Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Interest in development of support for authentication in rosdep #891

Open
progtologist opened this issue Sep 5, 2022 · 4 comments · May be fixed by #892
Open

Interest in development of support for authentication in rosdep #891

progtologist opened this issue Sep 5, 2022 · 4 comments · May be fixed by #892

Comments

@progtologist
Copy link

Apt has support for authentication for private APT repository servers.
I was wondering if I were to build such (or similar) functionality for rosdep, would this be something that the maintainers accept in a pull request or is this something that is beyond the scope of OSRF/rosdep?

AFAIK only authentication for proxies is supported which is different from what APT offers.
@nuclearsandwich
Copy link
Contributor

Support for apt repositories which require authentication/authorization is not something that the ROS Infrastructure team anticipates being on our roadmap which means that this support would need to be driven by community interest.

rosdep currently interacts with system apt repositories by invoking existing command line tools.
My first question is to ask whether rosdep needs any special support or if configuring authorization for a specific repository could be done within apt and not require any special handling in rosdep. If explicit authentication handling is required, my initial expectations for a pull request from the community to be reviewable would include:

  • Links to documentation describing the authorization/authentication interface being implemented.
  • A plan for automated testing of the authenticated code flow since it will need to be maintained by the rosdep team.

@progtologist
Copy link
Author

progtologist commented Sep 6, 2022
edited
Loading

Ah, my bad, reading through my message now I understand how it could be confusing. I am not referring on rosdep supporting authenticated/authorized APT repos - this it already supports given as you said it doesn't interact directly with the repos itself but through the distribution's tools.

My question is more in line with supporting rosdep source lists that are behind a server that requires authentication.
E.g. adding an extra file under /etc/ros/rosdep/sources.list.d/ that would require an entry such as:

yaml https://user:[email protected]/ros/rosdep.yaml

Currently, rosdep when parsing this makes the assumption that everything after : is the port number.

@cottsay
Copy link
Member

cottsay commented Sep 7, 2022

This is a pretty reasonable request. I hashed out a preliminary PR in #892. Please give that a shot and provide feedback if it works for you.

@cottsay cottsay linked a pull request Sep 7, 2022 that will close this issue
Support for URLs with basic authentication #892
Open
@progtologist
Copy link
Author

@cottsay have a look at #895 and let me know what you think!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support for URLs with basic authentication ros-infrastructure/rosdep
3 participants
@nuclearsandwich @cottsay @progtologist