loading single package record: "C:\\Users\\mywindowsusername\\work\\mambaforge\\envs\\py37\\conda-meta\\ucrt-10.0.20348.0-h57928b3_0.json"
INFO    Loading single package record: "C:\\Users\\mywindowsusername\\work\\mambaforge\\envs\\py37\\conda-meta\\vc-14.2-hb210afc_5.json"
INFO    Loading single package record: "C:\\Users\\mywindowsusername\\work\\mambaforge\\envs\\py37\\conda-meta\\vs2015_runtime-14.29.30037-h902a5da_5.json"
INFO    Loading single package record: "C:\\Users\\mywindowsusername\\work\\mambaforge\\envs\\py37\\conda-meta\\wheel-0.37.0-pyhd8ed1ab_1.json"
TRACE conda.gateways.disk.delete:rm_rf(165): rm_rf C:\Users\mywindowsusername\work\mambaforge\envs\py37.pid14456.conda_lock
INFO    installed: reading repo file C:\Users\mywindowsusername\AppData\Local\Temp\tmp4tuy79_g
INFO    loading from json C:\Users\mywindowsusername\AppData\Local\Temp\tmp4tuy79_g
INFO    Checking dir "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs"
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" exists, checking if writable
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" writable
INFO    Checking dir "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs"
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" exists, checking if writable
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" writable
INFO    Checking dir "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs"
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" exists, checking if writable
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" writable
INFO    Checking dir "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs"
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" exists, checking if writable
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" writable
INFO    Checking dir "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs"
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" exists, checking if writable
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" writable
INFO    Checking dir "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs"
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" exists, checking if writable
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" writable
INFO    Checking dir "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs"
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" exists, checking if writable
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" writable
INFO    Checking dir "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs"
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" exists, checking if writable
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" writable
INFO    No cache found https://artifactory.web.mycompany.com/artifactory/api/conda/Conda-Forge/win-64/repodata.json
TRACE conda.gateways.disk.delete:rm_rf(165): rm_rf C:\Users\mywindowsusername\work\mambaforge\pkgs\cache\9d718e98.json.pid14456.conda_lock
INFO    Checking dir "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs"
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" exists, checking if writable
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" writable
INFO    No cache found https://artifactory.web.mycompany.com/artifactory/api/conda/Conda-Forge/noarch/repodata.json
TRACE conda.gateways.disk.delete:rm_rf(165): rm_rf C:\Users\mywindowsusername\work\mambaforge\pkgs\cache\9ff58fb9.json.pid14456.conda_lock
INFO    Checking dir "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs"
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" exists, checking if writable
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" writable
INFO    No cache found https://artifactory.web.mycompany.com/artifactory/api/conda/Conda-Pytorch/win-64/repodata.json
TRACE conda.gateways.disk.delete:rm_rf(165): rm_rf C:\Users\mywindowsusername\work\mambaforge\pkgs\cache\2f4eb9a3.json.pid14456.conda_lock
INFO    Checking dir "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs"
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" exists, checking if writable
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" writable
INFO    No cache found https://artifactory.web.mycompany.com/artifactory/api/conda/Conda-Pytorch/noarch/repodata.json
TRACE conda.gateways.disk.delete:rm_rf(165): rm_rf C:\Users\mywindowsusername\work\mambaforge\pkgs\cache\1e3c68e9.json.pid14456.conda_lock
INFO    Checking dir "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs"
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" exists, checking if writable
DEBUG   "C:\\Users\\mywindowsusername\\work\\mambaforge\\pkgs\\urls.txt" writable
INFO    Starting to download targets
* Uses proxy env variable no_proxy == '.web.mycompany.com,.mycompany.com,localhost,127.0.0.1'
* Couldn't find host artifactory.web.mycompany.com in the (nil) file; using defaults
* Uses proxy env variable no_proxy == '.web.mycompany.com,.mycompany.com,localhost,127.0.0.1'
* Couldn't find host artifactory.web.mycompany.com in the (nil) file; using defaults
* Found bundle for host artifactory.web.mycompany.com: 0x21803b43370 [serially]
* Uses proxy env variable no_proxy == '.web.mycompany.com,.mycompany.com,localhost,127.0.0.1'
* Couldn't find host artifactory.web.mycompany.com in the (nil) file; using defaults
* Found bundle for host artifactory.web.mycompany.com: 0x21803b43370 [serially]
* Uses proxy env variable no_proxy == '.web.mycompany.com,.mycompany.com,localhost,127.0.0.1'
* Couldn't find host artifactory.web.mycompany.com in the (nil) file; using defaults
* Found bundle for host artifactory.web.mycompany.com: 0x21803b43370 [serially]
*   Trying 137.136.109.51:443...
* Hostname 'artifactory.web.mycompany.com' was found in DNS cache
*   Trying 137.136.109.51:443...
* Hostname 'artifactory.web.mycompany.com' was found in DNS cache
*   Trying 137.136.109.51:443...
* Hostname 'artifactory.web.mycompany.com' was found in DNS cache
*   Trying 137.136.109.51:443...
* Connected to artifactory.web.mycompany.com (137.136.109.51) port 443 (#0)
* schannel: disabled automatic use of client certificate
* schannel: ALPN, offering http/1.1
* Connected to artifactory.web.mycompany.com (137.136.109.51) port 443 (#1)
* schannel: disabled automatic use of client certificate
* schannel: ALPN, offering http/1.1
* Connected to artifactory.web.mycompany.com (137.136.109.51) port 443 (#2)
* schannel: disabled automatic use of client certificate
* schannel: ALPN, offering http/1.1
* Connected to artifactory.web.mycompany.com (137.136.109.51) port 443 (#3)
* schannel: disabled automatic use of client certificate
* schannel: ALPN, offering http/1.1
* schannel: added 2 certificate(s) from CA file 'C:\Users\mywindowsusername\.ssl\certs\mycompany-ca-bundle.pem'
* schannel: connection hostname (artifactory.web.mycompany.com) validated against certificate name (artifactory.web.mycompany.com)
* ALPN, server did not agree to a protocol
> GET /artifactory/api/conda/Conda-Forge/win-64/repodata.json HTTP/1.1
Host: artifactory.web.mycompany.com
Accept: */*
Accept-Encoding: gzip, deflate, compress, identity
Content-Type: application/json

* schannel: added 2 certificate(s) from CA file 'C:\Users\mywindowsusername\.ssl\certs\mycompany-ca-bundle.pem'
* schannel: connection hostname (artifactory.web.mycompany.com) validated against certificate name (artifactory.web.mycompany.com)
* ALPN, server did not agree to a protocol
> GET /artifactory/api/conda/Conda-Forge/noarch/repodata.json HTTP/1.1
Host: artifactory.web.mycompany.com
Accept: */*
Accept-Encoding: gzip, deflate, compress, identity
Content-Type: application/json

* schannel: added 2 certificate(s) from CA file 'C:\Users\mywindowsusername\.ssl\certs\mycompany-ca-bundle.pem'
* schannel: connection hostname (artifactory.web.mycompany.com) validated against certificate name (artifactory.web.mycompany.com)
* ALPN, server did not agree to a protocol
> GET /artifactory/api/conda/Conda-Pytorch/win-64/repodata.json HTTP/1.1
Host: artifactory.web.mycompany.com
Accept: */*
Accept-Encoding: gzip, deflate, compress, identity
Content-Type: application/json

* schannel: added 2 certificate(s) from CA file 'C:\Users\mywindowsusername\.ssl\certs\mycompany-ca-bundle.pem'
* schannel: connection hostname (artifactory.web.mycompany.com) validated against certificate name (artifactory.web.mycompany.com)
* ALPN, server did not agree to a protocol
> GET /artifactory/api/conda/Conda-Pytorch/noarch/repodata.json HTTP/1.1
Host: artifactory.web.mycompany.com
Accept: */*
Accept-Encoding: gzip, deflate, compress, identity
Content-Type: application/json

* Mark bundle as not supporting multiuse
< HTTP/1.1 403 Forbidden
< Date: Tue, 28 Sep 2021 19:23:14 GMT
< Server: Artifactory/7.5.5 70505900
< X-Artifactory-Id: 6680a7ec9730d244b42df070f3044faa1a4f78d2
< X-Artifactory-Node-Id: art-phx-prod01.vmpc1.internal.mycompany.com
< Content-Type: application/json
< Transfer-Encoding: chunked
< Set-Cookie: BIGipServerartifactory-443-pool=3919218825.47873.0000; path=/; Httponly; Secure
<
Conda-Forge/win-64       [<=>                 ] (00m:00s) 107  B / ?? (96.00  B/s)
* Connection #0 to host artifactory.web.mycompany.com left intact
* Mark bundle as not supporting multiuse
< HTTP/1.1 403 Forbidden
< Date: Tue, 28 Sep 2021 19:23:14 GMT
< Server: Artifactory/7.5.5 70505900
< X-Artifactory-Id: 42d34d397a09dde7a1696103a3d2588013852338
< X-Artifactory-Node-Id: art-phx-prod02.vmpc1.internal.mycompany.com
< Content-Type: application/json
< Transfer-Encoding: chunked
< Set-Cookie: BIGipServerartifactory-443-pool=77301897.47873.0000; path=/; Httponly; Secure
Conda-Forge/win-64       [<=>                 ] (00m:00s) 107  B / ?? (96.00  B/s)
Conda-Forge/noarch       [<=>                 ] (00m:00s) 107  B / ?? (94.00  B/s)
* Connection #1 to host artifactory.web.mycompany.com left intact
* Mark bundle as not supporting multiuse
< HTTP/1.1 403 Forbidden
< Date: Tue, 28 Sep 2021 19:23:14 GMT
< Server: Artifactory/7.5.5 70505900
< X-Artifactory-Id: 42d34d397a09dde7a1696103a3d2588013852338
< X-Artifactory-Node-Id: art-phx-prod02.vmpc1.internal.mycompany.com
< Content-Type: application/json
< Transfer-Encoding: chunked
Conda-Forge/win-64       [<=>                 ] (00m:00s) 107  B / ?? (96.00  B/s)
Conda-Forge/noarch       [<=>                 ] (00m:00s) 107  B / ?? (94.00  B/s)
Conda-Pytorch/win-64     [<=>                 ] (00m:00s) 109  B / ?? (92.00  B/s)
* Connection #2 to host artifactory.web.mycompany.com left intact
* Mark bundle as not supporting multiuse
< HTTP/1.1 403 Forbidden
< Date: Tue, 28 Sep 2021 19:23:14 GMT
< Server: Artifactory/7.5.5 70505900
< X-Artifactory-Id: 42d34d397a09dde7a1696103a3d2588013852338
< X-Artifactory-Node-Id: art-phx-prod02.vmpc1.internal.mycompany.com
< Content-Type: application/json
< Transfer-Encoding: chunked
< Set-Cookie: BIGipServerartifactory-443-pool=77301897.47873.0000; path=/; Httponly; Secure
<
* Connection #3 to host artifactory.web.mycompany.com left intact
Conda-Forge/win-64       [====================] (00m:00s) 403 Failed
Conda-Forge/noarch       [<=>                 ] (00m:00s) 107  B / ?? (94.00  B/s)
Conda-Pytorch/win-64     [<=>                 ] (00m:00s) 109  B / ?? (92.00  B/s)
INFO    Transfer done ...
Conda-Forge/noarch       [====================] (00m:00s) 403 Failed
Conda-Pytorch/win-64     [<=>                 ] (00m:00s) 109  B / ?? (92.00  B/s)
TRACE conda.gateways.disk.delete:rm_rf(165): rm_rf C:\Users\mywindowsusername\work\mambaforge\pkgs\cache.pid14456.conda_lock

# >>>>>>>>>>>>>>>>>>>>>> ERROR REPORT <<<<<<<<<<<<<<<<<<<<<<

    Traceback (most recent call last):
      File "C:\Users\mywindowsusername\work\mambaforge\lib\site-packages\conda\exceptions.py", line 1079, in __call__
        return func(*args, **kwargs)
      File "C:\Users\mywindowsusername\work\mambaforge\lib\site-packages\mamba\mamba.py", line 927, in exception_converter
        raise e
      File "C:\Users\mywindowsusername\work\mambaforge\lib\site-packages\mamba\mamba.py", line 921, in exception_converter
        exit_code = _wrapped_main(*args, **kwargs)
      File "C:\Users\mywindowsusername\work\mambaforge\lib\site-packages\mamba\mamba.py", line 879, in _wrapped_main
        result = do_call(args, p)
      File "C:\Users\mywindowsusername\work\mambaforge\lib\site-packages\mamba\mamba.py", line 757, in do_call
        exit_code = install(args, parser, "install")
      File "C:\Users\mywindowsusername\work\mambaforge\lib\site-packages\mamba\mamba.py", line 534, in install
        index = load_channels(pool, channels, repos)
      File "C:\Users\mywindowsusername\work\mambaforge\lib\site-packages\mamba\utils.py", line 123, in load_channels
        index = get_index(
      File "C:\Users\mywindowsusername\work\mambaforge\lib\site-packages\mamba\utils.py", line 104, in get_index
        is_downloaded = dlist.download(True)
    RuntimeError: Multi-download failed.

`$ C:\Users\mywindowsusername\work\mambaforge\Scripts\mamba install build -vvv`

  environment variables:
                 CIO_TEST=<not set>
                CONDA_BAT=C:\Users\mywindowsusername\work\mambaforge\condabin\conda.bat
        CONDA_DEFAULT_ENV=py37
                CONDA_EXE=C:\Users\mywindowsusername\work\mambaforge\condabin\..\Scripts\conda.exe
               CONDA_EXES="C:\Users\mywindowsusername\work\mambaforge\condabin\..\Scripts\conda.exe"
             CONDA_PREFIX=C:\Users\mywindowsusername\work\mambaforge\envs\py37
           CONDA_PREFIX_1=C:\Users\mywindowsusername\work\mambaforge
    CONDA_PROMPT_MODIFIER=(py37)
         CONDA_PYTHON_EXE=C:\Users\mywindowsusername\work\mambaforge\python.exe
               CONDA_ROOT=C:\Users\mywindowsusername\work\mambaforge
              CONDA_SHLVL=2
           CURL_CA_BUNDLE=<not set>
     DATACONNECTORLIBPATH=C:\Program Files\Teradata\Client\16.20\bin\;C:\Program Files
                          (x86)\Teradata\Client\16.20\bin\
                FTP_PROXY=<set>
                 HOMEPATH=\Users\mywindowsusername
              HTTPS_PROXY=<set>
               HTTP_PROXY=<set>
                 NO_PROXY=<set>
                     PATH=C:\Users\mywindowsusername\work\mambaforge;C:\Users\mywindowsusername\work\mambaforge\Librar
                          y\mingw-w64\bin;C:\Users\mywindowsusername\work\mambaforge\Library\usr\bin;C:\Use
                          rs\mywindowsusername\work\mambaforge\Library\bin;C:\Users\mywindowsusername\work\mambaforge\
                          Scripts;C:\Users\mywindowsusername\work\mambaforge\bin;C:\Users\mywindowsusername\work\mamba
                          forge\envs\py37;C:\Users\mywindowsusername\work\mambaforge\envs\py37\Library\ming
                          w-w64\bin;C:\Users\mywindowsusername\work\mambaforge\envs\py37\Library\usr\bin;C:
                          \Users\mywindowsusername\work\mambaforge\envs\py37\Library\bin;C:\Users\mywindowsusername\wo
                          rk\mambaforge\envs\py37\Scripts;C:\Users\mywindowsusername\work\mambaforge\envs\p
                          y37\bin;C:\Users\mywindowsusername\work\mambaforge\condabin;C:\Windows\CCM;C:\Pro
                          gram Files (x86)\Common Files\Oracle\Java\javapath;C:\Program
                          Files\Teradata\Client\16.20\bin;C:\Program Files (x86)\Teradata\Client
                          \16.20\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\
                          WINDOWS\System32\WindowsPowerShell\v1.0;C:\Program
                          Files\PuTTY;C:\WINDOWS\System32\OpenSSH;C:\Program Files
                          (x86)\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn;C:\Program
                          Files (x86)\Microsoft SQL Server\130\Tools\Binn;C:\Program Files
                          (x86)\Microsoft SQL Server\130\DTS\Binn;C:\Program Files
                          (x86)\Microsoft SQL Server\130\Tools\Binn\ManagementStudio;C:\Program
                          Files (x86)\Webex\Plugins;C:\Program Files\nodejs;C:\Program Files\Doc
                          ker\Docker\resources\bin;C:\ProgramData\DockerDesktop\version-bin;C:\W
                          INDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsAp
                          ps;C:\Program Files (x86)\Common Files\Pulse
                          Secure\VC142.CRT\X64;C:\Program Files (x86)\Common Files\Pulse Secure\
                          VC142.CRT\X86;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbe
                          m;C:\WINDOWS\System32\WindowsPowerShell\v1.0;C:\WINDOWS\System32\OpenS
                          SH;C:\Users\mywindowsusername\AppData\Local\Microsoft\WindowsApps;C:\Users\mywindowsusername
                          \AppData\Local\Programs\Git\cmd;C:\Users\mywindowsusername\AppData\Local\Programs
                          \Microsoft VS Code\bin;C:\Users\mywindowsusername\AppData\Local\atom\bin;C:\Users
                          \mywindowsusername\AppData\Roaming\Cloud Foundry;\bin;C:\Program
                          Files\Java\jdk-14+36\bin;C:\Users\mywindowsusername\AppData\Local\Tesseract-OCR;C
                          :\Users\mywindowsusername\AppData\Roaming\npm;C:\Users\mywindowsusername\DevopsSetupPrograms
                          \yq;C:\Users\mywindowsusername\DevopsSetupPrograms\jq;C:\Users\mywindowsusername\DevopsSetup
                          Programs\oc;C:\Users\mywindowsusername\DevopsSetupPrograms\sbt\bin;C:\Users\sv182
                          c\AppData\Local\Microsoft\WindowsApps;C:\Users\mywindowsusername\AppData\Local\Pr
                          ograms\MiKTeX\miktex\bin\x64
             PSMODULEPATH=C:\WINDOWS\system32\config\systemprofile\Documents\WindowsPowerShell\M
                          odules;C:\Program Files (x86)\WindowsPowerShell\Modules;C:\Program Fil
                          es\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.
                          0\Modules;C:\Program Files (x86)\Microsoft SQL
                          Server\130\Tools\PowerShell\Modules\
       REQUESTS_CA_BUNDLE=<not set>
              RSYNC_PROXY=<set>
            SSL_CERT_FILE=<not set>
    VBOX_MSI_INSTALL_PATH=C:\Program Files\Oracle\VirtualBox\

     active environment : py37
    active env location : C:\Users\mywindowsusername\work\mambaforge\envs\py37
            shell level : 2
       user config file : C:\Users\mywindowsusername\.condarc
 populated config files : C:\Users\mywindowsusername\.condarc
          conda version : 4.10.3
    conda-build version : not installed
         python version : 3.9.6.final.0
       virtual packages : __cuda=9.0=0
                          __win=0=0
                          __archspec=1=x86_64
       base environment : C:\Users\mywindowsusername\work\mambaforge  (writable)
      conda av data dir : C:\Users\mywindowsusername\work\mambaforge\etc\conda
  conda av metadata url : None
           channel URLs : https://MY_ARTIFACTORY_USERNAME:MY_ARTIFACTORY_API_TOKEN@artifactory.web.mycompany.com/artifactory/api/conda/Conda-Forge/win-64
                          https://MY_ARTIFACTORY_USERNAME:MY_ARTIFACTORY_API_TOKEN@artifactory.web.mycompany.com/artifactory/api/conda/Conda-Forge/noarch
                          https://MY_ARTIFACTORY_USERNAME:MY_ARTIFACTORY_API_TOKEN@artifactory.web.mycompany.com/artifactory/api/conda/Conda-Pytorch/win-64
                          https://MY_ARTIFACTORY_USERNAME:MY_ARTIFACTORY_API_TOKEN@artifactory.web.mycompany.com/artifactory/api/conda/Conda-Pytorch/noarch
          package cache : C:\Users\mywindowsusername\work\mambaforge\pkgs
                          C:\Users\mywindowsusername\.conda\pkgs
                          C:\Users\mywindowsusername\AppData\Local\conda\conda\pkgs
       envs directories : C:\Users\mywindowsusername\work\mambaforge\envs
                          C:\Users\mywindowsusername\.conda\envs
                          C:\Users\mywindowsusername\AppData\Local\conda\conda\envs
               platform : win-64
             user-agent : conda/4.10.3 requests/2.26.0 CPython/3.9.6 Windows/10 Windows/10.0.19042
          administrator : False
             netrc file : None
           offline mode : False

An unexpected error has occurred. Conda has prepared the above report.
tpanza commented 3 years ago

This is also still happening with mamba 0.16, libcurl 7.79.1, and conda/4.10.3 requests/2.25.1 CPython/3.9.7 Windows/10 Windows/10.0.19042

wolfv commented 3 years ago

Can you show me the command line arguments you'd use with curl to download a file from this channel?

And then it would be cool to use curl ... --libcurl=test.c and then send me the contents of test.c

tpanza commented 3 years ago

From Windows Git Bash, using curl 7.61.1 (x86_64-w64-mingw32) libcurl/7.61.1 OpenSSL/1.0.2p (WinSSL) zlib/1.2.11 libidn2/2.0.5 nghttp2/1.33.0:

curl -O --cacert /c/Users/mywindowsusername/.ssl/certs/mycompany-ca-bundle.pem https://MY_ARTIFACTORY_USERNAME:MY_ARTIFACTORY_API_TOKEN@artifactory.web.mycompany.com/artifactory/Conda-Forge/channeldata.json

From Windows Command Prompt, using curl 7.55.1 (Windows) libcurl/7.55.1 WinSSL:

curl -O --cacert C:\Users\mywindowsusername\.ssl\certs\mycompany-ca-bundle.pem https://MY_ARTIFACTORY_USERNAME:MY_ARTIFACTORY_API_TOKEN@artifactory.web.mycompany.com/artifactory/Conda-Forge/channeldata.json

Here is the contents of test.c, generated with the Windows Command Prompt:

/********* Sample code generated by the curl command line tool **********
 * All curl_easy_setopt() options are documented at:
 * https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
 ************************************************************************/
#include <curl/curl.h>

int main(int argc, char *argv[])
{
  CURLcode ret;
  CURL *hnd;

  hnd = curl_easy_init();
  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
  curl_easy_setopt(hnd, CURLOPT_URL, "https://MY_ARTIFACTORY_USERNAME:MY_ARTIFACTORY_API_TOKEN@artifactory.web.mycompany.com/artifactory/Conda-Forge/channeldata.json");
  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/7.55.1");
  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
  curl_easy_setopt(hnd, CURLOPT_CAINFO, "C:\\Users\\mywindowsusername\\.ssl\\certs\\mycompany-ca-bundle.pem");
  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);

  /* Here is a list of options the curl code used that cannot get generated
     as source easily. You may select to either not use them or implement
     them yourself.

  CURLOPT_WRITEDATA set to a objectpointer
  CURLOPT_INTERLEAVEDATA set to a objectpointer
  CURLOPT_WRITEFUNCTION set to a functionpointer
  CURLOPT_READDATA set to a objectpointer
  CURLOPT_READFUNCTION set to a functionpointer
  CURLOPT_SEEKDATA set to a objectpointer
  CURLOPT_SEEKFUNCTION set to a functionpointer
  CURLOPT_ERRORBUFFER set to a objectpointer
  CURLOPT_STDERR set to a objectpointer
  CURLOPT_HEADERFUNCTION set to a functionpointer
  CURLOPT_HEADERDATA set to a objectpointer

  */

  ret = curl_easy_perform(hnd);

  curl_easy_cleanup(hnd);
  hnd = NULL;

  return (int)ret;
}
/**** End of sample code ****/
tpanza commented 3 years ago

Here are the contents of test.c, using the curl from Windows Git Bash:

/********* Sample code generated by the curl command line tool **********
 * All curl_easy_setopt() options are documented at:
 * https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
 ************************************************************************/
#include <curl/curl.h>

int main(int argc, char *argv[])
{
  CURLcode ret;
  CURL *hnd;

  hnd = curl_easy_init();
  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
  curl_easy_setopt(hnd, CURLOPT_URL, "https://MY_ARTIFACTORY_USERNAME:MY_ARTIFACTORY_API_TOKEN@artifactory.web.mycompany.com/artifactory/Conda-Forge/channeldata.json");
  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/7.61.1");
  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
  curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, (long)CURL_HTTP_VERSION_2TLS);
  curl_easy_setopt(hnd, CURLOPT_CAINFO, "C:/Users/mywindowsusername/.ssl/certs/mycompany-ca-bundle.pem");
  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);

  /* Here is a list of options the curl code used that cannot get generated
     as source easily. You may select to either not use them or implement
     them yourself.

  CURLOPT_WRITEDATA set to a objectpointer
  CURLOPT_INTERLEAVEDATA set to a objectpointer
  CURLOPT_WRITEFUNCTION set to a functionpointer
  CURLOPT_READDATA set to a objectpointer
  CURLOPT_READFUNCTION set to a functionpointer
  CURLOPT_SEEKDATA set to a objectpointer
  CURLOPT_SEEKFUNCTION set to a functionpointer
  CURLOPT_ERRORBUFFER set to a objectpointer
  CURLOPT_STDERR set to a objectpointer
  CURLOPT_HEADERFUNCTION set to a functionpointer
  CURLOPT_HEADERDATA set to a objectpointer

  */

  ret = curl_easy_perform(hnd);

  curl_easy_cleanup(hnd);
  hnd = NULL;

  return (int)ret;
}
/**** End of sample code ****/
wolfv commented 3 years ago

Are you properly setting the certificates in your .condarc file?

Please show the contents of conda info.

wolfv commented 3 years ago

Ah sorry, you posted them in the first comment! I am having a look.

wolfv commented 3 years ago

I think what's happening is that we somehow accidentally strip the auth information when parsing the channels.

You could probably work around it by putting the full url in the channels entry ... I'll have to take a look at the channel parsing to fix this.

FaustinCarter commented 2 years ago

@tpanza You can work around this by creating a .netrc file and sticking it in your %UserProfile% directory. The contents of that file should be:

machine artifactory.web.mycompany.com
login MY_ARTIFACTORY_USERNAME
password MY_ARTIFACTORY_API_TOKEN

You'll also need to create a new env var called HOME that points at your profile (the need to do this was fixed in libcurl 7.84, but that hasn't released to conda-forge yet). You can easily do this in a cmd shell like:

setx HOME %UserProfile%

or in powershell like

setx HOME $ENV:UserProfile

In either case, restart your terminal, and then your mamba install commands will auth correctly to your artifactory instance.

This works for conda, too, not just mamba. So you'll be able to remove the basic auth from the URLs in your condarc file completely.

tpanza commented 2 years ago

Thanks, @FaustinCarter . Confirmed that the .netrc method does indeed work. (It also lets me remove the auth credentials that were embedded within my pip configuration.)

FaustinCarter commented 2 years ago

Thanks, @FaustinCarter . Confirmed that the .netrc method does indeed work. (It also lets me remove the auth credentials that were embedded within my pip configuration.)

Glad to help out. By the way, the curl update finally dropped to conda-forge, so setting %HOME% is no longer necessary.

We switched from basic auth in the channel URLs awhile ago because of a bug (now patched) in conda-build where it wasn’t stripping the creds from the channel URLs before including the build channels in any package we made. This was effectively leaking our API keys all over the place every time we built and distributed a package.

Sounds like mamba doesn’t have that problem since it apparently strips auth before even sending a request to the server 🤣