Injecting different type of credentials when installing private repositories

[rick2ricks]

When installing private repositories I would like to replace the authentication method between ssh and user password using environment variables as following:

"""
Setting environment variable to:
CREDENTIAL=https://user:pass
or
CREDENTIAL=ssh://git
"""

//Pipfile
[packages]
myapp = { git="${CREDENTIAL}@repo.com" }

But this will raise:

pipenv.patched.pip._vendor.packaging.requirements.InvalidRequirement: Invalid URL: git+${CRED}@repo.com

The only way I could get it to work was replacing the whole string:

#REPOSITORY=https://user:[email protected]
#REPOSITORY=ssh://[email protected]

//Pipfile
[packages]
myapp = { git="${REPOSITORY}" }

Am I missing something or this is the desired behaviour?

[matteius]

I'm glad you figured out a way to get it to work @rick2ricks -- ideally we can improve this to make it more resilient to different patterns. Also, In the case that you had it work, does the ${REPOSITORY} variable make it to the Pipfile.lock or are the credentials what is getting stored there?

[rick2ricks]

Hi, thanks for the response.

At my Pipfile.lock does not appear any credentials, it shows like the following:

  "mypackage": {
            "git": "${REPOSITORY}",
            "ref": "5654684646468464648646464",
            "subdirectory": "projects/myproject"
        },

But it would be a nice add if we could replace any part of the string.

Best regards.