support for pre-installing packages for private source repositories

[ben-marengo-msmg]

• I have searched the issues of this repo and believe that this is not a duplicate.
• I have searched the documentation and believe that my question is not covered.

Feature Request

this request follows #4086.
the keyrings.google-artifactregistry-auth package must be installed before the private repo source can be authenticated
its also not strictly speaking a dependency of the current project

Possible implementation 1

given the following configuration, whenever this secondary source is loaded, keyrings.google-artifactregistry-auth would be installed

[[tool.poetry.source]]
name = "my_pypi"
url = "https://europe-west2-python.pkg.dev/my-gcp-project/mypypi/simple"
secondary = true
requires = ["keyrings.google-artifactregistry-auth==1.0.0"]

the downside of this is that dependency resolution would have to be done multiple times?

Possible implementation 2

given the following configuration, when the venv is first spun up, before any secondary sources are loaded, the venv_bootstrap_commands are executed

[tool.poetry]
name = "poetry-demo"
version = "0.1.0"
venv_bootstrap_commands = 
    pip install keyrings.google-artifactregistry-auth==1.0.0

[finswimmer]

Hello @ben-marengo-msmg,

I don't think your suggestions would work. If the keyrings.google-artifactregistry-auth package is needed for an authentification it must be installed in the environment where poetry is running and not in the venv of the project.

When poetry is installed with pipx one could install the necessary package into the same environment using pipx inject.

An alternative might be to create a Poetry Plugin that do nothing but add a new dependency into the Poetry environment.

fin swimmer

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.