Hide access token related instructions for public pypi package
What does this MR do and why?
In #329253 (closed), we introduced a new option allow anyone to pull
to the Package Registry.
With that option, users can configure private project to let anonymous users to download packages from that project.
The problem is that the package details for PyPi have some instructions presented and those instructions are currently presenting that a token is mandatory.
If pypi package is published in a project which is either public or has public package registry access settings, we do not need to show instructions related to access token. Also, based on comment, I've removed the token from the pip command and kept in the .pypirc since it is only used by twine for uploads.
This is a follow-up MR to Adds field public_package to package details gr... (!111992 - merged)
Screenshots or screen recordings
When package is publically available,
Before
After
How to set up and validate locally
-
rails c
- Open the rails console -
p = Project.find(1)
- Find a public project within GDK. Project id can be found on the project home page -
FactoryBot.create(:pypi_package, project: p)
- Create a python package within project -
Add this line if above fails during the creation of files
def fixture_file_upload(*args, **kwargs) Rack::Test::UploadedFile.new(*args, **kwargs) end
-
Find the published package in the package list page of the project & click on the package to visit the details page.
-
Instructions related to access token should not be present under
Installation
>Pip command
-
Visit
Settings > General > Visibility, project features, permissions
of the project in a new tab. -
Set project to private/internal, then instructions related to access token should be visible under
Installation
>Pip command
-
Check the
Allow anyone to pull from Package Registry
checkbox, then instructions related to access token should not be present underInstallation
>Pip command
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Closes #387822 (closed)