Changelog NotificationsAPIAikido login

Poetry - Private Packages

For Aikido to update dependencies that include private packages, it needs access to your private registries so it can generate accurate lockfile updates. For Poetry, you can provide a Google Artifact Registry configuration service key or provide environment variables in Aikido.

Adding credentials with environment variables

When the credentials to connect to the private registry are static, you can provide environment variables. The environment variables should be created in the following format:

  • POETRY_HTTP_BASIC_[SOURCE_NAME]_USERNAME

  • POETRY_HTTP_BASIC_[SOURCE_NAME]_PASSWORD

Where the [SOURCE_NAME] is the name of the data source which you specified in your pyproject.toml file in uppercase. For example, set POETRY_HTTP_BASIC_ARTIFACT_USERNAME and POETRY_HTTP_BASIC_ARTIFACT_PASSWORD for the following project file:

[[tool.poetry.source]]
name = "artifact"
url = "https://repo-1234567890.d.codeartifact.eu-west-1.amazonaws.com/pypi/poetry/simple/"

If you are using AWS CodeArtifact in combination with Poetry, the password needs to be generated on-the-fly, see this page on how to configure Poetry with AWS CodeArtifact.

When creating a PR via Autofix, Aikido will include these environment variables when running Poetry commands.

Adding credentials for GCP Artifact Registry

For some registries, the credentials can not be generated statically, such as for GCP Artifact registry. In this case you can follow the steps below.

1. Create a Service Account

First, create a service account in your Google Cloud project:

  1. Go to the Google Cloud Console.

  2. Navigate to IAM & Admin > Service Accounts.

  3. Click Create Service Account.

  4. Fill in a Service account name such as Aikido Artifact Registry Reader and click Create And Continue.

  5. Grant the service account with the Artifact Registry Reader role.

    Assigning the "Artifact Registry Reader" role to a service account in a Google Cloud project.

  6. Click Continue and Done.

2. Create a Key for the Service Account

  1. On the Service Accounts page, find the service account you just created.

  2. Click on the three dots on the right and select Manage Keys.

  3. Click Add Key > Create New Key.

  4. Choose JSON and click Create.

  5. Save the JSON key file to a secure location.

3. Configuration in Aikido

Once the prerequisites are fulfilled, you can configure aikido to authenticate with your private registry when updating the dependencies by following the steps below:

  1. Go to your account's settings page for the autofixer in Aikido, here.

  2. Click on "Connect Registry", the configuration modal will now be shown

  1. Select GCP + Poetry

  1. Paste your saved JSON Key content in the Private registry service account key field

  2. Click Connect Registry to save the configuration.

Last updated

Was this helpful?