Open kapilt opened 2 years ago
instead the url comparison should be made with netloc + path
actually its a slightly more complex, as the path has some variance due to the simple
suffix
(Pdb) parsed_url.netloc + parsed_url.path
'corp-1122334455.d.codeartifact.us-east-1.amazonaws.com/pypi/c7n/'
(Pdb) pp netloc
'corp-1122334455.d.codeartifact.us-east-1.amazonaws.com/pypi/c7n/simple'
passing in parsed.netloc + parsed.path and doing the repo url check against startswith sufficed.
if netloc.startswith(parsed_url.netloc + parsed_url.path)
@kapilt does #5518 help with this issue?
if you have multiple pypi repositories off the same domain but with different paths, poetry will fail to authenticate properly because it will store the credentials for the repository based on the domain, but not inclusive of path, meaning it will use the wrong credentials for a given domain.
tldr poetry credential cache keys are not correct per python spec on pypi, as poetry doesn't address repositories by suffix. https://www.python.org/dev/peps/pep-0503/
separately there's an issue is that the url doesn't get normalized early, so subsequent lookups in different parts of the codebase but same cli exec will do lookups with and without + 'simple' on the url.
-vvv
option).traceback
Versions
The underlying issue appears to be how credentials are retrieved, it simply grabs the credentials for the first repository that has a domain match https://github.com/python-poetry/poetry/blob/master/src/poetry/utils/authenticator.py#L151