-
Notifications
You must be signed in to change notification settings - Fork 540
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
No way to set --index_url without leaking password on error #2202
Comments
Wolud using the bazel |
Alas, we cannot use |
I thought that when you use the |
I tried |
Wouldn't that imply that the password is stored plain text in a WORKSPACE or .bzl file? And checked into git? How would different users have different passwords? |
🐞 bug report
Affected Rule
Is this a regression?
No
Description
We have an "index-url" that uses secure credentials. We do not want those credentials to leak into error logs when there's a pip error. However, the combo of setting
envsubst
andextra_pip_args
precisely does this.(We cannot use bzlmod, so we cannot use the bazel http downloader for python pip.)
🔬 Minimal Reproduction
Any pip_parse rule that errors will print the
extra_pip_args
.Note that pip itself is smart enough to ***** out the password on PIP_INDEX_URL.
🔥 Exception or Error
🌍 Your Environment
Operating System:
Output of
bazel version
:Rules_python version:
Anything else relevant?
=)
The text was updated successfully, but these errors were encountered: