I have this pipeline:
name: Build and deploy Python app to Azure Web App - app-xx-xx-api-dev
on:
push:
branches:
- dev
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
- name: Set up Python version
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Install dependencies
run: |
python -m venv venv
source venv/bin/activate
pip install -r requirements.txt
- name: DNA Utils
run: |
python -m venv venv
source venv/bin/activate
pip install git+https://${{ secrets.MACHINE_USER_PAT }}@github.com/xxx-dna/dna-utils.git@main
As you can see we have separated installing the requirements and the private package. That is no problem when running the pipeline in GitHub.
However, when running locally on a Dev Box you normally would just call:
pip install -r requirements.txt
Now the developer also needs to pip install the private package. And if we have more it start getting complex.
We are not just adding the token as we do not want the in the repository code. Can this be solved in a more suitable way?
You can create ~/.github_token file with GH token outside of Git working directory
GITHUB_TOKEN=<token>
Then implement some script like that
#!/bin/bash
source ~/.github_token
pip install -r requirements.txt
pip install "git+https://${GITHUB_TOKEN}@github.com/xxx-dna/dna-utils.git@main"
And finally you can use this script when dev locally