[Question] Override source repository through environment variable or config

[ghost]

• I have searched the issues of this repo and believe that this is not a duplicate.
• I have searched the documentation and believe that my question is not covered.

Issue

I'm running poetry during the CI process and I need to override the source repository from where it installs the dependencies without updating the URL on pyproject.toml.

I've tried some environment variables as described here but without success.

Is is possible to do it? If yes, how would I override this source:

    [[tool.poetry.source]]
      default = true
      name = "companypypi"
      url = "https://nexus.company.com/repository/pypi-company/simple"

I've tried:

POETRY_REPOSITORIES_COMPANYPYPI_URL
POETRY_TOOL_POETRY_SOURCE_COMPANYPYPI_URL

Any help is appreciated!
Thanks

[vergenzt]

Related to #4880 (was looking for this, but found that issue first)

Browsing the source, it look like the default attribute on a repository can't currently be set from the environment; Config._get_environment_repositories only populates a "url" attribute. Checking for environment variables to set "default" (and maybe also "secondary", for completeness) attribute(s) on environment-defined repositories seems to me like the proper resolution to this.

[dimbleby]

seems like this duplicates one or both of #4880, #5992

[abn]

Sources are not designed to be overridden via the environment variables.

The POETRY_REPOSITORIES_XXX_URL environment variable is primarily intended to configure publishable repositories.

[arichtman]

I have a similar issue, I'm attempting to build containers that have dependencies in our company PyPi repository (which requires authentication). I'm trying not to bake any credentials into our images. A build-time environment variable would have been handy for that. I suppose we could use the imperative commands + build arguments to set the config then remove it before ending the RUN command and hopefully keeping it out of the layer commit?

[brandon-leapyear]

✨ This is an old work account. Please reference @brandonchinn178 for all future communication ✨

---

@arichtman you can do this today:

poetry source add --default foo https://pypi-internal.company.com
export POETRY_HTTP_BASIC_FOO_USERNAME=...
export POETRY_HTTP_BASIC_FOO_PASSWORD=...
poetry lock --no-update

This uses env vars for auth, but puts the source into pyproject.toml. See #5958 for the discussion on configuring the source outside pyproject.toml

[arichtman]

Thanks! I have been successfully using the source in pyproject.toml and environment variables for authentication and multi-stage builds to keep credentials out of the final image. I'll keep an eye on the other issues to see what emerges that might suit CI use cases better.
Once again thanks for your time!

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.